ExternalVendorCode/conserver
1
0
Fork 0
mirror of https://github.com/bstansell/conserver.git synced 2025-01-18 02:29:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Imported from conserver-7.2.7.tar.gz

Browse Source
This commit is contained in:
Bryan Stansell 2003-04-09 08:30:48 -07:00
parent d8dfd2cb9a
commit 626270495d
51 changed files with 4607 additions and 1321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
CHANGES
View File

@ -1,7 +1,33 @@
CHANGES
=======
version 7.2.6 (Mar 20, 2003):
version 7.2.7 (Apr 9, 2003):
- added test suite ('make test') for basic client/server
communication tests
- changed configure script to provide better checking of options,
hp-ux specifics, and functions
- console names are no longer case-sensitive
- fixed case-sensitive DNS name comparisons - reported by
Peter Chubb <peter@chubb.wattle.id.au> via Jorgen Hagg
<jorgen.hagg@axis.com>
- added dmalloc and openssl version numbers to -V output
- reordered includes for openssl-0.9.7a compatibility
- conserver.rc looks at pidfile to find the master pid - suggested
by Petter Reinholdtsen <petter.reinholdtsen@usit.uio.no>
- misplaced code regarding --with-regex - patch by Andreas Wrede
<andreas@planix.com>
- added password support for HP-UX trusted systems - immense
help by Greg Brown <gregb_ka6max@hotmail.com>
- potential SIGUSR1 bug where cached terminal server availability
wasn't being cleared correctly - reported by Dave Stuit
<djs@tellme.com>
- server is now more forgiving about errors instead of just
giving up and shutting everything down
- consoles that have trouble coming up (and are forced down)
now log when they come back up - suggested by Dave Stuit
<djs@tellme.com>
version 7.2.6 (Mar 10, 2003):
- the -b conserver option was mostly broken (since 7.2.0)
- changed logging format so that all messages are of a similar
form
@ -403,5 +429,5 @@ before version 6.05:
and enhancements of various types were applied.
#
# $Id: CHANGES,v 1.78 2003-03-10 17:45:55-08 bryan Exp $
# $Id: CHANGES,v 1.82 2003-04-09 07:20:21-07 bryan Exp $
#

44
FAQ
View File

@ -16,7 +16,9 @@ directed to faq@conserver.com. The FAQ answers the following questions:
7) How do I set up a serial port for no parity?
8) Is "Conserver" a Trademark or Registered Trademark?
9) When I connect to a console, it says it is down. Why?
99) Ok, things just don't seem to work. Help?!?
10) Is there a technical reason why --with-maxmemb's default is 16?
I've changed mine to 96.
99) OK, things just don't seem to work. Help?!?
1) What is conserver?
@ -106,7 +108,43 @@ directed to faq@conserver.com. The FAQ answers the following questions:
telnet session), or there was an unseen typo in a path or hostname.
The logfile should show hints of things like this and other issues.
99) Ok, things just don't seem to work. Help?!?
10) Is there a technical reason why --with-maxmemb's default is 16?
I've changed mine to 96.
The following is an array of things you need to think about when
adjusting --with-maxmemb. It's a bit long, but it's an important
question.
The big reason (and the main reason for conserver spawning multiple
processes) is the maximum number of open files a process can have.
Each console can have a few file descriptors associated with it
(device, logfile, connected users, and listening socket). So, each
process will have about ( 2 * consoles + users + 1 ) open files
(--with-maxmemb sets the maximum number of consoles per process
in the equation). Although most current operating systems allow a
large number of open files per process, the general assumption is
it's still pretty low.
You also have the speed of your conserver host vs the rates at which
data could be streaming to it. Go back a decade and this was probably
more of an issue than today, but it's still something to think about.
And then you have the problem of delays. If any of the 96 console
connections "lock up", it'll delay all activity on the 96 consoles.
With 16, there's less of an impact. This can be an issue once the
server is up or during startup. Also, with 16 consoles per process,
you get a bit more parallelization during startup.
So, is there any reason not to up the number to 96? No. Assuming you
know the risks and weigh things appropriately. If I remember right,
I've upped the number to 48 at some sites. But that was mainly to
reduce the memory footprint in older versions of the code which had
statically allocated buffers. No need to worry about that with the
current code. Personally, I wouldn't change from 16 unless there
was a really good reason (like wanting to only have one child process
for firewall rules or some such reason).
99) OK, things just don't seem to work. Help?!?
Yes, this is a pretty vague question, but here are a few tips that
might help.
@ -146,5 +184,5 @@ directed to faq@conserver.com. The FAQ answers the following questions:
through the same problem?
#
# $Id: FAQ,v 1.7 2002-09-22 10:21:06-07 bryan Exp $
# $Id: FAQ,v 1.8 2003-04-08 14:05:16-07 bryan Exp $
#

189
INSTALL
View File

@ -1,5 +1,5 @@
INSTALL
=======
INSTALL
=======
Upgrading?
@ -12,40 +12,40 @@ Upgrading?
Version 7.2.4
- If SSL support is compiled into the code, older versions of
the client and server are, by default, incompatible because
encrypted connections are a requirement. Use of the -E flag in
the client and/or server can work around this (but I discourage
this - please upgrade the clients and servers instead).
- If SSL support is compiled into the code, older versions of
the client and server are, by default, incompatible because
encrypted connections are a requirement. Use of the -E flag in
the client and/or server can work around this (but I discourage
this - please upgrade the clients and servers instead).
Version 7.2.0
- The code related to broadcast messages in the client (-b) has
changed. If you want the username to come across properly in
the broadcast message, you'll need to make sure you upgrade
to the 7.2.0 client.
- The code related to broadcast messages in the client (-b) has
changed. If you want the username to come across properly in
the broadcast message, you'll need to make sure you upgrade
to the 7.2.0 client.
Version 7.1.1
- Both conserver.passwd and conserver.cf file parsing behaves
the same now. Both use leading whitespace as a continuation
line indicator - if you have leading whitespace on a line
(aside from comments) you probably should remove it.
- Both conserver.passwd and conserver.cf file parsing behaves
the same now. Both use leading whitespace as a continuation
line indicator - if you have leading whitespace on a line
(aside from comments) you probably should remove it.
Version 7.1.0
- The client/server protocol has changed. You *MUST* use a
7.1.0 client with a 7.1.0 and above server. A 7.1.0 client
is *not* backward compatible with a pre-7.1.0 server.
- The client/server protocol has changed. You *MUST* use a
7.1.0 client with a 7.1.0 and above server. A 7.1.0 client
is *not* backward compatible with a pre-7.1.0 server.
- Some of the flags in the client (-d, -D, and -r) and server
(-n) have been given new identities to make the client and
server flags more uniform.
- Some of the flags in the client (-d, -D, and -r) and server
(-n) have been given new identities to make the client and
server flags more uniform.
- The conserver.passwd file now uses the first username match
to determine access rights - if you have multiple instances
of a username in an existing password file, they must be
combined into one to continue to work.
- The conserver.passwd file now uses the first username match
to determine access rights - if you have multiple instances
of a username in an existing password file, they must be
combined into one to continue to work.
Quickie Instructions
@ -54,6 +54,10 @@ Quickie Instructions
- Run './configure'
- Run 'make'
- Run 'make test'
- If all is well, run 'make install'
- Now set up config files, etc. (see below)
@ -66,30 +70,40 @@ Detailed Instructions
the defaults shown, you're set. If not, here are the conserver
unique options:
--with-port=PORT Specify port number [conserver]
--with-base=PORT Base port for secondary channel [0]
--with-master=MASTER Specify master server hostname [console]
--with-cffile=CFFILE Specify config filename
[SYSCONFDIR/conserver.cf]
--with-pwdfile=PWDFILE Specify password filename
[SYSCONFDIR/conserver.passwd]
--with-logfile=LOGFILE Specify log filename [/var/log/conserver]
--with-pidfile=PIDFILE Specify PID filepath [/var/run/conserver.pid]
--with-maxmemb=MAXMEMB Specify maximum consoles per process [16]
--with-timeout=TIMEOUT Specify connect() timeout in seconds [10]
--with-libwrap[=PATH] Compile in libwrap (tcp_wrappers) support
--with-openssl[=PATH] Compile in openssl support
--with-regex Use regular expressions in conserver.passwd
--with-pam Enable PAM support
--with-64bit Allow 64bit compilation
--with-port=PORT Specify port number [conserver]
--with-base=PORT Base port for secondary channel [0]
--with-master=MASTER Specify master server hostname [console]
--with-cffile=CFFILE Specify config filename
[SYSCONFDIR/conserver.cf]
--with-pwdfile=PWDFILE Specify password filename
[SYSCONFDIR/conserver.passwd]
--with-logfile=LOGFILE Specify log filename [/var/log/conserver]
--with-pidfile=PIDFILE Specify PID filepath [/var/run/conserver.pid]
--with-maxmemb=MAXMEMB Specify maximum consoles per process [16]
--with-timeout=TIMEOUT Specify connect() timeout in seconds [10]
--with-libwrap[=PATH] Compile in libwrap (tcp_wrappers) support
--with-openssl[=PATH] Compile in OpenSSL support
--with-dmalloc[=PATH] Compile in dmalloc support
--with-regex Use regular expressions in conserver.passwd
--with-pam Enable PAM support
Not surprisingly, some match the old conserver/cons.h items...here
they are for reference:
PORT or SERVICE - Socket used to communicate
HOST - Hostname of console server
CONFIG - Config file path
PASSWD_FILE - Password file path
MAXMEMB - Number of consoles per child process
PORT or SERVICE - Socket used to communicate
HOST - Hostname of console server
CONFIG - Config file path
PASSWD_FILE - Password file path
MAXMEMB - Number of consoles per child process
A couple of notes. First, --with-libwrap will add tcp_wrappers
lookups to all socket connections in the server. --with-openssl
will add encryption between the client and server when you connect
to a console. things such as 'console -q', 'console -w', etc. are
still unencrypted, as well as connections from conserver to any
terminal servers. --with-dmalloc should only be used to do memory
allocation debugging and not used in production.
- Run './configure'. This will detect system specific
information. The --prefix option will redirect where things are
@ -98,6 +112,11 @@ Detailed Instructions
- Now run 'make'. Hopefully things will compile.
- To test your binaries, run 'make test'. If there are problems, it
should mean something is wrong, but check the output differences
to make sure it wasn't a temporary failure. I tried to make the
tests generic, but I may have missed something.
- Once things build, you can run 'make install'.
- If you'd like to build the autologin application, you'll need to
@ -108,32 +127,32 @@ Detailed Instructions
configuration files and such.
+ Does your conserver master hostname exist? This is the
hostname specified with the --with-master option. By default
the hostname is "console", so make sure it's in DNS, hosts
files, or whatever.
hostname specified with the --with-master option. By default
the hostname is "console", so make sure it's in DNS, hosts
files, or whatever.
+ If you used a symbolic name for the --with-port option (by
default it uses "conserver", so the answer would be yes),
you'll need to enter a definition in your services file
(directly, via NIS, or whatever). Here's what we use:
default it uses "conserver", so the answer would be yes),
you'll need to enter a definition in your services file
(directly, via NIS, or whatever). Here's what we use:
console 782/tcp conserver # console server
console 782/tcp conserver # console server
If you used a number, you shouldn't have to worry about this
step.
If you used a number, you shouldn't have to worry about this
step.
+ Next, make sure conserver runs during boot. The init script we
use under Solaris is installed in <PREFIX>/etc/conserver.rc.
Use that or some form of it for your own /etc/init.d script or
an entry in startup files (/etc/rc, /etc/rc.local, or
whatever).
use under Solaris is installed in <PREFIX>/etc/conserver.rc.
Use that or some form of it for your own /etc/init.d script or
an entry in startup files (/etc/rc, /etc/rc.local, or
whatever).
+ Now for the fun stuff. You need to create a conserver.cf and
conserver.passwd file. Those are defined with the
--with-cffile and --with-pwdfile settings. If you ever need to
know what values were compiled into conserver, run 'conserver
-V'. See the conserver.cf/INSTALL file for instructions on
setup of these files.
conserver.passwd file. Those are defined with the
--with-cffile and --with-pwdfile settings. If you ever need to
know what values were compiled into conserver, run 'conserver
-V'. See the conserver.cf/INSTALL file for instructions on
setup of these files.
- That's it! Just start up the console server and enjoy!
@ -142,36 +161,36 @@ Other Information And Gotchas
- Debian Linux Distribution
The Debian folks have conserver distributed with the package
names of conserver-client and conserver-server. They are in
the distribution "sid" and the "non-free" part (because the
Ohio State license doesn't explicitly allow for modification to
the code, even though it's totally implied and the intention of
the author - I've even got proof in email! Oh well, can't
blame the Debian folks for being cautious - they've been burned
before, apparently).
The Debian folks have conserver distributed with the package
names of conserver-client and conserver-server. They are in
the distribution "sid" and the "non-free" part (because the
Ohio State license doesn't explicitly allow for modification to
the code, even though it's totally implied and the intention of
the author - I've even got proof in email! Oh well, can't
blame the Debian folks for being cautious - they've been burned
before, apparently).
- Potential GCC bug
Adam Morris <AMorris@providence.org> reported a problem with
the following line in console/console.c:
Adam Morris <AMorris@providence.org> reported a problem with
the following line in console/console.c:
if ((in_addr_t) (-1) == pPort->sin_addr.s_addr) {
if ((in_addr_t) (-1) == pPort->sin_addr.s_addr) {
This tickles a GCC bug under HP-UX 11.11 using GCC 3.0.2 in
64-bit mode with optimization enabled (-O). The bug could
possibly be provoked in other combinations as well. His fix is
to change the line to:
This tickles a GCC bug under HP-UX 11.11 using GCC 3.0.2 in
64-bit mode with optimization enabled (-O). The bug could
possibly be provoked in other combinations as well. His fix is
to change the line to:
if ((in_addr_t) (-1) == inet_addr(pcToHost)) {
if ((in_addr_t) (-1) == inet_addr(pcToHost)) {
It's also reported that newer versions of the compiler fix the
issue, so if you happen to have problems with the client
connecting to servers, you might be tickling this bug and you
can upgrade the compiler, turn off the optimization, or apply
this code change.
It's also reported that newer versions of the compiler fix the
issue, so if you happen to have problems with the client
connecting to servers, you might be tickling this bug and you
can upgrade the compiler, turn off the optimization, or apply
this code change.
#
# $Id: INSTALL,v 1.25 2002-10-12 20:23:58-07 bryan Exp $
# $Id: INSTALL,v 1.27 2003-04-09 07:15:27-07 bryan Exp $
#

5
Makefile.in
View File

@ -25,6 +25,9 @@ autologin:
autologin.install:
( cd autologin && $(MAKE) install $(MAKE_FLAGS) ) || exit 1;
test:
( cd test && ./dotest ) || exit 1
install:
for n in $(SUBDIRS); do \
( cd $$n && $(MAKE) $@ $(MAKE_FLAGS) ) || exit 1; \
@ -41,4 +44,4 @@ distclean:
done
rm -f config.cache config.log config.status config.h Makefile
.PHONY: autologin autologin.install clean distclean install all
.PHONY: autologin autologin.install clean distclean install all test

12
compat.h
View File

@ -45,6 +45,10 @@
# define strrchr rindex
# endif
#endif
#if !HAVE_STRCASECMP && HAVE_STRICMP
# define strcasecmp stricmp
# define strncasecmp strnicmp
#endif
#ifdef HAVE_UNISTD_H
# include <unistd.h>
@ -169,6 +173,14 @@ extern char *h_errlist[];
# include <crypt.h>
#endif
#ifdef HAVE_HPSECURITY_H
# include <hpsecurity.h>
#endif
#ifdef HAVE_PROT_H
# include <prot.h>
#endif
#ifdef HAVE_GETOPT_H
# include <getopt.h>
#endif

1363
config.guess vendored Executable file
View File

File diff suppressed because it is too large Load Diff

31
config.h.in
View File

@ -15,6 +15,9 @@
/* Socket used to communicate */
#undef DEFPORT
/* Define to 1 if you have the `bigcrypt' function. */
#undef HAVE_BIGCRYPT
/* Define to 1 if you have the <bsm/audit.h> header file. */
#undef HAVE_BSM_AUDIT_H
@ -24,10 +27,10 @@
/* have dmalloc support */
#undef HAVE_DMALLOC
/* Define if libbsm has `getaudit'. */
/* Define to 1 if you have the `getaudit' function. */
#undef HAVE_GETAUDIT
/* Define if libbsm has `getaudit_addr'. */
/* Define to 1 if you have the `getaudit_addr' function. */
#undef HAVE_GETAUDIT_ADDR
/* Define to 1 if you have the `getdtablesize' function. */
@ -45,6 +48,9 @@
/* Define to 1 if you have the `getpassphrase' function. */
#undef HAVE_GETPASSPHRASE
/* Define to 1 if you have the `getprpwnam' function. */
#undef HAVE_GETPRPWNAM
/* Define to 1 if you have the `getrlimit' function. */
#undef HAVE_GETRLIMIT
@ -63,15 +69,27 @@
/* Define to 1 if you have the `grantpt' function. */
#undef HAVE_GRANTPT
/* Define to 1 if you have the <hpsecurity.h> header file. */
#undef HAVE_HPSECURITY_H
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Defined if in_addr_t exists */
#undef HAVE_IN_ADDR_T
/* Define to 1 if you have the `iscomsec' function. */
#undef HAVE_ISCOMSEC
/* Define to 1 if you have the `bsm' library (-lbsm). */
#undef HAVE_LIBBSM
/* Define to 1 if you have the `sec' library (-lsec). */
#undef HAVE_LIBSEC
/* Define to 1 if you have the `xnet' library (-lxnet). */
#undef HAVE_LIBXNET
/* Define to 1 if you have the `memcmp' function. */
#undef HAVE_MEMCMP
@ -93,6 +111,9 @@
/* have POSIX regcomp */
#undef HAVE_POSIX_REGCOMP
/* Define to 1 if you have the <prot.h> header file. */
#undef HAVE_PROT_H
/* Define to 1 if you have the `ptsname' function. */
#undef HAVE_PTSNAME
@ -138,9 +159,15 @@
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
/* Define if strcasecmp is available */
#undef HAVE_STRCASECMP
/* Define to 1 if you have the `strerror' function. */
#undef HAVE_STRERROR
/* Define if stricmp is available */
#undef HAVE_STRICMP
/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H

1470
config.sub vendored Executable file
View File

File diff suppressed because it is too large Load Diff

1522
configure vendored
View File

File diff suppressed because it is too large Load Diff

181
configure.in
View File

@ -31,138 +31,164 @@ AC_SUBST(MKDIR)
dnl ### Custom settings. ############################################
ac_cv_allow_64bit=no
AC_MSG_CHECKING(whether to allow 64bit compilation)
AC_ARG_WITH(64bit,
AC_HELP_STRING([--with-64bit],[Allow 64bit compilation]),
[if test "$withval" = yes; then
ac_cv_allow_64bit=yes
fi])
AC_MSG_RESULT($ac_cv_allow_64bit)
[with_64bit=yes], [with_64bit=no])
AC_MSG_RESULT($with_64bit)
AC_MSG_CHECKING(for port number specification)
AC_ARG_WITH(port,
AC_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
[if test "$withval" != yes -a "$withval" != no; then
AC_DEFINE_UNQUOTED(DEFPORT, "$withval")
AC_MSG_RESULT(port '$withval')
else
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(DEFPORT, "conserver")
AC_MSG_RESULT(port 'conserver')
fi],
;;
*)
AC_DEFINE_UNQUOTED(DEFPORT, "$withval")
AC_MSG_RESULT(port '$withval')
;;
esac],
[AC_DEFINE_UNQUOTED(DEFPORT, "conserver")
AC_MSG_RESULT(port 'conserver')])
AC_MSG_CHECKING(for secondary channel base port)
AC_ARG_WITH(base,
AC_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
[if test "$withval" != yes -a "$withval" != no; then
AC_DEFINE_UNQUOTED(DEFBASEPORT, "$withval")
AC_MSG_RESULT(port '$withval')
else
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(DEFBASEPORT, "0")
AC_MSG_RESULT(port '0')
fi],
;;
*)
AC_DEFINE_UNQUOTED(DEFBASEPORT, "$withval")
AC_MSG_RESULT(port '$withval')
;;
esac],
[AC_DEFINE_UNQUOTED(DEFBASEPORT, "0")
AC_MSG_RESULT(port '0')])
AC_MSG_CHECKING(for master conserver hostname)
AC_ARG_WITH(master,
AC_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
[if test "$withval" != yes; then
AC_DEFINE_UNQUOTED(MASTERHOST, "$withval")
AC_MSG_RESULT('$withval')
else
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(MASTERHOST, "console")
AC_MSG_RESULT('console')
fi],
;;
*)
AC_DEFINE_UNQUOTED(MASTERHOST, "$withval")
AC_MSG_RESULT('$withval')
;;
esac],
[AC_DEFINE_UNQUOTED(MASTERHOST, "console")
AC_MSG_RESULT('console')])
AC_MSG_CHECKING(for configuration filename)
AC_ARG_WITH(cffile,
AC_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
[if test "$withval" != yes; then
if expr "x$withval" : "x/" > /dev/null 2>&1; then
AC_DEFINE_UNQUOTED(CONFIGFILE, ["$withval"])
AC_MSG_RESULT('$withval')
else
AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/$withval"])
AC_MSG_RESULT('$sysconfdir/$withval')
fi
else
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/conserver.cf"])
AC_MSG_RESULT('$sysconfdir/conserver.cf')
fi],
;;
[[\\/]]* | ?:[[\\/]]* )
AC_DEFINE_UNQUOTED(CONFIGFILE, ["$withval"])
AC_MSG_RESULT('$withval')
;;
*)
AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/$withval"])
AC_MSG_RESULT('$sysconfdir/$withval')
;;
esac],
[AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/conserver.cf"])
AC_MSG_RESULT('$sysconfdir/conserver.cf')])
AC_MSG_CHECKING(for password filename)
AC_ARG_WITH(pwdfile,
AC_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
[if test "$withval" != yes; then
if expr "x$withval" : "x/" > /dev/null 2>&1; then
AC_DEFINE_UNQUOTED(PASSWDFILE, ["$withval"])
AC_MSG_RESULT('$withval')
else
AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/$withval"])
AC_MSG_RESULT('$sysconfdir/$withval')
fi
else
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/conserver.passwd"])
AC_MSG_RESULT('$sysconfdir/conserver.passwd')
fi],
;;
[[\\/]]* | ?:[[\\/]]* )
AC_DEFINE_UNQUOTED(PASSWDFILE, ["$withval"])
AC_MSG_RESULT('$withval')
;;
*)
AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/$withval"])
AC_MSG_RESULT('$sysconfdir/$withval')
;;
esac],
[AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/conserver.passwd"])
AC_MSG_RESULT('$sysconfdir/conserver.passwd')])
AC_MSG_CHECKING(for log filename)
AC_ARG_WITH(logfile,
AC_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
[if test "$withval" != yes; then
AC_DEFINE_UNQUOTED(LOGFILEPATH, "$withval")
AC_MSG_RESULT('$withval')
else
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(LOGFILEPATH, "/var/log/conserver")
AC_MSG_RESULT('/var/log/conserver')
fi],
;;
*)
AC_DEFINE_UNQUOTED(LOGFILEPATH, "$withval")
AC_MSG_RESULT('$withval')
;;
esac],
[AC_DEFINE_UNQUOTED(LOGFILEPATH, "/var/log/conserver")
AC_MSG_RESULT('/var/log/conserver')])
AC_SUBST(PIDFILE)
AC_MSG_CHECKING(for PID filename)
AC_ARG_WITH(pidfile,
AC_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
[if test "$withval" != yes; then
AC_DEFINE_UNQUOTED(PIDFILE, "$withval")
AC_MSG_RESULT('$withval')
else
AC_DEFINE_UNQUOTED(PIDFILE, "/var/run/conserver.pid")
AC_MSG_RESULT('/var/run/conserver.pid')
fi],
[AC_DEFINE_UNQUOTED(PIDFILE, "/var/run/conserver.pid")
AC_MSG_RESULT('/var/run/conserver.pid')])
[case "$withval" in
yes|no)
PIDFILE="/var/run/conserver.pid"
;;
*)
PIDFILE="$withval"
;;
esac],
[PIDFILE="/var/run/conserver.pid"])
AC_DEFINE_UNQUOTED(PIDFILE, "$PIDFILE")
AC_MSG_RESULT('$PIDFILE')
AC_MSG_CHECKING(for MAXMEMB setting)
AC_ARG_WITH(maxmemb,
AC_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
[if test "$withval" != yes; then
AC_DEFINE_UNQUOTED(MAXMEMB, $withval)
AC_MSG_RESULT($withval)
else
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(MAXMEMB, 16)
AC_MSG_RESULT(16)
fi],
;;
*)
if expr "$withval" : '[[0-9]]*$' >/dev/null 2>&1 &&
test "$withval" -gt 0 -a "$withval" -lt 256; then
AC_DEFINE_UNQUOTED(MAXMEMB, $withval)
AC_MSG_RESULT($withval)
else
AC_DEFINE_UNQUOTED(MAXMEMB, 16)
AC_MSG_RESULT([value out of bounds (0<x<256) - setting to 16])
fi
;;
esac],
[AC_DEFINE_UNQUOTED(MAXMEMB, 16)
AC_MSG_RESULT(16)])
AC_MSG_CHECKING(for connect() timeout)
AC_ARG_WITH(timeout,
AC_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
[if test "$withval" -gt 0 -o "$withval" -lt 300; then
[if expr "$withval" : '[[0-9]]*$' >/dev/null 2>&1 &&
test "$withval" -gt 0 -a "$withval" -lt 300; then
AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, $withval)
AC_MSG_RESULT($withval)
else
AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, 10)
AC_MSG_RESULT(10)
AC_MSG_RESULT([value out of bounds (0<x<300) - setting to 10])
fi],
[AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, 10)
AC_MSG_RESULT(10)])
@ -172,15 +198,15 @@ AC_PROG_CC
AC_PROG_INSTALL
AC_PROG_LN_S
AC_PROG_MAKE_SET
dnl ### Compiler characteristics. ##################################
AC_AIX
AC_PROG_CC
AC_C_CONST
AC_C_PROTOTYPES
AC_CHECK_SIZEOF(long)
if test "$ac_cv_sizeof_long" -gt 4; then
if test "$ac_cv_allow_64bit" != "yes"; then
if test "$with_64bit" != "yes"; then
AC_MSG_ERROR([cannot build on >32bit systems (to override use --with-64bit)])
else
AC_MSG_WARN([building a 64bit version of conserver - good luck!])
@ -225,6 +251,19 @@ AC_CHECK_TYPE([socklen_t],[AC_DEFINE(HAVE_SOCKLEN_T,1,
#include <sys/socket.h>])
dnl ### Host specific checks. ######################################
AC_CANONICAL_HOST
case "$host" in
*-*-hpux*)
CPPFLAGS="$CPPFLAGS -D_XOPEN_SOURCE_EXTENDED=1"
AC_CHECK_LIB(xnet,t_error,,AC_MSG_ERROR([-lxnet needed on HP-UX]))
AC_CHECK_LIB(sec,getspnam)
AC_CHECK_HEADERS(hpsecurity.h prot.h)
AC_CHECK_FUNCS(bigcrypt iscomsec getprpwnam)
;;
esac
dnl ### Check for libraries. #######################################
AC_SEARCH_LIBS(socket,socket)
AC_SEARCH_LIBS(gethostbyname,nsl)
@ -384,6 +423,7 @@ AC_ARG_WITH(regex,
AC_MSG_RESULT(no)
fi],[AC_MSG_RESULT(no)])
AC_MSG_CHECKING(for PAM support)
AC_ARG_WITH(pam,
AC_HELP_STRING([--with-pam],
[Enable PAM support]),
@ -407,21 +447,26 @@ AC_ARG_WITH(pam,
[AC_MSG_RESULT(no)])])],)
LIBS="$oLIBS"
fi],)
else
AC_MSG_RESULT(no)
fi],[AC_MSG_RESULT(no)])
AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp sysconf getpassphrase getlogin)
AC_FUNC_SETPGRP
AC_CHECK_FUNC(strcasecmp,
[AC_DEFINE(HAVE_STRCASECMP, 1, [Define if strcasecmp is available])],
[AC_CHECK_FUNC(stricmp,
[AC_DEFINE(HAVE_STRICMP, 1, [Define if stricmp is available])],
[AC_MSG_ERROR([strcasecmp or stricmp must be available])])])
dnl Checks for libbsm functions
AC_CHECK_HEADERS(bsm/audit.h)
AC_CHECK_LIB(bsm, getaudit)
AC_CHECK_FUNC(getaudit,
AC_DEFINE(HAVE_GETAUDIT, 1, [Define if libbsm has `getaudit'.]))
AC_CHECK_FUNC(getaudit_addr,
AC_DEFINE(HAVE_GETAUDIT_ADDR, 1, [Define if libbsm has `getaudit_addr'.]))
AC_CHECK_FUNCS(getaudit getaudit_addr)
dnl ### Create output files. #######################################
AC_CONFIG_FILES([Makefile conserver/Makefile conserver.cf/Makefile console/Makefile autologin/Makefile])
AC_CONFIG_FILES([conserver/conserver.rc], [chmod +x conserver/conserver.rc])
AC_OUTPUT

11
conserver.cf/conserver.cf.man
View File

@ -1,4 +1,4 @@
.\" $Id: conserver.cf.man,v 1.26 2003-01-08 17:11:55-08 bryan Exp $
.\" $Id: conserver.cf.man,v 1.27 2003-04-08 13:46:12-07 bryan Exp $
.\" @(#)constab.5 01/06/91 OSU CIS; Thomas A. Fine
.TH CONSERVER.CF 5 "Local"
.SH NAME
@ -166,8 +166,11 @@ looks for the first match in the config file
for a client's IP address (or network),
or hostname (or domain) if it is able to do a reverse lookup on the IP address,
to determine the level of access to be granted.
Three levels of access may be specified: ``\fBtrust\fP'', ``\fBallow\fP'',
and ``\fBrefuse\fP''.
Three levels of access may be specified: ``\fBtrust\fP'' (access is granted
without a password), ``\fBallow\fP'' (access is granted with a password),
and ``\fBrefuse\fP'' (access is not granted). Only the first character of
the word is important, so you can use any word that begins with
a ``\fBt\fP'', ``\fBa\fP'', or ``\fBr\fP''.
The access level is followed by a colon and a space-separated list of
addresses or host names.
Any number of any combination of these levels may be specified,
@ -228,7 +231,7 @@ mentor:/dev/ttyh0@extra.cc.purdue.edu:2400e:&:
# "badhost" are to be rejected, since only the first match
# is used)
#
trusted: console.cc.purdue.edu 128.210.7.90
trust: console.cc.purdue.edu 128.210.7.90
refuse: badhost.cc.purdue.edu
allow: cc.purdue.edu stat.cc.purdue.edu
.SH "SEE ALSO"

36
conserver.html
View File

@ -183,11 +183,11 @@
<H3>Downloading</H3>
<P>The current version, released on Mar 20, 2003, is <A
href="7.2.6.tar.gz">7.2.6.tar.gz</A>. You can get it via
<P>The current version, released on Apr 9, 2003, is <A
href="7.2.7.tar.gz">7.2.7.tar.gz</A>. You can get it via
<A href=
"ftp://ftp.conserver.com/conserver/7.2.6.tar.gz">FTP</A>
or <A href="7.2.6.tar.gz">HTTP</A>. See the <A href=
"ftp://ftp.conserver.com/conserver/7.2.7.tar.gz">FTP</A>
or <A href="7.2.7.tar.gz">HTTP</A>. See the <A href=
"CHANGES">CHANGES</A> file for information on the latest
updates.</P>
@ -216,27 +216,37 @@
more), please let me know.</P>
<UL>
<LI>Solaris 2.5.1 thru 9 (sparc/x86), gcc</LI>
<LI>AIX 4.3.3/5.1, native cc</LI>
<LI>BSDI BSD/OS 3.X, gcc</LI>
<LI>MacOS X</LI>
<LI>Cygwin (w2k),gcc 2.95.3</LI>
<LI>DEC Tru64 4.0, gcc</LI>
<LI>DEC Tru64 4.0/5.1, native cc</LI>
<LI>FreeBSD 4.2 (x86), gcc</LI>
<LI>HP-UX 10.20, gcc</LI>
<LI>HP-UX 11.10 parisc and ia64, native cc</LI>
<LI>Irix 6.15, native cc</LI>
<LI>Linux 2.2.18 (x86), gcc</LI>
<LI>Linux 2.4.2 (x86), gcc</LI>
<LI>FreeBSD 4.2 (x86), gcc</LI>
<LI>Linux ia64, native gcc</LI>
<LI>cygwin (w2k),gcc 2.95.3</LI>
<LI>Linux RedHat 6.2 and 7.2 (x86), native gcc</LI>
<LI>DEC Tru64 4.0, gcc</LI>
<LI>MacOS X, native gcc</LI>
<LI>DEC Tru64 4.0/5.1, DEC cc</LI>
<LI>Solaris 2.5.1 thru 9 (sparc/x86), gcc</LI>
<LI>HP-UX 10.20, gcc</LI>
<LI>AIX 4.3.3, AIX cc</LI>
<LI>Solaris 7/8, native cc</LI>
</UL>
<H3>Other Good Information</H3>

2
conserver/Makefile.in
View File

@ -46,7 +46,7 @@ clean:
rm -f *~ *.o $(ALL) core
distclean: clean
rm -f Makefile
rm -f Makefile conserver.rc
install: conserver
$(MKDIR) $(DESTDIR)$(sbindir)

6
conserver/access.c
View File

@ -1,5 +1,5 @@
/*
* $Id: access.c,v 5.52 2003-03-08 08:37:24-08 bryan Exp $
* $Id: access.c,v 5.53 2003-04-06 05:31:54-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -167,7 +167,7 @@ AccType(addr, hname)
len = strlen(pcName);
while (len >= pACtmp->ilen) {
Debug(1, "AccType(): name=%s", pcName);
if (0 == strcmp(pcName, pACtmp->pcwho)) {
if (0 == strcasecmp(pcName, pACtmp->pcwho)) {
return pACtmp->ctrust;
}
pcName = strchr(pcName, '.');
@ -257,7 +257,7 @@ FindUniq(pRCAll)
* else add us by returning our node
*/
for (pRC = pRCAll->pRCuniq; (REMOTE *) 0 != pRC; pRC = pRC->pRCuniq) {
if (0 == strcmp(pRC->rhost.string, pRCAll->rhost.string)) {
if (0 == strcasecmp(pRC->rhost.string, pRCAll->rhost.string)) {
return pRCAll->pRCuniq;
}
}

4
conserver/client.c
View File

@ -1,5 +1,5 @@
/*
* $Id: client.c,v 5.58 2003-03-09 13:53:40-08 bryan Exp $
* $Id: client.c,v 5.60 2003-03-17 08:38:40-08 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -83,7 +83,7 @@ FindWrite(pCL)
} else {
FileWrite(pCL->fd, "\r\n[attached]\r\n", -1);
}
TagLogfile(pCL->pCEto, "%s attached", pCL->acid.string);
TagLogfileAct(pCL->pCEto, "%s attached", pCL->acid.string);
return pCL;
}
return (CONSCLIENT *) 0;

191
conserver/consent.c
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.c,v 5.101 2003-03-09 15:51:15-08 bryan Exp $
* $Id: consent.c,v 5.103 2003-04-06 05:32:20-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -45,6 +45,7 @@
#include <sys/file.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
@ -181,10 +182,11 @@ FindParity(pcMode)
*/
static int
#if PROTOTYPES
TtyDev(CONSENT * pCE)
TtyDev(CONSENT * pCE, fd_set * pfdSet)
#else
TtyDev(pCE)
TtyDev(pCE, pfdSet)
CONSENT *pCE;
fd_set *pfdSet;
#endif
{
struct termios termp;
@ -193,8 +195,10 @@ TtyDev(pCE)
/* here we should fstat for `read-only' checks
*/
if (-1 == fstat(pCE->fdtty, &stPerm)) {
Error("[%s] fstat(%s(%d)): %s", pCE->server.string,
Error("[%s] fstat(%s(%d)): %s: forcing down", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
} else if (0 == (stPerm.st_mode & 0222)) {
/* any device that is read-only we won't write to
*/
@ -205,8 +209,10 @@ TtyDev(pCE)
* Get terminal attributes
*/
if (-1 == tcgetattr(pCE->fdtty, &termp)) {
Error("[%s] tcgetattr(%s(%d)): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] tcgetattr(%s(%d)): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
@ -235,13 +241,17 @@ TtyDev(pCE)
termp.c_cc[VTIME] = 1;
if (-1 == cfsetospeed(&termp, pCE->pbaud->irate)) {
Error("[%s] cfsetospeed(%s(%d)): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] cfsetospeed(%s(%d)): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
if (-1 == cfsetispeed(&termp, pCE->pbaud->irate)) {
Error("[%s] cfsetispeed(%s(%d)): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] cfsetispeed(%s(%d)): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
@ -249,8 +259,10 @@ TtyDev(pCE)
* Set terminal attributes
*/
if (-1 == tcsetattr(pCE->fdtty, TCSADRAIN, &termp)) {
Error("[%s] tcsetattr(%s(%d),TCSADRAIN): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] tcsetattr(%s(%d),TCSADRAIN): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
# if HAVE_STROPTS_H
@ -273,10 +285,11 @@ TtyDev(pCE)
*/
static int
#if PROTOTYPES
TtyDev(CONSENT * pCE)
TtyDev(CONSENT * pCE, fd_set * pfdSet)
#else
TtyDev(pCE)
CONSENT *pCE;
fd_set *pfdSet;
#endif
{
struct sgttyb sty;
@ -287,8 +300,10 @@ TtyDev(pCE)
/* here we should fstat for `read-only' checks
*/
if (-1 == fstat(pCE->fdtty, &stPerm)) {
Error("[%s] fstat(%s(%d)): %s", pCE->server.string,
Error("[%s] fstat(%s(%d)): %s: forcing down", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
} else if (0 == (stPerm.st_mode & 0222)) {
/* any device that is read-only we won't write to
*/
@ -296,8 +311,10 @@ TtyDev(pCE)
}
# if defined(TIOCSSOFTCAR)
if (-1 == ioctl(pCE->fdtty, TIOCSSOFTCAR, &fSoftcar)) {
Error("[%s] ioctl(%s(%d),TIOCSSOFTCAR): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] ioctl(%s(%d),TIOCSSOFTCAR): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
# endif
@ -305,8 +322,10 @@ TtyDev(pCE)
/* stty 9600 raw cs7
*/
if (-1 == ioctl(pCE->fdtty, TIOCGETP, (char *)&sty)) {
Error("[%s] ioctl(%s(%d),TIOCGETP): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] ioctl(%s(%d),TIOCGETP): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
sty.sg_flags &= ~(ECHO | CRMOD | pCE->pparity->iclr);
@ -316,8 +335,10 @@ TtyDev(pCE)
sty.sg_ispeed = pCE->pbaud->irate;
sty.sg_ospeed = pCE->pbaud->irate;
if (-1 == ioctl(pCE->fdtty, TIOCSETP, (char *)&sty)) {
Error("[%s] ioctl(%s(%d),TIOCSETP): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] ioctl(%s(%d),TIOCSETP): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
@ -325,8 +346,10 @@ TtyDev(pCE)
* (in cbreak mode we may not need to this... but we do)
*/
if (-1 == ioctl(pCE->fdtty, TIOCGETC, (char *)&m_tchars)) {
Error("[%s] ioctl(%s(%d),TIOCGETC): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] ioctl(%s(%d),TIOCGETC): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
m_tchars.t_intrc = -1;
@ -336,13 +359,17 @@ TtyDev(pCE)
m_tchars.t_eofc = -1;
m_tchars.t_brkc = -1;
if (-1 == ioctl(pCE->fdtty, TIOCSETC, (char *)&m_tchars)) {
Error("[%s] ioctl(%s(%d),TIOCSETC): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] ioctl(%s(%d),TIOCSETC): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
if (-1 == ioctl(pCE->fdtty, TIOCGLTC, (char *)&m_ltchars)) {
Error("[%s] ioctl(%s(%d),TIOCGLTC): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] ioctl(%s(%d),TIOCGLTC): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
m_ltchars.t_werasc = -1;
@ -351,8 +378,10 @@ TtyDev(pCE)
m_ltchars.t_suspc = -1;
m_ltchars.t_dsuspc = -1;
if (-1 == ioctl(pCE->fdtty, TIOCSLTC, (char *)&m_ltchars)) {
Error("[%s] ioctl(%s(%d),TIOCSLTC): %s", pCE->server.string,
pCE->dfile.string, pCE->fdtty, strerror(errno));
Error("[%s] ioctl(%s(%d),TIOCSLTC): %s: forcing down",
pCE->server.string, pCE->dfile.string, pCE->fdtty,
strerror(errno));
ConsDown(pCE, pfdSet, 1);
return -1;
}
# if HAVE_STROPTS_H
@ -452,7 +481,7 @@ VirtDev(pCE)
if (0 != open(pCE->acslave.string, O_RDWR, 0) || 1 != dup(0)) {
Error("[%s] fd sync error", pCE->server.string);
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
# if HAVE_STROPTS_H && !defined(_AIX)
/* SYSVr4 semantics for opening stream ptys (gregf)
@ -477,7 +506,7 @@ VirtDev(pCE)
{
Error("[%s] ioctl(0,TCGETS): %s", pCE->server.string,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
n_tio.c_iflag &= ~(IGNCR | IUCLC);
n_tio.c_iflag |= ICRNL | IXON | IXANY;
@ -504,7 +533,7 @@ VirtDev(pCE)
{
Error("[%s] ioctl(0,TCSETS): %s", pCE->server.string,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
tcsetpgrp(0, iNewGrp);
@ -514,7 +543,7 @@ VirtDev(pCE)
if (-1 == ioctl(0, TIOCGETP, (char *)&sty)) {
Error("[%s] ioctl(0,TIOCGETP): %s", pCE->server.string,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
sty.sg_flags &= ~(CBREAK | TANDEM | pCE->pparity->iclr);
sty.sg_flags |= (ECHO | CRMOD | pCE->pparity->iset);
@ -525,7 +554,7 @@ VirtDev(pCE)
if (-1 == ioctl(0, TIOCSETP, (char *)&sty)) {
Error("[%s] ioctl(0,TIOCSETP): %s", pCE->server.string,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
/* stty undef all tty chars
@ -534,7 +563,7 @@ VirtDev(pCE)
if (-1 == ioctl(0, TIOCGETC, (char *)&m_tchars)) {
Error("[%s] ioctl(0,TIOCGETC): %s", pCE->server.string,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
m_tchars.t_intrc = '\003';
m_tchars.t_quitc = '\034';
@ -545,12 +574,12 @@ VirtDev(pCE)
if (-1 == ioctl(0, TIOCSETC, (char *)&m_tchars)) {
Error("[%s] ioctl(0,TIOCSETC): %s", pCE->server.string,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
if (-1 == ioctl(0, TIOCGLTC, (char *)&m_ltchars)) {
Error("[%s] ioctl(0,TIOCGLTC): %s", pCE->server.string,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
m_ltchars.t_werasc = '\027';
m_ltchars.t_flushc = '\017';
@ -560,7 +589,7 @@ VirtDev(pCE)
if (-1 == ioctl(0, TIOCSLTC, (char *)&m_ltchars)) {
Error("[%s] ioctl(0,TIOCSLTC): %s", pCE->server.string,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
/* give us a process group to work in
@ -603,18 +632,20 @@ VirtDev(pCE)
}
execve(pcShell, ppcArgv, environ);
Error("[%s] execve(): %s", pCE->server.string, strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
return -1;
}
/* down a console, virtual or real (ksb)
*/
void
#if PROTOTYPES
ConsDown(CONSENT * pCE, fd_set * pfdSet)
ConsDown(CONSENT * pCE, fd_set * pfdSet, short downHard)
#else
ConsDown(pCE, pfdSet)
ConsDown(pCE, pfdSet, downHard)
CONSENT *pCE;
fd_set *pfdSet;
short downHard;
#endif
{
if (-1 != pCE->ipid) {
@ -631,18 +662,16 @@ ConsDown(pCE, pfdSet)
}
if ((CONSFILE *) 0 != pCE->fdlog) {
if (pCE->nolog) {
FilePrint(pCE->fdlog,
"[-- Console logging restored -- %s]\r\n",
StrTime(NULL));
TagLogfile(pCE, "Console logging restored");
}
FilePrint(pCE->fdlog, "[-- Console down -- %s]\r\n",
StrTime(NULL));
TagLogfile(pCE, "Console down");
FileClose(&pCE->fdlog);
pCE->fdlog = (CONSFILE *) 0;
}
pCE->fup = 0;
pCE->nolog = 0;
pCE->autoReUp = 0;
pCE->downHard = downHard;
}
int
@ -656,7 +685,7 @@ CheckHostCache(hostname)
struct hostcache *p;
p = hostcachelist;
while (p != NULL) {
if (0 == strcmp(hostname, p->hostname.string)) {
if (0 == strcasecmp(hostname, p->hostname.string)) {
return 1;
}
p = p->next;
@ -708,20 +737,16 @@ ClearHostCache()
*/
void
#if PROTOTYPES
ConsInit(CONSENT * pCE, fd_set * pfdSet, int useHostCache)
ConsInit(CONSENT * pCE, fd_set * pfdSet, short useHostCache)
#else
ConsInit(pCE, pfdSet, useHostCache)
CONSENT *pCE;
fd_set *pfdSet;
int useHostCache;
short useHostCache;
#endif
{
time_t tyme;
#if PROTOTYPES
extern int FallBack(STRING *, STRING *);
#else
extern int FallBack();
#endif
extern int FallBack PARAMS((STRING *, STRING *));
if (!useHostCache)
ClearHostCache();
@ -729,7 +754,7 @@ ConsInit(pCE, pfdSet, useHostCache)
/* clean up old stuff
*/
if (pCE->fup) {
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 0);
usleep(500000); /* pause 0.50 sec to let things settle a bit */
ResetMark();
}
@ -745,17 +770,19 @@ ConsInit(pCE, pfdSet, useHostCache)
if ((CONSFILE *) 0 ==
(pCE->fdlog =
FileOpen(pCE->lfile.string, O_RDWR | O_CREAT | O_APPEND, 0644))) {
Error("[%s] FileOpen(%s): %s", pCE->server.string,
Error("[%s] FileOpen(%s): %s: forcing down", pCE->server.string,
pCE->lfile.string, strerror(errno));
ConsDown(pCE, pfdSet, 1);
return;
}
FilePrint(pCE->fdlog, "[-- Console up -- %s]\r\n", StrTime(NULL));
TagLogfile(pCE, "Console up");
if (0 != pCE->fvirtual) {
if (-1 == (pCE->fdtty = FallBack(&pCE->acslave, &pCE->dfile))) {
Error("[%s] failed to allocate pseudo-tty: %s",
Error("[%s] failed to allocate pseudo-tty: %s: forcing down",
pCE->server.string, strerror(errno));
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 1);
return;
}
} else if (pCE->isNetworkConsole) {
@ -769,7 +796,7 @@ ConsInit(pCE, pfdSet, useHostCache)
if (CheckHostCache(pCE->networkConsoleHost.string)) {
Error("[%s] cached previous timeout: %s: forcing down",
pCE->server.string, pCE->networkConsoleHost.string);
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 1);
return;
}
usleep(100000); /* Not all terminal servers can keep up */
@ -785,7 +812,7 @@ ConsInit(pCE, pfdSet, useHostCache)
Error("[%s] gethostbyname(%s): %s: forcing down",
pCE->server.string, pCE->networkConsoleHost.string,
hstrerror(h_errno));
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 1);
return;
}
#if HAVE_MEMCPY
@ -797,26 +824,33 @@ ConsInit(pCE, pfdSet, useHostCache)
port.sin_port = htons(pCE->networkConsolePort);
if ((pCE->fdtty = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
Error("[%s] socket(AF_INET,SOCK_STREAM): %s",
Error("[%s] socket(AF_INET,SOCK_STREAM): %s: forcing down",
pCE->server.string, strerror(errno));
exit(EX_UNAVAILABLE);
ConsDown(pCE, pfdSet, 1);
return;
}
if (setsockopt
(pCE->fdtty, SOL_SOCKET, SO_KEEPALIVE, (char *)&one,
sizeof(one)) < 0) {
Error("[%s] setsockopt(%u,SO_KEEPALIVE): %s",
Error("[%s] setsockopt(%u,SO_KEEPALIVE): %s: forcing down",
pCE->server.string, pCE->fdtty, strerror(errno));
ConsDown(pCE, pfdSet, 1);
return;
}
if ((flags = fcntl(pCE->fdtty, F_GETFL)) >= 0) {
flags |= O_NONBLOCK;
if (fcntl(pCE->fdtty, F_SETFL, flags) < 0) {
Error("[%s] fcntl(%u,F_SETFL): %s", pCE->server.string,
pCE->fdtty, strerror(errno));
Error("[%s] fcntl(%u,F_SETFL): %s: forcing down",
pCE->server.string, pCE->fdtty, strerror(errno));
ConsDown(pCE, pfdSet, 1);
return;
}
} else {
Error("[%s] fcntl(%u,F_GETFL): %s", pCE->server.string,
pCE->fdtty, strerror(errno));
Error("[%s] fcntl(%u,F_GETFL): %s: forcing down",
pCE->server.string, pCE->fdtty, strerror(errno));
ConsDown(pCE, pfdSet, 1);
return;
}
if (connect(pCE->fdtty, (struct sockaddr *)&port, sizeof(port)) <
@ -824,7 +858,7 @@ ConsInit(pCE, pfdSet, useHostCache)
if (errno != EINPROGRESS) {
Error("[%s] connect(%u): %s: forcing down",
pCE->server.string, pCE->fdtty, strerror(errno));
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 1);
return;
}
}
@ -837,7 +871,7 @@ ConsInit(pCE, pfdSet, useHostCache)
if ((one = select(pCE->fdtty + 1, NULL, &fds, NULL, &tv)) < 0) {
Error("[%s] select(%u): %s: forcing down", pCE->server.string,
pCE->fdtty, strerror(errno));
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 1);
return;
}
@ -845,7 +879,7 @@ ConsInit(pCE, pfdSet, useHostCache)
AddHostCache(pCE->networkConsoleHost.string);
Error("[%s] connect timeout: forcing down", pCE->server.string,
strerror(errno));
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 1);
return;
} else { /* Response */
socklen_t slen;
@ -859,13 +893,13 @@ ConsInit(pCE, pfdSet, useHostCache)
&slen) < 0) {
Error("[%s] getsockopt(%u,SO_ERROR): %s: forcing down",
pCE->server.string, pCE->fdtty, strerror(errno));
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 1);
return;
}
if (flags != 0) {
Error("[%s] connect(%u): %s: forcing down",
pCE->server.string, pCE->fdtty, strerror(flags));
ConsDown(pCE, pfdSet);
ConsDown(pCE, pfdSet, 1);
return;
}
}
@ -880,9 +914,9 @@ ConsInit(pCE, pfdSet, useHostCache)
} else if (-1 ==
(pCE->fdtty =
open(pCE->dfile.string, O_RDWR | O_NDELAY, 0600))) {
Error("[%s] open(%s): %s", pCE->server.string, pCE->dfile.string,
strerror(errno));
ConsDown(pCE, pfdSet);
Error("[%s] open(%s): %s: forcing down", pCE->server.string,
pCE->dfile.string, strerror(errno));
ConsDown(pCE, pfdSet, 1);
return;
}
FD_SET(pCE->fdtty, pfdSet);
@ -894,7 +928,7 @@ ConsInit(pCE, pfdSet, useHostCache)
} else if (pCE->isNetworkConsole) {
pCE->fup = 1;
} else {
TtyDev(pCE);
TtyDev(pCE, pfdSet);
}
/* If we have marks, adjust the next one so that it's in the future */
@ -908,4 +942,9 @@ ConsInit(pCE, pfdSet, useHostCache)
(((tyme - pCE->nextMark) / pCE->mark) + 1) * pCE->mark;
}
}
if (pCE->downHard && pCE->fup) {
Msg("[%s] console up", pCE->server.string);
pCE->downHard = 0;
}
}

18
conserver/consent.h
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.h,v 5.35 2003-03-09 15:21:49-08 bryan Exp $
* $Id: consent.h,v 5.36 2003-03-17 08:54:53-08 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -59,8 +59,9 @@ typedef struct consent { /* console information */
PARITY *pparity; /* the parity on this line */
int mark; /* Mark (chime) interval */
long nextMark; /* Next mark (chime) time */
short breakType; /* break type [1-9] */
int autoReUp;
unsigned short breakType; /* break type [1-9] */
unsigned short autoReUp; /* is it coming back up automatically? */
unsigned short downHard; /* did it go down unexpectedly? */
/* Used if network console */
int isNetworkConsole;
@ -80,12 +81,12 @@ typedef struct consent { /* console information */
int fdtty; /* the port to talk to machine on */
int activitylog; /* log attach/detach/bump */
int breaklog; /* log breaks sent */
short fup; /* we setup this line? */
short fronly; /* we can only read this console */
unsigned short fup; /* we setup this line? */
unsigned short fronly; /* we can only read this console */
struct client *pCLon; /* clients on this console */
struct client *pCLwr; /* client that is writting on console */
char acline[132 * 2 + 2]; /* max chars we will call a line */
short iend; /* length of data stored in acline */
int iend; /* length of data stored in acline */
struct consent *pCEnext; /* next console entry */
} CONSENT;
@ -96,8 +97,9 @@ struct hostcache {
extern PARITY *FindParity PARAMS((char *));
extern BAUD *FindBaud PARAMS((char *));
extern void ConsInit PARAMS((CONSENT *, fd_set *, int));
extern void ConsDown PARAMS((CONSENT *, fd_set *));
extern void ConsInit PARAMS((CONSENT *, fd_set *, short));
extern void ConsDown PARAMS((CONSENT *, fd_set *, short));
extern int CheckHostCache PARAMS((const char *));
extern void AddHostCache PARAMS((const char *));
extern void ClearHostCache PARAMS((void));
extern void ClearHostCache PARAMS((void));

51
conserver/conserver.man
View File

@ -1,5 +1,5 @@
.\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine
.\" $Id: conserver.man,v 1.29 2003-01-08 17:17:25-08 bryan Exp $
.\" $Id: conserver.man,v 1.32 2003-04-08 14:05:59-07 bryan Exp $
.TH CONSERVER 8 "Local"
.SH NAME
conserver \- console server daemon
@ -71,26 +71,26 @@ process that dies. The following signals are propagated by the parent
process to its children.
.TP
SIGTERM
close all connections and exit.
Close all connections and exit.
.TP
SIGHUP
reread the configuration file. new consoles are managed by
Reread the configuration file. New consoles are managed by
forking off new childen, deleted consoles (and their clients) are dropped,
and changes to consoles are done "in place", resetting the console
port (bringing it down and up) only when necessary. the console name is
used to determine when consoles have been added/removed/changed. all
port (bringing it down and up) only when necessary. The console name is
used to determine when consoles have been added/removed/changed. All
actions performed by SIGUSR2 are also performed.
.TP
SIGUSR1
try to connect to any consoles marked as
Try to connect to any consoles marked as
down. This can come in handy if you had a terminal server (or more)
that wasn't accepting connections at startup and you want
\fBconserver\fP to try to reconnect to all those downed ports.
.TP
SIGUSR2
all console logfiles are closed and reopened
Close and reopen all console logfiles
and, if in daemon mode (\fB\-d\fP option),
the error logfile (see the \fB\-L\fP option). all actions performed by
the error logfile (see the \fB\-L\fP option). All actions performed by
SIGUSR1 are also performed.
.PP
Slave hosts which have no current
@ -101,11 +101,23 @@ and output on stdout (or, in daemon mode, to the logfile).
This allows a live operator or an automated log scanner
to find otherwise unseen errors by watching in a single location.
.PP
\fBConserver\fP must be run as root if it is to bind to a port under 1024
or if it must read a shadow passwd file for authentication (see
\fBConserver\fP must be run as root if it is to bind to a port under
1024 or if it must read protected password files (like shadow passwords)
for authentication (see
.BR conserver.passwd (5)).
Otherwise, it may be run by any user, with \fB\-p\fP used to specify
a port above 1024.
.PP
If encryption has been built into the code (\fB--with-openssl\fP),
encrypted client connections (without certificate exchanges) happen
by default. To add certificate exchanges, use the \fB-c\fP option with
the client and server. For authentication of the certificates to work,
the signing certificate must be properly trusted, which usually means
the public portion is in \fIOPENSSL_ROOT\fP\fB/ssl/certs\fP (on both
the client and server sides). See the sample self-signing certficate
making script \fBcontrib/maketestcerts\fP for further clues. To allow
non-encrypted client connections (in addition to encrypted client
connections), use the \fB-E\fP option.
.SH OPTIONS
.PP
Options may be given as separate arguments (e.g., \fB\-n -d\fP)
@ -159,9 +171,10 @@ Enable debugging output, sent to stderr. Multiple \fB-D\fP options
increases debug output.
.TP
.B \-E
If encryption has been built into the code (\fB--with-openssl\fP), encrypted
client connections are a requirement. This option allows clients to connect
to consoles over non-encrypted connections.
If encryption has been built into the code (\fB--with-openssl\fP),
encrypted client connections are a requirement. This option allows
non-encrypted clients (as well as encrypted clients) to connect to
consoles.
.TP
.B \-F
Do not automatically reinitialize failed (unexpectedly closed)
@ -202,12 +215,6 @@ Normally, a client connecting to a ``downed'' console does just that.
Using this option, the server will automatically attempt to open
(``bring up'') the console when the client connects.
.TP
.B \-R
Disable automatic client redirection to other conserver hosts. This
means informational commands like \fB-w\fP and \fB-i\fP will only show
the status of the local conserver host and attempts to connect to
remote consoles will result in an informative message to the user.
.TP
.BI \-O min
Enable periodic attempts (every \fImin\fP minutes) to open (``bring up'')
all downed consoles (similar to sending a SIGUSR1).
@ -223,6 +230,12 @@ Read the table of authorized user data from the file \fIpasswd\fP.
The default \fIpasswd\fP may be changed at compile time using the
\fB--with-pwdfile\fP option.
.TP
.B \-R
Disable automatic client redirection to other conserver hosts. This
means informational commands like \fB-w\fP and \fB-i\fP will only show
the status of the local conserver host and attempts to connect to
remote consoles will result in an informative message to the user.
.TP
.B \-u
Send unloved console output to \fBconserver\fP's stdout
(which, in daemon mode, is redirected to the logfile).

29
conserver/conserver.rc
View File

@ -1,29 +0,0 @@
#!/bin/sh
#
# Startup for conserver
#
PATH=/usr/bin:/usr/local/bin
case "$1" in
'start')
echo "Starting console server daemon"
conserver -d
;;
'stop')
master=`ps -ef | grep conserver | awk '$3 == "1"{print $2}'`
[ "$master" ] && kill -TERM $master
;;
'restart')
master=`ps -ef | grep conserver | awk '$3 == "1"{print $2}'`
[ "$master" ] && kill -HUP $master
;;
*)
echo "Usage: $0 { start | stop | restart }"
;;
esac
exit 0

40
conserver/conserver.rc.in Normal file
View File

@ -0,0 +1,40 @@
#!/bin/sh
#
# Startup for conserver
#
PATH=/usr/bin:/bin:/usr/local/bin
PIDFILE="@PIDFILE@"
signalmaster() {
sig=$1
if [ -f "$PIDFILE" ]; then
master=`cat "$PIDFILE"`
else
master=`ps -ef | grep conserver | awk '$3 == "1"{print $2}'`
fi
[ "$master" ] && kill -$sig $master
}
case "$1" in
'start')
echo "Starting console server daemon"
conserver -d
;;
'stop')
echo "Stopping console server daemon"
signalmaster TERM
;;
'restart')
echo "Restarting console server daemon"
signalmaster HUP
;;
*)
echo "Usage: $0 { start | stop | restart }"
;;
esac
exit 0

4
conserver/fallback.c
View File

@ -1,5 +1,5 @@
/*
* $Id: fallback.c,v 5.52 2003-03-08 08:38:14-08 bryan Exp $
* $Id: fallback.c,v 5.53 2003-03-17 08:27:34-08 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -90,7 +90,7 @@ GetPseudoTTY(slave, master)
#if HAVE_SIGACTION
sigset_t oldmask, newmask;
#else
extern RETSIGTYPE FlagReapVirt();
extern RETSIGTYPE FlagReapVirt PARAMS((int));
#endif
if (0 > (fd = open("/dev/ptmx", O_RDWR, 0))) {

277
conserver/group.c
View File

@ -1,5 +1,5 @@
/*
* $Id: group.c,v 5.209 2003-03-10 17:30:58-08 bryan Exp $
* $Id: group.c,v 5.212 2003-04-07 18:47:50-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -72,17 +72,6 @@
#include <varargs.h>
#endif
#include <arpa/telnet.h>
#if HAVE_POSIX_REGCOMP
#include <regex.h>
#endif
#if HAVE_PAM
#include <security/pam_appl.h>
#endif
#if defined(USE_LIBWRAP)
#include <syslog.h>
#include <tcpd.h>
#endif
#include <compat.h>
#include <util.h>
@ -95,6 +84,17 @@
#include <readcfg.h>
#include <main.h>
#if HAVE_POSIX_REGCOMP
#include <regex.h>
#endif
#if HAVE_PAM
#include <security/pam_appl.h>
#endif
#if defined(USE_LIBWRAP)
#include <syslog.h>
#include <tcpd.h>
#endif
/* flags that a signal has occurred */
static sig_atomic_t fSawChldHUP = 0, fSawReUp = 0, fSawMark =
@ -174,7 +174,7 @@ DisconnectClient(pGE, pCL, message)
}
if (fNoinit && pCEServing->pCLon->pCLnext == (CONSCLIENT *) 0)
ConsDown(pCEServing, &pGE->rinit);
ConsDown(pCEServing, &pGE->rinit, 0);
FD_CLR(FileFDNum(pCL->fd), &pGE->rinit);
FileClose(&pCL->fd);
@ -185,12 +185,10 @@ DisconnectClient(pGE, pCL, message)
if (pCL->fwr) {
pCL->fwr = 0;
pCL->fwantwr = 0;
TagLogfile(pCEServing, "%s detached", pCL->acid.string);
TagLogfileAct(pCEServing, "%s detached", pCL->acid.string);
if (pCEServing->nolog) {
pCEServing->nolog = 0;
FilePrint(pCEServing->fdlog,
"[-- Console logging restored (logout) -- %s]\r\n",
StrTime(NULL));
TagLogfile(pCEServing, "Console logging restored (logout)");
}
pCEServing->pCLwr = FindWrite(pCEServing->pCLon);
}
@ -286,12 +284,10 @@ DestroyConsent(pGE, pCE)
FD_CLR(FileFDNum(pCL->fd), &pGE->rinit);
FileClose(&pCL->fd);
if (pCL->fwr) {
TagLogfile(pCE, "%s detached", pCL->acid.string);
TagLogfileAct(pCE, "%s detached", pCL->acid.string);
if (pCE->nolog) {
pCE->nolog = 0;
FilePrint(pCE->fdlog,
"[-- Console logging restored (logout) -- %s]\r\n",
StrTime(NULL));
TagLogfile(pCE, "Console logging restored (logout)");
}
}
/* mark as unconnected and remove from both
@ -310,7 +306,7 @@ DestroyConsent(pGE, pCE)
pGE->pCLfree = pCL;
}
ConsDown(pCE, &pGE->rinit);
ConsDown(pCE, &pGE->rinit, 0);
for (ppCE = &(pGE->pCElist); *ppCE != (CONSENT *) 0;
ppCE = &((*ppCE)->pCEnext)) {
@ -493,6 +489,10 @@ CheckPass(pcUser, pcWord)
#else /* getpw*() */
struct passwd *pwd;
int retval = AUTH_SUCCESS;
char *pass;
#if HAVE_ISCOMSEC && HAVE_GETPRPWNAM
struct pr_passwd *prpwd;
#endif
#if HAVE_GETSPNAM
struct spwd *spwd;
#endif
@ -501,28 +501,70 @@ CheckPass(pcUser, pcWord)
pcWord = "";
}
if ((pwd = getpwnam(pcUser)) == (struct passwd *)0) {
Debug(1, "CheckPass(): getpwnam(%s): %s", pcUser, strerror(errno));
retval = AUTH_NOUSER;
} else {
#if HAVE_GETSPNAM
if ('x' == pwd->pw_passwd[0] && '\000' == pwd->pw_passwd[1]) {
if ((spwd = getspnam(pwd->pw_name)) == (struct spwd *)0) {
retval = AUTH_NOUSER;
} else {
if ((spwd->sp_pwdp[0] != '\000' || pcWord[0] != '\000') &&
(strcmp(spwd->sp_pwdp, crypt(pcWord, spwd->sp_pwdp)) !=
0)) {
retval = AUTH_INVALID;
}
}
} else
goto finished_pass;
}
pass = pwd->pw_passwd;
#if HAVE_ISCOMSEC && HAVE_GETPRPWNAM
if (iscomsec()) {
Debug(1, "CheckPass(): trusted password check");
if ((prpwd = getprpwnam(pcUser)) == (struct pr_passwd *)0) {
Debug(1, "CheckPass(): getprpwnam(%s): %s", pcUser,
strerror(errno));
retval = AUTH_NOUSER;
goto finished_pass;
}
pass = prpwd->ufld.fd_encrypt;
}
#endif
if ((pwd->pw_passwd[0] != '\000' || pcWord[0] != '\000') &&
(strcmp(pwd->pw_passwd, crypt(pcWord, pwd->pw_passwd))
!= 0)) {
#if HAVE_GETSPNAM
if ('x' == pass[0] && '\000' == pass[1]) {
Debug(1, "CheckPass(): shadow password check");
if ((spwd = getspnam(pcUser)) == (struct spwd *)0) {
Debug(1, "CheckPass(): getspnam(%s): %s", pcUser,
strerror(errno));
retval = AUTH_NOUSER;
goto finished_pass;
}
pass = spwd->sp_pwdp;
}
#endif
if (pass[0] == '\000' && pcWord[0] == '\000') {
retval = AUTH_SUCCESS; /* let empty password match */
} else {
char *encrypted;
char *salt;
if (pass[0] == '\000')
salt = "XX";
else
salt = pass;
#if HAVE_ISCOMSEC && HAVE_BIGCRYPT
if (iscomsec())
encrypted = bigcrypt(pcWord, salt);
else
#endif
encrypted = crypt(pcWord, salt);
if ((strcmp(pass, encrypted) != 0)) {
Debug(1, "CheckPass(): password check failed (%s)", pass);
retval = AUTH_INVALID;
}
}
finished_pass:
endpwent();
#if HAVE_ISCOMSEC && HAVE_GETPRPWNAM
if (iscomsec())
endprpwent();
#endif
#if HAVE_GETSPNAM
endspent();
#endif
return retval;
#endif /* getpw*() */
}
@ -630,6 +672,8 @@ ReUp(pGE, automatic)
(!fReopenall || ((time(NULL) - lastup) < (fReopenall * 60))))
return;
ClearHostCache();
for (pCE = pGE->pCElist; pCE != (CONSENT *) 0; pCE = pCE->pCEnext) {
if (pCE->fup || fNoinit || (automatic == 1 && !pCE->autoReUp))
continue;
@ -691,6 +735,32 @@ TagLogfile(pCE, fmt, va_alist)
const char *fmt;
va_dcl
#endif
{
va_list ap;
#if PROTOTYPES
va_start(ap, fmt);
#else
va_start(ap);
#endif
if ((pCE == (CONSENT *) 0) || (pCE->fdlog == (CONSFILE *) 0))
return;
FileWrite(pCE->fdlog, "[-- ", -1);
FileVWrite(pCE->fdlog, fmt, ap);
FilePrint(pCE->fdlog, " -- %s]\r\n", StrTime(NULL));
va_end(ap);
}
void
#if PROTOTYPES
TagLogfileAct(const CONSENT * pCE, const char *fmt, ...)
#else
TagLogfileAct(pCE, fmt, va_alist)
const CONSENT *pCE;
const char *fmt;
va_dcl
#endif
{
va_list ap;
#if PROTOTYPES
@ -862,7 +932,7 @@ DeUtmp(pGE, sfd)
"[-- Console server shutting down --]\r\n");
for (pCE = pGE->pCElist; pCE != (CONSENT *) 0; pCE = pCE->pCEnext) {
ConsDown(pCE, &pGE->rinit);
ConsDown(pCE, &pGE->rinit, 0);
}
}
@ -917,13 +987,13 @@ ReapVirt(pGE)
if (pCE->pCLwr != (CONSCLIENT *) 0) {
pCE->pCLwr->fwr = 0;
pCE->pCLwr->fwantwr = 1;
TagLogfile(pCE, "%s detached", pCE->pCLwr->acid.string);
TagLogfileAct(pCE, "%s detached", pCE->pCLwr->acid.string);
pCE->pCLwr = (CONSCLIENT *) 0;
}
if (fNoautoreup &&
!(WIFEXITED(UWbuf) && WEXITSTATUS(UWbuf) == 0)) {
ConsDown(pCE, &pGE->rinit);
ConsDown(pCE, &pGE->rinit, 0);
} else {
/* Try an initial reconnect */
Msg("[%s] automatic reinitialization", pCE->server.string);
@ -1036,11 +1106,11 @@ CheckPasswd(pCLServing, pw_string)
char *p;
int status;
static STRING *tomatch = (STRING *) 0;
if (tomatch == (STRING *) 0)
tomatch = AllocString();
#if HAVE_POSIX_REGCOMP
regex_t re;
#endif
if (tomatch == (STRING *) 0)
tomatch = AllocString();
BuildString((char *)0, tomatch);
#if HAVE_POSIX_REGCOMP
BuildStringChar('^', tomatch);
@ -1052,7 +1122,9 @@ CheckPasswd(pCLServing, pw_string)
p = pCLServing->pCEwant->server.string;
while (p != (char *)0) {
#if HAVE_POSIX_REGCOMP
if (regcomp(&re, tomatch->string, REG_NOSUB)
if (regcomp
(&re, tomatch->string,
REG_NOSUB | REG_ICASE)
!= 0) {
Error
("CheckPasswd(): %s(%d) server name `%s' not a valid regular expression",
@ -1062,7 +1134,7 @@ CheckPasswd(pCLServing, pw_string)
status = regexec(&re, p, 0, NULL, 0);
regfree(&re);
#else
status = strcmp(tomatch->string, p);
status = strcasecmp(tomatch->string, p);
#endif
if (status == 0) {
Verbose("[%s] user %s authenticated",
@ -1403,13 +1475,11 @@ DoBreakWork(pCLServing, pCEServing, bt, cleanup)
FileWrite(pCLServing->fd, "sent]\r\n", -1);
if (pCEServing->breaklog) {
if (waszero) {
FilePrint(pCEServing->fdlog,
"[-- break #0(%d) sent -- `%s' -- %s]\r\n", bt,
breakList[bt - 1].string, StrTime(NULL));
TagLogfile(pCEServing, "break #0(%d) sent -- `%s'", bt,
breakList[bt - 1].string);
} else {
FilePrint(pCEServing->fdlog,
"[-- break #%d sent -- `%s' -- %s]\r\n", bt,
breakList[bt - 1].string, StrTime(NULL));
TagLogfile(pCEServing, "break #%d sent -- `%s'", bt,
breakList[bt - 1].string);
}
}
}
@ -1454,7 +1524,7 @@ AttemptSSL(pCL)
fdnum = FileFDNum(pCL->fd);
if (ctx == (SSL_CTX *) 0) {
Error("AttemptSSL(): WTF? The SSL context disappeared?!?!?");
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}
if (!(ssl = SSL_new(ctx))) {
Error("AttemptSSL(): SSL_new() failed for client `%s' (fd %d)",
@ -1748,13 +1818,13 @@ Kiddie(pGE, sfd)
if (pCEServing->pCLwr != (CONSCLIENT *) 0) {
pCEServing->pCLwr->fwr = 0;
pCEServing->pCLwr->fwantwr = 1;
TagLogfile(pCEServing, "%s detached",
pCEServing->pCLwr->acid.string);
TagLogfileAct(pCEServing, "%s detached",
pCEServing->pCLwr->acid.string);
pCEServing->pCLwr = (CONSCLIENT *) 0;
}
if (fNoautoreup) {
ConsDown(pCEServing, &pGE->rinit);
ConsDown(pCEServing, &pGE->rinit, 1);
} else {
/* Try an initial reconnect */
Msg("[%s] automatic reinitialization",
@ -2015,8 +2085,8 @@ Kiddie(pGE, sfd)
for (pCE = pGE->pCElist; pCE != (CONSENT *) 0;
pCE = pCE->pCEnext) {
if (0 ==
strcmp(pCLServing->accmd.string,
pCE->server.string)) {
strcasecmp(pCLServing->accmd.string,
pCE->server.string)) {
pCLServing->pCEwant = pCE;
BuildString((char *)0, &pCLServing->accmd);
break;
@ -2026,9 +2096,10 @@ Kiddie(pGE, sfd)
for (pCE = pGE->pCElist; pCE != (CONSENT *) 0;
pCE = pCE->pCEnext) {
if (0 ==
strncmp(pCLServing->accmd.string,
pCE->server.string,
pCLServing->accmd.used - 1)) {
strncasecmp(pCLServing->accmd.string,
pCE->server.string,
pCLServing->accmd.used -
1)) {
pCLServing->pCEwant = pCE;
BuildString((char *)0,
&pCLServing->accmd);
@ -2100,8 +2171,8 @@ Kiddie(pGE, sfd)
if (pCLServing->fwr) {
pCLServing->fwr = 0;
pCLServing->fwantwr = 0;
TagLogfile(pCEServing, "%s detached",
pCLServing->acid.string);
TagLogfileAct(pCEServing, "%s detached",
pCLServing->acid.string);
pCEServing->pCLwr =
FindWrite(pCEServing->pCLon);
}
@ -2150,8 +2221,8 @@ Kiddie(pGE, sfd)
FileWrite(pCLServing->fd, "attached]\r\n", -1);
/* this keeps the ops console neat */
pCEServing->iend = 0;
TagLogfile(pCEServing, "%s attached",
pCLServing->acid.string);
TagLogfileAct(pCEServing, "%s attached",
pCLServing->acid.string);
} else {
FileWrite(pCLServing->fd, "spy]\r\n", -1);
}
@ -2203,8 +2274,8 @@ Kiddie(pGE, sfd)
FileWrite(pCLServing->fd,
" -- attached]\r\n", -1);
}
TagLogfile(pCEServing, "%s attached",
pCLServing->acid.string);
TagLogfileAct(pCEServing, "%s attached",
pCLServing->acid.string);
} else {
FileWrite(pCLServing->fd, " -- spy mode]\r\n",
-1);
@ -2398,8 +2469,9 @@ Kiddie(pGE, sfd)
FileWrite(pCLServing->fd,
"attached]\r\n", -1);
}
TagLogfile(pCEServing, "%s attached",
pCLServing->acid.string);
TagLogfileAct(pCEServing,
"%s attached",
pCLServing->acid.string);
} else if (pCL == pCLServing) {
if (pCEServing->nolog) {
FileWrite(pCLServing->fd,
@ -2492,9 +2564,9 @@ Kiddie(pGE, sfd)
pCLServing->fwr = 0;
pCEServing->pCLwr = (CONSCLIENT *) 0;
TagLogfile(pCEServing, "%s detached",
pCLServing->acid.string);
ConsDown(pCEServing, &pGE->rinit);
TagLogfileAct(pCEServing, "%s detached",
pCLServing->acid.string);
ConsDown(pCEServing, &pGE->rinit, 0);
FileWrite(pCLServing->fd, "line down]\r\n",
-1);
@ -2565,9 +2637,10 @@ Kiddie(pGE, sfd)
FileWrite(pCL->fd,
pCLServing->acid.string, -1);
FileWrite(pCL->fd, "]\r\n", -1);
TagLogfile(pCEServing, "%s bumped %s",
pCLServing->acid.string,
pCL->acid.string);
TagLogfileAct(pCEServing,
"%s bumped %s",
pCLServing->acid.string,
pCL->acid.string);
} else {
if (pCEServing->nolog) {
FileWrite(pCLServing->fd,
@ -2577,8 +2650,9 @@ Kiddie(pGE, sfd)
FileWrite(pCLServing->fd,
"attached]\r\n", -1);
}
TagLogfile(pCEServing, "%s attached",
pCLServing->acid.string);
TagLogfileAct(pCEServing,
"%s attached",
pCLServing->acid.string);
}
pCEServing->pCLwr = pCLServing;
pCLServing->fwr = 1;
@ -2718,17 +2792,17 @@ Kiddie(pGE, sfd)
if (pCEServing->nolog) {
FileWrite(pCLServing->fd,
"logging off]\r\n", -1);
FilePrint(pCEServing->fdlog,
"[-- Console logging disabled by %s -- %s]\r\n",
pCLServing->acid.string,
StrTime(NULL));
TagLogfile(pCEServing,
"Console logging disabled by %s",
pCLServing->acid.
string);
} else {
FileWrite(pCLServing->fd,
"logging on]\r\n", -1);
FilePrint(pCEServing->fdlog,
"[-- Console logging restored by %s -- %s]\r\n",
pCLServing->acid.string,
StrTime(NULL));
TagLogfile(pCEServing,
"Console logging restored by %s",
pCLServing->acid.
string);
}
} else {
FilePrint(pCLServing->fd,
@ -2780,13 +2854,15 @@ Kiddie(pGE, sfd)
pCLServing->fwr = 1;
FileWrite(pCLServing->fd,
"up -- attached]\r\n", -1);
TagLogfile(pCEServing, "%s attached",
pCLServing->acid.string);
TagLogfileAct(pCEServing,
"%s attached",
pCLServing->acid.string);
} else if (pCL == pCLServing) {
FileWrite(pCLServing->fd, "up]\r\n",
-1);
TagLogfile(pCEServing, "%s attached",
pCLServing->acid.string);
TagLogfileAct(pCEServing,
"%s attached",
pCLServing->acid.string);
} else {
FilePrint(pCLServing->fd,
"up, %s is attached]\r\n",
@ -2824,8 +2900,8 @@ Kiddie(pGE, sfd)
break;
}
pCLServing->fwr = 0;
TagLogfile(pCEServing, "%s detached",
pCLServing->acid.string);
TagLogfileAct(pCEServing, "%s detached",
pCLServing->acid.string);
pCEServing->pCLwr =
FindWrite(pCEServing->pCLon);
FileWrite(pCLServing->fd, "spying]\r\n",
@ -2914,8 +2990,9 @@ Kiddie(pGE, sfd)
pCLServing->fwr = 0;
pCLServing->fwantwr = 0;
pCEServing->pCLwr = (CONSCLIENT *) 0;
TagLogfile(pCEServing, "%s detached",
pCLServing->acid.string);
TagLogfileAct(pCEServing,
"%s detached",
pCLServing->acid.string);
}
break;
@ -3219,14 +3296,14 @@ Spawn(pGE)
*/
if ((sfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
Error("Spawn(): socket(): %s", strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
#if HAVE_SETSOCKOPT
if (setsockopt
(sfd, SOL_SOCKET, SO_REUSEADDR, (char *)&true, sizeof(true)) < 0) {
Error("Spawn(): setsockopt(%u,SO_REUSEADDR): %s", sfd,
strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
#endif
@ -3239,14 +3316,14 @@ Spawn(pGE)
lstn_port.sin_port = htons(bindBasePort + portInc);
} else {
Error("Spawn(): bind(%u): %s", sfd, strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
}
so = sizeof(lstn_port);
if (-1 == getsockname(sfd, (struct sockaddr *)&lstn_port, &so)) {
Error("Spawn(): getsockname(%u): %s", sfd, strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
pGE->port = lstn_port.sin_port;
@ -3255,7 +3332,7 @@ Spawn(pGE)
switch (pid = fork()) {
case -1:
Error("Spawn(): fork(): %s", strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
default:
close(sfd);
/* hmm...there seems to be a potential linux bug here as well.
@ -3279,13 +3356,13 @@ Spawn(pGE)
}
if (listen(sfd, SOMAXCONN) < 0) {
Error("Spawn(): listen(%u): %s", sfd, strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
ssocket = FileOpenFD(sfd, simpleSocket);
if ((CONSFILE *) 0 == ssocket) {
Error("Spawn(): FileOpenFD(%u): %s", sfd, strerror(errno));
close(sfd);
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
Kiddie(pGE, ssocket);
@ -3293,5 +3370,5 @@ Spawn(pGE)
*/
FileClose(&ssocket);
Error("Spawn(): internal flow error");
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}

3
conserver/group.h
View File

@ -1,5 +1,5 @@
/*
* $Id: group.h,v 5.30 2003-03-09 15:21:49-08 bryan Exp $
* $Id: group.h,v 5.31 2003-03-17 08:43:20-08 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -56,6 +56,7 @@ typedef struct grpent { /* group info */
extern void Spawn PARAMS((GRPENT *));
extern int CheckPass PARAMS((char *, char *));
extern void TagLogfile PARAMS((const CONSENT *, const char *, ...));
extern void TagLogfileAct PARAMS((const CONSENT *, const char *, ...));
extern void CleanupBreak PARAMS((short));
extern void DestroyGroup PARAMS((GRPENT *));
extern void DestroyConsent PARAMS((GRPENT *, CONSENT *));

68
conserver/main.c
View File

@ -1,5 +1,5 @@
/*
* $Id: main.c,v 5.120 2003-03-09 15:20:43-08 bryan Exp $
* $Id: main.c,v 5.122 2003-04-06 05:31:13-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -53,6 +53,11 @@
#include <readcfg.h>
#include <version.h>
#if HAVE_OPENSSL
#include <openssl/opensslv.h>
#endif
int fAll = 0, fSoftcar = 0, fNoinit = 0, fVersion = 0, fStrip =
0, fDaemon = 0, fUseLogfile = 0, fReopen = 0, fReopenall =
0, fNoautoreup = 0, fNoredir = 0;
@ -327,29 +332,29 @@ SetupSSL()
SSL_load_error_strings();
if (!SSL_library_init()) {
Error("SetupSSL(): SSL_library_init() failed");
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}
if ((ctx = SSL_CTX_new(SSLv23_method())) == (SSL_CTX *) 0) {
Error("SetupSSL(): SSL_CTX_new() failed");
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}
if (SSL_CTX_set_default_verify_paths(ctx) != 1) {
Error
("SetupSSL(): could not load SSL default CA file and/or directory");
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}
if (pcCredFile != (char *)0) {
if (SSL_CTX_use_certificate_chain_file(ctx, pcCredFile) != 1) {
Error
("SetupSSL(): could not load SSL certificate from `%s'",
pcCredFile);
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}
if (SSL_CTX_use_PrivateKey_file
(ctx, pcCredFile, SSL_FILETYPE_PEM) != 1) {
Error("SetupSSL(): could not SSL private key from `%s'",
pcCredFile);
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback);
@ -364,7 +369,7 @@ SetupSSL()
if (SSL_CTX_set_cipher_list(ctx, "ALL:!LOW:!EXP:!MD5:@STRENGTH") !=
1) {
Error("SetupSSL(): setting SSL cipher list failed");
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}
/* might want to turn this back on at some point, but i can't
* see why right now.
@ -393,7 +398,7 @@ ReopenLogfile()
close(1);
if (1 != open(pcLogfile, O_WRONLY | O_CREAT | O_APPEND, 0644)) {
Error("ReopenLogfile(): open(%s): %s", pcLogfile, strerror(errno));
exit(EX_TEMPFAIL);
Bye(EX_TEMPFAIL);
}
close(2);
dup(1);
@ -431,7 +436,7 @@ Daemonize()
switch (res = fork()) {
case -1:
Error("Daemonize(): fork(): %s", strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_TEMPFAIL);
case 0:
thepid = getpid();
break;
@ -619,6 +624,22 @@ Version()
}
}
Msg("options: %s", acA1->string);
#if HAVE_DMALLOC
BuildString((char *)0, acA1);
BuildStringChar('0' + DMALLOC_VERSION_MAJOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + DMALLOC_VERSION_MINOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + DMALLOC_VERSION_PATCH, acA1);
if (DMALLOC_VERSION_BETA != 0) {
BuildString("-b", acA1);
BuildStringChar('0' + DMALLOC_VERSION_BETA, acA1);
}
Msg("dmalloc version: %s", acA1->string);
#endif
#if HAVE_OPENSSL
Msg("openssl version: %s", OPENSSL_VERSION_TEXT);
#endif
Msg("built with `%s'", CONFIGINVOCATION);
if (fVerbose)
@ -718,12 +739,13 @@ DumpDataStructures()
"DumpDataStructures(): isNetworkConsole=%d, networkConsoleHost=%s",
pCE->isNetworkConsole, pCE->networkConsoleHost.string);
Debug(1,
"DumpDataStructures(): networkConsolePort=%hu, telnetState=%d, autoReup=%d",
"DumpDataStructures(): networkConsolePort=%hu, telnetState=%d, autoReup=%hu",
pCE->networkConsolePort, pCE->telnetState,
pCE->autoReUp);
Debug(1, "DumpDataStructures(): baud=%s, parity=%c",
pCE->pbaud->acrate, pCE->pparity->ckey);
Debug(1,
"DumpDataStructures(): downHard=%hu, baud=%s, parity=%c",
pCE->downHard, pCE->pbaud->acrate, pCE->pparity->ckey);
Debug(1,
"DumpDataStructures(): fvirtual=%d, acslave=%s, pccmd=%s, ipid=%lu",
@ -802,12 +824,12 @@ main(argc, argv)
gethostname(acMyHost, sizeof(acMyHost));
if ((struct hostent *)0 == (hpMe = gethostbyname(acMyHost))) {
Error("gethostbyname(%s): %s", acMyHost, hstrerror(h_errno));
exit(EX_UNAVAILABLE);
Bye(EX_TEMPFAIL);
}
if (4 != hpMe->h_length || AF_INET != hpMe->h_addrtype) {
Error("wrong address size (4 != %d) or adress family (%d != %d)",
hpMe->h_length, AF_INET, hpMe->h_addrtype);
exit(EX_UNAVAILABLE);
Bye(EX_TEMPFAIL);
}
#if HAVE_MEMCPY
memcpy(&acMyAddr, hpMe->h_addr, hpMe->h_length);
@ -832,7 +854,7 @@ main(argc, argv)
break;
default:
Error("unknown access type `%s'", optarg);
exit(EX_UNAVAILABLE);
Bye(EX_USAGE);
}
break;
case 'b':
@ -910,10 +932,10 @@ main(argc, argv)
break;
case '\?':
Usage(0);
exit(EX_UNAVAILABLE);
Bye(EX_USAGE);
default:
Error("option %c needs a parameter", optopt);
exit(EX_UNAVAILABLE);
Bye(EX_USAGE);
}
}
@ -928,7 +950,7 @@ main(argc, argv)
close(0);
if (0 != open("/dev/null", O_RDWR, 0644)) {
Error("open(/dev/null): %s", strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSFILE);
}
if (fVersion) {
@ -985,7 +1007,7 @@ main(argc, argv)
bindAddr = inet_addr(pcAddress);
if (bindAddr == (in_addr_t) (-1)) {
Error("inet_addr(%s): %s", pcAddress, "invalid IP address");
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
acMyAddr.s_addr = bindAddr;
}
@ -998,7 +1020,7 @@ main(argc, argv)
if (pcPort == NULL) {
Error
("main(): severe error - pcPort is NULL???? how can that be?");
exit(EX_UNAVAILABLE);
Bye(EX_SOFTWARE);
}
/* Look for non-numeric characters */
@ -1014,7 +1036,7 @@ main(argc, argv)
struct servent *pSE;
if ((struct servent *)0 == (pSE = getservbyname(pcPort, "tcp"))) {
Error("getservbyname(%s): %s", pcPort, strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
} else {
bindPort = ntohs((unsigned short)pSE->s_port);
}
@ -1034,7 +1056,7 @@ main(argc, argv)
if ((struct servent *)0 ==
(pSE = getservbyname(pcBasePort, "tcp"))) {
Error("getservbyname(%s): %s", pcBasePort, strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
} else {
bindBasePort = ntohs((unsigned short)pSE->s_port);
}
@ -1044,7 +1066,7 @@ main(argc, argv)
*/
if ((FILE *) 0 == (fpConfig = fopen(pcConfig, "r"))) {
Error("fopen(%s): %s", pcConfig, strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_NOINPUT);
}
ReadCfg(pcConfig, fpConfig);

44
conserver/master.c
View File

@ -1,5 +1,5 @@
/*
* $Id: master.c,v 5.91 2003-03-10 17:37:04-08 bryan Exp $
* $Id: master.c,v 5.94 2003-04-07 18:48:12-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -40,13 +40,6 @@
#include <ctype.h>
#include <signal.h>
#if defined(USE_LIBWRAP)
#include <syslog.h>
#include <tcpd.h>
int allow_severity = LOG_INFO;
int deny_severity = LOG_WARNING;
#endif
#include <compat.h>
#include <util.h>
@ -59,6 +52,12 @@ int deny_severity = LOG_WARNING;
#include <version.h>
#include <main.h>
#if defined(USE_LIBWRAP)
#include <syslog.h>
#include <tcpd.h>
int allow_severity = LOG_INFO;
int deny_severity = LOG_WARNING;
#endif
static sig_atomic_t fSawQuit = 0, fSawHUP = 0, fSawUSR2 = 0, fSawUSR1 =
@ -111,27 +110,30 @@ FixKids()
/* A couple ways to shut down the whole system */
if (WIFEXITED(UWbuf) && (WEXITSTATUS(UWbuf) == EX_UNAVAILABLE)) {
Msg("child pid %lu: exit(%d), shutting down",
(unsigned long)pGE->pid, WEXITSTATUS(UWbuf));
fSawQuit = 1;
/* So we don't kill something that's dead */
pGE->pid = -1;
Msg("[%s] exit(%d), shutdown", pGE->pCElist->server.string,
WEXITSTATUS(UWbuf));
break;
}
if (WIFSIGNALED(UWbuf) && (WTERMSIG(UWbuf) == SIGTERM)) {
Msg("child pid %lu: signal(%d), shutting down",
(unsigned long)pGE->pid, WTERMSIG(UWbuf));
fSawQuit = 1;
/* So we don't kill something that's dead */
pGE->pid = -1;
Msg("[%s] signal(%d), shutdown",
pGE->pCElist->server.string, WTERMSIG(UWbuf));
break;
}
/* If not, then just a simple restart of the child */
if (WIFEXITED(UWbuf))
Msg("[%s] exit(%d), restarted", WEXITSTATUS(UWbuf));
Msg("child pid %lu: exit(%d), restarting", pGE->pid,
WEXITSTATUS(UWbuf));
if (WIFSIGNALED(UWbuf))
Msg("[%s] signal(%d), restarted", WTERMSIG(UWbuf));
Msg("child pid %lu: signal(%d), restarting", pGE->pid,
WTERMSIG(UWbuf));
/* this kid kid is dead, start another
*/
@ -551,7 +553,7 @@ Master()
-1);
Error("Master(): getsockname(%u): %s",
FileFDNum(csocket), strerror(errno));
exit(EX_UNAVAILABLE);
Bye(EX_OSERR);
}
FilePrint(csocket, "@%s", inet_ntoa(lcl.sin_addr));
iSep = 0;
@ -594,7 +596,7 @@ Master()
continue;
for (pCE = pGE->pCElist; pCE != (CONSENT *) 0;
pCE = pCE->pCEnext) {
if (0 != strcmp(pcArgs, pCE->server.string)) {
if (0 != strcasecmp(pcArgs, pCE->server.string)) {
continue;
}
prnum = ntohs(pGE->port);
@ -609,7 +611,7 @@ Master()
*/
if (!fNoredir || (fNoredir && found == 0)) {
for (pRC = pRCList; (REMOTE *) 0 != pRC; pRC = pRC->pRCnext) {
if (0 != strcmp(pcArgs, pRC->rserver.string)) {
if (0 != strcasecmp(pcArgs, pRC->rserver.string)) {
continue;
}
ambiguous = BuildTmpString(pRC->rserver.string);
@ -625,8 +627,8 @@ Master()
for (pCE = pGE->pCElist; pCE != (CONSENT *) 0;
pCE = pCE->pCEnext) {
if (0 !=
strncmp(pcArgs, pCE->server.string,
strlen(pcArgs))) {
strncasecmp(pcArgs, pCE->server.string,
strlen(pcArgs))) {
continue;
}
prnum = ntohs(pGE->port);
@ -641,8 +643,8 @@ Master()
for (pRC = pRCList; (REMOTE *) 0 != pRC;
pRC = pRC->pRCnext) {
if (0 !=
strncmp(pcArgs, pRC->rserver.string,
strlen(pcArgs))) {
strncasecmp(pcArgs, pRC->rserver.string,
strlen(pcArgs))) {
continue;
}
ambiguous = BuildTmpString(pRC->rserver.string);

38
conserver/readcfg.c
View File

@ -1,5 +1,5 @@
/*
* $Id: readcfg.c,v 5.99 2003-03-09 15:20:15-08 bryan Exp $
* $Id: readcfg.c,v 5.104 2003-04-07 18:57:55-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -37,6 +37,7 @@
#include <sys/file.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
@ -55,6 +56,7 @@
#include <master.h>
#include <main.h>
GRPENT *pGroups = (GRPENT *) 0;
REMOTE *pRCList = (REMOTE *) 0; /* list of remote consoles we know about */
ACCESS *pACList = (ACCESS *) 0; /* `who do you love' (or trust) */
@ -455,12 +457,13 @@ ReadCfg(pcFile, fp, master)
* but by the end, if it has anything, it's all empty groups
* in the slave and a mix of real (new) and empty in the master.
*/
/* check for dups in the main area */
for (pGEtmp = pGroups; pGEtmp != (GRPENT *) 0;
pGEtmp = pGEtmp->pGEnext) {
for (pCEtmp = pGEtmp->pCElist; pCEtmp != (CONSENT *) 0;
pCEtmp = pCEtmp->pCEnext) {
if (pCEtmp->server.used &&
strcmp(acStart, pCEtmp->server.string) == 0) {
strcasecmp(acStart, pCEtmp->server.string) == 0) {
if (isMaster)
Error("%s(%d) duplicate console name `%s'", pcFile,
iLine, acStart);
@ -472,12 +475,13 @@ ReadCfg(pcFile, fp, master)
}
if (pCEtmp != (CONSENT *) 0)
continue;
/* check for dups in the staged area */
for (pGEtmp = pGEstage; pGEtmp != (GRPENT *) 0;
pGEtmp = pGEtmp->pGEnext) {
for (pCEtmp = pGEtmp->pCElist; pCEtmp != (CONSENT *) 0;
pCEtmp = pCEtmp->pCEnext) {
if (pCEtmp->server.used &&
strcmp(acStart, pCEtmp->server.string) == 0) {
strcasecmp(acStart, pCEtmp->server.string) == 0) {
if (isMaster)
Error("%s(%d) duplicate console name `%s'", pcFile,
iLine, acStart);
@ -522,6 +526,7 @@ ReadCfg(pcFile, fp, master)
* (contains an '@host' where host is not us)
* if so just add it to a linked list of remote hosts
* I'm sure most sites will never use this code (ksb)
* Today, I beg to differ ;-) (bryan)
*/
if ((char *)0 != (pcRem = strchr(pcLine, '@'))) {
struct hostent *hpMe;
@ -531,15 +536,15 @@ ReadCfg(pcFile, fp, master)
pcRem = PruneSpace(pcRem);
if ((struct hostent *)0 == (hpMe = gethostbyname(pcRem))) {
Error("ReadCfg(): gethostbyname(%s): %s", pcRem,
hstrerror(h_errno));
exit(EX_UNAVAILABLE);
Error("%s(%d): gethostbyname(%s): %s", pcFile, iLine,
pcRem, hstrerror(h_errno));
continue;
}
if (4 != hpMe->h_length || AF_INET != hpMe->h_addrtype) {
Error
("ReadCfg(): wrong address size (4 != %d) or address family (%d != %d)",
hpMe->h_length, AF_INET, hpMe->h_addrtype);
exit(EX_UNAVAILABLE);
continue;
}
if (0 !=
@ -581,7 +586,7 @@ ReadCfg(pcFile, fp, master)
pGEmatch->pCElist; pCEmatch != (CONSENT *) 0;
ppCE = &pCEmatch->pCEnext, pCEmatch =
pCEmatch->pCEnext) {
if (0 == strcmp(acStart, pCEmatch->server.string)) {
if (0 == strcasecmp(acStart, pCEmatch->server.string)) {
/* extract pCEmatch from the linked list */
*ppCE = pCEmatch->pCEnext;
pGEmatch->imembers--;
@ -687,13 +692,13 @@ ReadCfg(pcFile, fp, master)
if (bt > 9 || bt < 0) {
Error("%s(%d) bad break spec `%d'", pcFile, iLine, bt);
} else {
pCE->breakType = (short)bt;
pCE->breakType = bt;
Debug(1, "ReadCfg(): breakType set to %d", pCE->breakType);
}
}
pCE->ipid = pCE->fdtty = -1;
pCE->fup = pCE->autoReUp = 0;
pCE->fup = pCE->autoReUp = pCE->downHard = 0;
pCE->pCLon = pCE->pCLwr = (CONSCLIENT *) 0;
pCE->fdlog = (CONSFILE *) 0;
@ -895,7 +900,7 @@ ReadCfg(pcFile, fp, master)
if (pCE->isNetworkConsole) {
if (pCEmatch->networkConsoleHost.used &&
pCE->networkConsoleHost.used) {
if (strcmp
if (strcasecmp
(pCEmatch->networkConsoleHost.string,
pCE->networkConsoleHost.string) != 0) {
BuildString((char *)0,
@ -940,12 +945,13 @@ ReadCfg(pcFile, fp, master)
pCEmatch->mark = pCE->mark;
pCEmatch->nextMark = pCE->nextMark;
pCEmatch->breakType = pCE->breakType;
pCEmatch->downHard = pCE->downHard;
if (!closeMatch && !isMaster) {
/* fdtty/fup/fronly/acslave/ipid */
SendClientsMsg(pCEmatch,
"[-- Conserver reconfigured - console reset --]\r\n");
ConsDown(pCEmatch, &pGEtmp->rinit);
ConsDown(pCEmatch, &pGEtmp->rinit, 0);
}
/* nuke the temp data structure */
@ -1006,7 +1012,7 @@ ReadCfg(pcFile, fp, master)
}
if ((char *)0 == (pcNext = strchr(acStart, ':'))) {
Error("%s(%d) missing colon?", pcFile, iLine);
exit(EX_UNAVAILABLE);
continue;
}
do {
@ -1027,10 +1033,14 @@ ReadCfg(pcFile, fp, master)
cType = 't';
break;
default:
cType = ' ';
Error("%s(%d) unknown access key `%s'", pcFile, iLine,
acStart);
exit(EX_UNAVAILABLE);
break;
}
if (cType == ' ')
continue;
while ('\000' != *(pcMach = pcNext)) {
int j, isCIDR = 0;
while ('\000' != *pcNext &&

4
conserver/util.c
View File

@ -1,10 +1,11 @@
/*
* $Id: util.c,v 1.74 2003-03-09 15:20:05-08 bryan Exp $
* $Id: util.c,v 1.75 2003-04-06 05:29:35-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
#include <config.h>
#include <stdio.h>
@ -22,6 +23,7 @@
#include <openssl/ssl.h>
#endif
int fVerbose = 0;
int isMultiProc = 0;
char *progname = "conserver package";

4
conserver/version.h
View File

@ -1,5 +1,5 @@
/*
* $Id: version.h,v 1.41 2003-03-10 17:37:27-08 bryan Exp $
* $Id: version.h,v 1.42 2003-04-08 16:19:19-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -14,4 +14,4 @@
@(#) Copyright 2000 conserver.com.\n\
All rights reserved.\n"
#define THIS_VERSION "conserver.com version 7.2.6"
#define THIS_VERSION "conserver.com version 7.2.7"

31
console/console.c
View File

@ -1,5 +1,5 @@
/*
* $Id: console.c,v 5.115 2003-03-09 15:19:32-08 bryan Exp $
* $Id: console.c,v 5.117 2003-04-06 05:29:24-07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -40,16 +40,18 @@
#include <pwd.h>
#include <ctype.h>
#include <sys/stat.h>
#if HAVE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#endif
#include <compat.h>
#include <util.h>
#include <version.h>
#if HAVE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/opensslv.h>
#endif
int fReplay = 0, fRaw = 0, fVersion = 0, fStrip = 0;
#if HAVE_OPENSSL
@ -261,6 +263,9 @@ Version()
static STRING *acA1 = (STRING *) 0;
static STRING *acA2 = (STRING *) 0;
char *optionlist[] = {
#if HAVE_DMALLOC
"dmalloc",
#endif
#if USE_LIBWRAP
"libwrap",
#endif
@ -316,6 +321,22 @@ Version()
}
}
Msg("options: %s", acA1->string);
#if HAVE_DMALLOC
BuildString((char *)0, acA1);
BuildStringChar('0' + DMALLOC_VERSION_MAJOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + DMALLOC_VERSION_MINOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + DMALLOC_VERSION_PATCH, acA1);
if (DMALLOC_VERSION_BETA != 0) {
BuildString("-b", acA1);
BuildStringChar('0' + DMALLOC_VERSION_BETA, acA1);
}
Msg("dmalloc version: %s", acA1->string);
#endif
#if HAVE_OPENSSL
Msg("openssl version: %s", OPENSSL_VERSION_TEXT);
#endif
Msg("built with `%s'", CONFIGINVOCATION);
if (fVerbose)
printf(COPYRIGHT);

8
contrib/maketestcerts
View File

@ -3,10 +3,10 @@
#
# This is a "simple" script that I've used to create test certificates
# for conserver and it's OpenSSL bits. It's far from perfect...or useful
# outside of my own purposes. If this helps, cool. In the end I put
# the rootcert.pem file in my global certs directory, point the server to
# server.pem and point the client at client.pem. Ugly, yeah, but it's an
# ok test.
# outside of my own purposes. If this helps, cool. In the end I put the
# rootcert.pem file in my global certs directory (OPENSSL_ROOT/ssl/certs),
# point the server to server.pem and point the client at client.pem.
# Ugly, yeah, but it's an ok test.
#
[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -passin pass:pass -passout pass:pass

2
contrib/redhat-rpm/conserver.spec
View File

@ -4,7 +4,7 @@
#
%define pkg conserver
%define ver 7.2.6
%define ver 7.2.7
# define the name of the machine on which the main conserver
# daemon will be running if you don't want to use the default

2
contrib/solaris-package/pkginfo
View File

@ -1,7 +1,7 @@
PKG="conserver"
NAME="Console server and client"
CATEGORY="system"
VERSION="7.2.6"
VERSION="7.2.7"
DESC="Console server and client"
CLASSES=none
ARCH=sparc

88
test/dotest Executable file
View File

@ -0,0 +1,88 @@
#!/bin/sh
pid=0
testnum=0
exitval=0
cleanup()
{
[ -f test.out ] && rm test.out
[ -f c.cf ] && rm c.cf
[ $pid -eq 0 ] && return 0
kill $pid
for i in *.log; do rm $i; done
exit $exitval
}
dotest()
{
testnum=`expr $testnum + 1`
$ECHO "executing test #$testnum...$EE"
if [ "$2" ]; then
eval "$2" > test.out 2>&1
else
(echo "$1" && sleep 2) | \
../console/console -M 127.0.0.1 -p 7777 shell > test.out 2>&1
fi
if [ "$record" ]; then
echo "recorded"
mv test.out results/test$testnum
else
if [ -f results/test$testnum ]; then
if diff -i test.out results/test$testnum >test$testnum.diff 2>&1; then
echo "succeded"
rm test$testnum.diff
else
echo "failed (diffs in test$testnum.diff)"
exitval=1
fi
else
echo "unknown (not recorded)"
fi
rm test.out
fi
}
[ ! -f ../conserver/conserver -o ! -f ../console/console ] && \
echo 'binaries do not exist - did you run make yet?' && exit 1
trap cleanup 15
if [ "`echo -n`" = "-n" ]; then
ECHO="echo"
EE="\c"
else
ECHO="echo -n"
EE=""
fi
$ECHO "starting conserver...$EE"
cp test1.cf c.cf
../conserver/conserver -M 127.0.0.1 -p 7777 -v -C c.cf \
-P test.passwd -m 32 > conserver.log 2>&1 &
pid=$!
echo "pid $pid"
sleep 3
[ ! -d results ] && mkdir results
dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest 'c?c.'
dotest 'cl?c.'
dotest 'cdc.'
dotest 'coc.'
echo "moving in second config file"
cp test2.cf c.cf
kill -1 $pid
sleep 3
dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest 'c?c.'
dotest 'cl?c.'
dotest 'cdc.'
dotest 'coc.'
cleanup

2
test/results/test1 Normal file
View File

@ -0,0 +1,2 @@
shell up <none>
shell up <none>

4
test/results/test10 Normal file
View File

@ -0,0 +1,4 @@
console: shell is down
[Enter `^Ec?' for help]
[up -- attached]
[disconnect]

16
test/results/test11 Normal file
View File

@ -0,0 +1,16 @@
[Enter `^Ec?' for help]
[help]
. disconnect a attach read/write
b send broadcast message c toggle flow control
d down a console e change escape sequence
f force attach read/write g group info
i information dump L toggle logging on/off
l? break sequence list l0 send break per config file
l1-9 send specific break sequence o (re)open the tty and log file
p replay the last 60 lines r replay the last 20 lines
s spy read only u show host status
v show version info w who is on this console
x show console baud info z suspend the connection
<cr> ignore/abort command ? print this message
^R replay the last line \ooo send character by octal code
[disconnect]

8
test/results/test12 Normal file
View File

@ -0,0 +1,8 @@
[Enter `^Ec?' for help]
[halt list]
0 `\z'
1 `\z'
2 `\r~^b'
3 `#.reset -x\r'
4 `hiya there\r'
[disconnect]

3
test/results/test13 Normal file
View File

@ -0,0 +1,3 @@
[Enter `^Ec?' for help]
[line down]
[disconnect]

4
test/results/test14 Normal file
View File

@ -0,0 +1,4 @@
console: shell is down
[Enter `^Ec?' for help]
[up -- attached]
[disconnect]

16
test/results/test2 Normal file
View File

@ -0,0 +1,16 @@
[Enter `^Ec?' for help]
[help]
. disconnect a attach read/write
b send broadcast message c toggle flow control
d down a console e change escape sequence
f force attach read/write g group info
i information dump L toggle logging on/off
l? break sequence list l0 send break per config file
l1-9 send specific break sequence o (re)open the tty and log file
p replay the last 60 lines r replay the last 20 lines
s spy read only u show host status
v show version info w who is on this console
x show console baud info z suspend the connection
<cr> ignore/abort command ? print this message
^R replay the last line \ooo send character by octal code
[disconnect]

8
test/results/test3 Normal file
View File

@ -0,0 +1,8 @@
[Enter `^Ec?' for help]
[halt list]
0 `\z'
1 `\z'
2 `\r~^b'
3 `#.reset -x\r'
5 `\rtest\r'
[disconnect]

3
test/results/test4 Normal file
View File

@ -0,0 +1,3 @@
[Enter `^Ec?' for help]
[line down]
[disconnect]

4
test/results/test5 Normal file
View File

@ -0,0 +1,4 @@
console: shell is down
[Enter `^Ec?' for help]
[up -- attached]
[disconnect]

3
test/results/test6 Normal file
View File

@ -0,0 +1,3 @@
shellb up <none>
shella up <none>
shell up <none>

16
test/results/test7 Normal file
View File

@ -0,0 +1,16 @@
[Enter `^Ec?' for help]
[help]
. disconnect a attach read/write
b send broadcast message c toggle flow control
d down a console e change escape sequence
f force attach read/write g group info
i information dump L toggle logging on/off
l? break sequence list l0 send break per config file
l1-9 send specific break sequence o (re)open the tty and log file
p replay the last 60 lines r replay the last 20 lines
s spy read only u show host status
v show version info w who is on this console
x show console baud info z suspend the connection
<cr> ignore/abort command ? print this message
^R replay the last line \ooo send character by octal code
[disconnect]

8
test/results/test8 Normal file
View File

@ -0,0 +1,8 @@
[Enter `^Ec?' for help]
[halt list]
0 `\z'
1 `\z'
2 `\r~^b'
3 `#.reset -x\r'
4 `hiya there\r'
[disconnect]

3
test/results/test9 Normal file
View File

@ -0,0 +1,3 @@
[Enter `^Ec?' for help]
[line down]
[disconnect]

7
test/test.cf Normal file
View File

@ -0,0 +1,7 @@
# test conserver config file
LOGDIR=.
BREAK5=\rtest\r
shell:|:9600p:&.log:5
shell2:|::shell2.log:2
%%
trusted: 127.0.0.1

0
test/test.passwd Normal file
View File

7
test/test1.cf Normal file
View File

@ -0,0 +1,7 @@
# test conserver config file
LOGDIR=.
BREAK5=\rtest\r
shell:|:9600p:&.log:5
shell2:|::shell2.log:2
%%
trusted: 127.0.0.1

8
test/test2.cf Normal file
View File

@ -0,0 +1,8 @@
# test conserver config file
LOGDIR=.
BREAK4=hiya there\r
shell:|:9600p:&.log:5
shella:|::&.log:5
shellb:|::&.log:
%%
trusted: 127.0.0.1