2025-04-23 18:13:36 +00:00
95 changed files with 19707 additions and 19056 deletions
--- a/.cirrus.yml
+++ b/.cirrus.yml
@ -1,48 +0,0 @@
 env:
  CIRRUS_CLONE_DEPTH: 1
 freebsd_13_task:
  freebsd_instance:
    image_family: freebsd-13-3
  install_script:
    - pkg install -y autoconf automake
    - ./package/setup-configure
  basic_script: &basic
    - "[ -f Makefile ] && make distclean"
    - ./configure || { cat config.log; exit 1; }
    - make
    - make test
  uds_script: &uds
    - "[ -f Makefile ] && make distclean"
    - ./configure --with-trust-uds-cred --with-uds || { cat config.log; exit 1; }
    - make
    - make test
  pam_ssl_script: &pamssl
    - "[ -f Makefile ] && make distclean"
    - ./configure --with-pam --with-openssl || { cat config.log; exit 1; }
    - make
    - make test
  gssapi_script: &gssapi
    - "[ -f Makefile ] && make distclean"
    - ./configure --with-gssapi || { cat config.log; exit 1; }
    - make
    - make test
 linux_gcc_task:
  container:
    image: gcc:latest
  install_script:
    - ./package/setup-configure
  basic_script: *basic
  uds_script: *uds
  pam_ssl_script: *pamssl
 #macos_task:
 #  osx_instance:
 #    image: mojave-xcode-10.1
 #  install_script:
 #    - brew install autoconf automake
 #    - ./package/setup-configure
 #  basic_script: *basic
 #  uds_script: *uds
 #  pam_ssl_script: *pamssl
--- a/.gitignore
+++ b/.gitignore
@ -1 +0,0 @@
 *.[ch]~
--- a/376
+++ b/376
@ -1,378 +1,6 @@
 				CHANGES
 				=======
 version 8.2.7 (July 7, 2022):
        - configure.ac: autoconf-2.70 fix (Lars Wendler <polynomial-c@gentoo.org>)
        - Add high baud rates (Peter Chubb <Peter.Chubb@data61.csiro.au>)
        - Make compile --with-ipv6 & setproctitle (Bjoern A. Zeeb <patch@zabbadoz.net>)
        - conserver.cf: devicesubst add 'b' for baud rate (Bjoern A. Zeeb <patch@zabbadoz.net>)
        - Reflect that baud values have increased to 7 digits (Bjoern A. Zeeb <patch@zabbadoz.net>)
        - cirrus-ci: move to freebsd-13-0 (Bryan Stansell <bryan@stansell.org>)
        - configure.ac: support libgssapi_krb5 (Jiri Kastner <cz172638@gmail.com>)
 version 8.2.6 (October 19, 2020):
        - try and address license concerns with LICENSE.md
        - replace usleep with nanosleep (Rosen Penev <rosenp@gmail.com>)
        - console: Add 'k' option to exit on console-down (Mylène Josserand <mylene.josserand@collabora.com>)
        - Fix #48 - apply ipv4 CIDR access list when compiled with ipv6 support 
 version 8.2.5 (May 1, 2020):
        - support SO_PEERCRED as well as ucred (Stuart Henderson <stu@spacehopper.org>)
        - fix TLS with LibreSSL, it doesn't have :@SECLEVEL=0 (Stuart Henderson <stu@spacehopper.org>)
        - Handle INGSSACCEPT case when processing GSSAPI (Ryan Steinmetz <zi@FreeBSD.org>)
        - Store status_minor when calling gss_release_buffer() (Ryan Steinmetz <zi@FreeBSD.org>)
        - Add conditional for FreeBSD to use the correct structure element for address (Ryan Steinmetz <zi@FreeBSD.org>)
        - Fix #35 - check for sed inplace style
        - fix host consoles in combination --with-ipv6 (Tobias Waldekranz <tobias@waldekranz.com>)
        - Fix #38 - task execution error message
        - Prevent GetMaxFiles() debug output from going to forked processes
 version 8.2.4 (March 26, 2019):
        - Correct man page typo (Ed Maste <emaste@freebsd.org>)
        - Remove autotools generated files from repo and create with release
        - Better integration of Cirrus CI - FreeBSD, Linux, and MacOS
        - Moving README to markdown
        - Fix #12 - Remote infomation flags (i.e. "-x") cannot be filtered by console
        - Fix #8 - defaultaccess appears broken
        - Rename configure.in and use autoreconf
        - Better use of version.h and letting configure build things with versions
 version 8.2.3 (March 17, 2019):
        - Correct 'impi' typo (Ed Maste <emaste@freebsd.org>)
        - Correct argument type passed to time() (Ed Maste <emaste@freebsd.org>)
        - Fix compilation without deprecated OpenSSL APIs (Rosen Penev <rosenp@gmail.com>)
        - Fix compilation without deprecated OpenSSL 1.1 APIs (Rosen Penev <rosenp@gmail.com>)
        - Fix #6 - clang "-Wstring-plus-int" warning (Bryan Stansell <bryan@conserver.com>)
        - configure.in: Add test for closefrom (Ed Maste <emaste@freebsd.org>)
        - regenerate autoconf files (Ed Maste <emaste@freebsd.org>)
        - Use closefrom if available (Ed Maste <emaste@freebsd.org>)
        - Correct typo (Ed Maste <emaste@freebsd.org>)
        - Add Cirrus-CI FreeBSD CI build config (Ed Maste <emaste@freebsd.org>)
        - off by one found by Ed Maste (Bryan Stansell <bryan@conserver.com>)
 version 8.2.2 (May 28, 2018):
        - fixes for OpenSSL 1.1+ - patch by Eneas U de Queiroz
          <cote2004-github@yahoo.com>
        - adjustments to documentation after move to github
        - removal of old RCS/CVS tags since we have git
 version 8.2.1 (Jun 2, 2015):
        - added TCP keepalives between client and server - TCP-based consoles
          already had the code - this was mostly an oversight
        - patch for SEGV and task execution - patch by Artem Savkov
          <asavkov@redhat.com>
        - expanded break sequences from [1-9] to [1-9a-z] - based on patch by
          Artem Savkov <asavkov@redhat.com>
 version 8.2.0 (Apr 20, 2014):
        - added --with-trust-uds-cred which uses getsockopt() to fetch and
          trust the client uid, bypassing password lookups - patch by Anton
          Lundin <glance@acc.umu.se>
        - missing closedir() causing memory leak - patch by Anton Lundin
          <glance@acc.umu.se>
        - sending a break signal over IPMI was broken - based on patch by
          Alexander Y.  Fomichev <git.user@gmail.com>
        - IPv6 support (marked as experimental at this point because it's
          untested (except by the author), there's a lack of documentation, and
          I'm hoping for non-getifaddrs() system support) - patch by Milos
          Vyletel <milos.vyletel@gmail.com>
        - no more K&R compiler support
 version 8.1.20 (Apr 4, 2014):
        - IPMI serial over LAN support via FreeIPMI - based on patch by Anton
          D. Kachalov <mouse@yandex-team.ru>
        - minor cleanup of code, removal of gcc warnings and such that should
          have no fuctional change
 version 8.1.19 (Sep 26, 2013):
        - prevent select/read loop when EOF on non-pty input (console) -
          reported by Chris Marget <chris@marget.com>
        - "!" syntax prefixing use of group names not honored - reported by
          Zonker <consoleteam@gmail.com>
        - fixed memory leak using timestamps - patch by Karvendhan M.
          <Karvendhan.M@netapp.com>
        - deprecated --with-cycladests (noop now) - cross-compilation should
          work without it as autologin now expects setpgrp() to take two
          arugments instead of testing for it
        - no automatic checks for an empty password when using PAM
          authentication - based on discussion with Ryan Kirkpatrick
          <linux@rkirkpat.net>
        - added 'sslcacertificatefile' and 'sslcacertificatepath' client
          configuration options - based on patch by Aki Tuomi <cmouse@cmouse.fi>
        - added 'sslcacertificatefile' and 'sslreqclientcert' server
          configuration options
        - added --with-req-server-cert to force clients to require a certificate
          from the server when using SSL - based on emails with Thor Simon
          <tls@coyotepoint.com>
        - added server-side tasks (see conserver.cf man page) that are invoked
          by the client (useful for things like IPMI-based power control of
          servers, invoking resets of terminal server ports, or anything else
          that requires scripting) - ideas from patch by Anton Lundin
          <glance@acc.umu.se> and discussion on mailing list (2011)
        - added 'confirm' option to break sequences
        - added 'breaklist' option to limit exposure of break sequences to
          consoles
        - sending of break signals is now announced to all attached clients
 version 8.1.18 (Nov 11, 2010):
        - install man pages read-only and improved the contributed redhat init
          script - patches by Eric Biederman <ebiederm@aristanetworks.com>
        - spec file improvements in contrib/redhat-rpm - patch by Jodok Ole
          Muellers <jodok.muellers@aschendorff.de>
        - GSS-API patch for client code - patch by Andras Horvath
          <Andras.Horvath@cern.ch> 
 version 8.1.17 (Sep 29, 2009):
        - fix for interface detection when HAVE_SA_LEN is defined - first
          detected on NetBSD 5.0 and patched by Chris Ross
          <cross+conserver@distal.com>
        - first person to connect to a console wanting read/write now gets it
          once the active user drops read/write - suggested by Thomas Gardner
          <tmg@pobox.com>
        - fix typo when setting nonblocking socket for client connections,
          fixing stall issues - patch by Eric Biederman
          <ebiederm@aristanetworks.com>   
        - GSS-API patch (--with-gssapi) to help with Kerberos tokens - patch by
          Nate Straz <nstraz@redhat.com>
        - authenticate username without @REALM when using GSS-API
          (--with-striprealm) - based on patch by Andras Horvath
          <Andras.Horvath@cern.ch>
        - various contrib/redhat-rpm fixes - patch by Fabien Wernli
          <wernli@in2p3.fr>
        - fix handling of read(stdin) returning -1 in console client - patch by
          Ed Swierk <eswierk@arastra.com>
 version 8.1.16 (Apr 10, 2007):
        - added 'replstring' substitution option - inspired by
          conversation with Owen DeLong <owen@c2company.com>
        - added '^Ecn' option for writing a note to the logfile - patch
          by Bryan Schmersal <bschmer@yahoo.com>
        - fixed leaking file descriptors when 'host' and 'uds' consoles
          fail to connect - based on patch by Michael Heironimus
          <michael_heironimus@archwayconcepts.com>
 version 8.1.15 (Dec 31, 2006):
        - protection again telnet option negotation loops - patch by
          Robby Griffin <rmg@yakshavers.com>
        - console now prints the attach/detach sequences when suspended
        - added --with-cycladests configure option to allow
          cross-compiling on a cyclades ts - patch by Matt Johnson
          <mwj@doc.ic.ac.uk>
        - added master conserver host to 'console -x' output for
          'device' consoles - patch by Matt Johnson <mwj@doc.ic.ac.uk>
        - fixed parsing error when dealing with encapsulated
          client/server options
 version 8.1.14 (Apr 9, 2006):
        - fixed rpm conserver.spec file - based on patch by Martin Evans
          <m.d.t.evans@qmul.ac.uk>
        - added 'uds' console type for unix domain socket connections -
          based on patch by DJ Gregor <dj@gregor.com>
        - probing of interfaces under cygwin (and possibly others?) now
          skips unconfigured interfaces (even if flagged as up!) -
          reported by Chris Riddoch <chrisr@digeo.com>
        - added the '!login' console option to prevent clients from
          connecting to a console - suggested by Greg Tillman
          <gregtillman@comcast.net>
        - added a 'noop' console type for consoles you'd like to name,
          but have no connection to - suggested by Greg Tillman
          <gregtillman@comcast.net>
        - deprecated escape commands removed from the code
        - added '^EcP' and '^EcR' sequences to set the playback and
          replay line lengths
        - new console config options 'playback' and 'replay' to let the
          client set prefered output lengths (with a special feature for
          a size of zero)
        - prefer strlcpy() over strcpy() - based on patch by Peter
          Valchev <pvalchev@openbsd.org>
        - fixed bug where '^Eco' by user on an 'exec' console with an
          'initcmd' causes input by user to be ignored (could be other
          console types as well) - reported by Mark Wedel
          <Mark.Wedel@sun.com>
        - made POSIX termios code in autologin a requirement (since
          conserver requires it) and cleaned up a few other issues -
          based on reports by Arthur Clune <ajc22@york.ac.uk>
 version 8.1.13 (Jan 15, 2006):
        - use SIOCGIFNUM for interface count (if available) and catch
          EINVAL on Solaris - patch by Peter Jeremy
          <peter.jeremy@alcatel.com.au>
        - console output now resets idle timer - suggested by Peter
          Saunders <pajs@fodder.org.uk>
        - bug fix for conserver process running out of control and using
          up cpu - debugged with Alexandra N. Kossovsky
          <Alexandra.Kossovsky@oktetlabs.ru>
 version 8.1.12 (Sep 5, 2005):
        - printf() fix for autologin - patch by Menno Duursma
          <druiloor@zonnet.nl>
        - newly spawned (from SIGHUP) processes didn't properly close
          primary socket
        - SSL certificates now work again (anonymous ciphers are not
          allowed if a certificate is used)
        - client options -x, -u, -w, and -i can now take a console name
          to restrict output - suggested by Evan McClure
          <emcclure@internap.com>
        - convert program now installed in $libdir/conserver - patch by
          Petter Reinholdtsen <pere@hungry.com>
        - we now ignore SIGXFSZ, if it exists
        - added 'limited' access option to remove certain functionality
          from users - suggested by Sven Michels <sven@darkman.de>
        - added client option -z/-Z for sending commands to servers
          (reload, quit, etc) - based on suggestion by Joshua Pincus
          <Joshua.Pincus@Sun.COM>
        - added 'execrunas' and 'initrunas' console options to allow
          'exec' and 'initcmd' execution as another user and/or group -
          based on patch by Gary Mills <mills@cc.umanitoba.ca>
        - the east coast mirror had to shut down (for now, at least)
        - crash from bad pointer manipulation during log replay - reported by
          Ryan Kirkpatrick <linux@rkirkpat.net>
 version 8.1.11 (Nov 9, 2004):
        - fixed array bounds and stack tromping - reported by Emmett
          Hogan <hogan@bigcityit.com>
        - most recent client to ask for read-write now gets it (used to
          be first client to connect)
        - client read-write mode now separate from console up/down state
        - 'make autologin.install' now compiles autologin - reported by
          Graham Merrill <teddgram@sbcglobal.net>
        - new 'autocomplete' option for controlling shortest-prefix
          console name matching (which has always been on)
        - client now blocks on ^Eco, waiting for status of connection
        - added 'a' and 'A' for upper and lowercase alphanumeric
          (0-9a-z) conversions to the *subst config items - based on
          patch by Jonathan Chen <jon+conserver@spock.org>
 version 8.1.10 (Sep 21, 2004):
        - fix "forwarding level too deep" issue with '^Ec;' - reported
          by Han Pilmeyer <han.pilmeyer@hp.com>
 version 8.1.9 (Jul 14, 2004):
        - fixed bug processing access lists when duplicates exist in the
          list - reported by Phil Dibowitz <phil@usc.edu>
        - fixed bug where 'idletimeout' was not recognized in default
          blocks - reported by John Cagle <jcagle@gmail.com>
        - added an 'autocomplete' config option to set the console name
          autocompletion behavior - suggested by John Stoffel
          <stoffel@lucent.com>
 version 8.1.8 (Jun 9, 2004):
        - added 'initspinmax' and 'initspintimer' console options to
          help calm console initialization "spinning"
        - fixed setsockopt() error on 64bit solaris - reported by Trond
          Hagen <trond@basefarm.no>
 version 8.1.7 (May 28, 2004):
        - cleaned up the manpages a bit to make things clearer and more
          standard - reported by Dave Stuit <djs@tellme.com>
        - added an east coast mirror!  http://conserver.syr.edu/ -
          thanks to Christopher T. Beers <ctbeers@syr.edu>
        - primary group of users not included in '@group' syntax -
          reported by Phil Dibowitz <phil@usc.edu>
        - changed '@group' behavior such that groups are checked when
          needed, instead of cached at startup, which is more logical
        - missing variables when building convert with tcp_wrappers -
          reported by Nikolaos Papavassiliou
          <Nikolaos.Papavassiliou@reuters.com>
        - added --with-rpath option - suggested by Phil Dibowitz
          <phil@usc.edu>
 version 8.1.6 (May 25, 2004):
        - added ability to configure client via system-wide console.cf
          file and per-user .consolerc - suggested (independently) by
          Erik Sjolund <erik.sjolund@sbc.su.se> and Trevor Fiatal
          <trevor@fiatal.net>
        - fixed bug where break strings were not properly sent -
          reported by Tim Small <tim@buttersideup.com>
        - fixed bug in config file 'protocol' value handling - reported
          by Kees Cook <kees@osdl.org>
        - conserver no longer uses the local domain name in the default
          access list (the default list is only created if no access
          list is specified in the configuration file) - inspired by
          William P LePera <lepera@us.ibm.com>
        - added a 'terminal' console configuration block for printing
          strings when attaching and detaching from consoles - suggested
          by Richard Threadgill <richardt@tellme.com>
 version 8.1.5 (May 7, 2004):
        - changed remaining O_NDELAY flags to O_NONBLOCK
        - added PROTOCOLS file to describe the client/server protocol
        - added '#include' capability to conserver.cf file
        - added '@group' syntax to conserver.cf file to support use of
          system groups
        - added -U client option to allow client to ask for encryption
          but fall back to non-encrypted connections otherwise -
          suggested by Mike Hendon <mike.hendon@uk.nomura.com>
        - fixed bug where socket not properly deleted on exit - reported
          by William P LePera <lepera@us.ibm.com>
        - added 'initdelay' option for throttling startup of consoles -
          suggested by Jay McCanta <mccantaj@amgen.com>
 version 8.1.4 (Apr 13, 2004):
        - fixed macro use in manpages to hopefully be more compatible
        - removed extra newline of --MARK-- range output
        - fixed bug where server -b option wasn't working - reported by
          Nathan R. Hruby <nhruby@uga.edu>
        - fixed client segfault when using -R, -t, -d, and -b options
        - added a --with-uds configure option to have all client/server
          communication happen via unix domain sockets - suggested by
          William P LePera <lepera@us.ibm.com>
 version 8.1.3 (Mar 22, 2004):
        - fixed small memory and file descriptor leak in client when
          using '^Ec;'
        - '^Ec;' now only disconnects from the previous console only
          after a successfully move to a new console, allowing you to
          abort the move - suggested by Christopher T. Beers
          <ctbeers@syr.edu>
 version 8.1.2 (Mar 11, 2004):
        - better handling of client command (^Ec|) when user is bumped,
          conserver is reconfigured, etc
        - added 'initsubst' option for 'initcmd' substitutions like
          'devicesubst' and 'execsubst' - based on patch by Bill
          Sommerfeld <sommerfeld@east.sun.com>
        - modified and added to *subst (initsubst, etc) syntax to allow
          for flexibility and future enhancement
        - changed 'port' and 'portinc' minimums from 1 to 0 - it allows
          more flexibility and helps with 0-based counting
        - removed unportable sys/cdefs.h from contrib/chat/chat.c -
          patch by Bill Sommerfeld <sommerfeld@east.sun.com>
        - added --with-extmsgs configure switch to enable entertaining
          messages
        - marked various undocumented client commands as deprecated so
          that they can be removed in a future version
        - added ability to "move" to a new console via '^Ec;' -
          suggested by Christopher T. Beers <ctbeers@syr.edu>
        - added a dump of console information when -S is used twice -
          suggested by Todd Stansell <todd@stansell.org>
 version 8.1.1 (Feb 10, 2004):
        - fixed mistake in Makefiles where rpmbuild fails - reported by
          Martin Evans <m.d.t.evans@qmul.ac.uk>
        - fixed a couple typos - reported by Matt Selsky
          <selsky@columbia.edu>
 version 8.1.0 (Jan 18, 2004):
        - fixes for HP-UX compilation - patch by Petter Reinholdtsen
          <pere@hungry.com>
        - fixes for compilation under various operating systems -
          patch by Albert Chin <conserver-users@mlists.thewrittenword.com>
        - added a 'protocol' option for either 'telnet' or 'raw' socket
          communication - also reflected in -i output
        - changed the client/server protocol to use 0xff as a command
          character for sending control commands - similiar to the
          telnet protocol - improves the ^Ec| interaction
        - client -E option now disables ssl encryption attempts, useful
          for broken SSL environents - suggested by Graydon Dodson
          <grdodson@lexmark.com>
        - bad error message connecting non-ssl client with ssl-required
          server - reported by Graydon Dodson <grdodson@lexmark.com>
        - added note about pam configuration to conserver.passwd.man -
          suggested by Erik Sjolund <erik.sjolund@sbc.su.se>
        - improved telnet protocol option handling such that connections
          to standard telnet ports should work properly
 version 8.0.9 (Dec 10, 2003):
 	- fixed major bug in connect() handling which causes most
 	  socket-based consoles to timeout after 10 seconds - reported
@ -1013,3 +641,7 @@ version 6.05:
 before version 6.05:
 	- Many, many variations.  Nothing was tracked well.  Bug fixes
 	  and enhancements of various types were applied.
 #
 #  $Id: CHANGES,v 1.141 2003/12/10 18:33:40 bryan Exp $
 #
--- a/4
+++ b/4
@ -184,3 +184,7 @@ directed to faq@conserver.com.  The FAQ answers the following questions:
    - Have you tried a search on the conserver site (it searches
      mailing list traffic as well) to see if someone else has gone
      through the same problem?
 #
 #  $Id: FAQ,v 1.9 2003/08/23 19:27:10 bryan Exp $
 #
--- a/70
+++ b/70
@ -10,25 +10,6 @@ Upgrading?
    new features added to the client if you're considering *not*
    upgrading.
    Version 8.1.3
 	- The '^Ec;' sequence won't work correctly with 8.1.2 (where it
 	  was introduced).
    Version 8.1.2
 	- The 'devicesubst' and 'execsubst' formats have changed from
 	  8.1.1.  It's fairly simple to update your config file to the
 	  new format...just check the conserver.cf manpage.  Sorry for
 	  having to change things, but it's for a good reason (I should
 	  have though ahead when designing the original format).
    Version 8.1.0
 	- The client/server protocol has changed to better protect 8-bit
 	  data and to allow programs invoked with '^Ec|' not have to
 	  worry about accidentally sending the escape sequence to the
 	  server.  Though it will look like things are mostly
 	  backward-compatible, don't count on it and just upgrade.
    Version 8.0.2
 	- I've added a '^Ec;' sequence to allow the client to signal the
@ -156,9 +137,8 @@ Detailed Instructions
        --with-port=PORT        Specify port number [conserver]
        --with-base=PORT        Base port for secondary channel [0]
        --with-master=MASTER    Specify master server hostname [console]
-        --with-ccffile=CFFILE   Specify client config filename
+        --with-cffile=CFFILE    Specify config filename
-                                [SYSCONFDIR/console.cf]
+                                [SYSCONFDIR/conserver.cf]
        --with-cffile=CFFILE    Specify config filename [SYSCONFDIR/conserver.cf]
        --with-pwdfile=PWDFILE  Specify password filename
                                [SYSCONFDIR/conserver.passwd]
        --with-logfile=LOGFILE  Specify log filename [/var/log/conserver]
@ -166,23 +146,10 @@ Detailed Instructions
        --with-maxmemb=MAXMEMB  Specify maximum consoles per process [16]
        --with-timeout=TIMEOUT  Specify connect() timeout in seconds [10]
        --with-trustrevdns      Trust reverse DNS information
        --with-extmsgs          Produce extended messages
        --with-rpath            Use -R as well as -L for libraries
        --with-cycladests       (deprecated - noop) Build for a Cyclades TS
        --with-uds[=DIR]        Use Unix domain sockets for client/server
                                communication [/tmp/conserver]
        --with-trust-uds-cred   Trust UDS credentials obtained via socket
        --with-libwrap[=PATH]   Compile in libwrap (tcp_wrappers) support
        --with-openssl[=PATH]   Compile in OpenSSL support
        --with-req-server-cert  Require server SSL certificate by client
        --with-gssapi[=PATH]    Compile in GSS-API support
        --with-striprealm       retry username without @REALM with gss-api
                                authentication
        --with-freeipmi[=PATH]  Compile in FreeIPMI support
        --with-dmalloc[=PATH]   Compile in dmalloc support
        --with-pam              Enable PAM support
        --with-ipv6             (experimental) Use IPv6 for client/server
                                communication
      Not surprisingly, some match the old conserver/cons.h items...here
      they are for reference:
@ -196,11 +163,10 @@ Detailed Instructions
      A couple of notes.  First, --with-libwrap will add tcp_wrappers
      lookups to all socket connections in the server.  --with-openssl
      will add encryption between the client and server when you connect
-      to a console.  --with-uds will cause the client and server to use
+      to a console.  things such as 'console -q', 'console -w', etc. are
-      unix domain sockets for their communication, eliminating the
+      still unencrypted, as well as connections from conserver to any
-      tcp communication they normally do (which means --with-master and
+      terminal servers.  --with-dmalloc should only be used to do memory
-      --with-port are not used).  --with-dmalloc should only be used to
+      allocation debugging and not used in production.
      do memory allocation debugging and not used in production.
    - Run './configure'.  This will detect system specific
      information.  The --prefix option will redirect where things are
@ -239,10 +205,10 @@ Detailed Instructions
        step.
      + Next, make sure conserver runs during boot.  The init script we
-	use under Solaris is installed in
+        use under Solaris is installed in <PREFIX>/etc/conserver.rc.
-	<DATADIR>/examples/conserver/conserver.rc.  Use that or some
+        Use that or some form of it for your own /etc/init.d script or
-	form of it for your own /etc/init.d script or an entry in
+        an entry in startup files (/etc/rc, /etc/rc.local, or
-	startup files (/etc/rc, /etc/rc.local, or whatever).
+        whatever).
      + Now for the fun stuff.  You need to create a conserver.cf and
        conserver.passwd file.  Those are defined with the
@ -256,6 +222,17 @@ Detailed Instructions
 Other Information And Gotchas
    - Debian Linux Distribution
        The Debian folks have conserver distributed with the package
        names of conserver-client and conserver-server.  They are in
        the distribution "sid" and the "non-free" part (because the
        Ohio State license doesn't explicitly allow for modification to
        the code, even though it's totally implied and the intention of
        the author - I've even got proof in email!  Oh well, can't
        blame the Debian folks for being cautious - they've been burned
        before, apparently).
    - Potential GCC bug
        Adam Morris <AMorris@providence.org> reported a problem with
@ -275,3 +252,8 @@ Other Information And Gotchas
        connecting to servers, you might be tickling this bug and you
        can upgrade the compiler, turn off the optimization, or apply
        this code change.
 #
 #  $Id: INSTALL,v 1.34 2003/10/03 17:52:31 bryan Exp $
 #
--- a/126
+++ b/126
@ -1,29 +1,115 @@
-BSD 3-Clause License
+Since this piece of software has had many contiributors, there is a
 "chain" of licensing information embedded in the files.  I've copied
 what I could find here so that it's easy to reference.  The entire
 bundle of software is guided by these licensing statements.
 ----------------------------------------------------------------------------
 Copyright (c) 2000, conserver.com
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
+modification, are permitted provided that the following conditions are
 met:
-* Redistributions of source code must retain the above copyright notice, this
+  - Redistributions of source code must retain the above copyright notice,
-  list of conditions and the following disclaimer.
+    this list of conditions and the following disclaimer.
-* Redistributions in binary form must reproduce the above copyright notice,
+  - Redistributions in binary form must reproduce the above copyright
-  this list of conditions and the following disclaimer in the documentation
+    notice, this list of conditions and the following disclaimer in the
-  and/or other materials provided with the distribution.
+    documentation and/or other materials provided with the
    distribution.
-* Neither the name of the copyright holder nor the names of its
+  - Neither the name of conserver.com nor the names of its contributors
-  contributors may be used to endorse or promote products derived from
+    may be used to endorse or promote products derived from this
-  this software without specific prior written permission.
+    software without specific prior written permission.
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ----------------------------------------------------------------------------
 Copyright (c) 1998, GNAC, Inc.
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
  - Redistributions of source code must retain the above copyright notice,
    this list of conditions and the following disclaimer.
  - Redistributions in binary form must reproduce the above copyright
    notice, this list of conditions and the following disclaimer in the
    documentation and/or other materials provided with the
    distribution.
  - Neither the name of GNAC, Inc. nor the names of its contributors
    may be used to endorse or promote products derived from this
    software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
 PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ----------------------------------------------------------------------------
 Copyright 1992 Purdue Research Foundation, West Lafayette, Indiana
 47907.  All rights reserved.
 This software is not subject to any license of the American Telephone
 and Telegraph Company or the Regents of the University of California.
 Permission is granted to anyone to use this software for any purpose on
 any computer system, and to alter it and redistribute it freely, subject
 to the following restrictions:
 1. Neither the authors nor Purdue University are responsible for any
   consequences of the use of this software.
 2. The origin of this software must not be misrepresented, either by
   explicit claim or by omission.  Credit to the authors and Purdue
   University must appear in documentation and sources.
 3. Altered versions must be plainly marked as such, and must not be
   misrepresented as being the original software.
 4. This notice may not be removed or altered.
 ----------------------------------------------------------------------------
 Copyright (c) 1990 The Ohio State University.
 All rights reserved.
 Redistribution and use in source and binary forms are permitted
 provided that: (1) source distributions retain this entire copyright
 notice and comment, and (2) distributions including binaries display
 the following acknowledgement:  ``This product includes software
 developed by The Ohio State University and its contributors''
 in the documentation or other materials provided with the distribution
 and in all advertising materials mentioning features or use of this
 software. Neither the name of the University nor the names of its
 contributors may be used to endorse or promote products derived
 from this software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
 IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 ----------------------------------------------------------------------------
--- a/115
+++ b/115
@ -1,115 +0,0 @@
 Since this piece of software has had many contiributors, there is a
 "chain" of licensing information embedded in the files.  I've copied
 what I could find here so that it's easy to reference.  The entire
 bundle of software is guided by these licensing statements.
 ----------------------------------------------------------------------------
 Copyright (c) 2000, conserver.com
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
  - Redistributions of source code must retain the above copyright notice,
    this list of conditions and the following disclaimer.
  - Redistributions in binary form must reproduce the above copyright
    notice, this list of conditions and the following disclaimer in the
    documentation and/or other materials provided with the
    distribution.
  - Neither the name of conserver.com nor the names of its contributors
    may be used to endorse or promote products derived from this
    software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
 PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ----------------------------------------------------------------------------
 Copyright (c) 1998, GNAC, Inc.
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
  - Redistributions of source code must retain the above copyright notice,
    this list of conditions and the following disclaimer.
  - Redistributions in binary form must reproduce the above copyright
    notice, this list of conditions and the following disclaimer in the
    documentation and/or other materials provided with the
    distribution.
  - Neither the name of GNAC, Inc. nor the names of its contributors
    may be used to endorse or promote products derived from this
    software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
 PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ----------------------------------------------------------------------------
 Copyright 1992 Purdue Research Foundation, West Lafayette, Indiana
 47907.  All rights reserved.
 This software is not subject to any license of the American Telephone
 and Telegraph Company or the Regents of the University of California.
 Permission is granted to anyone to use this software for any purpose on
 any computer system, and to alter it and redistribute it freely, subject
 to the following restrictions:
 1. Neither the authors nor Purdue University are responsible for any
   consequences of the use of this software.
 2. The origin of this software must not be misrepresented, either by
   explicit claim or by omission.  Credit to the authors and Purdue
   University must appear in documentation and sources.
 3. Altered versions must be plainly marked as such, and must not be
   misrepresented as being the original software.
 4. This notice may not be removed or altered.
 ----------------------------------------------------------------------------
 Copyright (c) 1990 The Ohio State University.
 All rights reserved.
 Redistribution and use in source and binary forms are permitted
 provided that: (1) source distributions retain this entire copyright
 notice and comment, and (2) distributions including binaries display
 the following acknowledgement:  ``This product includes software
 developed by The Ohio State University and its contributors''
 in the documentation or other materials provided with the distribution
 and in all advertising materials mentioning features or use of this
 software. Neither the name of the University nor the names of its
 contributors may be used to endorse or promote products derived
 from this software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
 IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
 ----------------------------------------------------------------------------
--- a/LICENSES.md
+++ b/LICENSES.md
@ -1,104 +0,0 @@
 License Clarification
 =====================
 The licenses attached to this software ([LICENSES](LICENSES)) are supposed
 to paint a simple concept: that this software was built for the open source
 community and they result in a license compatible with [LICENSE](LICENSE).
 Unfortunately, the real world steps in and troubles can arise.  This note
 has been moved over from the [INSTALL](INSTALL) file:
    The Debian folks have conserver distributed with the package
    names of conserver-client and conserver-server.  They are in
    the distribution "sid" and the "non-free" part (because the
    Ohio State license doesn't explicitly allow for modification to
    the code, even though it's totally implied and the intention of
    the author - I've even got proof in email!  Oh well, can't
    blame the Debian folks for being cautious - they've been burned
    before, apparently).
 Here's a copy of the message I exchanged with Thomas A. Fine (original
 author at OSU) in 2001 that is referenced above:
    Date: Wed, 27 Jun 2001 19:47:18 -0400 (EDT)
    To: bryan@conserver.com
    From: "Thomas A. Fine" <fine@head-cfa.harvard.edu>
    Subject: Re: A conserver license question...
    > Hi Tom,
    > 
    > I had a little "problem" crop up that I was hoping you could help me
    > with.  A guy out in net-land is trying to put a debian package together
    > of the code I've been releasing (based on your original work) and they
    > don't like part of the Ohio State license.  I've attached the message
    > below.
    > 
    > I'm not sure what can be done.  One thought was a message from you that
    > I could put with the code stating that modifications are ok would
    > work.  Or maybe just modifying the original license statement.  Heck, I
    > don't even know if either are 100% legal.  Maybe I need to talk to
    > someone at Ohio State.
    > 
    > Well, if you have any ideas or suggestions, please let me know.  Don't
    > know if I ever got a chance to thank you for the great stuff you
    > started!  Thank you!  ;-)
    Well, if I knew then what I know now, I would have copyrighted it
    under my own name, and not under OSU, and then I could change it.
    Since I don't work there anymore, strictly speaking, I can't change
    it.
    However, IMHO, this license allows modifications, without explicitly
    stating it.  I can state without a doubt that this was my intention
    at the time (and hence, OSU's intention, since I put in the copyright
    while working for OSU).
    But also, since it allows use of the source, and since the statement
    required for inclusion says "includes software ..." it seems pretty
    clear that modification was both allowed and expected.  You can't
    really use sources if you aren't changing them, and you certainly
    can't include this software in some other product without making
    modifications.
    As I recall, I more or less used the copyright that Berkeley was using
    back then for there BSD-related software, so I'm surprised there's a
    problem with it.
    I have to point out that version 1.2, available at
    http://hea-www.harvard.edu/~fine/Tech/cs1.2/
    is distributed entirely without copyright notices.  Interesting, no?
    So I guess I could add a copyright notice to that.  But would I then
    be violating the OSU copyright that I wrote for 1.1?  Since it is
    a different version, I could probably write a new copyright notice 
    and license and be free and clear.
    There's also Purdue's versions of the software.  It's mentioned on my
    console server web page at
    http://hea-www.harvard.edu/~fine/Tech/console-server.html
    So, pass this on to the people you're working with and let me know how
    you want to proceed.
    	 tom
 In addition, a post to the Conserver Users mailing list in May 2020 contained:
    From: Paul Wise via users <users@conserver.com>
    To: users@conserver.com
    Subject: Re: license change?
    Date: Mon, 25 May 2020 12:42:28 +0800
    On Thu, 2019-07-04 at 10:20 +0200, Bryan Stansell via users wrote:
    > So, it's more the lack of explicitly stating the code can be
    > modified.
    Since then I talked to one of RedHat's lawyers and they mentioned that
    they have dealt with this problem too and also concluded that these
    licenses were intended to cover modification. The current wording of
    the initial part of the BSD license reflects an attempt to correct an
    earlier mistake (i.e. someone pointed out the error and Berkeley added
    "with or without modification"). Also the anti-endorsement clause
    implies a right to modify.
 Hopefully corporations (or, I suppose, their lawyers) will be happy with the
 explanation above and become comfortable with the stated license.
--- a/Makefile.in
+++ b/Makefile.in
@ -1,5 +1,4 @@
 ### Path settings
 datarootdir = @datarootdir@
 prefix = @prefix@
 exec_prefix = @exec_prefix@
 bindir = @bindir@
--- a/302
+++ b/302
@ -1,302 +0,0 @@
 			   Conserver Protocol
 			   ==================
 What Is This?
 -------------
 The following is an attempt to describe the client/server protocol used
 between the server (conserver) and the client (console).  This document
 bases its information on conserver version 8.1.4, as it's the release
 currently available.  If there are changes to the client/server
 protocol, the INSTALL file should reference them and, ideally, this
 document will be updated.
 The information is looked at from the point of the server, since it's
 the server that controls all information and triggers actions on the
 client (like a suspend).  The client's perspective should be obvious
 from this information.
 SSL
 ---
 The client and server can negotiate an SSL connection.  As far as the
 code is concerned, the SSL "layer" is transparent.  Data is sent and
 received just as if it was unencrypted.  Therefore, aside bringing up
 the SSL connection, the SSL bits are unimportant from a protocol
 standpoint.  The client and server still send and receive the same
 information - it just happens to be encrypted to everyone else.
 "On-The-Wire" Data
 ------------------
 The low-level, "on-the-wire" data is encapsulated similar to the telnet
 protocol.  All data is sent "as-is" with the exception of 0xFF.  0xFF is
 used as a "command character" and both the client and server expect to
 see a predefined option after it.  The possible options are: 0xFF, 'E',
 'G', 'Z', and '.'.
 The 0xFF option says to use the literal character 0xFF.  So, if there is
 a 0xFF character in the data stream to be sent, the code will send two
 0xFF characters (it's similar to using '\\' in C strings to embed a
 '\').
 The other options are used in various contexts, which will be described
 in detail below.
 Life As A Server
 ----------------
 There are three different interfaces presented to clients by the server.
 I'm going to name the three modes "master", "group", and "console".  The
 first two are line-based, and the third is character-based.
 To understand the differences, I must outline how conserver manages
 consoles.  When conserver starts, it reads the configuration file,
 listens on the master socket, and, for each group of consoles it must
 manage (where the group size is set by -m), it forks off a copy of
 itself.  Those child processes are what actually connect to the consoles
 and they each listen on a new socket for client connections.  So, you
 end up with a parent process (that knows about all consoles) that
 manages the child processes (that know only about consoles it manages),
 and everyone is listening on an individual socket for connections from
 clients.
 The parent process interacts with clients in "master" mode.  That mode
 expects line-based commands and responds similarly.  Because it's the
 master, it understands a certain set of commands that are different than
 in "group" mode.
 The child processes interact with clients in "group" mode first, and
 negotiate a change to "console" mode when a client requests a connection
 to a specific console.
 "master" Mode
 -------------
 When parent process gets a connection from a client, it either sends an
 "ok" string to signal it's ready or an error message (like "access from
 your host is refused") and the connection is dropped.  At this point,
 there are a small number of commands recognized by the server, since
 most are restricted to "logged in" clients.  Here's the list of
 available commands:
    exit   disconnect
    help   this help message
    login  log in
    ssl    start ssl session
 An "exit" is sent a "goodbye" response and the connection is dropped.  A
 "help" is sent the list above.  A "ssl" is sent an "ok" response and
 then the server expects the client to negotiate an ssl connection.  A
 "login" requires one argument (the username) and is either sent an "ok",
 meaning the client is logged in, or a "passwd?" followed by the local
 hostname, asking for the user's password, which it expects next.  If the
 client sends a valid password, an "ok" is sent, otherwise an error
 message and the connection is dropped.
 Upon successful login, the commands available are:
    call      provide port for given console
    exit      disconnect
    groups    provide ports for group leaders
    help      this help message
    master    provide a list of master servers
    newlogs*  close and open all logfiles (SIGUSR2)
    pid       provide pid of master process
    quit*     terminate conserver (SIGTERM)
    restart*  restart conserver (SIGHUP) - deprecated
    reconfig* reread config file (SIGHUP)
    version   provide version info for server
    up*       bring up all downed consoles (SIGUSR1)
    * = requires admin privileges
 "exit" and "help" are the same as before the client logged login.
 The "call" command expects one argument, the console name to connect to.
 The server will respond with either a port number (if it's a locally
 managed console), an "@hostname" where hostname is the name of the
 remote conserver host managing the console (if it's a remotely managed
 console), or an error message (possibly multi-line).  The client is not
 disconnected, whatever the response.
 The "groups" command responds with a colon-separated list of port
 numbers, which correspond to each of the child processes running on the
 local host.  The client is not disconnected.
 The "master" command responds with a colon-separated list of "@hostname"
 names.  The list includes any hosts (including the possibility of the
 local host) which have locally managed consoles.  The client is not
 disconnected.
 The "newlogs" command reopens all logfiles used by conserver, assuming
 the user has administrative access.  It responds with a message starting
 with "ok" if successful and an error message otherwise (like
 "unauthorized command").  The client is disconnected if it's successful.
 The "pid" command responds with the pid of the master process (in this
 case, the one the client is talking to).  The client is not
 disconnected.
 The "quit" command will shut down conserver, assuming the user has
 administrative access.  It responds with a message starting with "ok" if
 successful and an error message otherwise (like "unauthorized command").
 The client is disconnected if it's successful.
 The "restart" command has been deprecated.  You should use "reconfig".
 The "reconfig" command will cause conserver to reread the configuration
 file and apply any changes, assuming the user has administrative access.
 It responds with a message starting with "ok" if successful and an error
 message otherwise (like "unauthorized command").  The client is not
 disconnected.
 The "version" command responds with the version string.  The client is
 not disconnected.
 The "up" command tries to "bring up" all disconnected consoles, assuming
 the user has administrative access.  It responds with a message starting
 with "ok" if successful and an error message otherwise (like
 "unauthorized command").  The client is disconnected if it's successful.
 "group" Mode
 ------------
 When a child process gets a connection from a client, it either sends an
 "ok" string to signal it's ready or an error message (like "access from
 your host is refused") and the connection is dropped.  At this point,
 "group" mode acts just like "master" mode.  Once the client successfully
 logs in, however, "group" mode has the recognizes the following
 commands:
    broadcast    send broadcast message
    call         connect to given console
    disconnect*  disconnect the given user(s)
    examine      examine port and baud rates
    exit         disconnect
    group        show users in this group
    help         this help message
    hosts        show host status and user
    info         show console information
    textmsg      send a text message
    * = requires admin privileges
 The "exit" and "help" commands are like the others documented above.
 The "broadcast" command expects a text string of the message to be sent
 to all users connected to this process.  An "ok" is sent as a response.
 The "call" command expects one argument, the console name to connect to,
 just like in "master" mode.  The difference here is that this requests
 the server to attach the client to the console and go into "console"
 mode.  If the attachment is successful, the response will begin with a
 '[' character.  If not, an error message is returned.  The success
 responses are:
    [console is read-only]	 - console is read only
    [read-only -- initializing]	 - console is initializing, and
 				   read-only for the time being
    [line to console is down]	 - console is down
    [attached]			 - attached read-write
    [spy]			 - attached read-only
 The "disconnect" command expects an argument of the form "user@console"
 where either the "user" or "@console" part may be omitted.  Upon
 success, a response of the form "ok -- disconnected X users" is sent,
 where X is the number of users disconnected.  If a user is unauthorized
 or some other problem occurs, an error message (like "unauthorized
 command") is sent.
 The "examine" command returns a list of console information of the form
 that 'console -x' shows.
 The "group" command returns a list of console information of the form
 that 'console -w' shows.
 The "hosts" command returns a list of console information of the form
 that 'console -u' shows.
 The "info" command returns a list of console information of the form
 that 'console -i' shows.
 The "textmsg" command expects two arguments, the first being the
 recipient of the message in the form "user@console" (again, where the
 "user" or "@console" portion may be omitted) and the second being the
 string, like the "broadcast" command.  The server returns "ok".
 "console" Mode
 --------------
 As mentioned above, "console" mode is obtained by using the "call"
 command when connected to a child processes operating in "group" mode.
 "console" mode should look very familiar to a user of conserver, as it's
 what the user interacts with when connected to a console.  There's
 really nothings special here.  Each character received from the client
 is compared to the escape sequence, and if it matches, an action occurs
 on the server side.  If it doesn't match the escape sequence, the data
 is sent on to the console.  All data received from the console is sent
 to the client(s).  Of course, there are certain exceptions to these
 rules, based on the state of the console and the state of the client.
 And, certain escape sequences cause special behaviors to occur.
 Most escape sequences cause the server to send information back to the
 user.  Stuff like "^Ecw", "^Eci", and "^Ecu" are examples.  The escape
 sequence is absorbed by the server, the server sends the client a
 variety of information, and things continue as before.
 The more "interesting" escape sequences are the following.
 "^Ec;"  The server sends a 0xFF,'G' command sequence to the client, to
 	signal a wish to move to a new console.  The client then gets
 	put into the same state as the "^Ecz" sequence (paused), which
 	gives the client a chance to either resume the connection or
 	disconnect.
 "^Ec|"  The server sends a 0xFF,'E' command sequence to the client, to
 	signal a wish to have the client program interact with a
 	program, as opposed to the user.  The server discards all data
 	until it receives one of the following command sequences from
 	the client:
 	    0xFF,'E'	Signals successful redirection of interaction to
 			a program.  The server then responds with "[rw]"
 			or "[ro]" to tell the client whether or not they
 			have read-write access.  If not, the client
 			should abort the program and send the abort
 			command sequence below, as other data received by
 			the server will just get dropped.
 	    0xFF,'.'	Abort the operation.  The server assumes the
 			redirection didn't happen and returns the client
 			to it's normal mode.
 	The server keeps the client in the "redirected" state until it
 	receives a 0xFF,'.' command sequence from the client (which
 	usually occurs when the client command terminates).
 	If the client is "bumped" from read-write to read-only by
 	another user, the server will send the client a 0xFF,'.' command
 	sequence to tell it to abort the redirection and return control
 	back to the user.
 "^Ecz"  The server sends a 0xFF,'Z' command sequence to the client, to
 	signal a wish to suspend to client process.  The client is then
 	put into a "paused" state where it receives no more data from
 	the server.  When the client is ready to resume receiving data,
 	it sends a character of data to the server, at which point the
 	server discards the character and sends back a status message of
 	the form " -- MSG]".  The current set of possible messages are:
 	    " -- line down]"
 	    " -- read-only]"
 	    " -- attached (nologging)]"
 	    " -- attached]"
 	    " -- spy mode]"
--- a/59
+++ b/59
@ -0,0 +1,59 @@
 				README
 				======
 Maintainer/Enhancer
    Bryan Stansell (bryan@conserver.com)
 Documentation
    See the INSTALL file for installation, the conserver.html file for
    an overview, and the man pages for specifics.
 Downloading
    The latest version can be found at http://www.conserver.com/
 Systems Tested
    Here's a list of systems that I've been told can successfully
    compile conserver.  If anyone has more to add to this list (or
    something on the list doesn't work any more), please let me know.
 	AIX 4.3.3/5.1/5.2, native cc
 	BSDI BSD/OS 3.X, gcc
 	Cygwin (w2k),gcc 2.95.3
 	DEC Tru64 4.0, gcc
 	DEC Tru64 4.0/5.1, native cc
 	FreeBSD 4.2/4.8/5.1 (x86), gcc
 	HP-UX 10.20, gcc
 	HP-UX 11.10 parisc and ia64, native cc
 	Irix 6.15, native cc
 	Linux 2.2.18 (x86), gcc
 	Linux 2.4.2 (x86), gcc
 	Linux ia64, native gcc
 	Linux RedHat 6.2 and 7.2 (x86), native gcc
 	MacOS X, native gcc
 	Solaris 2.5.1 thru 9 (sparc/x86), gcc
 	Solaris 7/8, native cc
 Contributions
    Contributions distributed with the code can be found in the contrib
    subdirectory.  Other tools that complement conserver are listed
    below.
    Zinc
    ----
    According to the website, Zinc is a console log output management
    program.  For more information, visit the website at:
    http://www.columbia.edu/acis/sy/unixdev/zinc
 #
 #  $Id: README,v 1.22 2003/08/23 19:34:24 bryan Exp $
 #
--- a/README.md
+++ b/README.md
@ -1,35 +0,0 @@
 Conserver
 =========
 [![Build Status](https://api.cirrus-ci.com/github/bstansell/conserver.svg)](https://cirrus-ci.com/github/bstansell/conserver)
 Conserver is an application that allows multiple users to watch a
 serial console at the same time. It can log the data, allows users to
 take write-access of a console (one at a time), and has a variety of
 bells and whistles to accentuate that basic functionality. The idea is
 that conserver will log all your serial traffic so you can go back and
 review why something crashed, look at changes (if done on the console),
 or tie the console logs into a monitoring system (just watch the
 logfiles it creates).  With multi-user capabilities you can work on
 equipment with others, mentor, train, etc. It also does all that
 client-server stuff so that, assuming you have a network connection,
 you can interact with any of the equipment from home or wherever.
 Documentation
 -------------
 See the `INSTALL` file for installation and the man pages for specifics.
 Downloading
 -----------
 The latest version can be found on [GitHub](https://github.com/bstansell/conserver/releases).
 Contributions
 -------------
 Contributions distributed with the code can be found in the `contrib`
 subdirectory.
--- a/46
+++ b/46
@ -11,10 +11,13 @@ Bryan Stansell
 ---------------------------------------------------------------------------
 - Telnet protocol should be improved
-    - Not even RFC 854 compliant...or maybe it is (as of 8.1.0)
+    - Not even RFC 854 compliant
-    - Option negotiation semi-ignored - should we negotiate anything more?
+    - Option negotiation ignored - should we negotiate anything?
    - Others?
 - better shadow file support
    - what does this mean?  i've forgotten.
 - syslog?
    Daniel E. Singer <des@cs.duke.edu> would like to see it - especially
    in regards to --use-libwrap code
@ -24,7 +27,6 @@ Bryan Stansell
    - hpux has bigcrypt() also, which we support, so maybe we're covered
 - config file examples for various configurations
    - sample conserver.cf has some...but it's not explained well
 - per-line timestamps
    - only when not connected?
@ -32,12 +34,8 @@ Bryan Stansell
 - pipe input/output (console <-> program) via 'console'
    - some apps (net-ups thing, gdb) might need to talk to user
    - ^Ec| does this, but the interact with user bits might not work
    - actually, ^Ec| does work right with 8.1.0...one change that might
      be nice is the ability to NOT watch the i/o pass to the local
      command - try sending a big file to the local host with xmodem.
 - autologout?  setting per console?  gack, would have to interpret data.
    - this will never happen...i don't want to interpret data
 - "listen" capability (watch all/multiple consoles)
@ -50,17 +48,17 @@ Bryan Stansell
    - passphrase...hmmm..could really use some sort of send/expect
      thing here.  you could write a wrapper script of sorts, but it
      really would be nice to have a raw socket and do the right thing.
    - this does work, using the 'initcmd' option, so, all done?
 - cyclades ts1000/2000 port : "Moses, Joel" <jmoses@deloitte.com>
 - config file for client (list of masters, for example)
 - strftime() idea for logfile names : Lars Kellogg-Stedman <lars@larsshack.org>
 - 9600baud log replay?
 - server -M flag should accept multiple addresses (comma separated)
    - should client as well?
    - this may never happen...does anyone really need it?
 - automatic log rotation in general : Egan Ford <egan@us.ibm.com>
@ -71,7 +69,6 @@ Bryan Stansell
 - suggestions by Trevor Fiatal <trevor@seven.com>
    - include server hostname on 'console -x' output
 	- i think the -i output covers it, but maybe not
 - ability to configure strings to be sent to a console periodically :
  Greg A. Woods <woods@planix.com>
@ -81,28 +78,13 @@ Bryan Stansell
 - redefine client escape sequence in conserver.cf : Toby Gerhart
  <toby.gerhart@eds.com>
    - not even sure if this is possible w/o confusing the client,
      but maybe with the new 8.1.0 client-server protocol, we can!
- log rotation by date : Tom Pachla <tom.pachla@nlc-bnc.ca>
+- send a string when connected to a console, so you can set the
  xterm title, for example : Richard Threadgill <richardt@tellme.com>
- strict file permission checks on conserver.passwd/conserver.cf : Erik
+- allow for very long replays (hundres of lines) : John Stoffel
-  Sjolund <erik.sjolund@sbc.su.se>
+  <stoffel@lucent.com>
- netgroup support?  : Nikolaos Papavassiliou
+#
-  <Nikolaos.Papavassiliou@reuters.com> and Phil Dibowitz <phil@usc.edu>
+#  $Id: TODO,v 1.44 2003/11/29 14:10:47 bryan Exp $
-
+#
 - send sequences to console on client connect? (to repaint screen,
  for example) : John Cagle <jcagle@gmail.com>
 - uucp locks : Sebastian Zagrodzki <sebek@heron.net.icm.edu.pl>
 - support more than 9 break sequences : Danish Mirza <Danish@lehman.com>
  thought it was easy, but adding more than could break things with
  current encoding.  doable, will have to think harder about it.
 - reintroduce console grouping : Martin Turba
  <martin.turba@igd.fraunhofer.de>
 - quick-recheck of down consoles (for uds) and possibly only log state
  changes (instead of each try) : DJ Gregor <dj@gregor.com>
--- a/_config.yml
+++ b/_config.yml
@ -1 +0,0 @@
 theme: jekyll-theme-cayman
--- a/autologin/INSTALL.old
+++ b/autologin/INSTALL.old
@ -1,3 +1,5 @@
 # $Id: INSTALL.old,v 1.1 2003/11/04 02:36:24 bryan Exp $
 To install this program you need root access and access to the physical
 console of the machine (either through the console server or via the physical
 world).
--- a/autologin/Makefile.in
+++ b/autologin/Makefile.in
@ -1,5 +1,4 @@
 ### Path settings
 datarootdir = @datarootdir@
 srcdir = @srcdir@
 top_srcdir = @top_srcdir@
 prefix = @prefix@
@ -46,7 +45,7 @@ clean:
 distclean: clean
 	rm -f Makefile
-install: autologin
+install:
 	$(MKDIR) $(DESTDIR)$(bindir)
 	$(INSTALL_PROGRAM) autologin $(DESTDIR)$(bindir)
--- a/autologin/README
+++ b/autologin/README
@ -15,3 +15,7 @@ No one I've ever talked to found a need for something like autologin.
 Good luck.
 Bryan Stansell
 #
 #  $Id: README,v 1.2 2002/09/23 21:08:42 bryan Exp $
 #
--- a/autologin/README.old
+++ b/autologin/README.old
@ -1,3 +1,5 @@
 # $Id: README.old,v 1.1 2003/11/04 02:36:24 bryan Exp $
 This program can be used to put a root shell on the console at boot time.
 See the manual page.
--- a/autologin/autologin.c
+++ b/autologin/autologin.c
@ -68,6 +68,9 @@
 * Global variables
 */
 #ifndef	lint
 char	*rcsid = "$Id: autologin.c,v 1.23 2002/09/21 06:29:39 bryan Exp $";
 #endif	/* not lint */
 extern char	*progname;
 gid_t	 awGrps[NGROUPS_MAX];
 int	 iGrps = 0;
@ -83,19 +86,39 @@ void make_utmp();
 void	usage();
 int
-Process(void)
+Process()
 {
 	register int		 c;
 	int			 iErrs = 0;
 	int			 i, iNewGrp;
 	gid_t			 wGid;
 	uid_t			 wUid;
-    char *pcCmd = (char *)0, *pcDevTty = (char *)0;
+	char			*pcCmd = (char *)0,
 				*pcDevTty = (char *)0;
 	char			*pcTmp;
 #ifdef	HAVE_GETUSERATTR
 	char			*pcGrps;
 #endif
 	struct	passwd		*pwd;
 	struct	stat		 st;
 #ifdef HAVE_TERMIOS_H
 	struct	termios		 n_tio;
 #else
 # ifdef TIOCNOTTY
 #  ifdef O_CBREAK
 	auto struct tc n_tchars;
 #  else
 	auto struct tchars n_tchars;
 #  endif
 #  ifdef TIOCGLTC
 	auto struct ltchars n_ltchars;
 #  endif
 # else
 #  ifdef TIOCGETP
 	auto struct sgttyb n_sty;
 #  endif
 # endif
 #endif
 #if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
 	char			my_hostname[MAXHOSTNAMELEN];
 #endif
@ -103,16 +126,14 @@ Process(void)
 #if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
 	if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
-	(void)fprintf(stderr, "%s: gethostname: %s\n", progname,
+		(void) fprintf(stderr, "%s: gethostname: %s\n", strerror(errno));
 		      strerror(errno));
 		exit(1);
 		/* NOTREACHED */
 	}
 #endif
 	if ((char *)0 != pcCommand) {
 		if ((char *)0 == (pcCmd = (char *)malloc(strlen(pcCommand) + 4))) {
-	    (void)fprintf(stderr, "%s: malloc: %s\n", progname,
+			(void) fprintf(stderr, "%s: malloc: %s\n", progname, strerror(errno));
 			  strerror(errno));
 			exit(1);
 			/* NOTREACHED */
 		}
@ -127,15 +148,13 @@ Process(void)
 	if ( (char *)0 == pcLogin ) {
 		static char acLogin[17];
 		if ((struct passwd *)0 == (pwd = getpwuid(geteuid()))) {
-	    (void)fprintf(stderr, "%s: %d: uid unknown\n", progname,
+			(void) fprintf(stderr, "%s: %d: uid unknown\n", progname, geteuid());
 			  geteuid());
 			exit(1);
 			/* NOTREACHED */
 		}
 		pcLogin = strcpy(acLogin, pwd->pw_name);
 	} else if ((struct passwd *)0 == (pwd = getpwnam(pcLogin))) {
-	(void)fprintf(stderr, "%s: %s: login name unknown\n", progname,
+		(void) fprintf(stderr, "%s: %s: login name unknown\n", progname, pcLogin);
 		      pcLogin);
 		exit(1);
 		/* NOTREACHED */
 	}
@ -162,10 +181,8 @@ Process(void)
 		if ( '/' == *pcTty ) {
 			pcDevTty = pcTty;
 		} else {
-	    if ((char *)0 ==
+			if ( (char *)0 == (pcDevTty = (char *)malloc(strlen(pcTty)+5+1) ) ) {
-		(pcDevTty = (char *)malloc(strlen(pcTty) + 5 + 1))) {
+				(void) fprintf(stderr, "%s: malloc: %s\n", progname, strerror(errno));
 		(void)fprintf(stderr, "%s: malloc: %s\n", progname,
 			      strerror(errno));
 				exit(1);
 			}
 			sprintf(pcDevTty, "/dev/%s", pcTty);
@ -173,13 +190,11 @@ Process(void)
 		if (0 != stat(pcDevTty, &st)) {
-	    (void)fprintf(stderr, "%s: Can't stat %s: %s\n", progname,
+			(void) fprintf(stderr, "%s: Can't stat %s: %s\n", progname, pcDevTty, strerror(errno));
 			  pcDevTty, strerror(errno));
 			++iErrs;
 #if defined(VCHR) && defined(VMPC)
 		} else if (VCHR != st.st_type && VMPC != st.st_type) {
-	    (void)fprintf(stderr, "%s: %s is not a character device\n",
+			(void) fprintf(stderr, "%s: %s is not a character device\n", progname, pcDevTty);
 			  progname, pcDevTty);
 			++iErrs;
 #endif
 		}
@ -198,32 +213,27 @@ Process(void)
 		/* NOTREACHED */
 	}
 	if (iGrps && 0 < setgroups(iGrps, awGrps)) {
-	(void)fprintf(stderr, "%s: Can't setgroups(): %s\n", progname,
+		(void) fprintf(stderr, "%s: Can't setgroups(): %s\n", progname, strerror(errno));
 		      strerror(errno));
 		exit(1);
 		/* NOTREACHED */
 	}
 	/* Close open files
 	 */
 #if HAVE_CLOSEFROM
    closefrom((char *)0 == pcTty ? 3 : 0);
 #else
 	for (i = (char *)0 == pcTty ? 3 : 0; i < getdtablesize(); ++i) {
 		(void) close(i);
 	}
 #endif
 	/* Make us a session leader so that when we open /dev/tty
 	 * it will become our controlling terminal.
 	 */
 	if (-1 == (iNewGrp = getsid(getpid()))) {
 		if (-1 == (iNewGrp = setsid())) {
-	    (void)fprintf(stderr, "%s: setsid: %d: %s\n", progname,
+			(void) fprintf(stderr, "%s: setsid: %d: %s\n", progname, iNewGrp, strerror(errno));
 			  iNewGrp, strerror(errno));
 			iNewGrp = getpid();
 		}
 	}
 #if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
 	if (!cannot_audit(0)) {
 # if defined(HAVE_GETAUDIT_ADDR)
@ -253,7 +263,8 @@ Process(void)
 # else
 		if ((char *)0 != (hp = gethostbyname(my_hostname))
 		    && AF_INET == hp->h_addrtype) {
-	    (void)memcpy(&audit_info.ai_termid.machine, hp->h_addr,
+			(void)memcpy(&audit_info.ai_termid.machine,
 				     hp->h_addr,
 				     sizeof(audit_info.ai_termid.machine));
 		}
 # endif
@ -263,26 +274,36 @@ Process(void)
 		if (0 > setaudit(&audit_info))
 # endif
 		{
-	    fprintf(stderr, "%s: setaudit failed: %s\n", progname,
+			fprintf(stderr, "%s: setaudit failed: %s\n",
 				progname,
 				strerror(errno));
 			fShowEvent = 0;
 		}
 		if (fShowEvent) {
-	    fShowEvent =
+			fShowEvent = au_preselect(AUE_autologin,
-		au_preselect(AUE_autologin, &audit_mask, AU_PRS_SUCCESS,
+						  &audit_mask,
 						  AU_PRS_SUCCESS,
 						  AU_PRS_REREAD);
 		}
 		if (fShowEvent) {
 			iAuditFile = au_open();
 # if defined(HAVE_GETAUDIT_ADDR)
-	    ptAuditToken =
+			ptAuditToken = au_to_subject_ex(wUid,
-		au_to_subject_ex(wUid, wUid, wGid, wUid, wGid,
+						        wUid,
-				 audit_info.ai_asid, audit_info.ai_asid,
+						        wGid,
 						        wUid,
 						        wGid,
 						        audit_info.ai_asid,
 						        audit_info.ai_asid,
 						        &audit_info.ai_termid),
 # else
-	    ptAuditToken =
+			ptAuditToken = au_to_subject(wUid,
-		au_to_subject(wUid, wUid, wGid, wUid, wGid,
+						     wUid,
-			      audit_info.ai_asid, audit_info.ai_asid,
+						     wGid,
 						     wUid,
 						     wGid,
 						     audit_info.ai_asid,
 						     audit_info.ai_asid,
 						     &audit_info.ai_termid),
 # endif
 			(void)au_write(iAuditFile, ptAuditToken);
@ -299,7 +320,8 @@ Process(void)
 # endif
 			(void)au_write(iAuditFile, ptAuditToken);
 			if(0 > au_close(iAuditFile, AU_TO_WRITE, AUE_autologin)) {
-		fprintf(stderr, "%s: audit write failed: %s", progname,
+				fprintf(stderr, "%s: audit write failed",
 					progname,
 					strerror(errno));
 			}
 		}
@ -312,9 +334,7 @@ Process(void)
 #ifdef TIOCNOTTY
 		if (-1 != (i = open("/dev/tty", 2, 0))) {
 			if ( ioctl(i, TIOCNOTTY, (char *)0) )
-		(void)fprintf(stderr,
+				(void) fprintf(stderr, "%s: ioctl(%d, TIOCNOTTY, (char *)0): %s\n", progname, i, strerror(errno));
 			      "%s: ioctl(%d, TIOCNOTTY, (char *)0): %s\n",
 			      progname, i, strerror(errno));
 			(void) close(i);
 		}
 #endif
@ -330,46 +350,92 @@ Process(void)
 	 */
 #ifdef HAVE_TCGETPGRP
 	if (-1 >= (i = tcgetpgrp(0))){
-	(void)fprintf(stderr, "%s: tcgetpgrp: %s\n", progname,
+		(void) fprintf(stderr, "%s: tcgetpgrp: %s\n", progname, strerror(errno));
 		      strerror(errno));
 	}
 #endif
 #ifndef SETPGRP_VOID
 	if (-1 != i && setpgrp(0, i) ){
-	(void)fprintf(stderr, "%s: setpgrp: %s, i = %d\n", progname,
+		(void) fprintf(stderr, "%s: setpgrp: %s, i = %d\n", progname, strerror(errno), i);
 		      strerror(errno), i);
 	}
 #endif
 #ifdef HAVE_TCSETPGRP
 	if (tcsetpgrp(0, iNewGrp)){
-	(void)fprintf(stderr, "%s: tcsetpgrp: %s\n", progname,
+		(void) fprintf(stderr, "%s: tcsetpgrp: %s\n", progname, strerror(errno));
 		      strerror(errno));
 	}
 #endif
 #ifndef SETPGRP_VOID
 	if (-1 != iNewGrp && setpgrp(0, iNewGrp)){
-	(void)fprintf(stderr, "%s: setpgrp: %s, iNewGrp = %d\n", progname,
+		(void) fprintf(stderr, "%s: setpgrp: %s, iNewGrp = %d\n", progname, strerror(errno), iNewGrp);
 		      strerror(errno), iNewGrp);
 	}
 #endif
 	/* put the tty in the correct mode
 	 */
 #ifndef HAVE_TERMIOS_H
 	if (0 != ioctl(0, TIOCGETP, (char *)&n_sty)) {
 		fprintf(stderr, "%s: iotcl: getp: %s\n", progname, strerror(errno));
 		exit(10);
 	}
 #ifdef O_CBREAK
 	n_sty.sg_flags &= ~(O_CBREAK);
 	n_sty.sg_flags |= (O_CRMOD|O_ECHO);
 #else
 	n_sty.sg_flags &= ~(CBREAK);
 	n_sty.sg_flags |= (CRMOD|ECHO);
 #endif
 	n_sty.sg_kill = '\025';             /* ^U   */
 	n_sty.sg_erase = '\010';            /* ^H   */
 	if (0 != ioctl(0, TIOCSETP, (char *)&n_sty)) {
 		fprintf(stderr, "%s: iotcl: setp: %s\n", progname, strerror(errno));
 		exit(10);
 	}
 	/* stty undef all tty chars
 	 */
 #if 0
 	if (-1 == ioctl(0, TIOCGETC, (char *)&n_tchars)) {
 		fprintf(stderr, "%s: ioctl: getc: %s\n", progname, strerror(errno));
 		return;
 	}
 	n_tchars.t_intrc = -1;
 	n_tchars.t_quitc = -1;
 	if (-1 == ioctl(0, TIOCSETC, (char *)&n_tchars)) {
 		fprintf(stderr, "%s: ioctl: setc: %s\n", progname, strerror(errno));
 		return;
 	}
 #endif
 #ifdef TIOCGLTC
 	if (-1 == ioctl(0, TIOCGLTC, (char *)&n_ltchars)) {
 		fprintf(stderr, "%s: ioctl: gltc: %s\n", progname, strerror(errno));
 		return;
 	}
 	n_ltchars.t_suspc = -1;
 	n_ltchars.t_dsuspc = -1;
 	n_ltchars.t_flushc = -1;
 	n_ltchars.t_lnextc = -1;
 	if (-1 == ioctl(0, TIOCSLTC, (char *)&n_ltchars)) {
 		fprintf(stderr, "%s: ioctl: sltc: %s\n", progname, strerror(errno));
 		return;
 	}
 #endif
 #else	/* not using ioctl, using POSIX or sun stuff */
 #ifdef HAVE_TCGETATTR
 	if (0 != tcgetattr(0, &n_tio)) {
-	(void)fprintf(stderr, "%s: tcgetattr: %s\n", progname,
+		(void) fprintf(stderr, "%s: tcgetattr: %s\n", progname, strerror(errno));
 		      strerror(errno));
 		exit(1);
 		/* NOTREACHED */
 	}
 #else
 	if (0 != ioctl(0, TCGETS, &n_tio)) {
-	(void)fprintf(stderr, "%s: iotcl: TCGETS: %s\n", progname,
+		(void) fprintf(stderr, "%s: iotcl: TCGETS: %s\n", progname, strerror(errno));
 		      strerror(errno));
 		exit(1);
 		/* NOTREACHED */
 	}
 #endif
 	n_tio.c_iflag &= ~(IGNCR|IUCLC);
 	n_tio.c_iflag |= ICRNL|IXON|IXANY;
-    n_tio.c_oflag &=
+	n_tio.c_oflag &= ~(OLCUC|ONOCR|ONLRET|OFILL|NLDLY|CRDLY|TABDLY|BSDLY);
 	~(OLCUC | ONOCR | ONLRET | OFILL | NLDLY | CRDLY | TABDLY | BSDLY);
 	n_tio.c_oflag |= OPOST|ONLCR|TAB3;
 	n_tio.c_lflag &= ~(XCASE|NOFLSH|ECHOK|ECHONL);
 	n_tio.c_lflag |= ISIG|ICANON|ECHO;
@ -385,12 +451,20 @@ Process(void)
 	n_tio.c_cc[VSUSP] = '\032';		/* ^Z	*/
 #ifdef HAVE_TCSETATTR
 	if (0 != tcsetattr(0, TCSANOW, &n_tio)) {
-	(void)fprintf(stderr, "%s: tcsetattr: %s\n", progname,
+		(void) fprintf(stderr, "%s: tcsetattr: %s\n", progname, strerror(errno));
-		      strerror(errno));
+		exit(1);
 		/* NOTREACHED */
 	}
 #else
 #ifndef HAVE_TERMIOS_H
 	if (0 != ioctl(0, TCSETS, &n_tio)) {
 		(void) fprintf(stderr, "%s: ioctl: TCSETS: %s\n", progname, strerror(errno));
 		exit(1);
 		/* NOTREACHED */
 	}
 #endif
 #endif
 #endif	/* setup tty */
 	if (fMakeUtmp) {
 		extern char *ttyname();
@ -412,7 +486,8 @@ Process(void)
 #ifndef HAVE_PUTENV
 int
-putenv(char *pcAssign)
+putenv(pcAssign)
 char *pcAssign;
 {
 	register char *pcEq;
@ -427,7 +502,8 @@ putenv(char *pcAssign)
 #endif
 int
-addgroup(char *pcGrp)
+addgroup(pcGrp)
 char	*pcGrp;
 {
 	struct	group		*grp;
@ -437,9 +513,7 @@ addgroup(char *pcGrp)
 		return(1);
 	}
 	if (iGrps >= NGROUPS_MAX) {
-	(void)fprintf(stderr,
+		(void) fprintf(stderr, "%s: Too many groups specified with \"%s\".\n", progname, pcGrp);
 		      "%s: Too many groups specified with \"%s\".\n",
 		      progname, pcGrp);
 		return(1);
 	}
 	awGrps[iGrps++] = grp->gr_gid;
@ -450,13 +524,15 @@ addgroup(char *pcGrp)
 /* install a utmp entry to show the use we know is here is here		(ksb)
 */
 void
-make_utmp(char *pclogin, char *pctty)
+make_utmp(pclogin, pctty)
 char	*pclogin;
 char	*pctty;
 {
 	register int iFound, iPos;
 	register int fdUtmp;
 	register char *pcDev;
 	register struct utmp *up;
-    auto struct utmp utmp;
+	auto struct utmp outmp, utmp;
 	if ((char *)0 == pctty) {
@ -559,7 +635,7 @@ make_utmp(char *pclogin, char *pctty)
 void
-usage(void)
+usage()
 {
 	char *u_pch;
 	int u_loop;
--- a/autologin/autologin.m
+++ b/autologin/autologin.m
@ -1,5 +1,7 @@
 # mkcmd parser for autologin program
 %%
 static char *rcsid =
 	"$Id: autologin.m,v 1.1 2003/11/04 02:36:24 bryan Exp $";
 %%
 integer variable "iErrs" {
--- a/autologin/autologin.man
+++ b/autologin/autologin.man
@ -1,3 +1,4 @@
 .\" $Id: autologin.man,v 1.1 2003/11/04 02:36:24 bryan Exp $
 .TH AUTOLOGIN 8L PUCC
 .SH NAME
 autologin \- create an automatic login session from /etc/inittab
@ -111,21 +112,12 @@ environment variable set to
 	ss10:2:respawn:/usr/local/etc/autologin \-e TERM=reg20 \-t/dev/tty10 \-lssinfo
 .ad
 .PP
-Adding the following line to
+Adding the following line to \fI/etc/ttytab\fP on a Sun 4.1.\fIx\fP
 .I /etc/ttytab
 on a Sun
 .RI 4.1. x
 machine establishes a root login on the console device:
 .br
 .na
 	console "/usr/local/etc/autologin \-lroot \-t"    xterm   on local secure
 .ad
-.PP
+Note that \fIinit\fP provides the \fItty\fP argument on the end of the command.
 Note that
 .I init
 provides the
 .I tty
 argument on the end of the command.
 .SH FILES
 /bin/su
 .br
--- a/autologin/main.c
+++ b/autologin/main.c
@ -20,7 +20,9 @@ static int
 * does +arg if you give a last argument of "+", else give (char *)0
 */
 static int
-getopt(int nargc, char **nargv, char *ostr)
+getopt(nargc, nargv, ostr)
 int nargc;
 char **nargv, *ostr;
 {
 	register char	*oli;		/* option letter list index	*/
 	static char	EMSG[] = "";	/* just a null place		*/
@ -41,17 +43,14 @@ getopt(int nargc, char **nargv, char *ostr)
 			++optind;
 			return EOF;
 		}
-    }
+	}				/* option letter okay? */
    /* option letter okay? */
 	/* if we find the letter, (not a `:')
 	 * or a digit to match a # in the list
 	 */
 	if ((optopt = *place++) == ':' ||
 	 ((char *)0 == (oli = strchr(ostr,optopt)) &&
-	 (!(isdigit(optopt) || '-' == optopt) ||
+	  (!(isdigit(optopt)||'-'==optopt) || (char *)0 == (oli = strchr(ostr, '#'))))) {
-	  (char *)0 == (oli = strchr(ostr, '#'))))) {
+		if(!*place) ++optind;
 	if (!*place)
 	    ++optind;
 		return('?');
 	}
 	if ('#' == *oli) {		/* accept as -digits */
@ -81,13 +80,14 @@ getopt(int nargc, char **nargv, char *ostr)
 #endif /* ! HAVE_GETOPT */
 char
- *progname = "", *au_terse[] = {
+	*progname = "$Id: main.c,v 1.1 2003/11/04 02:36:24 bryan Exp $",
 	*au_terse[] = {
 		" [-u] [-c cmd] [-e env=value] [-g group] [-l login] [-t tty]",
 		" -h",
 		" -V",
 		(char *)0
-}, *u_help[] = {
+	},
-
+	*u_help[] = {
 		"c cmd       command to run",
 		"e env=value environment variable to set",
 		"g group     initial group",
@ -95,24 +95,35 @@ char
 		"l login     login name",
 		"t tty       attach to this terminal",
 		"u           do no make utmp entry",
-    "V           show version information", (char *)0
+		"V           show version information",
-}, *pcCommand = (char *)0, *pcGroup = (char *)0, *pcLogin =
+		(char *)0
-    (char *)0, *pcTty = (char *)0;
+	},
 	*pcCommand = (char *)0,
 	*pcGroup = (char *)0,
 	*pcLogin = (char *)0,
 	*pcTty = (char *)0;
 int
-  fMakeUtmp = 1, iErrs = 0;
+	fMakeUtmp = 1,
 	iErrs = 0;
 #ifndef u_terse
 #define u_terse	(au_terse[0])
 #endif
 static char *rcsid =
        "$Id: main.c,v 1.1 2003/11/04 02:36:24 bryan Exp $";
 /*
 * parser
 */
 int
-main(int argc, char **argv)
+main(argc, argv)
 int argc;
 char **argv;
 {
 	static char
-      sbOpt[] = "c:e:g:hl:t:uV", *u_pch = (char *)0;
+		sbOpt[] = "c:e:g:hl:t:uV",
 		*u_pch = (char *)0;
 	static int
 		u_loop = 0;
 	register int u_curopt;
@ -126,21 +137,17 @@ main(int argc, char **argv)
 	while (EOF != (u_curopt = getopt(argc, argv, sbOpt))) {
 		switch (u_curopt) {
 		case '*':
-		fprintf(stderr, "%s: option `-%c\' needs a parameter\n",
+			fprintf(stderr, "%s: option `-%c\' needs a parameter\n", progname, optopt);
 			progname, optopt);
 			exit(1);
 		case '?':
-		fprintf(stderr,
+			fprintf(stderr, "%s: unknown option `-%c\', use `-h\' for help\n", progname, optopt);
 			"%s: unknown option `-%c\', use `-h\' for help\n",
 			progname, optopt);
 			exit(1);
 		case 'c':
 			pcCommand = optarg;
 			continue;
 		case 'e':
 			if (putenv(optarg) != 0) {
-		    (void)fprintf(stderr, "%s: putenv(\"%s\"): failed\n",
+				 (void) fprintf(stderr, "%s: putenv(\"%s\"): failed\n", progname, optarg);
 				  progname, optarg);
 				exit(1);
 			}
 			continue;
@ -148,17 +155,14 @@ main(int argc, char **argv)
 			pcGroup = optarg;
 			continue;
 		case 'h':
-		for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]);
+			for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
 		     ++u_loop) {
 				if ('\000' == *u_pch) {
-			fprintf(stdout, "%s: with no parameters\n",
+					fprintf(stdout, "%s: with no parameters\n", progname);
 				progname);
 					continue;
 				}
 				fprintf(stdout, "%s: usage%s\n", progname, u_pch);
 			}
-		for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]);
+			for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
 		     ++u_loop) {
 				fprintf(stdout, "%s\n", u_pch);
 			}
 			exit(0);
@ -172,7 +176,7 @@ main(int argc, char **argv)
 			fMakeUtmp = 0;
 			continue;
 		case 'V':
-		printf("%s\n", progname);
+			printf("%s: %s\n", progname, rcsid);
 			exit(0);
 		}
 		break;
--- a/autologin/main.h
+++ b/autologin/main.h
@ -12,3 +12,4 @@ extern char *pcCommand, *pcGroup, *pcLogin, *pcTty;
 /* from std_help.m */
 /* from std_version.m */
 /* from autologin.m */
--- a/compat.h
+++ b/compat.h
@ -8,7 +8,6 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <netinet/in.h>
 #include <sys/un.h>
 #include <arpa/inet.h>
 #include <netdb.h>
 #include <ctype.h>
@ -35,17 +34,6 @@
 # define DEFESC		'c'
 #endif
 /* set the default length of the replay functions
 * DEFREPLAY for 'r'
 * DEFPLAYBACK for 'p'
 */
 #if !defined(DEFREPLAY)
 # define DEFREPLAY	20
 #endif
 #if !defined(PLAYBACK)
 # define DEFPLAYBACK	60
 #endif
 /* For legacy compile-time setting of the port...
 */
 #if ! defined(DEFPORT)
@ -103,18 +91,6 @@ typedef long fd_set;
 #include <termios.h>
 #ifndef TAB3
 # ifdef OXTABS
 #  define TAB3 OXTABS
 # else
 #  ifdef XTABS
 #   define TAB3 XTABS
 #  else
 #   define TAB3 0
 #  endif
 # endif
 #endif
 #ifdef HAVE_STROPTS_H
 # include <stropts.h>
 #endif
@ -315,6 +291,14 @@ typedef int socklen_t;
 #define SEEK_SET L_SET
 #endif
 #ifndef PARAMS
 # if PROTOTYPES
 #  define PARAMS(protos) protos
 # else /* no PROTOTYPES */
 #  define PARAMS(protos) ()
 # endif	/* no PROTOTYPES */
 #endif
 /* setup a conditional debugging line */
 #ifndef CONDDEBUG
 #define CONDDEBUG(line) if (fDebug) {debugFileName=__FILE__; debugLineNo=__LINE__; Debug line;}
@ -323,23 +307,3 @@ typedef int socklen_t;
 #if HAVE_DMALLOC
 #include <dmalloc.h>
 #endif
 #if HAVE_FREEIPMI
 # include <ipmiconsole.h>
 #endif
 #ifndef INADDR_STYPE
 # if USE_IPV6
 #  define INADDR_STYPE struct sockaddr_storage
 # else
 #  define INADDR_STYPE struct in_addr
 # endif
 #endif
 #ifndef SOCKADDR_STYPE
 # if USE_IPV6
 #  define SOCKADDR_STYPE struct sockaddr_storage
 # else
 #  define SOCKADDR_STYPE struct sockaddr_in
 # endif
 #endif
--- a/config.guess
+++ b/config.guess
--- a/config.h.in
+++ b/config.h.in
@ -0,0 +1,350 @@
 /* config.h.in.  Generated from configure.in by autoheader.  */
 /* Config file path */
 #undef CONFIGFILE
 /* ./configure invocation */
 #undef CONFIGINVOCATION
 /* TCP connection timeout */
 #undef CONNECTTIMEOUT
 /* Base socket used for secondary channel */
 #undef DEFBASEPORT
 /* Socket used to communicate */
 #undef DEFPORT
 /* Define to 1 if you have the `bigcrypt' function. */
 #undef HAVE_BIGCRYPT
 /* Define to 1 if you have the <bsm/audit.h> header file. */
 #undef HAVE_BSM_AUDIT_H
 /* Define to 1 if you have the <crypt.h> header file. */
 #undef HAVE_CRYPT_H
 /* have dmalloc support */
 #undef HAVE_DMALLOC
 /* Define to 1 if you have the `getaudit' function. */
 #undef HAVE_GETAUDIT
 /* Define to 1 if you have the `getaudit_addr' function. */
 #undef HAVE_GETAUDIT_ADDR
 /* Define to 1 if you have the `getdtablesize' function. */
 #undef HAVE_GETDTABLESIZE
 /* Define to 1 if you have the `getlogin' function. */
 #undef HAVE_GETLOGIN
 /* Define to 1 if you have the `getopt' function. */
 #undef HAVE_GETOPT
 /* Define to 1 if you have the <getopt.h> header file. */
 #undef HAVE_GETOPT_H
 /* Define to 1 if you have the `getprpwnam' function. */
 #undef HAVE_GETPRPWNAM
 /* Define to 1 if you have the `getrlimit' function. */
 #undef HAVE_GETRLIMIT
 /* Define to 1 if you have the `getsid' function. */
 #undef HAVE_GETSID
 /* Define to 1 if you have the `getspnam' function. */
 #undef HAVE_GETSPNAM
 /* Define to 1 if you have the `getuserattr' function. */
 #undef HAVE_GETUSERATTR
 /* Define to 1 if you have the `getutent' function. */
 #undef HAVE_GETUTENT
 /* Define to 1 if you have the `grantpt' function. */
 #undef HAVE_GRANTPT
 /* Define to 1 if you have the <hpsecurity.h> header file. */
 #undef HAVE_HPSECURITY_H
 /* Define to 1 if you have the `inet_aton' function. */
 #undef HAVE_INET_ATON
 /* Define to 1 if you have the <inttypes.h> header file. */
 #undef HAVE_INTTYPES_H
 /* Defined if in_addr_t exists */
 #undef HAVE_IN_ADDR_T
 /* Define to 1 if you have the `iscomsec' function. */
 #undef HAVE_ISCOMSEC
 /* Define to 1 if you have the `bsm' library (-lbsm). */
 #undef HAVE_LIBBSM
 /* Define to 1 if you have the `sec' library (-lsec). */
 #undef HAVE_LIBSEC
 /* Define to 1 if you have the `util' library (-lutil). */
 #undef HAVE_LIBUTIL
 /* Define to 1 if you have the <libutil.h> header file. */
 #undef HAVE_LIBUTIL_H
 /* Define to 1 if you have the `xnet' library (-lxnet). */
 #undef HAVE_LIBXNET
 /* Define to 1 if you have the `memcmp' function. */
 #undef HAVE_MEMCMP
 /* Define to 1 if you have the `memcpy' function. */
 #undef HAVE_MEMCPY
 /* Define to 1 if you have the `memmove' function. */
 #undef HAVE_MEMMOVE
 /* Define to 1 if you have the <memory.h> header file. */
 #undef HAVE_MEMORY_H
 /* Define to 1 if you have the `memset' function. */
 #undef HAVE_MEMSET
 /* Define to 1 if you have the `openpty' function. */
 #undef HAVE_OPENPTY
 /* have openssl support */
 #undef HAVE_OPENSSL
 /* have PAM support */
 #undef HAVE_PAM
 /* Define to 1 if you have the <prot.h> header file. */
 #undef HAVE_PROT_H
 /* Define to 1 if you have the `ptsname' function. */
 #undef HAVE_PTSNAME
 /* Define to 1 if you have the <pty.h> header file. */
 #undef HAVE_PTY_H
 /* Define to 1 if you have the `putenv' function. */
 #undef HAVE_PUTENV
 /* Defined if sa_len member exists in struct sockaddr */
 #undef HAVE_SA_LEN
 /* Define to 1 if you have the `setgroups' function. */
 #undef HAVE_SETGROUPS
 /* Define to 1 if you have the `setlinebuf' function. */
 #undef HAVE_SETLINEBUF
 /* Define to 1 if you have the `setpgrp' function. */
 #undef HAVE_SETPGRP
 /* Define to 1 if you have the `setproctitle' function. */
 #undef HAVE_SETPROCTITLE
 /* Define to 1 if you have the `setsid' function. */
 #undef HAVE_SETSID
 /* Define to 1 if you have the `setsockopt' function. */
 #undef HAVE_SETSOCKOPT
 /* Define to 1 if you have the `setttyent' function. */
 #undef HAVE_SETTTYENT
 /* Define to 1 if you have the `setvbuf' function. */
 #undef HAVE_SETVBUF
 /* Define to 1 if you have the <shadow.h> header file. */
 #undef HAVE_SHADOW_H
 /* Define to 1 if you have the `sigaction' function. */
 #undef HAVE_SIGACTION
 /* Defined if socklen_t exists */
 #undef HAVE_SOCKLEN_T
 /* Define to 1 if you have the <stdint.h> header file. */
 #undef HAVE_STDINT_H
 /* Define to 1 if you have the <stdlib.h> header file. */
 #undef HAVE_STDLIB_H
 /* Define if strcasecmp is available */
 #undef HAVE_STRCASECMP
 /* Define to 1 if you have the `strerror' function. */
 #undef HAVE_STRERROR
 /* Define if stricmp is available */
 #undef HAVE_STRICMP
 /* Define to 1 if you have the <strings.h> header file. */
 #undef HAVE_STRINGS_H
 /* Define to 1 if you have the <string.h> header file. */
 #undef HAVE_STRING_H
 /* Define to 1 if you have the <stropts.h> header file. */
 #undef HAVE_STROPTS_H
 /* Define to 1 if you have the `sysconf' function. */
 #undef HAVE_SYSCONF
 /* Define to 1 if you have the <sysexits.h> header file. */
 #undef HAVE_SYSEXITS_H
 /* Define to 1 if you have the <sys/audit.h> header file. */
 #undef HAVE_SYS_AUDIT_H
 /* Define to 1 if you have the <sys/ioctl_compat.h> header file. */
 #undef HAVE_SYS_IOCTL_COMPAT_H
 /* Define to 1 if you have the <sys/ioctl.h> header file. */
 #undef HAVE_SYS_IOCTL_H
 /* Define to 1 if you have the <sys/param.h> header file. */
 #undef HAVE_SYS_PARAM_H
 /* Define to 1 if you have the <sys/proc.h> header file. */
 #undef HAVE_SYS_PROC_H
 /* Define to 1 if you have the <sys/resource.h> header file. */
 #undef HAVE_SYS_RESOURCE_H
 /* Define to 1 if you have the <sys/select.h> header file. */
 #undef HAVE_SYS_SELECT_H
 /* Define to 1 if you have the <sys/sockio.h> header file. */
 #undef HAVE_SYS_SOCKIO_H
 /* Define to 1 if you have the <sys/stat.h> header file. */
 #undef HAVE_SYS_STAT_H
 /* Define to 1 if you have the <sys/time.h> header file. */
 #undef HAVE_SYS_TIME_H
 /* Define to 1 if you have the <sys/ttold.h> header file. */
 #undef HAVE_SYS_TTOLD_H
 /* Define to 1 if you have the <sys/types.h> header file. */
 #undef HAVE_SYS_TYPES_H
 /* Define to 1 if you have the <sys/uio.h> header file. */
 #undef HAVE_SYS_UIO_H
 /* Define to 1 if you have the <sys/vlimit.h> header file. */
 #undef HAVE_SYS_VLIMIT_H
 /* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
 #undef HAVE_SYS_WAIT_H
 /* Define to 1 if you have the `tcgetattr' function. */
 #undef HAVE_TCGETATTR
 /* Define to 1 if you have the `tcgetpgrp' function. */
 #undef HAVE_TCGETPGRP
 /* Define to 1 if you have the `tcsendbreak' function. */
 #undef HAVE_TCSENDBREAK
 /* Define to 1 if you have the `tcsetattr' function. */
 #undef HAVE_TCSETATTR
 /* Define to 1 if you have the `tcsetpgrp' function. */
 #undef HAVE_TCSETPGRP
 /* Define to 1 if you have the <ttyent.h> header file. */
 #undef HAVE_TTYENT_H
 /* Define to 1 if you have the <types.h> header file. */
 #undef HAVE_TYPES_H
 /* Define to 1 if you have the <unistd.h> header file. */
 #undef HAVE_UNISTD_H
 /* Define to 1 if you have the `unlockpt' function. */
 #undef HAVE_UNLOCKPT
 /* Define to 1 if you have the <usersec.h> header file. */
 #undef HAVE_USERSEC_H
 /* Define to 1 if you have the <util.h> header file. */
 #undef HAVE_UTIL_H
 /* Logfile path */
 #undef LOGFILEPATH
 /* Hostname of console server */
 #undef MASTERHOST
 /* Number of consoles per child process */
 #undef MAXMEMB
 /* Define to the address where bug reports for this package should be sent. */
 #undef PACKAGE_BUGREPORT
 /* Define to the full name of this package. */
 #undef PACKAGE_NAME
 /* Define to the full name and version of this package. */
 #undef PACKAGE_STRING
 /* Define to the one symbol short name of this package. */
 #undef PACKAGE_TARNAME
 /* Define to the version of this package. */
 #undef PACKAGE_VERSION
 /* Password file path */
 #undef PASSWDFILE
 /* pidfile to write to */
 #undef PIDFILE
 /* Define to 1 if the C compiler supports function prototypes. */
 #undef PROTOTYPES
 /* Define as the return type of signal handlers (`int' or `void'). */
 #undef RETSIGTYPE
 /* Define to 1 if the `setpgrp' function takes no argument. */
 #undef SETPGRP_VOID
 /* Define to 1 if you have the ANSI C header files. */
 #undef STDC_HEADERS
 /* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
 #undef TIME_WITH_SYS_TIME
 /* Defined if we trust reverse DNS */
 #undef TRUST_REVERSE_DNS
 /* use tcp_wrappers libwrap */
 #undef USE_LIBWRAP
 /* Define to 1 if on AIX 3.
   System headers sometimes define this.
   We just want to avoid a redefinition error message.  */
 #ifndef _ALL_SOURCE
 # undef _ALL_SOURCE
 #endif
 /* Define like PROTOTYPES; this can be used by system headers. */
 #undef __PROTOTYPES
 /* Define to empty if `const' does not conform to ANSI C. */
 #undef const
 /* Define to `int' if <sys/types.h> does not define. */
 #undef mode_t
 /* Define to `int' if <sys/types.h> does not define. */
 #undef pid_t
 /* Define if <signal.h> does not define sig_atomic_t */
 #undef sig_atomic_t
--- a/config.sub
+++ b/config.sub
--- a/7930
+++ b/7930
--- a/configure.in
+++ b/configure.in
@ -4,7 +4,6 @@ AH_TEMPLATE([DEFPORT], [Socket used to communicate])
 AH_TEMPLATE([DEFBASEPORT], [Base socket used for secondary channel])
 AH_TEMPLATE([MASTERHOST], [Hostname of console server])
 AH_TEMPLATE([CONFIGFILE], [Config file path])
 AH_TEMPLATE([CLIENTCONFIGFILE], [Client config file path])
 AH_TEMPLATE([PASSWDFILE], [Password file path])
 AH_TEMPLATE([LOGFILEPATH], [Logfile path])
 AH_TEMPLATE([MAXMEMB], [Number of consoles per child process])
@ -14,27 +13,16 @@ AH_TEMPLATE([USE_LIBWRAP], [use tcp_wrappers libwrap])
 dnl AH_TEMPLATE([HAVE_POSIX_REGCOMP], [have POSIX regcomp])
 AH_TEMPLATE([HAVE_PAM], [have PAM support])
 AH_TEMPLATE([HAVE_OPENSSL], [have openssl support])
 AH_TEMPLATE([HAVE_GSSAPI], [have gss-api support])
 AH_TEMPLATE([HAVE_FREEIPMI], [have freeipmi support])
 AH_TEMPLATE([STRIP_REALM], [retry username without @REALM with gss-api authentication])
 AH_TEMPLATE([HAVE_DMALLOC], [have dmalloc support])
 AH_TEMPLATE([HAVE_SA_LEN],[Defined if sa_len member exists in struct sockaddr])
 AH_TEMPLATE([TRUST_REVERSE_DNS],[Defined if we trust reverse DNS])
 AH_TEMPLATE([USE_EXTENDED_MESSAGES],[Defined if we produce extended messages])
 AH_TEMPLATE([USE_UNIX_DOMAIN_SOCKETS],[Defined if we use Unix domain sockets])
 AH_TEMPLATE([USE_IPV6], [Defined if building with IPv6 support])
 AH_TEMPLATE([UDSDIR], [Directory for Unix domain sockets])
 AH_TEMPLATE([FOR_CYCLADES_TS], [Defined if building for a Cyclades TS])
 AH_TEMPLATE([REQ_SERVER_CERT], [Defined if client requires server SSL certificate])
 AH_TEMPLATE([TRUST_UDS_CRED], [Defined if we trust credentials from UDS client])
 dnl ### Normal initialization. ######################################
-AC_INIT([conserver],m4_esyscmd_s([./gen-version number]))
+AC_INIT
 AC_PREREQ(2.69)
 AC_CONFIG_SRCDIR([conserver/main.c])
 AC_CONFIG_HEADER(config.h)
-AC_DEFINE_UNQUOTED(CONFIGINVOCATION, "$0 $*")
+AC_DEFINE_UNQUOTED(CONFIGINVOCATION, "$0 $@")
 dnl ### Set some option defaults. ###################################
 if test -z "$CFLAGS"; then
@ -43,9 +31,6 @@ fi
 MKDIR="mkdir -p -m 755"
 AC_SUBST(MKDIR)
 AC_SUBST(CONSERVER_VERSION, m4_esyscmd_s([./gen-version number]))
 AC_SUBST(CONSERVER_DATE, m4_esyscmd_s([./gen-version date]))
 dnl ### Custom settings. ############################################
 dnl AC_MSG_CHECKING(whether to allow 64bit compilation)
@ -63,7 +48,7 @@ dnl AC_MSG_RESULT($with_64bit)
 AC_MSG_CHECKING(for port number specification)
 AC_ARG_WITH(port,
-	AS_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
+	AC_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(DEFPORT, "conserver")
@ -79,7 +64,7 @@ AC_ARG_WITH(port,
 AC_MSG_CHECKING(for secondary channel base port)
 AC_ARG_WITH(base,
-	AS_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
+	AC_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(DEFBASEPORT, "0")
@ -95,7 +80,7 @@ AC_ARG_WITH(base,
 AC_MSG_CHECKING(for master conserver hostname)
 AC_ARG_WITH(master,
-	AS_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
+	AC_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(MASTERHOST, "console")
@ -109,29 +94,9 @@ AC_ARG_WITH(master,
 	[AC_DEFINE_UNQUOTED(MASTERHOST, "console")
 	AC_MSG_RESULT('console')])
 AC_MSG_CHECKING(for client configuration filename)
 AC_ARG_WITH(ccffile,
 	AS_HELP_STRING([--with-ccffile=CFFILE],[Specify client config filename @<:@SYSCONFDIR/console.cf@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
 		AC_MSG_RESULT('$sysconfdir/console.cf')
 		;;
 	    [[\\/]]* | ?:[[\\/]]* )
 		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, ["$withval"])
 		AC_MSG_RESULT('$withval')
 		;;
 	    *)
 		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/$withval"])
 		AC_MSG_RESULT('$sysconfdir/$withval')
 		;;
 	esac],
 	[AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
 	AC_MSG_RESULT('$sysconfdir/console.cf')])
 AC_MSG_CHECKING(for configuration filename)
 AC_ARG_WITH(cffile,
-	AS_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
+	AC_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/conserver.cf"])
@ -151,7 +116,7 @@ AC_ARG_WITH(cffile,
 AC_MSG_CHECKING(for password filename)
 AC_ARG_WITH(pwdfile,
-	AS_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
+	AC_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/conserver.passwd"])
@ -171,7 +136,7 @@ AC_ARG_WITH(pwdfile,
 AC_MSG_CHECKING(for log filename)
 AC_ARG_WITH(logfile,
-	AS_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
+	AC_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(LOGFILEPATH, "/var/log/conserver")
@ -188,7 +153,7 @@ AC_ARG_WITH(logfile,
 AC_SUBST(PIDFILE)
 AC_MSG_CHECKING(for PID filename)
 AC_ARG_WITH(pidfile,
-	AS_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
+	AC_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
 	[case "$withval" in
 	    yes|no)
 		PIDFILE="/var/run/conserver.pid"
@ -203,7 +168,7 @@ AC_MSG_RESULT('$PIDFILE')
 AC_MSG_CHECKING(for MAXMEMB setting)
 AC_ARG_WITH(maxmemb,
-	AS_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
+	AC_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(MAXMEMB, 16)
@ -225,7 +190,7 @@ AC_ARG_WITH(maxmemb,
 AC_MSG_CHECKING(for connect() timeout)
 AC_ARG_WITH(timeout,
-	AS_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
+	AC_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
 	[if expr "$withval" : '[[0-9]]*$' >/dev/null 2>&1 &&
 	    test "$withval" -gt 0 -a "$withval" -lt 300; then
 		AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, $withval)
@ -239,7 +204,7 @@ AC_ARG_WITH(timeout,
 AC_MSG_CHECKING(whether to trust reverse DNS)
 AC_ARG_WITH(trustrevdns,
-	AS_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
+	AC_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE(TRUST_REVERSE_DNS)
@ -250,48 +215,6 @@ AC_ARG_WITH(trustrevdns,
 		;;
 	esac],[AC_MSG_RESULT(no)])
 AC_MSG_CHECKING(whether to display extended messages)
 AC_ARG_WITH(extmsgs,
 	AS_HELP_STRING([--with-extmsgs],[Produce extended messages]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE(USE_EXTENDED_MESSAGES)
 		AC_MSG_RESULT(yes)
 		;;
 	    *)
 		AC_MSG_RESULT(no)
 		;;
 	esac],[AC_MSG_RESULT(no)])
 use_dash_r=no
 AC_MSG_CHECKING(whether to use -R paths as well as -L)
 AC_ARG_WITH(rpath,
 	AS_HELP_STRING([--with-rpath],[Use -R as well as -L for libraries]),
 	[case "$withval" in
 	    yes|no)
 		AC_MSG_RESULT($withval)
 		use_dash_r=$withval
 		;;
 	    *)
 		AC_MSG_RESULT(no)
 		;;
 	esac],
 	[AC_MSG_RESULT(no)])
 AC_MSG_CHECKING(whether we are building for a Cyclades TS)
 AC_ARG_WITH(cycladests,
 	AS_HELP_STRING([--with-cycladests],[(deprecated - noop) Build for a Cyclades TS]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE(FOR_CYCLADES_TS)
 		AC_MSG_RESULT(yes)
 		;;
 	    *)
 		AC_MSG_RESULT(no)
 		;;
 	esac],[AC_MSG_RESULT(no)])
 dnl ### Check for compiler et al. ###################################
 AC_PROG_CC
 AC_PROG_INSTALL
@ -301,6 +224,7 @@ AC_PROG_MAKE_SET
 dnl ### Compiler characteristics. ##################################
 AC_AIX
 AC_C_CONST
 AC_C_PROTOTYPES
 dnl AC_CHECK_SIZEOF(long)
 dnl if test "$ac_cv_sizeof_long" -gt 4; then
@ -320,7 +244,7 @@ if test "$ac_cv_sys_posix_termios" != "yes"; then
    AC_MSG_ERROR([POSIX termios interface required])
 fi
-AC_CHECK_HEADERS(unistd.h getopt.h sys/vlimit.h sys/resource.h ttyent.h sys/ttold.h sys/uio.h sys/ioctl_compat.h usersec.h sys/select.h stropts.h sys/audit.h shadow.h sys/time.h crypt.h sysexits.h types.h sys/sockio.h sys/param.h sys/un.h)
+AC_CHECK_HEADERS(unistd.h getopt.h sys/vlimit.h sys/resource.h ttyent.h sys/ttold.h sys/uio.h sys/ioctl_compat.h usersec.h sys/select.h stropts.h sys/audit.h shadow.h sys/time.h crypt.h sysexits.h types.h sys/sockio.h sys/param.h)
 dnl sys/proc.h needs sys/param.h on openbsd, apparently
 AC_CHECK_HEADERS(sys/proc.h, [], [],
 [#if HAVE_SYS_PARAM_H
@ -332,8 +256,6 @@ AC_HEADER_SYS_WAIT
 AC_TYPE_MODE_T
 AC_TYPE_SIGNAL
 AC_TYPE_PID_T
 AC_TYPE_SIZE_T
 AC_TYPE_UID_T
 AC_CHECK_TYPE([sig_atomic_t],,
    AC_DEFINE(sig_atomic_t, volatile int,
@ -377,109 +299,13 @@ AC_SEARCH_LIBS(crypt,crypt)
 AC_SUBST(CONSLIBS)
 AC_SUBST(CONSCPPFLAGS)
 AC_SUBST(CONSLDFLAGS)
 AC_MSG_CHECKING(whether to use Unix domain sockets)
 cons_with_uds="NO"
 AC_ARG_WITH(uds,
 	AS_HELP_STRING([--with-uds@<:@=DIR@:>@    ],
 	    [Use Unix domain sockets for client/server communication @<:@/tmp/conserver@:>@]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE_UNQUOTED(UDSDIR, "/tmp/conserver")
 		AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
 		AC_MSG_RESULT([/tmp/conserver])
 		cons_with_uds="YES"
 		;;
 	    no)
 		AC_MSG_RESULT(no)
 		;;
 	    *)
 		AC_DEFINE_UNQUOTED(UDSDIR, "$withval")
 		AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
 		AC_MSG_RESULT('$withval')
 		cons_with_uds="YES"
 		if expr "$withval" : '/' >/dev/null 2>&1; then
 		    :
 		else
 		    echo "*** WARNING *** you may have better success using a fully-qualified path"
 		    echo "*** WARNING *** instead of '$withval'"
 		fi
 		;;
 	esac
 	if test $cons_with_uds = YES; then
 	    AC_MSG_CHECKING(whether to trust UDS credentials)
 	    AC_ARG_WITH(trust-uds-cred,
 		    AS_HELP_STRING([--with-trust-uds-cred],[Trust UDS credentials obtained via socket]),
 		    [case "$withval" in
 			yes)
 			    AC_TRY_COMPILE([#include <sys/types.h>
 				    #include <sys/socket.h>],
 				    [
 struct sockpeercred u;
 u.uid = 0;
 #if !defined(SO_PEERCRED)
 #error "no SO_PEERCRED defined"
 #endif
 				    ],
 				    [AC_MSG_RESULT(yes)
 				     AC_DEFINE(UDS_CRED_STYPE, sockpeercred, [Defined to UDS credential structure name])
 				     AC_DEFINE(UDS_CRED_UID, uid, [Defined to UDS credential structure uid field])
 				     AC_DEFINE(UDS_CRED_SO, SO_PEERCRED, [Defined to UDS credential socket option])
 				     AC_DEFINE(TRUST_UDS_CRED)],
 				    [
 					AC_TRY_COMPILE([#include <sys/types.h>
 						#include <sys/socket.h>],
 						[
 struct ucred u;
 u.euid = 0;
 #if !defined(SO_PEERCRED)
 #error "no SO_PEERCRED defined"
 #endif
 						],
 						[AC_MSG_RESULT(yes)
 						AC_DEFINE(UDS_CRED_STYPE, ucred, [Defined to UDS credential structure name])
 						AC_DEFINE(UDS_CRED_UID, uid, [Defined to UDS credential structure uid field])
 						AC_DEFINE(UDS_CRED_SO, SO_PEERCRED, [Defined to UDS credential socket option])
 						AC_DEFINE(TRUST_UDS_CRED)],
 						[
 							AC_TRY_COMPILE([#include <sys/types.h>
 								#include <sys/socket.h>],
 								[
 struct peercred_struct u;
 u.euid = 0;
 #if !defined(SO_PEERID)
 #error "no SO_PEERID defined"
 #endif
 								],
 								[AC_MSG_RESULT(yes)
 								 AC_DEFINE(UDS_CRED_STYPE, peercred_struct, [Defined to UDS credential structure name])
 								 AC_DEFINE(UDS_CRED_UID, euid, [Defined to UDS credential structure uid field])
 								 AC_DEFINE(UDS_CRED_SO, SO_PEERID, [Defined to UDS credential socket option])
 								 AC_DEFINE(TRUST_UDS_CRED)],
 								[AC_MSG_RESULT(no)]),
 						    ])
 				    ])
 			    ;;
 			*)
 			    AC_MSG_RESULT(no)
 			    ;;
 		    esac],[AC_MSG_RESULT(no)])
 	fi
 	],[AC_MSG_RESULT(no)])
 cons_with_libwrap="NO"
 AC_ARG_WITH(libwrap,
-    AS_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
+    AC_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
 	[Compile in libwrap (tcp_wrappers) support]),
    [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    WRAPCPPFLAGS="-I$withval/include"
 	    if test "$use_dash_r" != "yes"; then
 	    WRAPLDFLAGS="-L$withval/lib"
 	    else
 		WRAPLDFLAGS="-L$withval/lib -R$withval/lib"
 	    fi
 	else
 	    WRAPCPPFLAGS=""
 	    WRAPLDFLAGS=""
@ -500,7 +326,6 @@ AC_ARG_WITH(libwrap,
 		int deny_severity  = 0;
 		],[hosts_access((void *)0)],
 		[AC_MSG_RESULT(yes)
 		 cons_with_libwrap="YES"
 		 AC_DEFINE(USE_LIBWRAP)
 		 CONSLIBS="$CONSLIBS -lwrap"
 		 CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
@ -513,7 +338,6 @@ AC_ARG_WITH(libwrap,
 		    int deny_severity  = 0;
 		    ],[hosts_access((void *)0)],
 		    [AC_MSG_RESULT(yes)
 		     cons_with_libwrap="YES"
 		     AC_DEFINE(USE_LIBWRAP)
 		     CONSLIBS="$CONSLIBS -lwrap -lnsl"
 		     CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
@ -525,18 +349,13 @@ AC_ARG_WITH(libwrap,
    fi]
 )
 cons_with_openssl="NO"
 AC_ARG_WITH(openssl,
-    AS_HELP_STRING([--with-openssl@<:@=PATH@:>@],
+    AC_HELP_STRING([--with-openssl@<:@=PATH@:>@],
 	[Compile in OpenSSL support]),
    [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    OPENSSLCPPFLAGS="-I$withval/include"
 	    if test "$use_dash_r" != "yes"; then
 	    OPENSSLLDFLAGS="-L$withval/lib"
 	    else
 		OPENSSLLDFLAGS="-L$withval/lib -R$withval/lib"
 	    fi
 	else
 	    OPENSSLCPPFLAGS=""
 	    OPENSSLLDFLAGS=""
@ -554,9 +373,8 @@ AC_ARG_WITH(openssl,
 	    [LIBS="$LIBS -lssl -lcrypto"
 	    AC_MSG_CHECKING(for openssl libraries -lssl and -lcrypto)
 	    AC_TRY_LINK([#include <openssl/ssl.h>
-		],[SSL_CTX_new(NULL)],
+		],[SSL_library_init()],
 		[AC_MSG_RESULT(yes)
 		cons_with_openssl="YES"
 		AC_DEFINE(HAVE_OPENSSL)
 		have_openssl=yes],
 		[AC_MSG_RESULT(no)])],)
@ -566,169 +384,16 @@ AC_ARG_WITH(openssl,
 	    CPPFLAGS="$oCPPFLAGS"
 	    LDFLAGS="$oLDFLAGS"
 	fi
 	AC_MSG_CHECKING(whether to require server cert)
 	AC_ARG_WITH(req-server-cert,
 		AS_HELP_STRING([--with-req-server-cert],[Require server SSL certificate by client]),
 		[case "$withval" in
 		    yes)
 			AC_DEFINE(REQ_SERVER_CERT)
 			AC_MSG_RESULT(yes)
 			;;
 		    *)
 			AC_MSG_RESULT(no)
 			;;
 		esac],[AC_MSG_RESULT(no)])
    fi]
 )
 cons_with_gssapi="NO"
 cons_strip_realm="NO"
 AC_ARG_WITH(gssapi,
    AS_HELP_STRING([--with-gssapi@<:@=PATH@:>@],
 	[Compile in GSS-API support]),
    [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    GSSAPICPPFLAGS="-I$withval/include"
 	    if test "$use_dash_r" != "yes"; then
 		GSSAPILDFLAGS="-L$withval/lib"
 	    else
 		GSSAPILDFLAGS="-L$withval/lib -R$withval/lib"
 	    fi
 	else
 	    GSSAPICPPFLAGS=""
 	    GSSAPILDFLAGS=""
 	fi
 	oCPPFLAGS="$CPPFLAGS"
 	oLDFLAGS="$LDFLAGS"
 	oLIBS="$LIBS"
 	have_gssapi=no
 	CPPFLAGS="$CPPFLAGS $GSSAPICPPFLAGS"
 	LDFLAGS="$LDFLAGS $GSSAPILDFLAGS"
 	AC_CHECK_HEADER([gssapi/gssapi.h],
 	    [LIBS="$oLIBS -lgssapi"
 	    AC_MSG_CHECKING(for gssapi library -lgssapi)
 	    AC_TRY_LINK([#include <gssapi/gssapi.h>
 			 #include <stdio.h>
 		],[gss_create_empty_oid_set(NULL, NULL)],
 		[AC_MSG_RESULT(yes)
 		cons_with_gssapi="YES"
 		AC_DEFINE(HAVE_GSSAPI)
 		have_gssapi=yes],
 		[AC_MSG_RESULT(no)
 		LIBS="$oLIBS -lgssglue"
 		AC_MSG_CHECKING(for gssapi library -lgssglue)
 		AC_TRY_LINK([#include <gssapi/gssapi.h>
 			     #include <stdio.h>
 		    ],[gss_create_empty_oid_set(NULL, NULL)],
 		    [AC_MSG_RESULT(yes)
 		    cons_with_gssapi="YES"
 		    AC_DEFINE(HAVE_GSSAPI)
 		    have_gssapi=yes],
 		    [AC_MSG_RESULT(no)
 		    LIBS="$oLIBS -lgss"
 		    AC_MSG_CHECKING(for gssapi library -lgss)
 		    AC_TRY_LINK([#include <gssapi/gssapi.h>
 				 #include <stdio.h>
 			],[gss_create_empty_oid_set(NULL, NULL)],
 			[AC_MSG_RESULT(yes)
 			cons_with_gssapi="YES"
 			AC_DEFINE(HAVE_GSSAPI)
 			have_gssapi=yes],
 			[AC_MSG_RESULT(no)
 			LIBS="$oLIBS -lgssapi_krb5"
 			AC_MSG_CHECKING(for gssapi library -lgssapi_krb5)
 			AC_TRY_LINK([#include <gssapi/gssapi.h>
 			],[gss_create_empty_oid_set(NULL, NULL)],
 			[AC_MSG_RESULT(yes)
 			cons_with_gssapi="YES"
 			AC_DEFINE(HAVE_GSSAPI)
 			have_gssapi=yes],
 			[AC_MSG_RESULT(no)])])])])],)
 	if test $have_gssapi = no; then
 	    LIBS="$oLIBS"
 	    CPPFLAGS="$oCPPFLAGS"
 	    LDFLAGS="$oLDFLAGS"
 	else
 	    AC_MSG_CHECKING(whether to fallback to username without @REALM)
 	    AC_ARG_WITH(striprealm,
 		    AS_HELP_STRING([--with-striprealm],[retry username without @REALM with gss-api authentication]),
 		    [case "$withval" in
 			yes)
 			    AC_DEFINE(STRIP_REALM)
 			    AC_MSG_RESULT(yes)
 			    cons_strip_realm="YES"
 			    ;;
 			*)
 			    AC_MSG_RESULT(no)
 			    ;;
 		    esac],[AC_MSG_RESULT(no)])
 	fi
    fi]
 )
 cons_with_freeipmi="NO"
 AC_ARG_WITH(freeipmi,
    AS_HELP_STRING([--with-freeipmi@<:@=PATH@:>@],
 	[Compile in FreeIPMI support]),
    [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    FREEIPMICPPFLAGS="-I$withval/include"
 	    if test "$use_dash_r" != "yes"; then
 		FREEIPMILDFLAGS="-L$withval/lib"
 	    else
 		FREEIPMILDFLAGS="-L$withval/lib -R$withval/lib"
 	    fi
 	else
 	    FREEIPMICPPFLAGS=""
 	    FREEIPMILDFLAGS=""
 	fi
 	oCPPFLAGS="$CPPFLAGS"
 	oLDFLAGS="$LDFLAGS"
 	oLIBS="$LIBS"
 	have_freeipmi=no
 	CPPFLAGS="$CPPFLAGS $FREEIPMICPPFLAGS"
 	LDFLAGS="$LDFLAGS $FREEIPMILDFLAGS"
 	AC_CHECK_HEADER([ipmiconsole.h],
 	    [LIBS="$LIBS -lipmiconsole"
 	    AC_MSG_CHECKING(for freeipmi libraries -lipmiconsole)
 	    AC_TRY_LINK([#include <ipmiconsole.h>
 		],[ipmiconsole_ctx_fd(0)],
 		[AC_MSG_RESULT(yes)
 		cons_with_freeipmi="YES"
 		AC_DEFINE(HAVE_FREEIPMI)
 		CONSLIBS="$CONSLIBS -lipmiconsole"
 		have_freeipmi=yes],
 		[AC_MSG_RESULT(no)])],)
 	LIBS="$oLIBS"
 	if test $have_freeipmi = no; then
 	    CPPFLAGS="$oCPPFLAGS"
 	    LDFLAGS="$oLDFLAGS"
 	fi
    fi]
 )
 cons_with_dmalloc="NO"
 AC_ARG_WITH(dmalloc,
-    AS_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
+    AC_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
 	[Compile in dmalloc support]),
    [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    DMALLOCCPPFLAGS="-I$withval/include"
 	    if test "$use_dash_r" != "yes"; then
 	    DMALLOCLDFLAGS="-L$withval/lib"
 	    else
 		DMALLOCLDFLAGS="-L$withval/lib -R$withval/lib"
 	    fi
 	else
 	    DMALLOCCPPFLAGS=""
 	    DMALLOCLDFLAGS=""
@ -748,7 +413,6 @@ AC_ARG_WITH(dmalloc,
 	    AC_TRY_LINK([#include <dmalloc.h>
 		],[dmalloc_debug(0)],
 		[AC_MSG_RESULT(yes)
 		cons_with_dmalloc="YES"
 		AC_DEFINE(HAVE_DMALLOC)
 		have_dmalloc=yes],
 		[AC_MSG_RESULT(no)])],)
@ -797,10 +461,9 @@ dnl 	else
 dnl 	    AC_MSG_RESULT(no)
 dnl 	fi],[AC_MSG_RESULT(no)])
 cons_with_pam="NO"
 AC_MSG_CHECKING(for PAM support)
 AC_ARG_WITH(pam,
-    AS_HELP_STRING([--with-pam],
+    AC_HELP_STRING([--with-pam],
 	[Enable PAM support]),
 	[if test "$withval" = yes; then
 	    oLIBS="$LIBS"
@ -810,7 +473,6 @@ AC_ARG_WITH(pam,
 		AC_MSG_CHECKING(for PAM library -lpam)
 		AC_TRY_LINK_FUNC([pam_start],
 		    [AC_MSG_RESULT(yes)
 		    cons_with_pam="YES"
 		    AC_DEFINE(HAVE_PAM)
 		    CONSLIBS="$CONSLIBS -lpam"],
 		    [LIBS="$LIBS -ldl"
@ -818,7 +480,6 @@ AC_ARG_WITH(pam,
 		    AC_MSG_CHECKING(for PAM library -lpam with -ldl)
 		    AC_TRY_LINK_FUNC([pam_end],
 			[AC_MSG_RESULT(yes)
 			cons_with_pam="YES"
 			AC_DEFINE(HAVE_PAM)
 			CONSLIBS="$CONSLIBS -lpam -ldl"],
 			[AC_MSG_RESULT(no)])])],)
@ -828,23 +489,6 @@ AC_ARG_WITH(pam,
 	    AC_MSG_RESULT(no)
 	fi],[AC_MSG_RESULT(no)])
 cons_with_ipv6="NO"
 AC_MSG_CHECKING(whether to support IPv6)
 AC_ARG_WITH(ipv6,
 	AS_HELP_STRING([--with-ipv6],
 	    [(experimental) Use IPv6 for client/server communication]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE(USE_IPV6)
 		AC_MSG_RESULT(yes)
 		cons_with_ipv6="YES"
 		;;
 	    *)
 		AC_MSG_RESULT(no)
 		;;
 	esac],[AC_MSG_RESULT(no)])
 dnl Checks for pty allocation...
 dnl According to the xemacs distribution:
 dnl   getpt()  is the preferred pty allocation method on glibc systems.
@ -860,7 +504,8 @@ AC_CHECK_HEADERS(pty.h libutil.h util.h)
 AC_CHECK_LIB(util, openpty)
 AC_CHECK_FUNCS(openpty)
-AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle gettimeofday strlcpy closefrom nanosleep)
+AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle)
 AC_FUNC_SETPGRP
 AC_CHECK_FUNC(strcasecmp,
 	[AC_DEFINE(HAVE_STRCASECMP, 1, [Define if strcasecmp is available])],
 	[AC_CHECK_FUNC(stricmp,
@ -876,24 +521,4 @@ AC_CHECK_FUNCS(getaudit getaudit_addr)
 dnl ### Create output files. #######################################
 AC_CONFIG_FILES([Makefile conserver/Makefile conserver.cf/Makefile console/Makefile autologin/Makefile contrib/chat/Makefile])
 AC_CONFIG_FILES([conserver/conserver.rc], [chmod +x conserver/conserver.rc])
 AC_CONFIG_FILES([conserver.cf/conserver.cf.man conserver.cf/conserver.passwd.man conserver/conserver.man console/console.man])
 AC_OUTPUT
 [
 echo "=============================================================="
 echo "                      Feature Summary"
 echo ""
 echo "  Unix domain sockets (--with-uds)       : $cons_with_uds"
 echo "         TCP wrappers (--with-libwrap)   : $cons_with_libwrap"
 echo "              OpenSSL (--with-openssl)   : $cons_with_openssl"
 echo "              GSS-API (--with-gssapi)    : $cons_with_gssapi"
 echo "             FreeIPMI (--with-freeipmi)  : $cons_with_freeipmi"
 if [ $cons_with_gssapi = "YES" ]; then
 echo "         strip @REALM (--with-striprealm): $cons_strip_realm"
 fi
 echo "              dmalloc (--with-dmalloc)   : $cons_with_dmalloc"
 echo "          PAM support (--with-pam)       : $cons_with_pam"
 echo "         IPv6 support (--with-ipv6)      : $cons_with_ipv6"
 echo ""
 echo "=============================================================="
 ]
--- a/conserver.cf/INSTALL
+++ b/conserver.cf/INSTALL
@ -1,7 +1,11 @@
 The two files you need to set up are the conserver.cf and conserver.passwd
-files.  See the sample conserver.cf and conserver.passwd files for examples
+files.  See the sample conserver.cf and conserver.passwd files
-(installed in <DATADIR>/examples/conserver).  You can start with those and
+for examples.  You can start with those and then modify extensively.
-then modify extensively.  The man page for conserver.cf and conserver.passwd
+The man page for conserver.cf and conserver.passwd should explain the
-should explain the files with enough detail to get you going.
+files with enough detail to get you going.
 That's about it.  Good luck.
 #
 #  $Id: INSTALL,v 1.3 2003/07/04 18:21:21 bryan Exp $
 #
--- a/conserver.cf/Makefile.in
+++ b/conserver.cf/Makefile.in
@ -1,11 +1,9 @@
 ### Path settings
 datarootdir = @datarootdir@
 srcdir = @srcdir@
 prefix = @prefix@
 mandir = @mandir@
 sysconfdir = @sysconfdir@
-datadir = @datadir@
+exampledir = $(prefix)/share/examples/conserver
 exampledir = $(datadir)/examples/conserver
 ### Installation programs and flags
 INSTALL = @INSTALL@
@ -25,8 +23,8 @@ distclean: clean
 install:
 	$(MKDIR) $(DESTDIR)$(mandir)/man5
-	$(INSTALL) -m 0644 conserver.cf.man $(DESTDIR)$(mandir)/man5/conserver.cf.5
+	$(INSTALL) conserver.cf.man $(DESTDIR)$(mandir)/man5/conserver.cf.5
-	$(INSTALL) -m 0644 conserver.passwd.man $(DESTDIR)$(mandir)/man5/conserver.passwd.5
+	$(INSTALL) conserver.passwd.man $(DESTDIR)$(mandir)/man5/conserver.passwd.5
 	$(MKDIR) $(DESTDIR)$(exampledir)
 	$(INSTALL) -m 0644 conserver.cf $(DESTDIR)$(exampledir)
 	$(INSTALL) -m 0644 conserver.passwd $(DESTDIR)$(exampledir)
--- a/conserver.cf/conserver.cf
+++ b/conserver.cf/conserver.cf
@ -91,10 +91,9 @@ default * {
 default cyclades {
 	# sets up /dev/ttyC0 through /dev/ttyC31, for a 32 port card
 	# referenced as ports 1 through 32
 	type device;
 	device /dev/ttyC.;
-	devicesubst .=Pd;
+	devicesubst ,.d;
 	portbase -1;
 	portinc 1;
 	host none; # not really used, since devicesubst doesn't use it
--- a/conserver.cf/conserver.cf.man
+++ b/conserver.cf/conserver.cf.man
@ -0,0 +1,914 @@
 .\" $Id: conserver.cf.man,v 1.54 2003/12/10 18:33:56 bryan Exp $
 .TH CONSERVER.CF 5 "2003/12/10" "conserver-8.0.9" "conserver"
 .SH NAME
 conserver.cf \- console configuration file for
 .BR conserver (8)
 .SH DESCRIPTION
 The format of the conserver.cf file is made up of named blocks of
 keyword/value pairs, comments, and optional whitespace for formatting
 flexibility.
 The block types as well as the keywords are pre-defined and
 explained in the
 .B \s-1BLOCKS\s0
 section.
 A comment is an unquoted pound-sign
 to a newline.
 See the
 .B \s-1PARSER\s0
 section for full details on whitespace and quoting.
 .PP
 Let me first show you a sample block with a couple of keyword/value
 pairs to make the description a bit simpler to understand.
 .IP
 .ft CR
 .nf
 console simple { master localhost; type exec; rw *; }
 .fi
 .ft
 .PP
 This is actually a fully functional conserver.cf file (if certain
 conditions are met...and if you can list those conditions, you can
 probably can skip to the
 .B \s-1BLOCKS\s0
 section).
 .PP
 Our example is made of up of a console-block named ``simple'' with three
 keyword/value pairs.
 What this does is define a console named ``simple'',
 makes the master of that console the host ``localhost'', makes the type
 an exec-style console, and gives every user read/write permission.
 This is the generic format of the file:
 .IP
 .ft CR
 .nf
 block-type block-name { keyword value; ... }
 .fi
 .ft
 .PP
 To show the addition of comments and whitespace, here is the example
 reformatted (but functionally equivalent):
 .IP
 .ft CR
 .nf
 # define a console named "simple"
 console simple {
    # setting all required values...
    master localhost;
    type exec;  # exec-style console
    rw *;       # allow any username
 }
 .fi
 .ft
 .SH PARSER
 .PP
 The parser has six characters that it considers special.
 These are: ``{'', ``}'', ``;'', ``#'', ``\e'', and ``"''.
 The first three (hereby called tokens) define the format of the
 configuration blocks and are used as word
 separators, the next is the comment character, and the last two are
 quoting characters.
 .PP
 Word separation occurs when the parser encounters an unquoted token
 and, in certain cases, whitespace.
 Whitespace is only used as a word separator when the parser is
 looking for a block-type or keyword.
 When it's looking for a block-name or value, whitespace is like any
 other character, which allows you to embed whitespace in a block-name
 or value without having to quote it.
 Here is an example:
 .IP
 .ft CR
 .nf
 default my defs { rw *; include other defs  ; }
 .fi
 .ft
 .PP
 The block-type is ``default'', the block-name is ``my defs'', and the value
 for the keyword ``include'' is ``other defs''.
 Whitespace around tokens are ignored so you get ``other defs''
 instead of ``other defs  '' as the value.
 .PP
 The only way to use one of the special characters as part of a block-name
 or value is to quote it.
 .PP
 Quoting is a simple matter of prefixing a character with a backslash or
 surrounding a group of characters with double-quotes.
 If a character is prefixed by a backslash, the next character is a
 literal (so ``\e\e'' produces a ``\e'', ``\e"'' produces ``"'', ``\e{''
 produces a ``{'', etc.).
 For double-quoted strings, all characters are literal except for ``\e"'',
 which embeds a double-quote.
 .PP
 Adding a variety of quotes to our example without changing the meaning
 of things, we have:
 .IP
 .ft CR
 .nf
 "defa"ult my\e defs { rw *; in\eclude "other defs"  ; }
 .fi
 .ft
 .SH BLOCKS
 .TP 8
 .B access
 .RI [ " hostname " | " ipaddr " ]
 .br
 Define an access block for the host named
 .I hostname
 or using the address
 .IR ipaddr .
 If the value of ``*'' is used, the access block will be applied to
 all conserver hosts.
 Access lists are used in a first match
 fashion (top down), so order is important.
 .RS
 .TP 15
 .B admin
 .RI "[ [\fB!\fP]" username ,...
 | "" ]
 .br
 Define a list of users making up the admin list for the console server.
 If
 .I username
 matches a previously defined group name, all members of the previous
 group are applied to the admin list (with access reversed if prefixed
 with a `!').
 Otherwise, users will be granted (or denied if prefixed with `!') access.
 If the null string (``""'') is used, any
 users previously defined for the console servers's admin list are removed.
 .TP
 .B allowed
 .IR hostname ", ..."
 .br
 The list of hostnames are added to the ``allowed'' list, which grants
 connections from the hosts but requires username authentication.
 .TP
 .B include
 .I accessgroup
 .br
 The access lists defined using the name
 .I accessgroup
 are applied to the current access block.
 The included access block must be previously defined.
 .TP
 .B rejected
 .IR hostname ", ..."
 .br
 The list of hostnames are added to the ``rejected'' list, which rejects
 connections from the hosts.
 .TP
 .B trusted
 .IR hostname ", ..."
 .br
 The list of hostnames are added to the ``trusted'' list, which grants
 connections from the hosts without username authentication.
 .RE
 .TP 8
 .B break
 .I n
 .br
 Define a break sequence where 0 < 
 .I n
 < 10.
 Break sequences are accessed via the
 .RI ``^El n ''
 client escape sequence.
 .RS
 .TP 15
 .B delay
 .I n
 .br
 Set the time delay for the
 .B \ed
 sequence to
 .I n
 milliseconds.
 The default time delay is 250ms.
 .TP
 .B string
 .I breakseq
 .br
 Assign the string
 .IR breakseq
 to the specified slot
 .IR n .
 A break sequence is a simple character string with the exception of `\e'
 and `^':
 .RS
 .sp
 .PD 0
 .TP 6
 .B \ea
 alert
 .TP
 .B \eb
 backspace
 .TP
 .B \ed
 delay specified by the
 .B delay
 option.
 .TP
 .B \ef
 form-feed
 .TP
 .B \en
 newline
 .TP
 .B \er
 carriage-return
 .TP
 .B \et
 tab
 .TP
 .B \ev
 vertical-tab
 .TP
 .B \ez
 serial break
 .TP
 .B \e\e
 backslash
 .TP
 .B \e^
 circumflex
 .TP
 .BI \e ooo
 octal representation of a character (where
 .I ooo
 is one to three octal digits)
 .TP
 .BI \e c
 character
 .I c
 .TP
 .B ^?
 delete
 .TP
 .BI ^ c
 control character
 .RI ( c
 is ``and''ed with 0x1f)
 .PD
 .RE
 .RE
 .TP 8
 .B config
 .RI [ " hostname " | " ipaddr " ]
 .br
 Define a configuration block for the host named
 .I hostname
 or using the address
 .IR ipaddr .
 If the value of ``*'' is used, the configuration block will be applied to
 all conserver hosts.
 .RS
 .TP 15
 .B defaultaccess
 .RB [ " rejected " | " trusted " | " allowed " ]
 .br
 Set the default access permission for all hosts not matched by
 an access list (see the
 .B \-a
 command-line flag).
 .TP
 .B daemonmode
 .RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
 .br
 Set whether or not to become a daemon when run (see the
 .B \-d
 command-line flag).
 .TP
 .B logfile
 .I filename
 .br
 Set the logfile to write to when in daemon mode (see the
 .B \-L
 command-line flag).
 .TP
 .B passwdfile
 .I filename
 .br
 Set the password file location used for authentication (see the
 .B \-P
 command-line flag).
 .TP
 .B primaryport
 .RI [ " number " | " name " ]
 .br
 Set the port used by the master conserver process (see the
 .B \-p
 command-line flag).
 .TP
 .B redirect
 .RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
 .br
 Turn redirection on or off (see the
 .B \-R
 command-line flag).
 .TP
 .B reinitcheck
 .I number
 .br
 Set the number of seconds used between reinitialization checks (see the
 .B \-O
 command-line flag).
 .TP
 .B secondaryport
 .RI [ " number " | " name " ]
 .br
 Set the base port number used by child processes (see the
 .B \-b
 command-line flag).
 .TP
 .B setproctitle
 .RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
 .br
 Set whether or not the process title shows master/group functionality
 as well as the port number the process is listening on and how many
 consoles it is managing.
 The operating system must support the
 .BR setproctitle ()
 call.
 .TP
 .B sslcredentials
 .I filename
 .br
 Set the
 .SM SSL
 credentials file location (see the
 .B \-c
 command-line flag).
 .TP
 .B sslrequired
 .RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
 .br
 Set whether or not encryption is required when talking to clients (see the
 .B \-E
 command-line flag).
 .TP
 .B unifiedlog
 .I filename
 .br
 Set the location of the unified log to
 .IR filename .
 See the
 .B \-U
 command-line flag for details.
 .RE
 .TP 8
 .B console
 .I name
 .br
 Define a console identified as
 .IR name .
 The keywords are the same as the
 .B default
 block with the following addition.
 .RS
 .TP 15
 .B aliases
 .RI [ " name" ", ..."
 | "" ]
 .br
 Define a list of console aliases.
 If the null string (``""'') is used, any
 aliases previously defined for the console are removed.
 .RE
 .TP 8
 .B default
 .I name
 .br
 Define a block of defaults identified as
 .IR name .
 If 
 .I name
 is ``*'', the automatically applied default block is defined (basically
 all consoles have an implicit ``include "*";'' at the beginning
 of their definition).
 .RS
 .TP 15
 .B baud
 .RB [ " 300 " | " 600 " | " 1800 " | " 2400 " | " 4800"
 .RB | " 9600 " | " 19200 " | " 38400 " | " 57600 " | " 115200 " ]
 .br
 Assign the baud rate to the console.
 Only consoles of type ``device'' will use this value.
 .TP
 .B break
 .I n
 .br
 Assign the break sequence
 .I n
 as the default for the console, which is used by
 the ``^Ecl0'' client escape sequence.
 .TP
 .B device
 .I filename
 .br
 Assign the serial device
 .I filename
 as the access to the console.
 Only consoles of type ``device'' will use this value.
 .TP
 .B devicesubst
 .RI [ " hp" [ n ] "f "
 | "" ]
 .br
 Perform string substitutions on the
 .B device
 value.
 .I h
 is the character in
 .B device
 to replace with the
 .B host
 value and
 .I p
 is the character to replace with the
 .B port
 value.
 The
 .B port
 value will be formatted to at least
 .I n
 characters, padded with 0s if
 .I n
 begins with a 0, and space characters otherwise.
 .I f
 must be either `d' or `x' or `X', specifying a decimal, lower-case
 hexdecimal, or uppercase hexdecimal representation of
 .BR port .
 If the null string (``""'') is used, no replacements will be done.
 .TP
 .B exec
 .RI [ " command "
 | "" ]
 .br
 Assign the string
 .I command
 as the command to access the console.
 Conserver will run the command by
 invoking ``/bin/sh -ce "\fIcommand\fP"''.
 If the null string (``""'') is used or no
 .B exec
 keyword is specified, conserver will use the command ``/bin/sh -i''.
 Only consoles of type ``exec'' will use this value.
 .TP
 .B execsubst
 .RI [ " hp" [ n ] "f "
 | "" ]
 .br
 Perform string substitutions on the
 .B exec
 value.
 .I h
 is the character in
 .B exec
 to replace with the
 .B host
 value and
 .I p
 is the character to replace with the
 .B port
 value.
 The
 .B port
 value will be formatted to at least
 .I n
 characters, padded with 0s if
 .I n
 begins with a 0, and space characters otherwise.
 .I f
 must be either `d' or `x' or `X', specifying a decimal, lower-case
 hexdecimal, or uppercase hexdecimal representation of
 .BR port .
 If the null string (``""'') is used, no replacements will be done.
 .TP
 .B host
 .I hostname
 .br
 Assign
 .I hostname
 as the host to connect to for accessing the console.
 You must also set the
 .B port
 option as well.
 Normally, only consoles of type ``host'' will use this value.
 If the
 .B devicesubst
 or
 .B execsubst
 keywords are used in ``device'' and ``exec'' types, this value is used.
 .TP
 .B idlestring
 .RI [ " string "
 | "" ]
 .br
 Assign the
 .I string
 that is sent to the console once the console is idle for an
 .I idletimeout
 amount of time.
 If the null string (``""'') is used, the string is unset and
 the default is used.
 The string is interpreted just as a
 .B break
 string is interpreted (see the
 .B break
 configuration items for details) where all delays specified (via ``\ed'')
 use the default delay time.
 The default string is ``\en''.
 .TP
 .B idletimeout
 .BR \fInumber\fP [ s | m | h ]
 .br
 Set the idle timeout of the console to
 .I number
 seconds.  If an `s', `m', or `h' is used after
 .IR number ,
 the specified time is interpreted as seconds, minutes, or hours.
 Set the timeout to zero to disable the idle timeout (the default).
 .TP
 .B include
 .I default
 .br
 The default block defined using the name
 .I default
 is applied to the current console or default block.
 The included default block must be previously defined.
 .TP
 .B initcmd
 .RI [ " command "
 | "" ]
 .br
 Invoke
 .I command
 as soon as the console is brought up, redirecting the console
 to stdin, stdout, and stderr of
 .IR command .
 The
 .I command
 is passed as an argument to ``/bin/sh -ce''.
 If the null string (``""'') is used, the command is unset and
 nothing is invoked.
 .TP
 .B logfile
 .RI [ " filename "
 | "" ]
 .br
 Assign the logfile specified by
 .I filename
 to the console.  Any occurrence of ``&'' in
 .I filename
 will be replaced with the name of the console.
 If the null string (``""'') is used, the logfile name is unset and
 no logging will occur.
 .TP
 .B logfilemax
 .BR \fInumber\fP [ k | m ]
 .br
 Enable automatic rotation of
 .B logfile
 once it's size exceeds
 .I number
 bytes.
 Specifying
 .B k
 or
 .B m
 interpret
 .I number
 as kilobytes and megabytes.
 .I number
 must be at least 2048 bytes.
 A value of zero will turn off automatic rotation of
 .BR logfile .
 The
 .B logfile
 .I filename
 will be renamed
 .IR filename -\s-1YYYYMMDD\s0-\s-1HHMMSS\s0,
 where the extension is the current GMT year, month, day, hour,
 minute, and second (to prevent issues with clock rollbacks).
 File sizes are checked every 5 minutes with an additional initial
 pseudo-random delay of up to one minute (to help prevent all processes
 checking all consoles simultaneously).
 2.5% (minimum 100 bytes, maximum 4000 bytes) of the old
 logfile is read from the end of the file.
 All data past the first newline is moved (not copied) to the new logfile
 so that a replay of the console works and starts on a line boundary.
 .TP
 .B master
 .RI [ " hostname " | " ipaddr " ]
 .br
 Define which conserver host manages the console.
 The host may be specified by
 .I hostname
 or using the address
 .IR ipaddr .
 .TP
 .B motd
 .RI [ " message "
 | "" ]
 .br
 Set the "message of the day" for the console to
 .IR message ,
 which gets displayed when a client attaches to the console.
 If the null string (``""'') is used, the MOTD is unset and
 no message will occur.
 .TP
 .B options
 .RI [ " option" ,...
 | "" ]
 .br
 You can negate the option by prefixing it with a
 .RB `` ! ''
 character.
 So, to turn off the
 .B hupcl
 flag, you would use
 .BR !hupcl .
 The following are valid
 .IR option s:
 .RS
 .sp
 .PD 0
 .TP 12
 .B ixon
 Enable
 .SM XON/XOFF
 flow control on output.
 Only consoles of type ``device'' or ``exec'' will use this value.
 Default is
 .BR ixon .
 .TP
 .B ixany
 Enable any character to restart output.
 Only consoles of type ``device'' or ``exec'' will use this value.
 Default is
 .BR !ixany .
 .TP
 .B ixoff
 Enable
 .SM XON/XOFF
 flow control on input.
 Only consoles of type ``device'' or ``exec'' will use this value.
 Default is
 .B ixoff
 for consoles of type ``device'' and
 .B !ixoff
 for consoles of type ``exec''.
 .TP
 .B crtscts
 Enable
 .SM RTS/CTS
 (hardware) flow control.
 Only consoles of type ``device'' will use this value.
 Default is
 .BR !crtscts .
 .TP
 .B cstopb
 Set two stop bits, rather than one.
 Only consoles of type ``device'' will use this value.
 Default is
 .BR !cstopb .
 .TP
 .B hupcl
 Lower modem control lines after last process closes the device (hang up).
 Only consoles of type ``device'' will use this value.
 Default is
 .BR !hupcl .
 .TP
 .B ondemand
 Initialize the console when a client requests a connection to the console.
 When no clients are connected, bring the console down.
 The conserver option
 .B \-i
 will set this flag for all consoles.
 Default is
 .BR !ondemand .
 .TP
 .B striphigh
 Strip the high bit off all data coming from this console and all clients
 connected to this console before processing occurs.
 The conserver option
 .B \-7
 will set this flag for all consoles.
 Default is
 .BR !stiphigh .
 .TP
 .B reinitoncc
 Automatically reinitialize (``bring up'') a downed console when a client
 connects.
 Without this option, a client will be attached to the downed console
 and will need to manually reinitialize the console with an escape sequence.
 The conserver option
 .B \-o
 will set this flag for all consoles.
 Default is
 .BR !reinitoncc .
 .TP
 .B autoreinit
 Allow this console to be automatically reinitialized if it unexpectedly
 goes down.
 If the console doesn't come back up, it is retried every minute.
 A console of type ``exec'' that exits with a zero exit status is
 automatically reinitialized regardless of this setting.
 The conserver option
 .B \-F
 will
 .B unset
 this flag for all consoles.
 Default is
 .BR autoreinit .
 .TP
 .B unloved
 Enable the sending of this console's output (prefixed with it's
 name) to the daemon's stdout (or the logfile if in daemon mode) when no
 clients are connected to the console.
 The conserver option
 .B \-u
 will set this flag for all consoles.
 Default is
 .BR !unloved .
 .PD
 .RE
 .TP
 .B parity
 .RB [ " even " | " mark " | " none " | " odd " | " space " ]
 .br
 Set the parity option for the console.
 Only consoles of type ``device'' will use this value.
 .TP
 .B port
 .RI [ " number " | " name " ]
 .br
 Set the port used to access the console.
 The port may be specified as a
 .I number
 or a
 .IR name .
 A
 .I name
 will cause a
 .BR getservbyname (3)
 call to look up the port number.
 The
 .BR port ,
 .BR portbase ,
 and
 .B portinc
 values are all used to calculate the final port number to connect to.
 The formula used is
 .IR finalport " = "
 .BR portbase " + "
 .BR portinc " * " port .
 By using proper values in the formula, you can reference ports on a
 terminal server by their physical numbering of 1 through
 .IR n .
 You must also set the
 .B host
 option as well.
 Normally, only consoles of type ``host'' will use this value.
 If the
 .B devicesubst
 or
 .B execsubst
 keywords are used in ``device'' and ``exec'' types, this value is used.
 .TP
 .B portbase
 .I number
 .br
 Set the base value for the port calculation formula.
 .I number
 must be -1 or greater.
 The default is zero.
 See
 .B port
 for the details of the formula.
 .TP
 .B portinc
 .I number
 .br
 Set the increment value for the port calculation formula.
 .I number
 must be 1 or greater.
 The default is one.
 See
 .B port
 for the details of the formula.
 .TP
 .B ro
 .RI "[ [\fB!\fP]" username ,...
 | "" ]
 .br
 Define a list of users making up the read-only access list
 for the console.
 If
 .I username
 matches a previously defined group name, all members of the previous
 group are applied to the read-only access list (with access reversed
 if prefixed with a `!').
 Otherwise, users will be granted (or denied if prefixed with `!')
 read-only access.
 If the null string (``""'') is used, any
 users previously defined for the console's read-only list are removed.
 .TP
 .B rw
 .RI "[ [\fB!\fP]" username ,...
 | "" ]
 .br
 Define a list of users making up the read-write access list
 for the console.
 If
 .I username
 matches a previously defined group name, all members of the previous
 group are applied to the read-write access list (with access reversed
 if prefixed with a `!').
 Otherwise, users will be granted (or denied if prefixed with `!')
 read-write access.
 If the null string (``""'') is used, any
 users previously defined for the console's read-write list are removed.
 .TP
 .B timestamp
 [
 .RB [ \fInumber\fP [ m | h | d | l ]][ a ][ b ]
 | "" ]
 .br
 Specifies the time between timestamps applied to the console
 log file and whether to log read/write connection actions.
 The timestamps look like ``[-- MARK -- Mon Jan 25 14:46:56 1999]''.
 The
 .RB ` m ',
 .RB ` h ',
 and
 .RB ` d '
 tags specify ``minutes'' (the default), ``hours'', and ``days''.
 The
 .RB ` l '
 tag specifies ``lines'' and will cause timestamps of the
 form ``[Mon Jan 25 14:46:56 PST 1999]'' to
 be placed every
 .I number
 lines (a newline character signifies a new line).
 So, ``5h'' specifies every five hours and ``2l'' specifies every
 two lines.
 An
 .RB ` a '
 can be specified to add logs of ``attached'', ``detached'',
 and ``bumped'' actions, including the user's name and the host from which the
 client connection was made.
 A
 .RB ` b '
 can be specified to add logging of break sequences sent to the console.
 .TP
 .B type
 .RB [ " device " | " exec " | " host " ]
 .br
 Set the type of console.  The type
 .RB `` device ''
 should be used for local serial ports (also set the
 .B device
 option), the type
 .RB `` exec ''
 should be used for command invocations (perhaps also set the
 .B exec
 option), and the type
 .RB `` host ''
 should be used for terminal servers and other socket-based
 interaction (also set the
 .B host
 and
 .B port
 options).
 .RE
 .TP 8
 .B group
 .I name
 .br
 Define a user group identified as
 .I name
 .RS
 .TP 15
 .B users
 .RI "[ [\fB!\fP]" username ,...
 | "" ]
 .br
 Define a list of users making up the group
 .IR name .
 If
 .I username
 matches a previously defined group name, all members of the previous
 group are applied to the current group (with access reversed
 if prefixed with a `!').
 Otherwise, users will be recorded with (or without if prefixed with `!')
 access.
 If the null string (``""'') is used, any
 users previously defined for this group are removed.
 .RE
 .SH AUTHORS
 Bryan Stansell, conserver.com
 .SH "SEE ALSO"
 .BR console (1),
 .BR conserver.passwd (5),
 .BR conserver (8)
--- a/conserver.cf/conserver.cf.man.in
+++ b/conserver.cf/conserver.cf.man.in
--- a/conserver.cf/conserver.passwd.man.in
+++ b/conserver.cf/conserver.passwd.man.in
@ -1,4 +1,5 @@
-.TH CONSERVER.PASSWD 5 "@CONSERVER_DATE@" "conserver-@CONSERVER_VERSION@" "conserver"
+.\" $Id: conserver.passwd.man,v 1.9 2003/07/04 20:20:52 bryan Exp $
 .TH CONSERVER.PASSWD 5 "2003/07/04" "conserver-8.0.9" "conserver"
 .SH NAME
 conserver.passwd \- user access information for
 .BR conserver (8)
@ -58,8 +59,7 @@ in the system
 If PAM support has been enabled
 .RB ( --with-pam ),
 PAM lookups will be done instead of
-.BR passwd " (or " shadow ") lookups"
+.BR passwd " (or " shadow ") lookups."
 (you may need to edit /etc/pam.conf or create /etc/pam.d/conserver).
 If this field is empty, password checking is bypassed for this user.
 .SH EXAMPLE
 .TP 24
--- a/conserver.cf/label.ps
+++ b/conserver.cf/label.ps
@ -1,4 +1,5 @@
 %!PS-Adobe-2.0 EPSF-1.2
 %%$Id: label.ps,v 1.1 2003/11/04 02:36:26 bryan Exp $
 %%Title: RJ-11
 %%Creator: A Braunsdorf
 %%CreationDate: 
--- a/conserver.cf/samples/average-distributed.cf
+++ b/conserver.cf/samples/average-distributed.cf
@ -48,17 +48,16 @@ default cisco { type host; portbase 2000; portinc 1; }
 default xyplex  { type host; portbase 2000; portinc 100; }
 # this is a cyclades card referenced with /dev/ttyC0 through /dev/ttyC31
 # (referenced as ports 1 through 32 in conserver.cf)
 # we set the various port calculation bits and pattern substitution to
 # come up with a generic definition
 default cyclades { type device; device /dev/ttyC&; baud 9600; parity none;
-		   devicesubst &=Pd; portbase -1; portinc 1; host unused; }
+		   devicesubst .&d; portbase -1; portinc 1; host unused; }
 ## this is a term server accessed with an ssh command
 # it too uses pattern substitution and such to get the job done
 default ciscossh { type exec; portbase 2000; portinc 1;
 		   exec /usr/local/bin/ssh -p P -l tsuser H;
-		   execsubst H=hs,P=Pd; }
+		   execsubst HPd; }
 # ------- set the global default for the first conserver host -------
--- a/conserver.cf/samples/average.cf
+++ b/conserver.cf/samples/average.cf
@ -47,17 +47,16 @@ default cisco { type host; portbase 2000; portinc 1; }
 default xyplex  { type host; portbase 2000; portinc 100; }
 # this is a cyclades card referenced with /dev/ttyC0 through /dev/ttyC31
 # (referenced as ports 1 through 32 in conserver.cf)
 # we set the various port calculation bits and pattern substitution to
 # come up with a generic definition
 default cyclades { type device; device /dev/ttyC&; baud 9600; parity none;
-		   devicesubst &=Pd; portbase -1; portinc 1; host unused; }
+		   devicesubst .&d; portbase -1; portinc 1; host unused; }
 ## this is a term server accessed with an ssh command
 # it too uses pattern substitution and such to get the job done
 default ciscossh { type exec; portbase 2000; portinc 1;
 		   exec /usr/local/bin/ssh -p P -l tsuser H;
-		   execsubst H=hs,P=Pd; }
+		   execsubst HPd; }
 # ------- define the consoles on ts1.conserver.com --------
--- a/conserver.cf/test.cf
+++ b/conserver.cf/test.cf
@ -1,5 +1,7 @@
 # dummy conserver config file
 #
 # $Id: test.cf,v 1.2 2003/07/04 18:04:05 bryan Exp $
 #
 default full {
 	rw *;
 }
--- a/conserver.html
+++ b/conserver.html
@ -0,0 +1,270 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <HTML>
  <HEAD>
    <META name="generator" content=
    "HTML Tidy for Solaris (vers 1st May 2002), see www.w3.org">
    <META name="keywords" content=
    "conserver,serial,console,serial console,unix,tty,ttya,ttyb, rs-232,rs232,bryan stansell,stansell,console server,terminal server,headless">
    <META name="author" content=
    "Bryan Stansell &lt;bryan@conserver.com&gt;">
    <LINK rel="SHORTCUT ICON" href="conserver.ico">
    <TITLE>Conserver</TITLE>
    <STYLE type="text/css">
 body {
  background-color: #EEEEEE;
  color: black;
 }
    </STYLE>
  </HEAD>
  <BODY>
    <TABLE summary="Logo" bgcolor="black" width="100%" align=
    "center">
      <TR>
        <TD align="center"><IMG src="conserver.jpg" alt=
        "Conserver"><BR>
        </TD>
      </TR>
    </TABLE>
    <TABLE summary="Conserver Page" width="80%" align="center">
      <TR>
        <TD colspan="2" align="center">Please pick your closest
        mirror: &nbsp;&nbsp;<A href=
        "http://planetmirror.com/pub/conserver/">Australia</A>
        &nbsp;&nbsp;<A href="http://www.conserver.com/">US
        (Primary)</A><BR>
        <BR>
        </TD>
      </TR>
      <TR>
        <TD>
        <!-- empty cell here, then search box on right spans two rows,
             then we have the text that appears on the left, so things
             appear in the right order so they look right in lynx
        -->
        </TD>
        <TD rowspan="2" align="right">
          <FORM method="post" action=
          "http://www.conserver.com/cgi-bin/htsearch">
            <INPUT type="HIDDEN" name="method" value="and"> <INPUT
            type="HIDDEN" name="format" value="builtin-long">
            <INPUT type="HIDDEN" name="sort" value="score"> <INPUT
            type="HIDDEN" name="config" value="htdig"> <INPUT type=
            "HIDDEN" name="restrict" value=""> <INPUT type="HIDDEN"
            name="exclude" value=""> <INPUT type="TEXT" size="20"
            name="words" value=""> <INPUT type="SUBMIT" value=
            "Search">
          </FORM>
        </TD>
      </TR>
      <TR>
        <TD>
          <H3>What is conserver?</H3>
        </TD>
      </TR>
      <TR>
        <TD colspan="2">
          <P>From an email I once sent...</P>
          <P>Conserver is an application that allows multiple users
          to watch a serial console at the same time. It can log
          the data, allows users to take write-access of a console
          (one at a time), and has a variety of bells and whistles
          to accentuate that basic functionality. The idea is that
          conserver will log all your serial traffic so you can go
          back and review why something crashed, look at changes
          (if done on the console), or tie the console logs into a
          monitoring system (just watch the logfiles it creates).
          With multi-user capabilities you can work on equipment
          with others, mentor, train, etc. It also does all that
          client-server stuff so that, assuming you have a network
          connection, you can interact with any of the equipment
          from home or wherever.</P>
          <H3>The FAQ</H3>
          Here's the conserver <A href="FAQ">FAQ</A>. Got any
          additions? Let me know. 
          <H3>Mailing Lists</H3>
          <P>There are currently two mailing lists available. <A
          href=
          "mailto:announce@conserver.com">announce@conserver.com</A>
          is an announcement-only mailing list for informing of new
          versions, major developments, etc. <A href=
          "mailto:users@conserver.com">users@conserver.com</A> is
          for general Q&amp;A, discussions, ideas, etc. for
          conserver users. You can sign up by sending a message to
          <A href=
          "mailto:announce-request@conserver.com">announce-request@conserver.com</A>
          or <A href=
          "mailto:users-request@conserver.com">users-request@conserver.com</A>
          with a subject of "subscribe" or head over to the online
          <A href="https://www.conserver.com/mailman/listinfo">web
          pages</A>.</P>
          <H3>Origin</H3>
          <P>The console server software found here is a heavily
          modified version originally written by <A href=
          "http://hea-www.harvard.edu/~fine/">Tom Fine</A> (<A
          href=
          "mailto:fine@head-cfa.harvard.edu">fine@head-cfa.harvard.edu</A>)
          at <A href="http://www.ohio-state.edu/">Ohio State</A>
          and then Kevin S Braunsdorf (<A href=
          "mailto:ksb+conserver@sa.fedex.com">ksb+conserver@sa.fedex.com</A>)
          at <A href="http://www.purdue.edu/">Purdue
          University</A>. Patches from Robert Olson (<A href=
          "mailto:olson@mcs.anl.gov">olson@mcs.anl.gov</A>) at <A
          href="http://www.anl.gov/">Argonne National
          Laboratory</A> were then applied to get network console
          support.</P>
          <P>Arnold de Leon (<A href=
          "mailto:arnold@corp.webtv.net">arnold@corp.webtv.net</A>)
          then fixed various bugs and added enhancements while at
          <A href="http://www.synopsys.com/">Synopsys</A>. I then
          took the result, continued fixing things, and added
          features we found useful.</P>
          <P><A href="http://www.gnac.com/">GNAC</A> (Global
          Networking and Computing - currently <A href=
          "http://www.certaintysolutions.com/">Certainty
          Solutions</A>) has been supporting my coding efforts (in
          too many ways to list) since 1996.</P>
          <H3>The conserver.com Distribution</H3>
          <P>The result is a combination of many people's work.
          This version is being released in hopes that it will help
          others. There is no warranty or support implied by the
          distribution of the software.</P>
          <P>So, what the heck is up with all the different
          conserver versions? Well, the original authors are
          continuing to distribute their own threads of the
          software so you have three main threads (as far as I
          know). First, there's Tom Fine's thread at <A href=
          "http://hea-www.harvard.edu/~fine/Tech/console-server.html">
          http://hea-www.harvard.edu/~fine/Tech/console-server.html</A>.
          He isn't actively developing it, however, according to
          the website. Next, there's Kevin Braunsdorf's version at
          <A href=
          "ftp://ftp.physics.purdue.edu/pub/pundits/">ftp://ftp.physics.purdue.edu/pub/pundits/</A>.
          Kevin is semi-actively working on his thread. Doesn't
          look like any new versions have been out since August
          2000 (version 8.5), but maybe this info will be out of
          date by the time you read this. Lastly, the conserver.com
          version is based on Kevin's "5.21-Beta" distribution, but
          since <B>HEAVILY</B> modified and enhanced (more details
          in the "Origin" section above).</P>
          <P>If I were looking for a conserver package I would
          either use Kevin's latest distribution or the
          conserver.com distribution. Which one? Well, obviously
          I'm biased and believe the conserver.com distribution
          should be your choice, but Kevin's does have UPS (serial
          port line toggling bits) that the conserver.com version
          doesn't have. What does the conserver.com distribution
          have? Well, in reality, too many things to list. You'll
          have to look at the <A href="CHANGES">CHANGES</A> file
          and see the enhancements, bug fixes, and general
          development since the original. Don't let the version
          numbers fool you - you'll have to compare and contrast
          for yourself.</P>
          <H3>Downloading</H3>
          <P>The current version, released on Dec 10, 2003, is <A
          href="8.0.9.tar.gz">8.0.9.tar.gz</A>. You can get it via
          <A href=
          "ftp://ftp.conserver.com/conserver/8.0.9.tar.gz">FTP</A>
          or <A href="8.0.9.tar.gz">HTTP</A>. See the <A href=
          "CHANGES">CHANGES</A> file for information on the latest
          updates.</P>
          <P>As of version 6.1.7, the packaging and numbering
          scheme has changed. I used to package conserver as
          conserver-GNAC-v.vv. Since <A href=
          "http://www.gnac.com/">GNAC</A> (now <A href=
          "http://www.certaintysolutions.com/">Certainty
          Solutions</A>) has changed its name I've decided to drop
          the GNAC portion and use a three-digit version number
          (conserver-v.v.v). Why change the version numbering? I
          need to differentiate this thread of the code from the
          original authors' and I couldn't come up with a good
          replacement for the GNAC name - sad, but true.</P>
          <H3>Installation</H3>
          <P>Check the <A href="INSTALL">INSTALL</A> file for
          instructions.</P>
          <H3>Systems Tested</H3>
          <P>Here's a list of systems that I've been told can
          successfully compile conserver. If anyone has more to add
          to this list (or something on the list doesn't work any
          more), please let me know.</P>
          <UL>
            <LI>AIX 4.3.3/5.1/5.2, native cc</LI>
            <LI>BSDI BSD/OS 3.X, gcc</LI>
            <LI>Cygwin (w2k),gcc 2.95.3</LI>
            <LI>DEC Tru64 4.0, gcc</LI>
            <LI>DEC Tru64 4.0/5.1, native cc</LI>
            <LI>FreeBSD 4.2/4.8/5.1 (x86), gcc</LI>
            <LI>HP-UX 10.20, gcc</LI>
            <LI>HP-UX 11.10 parisc and ia64, native cc</LI>
            <LI>Irix 6.15, native cc</LI>
            <LI>Linux 2.2.18 (x86), gcc</LI>
            <LI>Linux 2.4.2 (x86), gcc</LI>
            <LI>Linux ia64, native gcc</LI>
            <LI>Linux RedHat 6.2 and 7.2 (x86), native gcc</LI>
            <LI>MacOS X, native gcc</LI>
            <LI>Solaris 2.5.1 thru 9 (sparc/x86), gcc</LI>
            <LI>Solaris 7/8, native cc</LI>
          </UL>
          <H3>Other Good Information</H3>
          <P>Zonker Harris has fabulous documents regarding the
          hookup of consoles to terminal servers and other such
          devices. His <A href="consoles/">Greater Scroll of
          Console Knowledge</A> is a great place to start.</P>
          <HR noshade>
          <ADDRESS>
            Bryan Stansell (<A href=
            "mailto:bryan@conserver.com">bryan@conserver.com</A>)<BR>
          </ADDRESS>
        </TD>
      </TR>
    </TABLE>
  </BODY>
 </HTML>
--- a/conserver/Makefile.in
+++ b/conserver/Makefile.in
@ -1,17 +1,12 @@
 ### Path settings
 datarootdir = @datarootdir@
 srcdir = @srcdir@
 VPATH = @srcdir@
 top_srcdir = @top_srcdir@
 prefix = @prefix@
 exec_prefix = @exec_prefix@
 sbindir = @sbindir@
 sysconfdir = @sysconfdir@
 mandir = @mandir@
-datadir = @datadir@
+exampledir = $(prefix)/share/examples/conserver
 libdir = @libdir@
 pkglibdir = $(libdir)/conserver
 exampledir = $(datadir)/examples/conserver
 ### Installation programs and flags
 INSTALL = @INSTALL@
@ -64,10 +59,8 @@ install: conserver
 	$(MKDIR) $(DESTDIR)$(sbindir)
 	$(INSTALL_PROGRAM) conserver $(DESTDIR)$(sbindir)
 	$(MKDIR) $(DESTDIR)$(mandir)/man8
-	$(INSTALL) -m 0644 conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
+	$(INSTALL) conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
 	$(MKDIR) $(DESTDIR)$(exampledir)
 	$(INSTALL) conserver.rc $(DESTDIR)$(exampledir)
 	$(MKDIR) $(DESTDIR)$(pkglibdir)
 	$(INSTALL) convert $(DESTDIR)$(pkglibdir)/convert
 .PHONY: clean distclean install
--- a/conserver/Sun-serial
+++ b/conserver/Sun-serial
@ -1,3 +1,5 @@
 # $Id: Sun-serial,v 1.1 2003/11/04 02:36:25 bryan Exp $
 If you are going to be hooking Sun consoles to your console server, you
 will run into a problem:  The sun will halt whenever the cable is unplugged.
 It will also halt when the the console server is powered off and on.  To
--- a/conserver/access.c
+++ b/conserver/access.c
@ -1,4 +1,6 @@
 /*
 *  $Id: access.c,v 5.71 2003/11/20 13:56:38 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -42,12 +44,6 @@
 #include <readcfg.h>
 #include <main.h>
 #if USE_IPV6
 # include <net/if.h>
 # include <ifaddrs.h>
 # include <sys/socket.h>
 # include <netdb.h>
 #endif
 /* Compare an Internet address (IPv4 expected), with an address pattern
 * passed as a character string representing an address in the Internet
@ -62,7 +58,13 @@
 * Returns 0 if the addresses match, else returns 1.
 */
 int
 #if PROTOTYPES
 AddrCmp(struct in_addr *addr, char *pattern)
 #else
 AddrCmp(addr, pattern)
    struct in_addr *addr;
    char *pattern;
 #endif
 {
    in_addr_t hostaddr, pattern_addr, netmask;
    char *p, *slash_posn;
@ -123,83 +125,28 @@ AddrCmp(struct in_addr *addr, char *pattern)
 /* return the access type for a given host entry			(ksb)
 */
 char
-AccType(INADDR_STYPE *addr, char **peername)
+#if PROTOTYPES
 AccType(struct in_addr *addr, char **peername)
 #else
 AccType(addr, peername)
    struct in_addr *addr;
    char **peername;
 #endif
 {
    ACCESS *pACtmp;
    socklen_t so;
    char ret;
 #if USE_IPV6
    int error;
    char host[NI_MAXHOST];
    char ipaddr[NI_MAXHOST];
 #else
    struct hostent *he = (struct hostent *)0;
    int a;
    char ret;
 #if TRUST_REVERSE_DNS
    char **revNames = (char **)0;
 #endif
    CONDDEBUG((1, "AccType(): ip=%s", inet_ntoa(*addr)));
 #endif /* USE_IPV6 */
    ret = config->defaultaccess;
    so = sizeof(*addr);
 #if USE_IPV6
    /*
     * XXX where is the TRUST_REVERSE_DNS support for IPv6???
     *
     * XXX IPv4 should use getnameinfo() et al as well
     * (if available, they are in IEEE Std 1003.1g-2000)
     */
    error =
 	getnameinfo((struct sockaddr *)addr, so, ipaddr, sizeof(ipaddr),
 		    NULL, 0, NI_NUMERICHOST);
    if (error) {
 	Error("AccType(): getnameinfo failed: %s", gai_strerror(error));
 	goto common_ret;
    }
    CONDDEBUG((1, "AccType(): ip=%s (%s)", ipaddr,
 	       addr->ss_family == AF_UNSPEC ? "AF_UNSPEC" : 
 	       addr->ss_family == AF_LOCAL ? "AF_LOCAL" : 
 	       addr->ss_family == AF_INET ? "AF_INET" : 
 	       addr->ss_family == AF_INET6 ? "AF_INET6" : "IF_???"));
    error =
 	getnameinfo((struct sockaddr *)addr, so, host, sizeof(host), NULL,
 		    0, 0);
    if (!error)
 	CONDDEBUG((1, "AccType(): host=%s", host));
    for (pACtmp = pACList; pACtmp != (ACCESS *)0; pACtmp = pACtmp->pACnext) {
 	CONDDEBUG((1, "AccType(): who=%s, trust=%c", pACtmp->pcwho,
 		   pACtmp->ctrust));
 	if (addr->ss_family == AF_INET && pACtmp->isCIDR != 0) {
 	    if (AddrCmp
 		(&(((struct sockaddr_in *)addr)->sin_addr),
 		 pACtmp->pcwho) == 0) {
 		ret = pACtmp->ctrust;
 		goto common_ret;
 	    }
 	    continue;
 	}
 	if (strstr(ipaddr, pACtmp->pcwho) != NULL) {
 	    CONDDEBUG((1, "AccType(): match for ip=%s", ipaddr));
 	    ret = pACtmp->ctrust;
 	    goto common_ret;
 	}
 	if (!error && strstr(host, pACtmp->pcwho) != NULL) {
 	    CONDDEBUG((1, "AccType(): match for host=%s", host));
 	    ret = pACtmp->ctrust;
 	    goto common_ret;
 	}
    }
  common_ret:
    if (config->loghostnames == FLAGTRUE && !error)
 	*peername = StrDup(host);
 #else  /* !USE_IPV6 */
 #if TRUST_REVERSE_DNS
    /* if we trust reverse dns, we get the names associated with
     * the address we're checking and then check each of those
@ -224,8 +171,7 @@ AccType(INADDR_STYPE *addr, char **peername)
 		     hname = he->h_aliases[a++]) {
 		    if ((revNames[a] = StrDup(hname)) == (char *)0)
 			break;
-		    CONDDEBUG((1, "AccType(): revNames[%d]='%s'", a,
+		    CONDDEBUG((1,"AccType(): revNames[%d]='%s'", a, hname));
 			       hname));
 		}
 	    }
 	}
@ -322,82 +268,29 @@ AccType(INADDR_STYPE *addr, char **peername)
 	free(revNames);
    }
 #endif
 #endif /* USE_IPV6 */
    return ret;
 }
 void
-SetDefAccess(
+#if PROTOTYPES
-#if USE_IPV6
+SetDefAccess(struct in_addr *pAddr, char *pHost)
 		void
 #else
-		struct in_addr *pAddr, char *pHost
+SetDefAccess(pAddr, pHost)
    struct in_addr *pAddr;
    char *pHost;
 #endif
    )
 {
-    ACCESS *a;
+    char *pcDomain;
 #if USE_IPV6
    int error;
    char addr[NI_MAXHOST];
    struct ifaddrs *myAddrs, *ifa;
 #endif /* USE_IPV6 */
    while (pACList != (ACCESS *)0) {
 	a = pACList->pACnext;
 	DestroyAccessList(pACList);
 	pACList = a;
    }
 #if USE_IPV6
    /* get list of all addresses on system */
    error = getifaddrs(&myAddrs);
    if (error) {
 	Error("SetDefAccess(): getifaddrs: %s", strerror(errno));
 	return;
    }
    for (ifa = myAddrs; ifa != NULL; ifa = ifa->ifa_next) {
 	/* skip interfaces without address or in down state */
 	if (ifa->ifa_addr == NULL || !(ifa->ifa_flags & IFF_UP))
 	    continue;
 	error =
 	    getnameinfo(ifa->ifa_addr, sizeof(struct sockaddr_storage),
 			addr, sizeof(addr), NULL, 0, NI_NUMERICHOST);
 	if (error)
 	    continue;
 	if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
 	    OutOfMem();
 	if ((a->pcwho = StrDup(addr)) == (char *)0)
 	    OutOfMem();
 	a->ctrust = config->defaultaccess;
 	a->pACnext = pACList;
 	pACList = a;
 	CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
 		   pACList->pcwho));
    }
    freeifaddrs(myAddrs);
 #elif USE_UNIX_DOMAIN_SOCKETS
    if ((pACList = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
 	OutOfMem();
    if ((pACList->pcwho = StrDup("127.0.0.1")) == (char *)0)
 	OutOfMem();
    pACList->ctrust = config->defaultaccess;
    CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
 	       pACList->pcwho));
 #else
    while (pAddr->s_addr != (in_addr_t) 0) {
    char *addr;
    ACCESS *a;
    while (pAddr->s_addr != (in_addr_t) 0) {
 	addr = inet_ntoa(*pAddr);
 	if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
 	    OutOfMem();
 	if ((a->pcwho = StrDup(addr)) == (char *)0)
 	    OutOfMem();
-	a->ctrust = config->defaultaccess;
+	a->ctrust = 'a';
 	a->pACnext = pACList;
 	pACList = a;
@ -405,11 +298,30 @@ SetDefAccess(
 		   pACList->pcwho));
 	pAddr++;
    }
-#endif
+
    if ((char *)0 == (pcDomain = strchr(pHost, '.')))
 	return;
    ++pcDomain;
    if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
 	OutOfMem();
    if ((a->pcwho = StrDup(pcDomain)) == (char *)0)
 	OutOfMem();
    a->ctrust = 'a';
    a->pACnext = pACList;
    pACList = a;
    CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
 	       pACList->pcwho));
 }
 void
 #if PROTOTYPES
 DestroyAccessList(ACCESS *pACList)
 #else
 DestroyAccessList(pACList)
    ACCESS *pACList;
 #endif
 {
    if (pACList == (ACCESS *)0)
 	return;
--- a/conserver/access.h
+++ b/conserver/access.h
@ -1,4 +1,6 @@
 /*
 *  $Id: access.h,v 5.26 2003/08/10 18:11:20 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -42,12 +44,6 @@ typedef struct access {
    struct access *pACnext;	/* next access list                     */
 } ACCESS;
-extern char AccType(INADDR_STYPE *, char **);
+extern char AccType PARAMS((struct in_addr *, char **));
-extern void SetDefAccess(
+extern void SetDefAccess PARAMS((struct in_addr *, char *));
-#if USE_IPV6
+extern void DestroyAccessList PARAMS((ACCESS *));
 			    void
 #else
 			    struct in_addr *, char *
 #endif
    );
 extern void DestroyAccessList(ACCESS *);
--- a/conserver/client.c
+++ b/conserver/client.c
@ -1,4 +1,6 @@
 /*
 *  $Id: client.c,v 5.79 2003/11/28 23:36:02 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -39,12 +41,6 @@
 #include <access.h>
 #include <client.h>
 #include <group.h>
 #include <readcfg.h>
 #if USE_IPV6
 # include <sys/socket.h>
 # include <netdb.h>
 #endif /* USE_IPV6 */
 #if defined(USE_LIBWRAP)
 #include <syslog.h>
@ -57,171 +53,214 @@ int deny_severity = LOG_WARNING;
 /* find the next guy who wants to write on the console			(ksb)
 */
 void
 #if PROTOTYPES
 FindWrite(CONSENT *pCE)
 #else
 FindWrite(pCE)
    CONSENT *pCE;
 #endif
 {
    CONSCLIENT *pCLfound = (CONSCLIENT *)0;
    CONSCLIENT *pCL;
-    /* make the first guy (last on the list) to have the `want write' bit set
+    /* make the first guy to have the `want write' bit set the writer
-     * the writer (tell him of the promotion, too)  we could look for the most
+     * (tell him of the promotion, too)  we could look for the
-     * recent or some such... I guess it doesn't matter that much.
+     * most recent or some such... I guess it doesn't matter that
     * much.
     */
-    if (pCE->pCLwr != (CONSCLIENT *)0 || pCE->fronly)
+    if (pCE->pCLwr != (CONSCLIENT *)0 || pCE->fronly ||
 	!(pCE->fup && pCE->ioState == ISNORMAL &&
 	  pCE->initfile == (CONSFILE *)0))
 	return;
    for (pCL = pCE->pCLon; (CONSCLIENT *)0 != pCL; pCL = pCL->pCLnext) {
-	if (pCL->fwantwr && !pCL->fro)
+	if (!pCL->fwantwr || pCL->fro)
-	    pCLfound = pCL;
+	    continue;
-    }
+	pCL->fwantwr = 0;
-
+	pCL->fwr = 1;
    if (pCLfound != (CONSCLIENT *)0) {
 	pCLfound->fwantwr = 0;
 	pCLfound->fwr = 1;
 	if (pCE->nolog) {
-	    FileWrite(pCLfound->fd, FLAGFALSE,
+	    FileWrite(pCL->fd, FLAGFALSE, "\r\n[attached (nologging)]\r\n",
-		      "\r\n[attached (nologging)]\r\n", -1);
+		      -1);
 	} else {
-	    FileWrite(pCLfound->fd, FLAGFALSE, "\r\n[attached]\r\n", -1);
+	    FileWrite(pCL->fd, FLAGFALSE, "\r\n[attached]\r\n", -1);
 	}
-	TagLogfileAct(pCE, "%s attached", pCLfound->acid->string);
+	TagLogfileAct(pCE, "%s attached", pCL->acid->string);
-	pCE->pCLwr = pCLfound;
+	pCE->pCLwr = pCL;
    }
 }
 void
 BumpClient(CONSENT *pCE, char *message)
 {
    if ((CONSCLIENT *)0 == pCE->pCLwr)
 	return;
-
+    }
    if ((char *)0 != message)
 	FileWrite(pCE->pCLwr->fd, FLAGFALSE, message, -1);
    pCE->pCLwr->fwantwr = 0;
    pCE->pCLwr->fwr = 0;
    pCE->pCLwr = (CONSCLIENT *)0;
 }
-/* replay last 'back' lines of the log file upon connect to console	(ksb)
+/* replay last iBack lines of the log file upon connect to console	(ksb)
 *
 * NB: we know the console might be spewing when the replay happens,
 * we want to just output what is in the log file and get out,
 * so we don't drop chars...
 */
 #define REPLAYBUFFER 4096
 void
-Replay(CONSENT *pCE, CONSFILE *fdOut, unsigned short back)
+#if PROTOTYPES
 Replay(CONSENT *pCE, CONSFILE *fdOut, int iBack)
 #else
 Replay(pCE, fdOut, iBack)
    CONSENT *pCE;
    CONSFILE *fdOut;
    int iBack;
 #endif
 {
    CONSFILE *fdLog = (CONSFILE *)0;
    STRING *line = (STRING *)0;
    off_t file_pos;
    off_t buf_pos;
-    char *buf = (char *)0;
+    char *buf;
    char *bp = (char *)0;
    char *s;
    int r;
    int ch;
    struct stat stLog;
    struct lines {
 	int is_mark;
 	STRING *line;
 	STRING *mark_end;
    } *lines;
    int n_lines;
    int ln;
-    int was_mark = 0;
+    int i;
    int j;
    int u;
    int is_mark;
    char dummy[4];
 #if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
    unsigned long dmallocMarkReplay = 0;
 #endif
-    if (pCE != (CONSENT *)0 && pCE->logfile != (char *)0)
+    if (pCE != (CONSENT *)0) {
 	fdLog = pCE->fdlog;
 	/* no logfile and down and logfile defined?  try and open it */
 	if (fdLog == (CONSFILE *)0 && !pCE->fup &&
 	    pCE->logfile != (char *)0)
 	    fdLog = FileOpen(pCE->logfile, O_RDONLY, 0644);
    }
    if (fdLog == (CONSFILE *)0) {
 	FileWrite(fdOut, FLAGFALSE, "[no log file on this console]\r\n",
 		  -1);
 	return;
    }
    /* find the size of the file
     */
    if (0 != FileStat(fdLog, &stLog)) {
 	return;
    }
 #if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
    dmallocMarkReplay = dmalloc_mark();
 #endif
-    /* find the size of the file
+    file_pos = stLog.st_size - 1;
     */
    if (0 != FileStat(fdLog, &stLog))
 	goto common_exit;
    file_pos = stLog.st_size - 1;	/* point at last byte */
    buf_pos = file_pos + 1;
-    if ((char *)0 == (buf = malloc(REPLAYBUFFER)))
+    /* get space for the line information and initialize it
     *
     * we allocate room for one more line than requested to be able to
     * do the mark ranges
     */
    if ((char *)0 == (buf = malloc(BUFSIZ))) {
 	OutOfMem();
-    bp = buf + 1;		/* just give it something - it resets below */
+    }
-
+    n_lines = iBack + 1;
-    line = AllocString();
+    lines = (struct lines *)calloc(n_lines, sizeof(*lines));
    if ((struct lines *)0 == lines) {
 	OutOfMem();
    }
    for (i = 0; i < n_lines; i++) {
 	lines[i].mark_end = AllocString();
 	lines[i].line = AllocString();
    }
    ln = -1;
    /* loop as long as there is data in the file or we have not found
     * the requested number of lines
     */
-    ln = -1;
+    while (file_pos >= 0) {
    for (; file_pos >= 0; file_pos--, bp--) {
 	if (file_pos < buf_pos) {
 	    int r;
 	    /* read one buffer worth of data a buffer boundary
 	     *
 	     * the first read will probably not get a full buffer but
 	     * the rest (as we work our way back in the file) should be
 	     */
-	    buf_pos = (file_pos / REPLAYBUFFER) * REPLAYBUFFER;
+	    buf_pos = (file_pos / BUFSIZ) * BUFSIZ;
 	    if (FileSeek(fdLog, buf_pos, SEEK_SET) < 0) {
 		goto common_exit;
 	    }
-	    if ((r = FileRead(fdLog, buf, REPLAYBUFFER)) < 0) {
+	    if ((r = FileRead(fdLog, buf, BUFSIZ)) < 0) {
 		goto common_exit;
 	    }
-	    bp = buf + r - 1;
+	    bp = buf + r;
 	}
 	/* process the next character
 	 */
-	if ((ch = *bp) == '\n') {
+	--file_pos;
 	if ((ch = *--bp) == '\n') {
 	    if (ln >= 0) {
 		int i;
 		int u;
 		int is_mark = 0;
 		/* reverse the text to put it in forward order
 		 */
-		u = line->used - 1;
+		u = lines[ln].line->used - 1;
 		for (i = 0; i < u / 2; i++) {
 		    int temp;
-		    temp = line->string[i];
+		    temp = lines[ln].line->string[i];
-		    line->string[i] = line->string[u - i - 1];
+		    lines[ln].line->string[i]
-		    line->string[u - i - 1] = temp;
+			= lines[ln].line->string[u - i - 1];
 		    lines[ln].line->string[u - i - 1] = temp;
 		}
 		/* see if this line is a MARK
 		 */
-		if (line->used > 0 && line->string[0] == '[') {
+		if (lines[ln].line->used > 0 &&
-		    char dummy[4];
+		    lines[ln].line->string[0] == '[') {
-		    int j;
+		    i = sscanf(lines[ln].line->string + 1,
 		    i = sscanf(line->string + 1,
 			       "-- MARK -- %3c %3c %d %d:%d:%d %d]\r\n",
 			       dummy, dummy, &j, &j, &j, &j, &j);
 		    is_mark = (i == 7);
 		} else {
 		    is_mark = 0;
 		}
 		/* process this line
 		 */
-		if (is_mark && was_mark) {
+		if (is_mark && ln > 0 && lines[ln - 1].is_mark) {
 		    /* this is a mark and the previous line is also
-		     * a mark, so reduce the line count 'cause it'll
+		     * a mark, so make (or continue) that range
 		     * go up by one and we're joining them on output.
 		     */
 		    if (0 == lines[ln - 1].mark_end->allocated) {
 			/* this is a new range - shuffle pointers
 			 *
 			 * remember that we are moving backward
 			 */
 			*(lines[ln - 1].mark_end) = *(lines[ln - 1].line);
 			InitString(lines[ln - 1].line);
 		    }
 		    /* if unallocated, cheat and shuffle pointers */
 		    if (0 == lines[ln - 1].line->allocated) {
 			*(lines[ln - 1].line) = *(lines[ln].line);
 			InitString(lines[ln].line);
 		    } else {
 			BuildString((char *)0, lines[ln - 1].line);
 			BuildStringN(lines[ln].line->string,
 				     lines[ln].line->used - 1,
 				     lines[ln - 1].line);
 			BuildString((char *)0, lines[ln].line);
 		    }
 		    ln--;
 		}
-		was_mark = is_mark;
+		lines[ln].is_mark = is_mark;
 	    }
 	    /* advance to the next line and break if we have enough
 	     */
 	    ln++;
-	    BuildString((char *)0, line);
+	    if (ln >= n_lines - 1) {
 	    if (ln >= back) {
 		break;
 	    }
 	}
@ -232,122 +271,91 @@ Replay(CONSENT *pCE, CONSFILE *fdOut, unsigned short back)
 	if (ln < 0) {
 	    ln = 0;
 	}
-	BuildStringChar(ch, line);
+	BuildStringChar(ch, lines[ln].line);
 	/* if we've processed "a lot" of data for a line, then bail
 	 * why?  there must be some very long non-newline terminated
 	 * strings and if we just keep going back, we could spew lots
 	 * of data and chew up lots of memory
 	 */
-	if (line->used > MAXREPLAYLINELEN) {
+	if (lines[ln].line->used > MAXREPLAYLINELEN) {
 	    break;
 	}
    }
    free(buf);
    buf = (char *)0;
-    /* move forward.  either we hit the beginning of the file and we
+    /* if we got back to beginning of file but saw some data, include it
     * move to the first byte, or we hit a \n and we move past it
     */
-    file_pos++;
+    if (ln >= 0 && lines[ln].line->used > 0) {
-    /* Now output the lines, starting from where we stopped */
+	/* reverse the text to put it in forward order
-    if (FileSeek(fdLog, file_pos, SEEK_SET) >= 0) {
+	 */
-	int eof = 0;
+	u = lines[ln].line->used - 1;
-	int i = 0;
+	for (i = 0; i < u / 2; i++) {
-	int r = 0;
+	    int temp;
 	STRING *mark_beg = (STRING *)0;
 	STRING *mark_end = (STRING *)0;
-	mark_beg = AllocString();
+	    temp = lines[ln].line->string[i];
-	mark_end = AllocString();
+	    lines[ln].line->string[i]
-
+		= lines[ln].line->string[u - i - 1];
-	ln = 0;			/* number of lines output */
+	    lines[ln].line->string[u - i - 1] = temp;
-	BuildString((char *)0, line);
+	}
-
+	ln++;
 	while (ln < back && !eof) {
 	    if (r <= 0) {
 		if ((r = FileRead(fdLog, buf, REPLAYBUFFER)) < 0)
 		    eof = 1;
 		i = 0;
    }
-	    if (!eof)
+    /* copy the lines into the buffer and put them in order
-		BuildStringChar(buf[i], line);
+     */
    for (i = ln - 1; i >= 0; i--) {
 	if (lines[i].is_mark && 0 != lines[i].mark_end->used) {
 	    int mark_len;
-	    if (buf[i] == '\n' || eof) {
+	    /* output the start of the range, stopping at the ']'
-		int is_mark = 0;
+	     */
-		if (line->used > 0 && line->string[0] == '[') {
+	    s = strrchr(lines[i].line->string, ']');
-		    char dummy[4];
+	    if ((char *)0 != s) {
 		    int j;
 		    int i;
 		    i = sscanf(line->string + 1,
 			       "-- MARK -- %3c %3c %d %d:%d:%d %d]\r\n",
 			       dummy, dummy, &j, &j, &j, &j, &j);
 		    is_mark = (i == 7);
 		}
 		if (is_mark) {
 		    if (mark_beg->used > 1) {
 			BuildString((char *)0, mark_end);
 			BuildString(line->string, mark_end);
 		    } else
 			BuildString(line->string, mark_beg);
 		} else {
 		    if (mark_beg->used > 1) {
 			if (mark_end->used > 1) {
 			    char *s;
 			    /* output the start of the range, stopping at the ']' */
 			    s = strrchr(mark_beg->string, ']');
 			    if ((char *)0 != s)
 		*s = '\000';
-			    FileWrite(fdOut, FLAGTRUE, mark_beg->string,
+	    }
-				      -1);
+	    FileWrite(fdOut, FLAGTRUE, lines[i].line->string,
 		      lines[i].line->used - 1);
 	    FileWrite(fdOut, FLAGTRUE, " .. ", 4);
 	    /* build the end string by removing the leading "[-- MARK -- "
 	     * and replacing "]\r\n" on the end with " -- MARK --]\r\n"
 	     */
-			    s = strrchr(mark_end->string, ']');
+	    mark_len = sizeof("[-- MARK -- ") - 1;
 			    if ((char *)0 != s)
 				*s = '\000';
 			    FileWrite(fdOut, FLAGTRUE,
 				      mark_end->string +
 				      sizeof("[-- MARK -- ") - 1, -1);
 			    FileWrite(fdOut, FLAGFALSE, " -- MARK --]\r\n",
 				      -1);
 			} else {
 			    FileWrite(fdOut, FLAGFALSE, mark_beg->string,
 				      mark_beg->used - 1);
 			}
 			BuildString((char *)0, mark_beg);
 			BuildString((char *)0, mark_end);
 			ln++;
 			if (ln >= back)
 			    break;
 		    }
 		    FileWrite(fdOut, FLAGFALSE, line->string,
 			      line->used - 1);
 		    ln++;
 		}
 		BuildString((char *)0, line);
 	    }
-	    /* move the counters */
+	    s = strrchr(lines[i].mark_end->string + mark_len, ']');
-	    i++;
+	    if ((char *)0 != s) {
-	    r--;
+		*s = '\000';
 	    }
-	DestroyString(mark_end);
+	    FileWrite(fdOut, FLAGTRUE,
-	DestroyString(mark_beg);
+		      lines[i].mark_end->string + mark_len, -1);
 	    FileWrite(fdOut, FLAGFALSE, " -- MARK --]\r\n", -1);
 	    u = lines[i].mark_end->used;
 	    s = lines[i].mark_end->string;
 	} else
 	    FileWrite(fdOut, FLAGFALSE, lines[i].line->string,
 		      lines[i].line->used - 1);
    }
  common_exit:
-    if (line != (STRING *)0)
+    /* if we opened the logfile, close it */
-	DestroyString(line);
+    if (fdLog != pCE->fdlog)
    if (buf != (char *)0)
 	free(buf);
    if (fdLog != (CONSFILE *)0)
 	FileClose(&fdLog);
    if ((struct lines *)0 != lines) {
 	for (i = 0; i < n_lines; i++) {
 	    DestroyString(lines[i].mark_end);
 	    DestroyString(lines[i].line);
 	}
 	free(lines);
 	lines = (struct lines *)0;
    }
    if ((char *)0 != buf) {
 	free(buf);
 	buf = (char *)0;
    }
 #if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
    CONDDEBUG((1, "Replay(): dmalloc / MarkReplay"));
    dmalloc_log_changed(dmallocMarkReplay, 1, 0, 1);
@ -359,9 +367,9 @@ Replay(CONSENT *pCE, CONSFILE *fdOut, unsigned short back)
 */
 #define WHEN_SPY	0x01
 #define WHEN_ATTACH	0x02
-#define WHEN_EXPERT	0x04	/* ZZZ no way to set his yet    */
+#define WHEN_VT100	0x04
 #define WHEN_EXPERT	0x08	/* ZZZ no way to set his yet    */
 #define WHEN_ALWAYS	0x40
 #define IS_LIMITED	0x100
 #define HALFLINE	40
@ -372,7 +380,6 @@ typedef struct HLnode {
 static HELP aHLTable[] = {
    {WHEN_ALWAYS, ".    disconnect"},
    {WHEN_ALWAYS | IS_LIMITED, ";       move to another console"},
    {WHEN_ALWAYS, "a    attach read/write"},
    {WHEN_ALWAYS, "b    send broadcast message"},
    {WHEN_ATTACH, "c    toggle flow control"},
@ -384,32 +391,39 @@ static HELP aHLTable[] = {
    {WHEN_ATTACH, "L    toggle logging on/off"},
    {WHEN_ATTACH, "l?   break sequence list"},
    {WHEN_ATTACH, "l0   send break per config file"},
-    {WHEN_ATTACH, "l1-9a-z send specific break sequence"},
+    {WHEN_ATTACH, "l1-9 send specific break sequence"},
-    {WHEN_ALWAYS, "m       display message of the day"},
+    {WHEN_ALWAYS, "m    display the message of the day"},
    {WHEN_ALWAYS, "n       write a note to the logfile"},
    {WHEN_ALWAYS, "o    (re)open the tty and log file"},
-    {WHEN_ALWAYS, "p       playback the last %hu lines"},
+    {WHEN_ALWAYS, "p    replay the last 60 lines"},
-    {WHEN_ALWAYS, "P       set number of playback lines"},
+    {WHEN_ALWAYS, "r    replay the last 20 lines"},
-    {WHEN_ALWAYS, "r       replay the last %hu lines"},
+    {WHEN_ATTACH, "s    spy read only"},
    {WHEN_ALWAYS, "R       set number of replay lines"},
    {WHEN_ATTACH, "s       spy mode (read only)"},
    {WHEN_ALWAYS, "u    show host status"},
    {WHEN_ALWAYS, "v    show version info"},
    {WHEN_ALWAYS, "w    who is on this console"},
    {WHEN_ALWAYS, "x    show console baud info"},
-    {WHEN_ALWAYS | IS_LIMITED, "z       suspend the connection"},
+    {WHEN_ALWAYS, "z    suspend the connection"},
-    {WHEN_ATTACH, "!       invoke task"},
+    {WHEN_ATTACH, "|    attach local command"},
    {WHEN_ATTACH | IS_LIMITED, "|       attach local command"},
    {WHEN_ALWAYS, "?       print this message"},
    {WHEN_ALWAYS, "<cr> ignore/abort command"},
    {WHEN_ALWAYS, "?    print this message"},
    {WHEN_ALWAYS, "^R   replay the last line"},
    {WHEN_ATTACH, "\\ooo send character by octal code"},
    {WHEN_EXPERT, "^I   toggle tab expansion"},
    {WHEN_EXPERT, "+(-) do (not) drop line"},
    {WHEN_VT100, "PF1  print this message"},
    {WHEN_VT100, "PF2  disconnect"},
    {WHEN_VT100, "PF3  replay the last 20 lines"},
    {WHEN_VT100, "PF4  spy read only"}
 };
 /* list the commands we know for the user				(ksb)
 */
 void
 #if PROTOTYPES
 HelpUser(CONSCLIENT *pCL)
 #else
 HelpUser(pCL)
    CONSCLIENT *pCL;
 #endif
 {
    int i, j, iCmp;
    static char
@ -427,33 +441,21 @@ HelpUser(CONSCLIENT *pCL)
    } else {
 	FileWrite(pCL->fd, FLAGTRUE, acH2, sizeof(acH2) - 1);
    }
    if ('\033' == pCL->ic[0] && 'O' == pCL->ic[1]) {
 	iCmp |= WHEN_VT100;
    }
    BuildString((char *)0, acLine);
    for (i = 0; i < sizeof(aHLTable) / sizeof(HELP); ++i) {
-	char *text;
+	if (0 == (aHLTable[i].iwhen & iCmp)) {
 	if (aHLTable[i].iwhen & IS_LIMITED &&
 	    ConsentUserOk(pLUList, pCL->username->string) == 1)
 	    continue;
 	if (0 == (aHLTable[i].iwhen & iCmp))
 	    continue;
 	text = aHLTable[i].actext;
 	if (text[0] == 'p') {
 	    BuildTmpString((char *)0);
 	    text = BuildTmpStringPrint(text, pCL->playback);
 	} else if (text[0] == 'r') {
 	    BuildTmpString((char *)0);
 	    text = BuildTmpStringPrint(text, pCL->replay);
 	}
 	if (acLine->used != 0) {	/* second part of line */
-	    if (strlen(text) < HALFLINE) {
+	    if (strlen(aHLTable[i].actext) < HALFLINE) {
 		for (j = acLine->used; j <= HALFLINE; ++j) {
 		    BuildStringChar(' ', acLine);
 		}
-		BuildString(text, acLine);
+		BuildString(aHLTable[i].actext, acLine);
 		BuildString(acEoln, acLine);
 		FileWrite(pCL->fd, FLAGTRUE, acLine->string,
 			  acLine->used - 1);
@ -468,7 +470,7 @@ HelpUser(CONSCLIENT *pCL)
 	}
 	if (acLine->used == 0) {	/* at new line */
 	    BuildStringChar(' ', acLine);
-	    BuildString(text, acLine);
+	    BuildString(aHLTable[i].actext, acLine);
 	    if (acLine->used > HALFLINE) {
 		BuildString(acEoln, acLine);
 		FileWrite(pCL->fd, FLAGTRUE, acLine->string,
@ -485,19 +487,18 @@ HelpUser(CONSCLIENT *pCL)
 }
 int
 #if PROTOTYPES
 ClientAccessOk(CONSCLIENT *pCL)
 #else
 ClientAccessOk(pCL)
    CONSCLIENT *pCL;
 #endif
 {
    char *peername = (char *)0;
    int retval = 1;
 #if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
    socklen_t so;
    int cfd;
-# if USE_IPV6
+    struct sockaddr_in in_port;
-    int error;
+    int retval = 1;
    char addr[NI_MAXHOST];
 # endif
    SOCKADDR_STYPE in_port;
    int getpeer = -1;
    cfd = FileFDNum(pCL->fd);
@ -505,7 +506,6 @@ ClientAccessOk(CONSCLIENT *pCL)
 #if defined(USE_LIBWRAP)
    {
 	struct request_info request;
 	CONDDEBUG((1, "ClientAccessOk(): doing tcpwrappers check"));
 	request_init(&request, RQ_DAEMON, progname, RQ_FILE, cfd, 0);
 	fromhost(&request);
 	if (!hosts_access(&request)) {
@ -524,64 +524,22 @@ ClientAccessOk(CONSCLIENT *pCL)
 	retval = 0;
 	goto setpeer;
    }
-    pCL->caccess = AccType(
+    pCL->caccess = AccType(&in_port.sin_addr, &peername);
 # if USE_IPV6
 			      &in_port,
 # else
 			      &in_port.sin_addr,
 # endif
 			      &peername);
    if (pCL->caccess == 'r') {
 	FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
 		  -1);
 	retval = 0;
    }
  setpeer:
 #else
    struct in_addr addr;
 # if HAVE_INET_ATON
    inet_aton("127.0.0.1", &addr);
 # else
    addr.s_addr = inet_addr("127.0.0.1");
 # endif
    pCL->caccess = AccType(&addr, &peername);
    if (pCL->caccess == 'r') {
 	FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
 		  -1);
 	retval = 0;
    }
 #endif
    if (pCL->peername != (STRING *)0) {
 	BuildString((char *)0, pCL->peername);
 	if (peername != (char *)0)
 	    BuildString(peername, pCL->peername);
 #if USE_IPV6
 	else if (getpeer != -1) {
 	    error =
 		getnameinfo((struct sockaddr *)&in_port, so, addr,
 			    sizeof(addr), NULL, 0, NI_NUMERICHOST);
 	    if (error) {
 		FileWrite(pCL->fd, FLAGFALSE, "getnameinfo failed\r\n",
 			  -1);
 		Error("ClientAccessOk(): gatenameinfo: %s",
 		      gai_strerror(error));
 		retval = 0;
 	    }
 	    BuildString(addr, pCL->peername);
 	} else
 	    BuildString("<unknown>", pCL->peername);
 #elif USE_UNIX_DOMAIN_SOCKETS
 	else
 	    BuildString("127.0.0.1", pCL->peername);
 #else
 	else if (getpeer != -1)
 	    BuildString(inet_ntoa(in_port.sin_addr), pCL->peername);
 	else
 	    BuildString("<unknown>", pCL->peername);
 #endif
    }
    if (peername != (char *)0)
 	free(peername);
--- a/conserver/client.h
+++ b/conserver/client.h
@ -1,4 +1,6 @@
 /*
 *  $Id: client.h,v 5.35 2003/11/28 15:55:34 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -45,13 +47,7 @@ typedef enum clientState {
    S_PASSWD,			/* still needs a passwd to connect         */
    S_QUOTE,			/* send any character we can spell         */
    S_BCAST,			/* send a broadcast message to all clients */
-    S_CWAIT,			/* wait for client                         */
+    S_CWAIT			/* wait for client                         */
    S_CEXEC,			/* client execing a program                */
    S_REPLAY,			/* set replay length for 'r'               */
    S_PLAYBACK,			/* set replay length for 'p'               */
    S_NOTE,			/* send a note to the logfile              */
    S_TASK,			/* invoke a task on the server side        */
    S_CONFIRM			/* confirm input                           */
 } CLIENTSTATE;
 typedef struct client {		/* Connection Information:              */
@ -61,7 +57,6 @@ typedef struct client {		/* Connection Information:              */
    short fwantwr;		/* (client) wants to write              */
    short fro;			/* read-only permission                 */
    short fecho;		/* echo commands (not set by machines)  */
    short fiwait;		/* client wanting for console init      */
    STRING *acid;		/* login and location of client         */
    STRING *peername;		/* location of client                   */
    STRING *username;		/* login of client                      */
@ -78,22 +73,17 @@ typedef struct client {		/* Connection Information:              */
     *pCLnext;			/* next person on this list             */
    /* next lists link clients on a console */
    char ic[2];			/* two character escape sequence        */
    unsigned short replay;	/* lines to replay for 'r'              */
    unsigned short playback;	/* lines to replay for 'p'              */
    CLIENTSTATE iState;		/* state for fsm in server              */
    char caccess;		/* did we trust the remote machine      */
    IOSTATE ioState;		/* state of the socket                  */
    time_t stateTimer;		/* timer for various ioState states */
    STRING *accmd;		/* the command the user issued          */
-    INADDR_STYPE cnct_port;	/* where from                           */
+    STRING *msg;		/* the broadcast message                */
-    FLAG confirmed;		/* confirm state                        */
+    struct sockaddr_in
-    CLIENTSTATE cState;		/* state needing confirmation           */
+      cnct_port;		/* where from                           */
    char cOption;		/* option initiating the confirmation   */
    size_t tokenSize;		/* buffer size for GSSAPI token         */
 } CONSCLIENT;
-extern void Replay(CONSENT *, CONSFILE *, unsigned short);
+extern void Replay PARAMS((CONSENT *, CONSFILE *, int));
-extern void HelpUser(CONSCLIENT *);
+extern void HelpUser PARAMS((CONSCLIENT *));
-extern void FindWrite(CONSENT *);
+extern void FindWrite PARAMS((CONSENT *));
-extern int ClientAccessOk(CONSCLIENT *);
+extern int ClientAccessOk PARAMS((CONSCLIENT *));
 extern void BumpClient(CONSENT *, char *);
--- a/conserver/consent.c
+++ b/conserver/consent.c
--- a/conserver/consent.h
+++ b/conserver/consent.h
@ -1,4 +1,6 @@
 /*
 *  $Id: consent.h,v 5.53 2003/11/28 23:36:02 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -50,24 +52,12 @@ typedef struct parity {		/* a parity bits table                  */
 } PARITY;
 typedef enum consType {
-    UNKNOWNTYPE = 0,
+    UNKNOWN = 0,
    DEVICE,
    EXEC,
-    HOST,
+    HOST
    NOOP,
    UDS,
 #if HAVE_FREEIPMI
    IPMI,
 #endif
 } CONSTYPE;
 #if HAVE_FREEIPMI
 # define IPMIL_UNKNOWN  (0)
 # define IPMIL_USER     (IPMICONSOLE_PRIVILEGE_USER+1)
 # define IPMIL_OPERATOR (IPMICONSOLE_PRIVILEGE_OPERATOR+1)
 # define IPMIL_ADMIN    (IPMICONSOLE_PRIVILEGE_ADMIN+1)
 #endif
 typedef struct names {
    char *name;
    struct names *next;
@ -99,63 +89,35 @@ typedef struct consent {	/* console information                  */
    FLAG ixoff;			/* XON/XOFF flow control on input       */
 #if defined(CRTSCTS)
    FLAG crtscts;		/* use hardware flow control            */
 #endif
 #if HAVE_FREEIPMI
    /* type == IPMI */
    int ipmiprivlevel;		/* IPMI authentication level            */
    ipmiconsole_ctx_t ipmictx;	/* IPMI ctx                             */
    unsigned int ipmiworkaround;	/* IPMI workaround flags                */
    short ipmiwrkset;		/* workaround flags set in config       */
    int ipmiciphersuite;	/* IPMI cipher suite                    */
    char *username;		/* Username to log as                   */
    char *password;		/* Login Password                       */
    STRING *ipmikg;		/* IPMI k_g auth key                    */
 #endif
    /* type == HOST */
    char *host;			/* hostname                             */
-    unsigned short netport;	/* final port    | netport = portbase + */
+    unsigned short port;	/* port number      socket = portbase + */
-    unsigned short port;	/* port number   |      portinc * port  */
+    unsigned short portbase;	/* port base             portinc * port */
    unsigned short portbase;	/* port base                            */
    unsigned short portinc;	/* port increment                       */
    FLAG raw;			/* raw or telnet protocol?              */
    /* type == EXEC */
    char *exec;			/* exec command                         */
    char *execsubst;		/* exec substitution pattern            */
    uid_t execuid;		/* user to run exec as                  */
    gid_t execgid;		/* group to run exec as                 */
    /* type == UDS */
    char *uds;			/* socket file                          */
    char *udssubst;		/* socket file substitution pattern     */
    /* global stuff */
    char *master;		/* master hostname                      */
-    unsigned short breakNum;	/* break type [1-35]                    */
+    unsigned short breakNum;	/* break type [1-9]                     */
    char *logfile;		/* logfile                              */
    off_t logfilemax;		/* size limit for rolling logfile       */
    char *initcmd;		/* initcmd command                      */
    char *initsubst;		/* initcmd substitution pattern         */
    uid_t inituid;		/* user to run initcmd as               */
    gid_t initgid;		/* group to run initcmd as              */
    char *motd;			/* motd                                 */
    time_t idletimeout;		/* idle timeout                         */
    char *idlestring;		/* string to print when idle            */
    unsigned short spinmax;	/* initialization spin maximum          */
    unsigned short spintimer;	/* initialization spin timer            */
    char *replstring;		/* generic string for replacements      */
    char *tasklist;		/* list of valid tasks                  */
    char *breaklist;		/* list of valid break sequences        */
    /* timestamp stuff */
    int mark;			/* Mark (chime) interval                */
    long nextMark;		/* Next mark (chime) time               */
    FLAG activitylog;		/* log attach/detach/bump               */
    FLAG breaklog;		/* log breaks sent                      */
    FLAG tasklog;		/* log tasks invoked                    */
    /* options */
    FLAG ondemand;		/* bring up on-demand                   */
    FLAG reinitoncc;		/* open if down on client connect       */
    FLAG striphigh;		/* strip high-bit of console data       */
    FLAG autoreinit;		/* auto-reinitialize if failed          */
    FLAG unloved;		/* copy "unloved" data to stdout        */
    FLAG login;			/* allow logins to the console          */
    /*** runtime settings ***/
    CONSFILE *fdlog;		/* the local log file                   */
@ -165,26 +127,16 @@ typedef struct consent {	/* console information                  */
    pid_t ipid;			/* pid of virtual command               */
    pid_t initpid;		/* pid of initcmd command               */
    CONSFILE *initfile;		/* the command run on init              */
    pid_t taskpid;		/* pid of task running                  */
    CONSFILE *taskfile;		/* the output from the task (read-only) */
    STRING *wbuf;		/* write() buffer                       */
    int wbufIAC;		/* next IAC location in wbuf            */
    IOSTATE ioState;		/* state of the socket                  */
    time_t stateTimer;		/* timer for ioState states             */
    time_t lastWrite;		/* time of last data sent to console    */
 #if HAVE_GETTIMEOFDAY
    struct timeval lastInit;	/* time of last initialization          */
 #else
    time_t lastInit;		/* time of last initialization          */
 #endif
    unsigned short spincount;	/* initialization spin counter          */
    /*** state information ***/
    char acline[132 * 2 + 2];	/* max chars we will call a line        */
    int iend;			/* length of data stored in acline      */
    int telnetState;		/* state for telnet negotiations        */
    FLAG sentDoEcho;		/* have we sent telnet DO ECHO cmd?     */
    FLAG sentDoSGA;		/* have we sent telnet DO SGA cmd?      */
    unsigned short autoReUp;	/* is it coming back up automatically?  */
    FLAG downHard;		/* did it go down unexpectedly?         */
    unsigned short nolog;	/* don't log output                     */
@ -207,13 +159,11 @@ typedef struct remote {		/* console at another host              */
    NAMES *aliases;		/* aliases for remote server name       */
 } REMOTE;
-extern PARITY *FindParity(char *);
+extern PARITY *FindParity PARAMS((char *));
-extern BAUD *FindBaud(char *);
+extern BAUD *FindBaud PARAMS((char *));
-extern void ConsInit(CONSENT *);
+extern void ConsInit PARAMS((CONSENT *));
-extern void ConsDown(CONSENT *, FLAG, FLAG);
+extern void ConsDown PARAMS((CONSENT *, FLAG, FLAG));
-extern REMOTE *FindUniq(REMOTE *);
+extern REMOTE *FindUniq PARAMS((REMOTE *));
-extern void DestroyRemoteConsole(REMOTE *);
+extern void DestroyRemoteConsole PARAMS((REMOTE *));
-extern void StartInit(CONSENT *);
+extern void StartInit PARAMS((CONSENT *));
-extern void StopInit(CONSENT *);
+extern void StopInit PARAMS((CONSENT *));
 extern char *ConsState(CONSENT *);
 extern void SetupTty(CONSENT *, int);
--- a/conserver/conserver.man.in
+++ b/conserver/conserver.man.in
@ -1,4 +1,6 @@
-.TH CONSERVER 8 "@CONSERVER_DATE@" "conserver-@CONSERVER_VERSION@" "conserver"
+.\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine
 .\" $Id: conserver.man,v 1.40 2003/11/10 15:37:24 bryan Exp $
 .TH CONSERVER 8 "2003/11/10" "conserver-8.0.9" "conserver"
 .SH NAME
 conserver \- console server daemon
 .SH SYNOPSIS
@ -9,7 +11,7 @@ conserver \- console server daemon
 .RB [ \-m
 .IR max ]
 .RB [ \-M
-.IR master ]
+.IR addr ]
 .RB [ \-p
 .IR port ]
 .RB [ \-b
@ -31,36 +33,24 @@ conserver \- console server daemon
 is the daemon that manages
 remote access to system consoles by multiple users via the
 .BR console (1)
-client program and (optionally) log the console output.
+client program and logs all console output.
-It can connect to consoles via local serial ports, Unix domain sockets, TCP
+It can connect to consoles via local serial ports, terminal
-sockets (for terminal servers and the like), or any external program.
+servers that allow network access, or to any external program.
 .PP
 When started,
 .B conserver
-reads the
+reads its
 .BR conserver.cf (5)
-file for details of each console.
+file for details of each console it should manage,
-The console type, logging options, serial or network parameters, and user access
+including serial port or network parameters and logging options.
-levels are just a few of the things that can be specified.
+(Also, in environments where multiple servers share a cf file,
-Command-line options are then applied, possibly overriding
+any server is able to refer clients to the particular server
-.BR conserver.cf (5)
+managing a requested console, so that the client need not have
-settings.
+knowledge of the distribution of consoles among servers.)
 .B Conserver
 categorizes consoles into two types: those it should actively manage, and
 those it should just know about, so it can refer clients to other
 .B conserver
 instances.
 If the
 .B master
 value of a console matches the hostname or ip address of the local machine,
 .B conserver
 will actively manage the console.
 Otherwise, it's considered a ``remote'' console and managed by a different
 server.
 .B Conserver
 forks a child for each group of consoles it must manage
 and assigns each process a port number to listen on.
-The maximum number of consoles managed by each child process is set using the
+The maximum number of consoles managed by each child process is set using
 .B \-m
 option.
 The
@ -86,31 +76,14 @@ the
 .BR conserver.cf (5)
 access list.
 .PP
 When Unix domain sockets are used between the client and
 server (enabled using
 .BR --with-uds ),
 authentication checks are done on the hardcoded address ``127.0.0.1''.
 Automatic client redirection is also disabled (as if the
 .B \-R
 option was used) since the client cannot communicate with remote servers.
 The directory used to hold the sockets is checked to make sure it's empty
 when the server starts.
 The server will
 .B not
 remove any files in the directory itself, just in case the directory is
 accidentally specified as ``/etc'' or some other critical location.
 The server will do its best to remove all the sockets when it shuts down,
 but it could stop ungracefully (crash, ``kill -9'', etc)
 and leave files behind.
 It would then be up to the admin (or a creative startup script) to clean
 up the directory before the server will start again.
 .PP
 .B Conserver
 completely controls any connection to a console.
 All escape sequences given by the user to
 .B console
 are passed to the server without interpretation.
-The server recognizes and processes all escape sequences.
+The server recognizes and processes all escape sequences,
 The suspend sequence is recognized by the server and sent back to the
 client as a TCP out-of-band command, which the client processes.
 .PP
 The
 .B conserver
@ -244,7 +217,7 @@ option.
 .B \-d
 Become a daemon.
 Disconnects from the controlling terminal and sends
-all output (including any debug output) to the logfile (see
+all output to the logfile (see
 .BR \-L ).
 .TP
 .B \-D
@ -298,21 +271,11 @@ may be changed at compile time using the
 .B --with-maxmemb
 option.
 .TP
-.BI \-M master
+.BI \-M addr
-Normally, this allows conserver to bind to a
+Set the address to listen on.
 This allows conserver to bind to a
 particular IP address (like `127.0.0.1') instead of all interfaces.
 The default is to bind to all addresses.
 However, if
 .B --with-uds
 was used to enable Unix domain sockets for client/server communication,
 this points conserver to the directory where it should store the sockets.
 The default
 .I master
 directory
 .RB (`` /tmp/conserver '')
 may be changed at compile time using the
 .B --with-uds
 option.
 .TP
 .B \-n
 Obsolete (now a no-op); see
@ -328,9 +291,6 @@ Enable periodic attempts (every
 .I min
 minutes) to open (``bring up'') all downed
 consoles (similar to sending a SIGUSR1).
 Without this option, or if
 .I min
 is zero, no periodic attempts occur.
 .TP
 .BI \-p port
 Set the TCP port for the master process to listen on.
@ -341,9 +301,6 @@ The default
 may be changed at compile time using the
 .B --with-port
 option.
 If the
 .B --with-uds
 option was used, this option is ignored.
 .TP
 .BI \-P passwd
 Read the table of authorized user data from the file
@ -367,40 +324,6 @@ connect to remote consoles will result in an informative message to the user.
 .B \-S
 Do not run the server, just perform a syntax check of configuration file and
 exit with a non-zero value if there is an error.
 Using more than one
 .B \-S
 will cause conserver to output various information about each console in 5
 colon-separated fields, enclosed in curly-braces.
 The philosophy behind the output is to provide information to allow external
 detection of multiple consoles access the same physical port.
 Since this is
 .I highly
 environment-specific, conserver cannot do the check internally.
 .RS
 .TP 9
 .I name
 The name of the console.
 .TP
 .I master
 The hostname of the master conserver host for the console.
 .TP
 .I aliases
 The console aliases in a comma-separated list.
 .TP
 .I type
 The type of console.
 Values will be a `/' for a local device, `|' for
 a command, `!' for a remote port, `%' for a Unix domain socket,
 and `#' for a noop console.
 .TP
 .I details
 Multiple values are comma-separated and depend on the type of the console.
 Local devices will have the values of the device file and baud rate/parity.
 Commands will have string to invoke.
 Remote ports will have the values of the remote hostname and port number.
 Unix domain sockets will have the path to the socket.
 Noop consoles will have nothing.
 .RE
 .TP
 .B \-u
 Send unloved console output to
@ -420,7 +343,7 @@ output, but all consoles, not
 just those without a user, are logged.
 Each line of output is prefixed with the console name.
 If a user is attached read/write, a `*' is appended to the console name,
-to allow log watching utilities to ignore potential user-introduced alarms.
+to allow log watching utilites to ignore potential user-introduced alarms.
 .TP
 .B \-v
 Echo the configuration as it is being read (be verbose).
@ -440,7 +363,7 @@ The second style is the character-based, escape-sequence mode, while
 connected to a console.
 .PP
 The initial line-based mode begins the same for both the master process
-and its children.
+and it's children.
 Upon a successful (non-rejected) client connection, an ``ok'' is sent.
 The client then issues a command and the server responds to it with a
 result string (``ok'' being the sign of success for most commands).
@ -448,7 +371,7 @@ The commands available are ``help'', ``ssl'' (if
 SSL was built into the code), ``login'', and ``exit''.
 Using the ``login'' command, the client authenticates and gains access to
 the extended command set.
-This is where the master process and its children differ.
+This is where the master process and it's children differ.
 The master process gives the client access to global commands, and the
 child provides commands for interacting with the consoles it manages.
 The ``help'' command, in both cases, will provide a complete
@ -464,16 +387,14 @@ any interaction with the server is done with the default escape sequence.
 This is, by no means, a complete description of the entire client/server
 interaction.
 It is, however, a brief explanation in order to give a idea of
-what the program does.  See the
+what the program does.
 .B \s-1PROTOCOL\s0
 file in the distribution for further details.
 .SH FILES
 .PP
 The following default file locations may be overridden
 at compile time or by the command-line options described above.
 Run
 .B conserver \-V
-to see the defaults set at compile time.
+(with no other options) to see the defaults set at compile time.
 .PP
 .PD 0
 .TP 25
@ -491,9 +412,6 @@ the master conserver process ID
 .TP
 .B /var/log/conserver
 log of errors and informational messages
 .TP
 .B /tmp/conserver
 directory to hold Unix domain sockets (if enabled)
 .PD
 .PP
 Additionally, output from individual consoles may be logged
--- a/conserver/convert.c
+++ b/conserver/convert.c
@ -1,4 +1,6 @@
 /*
 *  $Id: convert.c,v 1.8 2003/11/20 13:56:38 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -39,16 +41,6 @@
 #include <master.h>
 #include <main.h>
 #if defined(USE_LIBWRAP)
 /* we don't use it...but we link to it */
 int allow_severity;
 int deny_severity;
 #endif
 SECTION sections[] = {
    {(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
 };
 void
 DestroyDataStructures()
@ -56,12 +48,19 @@ DestroyDataStructures()
 }
 char *
 #if PROTOTYPES
 ReadLine2(FILE *fp, STRING *save, int *iLine)
 #else
 ReadLine2(fp, save, iLine)
    FILE *fp;
    STRING *save;
    int *iLine;
 #endif
 {
    static char buf[1024];
    char *wholeline = (char *)0;
    char *ret = (char *)0;
-    int i, buflen, peek, commentCheck = 1;
+    int i, buflen, peek, commentCheck = 1, comment = 0;
    static STRING *bufstr = (STRING *)0;
    static STRING *wholestr = (STRING *)0;
@ -77,7 +76,7 @@ ReadLine2(FILE *fp, STRING *save, int *iLine)
 	   || peek) {
 	/* If we have a previously saved line, use it instead */
 	if (save->used) {
-	    StrCpy(buf, save->string, sizeof(buf));
+	    strcpy(buf, save->string);
 	    BuildString((char *)0, save);
 	}
@ -103,6 +102,7 @@ ReadLine2(FILE *fp, STRING *save, int *iLine)
 		if (!isspace((int)buf[i]))
 		    break;
 	    if (buf[i] == '#') {
 		comment = 1;
 		commentCheck = 0;
 	    } else if (buf[i] != '\000') {
 		commentCheck = 0;
@ -113,11 +113,14 @@ ReadLine2(FILE *fp, STRING *save, int *iLine)
 	buflen = strlen(buf);
 	if ((buflen >= 1) && (buf[buflen - 1] == '\n')) {
 	    (*iLine)++;		/* Finally have a whole line */
 /*	    if (comment == 0 && commentCheck == 0) { */
 	    /* Finish off the chunk without the \n */
 	    buf[buflen - 1] = '\000';
 	    BuildString(buf, bufstr);
 	    wholeline = BuildString(bufstr->string, wholestr);
 /*	    }*/
 	    peek = 1;
 	    comment = 0;
 	    commentCheck = 1;
 	    BuildString((char *)0, bufstr);
 	} else {
@ -129,10 +132,14 @@ ReadLine2(FILE *fp, STRING *save, int *iLine)
    /* If we hit the EOF and weren't peeking ahead
     * and it's not a comment
     */
    /*
       if (!peek && (ret == (char *)0) && (comment == 0) &&
       (commentCheck == 0)) {
     */
    if (!peek && (ret == (char *)0)) {
 	(*iLine)++;
 	wholeline = BuildString(bufstr->string, wholestr);
-	if (wholeline != (char *)0 && wholeline[0] == '\000')
+	if (wholeline[0] == '\000')
 	    wholeline = (char *)0;
    }
@ -145,7 +152,13 @@ ReadLine2(FILE *fp, STRING *save, int *iLine)
 * to manage the consoles
 */
 void
 #if PROTOTYPES
 ReadCfg(char *pcFile, FILE *fp)
 #else
 ReadCfg(pcFile, fp)
    char *pcFile;
    FILE *fp;
 #endif
 {
    int iLine;
    unsigned char *acIn;
@ -409,6 +422,7 @@ ReadCfg(char *pcFile, FILE *fp)
 	    (unsigned char *)ReadLine2(fp, acInSave,
 				       &iLine)) != (unsigned char *)0) {
 	char *pcNext;
 	char cType;
 	acStart = PruneSpace((char *)acIn);
 	if (acStart[0] == '#') {
@ -454,6 +468,7 @@ ReadCfg(char *pcFile, FILE *fp)
 		printf("\ttrusted %s;\n", pcNext);
 		break;
 	    default:
 		cType = ' ';
 		Error("%s(%d) unknown access key `%s'", pcFile, iLine,
 		      acStart);
 		break;
@ -465,7 +480,13 @@ ReadCfg(char *pcFile, FILE *fp)
 }
 int
 #if PROTOTYPES
 main(int argc, char **argv)
 #else
 main(argc, argv)
    int argc;
    char **argv;
 #endif
 {
    char *pcFile;
    FILE *fp;
--- a/conserver/cutil.c
+++ b/conserver/cutil.c
--- a/conserver/cutil.h
+++ b/conserver/cutil.h
@ -1,35 +1,26 @@
 /*
 *  $Id: cutil.h,v 1.57 2003/11/28 00:47:29 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
 */
 #if PROTOTYPES
 #include <stdarg.h>
 #else
 #include <varargs.h>
 #endif
 #if HAVE_OPENSSL
 #include <openssl/ssl.h>
 # include <openssl/bn.h>
 # include <openssl/dh.h>
 #include <openssl/err.h>
 # if OPENSSL_VERSION_NUMBER < 0x10100000L
 #  define TLS_method SSLv23_method
 # endif/* OPENSSL_VERSION_NUMBER < 0x10100000L */
 # if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
 #  define CIPHER_SEC0
 # else
 #  define CIPHER_SEC0 ":@SECLEVEL=0"
 # endif/* OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) */
 #endif
 #if HAVE_GSSAPI
 # include <gssapi/gssapi.h>
 #endif
 /* communication constants
 */
 #define OB_IAC		0xff	/* quote char                   */
 #define OB_EXEC		'E'	/* exec a command on the client */
 #define OB_GOTO		'G'	/* goto next console            */
 #define OB_SUSP		'Z'	/* suspended by server          */
-#define OB_ABRT		'.'	/* abort                        */
+#define OB_DROP		'.'	/* dropped by server            */
 /* Struct to wrap information about a "file"...
 * This can be a socket, local file, whatever.  We do this so
@ -52,9 +43,6 @@ typedef enum IOState {
 #if HAVE_OPENSSL
    INSSLACCEPT,
    INSSLSHUTDOWN,
 #endif
 #if HAVE_GSSAPI
    INGSSACCEPT,
 #endif
    ISFLUSHING
 } IOSTATE;
@ -80,13 +68,6 @@ typedef struct consFile {
    int fd;
    int fdout;			/* only used when a simplePipe */
    STRING *wbuf;
    FLAG errored;
    FLAG quoteiac;
    FLAG sawiac;
    FLAG sawiacsusp;
    FLAG sawiacexec;
    FLAG sawiacabrt;
    FLAG sawiacgoto;
 #if HAVE_OPENSSL
    /* SSL stuff */
    SSL *ssl;
@ -94,132 +75,72 @@ typedef struct consFile {
    FLAG waitForRead;
 #endif
    /* Add crypto stuff to suit */
 #if DEBUG_CONSFILE_IO
    int debugrfd;
    int debugwfd;
 #endif
 } CONSFILE;
 typedef struct item {
    char *id;
    void (*reg)(char *);
 } ITEM;
 typedef struct section {
    char *id;
    void (*begin)(char *);
    void (*end)(void);
    void (*abort)(void);
    void (*destroy)(void);
    ITEM *items;
 } SECTION;
 typedef enum substToken {
    ISNOTHING = 0,
    ISNUMBER,
    ISSTRING
 } SUBSTTOKEN;
 typedef struct subst {
    /* function to retrieve a token type based on a character
     */
    SUBSTTOKEN (*token)(char);
    /* data for callback function
     */
    void *data;
    /* function to retrieve a value (as a char* or int or both) for
     * a substitution
     */
    int (*value)(char, char **, int *);
 } SUBST;
 extern int isMultiProc, fDebug, fVerbose, fErrorPrinted;
 extern char *progname;
 extern pid_t thepid;
 #define MAXHOSTNAME 1024
 extern char myHostname[];
 #if !USE_IPV6
 extern struct in_addr *myAddrs;
 #endif
 extern fd_set rinit;
 extern fd_set winit;
 extern int maxfd;
 extern int debugLineNo;
 extern char *debugFileName;
 extern int line;		/* used by ParseFile */
 extern char *file;		/* used by ParseFile */
 extern SECTION sections[];	/* used by ParseFile */
 extern int isMaster;
-extern const char *StrTime(time_t *);
+extern const char *StrTime PARAMS((time_t *));
-extern void Debug(int, char *, ...);
+extern void Debug PARAMS((int, char *, ...));
-extern void Error(char *, ...);
+extern void Error PARAMS((char *, ...));
-extern void Msg(char *, ...);
+extern void Msg PARAMS((char *, ...));
-extern void Verbose(char *, ...);
+extern void Verbose PARAMS((char *, ...));
-extern void SimpleSignal(int, RETSIGTYPE(*)(int));
+extern void SimpleSignal PARAMS((int, RETSIGTYPE(*)(int)));
-extern int GetMaxFiles();
+extern int GetMaxFiles PARAMS(());
-extern char *FmtCtl(int, STRING *);
+extern char *FmtCtl PARAMS((int, STRING *));
-extern void FmtCtlStr(char *, int, STRING *);
+extern void FmtCtlStr PARAMS((char *, int, STRING *));
-extern CONSFILE *FileOpenFD(int, enum consFileType);
+extern CONSFILE *FileOpenFD PARAMS((int, enum consFileType));
-extern CONSFILE *FileOpenPipe(int, int);
+extern CONSFILE *FileOpenPipe PARAMS((int, int));
-extern CONSFILE *FileOpen(const char *, int, int);
+extern CONSFILE *FileOpen PARAMS((const char *, int, int));
-extern int FileClose(CONSFILE **);
+extern int FileClose PARAMS((CONSFILE **));
-extern int FileRead(CONSFILE *, void *, int);
+extern int FileRead PARAMS((CONSFILE *, void *, int));
-extern int FileWrite(CONSFILE *, FLAG, char *, int);
+extern int FileWrite PARAMS((CONSFILE *, FLAG, char *, int));
-extern void FileVWrite(CONSFILE *, FLAG, char *, va_list);
+extern void FileVWrite PARAMS((CONSFILE *, FLAG, char *, va_list));
-extern void FilePrint(CONSFILE *, FLAG, char *, ...);
+extern void FilePrint PARAMS((CONSFILE *, FLAG, char *, ...));
-extern int FileStat(CONSFILE *, struct stat *);
+extern int FileStat PARAMS((CONSFILE *, struct stat *));
-extern int FileSeek(CONSFILE *, off_t, int);
+extern int FileSeek PARAMS((CONSFILE *, off_t, int));
-extern int FileSend(CONSFILE *, const void *, size_t, int);
+extern int FileSend PARAMS((CONSFILE *, const void *, size_t, int));
-extern int FileFDNum(CONSFILE *);
+extern int FileFDNum PARAMS((CONSFILE *));
-extern int FileFDOutNum(CONSFILE *);
+extern int FileFDOutNum PARAMS((CONSFILE *));
-extern int FileUnopen(CONSFILE *);
+extern int FileUnopen PARAMS((CONSFILE *));
-extern void OutOfMem();
+extern void OutOfMem PARAMS(());
-extern char *BuildTmpString(const char *);
+extern char *BuildTmpString PARAMS((const char *));
-extern char *BuildTmpStringChar(const char);
+extern char *BuildTmpStringChar PARAMS((const char));
-extern char *BuildTmpStringPrint(char *, ...);
+extern char *BuildTmpStringPrint PARAMS((char *, ...));
-extern char *BuildString(const char *, STRING *);
+extern char *BuildString PARAMS((const char *, STRING *));
-extern char *BuildStringChar(const char, STRING *);
+extern char *BuildStringChar PARAMS((const char, STRING *));
-extern char *BuildStringPrint(STRING *, char *, ...);
+extern char *BuildStringPrint PARAMS((STRING *, char *, ...));
-extern char *BuildStringN(const char *, int, STRING *);
+extern char *BuildStringN PARAMS((const char *, int, STRING *));
-extern char *ShiftString(STRING *, int);
+extern char *ShiftString PARAMS((STRING *, int));
-extern void InitString(STRING *);
+extern void InitString PARAMS((STRING *));
-extern void DestroyString(STRING *);
+extern void DestroyString PARAMS((STRING *));
-extern void DestroyStrings(void);
+extern void DestroyStrings PARAMS((void));
-extern STRING *AllocString(void);
+extern STRING *AllocString PARAMS((void));
-extern char *ReadLine(FILE *, STRING *, int *);
+extern char *ReadLine PARAMS((FILE *, STRING *, int *));
-extern enum consFileType FileGetType(CONSFILE *);
+extern enum consFileType FileGetType PARAMS((CONSFILE *));
-extern void FileSetType(CONSFILE *, enum consFileType);
+extern void FileSetType PARAMS((CONSFILE *, enum consFileType));
-extern void FileSetQuoteIAC(CONSFILE *, FLAG);
+extern void Bye PARAMS((int));
-extern FLAG FileSawQuoteSusp(CONSFILE *);
+extern void DestroyDataStructures PARAMS((void));
-extern FLAG FileSawQuoteExec(CONSFILE *);
+extern int IsMe PARAMS((char *));
-extern FLAG FileSawQuoteAbrt(CONSFILE *);
+extern char *PruneSpace PARAMS((char *));
-extern FLAG FileSawQuoteGoto(CONSFILE *);
+extern int FileCanRead PARAMS((CONSFILE *, fd_set *, fd_set *));
-extern void Bye(int);
+extern int FileCanWrite PARAMS((CONSFILE *, fd_set *, fd_set *));
-extern void DestroyDataStructures(void);
+extern int FileBufEmpty PARAMS((CONSFILE *));
-extern int IsMe(char *);
+extern int SetFlags PARAMS((int, int, int));
-extern char *PruneSpace(char *);
+extern char *StrDup PARAMS((char *));
 extern int FileCanRead(CONSFILE *, fd_set *, fd_set *);
 extern int FileCanWrite(CONSFILE *, fd_set *, fd_set *);
 extern int FileBufEmpty(CONSFILE *);
 extern int SetFlags(int, int, int);
 extern char *StrDup(const char *);
 extern int ParseIACBuf(CONSFILE *, void *, int *);
 extern void *MemMove(void *, void *, size_t);
 extern char *StringChar(STRING *, int, char);
 extern void ParseFile(char *, FILE *, int);
 #if !USE_IPV6
 extern void ProbeInterfaces(in_addr_t);
 #endif
 extern void ProcessSubst(SUBST *, char **, char **, char *, char *);
 extern char *MyVersion(void);
 extern unsigned int AtoU(char *);
 extern void StrCpy(char *, const char *, unsigned int);
 extern void Sleep(useconds_t);
 #if HAVE_OPENSSL
-extern SSL *FileGetSSL(CONSFILE *);
+extern SSL *FileGetSSL PARAMS((CONSFILE *));
-extern void FileSetSSL(CONSFILE *, SSL *);
+extern void FileSetSSL PARAMS((CONSFILE *, SSL *));
-extern int SSLVerifyCallback(int, X509_STORE_CTX *);
+extern int SSLVerifyCallback PARAMS((int, X509_STORE_CTX *));
-extern int FileSSLAccept(CONSFILE *);
+extern int FileSSLAccept PARAMS((CONSFILE *));
-extern int FileCanSSLAccept(CONSFILE *, fd_set *, fd_set *);
+extern int FileCanSSLAccept PARAMS((CONSFILE *, fd_set *, fd_set *));
 #endif
--- a/conserver/fallback.c
+++ b/conserver/fallback.c
@ -1,4 +1,6 @@
 /*
 *  $Id: fallback.c,v 5.60 2003/11/20 13:56:38 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -25,7 +27,13 @@
 * packages, i think things are ok...hopefully it's true!
 */
 static int
 #if PROTOTYPES
 GetPseudoTTY(STRING *slave, int *slaveFD)
 #else
 GetPseudoTTY(slave, slaveFD)
    STRING *slave;
    int *slaveFD;
 #endif
 {
 #if HAVE_OPENPTY
    int fd = -1;
@ -35,7 +43,7 @@ GetPseudoTTY(STRING *slave, int *slaveFD)
 #if HAVE_SIGACTION
    sigset_t oldmask, newmask;
 #else
-    extern RETSIGTYPE FlagReapVirt(int);
+    extern RETSIGTYPE FlagReapVirt PARAMS((int));
 #endif
 #if HAVE_SIGACTION
@ -83,7 +91,7 @@ GetPseudoTTY(STRING *slave, int *slaveFD)
 #if HAVE_SIGACTION
    sigset_t oldmask, newmask;
 #else
-    extern RETSIGTYPE FlagReapVirt(int);
+    extern RETSIGTYPE FlagReapVirt PARAMS((int));
 #endif
    int c;
    /* clone list and idea stolen from xemacs distribution */
@ -202,7 +210,7 @@ GetPseudoTTY(STRING *slave, int *slaveFD)
 	    continue;
 	}
-	if (0 > (fd = open(acMaster, O_RDWR | O_NONBLOCK, 0))) {
+	if (0 > (fd = open(acMaster, O_RDWR | O_NDELAY, 0))) {
 	    continue;
 	}
 	acSlave[iIndex] = *pcOne;
@ -234,7 +242,13 @@ GetPseudoTTY(STRING *slave, int *slaveFD)
 * get a pty using the GetPseudoTTY code above
 */
 int
 #if PROTOTYPES
 FallBack(char **slave, int *sfd)
 #else
 FallBack(slave, sfd)
    char **slave;
    int *sfd;
 #endif
 {
    int fd;
    static STRING *pcTSlave = (STRING *)0;
--- a/conserver/group.c
+++ b/conserver/group.c
--- a/conserver/group.h
+++ b/conserver/group.h
@ -1,4 +1,6 @@
 /*
 *  $Id: group.h,v 5.42 2003/11/28 23:36:02 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -34,13 +36,12 @@
 /* timers used to have various things happen */
 #define T_STATE		0
-#define T_CIDLE		1
+#define T_IDLE		1
 #define T_MARK		2
 #define T_REINIT	3
 #define T_AUTOUP	4
 #define T_ROLL		5
-#define T_INITDELAY	6
+#define T_MAX		6	/* T_MAX *must* be last */
 #define T_MAX		7	/* T_MAX *must* be last */
 /* return values used by CheckPass()
 */
@ -62,27 +63,23 @@ typedef struct grpent {		/* group info                           */
 extern time_t timers[];
-extern void Spawn(GRPENT *, int);
+extern void Spawn PARAMS((GRPENT *));
-extern int CheckPass(char *, char *, FLAG);
+extern int CheckPass PARAMS((char *, char *));
-extern void TagLogfile(const CONSENT *, char *, ...);
+extern void TagLogfile PARAMS((const CONSENT *, char *, ...));
-extern void TagLogfileAct(const CONSENT *, char *, ...);
+extern void TagLogfileAct PARAMS((const CONSENT *, char *, ...));
-extern void DestroyGroup(GRPENT *);
+extern void DestroyGroup PARAMS((GRPENT *));
-extern void DestroyConsent(GRPENT *, CONSENT *);
+extern void DestroyConsent PARAMS((GRPENT *, CONSENT *));
-extern void SendClientsMsg(CONSENT *, char *);
+extern void SendClientsMsg PARAMS((CONSENT *, char *));
-extern void ResetMark(void);
+extern void ResetMark PARAMS((void));
-extern void DestroyConsentUsers(CONSENTUSERS **);
+extern void DestroyConsentUsers PARAMS((CONSENTUSERS **));
-extern CONSENTUSERS *ConsentFindUser(CONSENTUSERS *, char *);
+extern CONSENTUSERS *ConsentFindUser PARAMS((CONSENTUSERS *, char *));
-extern int ConsentUserOk(CONSENTUSERS *, char *);
+extern int ConsentUserOk PARAMS((CONSENTUSERS *, char *));
-extern void DisconnectClient(GRPENT *, CONSCLIENT *, char *, FLAG);
+extern void DisconnectClient
-extern int ClientAccess(CONSENT *, char *);
+PARAMS((GRPENT *, CONSCLIENT *, char *, FLAG));
-extern void DestroyClient(CONSCLIENT *);
+extern int ClientAccess PARAMS((CONSENT *, char *));
-extern int CheckPasswd(CONSCLIENT *, char *, FLAG);
+extern void DestroyClient PARAMS((CONSCLIENT *));
-extern void DeUtmp(GRPENT *, int);
+extern int CheckPasswd PARAMS((CONSCLIENT *, char *));
-extern void ClientWantsWrite(CONSCLIENT *);
+extern void ExpandString PARAMS((char *, CONSENT *, short));
 extern void SendIWaitClientsMsg(CONSENT *, char *);
 #if HAVE_OPENSSL
-extern int AttemptSSL(CONSCLIENT *);
+extern int AttemptSSL PARAMS((CONSCLIENT *));
 #endif
 #if HAVE_GSSAPI
 extern int AttemptGSSAPI(CONSCLIENT *);
 #endif
--- a/conserver/main.c
+++ b/conserver/main.c
--- a/conserver/main.h
+++ b/conserver/main.h
@ -1,4 +1,6 @@
 /*
 *  $Id: main.h,v 5.51 2003/11/10 15:37:24 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -34,32 +36,22 @@
 /* program options and stuff
 */
 extern char rcsid[];
 extern int fAll, fNoinit, fInteractive, fStrip, fDaemon, fReopen,
    fNoautoreup, fSyntaxOnly;
 #if USE_IPV6
 extern struct addrinfo *bindAddr;
 extern struct addrinfo *bindBaseAddr;
 #else
 extern in_addr_t bindAddr;
 extern struct sockaddr_in in_port;
 #endif
 extern unsigned short bindPort, bindBasePort;
 extern char *pcConfig;
 extern int cMaxMemb;
 extern struct sockaddr_in in_port;
 extern int isMaster;
 extern CONFIG *optConf;
 extern CONFIG *config;
 extern CONFIG defConfig;
 extern CONSFILE *unifiedlog;
 #if USE_UNIX_DOMAIN_SOCKETS
 extern char *interface;
 #endif
 #if HAVE_OPENSSL
 extern SSL_CTX *ctx;
 #endif
-#if HAVE_GSSAPI
+extern void ReopenLogfile PARAMS((void));
-extern gss_name_t gss_myname;
+extern void ReopenUnifiedlog PARAMS((void));
-extern gss_cred_id_t gss_mycreds;
+extern void DumpDataStructures PARAMS((void));
 #endif
 extern void ReopenLogfile(void);
 extern void ReopenUnifiedlog(void);
 extern void DumpDataStructures(void);
--- a/conserver/master.c
+++ b/conserver/master.c
@ -1,4 +1,6 @@
 /*
 *  $Id: master.c,v 5.123 2003/11/20 13:56:39 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -34,6 +36,7 @@
 #include <access.h>
 #include <master.h>
 #include <readcfg.h>
 #include <version.h>
 #include <main.h>
@ -47,7 +50,12 @@ static unsigned long dmallocMarkClientConnection = 0;
 static RETSIGTYPE
 #if PROTOTYPES
 FlagSawCHLD(int sig)
 #else
 FlagSawCHLD(sig)
    int sig;
 #endif
 {
    fSawCHLD = 1;
 #if !HAVE_SIGACTION
@ -59,7 +67,11 @@ FlagSawCHLD(int sig)
 * Called when master process receives SIGCHLD
 */
 static void
-FixKids(int msfd)
+#if PROTOTYPES
 FixKids()
 #else
 FixKids()
 #endif
 {
    pid_t pid;
    int UWbuf;
@ -112,7 +124,7 @@ FixKids(int msfd)
 	    /* this kid kid is dead, start another
 	     */
-	    Spawn(pGE, msfd);
+	    Spawn(pGE);
 	    Verbose("group #%d pid %lu on port %hu", pGE->id,
 		    (unsigned long)pGE->pid, pGE->port);
 	}
@ -123,7 +135,12 @@ FixKids(int msfd)
 * Called when master process receives SIGTERM
 */
 static RETSIGTYPE
 #if PROTOTYPES
 FlagQuitIt(int arg)
 #else
 FlagQuitIt(arg)
    int arg;
 #endif
 {
    fSawQuit = 1;
 #if !HAVE_SIGACTION
@ -135,7 +152,12 @@ FlagQuitIt(int arg)
 * want to do something special on SIGINT at some point.
 */
 static RETSIGTYPE
 #if PROTOTYPES
 FlagSawINT(int arg)
 #else
 FlagSawINT(arg)
    int arg;
 #endif
 {
    fSawQuit = 1;
 #if !HAVE_SIGACTION
@ -144,7 +166,12 @@ FlagSawINT(int arg)
 }
 static RETSIGTYPE
 #if PROTOTYPES
 FlagSawHUP(int arg)
 #else
 FlagSawHUP(arg)
    int arg;
 #endif
 {
    fSawHUP = 1;
 #if !HAVE_SIGACTION
@ -153,7 +180,12 @@ FlagSawHUP(int arg)
 }
 static RETSIGTYPE
 #if PROTOTYPES
 FlagSawUSR2(int arg)
 #else
 FlagSawUSR2(arg)
    int arg;
 #endif
 {
    fSawUSR2 = 1;
 #if !HAVE_SIGACTION
@ -162,7 +194,12 @@ FlagSawUSR2(int arg)
 }
 static RETSIGTYPE
 #if PROTOTYPES
 FlagSawUSR1(int arg)
 #else
 FlagSawUSR1(arg)
    int arg;
 #endif
 {
    fSawUSR1 = 1;
 #if !HAVE_SIGACTION
@ -173,7 +210,12 @@ FlagSawUSR1(int arg)
 /* Signal all the kids...
 */
 void
 #if PROTOTYPES
 SignalKids(int arg)
 #else
 SignalKids(arg)
    int arg;
 #endif
 {
    GRPENT *pGE;
@ -190,7 +232,12 @@ SignalKids(int arg)
 }
 REMOTE *
 #if PROTOTYPES
 FindRemoteConsole(char *args)
 #else
 FindRemoteConsole(args)
    char *args;
 #endif
 {
    REMOTE *pRC;
    NAMES *name;
@ -207,7 +254,13 @@ FindRemoteConsole(char *args)
 }
 void
 #if PROTOTYPES
 CommandCall(CONSCLIENT *pCL, char *args)
 #else
 CommandCall(pCL, args)
    CONSCLIENT *pCL;
    char *args;
 #endif
 {
    int found;
    REMOTE *pRC, *pRCFound;
@ -239,8 +292,7 @@ CommandCall(CONSCLIENT *pCL, char *args)
 	    pRCFound = pRC;
 	}
    }
-    if (found == 0 && config->autocomplete == FLAGTRUE) {
+    if (found == 0) {		/* Then look for substring matches */
 	/* Then look for substring matches */
 	NAMES *name = (NAMES *)0;
 	int foundOne = 0;
 	for (pGE = pGroups; pGE != (GRPENT *)0; pGE = pGE->pGEnext) {
@ -330,7 +382,13 @@ CommandCall(CONSCLIENT *pCL, char *args)
 }
 void
 #if PROTOTYPES
 DropMasterClient(CONSCLIENT *pCLServing, FLAG force)
 #else
 DropMasterClient(pCLServing, force)
    CONSCLIENT *pCLServing;
    FLAG force;
 #endif
 {
    /* if we have data buffered and aren't forced to close,
     * we can't close quite yet
@ -366,11 +424,16 @@ DropMasterClient(CONSCLIENT *pCLServing, FLAG force)
 }
 void
 #if PROTOTYPES
 DoNormalRead(CONSCLIENT *pCLServing)
 #else
 DoNormalRead(pCLServing)
    CONSCLIENT *pCLServing;
 #endif
 {
    char *pcCmd;
    char *pcArgs;
-    int nr, i, l;
+    int nr, i;
    unsigned char acIn[BUFSIZ];
    /* read connection */
@ -379,10 +442,7 @@ DoNormalRead(CONSCLIENT *pCLServing)
 	return;
    }
-    while ((l = ParseIACBuf(pCLServing->fd, acIn, &nr)) >= 0) {
+    for (i = 0; i < nr; ++i) {
 	if (l == 0)		/* we ignore special OB_IAC stuff */
 	    continue;
 	for (i = 0; i < l; ++i) {
 	if ('\n' != acIn[i]) {
 	    BuildStringChar(acIn[i], pCLServing->accmd);
 	    continue;
@ -397,9 +457,8 @@ DoNormalRead(CONSCLIENT *pCLServing)
 	/* process password here...before we corrupt accmd */
 	if (pCLServing->iState == S_PASSWD) {
-		if (CheckPasswd
+	    if (CheckPasswd(pCLServing, pCLServing->accmd->string) !=
-		    (pCLServing, pCLServing->accmd->string, FLAGFALSE)
+		AUTH_SUCCESS) {
 		    != AUTH_SUCCESS) {
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "invalid password\r\n", -1);
 		BuildString((char *)0, pCLServing->accmd);
@ -413,8 +472,7 @@ DoNormalRead(CONSCLIENT *pCLServing)
 	    continue;
 	}
-	    if ((char *)0 !=
+	if ((char *)0 != (pcArgs = strchr(pCLServing->accmd->string, ':'))) {
 		(pcArgs = strchr(pCLServing->accmd->string, ':'))) {
 	    *pcArgs++ = '\000';
 	} else if ((char *)0 !=
 		   (pcArgs = strchr(pCLServing->accmd->string, ' '))) {
@ -430,9 +488,6 @@ DoNormalRead(CONSCLIENT *pCLServing)
 		"login  log in\r\n",
 #if HAVE_OPENSSL
 		"ssl    start ssl session\r\n",
 #endif
 #if HAVE_GSSAPI
 		    "gssapi log in with gssapi\r\n",
 #endif
 		(char *)0
 	    };
@ -442,13 +497,10 @@ DoNormalRead(CONSCLIENT *pCLServing)
 		"groups    provide ports for group leaders\r\n",
 		"help      this help message\r\n",
 		"master    provide a list of master servers\r\n",
 		    "newlogs*   close and open all logfiles (SIGUSR2)\r\n",
 		"pid       provide pid of master process\r\n",
 		"quit*     terminate conserver (SIGTERM)\r\n",
-		    "restart*   restart conserver (SIGHUP) - deprecated\r\n",
+		"restart*  restart conserver (SIGHUP)\r\n",
 		    "reconfig*  reread config file (SIGHUP)\r\n",
 		"version   provide version info for server\r\n",
 		    "up*        bring up all downed consoles (SIGUSR1)\r\n",
 		"* = requires admin privileges\r\n",
 		(char *)0
 	    };
@ -471,14 +523,6 @@ DoNormalRead(CONSCLIENT *pCLServing)
 		DropMasterClient(pCLServing, FLAGFALSE);
 		return;
 	    }
 #endif
 #if HAVE_GSSAPI
 	    } else if (pCLServing->iState == S_IDENT &&
 		       strcmp(pcCmd, "gssapi") == 0) {
 		FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n", -1);
 		/* Change the I/O mode right away, we'll do the read
 		 * and accept when the select gets back to us */
 		pCLServing->ioState = INGSSACCEPT;
 #endif
 	} else if (pCLServing->iState == S_IDENT &&
 		   strcmp(pcCmd, "login") == 0) {
@ -501,13 +545,11 @@ DoNormalRead(CONSCLIENT *pCLServing)
 		    BuildString(pCLServing->peername->string,
 				pCLServing->acid);
 		    if (pCLServing->caccess == 't' ||
-			    CheckPasswd(pCLServing, "",
+			CheckPasswd(pCLServing, "") == AUTH_SUCCESS) {
 					FLAGTRUE) == AUTH_SUCCESS) {
 			pCLServing->iState = S_NORMAL;
 			Verbose("<master> login %s",
 				pCLServing->acid->string);
-			    FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n",
+			FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n", 4);
 				      4);
 		    } else {
 			FilePrint(pCLServing->fd, FLAGFALSE,
 				  "passwd? %s\r\n", myHostname);
@ -522,9 +564,7 @@ DoNormalRead(CONSCLIENT *pCLServing)
 	    int iSep = 1;
 	    if ((GRPENT *)0 != pGroups) {
-#if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
+		struct sockaddr_in lcl;
 		    SOCKADDR_STYPE lcl;
 		socklen_t so = sizeof(lcl);
 		if (-1 ==
 		    getsockname(FileFDNum(pCLServing->fd),
@ -534,44 +574,21 @@ DoNormalRead(CONSCLIENT *pCLServing)
 			      -1);
 		    Error("Master(): getsockname(%u): %s",
 			  FileFDNum(pCLServing->fd), strerror(errno));
-			iSep = -1;
+		    Bye(EX_OSERR);
-		    } else {
+		}
 # if USE_IPV6
 			int error;
 			char addr[NI_MAXHOST];
 			error =
 			    getnameinfo((struct sockaddr *)&lcl, so, addr,
 					sizeof(addr), NULL, 0,
 					NI_NUMERICHOST);
 			if (!error)
 			    FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
 				      addr);
 # else
 		FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
 			  inet_ntoa(lcl.sin_addr));
 # endif
 		iSep = 0;
 	    }
 #else
 		    FilePrint(pCLServing->fd, FLAGTRUE, "@0");
 		    iSep = 0;
 #endif
 		}
 		if (iSep >= 0) {
 	    if (config->redirect == FLAGTRUE) {
 		REMOTE *pRC;
-			char *s;
+		for (pRC = pRCUniq; (REMOTE *)0 != pRC; pRC = pRC->pRCuniq) {
-			for (pRC = pRCUniq; (REMOTE *)0 != pRC;
+		    FilePrint(pCLServing->fd, FLAGTRUE, ":@%s" + iSep,
 			     pRC = pRC->pRCuniq) {
 			    s = ":@%s";
 			    s += iSep;
 			    FilePrint(pCLServing->fd, FLAGTRUE, s,
 			      pRC->rhost);
 		    iSep = 0;
 		}
 	    }
 	    FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", -1);
 		}
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "pid") == 0) {
 	    FilePrint(pCLServing->fd, FLAGFALSE, "%lu\r\n",
@ -579,13 +596,11 @@ DoNormalRead(CONSCLIENT *pCLServing)
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "version") == 0) {
 	    FilePrint(pCLServing->fd, FLAGFALSE, "version `%s'\r\n",
-			  MyVersion());
+		      THIS_VERSION);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "quit") == 0) {
-		if (ConsentUserOk(pADList, pCLServing->username->string) ==
+	    if (ConsentUserOk(pADList, pCLServing->username->string) == 1) {
-		    1) {
+		Verbose("quit command by %s", pCLServing->acid->string);
 		    Verbose("quit command by %s",
 			    pCLServing->acid->string);
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "ok -- terminated\r\n", -1);
 		DropMasterClient(pCLServing, FLAGFALSE);
@ -596,63 +611,24 @@ DoNormalRead(CONSCLIENT *pCLServing)
 			  "unauthorized command\r\n", -1);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "restart") == 0) {
-		if (ConsentUserOk(pADList, pCLServing->username->string) ==
+	    if (ConsentUserOk(pADList, pCLServing->username->string) == 1) {
 		    1) {
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "ok -- restarting\r\n", -1);
-		    Verbose("restart command by %s",
+		Verbose("restart command by %s", pCLServing->acid->string);
 			    pCLServing->acid->string);
 		kill(thepid, SIGHUP);
 	    } else
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "unauthorized command\r\n", -1);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "reconfig") == 0) {
 		if (ConsentUserOk(pADList, pCLServing->username->string) ==
 		    1) {
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "ok -- reconfiguring\r\n", -1);
 		    Verbose("reconfig command by %s",
 			    pCLServing->acid->string);
 		    kill(thepid, SIGHUP);
 		} else
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "unauthorized command\r\n", -1);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "up") == 0) {
 		if (ConsentUserOk(pADList, pCLServing->username->string) ==
 		    1) {
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "ok -- bringing up consoles\r\n", -1);
 		    Verbose("up command by %s", pCLServing->acid->string);
 		    kill(thepid, SIGUSR1);
 		} else
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "unauthorized command\r\n", -1);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "newlogs") == 0) {
 		if (ConsentUserOk(pADList, pCLServing->username->string) ==
 		    1) {
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "ok -- opening new logfiles\r\n", -1);
 		    Verbose("newlogs command by %s",
 			    pCLServing->acid->string);
 		    kill(thepid, SIGUSR2);
 		} else
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "unauthorized command\r\n", -1);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "groups") == 0) {
 	    int iSep = 1;
 	    GRPENT *pGE;
 		char *s;
 	    for (pGE = pGroups; pGE != (GRPENT *)0; pGE = pGE->pGEnext) {
 		if (0 == pGE->imembers)
 		    continue;
-		    s = ":%hu";
+		FilePrint(pCLServing->fd, FLAGTRUE, ":%hu" + iSep,
-		    s += iSep;
+			  pGE->port);
 		    FilePrint(pCLServing->fd, FLAGTRUE, s, pGE->port);
 		iSep = 0;
 	    }
 	    FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", 2);
@ -669,33 +645,23 @@ DoNormalRead(CONSCLIENT *pCLServing)
 	}
 	BuildString((char *)0, pCLServing->accmd);
    }
 	nr -= l;
 	MemMove(acIn, acIn + l, nr);
    }
 }
 /* this routine is used by the master console server process		(ksb)
 */
 void
 #if PROTOTYPES
 Master(void)
 #else
 Master()
 #endif
 {
    int cfd;
    int msfd;
    socklen_t so;
    fd_set rmask, wmask;
 #if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
 # if USE_IPV6
    struct addrinfo *rp;
 # else
    struct sockaddr_in master_port;
-# endif
+    int true = 1;
 # if HAVE_SETSOCKOPT
    int sock_opt_true = 1;
 # endif
 #else
    struct sockaddr_un master_port;
    static STRING *portPath = (STRING *)0;
 #endif
    FILE *fp;
    CONSCLIENT *pCLServing = (CONSCLIENT *)0;
    CONSCLIENT *pCL = (CONSCLIENT *)0;
@ -712,9 +678,6 @@ Master(void)
 #endif
 #if defined(SIGPOLL)
    SimpleSignal(SIGPOLL, SIG_IGN);
 #endif
 #if defined(SIGXFSZ)
    SimpleSignal(SIGXFSZ, SIG_IGN);
 #endif
    SimpleSignal(SIGCHLD, FlagSawCHLD);
    SimpleSignal(SIGTERM, FlagQuitIt);
@ -734,82 +697,11 @@ Master(void)
    /* set up port for master to listen on
     */
 #if !USE_IPV6
 #if HAVE_MEMSET
    memset((void *)&master_port, 0, sizeof(master_port));
 #else
    bzero((char *)&master_port, sizeof(master_port));
 #endif
 #endif
 #if USE_IPV6
    for (rp = bindAddr; rp != NULL; rp = rp->ai_next) {
 	if ((msfd =
 	     socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol)) < 0)
 	    continue;
 # if HAVE_SETSOCKOPT
 	if (setsockopt
 	    (msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&sock_opt_true,
 	     sizeof(sock_opt_true)) < 0)
 	    goto fail;
 # endif
 	if (!SetFlags(msfd, O_NONBLOCK, 0))
 	    goto fail;
 	if (bind(msfd, rp->ai_addr, rp->ai_addrlen) == 0)
 	    break;
      fail:
 	close(msfd);
    }
    if (listen(msfd, SOMAXCONN) < 0) {
 	Error("Master(): listen(): %s", strerror(errno));
 	return;
    }
    /* save addrlen for accept */
    so = rp->ai_addrlen;
 #elif USE_UNIX_DOMAIN_SOCKETS
    master_port.sun_family = AF_UNIX;
    if (portPath == (STRING *)0)
 	portPath = AllocString();
    BuildStringPrint(portPath, "%s/0", interface);
    if (portPath->used > sizeof(master_port.sun_path)) {
 	Error("Master(): path to socket too long: %s", portPath->string);
 	return;
    }
    StrCpy(master_port.sun_path, portPath->string,
 	   sizeof(master_port.sun_path));
    if ((msfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
 	Error("Master(): socket(AF_UNIX,SOCK_STREAM): %s",
 	      strerror(errno));
 	return;
    }
    if (!SetFlags(msfd, O_NONBLOCK, 0))
 	return;
    if (bind(msfd, (struct sockaddr *)&master_port, sizeof(master_port)) <
 	0) {
 	Error("Master(): bind(%s): %s", master_port.sun_path,
 	      strerror(errno));
 	return;
    }
    if (listen(msfd, SOMAXCONN) < 0) {
 	Error("Master(): listen(%s): %s", master_port.sun_path,
 	      strerror(errno));
 	return;
    }
 # ifdef TRUST_UDS_CRED
    /* Allow everyone to connect, but we later auth them via SO_PEERCRED */
    chmod(master_port.sun_path, 0666);
 # endif
 #else
    master_port.sin_family = AF_INET;
    master_port.sin_addr.s_addr = bindAddr;
    master_port.sin_port = htons(bindPort);
@ -821,8 +713,8 @@ Master(void)
    }
 #if  HAVE_SETSOCKOPT
    if (setsockopt
-	(msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&sock_opt_true,
+	(msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&true,
-	 sizeof(sock_opt_true)) < 0) {
+	 sizeof(true)) < 0) {
 	Error("Master(): setsockopt(%u,SO_REUSEADDR): %s", msfd,
 	      strerror(errno));
 	return;
@ -843,7 +735,6 @@ Master(void)
 	      strerror(errno));
 	return;
    }
 #endif
    fp = fopen(PIDFILE, "w");
    if (fp) {
@ -861,7 +752,7 @@ Master(void)
    for (fSawQuit = 0; !fSawQuit; /* can't close here :-( */ ) {
 	if (fSawCHLD) {
 	    fSawCHLD = 0;
-	    FixKids(msfd);
+	    FixKids();
 	}
 	if (fSawHUP) {
 	    fSawHUP = 0;
@ -869,7 +760,7 @@ Master(void)
 	    ReopenLogfile();
 	    ReopenUnifiedlog();
 	    SignalKids(SIGHUP);
-	    ReReadCfg(msfd, msfd);
+	    ReReadCfg(msfd);
 	    /* fix up the client descriptors since ReReadCfg() doesn't
 	     * see them like it can in the child processes */
 	    for (pCL = pCLmall; pCL != (CONSCLIENT *)0; pCL = pCL->pCLscan) {
@ -923,17 +814,6 @@ Master(void)
 			    pCLServing->ioState = ISNORMAL;
 		    }
 		    break;
 #endif
 #if HAVE_GSSAPI
 		case INGSSACCEPT:
 		    {
 			int r;
 			if ((r = AttemptGSSAPI(pCLServing)) < 0)
 			    DropMasterClient(pCLServing, FLAGFALSE);
 			else if (r == 1)
 			    pCLServing->ioState = ISNORMAL;
 		    }
 		    break;
 #endif
 		case ISNORMAL:
 		    if (FileCanRead(pCLServing->fd, &rmask, &wmask))
@ -945,8 +825,8 @@ Master(void)
 			CONDDEBUG((1, "Master(): flushing fd %d",
 				   FileFDNum(pCLServing->fd)));
 			if (FileWrite
-			    (pCLServing->fd, FLAGFALSE, (char *)0, 0)
+			    (pCLServing->fd, FLAGFALSE, (char *)0,
-			    < 0) {
+			     0) < 0) {
 			    DropMasterClient(pCLServing, FLAGTRUE);
 			    break;
 			}
@ -975,9 +855,7 @@ Master(void)
 	dmallocMarkClientConnection = dmalloc_mark();
 #endif
 #if !USE_IPV6
 	so = sizeof(struct sockaddr_in);
 #endif
 	for (cfd = 0; cfd == 0;) {
 	    cfd =
 		accept(msfd, (struct sockaddr *)&pCLmfree->cnct_port, &so);
@ -994,10 +872,9 @@ Master(void)
 	}
 	/* set to non-blocking and wrap in a File object */
-	if (SetFlags(cfd, O_NONBLOCK, 0)) {
+	if (SetFlags(cfd, O_NONBLOCK, 0))
 	    pCLmfree->fd = FileOpenFD(cfd, simpleSocket);
-	    FileSetQuoteIAC(pCLmfree->fd, FLAGTRUE);
+	else
 	} else
 	    pCLmfree->fd = (CONSFILE *)0;
 	if ((CONSFILE *)0 == pCLmfree->fd) {
@ -1052,9 +929,6 @@ Master(void)
    }
    close(msfd);
 #if USE_UNIX_DOMAIN_SOCKETS
    unlink(master_port.sun_path);
 #endif
    /* clean up the free list */
    while (pCLmfree != (CONSCLIENT *)0) {
--- a/conserver/master.h
+++ b/conserver/master.h
@ -1,4 +1,6 @@
 /*
 *  $Id: master.h,v 5.17 2003/10/03 14:23:37 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -37,5 +39,5 @@
 */
 extern CONSCLIENT *pCLmall;
 extern CONSCLIENT *pCLmfree;
-extern void Master(void);
+extern void Master PARAMS((void));
-extern void SignalKids(int);
+extern void SignalKids PARAMS((int));
--- a/conserver/readcfg.c
+++ b/conserver/readcfg.c
--- a/conserver/readcfg.h
+++ b/conserver/readcfg.h
@ -1,16 +1,15 @@
 /*
 *  $Id: readcfg.h,v 5.38 2003/11/10 15:37:24 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
 */
 #define BREAKDELAYDEFAULT 250
 #define BREAKLISTSIZE 35	/* ('z'-('a'-1))+('9'-('1'-1)) */
 #define BREAKALPHAOFFSET 39	/* ('a'-('9'+1)) */
 typedef struct config {
    STRING *name;
    FLAG autocomplete;
    char defaultaccess;
    FLAG daemonmode;
    char *logfile;
@ -18,58 +17,37 @@ typedef struct config {
    char *primaryport;
    FLAG redirect;
    FLAG loghostnames;
-    int reinitcheck; /* stored in sec, configured in min or sec */
+    int reinitcheck;
    char *secondaryport;
    char *unifiedlog;
    int initdelay;
 #if HAVE_SETPROCTITLE
    FLAG setproctitle;
 #endif
 #if HAVE_OPENSSL
    char *sslcredentials;
    FLAG sslrequired;
    FLAG sslreqclientcert;
    char *sslcacertificatefile;
 #endif
 } CONFIG;
 typedef struct breaks {
    STRING *seq;
    int delay;
    FLAG confirm;
 } BREAKS;
 typedef struct tasks {
    char id;
    STRING *cmd;
    STRING *descr;
    uid_t uid;
    gid_t gid;
    char *subst;
    FLAG confirm;
    struct tasks *next;
 } TASKS;
 extern NAMES *userList;		/* user list */
 extern GRPENT *pGroups;		/* group info */
 extern REMOTE *pRCList;		/* list of remote consoles we know about */
 extern REMOTE *pRCUniq;		/* list of uniq console servers */
 extern ACCESS *pACList;		/* `who do you love' (or trust) */
 extern CONSENTUSERS *pADList;	/* list of admin users */
-extern CONSENTUSERS *pLUList;	/* list of limited users */
+extern BREAKS breakList[9];	/* list of break sequences */
 extern BREAKS breakList[BREAKLISTSIZE];	/* list of break sequences */
 extern TASKS *taskList;		/* list of tasks */
 extern SUBST *taskSubst;	/* substitution function data for tasks */
 extern CONFIG *pConfig;		/* settings seen by config parser */
 extern SUBST *substData;	/* substitution function data */
-extern void ReadCfg(char *, FILE *);
+extern void ReadCfg PARAMS((char *, FILE *));
-extern void ReReadCfg(int, int);
+extern void ReReadCfg PARAMS((int));
-extern void DestroyBreakList(void);
+extern void DestroyBreakList PARAMS((void));
-extern void InitBreakList(void);
+extern void DestroyUserList PARAMS((void));
-extern void DestroyTaskList(void);
+extern void DestroyConfig PARAMS((CONFIG *));
-extern void DestroyUserList(void);
+extern NAMES *FindUserList PARAMS((char *));
-extern void DestroyConfig(CONFIG *);
+extern NAMES *AddUserList PARAMS((char *));
-extern NAMES *FindUserList(char *);
+extern CONSENT *FindConsoleName PARAMS((CONSENT *, char *));
 extern NAMES *AddUserList(char *);
 extern CONSENT *FindConsoleName(CONSENT *, char *);
--- a/conserver/version.h
+++ b/conserver/version.h
@ -1,4 +1,6 @@
 /*
 *  $Id: version.h,v 1.55 2003/12/10 18:33:48 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -12,9 +14,4 @@
@(#) Copyright 2000 conserver.com.\n\
 All rights reserved.\n"
-#define VERSION_DATE	"2022/07/07"
+#define THIS_VERSION "conserver.com version 8.0.9"
 #define VERSION_MAJOR	8
 #define VERSION_MINOR	2
 #define VERSION_REV	7
 #define VERSION_TEXT	"conserver.com version"
 #define VERSION_UINT	(VERSION_MAJOR * 1000000 + VERSION_MINOR * 1000 + VERSION_REV)
--- a/console/Makefile.in
+++ b/console/Makefile.in
@ -1,7 +1,5 @@
 ### Path settings
 datarootdir = @datarootdir@
 srcdir = @srcdir@
 VPATH = @srcdir@
 top_srcdir = @top_srcdir@
 prefix = @prefix@
 exec_prefix = @exec_prefix@
@ -27,11 +25,11 @@ LIBS	= @LIBS@
 ### Makefile rules - no user-servicable parts below
-CONSOLE_OBJS = console.o getpassword.o readconf.o ../conserver/cutil.o
+CONSOLE_OBJS = console.o getpassword.o ../conserver/cutil.o
 CONSOLE_HDRS = ../config.h $(top_srcdir)/compat.h \
 	       $(top_srcdir)/conserver/cutil.h \
 	       $(top_srcdir)/conserver/version.h \
-	       $(srcdir)/getpassword.h $(srcdir)/readconf.h
+	       $(srcdir)/getpassword.h
 ALL = console
@ -58,6 +56,6 @@ install: console
 	$(MKDIR) $(DESTDIR)$(bindir)
 	$(INSTALL_PROGRAM) console $(DESTDIR)$(bindir)
 	$(MKDIR) $(DESTDIR)$(mandir)/man1
-	$(INSTALL) -m 0644 console.man $(DESTDIR)$(mandir)/man1/console.1
+	$(INSTALL) console.man $(DESTDIR)$(mandir)/man1/console.1
 .PHONY: clean distclean install
--- a/console/console.c
+++ b/console/console.c
--- a/console/console.man.in
+++ b/console/console.man.in
@ -1,44 +1,45 @@
-.TH CONSOLE 1 "@CONSERVER_DATE@" "conserver-@CONSERVER_VERSION@" "conserver"
+.\" $Id: console.man,v 1.41 2003/11/28 00:47:30 bryan Exp $
 .TH CONSOLE 1 "2003/11/28" "conserver-8.0.9" "conserver"
 .SH NAME
 console \- console server client program
 .SH SYNOPSIS
 .B console
-.RI [ generic-args ]
+.RB [ \-aAEfFsS ]
-.RB [ \-aAfFsS ]
+.RB [ \-7Dv ]
 .RB [ \-c
 .IR cred ]
 .BR [ \-M
 .IR mach ]
 .BR [ \-p
 .IR port ]
 .BR [ \-e
 .IR esc ]
 .BR [ \-l
 .IR user ]
 .I console
 .br
 .B console
-.RI [ generic-args ]
+.RB [ \-hiIPrRuVwWx ]
-.RB [ \-iIuwWx ]
+.RB [ \-7Dv ]
-.RI [ console ]
+.RB [ \-M
-.br
+.IR mach ]
-.B console
+.RB [ \-p
-.RI [ generic-args ]
+.IR port ]
-.RB [ \-hPqQrRV ]
+.RB [ \-d
 .RI [ user ][\fB@\fP console ]]
 .RB [ \- [ bB ]
 .IR message ]
 .RB [ \-d
 .RI [ user ][\f3@\fP console ]]
 .RB [ \-t
-.RI [ user ][\f3@\fP console ]
+.RI [ user ][\fB@\fP console ]
 .IR message ]
-.RB [ \- [ zZ ]
+.br
-.IR cmd ]
+.B console
-.PP
+.RB [ \-qQ ]
-.IR generic-args :
+.RB [ \-7Dv ]
-.RB [ \-7DEknUv ]
+.RB [ \-M
-.RB [ \-c
+.IR mach ]
-.IR cred ]
+.RB [ \-p
 .RB [ \-C
 .IR config ]
 .BR [ \-M
 .IR master ]
 .BR [ \-p
 .IR port ]
 .BR [ \-l
 .IR user ]
 .SH DESCRIPTION
 .B Console
 is used to manipulate console terminals remotely or to poll running
@ -50,8 +51,7 @@ In the first form above,
 asks the user's password before
 granting interactive access to a console (on a non-trusted system),
 since such a session may provide single-user access.
-If the server's autocompletion feature is enabled,
+Only as much of the console name as is required to
 only as much of the console name as is required to
 identify it uniquely to the server is required.
 .PP
 For non-interactive options,
@ -116,10 +116,6 @@ to users on the primary server.
 Load an SSL certificate and key from the PEM encoded file
 .IR cred .
 .TP
 .BI \-C config
 Use the per-user configuration file
 .IR config .
 .TP
 .B \-d
 Disconnect the users specified by
 .IR user @ console .
@ -154,13 +150,9 @@ The default value is
 .B \-E
 If encryption has been built into the code
 .RB ( --with-openssl ),
-encrypted client connections are, by default, a requirement.
+encrypted client connections are a requirement.
-This option disables any attempt at creating an
+This option allows the client to connect to a console
-encrypted connection.
+over a non-encrypted connection.
 If you'd like to use encrypted connections when your server
 supports it, but fallback to non-encrypted otherwise, the
 .B \-U
 option is what you want.
 .TP
 .B \-f
 Same as
@ -171,17 +163,13 @@ except it will force any existing connection into spy mode.
 Display a brief help message.
 .TP
 .B \-i
-Display status information in a machine-parseable format (see below for the details).
+Display information in a machine-parseable format (see below for the details).
 .TP
 .B \-I
 Same as
 .B \-i
 but just acts on the primary server.
 .TP
 .B \-k
 Abort the connection if the console is not in the `up' state immediately
 upon connecting.
 .TP
 .BI \-l user
 Set the login name used for authentication to
 .IR user .
@ -191,34 +179,19 @@ uses $USER if its uid matches the user's real uid,
 or $LOGNAME if its uid matches the user's real uid,
 or else the name associated with the user's real uid.
 .TP
-.BI \-M master
+.BI \-M mach
 The
 .B console
 client program polls
-.I master
+.I mach
 as the primary server,
 rather than the default set at compile time (typically
 .RB `` console '').
 The default
-.I master
+.I mach
 may be changed at compile time using the
 .B --with-master
 option.
 If
 .B --with-uds
 is used to enable Unix domain sockets, however, this option points
 .B console
 to the directory which holds those sockets.
 The default
 .I master
 directory
 .RB (`` /tmp/conserver '')
 may be changed at compile time using the
 .B --with-uds
 option.
 .TP
 .BI \-n
 Do not read the system-wide configuration file.
 .TP
 .BI \-p port
 Set the port to connect to.
@ -230,9 +203,6 @@ may be changed at compile time
 using the
 .B --with-port
 option.
 If the
 .B --with-uds
 option was used, this option is ignored.
 .TP
 .B \-P
 Display the pid of the master daemon process on each server.
@ -294,18 +264,6 @@ and attached users
 .RI ( user @ host
 if attached read-write, `<spies>' if only users in spy mode, or `<none>').
 .TP
 .B \-U
 If encryption has been built into the code
 .RB ( --with-openssl ),
 encrypted client connections are, by default, a requirement.
 This option allows the client to attempt an encrypted connection
 but fall back to a non-encrypted connection if the server doesn't
 support encryption.
 If the encryption handshake is failing, disabling encryption on the
 client with the
 .B \-E
 option is probably what you want.
 .TP
 .B \-v
 Be more verbose when building the connection(s).
 Use this option in combination with any of `show' options (below)
@ -331,72 +289,6 @@ but just acts on the primary server.
 .TP
 .B \-x
 Show a list of consoles and devices.
 .TP
 .BI \-z cmd
 Sends a command
 .RI ( cmd )
 to each server and displays the result.
 The valid commands are:
 .RS
 .sp
 .PD 0
 .TP 12
 .B bringup
 Try to connect all consoles marked as down (this is equivalent
 to sending the server a SIGUSR1)
 .TP
 .B SIGUSR1
 Same as
 .B bringup
 .TP
 .B help
 Displays the help message
 .TP
 .B pid
 Returns the pid of the server (this is equivalent to
 .BR \-P )
 .TP
 .B quit
 Instructs the server to shut down (this is equivalent to
 .B \-q
 or sending the server a SIGTERM)
 .TP
 .B SIGTERM
 Same as
 .B quit
 .TP
 .B reconfig
 Instructs the server to reload the configuration file, then
 perform the actions of
 .B reopen
 (this is equivalent to sending the server a SIGHUP)
 .TP
 .B SIGHUP
 Same as
 .B reconfig
 .TP
 .B reopen
 Instructs the server to reopen all logfiles, then
 perform the actions of
 .B bringup
 (this is equivalent to sending the server a SIGUSR2)
 .TP
 .B SIGUSR2
 Same as
 .B reopen
 .TP
 .B version
 Returns the version of the server (this is equivalent to
 .BR \-V )
 .PD
 .RE
 .TP
 .BI \-Z cmd
 Same as
 .B \-z
 but just sends
 .I cmd
 to the primary server.
 .PP
 The
 .BR \-A ,
@ -405,19 +297,12 @@ The
 options have the same effect as their lower-case variants.
 In addition, they each request the last 20 lines of the console output after
 making the connection (as if
-.RB `` ^Ecr ''
+.RB ` ^Ecr '
 were typed).
 .PP
 The
 .BR \-i ,
 .BR \-u ,
 .BR \-w ", and"
 .B \-x
 options can be given a console name, which will limit their output to that console.
 .PP
 The
 .B \-i
-option outputs status information regarding each console in 15 colon-separated fields.
+option outputs information regarding each console in 15 colon-separated fields.
 .TP
 .I name
 The name of the console.
@ -429,21 +314,17 @@ the console.
 .I type
 The type of console.
 Values will be a `/' for a local device, `|' for
-a command, `!' for a remote port, `%' for a Unix domain socket,
+a command, or `!' for a remote port.
 and `#' for a noop console.
 .TP
 .I console-details
 The details regarding the console.
-The values here (all comma-separated) depend on the type of the console.
+The values here (all comma separated) depend on the type of the console.
-Local devices will have values of the device file, baud rate/parity, and
+Local devices will have values of the device file, baud rate, and
 file descriptor for the device.
 Commands will have values of the command, the command's pid, the
 pseudo-tty, and file descriptor for the pseudo-tty.
 Remote ports will have values of the remote hostname, remote port number,
-``raw'' or ``telnet'' protocol, and file descriptor for the socket connection.
+and file descriptor for the socket connection.
 Unix domain sockets will have the path to the socket and the file
 descriptor for the socket connection.
 Noop consoles will have nothing.
 .TP
 .I users-list
 The details of each user connected to the console.
@ -466,9 +347,9 @@ that the server can open the file for read, but not write.
 .TP
 .I logfile-details
 The details regarding the logging for the console.
-The comma-separated
+The comma separated
 values will be the logfile, ``log'' or ``nolog'' (if logging is on
-or not - toggled via ``^EcL''), ``act'' or ``noact'' (if activity logging is
+or not - toggled via ^EcL), ``act'' or ``noact'' (if activity logging is
 enabled or not - the `a' timestamp option), the timestamp interval, and
 the file descriptor of the logfile.
 .TP
@ -481,10 +362,10 @@ is at work, it will have the value of ``autoup'', otherwise it
 will be ``noautoup''.
 .TP
 .I aliases
-The console aliases are presented in a comma-separated list.
+The console aliases are presented in a comma separated list.
 .TP
 .I options
-The active options for the console are presented in a comma-separated list.
+The active options for the console are presented in a comma separated list.
 .TP
 .I initcmd
 The initcmd configuration option for the console.
@ -494,321 +375,6 @@ The idletimeout configuration option for the console.
 .TP
 .I idlestring
 The idlestring configuration option for the console.
 .SH CONFIGURATION
 .B Console
 reads configuration information from the system-wide configuration file
 .RB ( console.cf ),
 then the per-user configuration file
 .RB ( .consolerc ),
 and then applies command-line arguments.
 Each configuration location can override the previous.
 The same happens when parsing an individual file - the later entries
 always override the earlier entries.
 Because of that, you should put ``global'' defaults first and
 more specific defaults second.
 .PP
 The configuration file is read using the same parser as 
 .BR conserver.cf (5),
 and you should check that manpage for parser details.
 .B Console
 recognizes the following configuration blocks.
 .TP
 \f3config\fP \f2hostname\fP|\f2ipaddr\fP
 .br
 Define a configuration block for the client host named
 .I hostname
 or using the address
 .IR ipaddr .
 If the value of ``*'' is used, the configuration block will be applied to
 all client hosts.
 .RS
 .TP
 \f3escape\fP \f2esc\fP
 .br
 Set the escape sequence (see the
 .B \-e
 command-line flag).
 .TP
 \f3master\fP \f2master\fP
 .br
 Set the default master to
 .I master
 (see the
 .B \-M
 command-line flag).
 .TP
 \f3playback\fP \f2num\fP|\f3""\fP
 .br
 Override the playback length for the
 .B p
 escape command to
 .I num
 lines (if the server supports it).
 Using the special value of ``0'' will cause the client to use the number
 of lines of the current terminal (if that can be determined).
 If the null string (``""'') is used, the playback length will not be overridden.
 .TP
 \f3port\fP \f2port\fP
 .br
 Set the default port to
 .I port
 (see the
 .B \-p
 command-line flag).
 .TP
 \f3replay\fP \f2num\fP|\f3""\fP
 .br
 Override the replay length for the
 .B r
 escape command to
 .I num
 lines (if the server supports it).
 Using the special value of ``0'' will cause the client to use the number
 of lines of the current terminal (if that can be determined).
 If the null string (``""'') is used, the replay length will not be overridden.
 .TP
 \f3sslcacertificatefile\fP \f2filename\fP
 .br
 Load the valid CA certificates for the
 .SM SSL
 connection from the PEM encoded file.
 .TP
 \f3sslcacertificatepath\fP \f2directory\fP
 .br
 Load the valid CA certificates for the
 .SM SSL
 connection from the PEM encoded files in the directory.
 .TP
 \f3sslcredentials\fP \f2filename\fP
 .br
 Set the
 .SM SSL
 credentials file location (see the
 .B \-c
 command-line flag).
 .TP
 \f3sslenabled\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
 .br
 Set whether or not encryption is attempted when talking to servers (see the
 .B \-E
 command-line flag).
 .TP
 \f3sslrequired\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
 .br
 Set whether or not encryption is required when talking to servers (see the
 .B \-U
 command-line flag).
 .TP
 \f3striphigh\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
 .br
 Set whether or not to strip the high bit off all data received
 (see the
 .B \-7
 command-line flag).
 .TP
 \f3username\fP \f2user\fP
 .br
 Set the username passed to the server to
 .I user
 (see the
 .B \-l
 command-line flag).
 .RE
 .TP
 \f3terminal\fP \f2type\fP
 .br
 Define a configuration block when using a terminal of type
 .IR type .
 If the value of ``*'' is used, the configuration block will be applied to
 all terminal types.
 .RS
 .TP
 \f3attach\fP \f2string\fP|\f3""\fP
 .br
 Set a
 .I string
 to print when successfully attached to a console.
 Character substitions will be performed based on the
 .B attachsubst
 value and occur
 .I before
 interpretation of the special characters below.
 If the null string (``\f3""\fP'') is used, no string will be printed.
 .I string
 is a simple character string with the exception of `\e'
 and `^':
 .RS
 .RS
 .sp
 .PD 0
 .TP 6
 .B \ea
 alert
 .TP
 .B \eb
 backspace
 .TP
 .B \ef
 form-feed
 .TP
 .B \en
 newline
 .TP
 .B \er
 carriage-return
 .TP
 .B \et
 tab
 .TP
 .B \ev
 vertical-tab
 .TP
 .B \e\e
 backslash
 .TP
 .B \e^
 circumflex
 .TP
 .BI \e ooo
 octal representation of a character (where
 .I ooo
 is one to three octal digits)
 .TP
 .BI \e c
 character
 .I c
 .TP
 .B ^?
 delete
 .TP
 .BI ^ c
 control character
 .RI ( c
 is ``and''ed with 0x1f)
 .PD
 .RE
 .RE
 .IP
 An interesting use of
 .B attach
 and
 .B attachsubst
 would be:
 .RS
 .IP
 .ft CR
 .nf
 terminal xterm {
    attach "^[]0;conserver: U@C^G";
    attachsubst U=us,C=cs;
 }
 .fi
 .ft
 .RE
 .TP
 \f3attachsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
 .br
 Perform character substitutions on the
 .B attach
 value.
 A series of replacements can be defined by specifying a
 comma-separated list of
 \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP
 sequences where
 .I c
 is any printable character,
 .I t
 specifies the replacement value,
 .I n
 is a field length (optional),
 and
 .I f
 is the format string.
 .I t
 can be one of the characters below, catagorized as a string replacement
 or a numeric replacement, which dictates the use of the
 .I n
 and
 .I f
 fields.
 .RS
 .RS
 .sp
 .PD 0
 .TP
 String Replacement
 .TP
 .B u
 username
 .TP
 .B c
 console name
 .sp
 .PP
 Numeric Replacement
 .TP
 none available (yet)
 .PD
 .RE
 .RE
 .IP
 For string replacements, if the replacement isn't at least
 .I n
 characters, it will be padded with space characters on the left.
 .I f
 must be `s'.
 For numeric replacements, the value will be formatted to at least
 .I n
 characters, padded with 0s if
 .I n
 begins with a 0, and space characters otherwise.
 .I f
 must be either `d', `x' or `X', specifying a decimal, lower-case
 hexadecimal, or an uppercase hexadecimal conversion.
 If the null string (``\f3""\fP'') is used, no replacements will be done.
 .TP
 \f3detach\fP \f2string\fP|\f3""\fP
 .br
 Set a
 .I string
 to print once detached from a console.
 Character substitions will be performed based on the
 .B detachsubst
 value.
 See the
 .B attach
 option for an explanation of
 .IR string .
 If the null string (``\f3""\fP'') is used, no string will be printed.
 .TP
 \f3detachsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
 .br
 Perform character substitutions on the
 .B detach
 value.
 See the
 .B attachsubst
 option for an explanation of the format string.
 .RE
 .PP
 A simple configuration to set a new default escape sequence and override
 the master location would be:
 .IP
 .ft CR
 .nf
 # override options for all hosts
 config * {
    master localhost;
    escape ^Ee;
 }
 # set things more specific to host1
 # note: if the entries were reversed, host1
 # would also use localhost.
 config host1 {
    master console1;
 }
 .fi
 .ft
 .SH "ESCAPE SEQUENCES"
 The connection can be controlled by a two-character escape sequence, followed
 by a command.
@ -821,12 +387,6 @@ Commands are:
 .sp
 .PD 0
 .TP 13
 .B \.
 disconnect
 .TP
 .B ;
 move to another console
 .TP
 .B a
 attach read-write if nobody already is
 .TP
@ -860,7 +420,7 @@ list the break sequences available
 .B l0
 send the break sequence associated with this console
 .TP
-.B l1-9a-z
+.B l1-9
 send the specific break sequence
 .TP
 .B m
@ -871,19 +431,13 @@ close (if open) and reopen the line (to clear errors (silo overflows))
 and the log file
 .TP
 .B p
-playback the last 60 lines of output
+replay the last 60 lines of output
 .TP
 .B P
 set number of playback lines
 .TP
 .B r
 replay the last 20 lines of output
 .TP
 .B R
 set number of replay lines
 .TP
 .B s
-switch to spy mode (read only)
+switch to spy mode (read-only)
 .TP
 .B u
 show status of hosts/users in this group
@ -900,9 +454,6 @@ examine this group's devices and modes
 .B z
 suspend this connection
 .TP
 .B !
 invoke task
 .TP
 .B |
 attach a local command to the console
 .TP
@ -919,12 +470,14 @@ replay the last line only
 send character having octal code
 .IR ooo " (must"
 specify three octal digits)
 .IP \.
 disconnect
 .PD
 .PP
 If any other character is hit after the escape sequence, all three characters
 will be discarded.
 Note that a line break or a down command
-can only be sent from a read-write connection.
+can only be sent from a full two-way attachment.
 To send the escape sequence through the connection one must redefine
 the outer escape sequence, or use
 .BI ^Ec\e ooo
@ -935,17 +488,13 @@ In the
 .B \-u
 output, the login ``<none>'' indicates no one is
 viewing that console, and the login ``<spies>'' indicates that
-no one has a read-write connection (only read-only).
+no one has a full two-way attachment.
-.PP
+When no one is attached to
-When running a local command via
+a console its output is cloned to the stdout of the server process if
-.RB `` ^Ec| '',
+.B conserver
-you can type 
+was started with the
-.RB ` ^C '
+.B \-u
-to send the command a SIGHUP,
+option.
 .RB ` ^\e '
 to send the command a SIGKILL, and
 .RB ` o '
 to toggle the display of the console data.
 .SH EXAMPLES
 .TP 15
 console \-u
@ -997,22 +546,6 @@ or number of days is displayed.
 console \-e "^[1" lv426
 Requests a connection to the host ``lv426'' with the escape characters
 set to ``escape one''.
 .SH FILES
 .PP
 The following default file locations may be overridden
 at compile time or by the command-line options described above.
 Run
 .B console \-V
 to see the defaults set at compile time.
 .PP
 .PD 0
 .TP 25
 .B /etc/console.cf
 system-wide configuration file
 .TP
 .B \s-1$HOME\s0/.consolerc
 per-user configuration file
 .PD
 .SH BUGS
 It is possible to create a loop of console connections, with ugly results.
 Never run
--- a/console/getpassword.c
+++ b/console/getpassword.c
@ -1,4 +1,6 @@
 /*
 *  $Id: getpassword.c,v 1.8 2003/11/20 13:56:41 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@ -29,7 +31,12 @@ static STRING *pass = (STRING *)0;
 * we really use cbreak at PUCC because we need even parity...
 */
 static void
 #if PROTOTYPES
 C2Raw(int fd)
 #else
 C2Raw(fd)
    int fd;
 #endif
 {
    struct termios n_tios;
@ -57,7 +64,12 @@ C2Raw(int fd)
 * put the tty back as it was, however that was
 */
 static void
 #if PROTOTYPES
 C2Normal(int fd)
 #else
 C2Normal(fd)
    int fd;
 #endif
 {
    if (!screwy)
 	return;
@ -66,7 +78,12 @@ C2Normal(int fd)
 }
 char *
 #if PROTOTYPES
 GetPassword(char *prompt)
 #else
 GetPassword(prompt)
    char *prompt;
 #endif
 {
    int fd;
    int nc;
@ -123,7 +140,11 @@ GetPassword(char *prompt)
 }
 void
 #if PROTOTYPES
 ClearPassword(void)
 #else
 ClearPassword()
 #endif
 {
    if (pass == (STRING *)0 || pass->allocated == 0)
 	return;
--- a/console/getpassword.h
+++ b/console/getpassword.h
@ -1,8 +1,10 @@
 /*
 *  $Id: getpassword.h,v 1.3 2003/09/11 09:10:58 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
 */
-extern char *GetPassword(char *);
+extern char *GetPassword PARAMS((char *));
-extern void *ClearPassword(void);
+extern void *ClearPassword PARAMS((void));
--- a/console/readconf.c
+++ b/console/readconf.c
@ -1,726 +0,0 @@
 /*
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
 */
 #include <compat.h>
 #include <cutil.h>
 #include <readconf.h>
 CONFIG *parserConfigTemp = (CONFIG *)0;
 CONFIG *parserConfigDefault = (CONFIG *)0;
 CONFIG *pConfig = (CONFIG *)0;
 TERM *parserTermTemp = (TERM *)0;
 TERM *parserTermDefault = (TERM *)0;
 TERM *pTerm = (TERM *)0;
 void
 DestroyConfig(CONFIG *c)
 {
    if (c == (CONFIG *)0)
 	return;
    if (c->username != (char *)0)
 	free(c->username);
    if (c->master != (char *)0)
 	free(c->master);
    if (c->port != (char *)0)
 	free(c->port);
    if (c->escape != (char *)0)
 	free(c->escape);
 #if HAVE_OPENSSL
    if (c->sslcredentials != (char *)0)
 	free(c->sslcredentials);
    if (c->sslcacertificatefile != (char *)0)
 	free(c->sslcacertificatefile);
    if (c->sslcacertificatepath != (char *)0)
 	free(c->sslcacertificatepath);
 #endif
    free(c);
 }
 void
 ApplyConfigDefault(CONFIG *c)
 {
    if (parserConfigDefault == (CONFIG *)0)
 	return;
    if (parserConfigDefault->username != (char *)0) {
 	if (c->username != (char *)0)
 	    free(c->username);
 	if ((c->username =
 	     StrDup(parserConfigDefault->username)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->master != (char *)0) {
 	if (c->master != (char *)0)
 	    free(c->master);
 	if ((c->master = StrDup(parserConfigDefault->master)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->port != (char *)0) {
 	if (c->port != (char *)0)
 	    free(c->port);
 	if ((c->port = StrDup(parserConfigDefault->port)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->escape != (char *)0) {
 	if (c->escape != (char *)0)
 	    free(c->escape);
 	if ((c->escape = StrDup(parserConfigDefault->escape)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->striphigh != FLAGUNKNOWN)
 	c->striphigh = parserConfigDefault->striphigh;
    if (parserConfigDefault->replay != FLAGUNKNOWN)
 	c->replay = parserConfigDefault->replay;
    if (parserConfigDefault->playback != FLAGUNKNOWN)
 	c->playback = parserConfigDefault->playback;
 #if HAVE_OPENSSL
    if (parserConfigDefault->sslcredentials != (char *)0) {
 	if (c->sslcredentials != (char *)0)
 	    free(c->sslcredentials);
 	if ((c->sslcredentials =
 	     StrDup(parserConfigDefault->sslcredentials)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->sslcacertificatefile != (char *)0) {
 	if (c->sslcacertificatefile != (char *)0)
 	    free(c->sslcacertificatefile);
 	if ((c->sslcacertificatefile =
 	     StrDup(parserConfigDefault->sslcacertificatefile)) ==
 	    (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->sslcacertificatepath != (char *)0) {
 	if (c->sslcacertificatepath != (char *)0)
 	    free(c->sslcacertificatepath);
 	if ((c->sslcacertificatepath =
 	     StrDup(parserConfigDefault->sslcacertificatepath)) ==
 	    (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->sslrequired != FLAGUNKNOWN)
 	c->sslrequired = parserConfigDefault->sslrequired;
    if (parserConfigDefault->sslenabled != FLAGUNKNOWN)
 	c->sslenabled = parserConfigDefault->sslenabled;
 #endif
 }
 void
 ConfigBegin(char *id)
 {
    CONDDEBUG((1, "ConfigBegin(%s) [%s:%d]", id, file, line));
    if (id == (char *)0 || id[0] == '\000') {
 	Error("empty config name [%s:%d]", file, line);
 	return;
    }
    if (parserConfigTemp != (CONFIG *)0)
 	DestroyConfig(parserConfigTemp);
    if ((parserConfigTemp = (CONFIG *)calloc(1, sizeof(CONFIG)))
 	== (CONFIG *)0)
 	OutOfMem();
    ApplyConfigDefault(parserConfigTemp);
    parserConfigTemp->name = AllocString();
    BuildString(id, parserConfigTemp->name);
 }
 void
 ConfigEnd(void)
 {
    CONDDEBUG((1, "ConfigEnd() [%s:%d]", file, line));
    if (parserConfigTemp == (CONFIG *)0)
 	return;
    if (parserConfigTemp->name->used > 1) {
 	if ((parserConfigTemp->name->string[0] == '*' &&
 	     parserConfigTemp->name->string[1] == '\000') ||
 	    IsMe(parserConfigTemp->name->string)) {
 	    DestroyConfig(parserConfigDefault);
 	    parserConfigDefault = parserConfigTemp;
 	    parserConfigTemp = (CONFIG *)0;
 	}
    }
    DestroyConfig(parserConfigTemp);
    parserConfigTemp = (CONFIG *)0;
 }
 void
 ConfigAbort(void)
 {
    CONDDEBUG((1, "ConfigAbort() [%s:%d]", file, line));
    if (parserConfigTemp == (CONFIG *)0)
 	return;
    DestroyConfig(parserConfigTemp);
    parserConfigTemp = (CONFIG *)0;
 }
 void
 ConfigDestroy(void)
 {
    CONDDEBUG((1, "ConfigDestroy() [%s:%d]", file, line));
    if (parserConfigTemp != (CONFIG *)0) {
 	DestroyConfig(parserConfigTemp);
 	parserConfigTemp = (CONFIG *)0;
    }
    if (parserConfigDefault != (CONFIG *)0) {
 	DestroyConfig(pConfig);
 	pConfig = parserConfigDefault;
 	parserConfigDefault = (CONFIG *)0;
    }
 }
 void
 DestroyTerminal(TERM *t)
 {
    if (t == (TERM *)0)
 	return;
    if (t->attach != (char *)0)
 	free(t->attach);
    if (t->attachsubst != (char *)0)
 	free(t->attachsubst);
    if (t->detach != (char *)0)
 	free(t->detach);
    if (t->detachsubst != (char *)0)
 	free(t->detachsubst);
    free(t);
 }
 void
 ApplyTermDefault(TERM *t)
 {
    if (parserTermDefault == (TERM *)0)
 	return;
    if (parserTermDefault->attach != (char *)0) {
 	if (t->attach != (char *)0)
 	    free(t->attach);
 	if ((t->attach = StrDup(parserTermDefault->attach)) == (char *)0)
 	    OutOfMem();
    }
    if (parserTermDefault->attachsubst != (char *)0) {
 	if (t->attachsubst != (char *)0)
 	    free(t->attachsubst);
 	if ((t->attachsubst =
 	     StrDup(parserTermDefault->attachsubst)) == (char *)0)
 	    OutOfMem();
    }
    if (parserTermDefault->detach != (char *)0) {
 	if (t->detach != (char *)0)
 	    free(t->detach);
 	if ((t->detach = StrDup(parserTermDefault->detach)) == (char *)0)
 	    OutOfMem();
    }
    if (parserTermDefault->detachsubst != (char *)0) {
 	if (t->detachsubst != (char *)0)
 	    free(t->detachsubst);
 	if ((t->detachsubst =
 	     StrDup(parserTermDefault->detachsubst)) == (char *)0)
 	    OutOfMem();
    }
 }
 void
 TerminalBegin(char *id)
 {
    CONDDEBUG((1, "TerminalBegin(%s) [%s:%d]", id, file, line));
    if (id == (char *)0 || id[0] == '\000') {
 	Error("empty terminal name [%s:%d]", file, line);
 	return;
    }
    if (parserTermTemp != (TERM *)0)
 	DestroyTerminal(parserTermTemp);
    if ((parserTermTemp = (TERM *)calloc(1, sizeof(TERM)))
 	== (TERM *)0)
 	OutOfMem();
    ApplyTermDefault(parserTermTemp);
    parserTermTemp->name = AllocString();
    BuildString(id, parserTermTemp->name);
 }
 void
 TerminalEnd(void)
 {
    static char *term = (char *)0;
    CONDDEBUG((1, "TerminalEnd() [%s:%d]", file, line));
    if (parserTermTemp == (TERM *)0)
 	return;
    if (term == (char *)0) {
 	if ((term = getenv("TERM")) == (char *)0) {
 	    term = "";
 	}
    }
    if (parserTermTemp->name->used > 1) {
 	if ((parserTermTemp->name->string[0] == '*' &&
 	     parserTermTemp->name->string[1] == '\000') ||
 	    strcmp(parserTermTemp->name->string, term) == 0) {
 	    DestroyTerminal(parserTermDefault);
 	    parserTermDefault = parserTermTemp;
 	    parserTermTemp = (TERM *)0;
 	}
    }
    DestroyTerminal(parserTermTemp);
    parserTermTemp = (TERM *)0;
 }
 void
 TerminalAbort(void)
 {
    CONDDEBUG((1, "TerminalAbort() [%s:%d]", file, line));
    if (parserTermTemp == (TERM *)0)
 	return;
    DestroyTerminal(parserTermTemp);
    parserTermTemp = (TERM *)0;
 }
 void
 TerminalDestroy(void)
 {
    CONDDEBUG((1, "TerminalDestroy() [%s:%d]", file, line));
    if (parserTermTemp != (TERM *)0) {
 	DestroyTerminal(parserTermTemp);
 	parserTermTemp = (TERM *)0;
    }
    if (parserTermDefault != (TERM *)0) {
 	DestroyTerminal(pTerm);
 	pTerm = parserTermDefault;
 	parserTermDefault = (TERM *)0;
    }
 }
 void
 ProcessYesNo(char *id, FLAG *flag)
 {
    if (id == (char *)0 || id[0] == '\000')
 	*flag = FLAGFALSE;
    else if (strcasecmp("yes", id) == 0 || strcasecmp("true", id) == 0 ||
 	     strcasecmp("on", id) == 0)
 	*flag = FLAGTRUE;
    else if (strcasecmp("no", id) == 0 || strcasecmp("false", id) == 0 ||
 	     strcasecmp("off", id) == 0)
 	*flag = FLAGFALSE;
 }
 void
 ConfigItemEscape(char *id)
 {
    CONDDEBUG((1, "ConfigItemEscape(%s) [%s:%d]", id, file, line));
    if (parserConfigTemp->escape != (char *)0)
 	free(parserConfigTemp->escape);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->escape = (char *)0;
 	return;
    }
    if ((parserConfigTemp->escape = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 ConfigItemMaster(char *id)
 {
    CONDDEBUG((1, "ConfigItemMaster(%s) [%s:%d]", id, file, line));
    if (parserConfigTemp->master != (char *)0)
 	free(parserConfigTemp->master);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->master = (char *)0;
 	return;
    }
    if ((parserConfigTemp->master = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 ConfigItemPlayback(char *id)
 {
    int i;
    CONDDEBUG((1, "ConfigItemPlayback(%s) [%s:%d]", id, file, line));
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->playback = 0;
 	return;
    }
    for (i = 0; id[i] != '\000'; i++) {
 	if (!isdigit((int)id[i])) {
 	    Error("invalid playback value [%s:%d]", file, line);
 	    return;
 	}
    }
    if (i > 4) {
 	Error("playback value too large [%s:%d]", file, line);
 	return;
    }
    parserConfigTemp->playback = (unsigned short)atoi(id) + 1;
 }
 void
 ConfigItemPort(char *id)
 {
    CONDDEBUG((1, "ConfigItemPort(%s) [%s:%d]", id, file, line));
    if (parserConfigTemp->port != (char *)0)
 	free(parserConfigTemp->port);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->port = (char *)0;
 	return;
    }
    if ((parserConfigTemp->port = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 ConfigItemReplay(char *id)
 {
    int i;
    CONDDEBUG((1, "ConfigItemReplay(%s) [%s:%d]", id, file, line));
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->replay = 0;
 	return;
    }
    for (i = 0; id[i] != '\000'; i++) {
 	if (!isdigit((int)id[i])) {
 	    Error("invalid replay value [%s:%d]", file, line);
 	    return;
 	}
    }
    if (i > 4) {
 	Error("replay value too large [%s:%d]", file, line);
 	return;
    }
    parserConfigTemp->replay = (unsigned short)atoi(id) + 1;
 }
 void
 ConfigItemSslcredentials(char *id)
 {
    CONDDEBUG((1, "ConfigItemSslcredentials(%s) [%s:%d]", id, file, line));
 #if HAVE_OPENSSL
    if (parserConfigTemp->sslcredentials != (char *)0)
 	free(parserConfigTemp->sslcredentials);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->sslcredentials = (char *)0;
 	return;
    }
    if ((parserConfigTemp->sslcredentials = StrDup(id)) == (char *)0)
 	OutOfMem();
 #else
    Error
 	("sslcredentials ignored - encryption not compiled into code [%s:%d]",
 	 file, line);
 #endif
 }
 void
 ConfigItemSslcacertificatefile(char *id)
 {
    CONDDEBUG((1, "ConfigItemSslcacertificatefile(%s) [%s:%d]", id, file,
 	       line));
 #if HAVE_OPENSSL
    if (parserConfigTemp->sslcacertificatefile != (char *)0)
 	free(parserConfigTemp->sslcacertificatefile);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->sslcacertificatefile = (char *)0;
 	return;
    }
    if ((parserConfigTemp->sslcacertificatefile = StrDup(id)) == (char *)0)
 	OutOfMem();
 #else
    Error
 	("sslcacertificatefile ignored - encryption not compiled into code [%s:%d]",
 	 file, line);
 #endif
 }
 void
 ConfigItemSslcacertificatepath(char *id)
 {
    CONDDEBUG((1, "ConfigItemSslcacertificatepath(%s) [%s:%d]", id, file,
 	       line));
 #if HAVE_OPENSSL
    if (parserConfigTemp->sslcacertificatepath != (char *)0)
 	free(parserConfigTemp->sslcacertificatepath);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->sslcacertificatepath = (char *)0;
 	return;
    }
    if ((parserConfigTemp->sslcacertificatepath = StrDup(id)) == (char *)0)
 	OutOfMem();
 #else
    Error
 	("sslcacertificatepath ignored - encryption not compiled into code [%s:%d]",
 	 file, line);
 #endif
 }
 void
 ConfigItemSslrequired(char *id)
 {
    CONDDEBUG((1, "ConfigItemSslrequired(%s) [%s:%d]", id, file, line));
 #if HAVE_OPENSSL
    ProcessYesNo(id, &(parserConfigTemp->sslrequired));
 #else
    Error
 	("sslrequired ignored - encryption not compiled into code [%s:%d]",
 	 file, line);
 #endif
 }
 void
 ConfigItemSslenabled(char *id)
 {
    CONDDEBUG((1, "ConfigItemSslenabled(%s) [%s:%d]", id, file, line));
 #if HAVE_OPENSSL
    ProcessYesNo(id, &(parserConfigTemp->sslenabled));
 #else
    Error("sslenabled ignored - encryption not compiled into code [%s:%d]",
 	  file, line);
 #endif
 }
 void
 ConfigItemStriphigh(char *id)
 {
    CONDDEBUG((1, "ConfigItemStriphigh(%s) [%s:%d]", id, file, line));
    ProcessYesNo(id, &(parserConfigTemp->striphigh));
 }
 void
 ConfigItemUsername(char *id)
 {
    CONDDEBUG((1, "ConfigItemUsername(%s) [%s:%d]", id, file, line));
    if (parserConfigTemp->username != (char *)0)
 	free(parserConfigTemp->username);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->username = (char *)0;
 	return;
    }
    if ((parserConfigTemp->username = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 SUBST *substData = (SUBST *)0;
 SUBSTTOKEN
 SubstToken(char c)
 {
    switch (c) {
 	case 'u':
 	case 'c':
 	    return ISSTRING;
 	default:
 	    return ISNOTHING;
    }
 }
 int
 SubstValue(char c, char **s, int *i)
 {
    int retval = 0;
    if (s != (char **)0) {
 	CONFIG *pc;
 	if (substData->data == (void *)0)
 	    return 0;
 	pc = (CONFIG *)(substData->data);
 	if (c == 'u') {
 	    (*s) = pc->username;
 	    retval = 1;
 	} else if (c == 'c') {
 	    (*s) = pc->console;
 	    retval = 1;
 	}
    }
    return retval;
 }
 void
 InitSubstCallback(void)
 {
    if (substData == (SUBST *)0) {
 	if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0)
 	    OutOfMem();
 	substData->value = &SubstValue;
 	substData->token = &SubstToken;
    }
 }
 void
 TerminalItemAttach(char *id)
 {
    CONDDEBUG((1, "TerminalItemAttach(%s) [%s:%d]", id, file, line));
    if (parserTermTemp->attach != (char *)0)
 	free(parserTermTemp->attach);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserTermTemp->attach = (char *)0;
 	return;
    }
    if ((parserTermTemp->attach = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 TerminalItemAttachsubst(char *id)
 {
    CONDDEBUG((1, "TerminalItemAttachsubst(%s) [%s:%d]", id, file, line));
    ProcessSubst(substData, (char **)0, &(parserTermTemp->attachsubst),
 		 "attachsubst", id);
 }
 void
 TerminalItemDetach(char *id)
 {
    CONDDEBUG((1, "TerminalItemDetach(%s) [%s:%d]", id, file, line));
    if (parserTermTemp->detach != (char *)0)
 	free(parserTermTemp->detach);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserTermTemp->detach = (char *)0;
 	return;
    }
    if ((parserTermTemp->detach = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 TerminalItemDetachsubst(char *id)
 {
    CONDDEBUG((1, "TerminalItemDetachsubst(%s) [%s:%d]", id, file, line));
    ProcessSubst(substData, (char **)0, &(parserTermTemp->detachsubst),
 		 "detachsubst", id);
 }
 ITEM keyConfig[] = {
    {"escape", ConfigItemEscape},
    {"master", ConfigItemMaster},
    {"playback", ConfigItemPlayback},
    {"port", ConfigItemPort},
    {"replay", ConfigItemReplay},
    {"sslcredentials", ConfigItemSslcredentials},
    {"sslcacertificatefile", ConfigItemSslcacertificatefile},
    {"sslcacertificatepath", ConfigItemSslcacertificatepath},
    {"sslrequired", ConfigItemSslrequired},
    {"sslenabled", ConfigItemSslenabled},
    {"striphigh", ConfigItemStriphigh},
    {"username", ConfigItemUsername},
    {(char *)0, (void *)0}
 };
 ITEM keyTerminal[] = {
    {"attach", TerminalItemAttach},
    {"attachsubst", TerminalItemAttachsubst},
    {"detach", TerminalItemDetach},
    {"detachsubst", TerminalItemDetachsubst},
    {(char *)0, (void *)0}
 };
 SECTION sections[] = {
    {"config", ConfigBegin, ConfigEnd, ConfigAbort, ConfigDestroy,
     keyConfig},
    {"terminal", TerminalBegin, TerminalEnd, TerminalAbort,
     TerminalDestroy, keyTerminal},
    {(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
 };
 void
 ReadConf(char *filename, FLAG verbose)
 {
    FILE *fp;
    if ((FILE *)0 == (fp = fopen(filename, "r"))) {
 	if (verbose == FLAGTRUE)
 	    Error("could not open `%s'", filename);
 	return;
    }
    /* initialize the substition bits */
    InitSubstCallback();
    parserConfigDefault = pConfig;
    pConfig = (CONFIG *)0;
    parserTermDefault = pTerm;
    pTerm = (TERM *)0;
    ParseFile(filename, fp, 0);
    /* shouldn't really happen, but in case i screw up the stuff
     * ParseFile calls...
     */
    if (pConfig == (CONFIG *)0) {
 	if ((pConfig = (CONFIG *)calloc(1, sizeof(CONFIG)))
 	    == (CONFIG *)0)
 	    OutOfMem();
    }
    if (pTerm == (TERM *)0) {
 	if ((pTerm = (TERM *)calloc(1, sizeof(TERM)))
 	    == (TERM *)0)
 	    OutOfMem();
    }
    if (fDebug) {
 #define EMPTYSTR(x) x == (char *)0 ? "(null)" : x
 #define FLAGSTR(x) x == FLAGTRUE ? "true" : (x == FLAGFALSE ? "false" : "unset")
 	CONDDEBUG((1, "pConfig->username = %s",
 		   EMPTYSTR(pConfig->username)));
 	CONDDEBUG((1, "pConfig->master = %s", EMPTYSTR(pConfig->master)));
 	CONDDEBUG((1, "pConfig->port = %s", EMPTYSTR(pConfig->port)));
 	CONDDEBUG((1, "pConfig->escape = %s", EMPTYSTR(pConfig->escape)));
 	CONDDEBUG((1, "pConfig->striphigh = %s",
 		   FLAGSTR(pConfig->striphigh)));
 	CONDDEBUG((1, "pConfig->replay = %hu", pConfig->replay));
 	CONDDEBUG((1, "pConfig->playback = %hu", pConfig->playback));
 #if HAVE_OPENSSL
 	CONDDEBUG((1, "pConfig->sslcredentials = %s",
 		   EMPTYSTR(pConfig->sslcredentials)));
 	CONDDEBUG((1, "pConfig->sslcacertificatefile = %s",
 		   EMPTYSTR(pConfig->sslcacertificatefile)));
 	CONDDEBUG((1, "pConfig->sslcacertificatepath = %s",
 		   EMPTYSTR(pConfig->sslcacertificatepath)));
 	CONDDEBUG((1, "pConfig->sslrequired = %s",
 		   FLAGSTR(pConfig->sslrequired)));
 	CONDDEBUG((1, "pConfig->sslenabled = %s",
 		   FLAGSTR(pConfig->sslenabled)));
 #endif
 	CONDDEBUG((1, "pTerm->attach = %s", EMPTYSTR(pTerm->attach)));
 	CONDDEBUG((1, "pTerm->attachsubst = %s",
 		   EMPTYSTR(pTerm->attachsubst)));
 	CONDDEBUG((1, "pTerm->detach = %s", EMPTYSTR(pTerm->detach)));
 	CONDDEBUG((1, "pTerm->detachsubst = %s",
 		   EMPTYSTR(pTerm->detachsubst)));
    }
    fclose(fp);
 }
--- a/console/readconf.h
+++ b/console/readconf.h
@ -1,41 +0,0 @@
 /*
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
 */
 typedef struct config {
    STRING *name;
    char *console;
    char *username;
    char *master;
    char *port;
    char *escape;
    FLAG striphigh;
    FLAG exitdown;
    unsigned short replay;
    unsigned short playback;
 #if HAVE_OPENSSL
    char *sslcredentials;
    char *sslcacertificatefile;
    char *sslcacertificatepath;
    FLAG sslrequired;
    FLAG sslenabled;
 #endif
 } CONFIG;
 typedef struct term {
    STRING *name;
    char *attach;
    char *attachsubst;
    char *detach;
    char *detachsubst;
 } TERM;
 extern CONFIG *pConfig;
 extern TERM *pTerm;
 extern SUBST *substData;
 extern void ReadConf(char *, FLAG);
 extern void DestroyConfig(CONFIG *);
 extern void DestroyTerminal(TERM *);
--- a/contrib/README
+++ b/contrib/README
@ -22,3 +22,7 @@ I can't verify that these scripts will work for everyone.  Hopefully they
 will be helpful.
 Bryan Stansell
 #
 #  $Id: README,v 1.4 2003/09/29 14:29:37 bryan Exp $
 #
--- a/contrib/chat/Makefile.in
+++ b/contrib/chat/Makefile.in
@ -1,5 +1,4 @@
 ### Path settings
 datarootdir = @datarootdir@
 srcdir = @srcdir@
 top_srcdir = @top_srcdir@
 prefix = @prefix@
--- a/contrib/chat/chat.c
+++ b/contrib/chat/chat.c
@ -88,6 +88,15 @@
 #define const
 #endif
 #include <sys/cdefs.h>
 #ifndef __NetBSD__
 #if 1
 static const char rcsid[] = "Id: chat.c,v 1.26 1999/12/23 01:39:54 paulus Exp ";
 #else
 __RCSID("$NetBSD: chat.c,v 1.25 2001/09/24 13:22:38 wiz Exp $");
 #endif
 #endif
 #include <stdio.h>
 #include <ctype.h>
 #include <time.h>
--- a/contrib/maketestcerts
+++ b/contrib/maketestcerts
@ -6,13 +6,12 @@
 # outside of my own purposes.  If this helps, cool.  In the end I put the
 # rootcert.pem file in my global certs directory (OPENSSL_ROOT/ssl/certs),
 # point the server to server.pem and point the client at client.pem.  I
-# then run the c_rehash command.
+# then run the c_rehash command (I supposed it helps or is important).
-#
+# When it asks for a passphrase, use 'pass', otherwise this script won't
-# You can also use the sslcacertificatefile options to point the client/server
+# work.  Ugly, yeah, but it's an ok test.
 # at rootcert.pem instead of populating the global repository
 #
-[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -nodes
+[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -passin pass:pass -passout pass:pass
 US
 California
 Folsom
@ -26,7 +25,7 @@ EOD
 [ -f rootcert.pem ] || openssl x509 -req -in rootreq.pem -sha1 -extensions v3_ca -signkey rootkey.pem -out rootcert.pem
 [ -f root.pem ] || cat rootcert.pem rootkey.pem > root.pem
-[ -f serverreq.pem -a -f serverkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -nodes
+[ -f serverreq.pem -a -f serverkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -passin pass:pass -passout pass:pass
 US
 California
 Folsom
@ -40,7 +39,7 @@ EOD
 [ -f servercert.pem ] || openssl x509 -req -in serverreq.pem -sha1 -extensions usr_cert -CA root.pem -CAkey root.pem -CAcreateserial -out servercert.pem
 [ -f server.pem ] || cat servercert.pem serverkey.pem rootcert.pem > server.pem
-[ -f clientreq.pem -a -f clientkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem -nodes
+[ -f clientreq.pem -a -f clientkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem -passin pass:pass -passout pass:pass
 US
 California
 Folsom
--- a/contrib/redhat-rpm/conserver.defaults
+++ b/contrib/redhat-rpm/conserver.defaults
@ -1,5 +0,0 @@
 # server options
 #OPTIONS="-p 33000 -d"
 # run as different user that root
 #RUNAS=conservr
--- a/contrib/redhat-rpm/conserver.init
+++ b/contrib/redhat-rpm/conserver.init
@ -7,66 +7,44 @@
 # config: /etc/conserver.cf
 #
 DAEMON=/usr/sbin/conserver
 # Source function library.
 . /etc/rc.d/init.d/functions
 # Source networking configuration.
 . /etc/sysconfig/network
 # Source defaults
 . /etc/default/conserver
 # Check that networking is up.
 [  ${NETWORKING} = "no" ] && exit 0
 # make sure conserver is installed and executable
-[ -x $DAEMON  ] || exit 1
+[ -x /usr/sbin/conserver  ] || exit 1
 start()
 {
 	echo -n "Starting conserver: "
 	daemon --user "${RUNAS-}" $DAEMON ${OPTIONS--d}
 	RETVAL=$?
 	[ "$RETVAL" = 0 ] && touch /var/lock/subsys/conserver
 	echo
 }
 stop()
 {
 	echo -n "Shutting down conserver: "
 	killproc conserver
 	RETVAL=$?
 	[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/conserver
 	echo
 }
 # See how we were called.
 case "$1" in
  start)
-    start
+    echo -n "Starting conserver: "
    daemon conserver -d
    echo
    touch /var/lock/subsys/conserver
    ;;
  stop)
-    stop
+    echo -n "Shutting down conserver: "
    killproc conserver
    echo
    rm -f /var/lock/subsys/conserver
    ;;
  status)
    status conserver
    ;;
  restart)
-    stop
+    echo -n "Restarting conserver: "
    start
    ;;
  reload)
    echo -n "Reloading conserver: "
    killproc conserver -HUP
    RETVAL=$?
    echo
    ;;
  *)
-    echo "Usage: conserver {start|stop|restart|reload|status}"
+    echo "Usage: conserver {start|stop|restart|status}"
-    RETVAL=1
+    exit 1
 esac
-exit $RETVAL
+exit 0
--- a/contrib/redhat-rpm/conserver.spec
+++ b/contrib/redhat-rpm/conserver.spec
@ -4,7 +4,7 @@
 #
 %define pkg  conserver
-%define ver 
+%define ver  8.0.9
 # define the name of the machine on which the main conserver
 # daemon will be running if you don't want to use the default
@ -12,71 +12,26 @@
 %define master console
 # what red hat (or other distibution) version are you running?
-%define distver 1
+%define distver 6
 # compile arguments. defaults to 0
 # example: rpmbuild -bb conserver.spec --with openssl
 %define with_openssl  %{?_with_openssl:  1} %{?!_with_openssl:  0}
 %define with_libwrap  %{?_with_libwrap:  1} %{?!_with_libwrap:  0}
 %define with_pam      %{?_with_pam:      1} %{?!_with_pam:      0}
 %define with_dmalloc  %{?_with_dmalloc:  1} %{?!_with_dmalloc:  0}
 %define with_freeipmi %{?_with_freeipmi: 1} %{?!_with_freeipmi: 0}
 # additionally you can use macros logfile pidfile
 # example: rpmbuild -bb conserver.spec --define "pidfile /var/run/conserver/pid"
 Summary: Serial console server daemon/client
 Name: %{pkg}
 Version: %{ver}
-Release: %{distver}
+Release: 1.%{distver}
-License: BSD
+Copyright: distributable
 Summary: Serial console server daemon/client
 Group: System Environment/Daemons
 URL: http://www.conserver.com/
 Source: http://www.conserver.com/%{pkg}-%{ver}.tar.gz
 BuildRoot: %{_tmppath}/%{pkg}-buildroot
 %if %{with_openssl}
 Requires: openssl
 BuildRequires: openssl-devel
 %endif
 %if %{with_pam}
 BuildRequires: pam-devel
 %endif
 %if %{with_libwrap}
 Requires: tcp_wrappers
 %endif
 %if %{with_dmalloc}
 Requires: dmalloc
 BuildRequires: dmalloc
 %endif
 %if %{with_freeipmi}
 Requires: freeipmi
 BuildRequires: freeipmi-devel
 %endif
 Prefix: %{_prefix}
 %package server
 Summary: Serial console server daemon
 Group: System Environment/Daemons
 %package client
 Summary: Serial console server client
 Group: Applications/Internet
 %description
-Conserver is a daemon that allows multiple users to watch a
+Conserver is an application that allows multiple users to watch a
 serial console at the same time.  It can log the data, allows users to
 take write-access of a console (one at a time), and has a variety of
 bells and whistles to accentuate that basic functionality.
 %description server
 conserver-server is a daemon that allows multiple users to watch a
 serial console at the same time.  It can log the data, allows users to
 take write-access of a console (one at a time), and has a variety of
 bells and whistles to accentuate that basic functionality.
 %description client
 conserver-client to connect to conserver-server using a tcp port.
 Allows multiple users to watch a serial console at the same time.
 %prep
 %{__rm} -rf %{buildroot}
@ -89,8 +44,7 @@ f="conserver/Makefile.in"
 %{__mv} $f $f.orig
 %{__sed} -e 's/^.*conserver\.rc.*$//' < $f.orig > $f
-%configure %{?_with_openssl} %{?_with_libwrap} %{?_with_dmalloc} %{?_with_freeipmi} %{?_with_pam} %{?logfile: --with-logfile=%{logfile}} %{?pidfile: --with-pidfile=%{pidfile}} %{?master: --with-master=%{master}}
+%configure --with-master=%{master}
 make
@ -111,15 +65,12 @@ make
 %{__mkdir_p} %{buildroot}/%{_initrddir}
 %{__cp} contrib/redhat-rpm/conserver.init %{buildroot}/%{_initrddir}/conserver
 # install copy of init script defaults
 %{__mkdir_p} %{buildroot}/%{_sysconfdir}/default
 %{__cp} contrib/redhat-rpm/conserver.defaults %{buildroot}/%{_sysconfdir}/default/conserver
 %clean
 %{__rm} -rf %{buildroot}
-%post server
+%post
 if [ -x %{_initrddir}/conserver ]; then
  /sbin/chkconfig --add conserver
 fi
@ -129,7 +80,7 @@ if ! egrep '\<conserver\>' /etc/services > /dev/null 2>&1 ; then
 fi
-%preun server
+%preun
 if [ "$1" = 0 ]; then
  if [ -x %{_initrddir}/conserver ]; then
    %{_initrddir}/conserver stop
@ -137,37 +88,18 @@ if [ "$1" = 0 ]; then
  fi
 fi
 # we need this even if empty
 #%files
-%files server
+%files
 %defattr(-,root,root)
 %doc CHANGES FAQ INSTALL README conserver.cf
 %config(noreplace) %{_sysconfdir}/conserver.cf
 %config(noreplace) %{_sysconfdir}/conserver.passwd
 %config(noreplace) %{_sysconfdir}/default/conserver
 %attr(555,root,root) %{_initrddir}/conserver
-%{_libdir}/conserver/convert
+%{prefix}/bin/console
-%{_mandir}/man8/conserver.8.gz
+%{prefix}/share/man/man1/console.1.gz
-%{_mandir}/man5/conserver.cf.5.gz
+%{prefix}/share/man/man8/conserver.8.gz
-%{_mandir}/man5/conserver.passwd.5.gz
+%{prefix}/share/man/man5/conserver.cf.5.gz
-%{_datadir}/examples/conserver/conserver.cf
+%{prefix}/share/man/man5/conserver.passwd.5.gz
-%{_datadir}/examples/conserver/conserver.passwd
+%{prefix}/share/examples/conserver/conserver.cf
-%{_sbindir}/conserver
+%{prefix}/share/examples/conserver/conserver.passwd
-
+%{prefix}/sbin/conserver
 %files client
 %defattr(-,root,root)
 %doc CHANGES FAQ INSTALL README
 %{_bindir}/console
 %{_mandir}/man1/console.1.gz
 %changelog
 * Wed Oct 14 2009 Jodok Ole Muellers <muellejo@aschendorff.de>
  - Changed the conserver.spec file to create separate subpackages
    for client and server by using the %package directive.
 * Wed Sep 25 2009 Fabien Wernli
  - added configure prerequisites
 * Thu Sep 24 2009 Fabien Wernli
  - added prefix to configure
  - changed some hardcoded values to proper macros:
    didn't work on x64 lib -> lib64
--- a/contrib/solaris-package/pkginfo
+++ b/contrib/solaris-package/pkginfo
@ -1,7 +1,7 @@
 PKG="conserver"
 NAME="Console server and client"
 CATEGORY="system"
-VERSION=
+VERSION="8.0.9"
 DESC="Console server and client"
 CLASSES=none
 ARCH=sparc
--- a/22
+++ b/22
@ -1,22 +0,0 @@
 #!/bin/sh
 set -e
 # awk gets stdin from /dev/null 'cause when autoconf runs this via m4_esyscmd_s,
 # stdin is closed and awk assumes there will always be an open stdin and you end
 # up with a bogus message:
 #
 #   awk: i/o error occurred while closing /dev/stdin
 #    input record number 20, file conserver/version.h
 #    source line number 1
 #
 #
 case "$1" in
    number)
 	awk '$2=="VERSION_MAJOR"{maj=$NF} $2=="VERSION_MINOR"{min=$NF} $2=="VERSION_REV"{rev=$NF} END{print maj "." min "." rev}' conserver/version.h < /dev/null
 	;;
    date)
 	awk '$2=="VERSION_DATE"{print $NF}' conserver/version.h < /dev/null | tr -d '"'
 	;;
 esac
--- a/package/README.md
+++ b/package/README.md
@ -1,26 +0,0 @@
 Testing Locally
 ---------------
 You can run `./package/make-and-stage-release local` and the current code will be
 packaged into `./build` so anyone can configure and build code in a confined space.
 Creating a new release
 ----------------------
 - Create a new release branch `git checkout -b release-vx.y.z`
 - Edit `conserver/version.h`
 - Update `CHANGES` with output of `./package/create-changes vx.y.z..`
 - Double-check and merge release branch
 - Run `GITHUB_TOKEN=xxxx ./package/make-and-stage-release` to tag release, create distribution, pgp sign, and push to github
 Requirements:
 - autoconf
 - githubrelease (pypi)
 - gpg
 Publishing a release
 --------------------
 - Use github to promote from draft or use the command output from `make-and-stage-release`
 - Send announcement on mailing lists
--- a/package/config.guess
+++ b/package/config.guess
--- a/package/config.sub
+++ b/package/config.sub
--- a/package/create-changes
+++ b/package/create-changes
@ -1,10 +0,0 @@
 #!/bin/bash
 set -e
 [ -z "$1" ] && echo "Usage: $0 tag" && exit 1
 range="$1"
 date=`./gen-version date`
 changedate=`date -j -f '%Y/%m/%d' "$date" '+%B %-d, %Y'`
 echo "version `./gen-version number` ($changedate):"
 git log --no-merges --pretty=tformat:'        - %s (%an <%ae>)' "$range" | tail -r | awk '{if (! l[$0]) {l[$0]++; print}}' | sed -e 's/ *(Bryan Stansell <bryan@conserver.com>)$//'
--- a/package/make-and-stage-release
+++ b/package/make-and-stage-release
@ -1,65 +0,0 @@
 #!/bin/bash
 set -e
 case $(sed --help 2>&1) in
  *GNU*) sed_i () { sed -i "$@"; };;
  *) sed_i () { sed -i '' "$@"; };;
 esac
 local=false && [ "$1" = "local" ] && local=true
 [ -f conserver/version.h ] || { echo "you are in the wrong place" ; exit 1; }
 ver=`./gen-version number`
 if ! $local; then
    echo "Ready to tag release v$ver (y/N)?"
    read i
    if [ "$i" = "y" ]; then
 	echo "Adding git tag v$ver"
 	git tag -a -m "Release $ver" v$ver
    fi
 fi
 if [ ! -f ../conserver-$ver.tar.gz ] || $local; then
    (
 	[ -d build ] && rm -rf build
        mkdir build
 	archtag=v$ver
 	$local && archtag=HEAD
 	git archive --format=tar.gz --prefix=conserver-$ver/ $archtag | (cd build; tar zxf -)
 	cd build/conserver-$ver
 	../../package/setup-configure
 	rm -rf package
 	sed_i -e "/^%define ver/s| ver.*| ver $ver|" contrib/redhat-rpm/conserver.spec
 	sed_i -e "/^VERSION=/s|.*|VERSION=\"$ver\"|" contrib/solaris-package/pkginfo
    )
    $local && exit
    echo "Creating ../conserver-$ver.tar.gz"
    tar zcf ../conserver-$ver.tar.gz -C build conserver-$ver
    rm -rf build
    [ -f ../conserver-$ver.tar.gz.asc ] && rm ../conserver-$ver.tar.gz.asc
 fi
 if [ ! -f ../conserver-$ver.tar.gz.asc ]; then
    echo "Signing ../conserver-$ver.tar.gz"
    gpg -ab --local-user bryan@conserver.com ../conserver-$ver.tar.gz
 fi
 body="\`\`\`
 `sed -ne '/^ver/,/^$/p' CHANGES | sed -e '/^$/,$d'`
 \`\`\`"
 ls -l ../conserver-$ver.tar.gz*
 echo "Ready to push (y/N)?"
 read i
 if [ "$i" = "y" ]; then
    git push --tags
    githubrelease release bstansell/conserver create --name conserver-$ver --body "$body" v$ver ../conserver-$ver.tar.gz* 
    echo You can publish this release on the website or with:
    echo "    "githubrelease release bstansell/conserver publish v$ver
 else
    echo Ok, here is the command I would have used:
    echo "    "git push --tags
    echo "    "githubrelease release bstansell/conserver create --name conserver-$ver --body \""$body"\" v$ver ../conserver-$ver.tar.gz* 
 fi
--- a/package/run-gindent
+++ b/package/run-gindent
@ -1,15 +0,0 @@
 #!/bin/bash
 gindent -npro -i4 -ip4 -cli4 -br -brs -cdw -ce -npcs -ncs -nhnl -l75 -lc75 -nbbo -ppi1 `
 echo -T SOCKADDR_STYPE
 echo -T INADDR_STYPE
 echo -T time_t
 echo -T X509_STORE_CTX
 echo -T FILE
 echo -T SSL
 echo -T fd_set
 echo -T pam_handle_t
 echo -T SSL_CTX
 echo -T DH
 sed -ne '/typedef/,/}/p' */*.[ch] | grep '^[ 	]*}' | sed -e 's/[ 	]*}/-T/' -e 's/;//' | sort -u
 ` */*.[ch]
--- a/package/setup-configure
+++ b/package/setup-configure
@ -1,21 +0,0 @@
 #!/bin/sh
 set -e
 curl -s -o config.guess 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess'
 curl -s -o config.sub 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub'
 grep ^timestamp config.guess >/dev/null 2>&1 || cp package/config.guess .
 grep ^timestamp config.sub >/dev/null 2>&1 || cp package/config.sub .
 # We set lang to avoid this with the gcc docker image on cirrus:
 # 
 #   ./package/setup-configure
 #   perl: warning: Setting locale failed.
 #   perl: warning: Please check that your locale settings:
 #   	LANGUAGE = (unset),
 #   	LC_ALL = (unset),
 #   	LANG = "en_US.UTF-8"
 #       are supported and installed on your system.
 LANG=C autoreconf
--- a/test/dotest
+++ b/test/dotest
@ -14,7 +14,6 @@ cleanup()
 	[ "$i" != "conserver.log" ] && [ -f "$i" ] && rm -f "$i";
    done
    [ "$exitval" = 0 ] && rm -f conserver.log
    [ -d 127.0.0.1 ] && sleep 1 && rm -rf 127.0.0.1
    exit $exitval
 }
@ -26,14 +25,14 @@ dotest()
 	eval "$2" > test.out 2>&1
    else
 	echo "$1" | \
-	    ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 shell > test.out 2>&1
+	    ../console/console -M 127.0.0.1 -p 7777 shell > test.out 2>&1
    fi
    if [ "$record" ]; then
 	echo "recorded"
 	mv test.out results/test$testnum
    else
 	if [ -f results/test$testnum ]; then
-	    if diff -i results/test$testnum >test$testnum.diff test.out 2>&1; then
+	    if diff -i test.out results/test$testnum >test$testnum.diff 2>&1; then
 		echo "succeeded"
 		rm -f test$testnum.diff
 	    else
@ -73,7 +72,7 @@ sleep 3
 [ ! -d results ] && mkdir results
-dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
+dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
 dotest 'c?c.'
 dotest 'cl?c.'
 dotest 'cdc.'
@ -85,16 +84,14 @@ cp test2.cf c.cf
 kill -1 $pid
 sleep 3
-dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
+dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
 dotest 'c?c.'
 dotest 'cl?c.'
 dotest 'cdc.'
-dotest 'cocacoc.'
+dotest 'coc.'
-dotest EVAL "echo 'tu.' | ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -e 'tu' shell"
+dotest EVAL "echo 'tu.' | ../console/console -M 127.0.0.1 -p 7777 -e 'tu' shell"
-dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -R | sed -e 's/ [^ ]*$//'"
+dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -P | sed -e 's/:.*//'"
-dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
+dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
 dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x sh | sed -e '1s/^[^:]*//'"
 dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x shell | sed -e 's/ on [^ ]* */ on /'"
 cleanup
--- a/test/results/test10
+++ b/test/results/test10
@ -1,6 +1,4 @@
-[`shell' -- console is down]
+console: shell is down
 [Enter `^Ec?' for help]
-[up]
+[up -- attached]
 [ok]
 [up]
 [disconnect]
--- a/test/results/test12
+++ b/test/results/test12
@ -1 +1 @@
-version `conserver.com version
+127.0.0.1
--- a/test/results/test14
+++ b/test/results/test14
@ -1,2 +0,0 @@
 : ambiguous console abbreviation, `sh'
 	choices are shellb, shella, shell
--- a/test/results/test15
+++ b/test/results/test15
@ -1 +0,0 @@
 shell                    on at   Local 
--- a/test/results/test2
+++ b/test/results/test2
@ -1,20 +1,17 @@
 [Enter `^Ec?' for help]
 [help]
- .       disconnect                     ;       move to another console
+ .    disconnect                        a    attach read/write
- a       attach read/write              b       send broadcast message
+ b    send broadcast message            c    toggle flow control
- c       toggle flow control            d       down a console
+ d    down a console                    e    change escape sequence
- e       change escape sequence         f       force attach read/write
+ f    force attach read/write           g    group info
- g       group info                     i       information dump
+ i    information dump                  L    toggle logging on/off
- L       toggle logging on/off          l?      break sequence list
+ l?   break sequence list               l0   send break per config file
- l0      send break per config file     l1-9a-z send specific break sequence
+ l1-9 send specific break sequence      m    display the message of the day
- m       display message of the day     n       write a note to the logfile
+ o    (re)open the tty and log file     p    replay the last 60 lines
- o       (re)open the tty and log file  p       playback the last 60 lines
+ r    replay the last 20 lines          s    spy read only
 P       set number of playback lines   r       replay the last 20 lines
 R       set number of replay lines     s       spy mode (read only)
 u    show host status                  v    show version info
 w    who is on this console            x    show console baud info
- z       suspend the connection         !       invoke task
+ z    suspend the connection            |    attach local command
- |       attach local command           ?       print this message
+ <cr> ignore/abort command              ?    print this message
- <cr>    ignore/abort command           ^R      replay the last line
+ ^R   replay the last line              \ooo send character by octal code
 \ooo    send character by octal code
 [disconnect]
--- a/test/results/test5
+++ b/test/results/test5
@ -1,4 +1,4 @@
-[`shell' -- console is down]
+console: shell is down
 [Enter `^Ec?' for help]
-[up]
+[up -- attached]
 [disconnect]
--- a/test/results/test7
+++ b/test/results/test7
@ -1,20 +1,17 @@
 [Enter `^Ec?' for help]
 [help]
- .       disconnect                     ;       move to another console
+ .    disconnect                        a    attach read/write
- a       attach read/write              b       send broadcast message
+ b    send broadcast message            c    toggle flow control
- c       toggle flow control            d       down a console
+ d    down a console                    e    change escape sequence
- e       change escape sequence         f       force attach read/write
+ f    force attach read/write           g    group info
- g       group info                     i       information dump
+ i    information dump                  L    toggle logging on/off
- L       toggle logging on/off          l?      break sequence list
+ l?   break sequence list               l0   send break per config file
- l0      send break per config file     l1-9a-z send specific break sequence
+ l1-9 send specific break sequence      m    display the message of the day
- m       display message of the day     n       write a note to the logfile
+ o    (re)open the tty and log file     p    replay the last 60 lines
- o       (re)open the tty and log file  p       playback the last 60 lines
+ r    replay the last 20 lines          s    spy read only
 P       set number of playback lines   r       replay the last 20 lines
 R       set number of replay lines     s       spy mode (read only)
 u    show host status                  v    show version info
 w    who is on this console            x    show console baud info
- z       suspend the connection         !       invoke task
+ z    suspend the connection            |    attach local command
- |       attach local command           ?       print this message
+ <cr> ignore/abort command              ?    print this message
- <cr>    ignore/abort command           ^R      replay the last line
+ ^R   replay the last line              \ooo send character by octal code
 \ooo    send character by octal code
 [disconnect]
--- a/test/test1.cf
+++ b/test/test1.cf
@ -7,9 +7,6 @@ default * {
 	timestamp "";
 	include full;
 }
 config * {
 	reinitcheck 1s;
 }
 break 5 {
 	string "\rtest\r";
 }
		`@ -1,2 +0,0 @@`
			: ambiguous console abbreviation, `sh'
			`choices are shellb, shella, shell`