ExternalVendorCode/conserver
1
0
Fork 0
mirror of https://github.com/bstansell/conserver.git synced 2025-06-24 17:55:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: ExternalVendorCode:v7.2.7
Branches Tags
ExternalVendorCode:master ExternalVendorCode:cirrus-freebsd-fix
ExternalVendorCode:v8.2.7 ExternalVendorCode:v8.2.6 ExternalVendorCode:v8.2.5 ExternalVendorCode:v8.2.4 ExternalVendorCode:v8.2.3 ExternalVendorCode:v8.2.2 ExternalVendorCode:v8.2.1 ExternalVendorCode:v8.2.0 ExternalVendorCode:v8.1.20 ExternalVendorCode:v8.1.19 ExternalVendorCode:v8.1.18 ExternalVendorCode:v8.1.17 ExternalVendorCode:v8.1.16 ExternalVendorCode:v8.1.15 ExternalVendorCode:v8.1.14 ExternalVendorCode:v8.1.13 ExternalVendorCode:v8.1.12 ExternalVendorCode:v8.1.11 ExternalVendorCode:v8.1.10 ExternalVendorCode:v8.1.9 ExternalVendorCode:v8.1.8 ExternalVendorCode:v8.1.7 ExternalVendorCode:v8.1.6 ExternalVendorCode:v8.1.5 ExternalVendorCode:v8.1.4 ExternalVendorCode:v8.1.3 ExternalVendorCode:v8.1.2 ExternalVendorCode:v8.1.1 ExternalVendorCode:v8.1.0 ExternalVendorCode:v8.0.9 ExternalVendorCode:v8.0.8 ExternalVendorCode:v8.0.7 ExternalVendorCode:v8.0.6 ExternalVendorCode:v8.0.5 ExternalVendorCode:v8.0.4 ExternalVendorCode:v8.0.3 ExternalVendorCode:v8.0.2 ExternalVendorCode:v8.0.1 ExternalVendorCode:v8.0.0 ExternalVendorCode:v7.2.7 ExternalVendorCode:v7.2.6 ExternalVendorCode:v7.2.5 ExternalVendorCode:v7.2.4 ExternalVendorCode:v7.2.3 ExternalVendorCode:v7.2.2 ExternalVendorCode:v7.2.1 ExternalVendorCode:v7.2.0 ExternalVendorCode:v7.1.4 ExternalVendorCode:v7.1.3 ExternalVendorCode:v7.1.2 ExternalVendorCode:v7.1.1 ExternalVendorCode:v7.1.0 ExternalVendorCode:v7.0.3 ExternalVendorCode:v7.0.2 ExternalVendorCode:v7.0.1 ExternalVendorCode:v7.0.0 ExternalVendorCode:v6.1.7 ExternalVendorCode:vGNAC-6.16 ExternalVendorCode:vGNAC-6.15 ExternalVendorCode:vGNAC-6.14 ExternalVendorCode:vGNAC-6.13 ExternalVendorCode:vGNAC-6.12 ExternalVendorCode:vGNAC-6.11 ExternalVendorCode:vGNAC-6.10 ExternalVendorCode:vGNAC-6.09 ExternalVendorCode:vGNAC-6.08 ExternalVendorCode:vGNAC-6.07 ExternalVendorCode:vGNAC-6.06 ExternalVendorCode:vGNAC-6.05
..
compare: ExternalVendorCode:v8.2.1
Branches Tags
ExternalVendorCode:master ExternalVendorCode:cirrus-freebsd-fix
ExternalVendorCode:v8.2.7 ExternalVendorCode:v8.2.6 ExternalVendorCode:v8.2.5 ExternalVendorCode:v8.2.4 ExternalVendorCode:v8.2.3 ExternalVendorCode:v8.2.2 ExternalVendorCode:v8.2.1 ExternalVendorCode:v8.2.0 ExternalVendorCode:v8.1.20 ExternalVendorCode:v8.1.19 ExternalVendorCode:v8.1.18 ExternalVendorCode:v8.1.17 ExternalVendorCode:v8.1.16 ExternalVendorCode:v8.1.15 ExternalVendorCode:v8.1.14 ExternalVendorCode:v8.1.13 ExternalVendorCode:v8.1.12 ExternalVendorCode:v8.1.11 ExternalVendorCode:v8.1.10 ExternalVendorCode:v8.1.9 ExternalVendorCode:v8.1.8 ExternalVendorCode:v8.1.7 ExternalVendorCode:v8.1.6 ExternalVendorCode:v8.1.5 ExternalVendorCode:v8.1.4 ExternalVendorCode:v8.1.3 ExternalVendorCode:v8.1.2 ExternalVendorCode:v8.1.1 ExternalVendorCode:v8.1.0 ExternalVendorCode:v8.0.9 ExternalVendorCode:v8.0.8 ExternalVendorCode:v8.0.7 ExternalVendorCode:v8.0.6 ExternalVendorCode:v8.0.5 ExternalVendorCode:v8.0.4 ExternalVendorCode:v8.0.3 ExternalVendorCode:v8.0.2 ExternalVendorCode:v8.0.1 ExternalVendorCode:v8.0.0 ExternalVendorCode:v7.2.7 ExternalVendorCode:v7.2.6 ExternalVendorCode:v7.2.5 ExternalVendorCode:v7.2.4 ExternalVendorCode:v7.2.3 ExternalVendorCode:v7.2.2 ExternalVendorCode:v7.2.1 ExternalVendorCode:v7.2.0 ExternalVendorCode:v7.1.4 ExternalVendorCode:v7.1.3 ExternalVendorCode:v7.1.2 ExternalVendorCode:v7.1.1 ExternalVendorCode:v7.1.0 ExternalVendorCode:v7.0.3 ExternalVendorCode:v7.0.2 ExternalVendorCode:v7.0.1 ExternalVendorCode:v7.0.0 ExternalVendorCode:v6.1.7 ExternalVendorCode:vGNAC-6.16 ExternalVendorCode:vGNAC-6.15 ExternalVendorCode:vGNAC-6.14 ExternalVendorCode:vGNAC-6.13 ExternalVendorCode:vGNAC-6.12 ExternalVendorCode:vGNAC-6.11 ExternalVendorCode:vGNAC-6.10 ExternalVendorCode:vGNAC-6.09 ExternalVendorCode:vGNAC-6.08 ExternalVendorCode:vGNAC-6.07 ExternalVendorCode:vGNAC-6.06 ExternalVendorCode:vGNAC-6.05

33 Commits
v7.2.7 ... v8.2.1

Author SHA1 Message Date
Bryan Stansell
4039e65b31 Imported from conserver-8.2.1.tar.gz 2015-06-02 10:34:09 -07:00
Bryan Stansell
8534a21cef Imported from conserver-8.2.0.tar.gz 2014-04-20 21:47:40 -07:00
Bryan Stansell
484806e667 Imported from conserver-8.1.20.tar.gz 2014-04-04 09:30:53 -07:00
Bryan Stansell
b94c8967bf Imported from conserver-8.1.19.tar.gz 2013-09-26 11:07:01 -07:00
Bryan Stansell
64a2a77266 Imported from conserver-8.1.18.tar.gz 2010-11-11 14:53:37 -08:00
Bryan Stansell
0c74cb3ece Imported from conserver-8.1.17.tar.gz 2009-09-29 15:56:23 -07:00
Bryan Stansell
019277a041 Imported from conserver-8.1.16.tar.gz 2007-04-10 14:49:38 -07:00
Bryan Stansell
a30e7d2289 Imported from conserver-8.1.15.tar.gz 2006-12-31 20:41:49 -08:00
Bryan Stansell
ed79341c2c Imported from conserver-8.1.14.tar.gz 2006-04-09 19:07:58 -07:00
Bryan Stansell
c418af32c7 Imported from conserver-8.1.13.tar.gz 2006-01-15 09:22:12 -08:00
Bryan Stansell
3cec1dde71 Imported from conserver-8.1.12.tar.gz 2005-09-05 16:15:33 -07:00
Bryan Stansell
892f52dbd4 Imported from conserver-8.1.11.tar.gz 2004-11-09 01:34:27 -08:00
Bryan Stansell
4ce124e121 Imported from conserver-8.1.10.tar.gz 2004-09-21 16:48:49 -07:00
Bryan Stansell
faad858599 Imported from conserver-8.1.9.tar.gz 2004-07-14 16:21:13 -07:00
Bryan Stansell
27475bdd30 Imported from conserver-8.1.8.tar.gz 2004-06-09 15:28:27 -07:00
Bryan Stansell
c0f8de9c24 Imported from conserver-8.1.7.tar.gz 2004-05-28 11:03:33 -07:00
Bryan Stansell
cf461c7ce8 Imported from conserver-8.1.6.tar.gz 2004-05-25 17:41:29 -07:00
Bryan Stansell
5c430d220b Imported from conserver-8.1.5.tar.gz 2004-05-07 09:05:25 -07:00
Bryan Stansell
8cd506c093 Imported from conserver-8.1.4.tar.gz 2004-04-13 13:30:28 -07:00
Bryan Stansell
29b909ee59 Imported from conserver-8.1.3.tar.gz 2004-03-22 17:14:45 -08:00
Bryan Stansell
aea0e2a547 Imported from conserver-8.1.2.tar.gz 2004-03-11 09:54:13 -08:00
Bryan Stansell
9eed9f2d8f Imported from conserver-8.1.1.tar.gz 2004-02-10 07:26:45 -08:00
Bryan Stansell
25a4dcb0fd Imported from conserver-8.1.0.tar.gz 2004-01-18 09:31:24 -08:00
Bryan Stansell
75cfd02f7a Imported from conserver-8.0.9.tar.gz 2003-12-10 10:37:48 -08:00
Bryan Stansell
ad7a90dd69 Imported from conserver-8.0.8.tar.gz 2003-12-02 08:40:59 -08:00
Bryan Stansell
691c3102c9 Imported from conserver-8.0.7.tar.gz 2003-11-20 06:49:09 -08:00
Bryan Stansell
eafae7c27d Imported from conserver-8.0.6.tar.gz 2003-11-16 11:33:39 -08:00
Bryan Stansell
92cf41a9f2 Imported from conserver-8.0.5.tar.gz 2003-10-31 10:15:09 -08:00
Bryan Stansell
1c188a41d6 Imported from conserver-8.0.4.tar.gz 2003-10-10 13:39:21 -07:00
Bryan Stansell
aeb8ac0057 Imported from conserver-8.0.3.tar.gz 2003-10-06 10:08:22 -07:00
Bryan Stansell
66e0902358 Imported from conserver-8.0.2.tar.gz 2003-10-05 18:08:18 -07:00
Bryan Stansell
de2e2fd33c Imported from conserver-8.0.1.tar.gz 2003-09-29 08:50:27 -07:00
Bryan Stansell
4f71385126 Imported from conserver-8.0.0.tar.gz 2003-09-22 13:49:53 -07:00
93 changed files with 33880 additions and 15661 deletions
Expand all files Collapse all files

533
CHANGES
View File

@ -1,6 +1,537 @@
CHANGES
=======
version 8.2.1 (Jun 2, 2015):
- added TCP keepalives between client and server - TCP-based consoles
already had the code - this was mostly an oversight
- patch for SEGV and task execution - patch by Artem Savkov
<asavkov@redhat.com>
- expanded break sequences from [1-9] to [1-9a-z] - based on patch by
Artem Savkov <asavkov@redhat.com>
version 8.2.0 (Apr 20, 2014):
- added --with-trust-uds-cred which uses getsockopt() to fetch and
trust the client uid, bypassing password lookups - patch by Anton
Lundin <glance@acc.umu.se>
- missing closedir() causing memory leak - patch by Anton Lundin
<glance@acc.umu.se>
- sending a break signal over IPMI was broken - based on patch by
Alexander Y. Fomichev <git.user@gmail.com>
- IPv6 support (marked as experimental at this point because it's
untested (except by the author), there's a lack of documentation, and
I'm hoping for non-getifaddrs() system support) - patch by Milos
Vyletel <milos.vyletel@gmail.com>
- no more K&R compiler support
version 8.1.20 (Apr 4, 2014):
- IPMI serial over LAN support via FreeIPMI - based on patch by Anton
D. Kachalov <mouse@yandex-team.ru>
- minor cleanup of code, removal of gcc warnings and such that should
have no fuctional change
version 8.1.19 (Sep 26, 2013):
- prevent select/read loop when EOF on non-pty input (console) -
reported by Chris Marget <chris@marget.com>
- "!" syntax prefixing use of group names not honored - reported by
Zonker <consoleteam@gmail.com>
- fixed memory leak using timestamps - patch by Karvendhan M.
<Karvendhan.M@netapp.com>
- deprecated --with-cycladests (noop now) - cross-compilation should
work without it as autologin now expects setpgrp() to take two
arugments instead of testing for it
- no automatic checks for an empty password when using PAM
authentication - based on discussion with Ryan Kirkpatrick
<linux@rkirkpat.net>
- added 'sslcacertificatefile' and 'sslcacertificatepath' client
configuration options - based on patch by Aki Tuomi <cmouse@cmouse.fi>
- added 'sslcacertificatefile' and 'sslreqclientcert' server
configuration options
- added --with-req-server-cert to force clients to require a certificate
from the server when using SSL - based on emails with Thor Simon
<tls@coyotepoint.com>
- added server-side tasks (see conserver.cf man page) that are invoked
by the client (useful for things like IPMI-based power control of
servers, invoking resets of terminal server ports, or anything else
that requires scripting) - ideas from patch by Anton Lundin
<glance@acc.umu.se> and discussion on mailing list (2011)
- added 'confirm' option to break sequences
- added 'breaklist' option to limit exposure of break sequences to
consoles
- sending of break signals is now announced to all attached clients
version 8.1.18 (Nov 11, 2010):
- install man pages read-only and improved the contributed redhat init
script - patches by Eric Biederman <ebiederm@aristanetworks.com>
- spec file improvements in contrib/redhat-rpm - patch by Jodok Ole
Muellers <jodok.muellers@aschendorff.de>
- GSS-API patch for client code - patch by Andras Horvath
<Andras.Horvath@cern.ch>
version 8.1.17 (Sep 29, 2009):
- fix for interface detection when HAVE_SA_LEN is defined - first
detected on NetBSD 5.0 and patched by Chris Ross
<cross+conserver@distal.com>
- first person to connect to a console wanting read/write now gets it
once the active user drops read/write - suggested by Thomas Gardner
<tmg@pobox.com>
- fix typo when setting nonblocking socket for client connections,
fixing stall issues - patch by Eric Biederman
<ebiederm@aristanetworks.com>
- GSS-API patch (--with-gssapi) to help with Kerberos tokens - patch by
Nate Straz <nstraz@redhat.com>
- authenticate username without @REALM when using GSS-API
(--with-striprealm) - based on patch by Andras Horvath
<Andras.Horvath@cern.ch>
- various contrib/redhat-rpm fixes - patch by Fabien Wernli
<wernli@in2p3.fr>
- fix handling of read(stdin) returning -1 in console client - patch by
Ed Swierk <eswierk@arastra.com>
version 8.1.16 (Apr 10, 2007):
- added 'replstring' substitution option - inspired by
conversation with Owen DeLong <owen@c2company.com>
- added '^Ecn' option for writing a note to the logfile - patch
by Bryan Schmersal <bschmer@yahoo.com>
- fixed leaking file descriptors when 'host' and 'uds' consoles
fail to connect - based on patch by Michael Heironimus
<michael_heironimus@archwayconcepts.com>
version 8.1.15 (Dec 31, 2006):
- protection again telnet option negotation loops - patch by
Robby Griffin <rmg@yakshavers.com>
- console now prints the attach/detach sequences when suspended
- added --with-cycladests configure option to allow
cross-compiling on a cyclades ts - patch by Matt Johnson
<mwj@doc.ic.ac.uk>
- added master conserver host to 'console -x' output for
'device' consoles - patch by Matt Johnson <mwj@doc.ic.ac.uk>
- fixed parsing error when dealing with encapsulated
client/server options
version 8.1.14 (Apr 9, 2006):
- fixed rpm conserver.spec file - based on patch by Martin Evans
<m.d.t.evans@qmul.ac.uk>
- added 'uds' console type for unix domain socket connections -
based on patch by DJ Gregor <dj@gregor.com>
- probing of interfaces under cygwin (and possibly others?) now
skips unconfigured interfaces (even if flagged as up!) -
reported by Chris Riddoch <chrisr@digeo.com>
- added the '!login' console option to prevent clients from
connecting to a console - suggested by Greg Tillman
<gregtillman@comcast.net>
- added a 'noop' console type for consoles you'd like to name,
but have no connection to - suggested by Greg Tillman
<gregtillman@comcast.net>
- deprecated escape commands removed from the code
- added '^EcP' and '^EcR' sequences to set the playback and
replay line lengths
- new console config options 'playback' and 'replay' to let the
client set prefered output lengths (with a special feature for
a size of zero)
- prefer strlcpy() over strcpy() - based on patch by Peter
Valchev <pvalchev@openbsd.org>
- fixed bug where '^Eco' by user on an 'exec' console with an
'initcmd' causes input by user to be ignored (could be other
console types as well) - reported by Mark Wedel
<Mark.Wedel@sun.com>
- made POSIX termios code in autologin a requirement (since
conserver requires it) and cleaned up a few other issues -
based on reports by Arthur Clune <ajc22@york.ac.uk>
version 8.1.13 (Jan 15, 2006):
- use SIOCGIFNUM for interface count (if available) and catch
EINVAL on Solaris - patch by Peter Jeremy
<peter.jeremy@alcatel.com.au>
- console output now resets idle timer - suggested by Peter
Saunders <pajs@fodder.org.uk>
- bug fix for conserver process running out of control and using
up cpu - debugged with Alexandra N. Kossovsky
<Alexandra.Kossovsky@oktetlabs.ru>
version 8.1.12 (Sep 5, 2005):
- printf() fix for autologin - patch by Menno Duursma
<druiloor@zonnet.nl>
- newly spawned (from SIGHUP) processes didn't properly close
primary socket
- SSL certificates now work again (anonymous ciphers are not
allowed if a certificate is used)
- client options -x, -u, -w, and -i can now take a console name
to restrict output - suggested by Evan McClure
<emcclure@internap.com>
- convert program now installed in $libdir/conserver - patch by
Petter Reinholdtsen <pere@hungry.com>
- we now ignore SIGXFSZ, if it exists
- added 'limited' access option to remove certain functionality
from users - suggested by Sven Michels <sven@darkman.de>
- added client option -z/-Z for sending commands to servers
(reload, quit, etc) - based on suggestion by Joshua Pincus
<Joshua.Pincus@Sun.COM>
- added 'execrunas' and 'initrunas' console options to allow
'exec' and 'initcmd' execution as another user and/or group -
based on patch by Gary Mills <mills@cc.umanitoba.ca>
- the east coast mirror had to shut down (for now, at least)
- crash from bad pointer manipulation during log replay - reported by
Ryan Kirkpatrick <linux@rkirkpat.net>
version 8.1.11 (Nov 9, 2004):
- fixed array bounds and stack tromping - reported by Emmett
Hogan <hogan@bigcityit.com>
- most recent client to ask for read-write now gets it (used to
be first client to connect)
- client read-write mode now separate from console up/down state
- 'make autologin.install' now compiles autologin - reported by
Graham Merrill <teddgram@sbcglobal.net>
- new 'autocomplete' option for controlling shortest-prefix
console name matching (which has always been on)
- client now blocks on ^Eco, waiting for status of connection
- added 'a' and 'A' for upper and lowercase alphanumeric
(0-9a-z) conversions to the *subst config items - based on
patch by Jonathan Chen <jon+conserver@spock.org>
version 8.1.10 (Sep 21, 2004):
- fix "forwarding level too deep" issue with '^Ec;' - reported
by Han Pilmeyer <han.pilmeyer@hp.com>
version 8.1.9 (Jul 14, 2004):
- fixed bug processing access lists when duplicates exist in the
list - reported by Phil Dibowitz <phil@usc.edu>
- fixed bug where 'idletimeout' was not recognized in default
blocks - reported by John Cagle <jcagle@gmail.com>
- added an 'autocomplete' config option to set the console name
autocompletion behavior - suggested by John Stoffel
<stoffel@lucent.com>
version 8.1.8 (Jun 9, 2004):
- added 'initspinmax' and 'initspintimer' console options to
help calm console initialization "spinning"
- fixed setsockopt() error on 64bit solaris - reported by Trond
Hagen <trond@basefarm.no>
version 8.1.7 (May 28, 2004):
- cleaned up the manpages a bit to make things clearer and more
standard - reported by Dave Stuit <djs@tellme.com>
- added an east coast mirror! http://conserver.syr.edu/ -
thanks to Christopher T. Beers <ctbeers@syr.edu>
- primary group of users not included in '@group' syntax -
reported by Phil Dibowitz <phil@usc.edu>
- changed '@group' behavior such that groups are checked when
needed, instead of cached at startup, which is more logical
- missing variables when building convert with tcp_wrappers -
reported by Nikolaos Papavassiliou
<Nikolaos.Papavassiliou@reuters.com>
- added --with-rpath option - suggested by Phil Dibowitz
<phil@usc.edu>
version 8.1.6 (May 25, 2004):
- added ability to configure client via system-wide console.cf
file and per-user .consolerc - suggested (independently) by
Erik Sjolund <erik.sjolund@sbc.su.se> and Trevor Fiatal
<trevor@fiatal.net>
- fixed bug where break strings were not properly sent -
reported by Tim Small <tim@buttersideup.com>
- fixed bug in config file 'protocol' value handling - reported
by Kees Cook <kees@osdl.org>
- conserver no longer uses the local domain name in the default
access list (the default list is only created if no access
list is specified in the configuration file) - inspired by
William P LePera <lepera@us.ibm.com>
- added a 'terminal' console configuration block for printing
strings when attaching and detaching from consoles - suggested
by Richard Threadgill <richardt@tellme.com>
version 8.1.5 (May 7, 2004):
- changed remaining O_NDELAY flags to O_NONBLOCK
- added PROTOCOLS file to describe the client/server protocol
- added '#include' capability to conserver.cf file
- added '@group' syntax to conserver.cf file to support use of
system groups
- added -U client option to allow client to ask for encryption
but fall back to non-encrypted connections otherwise -
suggested by Mike Hendon <mike.hendon@uk.nomura.com>
- fixed bug where socket not properly deleted on exit - reported
by William P LePera <lepera@us.ibm.com>
- added 'initdelay' option for throttling startup of consoles -
suggested by Jay McCanta <mccantaj@amgen.com>
version 8.1.4 (Apr 13, 2004):
- fixed macro use in manpages to hopefully be more compatible
- removed extra newline of --MARK-- range output
- fixed bug where server -b option wasn't working - reported by
Nathan R. Hruby <nhruby@uga.edu>
- fixed client segfault when using -R, -t, -d, and -b options
- added a --with-uds configure option to have all client/server
communication happen via unix domain sockets - suggested by
William P LePera <lepera@us.ibm.com>
version 8.1.3 (Mar 22, 2004):
- fixed small memory and file descriptor leak in client when
using '^Ec;'
- '^Ec;' now only disconnects from the previous console only
after a successfully move to a new console, allowing you to
abort the move - suggested by Christopher T. Beers
<ctbeers@syr.edu>
version 8.1.2 (Mar 11, 2004):
- better handling of client command (^Ec|) when user is bumped,
conserver is reconfigured, etc
- added 'initsubst' option for 'initcmd' substitutions like
'devicesubst' and 'execsubst' - based on patch by Bill
Sommerfeld <sommerfeld@east.sun.com>
- modified and added to *subst (initsubst, etc) syntax to allow
for flexibility and future enhancement
- changed 'port' and 'portinc' minimums from 1 to 0 - it allows
more flexibility and helps with 0-based counting
- removed unportable sys/cdefs.h from contrib/chat/chat.c -
patch by Bill Sommerfeld <sommerfeld@east.sun.com>
- added --with-extmsgs configure switch to enable entertaining
messages
- marked various undocumented client commands as deprecated so
that they can be removed in a future version
- added ability to "move" to a new console via '^Ec;' -
suggested by Christopher T. Beers <ctbeers@syr.edu>
- added a dump of console information when -S is used twice -
suggested by Todd Stansell <todd@stansell.org>
version 8.1.1 (Feb 10, 2004):
- fixed mistake in Makefiles where rpmbuild fails - reported by
Martin Evans <m.d.t.evans@qmul.ac.uk>
- fixed a couple typos - reported by Matt Selsky
<selsky@columbia.edu>
version 8.1.0 (Jan 18, 2004):
- fixes for HP-UX compilation - patch by Petter Reinholdtsen
<pere@hungry.com>
- fixes for compilation under various operating systems -
patch by Albert Chin <conserver-users@mlists.thewrittenword.com>
- added a 'protocol' option for either 'telnet' or 'raw' socket
communication - also reflected in -i output
- changed the client/server protocol to use 0xff as a command
character for sending control commands - similiar to the
telnet protocol - improves the ^Ec| interaction
- client -E option now disables ssl encryption attempts, useful
for broken SSL environents - suggested by Graydon Dodson
<grdodson@lexmark.com>
- bad error message connecting non-ssl client with ssl-required
server - reported by Graydon Dodson <grdodson@lexmark.com>
- added note about pam configuration to conserver.passwd.man -
suggested by Erik Sjolund <erik.sjolund@sbc.su.se>
- improved telnet protocol option handling such that connections
to standard telnet ports should work properly
version 8.0.9 (Dec 10, 2003):
- fixed major bug in connect() handling which causes most
socket-based consoles to timeout after 10 seconds - reported
by Tom Rataski <trataski@intlsteel.com>
- added a couple details to the 'logfilemax' manpage entry
version 8.0.8 (Dec 2, 2003):
- added client ^Ec| sequence for running a command on the client
and having it's I/O directed to the console - inspired by
discussions with David Williamson
<david+conserver@williamsons.net> years ago ;-)
- touched up Makefiles to test against .h files
- fixed inability to replay the console log while the console is
down - reported by Matt Selsky <selsky@columbia.edu>
- added a console 'logfilemax' option for rotating the console
logfile once the file is greater than the specified size
- added sample configuration files to conserver.cf/samples
- tweaked some failure messages and initcmd notifications
version 8.0.7 (Nov 20, 2003):
- renamed util.[ch] to cutil.[ch] to prevent name conflict with
system util.h, reordered some #includes, and fixed a configure
test for sys/proc.h to build on OpenBSD 3.4 (and probably
others) - reported by Kurt Raschke <kurt@raschke.net>
- fixed missing semi-colon for cygwin build - reported by
Raymond Richmond <raymond.richmond@ualberta.ca>
version 8.0.6 (Nov 16, 2003):
- code was missing regarding the 'setproctitle' option - patch
by Dmitry Morozovsky <marck@rinet.ru>
- fixed the order of access list checking when
--with-trustrevdns is used
- fixed various spelling errors - patches by Matt Selsky
<selsky@columbia.edu>
- added console 'idletimeout' and 'idlestring' options to
trigger the sending of 'idlestring' after a lack of activity
for 'idletimeout' seconds - suggested by Ian Potts
<ian.potts@db.com>
- added console 'portbase' and 'portinc' options to allow
specifying a formula for referencing ports - inspired by Todd
Stansell <todd@stansell.org>
- fixed problem where console 'port' option didn't take port
names (manpage said it did)
- added server -U option and configuration option 'unifiedlog'
to allow a copy of all console activity to go to a single file
- removed all sprintf() calls
- added 'devicesubst' and 'execsubst' console options for doing
replacements with calculated port numbers on the 'device' and
'exec' values
- NULL characters in console data caused data loss because of
strlen() usage - reported by Toby Gerhart <toby.gerhart@eds.com>
- fixed a couple errors in contrib/redhat-rpm/conserver.spec -
reported by Martin Evans <m.d.t.evans@qmul.ac.uk>
- added capability to use '!' in user access lists to prevent a
user from having access - suggested by Matt Selsky
<selsky@columbia.edu>
version 8.0.5 (Oct 31, 2003):
- added 'loghostnames' config option (default is on) to log
client hostnames instead of ip addresses (like pre-8.0.0) -
suggested by Han Pilmeyer <han@zk3.dec.com>
- fixed bug where 'daemonmode' config file option wasn't being
used
- fixed potential logfile (-L) opening problem processing SIGHUP
- fixed various potential conserver.cf issues with 'config'
block values processing SIGHUP
- added 'setproctitle' config option (default is off) to enable
changing the process title to contain runtime information -
patch by Dmitry Morozovsky <marck@rinet.ru>
version 8.0.4 (Oct 10, 2003):
- fixed client rejection bug that can nearly never happen -
reported by Han Pilmeyer <han@zk3.dec.com>
- fixed bug where client is reconnected to the previous console
when non-exact console names are used - reported by Rolf
Petter Halle <rph@online.no>
- fixed bug where exact matchs on a remote console name never
happened - reported by Toby Gerhart <toby.gerhart@eds.com>
- fixed bug where SIGHUP fails to update console aliases -
reported by Han Pilmeyer <han@zk3.dec.com>
version 8.0.3 (Oct 6, 2003):
- the SIGHUP process fails to pick up changes to certain fields
because of a horribly broken SwapStr() function [broken in
all previous 8.0.x versions] - reported by Toby Gerhart
<toby.gerhart@eds.com>
version 8.0.2 (Oct 5, 2003):
- reworked the i/o calls to better buffer data
- added console 'motd' option for holding a "message of the
day", displayed to the client on attachment to console -
suggested by Toby Gerhart <toby.gerhart@eds.com>
- added ^Ecm client command for displaying MOTD and integrated
it into the client console attachment sequence
- now unallocate client lists when forking new child conserver
processes
- changed strdup() to local StrDup() so dmalloc can gracefully
track changes
- added a ^Ec; sequence to let client signal server when it's
ready to see console data, otherwise a chatty console can
cause the login sequence to fail and you can never attach to
the console
version 8.0.1 (Sep 29, 2003):
- fixed bug in access list parsing where multiple addresses per
line can cause errors - reported by Jay McCanta
<mccantaj@amgen.com>
- changed client password prompt to show hostname passed down by
the server - suggested by Toby Gerhart <toby.gerhart@eds.com>
- fixed bug where remote console names were only search for
substring matches - reported by Toby Gerhart
<toby.gerhart@eds.com>
- the server -M option wasn't being used properly to limit the
consoles managed by the host
- added 'initcmd' console option which allows a command to
interact with a console right after a console is opened -
suggested by Greg Woods <woods@weird.com>
- added the chat program contributed by Greg Woods
<woods@weird.com> to the contrib/chat directory
- added WUNTRACED to waitpid() for catching suspended processes
- reworded some client/server messages to be clearer
- embedded non-printable characters in break lists now display
correctly when '^Ecl?' is used
- in case client aborts unexpectedly, terminal state should
now be restored to normal
version 8.0.0 (Sep 22, 2003):
- better error messages and management of the user's password
- 8.0.0-beta4 mistakenly lost conserver.passwd usage
- empty passwords now don't trigger a passwd prompt (like 7.2.7)
- upgraded to autoconf-2.57 and use recent config.guess/sub
files - suggested by Jorgen Hagg <jorgen.hagg@axis.com>
- we now install the conserver.rc file as well as sample
conserver.cf and conserver.passwd files in
$(prefix)/share/examples/conserver - suggested by
Hubert Feyrer <hubertf@netbsd.org>
version 8.0.0-beta4 (Aug 24, 2003):
- totally rewrote the client/server communication, allowing SSL
connections to occur first, protecting *all* information
- added 'admin' keyword to the 'access' portion of the config
file for specifying users able to issue the 'quit' command
- removed client -G option since it's not really useful any more
- added client -t option for sending "text messages" to users,
which is similar to broadcast messages, but you can specify
the user and/or console - suggested by Trevor Fiatal
<trevor@seven.com>
- added client -d option for disconnecting users specified by
username and/or console - suggested by Trevor Fiatal
<trevor@seven.com>
- removed --with-64bit configure option as 64bit operation is
reported to work just fine
- break strings with '\d' are interpreted as a delay, which can
be specified in the config file (default 250ms)
- removed 'reset -x' portion of default break sequence #3
- remote conserver hostnames now properly match - had to be a
character string match previously
- hostname aliases now checked against access lists and the
matched name is used for logging
- added --with-trustrevdns to enable the use of reverse DNS
information for access list checks [not recommended] - see the
INSTALL file for full details on who should actually need this
Many thanks to Chuck Rouzer <crouzer@yahoo.com> for all the
help with FreeBSD support and the following issues...
- fixed 'make test' problem on hosts where 'localhost' doesn't
resolve to 127.0.0.1
- fixed interface probe problem under *BSD
- added openpty() interface for pty allocation
version 8.0.0-beta3 (Aug 8, 2003):
- master process no longer forks on client requests - handles
them with select() like child process
- alarm()/SIGALRM usage removed and replaced with counters and
timer on select() call
- removed caching of timeouts to terminal servers - each
socket connection now has a proper timeout (and can happen
simultaniously)
- partial write()s are properly buffered and retried
- made all sockets (including SSL) non-buffered
- client now supports piping data to it and properly printing
all server data ("echo '^Ecr^Ec.' | console universe")
version 8.0.0-beta2 (Jul 17, 2003):
- console aliases added with 'aliases' console keyword
- two stop bit support for serial devices - requested by Kelly
Setzer <setzer@placemark.com>
- added support for inet_aton() over inet_addr()
- all server interfaces now used to identify console management
- server interfaces probed with SIOCGIFCONF ioctl, if available
- added flow control options 'ixon', 'ixany', 'ixoff', and
'crtscts'
- added info to console client -i output
- man pages updated, however the wording needs work
version 8.0.0-beta1 (Jul 4, 2003):
- ***NOTICE*** the format of conserver.cf and conserver.passwd
has completely changed. see the INSTALL file for
upgrade instructions (it should be "fairly painless").
some documentation has been updated to reflect the new world,
some hasn't - my goal for beta2 is to have all the docs updated
- many command-line options now also conserver.cf options options
- POSIX termios interface now required for compilation - some
POSIX requirements were already in the code and others will
undoubtedly creep in as time goes by
- configure --with-regex option removed because of conserver.cf
and conserver.passwd changes
- added -S option to server for syntax checking of the
configuration file - suggested by Dave Stuit <djs@tellme.com>
- authorized users now either have r/w or r/o access to consoles
- getpassword.o replaces getpass() and getpassphrase() so we can
get any string length
- fixed rm commands in test script - patch by Petter Reinholdtsen
<pere@hungry.com>
version 7.2.7 (Apr 9, 2003):
- added test suite ('make test') for basic client/server
communication tests
@ -429,5 +960,5 @@ before version 6.05:
and enhancements of various types were applied.
#
# $Id: CHANGES,v 1.82 2003-04-09 07:20:21-07 bryan Exp $
# $Id: CHANGES,v 1.251 2015/06/02 17:33:29 bryan Exp $
#

20
FAQ
View File

@ -65,23 +65,25 @@ directed to faq@conserver.com. The FAQ answers the following questions:
When conserver was compiled, it was told to use the /etc/services
entry of "conserver" (what came after getservbyname:). You'll need
to either recompile conserver and hard-code a port number (using
PORT instead of SERVICE in conserver/cons.h) or enter "conserver"
in /etc/services.
--with-port=<num>) or enter "conserver" in /etc/services.
6) What does "console: gethostbyname: console: host lookup error"
mean (or something close to that)?
When the console command was compiled, it was told to use the
hostname "console" (what came after gethostbyname:) as the master
conserver host. You'll need to either recompile console with the
appropriate name of your conserver host or add an alias of "console".
In most cases, adding an alias is my suggestion.
conserver host. You'll need to either reconfigure with the
appropriate name of your conserver host (--with-master=<name>) or
add an alias of "console". In most cases, adding an alias is my
suggestion.
7) How do I set up a local serial port for no parity?
The conserver.cf man page will have this in the 6.17 release,
but the answer is to use a 'p' after the baud rate. So, '9600p'
is 9600 baud, no parity.
The manpage has the answer to this question. For those that don't
want to read it, here are some guidelines. For pre-7.2.2, you'd
want to use a 'p' after the baud rate ("9600p", for example). For
7.2.2 thru 7.2.7, you can use an 'n'. For 8.0.0 and beyond, you use
'parity none;'.
8) Is "Conserver" a trademark or registered trademark?
@ -184,5 +186,5 @@ directed to faq@conserver.com. The FAQ answers the following questions:
through the same problem?
#
# $Id: FAQ,v 1.8 2003-04-08 14:05:16-07 bryan Exp $
# $Id: FAQ,v 1.9 2003/08/23 19:27:10 bryan Exp $
#

123
INSTALL
View File

@ -10,6 +10,89 @@ Upgrading?
new features added to the client if you're considering *not*
upgrading.
Version 8.1.3
- The '^Ec;' sequence won't work correctly with 8.1.2 (where it
was introduced).
Version 8.1.2
- The 'devicesubst' and 'execsubst' formats have changed from
8.1.1. It's fairly simple to update your config file to the
new format...just check the conserver.cf manpage. Sorry for
having to change things, but it's for a good reason (I should
have though ahead when designing the original format).
Version 8.1.0
- The client/server protocol has changed to better protect 8-bit
data and to allow programs invoked with '^Ec|' not have to
worry about accidentally sending the escape sequence to the
server. Though it will look like things are mostly
backward-compatible, don't count on it and just upgrade.
Version 8.0.2
- I've added a '^Ec;' sequence to allow the client to signal the
server as to when it's ready to see console data. Without
this, verbose consoles will prevent clients from attaching
(the client sees unexpected data). An 8.0.2 client should be
compatible with an 8.0.1 server, but an 8.0.1 client is not
compatible with an 8.0.2 server.
Version 8.0.1
- There's a slight client/server protocol change to implement
the new 'initcmd' console option. If you use this
functionality with an 8.0.0 client, you'll run into a
compatibility problem while the 'initcmd' command is running.
Version 8.0.0
- The client/server protocol has been rearchitected. You *MUST*
use an 8.0.0 client with an 8.0.0 server. No combination of
client/server will work with pre-8.0.0 code.
- Upgrading from pre-8.0.0 code to 8.0.0 and beyond requires
you to change your conserver.cf and conserver.passwd files
because both of the file formats have changed.
The conserver.cf file changes are so major that there is a
convert program available in the conserver subdirectory. Just
run './conserver/convert <old-cf-file>' and it will attempt a
conversion to the new format, sending it to stdout. Any errors
will be printed to stderr. There are a couple of things
you might need to adjust. First are the user access lists.
If you are restricting users to certain consoles in your old
conserver.passwd file, you'll need to move those restrictions
into the new conserver.cf file. Restrictions are set with the
'ro' and 'rw' tags in the configuration file. Second are the
'access' blocks. What get produced by the convert program
will be functionally equivalent to the old behavior, but you
may be able to tune things to better suit your environment.
The conserver.passwd file's console restrictions have moved,
as described above. So to convert the conserver.passwd file,
all you really need to do is something like:
awk -F: '{print $1 ":" $2}' <old-passwd-file>
If you have comments or continuation lines in your file,
you'll have to do a bit more cleanup to strip out the third
field (which is what the awk command is intending to do).
- Conserver no longer trusts reverse DNS information by default.
If you use the --with-trustrevdns configure flag, you can
re-enable the use of gethostbyaddr() [I don't recommended it,
however]. If you are using domain names in access lists,
you'll either need to change those to use hostnames and/or ip
addresses/ranges or use the --with-trustrevdns flag. For
example, if you have (in the
8.0.0 format):
allowed conserver.com; # allow *.conserver.com
then you'll need to worry about this change. If you only use
full hostnames, you shouldn't have to do anything.
Version 7.2.4
- If SSL support is compiled into the code, older versions of
@ -70,23 +153,36 @@ Detailed Instructions
the defaults shown, you're set. If not, here are the conserver
unique options:
--with-64bit Allow 64bit compilation
--with-port=PORT Specify port number [conserver]
--with-base=PORT Base port for secondary channel [0]
--with-master=MASTER Specify master server hostname [console]
--with-cffile=CFFILE Specify config filename
[SYSCONFDIR/conserver.cf]
--with-ccffile=CFFILE Specify client config filename
[SYSCONFDIR/console.cf]
--with-cffile=CFFILE Specify config filename [SYSCONFDIR/conserver.cf]
--with-pwdfile=PWDFILE Specify password filename
[SYSCONFDIR/conserver.passwd]
--with-logfile=LOGFILE Specify log filename [/var/log/conserver]
--with-pidfile=PIDFILE Specify PID filepath [/var/run/conserver.pid]
--with-maxmemb=MAXMEMB Specify maximum consoles per process [16]
--with-timeout=TIMEOUT Specify connect() timeout in seconds [10]
--with-trustrevdns Trust reverse DNS information
--with-extmsgs Produce extended messages
--with-rpath Use -R as well as -L for libraries
--with-cycladests (deprecated - noop) Build for a Cyclades TS
--with-uds[=DIR] Use Unix domain sockets for client/server
communication [/tmp/conserver]
--with-trust-uds-cred Trust UDS credentials obtained via socket
--with-libwrap[=PATH] Compile in libwrap (tcp_wrappers) support
--with-openssl[=PATH] Compile in OpenSSL support
--with-req-server-cert Require server SSL certificate by client
--with-gssapi[=PATH] Compile in GSS-API support
--with-striprealm retry username without @REALM with gss-api
authentication
--with-freeipmi[=PATH] Compile in FreeIPMI support
--with-dmalloc[=PATH] Compile in dmalloc support
--with-regex Use regular expressions in conserver.passwd
--with-pam Enable PAM support
--with-ipv6 (experimental) Use IPv6 for client/server
communication
Not surprisingly, some match the old conserver/cons.h items...here
they are for reference:
@ -100,10 +196,11 @@ Detailed Instructions
A couple of notes. First, --with-libwrap will add tcp_wrappers
lookups to all socket connections in the server. --with-openssl
will add encryption between the client and server when you connect
to a console. things such as 'console -q', 'console -w', etc. are
still unencrypted, as well as connections from conserver to any
terminal servers. --with-dmalloc should only be used to do memory
allocation debugging and not used in production.
to a console. --with-uds will cause the client and server to use
unix domain sockets for their communication, eliminating the
tcp communication they normally do (which means --with-master and
--with-port are not used). --with-dmalloc should only be used to
do memory allocation debugging and not used in production.
- Run './configure'. This will detect system specific
information. The --prefix option will redirect where things are
@ -142,10 +239,10 @@ Detailed Instructions
step.
+ Next, make sure conserver runs during boot. The init script we
use under Solaris is installed in <PREFIX>/etc/conserver.rc.
Use that or some form of it for your own /etc/init.d script or
an entry in startup files (/etc/rc, /etc/rc.local, or
whatever).
use under Solaris is installed in
<DATADIR>/examples/conserver/conserver.rc. Use that or some
form of it for your own /etc/init.d script or an entry in
startup files (/etc/rc, /etc/rc.local, or whatever).
+ Now for the fun stuff. You need to create a conserver.cf and
conserver.passwd file. Those are defined with the
@ -192,5 +289,5 @@ Other Information And Gotchas
#
# $Id: INSTALL,v 1.27 2003-04-09 07:15:27-07 bryan Exp $
# $Id: INSTALL,v 1.41 2014/04/20 06:45:07 bryan Exp $
#

7
Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = @bindir@
@ -25,6 +26,12 @@ autologin:
autologin.install:
( cd autologin && $(MAKE) install $(MAKE_FLAGS) ) || exit 1;
chat:
( cd contrib/chat && $(MAKE) $@ $(MAKE_FLAGS) ) || exit 1;
chat.install:
( cd contrib/chat && $(MAKE) install $(MAKE_FLAGS) ) || exit 1;
test:
( cd test && ./dotest ) || exit 1

306
PROTOCOL Normal file
View File

@ -0,0 +1,306 @@
Conserver Protocol
==================
What Is This?
-------------
The following is an attempt to describe the client/server protocol used
between the server (conserver) and the client (console). This document
bases it's information on conserver version 8.1.4, as it's the release
currently available. If there are changes to the client/server
protocol, the INSTALL file should reference them and, ideally, this
document will be updated.
The information is looked at from the point of the server, since it's
the server that controls all information and triggers actions on the
client (like a suspend). The client's perspective should be obvious
from this information.
SSL
---
The client and server can negotiate an SSL connection. As far as the
code is concerned, the SSL "layer" is transparent. Data is sent and
received just as if it was unencrypted. Therefore, aside bringing up
the SSL connection, the SSL bits are unimportant from a protocol
standpoint. The client and server still send and receive the same
information - it just happens to be encrypted to everyone else.
"On-The-Wire" Data
------------------
The low-level, "on-the-wire" data is encapsulated similar to the telnet
protocol. All data is sent "as-is" with the exception of 0xFF. 0xFF is
used as a "command character" and both the client and server expect to
see a predefined option after it. The possible options are: 0xFF, 'E',
'G', 'Z', and '.'.
The 0xFF option says to use the literal character 0xFF. So, if there is
a 0xFF character in the data stream to be sent, the code will send two
0xFF characters (it's similar to using '\\' in C strings to embed a
'\').
The other options are used in various contexts, which will be described
in detail below.
Life As A Server
----------------
There are three different interfaces presented to clients by the server.
I'm going to name the three modes "master", "group", and "console". The
first two are line-based, and the third is character-based.
To understand the differences, I must outline how conserver manages
consoles. When conserver starts, it reads the configuration file,
listens on the master socket, and, for each group of consoles it must
manage (where the group size is set by -m), it forks off a copy of
itself. Those child processes are what actually connect to the consoles
and they each listen on a new socket for client connections. So, you
end up with a parent process (that knows about all consoles) that
manages the child processes (that know only about consoles it manages),
and everyone is listening on an individual socket for connections from
clients.
The parent process interacts with clients in "master" mode. That mode
expects line-based commands and responds similarly. Because it's the
master, it understands a certain set of commands that are different than
in "group" mode.
The child processes interact with clients in "group" mode first, and
negotiate a change to "console" mode when a client requests a connection
to a specific console.
"master" Mode
-------------
When parent process gets a connection from a client, it either sends an
"ok" string to signal it's ready or an error message (like "access from
your host is refused") and the connection is dropped. At this point,
there are a small number of commands recognized by the server, since
most are restricted to "logged in" clients. Here's the list of
available commands:
exit disconnect
help this help message
login log in
ssl start ssl session
An "exit" is sent a "goodbye" response and the connection is dropped. A
"help" is sent the list above. A "ssl" is sent an "ok" response and
then the server expects the client to negotiate an ssl connection. A
"login" requires one argument (the username) and is either sent an "ok",
meaning the client is logged in, or a "passwd?" followed by the local
hostname, asking for the user's password, which it expects next. If the
client sends a valid password, an "ok" is sent, otherwise an error
message and the connection is dropped.
Upon successful login, the commands available are:
call provide port for given console
exit disconnect
groups provide ports for group leaders
help this help message
master provide a list of master servers
newlogs* close and open all logfiles (SIGUSR2)
pid provide pid of master process
quit* terminate conserver (SIGTERM)
restart* restart conserver (SIGHUP) - deprecated
reconfig* reread config file (SIGHUP)
version provide version info for server
up* bring up all downed consoles (SIGUSR1)
* = requires admin privileges
"exit" and "help" are the same as before the client logged login.
The "call" command expects one argument, the console name to connect to.
The server will respond with either a port number (if it's a locally
managed console), an "@hostname" where hostname is the name of the
remote conserver host managing the console (if it's a remotely managed
console), or an error message (possibly multi-line). The client is not
disconnected, whatever the response.
The "groups" command responds with a colon-separated list of port
numbers, which correspond to each of the child processes running on the
local host. The client is not disconnected.
The "master" command responds with a colon-separated list of "@hostname"
names. The list includes any hosts (including the possibility of the
local host) which have locally managed consoles. The client is not
disconnected.
The "newlogs" command reopens all logfiles used by conserver, assuming
the user has administrative access. It responds with a message starting
with "ok" if successful and an error message otherwise (like
"unauthorized command"). The client is disconnected if it's successful.
The "pid" command responds with the pid of the master process (in this
case, the one the client is talking to). The client is not
disconnected.
The "quit" command will shut down conserver, assuming the user has
administrative access. It responds with a message starting with "ok" if
successful and an error message otherwise (like "unauthorized command").
The client is disconnected if it's successful.
The "restart" command has been deprecated. You should use "reconfig".
The "reconfig" command will cause conserver to reread the configuration
file and apply any changes, assuming the user has administrative access.
It responds with a message starting with "ok" if successful and an error
message otherwise (like "unauthorized command"). The client is not
disconnected.
The "version" command responds with the version string. The client is
not disconnected.
The "up" command tries to "bring up" all disconnected consoles, assuming
the user has administrative access. It responds with a message starting
with "ok" if successful and an error message otherwise (like
"unauthorized command"). The client is disconnected if it's successful.
"group" Mode
------------
When a child process gets a connection from a client, it either sends an
"ok" string to signal it's ready or an error message (like "access from
your host is refused") and the connection is dropped. At this point,
"group" mode acts just like "master" mode. Once the client successfully
logs in, however, "group" mode has the recognizes the following
commands:
broadcast send broadcast message
call connect to given console
disconnect* disconnect the given user(s)
examine examine port and baud rates
exit disconnect
group show users in this group
help this help message
hosts show host status and user
info show console information
textmsg send a text message
* = requires admin privileges
The "exit" and "help" commands are like the others documented above.
The "broadcast" command expects a text string of the message to be sent
to all users connected to this process. An "ok" is sent as a response.
The "call" command expects one argument, the console name to connect to,
just like in "master" mode. The difference here is that this requests
the server to attach the client to the console and go into "console"
mode. If the attachment is successful, the response will begin with a
'[' character. If not, an error message is returned. The success
responses are:
[console is read-only] - console is read only
[read-only -- initializing] - console is initializing, and
read-only for the time being
[line to console is down] - console is down
[attached] - attached read-write
[spy] - attached read-only
The "disconnect" command expects an argument of the form "user@console"
where either the "user" or "@console" part may be omitted. Upon
success, a response of the form "ok -- disconnected X users" is sent,
where X is the number of users disconnected. If a user is unauthorized
or some other problem occurs, an error message (like "unauthorized
command") is sent.
The "examine" command returns a list of console information of the form
that 'console -x' shows.
The "group" command returns a list of console information of the form
that 'console -w' shows.
The "hosts" command returns a list of console information of the form
that 'console -u' shows.
The "info" command returns a list of console information of the form
that 'console -i' shows.
The "textmsg" command expects two arguments, the first being the
recipient of the message in the form "user@console" (again, where the
"user" or "@console" portion may be omitted) and the second being the
string, like the "broadcast" command. The server returns "ok".
"console" Mode
--------------
As mentioned above, "console" mode is obtained by using the "call"
command when connected to a child processes operating in "group" mode.
"console" mode should look very familiar to a user of conserver, as it's
what the user interacts with when connected to a console. There's
really nothings special here. Each character received from the client
is compared to the escape sequence, and if it matches, an action occurs
on the server side. If it doesn't match the escape sequence, the data
is sent on to the console. All data received from the console is sent
to the client(s). Of course, there are certain exceptions to these
rules, based on the state of the console and the state of the client.
And, certain escape sequences cause special behaviors to occur.
Most escape sequences cause the server to send information back to the
user. Stuff like "^Ecw", "^Eci", and "^Ecu" are examples. The escape
sequence is absorbed by the server, the server sends the client a
variety of information, and things continue as before.
The more "interesting" escape sequences are the following.
"^Ec;" The server sends a 0xFF,'G' command sequence to the client, to
signal a wish to move to a new console. The client then gets
put into the same state as the "^Ecz" sequence (paused), which
gives the client a chance to either resume the connection or
disconnect.
"^Ec|" The server sends a 0xFF,'E' command sequence to the client, to
signal a wish to have the client program interact with a
program, as opposed to the user. The server discards all data
until it receives one of the following command sequences from
the client:
0xFF,'E' Signals successful redirection of interaction to
a program. The server then responds with "[rw]"
or "[ro]" to tell the client whether or not they
have read-write access. If not, the client
should abort the program and send the abort
command sequence below, as other data received by
the server will just get dropped.
0xFF,'.' Abort the operation. The server assumes the
redirection didn't happen and returns the client
to it's normal mode.
The server keeps the client in the "redirected" state until it
receives a 0xFF,'.' command sequence from the client (which
usually occurs when the client command terminates).
If the client is "bumped" from read-write to read-only by
another user, the server will send the client a 0xFF,'.' command
sequence to tell it to abort the redirection and return control
back to the user.
"^Ecz" The server sends a 0xFF,'Z' command sequence to the client, to
signal a wish to suspend to client process. The client is then
put into a "paused" state where it receives no more data from
the server. When the client is ready to resume receiving data,
it sends a character of data to the server, at which point the
server discards the character and sends back a status message of
the form " -- MSG]". The current set of possible messages are:
" -- line down]"
" -- read-only]"
" -- attached (nologging)]"
" -- attached]"
" -- spy mode]"
#
# $Id: PROTOCOL,v 1.2 2005/09/05 21:54:03 bryan Exp $
#

34
README
View File

@ -16,6 +16,14 @@ Documentation
Downloading
The latest version can be found at http://www.conserver.com/
(US-West).
Mirrors of the site are at:
Australia http://planetmirror.com/pub/conserver/
Ireland http://conserver.oss-mirror.org/
Germany http://conserver.linux-mirror.org/
Russia http://conserver.rinet.ru/
Systems Tested
@ -24,17 +32,25 @@ Systems Tested
compile conserver. If anyone has more to add to this list (or
something on the list doesn't work any more), please let me know.
Solaris 2.5.1 thru 9 (sparc/x86), gcc
AIX 4.3.3/5.1/5.2, native cc
BSDI BSD/OS 3.X, gcc
MacOS X
Cygwin (w2k),gcc 2.95.3
DEC Tru64 4.0, gcc
DEC Tru64 4.0/5.1, native cc
FreeBSD 4.x (i386) gcc
FreeBSD 5.x (i386/amd64/sparc64) gcc
FreeBSD 6.x/7.x (i386/amd64/sparc64/ia64) gcc
HP-UX 10.20, gcc
HP-UX 11.10 parisc and ia64, native cc
Irix 6.15, native cc
Linux 2.2.18 (x86), gcc
Linux 2.4.2 (x86), gcc
FreeBSD 4.2 (x86), gcc
cygwin (w2k),gcc 2.95.3
DEC Tru64 4.0, gcc
DEC Tru64 4.0/5.1, DEC cc
HP-UX 10.20, gcc
AIX 4.3.3, AIX cc
Linux ia64, native gcc
Linux RedHat 6.2 and 7.2 (x86), native gcc
MacOS X, native gcc
Solaris 2.5.1 thru 9 (sparc/x86), gcc
Solaris 7/8, native cc
Solaris 10 and Solaris Express (build 33) (x86), gcc and native cc
Contributions
@ -50,5 +66,5 @@ Contributions
http://www.columbia.edu/acis/sy/unixdev/zinc
#
# $Id: README,v 1.21 2002-09-23 10:10:11-07 bryan Exp $
# $Id: README,v 1.26 2006/04/16 17:45:08 bryan Exp $
#

109
TODO
View File

@ -10,80 +10,57 @@ Bryan Stansell
---------------------------------------------------------------------------
- usleep() statements, can they be removed and mimiced with some sort
of console state thing and a timer? Aaron Burt <aaron@osdl.org>
users email.
- OpenSSL sockets have been make blocking instead of keeping the
underlying socket non-blocking. Why? It requires much more work to
deal with non-blocking sockets and OpenSSL. Not impossible, just have
to rewrite a lot of the code to handle the extra special cases. Perhaps
by ignoring renegotiations this can be ignored, but I'm not sure.
- checks for EPIPE during write() should really be done, but, for the
most part, consoles and clients will come around and we'll see
problems on the read().
- Singular logging so that swatch/logsurfer can watch for errors across
the board - unloved output comes close
- Telnet protocol should be improved
- Not even RFC 854 compliant
- Option negotiation ignored - should we negotiate anything?
- Not even RFC 854 compliant...or maybe it is (as of 8.1.0)
- Option negotiation semi-ignored - should we negotiate anything more?
- Others?
- better shadow file support
- what does this mean? i've forgotten.
- syslog?
Daniel E. Singer <des@cs.duke.edu> would like to see it - especially
in regards to --use-libwrap code
- alternate (md5) password encryption support in conserver.passwd
- actually happens if the crypt() call supports it, like under linux
- hpux has bigcrypt() also, which we support, so maybe we're covered
- config file examples for various configurations
- sample conserver.cf has some...but it's not explained well
- per-line timestamps
- only when not connected?
- flow control configuration (hardcoded on, i think)
- pipe input/output (console <-> program) via 'console'
- some apps (net-ups thing, gdb) might need to talk to user
- group permissions (better user management in general)
- 64-bit compilation support (have a patch set contributed, somewhere, i think)
- ^Ec| does this, but the interact with user bits might not work
- actually, ^Ec| does work right with 8.1.0...one change that might
be nice is the ability to NOT watch the i/o pass to the local
command - try sending a big file to the local host with xmodem.
- autologout? setting per console? gack, would have to interpret data.
- this will never happen...i don't want to interpret data
- "listen" capability (watch all/multiple consoles)
- break sequences - need .5 second delays (or delays in general?)
- aliases for console entries
- send data to multiple consoles (carbon copy) -
Steve Lammert <slammert@panasas.com>
- authentication to terminal servers (ssh, passphrase, whatever)
- "not" or "except" in passwd file (!console).
- multi-homed/multi-ip hosts not supported well
- other names/ip addrs not detected as local, necessarily
- acls don't look at aliases properly
- the whole thing needs some serious help
- ssh should probably just be handled by invoking the ssh command.
so, that's really already covered, no?
- passphrase...hmmm..could really use some sort of send/expect
thing here. you could write a wrapper script of sorts, but it
really would be nice to have a raw socket and do the right thing.
- this does work, using the 'initcmd' option, so, all done?
- cyclades ts1000/2000 port : "Moses, Joel" <jmoses@deloitte.com>
- config file for client (list of masters, for example)
- strftime() idea for logfile names : Lars Kellogg-Stedman <lars@larsshack.org>
- 9600baud log replay?
- server -M flag should accept multiple addresses (comma separated)
- should client as well?
- logfile rotation based on size
- this may never happen...does anyone really need it?
- automatic log rotation in general : Egan Ford <egan@us.ibm.com>
@ -94,24 +71,7 @@ Bryan Stansell
- suggestions by Trevor Fiatal <trevor@seven.com>
- include server hostname on 'console -x' output
- non-interactively be able to
- disconnect a single user-to-port session
- disconnect all sessions to a given port
- disconnect all sessions registered to a particular user
- non-interactively be able to send messages to
- all sessions open by a particular user
console -t user "Time to go home."
- a particular user-session
console -t user@managed-host "Please disconnect from this host."
- all users on a given host
console -t @managed-host "I am taking over this host."
- support 2 stop bits (as well as other stty-type options in console
definitions) : Kelly Setzer <setzer@placemark.com>
- ability to configure strings to be sent to a console whenever it is
(re)opened (eg. a termserver login) : Greg A. Woods
<woods@planix.com>
- i think the -i output covers it, but maybe not
- ability to configure strings to be sent to a console periodically :
Greg A. Woods <woods@planix.com>
@ -119,7 +79,34 @@ Bryan Stansell
- show attach/detach events to/of spy console clients : Greg A. Woods
<woods@planix.com>
- redefine client escape sequence in conserver.cf : Toby Gerhart
<toby.gerhart@eds.com>
- not even sure if this is possible w/o confusing the client,
but maybe with the new 8.1.0 client-server protocol, we can!
- log rotation by date : Tom Pachla <tom.pachla@nlc-bnc.ca>
- strict file permission checks on conserver.passwd/conserver.cf : Erik
Sjolund <erik.sjolund@sbc.su.se>
- netgroup support? : Nikolaos Papavassiliou
<Nikolaos.Papavassiliou@reuters.com> and Phil Dibowitz <phil@usc.edu>
- send sequences to console on client connect? (to repaint screen,
for example) : John Cagle <jcagle@gmail.com>
- uucp locks : Sebastian Zagrodzki <sebek@heron.net.icm.edu.pl>
- support more than 9 break sequences : Danish Mirza <Danish@lehman.com>
thought it was easy, but adding more than could break things with
current encoding. doable, will have to think harder about it.
- reintroduce console grouping : Martin Turba
<martin.turba@igd.fraunhofer.de>
- quick-recheck of down consoles (for uds) and possibly only log state
changes (instead of each try) : DJ Gregor <dj@gregor.com>
#
# $Id: TODO,v 1.27 2003-01-27 17:47:27-08 bryan Exp $
# $Id: TODO,v 1.56 2006/04/03 22:20:34 bryan Exp $
#

2
autologin/INSTALL.old
View File

@ -1,4 +1,4 @@
# $Id: INSTALL,v 1.3 94/07/11 12:38:19 ksb Exp $
# $Id: INSTALL.old,v 1.1 2003/11/04 02:36:24 bryan Exp $
To install this program you need root access and access to the physical
console of the machine (either through the console server or via the physical

5
autologin/Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
prefix = @prefix@
@ -31,6 +32,8 @@ ALL = autologin
all: $(ALL)
$(AUTOLOGIN_OBJS): $(AUTOLOGIN_HDRS)
autologin: $(AUTOLOGIN_OBJS)
$(CC) $(CFLAGS) $(LDFLAGS) -o autologin $(AUTOLOGIN_OBJS) $(LIBS)
@ -43,7 +46,7 @@ clean:
distclean: clean
rm -f Makefile
install:
install: autologin
$(MKDIR) $(DESTDIR)$(bindir)
$(INSTALL_PROGRAM) autologin $(DESTDIR)$(bindir)

2
autologin/README
View File

@ -17,5 +17,5 @@ Good luck.
Bryan Stansell
#
# $Id: README,v 1.2 2002-09-23 14:08:42-07 bryan Exp $
# $Id: README,v 1.2 2002/09/23 21:08:42 bryan Exp $
#

2
autologin/README.old
View File

@ -1,4 +1,4 @@
# $Id: README,v 1.3 93/04/21 16:13:37 ksb Exp $
# $Id: README.old,v 1.1 2003/11/04 02:36:24 bryan Exp $
This program can be used to put a root shell on the console at boot time.
See the manual page.

873
autologin/autologin.c
View File

@ -34,13 +34,13 @@
* to change the /etc/security/audit_event line.
*/
#define AUE_autologin 32900
# define AUE_autologin 32900
#include <sys/unistd.h>
#include <netdb.h>
#include <bsm/audit.h>
#include <bsm/libbsm.h>
#include <libintl.h>
# include <sys/unistd.h>
# include <netdb.h>
# include <bsm/audit.h>
# include <bsm/libbsm.h>
# include <libintl.h>
#endif
#include <compat.h>
@ -69,11 +69,11 @@
*/
#ifndef lint
char *rcsid = "$Id: autologin.c,v 1.23 2002-09-20 23:29:39-07 bryan Exp $";
#endif /* not lint */
extern char *progname;
gid_t awGrps[NGROUPS_MAX];
int iGrps = 0;
char *rcsid = "$Id: autologin.c,v 1.28 2014/04/20 06:45:07 bryan Exp $";
#endif /* not lint */
extern char *progname;
gid_t awGrps[NGROUPS_MAX];
int iGrps = 0;
/*
* External variables
@ -82,512 +82,435 @@ int iGrps = 0;
extern int optind;
extern char *optarg;
void make_utmp();
void usage();
void make_utmp();
void usage();
int
Process()
Process(void)
{
register int c;
int iErrs = 0;
int i, iNewGrp;
gid_t wGid;
uid_t wUid;
char *pcCmd = (char *)0,
*pcDevTty = (char *)0;
char *pcTmp;
int iErrs = 0;
int i, iNewGrp;
gid_t wGid;
uid_t wUid;
char *pcCmd = (char *)0, *pcDevTty = (char *)0;
#ifdef HAVE_GETUSERATTR
char *pcGrps;
#endif
struct passwd *pwd;
struct stat st;
#ifdef HAVE_TERMIOS_H
struct termios n_tio;
#else
# ifdef TIOCNOTTY
# ifdef O_CBREAK
auto struct tc n_tchars;
# else
auto struct tchars n_tchars;
# endif
# ifdef TIOCGLTC
auto struct ltchars n_ltchars;
# endif
# else
# ifdef TIOCGETP
auto struct sgttyb n_sty;
# endif
# endif
char *pcGrps;
#endif
struct passwd *pwd;
struct stat st;
struct termios n_tio;
#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
char my_hostname[MAXHOSTNAMELEN];
char my_hostname[MAXHOSTNAMELEN];
#endif
#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
(void) fprintf(stderr, "%s: gethostname: %s\n", strerror(errno));
exit(1);
/* NOTREACHED */
}
if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
(void)fprintf(stderr, "%s: gethostname: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
#endif
if ((char *)0 != pcCommand) {
if ((char *)0 == (pcCmd = (char *)malloc(strlen(pcCommand) + 4))) {
(void) fprintf(stderr, "%s: malloc: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
(void)strcpy(pcCmd, "-c ");
(void)strcat(pcCmd, pcCommand);
if ((char *)0 != pcCommand) {
if ((char *)0 == (pcCmd = (char *)malloc(strlen(pcCommand) + 4))) {
(void)fprintf(stderr, "%s: malloc: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
(void)strcpy(pcCmd, "-c ");
(void)strcat(pcCmd, pcCommand);
}
if ( (char *)0 != pcGroup ) {
iErrs += addgroup(pcGroup);
}
if ((char *)0 != pcGroup) {
iErrs += addgroup(pcGroup);
}
if ( (char *)0 == pcLogin ) {
static char acLogin[17];
if ((struct passwd *)0 == (pwd = getpwuid(geteuid()))) {
(void) fprintf(stderr, "%s: %d: uid unknown\n", progname, geteuid());
exit(1);
/* NOTREACHED */
}
pcLogin = strcpy(acLogin, pwd->pw_name);
} else if ((struct passwd *)0 == (pwd = getpwnam(pcLogin))) {
(void) fprintf(stderr, "%s: %s: login name unknown\n", progname, pcLogin);
exit(1);
/* NOTREACHED */
if ((char *)0 == pcLogin) {
static char acLogin[17];
if ((struct passwd *)0 == (pwd = getpwuid(geteuid()))) {
(void)fprintf(stderr, "%s: %d: uid unknown\n", progname,
geteuid());
exit(1);
/* NOTREACHED */
}
wUid = pwd->pw_uid;
wGid = pwd->pw_gid;
(void)endpwent();
pcLogin = strcpy(acLogin, pwd->pw_name);
} else if ((struct passwd *)0 == (pwd = getpwnam(pcLogin))) {
(void)fprintf(stderr, "%s: %s: login name unknown\n", progname,
pcLogin);
exit(1);
/* NOTREACHED */
}
wUid = pwd->pw_uid;
wGid = pwd->pw_gid;
(void)endpwent();
#ifdef HAVE_GETUSERATTR
/* getuserattr() returns a funny list of groups:
* "grp1\0grp2\0grp3\0\0"
*/
if (0 == getuserattr(pcLogin, S_SUGROUPS, &pcGrps, SEC_LIST)) {
while ('\000' != *pcGrps) {
/* ignore "ALL" and any group beginning with '!' */
if ('!' == *pcGrps || 0 != strcmp(pcGrps, "ALL")) {
iErrs += addgroup(pcGrps);
}
pcGrps = pcGrps + strlen(pcGrps) + 1;
}
/* getuserattr() returns a funny list of groups:
* "grp1\0grp2\0grp3\0\0"
*/
if (0 == getuserattr(pcLogin, S_SUGROUPS, &pcGrps, SEC_LIST)) {
while ('\000' != *pcGrps) {
/* ignore "ALL" and any group beginning with '!' */
if ('!' == *pcGrps || 0 != strcmp(pcGrps, "ALL")) {
iErrs += addgroup(pcGrps);
}
pcGrps = pcGrps + strlen(pcGrps) + 1;
}
#endif /* HAVE_GETUSERATTR */
(void)endgrent();
}
#endif /* HAVE_GETUSERATTR */
(void)endgrent();
if ((char *)0 != pcTty) {
if ( '/' == *pcTty ) {
pcDevTty = pcTty;
} else {
if ( (char *)0 == (pcDevTty = (char *)malloc(strlen(pcTty)+5+1) ) ) {
(void) fprintf(stderr, "%s: malloc: %s\n", progname, strerror(errno));
exit(1);
}
sprintf(pcDevTty, "/dev/%s", pcTty);
}
if ((char *)0 != pcTty) {
if ('/' == *pcTty) {
pcDevTty = pcTty;
} else {
if ((char *)0 ==
(pcDevTty = (char *)malloc(strlen(pcTty) + 5 + 1))) {
(void)fprintf(stderr, "%s: malloc: %s\n", progname,
strerror(errno));
exit(1);
}
sprintf(pcDevTty, "/dev/%s", pcTty);
}
if (0 != stat(pcDevTty, &st)) {
(void) fprintf(stderr, "%s: Can't stat %s: %s\n", progname, pcDevTty, strerror(errno));
++iErrs;
if (0 != stat(pcDevTty, &st)) {
(void)fprintf(stderr, "%s: Can't stat %s: %s\n", progname,
pcDevTty, strerror(errno));
++iErrs;
#if defined(VCHR) && defined(VMPC)
} else if (VCHR != st.st_type && VMPC != st.st_type) {
(void) fprintf(stderr, "%s: %s is not a character device\n", progname, pcDevTty);
++iErrs;
} else if (VCHR != st.st_type && VMPC != st.st_type) {
(void)fprintf(stderr, "%s: %s is not a character device\n",
progname, pcDevTty);
++iErrs;
#endif
}
} else {
pcDevTty = (char *)0;
}
} else {
pcDevTty = (char *)0;
}
if (iErrs) {
usage();
exit(1);
/* NOTREACHED */
}
if (0 != geteuid()) {
(void) fprintf(stderr, "%s: Must be root!!!\n", progname);
exit(1);
/* NOTREACHED */
}
if (iGrps && 0 < setgroups(iGrps, awGrps)) {
(void) fprintf(stderr, "%s: Can't setgroups(): %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (iErrs) {
usage();
exit(1);
/* NOTREACHED */
}
if (0 != geteuid()) {
(void)fprintf(stderr, "%s: Must be root!!!\n", progname);
exit(1);
/* NOTREACHED */
}
if (iGrps && 0 < setgroups(iGrps, awGrps)) {
(void)fprintf(stderr, "%s: Can't setgroups(): %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
/* Close open files
*/
for (i = (char *)0 == pcTty ? 3 : 0; i < getdtablesize(); ++i) {
(void) close(i);
}
/* Close open files
*/
for (i = (char *)0 == pcTty ? 3 : 0; i < getdtablesize(); ++i) {
(void)close(i);
}
/* Make us a session leader so that when we open /dev/tty
* it will become our controlling terminal.
*/
if (-1 == (iNewGrp = getsid(getpid()))) {
if (-1 == (iNewGrp = setsid())) {
(void) fprintf(stderr, "%s: setsid: %d: %s\n", progname, iNewGrp, strerror(errno));
iNewGrp = getpid();
}
/* Make us a session leader so that when we open /dev/tty
* it will become our controlling terminal.
*/
if (-1 == (iNewGrp = getsid(getpid()))) {
if (-1 == (iNewGrp = setsid())) {
(void)fprintf(stderr, "%s: setsid: %d: %s\n", progname,
iNewGrp, strerror(errno));
iNewGrp = getpid();
}
}
#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
if (!cannot_audit(0)) {
if (!cannot_audit(0)) {
# if defined(HAVE_GETAUDIT_ADDR)
struct auditinfo_addr audit_info;
struct auditinfo_addr audit_info;
# else
struct auditinfo audit_info;
struct auditinfo audit_info;
# endif
au_mask_t audit_mask;
au_mask_t audit_mask;
# if !defined(HAVE_GETAUDIT_ADDR)
struct hostent *hp;
struct hostent *hp;
# endif
int iAuditFile;
int fShowEvent = 1;
token_t *ptAuditToken;
int iAuditFile;
int fShowEvent = 1;
token_t *ptAuditToken;
(void)memset(&audit_info, 0, sizeof(audit_info));
audit_info.ai_auid = wUid;
audit_info.ai_asid = getpid();
audit_mask.am_success = audit_mask.am_failure = 0;
(void) au_user_mask(pcLogin, &audit_mask);
audit_info.ai_mask.am_success = audit_mask.am_success;
audit_info.ai_mask.am_failure = audit_mask.am_failure;
(void)memset(&audit_info, 0, sizeof(audit_info));
audit_info.ai_auid = wUid;
audit_info.ai_asid = getpid();
audit_mask.am_success = audit_mask.am_failure = 0;
(void)au_user_mask(pcLogin, &audit_mask);
audit_info.ai_mask.am_success = audit_mask.am_success;
audit_info.ai_mask.am_failure = audit_mask.am_failure;
# if defined(HAVE_GETAUDIT_ADDR)
(void)aug_get_machine(my_hostname,
&audit_info.ai_termid.at_addr[0],
&audit_info.ai_termid.at_type);
(void)aug_get_machine(my_hostname,
&audit_info.ai_termid.at_addr[0],
&audit_info.ai_termid.at_type);
# else
if ((char *)0 != (hp = gethostbyname(my_hostname))
&& AF_INET == hp->h_addrtype) {
(void)memcpy(&audit_info.ai_termid.machine,
hp->h_addr,
sizeof(audit_info.ai_termid.machine));
}
# endif
# if defined(HAVE_GETAUDIT_ADDR)
if (0 > setaudit_addr(&audit_info, sizeof(audit_info)))
# else
if (0 > setaudit(&audit_info))
# endif
{
fprintf(stderr, "%s: setaudit failed: %s\n",
progname,
strerror(errno));
fShowEvent = 0;
}
if (fShowEvent) {
fShowEvent = au_preselect(AUE_autologin,
&audit_mask,
AU_PRS_SUCCESS,
AU_PRS_REREAD);
}
if (fShowEvent) {
iAuditFile = au_open();
# if defined(HAVE_GETAUDIT_ADDR)
ptAuditToken = au_to_subject_ex(wUid,
wUid,
wGid,
wUid,
wGid,
audit_info.ai_asid,
audit_info.ai_asid,
&audit_info.ai_termid),
# else
ptAuditToken = au_to_subject(wUid,
wUid,
wGid,
wUid,
wGid,
audit_info.ai_asid,
audit_info.ai_asid,
&audit_info.ai_termid),
# endif
(void)au_write(iAuditFile, ptAuditToken);
ptAuditToken = au_to_text(gettext("successful login"));
(void)au_write(iAuditFile, ptAuditToken);
if ((char *)0 != pcCmd) {
ptAuditToken = au_to_text(pcCmd);
(void)au_write(iAuditFile, ptAuditToken);
}
# if defined(HAVE_GETAUDIT_ADDR)
ptAuditToken = au_to_return32(0, 0);
# else
ptAuditToken = au_to_return(0, 0);
# endif
(void)au_write(iAuditFile, ptAuditToken);
if(0 > au_close(iAuditFile, AU_TO_WRITE, AUE_autologin)) {
fprintf(stderr, "%s: audit write failed",
progname,
strerror(errno));
}
}
if ((char *)0 != (hp = gethostbyname(my_hostname))
&& AF_INET == hp->h_addrtype) {
(void)memcpy(&audit_info.ai_termid.machine, hp->h_addr,
sizeof(audit_info.ai_termid.machine));
}
# endif
# if defined(HAVE_GETAUDIT_ADDR)
if (0 > setaudit_addr(&audit_info, sizeof(audit_info)))
# else
if (0 > setaudit(&audit_info))
# endif
{
fprintf(stderr, "%s: setaudit failed: %s\n", progname,
strerror(errno));
fShowEvent = 0;
}
if (fShowEvent) {
fShowEvent =
au_preselect(AUE_autologin, &audit_mask, AU_PRS_SUCCESS,
AU_PRS_REREAD);
}
if (fShowEvent) {
iAuditFile = au_open();
# if defined(HAVE_GETAUDIT_ADDR)
ptAuditToken =
au_to_subject_ex(wUid, wUid, wGid, wUid, wGid,
audit_info.ai_asid, audit_info.ai_asid,
&audit_info.ai_termid),
# else
ptAuditToken =
au_to_subject(wUid, wUid, wGid, wUid, wGid,
audit_info.ai_asid, audit_info.ai_asid,
&audit_info.ai_termid),
# endif
(void)au_write(iAuditFile, ptAuditToken);
ptAuditToken = au_to_text(gettext("successful login"));
(void)au_write(iAuditFile, ptAuditToken);
if ((char *)0 != pcCmd) {
ptAuditToken = au_to_text(pcCmd);
(void)au_write(iAuditFile, ptAuditToken);
}
# if defined(HAVE_GETAUDIT_ADDR)
ptAuditToken = au_to_return32(0, 0);
# else
ptAuditToken = au_to_return(0, 0);
# endif
(void)au_write(iAuditFile, ptAuditToken);
if (0 > au_close(iAuditFile, AU_TO_WRITE, AUE_autologin)) {
fprintf(stderr, "%s: audit write failed: %s", progname,
strerror(errno));
}
}
}
#endif
/* Open the TTY for stdin, stdout and stderr
*/
if ((char *)0 != pcDevTty) {
/* Open the TTY for stdin, stdout and stderr
*/
if ((char *)0 != pcDevTty) {
#ifdef TIOCNOTTY
if (-1 != (i = open("/dev/tty", 2, 0))) {
if ( ioctl(i, TIOCNOTTY, (char *)0) )
(void) fprintf(stderr, "%s: ioctl(%d, TIOCNOTTY, (char *)0): %s\n", progname, i, strerror(errno));
(void) close(i);
}
#endif
if (0 != open(pcDevTty, O_RDWR, 0666)) {
exit(1);
/* NOTREACHED */
}
dup(0);
dup(0);
if (-1 != (i = open("/dev/tty", 2, 0))) {
if (ioctl(i, TIOCNOTTY, (char *)0))
(void)fprintf(stderr,
"%s: ioctl(%d, TIOCNOTTY, (char *)0): %s\n",
progname, i, strerror(errno));
(void)close(i);
}
#endif
if (0 != open(pcDevTty, O_RDWR, 0666)) {
exit(1);
/* NOTREACHED */
}
dup(0);
dup(0);
}
/* put the tty in out process group
*/
/* put the tty in out process group
*/
#ifdef HAVE_TCGETPGRP
if (-1 >= (i = tcgetpgrp(0))){
(void) fprintf(stderr, "%s: tcgetpgrp: %s\n", progname, strerror(errno));
}
if (-1 >= (i = tcgetpgrp(0))) {
(void)fprintf(stderr, "%s: tcgetpgrp: %s\n", progname,
strerror(errno));
}
#endif
#ifndef SETPGRP_VOID
if (-1 != i && setpgrp(0, i) ){
(void) fprintf(stderr, "%s: setpgrp: %s, i = %d\n", progname, strerror(errno), i);
}
#endif
if (-1 != i && setpgrp(0, i)) {
(void)fprintf(stderr, "%s: setpgrp: %s, i = %d\n", progname,
strerror(errno), i);
}
#ifdef HAVE_TCSETPGRP
if (tcsetpgrp(0, iNewGrp)){
(void) fprintf(stderr, "%s: tcsetpgrp: %s\n", progname, strerror(errno));
}
#endif
#ifndef SETPGRP_VOID
if (-1 != iNewGrp && setpgrp(0, iNewGrp)){
(void) fprintf(stderr, "%s: setpgrp: %s, iNewGrp = %d\n", progname, strerror(errno), iNewGrp);
}
if (tcsetpgrp(0, iNewGrp)) {
(void)fprintf(stderr, "%s: tcsetpgrp: %s\n", progname,
strerror(errno));
}
#endif
if (-1 != iNewGrp && setpgrp(0, iNewGrp)) {
(void)fprintf(stderr, "%s: setpgrp: %s, iNewGrp = %d\n", progname,
strerror(errno), iNewGrp);
}
/* put the tty in the correct mode
*/
#ifndef HAVE_TERMIOS_H
if (0 != ioctl(0, TIOCGETP, (char *)&n_sty)) {
fprintf(stderr, "%s: iotcl: getp: %s\n", progname, strerror(errno));
exit(10);
}
#ifdef O_CBREAK
n_sty.sg_flags &= ~(O_CBREAK);
n_sty.sg_flags |= (O_CRMOD|O_ECHO);
#else
n_sty.sg_flags &= ~(CBREAK);
n_sty.sg_flags |= (CRMOD|ECHO);
#endif
n_sty.sg_kill = '\025'; /* ^U */
n_sty.sg_erase = '\010'; /* ^H */
if (0 != ioctl(0, TIOCSETP, (char *)&n_sty)) {
fprintf(stderr, "%s: iotcl: setp: %s\n", progname, strerror(errno));
exit(10);
}
/* stty undef all tty chars
*/
#if 0
if (-1 == ioctl(0, TIOCGETC, (char *)&n_tchars)) {
fprintf(stderr, "%s: ioctl: getc: %s\n", progname, strerror(errno));
return;
}
n_tchars.t_intrc = -1;
n_tchars.t_quitc = -1;
if (-1 == ioctl(0, TIOCSETC, (char *)&n_tchars)) {
fprintf(stderr, "%s: ioctl: setc: %s\n", progname, strerror(errno));
return;
}
#endif
#ifdef TIOCGLTC
if (-1 == ioctl(0, TIOCGLTC, (char *)&n_ltchars)) {
fprintf(stderr, "%s: ioctl: gltc: %s\n", progname, strerror(errno));
return;
}
n_ltchars.t_suspc = -1;
n_ltchars.t_dsuspc = -1;
n_ltchars.t_flushc = -1;
n_ltchars.t_lnextc = -1;
if (-1 == ioctl(0, TIOCSLTC, (char *)&n_ltchars)) {
fprintf(stderr, "%s: ioctl: sltc: %s\n", progname, strerror(errno));
return;
}
#endif
#else /* not using ioctl, using POSIX or sun stuff */
/* put the tty in the correct mode
*/
#ifdef HAVE_TCGETATTR
if (0 != tcgetattr(0, &n_tio)) {
(void) fprintf(stderr, "%s: tcgetattr: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (0 != tcgetattr(0, &n_tio)) {
(void)fprintf(stderr, "%s: tcgetattr: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
#else
if (0 != ioctl(0, TCGETS, &n_tio)) {
(void) fprintf(stderr, "%s: iotcl: TCGETS: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (0 != ioctl(0, TCGETS, &n_tio)) {
(void)fprintf(stderr, "%s: iotcl: TCGETS: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
#endif
n_tio.c_iflag &= ~(IGNCR|IUCLC);
n_tio.c_iflag |= ICRNL|IXON|IXANY;
n_tio.c_oflag &= ~(OLCUC|ONOCR|ONLRET|OFILL|NLDLY|CRDLY|TABDLY|BSDLY);
n_tio.c_oflag |= OPOST|ONLCR|TAB3;
n_tio.c_lflag &= ~(XCASE|NOFLSH|ECHOK|ECHONL);
n_tio.c_lflag |= ISIG|ICANON|ECHO;
n_tio.c_cc[VEOF] = '\004'; /* ^D */
n_tio.c_cc[VEOL] = '\000'; /* EOL */
n_tio.c_cc[VERASE] = '\010'; /* ^H */
n_tio.c_cc[VINTR] = '\003'; /* ^C */
n_tio.c_cc[VKILL] = '\025'; /* ^U */
/* MIN */
n_tio.c_cc[VQUIT] = '\034'; /* ^\ */
n_tio.c_cc[VSTART] = '\021'; /* ^Q */
n_tio.c_cc[VSTOP] = '\023'; /* ^S */
n_tio.c_cc[VSUSP] = '\032'; /* ^Z */
n_tio.c_iflag &= ~(IGNCR | IUCLC);
n_tio.c_iflag |= ICRNL | IXON | IXANY;
n_tio.c_oflag &=
~(OLCUC | ONOCR | ONLRET | OFILL | NLDLY | CRDLY | TABDLY | BSDLY);
n_tio.c_oflag |= OPOST | ONLCR | TAB3;
n_tio.c_lflag &= ~(XCASE | NOFLSH | ECHOK | ECHONL);
n_tio.c_lflag |= ISIG | ICANON | ECHO;
n_tio.c_cc[VEOF] = '\004'; /* ^D */
n_tio.c_cc[VEOL] = '\000'; /* EOL */
n_tio.c_cc[VERASE] = '\010'; /* ^H */
n_tio.c_cc[VINTR] = '\003'; /* ^C */
n_tio.c_cc[VKILL] = '\025'; /* ^U */
/* MIN */
n_tio.c_cc[VQUIT] = '\034'; /* ^\ */
n_tio.c_cc[VSTART] = '\021'; /* ^Q */
n_tio.c_cc[VSTOP] = '\023'; /* ^S */
n_tio.c_cc[VSUSP] = '\032'; /* ^Z */
#ifdef HAVE_TCSETATTR
if (0 != tcsetattr(0, TCSANOW, &n_tio)) {
(void) fprintf(stderr, "%s: tcsetattr: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
#else
#ifndef HAVE_TERMIOS_H
if (0 != ioctl(0, TCSETS, &n_tio)) {
(void) fprintf(stderr, "%s: ioctl: TCSETS: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (0 != tcsetattr(0, TCSANOW, &n_tio)) {
(void)fprintf(stderr, "%s: tcsetattr: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
#endif
#endif
#endif /* setup tty */
if (fMakeUtmp) {
extern char *ttyname();
make_utmp(pcLogin, (char *)0 != pcTty ? pcTty : ttyname(0));
}
/* Change ownership and modes on the tty.
*/
if ((char *)0 != pcDevTty) {
(void) chown(pcDevTty, wUid, wGid);
(void) chmod(pcDevTty, (mode_t) TTYMODE);
}
if (fMakeUtmp) {
extern char *ttyname();
make_utmp(pcLogin, (char *)0 != pcTty ? pcTty : ttyname(0));
}
/* Change ownership and modes on the tty.
*/
if ((char *)0 != pcDevTty) {
(void)chown(pcDevTty, wUid, wGid);
(void)chmod(pcDevTty, (mode_t) TTYMODE);
}
if ((char *)0 != pcCmd) {
execl(PATH_SU, "su", "-", pcLogin, pcCmd, (char *)0);
} else {
execl(PATH_SU, "su", "-", pcLogin, (char *)0);
}
if ((char *)0 != pcCmd) {
execl(PATH_SU, "su", "-", pcLogin, pcCmd, (char *)0);
} else {
execl(PATH_SU, "su", "-", pcLogin, (char *)0);
}
}
#ifndef HAVE_PUTENV
int
putenv(pcAssign)
char *pcAssign;
putenv(char *pcAssign)
{
register char *pcEq;
register char *pcEq;
if ((char *)0 != (pcEq = strchr(pcAssign, '='))) {
*pcEq++ = '\000';
(void)setenv(pcAssign, pcEq, 1);
*--pcEq = '=';
} else {
unsetenv(pcAssign);
}
if ((char *)0 != (pcEq = strchr(pcAssign, '='))) {
*pcEq++ = '\000';
(void)setenv(pcAssign, pcEq, 1);
*--pcEq = '=';
} else {
unsetenv(pcAssign);
}
}
#endif
int
addgroup(pcGrp)
char *pcGrp;
addgroup(char *pcGrp)
{
struct group *grp;
struct group *grp;
grp = getgrnam(pcGrp);
if ((struct group *)0 == grp) {
(void) fprintf(stderr, "%s: Unknown group: %s\n", progname, pcGrp);
return(1);
}
if (iGrps >= NGROUPS_MAX) {
(void) fprintf(stderr, "%s: Too many groups specified with \"%s\".\n", progname, pcGrp);
return(1);
}
awGrps[iGrps++] = grp->gr_gid;
return(0);
grp = getgrnam(pcGrp);
if ((struct group *)0 == grp) {
(void)fprintf(stderr, "%s: Unknown group: %s\n", progname, pcGrp);
return (1);
}
if (iGrps >= NGROUPS_MAX) {
(void)fprintf(stderr,
"%s: Too many groups specified with \"%s\".\n",
progname, pcGrp);
return (1);
}
awGrps[iGrps++] = grp->gr_gid;
return (0);
}
/* install a utmp entry to show the use we know is here is here (ksb)
*/
void
make_utmp(pclogin, pctty)
char *pclogin;
char *pctty;
make_utmp(char *pclogin, char *pctty)
{
register int iFound, iPos;
register int fdUtmp;
register char *pcDev;
register struct utmp *up;
auto struct utmp outmp, utmp;
register int iFound, iPos;
register int fdUtmp;
register char *pcDev;
register struct utmp *up;
auto struct utmp utmp;
if ((char *)0 == pctty) {
return;
if ((char *)0 == pctty) {
return;
}
if ((fdUtmp = open(UTMP_FILE, O_RDWR, 0664)) < 0) {
return;
}
/* create empty utmp entry
*/
(void)memset(&utmp, 0, sizeof(struct utmp));
/* Only the last portion of the tty is saved, unless it's
* all digits. Then back up and include the previous part
* /dev/pty/02 -> pty/02 (not just 02)
*/
if ((char *)0 != (pcDev = strrchr(pctty, '/'))) {
if (!*(pcDev + strspn(pcDev, "/0123456789"))) {
while (pcDev != pctty && *--pcDev != '/') {
}
}
if ((fdUtmp = open(UTMP_FILE, O_RDWR, 0664)) < 0) {
return;
}
/* create empty utmp entry
*/
(void)memset(&utmp, 0, sizeof(struct utmp));
/* Only the last portion of the tty is saved, unless it's
* all digits. Then back up and include the previous part
* /dev/pty/02 -> pty/02 (not just 02)
*/
if ((char *)0 != (pcDev = strrchr(pctty, '/'))) {
if (! *(pcDev + strspn(pcDev, "/0123456789"))) {
while (pcDev != pctty && *--pcDev != '/') {
}
}
if (*pcDev == '/') {
++pcDev;
}
} else {
pcDev = pctty;
if (*pcDev == '/') {
++pcDev;
}
} else {
pcDev = pctty;
}
#ifdef HAVE_GETUTENT
/* look through getutent's by pid
*/
(void)setutent();
utmp.ut_pid = getpid();
iFound = iPos = 0;
while ((up = getutent()) != NULL) {
if (up->ut_pid == utmp.ut_pid) {
utmp = *up;
++iFound;
break;
}
iPos++;
}
(void)endutent();
/* we were an initprocess, now we are a login shell
*/
utmp.ut_type = USER_PROCESS;
(void)strncpy(utmp.ut_user, pclogin, sizeof(utmp.ut_user));
if ('\000' == utmp.ut_line[0]) {
(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
/* look through getutent's by pid
*/
(void)setutent();
utmp.ut_pid = getpid();
iFound = iPos = 0;
while ((up = getutent()) != NULL) {
if (up->ut_pid == utmp.ut_pid) {
utmp = *up;
++iFound;
break;
}
iPos++;
}
(void)endutent();
/* we were an initprocess, now we are a login shell
*/
utmp.ut_type = USER_PROCESS;
(void)strncpy(utmp.ut_user, pclogin, sizeof(utmp.ut_user));
if ('\000' == utmp.ut_line[0]) {
(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
}
#else
#ifdef HAVE_SETTTYENT
{
# ifdef HAVE_SETTTYENT
{
register struct ttyent *ty;
/* look through ttyslots by line?
@ -595,56 +518,56 @@ char *pctty;
(void)setttyent();
iFound = iPos = 0;
while ((ty = getttyent()) != NULL) {
if (strcmp(ty->ty_name, pcDev) == 0) {
++iFound;
break;
}
iPos++;
if (strcmp(ty->ty_name, pcDev) == 0) {
++iFound;
break;
}
iPos++;
}
/* fill in utmp from ty ZZZ */
(void)endttyent();
}
(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
(void)strncpy(utmp.ut_host, "(autologin)", sizeof(utmp.ut_host));
# else
/* look through /etc/utmp by hand (sigh)
*/
iFound = iPos = 0;
while (sizeof(utmp) == read(fdUtmp, &utmp, sizeof(utmp))) {
if (0 == strncmp(utmp.ut_line, pcDev, sizeof(utmp.ut_line))) {
++iFound;
break;
}
(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
(void)strncpy(utmp.ut_host, "(autologin)", sizeof(utmp.ut_host));
#else
/* look through /etc/utmp by hand (sigh)
*/
iFound = iPos = 0;
while (sizeof(utmp) == read(fdUtmp, & utmp, sizeof(utmp))) {
if (0 == strncmp(utmp.ut_line, pcDev, sizeof(utmp.ut_line))) {
++iFound;
break;
}
iPos++;
}
(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
iPos++;
}
(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
# endif
#endif
#endif
utmp.ut_time = time((time_t *) 0);
utmp.ut_time = time((time_t *)0);
if (0 == iFound) {
fprintf(stderr, "%s: %s: no ttyslot\n", progname, pctty);
} else if (-1 == lseek(fdUtmp, (off_t)(iPos*sizeof(utmp)), 0)) {
fprintf(stderr, "%s: lseek: %s\n", progname, strerror(errno));
} else {
(void)write(fdUtmp, (char *)&utmp, sizeof(utmp));
}
(void)close(fdUtmp);
if (0 == iFound) {
fprintf(stderr, "%s: %s: no ttyslot\n", progname, pctty);
} else if (-1 == lseek(fdUtmp, (off_t) (iPos * sizeof(utmp)), 0)) {
fprintf(stderr, "%s: lseek: %s\n", progname, strerror(errno));
} else {
(void)write(fdUtmp, (char *)&utmp, sizeof(utmp));
}
(void)close(fdUtmp);
}
void
usage()
usage(void)
{
char *u_pch;
int u_loop;
char *u_pch;
int u_loop;
for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
fprintf(stdout, "%s: usage%s\n", progname, u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
fprintf(stdout, "%s\n", u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
fprintf(stdout, "%s: usage%s\n", progname, u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
fprintf(stdout, "%s\n", u_pch);
}
}

2
autologin/autologin.m
View File

@ -1,7 +1,7 @@
# mkcmd parser for autologin program
%%
static char *rcsid =
"$Id: autologin.m,v 1.2 92/07/28 13:18:34 ksb Exp $";
"$Id: autologin.m,v 1.1 2003/11/04 02:36:24 bryan Exp $";
%%
integer variable "iErrs" {

15
autologin/autologin.man
View File

@ -1,4 +1,4 @@
.\" $Id: autologin.man,v 1.3 93/03/16 16:41:45 ksb Exp $
.\" $Id: autologin.man,v 1.2 2004/03/23 18:32:06 bryan Exp $
.TH AUTOLOGIN 8L PUCC
.SH NAME
autologin \- create an automatic login session from /etc/inittab
@ -112,12 +112,21 @@ environment variable set to
ss10:2:respawn:/usr/local/etc/autologin \-e TERM=reg20 \-t/dev/tty10 \-lssinfo
.ad
.PP
Adding the following line to \fI/etc/ttytab\fP on a Sun 4.1.\fIx\fP
Adding the following line to
.I /etc/ttytab
on a Sun
.RI 4.1. x
machine establishes a root login on the console device:
.br
.na
console "/usr/local/etc/autologin \-lroot \-t" xterm on local secure
.ad
Note that \fIinit\fP provides the \fItty\fP argument on the end of the command.
.PP
Note that
.I init
provides the
.I tty
argument on the end of the command.
.SH FILES
/bin/su
.br

280
autologin/main.c
View File

@ -13,174 +13,172 @@
#ifndef HAVE_GETOPT
static int
optopt; /* character checked for validity */
optopt; /* character checked for validity */
/* get option letter from argument vector, also does -number correctly
* for nice, xargs, and stuff (these extras by ksb)
* does +arg if you give a last argument of "+", else give (char *)0
*/
static int
getopt(nargc, nargv, ostr)
int nargc;
char **nargv, *ostr;
getopt(int nargc, char **nargv, char *ostr)
{
register char *oli; /* option letter list index */
static char EMSG[] = ""; /* just a null place */
static char *place = EMSG; /* option letter processing */
register char *oli; /* option letter list index */
static char EMSG[] = ""; /* just a null place */
static char *place = EMSG; /* option letter processing */
if ('\000' == *place) { /* update scanning pointer */
if (optind >= nargc)
return EOF;
if (nargv[optind][0] != '-') {
register int iLen;
return EOF;
}
place = nargv[optind];
if ('\000' == *++place) /* "-" (stdin) */
return EOF;
if (*place == '-' && '\000' == place[1]) {
/* found "--" */
++optind;
return EOF;
}
} /* option letter okay? */
/* if we find the letter, (not a `:')
* or a digit to match a # in the list
*/
if ((optopt = *place++) == ':' ||
((char *)0 == (oli = strchr(ostr,optopt)) &&
(!(isdigit(optopt)||'-'==optopt) || (char *)0 == (oli = strchr(ostr, '#'))))) {
if(!*place) ++optind;
return('?');
if ('\000' == *place) { /* update scanning pointer */
if (optind >= nargc)
return EOF;
if (nargv[optind][0] != '-') {
register int iLen;
return EOF;
}
if ('#' == *oli) { /* accept as -digits */
optarg = place -1;
++optind;
place = EMSG;
return '#';
place = nargv[optind];
if ('\000' == *++place) /* "-" (stdin) */
return EOF;
if (*place == '-' && '\000' == place[1]) {
/* found "--" */
++optind;
return EOF;
}
if (*++oli != ':') { /* don't need argument */
optarg = NULL;
if ('\000' == *place)
++optind;
} else { /* need an argument */
if (*place) { /* no white space */
optarg = place;
} else if (nargc <= ++optind) { /* no arg!! */
place = EMSG;
return '*';
} else {
optarg = nargv[optind]; /* white space */
}
place = EMSG;
++optind;
}
/* option letter okay? */
/* if we find the letter, (not a `:')
* or a digit to match a # in the list
*/
if ((optopt = *place++) == ':' ||
((char *)0 == (oli = strchr(ostr, optopt)) &&
(!(isdigit(optopt) || '-' == optopt) ||
(char *)0 == (oli = strchr(ostr, '#'))))) {
if (!*place)
++optind;
return ('?');
}
if ('#' == *oli) { /* accept as -digits */
optarg = place - 1;
++optind;
place = EMSG;
return '#';
}
if (*++oli != ':') { /* don't need argument */
optarg = NULL;
if ('\000' == *place)
++optind;
} else { /* need an argument */
if (*place) { /* no white space */
optarg = place;
} else if (nargc <= ++optind) { /* no arg!! */
place = EMSG;
return '*';
} else {
optarg = nargv[optind]; /* white space */
}
return optopt; /* dump back option letter */
place = EMSG;
++optind;
}
return optopt; /* dump back option letter */
}
#endif /* ! HAVE_GETOPT */
char
*progname = "$Id$",
*au_terse[] = {
" [-u] [-c cmd] [-e env=value] [-g group] [-l login] [-t tty]",
" -h",
" -V",
(char *)0
},
*u_help[] = {
"c cmd command to run",
"e env=value environment variable to set",
"g group initial group",
"h print this help message",
"l login login name",
"t tty attach to this terminal",
"u do no make utmp entry",
"V show version information",
(char *)0
},
*pcCommand = (char *)0,
*pcGroup = (char *)0,
*pcLogin = (char *)0,
*pcTty = (char *)0;
*progname =
"$Id: main.c,v 1.3 2014/04/20 06:45:07 bryan Exp $", *au_terse[] = {
" [-u] [-c cmd] [-e env=value] [-g group] [-l login] [-t tty]",
" -h",
" -V",
(char *)0
}, *u_help[] = {
"c cmd command to run",
"e env=value environment variable to set",
"g group initial group",
"h print this help message",
"l login login name",
"t tty attach to this terminal",
"u do no make utmp entry",
"V show version information", (char *)0}, *pcCommand =
(char *)0, *pcGroup = (char *)0, *pcLogin = (char *)0, *pcTty =
(char *)0;
int
fMakeUtmp = 1,
iErrs = 0;
fMakeUtmp = 1, iErrs = 0;
#ifndef u_terse
#define u_terse (au_terse[0])
# define u_terse (au_terse[0])
#endif
static char *rcsid =
"$Id: autologin.m,v 1.2 92/07/28 13:18:34 ksb Exp $";
static char *rcsid = "$Id: main.c,v 1.3 2014/04/20 06:45:07 bryan Exp $";
/*
* parser
*/
int
main(argc, argv)
int argc;
char **argv;
main(int argc, char **argv)
{
static char
sbOpt[] = "c:e:g:hl:t:uV",
*u_pch = (char *)0;
static int
u_loop = 0;
register int u_curopt;
extern int atoi();
static char
sbOpt[] = "c:e:g:hl:t:uV", *u_pch = (char *)0;
static int
u_loop = 0;
register int u_curopt;
extern int atoi();
progname = strrchr(argv[0], '/');
if ((char *)0 == progname)
progname = argv[0];
else
++progname;
while (EOF != (u_curopt = getopt(argc, argv, sbOpt))) {
switch (u_curopt) {
case '*':
fprintf(stderr, "%s: option `-%c\' needs a parameter\n", progname, optopt);
exit(1);
case '?':
fprintf(stderr, "%s: unknown option `-%c\', use `-h\' for help\n", progname, optopt);
exit(1);
case 'c':
pcCommand = optarg;
continue;
case 'e':
if (putenv(optarg) != 0) {
(void) fprintf(stderr, "%s: putenv(\"%s\"): failed\n", progname, optarg);
exit(1);
}
continue;
case 'g':
pcGroup = optarg;
continue;
case 'h':
for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
if ('\000' == *u_pch) {
fprintf(stdout, "%s: with no parameters\n", progname);
continue;
}
fprintf(stdout, "%s: usage%s\n", progname, u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
fprintf(stdout, "%s\n", u_pch);
}
exit(0);
case 'l':
pcLogin = optarg;
continue;
case 't':
pcTty = optarg;
continue;
case 'u':
fMakeUtmp = 0;
continue;
case 'V':
printf("%s: %s\n", progname, rcsid);
exit(0);
progname = strrchr(argv[0], '/');
if ((char *)0 == progname)
progname = argv[0];
else
++progname;
while (EOF != (u_curopt = getopt(argc, argv, sbOpt))) {
switch (u_curopt) {
case '*':
fprintf(stderr, "%s: option `-%c\' needs a parameter\n",
progname, optopt);
exit(1);
case '?':
fprintf(stderr,
"%s: unknown option `-%c\', use `-h\' for help\n",
progname, optopt);
exit(1);
case 'c':
pcCommand = optarg;
continue;
case 'e':
if (putenv(optarg) != 0) {
(void)fprintf(stderr, "%s: putenv(\"%s\"): failed\n",
progname, optarg);
exit(1);
}
break;
continue;
case 'g':
pcGroup = optarg;
continue;
case 'h':
for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]);
++u_loop) {
if ('\000' == *u_pch) {
fprintf(stdout, "%s: with no parameters\n",
progname);
continue;
}
fprintf(stdout, "%s: usage%s\n", progname, u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]);
++u_loop) {
fprintf(stdout, "%s\n", u_pch);
}
exit(0);
case 'l':
pcLogin = optarg;
continue;
case 't':
pcTty = optarg;
continue;
case 'u':
fMakeUtmp = 0;
continue;
case 'V':
printf("%s: %s\n", progname, rcsid);
exit(0);
}
Process();
exit(iErrs);
break;
}
Process();
exit(iErrs);
}

3
autologin/main.h
View File

@ -4,7 +4,7 @@
extern char *progname, *au_terse[4], *u_help[9];
#ifndef u_terse
#define u_terse (au_terse[0])
# define u_terse (au_terse[0])
#endif
extern int main();
extern int fMakeUtmp, iErrs;
@ -12,4 +12,3 @@ extern char *pcCommand, *pcGroup, *pcLogin, *pcTty;
/* from std_help.m */
/* from std_version.m */
/* from autologin.m */

146
compat.h
View File

@ -1,5 +1,19 @@
#include <config.h>
/* things everything seems to need */
#include <stdio.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <netinet/in.h>
#include <sys/un.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <ctype.h>
#include <signal.h>
/* If, when processing a logfile for replaying the last N lines,
* we end up seeing more than MAXREPLAYLINELEN characters in a line,
* abort processing and display the data. Why? There could be some
@ -21,18 +35,29 @@
# define DEFESC 'c'
#endif
/* set the default length of the replay functions
* DEFREPLAY for 'r'
* DEFPLAYBACK for 'p'
*/
#if !defined(DEFREPLAY)
# define DEFREPLAY 20
#endif
#if !defined(PLAYBACK)
# define DEFPLAYBACK 60
#endif
/* For legacy compile-time setting of the port...
*/
#if ! defined(DEFPORT)
# if defined(SERVICENAME)
# define DEFPORT SERVICENAME
# if defined(SERVICENAME)
# define DEFPORT SERVICENAME
# else
# if defined(PORTNUMBER)
# define DEFPORT PORTNUMBER
# else
# if defined(PORTNUMBER)
# define DEFPORT PORTNUMBER
# else
# define DEFPORT "conserver"
# endif
# define DEFPORT "conserver"
# endif
# endif
#endif
#if STDC_HEADERS
@ -76,14 +101,16 @@ typedef long fd_set;
# include <sys/ioctl_compat.h>
#endif
#ifdef HAVE_TERMIOS_H
# include <termios.h> /* POSIX */
#else
# ifdef HAVE_TERMIO_H
# include <termio.h> /* SysV */
#include <termios.h>
#ifndef TAB3
# ifdef OXTABS
# define TAB3 OXTABS
# else
# ifdef HAVE_SGTTY_H
# include <sgtty.h> /* BSD */
# ifdef XTABS
# define TAB3 XTABS
# else
# define TAB3 0
# endif
# endif
#endif
@ -102,7 +129,7 @@ typedef long fd_set;
#endif
#if HAVE_TYPES_H
#include <sys/types.h>
# include <sys/types.h>
#endif
#if HAVE_SYS_WAIT_H
@ -111,30 +138,30 @@ typedef long fd_set;
#define LO(s) ((unsigned)((s) & 0377))
#define HI(s) ((unsigned)(((s) >> 8) & 0377))
#if !defined(WIFEXITED)
#define WIFEXITED(s) (LO(s)==0)
# define WIFEXITED(s) (LO(s)==0)
#endif
#if !defined(WEXITSTATUS)
#define WEXITSTATUS(s) HI(s)
# define WEXITSTATUS(s) HI(s)
#endif
#if !defined(WIFSIGNALED)
#define WIFSIGNALED(s) ((LO(s)>0)&&(HI(s)==0))
# define WIFSIGNALED(s) ((LO(s)>0)&&(HI(s)==0))
#endif
#if !defined(WTERMSIG)
#define WTERMSIG(s) (LO(s)&0177)
# define WTERMSIG(s) (LO(s)&0177)
#endif
#if !defined(WIFSTOPPED)
#define WIFSTOPPED(s) ((LO(s)==0177)&&(HI(s)!=0))
# define WIFSTOPPED(s) ((LO(s)==0177)&&(HI(s)!=0))
#endif
#if !defined(WSTOPSIG)
#define WSTOPSIG(s) HI(s)
# define WSTOPSIG(s) HI(s)
#endif
#if HAVE_SYSEXITS_H
#include <sysexits.h>
# include <sysexits.h>
#else
#define EX_OK 0
#define EX_UNAVAILABLE 69
#define EX_TEMPFAIL 75
# define EX_OK 0
# define EX_UNAVAILABLE 69
# define EX_TEMPFAIL 75
#endif
#include <errno.h>
@ -208,7 +235,19 @@ extern char *h_errlist[];
#endif
#ifdef HAVE_USERSEC_H
#include <usersec.h>
# include <usersec.h>
#endif
#ifdef HAVE_PTY_H
# include <pty.h>
#endif
#ifdef HAVE_LIBUTIL_H
# include <libutil.h>
#endif
#ifdef HAVE_UTIL_H
# include <util.h>
#endif
@ -241,45 +280,66 @@ typedef int socklen_t;
* as legacy definitions.
*/
#ifndef IUCLC
#define IUCLC 0
# define IUCLC 0
#endif
#ifndef OLCUC
#define OLCUC 0
# define OLCUC 0
#endif
#ifndef XCASE
#define XCASE 0
# define XCASE 0
#endif
/* Some systems don't have OFILL or *DLY. */
#ifndef OFILL
#define OFILL 0
# define OFILL 0
#endif
#ifndef NLDLY
#define NLDLY 0
# define NLDLY 0
#endif
#ifndef CRDLY
#define CRDLY 0
# define CRDLY 0
#endif
#ifndef TABDLY
#define TABDLY 0
# define TABDLY 0
#endif
#ifndef BSDLY
#define BSDLY 0
# define BSDLY 0
#endif
#ifndef ONOCR
#define ONOCR 0
# define ONOCR 0
#endif
#ifndef ONLRET
#define ONLRET 0
# define ONLRET 0
#endif
#ifndef PARAMS
# if PROTOTYPES
# define PARAMS(protos) protos
# else /* no PROTOTYPES */
# define PARAMS(protos) ()
# endif /* no PROTOTYPES */
#ifndef SEEK_SET
# define SEEK_SET L_SET
#endif
/* setup a conditional debugging line */
#ifndef CONDDEBUG
# define CONDDEBUG(line) if (fDebug) {debugFileName=__FILE__; debugLineNo=__LINE__; Debug line;}
#endif
#if HAVE_DMALLOC
#include <dmalloc.h>
# include <dmalloc.h>
#endif
#if HAVE_FREEIPMI
# include <ipmiconsole.h>
#endif
#ifndef INADDR_STYPE
# if USE_IPV6
# define INADDR_STYPE struct sockaddr_storage
# else
# define INADDR_STYPE struct in_addr
# endif
#endif
#ifndef SOCKADDR_STYPE
# if USE_IPV6
# define SOCKADDR_STYPE struct sockaddr_storage
# else
# define SOCKADDR_STYPE struct sockaddr_in
# endif
#endif

873
config.guess vendored
View File

File diff suppressed because it is too large Load Diff

153
config.h.in
View File

@ -1,5 +1,8 @@
/* config.h.in. Generated from configure.in by autoheader. */
/* Client config file path */
#undef CLIENTCONFIGFILE
/* Config file path */
#undef CONFIGFILE
@ -15,6 +18,9 @@
/* Socket used to communicate */
#undef DEFPORT
/* Defined if building for a Cyclades TS */
#undef FOR_CYCLADES_TS
/* Define to 1 if you have the `bigcrypt' function. */
#undef HAVE_BIGCRYPT
@ -27,6 +33,9 @@
/* have dmalloc support */
#undef HAVE_DMALLOC
/* have freeipmi support */
#undef HAVE_FREEIPMI
/* Define to 1 if you have the `getaudit' function. */
#undef HAVE_GETAUDIT
@ -45,9 +54,6 @@
/* Define to 1 if you have the <getopt.h> header file. */
#undef HAVE_GETOPT_H
/* Define to 1 if you have the `getpassphrase' function. */
#undef HAVE_GETPASSPHRASE
/* Define to 1 if you have the `getprpwnam' function. */
#undef HAVE_GETPRPWNAM
@ -60,6 +66,9 @@
/* Define to 1 if you have the `getspnam' function. */
#undef HAVE_GETSPNAM
/* Define to 1 if you have the `gettimeofday' function. */
#undef HAVE_GETTIMEOFDAY
/* Define to 1 if you have the `getuserattr' function. */
#undef HAVE_GETUSERATTR
@ -69,9 +78,15 @@
/* Define to 1 if you have the `grantpt' function. */
#undef HAVE_GRANTPT
/* have gss-api support */
#undef HAVE_GSSAPI
/* Define to 1 if you have the <hpsecurity.h> header file. */
#undef HAVE_HPSECURITY_H
/* Define to 1 if you have the `inet_aton' function. */
#undef HAVE_INET_ATON
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
@ -87,6 +102,12 @@
/* Define to 1 if you have the `sec' library (-lsec). */
#undef HAVE_LIBSEC
/* Define to 1 if you have the `util' library (-lutil). */
#undef HAVE_LIBUTIL
/* Define to 1 if you have the <libutil.h> header file. */
#undef HAVE_LIBUTIL_H
/* Define to 1 if you have the `xnet' library (-lxnet). */
#undef HAVE_LIBXNET
@ -96,30 +117,39 @@
/* Define to 1 if you have the `memcpy' function. */
#undef HAVE_MEMCPY
/* Define to 1 if you have the `memmove' function. */
#undef HAVE_MEMMOVE
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define to 1 if you have the `memset' function. */
#undef HAVE_MEMSET
/* Define to 1 if you have the `openpty' function. */
#undef HAVE_OPENPTY
/* have openssl support */
#undef HAVE_OPENSSL
/* have PAM support */
#undef HAVE_PAM
/* have POSIX regcomp */
#undef HAVE_POSIX_REGCOMP
/* Define to 1 if you have the <prot.h> header file. */
#undef HAVE_PROT_H
/* Define to 1 if you have the `ptsname' function. */
#undef HAVE_PTSNAME
/* Define to 1 if you have the <pty.h> header file. */
#undef HAVE_PTY_H
/* Define to 1 if you have the `putenv' function. */
#undef HAVE_PUTENV
/* Defined if sa_len member exists in struct sockaddr */
#undef HAVE_SA_LEN
/* Define to 1 if you have the `setgroups' function. */
#undef HAVE_SETGROUPS
@ -129,6 +159,9 @@
/* Define to 1 if you have the `setpgrp' function. */
#undef HAVE_SETPGRP
/* Define to 1 if you have the `setproctitle' function. */
#undef HAVE_SETPROCTITLE
/* Define to 1 if you have the `setsid' function. */
#undef HAVE_SETSID
@ -141,9 +174,6 @@
/* Define to 1 if you have the `setvbuf' function. */
#undef HAVE_SETVBUF
/* Define to 1 if you have the <sgtty.h> header file. */
#undef HAVE_SGTTY_H
/* Define to 1 if you have the <shadow.h> header file. */
#undef HAVE_SHADOW_H
@ -174,6 +204,9 @@
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
/* Define to 1 if you have the `strlcpy' function. */
#undef HAVE_STRLCPY
/* Define to 1 if you have the <stropts.h> header file. */
#undef HAVE_STROPTS_H
@ -192,6 +225,9 @@
/* Define to 1 if you have the <sys/ioctl.h> header file. */
#undef HAVE_SYS_IOCTL_H
/* Define to 1 if you have the <sys/param.h> header file. */
#undef HAVE_SYS_PARAM_H
/* Define to 1 if you have the <sys/proc.h> header file. */
#undef HAVE_SYS_PROC_H
@ -201,6 +237,9 @@
/* Define to 1 if you have the <sys/select.h> header file. */
#undef HAVE_SYS_SELECT_H
/* Define to 1 if you have the <sys/sockio.h> header file. */
#undef HAVE_SYS_SOCKIO_H
/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H
@ -216,6 +255,9 @@
/* Define to 1 if you have the <sys/uio.h> header file. */
#undef HAVE_SYS_UIO_H
/* Define to 1 if you have the <sys/un.h> header file. */
#undef HAVE_SYS_UN_H
/* Define to 1 if you have the <sys/vlimit.h> header file. */
#undef HAVE_SYS_VLIMIT_H
@ -237,12 +279,6 @@
/* Define to 1 if you have the `tcsetpgrp' function. */
#undef HAVE_TCSETPGRP
/* Define to 1 if you have the <termios.h> header file. */
#undef HAVE_TERMIOS_H
/* Define to 1 if you have the <termio.h> header file. */
#undef HAVE_TERMIO_H
/* Define to 1 if you have the <ttyent.h> header file. */
#undef HAVE_TTYENT_H
@ -258,6 +294,9 @@
/* Define to 1 if you have the <usersec.h> header file. */
#undef HAVE_USERSEC_H
/* Define to 1 if you have the <util.h> header file. */
#undef HAVE_UTIL_H
/* Logfile path */
#undef LOGFILEPATH
@ -279,6 +318,9 @@
/* Define to the one symbol short name of this package. */
#undef PACKAGE_TARNAME
/* Define to the home page for this package. */
#undef PACKAGE_URL
/* Define to the version of this package. */
#undef PACKAGE_VERSION
@ -288,40 +330,89 @@
/* pidfile to write to */
#undef PIDFILE
/* Define to 1 if the C compiler supports function prototypes. */
#undef PROTOTYPES
/* Defined if client requires server SSL certificate */
#undef REQ_SERVER_CERT
/* Define as the return type of signal handlers (`int' or `void'). */
#undef RETSIGTYPE
/* Define to 1 if the `setpgrp' function takes no argument. */
#undef SETPGRP_VOID
/* The size of a `long', as computed by sizeof. */
#undef SIZEOF_LONG
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
/* retry username without @REALM with gss-api authentication */
#undef STRIP_REALM
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
#undef TIME_WITH_SYS_TIME
/* Defined if we trust reverse DNS */
#undef TRUST_REVERSE_DNS
/* Defined if we trust credentials from UDS client */
#undef TRUST_UDS_CRED
/* Directory for Unix domain sockets */
#undef UDSDIR
/* Defined to UDS credential socket option */
#undef UDS_CRED_SO
/* Defined to UDS credential structure name */
#undef UDS_CRED_STYPE
/* Defined to UDS credential structure uid field */
#undef UDS_CRED_UID
/* Defined if we produce extended messages */
#undef USE_EXTENDED_MESSAGES
/* Defined if building with IPv6 support */
#undef USE_IPV6
/* use tcp_wrappers libwrap */
#undef USE_LIBWRAP
/* Define to 1 if on AIX 3.
System headers sometimes define this.
We just want to avoid a redefinition error message. */
/* Enable extensions on AIX 3, Interix. */
#ifndef _ALL_SOURCE
# undef _ALL_SOURCE
#endif
/* Enable GNU extensions on systems that have them. */
#ifndef _GNU_SOURCE
# undef _GNU_SOURCE
#endif
/* Enable threading extensions on Solaris. */
#ifndef _POSIX_PTHREAD_SEMANTICS
# undef _POSIX_PTHREAD_SEMANTICS
#endif
/* Enable extensions on HP NonStop. */
#ifndef _TANDEM_SOURCE
# undef _TANDEM_SOURCE
#endif
/* Enable general extensions on Solaris. */
#ifndef __EXTENSIONS__
# undef __EXTENSIONS__
#endif
/* Define like PROTOTYPES; this can be used by system headers. */
#undef __PROTOTYPES
/* Defined if we use Unix domain sockets */
#undef USE_UNIX_DOMAIN_SOCKETS
/* Define to 1 if on MINIX. */
#undef _MINIX
/* Define to 2 if the system does not provide POSIX.1 features except with
this defined. */
#undef _POSIX_1_SOURCE
/* Define to 1 if you need to in order for `stat' and other things to work. */
#undef _POSIX_SOURCE
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
/* Define to `int' if <sys/types.h> doesn't define. */
#undef gid_t
/* Define to `int' if <sys/types.h> does not define. */
#undef mode_t
@ -330,3 +421,9 @@
/* Define if <signal.h> does not define sig_atomic_t */
#undef sig_atomic_t
/* Define to `unsigned int' if <sys/types.h> does not define. */
#undef size_t
/* Define to `int' if <sys/types.h> doesn't define. */
#undef uid_t

330
config.sub vendored
View File

@ -1,9 +1,10 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002 Free Software Foundation, Inc.
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
# Free Software Foundation, Inc.
timestamp='2002-09-05'
timestamp='2008-01-16'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@ -21,14 +22,15 @@ timestamp='2002-09-05'
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
# 02110-1301, USA.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# Please send patches to <config-patches@gnu.org>. Submit a context
# diff and a properly formatted ChangeLog entry.
#
@ -70,8 +72,8 @@ Report bugs and patches to <config-patches@gnu.org>."
version="\
GNU config.sub ($timestamp)
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
Free Software Foundation, Inc.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@ -83,11 +85,11 @@ Try \`$me --help' for more information."
while test $# -gt 0 ; do
case $1 in
--time-stamp | --time* | -t )
echo "$timestamp" ; exit 0 ;;
echo "$timestamp" ; exit ;;
--version | -v )
echo "$version" ; exit 0 ;;
echo "$version" ; exit ;;
--help | --h* | -h )
echo "$usage"; exit 0 ;;
echo "$usage"; exit ;;
-- ) # Stop option processing
shift; break ;;
- ) # Use stdin as input.
@ -99,7 +101,7 @@ while test $# -gt 0 ; do
*local*)
# First pass through any local machine types.
echo $1
exit 0;;
exit ;;
* )
break ;;
@ -118,7 +120,9 @@ esac
# Here we must recognize all the valid KERNEL-OS combinations.
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
case $maybe_os in
nto-qnx* | linux-gnu* | freebsd*-gnu* | storm-chaos* | os2-emx* | windows32-* | rtmk-nova*)
nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
storm-chaos* | os2-emx* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;;
@ -144,7 +148,7 @@ case $os in
-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-apple | -axis)
-apple | -axis | -knuth | -cray)
os=
basic_machine=$1
;;
@ -169,6 +173,10 @@ case $os in
-hiux*)
os=-hiuxwe2
;;
-sco6)
os=-sco5v6
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco5)
os=-sco3.2v5
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
@ -185,6 +193,10 @@ case $os in
# Don't forget version if it is 3.2v4 or newer.
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco5v6*)
# Don't forget version if it is 3.2v4 or newer.
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco*)
os=-sco3.2v2
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
@ -228,14 +240,17 @@ case $basic_machine in
| a29k \
| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
| clipper \
| am33_2.0 \
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
| bfin \
| c4x | clipper \
| d10v | d30v | dlx | dsp16xx \
| fr30 | frv \
| fido | fr30 | frv \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k \
| m32r | m68000 | m68k | m88k | mcore \
| ip2k | iq2000 \
| m32c | m32r | m32rle | m68000 | m68k | m88k \
| maxq | mb | microblaze | mcore | mep \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mips16 \
| mips64 | mips64el \
@ -244,25 +259,33 @@ case $basic_machine in
| mips64vr4100 | mips64vr4100el \
| mips64vr4300 | mips64vr4300el \
| mips64vr5000 | mips64vr5000el \
| mips64vr5900 | mips64vr5900el \
| mipsisa32 | mipsisa32el \
| mipsisa32r2 | mipsisa32r2el \
| mipsisa64 | mipsisa64el \
| mipsisa64r2 | mipsisa64r2el \
| mipsisa64sb1 | mipsisa64sb1el \
| mipsisa64sr71k | mipsisa64sr71kel \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
| mt \
| msp430 \
| nios | nios2 \
| ns16k | ns32k \
| openrisc | or32 \
| or32 \
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
| sh | sh[1234] | sh3e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
| score \
| sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \
| strongarm \
| tahoe | thumb | tic80 | tron \
| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
| spu | strongarm \
| tahoe | thumb | tic4x | tic80 | tron \
| v850 | v850e \
| we32k \
| x86 | xscale | xstormy16 | xtensa \
| x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
| z8k)
basic_machine=$basic_machine-unknown
;;
@ -273,6 +296,9 @@ case $basic_machine in
;;
m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
;;
ms1)
basic_machine=mt-unknown
;;
# We use `pc' rather than `unknown'
# because (1) that's what they normally are, and
@ -292,20 +318,20 @@ case $basic_machine in
| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
| avr-* \
| bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* \
| clipper-* | cydra-* \
| avr-* | avr32-* \
| bfin-* | bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
| clipper-* | craynv-* | cydra-* \
| d10v-* | d30v-* | dlx-* \
| elxsi-* \
| f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
| h8300-* | h8500-* \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* \
| m32r-* \
| ip2k-* | iq2000-* \
| m32c-* | m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
| m88110-* | m88k-* | mcore-* \
| m88110-* | m88k-* | maxq-* | mcore-* \
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
| mips16-* \
| mips64-* | mips64el-* \
@ -314,29 +340,43 @@ case $basic_machine in
| mips64vr4100-* | mips64vr4100el-* \
| mips64vr4300-* | mips64vr4300el-* \
| mips64vr5000-* | mips64vr5000el-* \
| mips64vr5900-* | mips64vr5900el-* \
| mipsisa32-* | mipsisa32el-* \
| mipsisa32r2-* | mipsisa32r2el-* \
| mipsisa64-* | mipsisa64el-* \
| mipsisa64r2-* | mipsisa64r2el-* \
| mipsisa64sb1-* | mipsisa64sb1el-* \
| mipsisa64sr71k-* | mipsisa64sr71kel-* \
| mipstx39 | mipstx39el \
| mipstx39-* | mipstx39el-* \
| mmix-* \
| mt-* \
| msp430-* \
| nios-* | nios2-* \
| none-* | np1-* | ns16k-* | ns32k-* \
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
| pyramid-* \
| romp-* | rs6000-* \
| sh-* | sh[1234]-* | sh3e-* | sh[34]eb-* | shbe-* \
| sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
| sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* | tic30-* | tic4x-* | tic54x-* | tic80-* | tron-* \
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
| sparclite-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
| tron-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
| x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
| xtensa-* \
| x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
| xstormy16-* | xtensa*-* \
| ymp-* \
| z8k-*)
;;
# Recognize the basic CPU types without company name, with glob match.
xtensa*)
basic_machine=$basic_machine-unknown
;;
# Recognize the various machine names and aliases which stand
# for a CPU type and a company and sometimes even an OS.
386bsd)
@ -353,6 +393,9 @@ case $basic_machine in
basic_machine=a29k-amd
os=-udi
;;
abacus)
basic_machine=abacus-unknown
;;
adobe68k)
basic_machine=m68010-adobe
os=-scout
@ -367,6 +410,12 @@ case $basic_machine in
basic_machine=a29k-none
os=-bsd
;;
amd64)
basic_machine=x86_64-pc
;;
amd64-*)
basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
amdahl)
basic_machine=580-amdahl
os=-sysv
@ -398,6 +447,14 @@ case $basic_machine in
basic_machine=ns32k-sequent
os=-dynix
;;
blackfin)
basic_machine=bfin-unknown
os=-linux
;;
blackfin-*)
basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
os=-linux
;;
c90)
basic_machine=c90-cray
os=-unicos
@ -426,12 +483,27 @@ case $basic_machine in
basic_machine=j90-cray
os=-unicos
;;
craynv)
basic_machine=craynv-cray
os=-unicosmp
;;
cr16)
basic_machine=cr16-unknown
os=-elf
;;
crds | unos)
basic_machine=m68k-crds
;;
crisv32 | crisv32-* | etraxfs*)
basic_machine=crisv32-axis
;;
cris | cris-* | etrax*)
basic_machine=cris-axis
;;
crx)
basic_machine=crx-unknown
os=-elf
;;
da30 | da30-*)
basic_machine=m68k-da30
;;
@ -454,6 +526,10 @@ case $basic_machine in
basic_machine=m88k-motorola
os=-sysv3
;;
djgpp)
basic_machine=i586-pc
os=-msdosdjgpp
;;
dpx20 | dpx20-*)
basic_machine=rs6000-bull
os=-bosx
@ -604,6 +680,14 @@ case $basic_machine in
basic_machine=m68k-isi
os=-sysv
;;
m68knommu)
basic_machine=m68k-unknown
os=-linux
;;
m68knommu-*)
basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'`
os=-linux
;;
m88k-omron*)
basic_machine=m88k-omron
;;
@ -619,6 +703,10 @@ case $basic_machine in
basic_machine=i386-pc
os=-mingw32
;;
mingw32ce)
basic_machine=arm-unknown
os=-mingw32ce
;;
miniframe)
basic_machine=m68000-convergent
;;
@ -632,10 +720,6 @@ case $basic_machine in
mips3*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
;;
mmix*)
basic_machine=mmix-knuth
os=-mmixware
;;
monitor)
basic_machine=m68k-rom68k
os=-coff
@ -648,6 +732,9 @@ case $basic_machine in
basic_machine=i386-pc
os=-msdos
;;
ms1-*)
basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
;;
mvs)
basic_machine=i370-ibm
os=-mvs
@ -723,9 +810,12 @@ case $basic_machine in
basic_machine=hppa1.1-oki
os=-proelf
;;
or32 | or32-*)
openrisc | openrisc-*)
basic_machine=or32-unknown
os=-coff
;;
os400)
basic_machine=powerpc-ibm
os=-os400
;;
OSE68000 | ose68000)
basic_machine=m68000-ericsson
@ -743,6 +833,14 @@ case $basic_machine in
basic_machine=i860-intel
os=-osf
;;
parisc)
basic_machine=hppa-unknown
os=-linux
;;
parisc-*)
basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'`
os=-linux
;;
pbd)
basic_machine=sparc-tti
;;
@ -752,24 +850,36 @@ case $basic_machine in
pc532 | pc532-*)
basic_machine=ns32k-pc532
;;
pc98)
basic_machine=i386-pc
;;
pc98-*)
basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
pentium | p5 | k5 | k6 | nexgen | viac3)
basic_machine=i586-pc
;;
pentiumpro | p6 | 6x86 | athlon | athlon_*)
basic_machine=i686-pc
;;
pentiumii | pentium2)
pentiumii | pentium2 | pentiumiii | pentium3)
basic_machine=i686-pc
;;
pentium4)
basic_machine=i786-pc
;;
pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
pentiumpro-* | p6-* | 6x86-* | athlon-*)
basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
pentiumii-* | pentium2-*)
pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
pentium4-*)
basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
pn)
basic_machine=pn-gould
;;
@ -802,6 +912,10 @@ case $basic_machine in
basic_machine=i586-unknown
os=-pw32
;;
rdos)
basic_machine=i386-pc
os=-rdos
;;
rom68k)
basic_machine=m68k-rom68k
os=-coff
@ -828,6 +942,14 @@ case $basic_machine in
sb1el)
basic_machine=mipsisa64sb1el-unknown
;;
sde)
basic_machine=mipsisa32-sde
os=-elf
;;
sei)
basic_machine=mips-sei
os=-seiux
;;
sequent)
basic_machine=i386-sequent
;;
@ -835,6 +957,12 @@ case $basic_machine in
basic_machine=sh-hitachi
os=-hms
;;
sh5el)
basic_machine=sh5le-unknown
;;
sh64)
basic_machine=sh64-unknown
;;
sparclite-wrs | simso-wrs)
basic_machine=sparclite-wrs
os=-vxworks
@ -901,10 +1029,6 @@ case $basic_machine in
basic_machine=i386-sequent
os=-dynix
;;
t3d)
basic_machine=alpha-cray
os=-unicos
;;
t3e)
basic_machine=alphaev5-cray
os=-unicos
@ -913,14 +1037,22 @@ case $basic_machine in
basic_machine=t90-cray
os=-unicos
;;
tic4x | c4x*)
basic_machine=tic4x-unknown
os=-coff
;;
tic54x | c54x*)
basic_machine=tic54x-unknown
os=-coff
;;
tic55x | c55x*)
basic_machine=tic55x-unknown
os=-coff
;;
tic6x | c6x*)
basic_machine=tic6x-unknown
os=-coff
;;
tile*)
basic_machine=tile-unknown
os=-linux-gnu
;;
tx39)
basic_machine=mipstx39-unknown
;;
@ -934,6 +1066,10 @@ case $basic_machine in
tower | tower-32)
basic_machine=m68k-ncr
;;
tpf)
basic_machine=s390x-ibm
os=-tpf
;;
udi29k)
basic_machine=a29k-amd
os=-udi
@ -977,9 +1113,9 @@ case $basic_machine in
basic_machine=hppa1.1-winbond
os=-proelf
;;
windows32)
basic_machine=i386-pc
os=-windows32-msvcrt
xbox)
basic_machine=i686-pc
os=-mingw32
;;
xps | xps100)
basic_machine=xps100-honeywell
@ -1011,6 +1147,9 @@ case $basic_machine in
romp)
basic_machine=romp-ibm
;;
mmix)
basic_machine=mmix-knuth
;;
rs6000)
basic_machine=rs6000-ibm
;;
@ -1027,13 +1166,10 @@ case $basic_machine in
we32k)
basic_machine=we32k-att
;;
sh3 | sh4 | sh3eb | sh4eb | sh[1234]le | sh3ele)
sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
basic_machine=sh-unknown
;;
sh64)
basic_machine=sh64-unknown
;;
sparc | sparcv9 | sparcv9b)
sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
basic_machine=sparc-sun
;;
cydra)
@ -1106,18 +1242,23 @@ case $os in
| -aos* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \
| -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
| -openbsd* | -solidbsd* \
| -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* \
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \
| -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \
| -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
| -uxpv* | -beos* | -mpeix* | -udk* \
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* | -powermax*)
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
| -skyos* | -haiku* | -rdos* | -toppers* | -drops*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@ -1129,16 +1270,21 @@ case $os in
;;
esac
;;
-nto-qnx*)
;;
-nto*)
os=-nto-qnx
os=`echo $os | sed -e 's|nto|nto-qnx|'`
;;
-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
| -windows* | -osx | -abug | -netware* | -os9* | -beos* \
| -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \
| -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
;;
-mac*)
os=`echo $os | sed -e 's|mac|macos|'`
;;
-linux-dietlibc)
os=-linux-dietlibc
;;
-linux*)
os=`echo $os | sed -e 's|linux|linux-gnu|'`
;;
@ -1151,6 +1297,9 @@ case $os in
-opened*)
os=-openedition
;;
-os400*)
os=-os400
;;
-wince*)
os=-wince
;;
@ -1172,6 +1321,9 @@ case $os in
-atheos*)
os=-atheos
;;
-syllable*)
os=-syllable
;;
-386bsd)
os=-bsd
;;
@ -1194,6 +1346,9 @@ case $os in
-sinix*)
os=-sysv4
;;
-tpf*)
os=-tpf
;;
-triton*)
os=-sysv3
;;
@ -1224,6 +1379,15 @@ case $os in
-*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
os=-mint
;;
-aros*)
os=-aros
;;
-kaos*)
os=-kaos
;;
-zvmoe)
os=-zvmoe
;;
-none)
;;
*)
@ -1246,6 +1410,12 @@ else
# system, and we'll never get to this point.
case $basic_machine in
score-*)
os=-elf
;;
spu-*)
os=-elf
;;
*-acorn)
os=-riscix1.2
;;
@ -1255,6 +1425,9 @@ case $basic_machine in
arm*-semi)
os=-aout
;;
c4x-* | tic4x-*)
os=-coff
;;
# This must come before the *-dec entry.
pdp10-*)
os=-tops20
@ -1280,6 +1453,9 @@ case $basic_machine in
m68*-cisco)
os=-aout
;;
mep-*)
os=-elf
;;
mips*-cisco)
os=-elf
;;
@ -1298,9 +1474,15 @@ case $basic_machine in
*-be)
os=-beos
;;
*-haiku)
os=-haiku
;;
*-ibm)
os=-aix
;;
*-knuth)
os=-mmixware
;;
*-wec)
os=-proelf
;;
@ -1433,9 +1615,15 @@ case $basic_machine in
-mvs* | -opened*)
vendor=ibm
;;
-os400*)
vendor=ibm
;;
-ptx*)
vendor=sequent
;;
-tpf*)
vendor=ibm
;;
-vxsim* | -vxworks* | -windiss*)
vendor=wrs
;;
@ -1460,7 +1648,7 @@ case $basic_machine in
esac
echo $basic_machine$os
exit 0
exit
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)

10047
configure vendored
View File

File diff suppressed because it is too large Load Diff

564
configure.in
View File

@ -4,19 +4,33 @@ AH_TEMPLATE([DEFPORT], [Socket used to communicate])
AH_TEMPLATE([DEFBASEPORT], [Base socket used for secondary channel])
AH_TEMPLATE([MASTERHOST], [Hostname of console server])
AH_TEMPLATE([CONFIGFILE], [Config file path])
AH_TEMPLATE([CLIENTCONFIGFILE], [Client config file path])
AH_TEMPLATE([PASSWDFILE], [Password file path])
AH_TEMPLATE([LOGFILEPATH], [Logfile path])
AH_TEMPLATE([MAXMEMB], [Number of consoles per child process])
AH_TEMPLATE([CONNECTTIMEOUT], [TCP connection timeout])
AH_TEMPLATE([PIDFILE], [pidfile to write to])
AH_TEMPLATE([USE_LIBWRAP], [use tcp_wrappers libwrap])
AH_TEMPLATE([HAVE_POSIX_REGCOMP], [have POSIX regcomp])
dnl AH_TEMPLATE([HAVE_POSIX_REGCOMP], [have POSIX regcomp])
AH_TEMPLATE([HAVE_PAM], [have PAM support])
AH_TEMPLATE([HAVE_OPENSSL], [have openssl support])
AH_TEMPLATE([HAVE_GSSAPI], [have gss-api support])
AH_TEMPLATE([HAVE_FREEIPMI], [have freeipmi support])
AH_TEMPLATE([STRIP_REALM], [retry username without @REALM with gss-api authentication])
AH_TEMPLATE([HAVE_DMALLOC], [have dmalloc support])
AH_TEMPLATE([HAVE_SA_LEN],[Defined if sa_len member exists in struct sockaddr])
AH_TEMPLATE([TRUST_REVERSE_DNS],[Defined if we trust reverse DNS])
AH_TEMPLATE([USE_EXTENDED_MESSAGES],[Defined if we produce extended messages])
AH_TEMPLATE([USE_UNIX_DOMAIN_SOCKETS],[Defined if we use Unix domain sockets])
AH_TEMPLATE([USE_IPV6], [Defined if building with IPv6 support])
AH_TEMPLATE([UDSDIR], [Directory for Unix domain sockets])
AH_TEMPLATE([FOR_CYCLADES_TS], [Defined if building for a Cyclades TS])
AH_TEMPLATE([REQ_SERVER_CERT], [Defined if client requires server SSL certificate])
AH_TEMPLATE([TRUST_UDS_CRED], [Defined if we trust credentials from UDS client])
dnl ### Normal initialization. ######################################
AC_INIT
AC_PREREQ(2.59)
AC_CONFIG_SRCDIR([conserver/main.c])
AC_CONFIG_HEADER(config.h)
@ -31,15 +45,22 @@ AC_SUBST(MKDIR)
dnl ### Custom settings. ############################################
AC_MSG_CHECKING(whether to allow 64bit compilation)
AC_ARG_WITH(64bit,
AC_HELP_STRING([--with-64bit],[Allow 64bit compilation]),
[with_64bit=yes], [with_64bit=no])
AC_MSG_RESULT($with_64bit)
dnl AC_MSG_CHECKING(whether to allow 64bit compilation)
dnl AC_ARG_WITH(64bit,
dnl AC_HELP_STRING([--with-64bit],[Allow 64bit compilation]),
dnl [case "$withval" in
dnl yes)
dnl with_64bit=yes
dnl ;;
dnl *)
dnl with_64bit=no
dnl ;;
dnl esac], [with_64bit=no])
dnl AC_MSG_RESULT($with_64bit)
AC_MSG_CHECKING(for port number specification)
AC_ARG_WITH(port,
AC_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
AS_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(DEFPORT, "conserver")
@ -55,7 +76,7 @@ AC_ARG_WITH(port,
AC_MSG_CHECKING(for secondary channel base port)
AC_ARG_WITH(base,
AC_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
AS_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(DEFBASEPORT, "0")
@ -71,7 +92,7 @@ AC_ARG_WITH(base,
AC_MSG_CHECKING(for master conserver hostname)
AC_ARG_WITH(master,
AC_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
AS_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(MASTERHOST, "console")
@ -85,9 +106,29 @@ AC_ARG_WITH(master,
[AC_DEFINE_UNQUOTED(MASTERHOST, "console")
AC_MSG_RESULT('console')])
AC_MSG_CHECKING(for client configuration filename)
AC_ARG_WITH(ccffile,
AS_HELP_STRING([--with-ccffile=CFFILE],[Specify client config filename @<:@SYSCONFDIR/console.cf@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
AC_MSG_RESULT('$sysconfdir/console.cf')
;;
[[\\/]]* | ?:[[\\/]]* )
AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, ["$withval"])
AC_MSG_RESULT('$withval')
;;
*)
AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/$withval"])
AC_MSG_RESULT('$sysconfdir/$withval')
;;
esac],
[AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
AC_MSG_RESULT('$sysconfdir/console.cf')])
AC_MSG_CHECKING(for configuration filename)
AC_ARG_WITH(cffile,
AC_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
AS_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/conserver.cf"])
@ -107,7 +148,7 @@ AC_ARG_WITH(cffile,
AC_MSG_CHECKING(for password filename)
AC_ARG_WITH(pwdfile,
AC_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
AS_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/conserver.passwd"])
@ -127,7 +168,7 @@ AC_ARG_WITH(pwdfile,
AC_MSG_CHECKING(for log filename)
AC_ARG_WITH(logfile,
AC_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
AS_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(LOGFILEPATH, "/var/log/conserver")
@ -144,7 +185,7 @@ AC_ARG_WITH(logfile,
AC_SUBST(PIDFILE)
AC_MSG_CHECKING(for PID filename)
AC_ARG_WITH(pidfile,
AC_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
AS_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
[case "$withval" in
yes|no)
PIDFILE="/var/run/conserver.pid"
@ -159,7 +200,7 @@ AC_MSG_RESULT('$PIDFILE')
AC_MSG_CHECKING(for MAXMEMB setting)
AC_ARG_WITH(maxmemb,
AC_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
AS_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(MAXMEMB, 16)
@ -181,7 +222,7 @@ AC_ARG_WITH(maxmemb,
AC_MSG_CHECKING(for connect() timeout)
AC_ARG_WITH(timeout,
AC_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
AS_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
[if expr "$withval" : '[[0-9]]*$' >/dev/null 2>&1 &&
test "$withval" -gt 0 -a "$withval" -lt 300; then
AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, $withval)
@ -193,6 +234,61 @@ AC_ARG_WITH(timeout,
[AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, 10)
AC_MSG_RESULT(10)])
AC_MSG_CHECKING(whether to trust reverse DNS)
AC_ARG_WITH(trustrevdns,
AS_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
[case "$withval" in
yes)
AC_DEFINE(TRUST_REVERSE_DNS)
AC_MSG_RESULT(yes)
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
AC_MSG_CHECKING(whether to display extended messages)
AC_ARG_WITH(extmsgs,
AS_HELP_STRING([--with-extmsgs],[Produce extended messages]),
[case "$withval" in
yes)
AC_DEFINE(USE_EXTENDED_MESSAGES)
AC_MSG_RESULT(yes)
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
use_dash_r=no
AC_MSG_CHECKING(whether to use -R paths as well as -L)
AC_ARG_WITH(rpath,
AS_HELP_STRING([--with-rpath],[Use -R as well as -L for libraries]),
[case "$withval" in
yes|no)
AC_MSG_RESULT($withval)
use_dash_r=$withval
;;
*)
AC_MSG_RESULT(no)
;;
esac],
[AC_MSG_RESULT(no)])
AC_MSG_CHECKING(whether we are building for a Cyclades TS)
AC_ARG_WITH(cycladests,
AS_HELP_STRING([--with-cycladests],[(deprecated - noop) Build for a Cyclades TS]),
[case "$withval" in
yes)
AC_DEFINE(FOR_CYCLADES_TS)
AC_MSG_RESULT(yes)
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
dnl ### Check for compiler et al. ###################################
AC_PROG_CC
AC_PROG_INSTALL
@ -202,41 +298,39 @@ AC_PROG_MAKE_SET
dnl ### Compiler characteristics. ##################################
AC_AIX
AC_C_CONST
AC_C_PROTOTYPES
AC_CHECK_SIZEOF(long)
if test "$ac_cv_sizeof_long" -gt 4; then
if test "$with_64bit" != "yes"; then
AC_MSG_ERROR([cannot build on >32bit systems (to override use --with-64bit)])
else
AC_MSG_WARN([building a 64bit version of conserver - good luck!])
fi
fi
dnl AC_CHECK_SIZEOF(long)
dnl if test "$ac_cv_sizeof_long" -gt 4; then
dnl if test "$with_64bit" != "yes"; then
dnl AC_MSG_ERROR([cannot build on >32bit systems (to override use --with-64bit)])
dnl else
dnl AC_MSG_WARN([building a 64bit version of conserver - good luck!])
dnl fi
dnl fi
dnl ### Checks for header files. ###################################
AC_HEADER_STDC
AC_CHECK_HEADERS(sys/ioctl.h)
dnl ### POSIX terminal I/O
AC_CHECK_HEADERS(termios.h)
if test "$ac_cv_header_termios_h" != "yes"; then
dnl ### SysV terminal I/O
AC_CHECK_HEADERS(termio.h)
if test "$ac_cv_header_termio_h" != "yes"; then
dnl ### BSD terminal I/O
AC_CHECK_HEADERS(sgtty.h)
if test "$ac_cv_header_sgtty_h" != "yes"; then
AC_MSG_ERROR([no usable terminal interface detected])
fi
fi
AC_SYS_POSIX_TERMIOS
if test "$ac_cv_sys_posix_termios" != "yes"; then
AC_MSG_ERROR([POSIX termios interface required])
fi
AC_CHECK_HEADERS(unistd.h getopt.h sys/vlimit.h sys/resource.h ttyent.h sys/ttold.h sys/uio.h sys/proc.h sys/ioctl_compat.h usersec.h sys/select.h stropts.h sys/audit.h shadow.h sys/time.h crypt.h sysexits.h types.h)
AC_CHECK_HEADERS(unistd.h getopt.h sys/vlimit.h sys/resource.h ttyent.h sys/ttold.h sys/uio.h sys/ioctl_compat.h usersec.h sys/select.h stropts.h sys/audit.h shadow.h sys/time.h crypt.h sysexits.h types.h sys/sockio.h sys/param.h sys/un.h)
dnl sys/proc.h needs sys/param.h on openbsd, apparently
AC_CHECK_HEADERS(sys/proc.h, [], [],
[#if HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
])
AC_HEADER_TIME
AC_HEADER_SYS_WAIT
AC_TYPE_MODE_T
AC_TYPE_SIGNAL
AC_TYPE_PID_T
AC_TYPE_SIZE_T
AC_TYPE_UID_T
AC_CHECK_TYPE([sig_atomic_t],,
AC_DEFINE(sig_atomic_t, volatile int,
@ -250,6 +344,14 @@ AC_CHECK_TYPE([socklen_t],[AC_DEFINE(HAVE_SOCKLEN_T,1,
[Defined if socklen_t exists])],,[$ac_includes_default
#include <sys/socket.h>])
AC_MSG_CHECKING(for sa_len in struct sockaddr)
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>],
[struct sockaddr s; s.sa_len=0;],
[AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_SA_LEN)],
[AC_MSG_RESULT(no)])
dnl ### Host specific checks. ######################################
AC_CANONICAL_HOST
@ -272,13 +374,93 @@ AC_SEARCH_LIBS(crypt,crypt)
AC_SUBST(CONSLIBS)
AC_SUBST(CONSCPPFLAGS)
AC_SUBST(CONSLDFLAGS)
AC_MSG_CHECKING(whether to use Unix domain sockets)
cons_with_uds="NO"
AC_ARG_WITH(uds,
AS_HELP_STRING([--with-uds@<:@=DIR@:>@ ],
[Use Unix domain sockets for client/server communication @<:@/tmp/conserver@:>@]),
[case "$withval" in
yes)
AC_DEFINE_UNQUOTED(UDSDIR, "/tmp/conserver")
AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
AC_MSG_RESULT([/tmp/conserver])
cons_with_uds="YES"
;;
no)
AC_MSG_RESULT(no)
;;
*)
AC_DEFINE_UNQUOTED(UDSDIR, "$withval")
AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
AC_MSG_RESULT('$withval')
cons_with_uds="YES"
if expr "$withval" : '/' >/dev/null 2>&1; then
:
else
echo "*** WARNING *** you may have better success using a fully-qualified path"
echo "*** WARNING *** instead of '$withval'"
fi
;;
esac
if test $cons_with_uds = YES; then
AC_MSG_CHECKING(whether to trust UDS credentials)
AC_ARG_WITH(trust-uds-cred,
AS_HELP_STRING([--with-trust-uds-cred],[Trust UDS credentials obtained via socket]),
[case "$withval" in
yes)
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>],
[
struct ucred u;
u.uid = 0;
#if !defined(SO_PEERCRED)
#error "no SO_PEERCRED defined"
#endif
],
[AC_MSG_RESULT(yes)
AC_DEFINE(UDS_CRED_STYPE, ucred, [Defined to UDS credential structure name])
AC_DEFINE(UDS_CRED_UID, uid, [Defined to UDS credential structure uid field])
AC_DEFINE(UDS_CRED_SO, SO_PEERCRED, [Defined to UDS credential socket option])
AC_DEFINE(TRUST_UDS_CRED)],
[
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>],
[
struct peercred_struct u;
u.euid = 0;
#if !defined(SO_PEERID)
#error "no SO_PEERID defined"
#endif
],
[AC_MSG_RESULT(yes)
AC_DEFINE(UDS_CRED_STYPE, peercred_struct, [Defined to UDS credential structure name])
AC_DEFINE(UDS_CRED_UID, euid, [Defined to UDS credential structure uid field])
AC_DEFINE(UDS_CRED_SO, SO_PEERID, [Defined to UDS credential socket option])
AC_DEFINE(TRUST_UDS_CRED)],
[AC_MSG_RESULT(no)])
])
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
fi
],[AC_MSG_RESULT(no)])
cons_with_libwrap="NO"
AC_ARG_WITH(libwrap,
AC_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
AS_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
[Compile in libwrap (tcp_wrappers) support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
WRAPCPPFLAGS="-I$withval/include"
WRAPLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
WRAPLDFLAGS="-L$withval/lib"
else
WRAPLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
WRAPCPPFLAGS=""
WRAPLDFLAGS=""
@ -299,25 +481,43 @@ AC_ARG_WITH(libwrap,
int deny_severity = 0;
],[hosts_access((void *)0)],
[AC_MSG_RESULT(yes)
AC_DEFINE(USE_LIBWRAP)
CONSLIBS="$CONSLIBS -lwrap"
CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
CONSCPPFLAGS="$CONSCPPFLAGS $WRAPCPPFLAGS"],
[AC_MSG_RESULT(no)])],)
cons_with_libwrap="YES"
AC_DEFINE(USE_LIBWRAP)
CONSLIBS="$CONSLIBS -lwrap"
CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
CONSCPPFLAGS="$CONSCPPFLAGS $WRAPCPPFLAGS"],
[AC_MSG_RESULT(no)
LIBS="$LIBS -lnsl"
AC_MSG_CHECKING(for TCP wrappers library -lwrap with -lnsl)
AC_TRY_LINK([#include <tcpd.h>
int allow_severity = 0;
int deny_severity = 0;
],[hosts_access((void *)0)],
[AC_MSG_RESULT(yes)
cons_with_libwrap="YES"
AC_DEFINE(USE_LIBWRAP)
CONSLIBS="$CONSLIBS -lwrap -lnsl"
CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
CONSCPPFLAGS="$CONSCPPFLAGS $WRAPCPPFLAGS"],
[AC_MSG_RESULT(no)])])],)
LIBS="$oLIBS"
CPPFLAGS="$oCPPFLAGS"
LDFLAGS="$oLDFLAGS"
fi]
)
cons_with_openssl="NO"
AC_ARG_WITH(openssl,
AC_HELP_STRING([--with-openssl@<:@=PATH@:>@],
AS_HELP_STRING([--with-openssl@<:@=PATH@:>@],
[Compile in OpenSSL support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
OPENSSLCPPFLAGS="-I$withval/include"
OPENSSLLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
OPENSSLLDFLAGS="-L$withval/lib"
else
OPENSSLLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
OPENSSLCPPFLAGS=""
OPENSSLLDFLAGS=""
@ -337,6 +537,7 @@ AC_ARG_WITH(openssl,
AC_TRY_LINK([#include <openssl/ssl.h>
],[SSL_library_init()],
[AC_MSG_RESULT(yes)
cons_with_openssl="YES"
AC_DEFINE(HAVE_OPENSSL)
have_openssl=yes],
[AC_MSG_RESULT(no)])],)
@ -346,16 +547,156 @@ AC_ARG_WITH(openssl,
CPPFLAGS="$oCPPFLAGS"
LDFLAGS="$oLDFLAGS"
fi
AC_MSG_CHECKING(whether to require server cert)
AC_ARG_WITH(req-server-cert,
AS_HELP_STRING([--with-req-server-cert],[Require server SSL certificate by client]),
[case "$withval" in
yes)
AC_DEFINE(REQ_SERVER_CERT)
AC_MSG_RESULT(yes)
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
fi]
)
cons_with_gssapi="NO"
cons_strip_realm="NO"
AC_ARG_WITH(gssapi,
AS_HELP_STRING([--with-gssapi@<:@=PATH@:>@],
[Compile in GSS-API support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
GSSAPICPPFLAGS="-I$withval/include"
if test "$use_dash_r" != "yes"; then
GSSAPILDFLAGS="-L$withval/lib"
else
GSSAPILDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
GSSAPICPPFLAGS=""
GSSAPILDFLAGS=""
fi
oCPPFLAGS="$CPPFLAGS"
oLDFLAGS="$LDFLAGS"
oLIBS="$LIBS"
have_gssapi=no
CPPFLAGS="$CPPFLAGS $GSSAPICPPFLAGS"
LDFLAGS="$LDFLAGS $GSSAPILDFLAGS"
AC_CHECK_HEADER([gssapi/gssapi.h],
[LIBS="$oLIBS -lgssapi"
AC_MSG_CHECKING(for gssapi library -lgssapi)
AC_TRY_LINK([#include <gssapi/gssapi.h>
],[gss_create_empty_oid_set(NULL, NULL)],
[AC_MSG_RESULT(yes)
cons_with_gssapi="YES"
AC_DEFINE(HAVE_GSSAPI)
have_gssapi=yes],
[AC_MSG_RESULT(no)
LIBS="$oLIBS -lgssglue"
AC_MSG_CHECKING(for gssapi library -lgssglue)
AC_TRY_LINK([#include <gssapi/gssapi.h>
],[gss_create_empty_oid_set(NULL, NULL)],
[AC_MSG_RESULT(yes)
cons_with_gssapi="YES"
AC_DEFINE(HAVE_GSSAPI)
have_gssapi=yes],
[AC_MSG_RESULT(no)
LIBS="$oLIBS -lgss"
AC_MSG_CHECKING(for gssapi library -lgss)
AC_TRY_LINK([#include <gssapi/gssapi.h>
],[gss_create_empty_oid_set(NULL, NULL)],
[AC_MSG_RESULT(yes)
cons_with_gssapi="YES"
AC_DEFINE(HAVE_GSSAPI)
have_gssapi=yes],
[AC_MSG_RESULT(no)])])])],)
if test $have_gssapi = no; then
LIBS="$oLIBS"
CPPFLAGS="$oCPPFLAGS"
LDFLAGS="$oLDFLAGS"
else
AC_MSG_CHECKING(whether to fallback to username without @REALM)
AC_ARG_WITH(striprealm,
AS_HELP_STRING([--with-striprealm],[retry username without @REALM with gss-api authentication]),
[case "$withval" in
yes)
AC_DEFINE(STRIP_REALM)
AC_MSG_RESULT(yes)
cons_strip_realm="YES"
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
fi
fi]
)
cons_with_freeipmi="NO"
AC_ARG_WITH(freeipmi,
AS_HELP_STRING([--with-freeipmi@<:@=PATH@:>@],
[Compile in FreeIPMI support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
FREEIPMICPPFLAGS="-I$withval/include"
if test "$use_dash_r" != "yes"; then
FREEIPMILDFLAGS="-L$withval/lib"
else
FREEIPMILDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
FREEIPMICPPFLAGS=""
FREEIPMILDFLAGS=""
fi
oCPPFLAGS="$CPPFLAGS"
oLDFLAGS="$LDFLAGS"
oLIBS="$LIBS"
have_freeipmi=no
CPPFLAGS="$CPPFLAGS $FREEIPMICPPFLAGS"
LDFLAGS="$LDFLAGS $FREEIPMILDFLAGS"
AC_CHECK_HEADER([ipmiconsole.h],
[LIBS="$LIBS -lipmiconsole"
AC_MSG_CHECKING(for freeipmi libraries -lipmiconsole)
AC_TRY_LINK([#include <ipmiconsole.h>
],[ipmiconsole_ctx_fd(0)],
[AC_MSG_RESULT(yes)
cons_with_freeipmi="YES"
AC_DEFINE(HAVE_FREEIPMI)
CONSLIBS="$CONSLIBS -lipmiconsole"
have_freeipmi=yes],
[AC_MSG_RESULT(no)])],)
LIBS="$oLIBS"
if test $have_freeipmi = no; then
CPPFLAGS="$oCPPFLAGS"
LDFLAGS="$oLDFLAGS"
fi
fi]
)
cons_with_dmalloc="NO"
AC_ARG_WITH(dmalloc,
AC_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
AS_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
[Compile in dmalloc support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
DMALLOCCPPFLAGS="-I$withval/include"
DMALLOCLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
DMALLOCLDFLAGS="-L$withval/lib"
else
DMALLOCLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
DMALLOCCPPFLAGS=""
DMALLOCLDFLAGS=""
@ -375,6 +716,7 @@ AC_ARG_WITH(dmalloc,
AC_TRY_LINK([#include <dmalloc.h>
],[dmalloc_debug(0)],
[AC_MSG_RESULT(yes)
cons_with_dmalloc="YES"
AC_DEFINE(HAVE_DMALLOC)
have_dmalloc=yes],
[AC_MSG_RESULT(no)])],)
@ -390,42 +732,43 @@ AC_ARG_WITH(dmalloc,
dnl ### Check for needed functions. ################################
dnl The following basically stollen from the less-358 distribution, but
dnl modified for my own purposes
AC_MSG_CHECKING(for POSIX regex)
AC_ARG_WITH(regex,
AC_HELP_STRING([--with-regex],
[Use regular expressions in conserver.passwd]),
[if test "$withval" = yes; then
AC_TRY_RUN([
#include <sys/types.h>
#include <regex.h>
main() { regex_t r; regmatch_t rm; char *text = "xabcy";
if (regcomp(&r, "abc", 0)) exit(1);
if (regexec(&r, text, 1, &rm, 0)) exit(1);
if (rm.rm_so != 1) exit(1); /* check for correct offset */
exit(0); }
],have_posix_regex=yes,have_posix_regex=no,have_posix_regex=unknown)
if test $have_posix_regex = yes; then
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_POSIX_REGCOMP)
elif test $have_posix_regex = unknown; then
AC_TRY_LINK([
#include <sys/types.h>
#include <regex.h>],
[regex_t *r; regfree(r);],
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_POSIX_REGCOMP))
else
AC_MSG_RESULT(no)
fi
else
AC_MSG_RESULT(no)
fi],[AC_MSG_RESULT(no)])
dnl dnl The following basically stollen from the less-358 distribution, but
dnl dnl modified for my own purposes
dnl AC_MSG_CHECKING(for POSIX regex)
dnl AC_ARG_WITH(regex,
dnl AC_HELP_STRING([--with-regex],
dnl [Use regular expressions in conserver.passwd]),
dnl [if test "$withval" = yes; then
dnl AC_TRY_RUN([
dnl #include <sys/types.h>
dnl #include <regex.h>
dnl main() { regex_t r; regmatch_t rm; char *text = "xabcy";
dnl if (regcomp(&r, "abc", 0)) exit(1);
dnl if (regexec(&r, text, 1, &rm, 0)) exit(1);
dnl if (rm.rm_so != 1) exit(1); /* check for correct offset */
dnl exit(0); }
dnl ],have_posix_regex=yes,have_posix_regex=no,have_posix_regex=unknown)
dnl if test $have_posix_regex = yes; then
dnl AC_MSG_RESULT(yes)
dnl AC_DEFINE(HAVE_POSIX_REGCOMP)
dnl elif test $have_posix_regex = unknown; then
dnl AC_TRY_LINK([
dnl #include <sys/types.h>
dnl #include <regex.h>],
dnl [regex_t *r; regfree(r);],
dnl AC_MSG_RESULT(yes)
dnl AC_DEFINE(HAVE_POSIX_REGCOMP))
dnl else
dnl AC_MSG_RESULT(no)
dnl fi
dnl else
dnl AC_MSG_RESULT(no)
dnl fi],[AC_MSG_RESULT(no)])
cons_with_pam="NO"
AC_MSG_CHECKING(for PAM support)
AC_ARG_WITH(pam,
AC_HELP_STRING([--with-pam],
AS_HELP_STRING([--with-pam],
[Enable PAM support]),
[if test "$withval" = yes; then
oLIBS="$LIBS"
@ -435,6 +778,7 @@ AC_ARG_WITH(pam,
AC_MSG_CHECKING(for PAM library -lpam)
AC_TRY_LINK_FUNC([pam_start],
[AC_MSG_RESULT(yes)
cons_with_pam="YES"
AC_DEFINE(HAVE_PAM)
CONSLIBS="$CONSLIBS -lpam"],
[LIBS="$LIBS -ldl"
@ -442,6 +786,7 @@ AC_ARG_WITH(pam,
AC_MSG_CHECKING(for PAM library -lpam with -ldl)
AC_TRY_LINK_FUNC([pam_end],
[AC_MSG_RESULT(yes)
cons_with_pam="YES"
AC_DEFINE(HAVE_PAM)
CONSLIBS="$CONSLIBS -lpam -ldl"],
[AC_MSG_RESULT(no)])])],)
@ -451,9 +796,39 @@ AC_ARG_WITH(pam,
AC_MSG_RESULT(no)
fi],[AC_MSG_RESULT(no)])
cons_with_ipv6="NO"
AC_MSG_CHECKING(whether to support IPv6)
AC_ARG_WITH(ipv6,
AS_HELP_STRING([--with-ipv6],
[(experimental) Use IPv6 for client/server communication]),
[case "$withval" in
yes)
AC_DEFINE(USE_IPV6)
AC_MSG_RESULT(yes)
cons_with_ipv6="YES"
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp sysconf getpassphrase getlogin)
AC_FUNC_SETPGRP
dnl Checks for pty allocation...
dnl According to the xemacs distribution:
dnl getpt() is the preferred pty allocation method on glibc systems.
dnl _getpty() is the preferred pty allocation method on SGI systems.
dnl grantpt(), unlockpt(), ptsname() are defined by Unix98.
dnl openpty() is the preferred pty allocation method on BSD and Tru64 systems.
dnl openpty() might be declared in:
dnl - pty.h (Tru64 or Linux)
dnl - libutil.h (FreeBSD)
dnl - util.h (NetBSD)
dnl Conserver doesn't support getpt() or _getpt() yet.
AC_CHECK_HEADERS(pty.h libutil.h util.h)
AC_CHECK_LIB(util, openpty)
AC_CHECK_FUNCS(openpty)
AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle gettimeofday strlcpy)
AC_CHECK_FUNC(strcasecmp,
[AC_DEFINE(HAVE_STRCASECMP, 1, [Define if strcasecmp is available])],
[AC_CHECK_FUNC(stricmp,
@ -467,6 +842,25 @@ AC_CHECK_FUNCS(getaudit getaudit_addr)
dnl ### Create output files. #######################################
AC_CONFIG_FILES([Makefile conserver/Makefile conserver.cf/Makefile console/Makefile autologin/Makefile])
AC_CONFIG_FILES([Makefile conserver/Makefile conserver.cf/Makefile console/Makefile autologin/Makefile contrib/chat/Makefile])
AC_CONFIG_FILES([conserver/conserver.rc], [chmod +x conserver/conserver.rc])
AC_OUTPUT
[
echo "=============================================================="
echo " Feature Summary"
echo ""
echo " Unix domain sockets (--with-uds) : $cons_with_uds"
echo " TCP wrappers (--with-libwrap) : $cons_with_libwrap"
echo " OpenSSL (--with-openssl) : $cons_with_openssl"
echo " GSS-API (--with-gssapi) : $cons_with_gssapi"
echo " FreeIPMI (--with-freeipmi) : $cons_with_freeipmi"
if [ $cons_with_gssapi = "YES" ]; then
echo " strip @REALM (--with-striprealm): $cons_strip_realm"
fi
echo " dmalloc (--with-dmalloc) : $cons_with_dmalloc"
echo " PAM support (--with-pam) : $cons_with_pam"
echo " IPv6 support (--with-ipv6) : $cons_with_ipv6"
echo ""
echo "=============================================================="
]

18
conserver.cf/INSTALL
View File

@ -1,19 +1,11 @@
The two files you need to set up are the conserver.cf and conserver.passwd
files. See the sample conserver.cf and conserver.passwd files
for examples. You can start with those and then modify extensively.
The man page for conserver.cf should explain that file with enough detail
to get you going.
As for the conserver.passwd file, here are some instructions. The file
contains three fields seperated by colons: <username>:<passwd>:<hosts>.
The <passwd> field should either be an encrypted password or the special
string '*passwd*', which will cause the console server to do a getpwnam()
call. The <hosts> field can be a comma seperated list of console names
(from conserver.cf) or the special string 'any'. Access for the user
is only granted to the hosts listed here (or all if 'any' is used).
files. See the sample conserver.cf and conserver.passwd files for examples
(installed in <DATADIR>/examples/conserver). You can start with those and
then modify extensively. The man page for conserver.cf and conserver.passwd
should explain the files with enough detail to get you going.
That's about it. Good luck.
#
# $Id: INSTALL,v 1.2 1999-08-24 13:45:00-07 bryan Exp $
# $Id: INSTALL,v 1.4 2005/05/21 13:47:18 bryan Exp $
#

10
conserver.cf/Makefile.in
View File

@ -1,8 +1,11 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
prefix = @prefix@
mandir = @mandir@
sysconfdir = @sysconfdir@
datadir = @datadir@
exampledir = $(datadir)/examples/conserver
### Installation programs and flags
INSTALL = @INSTALL@
@ -22,7 +25,10 @@ distclean: clean
install:
$(MKDIR) $(DESTDIR)$(mandir)/man5
$(INSTALL) conserver.cf.man $(DESTDIR)$(mandir)/man5/conserver.cf.5
$(INSTALL) conserver.passwd.man $(DESTDIR)$(mandir)/man5/conserver.passwd.5
$(INSTALL) -m 0644 conserver.cf.man $(DESTDIR)$(mandir)/man5/conserver.cf.5
$(INSTALL) -m 0644 conserver.passwd.man $(DESTDIR)$(mandir)/man5/conserver.passwd.5
$(MKDIR) $(DESTDIR)$(exampledir)
$(INSTALL) -m 0644 conserver.cf $(DESTDIR)$(exampledir)
$(INSTALL) -m 0644 conserver.passwd $(DESTDIR)$(exampledir)
.PHONY: clean distclean install

136
conserver.cf/conserver.cf
View File

@ -1,26 +1,114 @@
#
# $Id: conserver.cf,v 1.4 2001-06-28 10:24:01-07 bryan Exp $
# Sample conserver.cf file, to give you ideas of what you can do with
# the various configuration items.
#
# The character '&' in logfile names are substituted with the console
# name. Any logfile name that doesn't begin with a '/' has LOGDIR
# prepended to it. So, most consoles will just have a '&' as the logfile
# name which causes /var/consoles/<consolename> to be used.
#
LOGDIR=/var/consoles
#
# list of consoles we serve
# name : tty[@host] : baud[parity] : logfile : [mark-interval(m|h|d|l)][+]
# name : !host : port : logfile : [mark-interval(m|h|d|l)][+]
# name : |command : : logfile : [mark-interval(m|h|d|l)][+]
#
tweety:!ts1:2002:&:
bambam:!ts1:2003:&:
shell:|::/dev/null:
telnet:|telnet host::/dev/null:
ttya:/dev/ttya:9600p:&:
%%
#
# list of clients we allow
# {trusted|allowed|rejected} : machines
#
allowed: 127.0.0.1 gnac.com
### set up global access
default full { rw *; }
### define some terminal server specifics
# we set portbase and portinc so we can reference the ports in a
# physical representation and let conserver do the math to figure
# out the actual socket address
default cisco { type host; portbase 2000; portinc 1; }
default xyplex { type host; portbase 2000; portinc 100; }
default iolan { type host; portbase 10000; portinc 1; }
### set up some custom break sequences
break 4 { string "+\d+\d+"; delay 300; }
break 5 { string "\033c"; }
### set the defaults for all the consoles
# these get applied before anything else
default * {
# The '&' character is substituted with the console name
logfile /var/consoles/&;
# timestamps every hour with activity and break logging
timestamp 1hab;
# include the 'full' default
include full;
# master server is localhost
master localhost;
}
### define the first terminal server
default ts1.conserver.com {
# use the xyplex defaults
include xyplex;
# host to connect to is ts1.conserver.com
host ts1.conserver.com;
# run login-xyplex when connecting to the term server
initcmd /usr/local/sbin/login-xyplex;
}
# now define the consoles on ts1.conserver.com
# bryan isn't allowed on web1.conserver.com
console web1.conserver.com { include ts1.conserver.com; port 2; rw !bryan; }
console ns1.conserver.com { include ts1.conserver.com; port 10; }
console ns2.conserver.com { include ts1.conserver.com; port 8; }
### define the second terminal server
# this one is a cisco, with simple socket connections
default ts2.conserver.com { include cisco; host ts2.conserver.com; }
# and the consoles on ts2.conserver.com
console ldap1.conserver.com { include ts2.conserver.com; port 7; }
### and now some one-off consoles
# we still inherit the '*' default set
# a simple ssh invocation
console ssh {
type exec;
exec ssh localhost;
# provide a 'message-of-the-day'
motd "just a simple ssh to localhost";
}
# connect to /dev/ttya
console ttya {
type device;
device /dev/ttya; parity none; baud 9600;
idlestring "#";
idletimeout 5m; # send a '#' every 5 minutes of idle
timestamp ""; # no timestamps on this console
}
### define a group of users
group sysadmin {
users bryan, todd;
users dave;
}
### reset the defaults for the next set of consoles
# again, these get applied before anything else
default * {
# The '&' character is substituted with the console name
logfile /var/consoles/&;
timestamp 5m;
rw sysadmin; # use the group defined above
master localhost;
}
default cyclades {
# sets up /dev/ttyC0 through /dev/ttyC31, for a 32 port card
# referenced as ports 1 through 32
type device;
device /dev/ttyC.;
devicesubst .=Pd;
portbase -1;
portinc 1;
host none; # not really used, since devicesubst doesn't use it
baud 9600;
parity none;
}
console modem1.conserver.com { include cyclades; port 2; break 4; }
# todd isn't allowed on modem2.conserver.com
console modem2.conserver.com { include cyclades; port 6; rw !todd; }
### list of clients we allow
access * {
allowed 10.0.0.0/8 192.168.0.0/16;
allowed cs1.conserver.com cs2.conserver.com cs3.conserver.com;
trusted 127.0.0.1;
}

1584
conserver.cf/conserver.cf.man
View File

File diff suppressed because it is too large Load Diff

6
conserver.cf/conserver.passwd
View File

@ -1,3 +1,3 @@
bryan:td1AgneGE3RsU:any
djs:*passwd*:any
todd:*passwd*:server1
bryan:td1AgneGE3RsU
djs:*passwd*
todd:*passwd*

110
conserver.cf/conserver.passwd.man
View File

@ -1,70 +1,84 @@
.\" $Id: conserver.passwd.man,v 1.6 2002-09-23 14:15:53-07 bryan Exp $
.TH CONSERVER.PASSWD 5 "Local"
.\" $Id: conserver.passwd.man,v 1.10 2004/01/08 16:12:33 bryan Exp $
.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.2.1" "conserver"
.SH NAME
conserver.passwd \- user access information for conserver(8)
conserver.passwd \- user access information for
.BR conserver (8)
.SH SYNOPSIS
.br
\fIusername\fB:\fIpassword\fB:\fIconsoles\fR
.IB username : password
.SH DESCRIPTION
The \fBconserver.passwd\fP file
is the user authentication and authorization file for
The
.B conserver.passwd
file is the user authentication and authorization file for
.BR conserver (8).
Upon each incoming client connection,
\fBconserver\fP opens and reads the \fBconserver.passwd\fP file,
so edits to the file take effect immediately.
It reads only until the first \fIusername\fP match.
.B conserver
opens and reads the
.B conserver.passwd
file, so edits to the file take effect immediately.
It reads only until the first
.I username
match.
.PP
Blank lines and comment lines (those beginning with a ``#'' and
optional leading whitespace) are ignored. Non-ignored lines
beginning with whitespace are considered continuations of the
previous line. This allows you to span one logical line over
optional leading whitespace) are ignored.
Non-ignored lines beginning with whitespace are considered
continuations of the previous line.
This allows you to span one logical line over
many physical lines and insert comments wherever appropriate.
.PP
Each logical line consists of three colon-separated fields.
Leading and trailing white space in each
field is ignored.
Each logical line consists of two colon-separated fields.
Leading and trailing white space in each field is ignored.
.TP
.I username
the login name of the authorized user,
or the string ``\fB*any*\fP'' to match any user.
This is compared against the name sent by the \fBconsole\fP client,
based either on the user's identity or on the \fB\-l\fP option.
Since \fBconserver\fP only uses the first \fIusername\fP match,
an ``\fB*any*\fP'' entry will apply to any user
or the string
.RB `` *any* ''
to match any user.
This is compared against the name sent by the
.B console
client, based either on the user's identity or on the
.B \-l option.
Since
.B conserver
only uses the first
.I username
match, a
.RB `` *any* ''
entry will apply to any user
without an entry earlier in the file.
.TP
.I password
the encrypted password,
or the string ``\fB*passwd*\fP''
to indicate that \fBconserver\fP should look up the user's password
in the system \fBpasswd\fP (or \fBshadow\fP) database. If PAM
support has been enabled (\fB--with-pam\fP), PAM lookups will be done instead
of \fBpasswd\fP (or \fBshadow\fP) lookups.
or the string
.RB `` *passwd* ''
to indicate that
.B conserver
should look up the user's password
in the system
.BR passwd " (or " shadow ") database."
If PAM support has been enabled
.RB ( --with-pam ),
PAM lookups will be done instead of
.BR passwd " (or " shadow ") lookups"
(you may need to edit /etc/pam.conf or create /etc/pam.d/conserver).
If this field is empty, password checking is bypassed for this user.
.TP
.I consoles
a comma- and/or space-separated list of consoles
to which the user is permitted to connect,
or the string ``\fBany\fP'' to allow access to any console.
These names must match the console names in the \fBconserver.cf\fP file.
If regular expression support was compiled in using --with-regex, the
names here are treated as regular expressions.
.SH EXAMPLE
.TP 30
\fBmary:r71mXjfALB5Ak:any\fP
Mary may connect to any console if her password matches;
.TP 24
.B mary:r71mXjfALB5Ak
Mary uses the password specified above;
it does not matter whether she has a login on the conserver host.
.TP
\fBfred:*passwd*:foo.example.com,bar.example.com\fP
Fred may connect only to the listed consoles,
and only with his regular login password on the conserver host.
.B fred:*passwd*
Fred may connect only with his regular login password on the conserver host.
.TP
\fBbozo:*:\fP
Bozo is not allowed access to any consoles.
.B bozo:*
Bozo is only allowed to access a console if his password isn't used (since
it's invalid) which means he needs to come from a
.B trusted
host.
.TP
\fB*any*:*passwd*:any\fP
Anyone not listed above may access any console
if they have a regular login and know the password.
.B *any*:*passwd*
Anyone not listed above uses their regular login and password.
.SH "SEE ALSO"
.BR console (1),
.BR conserver.cf (5),
@ -73,4 +87,8 @@ if they have a regular login and know the password.
.PP
There is currently no way provided by the conserver package
to generate the encrypted password strings
besides copying them from the system \fBpasswd\fP database.
besides copying them from the system
.B passwd
database or running
.BR crypt (3)
via C or perl or some other language that supports it.

2
conserver.cf/label.ps
View File

@ -1,5 +1,5 @@
%!PS-Adobe-2.0 EPSF-1.2
%%$Id: label.ps,v 1.8 94/01/21 09:37:42 ksb Exp $
%%$Id: label.ps,v 1.1 2003/11/04 02:36:26 bryan Exp $
%%Title: RJ-11
%%Creator: A Braunsdorf
%%CreationDate:

21
conserver.cf/samples/README Normal file
View File

@ -0,0 +1,21 @@
I put together the sample configuration files in this directory in hopes
that it would help folks see some of the possibilities of the
configuration file format. Each of the files are syntatically correct,
but have never actually been used.
Each file is basically built upon the previous...theoretically, if not
actually. Hopefully they'll help show some of the cool things you can
do with the configuration file and help those trying to figure out how
they should even start.
simple.cf - A very simple, one console config file
basic.cf - A config with a couple consoles, mostly using defaults
average.cf - A config for many consoles, using breaks, user lists,
etc...bascially customizing each area
average-distributed.cf - Taking average.cf to multiple conserver
hosts with overrides on those hosts
Bryan Stansell

109
conserver.cf/samples/average-distributed.cf Normal file
View File

@ -0,0 +1,109 @@
#
# I took the average.cf file and expanded it to use a distributed
# conserver setup...two conserver hosts (conserver1 and conserver2), but
# the basic philosophy would hold for many more console and/or conserver
# hosts.
#
# ------ define a user group ------
group sysadmin {
users bryan, todd, dave;
}
# helpers is everyone but the sysadmin group
group helpers {
users *, !sysadmin;
}
# ------ make sure breaks are the way we want --------
break 1 { string "\z"; }
break 2 { string "\r\d~\d^b"; delay 600; }
break 3 { string "#."; }
# ----- define some console types ------
# yeah, just setting a break doesn't quite seem worth it, but perhaps,
# some day, there will be more host-specific stuff.
default sun-std { break 1; }
default sun-alt { break 2; }
default sun-lom { break 3; }
# ------ defaults ------
# we set a 'global' default so we can reuse the bits below. we're going
# to set the '*' default, then define consoles, reset the '*' default,
# define more consoles, etc.
default global {
logfile /var/consoles/&; # '&' is replaced with console name
timestamp 1hab; # write timestamps
rw sysadmin; # allow sysadmins full access
ro helpers; # allow helpers to watch
include sun-std;
}
# --------- define our terminal attributes ----------
# simple tcp connections are "easy"
default cisco { type host; portbase 2000; portinc 1; }
default xyplex { type host; portbase 2000; portinc 100; }
# this is a cyclades card referenced with /dev/ttyC0 through /dev/ttyC31
# (referenced as ports 1 through 32 in conserver.cf)
# we set the various port calculation bits and pattern substitution to
# come up with a generic definition
default cyclades { type device; device /dev/ttyC&; baud 9600; parity none;
devicesubst &=Pd; portbase -1; portinc 1; host unused; }
## this is a term server accessed with an ssh command
# it too uses pattern substitution and such to get the job done
default ciscossh { type exec; portbase 2000; portinc 1;
exec /usr/local/bin/ssh -p P -l tsuser H;
execsubst H=hs,P=Pd; }
# ------- set the global default for the first conserver host -------
# the consoles below (until the default is reset) are managed
# by conserver1.conserver.com
default * { include global; master conserver1.conserver.com; }
# ------- define the consoles on ts1.conserver.com --------
default ts1.conserver.com { include cisco; host ts1.conserver.com; }
console web1.conserver.com { include ts1.conserver.com; port 2; }
console ns1.conserver.com { include ts1.conserver.com; port 10; }
# ------- define the consoles on ts2.conserver.com --------
default ts2.conserver.com { include xyplex; host ts2.conserver.com; }
console web2.conserver.com { include ts2.conserver.com; port 4; }
console ns2.conserver.com { include ts2.conserver.com; port 22; }
# ------- set the global default for the second conserver host -------
# the following consoles are managed by conserver2.conserver.com
default * { include global; master conserver2.conserver.com; }
# ------- define the consoles on ts3.conserver.com --------
default ts3.conserver.com { include ciscossh; host ts3.conserver.com; }
console ftp1.conserver.com { include ts3.conserver.com; include sun-lom;
port 7; }
# ------- set up the an access list to avoid the default -------
# anything *not* matched here will fallback to the default access mode
access * {
trusted 127.0.0.1;
allowed 10.0.0.0/8;
}
# conserver2 has an extra leg that is trusted
access conserver2.conserver.com { trusted 192.168.0.0/16; }
# ------- do some server configuration ---------
# both conserver1.conserver.com and conserver2.conserver.com use the same
# set of defaults
config * {
defaultaccess rejected;
daemonmode on;
logfile /var/log/conserver;
}
# we're going to set the default access on conserver2 to allowed, because
# it's in a higher-trust network
config conserver2.conserver.com { defaultaccess allowed; }

91
conserver.cf/samples/average.cf Normal file
View File

@ -0,0 +1,91 @@
#
# This would be what i'd expect a more common configuration file would
# look like. There are consoles attached to multiple devices, simple
# access lists, etc.
#
# ------ define a user group ------
group sysadmin {
users bryan, todd, dave;
}
# helpers is everyone but the sysadmin group
group helpers {
users *, !sysadmin;
}
# ------ make sure breaks are the way we want --------
break 1 { string "\z"; }
break 2 { string "\r\d~\d^b"; delay 600; }
break 3 { string "#."; }
# ----- define some console types ------
# yeah, just setting a break doesn't quite seem worth it, but perhaps,
# some day, there will be more host-specific stuff.
default sun-std { break 1; }
default sun-alt { break 2; }
default sun-lom { break 3; }
# ------ defaults ------
# now for some generic console defaults so that we don't have to
# duplicate them for each console.
default * {
logfile /var/consoles/&; # '&' is replaced with console name
timestamp 1hab; # write timestamps
rw sysadmin; # allow sysadmins full access
ro helpers; # allow helpers to watch
master localhost;
include sun-std;
}
# --------- define our terminal attributes ----------
# simple tcp connections are "easy"
default cisco { type host; portbase 2000; portinc 1; }
default xyplex { type host; portbase 2000; portinc 100; }
# this is a cyclades card referenced with /dev/ttyC0 through /dev/ttyC31
# (referenced as ports 1 through 32 in conserver.cf)
# we set the various port calculation bits and pattern substitution to
# come up with a generic definition
default cyclades { type device; device /dev/ttyC&; baud 9600; parity none;
devicesubst &=Pd; portbase -1; portinc 1; host unused; }
## this is a term server accessed with an ssh command
# it too uses pattern substitution and such to get the job done
default ciscossh { type exec; portbase 2000; portinc 1;
exec /usr/local/bin/ssh -p P -l tsuser H;
execsubst H=hs,P=Pd; }
# ------- define the consoles on ts1.conserver.com --------
default ts1.conserver.com { include cisco; host ts1.conserver.com; }
console web1.conserver.com { include ts1.conserver.com; port 2; }
console ns1.conserver.com { include ts1.conserver.com; port 10; }
# ------- define the consoles on ts2.conserver.com --------
default ts2.conserver.com { include xyplex; host ts2.conserver.com; }
console web2.conserver.com { include ts2.conserver.com; port 4; }
console ns2.conserver.com { include ts2.conserver.com; port 22; }
# ------- define the consoles on ts3.conserver.com --------
default ts3.conserver.com { include ciscossh; host ts3.conserver.com; }
console ftp1.conserver.com { include ts3.conserver.com; include sun-lom;
port 7; }
# ------- set up the an access list to avoid the default -------
# anything *not* matched here will fallback to the default access mode
access * {
trusted 127.0.0.1;
allowed 10.0.0.0/8;
}
# ------- do some server configuration ---------
config * {
defaultaccess rejected;
daemonmode on;
logfile /var/log/conserver;
}

28
conserver.cf/samples/basic.cf Normal file
View File

@ -0,0 +1,28 @@
#
# This is a fairly basic configuration file that interacts with one
# terminal server.
#
# first, we're going to set some generic console defaults so that we
# don't have to duplicate them for each console.
default * {
logfile /var/consoles/&; # '&' is replaced with console name
timestamp 1hab; # write timestamps
rw *; # allow all users
master localhost;
type host;
host ts1.conserver.com; # consoles on ts1.conserver.co
portbase 2000; # port numbers start at 2001 and
portinc 1; # go up by 1 (port #1 == 2001, etc)
}
# define two consoles on the terminal server
console web1.conserver.com { port 2; } # calculates to tcp port 2002
console ns1.conserver.com { port 10; } # calculates to tcp port 2010
# set up the an access list to avoid the default
# anything *not* matched here will fallback to the default access (-a)
# mode
access * {
trusted 127.0.0.1;
}

11
conserver.cf/samples/simple.cf Normal file
View File

@ -0,0 +1,11 @@
#
# I believe this is the smallest configuration file that is also fully
# functional. You have to be happy with the default access type (-a)
# as well as the default access list that gets used.
#
console simple {
master localhost;
type exec;
rw *;
}

65
conserver.cf/test.cf
View File

@ -1,30 +1,45 @@
# dummy conserver config file
#
# $Id: dummy.cf,v 4.3 92/07/27 12:23:59 ksb Exp $
#
# 1. change the `/dev/ttya' to any tty device you can put a serial device on
# that you could talk to with kermit/cu. Put in the baud rate and parity.
#
# 2. change the `cc.purdue.edu' to your local domain.
#
# 3. !! do not leave this up, as it can give local users a root shell (login)
# !! for extended testing change the `|' to `|su - tst' where tst is a
# !! vanilla test acount, or comment out the `login' console.
# $Id: test.cf,v 1.2 2003/07/04 18:04:05 bryan Exp $
#
default full {
rw *;
}
default * {
logfile /tmp/&;
timestamp "";
include full;
}
break 5 {
string "\rtest\r";
}
# list of consoles we serve
# name : tty[@host] : baud[parity] : device : group
DOMAINHACK=
LOGDIR=/tmp
BREAK5=\rtest\r
shell:|:9600p:&:5
bash:|/usr/local/bin/bash::&:2
web:!www.conserver.com:80:&:
b:/dev/ttyb:9600p:&:
#ts6-10:!ts6:10010:&:
#ts6-11:!ts6:10011:&:
#ts6-12:!ts6:10012:&:
#ts6-13:!ts6:10013:&:
%%
console shell {
master localhost;
timestamp 5;
type exec;
exec "";
}
console bash {
master localhost;
timestamp 2;
type exec;
exec /usr/local/bin/bash;
}
console web {
master localhost;
type host;
host www.conserver.com;
port 80;
}
console b {
master localhost;
type device;
device /dev/ttyb;
baud 9600;
parity none;
}
# list of clients we allow
# type machines
trusted: 127.0.0.1
access * {
trusted 127.0.0.1;
}

446
conserver.html
View File

@ -1,270 +1,280 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META name="generator" content=
"HTML Tidy for Solaris (vers 1st May 2002), see www.w3.org">
<META name="keywords" content=
"conserver,serial,console,serial console,unix,tty,ttya,ttyb, rs-232,rs232,bryan stansell,stansell,console server,terminal server,headless">
<META name="author" content=
"Bryan Stansell &lt;bryan@conserver.com&gt;">
<LINK rel="SHORTCUT ICON" href="conserver.ico">
<HEAD>
<META name="generator" content=
"HTML Tidy for Solaris (vers 25 March 2009), see www.w3.org">
<META name="keywords" content=
"conserver,serial,console,serial console,unix,tty,ttya,ttyb, rs-232,rs232,bryan stansell,stansell,console server,terminal server,headless">
<META name="author" content=
"Bryan Stansell &lt;bryan@conserver.com&gt;">
<LINK rel="SHORTCUT ICON" href="conserver.ico">
<LINK rel="icon" href="conserver.ico">
<TITLE>Conserver</TITLE>
<STYLE type="text/css">
body {
<TITLE>Conserver</TITLE>
<STYLE type="text/css">
body {
background-color: #EEEEEE;
color: black;
}
</STYLE>
</HEAD>
}
</STYLE>
</HEAD>
<BODY>
<TABLE summary="Logo" bgcolor="black" width="100%" align=
"center">
<TR>
<TD align="center"><IMG src="conserver.jpg" alt=
"Conserver"><BR>
</TD>
</TR>
</TABLE>
<BODY>
<TABLE summary="Logo" bgcolor="black" width="100%" align=
"center">
<TR>
<TD align="center"><IMG src="conserver.jpg" alt=
"Conserver"><BR></TD>
</TR>
</TABLE>
<TABLE summary="Conserver Page" width="80%" align="center">
<TR>
<TD colspan="2" align="center">Please pick your closest
mirror: &nbsp;&nbsp;<A href=
"http://planetmirror.com/pub/conserver/">Australia</A>
&nbsp;&nbsp;<A href="http://www.conserver.com/">US
(Primary)</A><BR>
<BR>
</TD>
</TR>
<TABLE summary="Conserver Page" width="80%" align="center">
<TR>
<TD colspan="2" align="center">Please pick your closest
mirror: &nbsp;&nbsp;<A href=
"http://planetmirror.com/pub/conserver/">Australia</A>
&nbsp;&nbsp;<A href=
"http://conserver.linux-mirror.org/">Germany</A>
&nbsp;&nbsp;<A href="http://conserver.rayba.co/">Germany</A>
&nbsp;&nbsp;<A href=
"http://conserver.cybermirror.org/">Germany</A>
&nbsp;&nbsp;<A href=
"http://conserver.oss-mirror.org/">Ireland</A>
&nbsp;&nbsp;<A href="http://conserver.shape.ws/">Malaysia</A>
&nbsp;&nbsp;<A href="http://conserver.rinet.ru/">Russia</A>
&nbsp;&nbsp;<A href="http://www.conserver.com/">US-West
(Primary)</A><BR>
<BR></TD>
</TR>
<TR>
<TD>
<!-- empty cell here, then search box on right spans two rows,
then we have the text that appears on the left, so things
appear in the right order so they look right in lynx
-->
</TD>
<TR>
<TD>
<!-- empty cell here, then search box on right spans two rows,
then we have the text that appears on the left, so things
appear in the right order so they look right in lynx
--></TD>
<TD rowspan="2" align="right">
<FORM method="post" action=
"http://www.conserver.com/cgi-bin/htsearch">
<INPUT type="HIDDEN" name="method" value="and"> <INPUT
type="HIDDEN" name="format" value="builtin-long">
<INPUT type="HIDDEN" name="sort" value="score"> <INPUT
type="HIDDEN" name="config" value="htdig"> <INPUT type=
"HIDDEN" name="restrict" value=""> <INPUT type="HIDDEN"
name="exclude" value=""> <INPUT type="TEXT" size="20"
name="words" value=""> <INPUT type="SUBMIT" value=
"Search">
</FORM>
</TD>
</TR>
<TD rowspan="2" align="right">
<FORM method="get" action=
"http://www.conserver.com/cgi-bin/omega">
<INPUT type="hidden" name="DEFAULTOP" value="and">
<INPUT type="text" size="20" name="P" value="">
<INPUT type="submit" value="Search">
</FORM>
</TD>
</TR>
<TR>
<TD>
<H3>What is conserver?</H3>
</TD>
</TR>
<TR>
<TD>
<H3>What is conserver?</H3>
</TD>
</TR>
<TR>
<TD colspan="2">
<P>From an email I once sent...</P>
<TR>
<TD colspan="2">
<P>From an email I once sent...</P>
<P>Conserver is an application that allows multiple users
to watch a serial console at the same time. It can log
the data, allows users to take write-access of a console
(one at a time), and has a variety of bells and whistles
to accentuate that basic functionality. The idea is that
conserver will log all your serial traffic so you can go
back and review why something crashed, look at changes
(if done on the console), or tie the console logs into a
monitoring system (just watch the logfiles it creates).
With multi-user capabilities you can work on equipment
with others, mentor, train, etc. It also does all that
client-server stuff so that, assuming you have a network
connection, you can interact with any of the equipment
from home or wherever.</P>
<P>Conserver is an application that allows multiple users
to watch a serial console at the same time. It can log the
data, allows users to take write-access of a console (one
at a time), and has a variety of bells and whistles to
accentuate that basic functionality. The idea is that
conserver will log all your serial traffic so you can go
back and review why something crashed, look at changes (if
done on the console), or tie the console logs into a
monitoring system (just watch the logfiles it creates).
With multi-user capabilities you can work on equipment with
others, mentor, train, etc. It also does all that
client-server stuff so that, assuming you have a network
connection, you can interact with any of the equipment from
home or wherever.</P>
<H3>The FAQ</H3>
Here's the conserver <A href="FAQ">FAQ</A>. Got any
additions? Let me know.
<H3>The FAQ</H3>Here's the conserver <A href="FAQ">FAQ</A>.
Got any additions? Let me know.
<H3>Mailing Lists</H3>
<H3>Mailing Lists</H3>
<P>There are currently two mailing lists available. <A
href=
"mailto:announce@conserver.com">announce@conserver.com</A>
is an announcement-only mailing list for informing of new
versions, major developments, etc. <A href=
"mailto:users@conserver.com">users@conserver.com</A> is
for general Q&amp;A, discussions, ideas, etc. for
conserver users. You can sign up by sending a message to
<A href=
"mailto:announce-request@conserver.com">announce-request@conserver.com</A>
or <A href=
"mailto:users-request@conserver.com">users-request@conserver.com</A>
with a subject of "subscribe" or head over to the online
<A href="https://www.conserver.com/mailman/listinfo">web
pages</A>.</P>
<P>There are currently two mailing lists available.
<A href="mailto:announce@conserver.com">announce@conserver.com</A>
is an announcement-only mailing list for informing of new
versions, major developments, etc. <A href=
"mailto:users@conserver.com">users@conserver.com</A> is for
general Q&amp;A, discussions, ideas, etc. for conserver
users. You can sign up by sending a message to <A href=
"mailto:announce-request@conserver.com">announce-request@conserver.com</A>
or <A href=
"mailto:users-request@conserver.com">users-request@conserver.com</A>
with a subject of "subscribe" or head over to the online
<A href="https://www.conserver.com/mailman/listinfo">web
pages</A>.</P>
<H3>Origin</H3>
<H3>Origin</H3>
<P>The console server software found here is a heavily
modified version originally written by <A href=
"http://hea-www.harvard.edu/~fine/">Tom Fine</A> (<A
href=
"mailto:fine@head-cfa.harvard.edu">fine@head-cfa.harvard.edu</A>)
at <A href="http://www.ohio-state.edu/">Ohio State</A>
and then Kevin S Braunsdorf (<A href=
"mailto:ksb+conserver@sa.fedex.com">ksb+conserver@sa.fedex.com</A>)
at <A href="http://www.purdue.edu/">Purdue
University</A>. Patches from Robert Olson (<A href=
"mailto:olson@mcs.anl.gov">olson@mcs.anl.gov</A>) at <A
href="http://www.anl.gov/">Argonne National
Laboratory</A> were then applied to get network console
support.</P>
<P>The console server software found here is a heavily
modified version originally written by <A href=
"http://hea-www.harvard.edu/~fine/">Tom Fine</A> (<A href=
"mailto:fine@head-cfa.harvard.edu">fine@head-cfa.harvard.edu</A>)
at <A href="http://www.ohio-state.edu/">Ohio State</A> and
then Kevin S Braunsdorf (<A href=
"mailto:ksb+conserver@sa.fedex.com">ksb+conserver@sa.fedex.com</A>)
at <A href="http://www.purdue.edu/">Purdue University</A>.
Patches from Robert Olson (<A href=
"mailto:olson@mcs.anl.gov">olson@mcs.anl.gov</A>) at
<A href="http://www.anl.gov/">Argonne National
Laboratory</A> were then applied to get network console
support.</P>
<P>Arnold de Leon (<A href=
"mailto:arnold@corp.webtv.net">arnold@corp.webtv.net</A>)
then fixed various bugs and added enhancements while at
<A href="http://www.synopsys.com/">Synopsys</A>. I then
took the result, continued fixing things, and added
features we found useful.</P>
<P>Arnold de Leon (<A href=
"mailto:arnold@corp.webtv.net">arnold@corp.webtv.net</A>)
then fixed various bugs and added enhancements while at
<A href="http://www.synopsys.com/">Synopsys</A>. I then
took the result, continued fixing things, and added
features we found useful.</P>
<P><A href="http://www.gnac.com/">GNAC</A> (Global
Networking and Computing - currently <A href=
"http://www.certaintysolutions.com/">Certainty
Solutions</A>) has been supporting my coding efforts (in
too many ways to list) since 1996.</P>
<P><A href="http://www.gnac.com/">GNAC</A> (Global
Networking and Computing - currently <A href=
"http://www.certaintysolutions.com/">Certainty
Solutions</A>) has been supporting my coding efforts (in
too many ways to list) since 1996.</P>
<H3>The conserver.com Distribution</H3>
<H3>The conserver.com Distribution</H3>
<P>The result is a combination of many people's work.
This version is being released in hopes that it will help
others. There is no warranty or support implied by the
distribution of the software.</P>
<P>The result is a combination of many people's work. This
version is being released in hopes that it will help
others. There is no warranty or support implied by the
distribution of the software.</P>
<P>So, what the heck is up with all the different
conserver versions? Well, the original authors are
continuing to distribute their own threads of the
software so you have three main threads (as far as I
know). First, there's Tom Fine's thread at <A href=
"http://hea-www.harvard.edu/~fine/Tech/console-server.html">
http://hea-www.harvard.edu/~fine/Tech/console-server.html</A>.
He isn't actively developing it, however, according to
the website. Next, there's Kevin Braunsdorf's version at
<A href=
"ftp://ftp.physics.purdue.edu/pub/pundits/">ftp://ftp.physics.purdue.edu/pub/pundits/</A>.
Kevin is semi-actively working on his thread. Doesn't
look like any new versions have been out since August
2000 (version 8.5), but maybe this info will be out of
date by the time you read this. Lastly, the conserver.com
version is based on Kevin's "5.21-Beta" distribution, but
since <B>HEAVILY</B> modified and enhanced (more details
in the "Origin" section above).</P>
<P>So, what the heck is up with all the different conserver
versions? Well, the original authors are continuing to
distribute their own threads of the software so you have
three main threads (as far as I know). First, there's Tom
Fine's thread at <A href=
"http://hea-www.harvard.edu/~fine/Tech/console-server.html">
http://hea-www.harvard.edu/~fine/Tech/console-server.html</A>.
He isn't actively developing it, however, according to the
website. Next, there's Kevin Braunsdorf's version at
<A href=
"http://www.npcguild.org/software/pundits/">http://www.npcguild.org/software/pundits/</A>.
It doesn't look like Kevin is working on his thread ony
more either. No new versions have been out since August
2000 (version 8.5), but maybe this info will be out of date
by the time you read this (I last checked Feb 10, 2004).
Lastly, the conserver.com version is based on Kevin's
"5.21-Beta" distribution, but since <B>HEAVILY</B> modified
and enhanced (more details in the "Origin" section
above).</P>
<P>If I were looking for a conserver package I would
either use Kevin's latest distribution or the
conserver.com distribution. Which one? Well, obviously
I'm biased and believe the conserver.com distribution
should be your choice, but Kevin's does have UPS (serial
port line toggling bits) that the conserver.com version
doesn't have. What does the conserver.com distribution
have? Well, in reality, too many things to list. You'll
have to look at the <A href="CHANGES">CHANGES</A> file
and see the enhancements, bug fixes, and general
development since the original. Don't let the version
numbers fool you - you'll have to compare and contrast
for yourself.</P>
<P>If I were looking for a conserver package I would
definitely use the conserver.com distribution. Why? It's
actively maintained, has many more features than the other
versions (see <A href="CHANGES">CHANGES</A> for a
semi-scary history), and has an active user community.
Kevin's version does have UPS support (basic serial port
line toggling bits) which is missing in the conserver.com
version, but no one has asked me for it, so does anyone
actually need it?</P>
<H3>Downloading</H3>
<H3>Downloading</H3>
<P>The current version, released on Apr 9, 2003, is <A
href="7.2.7.tar.gz">7.2.7.tar.gz</A>. You can get it via
<A href=
"ftp://ftp.conserver.com/conserver/7.2.7.tar.gz">FTP</A>
or <A href="7.2.7.tar.gz">HTTP</A>. See the <A href=
"CHANGES">CHANGES</A> file for information on the latest
updates.</P>
<P>The current version, released on Jun 2, 2015, is
<A href="8.2.1.tar.gz">8.2.1.tar.gz</A>. See the <A href=
"CHANGES">CHANGES</A> file for information on the latest
updates.</P>
<P>As of version 6.1.7, the packaging and numbering
scheme has changed. I used to package conserver as
conserver-GNAC-v.vv. Since <A href=
"http://www.gnac.com/">GNAC</A> (now <A href=
"http://www.certaintysolutions.com/">Certainty
Solutions</A>) has changed its name I've decided to drop
the GNAC portion and use a three-digit version number
(conserver-v.v.v). Why change the version numbering? I
need to differentiate this thread of the code from the
original authors' and I couldn't come up with a good
replacement for the GNAC name - sad, but true.</P>
<P>For those worried about legal issues, the <A href=
"LICENSE">LICENSE</A> file should help show it's
distributed under a <A href=
"http://www.opensource.org/licenses/bsd-license.php">BSD
license.</A></P>
<H3>Installation</H3>
<P>As of version 6.1.7, the packaging and numbering scheme
has changed. I used to package conserver as
conserver-GNAC-v.vv. Since <A href=
"http://www.gnac.com/">GNAC</A> (now <A href=
"http://www.certaintysolutions.com/">Certainty
Solutions</A>) has changed its name I've decided to drop
the GNAC portion and use a three-digit version number
(conserver-v.v.v). Why change the version numbering? I need
to differentiate this thread of the code from the original
authors' and I couldn't come up with a good replacement for
the GNAC name - sad, but true.</P>
<P>Check the <A href="INSTALL">INSTALL</A> file for
instructions.</P>
<H3>Installation</H3>
<H3>Systems Tested</H3>
<P>Check the <A href="INSTALL">INSTALL</A> file for
instructions.</P>
<P>Here's a list of systems that I've been told can
successfully compile conserver. If anyone has more to add
to this list (or something on the list doesn't work any
more), please let me know.</P>
<H3>Online Documentation</H3>
<UL>
<LI>AIX 4.3.3/5.1, native cc</LI>
<P>I've put a small set of documentation <A href=
"docs/">here</A>. I'm hoping to expand it over time.</P>
<LI>BSDI BSD/OS 3.X, gcc</LI>
<H3>Systems Tested</H3>
<LI>Cygwin (w2k),gcc 2.95.3</LI>
<P>Here's a list of systems that I've been told can
successfully compile conserver. If anyone has more to add
to this list (or something on the list doesn't work any
more), please let me know.</P>
<LI>DEC Tru64 4.0, gcc</LI>
<UL>
<LI>AIX 4.3.3/5.1/5.2, native cc</LI>
<LI>DEC Tru64 4.0/5.1, native cc</LI>
<LI>BSDI BSD/OS 3.X, gcc</LI>
<LI>FreeBSD 4.2 (x86), gcc</LI>
<LI>Cygwin (w2k),gcc 2.95.3</LI>
<LI>HP-UX 10.20, gcc</LI>
<LI>DEC Tru64 4.0, gcc</LI>
<LI>HP-UX 11.10 parisc and ia64, native cc</LI>
<LI>DEC Tru64 4.0/5.1, native cc</LI>
<LI>Irix 6.15, native cc</LI>
<LI>FreeBSD 4.x (i386) gcc</LI>
<LI>Linux 2.2.18 (x86), gcc</LI>
<LI>FreeBSD 5.x (i386/amd64/sparc64) gcc</LI>
<LI>Linux 2.4.2 (x86), gcc</LI>
<LI>FreeBSD 6.x/7.x (i386/amd64/sparc64/ia64) gcc</LI>
<LI>Linux ia64, native gcc</LI>
<LI>HP-UX 10.20, gcc</LI>
<LI>Linux RedHat 6.2 and 7.2 (x86), native gcc</LI>
<LI>HP-UX 11.10 parisc and ia64, native cc</LI>
<LI>MacOS X, native gcc</LI>
<LI>Irix 6.15, native cc</LI>
<LI>Solaris 2.5.1 thru 9 (sparc/x86), gcc</LI>
<LI>Linux 2.2.18 (x86), gcc</LI>
<LI>Solaris 7/8, native cc</LI>
</UL>
<LI>Linux 2.4.2 (x86), gcc</LI>
<H3>Other Good Information</H3>
<LI>Linux ia64, native gcc</LI>
<P>Zonker Harris has fabulous documents regarding the
hookup of consoles to terminal servers and other such
devices. His <A href="consoles/">Greater Scroll of
Console Knowledge</A> is a great place to start.</P>
<HR noshade>
<LI>Linux RedHat 6.2 and 7.2 (x86), native gcc</LI>
<ADDRESS>
Bryan Stansell (<A href=
"mailto:bryan@conserver.com">bryan@conserver.com</A>)<BR>
<LI>MacOS X, native gcc</LI>
</ADDRESS>
</TD>
</TR>
</TABLE>
</BODY>
<LI>Solaris 2.5.1 thru 9 (sparc/x86), gcc</LI>
<LI>Solaris 7/8, native cc</LI>
<LI>Solaris 10 and Solaris Express (build 33) (x86), gcc
and native cc</LI>
</UL>
<H3>Other Good Information</H3>
<P>Zonker Harris has fabulous documents regarding the
hookup of consoles to terminal servers and other such
devices. His <A href="consoles/">Greater Scroll of Console
Knowledge</A> is a great place to start.</P>
<P>User community <A href="contrib/">contributions</A>
contain a variety of helpful items.</P>
<HR noshade>
<ADDRESS>
Bryan Stansell (<A href=
"mailto:bryan@conserver.com">bryan@conserver.com</A>)<BR>
</ADDRESS>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>

29
conserver/Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
prefix = @prefix@
@ -6,6 +7,10 @@ exec_prefix = @exec_prefix@
sbindir = @sbindir@
sysconfdir = @sysconfdir@
mandir = @mandir@
datadir = @datadir@
libdir = @libdir@
pkglibdir = $(libdir)/conserver
exampledir = $(datadir)/examples/conserver
### Installation programs and flags
INSTALL = @INSTALL@
@ -26,19 +31,25 @@ LIBS = @LIBS@ @CONSLIBS@
### Makefile rules - no user-servicable parts below
CONSERVER_OBJS = access.o client.o consent.o group.o main.o master.o \
readcfg.o fallback.o util.o
readcfg.o fallback.o cutil.o
CONSERVER_HDRS = ../config.h $(top_srcdir)/compat.h $(srcdir)/access.h \
$(srcdir)/client.h $(srcdir)/consent.h $(srcdir)/group.h \
$(srcdir)/main.h $(srcdir)/master.h $(srcdir)/readcfg.h \
$(srcdir)/util.h
ALL = conserver
$(srcdir)/client.h $(srcdir)/consent.h $(srcdir)/cutil.h \
$(srcdir)/group.h $(srcdir)/main.h $(srcdir)/master.h \
$(srcdir)/readcfg.h $(srcdir)/version.h
ALL = conserver convert
all: $(ALL)
$(CONSERVER_OBJS): $(CONSERVER_HDRS)
conserver: $(CONSERVER_OBJS)
$(CC) $(CFLAGS) $(LDFLAGS) -o conserver $(CONSERVER_OBJS) $(LIBS)
convert: convert.o cutil.o
$(CC) $(CFLAGS) $(LDFLAGS) -o convert convert.o cutil.o $(LIBS)
.c.o:
$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
@ -52,8 +63,10 @@ install: conserver
$(MKDIR) $(DESTDIR)$(sbindir)
$(INSTALL_PROGRAM) conserver $(DESTDIR)$(sbindir)
$(MKDIR) $(DESTDIR)$(mandir)/man8
$(INSTALL) conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
$(MKDIR) $(DESTDIR)$(sysconfdir)
[ -f $(DESTDIR)$(sysconfdir)/conserver.rc ] || $(INSTALL) conserver.rc $(DESTDIR)$(sysconfdir)
$(INSTALL) -m 0644 conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
$(MKDIR) $(DESTDIR)$(exampledir)
$(INSTALL) conserver.rc $(DESTDIR)$(exampledir)
$(MKDIR) $(DESTDIR)$(pkglibdir)
$(INSTALL) convert $(DESTDIR)$(pkglibdir)/convert
.PHONY: clean distclean install

2
conserver/Sun-serial
View File

@ -1,4 +1,4 @@
# $Id: Sun-serial,v 2.1 93/02/09 11:45:12 ldv Exp $
# $Id: Sun-serial,v 1.1 2003/11/04 02:36:25 bryan Exp $
If you are going to be hooking Sun consoles to your console server, you
will run into a problem: The sun will halt whenever the cable is unplugged.

413
conserver/access.c
View File

@ -1,5 +1,5 @@
/*
* $Id: access.c,v 5.53 2003-04-06 05:31:54-07 bryan Exp $
* $Id: access.c,v 5.74 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -34,24 +34,9 @@
* 4. This notice may not be removed or altered.
*/
#include <config.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <stdio.h>
#include <ctype.h>
#include <signal.h>
#include <pwd.h>
#include <compat.h>
#include <util.h>
#include <cutil.h>
#include <access.h>
#include <consent.h>
#include <client.h>
@ -59,8 +44,14 @@
#include <readcfg.h>
#include <main.h>
#if USE_IPV6
# include <net/if.h>
# include <ifaddrs.h>
# include <sys/socket.h>
# include <netdb.h>
#endif
#if !USE_IPV6
/* Compare an Internet address (IPv4 expected), with an address pattern
* passed as a character string representing an address in the Internet
* standard `.' notation, optionally followed by a slash and an integer
@ -74,19 +65,16 @@
* Returns 0 if the addresses match, else returns 1.
*/
int
#if PROTOTYPES
AddrCmp(struct in_addr *addr, char *pattern)
#else
AddrCmp(addr, pattern)
struct in_addr *addr;
char *pattern;
#endif
{
in_addr_t hostaddr, pattern_addr, netmask;
char *p, *slash_posn;
static STRING *buf = (STRING *) 0;
static STRING *buf = (STRING *)0;
# if HAVE_INET_ATON
struct in_addr inetaddr;
# endif
if (buf == (STRING *) 0)
if (buf == (STRING *)0)
buf = AllocString();
slash_posn = strchr(pattern, '/');
if (slash_posn != NULL) {
@ -97,9 +85,15 @@ AddrCmp(addr, pattern)
} else
p = pattern;
# if HAVE_INET_ATON
if (inet_aton(p, &inetaddr) == 0)
return 1;
pattern_addr = inetaddr.s_addr;
# else
pattern_addr = inet_addr(p);
if (pattern_addr == (in_addr_t) (-1))
return 1; /* malformed address */
# endif
if (slash_posn) {
/* convert explicit netmask */
@ -123,168 +117,287 @@ AddrCmp(addr, pattern)
netmask = 0xffffffff; /* compare entire addresses */
hostaddr = addr->s_addr;
Debug(1, "AddrCmp(): host=%lx(%lx/%lx) acl=%lx(%lx/%lx)",
hostaddr & netmask, hostaddr, netmask, pattern_addr & netmask,
pattern_addr, netmask);
CONDDEBUG((1, "AddrCmp(): host=%lx(%lx/%lx) acl=%lx(%lx/%lx)",
hostaddr & netmask, hostaddr, netmask,
pattern_addr & netmask, pattern_addr, netmask));
return (hostaddr & netmask) != (pattern_addr & netmask);
}
#endif /* USE_IPV6 */
/* return the access type for a given host entry (ksb)
*/
char
#if PROTOTYPES
AccType(struct in_addr *addr, char *hname)
#else
AccType(addr, hname)
struct in_addr *addr;
char *hname;
#endif
AccType(INADDR_STYPE *addr, char **peername)
{
char *pcName;
int len;
ACCESS *pACtmp;
socklen_t so;
char ret;
#if USE_IPV6
int error;
char host[NI_MAXHOST];
char ipaddr[NI_MAXHOST];
#else
struct hostent *he = (struct hostent *)0;
int a;
# if TRUST_REVERSE_DNS
char **revNames = (char **)0;
# endif
if (fDebug) {
if (hname)
Debug(1, "AccType(): hostname=%s, ip=%s", hname,
inet_ntoa(*addr));
else
Debug(1, "AccType(): hostname=<unresolvable>, ip=%s",
inet_ntoa(*addr));
CONDDEBUG((1, "AccType(): ip=%s", inet_ntoa(*addr)));
#endif /* USE_IPV6 */
ret = config->defaultaccess;
so = sizeof(*addr);
#if USE_IPV6
error =
getnameinfo((struct sockaddr *)addr, so, ipaddr, sizeof(ipaddr),
NULL, 0, NI_NUMERICHOST);
if (error) {
Error("AccType(): getnameinfo failed: %s", gai_strerror(error));
goto common_ret;
}
for (pACtmp = pACList; pACtmp != (ACCESS *) 0;
pACtmp = pACtmp->pACnext) {
Debug(1, "AccType(): who=%s, trust=%c", pACtmp->pcwho,
pACtmp->ctrust);
CONDDEBUG((1, "AccType(): ip=%s", ipaddr));
error =
getnameinfo((struct sockaddr *)addr, so, host, sizeof(host), NULL,
0, 0);
if (!error)
CONDDEBUG((1, "AccType(): host=%s", host));
for (pACtmp = pACList; pACtmp != (ACCESS *)0; pACtmp = pACtmp->pACnext) {
CONDDEBUG((1, "AccType(): who=%s, trust=%c", pACtmp->pcwho,
pACtmp->ctrust));
if (strstr(ipaddr, pACtmp->pcwho) != NULL) {
CONDDEBUG((1, "AccType(): match for ip=%s", ipaddr));
ret = pACtmp->ctrust;
goto common_ret;
}
if (!error && strstr(host, pACtmp->pcwho) != NULL) {
CONDDEBUG((1, "AccType(): match for host=%s", host));
ret = pACtmp->ctrust;
goto common_ret;
}
}
common_ret:
if (config->loghostnames == FLAGTRUE && !error)
*peername = StrDup(host);
#else
# if TRUST_REVERSE_DNS
/* if we trust reverse dns, we get the names associated with
* the address we're checking and then check each of those
* against the access list entries (below).
*/
if ((he =
gethostbyaddr((char *)addr, so,
AF_INET)) == (struct hostent *)0) {
Error("AccType(): gethostbyaddr(%s): %s", inet_ntoa(*addr),
hstrerror(h_errno));
} else {
char *hname;
if (he->h_name != (char *)0) {
/* count up the number of names */
for (a = 0, hname = he->h_aliases[a]; hname != (char *)0;
hname = he->h_aliases[++a]);
a += 2; /* h_name + (char *)0 */
/* now duplicate them */
if ((revNames =
(char **)calloc(a, sizeof(char *))) != (char **)0) {
for (hname = he->h_name, a = 0; hname != (char *)0;
hname = he->h_aliases[a++]) {
if ((revNames[a] = StrDup(hname)) == (char *)0)
break;
CONDDEBUG((1, "AccType(): revNames[%d]='%s'", a,
hname));
}
}
}
}
# endif
for (pACtmp = pACList; pACtmp != (ACCESS *)0; pACtmp = pACtmp->pACnext) {
CONDDEBUG((1, "AccType(): who=%s, trust=%c", pACtmp->pcwho,
pACtmp->ctrust));
if (pACtmp->isCIDR != 0) {
if (0 == AddrCmp(addr, pACtmp->pcwho)) {
return pACtmp->ctrust;
if (AddrCmp(addr, pACtmp->pcwho) == 0) {
ret = pACtmp->ctrust;
goto common_ret;
}
continue;
}
if (hname && hname[0] != '\000') {
pcName = hname;
len = strlen(pcName);
while (len >= pACtmp->ilen) {
Debug(1, "AccType(): name=%s", pcName);
if (0 == strcasecmp(pcName, pACtmp->pcwho)) {
return pACtmp->ctrust;
if ((he = gethostbyname(pACtmp->pcwho)) == (struct hostent *)0) {
Error("AccType(): gethostbyname(%s): %s", pACtmp->pcwho,
hstrerror(h_errno));
} else if (4 != he->h_length || AF_INET != he->h_addrtype) {
Error
("AccType(): gethostbyname(%s): wrong address size (4 != %d) or address family (%d != %d)",
pACtmp->pcwho, he->h_length, AF_INET, he->h_addrtype);
} else {
for (a = 0; he->h_addr_list[a] != (char *)0; a++) {
CONDDEBUG((1, "AccType(): addr=%s",
inet_ntoa(*(struct in_addr *)
(he->h_addr_list[a]))));
if (
# if HAVE_MEMCMP
memcmp(&(addr->s_addr), he->h_addr_list[a],
he->h_length)
# else
bcmp(&(addr->s_addr), he->h_addr_list[a],
he->h_length)
# endif
== 0) {
ret = pACtmp->ctrust;
goto common_ret;
}
pcName = strchr(pcName, '.');
if ((char *)0 == pcName) {
break;
}
++pcName;
len = strlen(pcName);
}
}
# if TRUST_REVERSE_DNS
/* we chop bits off client names so that we can put domain
* names in access lists or even top-level domains.
* allowed conserver.com, net;
* this allows anything from conserver.com and anything in
* the .net top-level. without TRUST_REVERSE_DNS, those names
* better map to ip addresses for them to take effect.
*/
if (revNames != (char **)0) {
char *pcName;
int wlen;
int len;
wlen = strlen(pACtmp->pcwho);
for (a = 0; revNames[a] != (char *)0; a++) {
for (pcName = revNames[a], len = strlen(pcName);
len >= wlen; len = strlen(++pcName)) {
CONDDEBUG((1, "AccType(): name=%s", pcName));
if (strcasecmp(pcName, pACtmp->pcwho) == 0) {
if (peername != (char **)0)
*peername = StrDup(revNames[a]);
ret = pACtmp->ctrust;
goto common_ret2;
}
pcName = strchr(pcName, '.');
if (pcName == (char *)0)
break;
}
}
}
# endif
}
return chDefAcc;
common_ret:
if (config->loghostnames == FLAGTRUE && peername != (char **)0) {
# if TRUST_REVERSE_DNS
if (revNames != (char **)0 && revNames[0] != (char *)0)
*peername = StrDup(revNames[0]);
# else
if ((he =
gethostbyaddr((char *)addr, so,
AF_INET)) != (struct hostent *)0) {
*peername = StrDup(he->h_name);
}
# endif
}
# if TRUST_REVERSE_DNS
common_ret2:
if (revNames != (char **)0) {
for (a = 0; revNames[a] != (char *)0; a++)
free(revNames[a]);
free(revNames);
}
# endif
#endif /* USE_IPV6 */
return ret;
}
void
#if PROTOTYPES
SetDefAccess(struct in_addr *pAddr, char *pHost)
SetDefAccess(
#if USE_IPV6
void
#else
SetDefAccess(pAddr, pHost)
struct in_addr *pAddr;
char *pHost;
struct in_addr *pAddr, char *pHost
#endif
)
{
char *pcWho, *pcDomain;
int iLen;
char *addr;
ACCESS *a;
#if USE_IPV6
int error;
char addr[NI_MAXHOST];
struct ifaddrs *myAddrs, *ifa;
#endif /* USE_IPV6 */
addr = inet_ntoa(*pAddr);
iLen = strlen(addr);
if ((ACCESS *) 0 == (pACList = (ACCESS *) calloc(1, sizeof(ACCESS)))) {
OutOfMem();
while (pACList != (ACCESS *)0) {
a = pACList->pACnext;
DestroyAccessList(pACList);
pACList = a;
}
if ((char *)0 == (pcWho = malloc(iLen + 1))) {
OutOfMem();
}
pACList->ctrust = 'a';
pACList->ilen = iLen;
pACList->pcwho = strcpy(pcWho, addr);
Debug(1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
pACList->pcwho);
if ((char *)0 == (pcDomain = strchr(pHost, '.'))) {
#if USE_IPV6
/* get list of all addresses on system */
error = getifaddrs(&myAddrs);
if (error) {
Error("SetDefAccess(): getifaddrs: %s", strerror(errno));
return;
}
++pcDomain;
iLen = strlen(pcDomain);
if ((ACCESS *) 0 ==
(pACList->pACnext = (ACCESS *) calloc(1, sizeof(ACCESS)))) {
OutOfMem();
for (ifa = myAddrs; ifa != NULL; ifa = ifa->ifa_next) {
/* skip interfaces without address or in down state */
if (ifa->ifa_addr == NULL || !(ifa->ifa_flags & IFF_UP))
continue;
error =
getnameinfo(ifa->ifa_addr, sizeof(struct sockaddr_storage),
addr, sizeof(addr), NULL, 0, NI_NUMERICHOST);
if (error)
continue;
if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
OutOfMem();
if ((a->pcwho = StrDup(addr)) == (char *)0)
OutOfMem();
a->ctrust = 'a';
a->pACnext = pACList;
pACList = a;
CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
pACList->pcwho));
}
if ((char *)0 == (pcWho = malloc(iLen + 1))) {
freeifaddrs(myAddrs);
#elif USE_UNIX_DOMAIN_SOCKETS
if ((pACList = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
OutOfMem();
}
pACList->pACnext->ctrust = 'a';
pACList->pACnext->ilen = iLen;
pACList->pACnext->pcwho = strcpy(pcWho, pcDomain);
Debug(1, "SetDefAccess(): trust=%c, who=%s", pACList->pACnext->ctrust,
pACList->pACnext->pcwho);
}
/* thread ther list of uniq console server machines, aliases for (ksb)
* machines will screw us up
*/
REMOTE *
#if PROTOTYPES
FindUniq(REMOTE * pRCAll)
if ((pACList->pcwho = StrDup("127.0.0.1")) == (char *)0)
OutOfMem();
pACList->ctrust = 'a';
CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
pACList->pcwho));
#else
FindUniq(pRCAll)
REMOTE *pRCAll;
while (pAddr->s_addr != (in_addr_t) 0) {
char *addr;
addr = inet_ntoa(*pAddr);
if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
OutOfMem();
if ((a->pcwho = StrDup(addr)) == (char *)0)
OutOfMem();
a->ctrust = 'a';
a->pACnext = pACList;
pACList = a;
CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
pACList->pcwho));
pAddr++;
}
#endif
{
REMOTE *pRC;
/* INV: tail of the list we are building always contains only
* uniq hosts, or the empty list.
*/
if ((REMOTE *) 0 == pRCAll) {
return (REMOTE *) 0;
}
pRCAll->pRCuniq = FindUniq(pRCAll->pRCnext);
/* if it is in the returned list of uniq hosts, return that list
* else add us by returning our node
*/
for (pRC = pRCAll->pRCuniq; (REMOTE *) 0 != pRC; pRC = pRC->pRCuniq) {
if (0 == strcasecmp(pRC->rhost.string, pRCAll->rhost.string)) {
return pRCAll->pRCuniq;
}
}
return pRCAll;
}
void
#if PROTOTYPES
DestroyRemoteConsole(REMOTE * pRCList)
#else
DestroyRemoteConsole(pRCList)
REMOTE *pRCList;
#endif
{
DestroyString(&pRCList->rserver);
DestroyString(&pRCList->rhost);
free(pRCList);
}
void
#if PROTOTYPES
DestroyAccessList(ACCESS * pACList)
#else
DestroyAccessList(pACList)
ACCESS *pACList;
#endif
DestroyAccessList(ACCESS *pACList)
{
if (pACList == (ACCESS *)0)
return;
if (pACList->pcwho != (char *)0)
free(pACList->pcwho);
free(pACList);

24
conserver/access.h
View File

@ -1,5 +1,5 @@
/*
* $Id: access.h,v 5.22 2003-03-06 10:13:41-08 bryan Exp $
* $Id: access.h,v 5.27 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -39,21 +39,17 @@
typedef struct access {
char ctrust; /* how much do we trust the host */
int ilen; /* length (strlen) of pcwho */
char *pcwho; /* what is the hosts name/ip number */
int isCIDR; /* is this a CIDR addr (or hostname?) */
struct access *pACnext; /* next access list */
} ACCESS;
typedef struct remote { /* console at another host */
struct remote *pRCnext; /* next remote console we know about */
struct remote *pRCuniq; /* list of uniq remote servers */
STRING rserver; /* remote server name */
STRING rhost; /* remote host to call to get it */
} REMOTE;
extern REMOTE *FindUniq PARAMS((REMOTE *));
extern char AccType PARAMS((struct in_addr *, char *));
extern void SetDefAccess PARAMS((struct in_addr *, char *));
extern void DestroyRemoteConsole PARAMS((REMOTE *));
extern void DestroyAccessList PARAMS((ACCESS *));
extern char AccType(INADDR_STYPE *, char **);
extern void SetDefAccess(
#if USE_IPV6
void
#else
struct in_addr *, char *
#endif
);
extern void DestroyAccessList(ACCESS *);

627
conserver/client.c
View File

@ -1,5 +1,5 @@
/*
* $Id: client.c,v 5.60 2003-03-17 08:38:40-08 bryan Exp $
* $Id: client.c,v 5.98 2015/06/02 17:19:31 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -34,230 +34,196 @@
* 4. This notice may not be removed or altered.
*/
#include <config.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <ctype.h>
#include <signal.h>
#include <pwd.h>
#include <compat.h>
#include <util.h>
#include <cutil.h>
#include <consent.h>
#include <access.h>
#include <client.h>
#include <group.h>
#include <readcfg.h>
#if USE_IPV6
# include <sys/socket.h>
# include <netdb.h>
#endif /* USE_IPV6 */
#if defined(USE_LIBWRAP)
# include <syslog.h>
# include <tcpd.h>
int allow_severity = LOG_INFO;
int deny_severity = LOG_WARNING;
#endif
/* find the next guy who wants to write on the console (ksb)
*/
CONSCLIENT *
#if PROTOTYPES
FindWrite(CONSCLIENT * pCL)
#else
FindWrite(pCL)
CONSCLIENT *pCL;
#endif
void
FindWrite(CONSENT *pCE)
{
/* return the first guy to have the `want write' bit set
* (tell him of the promotion, too) we could look for the
* most recent or some such... I guess it doesn't matter that
* much.
CONSCLIENT *pCLfound = (CONSCLIENT *)0;
CONSCLIENT *pCL;
/* make the first guy (last on the list) to have the `want write' bit set
* the writer (tell him of the promotion, too) we could look for the most
* recent or some such... I guess it doesn't matter that much.
*/
for ( /*passed in */ ; (CONSCLIENT *) 0 != pCL; pCL = pCL->pCLnext) {
if (!pCL->fwantwr)
continue;
if (!pCL->pCEto->fup || pCL->pCEto->fronly)
break;
pCL->fwantwr = 0;
pCL->fwr = 1;
if (pCL->pCEto->nolog) {
FileWrite(pCL->fd, "\r\n[attached (nologging)]\r\n", -1);
} else {
FileWrite(pCL->fd, "\r\n[attached]\r\n", -1);
}
TagLogfileAct(pCL->pCEto, "%s attached", pCL->acid.string);
return pCL;
if (pCE->pCLwr != (CONSCLIENT *)0 || pCE->fronly)
return;
for (pCL = pCE->pCLon; (CONSCLIENT *)0 != pCL; pCL = pCL->pCLnext) {
if (pCL->fwantwr && !pCL->fro)
pCLfound = pCL;
}
if (pCLfound != (CONSCLIENT *)0) {
pCLfound->fwantwr = 0;
pCLfound->fwr = 1;
if (pCE->nolog) {
FileWrite(pCLfound->fd, FLAGFALSE,
"\r\n[attached (nologging)]\r\n", -1);
} else {
FileWrite(pCLfound->fd, FLAGFALSE, "\r\n[attached]\r\n", -1);
}
TagLogfileAct(pCE, "%s attached", pCLfound->acid->string);
pCE->pCLwr = pCLfound;
}
return (CONSCLIENT *) 0;
}
/* replay last iBack lines of the log file upon connect to console (ksb)
void
BumpClient(CONSENT *pCE, char *message)
{
if ((CONSCLIENT *)0 == pCE->pCLwr)
return;
if ((char *)0 != message)
FileWrite(pCE->pCLwr->fd, FLAGFALSE, message, -1);
pCE->pCLwr->fwantwr = 0;
pCE->pCLwr->fwr = 0;
pCE->pCLwr = (CONSCLIENT *)0;
}
/* replay last 'back' lines of the log file upon connect to console (ksb)
*
* NB: we know the console might be spewing when the replay happens,
* we want to just output what is in the log file and get out,
* so we don't drop chars...
*/
void
#if PROTOTYPES
Replay(CONSFILE * fdLog, CONSFILE * fdOut, int iBack)
#else
Replay(fdLog, fdOut, iBack)
CONSFILE *fdLog;
CONSFILE *fdOut;
int iBack;
#endif
{
#define REPLAYBUFFER 4096
void
Replay(CONSENT *pCE, CONSFILE *fdOut, unsigned short back)
{
CONSFILE *fdLog = (CONSFILE *)0;
STRING *line = (STRING *)0;
off_t file_pos;
off_t buf_pos;
char *buf;
char *buf = (char *)0;
char *bp = (char *)0;
char *s;
int r;
int ch;
struct stat stLog;
struct lines {
int is_mark;
STRING line;
STRING mark_end;
} *lines;
int n_lines;
int ln;
int i;
int j;
int u;
int is_mark;
char dummy[4];
int was_mark = 0;
#if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
unsigned long dmallocMarkReplay = 0;
#endif
if ((CONSFILE *) 0 == fdLog) {
FileWrite(fdOut, "[no log file on this console]\r\n", -1);
return;
}
if (pCE != (CONSENT *)0 && pCE->logfile != (char *)0)
fdLog = FileOpen(pCE->logfile, O_RDONLY, 0644);
/* find the size of the file
*/
if (0 != FileStat(fdLog, &stLog)) {
if (fdLog == (CONSFILE *)0) {
FileWrite(fdOut, FLAGFALSE, "[no log file on this console]\r\n",
-1);
return;
}
#if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
dmallocMarkReplay = dmalloc_mark();
#endif
file_pos = stLog.st_size - 1;
/* find the size of the file
*/
if (0 != FileStat(fdLog, &stLog))
goto common_exit;
file_pos = stLog.st_size - 1; /* point at last byte */
buf_pos = file_pos + 1;
/* get space for the line information and initialize it
*
* we allocate room for one more line than requested to be able to
* do the mark ranges
*/
if ((char *)0 == (buf = malloc(BUFSIZ))) {
if ((char *)0 == (buf = malloc(REPLAYBUFFER)))
OutOfMem();
}
n_lines = iBack + 1;
lines = (struct lines *)calloc(n_lines, sizeof(*lines));
if ((struct lines *)0 == lines) {
OutOfMem();
}
ln = -1;
bp = buf + 1; /* just give it something - it resets below */
line = AllocString();
/* loop as long as there is data in the file or we have not found
* the requested number of lines
*/
while (file_pos >= 0) {
ln = -1;
for (; file_pos >= 0; file_pos--, bp--) {
if (file_pos < buf_pos) {
int r;
/* read one buffer worth of data a buffer boundary
*
* the first read will probably not get a full buffer but
* the rest (as we work our way back in the file) should be
*/
buf_pos = (file_pos / BUFSIZ) * BUFSIZ;
#if defined(SEEK_SET)
/* PTX and maybe other Posix systems
*/
buf_pos = (file_pos / REPLAYBUFFER) * REPLAYBUFFER;
if (FileSeek(fdLog, buf_pos, SEEK_SET) < 0) {
goto common_exit;
}
#else
if (FileSeek(fdLog, buf_pos, L_SET) < 0) {
if ((r = FileRead(fdLog, buf, REPLAYBUFFER)) < 0) {
goto common_exit;
}
#endif
if ((r = FileRead(fdLog, buf, BUFSIZ)) <= 0) {
goto common_exit;
}
bp = buf + r;
bp = buf + r - 1;
}
/* process the next character
*/
--file_pos;
if ((ch = *--bp) == '\n') {
if ((ch = *bp) == '\n') {
if (ln >= 0) {
int i;
int u;
int is_mark = 0;
/* reverse the text to put it in forward order
*/
u = lines[ln].line.used - 1;
u = line->used - 1;
for (i = 0; i < u / 2; i++) {
int temp;
temp = lines[ln].line.string[i];
lines[ln].line.string[i]
= lines[ln].line.string[u - i - 1];
lines[ln].line.string[u - i - 1] = temp;
temp = line->string[i];
line->string[i] = line->string[u - i - 1];
line->string[u - i - 1] = temp;
}
/* see if this line is a MARK
*/
if (lines[ln].line.used > 0 &&
lines[ln].line.string[0] == '[') {
i = sscanf(lines[ln].line.string + 1,
if (line->used > 0 && line->string[0] == '[') {
char dummy[4];
int j;
i = sscanf(line->string + 1,
"-- MARK -- %3c %3c %d %d:%d:%d %d]\r\n",
dummy, dummy, &j, &j, &j, &j, &j);
is_mark = (i == 7);
} else {
is_mark = 0;
}
/* process this line
*/
if (is_mark && ln > 0 && lines[ln - 1].is_mark) {
if (is_mark && was_mark) {
/* this is a mark and the previous line is also
* a mark, so make (or continue) that range
* a mark, so reduce the line count 'cause it'll
* go up by one and we're joining them on output.
*/
if (0 == lines[ln - 1].mark_end.allocated) {
/* this is a new range - shuffle pointers
*
* remember that we are moving backward
*/
lines[ln - 1].mark_end = lines[ln - 1].line;
lines[ln - 1].line.string = (char *)0;
lines[ln - 1].line.used = 0;
lines[ln - 1].line.allocated = 0;
}
/* if unallocated, cheat and shuffle pointers */
if (0 == lines[ln - 1].line.allocated) {
lines[ln - 1].line = lines[ln].line;
lines[ln].line.string = (char *)0;
lines[ln].line.used = 0;
lines[ln].line.allocated = 0;
} else {
BuildString((char *)0, &lines[ln - 1].line);
BuildString(lines[ln].line.string,
&lines[ln - 1].line);
BuildString((char *)0, &lines[ln].line);
}
ln--;
}
lines[ln].is_mark = is_mark;
was_mark = is_mark;
}
/* advance to the next line and break if we have enough
*/
ln++;
if (ln >= n_lines - 1) {
BuildString((char *)0, line);
if (ln >= back) {
break;
}
}
@ -268,86 +234,124 @@ Replay(fdLog, fdOut, iBack)
if (ln < 0) {
ln = 0;
}
BuildStringChar(ch, &lines[ln].line);
BuildStringChar(ch, line);
/* if we've processed "a lot" of data for a line, then bail
* why? there must be some very long non-newline terminated
* strings and if we just keep going back, we could spew lots
* of data and chew up lots of memory
*/
if (lines[ln].line.used > MAXREPLAYLINELEN) {
if (line->used > MAXREPLAYLINELEN) {
break;
}
}
free(buf);
buf = (char *)0;
/* if we got back to beginning of file but saw some data, include it
/* move forward. either we hit the beginning of the file and we
* move to the first byte, or we hit a \n and we move past it
*/
if (ln >= 0 && lines[ln].line.used > 0) {
file_pos++;
/* reverse the text to put it in forward order
*/
u = lines[ln].line.used - 1;
for (i = 0; i < u / 2; i++) {
int temp;
/* Now output the lines, starting from where we stopped */
if (FileSeek(fdLog, file_pos, SEEK_SET) >= 0) {
int eof = 0;
int i = 0;
int r = 0;
STRING *mark_beg = (STRING *)0;
STRING *mark_end = (STRING *)0;
temp = lines[ln].line.string[i];
lines[ln].line.string[i]
= lines[ln].line.string[u - i - 1];
lines[ln].line.string[u - i - 1] = temp;
mark_beg = AllocString();
mark_end = AllocString();
ln = 0; /* number of lines output */
BuildString((char *)0, line);
while (ln < back && !eof) {
if (r <= 0) {
if ((r = FileRead(fdLog, buf, REPLAYBUFFER)) < 0)
eof = 1;
i = 0;
}
if (!eof)
BuildStringChar(buf[i], line);
if (buf[i] == '\n' || eof) {
int is_mark = 0;
if (line->used > 0 && line->string[0] == '[') {
char dummy[4];
int j;
int i;
i = sscanf(line->string + 1,
"-- MARK -- %3c %3c %d %d:%d:%d %d]\r\n",
dummy, dummy, &j, &j, &j, &j, &j);
is_mark = (i == 7);
}
if (is_mark) {
if (mark_beg->used > 1) {
BuildString((char *)0, mark_end);
BuildString(line->string, mark_end);
} else
BuildString(line->string, mark_beg);
} else {
if (mark_beg->used > 1) {
if (mark_end->used > 1) {
char *s;
/* output the start of the range, stopping at the ']' */
s = strrchr(mark_beg->string, ']');
if ((char *)0 != s)
*s = '\000';
FileWrite(fdOut, FLAGTRUE, mark_beg->string,
-1);
FileWrite(fdOut, FLAGTRUE, " .. ", 4);
/* build the end string by removing the leading "[-- MARK -- "
* and replacing "]\r\n" on the end with " -- MARK --]\r\n"
*/
s = strrchr(mark_end->string, ']');
if ((char *)0 != s)
*s = '\000';
FileWrite(fdOut, FLAGTRUE,
mark_end->string +
sizeof("[-- MARK -- ") - 1, -1);
FileWrite(fdOut, FLAGFALSE, " -- MARK --]\r\n",
-1);
} else {
FileWrite(fdOut, FLAGFALSE, mark_beg->string,
mark_beg->used - 1);
}
BuildString((char *)0, mark_beg);
BuildString((char *)0, mark_end);
ln++;
if (ln >= back)
break;
}
FileWrite(fdOut, FLAGFALSE, line->string,
line->used - 1);
ln++;
}
BuildString((char *)0, line);
}
/* move the counters */
i++;
r--;
}
ln++;
}
/* copy the lines into the buffer and put them in order
*/
for (i = ln - 1; i >= 0; i--) {
if (lines[i].is_mark && 0 != lines[i].mark_end.used) {
int mark_len;
/* output the start of the range, stopping at the ']'
*/
s = strrchr(lines[i].line.string, ']');
if ((char *)0 != s) {
*s = '\000';
}
FileWrite(fdOut, lines[i].line.string, -1);
FileWrite(fdOut, " .. ", -1);
/* build the end string by removing the leading "[-- MARK -- "
* and replacing "]\r\n" on the end with " -- MARK --]\r\n"
*/
mark_len = sizeof("[-- MARK -- ") - 1;
s = strrchr(lines[i].mark_end.string + mark_len, ']');
if ((char *)0 != s) {
*s = '\000';
}
FileWrite(fdOut, lines[i].mark_end.string + mark_len, -1);
FileWrite(fdOut, " -- MARK --]\r\n", -1);
u = lines[i].mark_end.used;
s = lines[i].mark_end.string;
} else
FileWrite(fdOut, lines[i].line.string, -1);
DestroyString(mark_end);
DestroyString(mark_beg);
}
common_exit:
if ((struct lines *)0 != lines) {
for (i = 0; i < n_lines; i++) {
DestroyString(&lines[i].mark_end);
DestroyString(&lines[i].line);
}
free(lines);
lines = (struct lines *)0;
}
if ((char *)0 != buf) {
if (line != (STRING *)0)
DestroyString(line);
if (buf != (char *)0)
free(buf);
buf = (char *)0;
}
if (fdLog != (CONSFILE *)0)
FileClose(&fdLog);
#if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
Debug(1, "Replay(): dmalloc / MarkReplay");
CONDDEBUG((1, "Replay(): dmalloc / MarkReplay"));
dmalloc_log_changed(dmallocMarkReplay, 1, 0, 1);
#endif
}
@ -357,9 +361,9 @@ Replay(fdLog, fdOut, iBack)
*/
#define WHEN_SPY 0x01
#define WHEN_ATTACH 0x02
#define WHEN_VT100 0x04
#define WHEN_EXPERT 0x08 /* ZZZ no way to set his yet */
#define WHEN_EXPERT 0x04 /* ZZZ no way to set his yet */
#define WHEN_ALWAYS 0x40
#define IS_LIMITED 0x100
#define HALFLINE 40
@ -369,104 +373,219 @@ typedef struct HLnode {
} HELP;
static HELP aHLTable[] = {
{WHEN_ALWAYS, ". disconnect"},
{WHEN_ALWAYS, "a attach read/write"},
{WHEN_ALWAYS, "b send broadcast message"},
{WHEN_ATTACH, "c toggle flow control"},
{WHEN_ATTACH, "d down a console"},
{WHEN_ALWAYS, "e change escape sequence"},
{WHEN_ALWAYS, "f force attach read/write"},
{WHEN_ALWAYS, "g group info"},
{WHEN_ALWAYS, "i information dump"},
{WHEN_ATTACH, "L toggle logging on/off"},
{WHEN_ATTACH, "l? break sequence list"},
{WHEN_ATTACH, "l0 send break per config file"},
{WHEN_ATTACH, "l1-9 send specific break sequence"},
{WHEN_ALWAYS, "o (re)open the tty and log file"},
{WHEN_ALWAYS, "p replay the last 60 lines"},
{WHEN_ALWAYS, "r replay the last 20 lines"},
{WHEN_ATTACH, "s spy read only"},
{WHEN_ALWAYS, "u show host status"},
{WHEN_ALWAYS, "v show version info"},
{WHEN_ALWAYS, "w who is on this console"},
{WHEN_ALWAYS, "x show console baud info"},
{WHEN_ALWAYS, "z suspend the connection"},
{WHEN_ALWAYS, "<cr> ignore/abort command"},
{WHEN_ALWAYS, "? print this message"},
{WHEN_ALWAYS, "^R replay the last line"},
{WHEN_ATTACH, "\\ooo send character by octal code"},
{WHEN_EXPERT, "^I toggle tab expansion"},
{WHEN_EXPERT, "; change to another console"},
{WHEN_EXPERT, "+(-) do (not) drop line"},
{WHEN_VT100, "PF1 print this message"},
{WHEN_VT100, "PF2 disconnect"},
{WHEN_VT100, "PF3 replay the last 20 lines"},
{WHEN_VT100, "PF4 spy read only"}
{WHEN_ALWAYS, ". disconnect"},
{WHEN_ALWAYS | IS_LIMITED, "; move to another console"},
{WHEN_ALWAYS, "a attach read/write"},
{WHEN_ALWAYS, "b send broadcast message"},
{WHEN_ATTACH, "c toggle flow control"},
{WHEN_ATTACH, "d down a console"},
{WHEN_ALWAYS, "e change escape sequence"},
{WHEN_ALWAYS, "f force attach read/write"},
{WHEN_ALWAYS, "g group info"},
{WHEN_ALWAYS, "i information dump"},
{WHEN_ATTACH, "L toggle logging on/off"},
{WHEN_ATTACH, "l? break sequence list"},
{WHEN_ATTACH, "l0 send break per config file"},
{WHEN_ATTACH, "l1-9a-z send specific break sequence"},
{WHEN_ALWAYS, "m display message of the day"},
{WHEN_ALWAYS, "n write a note to the logfile"},
{WHEN_ALWAYS, "o (re)open the tty and log file"},
{WHEN_ALWAYS, "p playback the last %hu lines"},
{WHEN_ALWAYS, "P set number of playback lines"},
{WHEN_ALWAYS, "r replay the last %hu lines"},
{WHEN_ALWAYS, "R set number of replay lines"},
{WHEN_ATTACH, "s spy mode (read only)"},
{WHEN_ALWAYS, "u show host status"},
{WHEN_ALWAYS, "v show version info"},
{WHEN_ALWAYS, "w who is on this console"},
{WHEN_ALWAYS, "x show console baud info"},
{WHEN_ALWAYS | IS_LIMITED, "z suspend the connection"},
{WHEN_ATTACH, "! invoke task"},
{WHEN_ATTACH | IS_LIMITED, "| attach local command"},
{WHEN_ALWAYS, "? print this message"},
{WHEN_ALWAYS, "<cr> ignore/abort command"},
{WHEN_ALWAYS, "^R replay the last line"},
{WHEN_ATTACH, "\\ooo send character by octal code"},
};
/* list the commands we know for the user (ksb)
*/
void
#if PROTOTYPES
HelpUser(CONSCLIENT * pCL)
#else
HelpUser(pCL)
CONSCLIENT *pCL;
#endif
HelpUser(CONSCLIENT *pCL)
{
int i, j, iCmp;
static char
acH1[] = "help]\r\n", acH2[] = "help spy mode]\r\n", acEoln[] =
"\r\n";
static STRING *acLine = (STRING *) 0;
static STRING *acLine = (STRING *)0;
if (acLine == (STRING *) 0)
if (acLine == (STRING *)0)
acLine = AllocString();
iCmp = WHEN_ALWAYS | WHEN_SPY;
if (pCL->fwr) {
FileWrite(pCL->fd, acH1, sizeof(acH1) - 1);
FileWrite(pCL->fd, FLAGTRUE, acH1, sizeof(acH1) - 1);
iCmp |= WHEN_ATTACH;
} else {
FileWrite(pCL->fd, acH2, sizeof(acH2) - 1);
}
if ('\033' == pCL->ic[0] && 'O' == pCL->ic[1]) {
iCmp |= WHEN_VT100;
FileWrite(pCL->fd, FLAGTRUE, acH2, sizeof(acH2) - 1);
}
BuildString((char *)0, acLine);
for (i = 0; i < sizeof(aHLTable) / sizeof(HELP); ++i) {
if (0 == (aHLTable[i].iwhen & iCmp)) {
char *text;
if (aHLTable[i].iwhen & IS_LIMITED &&
ConsentUserOk(pLUList, pCL->username->string) == 1)
continue;
if (0 == (aHLTable[i].iwhen & iCmp))
continue;
text = aHLTable[i].actext;
if (text[0] == 'p') {
BuildTmpString((char *)0);
text = BuildTmpStringPrint(text, pCL->playback);
} else if (text[0] == 'r') {
BuildTmpString((char *)0);
text = BuildTmpStringPrint(text, pCL->replay);
}
if (acLine->used != 0) { /* second part of line */
if (strlen(aHLTable[i].actext) < HALFLINE) {
if (strlen(text) < HALFLINE) {
for (j = acLine->used; j <= HALFLINE; ++j) {
BuildStringChar(' ', acLine);
}
BuildString(aHLTable[i].actext, acLine);
BuildString(text, acLine);
BuildString(acEoln, acLine);
FileWrite(pCL->fd, acLine->string, -1);
FileWrite(pCL->fd, FLAGTRUE, acLine->string,
acLine->used - 1);
BuildString((char *)0, acLine);
continue;
} else {
BuildString(acEoln, acLine);
FileWrite(pCL->fd, acLine->string, -1);
FileWrite(pCL->fd, FLAGTRUE, acLine->string,
acLine->used - 1);
BuildString((char *)0, acLine);
}
}
if (acLine->used == 0) { /* at new line */
BuildStringChar(' ', acLine);
BuildString(aHLTable[i].actext, acLine);
BuildString(text, acLine);
if (acLine->used > HALFLINE) {
BuildString(acEoln, acLine);
FileWrite(pCL->fd, acLine->string, -1);
FileWrite(pCL->fd, FLAGTRUE, acLine->string,
acLine->used - 1);
BuildString((char *)0, acLine);
}
}
}
if (acLine->used != 0) {
BuildString(acEoln, acLine);
FileWrite(pCL->fd, acLine->string, -1);
FileWrite(pCL->fd, FLAGTRUE, acLine->string, acLine->used - 1);
}
FileWrite(pCL->fd, FLAGFALSE, (char *)0, 0);
}
int
ClientAccessOk(CONSCLIENT *pCL)
{
char *peername = (char *)0;
int retval = 1;
#if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
socklen_t so;
int cfd;
# if USE_IPV6
int error;
char addr[NI_MAXHOST];
# endif
SOCKADDR_STYPE in_port;
int getpeer = -1;
cfd = FileFDNum(pCL->fd);
pCL->caccess = 'r';
# if defined(USE_LIBWRAP)
{
struct request_info request;
CONDDEBUG((1, "ClientAccessOk(): doing tcpwrappers check"));
request_init(&request, RQ_DAEMON, progname, RQ_FILE, cfd, 0);
fromhost(&request);
if (!hosts_access(&request)) {
FileWrite(pCL->fd, FLAGFALSE,
"access from your host refused\r\n", -1);
retval = 0;
goto setpeer;
}
}
# endif
so = sizeof(in_port);
if (-1 ==
(getpeer = getpeername(cfd, (struct sockaddr *)&in_port, &so))) {
FileWrite(pCL->fd, FLAGFALSE, "getpeername failed\r\n", -1);
retval = 0;
goto setpeer;
}
pCL->caccess = AccType(
# if USE_IPV6
&in_port,
# else
&in_port.sin_addr,
# endif
&peername);
if (pCL->caccess == 'r') {
FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
-1);
retval = 0;
}
setpeer:
#else
struct in_addr addr;
# if HAVE_INET_ATON
inet_aton("127.0.0.1", &addr);
# else
addr.s_addr = inet_addr("127.0.0.1");
# endif
pCL->caccess = AccType(&addr, &peername);
if (pCL->caccess == 'r') {
FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
-1);
retval = 0;
}
#endif
if (pCL->peername != (STRING *)0) {
BuildString((char *)0, pCL->peername);
if (peername != (char *)0)
BuildString(peername, pCL->peername);
#if USE_IPV6
else if (getpeer != -1) {
error =
getnameinfo((struct sockaddr *)&in_port, so, addr,
sizeof(addr), NULL, 0, NI_NUMERICHOST);
if (error) {
FileWrite(pCL->fd, FLAGFALSE, "getnameinfo failed\r\n",
-1);
Error("ClientAccessOk(): gatenameinfo: %s",
gai_strerror(error));
retval = 0;
}
BuildString(addr, pCL->peername);
} else
BuildString("<unknown>", pCL->peername);
#elif USE_UNIX_DOMAIN_SOCKETS
else
BuildString("127.0.0.1", pCL->peername);
#else
else if (getpeer != -1)
BuildString(inet_ntoa(in_port.sin_addr), pCL->peername);
else
BuildString("<unknown>", pCL->peername);
#endif
}
if (peername != (char *)0)
free(peername);
return retval;
}

65
conserver/client.h
View File

@ -1,5 +1,5 @@
/*
* $Id: client.h,v 5.27 2003-03-06 10:13:41-08 bryan Exp $
* $Id: client.h,v 5.45 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -35,32 +35,42 @@
*/
/* states for a server fsm
*/
#define S_NORMAL 0 /* just pass character */
#define S_ESC1 1 /* first escape character received */
#define S_CMD 2 /* second interrupt character received */
#define S_CATTN 3 /* change 1 escape character to next input char */
#define S_CESC 4 /* change 2 escape character to next input char */
#define S_HALT1 5 /* we have a halt sequence in progress */
#define S_SUSP 6 /* we are suspened, first char wakes us up */
#define S_IDENT 7 /* probational connection (who is this) */
#define S_HOST 8 /* still needs a host name to connect */
#define S_PASSWD 9 /* still needs a passwd to connect */
#define S_QUOTE 10 /* send any character we can spell */
#define S_BCAST 11 /* send a broadcast message to all connections */
typedef enum clientState {
S_NORMAL, /* just pass character */
S_ESC1, /* first escape character received */
S_CMD, /* second interrupt character received */
S_CATTN, /* change 1 escape char to next input char */
S_CESC, /* change 2 escape char to next input char */
S_HALT1, /* we have a halt sequence in progress */
S_SUSP, /* we are suspened, first char wakes us up */
S_IDENT, /* probational connection (who is this) */
S_PASSWD, /* still needs a passwd to connect */
S_QUOTE, /* send any character we can spell */
S_BCAST, /* send a broadcast message to all clients */
S_CWAIT, /* wait for client */
S_CEXEC, /* client execing a program */
S_REPLAY, /* set replay length for 'r' */
S_PLAYBACK, /* set replay length for 'p' */
S_NOTE, /* send a note to the logfile */
S_TASK, /* invoke a task on the server side */
S_CONFIRM /* confirm input */
} CLIENTSTATE;
typedef struct client { /* Connection Information: */
CONSFILE *fd; /* file descriptor */
short fcon; /* currently connect or not */
short fwr; /* (client) write enable flag */
short fwantwr; /* (client) wants to write */
short fro; /* read-only permission */
short fecho; /* echo commands (not set by machines) */
STRING acid; /* login and location of client */
STRING peername; /* location of client */
short fiwait; /* client wanting for console init */
STRING *acid; /* login and location of client */
STRING *peername; /* location of client */
STRING *username; /* login of client */
time_t tym; /* time of connect */
time_t typetym; /* time of last keystroke */
char actym[32]; /* pre-formatted time */
struct consent
*pCEwant, /* what machine we would like to be on */
*pCEto; /* host a client gets output from */
struct client
**ppCLbscan, /* back link for scan ptr */
@ -70,14 +80,21 @@ typedef struct client { /* Connection Information: */
*pCLnext; /* next person on this list */
/* next lists link clients on a console */
char ic[2]; /* two character escape sequence */
char iState; /* state for fsm in server */
unsigned short replay; /* lines to replay for 'r' */
unsigned short playback; /* lines to replay for 'p' */
CLIENTSTATE iState; /* state for fsm in server */
char caccess; /* did we trust the remote machine */
STRING accmd; /* the command the user issued */
STRING msg; /* the broadcast message */
struct sockaddr_in
cnct_port; /* where from */
IOSTATE ioState; /* state of the socket */
time_t stateTimer; /* timer for various ioState states */
STRING *accmd; /* the command the user issued */
INADDR_STYPE cnct_port; /* where from */
FLAG confirmed; /* confirm state */
CLIENTSTATE cState; /* state needing confirmation */
char cOption; /* option initiating the confirmation */
} CONSCLIENT;
extern void Replay PARAMS((CONSFILE *, CONSFILE *, int));
extern void HelpUser PARAMS((CONSCLIENT *));
extern CONSCLIENT *FindWrite PARAMS((CONSCLIENT *));
extern void Replay(CONSENT *, CONSFILE *, unsigned short);
extern void HelpUser(CONSCLIENT *);
extern void FindWrite(CONSENT *);
extern int ClientAccessOk(CONSCLIENT *);
extern void BumpClient(CONSENT *, char *);

1810
conserver/consent.c
View File

File diff suppressed because it is too large Load Diff

202
conserver/consent.h
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.h,v 5.36 2003-03-17 08:54:53-08 bryan Exp $
* $Id: consent.h,v 5.76 2015/06/02 17:19:31 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -46,60 +46,176 @@ typedef struct baud { /* a baud rate table */
} BAUD;
typedef struct parity { /* a parity bits table */
char ckey;
char *key;
int iset;
int iclr;
} PARITY;
typedef enum consType {
UNKNOWNTYPE = 0,
DEVICE,
EXEC,
HOST,
NOOP,
UDS,
#if HAVE_FREEIPMI
IPMI,
#endif
} CONSTYPE;
#if HAVE_FREEIPMI
# define IPMIL_UNKNOWN (0)
# define IPMIL_USER (IPMICONSOLE_PRIVILEGE_USER+1)
# define IPMIL_OPERATOR (IPMICONSOLE_PRIVILEGE_OPERATOR+1)
# define IPMIL_ADMIN (IPMICONSOLE_PRIVILEGE_ADMIN+1)
#endif
typedef struct names {
char *name;
struct names *next;
} NAMES;
typedef struct consentUsers {
NAMES *user;
short not;
struct consentUsers *next;
} CONSENTUSERS;
/* we calloc() these things, so we're trying to make everything be
* "empty" when it's got a zero value
*/
typedef struct consent { /* console information */
STRING server; /* server name */
STRING dfile; /* device file */
STRING lfile; /* log file */
BAUD *pbaud; /* the baud on this console port */
PARITY *pparity; /* the parity on this line */
/*** config file settings ***/
char *server; /* server name */
CONSTYPE type; /* console type */
NAMES *aliases; /* aliases for server name */
/* type == DEVICE */
char *device; /* device file */
char *devicesubst; /* device substitution pattern */
BAUD *baud; /* the baud on this console port */
PARITY *parity; /* the parity on this line */
FLAG hupcl; /* use HUPCL */
FLAG cstopb; /* use two stop bits */
FLAG ixon; /* XON/XOFF flow control on output */
FLAG ixany; /* any character to restart output */
FLAG ixoff; /* XON/XOFF flow control on input */
#if defined(CRTSCTS)
FLAG crtscts; /* use hardware flow control */
#endif
#if HAVE_FREEIPMI
/* type == IPMI */
int ipmiprivlevel; /* IPMI authentication level */
ipmiconsole_ctx_t ipmictx; /* IPMI ctx */
unsigned int ipmiworkaround; /* IPMI workaround flags */
short ipmiwrkset; /* workaround flags set in config */
int ipmiciphersuite; /* IPMI cipher suite */
char *username; /* Username to log as */
char *password; /* Login Password */
STRING *ipmikg; /* IPMI k_g auth key */
#endif
/* type == HOST */
char *host; /* hostname */
unsigned short netport; /* final port | netport = portbase + */
unsigned short port; /* port number | portinc * port */
unsigned short portbase; /* port base */
unsigned short portinc; /* port increment */
FLAG raw; /* raw or telnet protocol? */
/* type == EXEC */
char *exec; /* exec command */
char *execsubst; /* exec substitution pattern */
uid_t execuid; /* user to run exec as */
gid_t execgid; /* group to run exec as */
/* type == UDS */
char *uds; /* socket file */
char *udssubst; /* socket file substitution pattern */
/* global stuff */
char *master; /* master hostname */
unsigned short breakNum; /* break type [1-35] */
char *logfile; /* logfile */
off_t logfilemax; /* size limit for rolling logfile */
char *initcmd; /* initcmd command */
char *initsubst; /* initcmd substitution pattern */
uid_t inituid; /* user to run initcmd as */
gid_t initgid; /* group to run initcmd as */
char *motd; /* motd */
time_t idletimeout; /* idle timeout */
char *idlestring; /* string to print when idle */
unsigned short spinmax; /* initialization spin maximum */
unsigned short spintimer; /* initialization spin timer */
char *replstring; /* generic string for replacements */
char *tasklist; /* list of valid tasks */
char *breaklist; /* list of valid break sequences */
/* timestamp stuff */
int mark; /* Mark (chime) interval */
long nextMark; /* Next mark (chime) time */
unsigned short breakType; /* break type [1-9] */
unsigned short autoReUp; /* is it coming back up automatically? */
unsigned short downHard; /* did it go down unexpectedly? */
FLAG activitylog; /* log attach/detach/bump */
FLAG breaklog; /* log breaks sent */
FLAG tasklog; /* log tasks invoked */
/* options */
FLAG ondemand; /* bring up on-demand */
FLAG reinitoncc; /* open if down on client connect */
FLAG striphigh; /* strip high-bit of console data */
FLAG autoreinit; /* auto-reinitialize if failed */
FLAG unloved; /* copy "unloved" data to stdout */
FLAG login; /* allow logins to the console */
/* Used if network console */
int isNetworkConsole;
STRING networkConsoleHost;
unsigned short networkConsolePort;
int telnetState;
/* used if virtual console */
STRING acslave; /* pseudo-device slave side */
int fvirtual; /* is a pty device we use as a console */
STRING pccmd; /* virtual console command */
pid_t ipid; /* pid of virtual command */
/* only used in child */
int nolog; /* don't log output */
/*** runtime settings ***/
CONSFILE *fdlog; /* the local log file */
int fdtty; /* the port to talk to machine on */
int activitylog; /* log attach/detach/bump */
int breaklog; /* log breaks sent */
unsigned short fup; /* we setup this line? */
unsigned short fronly; /* we can only read this console */
struct client *pCLon; /* clients on this console */
struct client *pCLwr; /* client that is writting on console */
CONSFILE *cofile; /* the port to talk to machine on */
char *execSlave; /* pseudo-device slave side */
int execSlaveFD; /* fd of slave side */
pid_t ipid; /* pid of virtual command */
pid_t initpid; /* pid of initcmd command */
CONSFILE *initfile; /* the command run on init */
pid_t taskpid; /* pid of task running */
CONSFILE *taskfile; /* the output from the task (read-only) */
STRING *wbuf; /* write() buffer */
int wbufIAC; /* next IAC location in wbuf */
IOSTATE ioState; /* state of the socket */
time_t stateTimer; /* timer for ioState states */
time_t lastWrite; /* time of last data sent to console */
#if HAVE_GETTIMEOFDAY
struct timeval lastInit; /* time of last initialization */
#else
time_t lastInit; /* time of last initialization */
#endif
unsigned short spincount; /* initialization spin counter */
/*** state information ***/
char acline[132 * 2 + 2]; /* max chars we will call a line */
int iend; /* length of data stored in acline */
int telnetState; /* state for telnet negotiations */
FLAG sentDoEcho; /* have we sent telnet DO ECHO cmd? */
FLAG sentDoSGA; /* have we sent telnet DO SGA cmd? */
unsigned short autoReUp; /* is it coming back up automatically? */
FLAG downHard; /* did it go down unexpectedly? */
unsigned short nolog; /* don't log output */
unsigned short fup; /* we setup this line? */
unsigned short fronly; /* we can only read this console */
/*** list management ***/
struct client *pCLon; /* clients on this console */
struct client *pCLwr; /* client that is writting on console */
CONSENTUSERS *rw; /* rw users */
CONSENTUSERS *ro; /* ro users */
struct consent *pCEnext; /* next console entry */
} CONSENT;
struct hostcache {
STRING hostname;
struct hostcache *next;
};
typedef struct remote { /* console at another host */
struct remote *pRCnext; /* next remote console we know about */
struct remote *pRCuniq; /* list of uniq remote servers */
char *rserver; /* remote server name */
char *rhost; /* remote host to call to get it */
NAMES *aliases; /* aliases for remote server name */
} REMOTE;
extern PARITY *FindParity PARAMS((char *));
extern BAUD *FindBaud PARAMS((char *));
extern void ConsInit PARAMS((CONSENT *, fd_set *, short));
extern void ConsDown PARAMS((CONSENT *, fd_set *, short));
extern int CheckHostCache PARAMS((const char *));
extern void AddHostCache PARAMS((const char *));
extern void ClearHostCache PARAMS((void));
extern void ClearHostCache PARAMS((void));
extern PARITY *FindParity(char *);
extern BAUD *FindBaud(char *);
extern void ConsInit(CONSENT *);
extern void ConsDown(CONSENT *, FLAG, FLAG);
extern REMOTE *FindUniq(REMOTE *);
extern void DestroyRemoteConsole(REMOTE *);
extern void StartInit(CONSENT *);
extern void StopInit(CONSENT *);
extern char *ConsState(CONSENT *);
extern void SetupTty(CONSENT *, int);

470
conserver/conserver.man
View File

@ -1,139 +1,212 @@
.\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine
.\" $Id: conserver.man,v 1.32 2003-04-08 14:05:59-07 bryan Exp $
.TH CONSERVER 8 "Local"
.\" $Id: conserver.man,v 1.54 2006/12/31 02:02:48 bryan Exp $
.TH CONSERVER 8 "2006/12/31" "conserver-8.2.1" "conserver"
.SH NAME
conserver \- console server daemon
.SH SYNOPSIS
\fBconserver\fP [\fB\-7dDEFhinoRuvV\fP] [\fB\-a\fP \fItype\fP]
[\fB\-m\fP \fImax\fP]
[\fB\-M\fP \fIaddr\fP] [\fB\-p\fP \fIport\fP] [\fB\-b\fP \fIport\fP]
[\fB\-c\fP \fIcred\fP] [\fB\-C\fP \fIconfig\fP] [\fB\-P\fP \fIpasswd\fP]
[\fB\-L\fP \fIlogfile\fP] [\fB\-O\fP \fImin\fP]
.B conserver
.RB [ \-7dDEFhinoRSuvV ]
.RB [ \-a
.IR type ]
.RB [ \-m
.IR max ]
.RB [ \-M
.IR master ]
.RB [ \-p
.IR port ]
.RB [ \-b
.IR port ]
.RB [ \-c
.IR cred ]
.RB [ \-C
.IR config ]
.RB [ \-P
.IR passwd ]
.RB [ \-L
.IR logfile ]
.RB [ \-O
.IR min ]
.RB [ \-U
.IR logfile ]
.SH DESCRIPTION
.B Conserver
is the daemon that manages
remote access to system consoles by multiple users via the
.BR console (1)
client program
and logs all console output.
It can connect to consoles via local serial ports
or terminal servers that allow network access,
or to any external program.
client program and (optionally) log the console output.
It can connect to consoles via local serial ports, Unix domain sockets, TCP
sockets (for terminal servers and the like), or any external program.
.PP
When started,
.B conserver
reads its
reads the
.BR conserver.cf (5)
file for details of each console it should manage,
including serial port or network parameters and logging options.
(Also, in environments where multiple servers share a cf file,
any server is able to refer clients to the particular server
managing a requested console,
so that the client need not have knowledge of the
distribution of consoles among servers.)
file for details of each console.
The console type, logging options, serial or network parameters, and user access
levels are just a few of the things that can be specified.
Command-line options are then applied, possibly overriding
.BR conserver.cf (5)
settings.
.B Conserver
categorizes consoles into two types: those it should actively manage, and
those it should just know about, so it can refer clients to other
.B conserver
instances.
If the
.B master
value of a console matches the hostname or ip address of the local machine,
.B conserver
will actively manage the console.
Otherwise, it's considered a ``remote'' console and managed by a different
server.
.B Conserver
forks a child for each group of consoles it must manage
and assigns each process a port number to listen on.
The maximum number of consoles managed by each child process is set using
\fB-m\fP option.
The maximum number of consoles managed by each child process is set using the
.B \-m
option.
The
.BR console (1)
client program communicates with the master console server process to find
the port (and host, in a multi-server configuration)
on which the appropriate child is listening.
The master conserver process forks a new process to handle each
incoming client connection (which should be very short-lived, since it's
duty is to redirect the client to a child).
.B Conserver
restricts connections from clients based on the host access section of its
.BR conserver.cf (5)
and authenticates users against its
file, restricts users based on the console access lists of the
.BR conserver.cf (5)
file, and authenticates
users against its
.BR conserver.passwd (5)
file.
.B Conserver
can also restrict clients using the tcp-wrappers package (enabled
using \fB--with-libwrap\fP). This authentication is done before consulting
using
.BR --with-libwrap ).
This authentication is done before consulting
the
.BR conserver.cf (5)
access list.
.PP
.B Conserver
completely controls any connection to a controlled host.
All escape sequences given by the user to \fBconsole\fP
are passed to the server without interpretation.
The server recognizes and processes all escape sequences,
except the suspend sequence, which is
recognized by the server and
sent as a TCP out-of-band command from the server to the client.
When Unix domain sockets are used between the client and
server (enabled using
.BR --with-uds ),
authentication checks are done on the hardcoded address ``127.0.0.1''.
Automatic client redirection is also disabled (as if the
.B \-R
option was used) since the client cannot communicate with remote servers.
The directory used to hold the sockets is checked to make sure it's empty
when the server starts.
The server will
.B not
remove any files in the directory itself, just in case the directory is
accidentally specified as ``/etc'' or some other critical location.
The server will do its best to remove all the sockets when it shuts down,
but it could stop ungracefully (crash, ``kill -9'', etc)
and leave files behind.
It would then be up to the admin (or a creative startup script) to clean
up the directory before the server will start again.
.PP
The \fBconserver\fP parent process will automatically respawn any child
process that dies. The following signals are propagated by the parent
process to its children.
.TP
.B Conserver
completely controls any connection to a console.
All escape sequences given by the user to
.B console
are passed to the server without interpretation.
The server recognizes and processes all escape sequences.
.PP
The
.B conserver
parent process will automatically respawn any child process that dies.
The following signals are propagated by the parent process to its children.
.TP 10
SIGTERM
Close all connections and exit.
.TP
SIGHUP
Reread the configuration file. New consoles are managed by
forking off new childen, deleted consoles (and their clients) are dropped,
Reread the configuration file.
New consoles are managed by forking off new children, deleted
consoles (and their clients) are dropped,
and changes to consoles are done "in place", resetting the console
port (bringing it down and up) only when necessary. The console name is
used to determine when consoles have been added/removed/changed. All
actions performed by SIGUSR2 are also performed.
port (bringing it down and up) only when necessary.
The console name is used to determine when consoles
have been added/removed/changed.
All actions performed by SIGUSR2 are also performed.
.TP
SIGUSR1
Try to connect to any consoles marked as
down. This can come in handy if you had a terminal server (or more)
Try to connect to any consoles marked as down.
This can come in handy if you had a terminal server (or more)
that wasn't accepting connections at startup and you want
\fBconserver\fP to try to reconnect to all those downed ports.
.B conserver
to try to reconnect to all those downed ports.
.TP
SIGUSR2
Close and reopen all console logfiles
and, if in daemon mode (\fB\-d\fP option),
the error logfile (see the \fB\-L\fP option). All actions performed by
SIGUSR1 are also performed.
and, if in daemon mode
.RB ( \-d
option), the error logfile (see the
.BR \-L
option).
All actions performed by SIGUSR1 are also performed.
.PP
Slave hosts which have no current
.BR console (1)
Consoles which have no current client
connection might produce important error messages.
With the \fB\-u\fP option, these unloved errors are labeled with a machine name
With the
.B \-u
option, these ``unloved'' errors are labeled with a machine name
and output on stdout (or, in daemon mode, to the logfile).
This allows a live operator or an automated log scanner
to find otherwise unseen errors by watching in a single location.
.PP
\fBConserver\fP must be run as root if it is to bind to a port under
1024 or if it must read protected password files (like shadow passwords)
.B Conserver
must be run as root if it is to bind to a port under 1024 or if it
must read protected password files (like shadow passwords)
for authentication (see
.BR conserver.passwd (5)).
Otherwise, it may be run by any user, with \fB\-p\fP used to specify
a port above 1024.
Otherwise, it may be run by any user, with
.B \-p
used to specify a port above 1024.
.PP
If encryption has been built into the code (\fB--with-openssl\fP),
If encryption has been built into the code
.RB ( --with-openssl ),
encrypted client connections (without certificate exchanges) happen
by default. To add certificate exchanges, use the \fB-c\fP option with
the client and server. For authentication of the certificates to work,
by default.
To add certificate exchanges, use the
.B \-c
option with the client and server.
For authentication of the certificates to work,
the signing certificate must be properly trusted, which usually means
the public portion is in \fIOPENSSL_ROOT\fP\fB/ssl/certs\fP (on both
the client and server sides). See the sample self-signing certficate
making script \fBcontrib/maketestcerts\fP for further clues. To allow
the public portion is in
.IB OPENSSL_ROOT /ssl/certs
(on both the client and server sides).
See the sample self-signing certificate making script
.B contrib/maketestcerts
for further clues.
To allow
non-encrypted client connections (in addition to encrypted client
connections), use the \fB-E\fP option.
connections), use the
.B \-E
option.
.SH OPTIONS
.PP
Options may be given as separate arguments (e.g., \fB\-n -d\fP)
or clustered (e.g., \fB\-nd\fP).
Options may be given as separate arguments (e.g.,
.B \-n
.BR \-d )
or clustered (e.g.,
.BR \-nd ).
Options and their arguments may be separated by optional white space.
Option arguments containing spaces or other characters special to the shell
must be quoted.
.TP
.TP 12
.B \-7
Strip the high bit off of all data received,
whether from the \fBconsole\fP client or from the console device,
before any processing occurs.
whether from the
.B console
client or from the console device, before any processing occurs.
.TP
.BI \-a type
Set the default access type for incoming connections from
\fBconsole\fP clients:
.B console
clients:
.RB ` r '
for refused (the default),
.RB ` a '
@ -146,43 +219,60 @@ the access section of
.TP
.BI \-b port
Set the base port for children to listen on.
Each child starts looking for free ports at \fIport\fP
Each child starts looking for free ports at
.I port
and working upward, trying a maximum number of ports
equal to twice the maximum number of groups.
If no free ports are available in that range,
\fBconserver\fP exits.
By default, \fBconserver\fP lets the operating system choose
a free port.
.B conserver
exits.
By default,
.B conserver
lets the operating system choose a free port.
.TP
.BI \-c cred
Load an SSL certificate and key from the PEM encoded file \fIcred\fP.
Load an SSL certificate and key from the PEM encoded file
.IR cred .
.TP
.BI \-C config
Read configuration information from the file \fIconfig\fP.
The default \fIconfig\fP may be changed at compile time using the
\fB--with-cffile\fP option.
Read configuration information from the file
.IR config .
The default
.I config
may be changed at compile time using the
.B --with-cffile
option.
.TP
.B \-d
Become a daemon. Disconnects from the controlling terminal and sends
all output to the logfile (see \fB\-L\fP).
Become a daemon.
Disconnects from the controlling terminal and sends
all output (including any debug output) to the logfile (see
.BR \-L ).
.TP
.B \-D
Enable debugging output, sent to stderr. Multiple \fB-D\fP options
increases debug output.
Enable debugging output, sent to stderr.
Multiple
.B \-D
options increases debug output.
.TP
.B \-E
If encryption has been built into the code (\fB--with-openssl\fP),
encrypted client connections are a requirement. This option allows
non-encrypted clients (as well as encrypted clients) to connect to
consoles.
If encryption has been built into the code
.RB ( --with-openssl ),
encrypted client connections are a requirement.
This option allows non-encrypted clients (as well as encrypted clients) to
connect to consoles.
.TP
.B \-F
Do not automatically reinitialize failed (unexpectedly closed)
consoles. If the console is a program (`|' syntax) and it closes
with a zero exit status, the console is reinitialized regardless
of this option. Without this option, a console is immediately reopened,
Do not automatically reinitialize failed (unexpectedly closed) consoles.
If the console is a program (`|' syntax) and it closes with a zero
exit status, the console is reinitialized regardless of this option.
Without this option, a console is immediately reopened,
and if that fails, retried every minute until successful.
This option has no effect on the \fB-o\fP and \fB-O\fP options.
This option has no effect on the
.B \-o
and
.B \-O
options.
.TP
.B \-h
Output a brief help message.
@ -191,24 +281,44 @@ Output a brief help message.
Initiate console connections on demand (and close them when not used).
.TP
.BI \-L logfile
Log errors and informational messages to \fIlogfile\fP
after startup in daemon mode (\fB\-d\fP).
Log errors and informational messages to
.I logfile
after startup in daemon mode
.RB ( \-d ).
This option does not apply when not running in daemon mode.
The default \fIlogfile\fP may be changed at compile time using the
\fB--with-logfile\fP option.
The default
.I logfile
may be changed at compile time using the
.B --with-logfile
option.
.TP
.BI \-m max
Set the maximum consoles managed per process.
The default \fImax\fP may be changed at compile time using the
\fB--with-maxmemb\fP option.
The default
.I max
may be changed at compile time using the
.B --with-maxmemb
option.
.TP
.BI \-M addr
Set the address to listen on. This allows conserver to bind to a
.BI \-M master
Normally, this allows conserver to bind to a
particular IP address (like `127.0.0.1') instead of all interfaces.
The default is to bind to all addresses.
However, if
.B --with-uds
was used to enable Unix domain sockets for client/server communication,
this points conserver to the directory where it should store the sockets.
The default
.I master
directory
.RB (`` /tmp/conserver '')
may be changed at compile time using the
.B --with-uds
option.
.TP
.B \-n
Obsolete (now a no-op); see \fB\-u\fP.
Obsolete (now a no-op); see
.BR \-u .
.TP
.B \-o
Normally, a client connecting to a ``downed'' console does just that.
@ -216,45 +326,156 @@ Using this option, the server will automatically attempt to open
(``bring up'') the console when the client connects.
.TP
.BI \-O min
Enable periodic attempts (every \fImin\fP minutes) to open (``bring up'')
all downed consoles (similar to sending a SIGUSR1).
Enable periodic attempts (every
.I min
minutes) to open (``bring up'') all downed
consoles (similar to sending a SIGUSR1).
Without this option, or if
.I min
is zero, no periodic attempts occur.
.TP
.BI \-p port
Set the TCP port for the master process to listen on.
This may be either a port number or a service name.
The default \fIport\fP, ``conserver'' (typically 782),
may be changed at compile time using the \fB--with-port\fP option.
The default
.IR port ,
``conserver'' (typically 782),
may be changed at compile time using the
.B --with-port
option.
If the
.B --with-uds
option was used, this option is ignored.
.TP
.BI \-P passwd
Read the table of authorized user data from the file \fIpasswd\fP.
The default \fIpasswd\fP may be changed at compile time using the
\fB--with-pwdfile\fP option.
Read the table of authorized user data from the file
.IR passwd .
The default
.I passwd
may be changed at compile time using the
.B --with-pwdfile
option.
.TP
.B \-R
Disable automatic client redirection to other conserver hosts. This
means informational commands like \fB-w\fP and \fB-i\fP will only show
the status of the local conserver host and attempts to connect to
remote consoles will result in an informative message to the user.
Disable automatic client redirection to other conserver hosts.
This
means informational commands like
.B \-w
and
.B \-i
will only show the status of the local conserver host and attempts to
connect to remote consoles will result in an informative message to the user.
.TP
.B \-S
Do not run the server, just perform a syntax check of configuration file and
exit with a non-zero value if there is an error.
Using more than one
.B \-S
will cause conserver to output various information about each console in 5
colon-separated fields, enclosed in curly-braces.
The philosophy behind the output is to provide information to allow external
detection of multiple consoles access the same physical port.
Since this is
.I highly
environment-specific, conserver cannot do the check internally.
.RS
.TP 9
.I name
The name of the console.
.TP
.I master
The hostname of the master conserver host for the console.
.TP
.I aliases
The console aliases in a comma-separated list.
.TP
.I type
The type of console.
Values will be a `/' for a local device, `|' for
a command, `!' for a remote port, `%' for a Unix domain socket,
and `#' for a noop console.
.TP
.I details
Multiple values are comma-separated and depend on the type of the console.
Local devices will have the values of the device file and baud rate/parity.
Commands will have string to invoke.
Remote ports will have the values of the remote hostname and port number.
Unix domain sockets will have the path to the socket.
Noop consoles will have nothing.
.RE
.TP
.B \-u
Send unloved console output to \fBconserver\fP's stdout
(which, in daemon mode, is redirected to the logfile).
Send unloved console output to
.BR conserver 's
stdout (which, in daemon mode, is redirected to the logfile).
This applies to all consoles to which no user is attached,
independent of whether logging of individual consoles is enabled
via \fBconserver.cf\fP entries.
independent of whether logging of individual consoles is enabled via
.B conserver.cf
entries.
.TP
.BI \-U logfile
Copy all console data to the ``unified''
.IR logfile .
The output is the same as the
.B \-u
output, but all consoles, not
just those without a user, are logged.
Each line of output is prefixed with the console name.
If a user is attached read/write, a `*' is appended to the console name,
to allow log watching utilites to ignore potential user-introduced alarms.
.TP
.B \-v
Echo the configuration as it is being read (be verbose).
.TP
.B \-V
Output the version number and settings of the \fBconserver\fP
Output the version number and settings of the
.B conserver
program and then exit.
.SH PROTOCOL
.PP
The protocol used to interact with the
.B conserver
daemon has two basic styles.
The first style is the initial line-based mode, which occurs before
connecting to a console.
The second style is the character-based, escape-sequence mode, while
connected to a console.
.PP
The initial line-based mode begins the same for both the master process
and its children.
Upon a successful (non-rejected) client connection, an ``ok'' is sent.
The client then issues a command and the server responds to it with a
result string (``ok'' being the sign of success for most commands).
The commands available are ``help'', ``ssl'' (if
SSL was built into the code), ``login'', and ``exit''.
Using the ``login'' command, the client authenticates and gains access to
the extended command set.
This is where the master process and its children differ.
The master process gives the client access to global commands, and the
child provides commands for interacting with the consoles it manages.
The ``help'' command, in both cases, will provide a complete
list of commands and a short description of what they do.
.PP
The second, character-based, style of interaction occurs when the client
issues the ``call'' command with a child process.
This command connects the client to a console and, at that point, relays
all traffic between the client and the console.
There is no more command-based interaction between the client and the server,
any interaction with the server is done with the default escape sequence.
.PP
This is, by no means, a complete description of the entire client/server
interaction.
It is, however, a brief explanation in order to give a idea of
what the program does. See the
.B \s-1PROTOCOL\s0
file in the distribution for further details.
.SH FILES
.PP
The following default file locations may be overridden
at compile time or by the command-line options described above.
Run \fBconserver \-V\fP (with no other options) to see
the defaults set at compile time.
Run
.B conserver \-V
to see the defaults set at compile time.
.PP
.PD 0
.TP 25
@ -272,20 +493,17 @@ the master conserver process ID
.TP
.B /var/log/conserver
log of errors and informational messages
.TP
.B /tmp/conserver
directory to hold Unix domain sockets (if enabled)
.PD
.PP
Additionally, output from individual consoles may be logged
to separate files specified in
.BR conserver.cf (5).
.SH BUGS
SSL encryption only occurs when connecting to a single console, not
on all client/server activity. The \fB-q\fP/\fB-Q\fP quit command will
pass the root password in the clear. Other info-type
options (like \fB-i\fP, \fB-w\fP, etc)
are all sent unencrypted as well. This should be fixed soon.
.PP
I'm sure there are more, I just don't know where they are. Please
let me know if you find any.
I'm sure there are bugs, I just don't know where they are.
Please let me know if you find any.
.SH AUTHORS
Thomas A. Fine, Ohio State Computer Science
.br

4
conserver/conserver.passwd
View File

@ -1,4 +0,0 @@
bryan:r71mXjfALB5Ak:any
djs:r71mXjfALB5Ak:login
chogan:*passwd*:foobar,login,shell
hogan:*passwd*:any

492
conserver/convert.c Normal file
View File

@ -0,0 +1,492 @@
/*
* $Id: convert.c,v 1.14 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*
* Copyright GNAC, Inc., 1998
*/
/*
* Copyright (c) 1990 The Ohio State University.
* All rights reserved.
*
* Redistribution and use in source and binary forms are permitted
* provided that: (1) source distributions retain this entire copyright
* notice and comment, and (2) distributions including binaries display
* the following acknowledgement: ``This product includes software
* developed by The Ohio State University and its contributors''
* in the documentation or other materials provided with the distribution
* and in all advertising materials mentioning features or use of this
* software. Neither the name of the University nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
/*
* Network console modifications by Robert Olson, olson@mcs.anl.gov.
*/
#include <compat.h>
#include <cutil.h>
#include <consent.h>
#include <client.h>
#include <group.h>
#include <access.h>
#include <readcfg.h>
#include <master.h>
#include <main.h>
#if defined(USE_LIBWRAP)
/* we don't use it...but we link to it */
int allow_severity;
int deny_severity;
#endif
SECTION sections[] = {
{(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
};
void
DestroyDataStructures()
{
}
char *
ReadLine2(FILE *fp, STRING *save, int *iLine)
{
static char buf[1024];
char *wholeline = (char *)0;
char *ret = (char *)0;
int i, buflen, peek, commentCheck = 1;
static STRING *bufstr = (STRING *)0;
static STRING *wholestr = (STRING *)0;
if (bufstr == (STRING *)0)
bufstr = AllocString();
if (wholestr == (STRING *)0)
wholestr = AllocString();
peek = 0;
wholeline = (char *)0;
BuildString((char *)0, bufstr);
BuildString((char *)0, wholestr);
while (save->used || ((ret = fgets(buf, sizeof(buf), fp)) != (char *)0)
|| peek) {
/* If we have a previously saved line, use it instead */
if (save->used) {
StrCpy(buf, save->string, sizeof(buf));
BuildString((char *)0, save);
}
if (peek) {
/* End of file? Never mind. */
if (ret == (char *)0)
break;
/* If we don't have a line continuation and we've seen
* some worthy data
*/
if (!isspace((int)buf[0]) && (wholeline != (char *)0)) {
BuildString((char *)0, save);
BuildString(buf, save);
break;
}
peek = 0;
}
if (commentCheck) {
for (i = 0; buf[i] != '\000'; i++)
if (!isspace((int)buf[i]))
break;
if (buf[i] == '#') {
commentCheck = 0;
} else if (buf[i] != '\000') {
commentCheck = 0;
}
}
/* Check for EOL */
buflen = strlen(buf);
if ((buflen >= 1) && (buf[buflen - 1] == '\n')) {
(*iLine)++; /* Finally have a whole line */
/* Finish off the chunk without the \n */
buf[buflen - 1] = '\000';
BuildString(buf, bufstr);
wholeline = BuildString(bufstr->string, wholestr);
peek = 1;
commentCheck = 1;
BuildString((char *)0, bufstr);
} else {
/* Save off the partial chunk */
BuildString(buf, bufstr);
}
}
/* If we hit the EOF and weren't peeking ahead
* and it's not a comment
*/
if (!peek && (ret == (char *)0)) {
(*iLine)++;
wholeline = BuildString(bufstr->string, wholestr);
if (wholeline != (char *)0 && wholeline[0] == '\000')
wholeline = (char *)0;
}
CONDDEBUG((1, "ReadLine2(): returning <%s>",
(wholeline != (char *)0) ? wholeline : "<NULL>"));
return wholeline;
}
/* read in the configuration file, fill in all the structs we use (ksb)
* to manage the consoles
*/
void
ReadCfg(char *pcFile, FILE *fp)
{
int iLine;
unsigned char *acIn;
static STRING *acInSave = (STRING *)0;
char *acStart;
static STRING *logDirectory = (STRING *)0;
static STRING *defMark = (STRING *)0;
int sawACL = 0;
int printedFull = 0;
if (defMark == (STRING *)0)
defMark = AllocString();
if (logDirectory == (STRING *)0)
logDirectory = AllocString();
if (acInSave == (STRING *)0)
acInSave = AllocString();
BuildString((char *)0, defMark);
BuildString((char *)0, acInSave);
BuildString((char *)0, logDirectory);
iLine = 0;
while ((acIn =
(unsigned char *)ReadLine2(fp, acInSave,
&iLine)) != (unsigned char *)0) {
char *pcLine, *pcMode, *pcLog, *pcRem, *pcStart, *pcMark, *pcBreak;
char *pcColon;
acStart = PruneSpace((char *)acIn);
if (acStart[0] == '#') {
printf("%s\n", acStart);
continue;
}
if (printedFull == 0) {
printf("default full {\n\trw *;\n}\n");
printedFull = 1;
}
if ('%' == acStart[0] && '%' == acStart[1] && '\000' == acStart[2]) {
break;
}
if ((char *)0 != (pcLine = strchr(acStart, '=')) &&
((char *)0 == (pcColon = strchr(acStart, ':')) ||
pcColon > pcLine)) {
*pcLine++ = '\000';
acStart = PruneSpace(acStart);
pcLine = PruneSpace(pcLine);
if (0 == strcmp(acStart, "LOGDIR")) {
BuildString((char *)0, logDirectory);
BuildString(pcLine, logDirectory);
printf("default * {\n");
if (logDirectory->used > 1)
printf("\tlogfile %s/&;\n", logDirectory->string);
else
printf("\tlogfile \"\";\n");
if (defMark->used > 1)
printf("\ttimestamp %s;\n", defMark->string);
else
printf("\ttimestamp \"\";\n");
printf("\tinclude full;\n}\n");
} else if (0 == strcmp(acStart, "TIMESTAMP")) {
BuildString((char *)0, defMark);
BuildString(pcLine, defMark);
printf("default * {\n");
if (logDirectory->used > 1)
printf("\tlogfile %s/&;\n", logDirectory->string);
else
printf("\tlogfile \"\";\n");
if (defMark->used > 1)
printf("\ttimestamp %s;\n", defMark->string);
else
printf("\ttimestamp \"\";\n");
printf("\tinclude full;\n}\n");
} else if (0 == strcmp(acStart, "DOMAINHACK")) {
} else if (0 == strncmp(acStart, "BREAK", 5) &&
acStart[5] >= '1' && acStart[5] <= '9' &&
acStart[6] == '\000') {
CONDDEBUG((1, "ReadCfg(): BREAK%c found with `%s'",
acStart[5], pcLine));
if (pcLine[0] == '\000') {
printf("break %c {\n\tstring \"\";\n}\n", acStart[5]);
} else {
char *q, *p;
p = pcLine;
BuildTmpString((char *)0);
while ((q = strchr(p, '"')) != (char *)0) {
*q = '\000';
BuildTmpString(p);
BuildTmpString("\\\"");
p = q + 1;
*q = '"';
}
q = BuildTmpString(p);
printf("break %c {\n\tstring \"%s\";\n}\n", acStart[5],
q);
}
} else {
Error("%s(%d) unknown variable `%s'", pcFile, iLine,
acStart);
}
continue;
}
if ((char *)0 == (pcLine = strchr(acStart, ':')) ||
(char *)0 == (pcMode = strchr(pcLine + 1, ':')) ||
(char *)0 == (pcLog = strchr(pcMode + 1, ':'))) {
Error("%s(%d) bad config line `%s'", pcFile, iLine, acIn);
continue;
}
*pcLine++ = '\000';
*pcMode++ = '\000';
*pcLog++ = '\000';
acStart = PruneSpace(acStart);
pcLine = PruneSpace(pcLine);
pcMode = PruneSpace(pcMode);
pcLog = PruneSpace(pcLog);
if ((char *)0 != (pcMark = strchr(pcLog, ':'))) {
*pcMark++ = '\000';
pcLog = PruneSpace(pcLog);
pcMark = PruneSpace(pcMark);
/* Skip null intervals */
if (pcMark[0] == '\000')
pcMark = (char *)0;
}
if ((char *)0 == pcMark) {
pcBreak = (char *)0;
} else {
if ((char *)0 != (pcBreak = strchr(pcMark, ':'))) {
*pcBreak++ = '\000';
pcMark = PruneSpace(pcMark);
pcBreak = PruneSpace(pcBreak);
/* Ignore null specs */
if (pcMark[0] == '\000')
pcMark = (char *)0;
if (pcBreak[0] == '\000')
pcBreak = (char *)0;
}
}
if ((char *)0 != (pcRem = strchr(pcLine, '@'))) {
*pcRem++ = '\000';
pcLine = PruneSpace(pcLine);
pcRem = PruneSpace(pcRem);
}
printf("console %s {\n", acStart);
if (pcRem == (char *)0) {
printf("\tmaster localhost;\n");
} else {
printf("\tmaster %s;\n", pcRem);
}
/*
* Here we substitute the console name for any '&' character in the
* logfile name. That way you can just have something like
* "/var/console/&" for each of the conserver.cf entries.
*/
if (pcLog[0] == '&' && pcLog[1] == '\000' &&
logDirectory->used > 1) {
/* special case where logfile name is '&' and the LOGDIR was
* seen above. in this case we just allow inheritance to
* work it's magic.
*/
} else if (pcLog[0] == '\000') {
printf("\tlogfile \"\";\n");
} else {
STRING *lfile;
lfile = AllocString();
BuildString((char *)0, lfile);
pcStart = pcLog;
BuildString(pcStart, lfile);
if (logDirectory->used > 1 && lfile->used > 1 &&
lfile->string[0] != '/') {
char *p;
BuildTmpString((char *)0);
p = BuildTmpString(lfile->string);
BuildString((char *)0, lfile);
BuildString(logDirectory->string, lfile);
BuildStringChar('/', lfile);
BuildString(p, lfile);
BuildTmpString((char *)0);
}
printf("\tlogfile %s;\n", lfile->string);
DestroyString(lfile);
}
if (pcMark) {
printf("\ttimestamp %s;\n", pcMark);
}
if (pcBreak) {
int bt;
bt = atoi(pcBreak);
if (bt > 9 || bt < 0) {
Error("%s(%d) bad break spec `%d'", pcFile, iLine, bt);
} else {
printf("\tbreak %d;\n", bt);
}
}
if (pcLine[0] == '!') {
pcLine = PruneSpace(pcLine + 1);
printf("\ttype host;\n");
printf("\thost %s;\n", pcLine);
printf("\tport %s;\n", pcMode);
} else if ('|' == pcLine[0]) {
pcLine = PruneSpace(pcLine + 1);
printf("\ttype exec;\n");
if (pcLine == (char *)0 || pcLine[0] == '\000')
printf("\texec \"\";\n");
else
printf("\texec %s;\n", pcLine);
} else {
char p, *t;
printf("\ttype device;\n");
printf("\tdevice %s;\n", pcLine);
t = pcMode;
while (isdigit((int)(*t))) {
++t;
}
p = *t;
*t = '\000';
printf("\tbaud %s;\n", pcMode);
switch (p) {
case 'E':
case 'e':
t = "even";
break;
case 'M':
case 'm':
t = "mark";
break;
case 'N':
case 'n':
case 'P':
case 'p':
t = "none";
break;
case 'O':
case 'o':
t = "odd";
break;
case 'S':
case 's':
t = "space";
break;
default:
Error
("%s(%d) unknown parity type `%c' - assuming `none'",
pcFile, iLine, p);
t = "none";
break;
}
printf("\tparity %s;\n", t);
}
printf("}\n");
}
while ((acIn =
(unsigned char *)ReadLine2(fp, acInSave,
&iLine)) != (unsigned char *)0) {
char *pcNext;
acStart = PruneSpace((char *)acIn);
if (acStart[0] == '#') {
printf("%s\n", acStart);
continue;
}
if ('%' == acStart[0] && '%' == acStart[1] && '\000' == acStart[2]) {
break;
}
if ((char *)0 == (pcNext = strchr(acStart, ':'))) {
Error("%s(%d) missing colon?", pcFile, iLine);
continue;
}
do {
*pcNext++ = '\000';
} while (isspace((int)(*pcNext)));
switch (acStart[0]) {
case 'a': /* allowed, allow, allows */
case 'A':
if (!sawACL) {
sawACL = 1;
printf("access * {\n");
}
printf("\tallowed %s;\n", pcNext);
break;
case 'r': /* rejected, refused, refuse */
case 'R':
if (!sawACL) {
sawACL = 1;
printf("access * {\n");
}
printf("\trejected %s;\n", pcNext);
break;
case 't': /* trust, trusted, trusts */
case 'T':
if (!sawACL) {
sawACL = 1;
printf("access * {\n");
}
printf("\ttrusted %s;\n", pcNext);
break;
default:
Error("%s(%d) unknown access key `%s'", pcFile, iLine,
acStart);
break;
}
}
if (sawACL) {
printf("}\n");
}
}
int
main(int argc, char **argv)
{
char *pcFile;
FILE *fp;
progname = "convert";
fDebug = 0;
if (argc != 2) {
Error("Usage: convert old-conserver.cf");
return 1;
}
pcFile = argv[1];
if ((fp = fopen(pcFile, "r")) == (FILE *)0) {
Error("fopen(%s): %s", pcFile, strerror(errno));
return 1;
}
ReadCfg(pcFile, fp);
return 0;
}

3082
conserver/cutil.c Normal file
View File

File diff suppressed because it is too large Load Diff

216
conserver/cutil.h Normal file
View File

@ -0,0 +1,216 @@
/*
* $Id: cutil.h,v 1.70 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
#include <stdarg.h>
#if HAVE_OPENSSL
# include <openssl/ssl.h>
# include <openssl/err.h>
#endif
#if HAVE_GSSAPI
# include <gssapi/gssapi.h>
#endif
/* communication constants
*/
#define OB_IAC 0xff /* quote char */
#define OB_EXEC 'E' /* exec a command on the client */
#define OB_GOTO 'G' /* goto next console */
#define OB_SUSP 'Z' /* suspended by server */
#define OB_ABRT '.' /* abort */
/* Struct to wrap information about a "file"...
* This can be a socket, local file, whatever. We do this so
* we can add encryption to sockets (and generalize I/O).
*/
enum consFileType {
simpleFile,
simpleSocket,
simplePipe,
#if HAVE_OPENSSL
SSLSocket,
#endif
nothing
};
typedef enum IOState {
ISDISCONNECTED = 0,
INCONNECT,
ISNORMAL,
#if HAVE_OPENSSL
INSSLACCEPT,
INSSLSHUTDOWN,
#endif
#if HAVE_GSSAPI
INGSSACCEPT,
#endif
ISFLUSHING
} IOSTATE;
typedef enum flag {
FLAGUNKNOWN = 0,
FLAGTRUE,
FLAGFALSE
} FLAG;
typedef struct dynamicString {
char *string;
int used;
int allocated;
struct dynamicString *next;
struct dynamicString *prev;
} STRING;
typedef struct consFile {
/* Standard socket type stuff */
enum consFileType ftype;
int fd;
int fdout; /* only used when a simplePipe */
STRING *wbuf;
FLAG errored;
FLAG quoteiac;
FLAG sawiac;
FLAG sawiacsusp;
FLAG sawiacexec;
FLAG sawiacabrt;
FLAG sawiacgoto;
#if HAVE_OPENSSL
/* SSL stuff */
SSL *ssl;
FLAG waitForWrite;
FLAG waitForRead;
#endif
/* Add crypto stuff to suit */
#if DEBUG_CONSFILE_IO
int debugrfd;
int debugwfd;
#endif
} CONSFILE;
typedef struct item {
char *id;
void (*reg) (char *);
} ITEM;
typedef struct section {
char *id;
void (*begin) (char *);
void (*end) (void);
void (*abort) (void);
void (*destroy) (void);
ITEM *items;
} SECTION;
typedef enum substToken {
ISNOTHING = 0,
ISNUMBER,
ISSTRING
} SUBSTTOKEN;
typedef struct subst {
/* function to retrieve a token type based on a character
*/
SUBSTTOKEN (*token) (char);
/* data for callback function
*/
void *data;
/* function to retrieve a value (as a char* or int or both) for
* a substitution
*/
int (*value) (char, char **, int *);
} SUBST;
extern int isMultiProc, fDebug, fVerbose, fErrorPrinted;
extern char *progname;
extern pid_t thepid;
#define MAXHOSTNAME 1024
extern char myHostname[];
#if !USE_IPV6
extern struct in_addr *myAddrs;
#endif
extern fd_set rinit;
extern fd_set winit;
extern int maxfd;
extern int debugLineNo;
extern char *debugFileName;
extern int line; /* used by ParseFile */
extern char *file; /* used by ParseFile */
extern SECTION sections[]; /* used by ParseFile */
extern int isMaster;
extern const char *StrTime(time_t *);
extern void Debug(int, char *, ...);
extern void Error(char *, ...);
extern void Msg(char *, ...);
extern void Verbose(char *, ...);
extern void SimpleSignal(int, RETSIGTYPE(*)(int));
extern int GetMaxFiles();
extern char *FmtCtl(int, STRING *);
extern void FmtCtlStr(char *, int, STRING *);
extern CONSFILE *FileOpenFD(int, enum consFileType);
extern CONSFILE *FileOpenPipe(int, int);
extern CONSFILE *FileOpen(const char *, int, int);
extern int FileClose(CONSFILE **);
extern int FileRead(CONSFILE *, void *, int);
extern int FileWrite(CONSFILE *, FLAG, char *, int);
extern void FileVWrite(CONSFILE *, FLAG, char *, va_list);
extern void FilePrint(CONSFILE *, FLAG, char *, ...);
extern int FileStat(CONSFILE *, struct stat *);
extern int FileSeek(CONSFILE *, off_t, int);
extern int FileSend(CONSFILE *, const void *, size_t, int);
extern int FileFDNum(CONSFILE *);
extern int FileFDOutNum(CONSFILE *);
extern int FileUnopen(CONSFILE *);
extern void OutOfMem();
extern char *BuildTmpString(const char *);
extern char *BuildTmpStringChar(const char);
extern char *BuildTmpStringPrint(char *, ...);
extern char *BuildString(const char *, STRING *);
extern char *BuildStringChar(const char, STRING *);
extern char *BuildStringPrint(STRING *, char *, ...);
extern char *BuildStringN(const char *, int, STRING *);
extern char *ShiftString(STRING *, int);
extern void InitString(STRING *);
extern void DestroyString(STRING *);
extern void DestroyStrings(void);
extern STRING *AllocString(void);
extern char *ReadLine(FILE *, STRING *, int *);
extern enum consFileType FileGetType(CONSFILE *);
extern void FileSetType(CONSFILE *, enum consFileType);
extern void FileSetQuoteIAC(CONSFILE *, FLAG);
extern FLAG FileSawQuoteSusp(CONSFILE *);
extern FLAG FileSawQuoteExec(CONSFILE *);
extern FLAG FileSawQuoteAbrt(CONSFILE *);
extern FLAG FileSawQuoteGoto(CONSFILE *);
extern void Bye(int);
extern void DestroyDataStructures(void);
extern int IsMe(char *);
extern char *PruneSpace(char *);
extern int FileCanRead(CONSFILE *, fd_set *, fd_set *);
extern int FileCanWrite(CONSFILE *, fd_set *, fd_set *);
extern int FileBufEmpty(CONSFILE *);
extern int SetFlags(int, int, int);
extern char *StrDup(const char *);
extern int ParseIACBuf(CONSFILE *, void *, int *);
extern void *MemMove(void *, void *, size_t);
extern char *StringChar(STRING *, int, char);
extern void ParseFile(char *, FILE *, int);
#if !USE_IPV6
extern void ProbeInterfaces(in_addr_t);
#endif
extern void ProcessSubst(SUBST *, char **, char **, char *, char *);
extern char *MyVersion(void);
extern unsigned int AtoU(char *);
extern void StrCpy(char *, const char *, unsigned int);
#if HAVE_OPENSSL
extern SSL *FileGetSSL(CONSFILE *);
extern void FileSetSSL(CONSFILE *, SSL *);
extern int SSLVerifyCallback(int, X509_STORE_CTX *);
extern int FileSSLAccept(CONSFILE *);
extern int FileCanSSLAccept(CONSFILE *, fd_set *, fd_set *);
#endif

313
conserver/fallback.c
View File

@ -1,5 +1,5 @@
/*
* $Id: fallback.c,v 5.53 2003-03-17 08:27:34-08 bryan Exp $
* $Id: fallback.c,v 5.62 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -14,154 +14,167 @@
* Mike Rowan (mtr@mace.cc.purdue.edu)
*/
#include <config.h>
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/file.h>
#include <fcntl.h>
#include <sys/socket.h>
#include <sys/errno.h>
#include <netinet/in.h>
#include <syslog.h>
#include <signal.h>
#include <netdb.h>
#include <stdio.h>
#include <ctype.h>
#include <compat.h>
#include <util.h>
#if defined(_AIX)
#include <cutil.h>
/*
* get a pty for the user (emulate the neato sequent call) (mm)
* get a pty for the user
*
* this has been revamped rather heavily for 8.0.0. i've taken ideas
* from the xemacs and openssh distributions to get code that *should*
* work on systems i have no access to. thanks to those reference
* packages, i think things are ok...hopefully it's true!
*/
static int
#if PROTOTYPES
GetPseudoTTY(STRING * slave, STRING * master)
#else
GetPseudoTTY(slave, master)
STRING *slave;
STRING *master;
#endif
GetPseudoTTY(STRING *slave, int *slaveFD)
{
int fd;
#if HAVE_OPENPTY
int fd = -1;
int sfd = -1;
int opty = 0;
char *pcName;
if (0 > (fd = open("/dev/ptc", O_RDWR | O_NDELAY, 0))) {
return -1;
}
if ((char *)0 == (pcName = ttyname(fd))) {
return -1;
}
BuildString((char *)0, slave);
BuildString(pcName, slave);
BuildString((char *)0, master);
BuildString(pcName, master);
master->string[7] = 'c';
return fd;
}
#else
#if defined(HAVE_PTSNAME) && defined(HAVE_GRANTPT) && defined(HAVE_UNLOCKPT)
#if defined(linux)
extern char *ptsname();
extern int grantpt();
extern int unlockpt();
#endif
/* get a pty for the user -- emulate the neato sequent call under (gregf)
* DYNIX/ptx v4.0
*/
static int
#if PROTOTYPES
GetPseudoTTY(STRING * slave, STRING * master)
#else
GetPseudoTTY(slave, master)
STRING *slave;
STRING *master;
#endif
{
int fd;
char *pcName;
#if HAVE_SIGACTION
# if HAVE_SIGACTION
sigset_t oldmask, newmask;
#else
extern RETSIGTYPE FlagReapVirt PARAMS((int));
#endif
# else
extern RETSIGTYPE FlagReapVirt(int);
# endif
if (0 > (fd = open("/dev/ptmx", O_RDWR, 0))) {
return -1;
}
#if HAVE_SIGACTION
# if HAVE_SIGACTION
sigemptyset(&newmask);
sigaddset(&newmask, SIGCHLD);
if (sigprocmask(SIG_BLOCK, &newmask, &oldmask) < 0)
Error("GetPseudoTTY(): sigprocmask(SIG_BLOCK): %s",
strerror(errno));
#else
# else
SimpleSignal(SIGCHLD, SIG_DFL);
#endif
# endif
grantpt(fd); /* change permission of slave */
opty = openpty(&fd, &sfd, NULL, NULL, NULL);
#if HAVE_SIGACTION
# if HAVE_SIGACTION
if (sigprocmask(SIG_SETMASK, &oldmask, NULL) < 0)
Error("GetPseudoTTY(): sigprocmask(SIG_SETMASK): %s",
strerror(errno));
#else
# else
SimpleSignal(SIGCHLD, FlagReapVirt);
#endif
# endif
unlockpt(fd); /* unlock slave */
BuildString((char *)0, master);
if ((char *)0 == (pcName = ttyname(fd))) {
BuildString("/dev/ptmx", master);
} else {
BuildString(pcName, master);
if (opty != 0) {
if (fd >= 0)
close(fd);
if (sfd >= 0)
close(sfd);
return -1;
}
if ((char *)0 == (pcName = ttyname(sfd))) {
close(fd);
close(sfd);
return -1;
}
BuildString((char *)0, slave);
BuildString(pcName, slave);
if ((char *)0 == (pcName = ptsname(fd))) {
*slaveFD = sfd;
return fd;
#else
# if (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX)
int fd = -1;
int sfd = -1;
char *pcName;
# if HAVE_SIGACTION
sigset_t oldmask, newmask;
# else
extern RETSIGTYPE FlagReapVirt(int);
# endif
int c;
/* clone list and idea stolen from xemacs distribution */
static char *clones[] = {
"/dev/ptmx", /* Various systems */
"/dev/ptm/clone", /* HPUX */
"/dev/ptc", /* AIX */
"/dev/ptmx_bsd", /* Tru64 */
(char *)0
};
/* try to find the pty allocator */
for (c = 0; clones[c] != (char *)0; c++) {
if ((fd = open(clones[c], O_RDWR, 0)) >= 0)
break;
}
if (fd < 0)
return -1;
# if HAVE_SIGACTION
sigemptyset(&newmask);
sigaddset(&newmask, SIGCHLD);
if (sigprocmask(SIG_BLOCK, &newmask, &oldmask) < 0)
Error("GetPseudoTTY(): sigprocmask(SIG_BLOCK): %s",
strerror(errno));
# else
SimpleSignal(SIGCHLD, SIG_DFL);
# endif
# if HAVE_GRANTPT
grantpt(fd); /* change permission of slave */
# endif
# if HAVE_SIGACTION
if (sigprocmask(SIG_SETMASK, &oldmask, NULL) < 0)
Error("GetPseudoTTY(): sigprocmask(SIG_SETMASK): %s",
strerror(errno));
# else
SimpleSignal(SIGCHLD, FlagReapVirt);
# endif
# if HAVE_UNLOCKPT
unlockpt(fd); /* unlock slave */
# endif
# if defined(_AIX)
if ((pcName = ttyname(fd)) == (char *)0) {
close(fd);
return -1;
}
# else
# if HAVE_PTSNAME
if ((pcName = ptsname(fd)) == (char *)0) {
close(fd);
return -1;
}
# else
close(fd);
return -1;
# endif
# endif
/* go ahead and open the slave */
if ((sfd = open(pcName, O_RDWR, 0)) < 0) {
Error("GetPseudoTTY(): open(%s): %s", pcName, strerror(errno));
close(fd);
return -1;
}
BuildString((char *)0, slave);
BuildString(pcName, slave);
*slaveFD = sfd;
return fd;
}
#else
/*
* Below is the string for finding /dev/ptyXX. For each architecture we
* leave some pty's world writable because we don't have source for
* everything that uses pty's. For the most part, we'll be trying to
* make /dev/ptyq* the "free" pty's.
*/
/* all the world's a vax ;-) */
static char charone[] = "prstuvwxyzPQRSTUVWq";
static char chartwo[] =
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
/*
* get a pty for the user (emulate the neato sequent call) (ksb)
*/
static int
#if PROTOTYPES
GetPseudoTTY(STRING * slave, STRING * master)
#else
GetPseudoTTY(slave, master)
STRING *slave;
STRING *master;
#endif
{
# else
/*
* Below is the string for finding /dev/ptyXX. For each architecture we
* leave some pty's world writable because we don't have source for
* everything that uses pty's. For the most part, we'll be trying to
* make /dev/ptyq* the "free" pty's.
*/
/* all the world's a vax ;-) */
static char charone[] = "prstuvwxyzPQRSTUVWq";
static char chartwo[] =
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
static char acMaster[] = "/dev/ptyXX";
static char acSlave[] = "/dev/ttyXX";
static char *pcOne = charone, *pcTwo = chartwo;
int fd, iLoop, iIndex = sizeof("/dev/pty") - 1;
int fd, sfd, iLoop, iIndex = sizeof("/dev/pty") - 1;
char *pcOld1;
struct stat statBuf;
@ -191,7 +204,7 @@ GetPseudoTTY(slave, master)
continue;
}
if (0 > (fd = open(acMaster, O_RDWR | O_NDELAY, 0))) {
if (0 > (fd = open(acMaster, O_RDWR | O_NONBLOCK, 0))) {
continue;
}
acSlave[iIndex] = *pcOne;
@ -203,41 +216,41 @@ GetPseudoTTY(slave, master)
break;
}
BuildString((char *)0, master);
BuildString(acMaster, master);
BuildString((char *)0, slave);
BuildString(acSlave, slave);
return fd;
}
#endif
#endif /* _AIX */
/*
* get a Joe pty bacause the daemon is not with us, sadly. (ksb)
*/
int
#if PROTOTYPES
FallBack(STRING * pcSlave, STRING * pcMaster)
#else
FallBack(pcSlave, pcMaster)
STRING *pcSlave, *pcMaster;
#endif
{
int fd;
static STRING *pcTSlave = (STRING *) 0;
static STRING *pcTMaster = (STRING *) 0;
if (pcTSlave == (STRING *) 0)
pcTSlave = AllocString();
if (pcTMaster == (STRING *) 0)
pcTMaster = AllocString();
if (-1 == (fd = GetPseudoTTY(pcTSlave, pcTMaster))) {
/* go ahead and open the slave */
if ((sfd = open(acSlave, O_RDWR, 0)) < 0) {
Error("GetPseudoTTY(): open(%s): %s", acSlave, strerror(errno));
close(fd);
return -1;
}
BuildString((char *)0, pcSlave);
BuildString(pcTSlave->string, pcSlave);
BuildString((char *)0, pcMaster);
BuildString(pcTMaster->string, pcMaster);
BuildString((char *)0, slave);
BuildString(acSlave, slave);
*slaveFD = sfd;
return fd;
# endif /* (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX) */
#endif /* HAVE_OPENPTY */
}
/*
* get a pty using the GetPseudoTTY code above
*/
int
FallBack(char **slave, int *sfd)
{
int fd;
static STRING *pcTSlave = (STRING *)0;
if (pcTSlave == (STRING *)0)
pcTSlave = AllocString();
if ((fd = GetPseudoTTY(pcTSlave, sfd)) == -1) {
return -1;
}
if ((*slave) != (char *)0)
free(*slave);
if (((*slave) = StrDup(pcTSlave->string))
== (char *)0)
OutOfMem();
return fd;
}

6613
conserver/group.c
View File

File diff suppressed because it is too large Load Diff

45
conserver/group.h
View File

@ -1,5 +1,5 @@
/*
* $Id: group.h,v 5.31 2003-03-17 08:43:20-08 bryan Exp $
* $Id: group.h,v 5.52 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -34,6 +34,16 @@
* 4. This notice may not be removed or altered.
*/
/* timers used to have various things happen */
#define T_STATE 0
#define T_CIDLE 1
#define T_MARK 2
#define T_REINIT 3
#define T_AUTOUP 4
#define T_ROLL 5
#define T_INITDELAY 6
#define T_MAX 7 /* T_MAX *must* be last */
/* return values used by CheckPass()
*/
#define AUTH_SUCCESS 0 /* ok */
@ -45,7 +55,6 @@ typedef struct grpent { /* group info */
unsigned short port; /* port group listens on */
pid_t pid; /* pid of server for group */
int imembers; /* number of consoles in this group */
fd_set rinit; /* descriptor list */
CONSENT *pCElist; /* list of consoles in this group */
CONSENT *pCEctl; /* our control `console' */
CONSCLIENT *pCLall; /* all clients to scan after select */
@ -53,12 +62,26 @@ typedef struct grpent { /* group info */
struct grpent *pGEnext; /* next group entry */
} GRPENT;
extern void Spawn PARAMS((GRPENT *));
extern int CheckPass PARAMS((char *, char *));
extern void TagLogfile PARAMS((const CONSENT *, const char *, ...));
extern void TagLogfileAct PARAMS((const CONSENT *, const char *, ...));
extern void CleanupBreak PARAMS((short));
extern void DestroyGroup PARAMS((GRPENT *));
extern void DestroyConsent PARAMS((GRPENT *, CONSENT *));
extern void SendClientsMsg PARAMS((CONSENT *, char *));
extern void ResetMark PARAMS((void));
extern time_t timers[];
extern void Spawn(GRPENT *, int);
extern int CheckPass(char *, char *, FLAG);
extern void TagLogfile(const CONSENT *, char *, ...);
extern void TagLogfileAct(const CONSENT *, char *, ...);
extern void DestroyGroup(GRPENT *);
extern void DestroyConsent(GRPENT *, CONSENT *);
extern void SendClientsMsg(CONSENT *, char *);
extern void ResetMark(void);
extern void DestroyConsentUsers(CONSENTUSERS **);
extern CONSENTUSERS *ConsentFindUser(CONSENTUSERS *, char *);
extern int ConsentUserOk(CONSENTUSERS *, char *);
extern void DisconnectClient(GRPENT *, CONSCLIENT *, char *, FLAG);
extern int ClientAccess(CONSENT *, char *);
extern void DestroyClient(CONSCLIENT *);
extern int CheckPasswd(CONSCLIENT *, char *, FLAG);
extern void DeUtmp(GRPENT *, int);
extern void ClientWantsWrite(CONSCLIENT *);
extern void SendIWaitClientsMsg(CONSENT *, char *);
#if HAVE_OPENSSL
extern int AttemptSSL(CONSCLIENT *);
#endif

1408
conserver/main.c
View File

File diff suppressed because it is too large Load Diff

42
conserver/main.h
View File

@ -1,5 +1,5 @@
/*
* $Id: main.h,v 5.45 2003-03-09 15:20:43-08 bryan Exp $
* $Id: main.h,v 5.55 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -37,24 +37,32 @@
/* program options and stuff
*/
extern char rcsid[];
extern int fAll, fSoftcar, fNoinit, fInteractive, fStrip, fDaemon, fReopen,
fReopenall, fNoautoreup, fNoredir;
extern char chDefAcc;
extern int fAll, fNoinit, fInteractive, fStrip, fDaemon, fReopen,
fNoautoreup, fSyntaxOnly;
#if USE_IPV6
extern struct addrinfo *bindAddr;
extern struct addrinfo *bindBaseAddr;
#else
extern in_addr_t bindAddr;
extern unsigned short bindPort, bindBasePort;
extern char *pcLogfile;
extern char *pcConfig;
extern char *pcPasswd;
extern STRING *defaultShell;
extern int cMaxMemb;
extern struct sockaddr_in in_port;
extern char acMyHost[];
extern struct in_addr acMyAddr;
extern int domainHack;
extern int isMaster;
#endif
extern unsigned short bindPort, bindBasePort;
extern char *pcConfig;
extern int cMaxMemb;
extern CONFIG *optConf;
extern CONFIG *config;
extern CONFIG defConfig;
extern CONSFILE *unifiedlog;
#if USE_UNIX_DOMAIN_SOCKETS
extern char *interface;
#endif
#if HAVE_OPENSSL
extern SSL_CTX *ctx;
extern int fReqEncryption;
#endif
extern void ReopenLogfile PARAMS((void));
extern void DumpDataStructures PARAMS((void));
#if HAVE_GSSAPI
extern gss_name_t gss_myname;
extern gss_cred_id_t gss_mycreds;
#endif
extern void ReopenLogfile(void);
extern void ReopenUnifiedlog(void);
extern void DumpDataStructures(void);

1170
conserver/master.c
View File

File diff suppressed because it is too large Load Diff

8
conserver/master.h
View File

@ -1,5 +1,5 @@
/*
* $Id: master.h,v 5.16 2003-03-06 10:13:41-08 bryan Exp $
* $Id: master.h,v 5.18 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -37,5 +37,7 @@
/*
* stuff the master process needs
*/
extern void Master PARAMS((void));
extern void SignalKids PARAMS((int));
extern CONSCLIENT *pCLmall;
extern CONSCLIENT *pCLmfree;
extern void Master(void);
extern void SignalKids(int);

6212
conserver/readcfg.c
View File

File diff suppressed because it is too large Load Diff

103
conserver/readcfg.h
View File

@ -1,50 +1,77 @@
/*
* $Id: readcfg.h,v 5.23 2003-03-06 10:13:41-08 bryan Exp $
* $Id: readcfg.h,v 5.51 2015/06/02 17:19:31 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*
* Copyright GNAC, Inc., 1998
*/
/*
* Copyright 1992 Purdue Research Foundation, West Lafayette, Indiana
* 47907. All rights reserved.
*
* Written by Kevin S Braunsdorf, ksb@cc.purdue.edu, purdue!ksb
*
* This software is not subject to any license of the American Telephone
* and Telegraph Company or the Regents of the University of California.
*
* Permission is granted to anyone to use this software for any purpose on
* any computer system, and to alter it and redistribute it freely, subject
* to the following restrictions:
*
* 1. Neither the authors nor Purdue University are responsible for any
* consequences of the use of this software.
*
* 2. The origin of this software must not be misrepresented, either by
* explicit claim or by omission. Credit to the authors and Purdue
* University must appear in documentation and sources.
*
* 3. Altered versions must be plainly marked as such, and must not be
* misrepresented as being the original software.
*
* 4. This notice may not be removed or altered.
*/
#define BREAKDELAYDEFAULT 250
#define BREAKLISTSIZE 35 /* ('z'-('a'-1))+('9'-('1'-1)) */
#define BREAKALPHAOFFSET 39 /* ('a'-('9'+1)) */
/* we read in which hosts to trust and which ones we proxy for
* from a file, into these structures
*/
typedef struct config {
STRING *name;
FLAG autocomplete;
char defaultaccess;
FLAG daemonmode;
char *logfile;
char *passwdfile;
char *primaryport;
FLAG redirect;
FLAG loghostnames;
int reinitcheck;
char *secondaryport;
char *unifiedlog;
int initdelay;
#if HAVE_SETPROCTITLE
FLAG setproctitle;
#endif
#if HAVE_OPENSSL
char *sslcredentials;
FLAG sslrequired;
FLAG sslreqclientcert;
char *sslcacertificatefile;
#endif
} CONFIG;
extern GRPENT *pGroups; /* group info */
typedef struct breaks {
STRING *seq;
int delay;
FLAG confirm;
} BREAKS;
typedef struct tasks {
char id;
STRING *cmd;
STRING *descr;
uid_t uid;
gid_t gid;
char *subst;
FLAG confirm;
struct tasks *next;
} TASKS;
extern NAMES *userList; /* user list */
extern GRPENT *pGroups; /* group info */
extern REMOTE *pRCList; /* list of remote consoles we know about */
extern REMOTE *pRCUniq; /* list of uniq console servers */
extern ACCESS *pACList; /* `who do you love' (or trust) */
extern STRING *breakList; /* list of break sequences */
extern ACCESS *pACList; /* `who do you love' (or trust) */
extern CONSENTUSERS *pADList; /* list of admin users */
extern CONSENTUSERS *pLUList; /* list of limited users */
extern BREAKS breakList[BREAKLISTSIZE]; /* list of break sequences */
extern TASKS *taskList; /* list of tasks */
extern SUBST *taskSubst; /* substitution function data for tasks */
extern CONFIG *pConfig; /* settings seen by config parser */
extern SUBST *substData; /* substitution function data */
extern void ReadCfg PARAMS((char *, FILE *));
extern char *PruneSpace PARAMS((char *));
extern void ReReadCfg PARAMS((void));
extern void DestroyBreakList PARAMS((void));
extern void ReadCfg(char *, FILE *);
extern void ReReadCfg(int, int);
extern void DestroyBreakList(void);
extern void InitBreakList(void);
extern void DestroyTaskList(void);
extern void DestroyUserList(void);
extern void DestroyConfig(CONFIG *);
extern NAMES *FindUserList(char *);
extern NAMES *AddUserList(char *);
extern CONSENT *FindConsoleName(CONSENT *, char *);

1370
conserver/util.c
View File

File diff suppressed because it is too large Load Diff

101
conserver/util.h
View File

@ -1,101 +0,0 @@
/*
* $Id: util.h,v 1.41 2003-03-08 08:39:57-08 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
#if PROTOTYPES
#include <stdarg.h>
#else
#include <varargs.h>
#endif
#if HAVE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#endif
/* communication constants
*/
#define OB_SUSP 'Z' /* suspended by server */
#define OB_DROP '.' /* dropped by server */
/* Struct to wrap information about a "file"...
* This can be a socket, local file, whatever. We do this so
* we can add encryption to sockets (and generalize I/O).
*/
enum consFileType {
simpleFile,
simpleSocket,
#if HAVE_OPENSSL
SSLSocket,
#endif
nothing
};
typedef struct dynamicString {
char *string;
int used;
int allocated;
struct dynamicString *next;
struct dynamicString *prev;
} STRING;
typedef struct consFile {
/* Standard socket type stuff */
enum consFileType ftype;
int fd;
#if HAVE_OPENSSL
/* SSL stuff */
SSL *ssl;
int waitonWrite;
int waitonRead;
#endif
/* Add crypto stuff to suit */
} CONSFILE;
extern int isMultiProc, fDebug, fVerbose;
extern char *progname;
extern pid_t thepid;
extern const char *StrTime PARAMS((time_t *));
extern void Debug PARAMS((int, char *, ...));
extern void Error PARAMS((char *, ...));
extern void Msg PARAMS((char *, ...));
extern void Verbose PARAMS((char *, ...));
extern void SimpleSignal PARAMS((int, RETSIGTYPE(*)(int)));
extern int GetMaxFiles PARAMS(());
extern char *FmtCtl PARAMS((int, STRING *));
extern void FmtCtlStr PARAMS((char *, int, STRING *));
extern CONSFILE *FileOpenFD PARAMS((int, enum consFileType));
extern CONSFILE *FileOpen PARAMS((const char *, int, int));
extern int FileClose PARAMS((CONSFILE **));
extern int FileRead PARAMS((CONSFILE *, void *, int));
extern int FileWrite PARAMS((CONSFILE *, const char *, int));
extern void FileVWrite PARAMS((CONSFILE *, const char *, va_list));
extern void FilePrint PARAMS((CONSFILE *, const char *, ...));
extern int FileStat PARAMS((CONSFILE *, struct stat *));
extern int FileSeek PARAMS((CONSFILE *, off_t, int));
extern int FileSend PARAMS((CONSFILE *, const void *, size_t, int));
extern int FileFDNum PARAMS((CONSFILE *));
extern int FileUnopen PARAMS((CONSFILE *));
extern void OutOfMem PARAMS(());
extern char *BuildTmpString PARAMS((const char *));
extern char *BuildTmpStringChar PARAMS((const char));
extern char *BuildString PARAMS((const char *, STRING *));
extern char *BuildStringChar PARAMS((const char, STRING *));
extern void InitString PARAMS((STRING *));
extern void DestroyString PARAMS((STRING *));
extern void DestroyStrings PARAMS((void));
extern STRING *AllocString PARAMS((void));
extern char *ReadLine PARAMS((FILE *, STRING *, int *));
extern enum consFileType FileGetType PARAMS((CONSFILE *));
extern void FileSetType PARAMS((CONSFILE *, enum consFileType));
extern void Bye PARAMS((int));
extern void DestroyDataStructures PARAMS((void));
#if HAVE_OPENSSL
extern SSL *FileGetSSL PARAMS((CONSFILE *));
extern void FileSetSSL PARAMS((CONSFILE *, SSL *));
extern int SSLVerifyCallback PARAMS((int, X509_STORE_CTX *));
#endif

8
conserver/version.h
View File

@ -1,5 +1,5 @@
/*
* $Id: version.h,v 1.42 2003-04-08 16:19:19-07 bryan Exp $
* $Id: version.h,v 1.82 2015/06/01 15:36:59 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -14,4 +14,8 @@
@(#) Copyright 2000 conserver.com.\n\
All rights reserved.\n"
#define THIS_VERSION "conserver.com version 7.2.7"
#define VERSION_MAJOR 8
#define VERSION_MINOR 2
#define VERSION_REV 1
#define VERSION_TEXT "conserver.com version"
#define VERSION_UINT (VERSION_MAJOR * 1000000 + VERSION_MINOR * 1000 + VERSION_REV)

18
console/Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
prefix = @prefix@
@ -15,7 +16,7 @@ MKDIR = @MKDIR@
### Compiler and link options
CC = @CC@
CFLAGS = @CFLAGS@ # -DPUCC -DSUN5
CFLAGS = @CFLAGS@
DEFS = @DEFS@ -DSYSCONFDIR=\"$(sysconfdir)\"
CPPFLAGS = -I.. -I$(top_srcdir) -I$(srcdir) -I$(top_srcdir)/conserver $(DEFS) @CPPFLAGS@
LDFLAGS = @LDFLAGS@
@ -25,18 +26,23 @@ LIBS = @LIBS@
### Makefile rules - no user-servicable parts below
CONSOLE_OBJS = console.o ../conserver/util.o
CONSOLE_HDRS = ../config.h $(top_srcdir)/compat.h $(top_srcdir)/conserver/port.h
CONSOLE_OBJS = console.o getpassword.o readconf.o ../conserver/cutil.o
CONSOLE_HDRS = ../config.h $(top_srcdir)/compat.h \
$(top_srcdir)/conserver/cutil.h \
$(top_srcdir)/conserver/version.h \
$(srcdir)/getpassword.h $(srcdir)/readconf.h
ALL = console
all: $(ALL)
$(CONSOLE_OBJS): $(CONSOLE_HDRS)
console: $(CONSOLE_OBJS)
$(CC) $(CFLAGS) $(LDFLAGS) -o console $(CONSOLE_OBJS) $(LIBS)
../conserver/util.o:
( cd ../conserver && $(MAKE) $(MAKE_FLAGS) util.o ) || exit 1;
../conserver/cutil.o:
( cd ../conserver && $(MAKE) $(MAKE_FLAGS) cutil.o ) || exit 1;
.c.o:
$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
@ -51,6 +57,6 @@ install: console
$(MKDIR) $(DESTDIR)$(bindir)
$(INSTALL_PROGRAM) console $(DESTDIR)$(bindir)
$(MKDIR) $(DESTDIR)$(mandir)/man1
$(INSTALL) console.man $(DESTDIR)$(mandir)/man1/console.1
$(INSTALL) -m 0644 console.man $(DESTDIR)$(mandir)/man1/console.1
.PHONY: clean distclean install

2927
console/console.c
View File

File diff suppressed because it is too large Load Diff

1004
console/console.man
View File

File diff suppressed because it is too large Load Diff

140
console/getpassword.c Normal file
View File

@ -0,0 +1,140 @@
/*
* $Id: getpassword.c,v 1.9 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*
* Copyright GNAC, Inc., 1998
*/
#include <compat.h>
#include <pwd.h>
#include <cutil.h>
#include <version.h>
/* the next two routines assure that the users tty is in the
* correct mode for us to do our thing
*/
static int screwy = 0;
static struct termios o_tios;
/* this holds the password given to us by the user */
static STRING *pass = (STRING *)0;
/*
* show characters that are already tty processed,
* and read characters before cononical processing
* we really use cbreak at PUCC because we need even parity...
*/
static void
C2Raw(int fd)
{
struct termios n_tios;
if (!isatty(fd) || 0 != screwy)
return;
if (0 != tcgetattr(fd, &o_tios)) {
Error("tcgetattr(%d): %s", fd, strerror(errno));
Bye(EX_UNAVAILABLE);
}
n_tios = o_tios;
n_tios.c_iflag &= ~(IUCLC | IXON);
n_tios.c_oflag &= ~OPOST;
n_tios.c_lflag &= ~(ISIG | ECHO | IEXTEN);
n_tios.c_cc[VMIN] = 1;
n_tios.c_cc[VTIME] = 0;
if (0 != tcsetattr(fd, TCSANOW, &n_tios)) {
Error("tcsetattr(%d, TCSANOW): %s", fd, strerror(errno));
Bye(EX_UNAVAILABLE);
}
screwy = 1;
}
/*
* put the tty back as it was, however that was
*/
static void
C2Normal(int fd)
{
if (!screwy)
return;
tcsetattr(fd, TCSANOW, &o_tios);
screwy = 0;
}
char *
GetPassword(char *prompt)
{
int fd;
int nc;
char buf[BUFSIZ];
int done = 0;
if (prompt == (char *)0)
prompt = "";
if ((pass = AllocString()) == (STRING *)0)
OutOfMem();
BuildString((char *)0, pass);
if ((fd = open("/dev/tty", O_RDWR)) == -1) {
Error("could not open `/dev/tty': %s", strerror(errno));
return (char *)0;
}
C2Raw(fd);
write(fd, prompt, strlen(prompt));
while (!done) {
int i;
if ((nc = read(0, buf, sizeof(buf))) == 0)
break;
for (i = 0; i < nc; ++i) {
if (buf[i] == 0x0d || buf[i] == 0x0a) {
/* CR, NL */
done = 1;
break;
} else
BuildStringChar(buf[i], pass);
}
}
C2Normal(fd);
/*
{
static STRING *c = (STRING *) 0;
if ((c = AllocString()) == (STRING *) 0)
OutOfMem();
write(fd, "\n'", 2);
if (pass->used) {
FmtCtlStr(pass->string, pass->used - 1, c);
write(fd, c->string, c->used - 1);
}
write(fd, "'\n", 2);
}
*/
write(fd, "\n", 1);
close(fd);
/* this way a (char*)0 is only returned on error */
if (pass->string == (char *)0)
return "";
else
return pass->string;
}
void
ClearPassword(void)
{
if (pass == (STRING *)0 || pass->allocated == 0)
return;
#if HAVE_MEMSET
memset((void *)(pass->string), '\000', pass->allocated);
#else
bzero((char *)(pass->string), pass->allocated);
#endif
BuildString((char *)0, pass);
}

10
console/getpassword.h Normal file
View File

@ -0,0 +1,10 @@
/*
* $Id: getpassword.h,v 1.4 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
extern char *GetPassword(char *);
extern void *ClearPassword(void);

728
console/readconf.c Normal file
View File

@ -0,0 +1,728 @@
/*
* $Id: readconf.c,v 5.8 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
#include <compat.h>
#include <cutil.h>
#include <readconf.h>
CONFIG *parserConfigTemp = (CONFIG *)0;
CONFIG *parserConfigDefault = (CONFIG *)0;
CONFIG *pConfig = (CONFIG *)0;
TERM *parserTermTemp = (TERM *)0;
TERM *parserTermDefault = (TERM *)0;
TERM *pTerm = (TERM *)0;
void
DestroyConfig(CONFIG *c)
{
if (c == (CONFIG *)0)
return;
if (c->username != (char *)0)
free(c->username);
if (c->master != (char *)0)
free(c->master);
if (c->port != (char *)0)
free(c->port);
if (c->escape != (char *)0)
free(c->escape);
#if HAVE_OPENSSL
if (c->sslcredentials != (char *)0)
free(c->sslcredentials);
if (c->sslcacertificatefile != (char *)0)
free(c->sslcacertificatefile);
if (c->sslcacertificatepath != (char *)0)
free(c->sslcacertificatepath);
#endif
free(c);
}
void
ApplyConfigDefault(CONFIG *c)
{
if (parserConfigDefault == (CONFIG *)0)
return;
if (parserConfigDefault->username != (char *)0) {
if (c->username != (char *)0)
free(c->username);
if ((c->username =
StrDup(parserConfigDefault->username)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->master != (char *)0) {
if (c->master != (char *)0)
free(c->master);
if ((c->master = StrDup(parserConfigDefault->master)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->port != (char *)0) {
if (c->port != (char *)0)
free(c->port);
if ((c->port = StrDup(parserConfigDefault->port)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->escape != (char *)0) {
if (c->escape != (char *)0)
free(c->escape);
if ((c->escape = StrDup(parserConfigDefault->escape)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->striphigh != FLAGUNKNOWN)
c->striphigh = parserConfigDefault->striphigh;
if (parserConfigDefault->replay != FLAGUNKNOWN)
c->replay = parserConfigDefault->replay;
if (parserConfigDefault->playback != FLAGUNKNOWN)
c->playback = parserConfigDefault->playback;
#if HAVE_OPENSSL
if (parserConfigDefault->sslcredentials != (char *)0) {
if (c->sslcredentials != (char *)0)
free(c->sslcredentials);
if ((c->sslcredentials =
StrDup(parserConfigDefault->sslcredentials)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->sslcacertificatefile != (char *)0) {
if (c->sslcacertificatefile != (char *)0)
free(c->sslcacertificatefile);
if ((c->sslcacertificatefile =
StrDup(parserConfigDefault->sslcacertificatefile)) ==
(char *)0)
OutOfMem();
}
if (parserConfigDefault->sslcacertificatepath != (char *)0) {
if (c->sslcacertificatepath != (char *)0)
free(c->sslcacertificatepath);
if ((c->sslcacertificatepath =
StrDup(parserConfigDefault->sslcacertificatepath)) ==
(char *)0)
OutOfMem();
}
if (parserConfigDefault->sslrequired != FLAGUNKNOWN)
c->sslrequired = parserConfigDefault->sslrequired;
if (parserConfigDefault->sslenabled != FLAGUNKNOWN)
c->sslenabled = parserConfigDefault->sslenabled;
#endif
}
void
ConfigBegin(char *id)
{
CONDDEBUG((1, "ConfigBegin(%s) [%s:%d]", id, file, line));
if (id == (char *)0 || id[0] == '\000') {
Error("empty config name [%s:%d]", file, line);
return;
}
if (parserConfigTemp != (CONFIG *)0)
DestroyConfig(parserConfigTemp);
if ((parserConfigTemp = (CONFIG *)calloc(1, sizeof(CONFIG)))
== (CONFIG *)0)
OutOfMem();
ApplyConfigDefault(parserConfigTemp);
parserConfigTemp->name = AllocString();
BuildString(id, parserConfigTemp->name);
}
void
ConfigEnd(void)
{
CONDDEBUG((1, "ConfigEnd() [%s:%d]", file, line));
if (parserConfigTemp == (CONFIG *)0)
return;
if (parserConfigTemp->name->used > 1) {
if ((parserConfigTemp->name->string[0] == '*' &&
parserConfigTemp->name->string[1] == '\000') ||
IsMe(parserConfigTemp->name->string)) {
DestroyConfig(parserConfigDefault);
parserConfigDefault = parserConfigTemp;
parserConfigTemp = (CONFIG *)0;
}
}
DestroyConfig(parserConfigTemp);
parserConfigTemp = (CONFIG *)0;
}
void
ConfigAbort(void)
{
CONDDEBUG((1, "ConfigAbort() [%s:%d]", file, line));
if (parserConfigTemp == (CONFIG *)0)
return;
DestroyConfig(parserConfigTemp);
parserConfigTemp = (CONFIG *)0;
}
void
ConfigDestroy(void)
{
CONDDEBUG((1, "ConfigDestroy() [%s:%d]", file, line));
if (parserConfigTemp != (CONFIG *)0) {
DestroyConfig(parserConfigTemp);
parserConfigTemp = (CONFIG *)0;
}
if (parserConfigDefault != (CONFIG *)0) {
DestroyConfig(pConfig);
pConfig = parserConfigDefault;
parserConfigDefault = (CONFIG *)0;
}
}
void
DestroyTerminal(TERM *t)
{
if (t == (TERM *)0)
return;
if (t->attach != (char *)0)
free(t->attach);
if (t->attachsubst != (char *)0)
free(t->attachsubst);
if (t->detach != (char *)0)
free(t->detach);
if (t->detachsubst != (char *)0)
free(t->detachsubst);
free(t);
}
void
ApplyTermDefault(TERM *t)
{
if (parserTermDefault == (TERM *)0)
return;
if (parserTermDefault->attach != (char *)0) {
if (t->attach != (char *)0)
free(t->attach);
if ((t->attach = StrDup(parserTermDefault->attach)) == (char *)0)
OutOfMem();
}
if (parserTermDefault->attachsubst != (char *)0) {
if (t->attachsubst != (char *)0)
free(t->attachsubst);
if ((t->attachsubst =
StrDup(parserTermDefault->attachsubst)) == (char *)0)
OutOfMem();
}
if (parserTermDefault->detach != (char *)0) {
if (t->detach != (char *)0)
free(t->detach);
if ((t->detach = StrDup(parserTermDefault->detach)) == (char *)0)
OutOfMem();
}
if (parserTermDefault->detachsubst != (char *)0) {
if (t->detachsubst != (char *)0)
free(t->detachsubst);
if ((t->detachsubst =
StrDup(parserTermDefault->detachsubst)) == (char *)0)
OutOfMem();
}
}
void
TerminalBegin(char *id)
{
CONDDEBUG((1, "TerminalBegin(%s) [%s:%d]", id, file, line));
if (id == (char *)0 || id[0] == '\000') {
Error("empty terminal name [%s:%d]", file, line);
return;
}
if (parserTermTemp != (TERM *)0)
DestroyTerminal(parserTermTemp);
if ((parserTermTemp = (TERM *)calloc(1, sizeof(TERM)))
== (TERM *)0)
OutOfMem();
ApplyTermDefault(parserTermTemp);
parserTermTemp->name = AllocString();
BuildString(id, parserTermTemp->name);
}
void
TerminalEnd(void)
{
static char *term = (char *)0;
CONDDEBUG((1, "TerminalEnd() [%s:%d]", file, line));
if (parserTermTemp == (TERM *)0)
return;
if (term == (char *)0) {
if ((term = getenv("TERM")) == (char *)0) {
term = "";
}
}
if (parserTermTemp->name->used > 1) {
if ((parserTermTemp->name->string[0] == '*' &&
parserTermTemp->name->string[1] == '\000') ||
strcmp(parserTermTemp->name->string, term) == 0) {
DestroyTerminal(parserTermDefault);
parserTermDefault = parserTermTemp;
parserTermTemp = (TERM *)0;
}
}
DestroyTerminal(parserTermTemp);
parserTermTemp = (TERM *)0;
}
void
TerminalAbort(void)
{
CONDDEBUG((1, "TerminalAbort() [%s:%d]", file, line));
if (parserTermTemp == (TERM *)0)
return;
DestroyTerminal(parserTermTemp);
parserTermTemp = (TERM *)0;
}
void
TerminalDestroy(void)
{
CONDDEBUG((1, "TerminalDestroy() [%s:%d]", file, line));
if (parserTermTemp != (TERM *)0) {
DestroyTerminal(parserTermTemp);
parserTermTemp = (TERM *)0;
}
if (parserTermDefault != (TERM *)0) {
DestroyTerminal(pTerm);
pTerm = parserTermDefault;
parserTermDefault = (TERM *)0;
}
}
void
ProcessYesNo(char *id, FLAG *flag)
{
if (id == (char *)0 || id[0] == '\000')
*flag = FLAGFALSE;
else if (strcasecmp("yes", id) == 0 || strcasecmp("true", id) == 0 ||
strcasecmp("on", id) == 0)
*flag = FLAGTRUE;
else if (strcasecmp("no", id) == 0 || strcasecmp("false", id) == 0 ||
strcasecmp("off", id) == 0)
*flag = FLAGFALSE;
}
void
ConfigItemEscape(char *id)
{
CONDDEBUG((1, "ConfigItemEscape(%s) [%s:%d]", id, file, line));
if (parserConfigTemp->escape != (char *)0)
free(parserConfigTemp->escape);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->escape = (char *)0;
return;
}
if ((parserConfigTemp->escape = StrDup(id)) == (char *)0)
OutOfMem();
}
void
ConfigItemMaster(char *id)
{
CONDDEBUG((1, "ConfigItemMaster(%s) [%s:%d]", id, file, line));
if (parserConfigTemp->master != (char *)0)
free(parserConfigTemp->master);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->master = (char *)0;
return;
}
if ((parserConfigTemp->master = StrDup(id)) == (char *)0)
OutOfMem();
}
void
ConfigItemPlayback(char *id)
{
int i;
CONDDEBUG((1, "ConfigItemPlayback(%s) [%s:%d]", id, file, line));
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->playback = 0;
return;
}
for (i = 0; id[i] != '\000'; i++) {
if (!isdigit((int)id[i])) {
Error("invalid playback value [%s:%d]", file, line);
return;
}
}
if (i > 4) {
Error("playback value too large [%s:%d]", file, line);
return;
}
parserConfigTemp->playback = (unsigned short)atoi(id) + 1;
}
void
ConfigItemPort(char *id)
{
CONDDEBUG((1, "ConfigItemPort(%s) [%s:%d]", id, file, line));
if (parserConfigTemp->port != (char *)0)
free(parserConfigTemp->port);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->port = (char *)0;
return;
}
if ((parserConfigTemp->port = StrDup(id)) == (char *)0)
OutOfMem();
}
void
ConfigItemReplay(char *id)
{
int i;
CONDDEBUG((1, "ConfigItemReplay(%s) [%s:%d]", id, file, line));
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->replay = 0;
return;
}
for (i = 0; id[i] != '\000'; i++) {
if (!isdigit((int)id[i])) {
Error("invalid replay value [%s:%d]", file, line);
return;
}
}
if (i > 4) {
Error("replay value too large [%s:%d]", file, line);
return;
}
parserConfigTemp->replay = (unsigned short)atoi(id) + 1;
}
void
ConfigItemSslcredentials(char *id)
{
CONDDEBUG((1, "ConfigItemSslcredentials(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
if (parserConfigTemp->sslcredentials != (char *)0)
free(parserConfigTemp->sslcredentials);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->sslcredentials = (char *)0;
return;
}
if ((parserConfigTemp->sslcredentials = StrDup(id)) == (char *)0)
OutOfMem();
#else
Error
("sslcredentials ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
ConfigItemSslcacertificatefile(char *id)
{
CONDDEBUG((1, "ConfigItemSslcacertificatefile(%s) [%s:%d]", id, file,
line));
#if HAVE_OPENSSL
if (parserConfigTemp->sslcacertificatefile != (char *)0)
free(parserConfigTemp->sslcacertificatefile);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->sslcacertificatefile = (char *)0;
return;
}
if ((parserConfigTemp->sslcacertificatefile = StrDup(id)) == (char *)0)
OutOfMem();
#else
Error
("sslcacertificatefile ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
ConfigItemSslcacertificatepath(char *id)
{
CONDDEBUG((1, "ConfigItemSslcacertificatepath(%s) [%s:%d]", id, file,
line));
#if HAVE_OPENSSL
if (parserConfigTemp->sslcacertificatepath != (char *)0)
free(parserConfigTemp->sslcacertificatepath);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->sslcacertificatepath = (char *)0;
return;
}
if ((parserConfigTemp->sslcacertificatepath = StrDup(id)) == (char *)0)
OutOfMem();
#else
Error
("sslcacertificatepath ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
ConfigItemSslrequired(char *id)
{
CONDDEBUG((1, "ConfigItemSslrequired(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
ProcessYesNo(id, &(parserConfigTemp->sslrequired));
#else
Error
("sslrequired ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
ConfigItemSslenabled(char *id)
{
CONDDEBUG((1, "ConfigItemSslenabled(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
ProcessYesNo(id, &(parserConfigTemp->sslenabled));
#else
Error("sslenabled ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
ConfigItemStriphigh(char *id)
{
CONDDEBUG((1, "ConfigItemStriphigh(%s) [%s:%d]", id, file, line));
ProcessYesNo(id, &(parserConfigTemp->striphigh));
}
void
ConfigItemUsername(char *id)
{
CONDDEBUG((1, "ConfigItemUsername(%s) [%s:%d]", id, file, line));
if (parserConfigTemp->username != (char *)0)
free(parserConfigTemp->username);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->username = (char *)0;
return;
}
if ((parserConfigTemp->username = StrDup(id)) == (char *)0)
OutOfMem();
}
SUBST *substData = (SUBST *)0;
SUBSTTOKEN
SubstToken(char c)
{
switch (c) {
case 'u':
case 'c':
return ISSTRING;
default:
return ISNOTHING;
}
}
int
SubstValue(char c, char **s, int *i)
{
int retval = 0;
if (s != (char **)0) {
CONFIG *pc;
if (substData->data == (void *)0)
return 0;
pc = (CONFIG *)(substData->data);
if (c == 'u') {
(*s) = pc->username;
retval = 1;
} else if (c == 'c') {
(*s) = pc->console;
retval = 1;
}
}
return retval;
}
void
InitSubstCallback(void)
{
if (substData == (SUBST *)0) {
if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0)
OutOfMem();
substData->value = &SubstValue;
substData->token = &SubstToken;
}
}
void
TerminalItemAttach(char *id)
{
CONDDEBUG((1, "TerminalItemAttach(%s) [%s:%d]", id, file, line));
if (parserTermTemp->attach != (char *)0)
free(parserTermTemp->attach);
if ((id == (char *)0) || (*id == '\000')) {
parserTermTemp->attach = (char *)0;
return;
}
if ((parserTermTemp->attach = StrDup(id)) == (char *)0)
OutOfMem();
}
void
TerminalItemAttachsubst(char *id)
{
CONDDEBUG((1, "TerminalItemAttachsubst(%s) [%s:%d]", id, file, line));
ProcessSubst(substData, (char **)0, &(parserTermTemp->attachsubst),
"attachsubst", id);
}
void
TerminalItemDetach(char *id)
{
CONDDEBUG((1, "TerminalItemDetach(%s) [%s:%d]", id, file, line));
if (parserTermTemp->detach != (char *)0)
free(parserTermTemp->detach);
if ((id == (char *)0) || (*id == '\000')) {
parserTermTemp->detach = (char *)0;
return;
}
if ((parserTermTemp->detach = StrDup(id)) == (char *)0)
OutOfMem();
}
void
TerminalItemDetachsubst(char *id)
{
CONDDEBUG((1, "TerminalItemDetachsubst(%s) [%s:%d]", id, file, line));
ProcessSubst(substData, (char **)0, &(parserTermTemp->detachsubst),
"detachsubst", id);
}
ITEM keyConfig[] = {
{"escape", ConfigItemEscape},
{"master", ConfigItemMaster},
{"playback", ConfigItemPlayback},
{"port", ConfigItemPort},
{"replay", ConfigItemReplay},
{"sslcredentials", ConfigItemSslcredentials},
{"sslcacertificatefile", ConfigItemSslcacertificatefile},
{"sslcacertificatepath", ConfigItemSslcacertificatepath},
{"sslrequired", ConfigItemSslrequired},
{"sslenabled", ConfigItemSslenabled},
{"striphigh", ConfigItemStriphigh},
{"username", ConfigItemUsername},
{(char *)0, (void *)0}
};
ITEM keyTerminal[] = {
{"attach", TerminalItemAttach},
{"attachsubst", TerminalItemAttachsubst},
{"detach", TerminalItemDetach},
{"detachsubst", TerminalItemDetachsubst},
{(char *)0, (void *)0}
};
SECTION sections[] = {
{"config", ConfigBegin, ConfigEnd, ConfigAbort, ConfigDestroy,
keyConfig},
{"terminal", TerminalBegin, TerminalEnd, TerminalAbort,
TerminalDestroy, keyTerminal},
{(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
};
void
ReadConf(char *filename, FLAG verbose)
{
FILE *fp;
if ((FILE *)0 == (fp = fopen(filename, "r"))) {
if (verbose == FLAGTRUE)
Error("could not open `%s'", filename);
return;
}
/* initialize the substition bits */
InitSubstCallback();
parserConfigDefault = pConfig;
pConfig = (CONFIG *)0;
parserTermDefault = pTerm;
pTerm = (TERM *)0;
ParseFile(filename, fp, 0);
/* shouldn't really happen, but in case i screw up the stuff
* ParseFile calls...
*/
if (pConfig == (CONFIG *)0) {
if ((pConfig = (CONFIG *)calloc(1, sizeof(CONFIG)))
== (CONFIG *)0)
OutOfMem();
}
if (pTerm == (TERM *)0) {
if ((pTerm = (TERM *)calloc(1, sizeof(TERM)))
== (TERM *)0)
OutOfMem();
}
if (fDebug) {
#define EMPTYSTR(x) x == (char *)0 ? "(null)" : x
#define FLAGSTR(x) x == FLAGTRUE ? "true" : (x == FLAGFALSE ? "false" : "unset")
CONDDEBUG((1, "pConfig->username = %s",
EMPTYSTR(pConfig->username)));
CONDDEBUG((1, "pConfig->master = %s", EMPTYSTR(pConfig->master)));
CONDDEBUG((1, "pConfig->port = %s", EMPTYSTR(pConfig->port)));
CONDDEBUG((1, "pConfig->escape = %s", EMPTYSTR(pConfig->escape)));
CONDDEBUG((1, "pConfig->striphigh = %s",
FLAGSTR(pConfig->striphigh)));
CONDDEBUG((1, "pConfig->replay = %hu", pConfig->replay));
CONDDEBUG((1, "pConfig->playback = %hu", pConfig->playback));
#if HAVE_OPENSSL
CONDDEBUG((1, "pConfig->sslcredentials = %s",
EMPTYSTR(pConfig->sslcredentials)));
CONDDEBUG((1, "pConfig->sslcacertificatefile = %s",
EMPTYSTR(pConfig->sslcacertificatefile)));
CONDDEBUG((1, "pConfig->sslcacertificatepath = %s",
EMPTYSTR(pConfig->sslcacertificatepath)));
CONDDEBUG((1, "pConfig->sslrequired = %s",
FLAGSTR(pConfig->sslrequired)));
CONDDEBUG((1, "pConfig->sslenabled = %s",
FLAGSTR(pConfig->sslenabled)));
#endif
CONDDEBUG((1, "pTerm->attach = %s", EMPTYSTR(pTerm->attach)));
CONDDEBUG((1, "pTerm->attachsubst = %s",
EMPTYSTR(pTerm->attachsubst)));
CONDDEBUG((1, "pTerm->detach = %s", EMPTYSTR(pTerm->detach)));
CONDDEBUG((1, "pTerm->detachsubst = %s",
EMPTYSTR(pTerm->detachsubst)));
}
fclose(fp);
}

42
console/readconf.h Normal file
View File

@ -0,0 +1,42 @@
/*
* $Id: readconf.h,v 5.7 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
typedef struct config {
STRING *name;
char *console;
char *username;
char *master;
char *port;
char *escape;
FLAG striphigh;
unsigned short replay;
unsigned short playback;
#if HAVE_OPENSSL
char *sslcredentials;
char *sslcacertificatefile;
char *sslcacertificatepath;
FLAG sslrequired;
FLAG sslenabled;
#endif
} CONFIG;
typedef struct term {
STRING *name;
char *attach;
char *attachsubst;
char *detach;
char *detachsubst;
} TERM;
extern CONFIG *pConfig;
extern TERM *pTerm;
extern SUBST *substData;
extern void ReadConf(char *, FLAG);
extern void DestroyConfig(CONFIG *);
extern void DestroyTerminal(TERM *);

8
contrib/README
View File

@ -1,5 +1,11 @@
Various contributions by folks....
chat
Author: Greg Woods <woods@weird.com>
Synopsis: A send/expect program...source code from the NetBSD
distribution and modified by Greg Woods to work
a bit better with conserver
solaris-package
Author: Michael Sullivan <mike@trdlnk.com>
Synopsis: Creates a solaris package
@ -18,5 +24,5 @@ will be helpful.
Bryan Stansell
#
# $Id: README,v 1.3 2002-10-13 19:57:44-07 bryan Exp $
# $Id: README,v 1.4 2003/09/29 14:29:37 bryan Exp $
#

53
contrib/chat/Makefile.in Normal file
View File

@ -0,0 +1,53 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = @bindir@
sysconfdir = @sysconfdir@
mandir = @mandir@
### Installation programs and flags
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@ -s
LN_S = @LN_S@
MKDIR = @MKDIR@
### Compiler and link options
CC = @CC@
CFLAGS = @CFLAGS@
DEFS = @DEFS@
CPPFLAGS = -I$(top_srcdir) -I$(srcdir) $(DEFS) @CPPFLAGS@
LDFLAGS = @LDFLAGS@
LIBS = @LIBS@
@SET_MAKE@
### Makefile rules - no user-servicable parts below
CHAT_OBJS = chat.o
CHAT_HDRS = ../../config.h
ALL = chat
all: $(ALL)
chat: $(CHAT_OBJS)
$(CC) $(CFLAGS) $(LDFLAGS) -o chat $(CHAT_OBJS) $(LIBS)
.c.o:
$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
clean:
rm -f *~ *.o $(ALL) core
distclean: clean
rm -f Makefile
install: chat
$(MKDIR) $(DESTDIR)$(bindir)
$(INSTALL_PROGRAM) chat $(DESTDIR)$(bindir)
$(MKDIR) $(DESTDIR)$(mandir)/man1
$(INSTALL) chat.man $(DESTDIR)$(mandir)/man1/chat.1
.PHONY: clean distclean install

8
contrib/chat/README Normal file
View File

@ -0,0 +1,8 @@
Information from Greg Woods <woods@weird.com>:
This version of "chat" is derived from the NetBSD variant found in
/usr/src/usr.sbin/pppd/chat.
It has had a new '-I' command-line flag added so that it can ignore
the fact it's not running on a TTY device (i.e. to allow it to work
over a socket).

1753
contrib/chat/chat.c Normal file
View File

File diff suppressed because it is too large Load Diff

511
contrib/chat/chat.man Normal file
View File

@ -0,0 +1,511 @@
.\" -*- nroff -*-
.\" manual page [] for chat 1.8
.\" Id: chat.8,v 1.9 1999/09/06 05:10:23 paulus Exp
.\" SH section heading
.\" SS subsection heading
.\" LP paragraph
.\" IP indented paragraph
.\" TP hanging label
.TH CHAT 8 "22 May 1999" "Chat Version 1.22"
.SH "NAME"
chat \- Automated conversational script with a modem
.SH "SYNOPSIS"
.B chat
[
.I options
]
.I script
.SH "DESCRIPTION"
.LP
The \fIchat\fR program defines a conversational exchange between the
computer and the modem. Its primary purpose is to establish the
connection between the Point-to-Point Protocol Daemon (\fIpppd\fR) and
the remote's \fIpppd\fR process.
.SH "OPTIONS"
.TP
.B -f \fI<chat file>
Read the chat script from the chat \fIfile\fR. The use of this option
is mutually exclusive with the chat script parameters. The user must
have read access to the file. Multiple lines are permitted in the
file. Space or horizontal tab characters should be used to separate
the strings.
.TP
.B -t \fI<timeout>
Set the timeout for the expected string to be received. If the string
is not received within the time limit then the reply string is not
sent. An alternate reply may be sent or the script will fail if there
is no alternate reply string. A failed script will cause the
\fIchat\fR program to terminate with a non-zero error code.
.TP
.B -r \fI<report file>
Set the file for output of the report strings. If you use the keyword
\fIREPORT\fR, the resulting strings are written to this file. If this
option is not used and you still use \fIREPORT\fR keywords, the
\fIstderr\fR file is used for the report strings.
.TP
.B -e
Start with the echo option turned on. Echoing may also be turned on
or off at specific points in the chat script by using the \fIECHO\fR
keyword. When echoing is enabled, all output from the modem is echoed
to \fIstderr\fR.
.TP
.B -E
Enables environment variable substituion within chat scripts using the
standard \fI$xxx\fR syntax.
.TP
.B -v
Request that the \fIchat\fR script be executed in a verbose mode. The
\fIchat\fR program will then log the execution state of the chat
script as well as all text received from the modem and the output
strings sent to the modem. The default is to log through the SYSLOG;
the logging method may be altered with the -S and -s flags. SYSLOGs
are logged to facility LOG_LOCAL2.
.TP
.B -V
Request that the \fIchat\fR script be executed in a stderr verbose
mode. The \fIchat\fR program will then log all text received from the
modem and the output strings sent to the modem to the stderr device. This
device is usually the local console at the station running the chat or
pppd program.
.TP
.B -s
Use stderr. All log messages from '-v' and all error messages will be
sent to stderr.
.TP
.B -S
Do not use the SYSLOG. By default, error messages are sent to the
SYSLOG. The use of -S will prevent both log messages from '-v' and
error messages from being sent to the SYSLOG (to facility LOG_LOCAL2).
.TP
.B -T \fI<phone number>
Pass in an arbitary string, usually a phone number, that will be
substituted for the \eT substitution metacharacter in a send string.
.TP
.B -U \fI<phone number 2>
Pass in a second string, usually a phone number, that will be
substituted for the \eU substitution metacharacter in a send string.
This is useful when dialing an ISDN terminal adapter that requires two
numbers.
.TP
.B script
If the script is not specified in a file with the \fI-f\fR option then
the script is included as parameters to the \fIchat\fR program.
.SH "CHAT SCRIPT"
.LP
The \fIchat\fR script defines the communications.
.LP
A script consists of one or more "expect-send" pairs of strings,
separated by spaces, with an optional "subexpect-subsend" string pair,
separated by a dash as in the following example:
.IP
ogin:-BREAK-ogin: ppp ssword: hello2u2
.LP
This line indicates that the \fIchat\fR program should expect the string
"ogin:". If it fails to receive a login prompt within the time interval
allotted, it is to send a break sequence to the remote and then expect the
string "ogin:". If the first "ogin:" is received then the break sequence is
not generated.
.LP
Once it received the login prompt the \fIchat\fR program will send the
string ppp and then expect the prompt "ssword:". When it receives the
prompt for the password, it will send the password hello2u2.
.LP
A carriage return is normally sent following the reply string. It is not
expected in the "expect" string unless it is specifically requested by using
the \er character sequence.
.LP
The expect sequence should contain only what is needed to identify the
string. Since it is normally stored on a disk file, it should not contain
variable information. It is generally not acceptable to look for time
strings, network identification strings, or other variable pieces of data as
an expect string.
.LP
To help correct for characters which may be corrupted during the initial
sequence, look for the string "ogin:" rather than "login:". It is possible
that the leading "l" character may be received in error and you may never
find the string even though it was sent by the system. For this reason,
scripts look for "ogin:" rather than "login:" and "ssword:" rather than
"password:".
.LP
A very simple script might look like this:
.IP
ogin: ppp ssword: hello2u2
.LP
In other words, expect ....ogin:, send ppp, expect ...ssword:, send hello2u2.
.LP
In actual practice, simple scripts are rare. At the vary least, you
should include sub-expect sequences should the original string not be
received. For example, consider the following script:
.IP
ogin:--ogin: ppp ssword: hello2u2
.LP
This would be a better script than the simple one used earlier. This would look
for the same login: prompt, however, if one was not received, a single
return sequence is sent and then it will look for login: again. Should line
noise obscure the first login prompt then sending the empty line will
usually generate a login prompt again.
.SH "COMMENTS"
Comments can be embedded in the chat script. A comment is a line which
starts with the \fB#\fR (hash) character in column 1. Such comment
lines are just ignored by the chat program. If a '#' character is to
be expected as the first character of the expect sequence, you should
quote the expect string, or give its octal value, `\e043'.
In a script file if you want to wait for a prompt that starts with a '#'
character, you would have to write something like this:
.IP
# Now wait for the prompt and send logout string
.br
\'# ' logout
.SH "SENDING DATA FROM A FILE"
If the string to send starts with an at sign (@), the rest of the
string is taken to be the name of a file to read to get the string to
send. If the last character of the data read is a newline, it is
removed. The file can be a named pipe (or fifo) instead of a regular
file. This provides a way for \fBchat\fR to communicate with another
program, for example, a program to prompt the user and receive a
password typed in.
.SH "ABORT STRINGS"
Many modems will report the status of the call as a string. These
strings may be \fBCONNECTED\fR or \fBNO CARRIER\fR or \fBBUSY\fR. It
is often desirable to terminate the script should the modem fail to
connect to the remote. The difficulty is that a script would not know
exactly which modem string it may receive. On one attempt, it may
receive \fBBUSY\fR while the next time it may receive \fBNO CARRIER\fR.
.LP
These "abort" strings may be specified in the script using the \fIABORT\fR
sequence. It is written in the script as in the following example:
.IP
ABORT BUSY ABORT 'NO CARRIER' '' ATZ OK ATDT5551212 CONNECT
.LP
This sequence will expect nothing; and then send the string ATZ. The
expected response to this is the string \fIOK\fR. When it receives \fIOK\fR,
the string ATDT5551212 to dial the telephone. The expected string is
\fICONNECT\fR. If the string \fICONNECT\fR is received the remainder of the
script is executed. However, should the modem find a busy telephone, it will
send the string \fIBUSY\fR. This will cause the string to match the abort
character sequence. The script will then fail because it found a match to
the abort string. If it received the string \fINO CARRIER\fR, it will abort
for the same reason. Either string may be received. Either string will
terminate the \fIchat\fR script.
.SH "CLR_ABORT STRINGS"
This sequence allows for clearing previously set \fBABORT\fR strings.
\fBABORT\fR strings are kept in an array of a pre-determined size (at
compilation time); \fBCLR_ABORT\fR will reclaim the space for cleared
entries so that new strings can use that space.
.SH "SAY STRINGS"
The \fBSAY\fR directive allows the script to send strings to the user
at the terminal via standard error. If \fBchat\fR is being run by
pppd, and pppd is running as a daemon (detached from its controlling
terminal), standard error will normally be redirected to the file
/etc/ppp/connect-errors.
.LP
\fBSAY\fR strings must be enclosed in single or double quotes. If
carriage return and line feed are needed in the string to be output,
you must explicitly add them to your string.
.LP
The SAY strings could be used to give progress messages in sections of
the script where you want to have 'ECHO OFF' but still let the user
know what is happening. An example is:
.IP
ABORT BUSY
.br
ECHO OFF
.br
SAY "Dialling your ISP...\en"
.br
\'' ATDT5551212
.br
TIMEOUT 120
.br
SAY "Waiting up to 2 minutes for connection ... "
.br
CONNECT ''
.br
SAY "Connected, now logging in ...\n"
.br
ogin: account
.br
ssword: pass
.br
$ \c
SAY "Logged in OK ...\n"
\fIetc ...\fR
.LP
This sequence will only present the SAY strings to the user and all
the details of the script will remain hidden. For example, if the
above script works, the user will see:
.IP
Dialling your ISP...
.br
Waiting up to 2 minutes for connection ... Connected, now logging in ...
.br
Logged in OK ...
.LP
.SH "REPORT STRINGS"
A \fBreport\fR string is similar to the ABORT string. The difference
is that the strings, and all characters to the next control character
such as a carriage return, are written to the report file.
.LP
The report strings may be used to isolate the transmission rate of the
modem's connect string and return the value to the chat user. The
analysis of the report string logic occurs in conjunction with the
other string processing such as looking for the expect string. The use
of the same string for a report and abort sequence is probably not
very useful, however, it is possible.
.LP
The report strings to no change the completion code of the program.
.LP
These "report" strings may be specified in the script using the \fIREPORT\fR
sequence. It is written in the script as in the following example:
.IP
REPORT CONNECT ABORT BUSY '' ATDT5551212 CONNECT '' ogin: account
.LP
This sequence will expect nothing; and then send the string
ATDT5551212 to dial the telephone. The expected string is
\fICONNECT\fR. If the string \fICONNECT\fR is received the remainder
of the script is executed. In addition the program will write to the
expect-file the string "CONNECT" plus any characters which follow it
such as the connection rate.
.SH "CLR_REPORT STRINGS"
This sequence allows for clearing previously set \fBREPORT\fR strings.
\fBREPORT\fR strings are kept in an array of a pre-determined size (at
compilation time); \fBCLR_REPORT\fR will reclaim the space for cleared
entries so that new strings can use that space.
.SH "ECHO"
The echo options controls whether the output from the modem is echoed
to \fIstderr\fR. This option may be set with the \fI-e\fR option, but
it can also be controlled by the \fIECHO\fR keyword. The "expect-send"
pair \fIECHO\fR \fION\fR enables echoing, and \fIECHO\fR \fIOFF\fR
disables it. With this keyword you can select which parts of the
conversation should be visible. For instance, with the following
script:
.IP
ABORT 'BUSY'
.br
ABORT 'NO CARRIER'
.br
'' ATZ
.br
OK\er\en ATD1234567
.br
\er\en \ec
.br
ECHO ON
.br
CONNECT \ec
.br
ogin: account
.LP
all output resulting from modem configuration and dialing is not visible,
but starting with the \fICONNECT\fR (or \fIBUSY\fR) message, everything
will be echoed.
.SH "HANGUP"
The HANGUP options control whether a modem hangup should be considered
as an error or not. This option is useful in scripts for dialling
systems which will hang up and call your system back. The HANGUP
options can be \fBON\fR or \fBOFF\fR.
.br
When HANGUP is set OFF and the modem hangs up (e.g., after the first
stage of logging in to a callback system), \fBchat\fR will continue
running the script (e.g., waiting for the incoming call and second
stage login prompt). As soon as the incoming call is connected, you
should use the \fBHANGUP ON\fR directive to reinstall normal hang up
signal behavior. Here is an (simple) example script:
.IP
ABORT 'BUSY'
.br
'' ATZ
.br
OK\er\en ATD1234567
.br
\er\en \ec
.br
CONNECT \ec
.br
\'Callback login:' call_back_ID
.br
HANGUP OFF
.br
ABORT "Bad Login"
.br
\'Callback Password:' Call_back_password
.br
TIMEOUT 120
.br
CONNECT \ec
.br
HANGUP ON
.br
ABORT "NO CARRIER"
.br
ogin:--BREAK--ogin: real_account
.br
\fIetc ...\fR
.LP
.SH "TIMEOUT"
The initial timeout value is 45 seconds. This may be changed using the \fB-t\fR
parameter.
.LP
To change the timeout value for the next expect string, the following
example may be used:
.IP
ATZ OK ATDT5551212 CONNECT TIMEOUT 10 ogin:--ogin: TIMEOUT 5 assword: hello2u2
.LP
This will change the timeout to 10 seconds when it expects the login:
prompt. The timeout is then changed to 5 seconds when it looks for the
password prompt.
.LP
The timeout, once changed, remains in effect until it is changed again.
.SH "SENDING EOT"
The special reply string of \fIEOT\fR indicates that the chat program
should send an EOT character to the remote. This is normally the
End-of-file character sequence. A return character is not sent
following the EOT.
.PR
The EOT sequence may be embedded into the send string using the
sequence \fI^D\fR.
.SH "GENERATING BREAK"
The special reply string of \fIBREAK\fR will cause a break condition
to be sent. The break is a special signal on the transmitter. The
normal processing on the receiver is to change the transmission rate.
It may be used to cycle through the available transmission rates on
the remote until you are able to receive a valid login prompt.
.PR
The break sequence may be embedded into the send string using the
\fI\eK\fR sequence.
.SH "ESCAPE SEQUENCES"
The expect and reply strings may contain escape sequences. All of the
sequences are legal in the reply string. Many are legal in the expect.
Those which are not valid in the expect sequence are so indicated.
.TP
.B ''
Expects or sends a null string. If you send a null string then it will still
send the return character. This sequence may either be a pair of apostrophe
or quote characters.
.TP
.B \eb
represents a backspace character.
.TP
.B \ec
Suppresses the newline at the end of the reply string. This is the only
method to send a string without a trailing return character. It must
be at the end of the send string. For example,
the sequence hello\ec will simply send the characters h, e, l, l, o.
.I (not valid in expect.)
.TP
.B \ed
Delay for one second. The program uses sleep(1) which will delay to a
maximum of one second.
.I (not valid in expect.)
.TP
.B \eK
Insert a BREAK
.I (not valid in expect.)
.TP
.B \en
Send a newline or linefeed character.
.TP
.B \eN
Send a null character. The same sequence may be represented by \e0.
.I (not valid in expect.)
.TP
.B \ep
Pause for a fraction of a second. The delay is 1/10th of a second.
.I (not valid in expect.)
.TP
.B \eq
Suppress writing the string to the SYSLOG. The string ?????? is
written to the log in its place.
.I (not valid in expect.)
.TP
.B \er
Send or expect a carriage return.
.TP
.B \es
Represents a space character in the string. This may be used when it
is not desirable to quote the strings which contains spaces. The
sequence 'HI\ TIM' and HI\esTIM are the same.
.TP
.B \et
Send or expect a tab character.
.TP
.B \eT
Send the phone number string as specified with the \fI-T\fR option
.I (not valid in expect.)
.TP
.B \eU
Send the phone number 2 string as specified with the \fI-U\fR option
.I (not valid in expect.)
.TP
.B \e\e
Send or expect a backslash character.
.TP
.B \eddd
Collapse the octal digits (ddd) into a single ASCII character and send that
character.
.I (some characters are not valid in expect.)
.TP
.B \^^C
Substitute the sequence with the control character represented by C.
For example, the character DC1 (17) is shown as \^^Q.
.I (some characters are not valid in expect.)
.SH "ENVIRONMENT VARIABLES"
Environment variables are available within chat scripts, if the \fI-E\fR
option was specified in the command line. The metacharacter \fI$\fR is used
to introduce the name of the environment variable to substitute. If the
substition fails, because the requested environment variable is not set,
\fInothing\fR is replaced for the variable.
.SH "TERMINATION CODES"
The \fIchat\fR program will terminate with the following completion
codes.
.TP
.B 0
The normal termination of the program. This indicates that the script
was executed without error to the normal conclusion.
.TP
.B 1
One or more of the parameters are invalid or an expect string was too
large for the internal buffers. This indicates that the program as not
properly executed.
.TP
.B 2
An error occurred during the execution of the program. This may be due
to a read or write operation failing for some reason or chat receiving
a signal such as SIGINT.
.TP
.B 3
A timeout event occurred when there was an \fIexpect\fR string without
having a "-subsend" string. This may mean that you did not program the
script correctly for the condition or that some unexpected event has
occurred and the expected string could not be found.
.TP
.B 4
The first string marked as an \fIABORT\fR condition occurred.
.TP
.B 5
The second string marked as an \fIABORT\fR condition occurred.
.TP
.B 6
The third string marked as an \fIABORT\fR condition occurred.
.TP
.B 7
The fourth string marked as an \fIABORT\fR condition occurred.
.TP
.B ...
The other termination codes are also strings marked as an \fIABORT\fR
condition.
.LP
Using the termination code, it is possible to determine which event
terminated the script. It is possible to decide if the string "BUSY"
was received from the modem as opposed to "NO DIAL TONE". While the
first event may be retried, the second will probably have little
chance of succeeding during a retry.
.SH "SEE ALSO"
Additional information about \fIchat\fR scripts may be found with UUCP
documentation. The \fIchat\fR script was taken from the ideas proposed
by the scripts used by the \fIuucico\fR program.
.LP
uucp(1), uucico(8)
.SH "COPYRIGHT"
The \fIchat\fR program is in public domain. This is not the GNU public
license. If it breaks then you get to keep both pieces.

13
contrib/maketestcerts
View File

@ -5,11 +5,14 @@
# for conserver and it's OpenSSL bits. It's far from perfect...or useful
# outside of my own purposes. If this helps, cool. In the end I put the
# rootcert.pem file in my global certs directory (OPENSSL_ROOT/ssl/certs),
# point the server to server.pem and point the client at client.pem.
# Ugly, yeah, but it's an ok test.
# point the server to server.pem and point the client at client.pem. I
# then run the c_rehash command.
#
# You can also use the sslcacertificatefile options to point the client/server
# at rootcert.pem instead of populating the global repository
#
[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -passin pass:pass -passout pass:pass
[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -nodes
US
California
Folsom
@ -23,7 +26,7 @@ EOD
[ -f rootcert.pem ] || openssl x509 -req -in rootreq.pem -sha1 -extensions v3_ca -signkey rootkey.pem -out rootcert.pem
[ -f root.pem ] || cat rootcert.pem rootkey.pem > root.pem
[ -f serverreq.pem -a -f serverkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -passin pass:pass -passout pass:pass
[ -f serverreq.pem -a -f serverkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -nodes
US
California
Folsom
@ -37,7 +40,7 @@ EOD
[ -f servercert.pem ] || openssl x509 -req -in serverreq.pem -sha1 -extensions usr_cert -CA root.pem -CAkey root.pem -CAcreateserial -out servercert.pem
[ -f server.pem ] || cat servercert.pem serverkey.pem rootcert.pem > server.pem
[ -f clientreq.pem -a -f clientkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem -passin pass:pass -passout pass:pass
[ -f clientreq.pem -a -f clientkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem -nodes
US
California
Folsom

5
contrib/redhat-rpm/conserver.defaults Normal file
View File

@ -0,0 +1,5 @@
# server options
#OPTIONS="-p 33000 -d"
# run as different user that root
#RUNAS=conservr

48
contrib/redhat-rpm/conserver.init
View File

@ -7,44 +7,66 @@
# config: /etc/conserver.cf
#
DAEMON=/usr/sbin/conserver
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Source defaults
. /etc/default/conserver
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# make sure conserver is installed and executable
[ -x /usr/sbin/conserver ] || exit 1
[ -x $DAEMON ] || exit 1
start()
{
echo -n "Starting conserver: "
daemon --user "${RUNAS-}" $DAEMON ${OPTIONS--d}
RETVAL=$?
[ "$RETVAL" = 0 ] && touch /var/lock/subsys/conserver
echo
}
stop()
{
echo -n "Shutting down conserver: "
killproc conserver
RETVAL=$?
[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/conserver
echo
}
# See how we were called.
case "$1" in
start)
echo -n "Starting conserver: "
daemon conserver -d
echo
touch /var/lock/subsys/conserver
start
;;
stop)
echo -n "Shutting down conserver: "
killproc conserver
echo
rm -f /var/lock/subsys/conserver
stop
;;
status)
status conserver
;;
restart)
echo -n "Restarting conserver: "
stop
start
;;
reload)
echo -n "Reloading conserver: "
killproc conserver -HUP
RETVAL=$?
echo
;;
*)
echo "Usage: conserver {start|stop|restart|status}"
exit 1
echo "Usage: conserver {start|stop|restart|reload|status}"
RETVAL=1
esac
exit 0
exit $RETVAL

102
contrib/redhat-rpm/conserver.spec
View File

@ -4,7 +4,7 @@
#
%define pkg conserver
%define ver 7.2.7
%define ver 8.2.1
# define the name of the machine on which the main conserver
# daemon will be running if you don't want to use the default
@ -12,26 +12,71 @@
%define master console
# what red hat (or other distibution) version are you running?
%define distver 6
%define distver 1
# compile arguments. defaults to 0
# example: rpmbuild -bb conserver.spec --with openssl
%define with_openssl %{?_with_openssl: 1} %{?!_with_openssl: 0}
%define with_libwrap %{?_with_libwrap: 1} %{?!_with_libwrap: 0}
%define with_pam %{?_with_pam: 1} %{?!_with_pam: 0}
%define with_dmalloc %{?_with_dmalloc: 1} %{?!_with_dmalloc: 0}
%define with_freeipmi %{?_with_freeipmi: 1} %{?!_with_freeipmi: 0}
# additionally you can use macros logfile pidfile
# example: rpmbuild -bb conserver.spec --define "pidfile /var/run/conserver/pid"
Summary: Serial console server daemon/client
Name: %{pkg}
Version: %{ver}
Release: 1.%{distver}x
Copyright: distributable
Release: %{distver}
License: BSD
Summary: Serial console server daemon/client
Group: System Environment/Daemons
URL: http://www.conserver.com/
Source: http://www.conserver.com/%{pkg}-%{ver}.tar.gz
BuildRoot: %{_tmppath}/%{pkg}-buildroot
%if %{with_openssl}
Requires: openssl
BuildRequires: openssl-devel
%endif
%if %{with_pam}
BuildRequires: pam-devel
%endif
%if %{with_libwrap}
Requires: tcp_wrappers
%endif
%if %{with_dmalloc}
Requires: dmalloc
BuildRequires: dmalloc
%endif
%if %{with_freeipmi}
Requires: freeipmi
BuildRequires: freeipmi-devel
%endif
Prefix: %{_prefix}
%package server
Summary: Serial console server daemon
Group: System Environment/Daemons
%package client
Summary: Serial console server client
Group: Applications/Internet
%description
Conserver is an application that allows multiple users to watch a
Conserver is a daemon that allows multiple users to watch a
serial console at the same time. It can log the data, allows users to
take write-access of a console (one at a time), and has a variety of
bells and whistles to accentuate that basic functionality.
%description server
conserver-server is a daemon that allows multiple users to watch a
serial console at the same time. It can log the data, allows users to
take write-access of a console (one at a time), and has a variety of
bells and whistles to accentuate that basic functionality.
%description client
conserver-client to connect to conserver-server using a tcp port.
Allows multiple users to watch a serial console at the same time.
%prep
%{__rm} -rf %{buildroot}
@ -44,7 +89,8 @@ f="conserver/Makefile.in"
%{__mv} $f $f.orig
%{__sed} -e 's/^.*conserver\.rc.*$//' < $f.orig > $f
%configure --with-master=%{master}
%configure %{?_with_openssl} %{?_with_libwrap} %{?_with_dmalloc} %{?_with_freeipmi} %{?_with_pam} %{?logfile: --with-logfile=%{logfile}} %{?pidfile: --with-pidfile=%{pidfile}} %{?master: --with-master=%{master}}
make
@ -65,12 +111,15 @@ make
%{__mkdir_p} %{buildroot}/%{_initrddir}
%{__cp} contrib/redhat-rpm/conserver.init %{buildroot}/%{_initrddir}/conserver
# install copy of init script defaults
%{__mkdir_p} %{buildroot}/%{_sysconfdir}/default
%{__cp} contrib/redhat-rpm/conserver.defaults %{buildroot}/%{_sysconfdir}/default/conserver
%clean
%{__rm} -rf %{buildroot}
%post
%post server
if [ -x %{_initrddir}/conserver ]; then
/sbin/chkconfig --add conserver
fi
@ -80,7 +129,7 @@ if ! egrep '\<conserver\>' /etc/services > /dev/null 2>&1 ; then
fi
%preun
%preun server
if [ "$1" = 0 ]; then
if [ -x %{_initrddir}/conserver ]; then
%{_initrddir}/conserver stop
@ -88,16 +137,37 @@ if [ "$1" = 0 ]; then
fi
fi
# we need this even if empty
#%files
%files
%files server
%defattr(-,root,root)
%doc CHANGES FAQ INSTALL README conserver.cf
%config(noreplace) %{_sysconfdir}/conserver.cf
%config(noreplace) %{_sysconfdir}/conserver.passwd
%config(noreplace) %{_sysconfdir}/default/conserver
%attr(555,root,root) %{_initrddir}/conserver
%{prefix}/bin/console
%{prefix}/share/man/man1/console.1.gz
%{prefix}/share/man/man8/conserver.8.gz
%{prefix}/share/man/man5/conserver.cf.5.gz
%{prefix}/share/man/man5/conserver.passwd.5.gz
%{prefix}/sbin/conserver
%{_libdir}/conserver/convert
%{_mandir}/man8/conserver.8.gz
%{_mandir}/man5/conserver.cf.5.gz
%{_mandir}/man5/conserver.passwd.5.gz
%{_datadir}/examples/conserver/conserver.cf
%{_datadir}/examples/conserver/conserver.passwd
%{_sbindir}/conserver
%files client
%defattr(-,root,root)
%doc CHANGES FAQ INSTALL README
%{_bindir}/console
%{_mandir}/man1/console.1.gz
%changelog
* Wed Oct 14 2009 Jodok Ole Muellers <muellejo@aschendorff.de>
- Changed the conserver.spec file to create separate subpackages
for client and server by using the %package directive.
* Wed Sep 25 2009 Fabien Wernli
- added configure prerequisites
* Thu Sep 24 2009 Fabien Wernli
- added prefix to configure
- changed some hardcoded values to proper macros:
didn't work on x64 lib -> lib64

2
contrib/solaris-package/pkginfo
View File

@ -1,7 +1,7 @@
PKG="conserver"
NAME="Console server and client"
CATEGORY="system"
VERSION="7.2.7"
VERSION="8.2.1"
DESC="Console server and client"
CLASSES=none
ARCH=sparc

36
test/dotest
View File

@ -6,11 +6,15 @@ exitval=0
cleanup()
{
[ -f test.out ] && rm test.out
[ -f c.cf ] && rm c.cf
[ -f test.out ] && rm -f test.out
[ -f c.cf ] && rm -f c.cf
[ $pid -eq 0 ] && return 0
kill $pid
for i in *.log; do rm $i; done
for i in *.log; do
[ "$i" != "conserver.log" ] && [ -f "$i" ] && rm -f "$i";
done
[ "$exitval" = 0 ] && rm -f conserver.log
[ -d 127.0.0.1 ] && sleep 1 && rm -rf 127.0.0.1
exit $exitval
}
@ -21,17 +25,17 @@ dotest()
if [ "$2" ]; then
eval "$2" > test.out 2>&1
else
(echo "$1" && sleep 2) | \
../console/console -M 127.0.0.1 -p 7777 shell > test.out 2>&1
echo "$1" | \
../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 shell > test.out 2>&1
fi
if [ "$record" ]; then
echo "recorded"
mv test.out results/test$testnum
else
if [ -f results/test$testnum ]; then
if diff -i test.out results/test$testnum >test$testnum.diff 2>&1; then
echo "succeded"
rm test$testnum.diff
if diff -i results/test$testnum >test$testnum.diff test.out 2>&1; then
echo "succeeded"
rm -f test$testnum.diff
else
echo "failed (diffs in test$testnum.diff)"
exitval=1
@ -39,7 +43,7 @@ dotest()
else
echo "unknown (not recorded)"
fi
rm test.out
rm -f test.out
fi
}
@ -57,6 +61,7 @@ else
fi
$ECHO "starting conserver...$EE"
rm -f c.cf
cp test1.cf c.cf
../conserver/conserver -M 127.0.0.1 -p 7777 -v -C c.cf \
-P test.passwd -m 32 > conserver.log 2>&1 &
@ -68,21 +73,28 @@ sleep 3
[ ! -d results ] && mkdir results
dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest 'c?c.'
dotest 'cl?c.'
dotest 'cdc.'
dotest 'coc.'
echo "moving in second config file"
rm -f c.cf
cp test2.cf c.cf
kill -1 $pid
sleep 3
dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest 'c?c.'
dotest 'cl?c.'
dotest 'cdc.'
dotest 'coc.'
dotest 'cocacoc.'
dotest EVAL "echo 'tu.' | ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -e 'tu' shell"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -R | sed -e 's/ [^ ]*$//'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x sh | sed -e '1s/^[^:]*//'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x shell | sed -e 's/ on [^ ]* */ on /'"
cleanup

6
test/results/test10
View File

@ -1,4 +1,6 @@
console: shell is down
[`shell' -- console is down]
[Enter `^Ec?' for help]
[up -- attached]
[up]
[ok]
[up]
[disconnect]

16
test/results/test11
View File

@ -1,16 +1,2 @@
[Enter `^Ec?' for help]
[help]
. disconnect a attach read/write
b send broadcast message c toggle flow control
d down a console e change escape sequence
f force attach read/write g group info
i information dump L toggle logging on/off
l? break sequence list l0 send break per config file
l1-9 send specific break sequence o (re)open the tty and log file
p replay the last 60 lines r replay the last 20 lines
s spy read only u show host status
v show version info w who is on this console
x show console baud info z suspend the connection
<cr> ignore/abort command ? print this message
^R replay the last line \ooo send character by octal code
[Enter `tu?' for help]
[disconnect]

9
test/results/test12
View File

@ -1,8 +1 @@
[Enter `^Ec?' for help]
[halt list]
0 `\z'
1 `\z'
2 `\r~^b'
3 `#.reset -x\r'
4 `hiya there\r'
[disconnect]
version `conserver.com version

6
test/results/test13
View File

@ -1,3 +1,3 @@
[Enter `^Ec?' for help]
[line down]
[disconnect]
shellb on at Local
shella on at Local
shell on at Local

6
test/results/test14
View File

@ -1,4 +1,2 @@
console: shell is down
[Enter `^Ec?' for help]
[up -- attached]
[disconnect]
: ambiguous console abbreviation, `sh'
choices are shellb, shella, shell

1
test/results/test15 Normal file
View File

@ -0,0 +1 @@
shell on at Local

30
test/results/test2
View File

@ -1,16 +1,20 @@
[Enter `^Ec?' for help]
[help]
. disconnect a attach read/write
b send broadcast message c toggle flow control
d down a console e change escape sequence
f force attach read/write g group info
i information dump L toggle logging on/off
l? break sequence list l0 send break per config file
l1-9 send specific break sequence o (re)open the tty and log file
p replay the last 60 lines r replay the last 20 lines
s spy read only u show host status
v show version info w who is on this console
x show console baud info z suspend the connection
<cr> ignore/abort command ? print this message
^R replay the last line \ooo send character by octal code
. disconnect ; move to another console
a attach read/write b send broadcast message
c toggle flow control d down a console
e change escape sequence f force attach read/write
g group info i information dump
L toggle logging on/off l? break sequence list
l0 send break per config file l1-9a-z send specific break sequence
m display message of the day n write a note to the logfile
o (re)open the tty and log file p playback the last 60 lines
P set number of playback lines r replay the last 20 lines
R set number of replay lines s spy mode (read only)
u show host status v show version info
w who is on this console x show console baud info
z suspend the connection ! invoke task
| attach local command ? print this message
<cr> ignore/abort command ^R replay the last line
\ooo send character by octal code
[disconnect]

11
test/results/test3
View File

@ -1,8 +1,9 @@
[Enter `^Ec?' for help]
[halt list]
0 `\z'
1 `\z'
2 `\r~^b'
3 `#.reset -x\r'
5 `\rtest\r'
0 - 250ms, `\z'
1 - 250ms, `\z'
2 - 250ms, `\r~^b'
3 - 250ms, `#.'
4 - 600ms, `\r\d~\d^b'
5 - 250ms, `\rtest\r'
[disconnect]

4
test/results/test5
View File

@ -1,4 +1,4 @@
console: shell is down
[`shell' -- console is down]
[Enter `^Ec?' for help]
[up -- attached]
[up]
[disconnect]

30
test/results/test7
View File

@ -1,16 +1,20 @@
[Enter `^Ec?' for help]
[help]
. disconnect a attach read/write
b send broadcast message c toggle flow control
d down a console e change escape sequence
f force attach read/write g group info
i information dump L toggle logging on/off
l? break sequence list l0 send break per config file
l1-9 send specific break sequence o (re)open the tty and log file
p replay the last 60 lines r replay the last 20 lines
s spy read only u show host status
v show version info w who is on this console
x show console baud info z suspend the connection
<cr> ignore/abort command ? print this message
^R replay the last line \ooo send character by octal code
. disconnect ; move to another console
a attach read/write b send broadcast message
c toggle flow control d down a console
e change escape sequence f force attach read/write
g group info i information dump
L toggle logging on/off l? break sequence list
l0 send break per config file l1-9a-z send specific break sequence
m display message of the day n write a note to the logfile
o (re)open the tty and log file p playback the last 60 lines
P set number of playback lines r replay the last 20 lines
R set number of replay lines s spy mode (read only)
u show host status v show version info
w who is on this console x show console baud info
z suspend the connection ! invoke task
| attach local command ? print this message
<cr> ignore/abort command ^R replay the last line
\ooo send character by octal code
[disconnect]

10
test/results/test8
View File

@ -1,8 +1,8 @@
[Enter `^Ec?' for help]
[halt list]
0 `\z'
1 `\z'
2 `\r~^b'
3 `#.reset -x\r'
4 `hiya there\r'
0 - 250ms, `\z'
1 - 250ms, `\z'
2 - 250ms, `\r~^b'
3 - 250ms, `#.'
4 - 250ms, `hiya there\r'
[disconnect]

34
test/test.cf
View File

@ -1,7 +1,29 @@
# test conserver config file
LOGDIR=.
BREAK5=\rtest\r
shell:|:9600p:&.log:5
shell2:|::shell2.log:2
%%
trusted: 127.0.0.1
default full {
rw *;
}
default * {
logfile ./&;
timestamp "";
include full;
}
break 5 {
string "\rtest\r";
}
console shell {
master localhost;
logfile ./&.log;
timestamp 5;
type exec;
exec "";
}
console shell2 {
master localhost;
logfile ./shell2.log;
timestamp 2;
type exec;
exec "";
}
access * {
trusted 127.0.0.1;
}

34
test/test1.cf
View File

@ -1,7 +1,29 @@
# test conserver config file
LOGDIR=.
BREAK5=\rtest\r
shell:|:9600p:&.log:5
shell2:|::shell2.log:2
%%
trusted: 127.0.0.1
default full {
rw *;
}
default * {
logfile ./&;
timestamp "";
include full;
}
break 5 {
string "\rtest\r";
}
console shell {
master 127.0.0.1;
logfile ./&.log;
timestamp 5;
type exec;
exec "";
}
console shell2 {
master 127.0.0.1;
logfile ./shell2.log;
timestamp 2;
type exec;
exec "";
}
access * {
trusted 127.0.0.1;
}

41
test/test2.cf
View File

@ -1,8 +1,35 @@
# test conserver config file
LOGDIR=.
BREAK4=hiya there\r
shell:|:9600p:&.log:5
shella:|::&.log:5
shellb:|::&.log:
%%
trusted: 127.0.0.1
default full {
rw *;
}
default * {
logfile ./&;
timestamp "";
include full;
}
break 4 {
string "hiya there\r";
}
console shell {
master 127.0.0.1;
logfile ./&.log;
timestamp 5;
type exec;
exec "";
}
console shella {
master 127.0.0.1;
logfile ./&.log;
timestamp 5;
type exec;
exec "";
}
console shellb {
master 127.0.0.1;
logfile ./&.log;
type exec;
exec "";
}
access * {
trusted 127.0.0.1;
}