Imported from conserver-8.1.7.tar.gz

Imported from conserver-8.1.6.tar.gz
Imported from conserver-8.1.5.tar.gz
2025-06-24 17:55:08 +00:00 · 2004-05-28 11:03:33 -07:00 · 2004-05-25 17:41:29 -07:00 · 2004-05-07 09:05:25 -07:00 · 2004-04-13 13:30:28 -07:00 · 2004-03-22 17:14:45 -08:00
55 changed files with 9254 additions and 3574 deletions
--- a/140
+++ b/140
@ -1,6 +1,144 @@
 				CHANGES
 				=======
 version 8.1.7 (May 28, 2004):
 	- cleaned up the manpages a bit to make things clearer and more
 	  standard - reported by Dave Stuit <djs@tellme.com>
 	- added an east coast mirror!  http://conserver.syr.edu/ -
 	  thanks to Christopher T. Beers <ctbeers@syr.edu>
 	- primary group of users not included in '@group' syntax -
 	  reported by Phil Dibowitz <phil@usc.edu>
 	- changed '@group' behavior such that groups are checked when
 	  needed, instead of cached at startup, which is more logical
 	- missing variables when building convert with tcp_wrappers -
 	  reported by Nikolaos Papavassiliou
 	  <Nikolaos.Papavassiliou@reuters.com>
 	- added --with-rpath option - suggested by Phil Dibowitz
 	  <phil@usc.edu>
 version 8.1.6 (May 25, 2004):
 	- added ability to configure client via system-wide console.cf
 	  file and per-user .consolerc - suggested (independently) by
 	  Erik Sjolund <erik.sjolund@sbc.su.se> and Trevor Fiatal
 	  <trevor@fiatal.net>
 	- fixed bug where break strings were not properly sent -
 	  reported by Tim Small <tim@buttersideup.com>
 	- fixed bug in config file 'protocol' value handling - reported
 	  by Kees Cook <kees@osdl.org>
 	- conserver no longer uses the local domain name in the default
 	  access list (the default list is only created if no access
 	  list is specified in the configuration file) - inspired by
 	  William P LePera <lepera@us.ibm.com>
 	- added a 'terminal' console configuration block for printing
 	  strings when attaching and detaching from consoles - suggested
 	  by Richard Threadgill <richardt@tellme.com>
 version 8.1.5 (May 7, 2004):
 	- changed remaining O_NDELAY flags to O_NONBLOCK
 	- added PROTOCOLS file to describe the client/server protocol
 	- added '#include' capability to conserver.cf file
 	- added '@group' syntax to conserver.cf file to support use of
 	  system groups
 	- added -U client option to allow client to ask for encryption
 	  but fall back to non-encrypted connections otherwise -
 	  suggested by Mike Hendon <mike.hendon@uk.nomura.com>
 	- fixed bug where socket not properly deleted on exit - reported
 	  by William P LePera <lepera@us.ibm.com>
 	- added 'initdelay' option for throttling startup of consoles -
 	  suggested by Jay McCanta <mccantaj@amgen.com>
 version 8.1.4 (Apr 13, 2004):
 	- fixed macro use in manpages to hopefully be more compatible
 	- removed extra newline of --MARK-- range output
 	- fixed bug where server -b option wasn't working - reported by
 	  Nathan R. Hruby <nhruby@uga.edu>
 	- fixed client segfault when using -R, -t, -d, and -b options
 	- added a --with-uds configure option to have all client/server
 	  communication happen via unix domain sockets - suggested by
 	  William P LePera <lepera@us.ibm.com>
 version 8.1.3 (Mar 22, 2004):
 	- fixed small memory and file descriptor leak in client when
 	  using '^Ec;'
 	- '^Ec;' now only disconnects from the previous console only
 	  after a successfully move to a new console, allowing you to
 	  abort the move - suggested by Christopher T. Beers
 	  <ctbeers@syr.edu>
 version 8.1.2 (Mar 11, 2004):
 	- better handling of client command (^Ec|) when user is bumped,
 	  conserver is reconfigured, etc
 	- added 'initsubst' option for 'initcmd' substitutions like
 	  'devicesubst' and 'execsubst' - based on patch by Bill
 	  Sommerfeld <sommerfeld@east.sun.com>
 	- modified and added to *subst (initsubst, etc) syntax to allow
 	  for flexibility and future enhancement
 	- changed 'port' and 'portinc' minimums from 1 to 0 - it allows
 	  more flexibility and helps with 0-based counting
 	- removed unportable sys/cdefs.h from contrib/chat/chat.c -
 	  patch by Bill Sommerfeld <sommerfeld@east.sun.com>
 	- added --with-extmsgs configure switch to enable entertaining
 	  messages
 	- marked various undocumented client commands as deprecated so
 	  that they can be removed in a future version
 	- added ability to "move" to a new console via '^Ec;' -
 	  suggested by Christopher T. Beers <ctbeers@syr.edu>
 	- added a dump of console information when -S is used twice -
 	  suggested by Todd Stansell <todd@stansell.org>
 version 8.1.1 (Feb 10, 2004):
 	- fixed mistake in Makefiles where rpmbuild fails - reported by
 	  Martin Evans <m.d.t.evans@qmul.ac.uk>
 	- fixed a couple typos - reported by Matt Selsky
 	  <selsky@columbia.edu>
 version 8.1.0 (Jan 18, 2004):
 	- fixes for HP-UX compilation - patch by Petter Reinholdtsen
 	  <pere@hungry.com>
 	- fixes for compilation under various operating systems -
 	  patch by Albert Chin <conserver-users@mlists.thewrittenword.com>
 	- added a 'protocol' option for either 'telnet' or 'raw' socket
 	  communication - also reflected in -i output
 	- changed the client/server protocol to use 0xff as a command
 	  character for sending control commands - similiar to the
 	  telnet protocol - improves the ^Ec| interaction
 	- client -E option now disables ssl encryption attempts, useful
 	  for broken SSL environents - suggested by Graydon Dodson
 	  <grdodson@lexmark.com>
 	- bad error message connecting non-ssl client with ssl-required
 	  server - reported by Graydon Dodson <grdodson@lexmark.com>
 	- added note about pam configuration to conserver.passwd.man -
 	  suggested by Erik Sjolund <erik.sjolund@sbc.su.se>
 	- improved telnet protocol option handling such that connections
 	  to standard telnet ports should work properly
 version 8.0.9 (Dec 10, 2003):
 	- fixed major bug in connect() handling which causes most
 	  socket-based consoles to timeout after 10 seconds - reported
 	  by Tom Rataski <trataski@intlsteel.com> 
 	- added a couple details to the 'logfilemax' manpage entry
 version 8.0.8 (Dec 2, 2003):
 	- added client ^Ec| sequence for running a command on the client
 	  and having it's I/O directed to the console - inspired by
 	  discussions with David Williamson
 	  <david+conserver@williamsons.net> years ago  ;-)
 	- touched up Makefiles to test against .h files
 	- fixed inability to replay the console log while the console is
 	  down - reported by Matt Selsky <selsky@columbia.edu>
 	- added a console 'logfilemax' option for rotating the console
 	  logfile once the file is greater than the specified size
 	- added sample configuration files to conserver.cf/samples
 	- tweaked some failure messages and initcmd notifications
 version 8.0.7 (Nov 20, 2003):
 	- renamed util.[ch] to cutil.[ch] to prevent name conflict with
 	  system util.h, reordered some #includes, and fixed a configure
 	  test for sys/proc.h to build on OpenBSD 3.4 (and probably
 	  others) - reported by Kurt Raschke <kurt@raschke.net>
 	- fixed missing semi-colon for cygwin build - reported by
 	  Raymond Richmond <raymond.richmond@ualberta.ca>
 version 8.0.6 (Nov 16, 2003):
 	- code was missing regarding the 'setproctitle' option - patch
 	  by Dmitry Morozovsky <marck@rinet.ru>
@ -616,5 +754,5 @@ before version 6.05:
 	  and enhancements of various types were applied.
 #
-#  $Id: CHANGES,v 1.131 2003/11/15 23:57:18 bryan Exp $
+#  $Id: CHANGES,v 1.186 2004/05/28 18:01:10 bryan Exp $
 #
--- a/33
+++ b/33
@ -10,6 +10,25 @@ Upgrading?
    new features added to the client if you're considering *not*
    upgrading.
    Version 8.1.3
 	- The '^Ec;' sequence won't work correctly with 8.1.2 (where it
 	  was introduced).
    Version 8.1.2
 	- The 'devicesubst' and 'execsubst' formats have changed from
 	  8.1.1.  It's fairly simple to update your config file to the
 	  new format...just check the conserver.cf manpage.  Sorry for
 	  having to change things, but it's for a good reason (I should
 	  have though ahead when designing the original format).
    Version 8.1.0
 	- The client/server protocol has changed to better protect 8-bit
 	  data and to allow programs invoked with '^Ec|' not have to
 	  worry about accidentally sending the escape sequence to the
 	  server.  Though it will look like things are mostly
 	  backward-compatible, don't count on it and just upgrade.
    Version 8.0.2
 	- I've added a '^Ec;' sequence to allow the client to signal the
@ -146,6 +165,9 @@ Detailed Instructions
        --with-maxmemb=MAXMEMB  Specify maximum consoles per process [16]
        --with-timeout=TIMEOUT  Specify connect() timeout in seconds [10]
        --with-trustrevdns      Trust reverse DNS information
        --with-extmsgs          Produce extended messages
        --with-uds[=DIR]        Use Unix domain sockets for client/server
                                communication [/tmp/conserver]
        --with-libwrap[=PATH]   Compile in libwrap (tcp_wrappers) support
        --with-openssl[=PATH]   Compile in OpenSSL support
        --with-dmalloc[=PATH]   Compile in dmalloc support
@ -163,10 +185,11 @@ Detailed Instructions
      A couple of notes.  First, --with-libwrap will add tcp_wrappers
      lookups to all socket connections in the server.  --with-openssl
      will add encryption between the client and server when you connect
-      to a console.  things such as 'console -q', 'console -w', etc. are
+      to a console.  --with-uds will cause the client and server to use
-      still unencrypted, as well as connections from conserver to any
+      unix domain sockets for their communication, eliminating the
-      terminal servers.  --with-dmalloc should only be used to do memory
+      tcp communication they normally do (which means --with-master and
-      allocation debugging and not used in production.
+      --with-port are not used).  --with-dmalloc should only be used to
      do memory allocation debugging and not used in production.
    - Run './configure'.  This will detect system specific
      information.  The --prefix option will redirect where things are
@ -255,5 +278,5 @@ Other Information And Gotchas
 #
-#  $Id: INSTALL,v 1.34 2003/10/03 17:52:31 bryan Exp $
+#  $Id: INSTALL,v 1.38 2004/04/13 18:11:58 bryan Exp $
 #
--- a/290
+++ b/290
@ -0,0 +1,290 @@
 			   Conserver Protocol
 			   ==================
 What Is This?
 -------------
 The following is an attempt to describe the client/server protocol used
 between the server (conserver) and the client (console).  This document
 bases it's information on conserver version 8.1.4, as it's the release
 currently available.  If there are changes to the client/server
 protocol, the INSTALL file should reference them and, ideally, this
 document will be updated.
 The information is looked at from the point of the server, since it's
 the server that controls all information and triggers actions on the
 client (like a suspend).  The client's perspective should be obvious
 from this information.
 SSL
 ---
 The client and server can negotiate an SSL connection.  As far as the
 code is concerned, the SSL "layer" is transparent.  Data is sent and
 received just as if it was unencrypted.  Therefore, aside bringing up
 the SSL connection, the SSL bits are unimportant from a protocol
 standpoint.  The client and server still send and receive the same
 information - it just happens to be encrypted to everyone else.
 "On-The-Wire" Data
 ------------------
 The low-level, "on-the-wire" data is encapsulated similar to the telnet
 protocol.  All data is sent "as-is" with the exception of 0xFF.  0xFF is
 used as a "command character" and both the client and server expect to
 see a predefined option after it.  The possible options are: 0xFF, 'E',
 'G', 'Z', and '.'.
 The 0xFF option says to use the literal character 0xFF.  So, if there is
 a 0xFF character in the data stream to be sent, the code will send two
 0xFF characters (it's similar to using '\\' in C strings to embed a
 '\').
 The other options are used in various contexts, which will be described
 in detail below.
 Life As A Server
 ----------------
 There are three different interfaces presented to clients by the server.
 I'm going to name the three modes "master", "group", and "console".  The
 first two are line-based, and the third is character-based.
 To understand the differences, I must outline how conserver manages
 consoles.  When conserver starts, it reads the configuration file,
 listens on the master socket, and, for each group of consoles it must
 manage (where the group size is set by -m), it forks off a copy of
 itself.  Those child processes are what actually connect to the consoles
 and they each listen on a new socket for client connections.  So, you
 end up with a parent process (that knows about all consoles) that
 manages the child processes (that know only about consoles it manages),
 and everyone is listening on an individual socket for connections from
 clients.
 The parent process interacts with clients in "master" mode.  That mode
 expects line-based commands and responds similarly.  Because it's the
 master, it understands a certain set of commands that are different than
 in "group" mode.
 The child processes interact with clients in "group" mode first, and
 negotiate a change to "console" mode when a client requests a connection
 to a specific console.
 "master" Mode
 -------------
 When parent process gets a connection from a client, it either sends an
 "ok" string to signal it's ready or an error message (like "access from
 your host is refused") and the connection is dropped.  At this point,
 there are a small number of commands recognized by the server, since
 most are restricted to "logged in" clients.  Here's the list of
 available commands:
    exit   disconnect
    help   this help message
    login  log in
    ssl    start ssl session
 An "exit" is sent a "goodbye" response and the connection is dropped.  A
 "help" is sent the list above.  A "ssl" is sent an "ok" response and
 then the server expects the client to negotiate an ssl connection.  A
 "login" requires one argument (the username) and is either sent an "ok",
 meaning the client is logged in, or a "passwd?" followed by the local
 hostname, asking for the user's password, which it expects next.  If the
 client sends a valid password, an "ok" is sent, otherwise an error
 message and the connection is dropped.
 Upon successful login, the commands available are:
    call      provide port for given console
    exit      disconnect
    groups    provide ports for group leaders
    help      this help message
    master    provide a list of master servers
    pid       provide pid of master process
    quit*     terminate conserver (SIGTERM)
    restart*  restart conserver (SIGHUP)
    version   provide version info for server
    * = requires admin privileges
 "exit" and "help" are the same as before the client logged login.
 The "call" command expects one argument, the console name to connect to.
 The server will respond with either a port number (if it's a locally
 managed console), an "@hostname" where hostname is the name of the
 remote conserver host managing the console (if it's a remotely managed
 console), or an error message (possibly multi-line).  The client is not
 disconnected, whatever the response.
 The "groups" command responds with a colon-separated list of port
 numbers, which correspond to each of the child processes running on the
 local host.  The client is not disconnected.
 The "master" command responds with a colon-separated list of "@hostname"
 names.  The list includes any hosts (including the possibility of the
 local host) which have locally managed consoles.  The client is not
 disconnected.
 The "pid" command responds with the pid of the master process (in this
 case, the one the client is talking to).  The client is not
 disconnected.
 The "quit" command will shut down conserver, assuming the user has
 administrative access.  It responds with a message starting with "ok" if
 successful, and an error message otherwise (like "unauthorized
 command").  The client is disconnected if it's successful.
 The "restart" command will shut down conserver, assuming the user has
 administrative access.  It responds with a message starting with "ok" if
 successful, and an error message otherwise (like "unauthorized
 command").  The client is not disconnected.
 The "version" command responds with the version string.  The client is
 not disconnected.
 "group" Mode
 ------------
 When a child process gets a connection from a client, it either sends an
 "ok" string to signal it's ready or an error message (like "access from
 your host is refused") and the connection is dropped.  At this point,
 "group" mode acts just like "master" mode.  Once the client successfully
 logs in, however, "group" mode has the recognizes the following
 commands:
    broadcast    send broadcast message
    call         connect to given console
    disconnect*  disconnect the given user(s)
    examine      examine port and baud rates
    exit         disconnect
    group        show users in this group
    help         this help message
    hosts        show host status and user
    info         show console information
    textmsg      send a text message
    * = requires admin privileges
 The "exit" and "help" commands are like the others documented above.
 The "broadcast" command expects a text string of the message to be sent
 to all users connected to this process.  An "ok" is sent as a response.
 The "call" command expects one argument, the console name to connect to,
 just like in "master" mode.  The difference here is that this requests
 the server to attach the client to the console and go into "console"
 mode.  If the attachment is successful, the response will begin with a
 '[' character.  If not, an error message is returned.  The success
 responses are:
    [console is read-only]	 - console is read only
    [read-only -- initializing]	 - console is initializing, and
 				   read-only for the time being
    [line to console is down]	 - console is down
    [attached]			 - attached read-write
    [spy]			 - attached read-only
 The "disconnect" command expects an argument of the form "user@console"
 where either the "user" or "@console" part may be omitted.  Upon
 success, a response of the form "ok -- disconnected X users" is sent,
 where X is the number of users disconnected.  If a user is unauthorized
 or some other problem occurs, an error message (like "unauthorized
 command") is sent.
 The "examine" command returns a list of console information of the form
 that 'console -x' shows.
 The "group" command returns a list of console information of the form
 that 'console -w' shows.
 The "hosts" command returns a list of console information of the form
 that 'console -u' shows.
 The "info" command returns a list of console information of the form
 that 'console -i' shows.
 The "textmsg" command expects two arguments, the first being the
 recipient of the message in the form "user@console" (again, where the
 "user" or "@console" portion may be omitted) and the second being the
 string, like the "broadcast" command.  The server returns "ok".
 "console" Mode
 --------------
 As mentioned above, "console" mode is obtained by using the "call"
 command when connected to a child processes operating in "group" mode.
 "console" mode should look very familiar to a user of conserver, as it's
 what the user interacts with when connected to a console.  There's
 really nothings special here.  Each character received from the client
 is compared to the escape sequence, and if it matches, an action occurs
 on the server side.  If it doesn't match the escape sequence, the data
 is sent on to the console.  All data received from the console is sent
 to the client(s).  Of course, there are certain exceptions to these
 rules, based on the state of the console and the state of the client.
 And, certain escape sequences cause special behaviors to occur.
 Most escape sequences cause the server to send information back to the
 user.  Stuff like "^Ecw", "^Eci", and "^Ecu" are examples.  The escape
 sequence is absorbed by the server, the server sends the client a
 variety of information, and things continue as before.
 The more "interesting" escape sequences are the following.
 "^Ec;"  The server sends a 0xFF,'G' command sequence to the client, to
 	signal a wish to move to a new console.  The client then gets
 	put into the same state as the "^Ecz" sequence (paused), which
 	gives the client a chance to either resume the connection or
 	disconnect.
 "^Ec|"  The server sends a 0xFF,'E' command sequence to the client, to
 	signal a wish to have the client program interact with a
 	program, as opposed to the user.  The server discards all data
 	until it receives one of the following command sequences from
 	the client:
 	    0xFF,'E'	Signals successful redirection of interaction to
 			a program.  The server then responds with "[rw]"
 			or "[ro]" to tell the client whether or not they
 			have read-write access.  If not, the client
 			should abort the program and send the abort
 			command sequence below, as other data received by
 			the server will just get dropped.
 	    0xFF,'.'	Abort the operation.  The server assumes the
 			redirection didn't happen and returns the client
 			to it's normal mode.
 	The server keeps the client in the "redirected" state until it
 	receives a 0xFF,'.' command sequence from the client (which
 	usually occurs when the client command terminates).
 	If the client is "bumped" from read-write to read-only by
 	another user, the server will send the client a 0xFF,'.' command
 	sequence to tell it to abort the redirection and return control
 	back to the user.
 "^Ecz"  The server sends a 0xFF,'Z' command sequence to the client, to
 	signal a wish to suspend to client process.  The client is then
 	put into a "paused" state where it receives no more data from
 	the server.  When the client is ready to resume receiving data,
 	it sends a character of data to the server, at which point the
 	server discards the character and sends back a status message of
 	the form " -- MSG]".  The current set of possible messages are:
 	    " -- line down]"
 	    " -- read-only]"
 	    " -- attached (nologging)]"
 	    " -- attached]"
 	    " -- spy mode]"
 #
 #  $Id: PROTOCOL,v 1.1 2004/04/16 16:50:55 bryan Exp $
 #
--- a/8
+++ b/8
@ -16,6 +16,12 @@ Documentation
 Downloading
    The latest version can be found at http://www.conserver.com/
    (US-West).
    Mirrors of the site are at:
 	Australia	http://planetmirror.com/pub/conserver/
 	US-East		http://conserver.syr.edu/
 Systems Tested
@ -55,5 +61,5 @@ Contributions
    http://www.columbia.edu/acis/sy/unixdev/zinc
 #
-#  $Id: README,v 1.22 2003/08/23 19:34:24 bryan Exp $
+#  $Id: README,v 1.23 2004/05/27 23:39:29 bryan Exp $
 #
--- a/35
+++ b/35
@ -11,13 +11,10 @@ Bryan Stansell
 ---------------------------------------------------------------------------
 - Telnet protocol should be improved
-    - Not even RFC 854 compliant
+    - Not even RFC 854 compliant...or maybe it is (as of 8.1.0)
-    - Option negotiation ignored - should we negotiate anything?
+    - Option negotiation semi-ignored - should we negotiate anything more?
    - Others?
 - better shadow file support
    - what does this mean?  i've forgotten.
 - syslog?
    Daniel E. Singer <des@cs.duke.edu> would like to see it - especially
    in regards to --use-libwrap code
@ -27,14 +24,20 @@ Bryan Stansell
    - hpux has bigcrypt() also, which we support, so maybe we're covered
 - config file examples for various configurations
    - sample conserver.cf has some...but it's not explained well
 - per-line timestamps
    - only when not connected?
 - pipe input/output (console <-> program) via 'console'
    - some apps (net-ups thing, gdb) might need to talk to user
    - ^Ec| does this, but the interact with user bits might not work
    - actually, ^Ec| does work right with 8.1.0...one change that might
      be nice is the ability to NOT watch the i/o pass to the local
      command - try sending a big file to the local host with xmodem.
 - autologout?  setting per console?  gack, would have to interpret data.
    - this will never happen...i don't want to interpret data
 - "listen" capability (watch all/multiple consoles)
@ -47,6 +50,7 @@ Bryan Stansell
    - passphrase...hmmm..could really use some sort of send/expect
      thing here.  you could write a wrapper script of sorts, but it
      really would be nice to have a raw socket and do the right thing.
    - this does work, using the 'initcmd' option, so, all done?
 - cyclades ts1000/2000 port : "Moses, Joel" <jmoses@deloitte.com>
@ -58,8 +62,7 @@ Bryan Stansell
 - server -M flag should accept multiple addresses (comma separated)
    - should client as well?
-
+    - this may never happen...does anyone really need it?
 - logfile rotation based on size
 - automatic log rotation in general : Egan Ford <egan@us.ibm.com>
@ -70,6 +73,7 @@ Bryan Stansell
 - suggestions by Trevor Fiatal <trevor@seven.com>
    - include server hostname on 'console -x' output
 	- i think the -i output covers it, but maybe not
 - ability to configure strings to be sent to a console periodically :
  Greg A. Woods <woods@planix.com>
@ -79,13 +83,20 @@ Bryan Stansell
 - redefine client escape sequence in conserver.cf : Toby Gerhart
  <toby.gerhart@eds.com>
    - not even sure if this is possible w/o confusing the client,
      but maybe with the new 8.1.0 client-server protocol, we can!
- send a string when connected to a console, so you can set the
+- allow for very long replays (hundres of lines) : John Stoffel
  xterm title, for example : Richard Threadgill <richardt@tellme.com>
 - allows for very long replays (hundres of lines) : John Stoffel
  <stoffel@lucent.com>
 - log rotation by date : Tom Pachla <tom.pachla@nlc-bnc.ca>
 - strict file permission checks on conserver.passwd/conserver.cf : Erik
  Sjolund <erik.sjolund@sbc.su.se>
 - netgroup support?  : Nikolaos Papavassiliou
  <Nikolaos.Papavassiliou@reuters.com>
 #
-#  $Id: TODO,v 1.42 2003/11/15 17:08:15 bryan Exp $
+#  $Id: TODO,v 1.50 2004/05/28 01:58:43 bryan Exp $
 #
--- a/autologin/Makefile.in
+++ b/autologin/Makefile.in
@ -31,6 +31,8 @@ ALL = autologin
 all: $(ALL)
 $(AUTOLOGIN_OBJS): $(AUTOLOGIN_HDRS)
 autologin: $(AUTOLOGIN_OBJS)
 	$(CC) $(CFLAGS) $(LDFLAGS) -o autologin $(AUTOLOGIN_OBJS) $(LIBS)
--- a/autologin/autologin.man
+++ b/autologin/autologin.man
@ -1,4 +1,4 @@
-.\" $Id: autologin.man,v 1.1 2003/11/04 02:36:24 bryan Exp $
+.\" $Id: autologin.man,v 1.2 2004/03/23 18:32:06 bryan Exp $
 .TH AUTOLOGIN 8L PUCC
 .SH NAME
 autologin \- create an automatic login session from /etc/inittab
@ -112,12 +112,21 @@ environment variable set to
 	ss10:2:respawn:/usr/local/etc/autologin \-e TERM=reg20 \-t/dev/tty10 \-lssinfo
 .ad
 .PP
-Adding the following line to \fI/etc/ttytab\fP on a Sun 4.1.\fIx\fP
+Adding the following line to
 .I /etc/ttytab
 on a Sun
 .RI 4.1. x
 machine establishes a root login on the console device:
 .br
 .na
 	console "/usr/local/etc/autologin \-lroot \-t"    xterm   on local secure
 .ad
-Note that \fIinit\fP provides the \fItty\fP argument on the end of the command.
+.PP
 Note that
 .I init
 provides the
 .I tty
 argument on the end of the command.
 .SH FILES
 /bin/su
 .br
--- a/compat.h
+++ b/compat.h
@ -7,8 +7,11 @@
 #include <sys/file.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <arpa/inet.h>
 #include <netinet/in.h>
 #if USE_UNIX_DOMAIN_SOCKETS
 #include <sys/un.h>
 #endif
 #include <arpa/inet.h>
 #include <netdb.h>
 #include <ctype.h>
 #include <signal.h>
@ -287,6 +290,10 @@ typedef int socklen_t;
 #define ONLRET 0
 #endif
 #ifndef SEEK_SET
 #define SEEK_SET L_SET
 #endif
 #ifndef PARAMS
 # if PROTOTYPES
 #  define PARAMS(protos) protos
--- a/config.guess
+++ b/config.guess
@ -3,7 +3,7 @@
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
 #   2000, 2001, 2002, 2003 Free Software Foundation, Inc.
-timestamp='2003-10-16'
+timestamp='2004-03-12'
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@ -197,12 +197,18 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
 	# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
 	echo "${machine}-${os}${release}"
 	exit 0 ;;
    amd64:OpenBSD:*:*)
 	echo x86_64-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
    amiga:OpenBSD:*:*)
 	echo m68k-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
    arc:OpenBSD:*:*)
 	echo mipsel-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
    cats:OpenBSD:*:*)
 	echo arm-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
    hp300:OpenBSD:*:*)
 	echo m68k-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
@ -239,10 +245,24 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
    *:OpenBSD:*:*)
 	echo ${UNAME_MACHINE}-unknown-openbsd${UNAME_RELEASE}
 	exit 0 ;;
    *:ekkoBSD:*:*)
 	echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE}
 	exit 0 ;;
    macppc:MirBSD:*:*)
 	echo powerppc-unknown-mirbsd${UNAME_RELEASE}
 	exit 0 ;;
    *:MirBSD:*:*)
 	echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE}
 	exit 0 ;;
    alpha:OSF1:*:*)
-	if test $UNAME_RELEASE = "V4.0"; then
+	case $UNAME_RELEASE in
 	*4.0)
 		UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
-	fi
+		;;
 	*5.*)
 	        UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
 		;;
 	esac
 	# According to Compaq, /usr/sbin/psrinfo has been available on
 	# OSF/1 and Tru64 systems produced since 1995.  I hope that
 	# covers most systems running today.  This code pipes the CPU
@ -280,11 +300,12 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
 	    "EV7.9 (21364A)")
 		UNAME_MACHINE="alphaev79" ;;
 	esac
 	# A Pn.n version is a patched version.
 	# A Vn.n version is a released version.
 	# A Tn.n version is a released field test version.
 	# A Xn.n version is an unreleased experimental baselevel.
 	# 1.2 uses "1.2" for uname -r.
-	echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+	echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
 	exit 0 ;;
    Alpha*:OpenVMS:*:*)
 	echo alpha-hp-vms
@ -405,6 +426,9 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
    *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
        echo m68k-unknown-mint${UNAME_RELEASE}
        exit 0 ;;
    m68k:machten:*:*)
 	echo m68k-apple-machten${UNAME_RELEASE}
 	exit 0 ;;
    powerpc:machten:*:*)
 	echo powerpc-apple-machten${UNAME_RELEASE}
 	exit 0 ;;
@ -829,6 +853,9 @@ EOF
    ia64:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit 0 ;;
    m32r*:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit 0 ;;
    m68*:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit 0 ;;
@ -997,6 +1024,9 @@ EOF
    i*86:atheos:*:*)
 	echo ${UNAME_MACHINE}-unknown-atheos
 	exit 0 ;;
 	i*86:syllable:*:*)
 	echo ${UNAME_MACHINE}-pc-syllable
 	exit 0 ;;
    i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
 	echo i386-unknown-lynxos${UNAME_RELEASE}
 	exit 0 ;;
@ -1183,7 +1213,7 @@ EOF
    *:QNX:*:4*)
 	echo i386-pc-qnx
 	exit 0 ;;
-    NSR-[DGKLNPTVWY]:NONSTOP_KERNEL:*:*)
+    NSR-?:NONSTOP_KERNEL:*:*)
 	echo nsr-tandem-nsk${UNAME_RELEASE}
 	exit 0 ;;
    *:NonStop-UX:*:*)
@ -1227,6 +1257,9 @@ EOF
    SEI:*:*:SEIUX)
        echo mips-sei-seiux${UNAME_RELEASE}
 	exit 0 ;;
    *:DragonFly:*:*)
 	echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
 	exit 0 ;;
 esac
 #echo '(No uname command or uname output not recognized.)' 1>&2
--- a/config.h.in
+++ b/config.h.in
@ -1,5 +1,8 @@
 /* config.h.in.  Generated from configure.in by autoheader.  */
 /* Client config file path */
 #undef CLIENTCONFIGFILE
 /* Config file path */
 #undef CONFIGFILE
@ -207,6 +210,9 @@
 /* Define to 1 if you have the <sys/ioctl.h> header file. */
 #undef HAVE_SYS_IOCTL_H
 /* Define to 1 if you have the <sys/param.h> header file. */
 #undef HAVE_SYS_PARAM_H
 /* Define to 1 if you have the <sys/proc.h> header file. */
 #undef HAVE_SYS_PROC_H
@ -321,9 +327,18 @@
 /* Defined if we trust reverse DNS */
 #undef TRUST_REVERSE_DNS
 /* Directory for Unix domain sockets */
 #undef UDSDIR
 /* Defined if we produce extended messages */
 #undef USE_EXTENDED_MESSAGES
 /* use tcp_wrappers libwrap */
 #undef USE_LIBWRAP
 /* Defined if we use Unix domain sockets */
 #undef USE_UNIX_DOMAIN_SOCKETS
 /* Define to 1 if on AIX 3.
   System headers sometimes define this.
   We just want to avoid a redefinition error message.  */
@ -345,3 +360,6 @@
 /* Define if <signal.h> does not define sig_atomic_t */
 #undef sig_atomic_t
 /* Define to `unsigned' if <sys/types.h> does not define. */
 #undef size_t
--- a/config.sub
+++ b/config.sub
@ -3,7 +3,7 @@
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
 #   2000, 2001, 2002, 2003 Free Software Foundation, Inc.
-timestamp='2003-11-03'
+timestamp='2004-03-12'
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
@ -237,7 +237,7 @@ case $basic_machine in
 	| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
 	| i370 | i860 | i960 | ia64 \
 	| ip2k | iq2000 \
-	| m32r | m68000 | m68k | m88k | mcore \
+	| m32r | m32rle | m68000 | m68k | m88k | mcore \
 	| mips | mipsbe | mipseb | mipsel | mipsle \
 	| mips16 \
 	| mips64 | mips64el \
@ -262,7 +262,7 @@ case $basic_machine in
 	| pyramid \
 	| sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
 	| sh64 | sh64le \
-	| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \
+	| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv8 | sparcv9 | sparcv9b \
 	| strongarm \
 	| tahoe | thumb | tic4x | tic80 | tron \
 	| v850 | v850e \
@ -308,7 +308,7 @@ case $basic_machine in
 	| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
 	| i*86-* | i860-* | i960-* | ia64-* \
 	| ip2k-* | iq2000-* \
-	| m32r-* \
+	| m32r-* | m32rle-* \
 	| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
 	| m88110-* | m88k-* | mcore-* \
 	| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
@ -336,7 +336,7 @@ case $basic_machine in
 	| sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
 	| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
 	| sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
-	| sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
+	| sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
 	| tahoe-* | thumb-* \
 	| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
 	| tron-* \
@ -363,6 +363,9 @@ case $basic_machine in
 		basic_machine=a29k-amd
 		os=-udi
 		;;
    	abacus)
 		basic_machine=abacus-unknown
 		;;
 	adobe68k)
 		basic_machine=m68010-adobe
 		os=-scout
@ -380,6 +383,9 @@ case $basic_machine in
 	amd64)
 		basic_machine=x86_64-pc
 		;;
 	amd64-*)
 		basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
 		;;
 	amdahl)
 		basic_machine=580-amdahl
 		os=-sysv
@ -439,12 +445,20 @@ case $basic_machine in
 		basic_machine=j90-cray
 		os=-unicos
 		;;
 	cr16c)
 		basic_machine=cr16c-unknown
 		os=-elf
 		;;
 	crds | unos)
 		basic_machine=m68k-crds
 		;;
 	cris | cris-* | etrax*)
 		basic_machine=cris-axis
 		;;
 	crx)
 		basic_machine=crx-unknown
 		os=-elf
 		;;
 	da30 | da30-*)
 		basic_machine=m68k-da30
 		;;
@ -1067,7 +1081,7 @@ case $basic_machine in
 	sh64)
 		basic_machine=sh64-unknown
 		;;
-	sparc | sparcv9 | sparcv9b)
+	sparc | sparcv8 | sparcv9 | sparcv9b)
 		basic_machine=sparc-sun
 		;;
 	cydra)
@ -1140,8 +1154,9 @@ case $os in
 	      | -aos* \
 	      | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
 	      | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
-	      | -hiux* | -386bsd* | -knetbsd* | -netbsd* | -openbsd* | -kfreebsd* | -freebsd* | -riscix* \
+	      | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \
-	      | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
+	      | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
 	      | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
 	      | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
 	      | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
 	      | -chorusos* | -chorusrdb* \
@ -1152,7 +1167,7 @@ case $os in
 	      | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
 	      | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
 	      | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
-	      | -powermax* | -dnix* | -nx6 | -nx7 | -sei*)
+	      | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly*)
 	# Remember, each alternative MUST END IN *, to match a version number.
 		;;
 	-qnx*)
@ -1215,6 +1230,9 @@ case $os in
 	-atheos*)
 		os=-atheos
 		;;
 	-syllable*)
 		os=-syllable
 		;;
 	-386bsd)
 		os=-bsd
 		;;
--- a/2029
+++ b/2029
--- a/configure.in
+++ b/configure.in
@ -4,6 +4,7 @@ AH_TEMPLATE([DEFPORT], [Socket used to communicate])
 AH_TEMPLATE([DEFBASEPORT], [Base socket used for secondary channel])
 AH_TEMPLATE([MASTERHOST], [Hostname of console server])
 AH_TEMPLATE([CONFIGFILE], [Config file path])
 AH_TEMPLATE([CLIENTCONFIGFILE], [Client config file path])
 AH_TEMPLATE([PASSWDFILE], [Password file path])
 AH_TEMPLATE([LOGFILEPATH], [Logfile path])
 AH_TEMPLATE([MAXMEMB], [Number of consoles per child process])
@ -16,9 +17,13 @@ AH_TEMPLATE([HAVE_OPENSSL], [have openssl support])
 AH_TEMPLATE([HAVE_DMALLOC], [have dmalloc support])
 AH_TEMPLATE([HAVE_SA_LEN],[Defined if sa_len member exists in struct sockaddr])
 AH_TEMPLATE([TRUST_REVERSE_DNS],[Defined if we trust reverse DNS])
 AH_TEMPLATE([USE_EXTENDED_MESSAGES],[Defined if we produce extended messages])
 AH_TEMPLATE([USE_UNIX_DOMAIN_SOCKETS],[Defined if we use Unix domain sockets])
 AH_TEMPLATE([UDSDIR], [Directory for Unix domain sockets])
 dnl ### Normal initialization. ######################################
 AC_INIT
 AC_PREREQ(2.59)
 AC_CONFIG_SRCDIR([conserver/main.c])
 AC_CONFIG_HEADER(config.h)
@ -48,7 +53,7 @@ dnl AC_MSG_RESULT($with_64bit)
 AC_MSG_CHECKING(for port number specification)
 AC_ARG_WITH(port,
-	AC_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
+	AS_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(DEFPORT, "conserver")
@ -64,7 +69,7 @@ AC_ARG_WITH(port,
 AC_MSG_CHECKING(for secondary channel base port)
 AC_ARG_WITH(base,
-	AC_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
+	AS_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(DEFBASEPORT, "0")
@ -80,7 +85,7 @@ AC_ARG_WITH(base,
 AC_MSG_CHECKING(for master conserver hostname)
 AC_ARG_WITH(master,
-	AC_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
+	AS_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(MASTERHOST, "console")
@ -94,9 +99,29 @@ AC_ARG_WITH(master,
 	[AC_DEFINE_UNQUOTED(MASTERHOST, "console")
 	AC_MSG_RESULT('console')])
 AC_MSG_CHECKING(for client configuration filename)
 AC_ARG_WITH(ccffile,
 	AS_HELP_STRING([--with-ccffile=CFFILE],[Specify client config filename @<:@SYSCONFDIR/console.cf@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
 		AC_MSG_RESULT('$sysconfdir/console.cf')
 		;;
 	    [[\\/]]* | ?:[[\\/]]* )
 		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, ["$withval"])
 		AC_MSG_RESULT('$withval')
 		;;
 	    *)
 		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/$withval"])
 		AC_MSG_RESULT('$sysconfdir/$withval')
 		;;
 	esac],
 	[AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
 	AC_MSG_RESULT('$sysconfdir/console.cf')])
 AC_MSG_CHECKING(for configuration filename)
 AC_ARG_WITH(cffile,
-	AC_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
+	AS_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/conserver.cf"])
@ -116,7 +141,7 @@ AC_ARG_WITH(cffile,
 AC_MSG_CHECKING(for password filename)
 AC_ARG_WITH(pwdfile,
-	AC_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
+	AS_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/conserver.passwd"])
@ -136,7 +161,7 @@ AC_ARG_WITH(pwdfile,
 AC_MSG_CHECKING(for log filename)
 AC_ARG_WITH(logfile,
-	AC_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
+	AS_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(LOGFILEPATH, "/var/log/conserver")
@ -153,7 +178,7 @@ AC_ARG_WITH(logfile,
 AC_SUBST(PIDFILE)
 AC_MSG_CHECKING(for PID filename)
 AC_ARG_WITH(pidfile,
-	AC_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
+	AS_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
 	[case "$withval" in
 	    yes|no)
 		PIDFILE="/var/run/conserver.pid"
@ -168,7 +193,7 @@ AC_MSG_RESULT('$PIDFILE')
 AC_MSG_CHECKING(for MAXMEMB setting)
 AC_ARG_WITH(maxmemb,
-	AC_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
+	AS_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(MAXMEMB, 16)
@ -190,7 +215,7 @@ AC_ARG_WITH(maxmemb,
 AC_MSG_CHECKING(for connect() timeout)
 AC_ARG_WITH(timeout,
-	AC_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
+	AS_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
 	[if expr "$withval" : '[[0-9]]*$' >/dev/null 2>&1 &&
 	    test "$withval" -gt 0 -a "$withval" -lt 300; then
 		AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, $withval)
@ -204,7 +229,7 @@ AC_ARG_WITH(timeout,
 AC_MSG_CHECKING(whether to trust reverse DNS)
 AC_ARG_WITH(trustrevdns,
-	AC_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
+	AS_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE(TRUST_REVERSE_DNS)
@ -215,6 +240,63 @@ AC_ARG_WITH(trustrevdns,
 		;;
 	esac],[AC_MSG_RESULT(no)])
 AC_MSG_CHECKING(whether to display extended messages)
 AC_ARG_WITH(extmsgs,
 	AS_HELP_STRING([--with-extmsgs],[Produce extended messages]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE(USE_EXTENDED_MESSAGES)
 		AC_MSG_RESULT(yes)
 		;;
 	    *)
 		AC_MSG_RESULT(no)
 		;;
 	esac],[AC_MSG_RESULT(no)])
 AC_MSG_CHECKING(whether to use Unix domain sockets)
 cons_with_uds="NO"
 AC_ARG_WITH(uds,
 	AS_HELP_STRING([--with-uds@<:@=DIR@:>@    ],
 	    [Use Unix domain sockets for client/server communication @<:@/tmp/conserver@:>@]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE_UNQUOTED(UDSDIR, "/tmp/conserver")
 		AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
 		AC_MSG_RESULT([/tmp/conserver])
 		cons_with_uds="YES"
 		;;
 	    no)
 		AC_MSG_RESULT(no)
 		;;
 	    *)
 		AC_DEFINE_UNQUOTED(UDSDIR, "$withval")
 		AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
 		AC_MSG_RESULT('$withval')
 		cons_with_uds="YES"
 		if expr "$withval" : '/' >/dev/null 2>&1; then
 		    :
 		else
 		    echo "*** WARNING *** you may have better success using a fully-qualified path"
 		    echo "*** WARNING *** instead of '$withval'"
 		fi
 		;;
 	esac],[AC_MSG_RESULT(no)])
 use_dash_r=no
 AC_MSG_CHECKING(whether to use -R paths as well as -L)
 AC_ARG_WITH(rpath,
 	AS_HELP_STRING([--with-rpath],[Use -R as well as -L for libraries]),
 	[case "$withval" in
 	    yes|no)
 		AC_MSG_RESULT($withval)
 		use_dash_r=$withval
 		;;
 	    *)
 		AC_MSG_RESULT(no)
 		;;
 	esac],
 	[AC_MSG_RESULT(no)])
 dnl ### Check for compiler et al. ###################################
 AC_PROG_CC
 AC_PROG_INSTALL
@ -244,12 +326,19 @@ if test "$ac_cv_sys_posix_termios" != "yes"; then
    AC_MSG_ERROR([POSIX termios interface required])
 fi
-AC_CHECK_HEADERS(unistd.h getopt.h sys/vlimit.h sys/resource.h ttyent.h sys/ttold.h sys/uio.h sys/proc.h sys/ioctl_compat.h usersec.h sys/select.h stropts.h sys/audit.h shadow.h sys/time.h crypt.h sysexits.h types.h sys/sockio.h)
+AC_CHECK_HEADERS(unistd.h getopt.h sys/vlimit.h sys/resource.h ttyent.h sys/ttold.h sys/uio.h sys/ioctl_compat.h usersec.h sys/select.h stropts.h sys/audit.h shadow.h sys/time.h crypt.h sysexits.h types.h sys/sockio.h sys/param.h)
 dnl sys/proc.h needs sys/param.h on openbsd, apparently
 AC_CHECK_HEADERS(sys/proc.h, [], [],
 [#if HAVE_SYS_PARAM_H
 #include <sys/param.h>
 #endif
 ])
 AC_HEADER_TIME
 AC_HEADER_SYS_WAIT
 AC_TYPE_MODE_T
 AC_TYPE_SIGNAL
 AC_TYPE_PID_T
 AC_TYPE_SIZE_T
 AC_CHECK_TYPE([sig_atomic_t],,
    AC_DEFINE(sig_atomic_t, volatile int,
@ -293,13 +382,18 @@ AC_SEARCH_LIBS(crypt,crypt)
 AC_SUBST(CONSLIBS)
 AC_SUBST(CONSCPPFLAGS)
 AC_SUBST(CONSLDFLAGS)
 cons_with_libwrap="NO"
 AC_ARG_WITH(libwrap,
-    AC_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
+    AS_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
 	[Compile in libwrap (tcp_wrappers) support]),
    [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    WRAPCPPFLAGS="-I$withval/include"
-	    WRAPLDFLAGS="-L$withval/lib"
+	    if test "$use_dash_r" != "yes"; then
 		WRAPLDFLAGS="-L$withval/lib"
 	    else
 		WRAPLDFLAGS="-L$withval/lib -R$withval/lib"
 	    fi
 	else
 	    WRAPCPPFLAGS=""
 	    WRAPLDFLAGS=""
@ -320,6 +414,7 @@ AC_ARG_WITH(libwrap,
 		int deny_severity  = 0;
 		],[hosts_access((void *)0)],
 		[AC_MSG_RESULT(yes)
 		 cons_with_libwrap="YES"
 		 AC_DEFINE(USE_LIBWRAP)
 		 CONSLIBS="$CONSLIBS -lwrap"
 		 CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
@ -332,6 +427,7 @@ AC_ARG_WITH(libwrap,
 		    int deny_severity  = 0;
 		    ],[hosts_access((void *)0)],
 		    [AC_MSG_RESULT(yes)
 		     cons_with_libwrap="YES"
 		     AC_DEFINE(USE_LIBWRAP)
 		     CONSLIBS="$CONSLIBS -lwrap -lnsl"
 		     CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
@ -343,13 +439,18 @@ AC_ARG_WITH(libwrap,
    fi]
 )
 cons_with_openssl="NO"
 AC_ARG_WITH(openssl,
-    AC_HELP_STRING([--with-openssl@<:@=PATH@:>@],
+    AS_HELP_STRING([--with-openssl@<:@=PATH@:>@],
 	[Compile in OpenSSL support]),
    [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    OPENSSLCPPFLAGS="-I$withval/include"
-	    OPENSSLLDFLAGS="-L$withval/lib"
+	    if test "$use_dash_r" != "yes"; then
 		OPENSSLLDFLAGS="-L$withval/lib"
 	    else
 		OPENSSLLDFLAGS="-L$withval/lib -R$withval/lib"
 	    fi
 	else
 	    OPENSSLCPPFLAGS=""
 	    OPENSSLLDFLAGS=""
@ -369,6 +470,7 @@ AC_ARG_WITH(openssl,
 	    AC_TRY_LINK([#include <openssl/ssl.h>
 		],[SSL_library_init()],
 		[AC_MSG_RESULT(yes)
 		cons_with_openssl="YES"
 		AC_DEFINE(HAVE_OPENSSL)
 		have_openssl=yes],
 		[AC_MSG_RESULT(no)])],)
@ -381,13 +483,18 @@ AC_ARG_WITH(openssl,
    fi]
 )
 cons_with_dmalloc="NO"
 AC_ARG_WITH(dmalloc,
-    AC_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
+    AS_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
 	[Compile in dmalloc support]),
    [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    DMALLOCCPPFLAGS="-I$withval/include"
-	    DMALLOCLDFLAGS="-L$withval/lib"
+	    if test "$use_dash_r" != "yes"; then
 		DMALLOCLDFLAGS="-L$withval/lib"
 	    else
 		DMALLOCLDFLAGS="-L$withval/lib -R$withval/lib"
 	    fi
 	else
 	    DMALLOCCPPFLAGS=""
 	    DMALLOCLDFLAGS=""
@ -407,6 +514,7 @@ AC_ARG_WITH(dmalloc,
 	    AC_TRY_LINK([#include <dmalloc.h>
 		],[dmalloc_debug(0)],
 		[AC_MSG_RESULT(yes)
 		cons_with_dmalloc="YES"
 		AC_DEFINE(HAVE_DMALLOC)
 		have_dmalloc=yes],
 		[AC_MSG_RESULT(no)])],)
@ -455,9 +563,10 @@ dnl 	else
 dnl 	    AC_MSG_RESULT(no)
 dnl 	fi],[AC_MSG_RESULT(no)])
 cons_with_pam="NO"
 AC_MSG_CHECKING(for PAM support)
 AC_ARG_WITH(pam,
-    AC_HELP_STRING([--with-pam],
+    AS_HELP_STRING([--with-pam],
 	[Enable PAM support]),
 	[if test "$withval" = yes; then
 	    oLIBS="$LIBS"
@ -467,6 +576,7 @@ AC_ARG_WITH(pam,
 		AC_MSG_CHECKING(for PAM library -lpam)
 		AC_TRY_LINK_FUNC([pam_start],
 		    [AC_MSG_RESULT(yes)
 		    cons_with_pam="YES"
 		    AC_DEFINE(HAVE_PAM)
 		    CONSLIBS="$CONSLIBS -lpam"],
 		    [LIBS="$LIBS -ldl"
@ -474,6 +584,7 @@ AC_ARG_WITH(pam,
 		    AC_MSG_CHECKING(for PAM library -lpam with -ldl)
 		    AC_TRY_LINK_FUNC([pam_end],
 			[AC_MSG_RESULT(yes)
 			cons_with_pam="YES"
 			AC_DEFINE(HAVE_PAM)
 			CONSLIBS="$CONSLIBS -lpam -ldl"],
 			[AC_MSG_RESULT(no)])])],)
@ -516,3 +627,16 @@ dnl ### Create output files. #######################################
 AC_CONFIG_FILES([Makefile conserver/Makefile conserver.cf/Makefile console/Makefile autologin/Makefile contrib/chat/Makefile])
 AC_CONFIG_FILES([conserver/conserver.rc], [chmod +x conserver/conserver.rc])
 AC_OUTPUT
 [
 echo "=============================================================="
 echo "                      Feature Summary"
 echo ""
 echo "  Unix domain sockets (--with-uds)    : $cons_with_uds"
 echo "         TCP wrappers (--with-libwrap): $cons_with_libwrap"
 echo "              OpenSSL (--with-openssl): $cons_with_openssl"
 echo "              dmalloc (--with-dmalloc): $cons_with_dmalloc"
 echo "          PAM support (--with-pam)    : $cons_with_pam"
 echo ""
 echo "=============================================================="
 ]
--- a/conserver.cf/Makefile.in
+++ b/conserver.cf/Makefile.in
@ -3,7 +3,8 @@ srcdir = @srcdir@
 prefix = @prefix@
 mandir = @mandir@
 sysconfdir = @sysconfdir@
-exampledir = $(prefix)/share/examples/conserver
+datadir = @datadir@
 exampledir = $(datadir)/examples/conserver
 ### Installation programs and flags
 INSTALL = @INSTALL@
--- a/conserver.cf/conserver.cf
+++ b/conserver.cf/conserver.cf
@ -14,39 +14,53 @@ default cisco	{ type host; portbase 2000; portinc 1; }
 default xyplex	{ type host; portbase 2000; portinc 100; }
 default iolan	{ type host; portbase 10000; portinc 1; }
 ### set up some custom break sequences
 break 4 { string "+\d+\d+"; delay 300; }
 break 5 { string "\033c"; }
 ### set the defaults for all the consoles
 # these get applied before anything else
 default * {
 	# The '&' character is substituted with the console name
 	logfile /var/consoles/&;
 	# timestamps every hour with activity and break logging
 	timestamp 1hab;
 	# include the 'full' default
 	include full;
 	# master server is localhost
 	master localhost;
 }
 ### define the first terminal server
 default ts1.conserver.com {
 	# use the xyplex defaults
 	include xyplex;
 	# host to connect to is ts1.conserver.com
 	host ts1.conserver.com;
 	# run login-xyplex when connecting to the term server
 	initcmd /usr/local/sbin/login-xyplex;
 }
 # now define the consoles on ts1.conserver.com
-console web1.conserver.com { include ts1.conserver.com; port 2; }
+# bryan isn't allowed on web1.conserver.com
 console web1.conserver.com { include ts1.conserver.com; port 2; rw !bryan; }
 console ns1.conserver.com { include ts1.conserver.com; port 10; }
 console ns2.conserver.com { include ts1.conserver.com; port 8; }
 ### define the second terminal server
 # this one is a cisco, with simple socket connections
 default ts2.conserver.com { include cisco; host ts2.conserver.com; }
-# and the consoles
+# and the consoles on ts2.conserver.com
 console ldap1.conserver.com { include ts2.conserver.com; port 7; }
 ### and now some one-off consoles
 # we still inherit the '*' default set
 # a simple ssh invocation
 console ssh {
 	type exec;
 	exec ssh localhost;
 	# provide a 'message-of-the-day'
 	motd "just a simple ssh to localhost";
 }
@ -59,6 +73,39 @@ console ttya {
 	timestamp "";		# no timestamps on this console
 }
 ### define a group of users
 group sysadmin {
    users bryan, todd;
    users dave;
 }
 ### reset the defaults for the next set of consoles
 # again, these get applied before anything else
 default * {
 	# The '&' character is substituted with the console name
 	logfile /var/consoles/&;
 	timestamp 5m;
 	rw sysadmin;  # use the group defined above
 	master localhost;
 }
 default cyclades {
 	# sets up /dev/ttyC0 through /dev/ttyC31, for a 32 port card
 	# referenced as ports 1 through 32
 	type device;
 	device /dev/ttyC.;
 	devicesubst .=Pd;
 	portbase -1;
 	portinc 1;
 	host none; # not really used, since devicesubst doesn't use it
 	baud 9600;
 	parity none;
 }
 console modem1.conserver.com { include cyclades; port 2; break 4; }
 # todd isn't allowed on modem2.conserver.com
 console modem2.conserver.com { include cyclades; port 6; rw !todd; }
 ### list of clients we allow
 access * {
 	allowed 10.0.0.0/8 192.168.0.0/16;
--- a/conserver.cf/conserver.cf.man
+++ b/conserver.cf/conserver.cf.man
@ -1,5 +1,5 @@
-.\" $Id: conserver.cf.man,v 1.51 2003/11/15 20:00:11 bryan Exp $
+.\" $Id: conserver.cf.man,v 1.65 2004/05/27 23:39:06 bryan Exp $
-.TH CONSERVER.CF 5 "2003/11/15" "conserver-8.0.6" "conserver"
+.TH CONSERVER.CF 5 "2004/05/27" "conserver-8.1.7" "conserver"
 .SH NAME
 conserver.cf \- console configuration file for
 .BR conserver (8)
@ -107,10 +107,27 @@ of things, we have:
 "defa"ult my\e defs { rw *; in\eclude "other defs"  ; }
 .fi
 .ft
 .PP
 There is one special line the parser recognizes: a ``#include'' statement.
 It is of the form:
 .IP
 .B #include
 .I filename
 .PP
 Any whitespace around
 .I filename
 is ignored, but whitespace embedded inside is preserved.
 Everything in
 .I filename
 is taken literally, so none of the normal parser quoting applies.
 The
 .B #include
 must begin in ``column 0'' - no whitespace is allowed between it and
 the start of the physical line.
 There is an include file depth limit of 10 to prevent infinite recursion.
 .SH BLOCKS
-.TP 8
+.TP
-.B access
+\f3access\fP \f2hostname\fP|\f2ipaddr\fP
 .RI [ " hostname " | " ipaddr " ]
 .br
 Define an access block for the host named
 .I hostname
@ -121,10 +138,8 @@ all conserver hosts.
 Access lists are used in a first match
 fashion (top down), so order is important.
 .RS
-.TP 15
+.TP
-.B admin
+\f3admin\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
 .RI "[ [\fB!\fP]" username ,...
 | "" ]
 .br
 Define a list of users making up the admin list for the console server.
 If
@ -132,39 +147,45 @@ If
 matches a previously defined group name, all members of the previous
 group are applied to the admin list (with access reversed if prefixed
 with a `!').
-Otherwise, users will be granted (or denied if prefixed with `!') access.
+If
-If the null string (``""'') is used, any
+.I username
 doesn't match a previously defined group and
 .I username
 begins with `@', the name (minus the `@') is checked against the
 host's group database.
 All users found in the group will be granted (or denied, if prefixed
 with `!') access.
 If
 .I username
 doesn't match a previous group and doesn't begin with `@', the users
 will be granted (or denied, if prefixed with `!') access.
 If the null string (``\f3""\fP'') is used, any
 users previously defined for the console servers's admin list are removed.
 .TP
-.B allowed
+\f3allowed\fP \f2hostname\fP[\f3,\fP...]
 .IR hostname ", ..."
 .br
 The list of hostnames are added to the ``allowed'' list, which grants
 connections from the hosts but requires username authentication.
 .TP
-.B include
+\f3include\fP \f2accessgroup\fP
 .I accessgroup
 .br
 The access lists defined using the name
 .I accessgroup
 are applied to the current access block.
 The included access block must be previously defined.
 .TP
-.B rejected
+\f3rejected\fP \f2hostname\fP[\f3,\fP...]
 .IR hostname ", ..."
 .br
 The list of hostnames are added to the ``rejected'' list, which rejects
 connections from the hosts.
 .TP
-.B trusted
+\f3trusted\fP \f2hostname\fP[\f3,\fP...]
 .IR hostname ", ..."
 .br
 The list of hostnames are added to the ``trusted'' list, which grants
 connections from the hosts without username authentication.
 .RE
-.TP 8
+.TP
-.B break
+\f3break\fP \f2n\fP
 .I n
 .br
 Define a break sequence where 0 < 
 .I n
@ -173,9 +194,8 @@ Break sequences are accessed via the
 .RI ``^El n ''
 client escape sequence.
 .RS
-.TP 15
+.TP
-.B delay
+\f3delay\fP \f2n\fP
 .I n
 .br
 Set the time delay for the
 .B \ed
@ -184,8 +204,7 @@ sequence to
 milliseconds.
 The default time delay is 250ms.
 .TP
-.B string
+\f3string\fP \f2breakseq\fP
 .I breakseq
 .br
 Assign the string
 .IR breakseq
@ -194,6 +213,7 @@ to the specified slot
 A break sequence is a simple character string with the exception of `\e'
 and `^':
 .RS
 .RS
 .sp
 .PD 0
 .TP 6
@ -251,9 +271,9 @@ is ``and''ed with 0x1f)
 .PD
 .RE
 .RE
-.TP 8
+.RE
-.B config
+.TP
-.RI [ " hostname " | " ipaddr " ]
+\f3config\fP \f2hostname\fP|\f2ipaddr\fP
 .br
 Define a configuration block for the host named
 .I hostname
@ -262,66 +282,83 @@ or using the address
 If the value of ``*'' is used, the configuration block will be applied to
 all conserver hosts.
 .RS
-.TP 15
+.TP
-.B defaultaccess
+\f3defaultaccess\fP \f3rejected\fP|\f3trusted\fP|\f3allowed\fP
 .RB [ " rejected " | " trusted " | " allowed " ]
 .br
 Set the default access permission for all hosts not matched by
 an access list (see the
 .B \-a
 command-line flag).
 .TP
-.B daemonmode
+\f3daemonmode\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
 .RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
 .br
 Set whether or not to become a daemon when run (see the
 .B \-d
 command-line flag).
 .TP
-.B logfile
+\f3initdelay\fP \f2number\fP
-.I filename
+.br
 Set the number of seconds between console initializations.
 All consoles with the same
 .B host
 value will be throttled as a group (those without a
 .B host
 value are their own group).
 In other words, each console within a group will only be initialized after
 .I number
 seconds passes from the previous initialization of a console in that group.
 Different throttle groups are initialized simultaneously.
 One warning: since consoles are split up and managed by seperate conserver
 processes, it's possible for more than one conserver process to
 have a throttle group based on a particular
 .B host
 value.
 If this happens, each conserver process will throttle their groups 
 independently of the other conserver processes, which results in a
 more rapid initialization (per
 .B host
 value) than one might otherwise expect.
 If
 .I number
 is zero, all consoles are initialized without delay.
 .TP
 \f3logfile\fP \f2filename\fP
 .br
 Set the logfile to write to when in daemon mode (see the
 .B \-L
 command-line flag).
 .TP
-.B passwdfile
+\f3passwdfile\fP \f2filename\fP
 .I filename
 .br
 Set the password file location used for authentication (see the
 .B \-P
 command-line flag).
 .TP
-.B primaryport
+\f3primaryport\fP \f2number\fP|\f2name\fP
 .RI [ " number " | " name " ]
 .br
 Set the port used by the master conserver process (see the
 .B \-p
 command-line flag).
 .TP
-.B redirect
+\f3redirect\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
 .RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
 .br
 Turn redirection on or off (see the
 .B \-R
 command-line flag).
 .TP
-.B reinitcheck
+\f3reinitcheck\fP \f2number\fP
 .I number
 .br
-Set the number of seconds used between reinitialization checks (see the
+Set the number of minutes used between reinitialization checks (see the
 .B \-O
 command-line flag).
 .TP
-.B secondaryport
+\f3secondaryport\fP \f2number\fP|\f2name\fP
 .RI [ " number " | " name " ]
 .br
 Set the base port number used by child processes (see the
 .B \-b
 command-line flag).
 .TP
-.B setproctitle
+\f3setproctitle\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
 .RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
 .br
 Set whether or not the process title shows master/group functionality
 as well as the port number the process is listening on and how many
@ -330,8 +367,7 @@ The operating system must support the
 .BR setproctitle ()
 call.
 .TP
-.B sslcredentials
+\f3sslcredentials\fP \f2filename\fP
 .I filename
 .br
 Set the
 .SM SSL
@ -339,15 +375,13 @@ credentials file location (see the
 .B \-c
 command-line flag).
 .TP
-.B sslrequired
+\f3sslrequired\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
 .RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
 .br
 Set whether or not encryption is required when talking to clients (see the
 .B \-E
 command-line flag).
 .TP
-.B unifiedlog
+\f3unifiedlog\fP \f2filename\fP
 .I filename
 .br
 Set the location of the unified log to
 .IR filename .
@ -355,9 +389,8 @@ See the
 .B \-U
 command-line flag for details.
 .RE
-.TP 8
+.TP
-.B console
+\f3console\fP \f2name\fP
 .I name
 .br
 Define a console identified as
 .IR name .
@ -365,18 +398,15 @@ The keywords are the same as the
 .B default
 block with the following addition.
 .RS
-.TP 15
+.TP
-.B aliases
+\f3aliases\fP \f2name\fP[\f3,\fP...]|\f3""\fP
 .RI [ " name" ", ..."
 | "" ]
 .br
 Define a list of console aliases.
-If the null string (``""'') is used, any
+If the null string (``\f3""\fP'') is used, any
 aliases previously defined for the console are removed.
 .RE
-.TP 8
+.TP
-.B default
+\f3default\fP \f2name\fP
 .I name
 .br
 Define a block of defaults identified as
 .IR name .
@ -386,106 +416,117 @@ is ``*'', the automatically applied default block is defined (basically
 all consoles have an implicit ``include "*";'' at the beginning
 of their definition).
 .RS
-.TP 15
+.TP
-.B baud
+\f3baud\fP \f3300\fP|\f3600\fP|\f31800\fP|\f32400\fP|\f34800\fP|\f39600\fP|\f319200\fP|\f338400\fP|\f357600\fP|\f3115200\fP
 .RB [ " 300 " | " 600 " | " 1800 " | " 2400 " | " 4800"
 .RB | " 9600 " | " 19200 " | " 38400 " | " 57600 " | " 115200 " ]
 .br
 Assign the baud rate to the console.
 Only consoles of type ``device'' will use this value.
 .TP
-.B break
+\f3break\fP \f2n\fP
 .I n
 .br
 Assign the break sequence
 .I n
 as the default for the console, which is used by
 the ``^Ecl0'' client escape sequence.
 .TP
-.B device
+\f3device\fP \f2filename\fP
 .I filename
 .br
 Assign the serial device
 .I filename
 as the access to the console.
 Only consoles of type ``device'' will use this value.
 .TP
-.B devicesubst
+\f3devicesubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
 .RI [ " hp" [ n ] "f "
 | "" ]
 .br
-Perform string substitutions on the
+Perform character substitutions on the
 .B device
 value.
-.I h
+A series of replacements can be defined by specifying a
-is the character in
+comma-separated list of
-.B device
+\f2c\fP=\f2t\fP[\f2n\fP]\f2f\fP
-to replace with the
+sequences where
 .I c
 is any printable character,
 .I t
 specifies the replacement value,
 .I n
 is a field length (optional),
 and
 .I f
 is the format string.
 .I t
 can be one of the characters below, catagorized as a string replacement
 or a numeric replacement, which dictates the use of the
 .I n
 and
 .I f
 fields.
 .RS
 .RS
 .sp
 .PD 0
 .TP
 String Replacement
 .TP
 .B h
 .B host
-value and
+value
-.I p
+.TP
-is the character to replace with the
+.B c
 console name
 .sp
 .PP
 Numeric Replacement
 .TP
 .B p
 config
 .B port
-value.
+value
-The
+.TP
-.B port
+.B P
-value will be formatted to at least
+calculated port value
 .PD
 .RE
 .RE
 .IP
 For string replacements, if the replacement isn't at least
 .I n
 characters, it will be padded with space characters on the left.
 .I f
 must be `s'.
 For numeric replacements, the value will be formatted to at least
 .I n
 characters, padded with 0s if
 .I n
 begins with a 0, and space characters otherwise.
 .I f
-must be either `d' or `x' or `X', specifying a decimal, lower-case
+must be either `d', `x' or `X', specifying a decimal, lower-case
-hexdecimal, or uppercase hexdecimal representation of
+hexadecimal, or an uppercase hexadecimal conversion.
-.BR port .
+If the null string (``\f3""\fP'') is used, no replacements will be done.
 If the null string (``""'') is used, no replacements will be done.
 .TP
-.B exec
+\f3exec\fP \f2command|\f3""\fP
 .RI [ " command "
 | "" ]
 .br
 Assign the string
 .I command
 as the command to access the console.
 Conserver will run the command by
-invoking ``/bin/sh -ce "\fIcommand\fP"''.
+invoking ``/bin/sh -ce "\f2command\fP"''.
-If the null string (``""'') is used or no
+If the null string (``\f3""\fP'') is used or no
 .B exec
 keyword is specified, conserver will use the command ``/bin/sh -i''.
 Only consoles of type ``exec'' will use this value.
 .TP
-.B execsubst
+\f3execsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
 .RI [ " hp" [ n ] "f "
 | "" ]
 .br
-Perform string substitutions on the
+Perform character substitutions on the
 .B exec
 value.
-.I h
+See the
-is the character in
+.B devicesubst
-.B exec
+option for an explanation of the format string.
-to replace with the
+If the null string (``\f3""\fP'') is used, no replacements will be done.
 .B host
 value and
 .I p
 is the character to replace with the
 .B port
 value.
 The
 .B port
 value will be formatted to at least
 .I n
 characters, padded with 0s if
 .I n
 begins with a 0, and space characters otherwise.
 .I f
 must be either `d' or `x' or `X', specifying a decimal, lower-case
 hexdecimal, or uppercase hexdecimal representation of
 .BR port .
 If the null string (``""'') is used, no replacements will be done.
 .TP
-.B host
+\f3host\fP \f2hostname\fP
 .I hostname
 .br
 Assign
 .I hostname
@ -493,18 +534,22 @@ as the host to connect to for accessing the console.
 You must also set the
 .B port
 option as well.
-Only consoles of type ``host'' will use this value.
+Normally, only consoles of type ``host'' will use this value, however
 if the
 .BR devicesubst ,
 .BR execsubst ,
 or
 .B initsubst
 keywords are used in any console type, this value is used.
 .TP
-.B idlestring
+\f3idlestring\fP \f2string\fP|\f3""\fP
 .RI [ " string "
 | "" ]
 .br
 Assign the
 .I string
 that is sent to the console once the console is idle for an
 .I idletimeout
 amount of time.
-If the null string (``""'') is used, the string is unset and
+If the null string (``\f3""\fP'') is used, the string is unset and
 the default is used.
 The string is interpreted just as a
 .B break
@ -514,27 +559,24 @@ configuration items for details) where all delays specified (via ``\ed'')
 use the default delay time.
 The default string is ``\en''.
 .TP
-.B idletimeout
+\f3idletimeout\fP \f2number\fP[\f3s\fP|\f3m\fP|\f3h\fP]
 .BR \fInumber\fP [ s | m | h ]
 .br
 Set the idle timeout of the console to
 .I number
-seconds.  If an `s', `m', or `h' is used after
+seconds.
 If an `s', `m', or `h' is used after
 .IR number ,
 the specified time is interpreted as seconds, minutes, or hours.
 Set the timeout to zero to disable the idle timeout (the default).
 .TP
-.B include
+\f3include\fP \f2default\fP
 .I default
 .br
 The default block defined using the name
 .I default
 is applied to the current console or default block.
 The included default block must be previously defined.
 .TP
-.B initcmd
+\f3initcmd\fP \f3command\fP|\f3""\fP
 .RI [ " command "
 | "" ]
 .br
 Invoke
 .I command
@ -544,23 +586,64 @@ to stdin, stdout, and stderr of
 The
 .I command
 is passed as an argument to ``/bin/sh -ce''.
-If the null string (``""'') is used, the command is unset and
+If the null string (``\f3""\fP'') is used, the command is unset and
 nothing is invoked.
 .TP
-.B logfile
+\f3initsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
-.RI [ " filename "
+.br
-| "" ]
+Perform character substitutions on the
 .B initcmd
 value.
 See the
 .B devicesubst
 option for an explanation of the format string.
 If the null string (``\f3""\fP'') is used, no replacements will be done.
 .TP
 \f3logfile\fP \f2filename\fP|\f3""\fP
 .br
 Assign the logfile specified by
 .I filename
-to the console.  Any occurrence of ``&'' in
+to the console.
 Any occurrence of ``&'' in
 .I filename
 will be replaced with the name of the console.
-If the null string (``""'') is used, the logfile name is unset and
+If the null string (``\f3""\fP'') is used, the logfile name is unset and
 no logging will occur.
 .TP
-.B master
+\f3logfilemax\fP \f2number\fP[\f3k\fP|\f3m\fP]
-.RI [ " hostname " | " ipaddr " ]
+.br
 Enable automatic rotation of
 .B logfile
 once it's size exceeds
 .I number
 bytes.
 Specifying
 .B k
 or
 .B m
 interpret
 .I number
 as kilobytes and megabytes.
 .I number
 must be at least 2048 bytes.
 A value of zero will turn off automatic rotation of
 .BR logfile .
 The
 .B logfile
 .I filename
 will be renamed
 .IR filename -\s-1YYYYMMDD\s0-\s-1HHMMSS\s0,
 where the extension is the current GMT year, month, day, hour,
 minute, and second (to prevent issues with clock rollbacks).
 File sizes are checked every 5 minutes with an additional initial
 pseudo-random delay of up to one minute (to help prevent all processes
 checking all consoles simultaneously).
 2.5% (minimum 100 bytes, maximum 4000 bytes) of the old
 logfile is read from the end of the file.
 All data past the first newline is moved (not copied) to the new logfile
 so that a replay of the console works and starts on a line boundary.
 .TP
 \f3master\fP \f2hostname\fP|\f3ipaddr\fP
 .br
 Define which conserver host manages the console.
 The host may be specified by
@ -568,19 +651,15 @@ The host may be specified by
 or using the address
 .IR ipaddr .
 .TP
-.B motd
+\f3motd\fP \f2message\fP|\f3""\fP
 .RI [ " message "
 | "" ]
 .br
 Set the "message of the day" for the console to
 .IR message ,
 which gets displayed when a client attaches to the console.
-If the null string (``""'') is used, the MOTD is unset and
+If the null string (``\f3""\fP'') is used, the MOTD is unset and
 no message will occur.
 .TP
-.B options
+\f3options\fP [\f3!\fP]option[\f3,\fP...]|\f3""\fP
 .RI [ " option" ,...
 | "" ]
 .br
 You can negate the option by prefixing it with a
 .RB `` ! ''
@ -656,7 +735,7 @@ The conserver option
 .B \-7
 will set this flag for all consoles.
 Default is
-.BR !stiphigh .
+.BR !striphigh .
 .TP
 .B reinitoncc
 Automatically reinitialize (``bring up'') a downed console when a client
@ -695,14 +774,12 @@ Default is
 .PD
 .RE
 .TP
-.B parity
+\f3parity\fP \f3even\fP|\f3mark\fP|\f3none\fP|\f3odd\fP|\f3space\fP
 .RB [ " even " | " mark " | " none " | " odd " | " space " ]
 .br
 Set the parity option for the console.
 Only consoles of type ``device'' will use this value.
 .TP
-.B port
+\f3port\fP \f2number\fP|\f2name\fP
 .RI [ " number " | " name " ]
 .br
 Set the port used to access the console.
 The port may be specified as a
@ -725,34 +802,60 @@ The formula used is
 .BR portbase " + "
 .BR portinc " * " port .
 By using proper values in the formula, you can reference ports on a
-terminal server by their physical numbering of 1 through
+terminal server by their physical numbering of
-.IR n .
+.RI 0.. n
 or
 .RI 1.. n
 (depending on if you like zero-based or one-based numbering).
 Warning: you can generate a \-1 value with this formula,
 which will become a very high numbered positive
 value (since things are stored unsigned).
 You must also set the
 .B host
 option as well.
-Only consoles of type ``host'' will use this value.
+Normally, only consoles of type ``host'' will use this value, however
 if the
 .BR devicesubst ,
 .BR execsubst ,
 or
 .B initsubst
 keywords are used in any console type, this value is used.
 .TP
-.B portbase
+\f3portbase\fP \f2number\fP
 .I number
 .br
 Set the base value for the port calculation formula.
 .I number
 must be 0 or greater.
 The default is zero.
 See
 .B port
 for the details of the formula.
 .TP
-.B portinc
+\f3portinc\fP \f2number\fP
 .I number
 .br
 Set the increment value for the port calculation formula.
 .I number
 must be 0 or greater.
 The default is one.
 See
 .B port
 for the details of the formula.
 .TP
-.B ro
+\f3protocol\fP \f3telnet\fP|\f3raw\fP
-.RI "[ [\fB!\fP]" username ,...
+.br
-| "" ]
+Set the protocol used to send and receive data from the console.
 If
 .B raw
 is used, all data is sent ``as is'', unprotected by any protocol specification.
 If
 .B telnet
 is used (which is the default), data is encapsulated in the telnet protocol.
 The
 .B striphigh
 console option still applies when data is read by the server, and if enabled,
 can impact the encapsulation process.
 .TP
 \f3ro\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
 .br
 Define a list of users making up the read-only access list
 for the console.
@ -761,14 +864,22 @@ If
 matches a previously defined group name, all members of the previous
 group are applied to the read-only access list (with access reversed
 if prefixed with a `!').
-Otherwise, users will be granted (or denied if prefixed with `!')
+If
-read-only access.
+.I username
-If the null string (``""'') is used, any
+doesn't match a previously defined group and
 .I username
 begins with `@', the name (minus the `@') is checked against the
 host's group database.
 All users found in the group will be granted (or denied, if prefixed
 with `!') read-only access.
 If
 .I username
 doesn't match a previous group and doesn't begin with `@', the users
 will be granted (or denied, if prefixed with `!') read-only access.
 If the null string (``\f3""\fP'') is used, any
 users previously defined for the console's read-only list are removed.
 .TP
-.B rw
+\f3rw\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
 .RI "[ [\fB!\fP]" username ,...
 | "" ]
 .br
 Define a list of users making up the read-write access list
 for the console.
@ -777,15 +888,22 @@ If
 matches a previously defined group name, all members of the previous
 group are applied to the read-write access list (with access reversed
 if prefixed with a `!').
-Otherwise, users will be granted (or denied if prefixed with `!')
+If
-read-write access.
+.I username
-If the null string (``""'') is used, any
+doesn't match a previously defined group and
 .I username
 begins with `@', the name (minus the `@') is checked against the
 host's group database.
 All users found in the group will be granted (or denied, if prefixed
 with `!') read-write access.
 If
 .I username
 doesn't match a previous group and doesn't begin with `@', the users
 will be granted (or denied, if prefixed with `!') read-write access.
 If the null string (``\f3""\fP'') is used, any
 users previously defined for the console's read-write list are removed.
 .TP
-.B timestamp
+\f3timestamp\fP [\f2number\fP[\f3m\fP|\f3h\fP|\f3d\fP|\f3l\fP]][\f3a\fP][\f3b\fP]|\f3""\fP
 [
 .RB [ \fInumber\fP [ m | h | d | l ]][ a ][ b ]
 | "" ]
 .br
 Specifies the time between timestamps applied to the console
 log file and whether to log read/write connection actions.
@ -814,10 +932,10 @@ A
 .RB ` b '
 can be specified to add logging of break sequences sent to the console.
 .TP
-.B type
+\f3type\fP \f3device\fP|\f3exec\fP|\f3host\fP
 .RB [ " device " | " exec " | " host " ]
 .br
-Set the type of console.  The type
+Set the type of console.
 The type
 .RB `` device ''
 should be used for local serial ports (also set the
 .B device
@ -834,17 +952,14 @@ and
 .B port
 options).
 .RE
-.TP 8
+.TP
-.B group
+\f3group\fP \f2name\fP
 .I name
 .br
 Define a user group identified as
 .I name
 .RS
-.TP 15
+.TP
-.B users
+\f3users\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
 .RI "[ [\fB!\fP]" username ,...
 | "" ]
 .br
 Define a list of users making up the group
 .IR name .
@ -853,9 +968,19 @@ If
 matches a previously defined group name, all members of the previous
 group are applied to the current group (with access reversed
 if prefixed with a `!').
-Otherwise, users will be recorded with (or without if prefixed with `!')
+If
-access.
+.I username
-If the null string (``""'') is used, any
+doesn't match a previously defined group and
 .I username
 begins with `@', the name (minus the `@') is checked against the
 host's group database.
 All users found in the group will be recorded with (or without, if prefixed
 with `!') access.
 If
 .I username
 doesn't match a previous group and doesn't begin with `@', the users
 will be recorded with (or without, if prefixed with `!') access.
 If the null string (``\f3""\fP'') is used, any
 users previously defined for this group are removed.
 .RE
 .SH AUTHORS
--- a/conserver.cf/conserver.passwd.man
+++ b/conserver.cf/conserver.passwd.man
@ -1,5 +1,5 @@
-.\" $Id: conserver.passwd.man,v 1.9 2003/07/04 20:20:52 bryan Exp $
+.\" $Id: conserver.passwd.man,v 1.10 2004/01/08 16:12:33 bryan Exp $
-.TH CONSERVER.PASSWD 5 "2003/07/04" "conserver-8.0.6" "conserver"
+.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.7" "conserver"
 .SH NAME
 conserver.passwd \- user access information for
 .BR conserver (8)
@ -59,7 +59,8 @@ in the system
 If PAM support has been enabled
 .RB ( --with-pam ),
 PAM lookups will be done instead of
-.BR passwd " (or " shadow ") lookups."
+.BR passwd " (or " shadow ") lookups"
 (you may need to edit /etc/pam.conf or create /etc/pam.d/conserver).
 If this field is empty, password checking is bypassed for this user.
 .SH EXAMPLE
 .TP 24
--- a/conserver.cf/samples/README
+++ b/conserver.cf/samples/README
@ -0,0 +1,21 @@
 I put together the sample configuration files in this directory in hopes
 that it would help folks see some of the possibilities of the
 configuration file format.  Each of the files are syntatically correct,
 but have never actually been used.
 Each file is basically built upon the previous...theoretically, if not
 actually.  Hopefully they'll help show some of the cool things you can
 do with the configuration file and help those trying to figure out how
 they should even start.
    simple.cf - A very simple, one console config file
    basic.cf - A config with a couple consoles, mostly using defaults
    average.cf - A config for many consoles, using breaks, user lists,
 		 etc...bascially customizing each area
    average-distributed.cf - Taking average.cf to multiple conserver
 			     hosts with overrides on those hosts
 Bryan Stansell
--- a/conserver.cf/samples/average-distributed.cf
+++ b/conserver.cf/samples/average-distributed.cf
@ -0,0 +1,109 @@
 #
 # I took the average.cf file and expanded it to use a distributed
 # conserver setup...two conserver hosts (conserver1 and conserver2), but
 # the basic philosophy would hold for many more console and/or conserver
 # hosts.
 #
 # ------ define a user group ------
 group sysadmin {
    users bryan, todd, dave;
 }
 # helpers is everyone but the sysadmin group
 group helpers {
    users *, !sysadmin;
 }
 # ------ make sure breaks are the way we want --------
 break 1 { string "\z"; }
 break 2 { string "\r\d~\d^b"; delay 600; }
 break 3 { string "#."; }
 # ----- define some console types ------
 # yeah, just setting a break doesn't quite seem worth it, but perhaps,
 # some day, there will be more host-specific stuff.
 default sun-std { break 1; }
 default sun-alt { break 2; }
 default sun-lom { break 3; }
 # ------ defaults ------
 # we set a 'global' default so we can reuse the bits below.  we're going
 # to set the '*' default, then define consoles, reset the '*' default,
 # define more consoles, etc.
 default global {
 	logfile /var/consoles/&;	# '&' is replaced with console name
 	timestamp 1hab;			# write timestamps
 	rw sysadmin;			# allow sysadmins full access
 	ro helpers;			# allow helpers to watch
 	include sun-std;
 }
 # --------- define our terminal attributes ----------
 # simple tcp connections are "easy"
 default cisco { type host; portbase 2000; portinc 1; }
 default xyplex  { type host; portbase 2000; portinc 100; }
 # this is a cyclades card referenced with /dev/ttyC0 through /dev/ttyC31
 # (referenced as ports 1 through 32 in conserver.cf)
 # we set the various port calculation bits and pattern substitution to
 # come up with a generic definition
 default cyclades { type device; device /dev/ttyC&; baud 9600; parity none;
 		   devicesubst &=Pd; portbase -1; portinc 1; host unused; }
 ## this is a term server accessed with an ssh command
 # it too uses pattern substitution and such to get the job done
 default ciscossh { type exec; portbase 2000; portinc 1;
 		   exec /usr/local/bin/ssh -p P -l tsuser H;
 		   execsubst H=hs,P=Pd; }
 # ------- set the global default for the first conserver host -------
 # the consoles below (until the default is reset) are managed
 # by conserver1.conserver.com
 default * { include global; master conserver1.conserver.com; }
 # ------- define the consoles on ts1.conserver.com --------
 default ts1.conserver.com { include cisco; host ts1.conserver.com; }
 console web1.conserver.com { include ts1.conserver.com; port 2; }
 console ns1.conserver.com { include ts1.conserver.com; port 10; }
 # ------- define the consoles on ts2.conserver.com --------
 default ts2.conserver.com { include xyplex; host ts2.conserver.com; }
 console web2.conserver.com { include ts2.conserver.com; port 4; }
 console ns2.conserver.com { include ts2.conserver.com; port 22; }
 # ------- set the global default for the second conserver host -------
 # the following consoles are managed by conserver2.conserver.com
 default * { include global; master conserver2.conserver.com; }
 # ------- define the consoles on ts3.conserver.com --------
 default ts3.conserver.com { include ciscossh; host ts3.conserver.com; }
 console ftp1.conserver.com { include ts3.conserver.com; include sun-lom;
 			     port 7; }
 # ------- set up the an access list to avoid the default -------
 # anything *not* matched here will fallback to the default access mode
 access * {
 	trusted 127.0.0.1;
 	allowed 10.0.0.0/8;
 }
 # conserver2 has an extra leg that is trusted
 access conserver2.conserver.com { trusted 192.168.0.0/16; }
 # ------- do some server configuration ---------
 # both conserver1.conserver.com and conserver2.conserver.com use the same
 # set of defaults
 config * {
 	defaultaccess rejected;
 	daemonmode on;
 	logfile /var/log/conserver;
 }
 # we're going to set the default access on conserver2 to allowed, because
 # it's in a higher-trust network
 config conserver2.conserver.com { defaultaccess allowed; }
--- a/conserver.cf/samples/average.cf
+++ b/conserver.cf/samples/average.cf
@ -0,0 +1,91 @@
 #
 # This would be what i'd expect a more common configuration file would
 # look like.  There are consoles attached to multiple devices, simple
 # access lists, etc.
 #
 # ------ define a user group ------
 group sysadmin {
    users bryan, todd, dave;
 }
 # helpers is everyone but the sysadmin group
 group helpers {
    users *, !sysadmin;
 }
 # ------ make sure breaks are the way we want --------
 break 1 { string "\z"; }
 break 2 { string "\r\d~\d^b"; delay 600; }
 break 3 { string "#."; }
 # ----- define some console types ------
 # yeah, just setting a break doesn't quite seem worth it, but perhaps,
 # some day, there will be more host-specific stuff.
 default sun-std { break 1; }
 default sun-alt { break 2; }
 default sun-lom { break 3; }
 # ------ defaults ------
 # now for some generic console defaults so that we don't have to
 # duplicate them for each console.
 default * {
 	logfile /var/consoles/&;	# '&' is replaced with console name
 	timestamp 1hab;			# write timestamps
 	rw sysadmin;			# allow sysadmins full access
 	ro helpers;			# allow helpers to watch
 	master localhost;
 	include sun-std;
 }
 # --------- define our terminal attributes ----------
 # simple tcp connections are "easy"
 default cisco { type host; portbase 2000; portinc 1; }
 default xyplex  { type host; portbase 2000; portinc 100; }
 # this is a cyclades card referenced with /dev/ttyC0 through /dev/ttyC31
 # (referenced as ports 1 through 32 in conserver.cf)
 # we set the various port calculation bits and pattern substitution to
 # come up with a generic definition
 default cyclades { type device; device /dev/ttyC&; baud 9600; parity none;
 		   devicesubst &=Pd; portbase -1; portinc 1; host unused; }
 ## this is a term server accessed with an ssh command
 # it too uses pattern substitution and such to get the job done
 default ciscossh { type exec; portbase 2000; portinc 1;
 		   exec /usr/local/bin/ssh -p P -l tsuser H;
 		   execsubst H=hs,P=Pd; }
 # ------- define the consoles on ts1.conserver.com --------
 default ts1.conserver.com { include cisco; host ts1.conserver.com; }
 console web1.conserver.com { include ts1.conserver.com; port 2; }
 console ns1.conserver.com { include ts1.conserver.com; port 10; }
 # ------- define the consoles on ts2.conserver.com --------
 default ts2.conserver.com { include xyplex; host ts2.conserver.com; }
 console web2.conserver.com { include ts2.conserver.com; port 4; }
 console ns2.conserver.com { include ts2.conserver.com; port 22; }
 # ------- define the consoles on ts3.conserver.com --------
 default ts3.conserver.com { include ciscossh; host ts3.conserver.com; }
 console ftp1.conserver.com { include ts3.conserver.com; include sun-lom;
 			     port 7; }
 # ------- set up the an access list to avoid the default -------
 # anything *not* matched here will fallback to the default access mode
 access * {
 	trusted 127.0.0.1;
 	allowed 10.0.0.0/8;
 }
 # ------- do some server configuration ---------
 config * {
 	defaultaccess rejected;
 	daemonmode on;
 	logfile /var/log/conserver;
 }
--- a/conserver.cf/samples/basic.cf
+++ b/conserver.cf/samples/basic.cf
@ -0,0 +1,28 @@
 #
 # This is a fairly basic configuration file that interacts with one
 # terminal server.
 #
 # first, we're going to set some generic console defaults so that we
 # don't have to duplicate them for each console.
 default * {
 	logfile /var/consoles/&;	# '&' is replaced with console name
 	timestamp 1hab;			# write timestamps
 	rw *;				# allow all users
 	master localhost;
 	type host;
 	host ts1.conserver.com;		# consoles on ts1.conserver.co
 	portbase 2000;			# port numbers start at 2001 and
 	portinc 1;			# go up by 1 (port #1 == 2001, etc)
 }
 # define two consoles on the terminal server
 console web1.conserver.com { port 2; }	# calculates to tcp port 2002
 console ns1.conserver.com { port 10; }	# calculates to tcp port 2010
 # set up the an access list to avoid the default
 # anything *not* matched here will fallback to the default access (-a)
 # mode
 access * {
 	trusted 127.0.0.1;
 }
--- a/conserver.cf/samples/simple.cf
+++ b/conserver.cf/samples/simple.cf
@ -0,0 +1,11 @@
 #
 # I believe this is the smallest configuration file that is also fully
 # functional.  You have to be happy with the default access type (-a)
 # as well as the default access list that gets used.
 # 
 console simple {
    master localhost;
    type exec;
    rw *;
 }
--- a/conserver.html
+++ b/conserver.html
@ -9,6 +9,7 @@
    <META name="author" content=
    "Bryan Stansell &lt;bryan@conserver.com&gt;">
    <LINK rel="SHORTCUT ICON" href="conserver.ico">
    <LINK rel="icon" href="conserver.ico">
    <TITLE>Conserver</TITLE>
@ -35,7 +36,8 @@
        <TD colspan="2" align="center">Please pick your closest
        mirror: &nbsp;&nbsp;<A href=
        "http://planetmirror.com/pub/conserver/">Australia</A>
-        &nbsp;&nbsp;<A href="http://www.conserver.com/">US
+        &nbsp;&nbsp;<A href="http://conserver.syr.edu/">US-East</A>
        &nbsp;&nbsp;<A href="http://www.conserver.com/">US-West
        (Primary)</A><BR>
        <BR>
        </TD>
@ -55,11 +57,11 @@
            <INPUT type="HIDDEN" name="method" value="and"> <INPUT
            type="HIDDEN" name="format" value="builtin-long">
            <INPUT type="HIDDEN" name="sort" value="score"> <INPUT
-            type="HIDDEN" name="config" value="htdig"> <INPUT type=
+            type="HIDDEN" name="config" value="conserver.com">
-            "HIDDEN" name="restrict" value=""> <INPUT type="HIDDEN"
+            <INPUT type="HIDDEN" name="restrict" value=""> <INPUT
-            name="exclude" value=""> <INPUT type="TEXT" size="20"
+            type="HIDDEN" name="exclude" value=""> <INPUT type=
-            name="words" value=""> <INPUT type="SUBMIT" value=
+            "TEXT" size="20" name="words" value=""> <INPUT type=
-            "Search">
+            "SUBMIT" value="Search">
          </FORM>
        </TD>
      </TR>
@ -159,35 +161,32 @@
          the website. Next, there's Kevin Braunsdorf's version at
          <A href=
          "ftp://ftp.physics.purdue.edu/pub/pundits/">ftp://ftp.physics.purdue.edu/pub/pundits/</A>.
-          Kevin is semi-actively working on his thread. Doesn't
+          It doesn't look like Kevin is working on his thread ony
-          look like any new versions have been out since August
+          more either. No new versions have been out since August
          2000 (version 8.5), but maybe this info will be out of
-          date by the time you read this. Lastly, the conserver.com
+          date by the time you read this (I last checked Feb 10,
-          version is based on Kevin's "5.21-Beta" distribution, but
+          2004). Lastly, the conserver.com version is based on
-          since <B>HEAVILY</B> modified and enhanced (more details
+          Kevin's "5.21-Beta" distribution, but since
-          in the "Origin" section above).</P>
+          <B>HEAVILY</B> modified and enhanced (more details in the
          "Origin" section above).</P>
          <P>If I were looking for a conserver package I would
-          either use Kevin's latest distribution or the
+          definitely use the conserver.com distribution. Why? It's
-          conserver.com distribution. Which one? Well, obviously
+          actively maintained, has many more features than the
-          I'm biased and believe the conserver.com distribution
+          other versions (see <A href="CHANGES">CHANGES</A> for a
-          should be your choice, but Kevin's does have UPS (serial
+          semi-scary history), and has an active user community.
-          port line toggling bits) that the conserver.com version
+          Kevin's version does have UPS support (basic serial port
-          doesn't have. What does the conserver.com distribution
+          line toggling bits) which is missing in the conserver.com
-          have? Well, in reality, too many things to list. You'll
+          version, but no one has asked me for it, so does anyone
-          have to look at the <A href="CHANGES">CHANGES</A> file
+          actually need it?</P>
          and see the enhancements, bug fixes, and general
          development since the original. Don't let the version
          numbers fool you - you'll have to compare and contrast
          for yourself.</P>
          <H3>Downloading</H3>
-          <P>The current version, released on Nov 16, 2003, is <A
+          <P>The current version, released on May 28, 2004, is <A
-          href="8.0.6.tar.gz">8.0.6.tar.gz</A>. You can get it via
+          href="8.1.7.tar.gz">8.1.7.tar.gz</A>. You can get it via
          <A href=
-          "ftp://ftp.conserver.com/conserver/8.0.6.tar.gz">FTP</A>
+          "ftp://ftp.conserver.com/conserver/8.1.7.tar.gz">FTP</A>
-          or <A href="8.0.6.tar.gz">HTTP</A>. See the <A href=
+          or <A href="8.1.7.tar.gz">HTTP</A>. See the <A href=
          "CHANGES">CHANGES</A> file for information on the latest
          updates.</P>
@ -208,6 +207,11 @@
          <P>Check the <A href="INSTALL">INSTALL</A> file for
          instructions.</P>
          <H3>Online Documentation</H3>
          <P>I've put a small set of documentation <A href=
          "docs/">here</A>. I'm hoping to expand it over time.</P>
          <H3>Systems Tested</H3>
          <P>Here's a list of systems that I've been told can
--- a/conserver/Makefile.in
+++ b/conserver/Makefile.in
@ -6,7 +6,8 @@ exec_prefix = @exec_prefix@
 sbindir = @sbindir@
 sysconfdir = @sysconfdir@
 mandir = @mandir@
-exampledir = $(prefix)/share/examples/conserver
+datadir = @datadir@
 exampledir = $(datadir)/examples/conserver
 ### Installation programs and flags
 INSTALL = @INSTALL@
@ -27,21 +28,24 @@ LIBS	= @LIBS@ @CONSLIBS@
 ### Makefile rules - no user-servicable parts below
 CONSERVER_OBJS = access.o client.o consent.o group.o main.o master.o \
-		 readcfg.o fallback.o util.o
+		 readcfg.o fallback.o cutil.o
 CONSERVER_HDRS = ../config.h $(top_srcdir)/compat.h $(srcdir)/access.h \
-		 $(srcdir)/client.h $(srcdir)/consent.h $(srcdir)/group.h \
+		 $(srcdir)/client.h $(srcdir)/consent.h $(srcdir)/cutil.h \
-		 $(srcdir)/main.h $(srcdir)/master.h $(srcdir)/readcfg.h \
+		 $(srcdir)/group.h $(srcdir)/main.h $(srcdir)/master.h \
-		 $(srcdir)/util.h
+		 $(srcdir)/readcfg.h $(srcdir)/version.h
 ALL = conserver convert
 all: $(ALL)
 $(CONSERVER_OBJS): $(CONSERVER_HDRS)
 conserver: $(CONSERVER_OBJS)
 	$(CC) $(CFLAGS) $(LDFLAGS) -o conserver $(CONSERVER_OBJS) $(LIBS)
-convert: convert.o util.o
+convert: convert.o cutil.o
-	$(CC) $(CFLAGS) $(LDFLAGS) -o convert convert.o util.o $(LIBS)
+	$(CC) $(CFLAGS) $(LDFLAGS) -o convert convert.o cutil.o $(LIBS)
 .c.o:
 	$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
--- a/conserver/access.c
+++ b/conserver/access.c
@ -1,5 +1,5 @@
 /*
- *  $Id: access.c,v 5.70 2003/11/04 19:41:00 bryan Exp $
+ *  $Id: access.c,v 5.73 2004/05/23 16:44:25 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -36,7 +36,7 @@
 #include <compat.h>
-#include <util.h>
+#include <cutil.h>
 #include <access.h>
 #include <consent.h>
 #include <client.h>
@ -171,7 +171,8 @@ AccType(addr, peername)
 		     hname = he->h_aliases[a++]) {
 		    if ((revNames[a] = StrDup(hname)) == (char *)0)
 			break;
-		    CONDDEBUG((1,"AccType(): revNames[%d]='%s'", a, hname));
+		    CONDDEBUG((1, "AccType(): revNames[%d]='%s'", a,
 			       hname));
 		}
 	    }
 	}
@ -280,11 +281,26 @@ SetDefAccess(pAddr, pHost)
    char *pHost;
 #endif
 {
    char *pcDomain;
    char *addr;
    ACCESS *a;
    while (pACList != (ACCESS *)0) {
 	a = pACList->pACnext;
 	DestroyAccessList(pACList);
 	pACList = a;
    }
 #if USE_UNIX_DOMAIN_SOCKETS
    if ((pACList = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
 	OutOfMem();
    if ((pACList->pcwho = StrDup("127.0.0.1")) == (char *)0)
 	OutOfMem();
    pACList->ctrust = 'a';
    CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
 	       pACList->pcwho));
 #else
    while (pAddr->s_addr != (in_addr_t) 0) {
 	char *addr;
 	addr = inet_ntoa(*pAddr);
 	if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
 	    OutOfMem();
@ -298,21 +314,7 @@ SetDefAccess(pAddr, pHost)
 		   pACList->pcwho));
 	pAddr++;
    }
-
+#endif
    if ((char *)0 == (pcDomain = strchr(pHost, '.')))
 	return;
    ++pcDomain;
    if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
 	OutOfMem();
    if ((a->pcwho = StrDup(pcDomain)) == (char *)0)
 	OutOfMem();
    a->ctrust = 'a';
    a->pACnext = pACList;
    pACList = a;
    CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
 	       pACList->pcwho));
 }
 void
--- a/conserver/client.c
+++ b/conserver/client.c
@ -1,5 +1,5 @@
 /*
- *  $Id: client.c,v 5.75 2003/11/16 15:35:33 bryan Exp $
+ *  $Id: client.c,v 5.84 2004/05/28 16:39:51 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -36,7 +36,7 @@
 #include <compat.h>
-#include <util.h>
+#include <cutil.h>
 #include <consent.h>
 #include <access.h>
 #include <client.h>
@ -97,15 +97,15 @@ FindWrite(pCE)
 */
 void
 #if PROTOTYPES
-Replay(CONSFILE *fdLog, CONSFILE *fdOut, int iBack)
+Replay(CONSENT *pCE, CONSFILE *fdOut, int iBack)
 #else
-Replay(fdLog, fdOut, iBack)
+Replay(pCE, fdOut, iBack)
-    CONSFILE *fdLog;
+    CONSENT *pCE;
    CONSFILE *fdOut;
    int iBack;
 #endif
 {
-
+    CONSFILE *fdLog = (CONSFILE *)0;
    off_t file_pos;
    off_t buf_pos;
    char *buf;
@ -130,7 +130,16 @@ Replay(fdLog, fdOut, iBack)
    unsigned long dmallocMarkReplay = 0;
 #endif
-    if ((CONSFILE *)0 == fdLog) {
+    if (pCE != (CONSENT *)0) {
 	fdLog = pCE->fdlog;
 	/* no logfile and down and logfile defined?  try and open it */
 	if (fdLog == (CONSFILE *)0 && !pCE->fup &&
 	    pCE->logfile != (char *)0)
 	    fdLog = FileOpen(pCE->logfile, O_RDONLY, 0644);
    }
    if (fdLog == (CONSFILE *)0) {
 	FileWrite(fdOut, FLAGFALSE, "[no log file on this console]\r\n",
 		  -1);
 	return;
@ -179,17 +188,9 @@ Replay(fdLog, fdOut, iBack)
 	     * the rest (as we work our way back in the file) should be
 	     */
 	    buf_pos = (file_pos / BUFSIZ) * BUFSIZ;
 #if defined(SEEK_SET)
 	    /* PTX and maybe other Posix systems
 	     */
 	    if (FileSeek(fdLog, buf_pos, SEEK_SET) < 0) {
 		goto common_exit;
 	    }
 #else
 	    if (FileSeek(fdLog, buf_pos, L_SET) < 0) {
 		goto common_exit;
 	    }
 #endif
 	    if ((r = FileRead(fdLog, buf, BUFSIZ)) < 0) {
 		goto common_exit;
 	    }
@ -314,8 +315,7 @@ Replay(fdLog, fdOut, iBack)
 	    if ((char *)0 != s) {
 		*s = '\000';
 	    }
-	    FileWrite(fdOut, FLAGTRUE, lines[i].line->string,
+	    FileWrite(fdOut, FLAGTRUE, lines[i].line->string, -1);
 		      lines[i].line->used - 1);
 	    FileWrite(fdOut, FLAGTRUE, " .. ", 4);
 	    /* build the end string by removing the leading "[-- MARK -- "
@ -339,6 +339,10 @@ Replay(fdLog, fdOut, iBack)
  common_exit:
    /* if we opened the logfile, close it */
    if (fdLog != pCE->fdlog)
 	FileClose(&fdLog);
    if ((struct lines *)0 != lines) {
 	for (i = 0; i < n_lines; i++) {
 	    DestroyString(lines[i].mark_end);
@ -362,8 +366,7 @@ Replay(fdLog, fdOut, iBack)
 */
 #define WHEN_SPY	0x01
 #define WHEN_ATTACH	0x02
-#define WHEN_VT100	0x04
+#define WHEN_EXPERT	0x04	/* ZZZ no way to set his yet    */
 #define WHEN_EXPERT	0x08	/* ZZZ no way to set his yet    */
 #define WHEN_ALWAYS	0x40
 #define HALFLINE	40
@ -375,6 +378,7 @@ typedef struct HLnode {
 static HELP aHLTable[] = {
    {WHEN_ALWAYS, ".    disconnect"},
    {WHEN_ALWAYS, ";    move to another console"},
    {WHEN_ALWAYS, "a    attach read/write"},
    {WHEN_ALWAYS, "b    send broadcast message"},
    {WHEN_ATTACH, "c    toggle flow control"},
@ -397,16 +401,13 @@ static HELP aHLTable[] = {
    {WHEN_ALWAYS, "w    who is on this console"},
    {WHEN_ALWAYS, "x    show console baud info"},
    {WHEN_ALWAYS, "z    suspend the connection"},
-    {WHEN_ALWAYS, "<cr> ignore/abort command"},
+    {WHEN_ATTACH, "|    attach local command"},
    {WHEN_ALWAYS, "?    print this message"},
    {WHEN_ALWAYS, "<cr> ignore/abort command"},
    {WHEN_ALWAYS, "^R   replay the last line"},
    {WHEN_ATTACH, "\\ooo send character by octal code"},
    {WHEN_EXPERT, "^I   toggle tab expansion"},
    {WHEN_EXPERT, "+(-) do (not) drop line"},
    {WHEN_VT100, "PF1  print this message"},
    {WHEN_VT100, "PF2  disconnect"},
    {WHEN_VT100, "PF3  replay the last 20 lines"},
    {WHEN_VT100, "PF4  spy read only"}
 };
 /* list the commands we know for the user				(ksb)
@ -435,9 +436,6 @@ HelpUser(pCL)
    } else {
 	FileWrite(pCL->fd, FLAGTRUE, acH2, sizeof(acH2) - 1);
    }
    if ('\033' == pCL->ic[0] && 'O' == pCL->ic[1]) {
 	iCmp |= WHEN_VT100;
    }
    BuildString((char *)0, acLine);
    for (i = 0; i < sizeof(aHLTable) / sizeof(HELP); ++i) {
@ -489,17 +487,34 @@ ClientAccessOk(pCL)
 #endif
 {
    char *peername = (char *)0;
    int retval = 1;
 #if USE_UNIX_DOMAIN_SOCKETS
    struct in_addr addr;
 # if HAVE_INET_ATON
    inet_aton("127.0.0.1", &addr);
 # else
    addr.s_addr = inet_addr("127.0.0.1");
 # endif
    pCL->caccess = AccType(&addr, &peername);
    if (pCL->caccess == 'r') {
 	FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
 		  -1);
 	retval = 0;
    }
 #else
    socklen_t so;
    int cfd;
    struct sockaddr_in in_port;
    int retval = 1;
    int getpeer = -1;
    cfd = FileFDNum(pCL->fd);
    pCL->caccess = 'r';
-#if defined(USE_LIBWRAP)
+# if defined(USE_LIBWRAP)
    {
 	struct request_info request;
 	CONDDEBUG((1, "ClientAccessOk(): doing tcpwrappers check"));
 	request_init(&request, RQ_DAEMON, progname, RQ_FILE, cfd, 0);
 	fromhost(&request);
 	if (!hosts_access(&request)) {
@ -509,7 +524,7 @@ ClientAccessOk(pCL)
 	    goto setpeer;
 	}
    }
-#endif
+# endif
    so = sizeof(in_port);
    if (-1 ==
@ -524,16 +539,22 @@ ClientAccessOk(pCL)
 		  -1);
 	retval = 0;
    }
  setpeer:
 #endif
    if (pCL->peername != (STRING *)0) {
 	BuildString((char *)0, pCL->peername);
 	if (peername != (char *)0)
 	    BuildString(peername, pCL->peername);
 #if USE_UNIX_DOMAIN_SOCKETS
 	else
 	    BuildString("127.0.0.1", pCL->peername);
 #else
 	else if (getpeer != -1)
 	    BuildString(inet_ntoa(in_port.sin_addr), pCL->peername);
 	else
 	    BuildString("<unknown>", pCL->peername);
 #endif
    }
    if (peername != (char *)0)
 	free(peername);
--- a/conserver/client.h
+++ b/conserver/client.h
@ -1,5 +1,5 @@
 /*
- *  $Id: client.h,v 5.33 2003/10/10 10:28:49 bryan Exp $
+ *  $Id: client.h,v 5.36 2003/12/25 19:22:00 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -46,7 +46,9 @@ typedef enum clientState {
    S_IDENT,			/* probational connection (who is this)    */
    S_PASSWD,			/* still needs a passwd to connect         */
    S_QUOTE,			/* send any character we can spell         */
-    S_BCAST			/* send a broadcast message to all clients */
+    S_BCAST,			/* send a broadcast message to all clients */
    S_CWAIT,			/* wait for client                         */
    S_CEXEC			/* client execing a program                */
 } CLIENTSTATE;
 typedef struct client {		/* Connection Information:              */
@ -82,7 +84,7 @@ typedef struct client {		/* Connection Information:              */
      cnct_port;		/* where from                           */
 } CONSCLIENT;
-extern void Replay PARAMS((CONSFILE *, CONSFILE *, int));
+extern void Replay PARAMS((CONSENT *, CONSFILE *, int));
 extern void HelpUser PARAMS((CONSCLIENT *));
 extern void FindWrite PARAMS((CONSENT *));
 extern int ClientAccessOk PARAMS((CONSCLIENT *));
--- a/conserver/consent.c
+++ b/conserver/consent.c
@ -1,5 +1,5 @@
 /*
- *  $Id: consent.c,v 5.130 2003/11/08 05:16:36 bryan Exp $
+ *  $Id: consent.c,v 5.138 2004/04/16 16:58:09 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -42,7 +42,7 @@
 #include <pwd.h>
-#include <util.h>
+#include <cutil.h>
 #include <consent.h>
 #include <client.h>
 #include <group.h>
@ -236,6 +236,23 @@ TtyDev(pCE)
 	ConsDown(pCE, FLAGTRUE, FLAGTRUE);
 	return -1;
    }
    if (fDebug >= 2) {
 	int i;
 	Debug(2, "TtyDev(): [%s] termp.c_iflag=%lu", pCE->server,
 	      (unsigned long)termp.c_iflag);
 	Debug(2, "TtyDev(): [%s] termp.c_oflag=%lu", pCE->server,
 	      (unsigned long)termp.c_oflag);
 	Debug(2, "TtyDev(): [%s] termp.c_cflag=%lu", pCE->server,
 	      (unsigned long)termp.c_cflag);
 	Debug(2, "TtyDev(): [%s] termp.c_lflag=%lu", pCE->server,
 	      (unsigned long)termp.c_lflag);
 #if defined(NCCS)
 	for (i = 0; i < NCCS; i++) {
 	    Debug(2, "TtyDev(): [%s] termp.c_cc[%d]=%lu", pCE->server, i,
 		  (unsigned long)termp.c_cc[i]);
 	}
 #endif
    }
 # if HAVE_STROPTS_H
    /*
     * eat all the streams modules upto and including ttcompat
@ -261,12 +278,12 @@ StopInit(pCE)
    if (pCE->initpid != 0) {
 	kill(pCE->initpid, SIGHUP);
 	pCE->initpid = 0;
 	Verbose("[%s] initcmd terminated: pid %lu", pCE->server,
 		(unsigned long)pCE->initpid);
 	TagLogfileAct(pCE, "initcmd terminated");
 	CONDDEBUG((1, "StopInit(): sending initcmd pid %lu signal %d",
 		   (unsigned long)pCE->initpid, SIGHUP));
 	Msg("[%s] initcmd terminated: pid %lu", pCE->server,
 	    (unsigned long)pCE->initpid);
 	TagLogfileAct(pCE, "initcmd terminated");
 	pCE->initpid = 0;
    }
    if (pCE->initfile != (CONSFILE *)0) {
@ -359,8 +376,8 @@ StartInit(pCE)
 		pCE->initpid = 0;
 		return;
 	    }
-	    Verbose("[%s] initcmd started: pid %lu", pCE->server,
+	    Msg("[%s] initcmd started: pid %lu", pCE->server,
-		    (unsigned long)pCE->initpid);
+		(unsigned long)pCE->initpid);
 	    TagLogfileAct(pCE, "initcmd started");
 	    FD_SET(pin[0], &rinit);
 	    if (maxfd < pin[0] + 1)
@ -691,7 +708,7 @@ ConsInit(pCE)
    TagLogfile(pCE, "Console up");
    switch (pCE->type) {
-	case UNKNOWN:		/* shut up gcc */
+	case UNKNOWNTYPE:	/* shut up gcc */
 	    break;
 	case EXEC:
 	    if ((cofile =
@ -741,7 +758,7 @@ ConsInit(pCE)
 		      hp->h_length);
 #endif
 		port.sin_family = hp->h_addrtype;
-		port.sin_port = htons(pCE->port);
+		port.sin_port = htons(pCE->netport);
 		if ((cofile = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
 		    Error
@ -800,7 +817,7 @@ ConsInit(pCE)
 	    break;
 	case DEVICE:
 	    if (-1 ==
-		(cofile = open(pCE->device, O_RDWR | O_NDELAY, 0600))) {
+		(cofile = open(pCE->device, O_RDWR | O_NONBLOCK, 0600))) {
 		Error("[%s] open(%s): %s: forcing down", pCE->server,
 		      pCE->device, strerror(errno));
@ -826,14 +843,14 @@ ConsInit(pCE)
    }
    switch (pCE->type) {
-	case UNKNOWN:		/* shut up gcc */
+	case UNKNOWNTYPE:	/* shut up gcc */
 	    break;
 	case EXEC:
 	    Verbose("[%s] pid %lu on %s", pCE->server, pCE->ipid,
 		    pCE->execSlave);
 	    break;
 	case HOST:
-	    Verbose("[%s] port %hu on %s", pCE->server, pCE->port,
+	    Verbose("[%s] port %hu on %s", pCE->server, pCE->netport,
 		    pCE->host);
 	    break;
 	case DEVICE:
@ -842,7 +859,13 @@ ConsInit(pCE)
 	    break;
    }
-    FD_SET(cofile, &rinit);
+    /* if we're waiting for connect() to finish, watch the
     * write bit, otherwise watch for the read bit
     */
    if (pCE->ioState == INCONNECT)
 	FD_SET(cofile, &winit);
    else
 	FD_SET(cofile, &rinit);
    if (maxfd < cofile + 1)
 	maxfd = cofile + 1;
@ -851,9 +874,9 @@ ConsInit(pCE)
    if (pCE->ioState == ISNORMAL) {
 	pCE->lastWrite = tyme;
 	if (pCE->idletimeout != (time_t)0 &&
-	    (timers[T_IDLE] == (time_t)0 ||
+	    (timers[T_CIDLE] == (time_t)0 ||
-	     timers[T_IDLE] > pCE->lastWrite + pCE->idletimeout))
+	     timers[T_CIDLE] > pCE->lastWrite + pCE->idletimeout))
-	    timers[T_IDLE] = pCE->lastWrite + pCE->idletimeout;
+	    timers[T_CIDLE] = pCE->lastWrite + pCE->idletimeout;
    }
    /* If we have marks, adjust the next one so that it's in the future */
@ -871,7 +894,7 @@ ConsInit(pCE)
 	if (pCE->ioState == ISNORMAL)
 	    Msg("[%s] console up", pCE->server);
 	else
-	    Msg("[%s] console inititalizing", pCE->server);
+	    Msg("[%s] console initializing", pCE->server);
 	pCE->downHard = FLAGFALSE;
    }
--- a/conserver/consent.h
+++ b/conserver/consent.h
@ -1,5 +1,5 @@
 /*
- *  $Id: consent.h,v 5.52 2003/11/15 20:00:08 bryan Exp $
+ *  $Id: consent.h,v 5.57 2004/05/21 04:38:02 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -52,7 +52,7 @@ typedef struct parity {		/* a parity bits table                  */
 } PARITY;
 typedef enum consType {
-    UNKNOWN = 0,
+    UNKNOWNTYPE = 0,
    DEVICE,
    EXEC,
    HOST
@ -92,9 +92,11 @@ typedef struct consent {	/* console information                  */
 #endif
    /* type == HOST */
    char *host;			/* hostname                             */
-    unsigned short port;	/* port number      socket = portbase + */
+    unsigned short netport;	/* final port    | netport = portbase + */
-    unsigned short portbase;	/* port base             portinc * port */
+    unsigned short port;	/* port number   |      portinc * port  */
    unsigned short portbase;	/* port base                            */
    unsigned short portinc;	/* port increment                       */
    FLAG raw;			/* raw or telnet protocol?              */
    /* type == EXEC */
    char *exec;			/* exec command                         */
    char *execsubst;		/* exec substitution pattern            */
@ -102,7 +104,9 @@ typedef struct consent {	/* console information                  */
    char *master;		/* master hostname                      */
    unsigned short breakNum;	/* break type [1-9]                     */
    char *logfile;		/* logfile                              */
    off_t logfilemax;		/* size limit for rolling logfile       */
    char *initcmd;		/* initcmd command                      */
    char *initsubst;		/* initcmd substitution pattern         */
    char *motd;			/* motd                                 */
    time_t idletimeout;		/* idle timeout                         */
    char *idlestring;		/* string to print when idle            */
--- a/conserver/conserver.man
+++ b/conserver/conserver.man
@ -1,6 +1,6 @@
 .\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine
-.\" $Id: conserver.man,v 1.40 2003/11/10 15:37:24 bryan Exp $
+.\" $Id: conserver.man,v 1.48 2004/05/28 02:02:36 bryan Exp $
-.TH CONSERVER 8 "2003/11/10" "conserver-8.0.6" "conserver"
+.TH CONSERVER 8 "2004/05/28" "conserver-8.1.7" "conserver"
 .SH NAME
 conserver \- console server daemon
 .SH SYNOPSIS
@ -11,7 +11,7 @@ conserver \- console server daemon
 .RB [ \-m
 .IR max ]
 .RB [ \-M
-.IR addr ]
+.IR master ]
 .RB [ \-p
 .IR port ]
 .RB [ \-b
@ -50,7 +50,7 @@ knowledge of the distribution of consoles among servers.)
 .B Conserver
 forks a child for each group of consoles it must manage
 and assigns each process a port number to listen on.
-The maximum number of consoles managed by each child process is set using
+The maximum number of consoles managed by each child process is set using the
 .B \-m
 option.
 The
@ -76,14 +76,31 @@ the
 .BR conserver.cf (5)
 access list.
 .PP
 When Unix domain sockets are used between the client and
 server (enabled using
 .BR --with-uds ),
 authentication checks are done on the hardcoded address ``127.0.0.1''.
 Automatic client redirection is also disabled (as if the
 .B \-R
 option was used) since the client cannot communicate with remote servers.
 The directory used to hold the sockets is checked to make sure it's empty
 when the server starts.
 The server will
 .B not
 remove any files in the directory itself, just in case the directory is
 accidentally specified as ``/etc'' or some other critical location.
 The server will do it's best to remove all the sockets when it shuts down,
 but it could stop ungracefully (crash, ``kill -9'', etc)
 and leave files behind.
 It's would then be up to the admin (or a creative startup script) to clean
 up the directory before the server will start again.
 .PP
 .B Conserver
 completely controls any connection to a console.
 All escape sequences given by the user to
 .B console
 are passed to the server without interpretation.
-The server recognizes and processes all escape sequences,
+The server recognizes and processes all escape sequences.
 The suspend sequence is recognized by the server and sent back to the
 client as a TCP out-of-band command, which the client processes.
 .PP
 The
 .B conserver
@ -217,7 +234,7 @@ option.
 .B \-d
 Become a daemon.
 Disconnects from the controlling terminal and sends
-all output to the logfile (see
+all output (including any debug output) to the logfile (see
 .BR \-L ).
 .TP
 .B \-D
@ -271,11 +288,21 @@ may be changed at compile time using the
 .B --with-maxmemb
 option.
 .TP
-.BI \-M addr
+.BI \-M master
-Set the address to listen on.
+Normally, this allows conserver to bind to a
 This allows conserver to bind to a
 particular IP address (like `127.0.0.1') instead of all interfaces.
 The default is to bind to all addresses.
 However, if
 .B --with-uds
 was used to enable Unix domain sockets for client/server communication,
 this points conserver to the directory where it should store the sockets.
 The default
 .I master
 directory
 .RB (`` /tmp/conserver '')
 may be changed at compile time using the
 .B --with-uds
 option.
 .TP
 .B \-n
 Obsolete (now a no-op); see
@ -301,6 +328,9 @@ The default
 may be changed at compile time using the
 .B --with-port
 option.
 If the
 .B --with-uds
 option was used, this option is ignored.
 .TP
 .BI \-P passwd
 Read the table of authorized user data from the file
@ -324,6 +354,37 @@ connect to remote consoles will result in an informative message to the user.
 .B \-S
 Do not run the server, just perform a syntax check of configuration file and
 exit with a non-zero value if there is an error.
 Using more than one
 .B \-S
 will cause conserver to output various information about each console in 5
 colon-separated fields, enclosed in curly-braces.
 The philosophy behind the output is to provide information to allow external
 detection of multiple consoles access the same physical port.
 Since this is
 .I highly
 environment-specific, conserver cannot do the check internally.
 .RS
 .TP 9
 .I name
 The name of the console.
 .TP
 .I master
 The hostname of the master conserver host for the console.
 .TP
 .I aliases
 The console aliases in a comma-separated list.
 .TP
 .I type
 The type of console.
 Values will be a `/' for a local device, `|' for
 a command, or `!' for a remote port.
 .TP
 .I details
 Multiple values are comma-separated and depend on the type of the console.
 Local devices will have the values of the device file and baud rate/parity.
 Commands will have string to invoke.
 Remote ports will have the values of the remote hostname and port number.
 .RE
 .TP
 .B \-u
 Send unloved console output to
@ -387,14 +448,16 @@ any interaction with the server is done with the default escape sequence.
 This is, by no means, a complete description of the entire client/server
 interaction.
 It is, however, a brief explanation in order to give a idea of
-what the program does.
+what the program does.  See the
 .B \s-1PROTOCOLS\s0
 file in the distribution for further details.
 .SH FILES
 .PP
 The following default file locations may be overridden
 at compile time or by the command-line options described above.
 Run
 .B conserver \-V
-(with no other options) to see the defaults set at compile time.
+to see the defaults set at compile time.
 .PP
 .PD 0
 .TP 25
@ -412,6 +475,9 @@ the master conserver process ID
 .TP
 .B /var/log/conserver
 log of errors and informational messages
 .TP
 .B /tmp/conserver
 directory to hold Unix domain sockets (if enabled)
 .PD
 .PP
 Additionally, output from individual consoles may be logged
--- a/conserver/convert.c
+++ b/conserver/convert.c
@ -1,5 +1,5 @@
 /*
- *  $Id: convert.c,v 1.7 2003/08/15 21:24:39 bryan Exp $
+ *  $Id: convert.c,v 1.10 2004/05/28 01:08:28 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -32,7 +32,7 @@
 #include <compat.h>
-#include <util.h>
+#include <cutil.h>
 #include <consent.h>
 #include <client.h>
 #include <group.h>
@ -41,6 +41,16 @@
 #include <master.h>
 #include <main.h>
 #if defined(USE_LIBWRAP)
 /* we don't use it...but we link to it */
 int allow_severity;
 int deny_severity;
 #endif
 SECTION sections[] = {
    {(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
 };
 void
 DestroyDataStructures()
@ -139,7 +149,7 @@ ReadLine2(fp, save, iLine)
    if (!peek && (ret == (char *)0)) {
 	(*iLine)++;
 	wholeline = BuildString(bufstr->string, wholestr);
-	if (wholeline[0] == '\000')
+	if (wholeline != (char *)0 && wholeline[0] == '\000')
 	    wholeline = (char *)0;
    }
--- a/conserver/cutil.c
+++ b/conserver/cutil.c
--- a/conserver/cutil.h
+++ b/conserver/cutil.h
@ -1,5 +1,5 @@
 /*
- *  $Id: util.h,v 1.56 2003/11/10 20:38:25 bryan Exp $
+ *  $Id: cutil.h,v 1.63 2004/05/25 00:38:15 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -18,8 +18,11 @@
 /* communication constants
 */
 #define OB_IAC		0xff	/* quote char                   */
 #define OB_EXEC		'E'	/* exec a command on the client */
 #define OB_GOTO		'G'	/* goto next console            */
 #define OB_SUSP		'Z'	/* suspended by server          */
-#define OB_DROP		'.'	/* dropped by server            */
+#define OB_ABRT		'.'	/* abort                        */
 /* Struct to wrap information about a "file"...
 * This can be a socket, local file, whatever.  We do this so
@ -67,6 +70,12 @@ typedef struct consFile {
    int fd;
    int fdout;			/* only used when a simplePipe */
    STRING *wbuf;
    FLAG quoteiac;
    FLAG sawiac;
    FLAG sawiacsusp;
    FLAG sawiacexec;
    FLAG sawiacabrt;
    FLAG sawiacgoto;
 #if HAVE_OPENSSL
    /* SSL stuff */
    SSL *ssl;
@ -74,8 +83,43 @@ typedef struct consFile {
    FLAG waitForRead;
 #endif
    /* Add crypto stuff to suit */
 #if DEBUG_CONSFILE_IO
    int debugrfd;
    int debugwfd;
 #endif
 } CONSFILE;
 typedef struct item {
    char *id;
    void (*reg) PARAMS((char *));
 } ITEM;
 typedef struct section {
    char *id;
    void (*begin) PARAMS((char *));
    void (*end) PARAMS((void));
    void (*abort) PARAMS((void));
    void (*destroy) PARAMS((void));
    ITEM *items;
 } SECTION;
 typedef enum substToken {
    ISNOTHING = 0,
    ISNUMBER,
    ISSTRING
 } SUBSTTOKEN;
 typedef struct subst {
    SUBSTTOKEN tokens[255];
    /* data for callback function
     */
    void *data;
    /* function to retrieve a value (as a char* or int or both) for
     * a substitution
     */
    int (*callback) PARAMS((char, char **, int *));
 } SUBST;
 extern int isMultiProc, fDebug, fVerbose, fErrorPrinted;
 extern char *progname;
 extern pid_t thepid;
@ -87,6 +131,10 @@ extern fd_set winit;
 extern int maxfd;
 extern int debugLineNo;
 extern char *debugFileName;
 extern int line;		/* used by ParseFile */
 extern char *file;		/* used by ParseFile */
 extern SECTION sections[];	/* used by ParseFile */
 extern int isMaster;
 extern const char *StrTime PARAMS((time_t *));
 extern void Debug PARAMS((int, char *, ...));
@ -127,6 +175,11 @@ extern STRING *AllocString PARAMS((void));
 extern char *ReadLine PARAMS((FILE *, STRING *, int *));
 extern enum consFileType FileGetType PARAMS((CONSFILE *));
 extern void FileSetType PARAMS((CONSFILE *, enum consFileType));
 extern void FileSetQuoteIAC PARAMS((CONSFILE *, FLAG));
 extern FLAG FileSawQuoteSusp PARAMS((CONSFILE *));
 extern FLAG FileSawQuoteExec PARAMS((CONSFILE *));
 extern FLAG FileSawQuoteAbrt PARAMS((CONSFILE *));
 extern FLAG FileSawQuoteGoto PARAMS((CONSFILE *));
 extern void Bye PARAMS((int));
 extern void DestroyDataStructures PARAMS((void));
 extern int IsMe PARAMS((char *));
@ -136,6 +189,13 @@ extern int FileCanWrite PARAMS((CONSFILE *, fd_set *, fd_set *));
 extern int FileBufEmpty PARAMS((CONSFILE *));
 extern int SetFlags PARAMS((int, int, int));
 extern char *StrDup PARAMS((char *));
 extern int ParseIACBuf PARAMS((CONSFILE *, void *, int *));
 extern void *MemMove PARAMS((void *, void *, size_t));
 extern char *StringChar PARAMS((STRING *, int, char));
 extern void ParseFile PARAMS((char *, FILE *, int));
 extern void ProbeInterfaces PARAMS((in_addr_t));
 extern void ProcessSubst
 PARAMS((SUBST *, char **, char **, char *, char *));
 #if HAVE_OPENSSL
 extern SSL *FileGetSSL PARAMS((CONSFILE *));
 extern void FileSetSSL PARAMS((CONSFILE *, SSL *));
--- a/conserver/fallback.c
+++ b/conserver/fallback.c
@ -1,5 +1,5 @@
 /*
- *  $Id: fallback.c,v 5.59 2003/10/03 13:32:34 bryan Exp $
+ *  $Id: fallback.c,v 5.61 2004/04/16 16:58:09 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -16,7 +16,7 @@
 #include <compat.h>
-#include <util.h>
+#include <cutil.h>
 /*
 * get a pty for the user
@ -210,7 +210,7 @@ GetPseudoTTY(slave, slaveFD)
 	    continue;
 	}
-	if (0 > (fd = open(acMaster, O_RDWR | O_NDELAY, 0))) {
+	if (0 > (fd = open(acMaster, O_RDWR | O_NONBLOCK, 0))) {
 	    continue;
 	}
 	acSlave[iIndex] = *pcOne;
--- a/conserver/group.c
+++ b/conserver/group.c
--- a/conserver/group.h
+++ b/conserver/group.h
@ -1,5 +1,5 @@
 /*
- *  $Id: group.h,v 5.41 2003/11/15 20:00:09 bryan Exp $
+ *  $Id: group.h,v 5.46 2004/05/25 00:38:15 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -36,11 +36,13 @@
 /* timers used to have various things happen */
 #define T_STATE		0
-#define T_IDLE		1
+#define T_CIDLE		1
 #define T_MARK		2
 #define T_REINIT	3
 #define T_AUTOUP	4
-#define T_MAX		5	/* T_MAX *must* be last */
+#define T_ROLL		5
 #define T_INITDELAY	6
 #define T_MAX		7	/* T_MAX *must* be last */
 /* return values used by CheckPass()
 */
@ -78,7 +80,7 @@ PARAMS((GRPENT *, CONSCLIENT *, char *, FLAG));
 extern int ClientAccess PARAMS((CONSENT *, char *));
 extern void DestroyClient PARAMS((CONSCLIENT *));
 extern int CheckPasswd PARAMS((CONSCLIENT *, char *));
-extern void ExpandString PARAMS((char *, CONSENT *, short));
+extern void DeUtmp PARAMS((GRPENT *, int));
 #if HAVE_OPENSSL
 extern int AttemptSSL PARAMS((CONSCLIENT *));
 #endif
--- a/conserver/main.c
+++ b/conserver/main.c
@ -1,5 +1,5 @@
 /*
- *  $Id: main.c,v 5.171 2003/11/16 19:29:20 bryan Exp $
+ *  $Id: main.c,v 5.185 2004/05/25 23:03:01 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -31,7 +31,7 @@
 #include <pwd.h>
-#include <util.h>
+#include <cutil.h>
 #include <consent.h>
 #include <client.h>
 #include <group.h>
@ -40,10 +40,7 @@
 #include <readcfg.h>
 #include <version.h>
-#include <net/if.h>
+#include <dirent.h>
 #if HAVE_SYS_SOCKIO_H
 # include <sys/sockio.h>
 #endif
 #if HAVE_OPENSSL
 # include <openssl/opensslv.h>
 #endif
@ -53,9 +50,8 @@ int fAll = 0, fNoinit = 0, fVersion = 0, fStrip = 0, fReopen =
    0, fNoautoreup = 0, fSyntaxOnly = 0;
 char *pcConfig = CONFIGFILE;
 int isMaster = 1;
 int cMaxMemb = MAXMEMB;
-in_addr_t bindAddr;
+in_addr_t bindAddr = INADDR_ANY;
 unsigned short bindPort;
 unsigned short bindBasePort;
 static STRING *startedMsg = (STRING *)0;
@ -64,8 +60,7 @@ CONFIG *config = (CONFIG *)0;
 char *interface = (char *)0;
 CONFIG defConfig =
    { (STRING *)0, 'r', FLAGFALSE, LOGFILEPATH, PASSWDFILE, DEFPORT,
-    FLAGTRUE,
+    FLAGTRUE, FLAGTRUE, 0, DEFBASEPORT, (char *)0, 0
    FLAGTRUE, 0, DEFBASEPORT, (char *)0
 #if HAVE_SETPROCTITLE
 	, FLAGFALSE
 #endif
@ -523,7 +518,7 @@ Usage(wantfull)
 #endif
 {
    static char u_terse[] =
-	"[-7dDEFhinoRSuvV] [-a type] [-m max] [-M addr] [-p port] [-b port] [-c cred] [-C config] [-P passwd] [-L logfile] [-O min] [-U logfile]";
+	"[-7dDEFhinoRSuvV] [-a type] [-m max] [-M master] [-p port] [-b port] [-c cred] [-C config] [-P passwd] [-L logfile] [-O min] [-U logfile]";
    static char *full[] = {
 	"7          strip the high bit off all console data",
 	"a type     set the default access type",
@ -546,11 +541,19 @@ Usage(wantfull)
 	"i          initialize console connections on demand",
 	"L logfile  give a new logfile path to the server process",
 	"m max      maximum consoles managed per process",
-	"M addr     address to listen on (all addresses by default)",
+#if USE_UNIX_DOMAIN_SOCKETS
 	"M master   directory that holds the Unix domain sockets",
 #else
 	"M master   address to listen on (all addresses by default)",
 #endif
 	"n          obsolete - see -u",
 	"o          reopen downed console on client connect",
 	"O min      reopen all downed consoles every <min> minutes",
 #if USE_UNIX_DOMAIN_SOCKETS
 	"p port     ignored - Unix domain sockets compiled into code",
 #else
 	"p port     port to listen on",
 #endif
 	"P passwd   give a new passwd file to the server process",
 	"R          disable automatic client redirection",
 	"S          syntax check of configuration file",
@ -595,6 +598,9 @@ Version()
 #endif
 #if TRUST_REVERSE_DNS
 	"trustrevdns",
 #endif
 #if USE_UNIX_DOMAIN_SOCKETS
 	"uds",
 #endif
 	(char *)0
    };
@ -616,9 +622,13 @@ Version()
    Msg("default pidfile is `%s'", PIDFILE);
    Msg("default limit is %d member%s per group", MAXMEMB,
 	MAXMEMB == 1 ? "" : "s");
 #if USE_UNIX_DOMAIN_SOCKETS
    Msg("default socket directory `%s'", UDSDIR);
 #else
    Msg("default primary port referenced as `%s'", defConfig.primaryport);
    Msg("default secondary base port referenced as `%s'",
 	defConfig.secondaryport);
 #endif
    BuildString((char *)0, acA1);
    if (optionlist[0] == (char *)0)
@ -639,10 +649,12 @@ Version()
    BuildStringChar('0' + DMALLOC_VERSION_MINOR, acA1);
    BuildStringChar('.', acA1);
    BuildStringChar('0' + DMALLOC_VERSION_PATCH, acA1);
 #if defined(DMALLOC_VERSION_BETA)
    if (DMALLOC_VERSION_BETA != 0) {
 	BuildString("-b", acA1);
 	BuildStringChar('0' + DMALLOC_VERSION_BETA, acA1);
    }
 #endif
    Msg("dmalloc version: %s", acA1->string);
 #endif
 #if HAVE_OPENSSL
@ -708,6 +720,8 @@ DestroyDataStructures()
    DestroyBreakList();
    DestroyStrings();
    DestroyUserList();
    if (substData != (SUBST *) 0)
 	free(substData);
 }
 void
@ -839,13 +853,13 @@ DumpDataStructures()
    GRPENT *pGE;
    CONSENT *pCE;
    REMOTE *pRC;
    char *empty = "<empty>";
 #if HAVE_DMALLOC && DMALLOC_MARK_MAIN
    CONDDEBUG((1, "DumpDataStructures(): dmalloc / MarkMain"));
    dmalloc_log_changed(dmallocMarkMain, 1, 0, 1);
 #endif
-#define EMPTYSTR(x) x == (char *)0 ? empty : x
+#define EMPTYSTR(x) x == (char *)0 ? "(null)" : x
 #define FLAGSTR(x) x == FLAGTRUE ? "true" : (x == FLAGFALSE ? "false" : "unset")
    if (!fDebug)
 	return;
@ -853,7 +867,7 @@ DumpDataStructures()
    for (pGE = pGroups; pGE != (GRPENT *)0; pGE = pGE->pGEnext) {
 	CONDDEBUG((1,
-		   "DumpDataStructures(): group: id=%u pid=%lu, port=%hu, imembers=%d",
+		   "DumpDataStructures(): group: id=%u port=%hu, pid=%lu, imembers=%d",
 		   pGE->id, pGE->port, (unsigned long)pGE->pid,
 		   pGE->imembers));
@ -864,8 +878,9 @@ DumpDataStructures()
 			       "DumpDataStructures():  server=%s, type=DEVICE",
 			       EMPTYSTR(pCE->server)));
 		    CONDDEBUG((1,
-			       "DumpDataStructures():  baud=%s, parity=%s",
+			       "DumpDataStructures():  baud=%s, parity=%s, device=%s",
-			       pCE->baud->acrate, pCE->parity->key));
+			       pCE->baud->acrate, pCE->parity->key,
 			       EMPTYSTR(pCE->device)));
 		    break;
 		case EXEC:
 		    CONDDEBUG((1,
@ -883,13 +898,13 @@ DumpDataStructures()
 			       "DumpDataStructures():  server=%s, type=HOST",
 			       EMPTYSTR(pCE->server)));
 		    CONDDEBUG((1,
-			       "DumpDataStructures():  host=%s, port=%hu, telnetState=%d",
+			       "DumpDataStructures():  host=%s, raw=%s, netport=%hu, port=%hu, telnetState=%d",
-			       EMPTYSTR(pCE->host), pCE->port,
+			       EMPTYSTR(pCE->host), FLAGSTR(pCE->raw),
-			       pCE->telnetState));
+			       pCE->netport, pCE->port, pCE->telnetState));
 		    break;
-		case UNKNOWN:
+		case UNKNOWNTYPE:
 		    CONDDEBUG((1,
-			       "DumpDataStructures():  server=%s, type=UNKNOWN",
+			       "DumpDataStructures():  server=%s, type=UNKNOWNTYPE",
 			       EMPTYSTR(pCE->server)));
 		    break;
 	    }
@ -907,32 +922,27 @@ DumpDataStructures()
 	    CONDDEBUG((1,
 		       "DumpDataStructures():  mark=%d, nextMark=%ld, autoReup=%hu, downHard=%s",
 		       pCE->mark, pCE->nextMark, pCE->autoReUp,
-		       pCE->downHard == FLAGTRUE ? "true" : "false"));
+		       FLAGSTR(pCE->downHard)));
 	    CONDDEBUG((1,
 		       "DumpDataStructures():  nolog=%d, cofile=%d, activitylog=%s, breaklog=%s",
 		       pCE->nolog, FileFDNum(pCE->cofile),
-		       pCE->activitylog == FLAGTRUE ? "true" : "false",
+		       FLAGSTR(pCE->activitylog), FLAGSTR(pCE->breaklog)));
 		       pCE->breaklog == FLAGTRUE ? "true" : "false"));
 	    CONDDEBUG((1,
 		       "DumpDataStructures():  ixon=%s, ixany=%s, ixoff=%s",
-		       pCE->ixon == FLAGTRUE ? "true" : "false",
+		       FLAGSTR(pCE->ixon), FLAGSTR(pCE->ixany),
-		       pCE->ixany == FLAGTRUE ? "true" : "false",
+		       FLAGSTR(pCE->ixoff)));
 		       pCE->ixoff == FLAGTRUE ? "true" : "false"));
 	    CONDDEBUG((1,
 		       "DumpDataStructures():  autoreinit=%s, hupcl=%s, cstopb=%s, ondemand=%s",
-		       pCE->autoreinit == FLAGTRUE ? "true" : "false",
+		       FLAGSTR(pCE->autoreinit), FLAGSTR(pCE->hupcl),
-		       pCE->hupcl == FLAGTRUE ? "true" : "false",
+		       FLAGSTR(pCE->cstopb), FLAGSTR(pCE->ondemand)));
 		       pCE->cstopb == FLAGTRUE ? "true" : "false",
 		       pCE->ondemand == FLAGTRUE ? "true" : "false"));
 #if defined(CRTSCTS)
 	    CONDDEBUG((1, "DumpDataStructures():  crtscts=%s",
-		       pCE->crtscts == FLAGTRUE ? "true" : "false"));
+		       FLAGSTR(pCE->crtscts)));
 #endif
 	    CONDDEBUG((1,
 		       "DumpDataStructures():  reinitoncc=%s, striphigh=%s, unloved=%s",
-		       pCE->reinitoncc == FLAGTRUE ? "true" : "false",
+		       FLAGSTR(pCE->reinitoncc), FLAGSTR(pCE->striphigh),
-		       pCE->striphigh == FLAGTRUE ? "true" : "false",
+		       FLAGSTR(pCE->unloved)));
 		       pCE->unloved == FLAGTRUE ? "true" : "false"));
 	    CONDDEBUG((1,
 		       "DumpDataStructures():  initpid=%lu, initcmd=%s, initfile=%d",
 		       (unsigned long)pCE->initpid, EMPTYSTR(pCE->initcmd),
@ -970,187 +980,93 @@ DumpDataStructures()
    }
 }
-/* fills the myAddrs array with host interface addresses */
+/* This makes sure a directory exists and tries to create it if it
-void
+ * doesn't.  returns 0 for success, -1 for error
 */
 #if USE_UNIX_DOMAIN_SOCKETS
 int
 #if PROTOTYPES
-ProbeInterfaces(void)
+VerifyEmptyDirectory(char *d)
 #else
-ProbeInterfaces()
+VerifyEmptyDirectory(d)
    char *d;
 #endif
 {
-#ifdef SIOCGIFCONF
+    struct stat dstat;
-    struct ifconf ifc;
+    DIR *dir;
-    struct ifreq *ifr;
+    struct dirent *de;
-#ifdef SIOCGIFFLAGS
+    STRING *path = (STRING *)0;
-    struct ifreq ifrcopy;
+    int retval = 0;
 #endif
    int sock;
    int r = 0, m = 0;
    int bufsize = 2048;
    int count = 0;
-    /* if we use -M, just fill the array with that interface */
+    while (1) {
-    if (bindAddr != INADDR_ANY) {
+	if (stat(d, &dstat) == -1) {
-	myAddrs = (struct in_addr *)calloc(2, sizeof(struct in_addr));
+	    if (errno == ENOENT) {
-	if (myAddrs == (struct in_addr *)0)
+		if (mkdir(d, 0755) == -1) {
-	    OutOfMem();
+		    Error("mkdir(%s): %s", d, strerror(errno));
-#if HAVE_MEMCPY
+		    return -1;
-	memcpy(&(myAddrs[0].s_addr), &bindAddr, sizeof(in_addr_t));
+		}
-#else
+		CONDDEBUG((1, "VerifyEmptyDirectory: created `%s'", d));
 	bcopy(&bindAddr, &(myAddrs[0].s_addr), sizeof(in_addr_t));
 #endif
 	Verbose("interface address %s (-M option)", inet_ntoa(myAddrs[0]));
 	return;
    }
    if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
 	Error("ProbeInterfaces(): socket(): %s", strerror(errno));
 	Bye(EX_OSERR);
    }
    while (bufsize) {
 	ifc.ifc_len = bufsize;
 	ifc.ifc_req = (struct ifreq *)malloc(ifc.ifc_len);
 	if (ifc.ifc_req == (struct ifreq *)0)
 	    OutOfMem();
 	if (ioctl(sock, SIOCGIFCONF, &ifc) != 0) {
 	    free(ifc.ifc_req);
 	    close(sock);
 	    Error("ProbeInterfaces(): ioctl(SIOCGIFCONF): %s",
 		  strerror(errno));
 	    Bye(EX_OSERR);
 	}
 	/* if the return size plus a 512 byte "buffer zone" is less than
 	 * the buffer we passed in (bufsize), we're done.  otherwise
 	 * allocate a bigger buffer and try again.  with a too-small
 	 * buffer, some implementations (freebsd) will fill the buffer
 	 * best it can (leaving a gap - returning <=bufsize) and others
 	 * (linux) will return a buffer length the same size as passed
 	 * in (==bufsize).  so, we'll assume a 512 byte gap would have
 	 * been big enough to put one more record and as long as we have
 	 * that "buffer zone", we should have all the interfaces.
 	 */
 	if (ifc.ifc_len + 512 < bufsize)
 	    break;
 	free(ifc.ifc_req);
 	bufsize += 2048;
    }
    /* this is probably way overkill, but better to kill a few bytes
     * than loop through looking for valid interfaces that are up
     * twice, huh?
     */
    count = ifc.ifc_len / sizeof(*ifr);
    CONDDEBUG((1, "ProbeInterfaces(): ifc_len==%d max_count==%d",
 	       ifc.ifc_len, count));
    /* set up myAddrs array */
    if (myAddrs != (struct in_addr *)0)
 	free(myAddrs);
    myAddrs = (struct in_addr *)0;
    if (count == 0) {
 	free(ifc.ifc_req);
 	close(sock);
 	return;
    }
    myAddrs = (struct in_addr *)calloc(count + 1, sizeof(struct in_addr));
    if (myAddrs == (struct in_addr *)0)
 	OutOfMem();
    for (m = r = 0; r < ifc.ifc_len;) {
 	struct sockaddr *sa;
 	ifr = (struct ifreq *)&ifc.ifc_buf[r];
 	sa = (struct sockaddr *)&ifr->ifr_addr;
 	/* don't use less than a ifreq sized chunk */
 	if ((ifc.ifc_len - r) < sizeof(*ifr))
 	    break;
 #ifdef HAVE_SA_LEN
 	if (sa->sa_len > sizeof(ifr->ifr_addr))
 	    r += sizeof(ifr->ifr_name) + sa->sa_len;
 	else
 #endif
 	    r += sizeof(*ifr);
 	if (sa->sa_family == AF_INET) {
 	    struct sockaddr_in *sin = (struct sockaddr_in *)sa;
 #ifdef SIOCGIFFLAGS
 	    /* make sure the interface is up */
 	    ifrcopy = *ifr;
 	    if ((ioctl(sock, SIOCGIFFLAGS, &ifrcopy) == 0) &&
 		((ifrcopy.ifr_flags & IFF_UP) == 0))
 		continue;
-#endif
+	    } else {
-	    CONDDEBUG((1, "ProbeInterfaces(): name=%s addr=%s",
+		Error("stat(%s): %s", d, strerror(errno));
-		       ifr->ifr_name, inet_ntoa(sin->sin_addr)));
+		return -1;
-#if HAVE_MEMCPY
+	    }
 	    memcpy(&myAddrs[m], &(sin->sin_addr), sizeof(struct in_addr));
 #else
 	    bcopy(&(sin->sin_addr), &myAddrs[m], sizeof(struct in_addr));
 #endif
 	    Verbose("interface address %s (%s)", inet_ntoa(myAddrs[m]),
 		    ifr->ifr_name);
 	    m++;
 	}
-    }
+	if (S_ISDIR(dstat.st_mode))
-    if (m == 0) {
+	    break;
-	free(myAddrs);
+	return -1;
 	myAddrs = (struct in_addr *)0;
    }
    close(sock);
    free(ifc.ifc_req);
 #else /* use the hostname like the old code did (but use all addresses!) */
    int count;
    struct hostent *he;
    /* if we use -M, just fill the array with that interface */
    if (bindAddr != INADDR_ANY) {
 	myAddrs = (struct in_addr *)calloc(2, sizeof(struct in_addr));
 	if (myAddrs == (struct in_addr *)0)
 	    OutOfMem();
 #if HAVE_MEMCPY
 	memcpy(&(myAddrs[0].s_addr), &bindAddr, sizeof(in_addr_t));
 #else
 	bcopy(&bindAddr, &(myAddrs[0].s_addr), sizeof(in_addr_t));
 #endif
 	Verbose("interface address %s (-M option)", inet_ntoa(myAddrs[0]));
 	return;
    }
-    Verbose("using hostname for interface addresses");
+    /* now make sure it's empty...erase anything you see, etc */
-    if ((struct hostent *)0 == (he = gethostbyname(myHostname))) {
+    if ((dir = opendir(d)) == (DIR *) 0) {
-	Error("ProbeInterfaces(): gethostbyname(%s): %s", myHostname,
+	Error("opendir(%s): %s", d, strerror(errno));
-	      hstrerror(h_errno));
+	return -1;
 	return;
    }
    if (4 != he->h_length || AF_INET != he->h_addrtype) {
 	Error
 	    ("ProbeInterfaces(): gethostbyname(%s): wrong address size (4 != %d) or address family (%d != %d)",
 	     myHostname, he->h_length, AF_INET, he->h_addrtype);
 	return;
    }
-    for (count = 0; he->h_addr_list[count] != (char *)0; count++);
+    while ((de = readdir(dir)) != (struct dirent *)0) {
-    if (myAddrs != (struct in_addr *)0)
+	if ((strcmp(de->d_name, ".") == 0) ||
-	free(myAddrs);
+	    (strcmp(de->d_name, "..") == 0))
-    myAddrs = (struct in_addr *)0;
+	    continue;
-    if (count == 0)
+/* we're going to just let the user deal with non-empty directories */
-	return;
+	Error("non-empty directory `%s'", d);
-    myAddrs = (struct in_addr *)calloc(count + 1, sizeof(struct in_addr));
+	retval = -1;
-    if (myAddrs == (struct in_addr *)0)
+	break;
-	OutOfMem();
+/* this is probably too extreme.  if someone happens to point conserver
-    for (count--; count >= 0; count--) {
+ * at /etc, for example, it could (if running as root) nuke the password
-#if HAVE_MEMCPY
+ * database, config files, etc.  too many important files could be
-	memcpy(&(myAddrs[count].s_addr), he->h_addr_list[count],
+ * shredded with a small typo.
-	       he->h_length);
+ */
-#else
+#if 0
-	bcopy(he->h_addr_list[count], &(myAddrs[count].s_addr),
+	if (path == (STRING *)0)
-	      he->h_length);
+	    path = AllocString();
 	BuildStringPrint(path, "%s/%s", d, de->d_name);
 	if (stat(path->string, &dstat) == -1) {
 	    Error("stat(%s): %s", path->string, strerror(errno));
 	    retval = -1;
 	    break;
 	}
 	if (S_ISDIR(dstat.st_mode)) {
 	    if (rmdir(path->string) != 0) {
 		Error("rmdir(%s): %s", path->string, strerror(errno));
 		retval = -1;
 		break;
 	    }
 	} else {
 	    if (unlink(path->string) != 0) {
 		Error("unlink(%s): %s", path->string, strerror(errno));
 		retval = -1;
 		break;
 	    }
 	}
 #endif
 	Verbose("interface address %s (hostname address)",
 		inet_ntoa(myAddrs[count]));
    }
-#endif
+
    if (path != (STRING *)0)
 	DestroyString(path);
    return retval;
 }
 #endif
 /* find out where/who we are						(ksb)
 * parse optons
@ -1179,17 +1095,19 @@ main(argc, argv)
    char *curuser = (char *)0;
    int curuid = 0;
    GRPENT *pGE = (GRPENT *)0;
 #if !USE_UNIX_DOMAIN_SOCKETS
 #if HAVE_INET_ATON
    struct in_addr inetaddr;
 #endif
 #endif
    isMultiProc = 1;		/* make sure stuff has the pid */
    thepid = getpid();
    if ((char *)0 == (progname = strrchr(argv[0], '/'))) {
-	progname = StrDup(argv[0]);
+	progname = argv[0];
    } else {
-	progname = StrDup(++progname);
+	++progname;
    }
    setpwent();
@ -1251,7 +1169,7 @@ main(argc, argv)
 #endif
 		break;
 	    case 'C':
-		pcConfig = StrDup(optarg);
+		pcConfig = optarg;
 		break;
 	    case 'd':
 		optConf->daemonmode = FLAGTRUE;
@ -1311,7 +1229,7 @@ main(argc, argv)
 		optConf->redirect = FLAGFALSE;
 		break;
 	    case 'S':
-		fSyntaxOnly = 1;
+		fSyntaxOnly++;
 		break;
 	    case 'u':
 		fAll = 1;
@ -1378,37 +1296,46 @@ main(argc, argv)
    if (fSyntaxOnly)
 	Msg("performing configuration file syntax check");
 #if USE_UNIX_DOMAIN_SOCKETS
    /* Don't do any redirects if we're purely local
     * (but it allows them to see where remote consoles are)
     */
    optConf->redirect = FLAGFALSE;
    if (interface == (char *)0)
 	interface = UDSDIR;
 #else
    /* set up the address to bind to */
    if (interface == (char *)0 ||
 	(interface[0] == '*' && interface[1] == '\000'))
 	bindAddr = INADDR_ANY;
    else {
-#if HAVE_INET_ATON
+# if HAVE_INET_ATON
 	if (inet_aton(interface, &inetaddr) == 0) {
 	    Error("inet_aton(%s): %s", interface, "invalid IP address");
 	    Bye(EX_OSERR);
 	}
 	bindAddr = inetaddr.s_addr;
-#else
+# else
 	bindAddr = inet_addr(interface);
 	if (bindAddr == (in_addr_t) (-1)) {
 	    Error("inet_addr(%s): %s", interface, "invalid IP address");
 	    Bye(EX_OSERR);
 	}
-#endif
+# endif
    }
    if (fDebug) {
 	struct in_addr ba;
 	ba.s_addr = bindAddr;
 	CONDDEBUG((1, "main(): bind address set to `%s'", inet_ntoa(ba)));
    }
 #endif
    /* must do all this so IsMe() works right */
    if (gethostname(myHostname, MAXHOSTNAME) != 0) {
-	Error("gethostname(): %s", interface, strerror(errno));
+	Error("gethostname(): %s", strerror(errno));
 	Bye(EX_OSERR);
    }
-    ProbeInterfaces();
+    ProbeInterfaces(bindAddr);
    /* initialize the timers */
    for (i = 0; i < T_MAX; i++)
@ -1422,6 +1349,7 @@ main(argc, argv)
    ReadCfg(pcConfig, fpConfig);
    fclose(fpConfig);
 #if !USE_UNIX_DOMAIN_SOCKETS
    /* set up the port to bind to */
    if (optConf->primaryport != (char *)0)
 	config->primaryport = StrDup(optConf->primaryport);
@ -1481,6 +1409,7 @@ main(argc, argv)
 	    bindBasePort = ntohs((unsigned short)pSE->s_port);
 	}
    }
 #endif
    if (optConf->passwdfile != (char *)0)
 	config->passwdfile = StrDup(optConf->passwdfile);
@ -1548,6 +1477,14 @@ main(argc, argv)
 	if (config->unifiedlog == (char *)0)
 	    OutOfMem();
    }
    if (optConf->initdelay != 0)
 	config->initdelay = optConf->initdelay;
    else if (pConfig->initdelay != 0)
 	config->initdelay = pConfig->initdelay;
    else
 	config->initdelay = defConfig.initdelay;
 #if HAVE_OPENSSL
    if (optConf->sslrequired != FLAGUNKNOWN)
 	config->sslrequired = optConf->sslrequired;
@ -1579,7 +1516,13 @@ main(argc, argv)
    if (pGroups == (GRPENT *)0 && pRCList == (REMOTE *)0) {
 	Error("no consoles found in configuration file");
-    } else if (!fSyntaxOnly) {
+    } else if (fSyntaxOnly) {
 	/* short-circuit */
 #if USE_UNIX_DOMAIN_SOCKETS
    } else if (VerifyEmptyDirectory(interface) == -1) {
 	Error("Master(): %s: unusable socket directory", interface);
 #endif
    } else {
 #if HAVE_OPENSSL
 	/* Prep the SSL layer */
 	SetupSSL();
@ -1602,7 +1545,6 @@ main(argc, argv)
 		continue;
 	    Spawn(pGE);
 	    Verbose("group #%d pid %lu on port %hu", pGE->id,
 		    (unsigned long)pGE->pid, pGE->port);
 	}
@ -1616,8 +1558,13 @@ main(argc, argv)
 		local += pGE->imembers;
 	    for (pRC = pRCList; (REMOTE *)0 != pRC; pRC = pRC->pRCnext)
 		remote++;
 # if USE_UNIX_DOMAIN_SOCKETS
 	    setproctitle("master: port 0, %d local, %d remote", local,
 			 remote);
 #else
 	    setproctitle("master: port %hu, %d local, %d remote", bindPort,
 			 local, remote);
 #endif
 	}
 #endif
--- a/conserver/main.h
+++ b/conserver/main.h
@ -1,5 +1,5 @@
 /*
- *  $Id: main.h,v 5.51 2003/11/10 15:37:24 bryan Exp $
+ *  $Id: main.h,v 5.53 2004/05/21 04:15:17 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -44,11 +44,13 @@ extern unsigned short bindPort, bindBasePort;
 extern char *pcConfig;
 extern int cMaxMemb;
 extern struct sockaddr_in in_port;
 extern int isMaster;
 extern CONFIG *optConf;
 extern CONFIG *config;
 extern CONFIG defConfig;
 extern CONSFILE *unifiedlog;
 #if USE_UNIX_DOMAIN_SOCKETS
 extern char *interface;
 #endif
 #if HAVE_OPENSSL
 extern SSL_CTX *ctx;
 #endif
--- a/conserver/master.c
+++ b/conserver/master.c
@ -1,5 +1,5 @@
 /*
- *  $Id: master.c,v 5.122 2003/11/16 19:29:20 bryan Exp $
+ *  $Id: master.c,v 5.126 2004/05/06 02:09:07 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -29,7 +29,7 @@
 #include <compat.h>
-#include <util.h>
+#include <cutil.h>
 #include <consent.h>
 #include <client.h>
 #include <group.h>
@ -433,7 +433,7 @@ DoNormalRead(pCLServing)
 {
    char *pcCmd;
    char *pcArgs;
-    int nr, i;
+    int nr, i, l;
    unsigned char acIn[BUFSIZ];
    /* read connection */
@ -442,208 +442,229 @@ DoNormalRead(pCLServing)
 	return;
    }
-    for (i = 0; i < nr; ++i) {
+    while ((l = ParseIACBuf(pCLServing->fd, acIn, &nr)) >= 0) {
-	if ('\n' != acIn[i]) {
+	if (l == 0)		/* we ignore special OB_IAC stuff */
 	    BuildStringChar(acIn[i], pCLServing->accmd);
 	    continue;
-	}
+	for (i = 0; i < l; ++i) {
-	if ((pCLServing->accmd->used > 1) &&
+	    if ('\n' != acIn[i]) {
-	    ('\r' ==
+		BuildStringChar(acIn[i], pCLServing->accmd);
-	     pCLServing->accmd->string[pCLServing->accmd->used - 2])) {
+		continue;
-	    pCLServing->accmd->string[pCLServing->accmd->used - 2] =
+	    }
-		'\000';
+	    if ((pCLServing->accmd->used > 1) &&
-	    pCLServing->accmd->used--;
+		('\r' ==
-	}
+		 pCLServing->accmd->string[pCLServing->accmd->used - 2])) {
 		pCLServing->accmd->string[pCLServing->accmd->used - 2] =
 		    '\000';
 		pCLServing->accmd->used--;
 	    }
-	/* process password here...before we corrupt accmd */
+	    /* process password here...before we corrupt accmd */
-	if (pCLServing->iState == S_PASSWD) {
+	    if (pCLServing->iState == S_PASSWD) {
-	    if (CheckPasswd(pCLServing, pCLServing->accmd->string) !=
+		if (CheckPasswd(pCLServing, pCLServing->accmd->string) !=
-		AUTH_SUCCESS) {
+		    AUTH_SUCCESS) {
-		FileWrite(pCLServing->fd, FLAGFALSE,
+		    FileWrite(pCLServing->fd, FLAGFALSE,
-			  "invalid password\r\n", -1);
+			      "invalid password\r\n", -1);
 		    BuildString((char *)0, pCLServing->accmd);
 		    DropMasterClient(pCLServing, FLAGFALSE);
 		    return;
 		}
 		Verbose("<master> login %s", pCLServing->acid->string);
 		FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n", 4);
 		pCLServing->iState = S_NORMAL;
 		BuildString((char *)0, pCLServing->accmd);
-		DropMasterClient(pCLServing, FLAGFALSE);
+		continue;
 		return;
 	    }
 	    Verbose("<master> login %s", pCLServing->acid->string);
 	    FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n", 4);
 	    pCLServing->iState = S_NORMAL;
 	    BuildString((char *)0, pCLServing->accmd);
 	    continue;
 	}
-	if ((char *)0 != (pcArgs = strchr(pCLServing->accmd->string, ':'))) {
+	    if ((char *)0 !=
-	    *pcArgs++ = '\000';
+		(pcArgs = strchr(pCLServing->accmd->string, ':'))) {
-	} else if ((char *)0 !=
+		*pcArgs++ = '\000';
-		   (pcArgs = strchr(pCLServing->accmd->string, ' '))) {
+	    } else if ((char *)0 !=
-	    *pcArgs++ = '\000';
+		       (pcArgs = strchr(pCLServing->accmd->string, ' '))) {
-	}
+		*pcArgs++ = '\000';
 	if (pcArgs != (char *)0)
 	    pcArgs = PruneSpace(pcArgs);
 	pcCmd = PruneSpace(pCLServing->accmd->string);
 	if (strcmp(pcCmd, "help") == 0) {
 	    static char *apcHelp1[] = {
 		"exit   disconnect\r\n",
 		"help   this help message\r\n",
 		"login  log in\r\n",
 #if HAVE_OPENSSL
 		"ssl    start ssl session\r\n",
 #endif
 		(char *)0
 	    };
 	    static char *apcHelp2[] = {
 		"call      provide port for given console\r\n",
 		"exit      disconnect\r\n",
 		"groups    provide ports for group leaders\r\n",
 		"help      this help message\r\n",
 		"master    provide a list of master servers\r\n",
 		"pid       provide pid of master process\r\n",
 		"quit*     terminate conserver (SIGTERM)\r\n",
 		"restart*  restart conserver (SIGHUP)\r\n",
 		"version   provide version info for server\r\n",
 		"* = requires admin privileges\r\n",
 		(char *)0
 	    };
 	    char **ppc;
 	    for (ppc =
 		 (pCLServing->iState == S_IDENT ? apcHelp1 : apcHelp2);
 		 (char *)0 != *ppc; ++ppc) {
 		FileWrite(pCLServing->fd, FLAGTRUE, *ppc, -1);
 	    }
-	    FileWrite(pCLServing->fd, FLAGFALSE, (char *)0, 0);
+	    if (pcArgs != (char *)0)
-	} else if (strcmp(pcCmd, "exit") == 0) {
+		pcArgs = PruneSpace(pcArgs);
-	    FileWrite(pCLServing->fd, FLAGFALSE, "goodbye\r\n", -1);
+	    pcCmd = PruneSpace(pCLServing->accmd->string);
-	    DropMasterClient(pCLServing, FLAGFALSE);
+	    if (strcmp(pcCmd, "help") == 0) {
-	    return;
+		static char *apcHelp1[] = {
 		    "exit   disconnect\r\n",
 		    "help   this help message\r\n",
 		    "login  log in\r\n",
 #if HAVE_OPENSSL
-	} else if (pCLServing->iState == S_IDENT &&
+		    "ssl    start ssl session\r\n",
-		   strcmp(pcCmd, "ssl") == 0) {
+#endif
-	    FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n", -1);
+		    (char *)0
-	    if (!AttemptSSL(pCLServing)) {
+		};
 		static char *apcHelp2[] = {
 		    "call      provide port for given console\r\n",
 		    "exit      disconnect\r\n",
 		    "groups    provide ports for group leaders\r\n",
 		    "help      this help message\r\n",
 		    "master    provide a list of master servers\r\n",
 		    "pid       provide pid of master process\r\n",
 		    "quit*     terminate conserver (SIGTERM)\r\n",
 		    "restart*  restart conserver (SIGHUP)\r\n",
 		    "version   provide version info for server\r\n",
 		    "* = requires admin privileges\r\n",
 		    (char *)0
 		};
 		char **ppc;
 		for (ppc =
 		     (pCLServing->iState == S_IDENT ? apcHelp1 : apcHelp2);
 		     (char *)0 != *ppc; ++ppc) {
 		    FileWrite(pCLServing->fd, FLAGTRUE, *ppc, -1);
 		}
 		FileWrite(pCLServing->fd, FLAGFALSE, (char *)0, 0);
 	    } else if (strcmp(pcCmd, "exit") == 0) {
 		FileWrite(pCLServing->fd, FLAGFALSE, "goodbye\r\n", -1);
 		DropMasterClient(pCLServing, FLAGFALSE);
 		return;
 	    }
 #endif
 	} else if (pCLServing->iState == S_IDENT &&
 		   strcmp(pcCmd, "login") == 0) {
 #if HAVE_OPENSSL
-	    if (config->sslrequired == FLAGTRUE &&
+	    } else if (pCLServing->iState == S_IDENT &&
-		FileGetType(pCLServing->fd) != SSLSocket) {
+		       strcmp(pcCmd, "ssl") == 0) {
-		FileWrite(pCLServing->fd, FLAGFALSE,
+		FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n", -1);
-			  "encryption required\r\n", -1);
+		if (!AttemptSSL(pCLServing)) {
-	    } else {
+		    DropMasterClient(pCLServing, FLAGFALSE);
 		    return;
 		}
 #endif
-		if (pcArgs == (char *)0) {
+	    } else if (pCLServing->iState == S_IDENT &&
 		       strcmp(pcCmd, "login") == 0) {
 #if HAVE_OPENSSL
 		if (config->sslrequired == FLAGTRUE &&
 		    FileGetType(pCLServing->fd) != SSLSocket) {
 		    FileWrite(pCLServing->fd, FLAGFALSE,
-			      "login requires argument\r\n", -1);
+			      "encryption required\r\n", -1);
 		} else {
 		    BuildString((char *)0, pCLServing->username);
 		    BuildString((char *)0, pCLServing->acid);
 		    BuildString(pcArgs, pCLServing->username);
 		    BuildString(pcArgs, pCLServing->acid);
 		    BuildStringChar('@', pCLServing->acid);
 		    BuildString(pCLServing->peername->string,
 				pCLServing->acid);
 		    if (pCLServing->caccess == 't' ||
 			CheckPasswd(pCLServing, "") == AUTH_SUCCESS) {
 			pCLServing->iState = S_NORMAL;
 			Verbose("<master> login %s",
 				pCLServing->acid->string);
 			FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n", 4);
 		    } else {
 			FilePrint(pCLServing->fd, FLAGFALSE,
 				  "passwd? %s\r\n", myHostname);
 			pCLServing->iState = S_PASSWD;
 		    }
 		}
 #if HAVE_OPENSSL
 	    }
 #endif
-	} else if (pCLServing->iState == S_NORMAL &&
+		    if (pcArgs == (char *)0) {
-		   strcmp(pcCmd, "master") == 0) {
+			FileWrite(pCLServing->fd, FLAGFALSE,
-	    int iSep = 1;
+				  "login requires argument\r\n", -1);
-
+		    } else {
-	    if ((GRPENT *)0 != pGroups) {
+			BuildString((char *)0, pCLServing->username);
-		struct sockaddr_in lcl;
+			BuildString((char *)0, pCLServing->acid);
-		socklen_t so = sizeof(lcl);
+			BuildString(pcArgs, pCLServing->username);
-		if (-1 ==
+			BuildString(pcArgs, pCLServing->acid);
-		    getsockname(FileFDNum(pCLServing->fd),
+			BuildStringChar('@', pCLServing->acid);
-				(struct sockaddr *)&lcl, &so)) {
+			BuildString(pCLServing->peername->string,
-		    FileWrite(pCLServing->fd, FLAGFALSE,
+				    pCLServing->acid);
-			      "getsockname failed, try again later\r\n",
+			if (pCLServing->caccess == 't' ||
-			      -1);
+			    CheckPasswd(pCLServing, "") == AUTH_SUCCESS) {
-		    Error("Master(): getsockname(%u): %s",
+			    pCLServing->iState = S_NORMAL;
-			  FileFDNum(pCLServing->fd), strerror(errno));
+			    Verbose("<master> login %s",
-		    Bye(EX_OSERR);
+				    pCLServing->acid->string);
 			    FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n",
 				      4);
 			} else {
 			    FilePrint(pCLServing->fd, FLAGFALSE,
 				      "passwd? %s\r\n", myHostname);
 			    pCLServing->iState = S_PASSWD;
 			}
 		    }
 #if HAVE_OPENSSL
 		}
-		FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
+#endif
-			  inet_ntoa(lcl.sin_addr));
+	    } else if (pCLServing->iState == S_NORMAL &&
-		iSep = 0;
+		       strcmp(pcCmd, "master") == 0) {
-	    }
+		int iSep = 1;
-	    if (config->redirect == FLAGTRUE) {
+
-		REMOTE *pRC;
+		if ((GRPENT *)0 != pGroups) {
-		for (pRC = pRCUniq; (REMOTE *)0 != pRC; pRC = pRC->pRCuniq) {
+#if USE_UNIX_DOMAIN_SOCKETS
-		    FilePrint(pCLServing->fd, FLAGTRUE, ":@%s" + iSep,
+		    FilePrint(pCLServing->fd, FLAGTRUE, "@0");
-			      pRC->rhost);
+		    iSep = 0;
 #else
 		    struct sockaddr_in lcl;
 		    socklen_t so = sizeof(lcl);
 		    if (-1 ==
 			getsockname(FileFDNum(pCLServing->fd),
 				    (struct sockaddr *)&lcl, &so)) {
 			FileWrite(pCLServing->fd, FLAGFALSE,
 				  "getsockname failed, try again later\r\n",
 				  -1);
 			Error("Master(): getsockname(%u): %s",
 			      FileFDNum(pCLServing->fd), strerror(errno));
 			iSep = -1;
 		    } else {
 			FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
 				  inet_ntoa(lcl.sin_addr));
 			iSep = 0;
 		    }
 #endif
 		}
 		if (iSep >= 0) {
 		    if (config->redirect == FLAGTRUE) {
 			REMOTE *pRC;
 			for (pRC = pRCUniq; (REMOTE *)0 != pRC;
 			     pRC = pRC->pRCuniq) {
 			    FilePrint(pCLServing->fd, FLAGTRUE,
 				      ":@%s" + iSep, pRC->rhost);
 			    iSep = 0;
 			}
 		    }
 		    FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", -1);
 		}
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "pid") == 0) {
 		FilePrint(pCLServing->fd, FLAGFALSE, "%lu\r\n",
 			  (unsigned long)thepid);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "version") == 0) {
 		FilePrint(pCLServing->fd, FLAGFALSE, "version `%s'\r\n",
 			  THIS_VERSION);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "quit") == 0) {
 		if (ConsentUserOk(pADList, pCLServing->username->string) ==
 		    1) {
 		    Verbose("quit command by %s",
 			    pCLServing->acid->string);
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "ok -- terminated\r\n", -1);
 		    DropMasterClient(pCLServing, FLAGFALSE);
 		    kill(thepid, SIGTERM);
 		    return;
 		} else
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "unauthorized command\r\n", -1);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "restart") == 0) {
 		if (ConsentUserOk(pADList, pCLServing->username->string) ==
 		    1) {
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "ok -- restarting\r\n", -1);
 		    Verbose("restart command by %s",
 			    pCLServing->acid->string);
 		    kill(thepid, SIGHUP);
 		} else
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "unauthorized command\r\n", -1);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "groups") == 0) {
 		int iSep = 1;
 		GRPENT *pGE;
 		for (pGE = pGroups; pGE != (GRPENT *)0; pGE = pGE->pGEnext) {
 		    if (0 == pGE->imembers)
 			continue;
 		    FilePrint(pCLServing->fd, FLAGTRUE, ":%hu" + iSep,
 			      pGE->port);
 		    iSep = 0;
 		}
 		FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", 2);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "call") == 0) {
 		if (pcArgs == (char *)0)
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "call requires argument\r\n", -1);
 		else
 		    CommandCall(pCLServing, pcArgs);
 	    } else {
 		FileWrite(pCLServing->fd, FLAGFALSE, "unknown command\r\n",
 			  -1);
 	    }
-	    FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", -1);
+	    BuildString((char *)0, pCLServing->accmd);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "pid") == 0) {
 	    FilePrint(pCLServing->fd, FLAGFALSE, "%lu\r\n",
 		      (unsigned long)thepid);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "version") == 0) {
 	    FilePrint(pCLServing->fd, FLAGFALSE, "version `%s'\r\n",
 		      THIS_VERSION);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "quit") == 0) {
 	    if (ConsentUserOk(pADList, pCLServing->username->string) == 1) {
 		Verbose("quit command by %s", pCLServing->acid->string);
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "ok -- terminated\r\n", -1);
 		DropMasterClient(pCLServing, FLAGFALSE);
 		kill(thepid, SIGTERM);
 		return;
 	    } else
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "unauthorized command\r\n", -1);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "restart") == 0) {
 	    if (ConsentUserOk(pADList, pCLServing->username->string) == 1) {
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "ok -- restarting\r\n", -1);
 		Verbose("restart command by %s", pCLServing->acid->string);
 		kill(thepid, SIGHUP);
 	    } else
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "unauthorized command\r\n", -1);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "groups") == 0) {
 	    int iSep = 1;
 	    GRPENT *pGE;
 	    for (pGE = pGroups; pGE != (GRPENT *)0; pGE = pGE->pGEnext) {
 		if (0 == pGE->imembers)
 		    continue;
 		FilePrint(pCLServing->fd, FLAGTRUE, ":%hu" + iSep,
 			  pGE->port);
 		iSep = 0;
 	    }
 	    FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", 2);
 	} else if (pCLServing->iState == S_NORMAL &&
 		   strcmp(pcCmd, "call") == 0) {
 	    if (pcArgs == (char *)0)
 		FileWrite(pCLServing->fd, FLAGFALSE,
 			  "call requires argument\r\n", -1);
 	    else
 		CommandCall(pCLServing, pcArgs);
 	} else {
 	    FileWrite(pCLServing->fd, FLAGFALSE, "unknown command\r\n",
 		      -1);
 	}
-	BuildString((char *)0, pCLServing->accmd);
+	nr -= l;
 	MemMove(acIn, acIn + l, nr);
    }
 }
@ -660,8 +681,13 @@ Master()
    int msfd;
    socklen_t so;
    fd_set rmask, wmask;
 #if USE_UNIX_DOMAIN_SOCKETS
    struct sockaddr_un master_port;
    static STRING *portPath = (STRING *)0;
 #else
    struct sockaddr_in master_port;
    int true = 1;
 #endif
    FILE *fp;
    CONSCLIENT *pCLServing = (CONSCLIENT *)0;
    CONSCLIENT *pCL = (CONSCLIENT *)0;
@ -702,6 +728,40 @@ Master()
 #else
    bzero((char *)&master_port, sizeof(master_port));
 #endif
 #if USE_UNIX_DOMAIN_SOCKETS
    master_port.sun_family = AF_UNIX;
    if (portPath == (STRING *)0)
 	portPath = AllocString();
    BuildStringPrint(portPath, "%s/0", interface);
    if (portPath->used > sizeof(master_port.sun_path)) {
 	Error("Master(): path to socket too long: %s", portPath->string);
 	return;
    }
    strcpy(master_port.sun_path, portPath->string);
    if ((msfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
 	Error("Master(): socket(AF_UNIX,SOCK_STREAM): %s",
 	      strerror(errno));
 	return;
    }
    if (!SetFlags(msfd, O_NONBLOCK, 0))
 	return;
    if (bind(msfd, (struct sockaddr *)&master_port, sizeof(master_port)) <
 	0) {
 	Error("Master(): bind(%s): %s", master_port.sun_path,
 	      strerror(errno));
 	return;
    }
    if (listen(msfd, SOMAXCONN) < 0) {
 	Error("Master(): listen(%s): %s", master_port.sun_path,
 	      strerror(errno));
 	return;
    }
 #else
    master_port.sin_family = AF_INET;
    master_port.sin_addr.s_addr = bindAddr;
    master_port.sin_port = htons(bindPort);
@ -711,7 +771,7 @@ Master()
 	      strerror(errno));
 	return;
    }
-#if  HAVE_SETSOCKOPT
+# if HAVE_SETSOCKOPT
    if (setsockopt
 	(msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&true,
 	 sizeof(true)) < 0) {
@ -719,7 +779,7 @@ Master()
 	      strerror(errno));
 	return;
    }
-#endif
+# endif
    if (!SetFlags(msfd, O_NONBLOCK, 0))
 	return;
@ -735,6 +795,7 @@ Master()
 	      strerror(errno));
 	return;
    }
 #endif
    fp = fopen(PIDFILE, "w");
    if (fp) {
@ -872,9 +933,10 @@ Master()
 	}
 	/* set to non-blocking and wrap in a File object */
-	if (SetFlags(cfd, O_NONBLOCK, 0))
+	if (SetFlags(cfd, O_NONBLOCK, 0)) {
 	    pCLmfree->fd = FileOpenFD(cfd, simpleSocket);
-	else
+	    FileSetQuoteIAC(pCLmfree->fd, FLAGTRUE);
 	} else
 	    pCLmfree->fd = (CONSFILE *)0;
 	if ((CONSFILE *)0 == pCLmfree->fd) {
@ -929,6 +991,9 @@ Master()
    }
    close(msfd);
 #if USE_UNIX_DOMAIN_SOCKETS
    unlink(master_port.sun_path);
 #endif
    /* clean up the free list */
    while (pCLmfree != (CONSCLIENT *)0) {
--- a/conserver/readcfg.c
+++ b/conserver/readcfg.c
--- a/conserver/readcfg.h
+++ b/conserver/readcfg.h
@ -1,5 +1,5 @@
 /*
- *  $Id: readcfg.h,v 5.38 2003/11/10 15:37:24 bryan Exp $
+ *  $Id: readcfg.h,v 5.40 2004/05/25 23:03:01 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -20,6 +20,7 @@ typedef struct config {
    int reinitcheck;
    char *secondaryport;
    char *unifiedlog;
    int initdelay;
 #if HAVE_SETPROCTITLE
    FLAG setproctitle;
 #endif
@ -42,6 +43,7 @@ extern ACCESS *pACList;		/* `who do you love' (or trust) */
 extern CONSENTUSERS *pADList;	/* list of admin users */
 extern BREAKS breakList[9];	/* list of break sequences */
 extern CONFIG *pConfig;		/* settings seen by config parser */
 extern SUBST *substData;	/* substitution function data */
 extern void ReadCfg PARAMS((char *, FILE *));
 extern void ReReadCfg PARAMS((int));
--- a/conserver/version.h
+++ b/conserver/version.h
@ -1,5 +1,5 @@
 /*
- *  $Id: version.h,v 1.52 2003/11/07 20:54:49 bryan Exp $
+ *  $Id: version.h,v 1.63 2004/05/28 17:59:37 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -14,4 +14,4 @@
@(#) Copyright 2000 conserver.com.\n\
 All rights reserved.\n"
-#define THIS_VERSION "conserver.com version 8.0.6"
+#define THIS_VERSION "conserver.com version 8.1.7"
--- a/console/Makefile.in
+++ b/console/Makefile.in
@ -15,7 +15,7 @@ MKDIR = @MKDIR@
 ### Compiler and link options
 CC	= @CC@
-CFLAGS	= @CFLAGS@ # -DPUCC -DSUN5
+CFLAGS	= @CFLAGS@
 DEFS	= @DEFS@ -DSYSCONFDIR=\"$(sysconfdir)\"
 CPPFLAGS = -I.. -I$(top_srcdir) -I$(srcdir) -I$(top_srcdir)/conserver $(DEFS) @CPPFLAGS@
 LDFLAGS	= @LDFLAGS@
@ -25,18 +25,23 @@ LIBS	= @LIBS@
 ### Makefile rules - no user-servicable parts below
-CONSOLE_OBJS = console.o getpassword.o ../conserver/util.o
+CONSOLE_OBJS = console.o getpassword.o readconf.o ../conserver/cutil.o
-CONSOLE_HDRS = ../config.h $(top_srcdir)/compat.h $(top_srcdir)/conserver/port.h
+CONSOLE_HDRS = ../config.h $(top_srcdir)/compat.h \
 	       $(top_srcdir)/conserver/cutil.h \
 	       $(top_srcdir)/conserver/version.h \
 	       $(srcdir)/getpassword.h $(srcdir)/readconf.h
 ALL = console
 all: $(ALL)
 $(CONSOLE_OBJS): $(CONSOLE_HDRS)
 console: $(CONSOLE_OBJS)
 	$(CC) $(CFLAGS) $(LDFLAGS) -o console $(CONSOLE_OBJS) $(LIBS)
-../conserver/util.o:
+../conserver/cutil.o:
-	( cd ../conserver && $(MAKE) $(MAKE_FLAGS) util.o ) || exit 1;
+	( cd ../conserver && $(MAKE) $(MAKE_FLAGS) cutil.o ) || exit 1;
 .c.o:
 	$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
--- a/console/console.c
+++ b/console/console.c
--- a/console/console.man
+++ b/console/console.man
@ -1,15 +1,17 @@
-.\" $Id: console.man,v 1.40 2003/11/16 15:35:45 bryan Exp $
+.\" $Id: console.man,v 1.54 2004/05/28 00:02:16 bryan Exp $
-.TH CONSOLE 1 "2003/11/16" "conserver-8.0.6" "conserver"
+.TH CONSOLE 1 "2004/05/28" "conserver-8.1.7" "conserver"
 .SH NAME
 console \- console server client program
 .SH SYNOPSIS
 .B console
-.RB [ \-aAEfFsS ]
+.RB [ \-aAfFsS ]
-.RB [ \-7Dv ]
+.RB [ \-7DEnUv ]
 .RB [ \-c
 .IR cred ]
 .RB [ \-C
 .IR config ]
 .BR [ \-M
-.IR mach ]
+.IR master ]
 .BR [ \-p
 .IR port ]
 .BR [ \-e
@ -20,24 +22,32 @@ console \- console server client program
 .br
 .B console
 .RB [ \-hiIPrRuVwWx ]
-.RB [ \-7Dv ]
+.RB [ \-7DEnUv ]
 .RB [ \-c
 .IR cred ]
 .RB [ \-C
 .IR config ]
 .RB [ \-M
-.IR mach ]
+.IR master ]
 .RB [ \-p
 .IR port ]
 .RB [ \-d
-.RI [ user ][\fB@\fP console ]]
+.RI [ user ][\f3@\fP console ]]
 .RB [ \- [ bB ]
 .IR message ]
 .RB [ \-t
-.RI [ user ][\fB@\fP console ]
+.RI [ user ][\f3@\fP console ]
 .IR message ]
 .br
 .B console
 .RB [ \-qQ ]
-.RB [ \-7Dv ]
+.RB [ \-7DEnUv ]
 .RB [ \-c
 .IR cred ]
 .RB [ \-C
 .IR config ]
 .RB [ \-M
-.IR mach ]
+.IR master ]
 .RB [ \-p
 .IR port ]
 .SH DESCRIPTION
@ -116,6 +126,10 @@ to users on the primary server.
 Load an SSL certificate and key from the PEM encoded file
 .IR cred .
 .TP
 .BI \-C config
 Use the per-user configuration file
 .IR conf .
 .TP
 .B \-d
 Disconnect the users specified by
 .IR user @ console .
@ -150,9 +164,13 @@ The default value is
 .B \-E
 If encryption has been built into the code
 .RB ( --with-openssl ),
-encrypted client connections are a requirement.
+encrypted client connections are, by default, a requirement.
-This option allows the client to connect to a console
+This option disables any attempt at creating an
-over a non-encrypted connection.
+encrypted connection.
 If you'd like to use encrypted connections when your server
 supports it, but fallback to non-encrypted otherwise, the
 .B \-U
 option is what you want.
 .TP
 .B \-f
 Same as
@ -179,19 +197,34 @@ uses $USER if its uid matches the user's real uid,
 or $LOGNAME if its uid matches the user's real uid,
 or else the name associated with the user's real uid.
 .TP
-.BI \-M mach
+.BI \-M master
 The
 .B console
 client program polls
-.I mach
+.I master
 as the primary server,
 rather than the default set at compile time (typically
 .RB `` console '').
 The default
-.I mach
+.I master
 may be changed at compile time using the
 .B --with-master
 option.
 If
 .B --with-uds
 is used to enable Unix domain sockets, however, this option points
 .B console
 to the directory which holds those sockets.
 The default
 .I master
 directory
 .RB (`` /tmp/conserver '')
 may be changed at compile time using the
 .B --with-uds
 option.
 .TP
 .BI \-n
 Do not read the system-wide configuration file.
 .TP
 .BI \-p port
 Set the port to connect to.
@ -203,6 +236,9 @@ may be changed at compile time
 using the
 .B --with-port
 option.
 If the
 .B --with-uds
 option was used, this option is ignored.
 .TP
 .B \-P
 Display the pid of the master daemon process on each server.
@ -264,6 +300,18 @@ and attached users
 .RI ( user @ host
 if attached read-write, `<spies>' if only users in spy mode, or `<none>').
 .TP
 .B \-U
 If encryption has been built into the code
 .RB ( --with-openssl ),
 encrypted client connections are, by default, a requirement.
 This option allows the client to attempt an encrypted connection
 but fall back to a non-encrypted connection if the server doesn't
 support encryption.
 If the encryption handshake is failing, disabling encryption on the
 client with the
 .B \-E
 option is probably what you want.
 .TP
 .B \-v
 Be more verbose when building the connection(s).
 Use this option in combination with any of `show' options (below)
@ -297,7 +345,7 @@ The
 options have the same effect as their lower-case variants.
 In addition, they each request the last 20 lines of the console output after
 making the connection (as if
-.RB ` ^Ecr '
+.RB `` ^Ecr ''
 were typed).
 .PP
 The
@ -318,13 +366,13 @@ a command, or `!' for a remote port.
 .TP
 .I console-details
 The details regarding the console.
-The values here (all comma separated) depend on the type of the console.
+The values here (all comma-separated) depend on the type of the console.
-Local devices will have values of the device file, baud rate, and
+Local devices will have values of the device file, baud rate/parity, and
 file descriptor for the device.
 Commands will have values of the command, the command's pid, the
 pseudo-tty, and file descriptor for the pseudo-tty.
 Remote ports will have values of the remote hostname, remote port number,
-and file descriptor for the socket connection.
+``raw'' or ``telnet'' protocol, and file descriptor for the socket connection.
 .TP
 .I users-list
 The details of each user connected to the console.
@ -347,9 +395,9 @@ that the server can open the file for read, but not write.
 .TP
 .I logfile-details
 The details regarding the logging for the console.
-The comma separated
+The comma-separated
 values will be the logfile, ``log'' or ``nolog'' (if logging is on
-or not - toggled via ^EcL), ``act'' or ``noact'' (if activity logging is
+or not - toggled via ``^EcL''), ``act'' or ``noact'' (if activity logging is
 enabled or not - the `a' timestamp option), the timestamp interval, and
 the file descriptor of the logfile.
 .TP
@ -362,10 +410,10 @@ is at work, it will have the value of ``autoup'', otherwise it
 will be ``noautoup''.
 .TP
 .I aliases
-The console aliases are presented in a comma separated list.
+The console aliases are presented in a comma-separated list.
 .TP
 .I options
-The active options for the console are presented in a comma separated list.
+The active options for the console are presented in a comma-separated list.
 .TP
 .I initcmd
 The initcmd configuration option for the console.
@ -375,6 +423,287 @@ The idletimeout configuration option for the console.
 .TP
 .I idlestring
 The idlestring configuration option for the console.
 .SH CONFIGURATION
 .B Console
 reads configuration information from the system-wide configuration file
 .RB ( console.cf ),
 then the per-user configuration file
 .RB ( .consolerc ),
 and then applies command-line arguments.
 Each configuration location can override the previous.
 The same happens when parsing an individual file - the later entries
 always override the earlier entries.
 Because of that, you should put ``global'' defaults first and
 more specific defaults second.
 .PP
 The configuration file is read using the same parser as 
 .BR conserver.cf (5),
 and you should check that manpage for parser details.
 .B Console
 recognizes the following configuration blocks.
 .TP
 \f3config\fP \f2hostname\fP|\f2ipaddr\fP
 .br
 Define a configuration block for the client host named
 .I hostname
 or using the address
 .IR ipaddr .
 If the value of ``*'' is used, the configuration block will be applied to
 all client hosts.
 .RS
 .TP
 \f3escape\fP \f2esc\fP
 .br
 Set the escape sequence (see the
 .B \-e
 command-line flag).
 .TP
 \f3master\fP \f2master\fP
 .br
 Set the default master to
 .I master
 (see the
 .B \-M
 command-line flag).
 .TP
 \f3port\fP \f2port\fP
 .br
 Set the default port to
 .I port
 (see the
 .B \-p
 command-line flag).
 .TP
 \f3sslcredentials\fP \f2filename\fP
 .br
 Set the
 .SM SSL
 credentials file location (see the
 .B \-c
 command-line flag).
 .TP
 \f3sslenabled\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
 .br
 Set whether or not encryption is attempted when talking to servers (see the
 .B \-E
 command-line flag).
 .TP
 \f3sslrequired\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
 .br
 Set whether or not encryption is required when talking to servers (see the
 .B \-U
 command-line flag).
 .TP
 \f3striphigh\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
 .br
 Set whether or not to strip the high bit off all data received
 (see the
 .B \-7
 command-line flag).
 .TP
 \f3username\fP \f2user\fP
 .br
 Set the username passed to the server to
 .I user
 (see the
 .B \-l
 command-line flag).
 .RE
 .TP
 \f3terminal\fP \f2type\fP
 .br
 Define a configuration block when using a terminal of type
 .IR type .
 If the value of ``*'' is used, the configuration block will be applied to
 all terminal types.
 .RS
 .TP
 \f3attach\fP \f2string\fP|\f3""\fP
 .br
 Set a
 .I string
 to print when successfully attached to a console.
 Character substitions will be performed based on the
 .B attachsubst
 value and occur
 .I before
 interpretation of the special characters below.
 If the null string (``\f3""\fP'') is used, no string will be printed.
 .I string
 is a simple character string with the exception of `\e'
 and `^':
 .RS
 .RS
 .sp
 .PD 0
 .TP 6
 .B \ea
 alert
 .TP
 .B \eb
 backspace
 .TP
 .B \ef
 form-feed
 .TP
 .B \en
 newline
 .TP
 .B \er
 carriage-return
 .TP
 .B \et
 tab
 .TP
 .B \ev
 vertical-tab
 .TP
 .B \e\e
 backslash
 .TP
 .B \e^
 circumflex
 .TP
 .BI \e ooo
 octal representation of a character (where
 .I ooo
 is one to three octal digits)
 .TP
 .BI \e c
 character
 .I c
 .TP
 .B ^?
 delete
 .TP
 .BI ^ c
 control character
 .RI ( c
 is ``and''ed with 0x1f)
 .PD
 .RE
 .RE
 .IP
 An interesting use of
 .B attach
 and
 .B attachsubst
 would be:
 .RS
 .IP
 .ft CR
 .nf
 terminal xterm {
    attach "^[]0;conserver: U@C^G";
    attachsubst U=us,C=cs;
 }
 .fi
 .ft
 .RE
 .TP
 \f3attachsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
 .br
 Perform character substitutions on the
 .B attach
 value.
 A series of replacements can be defined by specifying a
 comma-separated list of
 \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP
 sequences where
 .I c
 is any printable character,
 .I t
 specifies the replacement value,
 .I n
 is a field length (optional),
 and
 .I f
 is the format string.
 .I t
 can be one of the characters below, catagorized as a string replacement
 or a numeric replacement, which dictates the use of the
 .I n
 and
 .I f
 fields.
 .RS
 .RS
 .sp
 .PD 0
 .TP
 String Replacement
 .TP
 .B u
 username
 .TP
 .B c
 console name
 .sp
 .PP
 Numeric Replacement
 .TP
 none available (yet)
 .PD
 .RE
 .RE
 .IP
 For string replacements, if the replacement isn't at least
 .I n
 characters, it will be padded with space characters on the left.
 .I f
 must be `s'.
 For numeric replacements, the value will be formatted to at least
 .I n
 characters, padded with 0s if
 .I n
 begins with a 0, and space characters otherwise.
 .I f
 must be either `d', `x' or `X', specifying a decimal, lower-case
 hexadecimal, or an uppercase hexadecimal conversion.
 If the null string (``\f3""\fP'') is used, no replacements will be done.
 .TP
 \f3detach\fP \f2string\fP|\f3""\fP
 .br
 Set a
 .I string
 to print once detached from a console.
 Character substitions will be performed based on the
 .B detachsubst
 value.
 See the
 .B attach
 option for an explanation of
 .IR string .
 If the null string (``\f3""\fP'') is used, no string will be printed.
 .TP
 \f3detachsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
 .br
 Perform character substitutions on the
 .B detach
 value.
 See the
 .B attachsubst
 option for an explanation of the format string.
 .RE
 .PP
 A simple configuration to set a new default escape sequence and override
 the master location would be:
 .IP
 .ft CR
 .nf
 # override options for all hosts
 config * {
    master localhost;
    escape ^Ee;
 }
 # set things more specific to host1
 # note: if the entries were reversed, host1
 # would also use localhost.
 config host1 {
    master console1;
 }
 .fi
 .ft
 .SH "ESCAPE SEQUENCES"
 The connection can be controlled by a two-character escape sequence, followed
 by a command.
@ -387,6 +716,12 @@ Commands are:
 .sp
 .PD 0
 .TP 13
 .B \.
 disconnect
 .TP
 .B ;
 move to another console
 .TP
 .B a
 attach read-write if nobody already is
 .TP
@ -454,6 +789,9 @@ examine this group's devices and modes
 .B z
 suspend this connection
 .TP
 .B |
 attach a local command to the console
 .TP
 .B ?
 display list of commands
 .TP
@ -467,14 +805,12 @@ replay the last line only
 send character having octal code
 .IR ooo " (must"
 specify three octal digits)
 .IP \.
 disconnect
 .PD
 .PP
 If any other character is hit after the escape sequence, all three characters
 will be discarded.
 Note that a line break or a down command
-can only be sent from a full two-way attachment.
+can only be sent from a read-write connection.
 To send the escape sequence through the connection one must redefine
 the outer escape sequence, or use
 .BI ^Ec\e ooo
@ -485,13 +821,17 @@ In the
 .B \-u
 output, the login ``<none>'' indicates no one is
 viewing that console, and the login ``<spies>'' indicates that
-no one has a full two-way attachment.
+no one has a read-write connection (only read-only).
-When no one is attached to
+.PP
-a console its output is cloned to the stdout of the server process if
+When running a local command via
-.B conserver
+.RB `` ^Ec| '',
-was started with the
+you can type 
-.B \-u
+.RB ` ^C '
-option.
+to send the command a SIGHUP,
 .RB ` ^\e '
 to send the command a SIGKILL, and
 .RB ` o '
 to toggle the display of the console data.
 .SH EXAMPLES
 .TP 15
 console \-u
@ -543,6 +883,22 @@ or number of days is displayed.
 console \-e "^[1" lv426
 Requests a connection to the host ``lv426'' with the escape characters
 set to ``escape one''.
 .SH FILES
 .PP
 The following default file locations may be overridden
 at compile time or by the command-line options described above.
 Run
 .B console \-V
 to see the defaults set at compile time.
 .PP
 .PD 0
 .TP 25
 .B /etc/console.cf
 system-wide configuration file
 .TP
 .B \s-1$HOME\s0/.consolerc
 per-user configuration file
 .PD
 .SH BUGS
 It is possible to create a loop of console connections, with ugly results.
 Never run
--- a/console/getpassword.c
+++ b/console/getpassword.c
@ -1,5 +1,5 @@
 /*
- *  $Id: getpassword.c,v 1.7 2003/09/28 19:29:17 bryan Exp $
+ *  $Id: getpassword.c,v 1.8 2003/11/20 13:56:41 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
@ -12,7 +12,7 @@
 #include <pwd.h>
-#include <util.h>
+#include <cutil.h>
 #include <version.h>
--- a/console/readconf.c
+++ b/console/readconf.c
@ -0,0 +1,720 @@
 /*
 *  $Id: readconf.c,v 5.2 2004/05/25 00:38:15 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
 */
 #include <compat.h>
 #include <cutil.h>
 #include <readconf.h>
 CONFIG *parserConfigTemp = (CONFIG *)0;
 CONFIG *parserConfigDefault = (CONFIG *)0;
 CONFIG *pConfig = (CONFIG *)0;
 TERM *parserTermTemp = (TERM *)0;
 TERM *parserTermDefault = (TERM *)0;
 TERM *pTerm = (TERM *)0;
 void
 #if PROTOTYPES
 DestroyConfig(CONFIG *c)
 #else
 DestroyConfig(c)
    CONFIG *c;
 #endif
 {
    if (c == (CONFIG *)0)
 	return;
    if (c->username != (char *)0)
 	free(c->username);
    if (c->master != (char *)0)
 	free(c->master);
    if (c->port != (char *)0)
 	free(c->port);
    if (c->escape != (char *)0)
 	free(c->escape);
 #if HAVE_OPENSSL
    if (c->sslcredentials != (char *)0)
 	free(c->sslcredentials);
 #endif
    free(c);
 }
 void
 #if PROTOTYPES
 ApplyConfigDefault(CONFIG *c)
 #else
 ApplyConfigDefault(c)
    CONFIG *c;
 #endif
 {
    if (parserConfigDefault == (CONFIG *)0)
 	return;
    if (parserConfigDefault->username != (char *)0) {
 	if (c->username != (char *)0)
 	    free(c->username);
 	if ((c->username =
 	     StrDup(parserConfigDefault->username)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->master != (char *)0) {
 	if (c->master != (char *)0)
 	    free(c->master);
 	if ((c->master = StrDup(parserConfigDefault->master)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->port != (char *)0) {
 	if (c->port != (char *)0)
 	    free(c->port);
 	if ((c->port = StrDup(parserConfigDefault->port)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->escape != (char *)0) {
 	if (c->escape != (char *)0)
 	    free(c->escape);
 	if ((c->escape = StrDup(parserConfigDefault->escape)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->striphigh != FLAGUNKNOWN)
 	c->striphigh = parserConfigDefault->striphigh;
 #if HAVE_OPENSSL
    if (parserConfigDefault->sslcredentials != (char *)0) {
 	if (c->sslcredentials != (char *)0)
 	    free(c->sslcredentials);
 	if ((c->sslcredentials =
 	     StrDup(parserConfigDefault->sslcredentials)) == (char *)0)
 	    OutOfMem();
    }
    if (parserConfigDefault->sslrequired != FLAGUNKNOWN)
 	c->sslrequired = parserConfigDefault->sslrequired;
    if (parserConfigDefault->sslenabled != FLAGUNKNOWN)
 	c->sslenabled = parserConfigDefault->sslenabled;
 #endif
 }
 void
 #if PROTOTYPES
 ConfigBegin(char *id)
 #else
 ConfigBegin(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigBegin(%s) [%s:%d]", id, file, line));
    if (id == (char *)0 || id[0] == '\000') {
 	Error("empty config name [%s:%d]", file, line);
 	return;
    }
    if (parserConfigTemp != (CONFIG *)0)
 	DestroyConfig(parserConfigTemp);
    if ((parserConfigTemp = (CONFIG *)calloc(1, sizeof(CONFIG)))
 	== (CONFIG *)0)
 	OutOfMem();
    ApplyConfigDefault(parserConfigTemp);
    parserConfigTemp->name = AllocString();
    BuildString(id, parserConfigTemp->name);
 }
 void
 #if PROTOTYPES
 ConfigEnd(void)
 #else
 ConfigEnd()
 #endif
 {
    CONDDEBUG((1, "ConfigEnd() [%s:%d]", file, line));
    if (parserConfigTemp == (CONFIG *)0)
 	return;
    if (parserConfigTemp->name->used > 1) {
 	if ((parserConfigTemp->name->string[0] == '*' &&
 	     parserConfigTemp->name->string[1] == '\000') ||
 	    IsMe(parserConfigTemp->name->string)) {
 	    DestroyConfig(parserConfigDefault);
 	    parserConfigDefault = parserConfigTemp;
 	    parserConfigTemp = (CONFIG *)0;
 	}
    }
    DestroyConfig(parserConfigTemp);
    parserConfigTemp = (CONFIG *)0;
 }
 void
 #if PROTOTYPES
 ConfigAbort(void)
 #else
 ConfigAbort()
 #endif
 {
    CONDDEBUG((1, "ConfigAbort() [%s:%d]", file, line));
    if (parserConfigTemp == (CONFIG *)0)
 	return;
    DestroyConfig(parserConfigTemp);
    parserConfigTemp = (CONFIG *)0;
 }
 void
 #if PROTOTYPES
 ConfigDestroy(void)
 #else
 ConfigDestroy()
 #endif
 {
    CONDDEBUG((1, "ConfigDestroy() [%s:%d]", file, line));
    if (parserConfigTemp != (CONFIG *)0) {
 	DestroyConfig(parserConfigTemp);
 	parserConfigTemp = (CONFIG *)0;
    }
    if (parserConfigDefault != (CONFIG *)0) {
 	DestroyConfig(pConfig);
 	pConfig = parserConfigDefault;
 	parserConfigDefault = (CONFIG *)0;
    }
 }
 void
 #if PROTOTYPES
 DestroyTerminal(TERM *t)
 #else
 DestroyTerminal(t)
    TERM *t;
 #endif
 {
    if (t == (TERM *)0)
 	return;
    if (t->attach != (char *)0)
 	free(t->attach);
    if (t->attachsubst != (char *)0)
 	free(t->attachsubst);
    if (t->detach != (char *)0)
 	free(t->detach);
    if (t->detachsubst != (char *)0)
 	free(t->detachsubst);
    free(t);
 }
 void
 #if PROTOTYPES
 ApplyTermDefault(TERM *t)
 #else
 ApplyTermDefault(t)
    TERM *t;
 #endif
 {
    if (parserTermDefault == (TERM *)0)
 	return;
    if (parserTermDefault->attach != (char *)0) {
 	if (t->attach != (char *)0)
 	    free(t->attach);
 	if ((t->attach = StrDup(parserTermDefault->attach)) == (char *)0)
 	    OutOfMem();
    }
    if (parserTermDefault->attachsubst != (char *)0) {
 	if (t->attachsubst != (char *)0)
 	    free(t->attachsubst);
 	if ((t->attachsubst =
 	     StrDup(parserTermDefault->attachsubst)) == (char *)0)
 	    OutOfMem();
    }
    if (parserTermDefault->detach != (char *)0) {
 	if (t->detach != (char *)0)
 	    free(t->detach);
 	if ((t->detach = StrDup(parserTermDefault->detach)) == (char *)0)
 	    OutOfMem();
    }
    if (parserTermDefault->detachsubst != (char *)0) {
 	if (t->detachsubst != (char *)0)
 	    free(t->detachsubst);
 	if ((t->detachsubst =
 	     StrDup(parserTermDefault->detachsubst)) == (char *)0)
 	    OutOfMem();
    }
 }
 void
 #if PROTOTYPES
 TerminalBegin(char *id)
 #else
 TerminalBegin(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "TerminalBegin(%s) [%s:%d]", id, file, line));
    if (id == (char *)0 || id[0] == '\000') {
 	Error("empty terminal name [%s:%d]", file, line);
 	return;
    }
    if (parserTermTemp != (TERM *)0)
 	DestroyTerminal(parserTermTemp);
    if ((parserTermTemp = (TERM *)calloc(1, sizeof(TERM)))
 	== (TERM *)0)
 	OutOfMem();
    ApplyTermDefault(parserTermTemp);
    parserTermTemp->name = AllocString();
    BuildString(id, parserTermTemp->name);
 }
 void
 #if PROTOTYPES
 TerminalEnd(void)
 #else
 TerminalEnd()
 #endif
 {
    static char *term = (char *)0;
    CONDDEBUG((1, "TerminalEnd() [%s:%d]", file, line));
    if (parserTermTemp == (TERM *)0)
 	return;
    if (term == (char *)0) {
 	if ((term = getenv("TERM")) == (char *)0) {
 	    term = "";
 	}
    }
    if (parserTermTemp->name->used > 1) {
 	if ((parserTermTemp->name->string[0] == '*' &&
 	     parserTermTemp->name->string[1] == '\000') ||
 	    strcmp(parserTermTemp->name->string, term) == 0) {
 	    DestroyTerminal(parserTermDefault);
 	    parserTermDefault = parserTermTemp;
 	    parserTermTemp = (TERM *)0;
 	}
    }
    DestroyTerminal(parserTermTemp);
    parserTermTemp = (TERM *)0;
 }
 void
 #if PROTOTYPES
 TerminalAbort(void)
 #else
 TerminalAbort()
 #endif
 {
    CONDDEBUG((1, "TerminalAbort() [%s:%d]", file, line));
    if (parserTermTemp == (TERM *)0)
 	return;
    DestroyTerminal(parserTermTemp);
    parserTermTemp = (TERM *)0;
 }
 void
 #if PROTOTYPES
 TerminalDestroy(void)
 #else
 TerminalDestroy()
 #endif
 {
    CONDDEBUG((1, "TerminalDestroy() [%s:%d]", file, line));
    if (parserTermTemp != (TERM *)0) {
 	DestroyTerminal(parserTermTemp);
 	parserTermTemp = (TERM *)0;
    }
    if (parserTermDefault != (TERM *)0) {
 	DestroyTerminal(pTerm);
 	pTerm = parserTermDefault;
 	parserTermDefault = (TERM *)0;
    }
 }
 void
 #if PROTOTYPES
 ProcessYesNo(char *id, FLAG *flag)
 #else
 ProcessYesNo(id, flag)
    char *id;
    FLAG *flag;
 #endif
 {
    if (id == (char *)0 || id[0] == '\000')
 	*flag = FLAGFALSE;
    else if (strcasecmp("yes", id) == 0 || strcasecmp("true", id) == 0 ||
 	     strcasecmp("on", id) == 0)
 	*flag = FLAGTRUE;
    else if (strcasecmp("no", id) == 0 || strcasecmp("false", id) == 0 ||
 	     strcasecmp("off", id) == 0)
 	*flag = FLAGFALSE;
 }
 void
 #if PROTOTYPES
 ConfigItemEscape(char *id)
 #else
 ConfigItemEscape(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigItemEscape(%s) [%s:%d]", id, file, line));
    if (parserConfigTemp->escape != (char *)0)
 	free(parserConfigTemp->escape);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->escape = (char *)0;
 	return;
    }
    if ((parserConfigTemp->escape = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 #if PROTOTYPES
 ConfigItemMaster(char *id)
 #else
 ConfigItemMaster(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigItemMaster(%s) [%s:%d]", id, file, line));
    if (parserConfigTemp->master != (char *)0)
 	free(parserConfigTemp->master);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->master = (char *)0;
 	return;
    }
    if ((parserConfigTemp->master = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 #if PROTOTYPES
 ConfigItemPort(char *id)
 #else
 ConfigItemPort(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigItemPort(%s) [%s:%d]", id, file, line));
    if (parserConfigTemp->port != (char *)0)
 	free(parserConfigTemp->port);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->port = (char *)0;
 	return;
    }
    if ((parserConfigTemp->port = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 #if PROTOTYPES
 ConfigItemSslcredentials(char *id)
 #else
 ConfigItemSslcredentials(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigItemSslcredentials(%s) [%s:%d]", id, file, line));
 #if HAVE_OPENSSL
    if (parserConfigTemp->sslcredentials != (char *)0)
 	free(parserConfigTemp->sslcredentials);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->sslcredentials = (char *)0;
 	return;
    }
    if ((parserConfigTemp->sslcredentials = StrDup(id)) == (char *)0)
 	OutOfMem();
 #else
    Error
 	("sslcredentials ignored - encryption not compiled into code [%s:%d]",
 	 file, line);
 #endif
 }
 void
 #if PROTOTYPES
 ConfigItemSslrequired(char *id)
 #else
 ConfigItemSslrequired(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigItemSslrequired(%s) [%s:%d]", id, file, line));
 #if HAVE_OPENSSL
    ProcessYesNo(id, &(parserConfigTemp->sslrequired));
 #else
    Error
 	("sslrequired ignored - encryption not compiled into code [%s:%d]",
 	 file, line);
 #endif
 }
 void
 #if PROTOTYPES
 ConfigItemSslenabled(char *id)
 #else
 ConfigItemSslenabled(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigItemSslenabled(%s) [%s:%d]", id, file, line));
 #if HAVE_OPENSSL
    ProcessYesNo(id, &(parserConfigTemp->sslenabled));
 #else
    Error("sslenabled ignored - encryption not compiled into code [%s:%d]",
 	  file, line);
 #endif
 }
 void
 #if PROTOTYPES
 ConfigItemStriphigh(char *id)
 #else
 ConfigItemStriphigh(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigItemStriphigh(%s) [%s:%d]", id, file, line));
    ProcessYesNo(id, &(parserConfigTemp->striphigh));
 }
 void
 #if PROTOTYPES
 ConfigItemUsername(char *id)
 #else
 ConfigItemUsername(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "ConfigItemUsername(%s) [%s:%d]", id, file, line));
    if (parserConfigTemp->username != (char *)0)
 	free(parserConfigTemp->username);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserConfigTemp->username = (char *)0;
 	return;
    }
    if ((parserConfigTemp->username = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 SUBST *substData = (SUBST *) 0;
 int
 #if PROTOTYPES
 SubstCallback(char c, char **s, int *i)
 #else
 SubstCallback(c, s, i)
    char c;
    char **s;
    int *i;
 #endif
 {
    int retval = 0;
    if (substData == (SUBST *) 0) {
 	if ((substData =
 	     (SUBST *) calloc(1, sizeof(SUBST))) == (SUBST *) 0)
 	    OutOfMem();
 	substData->callback = &SubstCallback;
 	substData->tokens['u'] = ISSTRING;
 	substData->tokens['c'] = ISSTRING;
    }
    if (s != (char **)0) {
 	CONFIG *pc;
 	if (substData->data == (void *)0)
 	    return 0;
 	pc = (CONFIG *)(substData->data);
 	if (c == 'u') {
 	    (*s) = pc->username;
 	    retval = 1;
 	} else if (c == 'c') {
 	    (*s) = pc->console;
 	    retval = 1;
 	}
    }
    return retval;
 }
 void
 #if PROTOTYPES
 TerminalItemAttach(char *id)
 #else
 TerminalItemAttach(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "TerminalItemAttach(%s) [%s:%d]", id, file, line));
    if (parserTermTemp->attach != (char *)0)
 	free(parserTermTemp->attach);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserTermTemp->attach = (char *)0;
 	return;
    }
    if ((parserTermTemp->attach = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 #if PROTOTYPES
 TerminalItemAttachsubst(char *id)
 #else
 TerminalItemAttachsubst(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "TerminalItemAttachsubst(%s) [%s:%d]", id, file, line));
    ProcessSubst(substData, (char **)0, &(parserTermTemp->attachsubst),
 		 "attachsubst", id);
 }
 void
 #if PROTOTYPES
 TerminalItemDetach(char *id)
 #else
 TerminalItemDetach(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "TerminalItemDetach(%s) [%s:%d]", id, file, line));
    if (parserTermTemp->detach != (char *)0)
 	free(parserTermTemp->detach);
    if ((id == (char *)0) || (*id == '\000')) {
 	parserTermTemp->detach = (char *)0;
 	return;
    }
    if ((parserTermTemp->detach = StrDup(id)) == (char *)0)
 	OutOfMem();
 }
 void
 #if PROTOTYPES
 TerminalItemDetachsubst(char *id)
 #else
 TerminalItemDetachsubst(id)
    char *id;
 #endif
 {
    CONDDEBUG((1, "TerminalItemDetachsubst(%s) [%s:%d]", id, file, line));
    ProcessSubst(substData, (char **)0, &(parserTermTemp->detachsubst),
 		 "detachsubst", id);
 }
 ITEM keyConfig[] = {
    {"escape", ConfigItemEscape},
    {"master", ConfigItemMaster},
    {"port", ConfigItemPort},
    {"sslcredentials", ConfigItemSslcredentials},
    {"sslrequired", ConfigItemSslrequired},
    {"sslenabled", ConfigItemSslenabled},
    {"striphigh", ConfigItemStriphigh},
    {"username", ConfigItemUsername},
    {(char *)0, (void *)0}
 };
 ITEM keyTerminal[] = {
    {"attach", TerminalItemAttach},
    {"attachsubst", TerminalItemAttachsubst},
    {"detach", TerminalItemDetach},
    {"detachsubst", TerminalItemDetachsubst},
    {(char *)0, (void *)0}
 };
 SECTION sections[] = {
    {"config", ConfigBegin, ConfigEnd, ConfigAbort, ConfigDestroy,
     keyConfig},
    {"terminal", TerminalBegin, TerminalEnd, TerminalAbort,
     TerminalDestroy, keyTerminal},
    {(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
 };
 void
 #if PROTOTYPES
 ReadConf(char *filename, FLAG verbose)
 #else
 ReadConf(filename, verbose)
    char *filename;
    FLAG verbose;
 #endif
 {
    FILE *fp;
    if ((FILE *)0 == (fp = fopen(filename, "r"))) {
 	if (verbose == FLAGTRUE)
 	    Error("could not open `%s'", filename);
 	return;
    }
    /* initialize the substition bits */
    SubstCallback('\000', (char **)0, (int *)0);
    parserConfigDefault = pConfig;
    pConfig = (CONFIG *)0;
    parserTermDefault = pTerm;
    pTerm = (TERM *)0;
    ParseFile(filename, fp, 0);
    /* shouldn't really happen, but in case i screw up the stuff
     * ParseFile calls...
     */
    if (pConfig == (CONFIG *)0) {
 	if ((pConfig = (CONFIG *)calloc(1, sizeof(CONFIG)))
 	    == (CONFIG *)0)
 	    OutOfMem();
    }
    if (pTerm == (TERM *)0) {
 	if ((pTerm = (TERM *)calloc(1, sizeof(TERM)))
 	    == (TERM *)0)
 	    OutOfMem();
    }
    if (fDebug) {
 #define EMPTYSTR(x) x == (char *)0 ? "(null)" : x
 #define FLAGSTR(x) x == FLAGTRUE ? "true" : (x == FLAGFALSE ? "false" : "unset")
 	CONDDEBUG((1, "pConfig->username = %s",
 		   EMPTYSTR(pConfig->username)));
 	CONDDEBUG((1, "pConfig->master = %s", EMPTYSTR(pConfig->master)));
 	CONDDEBUG((1, "pConfig->port = %s", EMPTYSTR(pConfig->port)));
 	CONDDEBUG((1, "pConfig->escape = %s", EMPTYSTR(pConfig->escape)));
 	CONDDEBUG((1, "pConfig->striphigh = %s",
 		   FLAGSTR(pConfig->striphigh)));
 #if HAVE_OPENSSL
 	CONDDEBUG((1, "pConfig->sslcredentials = %s",
 		   EMPTYSTR(pConfig->sslcredentials)));
 	CONDDEBUG((1, "pConfig->sslrequired = %s",
 		   FLAGSTR(pConfig->sslrequired)));
 	CONDDEBUG((1, "pConfig->sslenabled = %s",
 		   FLAGSTR(pConfig->sslenabled)));
 #endif
 	CONDDEBUG((1, "pTerm->attach = %s", EMPTYSTR(pTerm->attach)));
 	CONDDEBUG((1, "pTerm->attachsubst = %s",
 		   EMPTYSTR(pTerm->attachsubst)));
 	CONDDEBUG((1, "pTerm->detach = %s", EMPTYSTR(pTerm->detach)));
 	CONDDEBUG((1, "pTerm->detachsubst = %s",
 		   EMPTYSTR(pTerm->detachsubst)));
    }
    fclose(fp);
 }
--- a/console/readconf.h
+++ b/console/readconf.h
@ -0,0 +1,38 @@
 /*
 *  $Id: readconf.h,v 5.3 2004/05/25 23:03:25 bryan Exp $
 *
 *  Copyright conserver.com, 2000
 *
 *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
 */
 typedef struct config {
    STRING *name;
    char *console;
    char *username;
    char *master;
    char *port;
    char *escape;
    FLAG striphigh;
 #if HAVE_OPENSSL
    char *sslcredentials;
    FLAG sslrequired;
    FLAG sslenabled;
 #endif
 } CONFIG;
 typedef struct term {
    STRING *name;
    char *attach;
    char *attachsubst;
    char *detach;
    char *detachsubst;
 } TERM;
 extern CONFIG *pConfig;
 extern TERM *pTerm;
 extern SUBST *substData;
 extern void ReadConf PARAMS((char *, FLAG));
 extern void DestroyConfig PARAMS((CONFIG *));
 extern void DestroyTerminal PARAMS((TERM *));
--- a/contrib/chat/chat.c
+++ b/contrib/chat/chat.c
@ -88,15 +88,6 @@
 #define const
 #endif
 #include <sys/cdefs.h>
 #ifndef __NetBSD__
 #if 1
 static const char rcsid[] = "Id: chat.c,v 1.26 1999/12/23 01:39:54 paulus Exp ";
 #else
 __RCSID("$NetBSD: chat.c,v 1.25 2001/09/24 13:22:38 wiz Exp $");
 #endif
 #endif
 #include <stdio.h>
 #include <ctype.h>
 #include <time.h>
--- a/contrib/redhat-rpm/conserver.spec
+++ b/contrib/redhat-rpm/conserver.spec
@ -4,7 +4,7 @@
 #
 %define pkg  conserver
-%define ver  8.0.6
+%define ver  8.1.7
 # define the name of the machine on which the main conserver
 # daemon will be running if you don't want to use the default
--- a/contrib/solaris-package/pkginfo
+++ b/contrib/solaris-package/pkginfo
@ -1,7 +1,7 @@
 PKG="conserver"
 NAME="Console server and client"
 CATEGORY="system"
-VERSION="8.0.6"
+VERSION="8.1.7"
 DESC="Console server and client"
 CLASSES=none
 ARCH=sparc
--- a/test/dotest
+++ b/test/dotest
@ -14,6 +14,7 @@ cleanup()
 	[ "$i" != "conserver.log" ] && [ -f "$i" ] && rm -f "$i";
    done
    [ "$exitval" = 0 ] && rm -f conserver.log
    [ -d 127.0.0.1 ] && sleep 1 && rm -rf 127.0.0.1
    exit $exitval
 }
@ -25,7 +26,7 @@ dotest()
 	eval "$2" > test.out 2>&1
    else
 	echo "$1" | \
-	    ../console/console -M 127.0.0.1 -p 7777 shell > test.out 2>&1
+	    ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 shell > test.out 2>&1
    fi
    if [ "$record" ]; then
 	echo "recorded"
@ -72,7 +73,7 @@ sleep 3
 [ ! -d results ] && mkdir results
-dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
 dotest 'c?c.'
 dotest 'cl?c.'
 dotest 'cdc.'
@ -84,14 +85,14 @@ cp test2.cf c.cf
 kill -1 $pid
 sleep 3
-dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
 dotest 'c?c.'
 dotest 'cl?c.'
 dotest 'cdc.'
 dotest 'coc.'
-dotest EVAL "echo 'tu.' | ../console/console -M 127.0.0.1 -p 7777 -e 'tu' shell"
+dotest EVAL "echo 'tu.' | ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -e 'tu' shell"
-dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -P | sed -e 's/:.*//'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -R | sed -e 's/ [^ ]*$//'"
-dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
 cleanup
--- a/test/results/test12
+++ b/test/results/test12
@ -1 +1 @@
-127.0.0.1
+version `conserver.com version
--- a/test/results/test2
+++ b/test/results/test2
@ -1,17 +1,18 @@
 [Enter `^Ec?' for help]
 [help]
- .    disconnect                        a    attach read/write
+ .    disconnect                        ;    move to another console
- b    send broadcast message            c    toggle flow control
+ a    attach read/write                 b    send broadcast message
- d    down a console                    e    change escape sequence
+ c    toggle flow control               d    down a console
- f    force attach read/write           g    group info
+ e    change escape sequence            f    force attach read/write
- i    information dump                  L    toggle logging on/off
+ g    group info                        i    information dump
- l?   break sequence list               l0   send break per config file
+ L    toggle logging on/off             l?   break sequence list
- l1-9 send specific break sequence      m    display the message of the day
+ l0   send break per config file        l1-9 send specific break sequence
- o    (re)open the tty and log file     p    replay the last 60 lines
+ m    display the message of the day    o    (re)open the tty and log file
- r    replay the last 20 lines          s    spy read only
+ p    replay the last 60 lines          r    replay the last 20 lines
- u    show host status                  v    show version info
+ s    spy read only                     u    show host status
- w    who is on this console            x    show console baud info
+ v    show version info                 w    who is on this console
- z    suspend the connection            <cr> ignore/abort command
+ x    show console baud info            z    suspend the connection
- ?    print this message                ^R   replay the last line
+ |    attach local command              ?    print this message
 <cr> ignore/abort command              ^R   replay the last line
 \ooo send character by octal code
 [disconnect]
--- a/test/results/test7
+++ b/test/results/test7
@ -1,17 +1,18 @@
 [Enter `^Ec?' for help]
 [help]
- .    disconnect                        a    attach read/write
+ .    disconnect                        ;    move to another console
- b    send broadcast message            c    toggle flow control
+ a    attach read/write                 b    send broadcast message
- d    down a console                    e    change escape sequence
+ c    toggle flow control               d    down a console
- f    force attach read/write           g    group info
+ e    change escape sequence            f    force attach read/write
- i    information dump                  L    toggle logging on/off
+ g    group info                        i    information dump
- l?   break sequence list               l0   send break per config file
+ L    toggle logging on/off             l?   break sequence list
- l1-9 send specific break sequence      m    display the message of the day
+ l0   send break per config file        l1-9 send specific break sequence
- o    (re)open the tty and log file     p    replay the last 60 lines
+ m    display the message of the day    o    (re)open the tty and log file
- r    replay the last 20 lines          s    spy read only
+ p    replay the last 60 lines          r    replay the last 20 lines
- u    show host status                  v    show version info
+ s    spy read only                     u    show host status
- w    who is on this console            x    show console baud info
+ v    show version info                 w    who is on this console
- z    suspend the connection            <cr> ignore/abort command
+ x    show console baud info            z    suspend the connection
- ?    print this message                ^R   replay the last line
+ |    attach local command              ?    print this message
 <cr> ignore/abort command              ^R   replay the last line
 \ooo send character by octal code
 [disconnect]
Author	SHA1	Message	Date
Bryan Stansell	c0f8de9c24	Imported from conserver-8.1.7.tar.gz	2004-05-28 11:03:33 -07:00
Bryan Stansell	cf461c7ce8	Imported from conserver-8.1.6.tar.gz	2004-05-25 17:41:29 -07:00
Bryan Stansell	5c430d220b	Imported from conserver-8.1.5.tar.gz	2004-05-07 09:05:25 -07:00
Bryan Stansell	8cd506c093	Imported from conserver-8.1.4.tar.gz	2004-04-13 13:30:28 -07:00
Bryan Stansell	29b909ee59	Imported from conserver-8.1.3.tar.gz	2004-03-22 17:14:45 -08:00
Bryan Stansell	aea0e2a547	Imported from conserver-8.1.2.tar.gz	2004-03-11 09:54:13 -08:00
Bryan Stansell	9eed9f2d8f	Imported from conserver-8.1.1.tar.gz	2004-02-10 07:26:45 -08:00
Bryan Stansell	25a4dcb0fd	Imported from conserver-8.1.0.tar.gz	2004-01-18 09:31:24 -08:00
Bryan Stansell	75cfd02f7a	Imported from conserver-8.0.9.tar.gz	2003-12-10 10:37:48 -08:00
Bryan Stansell	ad7a90dd69	Imported from conserver-8.0.8.tar.gz	2003-12-02 08:40:59 -08:00
Bryan Stansell	691c3102c9	Imported from conserver-8.0.7.tar.gz	2003-11-20 06:49:09 -08:00