ExternalVendorCode/conserver
1
0
Fork 0
mirror of https://github.com/bstansell/conserver.git synced 2025-06-24 09:46:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: ExternalVendorCode:v8.1.17
Branches Tags
ExternalVendorCode:master ExternalVendorCode:cirrus-freebsd-fix
ExternalVendorCode:v8.2.7 ExternalVendorCode:v8.2.6 ExternalVendorCode:v8.2.5 ExternalVendorCode:v8.2.4 ExternalVendorCode:v8.2.3 ExternalVendorCode:v8.2.2 ExternalVendorCode:v8.2.1 ExternalVendorCode:v8.2.0 ExternalVendorCode:v8.1.20 ExternalVendorCode:v8.1.19 ExternalVendorCode:v8.1.18 ExternalVendorCode:v8.1.17 ExternalVendorCode:v8.1.16 ExternalVendorCode:v8.1.15 ExternalVendorCode:v8.1.14 ExternalVendorCode:v8.1.13 ExternalVendorCode:v8.1.12 ExternalVendorCode:v8.1.11 ExternalVendorCode:v8.1.10 ExternalVendorCode:v8.1.9 ExternalVendorCode:v8.1.8 ExternalVendorCode:v8.1.7 ExternalVendorCode:v8.1.6 ExternalVendorCode:v8.1.5 ExternalVendorCode:v8.1.4 ExternalVendorCode:v8.1.3 ExternalVendorCode:v8.1.2 ExternalVendorCode:v8.1.1 ExternalVendorCode:v8.1.0 ExternalVendorCode:v8.0.9 ExternalVendorCode:v8.0.8 ExternalVendorCode:v8.0.7 ExternalVendorCode:v8.0.6 ExternalVendorCode:v8.0.5 ExternalVendorCode:v8.0.4 ExternalVendorCode:v8.0.3 ExternalVendorCode:v8.0.2 ExternalVendorCode:v8.0.1 ExternalVendorCode:v8.0.0 ExternalVendorCode:v7.2.7 ExternalVendorCode:v7.2.6 ExternalVendorCode:v7.2.5 ExternalVendorCode:v7.2.4 ExternalVendorCode:v7.2.3 ExternalVendorCode:v7.2.2 ExternalVendorCode:v7.2.1 ExternalVendorCode:v7.2.0 ExternalVendorCode:v7.1.4 ExternalVendorCode:v7.1.3 ExternalVendorCode:v7.1.2 ExternalVendorCode:v7.1.1 ExternalVendorCode:v7.1.0 ExternalVendorCode:v7.0.3 ExternalVendorCode:v7.0.2 ExternalVendorCode:v7.0.1 ExternalVendorCode:v7.0.0 ExternalVendorCode:v6.1.7 ExternalVendorCode:vGNAC-6.16 ExternalVendorCode:vGNAC-6.15 ExternalVendorCode:vGNAC-6.14 ExternalVendorCode:vGNAC-6.13 ExternalVendorCode:vGNAC-6.12 ExternalVendorCode:vGNAC-6.11 ExternalVendorCode:vGNAC-6.10 ExternalVendorCode:vGNAC-6.09 ExternalVendorCode:vGNAC-6.08 ExternalVendorCode:vGNAC-6.07 ExternalVendorCode:vGNAC-6.06 ExternalVendorCode:vGNAC-6.05
..
compare: ExternalVendorCode:v8.2.1
Branches Tags
ExternalVendorCode:master ExternalVendorCode:cirrus-freebsd-fix
ExternalVendorCode:v8.2.7 ExternalVendorCode:v8.2.6 ExternalVendorCode:v8.2.5 ExternalVendorCode:v8.2.4 ExternalVendorCode:v8.2.3 ExternalVendorCode:v8.2.2 ExternalVendorCode:v8.2.1 ExternalVendorCode:v8.2.0 ExternalVendorCode:v8.1.20 ExternalVendorCode:v8.1.19 ExternalVendorCode:v8.1.18 ExternalVendorCode:v8.1.17 ExternalVendorCode:v8.1.16 ExternalVendorCode:v8.1.15 ExternalVendorCode:v8.1.14 ExternalVendorCode:v8.1.13 ExternalVendorCode:v8.1.12 ExternalVendorCode:v8.1.11 ExternalVendorCode:v8.1.10 ExternalVendorCode:v8.1.9 ExternalVendorCode:v8.1.8 ExternalVendorCode:v8.1.7 ExternalVendorCode:v8.1.6 ExternalVendorCode:v8.1.5 ExternalVendorCode:v8.1.4 ExternalVendorCode:v8.1.3 ExternalVendorCode:v8.1.2 ExternalVendorCode:v8.1.1 ExternalVendorCode:v8.1.0 ExternalVendorCode:v8.0.9 ExternalVendorCode:v8.0.8 ExternalVendorCode:v8.0.7 ExternalVendorCode:v8.0.6 ExternalVendorCode:v8.0.5 ExternalVendorCode:v8.0.4 ExternalVendorCode:v8.0.3 ExternalVendorCode:v8.0.2 ExternalVendorCode:v8.0.1 ExternalVendorCode:v8.0.0 ExternalVendorCode:v7.2.7 ExternalVendorCode:v7.2.6 ExternalVendorCode:v7.2.5 ExternalVendorCode:v7.2.4 ExternalVendorCode:v7.2.3 ExternalVendorCode:v7.2.2 ExternalVendorCode:v7.2.1 ExternalVendorCode:v7.2.0 ExternalVendorCode:v7.1.4 ExternalVendorCode:v7.1.3 ExternalVendorCode:v7.1.2 ExternalVendorCode:v7.1.1 ExternalVendorCode:v7.1.0 ExternalVendorCode:v7.0.3 ExternalVendorCode:v7.0.2 ExternalVendorCode:v7.0.1 ExternalVendorCode:v7.0.0 ExternalVendorCode:v6.1.7 ExternalVendorCode:vGNAC-6.16 ExternalVendorCode:vGNAC-6.15 ExternalVendorCode:vGNAC-6.14 ExternalVendorCode:vGNAC-6.13 ExternalVendorCode:vGNAC-6.12 ExternalVendorCode:vGNAC-6.11 ExternalVendorCode:vGNAC-6.10 ExternalVendorCode:vGNAC-6.09 ExternalVendorCode:vGNAC-6.08 ExternalVendorCode:vGNAC-6.07 ExternalVendorCode:vGNAC-6.06 ExternalVendorCode:vGNAC-6.05

5 Commits
v8.1.17 ... v8.2.1

Author SHA1 Message Date
Bryan Stansell
4039e65b31 Imported from conserver-8.2.1.tar.gz 2015-06-02 10:34:09 -07:00
Bryan Stansell
8534a21cef Imported from conserver-8.2.0.tar.gz 2014-04-20 21:47:40 -07:00
Bryan Stansell
484806e667 Imported from conserver-8.1.20.tar.gz 2014-04-04 09:30:53 -07:00
Bryan Stansell
b94c8967bf Imported from conserver-8.1.19.tar.gz 2013-09-26 11:07:01 -07:00
Bryan Stansell
64a2a77266 Imported from conserver-8.1.18.tar.gz 2010-11-11 14:53:37 -08:00
50 changed files with 6695 additions and 9343 deletions
Expand all files Collapse all files

68
CHANGES
View File

@ -1,6 +1,72 @@
CHANGES
=======
version 8.2.1 (Jun 2, 2015):
- added TCP keepalives between client and server - TCP-based consoles
already had the code - this was mostly an oversight
- patch for SEGV and task execution - patch by Artem Savkov
<asavkov@redhat.com>
- expanded break sequences from [1-9] to [1-9a-z] - based on patch by
Artem Savkov <asavkov@redhat.com>
version 8.2.0 (Apr 20, 2014):
- added --with-trust-uds-cred which uses getsockopt() to fetch and
trust the client uid, bypassing password lookups - patch by Anton
Lundin <glance@acc.umu.se>
- missing closedir() causing memory leak - patch by Anton Lundin
<glance@acc.umu.se>
- sending a break signal over IPMI was broken - based on patch by
Alexander Y. Fomichev <git.user@gmail.com>
- IPv6 support (marked as experimental at this point because it's
untested (except by the author), there's a lack of documentation, and
I'm hoping for non-getifaddrs() system support) - patch by Milos
Vyletel <milos.vyletel@gmail.com>
- no more K&R compiler support
version 8.1.20 (Apr 4, 2014):
- IPMI serial over LAN support via FreeIPMI - based on patch by Anton
D. Kachalov <mouse@yandex-team.ru>
- minor cleanup of code, removal of gcc warnings and such that should
have no fuctional change
version 8.1.19 (Sep 26, 2013):
- prevent select/read loop when EOF on non-pty input (console) -
reported by Chris Marget <chris@marget.com>
- "!" syntax prefixing use of group names not honored - reported by
Zonker <consoleteam@gmail.com>
- fixed memory leak using timestamps - patch by Karvendhan M.
<Karvendhan.M@netapp.com>
- deprecated --with-cycladests (noop now) - cross-compilation should
work without it as autologin now expects setpgrp() to take two
arugments instead of testing for it
- no automatic checks for an empty password when using PAM
authentication - based on discussion with Ryan Kirkpatrick
<linux@rkirkpat.net>
- added 'sslcacertificatefile' and 'sslcacertificatepath' client
configuration options - based on patch by Aki Tuomi <cmouse@cmouse.fi>
- added 'sslcacertificatefile' and 'sslreqclientcert' server
configuration options
- added --with-req-server-cert to force clients to require a certificate
from the server when using SSL - based on emails with Thor Simon
<tls@coyotepoint.com>
- added server-side tasks (see conserver.cf man page) that are invoked
by the client (useful for things like IPMI-based power control of
servers, invoking resets of terminal server ports, or anything else
that requires scripting) - ideas from patch by Anton Lundin
<glance@acc.umu.se> and discussion on mailing list (2011)
- added 'confirm' option to break sequences
- added 'breaklist' option to limit exposure of break sequences to
consoles
- sending of break signals is now announced to all attached clients
version 8.1.18 (Nov 11, 2010):
- install man pages read-only and improved the contributed redhat init
script - patches by Eric Biederman <ebiederm@aristanetworks.com>
- spec file improvements in contrib/redhat-rpm - patch by Jodok Ole
Muellers <jodok.muellers@aschendorff.de>
- GSS-API patch for client code - patch by Andras Horvath
<Andras.Horvath@cern.ch>
version 8.1.17 (Sep 29, 2009):
- fix for interface detection when HAVE_SA_LEN is defined - first
detected on NetBSD 5.0 and patched by Chris Ross
@ -894,5 +960,5 @@ before version 6.05:
and enhancements of various types were applied.
#
# $Id: CHANGES,v 1.222 2009/09/29 06:24:53 bryan Exp $
# $Id: CHANGES,v 1.251 2015/06/02 17:33:29 bryan Exp $
#

17
INSTALL
View File

@ -156,8 +156,9 @@ Detailed Instructions
--with-port=PORT Specify port number [conserver]
--with-base=PORT Base port for secondary channel [0]
--with-master=MASTER Specify master server hostname [console]
--with-cffile=CFFILE Specify config filename
[SYSCONFDIR/conserver.cf]
--with-ccffile=CFFILE Specify client config filename
[SYSCONFDIR/console.cf]
--with-cffile=CFFILE Specify config filename [SYSCONFDIR/conserver.cf]
--with-pwdfile=PWDFILE Specify password filename
[SYSCONFDIR/conserver.passwd]
--with-logfile=LOGFILE Specify log filename [/var/log/conserver]
@ -166,12 +167,22 @@ Detailed Instructions
--with-timeout=TIMEOUT Specify connect() timeout in seconds [10]
--with-trustrevdns Trust reverse DNS information
--with-extmsgs Produce extended messages
--with-rpath Use -R as well as -L for libraries
--with-cycladests (deprecated - noop) Build for a Cyclades TS
--with-uds[=DIR] Use Unix domain sockets for client/server
communication [/tmp/conserver]
--with-trust-uds-cred Trust UDS credentials obtained via socket
--with-libwrap[=PATH] Compile in libwrap (tcp_wrappers) support
--with-openssl[=PATH] Compile in OpenSSL support
--with-req-server-cert Require server SSL certificate by client
--with-gssapi[=PATH] Compile in GSS-API support
--with-striprealm retry username without @REALM with gss-api
authentication
--with-freeipmi[=PATH] Compile in FreeIPMI support
--with-dmalloc[=PATH] Compile in dmalloc support
--with-pam Enable PAM support
--with-ipv6 (experimental) Use IPv6 for client/server
communication
Not surprisingly, some match the old conserver/cons.h items...here
they are for reference:
@ -278,5 +289,5 @@ Other Information And Gotchas
#
# $Id: INSTALL,v 1.39 2005/05/21 13:47:16 bryan Exp $
# $Id: INSTALL,v 1.41 2014/04/20 06:45:07 bryan Exp $
#

1
Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = @bindir@

1
autologin/Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
prefix = @prefix@

797
autologin/autologin.c
View File

@ -34,13 +34,13 @@
* to change the /etc/security/audit_event line.
*/
#define AUE_autologin 32900
# define AUE_autologin 32900
#include <sys/unistd.h>
#include <netdb.h>
#include <bsm/audit.h>
#include <bsm/libbsm.h>
#include <libintl.h>
# include <sys/unistd.h>
# include <netdb.h>
# include <bsm/audit.h>
# include <bsm/libbsm.h>
# include <libintl.h>
#endif
#include <compat.h>
@ -69,11 +69,11 @@
*/
#ifndef lint
char *rcsid = "$Id: autologin.c,v 1.25 2006/04/10 01:50:16 bryan Exp $";
#endif /* not lint */
extern char *progname;
gid_t awGrps[NGROUPS_MAX];
int iGrps = 0;
char *rcsid = "$Id: autologin.c,v 1.28 2014/04/20 06:45:07 bryan Exp $";
#endif /* not lint */
extern char *progname;
gid_t awGrps[NGROUPS_MAX];
int iGrps = 0;
/*
* External variables
@ -82,436 +82,435 @@ int iGrps = 0;
extern int optind;
extern char *optarg;
void make_utmp();
void usage();
void make_utmp();
void usage();
int
Process()
Process(void)
{
int iErrs = 0;
int i, iNewGrp;
gid_t wGid;
uid_t wUid;
char *pcCmd = (char *)0,
*pcDevTty = (char *)0;
int iErrs = 0;
int i, iNewGrp;
gid_t wGid;
uid_t wUid;
char *pcCmd = (char *)0, *pcDevTty = (char *)0;
#ifdef HAVE_GETUSERATTR
char *pcGrps;
char *pcGrps;
#endif
struct passwd *pwd;
struct stat st;
struct termios n_tio;
struct passwd *pwd;
struct stat st;
struct termios n_tio;
#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
char my_hostname[MAXHOSTNAMELEN];
char my_hostname[MAXHOSTNAMELEN];
#endif
#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
(void) fprintf(stderr, "%s: gethostname: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
(void)fprintf(stderr, "%s: gethostname: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
#endif
if ((char *)0 != pcCommand) {
if ((char *)0 == (pcCmd = (char *)malloc(strlen(pcCommand) + 4))) {
(void) fprintf(stderr, "%s: malloc: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
(void)strcpy(pcCmd, "-c ");
(void)strcat(pcCmd, pcCommand);
if ((char *)0 != pcCommand) {
if ((char *)0 == (pcCmd = (char *)malloc(strlen(pcCommand) + 4))) {
(void)fprintf(stderr, "%s: malloc: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
(void)strcpy(pcCmd, "-c ");
(void)strcat(pcCmd, pcCommand);
}
if ( (char *)0 != pcGroup ) {
iErrs += addgroup(pcGroup);
}
if ((char *)0 != pcGroup) {
iErrs += addgroup(pcGroup);
}
if ( (char *)0 == pcLogin ) {
static char acLogin[17];
if ((struct passwd *)0 == (pwd = getpwuid(geteuid()))) {
(void) fprintf(stderr, "%s: %d: uid unknown\n", progname, geteuid());
exit(1);
/* NOTREACHED */
}
pcLogin = strcpy(acLogin, pwd->pw_name);
} else if ((struct passwd *)0 == (pwd = getpwnam(pcLogin))) {
(void) fprintf(stderr, "%s: %s: login name unknown\n", progname, pcLogin);
exit(1);
/* NOTREACHED */
if ((char *)0 == pcLogin) {
static char acLogin[17];
if ((struct passwd *)0 == (pwd = getpwuid(geteuid()))) {
(void)fprintf(stderr, "%s: %d: uid unknown\n", progname,
geteuid());
exit(1);
/* NOTREACHED */
}
wUid = pwd->pw_uid;
wGid = pwd->pw_gid;
(void)endpwent();
pcLogin = strcpy(acLogin, pwd->pw_name);
} else if ((struct passwd *)0 == (pwd = getpwnam(pcLogin))) {
(void)fprintf(stderr, "%s: %s: login name unknown\n", progname,
pcLogin);
exit(1);
/* NOTREACHED */
}
wUid = pwd->pw_uid;
wGid = pwd->pw_gid;
(void)endpwent();
#ifdef HAVE_GETUSERATTR
/* getuserattr() returns a funny list of groups:
* "grp1\0grp2\0grp3\0\0"
*/
if (0 == getuserattr(pcLogin, S_SUGROUPS, &pcGrps, SEC_LIST)) {
while ('\000' != *pcGrps) {
/* ignore "ALL" and any group beginning with '!' */
if ('!' == *pcGrps || 0 != strcmp(pcGrps, "ALL")) {
iErrs += addgroup(pcGrps);
}
pcGrps = pcGrps + strlen(pcGrps) + 1;
}
/* getuserattr() returns a funny list of groups:
* "grp1\0grp2\0grp3\0\0"
*/
if (0 == getuserattr(pcLogin, S_SUGROUPS, &pcGrps, SEC_LIST)) {
while ('\000' != *pcGrps) {
/* ignore "ALL" and any group beginning with '!' */
if ('!' == *pcGrps || 0 != strcmp(pcGrps, "ALL")) {
iErrs += addgroup(pcGrps);
}
pcGrps = pcGrps + strlen(pcGrps) + 1;
}
#endif /* HAVE_GETUSERATTR */
(void)endgrent();
}
#endif /* HAVE_GETUSERATTR */
(void)endgrent();
if ((char *)0 != pcTty) {
if ( '/' == *pcTty ) {
pcDevTty = pcTty;
} else {
if ( (char *)0 == (pcDevTty = (char *)malloc(strlen(pcTty)+5+1) ) ) {
(void) fprintf(stderr, "%s: malloc: %s\n", progname, strerror(errno));
exit(1);
}
sprintf(pcDevTty, "/dev/%s", pcTty);
}
if ((char *)0 != pcTty) {
if ('/' == *pcTty) {
pcDevTty = pcTty;
} else {
if ((char *)0 ==
(pcDevTty = (char *)malloc(strlen(pcTty) + 5 + 1))) {
(void)fprintf(stderr, "%s: malloc: %s\n", progname,
strerror(errno));
exit(1);
}
sprintf(pcDevTty, "/dev/%s", pcTty);
}
if (0 != stat(pcDevTty, &st)) {
(void) fprintf(stderr, "%s: Can't stat %s: %s\n", progname, pcDevTty, strerror(errno));
++iErrs;
if (0 != stat(pcDevTty, &st)) {
(void)fprintf(stderr, "%s: Can't stat %s: %s\n", progname,
pcDevTty, strerror(errno));
++iErrs;
#if defined(VCHR) && defined(VMPC)
} else if (VCHR != st.st_type && VMPC != st.st_type) {
(void) fprintf(stderr, "%s: %s is not a character device\n", progname, pcDevTty);
++iErrs;
} else if (VCHR != st.st_type && VMPC != st.st_type) {
(void)fprintf(stderr, "%s: %s is not a character device\n",
progname, pcDevTty);
++iErrs;
#endif
}
} else {
pcDevTty = (char *)0;
}
} else {
pcDevTty = (char *)0;
}
if (iErrs) {
usage();
exit(1);
/* NOTREACHED */
}
if (0 != geteuid()) {
(void) fprintf(stderr, "%s: Must be root!!!\n", progname);
exit(1);
/* NOTREACHED */
}
if (iGrps && 0 < setgroups(iGrps, awGrps)) {
(void) fprintf(stderr, "%s: Can't setgroups(): %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (iErrs) {
usage();
exit(1);
/* NOTREACHED */
}
if (0 != geteuid()) {
(void)fprintf(stderr, "%s: Must be root!!!\n", progname);
exit(1);
/* NOTREACHED */
}
if (iGrps && 0 < setgroups(iGrps, awGrps)) {
(void)fprintf(stderr, "%s: Can't setgroups(): %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
/* Close open files
*/
for (i = (char *)0 == pcTty ? 3 : 0; i < getdtablesize(); ++i) {
(void) close(i);
}
/* Close open files
*/
for (i = (char *)0 == pcTty ? 3 : 0; i < getdtablesize(); ++i) {
(void)close(i);
}
/* Make us a session leader so that when we open /dev/tty
* it will become our controlling terminal.
*/
if (-1 == (iNewGrp = getsid(getpid()))) {
if (-1 == (iNewGrp = setsid())) {
(void) fprintf(stderr, "%s: setsid: %d: %s\n", progname, iNewGrp, strerror(errno));
iNewGrp = getpid();
}
/* Make us a session leader so that when we open /dev/tty
* it will become our controlling terminal.
*/
if (-1 == (iNewGrp = getsid(getpid()))) {
if (-1 == (iNewGrp = setsid())) {
(void)fprintf(stderr, "%s: setsid: %d: %s\n", progname,
iNewGrp, strerror(errno));
iNewGrp = getpid();
}
}
#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
if (!cannot_audit(0)) {
if (!cannot_audit(0)) {
# if defined(HAVE_GETAUDIT_ADDR)
struct auditinfo_addr audit_info;
struct auditinfo_addr audit_info;
# else
struct auditinfo audit_info;
struct auditinfo audit_info;
# endif
au_mask_t audit_mask;
au_mask_t audit_mask;
# if !defined(HAVE_GETAUDIT_ADDR)
struct hostent *hp;
struct hostent *hp;
# endif
int iAuditFile;
int fShowEvent = 1;
token_t *ptAuditToken;
int iAuditFile;
int fShowEvent = 1;
token_t *ptAuditToken;
(void)memset(&audit_info, 0, sizeof(audit_info));
audit_info.ai_auid = wUid;
audit_info.ai_asid = getpid();
audit_mask.am_success = audit_mask.am_failure = 0;
(void) au_user_mask(pcLogin, &audit_mask);
audit_info.ai_mask.am_success = audit_mask.am_success;
audit_info.ai_mask.am_failure = audit_mask.am_failure;
(void)memset(&audit_info, 0, sizeof(audit_info));
audit_info.ai_auid = wUid;
audit_info.ai_asid = getpid();
audit_mask.am_success = audit_mask.am_failure = 0;
(void)au_user_mask(pcLogin, &audit_mask);
audit_info.ai_mask.am_success = audit_mask.am_success;
audit_info.ai_mask.am_failure = audit_mask.am_failure;
# if defined(HAVE_GETAUDIT_ADDR)
(void)aug_get_machine(my_hostname,
&audit_info.ai_termid.at_addr[0],
&audit_info.ai_termid.at_type);
(void)aug_get_machine(my_hostname,
&audit_info.ai_termid.at_addr[0],
&audit_info.ai_termid.at_type);
# else
if ((char *)0 != (hp = gethostbyname(my_hostname))
&& AF_INET == hp->h_addrtype) {
(void)memcpy(&audit_info.ai_termid.machine,
hp->h_addr,
sizeof(audit_info.ai_termid.machine));
}
# endif
# if defined(HAVE_GETAUDIT_ADDR)
if (0 > setaudit_addr(&audit_info, sizeof(audit_info)))
# else
if (0 > setaudit(&audit_info))
# endif
{
fprintf(stderr, "%s: setaudit failed: %s\n",
progname,
strerror(errno));
fShowEvent = 0;
}
if (fShowEvent) {
fShowEvent = au_preselect(AUE_autologin,
&audit_mask,
AU_PRS_SUCCESS,
AU_PRS_REREAD);
}
if (fShowEvent) {
iAuditFile = au_open();
# if defined(HAVE_GETAUDIT_ADDR)
ptAuditToken = au_to_subject_ex(wUid,
wUid,
wGid,
wUid,
wGid,
audit_info.ai_asid,
audit_info.ai_asid,
&audit_info.ai_termid),
# else
ptAuditToken = au_to_subject(wUid,
wUid,
wGid,
wUid,
wGid,
audit_info.ai_asid,
audit_info.ai_asid,
&audit_info.ai_termid),
# endif
(void)au_write(iAuditFile, ptAuditToken);
ptAuditToken = au_to_text(gettext("successful login"));
(void)au_write(iAuditFile, ptAuditToken);
if ((char *)0 != pcCmd) {
ptAuditToken = au_to_text(pcCmd);
(void)au_write(iAuditFile, ptAuditToken);
}
# if defined(HAVE_GETAUDIT_ADDR)
ptAuditToken = au_to_return32(0, 0);
# else
ptAuditToken = au_to_return(0, 0);
# endif
(void)au_write(iAuditFile, ptAuditToken);
if(0 > au_close(iAuditFile, AU_TO_WRITE, AUE_autologin)) {
fprintf(stderr, "%s: audit write failed: %s",
progname,
strerror(errno));
}
}
if ((char *)0 != (hp = gethostbyname(my_hostname))
&& AF_INET == hp->h_addrtype) {
(void)memcpy(&audit_info.ai_termid.machine, hp->h_addr,
sizeof(audit_info.ai_termid.machine));
}
# endif
# if defined(HAVE_GETAUDIT_ADDR)
if (0 > setaudit_addr(&audit_info, sizeof(audit_info)))
# else
if (0 > setaudit(&audit_info))
# endif
{
fprintf(stderr, "%s: setaudit failed: %s\n", progname,
strerror(errno));
fShowEvent = 0;
}
if (fShowEvent) {
fShowEvent =
au_preselect(AUE_autologin, &audit_mask, AU_PRS_SUCCESS,
AU_PRS_REREAD);
}
if (fShowEvent) {
iAuditFile = au_open();
# if defined(HAVE_GETAUDIT_ADDR)
ptAuditToken =
au_to_subject_ex(wUid, wUid, wGid, wUid, wGid,
audit_info.ai_asid, audit_info.ai_asid,
&audit_info.ai_termid),
# else
ptAuditToken =
au_to_subject(wUid, wUid, wGid, wUid, wGid,
audit_info.ai_asid, audit_info.ai_asid,
&audit_info.ai_termid),
# endif
(void)au_write(iAuditFile, ptAuditToken);
ptAuditToken = au_to_text(gettext("successful login"));
(void)au_write(iAuditFile, ptAuditToken);
if ((char *)0 != pcCmd) {
ptAuditToken = au_to_text(pcCmd);
(void)au_write(iAuditFile, ptAuditToken);
}
# if defined(HAVE_GETAUDIT_ADDR)
ptAuditToken = au_to_return32(0, 0);
# else
ptAuditToken = au_to_return(0, 0);
# endif
(void)au_write(iAuditFile, ptAuditToken);
if (0 > au_close(iAuditFile, AU_TO_WRITE, AUE_autologin)) {
fprintf(stderr, "%s: audit write failed: %s", progname,
strerror(errno));
}
}
}
#endif
/* Open the TTY for stdin, stdout and stderr
*/
if ((char *)0 != pcDevTty) {
/* Open the TTY for stdin, stdout and stderr
*/
if ((char *)0 != pcDevTty) {
#ifdef TIOCNOTTY
if (-1 != (i = open("/dev/tty", 2, 0))) {
if ( ioctl(i, TIOCNOTTY, (char *)0) )
(void) fprintf(stderr, "%s: ioctl(%d, TIOCNOTTY, (char *)0): %s\n", progname, i, strerror(errno));
(void) close(i);
}
#endif
if (0 != open(pcDevTty, O_RDWR, 0666)) {
exit(1);
/* NOTREACHED */
}
dup(0);
dup(0);
if (-1 != (i = open("/dev/tty", 2, 0))) {
if (ioctl(i, TIOCNOTTY, (char *)0))
(void)fprintf(stderr,
"%s: ioctl(%d, TIOCNOTTY, (char *)0): %s\n",
progname, i, strerror(errno));
(void)close(i);
}
#endif
if (0 != open(pcDevTty, O_RDWR, 0666)) {
exit(1);
/* NOTREACHED */
}
dup(0);
dup(0);
}
/* put the tty in out process group
*/
/* put the tty in out process group
*/
#ifdef HAVE_TCGETPGRP
if (-1 >= (i = tcgetpgrp(0))){
(void) fprintf(stderr, "%s: tcgetpgrp: %s\n", progname, strerror(errno));
}
if (-1 >= (i = tcgetpgrp(0))) {
(void)fprintf(stderr, "%s: tcgetpgrp: %s\n", progname,
strerror(errno));
}
#endif
#ifndef SETPGRP_VOID
if (-1 != i && setpgrp(0, i) ){
(void) fprintf(stderr, "%s: setpgrp: %s, i = %d\n", progname, strerror(errno), i);
}
#endif
if (-1 != i && setpgrp(0, i)) {
(void)fprintf(stderr, "%s: setpgrp: %s, i = %d\n", progname,
strerror(errno), i);
}
#ifdef HAVE_TCSETPGRP
if (tcsetpgrp(0, iNewGrp)){
(void) fprintf(stderr, "%s: tcsetpgrp: %s\n", progname, strerror(errno));
}
#endif
#ifndef SETPGRP_VOID
if (-1 != iNewGrp && setpgrp(0, iNewGrp)){
(void) fprintf(stderr, "%s: setpgrp: %s, iNewGrp = %d\n", progname, strerror(errno), iNewGrp);
}
if (tcsetpgrp(0, iNewGrp)) {
(void)fprintf(stderr, "%s: tcsetpgrp: %s\n", progname,
strerror(errno));
}
#endif
if (-1 != iNewGrp && setpgrp(0, iNewGrp)) {
(void)fprintf(stderr, "%s: setpgrp: %s, iNewGrp = %d\n", progname,
strerror(errno), iNewGrp);
}
/* put the tty in the correct mode
*/
/* put the tty in the correct mode
*/
#ifdef HAVE_TCGETATTR
if (0 != tcgetattr(0, &n_tio)) {
(void) fprintf(stderr, "%s: tcgetattr: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (0 != tcgetattr(0, &n_tio)) {
(void)fprintf(stderr, "%s: tcgetattr: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
#else
if (0 != ioctl(0, TCGETS, &n_tio)) {
(void) fprintf(stderr, "%s: iotcl: TCGETS: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (0 != ioctl(0, TCGETS, &n_tio)) {
(void)fprintf(stderr, "%s: iotcl: TCGETS: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
#endif
n_tio.c_iflag &= ~(IGNCR|IUCLC);
n_tio.c_iflag |= ICRNL|IXON|IXANY;
n_tio.c_oflag &= ~(OLCUC|ONOCR|ONLRET|OFILL|NLDLY|CRDLY|TABDLY|BSDLY);
n_tio.c_oflag |= OPOST|ONLCR|TAB3;
n_tio.c_lflag &= ~(XCASE|NOFLSH|ECHOK|ECHONL);
n_tio.c_lflag |= ISIG|ICANON|ECHO;
n_tio.c_cc[VEOF] = '\004'; /* ^D */
n_tio.c_cc[VEOL] = '\000'; /* EOL */
n_tio.c_cc[VERASE] = '\010'; /* ^H */
n_tio.c_cc[VINTR] = '\003'; /* ^C */
n_tio.c_cc[VKILL] = '\025'; /* ^U */
/* MIN */
n_tio.c_cc[VQUIT] = '\034'; /* ^\ */
n_tio.c_cc[VSTART] = '\021'; /* ^Q */
n_tio.c_cc[VSTOP] = '\023'; /* ^S */
n_tio.c_cc[VSUSP] = '\032'; /* ^Z */
n_tio.c_iflag &= ~(IGNCR | IUCLC);
n_tio.c_iflag |= ICRNL | IXON | IXANY;
n_tio.c_oflag &=
~(OLCUC | ONOCR | ONLRET | OFILL | NLDLY | CRDLY | TABDLY | BSDLY);
n_tio.c_oflag |= OPOST | ONLCR | TAB3;
n_tio.c_lflag &= ~(XCASE | NOFLSH | ECHOK | ECHONL);
n_tio.c_lflag |= ISIG | ICANON | ECHO;
n_tio.c_cc[VEOF] = '\004'; /* ^D */
n_tio.c_cc[VEOL] = '\000'; /* EOL */
n_tio.c_cc[VERASE] = '\010'; /* ^H */
n_tio.c_cc[VINTR] = '\003'; /* ^C */
n_tio.c_cc[VKILL] = '\025'; /* ^U */
/* MIN */
n_tio.c_cc[VQUIT] = '\034'; /* ^\ */
n_tio.c_cc[VSTART] = '\021'; /* ^Q */
n_tio.c_cc[VSTOP] = '\023'; /* ^S */
n_tio.c_cc[VSUSP] = '\032'; /* ^Z */
#ifdef HAVE_TCSETATTR
if (0 != tcsetattr(0, TCSANOW, &n_tio)) {
(void) fprintf(stderr, "%s: tcsetattr: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}
if (0 != tcsetattr(0, TCSANOW, &n_tio)) {
(void)fprintf(stderr, "%s: tcsetattr: %s\n", progname,
strerror(errno));
exit(1);
/* NOTREACHED */
}
#endif
if (fMakeUtmp) {
extern char *ttyname();
make_utmp(pcLogin, (char *)0 != pcTty ? pcTty : ttyname(0));
}
/* Change ownership and modes on the tty.
*/
if ((char *)0 != pcDevTty) {
(void) chown(pcDevTty, wUid, wGid);
(void) chmod(pcDevTty, (mode_t) TTYMODE);
}
if (fMakeUtmp) {
extern char *ttyname();
make_utmp(pcLogin, (char *)0 != pcTty ? pcTty : ttyname(0));
}
/* Change ownership and modes on the tty.
*/
if ((char *)0 != pcDevTty) {
(void)chown(pcDevTty, wUid, wGid);
(void)chmod(pcDevTty, (mode_t) TTYMODE);
}
if ((char *)0 != pcCmd) {
execl(PATH_SU, "su", "-", pcLogin, pcCmd, (char *)0);
} else {
execl(PATH_SU, "su", "-", pcLogin, (char *)0);
}
if ((char *)0 != pcCmd) {
execl(PATH_SU, "su", "-", pcLogin, pcCmd, (char *)0);
} else {
execl(PATH_SU, "su", "-", pcLogin, (char *)0);
}
}
#ifndef HAVE_PUTENV
int
putenv(pcAssign)
char *pcAssign;
putenv(char *pcAssign)
{
register char *pcEq;
register char *pcEq;
if ((char *)0 != (pcEq = strchr(pcAssign, '='))) {
*pcEq++ = '\000';
(void)setenv(pcAssign, pcEq, 1);
*--pcEq = '=';
} else {
unsetenv(pcAssign);
}
if ((char *)0 != (pcEq = strchr(pcAssign, '='))) {
*pcEq++ = '\000';
(void)setenv(pcAssign, pcEq, 1);
*--pcEq = '=';
} else {
unsetenv(pcAssign);
}
}
#endif
int
addgroup(pcGrp)
char *pcGrp;
addgroup(char *pcGrp)
{
struct group *grp;
struct group *grp;
grp = getgrnam(pcGrp);
if ((struct group *)0 == grp) {
(void) fprintf(stderr, "%s: Unknown group: %s\n", progname, pcGrp);
return(1);
}
if (iGrps >= NGROUPS_MAX) {
(void) fprintf(stderr, "%s: Too many groups specified with \"%s\".\n", progname, pcGrp);
return(1);
}
awGrps[iGrps++] = grp->gr_gid;
return(0);
grp = getgrnam(pcGrp);
if ((struct group *)0 == grp) {
(void)fprintf(stderr, "%s: Unknown group: %s\n", progname, pcGrp);
return (1);
}
if (iGrps >= NGROUPS_MAX) {
(void)fprintf(stderr,
"%s: Too many groups specified with \"%s\".\n",
progname, pcGrp);
return (1);
}
awGrps[iGrps++] = grp->gr_gid;
return (0);
}
/* install a utmp entry to show the use we know is here is here (ksb)
*/
void
make_utmp(pclogin, pctty)
char *pclogin;
char *pctty;
make_utmp(char *pclogin, char *pctty)
{
register int iFound, iPos;
register int fdUtmp;
register char *pcDev;
register struct utmp *up;
auto struct utmp utmp;
register int iFound, iPos;
register int fdUtmp;
register char *pcDev;
register struct utmp *up;
auto struct utmp utmp;
if ((char *)0 == pctty) {
return;
if ((char *)0 == pctty) {
return;
}
if ((fdUtmp = open(UTMP_FILE, O_RDWR, 0664)) < 0) {
return;
}
/* create empty utmp entry
*/
(void)memset(&utmp, 0, sizeof(struct utmp));
/* Only the last portion of the tty is saved, unless it's
* all digits. Then back up and include the previous part
* /dev/pty/02 -> pty/02 (not just 02)
*/
if ((char *)0 != (pcDev = strrchr(pctty, '/'))) {
if (!*(pcDev + strspn(pcDev, "/0123456789"))) {
while (pcDev != pctty && *--pcDev != '/') {
}
}
if ((fdUtmp = open(UTMP_FILE, O_RDWR, 0664)) < 0) {
return;
}
/* create empty utmp entry
*/
(void)memset(&utmp, 0, sizeof(struct utmp));
/* Only the last portion of the tty is saved, unless it's
* all digits. Then back up and include the previous part
* /dev/pty/02 -> pty/02 (not just 02)
*/
if ((char *)0 != (pcDev = strrchr(pctty, '/'))) {
if (! *(pcDev + strspn(pcDev, "/0123456789"))) {
while (pcDev != pctty && *--pcDev != '/') {
}
}
if (*pcDev == '/') {
++pcDev;
}
} else {
pcDev = pctty;
if (*pcDev == '/') {
++pcDev;
}
} else {
pcDev = pctty;
}
#ifdef HAVE_GETUTENT
/* look through getutent's by pid
*/
(void)setutent();
utmp.ut_pid = getpid();
iFound = iPos = 0;
while ((up = getutent()) != NULL) {
if (up->ut_pid == utmp.ut_pid) {
utmp = *up;
++iFound;
break;
}
iPos++;
}
(void)endutent();
/* we were an initprocess, now we are a login shell
*/
utmp.ut_type = USER_PROCESS;
(void)strncpy(utmp.ut_user, pclogin, sizeof(utmp.ut_user));
if ('\000' == utmp.ut_line[0]) {
(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
/* look through getutent's by pid
*/
(void)setutent();
utmp.ut_pid = getpid();
iFound = iPos = 0;
while ((up = getutent()) != NULL) {
if (up->ut_pid == utmp.ut_pid) {
utmp = *up;
++iFound;
break;
}
iPos++;
}
(void)endutent();
/* we were an initprocess, now we are a login shell
*/
utmp.ut_type = USER_PROCESS;
(void)strncpy(utmp.ut_user, pclogin, sizeof(utmp.ut_user));
if ('\000' == utmp.ut_line[0]) {
(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
}
#else
#ifdef HAVE_SETTTYENT
{
# ifdef HAVE_SETTTYENT
{
register struct ttyent *ty;
/* look through ttyslots by line?
@ -519,56 +518,56 @@ char *pctty;
(void)setttyent();
iFound = iPos = 0;
while ((ty = getttyent()) != NULL) {
if (strcmp(ty->ty_name, pcDev) == 0) {
++iFound;
break;
}
iPos++;
if (strcmp(ty->ty_name, pcDev) == 0) {
++iFound;
break;
}
iPos++;
}
/* fill in utmp from ty ZZZ */
(void)endttyent();
}
(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
(void)strncpy(utmp.ut_host, "(autologin)", sizeof(utmp.ut_host));
# else
/* look through /etc/utmp by hand (sigh)
*/
iFound = iPos = 0;
while (sizeof(utmp) == read(fdUtmp, &utmp, sizeof(utmp))) {
if (0 == strncmp(utmp.ut_line, pcDev, sizeof(utmp.ut_line))) {
++iFound;
break;
}
(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
(void)strncpy(utmp.ut_host, "(autologin)", sizeof(utmp.ut_host));
#else
/* look through /etc/utmp by hand (sigh)
*/
iFound = iPos = 0;
while (sizeof(utmp) == read(fdUtmp, & utmp, sizeof(utmp))) {
if (0 == strncmp(utmp.ut_line, pcDev, sizeof(utmp.ut_line))) {
++iFound;
break;
}
iPos++;
}
(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
iPos++;
}
(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
# endif
#endif
#endif
utmp.ut_time = time((time_t *) 0);
utmp.ut_time = time((time_t *)0);
if (0 == iFound) {
fprintf(stderr, "%s: %s: no ttyslot\n", progname, pctty);
} else if (-1 == lseek(fdUtmp, (off_t)(iPos*sizeof(utmp)), 0)) {
fprintf(stderr, "%s: lseek: %s\n", progname, strerror(errno));
} else {
(void)write(fdUtmp, (char *)&utmp, sizeof(utmp));
}
(void)close(fdUtmp);
if (0 == iFound) {
fprintf(stderr, "%s: %s: no ttyslot\n", progname, pctty);
} else if (-1 == lseek(fdUtmp, (off_t) (iPos * sizeof(utmp)), 0)) {
fprintf(stderr, "%s: lseek: %s\n", progname, strerror(errno));
} else {
(void)write(fdUtmp, (char *)&utmp, sizeof(utmp));
}
(void)close(fdUtmp);
}
void
usage()
usage(void)
{
char *u_pch;
int u_loop;
char *u_pch;
int u_loop;
for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
fprintf(stdout, "%s: usage%s\n", progname, u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
fprintf(stdout, "%s\n", u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
fprintf(stdout, "%s: usage%s\n", progname, u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
fprintf(stdout, "%s\n", u_pch);
}
}

280
autologin/main.c
View File

@ -13,174 +13,172 @@
#ifndef HAVE_GETOPT
static int
optopt; /* character checked for validity */
optopt; /* character checked for validity */
/* get option letter from argument vector, also does -number correctly
* for nice, xargs, and stuff (these extras by ksb)
* does +arg if you give a last argument of "+", else give (char *)0
*/
static int
getopt(nargc, nargv, ostr)
int nargc;
char **nargv, *ostr;
getopt(int nargc, char **nargv, char *ostr)
{
register char *oli; /* option letter list index */
static char EMSG[] = ""; /* just a null place */
static char *place = EMSG; /* option letter processing */
register char *oli; /* option letter list index */
static char EMSG[] = ""; /* just a null place */
static char *place = EMSG; /* option letter processing */
if ('\000' == *place) { /* update scanning pointer */
if (optind >= nargc)
return EOF;
if (nargv[optind][0] != '-') {
register int iLen;
return EOF;
}
place = nargv[optind];
if ('\000' == *++place) /* "-" (stdin) */
return EOF;
if (*place == '-' && '\000' == place[1]) {
/* found "--" */
++optind;
return EOF;
}
} /* option letter okay? */
/* if we find the letter, (not a `:')
* or a digit to match a # in the list
*/
if ((optopt = *place++) == ':' ||
((char *)0 == (oli = strchr(ostr,optopt)) &&
(!(isdigit(optopt)||'-'==optopt) || (char *)0 == (oli = strchr(ostr, '#'))))) {
if(!*place) ++optind;
return('?');
if ('\000' == *place) { /* update scanning pointer */
if (optind >= nargc)
return EOF;
if (nargv[optind][0] != '-') {
register int iLen;
return EOF;
}
if ('#' == *oli) { /* accept as -digits */
optarg = place -1;
++optind;
place = EMSG;
return '#';
place = nargv[optind];
if ('\000' == *++place) /* "-" (stdin) */
return EOF;
if (*place == '-' && '\000' == place[1]) {
/* found "--" */
++optind;
return EOF;
}
if (*++oli != ':') { /* don't need argument */
optarg = NULL;
if ('\000' == *place)
++optind;
} else { /* need an argument */
if (*place) { /* no white space */
optarg = place;
} else if (nargc <= ++optind) { /* no arg!! */
place = EMSG;
return '*';
} else {
optarg = nargv[optind]; /* white space */
}
place = EMSG;
++optind;
}
/* option letter okay? */
/* if we find the letter, (not a `:')
* or a digit to match a # in the list
*/
if ((optopt = *place++) == ':' ||
((char *)0 == (oli = strchr(ostr, optopt)) &&
(!(isdigit(optopt) || '-' == optopt) ||
(char *)0 == (oli = strchr(ostr, '#'))))) {
if (!*place)
++optind;
return ('?');
}
if ('#' == *oli) { /* accept as -digits */
optarg = place - 1;
++optind;
place = EMSG;
return '#';
}
if (*++oli != ':') { /* don't need argument */
optarg = NULL;
if ('\000' == *place)
++optind;
} else { /* need an argument */
if (*place) { /* no white space */
optarg = place;
} else if (nargc <= ++optind) { /* no arg!! */
place = EMSG;
return '*';
} else {
optarg = nargv[optind]; /* white space */
}
return optopt; /* dump back option letter */
place = EMSG;
++optind;
}
return optopt; /* dump back option letter */
}
#endif /* ! HAVE_GETOPT */
char
*progname = "$Id: main.c,v 1.1 2003/11/04 02:36:24 bryan Exp $",
*au_terse[] = {
" [-u] [-c cmd] [-e env=value] [-g group] [-l login] [-t tty]",
" -h",
" -V",
(char *)0
},
*u_help[] = {
"c cmd command to run",
"e env=value environment variable to set",
"g group initial group",
"h print this help message",
"l login login name",
"t tty attach to this terminal",
"u do no make utmp entry",
"V show version information",
(char *)0
},
*pcCommand = (char *)0,
*pcGroup = (char *)0,
*pcLogin = (char *)0,
*pcTty = (char *)0;
*progname =
"$Id: main.c,v 1.3 2014/04/20 06:45:07 bryan Exp $", *au_terse[] = {
" [-u] [-c cmd] [-e env=value] [-g group] [-l login] [-t tty]",
" -h",
" -V",
(char *)0
}, *u_help[] = {
"c cmd command to run",
"e env=value environment variable to set",
"g group initial group",
"h print this help message",
"l login login name",
"t tty attach to this terminal",
"u do no make utmp entry",
"V show version information", (char *)0}, *pcCommand =
(char *)0, *pcGroup = (char *)0, *pcLogin = (char *)0, *pcTty =
(char *)0;
int
fMakeUtmp = 1,
iErrs = 0;
fMakeUtmp = 1, iErrs = 0;
#ifndef u_terse
#define u_terse (au_terse[0])
# define u_terse (au_terse[0])
#endif
static char *rcsid =
"$Id: main.c,v 1.1 2003/11/04 02:36:24 bryan Exp $";
static char *rcsid = "$Id: main.c,v 1.3 2014/04/20 06:45:07 bryan Exp $";
/*
* parser
*/
int
main(argc, argv)
int argc;
char **argv;
main(int argc, char **argv)
{
static char
sbOpt[] = "c:e:g:hl:t:uV",
*u_pch = (char *)0;
static int
u_loop = 0;
register int u_curopt;
extern int atoi();
static char
sbOpt[] = "c:e:g:hl:t:uV", *u_pch = (char *)0;
static int
u_loop = 0;
register int u_curopt;
extern int atoi();
progname = strrchr(argv[0], '/');
if ((char *)0 == progname)
progname = argv[0];
else
++progname;
while (EOF != (u_curopt = getopt(argc, argv, sbOpt))) {
switch (u_curopt) {
case '*':
fprintf(stderr, "%s: option `-%c\' needs a parameter\n", progname, optopt);
exit(1);
case '?':
fprintf(stderr, "%s: unknown option `-%c\', use `-h\' for help\n", progname, optopt);
exit(1);
case 'c':
pcCommand = optarg;
continue;
case 'e':
if (putenv(optarg) != 0) {
(void) fprintf(stderr, "%s: putenv(\"%s\"): failed\n", progname, optarg);
exit(1);
}
continue;
case 'g':
pcGroup = optarg;
continue;
case 'h':
for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
if ('\000' == *u_pch) {
fprintf(stdout, "%s: with no parameters\n", progname);
continue;
}
fprintf(stdout, "%s: usage%s\n", progname, u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
fprintf(stdout, "%s\n", u_pch);
}
exit(0);
case 'l':
pcLogin = optarg;
continue;
case 't':
pcTty = optarg;
continue;
case 'u':
fMakeUtmp = 0;
continue;
case 'V':
printf("%s: %s\n", progname, rcsid);
exit(0);
progname = strrchr(argv[0], '/');
if ((char *)0 == progname)
progname = argv[0];
else
++progname;
while (EOF != (u_curopt = getopt(argc, argv, sbOpt))) {
switch (u_curopt) {
case '*':
fprintf(stderr, "%s: option `-%c\' needs a parameter\n",
progname, optopt);
exit(1);
case '?':
fprintf(stderr,
"%s: unknown option `-%c\', use `-h\' for help\n",
progname, optopt);
exit(1);
case 'c':
pcCommand = optarg;
continue;
case 'e':
if (putenv(optarg) != 0) {
(void)fprintf(stderr, "%s: putenv(\"%s\"): failed\n",
progname, optarg);
exit(1);
}
break;
continue;
case 'g':
pcGroup = optarg;
continue;
case 'h':
for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]);
++u_loop) {
if ('\000' == *u_pch) {
fprintf(stdout, "%s: with no parameters\n",
progname);
continue;
}
fprintf(stdout, "%s: usage%s\n", progname, u_pch);
}
for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]);
++u_loop) {
fprintf(stdout, "%s\n", u_pch);
}
exit(0);
case 'l':
pcLogin = optarg;
continue;
case 't':
pcTty = optarg;
continue;
case 'u':
fMakeUtmp = 0;
continue;
case 'V':
printf("%s: %s\n", progname, rcsid);
exit(0);
}
Process();
exit(iErrs);
break;
}
Process();
exit(iErrs);
}

3
autologin/main.h
View File

@ -4,7 +4,7 @@
extern char *progname, *au_terse[4], *u_help[9];
#ifndef u_terse
#define u_terse (au_terse[0])
# define u_terse (au_terse[0])
#endif
extern int main();
extern int fMakeUtmp, iErrs;
@ -12,4 +12,3 @@ extern char *pcCommand, *pcGroup, *pcLogin, *pcTty;
/* from std_help.m */
/* from std_version.m */
/* from autologin.m */

98
compat.h
View File

@ -49,15 +49,15 @@
/* For legacy compile-time setting of the port...
*/
#if ! defined(DEFPORT)
# if defined(SERVICENAME)
# define DEFPORT SERVICENAME
# if defined(SERVICENAME)
# define DEFPORT SERVICENAME
# else
# if defined(PORTNUMBER)
# define DEFPORT PORTNUMBER
# else
# if defined(PORTNUMBER)
# define DEFPORT PORTNUMBER
# else
# define DEFPORT "conserver"
# endif
# define DEFPORT "conserver"
# endif
# endif
#endif
#if STDC_HEADERS
@ -129,7 +129,7 @@ typedef long fd_set;
#endif
#if HAVE_TYPES_H
#include <sys/types.h>
# include <sys/types.h>
#endif
#if HAVE_SYS_WAIT_H
@ -138,30 +138,30 @@ typedef long fd_set;
#define LO(s) ((unsigned)((s) & 0377))
#define HI(s) ((unsigned)(((s) >> 8) & 0377))
#if !defined(WIFEXITED)
#define WIFEXITED(s) (LO(s)==0)
# define WIFEXITED(s) (LO(s)==0)
#endif
#if !defined(WEXITSTATUS)
#define WEXITSTATUS(s) HI(s)
# define WEXITSTATUS(s) HI(s)
#endif
#if !defined(WIFSIGNALED)
#define WIFSIGNALED(s) ((LO(s)>0)&&(HI(s)==0))
# define WIFSIGNALED(s) ((LO(s)>0)&&(HI(s)==0))
#endif
#if !defined(WTERMSIG)
#define WTERMSIG(s) (LO(s)&0177)
# define WTERMSIG(s) (LO(s)&0177)
#endif
#if !defined(WIFSTOPPED)
#define WIFSTOPPED(s) ((LO(s)==0177)&&(HI(s)!=0))
# define WIFSTOPPED(s) ((LO(s)==0177)&&(HI(s)!=0))
#endif
#if !defined(WSTOPSIG)
#define WSTOPSIG(s) HI(s)
# define WSTOPSIG(s) HI(s)
#endif
#if HAVE_SYSEXITS_H
#include <sysexits.h>
# include <sysexits.h>
#else
#define EX_OK 0
#define EX_UNAVAILABLE 69
#define EX_TEMPFAIL 75
# define EX_OK 0
# define EX_UNAVAILABLE 69
# define EX_TEMPFAIL 75
#endif
#include <errno.h>
@ -235,19 +235,19 @@ extern char *h_errlist[];
#endif
#ifdef HAVE_USERSEC_H
#include <usersec.h>
# include <usersec.h>
#endif
#ifdef HAVE_PTY_H
#include <pty.h>
# include <pty.h>
#endif
#ifdef HAVE_LIBUTIL_H
#include <libutil.h>
# include <libutil.h>
#endif
#ifdef HAVE_UTIL_H
#include <util.h>
# include <util.h>
#endif
@ -280,54 +280,66 @@ typedef int socklen_t;
* as legacy definitions.
*/
#ifndef IUCLC
#define IUCLC 0
# define IUCLC 0
#endif
#ifndef OLCUC
#define OLCUC 0
# define OLCUC 0
#endif
#ifndef XCASE
#define XCASE 0
# define XCASE 0
#endif
/* Some systems don't have OFILL or *DLY. */
#ifndef OFILL
#define OFILL 0
# define OFILL 0
#endif
#ifndef NLDLY
#define NLDLY 0
# define NLDLY 0
#endif
#ifndef CRDLY
#define CRDLY 0
# define CRDLY 0
#endif
#ifndef TABDLY
#define TABDLY 0
# define TABDLY 0
#endif
#ifndef BSDLY
#define BSDLY 0
# define BSDLY 0
#endif
#ifndef ONOCR
#define ONOCR 0
# define ONOCR 0
#endif
#ifndef ONLRET
#define ONLRET 0
# define ONLRET 0
#endif
#ifndef SEEK_SET
#define SEEK_SET L_SET
#endif
#ifndef PARAMS
# if PROTOTYPES
# define PARAMS(protos) protos
# else /* no PROTOTYPES */
# define PARAMS(protos) ()
# endif /* no PROTOTYPES */
# define SEEK_SET L_SET
#endif
/* setup a conditional debugging line */
#ifndef CONDDEBUG
#define CONDDEBUG(line) if (fDebug) {debugFileName=__FILE__; debugLineNo=__LINE__; Debug line;}
# define CONDDEBUG(line) if (fDebug) {debugFileName=__FILE__; debugLineNo=__LINE__; Debug line;}
#endif
#if HAVE_DMALLOC
#include <dmalloc.h>
# include <dmalloc.h>
#endif
#if HAVE_FREEIPMI
# include <ipmiconsole.h>
#endif
#ifndef INADDR_STYPE
# if USE_IPV6
# define INADDR_STYPE struct sockaddr_storage
# else
# define INADDR_STYPE struct in_addr
# endif
#endif
#ifndef SOCKADDR_STYPE
# if USE_IPV6
# define SOCKADDR_STYPE struct sockaddr_storage
# else
# define SOCKADDR_STYPE struct sockaddr_in
# endif
#endif

31
config.h.in
View File

@ -33,6 +33,9 @@
/* have dmalloc support */
#undef HAVE_DMALLOC
/* have freeipmi support */
#undef HAVE_FREEIPMI
/* Define to 1 if you have the `getaudit' function. */
#undef HAVE_GETAUDIT
@ -315,6 +318,9 @@
/* Define to the one symbol short name of this package. */
#undef PACKAGE_TARNAME
/* Define to the home page for this package. */
#undef PACKAGE_URL
/* Define to the version of this package. */
#undef PACKAGE_VERSION
@ -324,15 +330,12 @@
/* pidfile to write to */
#undef PIDFILE
/* Define to 1 if the C compiler supports function prototypes. */
#undef PROTOTYPES
/* Defined if client requires server SSL certificate */
#undef REQ_SERVER_CERT
/* Define as the return type of signal handlers (`int' or `void'). */
#undef RETSIGTYPE
/* Define if setpgrp is POSIX */
#undef SETPGRP_VOID
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
@ -345,12 +348,27 @@
/* Defined if we trust reverse DNS */
#undef TRUST_REVERSE_DNS
/* Defined if we trust credentials from UDS client */
#undef TRUST_UDS_CRED
/* Directory for Unix domain sockets */
#undef UDSDIR
/* Defined to UDS credential socket option */
#undef UDS_CRED_SO
/* Defined to UDS credential structure name */
#undef UDS_CRED_STYPE
/* Defined to UDS credential structure uid field */
#undef UDS_CRED_UID
/* Defined if we produce extended messages */
#undef USE_EXTENDED_MESSAGES
/* Defined if building with IPv6 support */
#undef USE_IPV6
/* use tcp_wrappers libwrap */
#undef USE_LIBWRAP
@ -389,9 +407,6 @@
/* Define to 1 if you need to in order for `stat' and other things to work. */
#undef _POSIX_SOURCE
/* Define like PROTOTYPES; this can be used by system headers. */
#undef __PROTOTYPES
/* Define to empty if `const' does not conform to ANSI C. */
#undef const

7456
configure vendored
View File

File diff suppressed because it is too large Load Diff

195
configure.in
View File

@ -15,14 +15,18 @@ dnl AH_TEMPLATE([HAVE_POSIX_REGCOMP], [have POSIX regcomp])
AH_TEMPLATE([HAVE_PAM], [have PAM support])
AH_TEMPLATE([HAVE_OPENSSL], [have openssl support])
AH_TEMPLATE([HAVE_GSSAPI], [have gss-api support])
AH_TEMPLATE([HAVE_FREEIPMI], [have freeipmi support])
AH_TEMPLATE([STRIP_REALM], [retry username without @REALM with gss-api authentication])
AH_TEMPLATE([HAVE_DMALLOC], [have dmalloc support])
AH_TEMPLATE([HAVE_SA_LEN],[Defined if sa_len member exists in struct sockaddr])
AH_TEMPLATE([TRUST_REVERSE_DNS],[Defined if we trust reverse DNS])
AH_TEMPLATE([USE_EXTENDED_MESSAGES],[Defined if we produce extended messages])
AH_TEMPLATE([USE_UNIX_DOMAIN_SOCKETS],[Defined if we use Unix domain sockets])
AH_TEMPLATE([USE_IPV6], [Defined if building with IPv6 support])
AH_TEMPLATE([UDSDIR], [Directory for Unix domain sockets])
AH_TEMPLATE([FOR_CYCLADES_TS], [Defined if building for a Cyclades TS])
AH_TEMPLATE([REQ_SERVER_CERT], [Defined if client requires server SSL certificate])
AH_TEMPLATE([TRUST_UDS_CRED], [Defined if we trust credentials from UDS client])
dnl ### Normal initialization. ######################################
AC_INIT
@ -256,35 +260,6 @@ AC_ARG_WITH(extmsgs,
;;
esac],[AC_MSG_RESULT(no)])
AC_MSG_CHECKING(whether to use Unix domain sockets)
cons_with_uds="NO"
AC_ARG_WITH(uds,
AS_HELP_STRING([--with-uds@<:@=DIR@:>@ ],
[Use Unix domain sockets for client/server communication @<:@/tmp/conserver@:>@]),
[case "$withval" in
yes)
AC_DEFINE_UNQUOTED(UDSDIR, "/tmp/conserver")
AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
AC_MSG_RESULT([/tmp/conserver])
cons_with_uds="YES"
;;
no)
AC_MSG_RESULT(no)
;;
*)
AC_DEFINE_UNQUOTED(UDSDIR, "$withval")
AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
AC_MSG_RESULT('$withval')
cons_with_uds="YES"
if expr "$withval" : '/' >/dev/null 2>&1; then
:
else
echo "*** WARNING *** you may have better success using a fully-qualified path"
echo "*** WARNING *** instead of '$withval'"
fi
;;
esac],[AC_MSG_RESULT(no)])
use_dash_r=no
AC_MSG_CHECKING(whether to use -R paths as well as -L)
AC_ARG_WITH(rpath,
@ -302,7 +277,7 @@ AC_ARG_WITH(rpath,
AC_MSG_CHECKING(whether we are building for a Cyclades TS)
AC_ARG_WITH(cycladests,
AS_HELP_STRING([--with-cycladests],[Build for a Cyclades TS]),
AS_HELP_STRING([--with-cycladests],[(deprecated - noop) Build for a Cyclades TS]),
[case "$withval" in
yes)
AC_DEFINE(FOR_CYCLADES_TS)
@ -323,7 +298,6 @@ AC_PROG_MAKE_SET
dnl ### Compiler characteristics. ##################################
AC_AIX
AC_C_CONST
AC_C_PROTOTYPES
dnl AC_CHECK_SIZEOF(long)
dnl if test "$ac_cv_sizeof_long" -gt 4; then
@ -400,6 +374,81 @@ AC_SEARCH_LIBS(crypt,crypt)
AC_SUBST(CONSLIBS)
AC_SUBST(CONSCPPFLAGS)
AC_SUBST(CONSLDFLAGS)
AC_MSG_CHECKING(whether to use Unix domain sockets)
cons_with_uds="NO"
AC_ARG_WITH(uds,
AS_HELP_STRING([--with-uds@<:@=DIR@:>@ ],
[Use Unix domain sockets for client/server communication @<:@/tmp/conserver@:>@]),
[case "$withval" in
yes)
AC_DEFINE_UNQUOTED(UDSDIR, "/tmp/conserver")
AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
AC_MSG_RESULT([/tmp/conserver])
cons_with_uds="YES"
;;
no)
AC_MSG_RESULT(no)
;;
*)
AC_DEFINE_UNQUOTED(UDSDIR, "$withval")
AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
AC_MSG_RESULT('$withval')
cons_with_uds="YES"
if expr "$withval" : '/' >/dev/null 2>&1; then
:
else
echo "*** WARNING *** you may have better success using a fully-qualified path"
echo "*** WARNING *** instead of '$withval'"
fi
;;
esac
if test $cons_with_uds = YES; then
AC_MSG_CHECKING(whether to trust UDS credentials)
AC_ARG_WITH(trust-uds-cred,
AS_HELP_STRING([--with-trust-uds-cred],[Trust UDS credentials obtained via socket]),
[case "$withval" in
yes)
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>],
[
struct ucred u;
u.uid = 0;
#if !defined(SO_PEERCRED)
#error "no SO_PEERCRED defined"
#endif
],
[AC_MSG_RESULT(yes)
AC_DEFINE(UDS_CRED_STYPE, ucred, [Defined to UDS credential structure name])
AC_DEFINE(UDS_CRED_UID, uid, [Defined to UDS credential structure uid field])
AC_DEFINE(UDS_CRED_SO, SO_PEERCRED, [Defined to UDS credential socket option])
AC_DEFINE(TRUST_UDS_CRED)],
[
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>],
[
struct peercred_struct u;
u.euid = 0;
#if !defined(SO_PEERID)
#error "no SO_PEERID defined"
#endif
],
[AC_MSG_RESULT(yes)
AC_DEFINE(UDS_CRED_STYPE, peercred_struct, [Defined to UDS credential structure name])
AC_DEFINE(UDS_CRED_UID, euid, [Defined to UDS credential structure uid field])
AC_DEFINE(UDS_CRED_SO, SO_PEERID, [Defined to UDS credential socket option])
AC_DEFINE(TRUST_UDS_CRED)],
[AC_MSG_RESULT(no)])
])
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
fi
],[AC_MSG_RESULT(no)])
cons_with_libwrap="NO"
AC_ARG_WITH(libwrap,
AS_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
@ -498,6 +547,19 @@ AC_ARG_WITH(openssl,
CPPFLAGS="$oCPPFLAGS"
LDFLAGS="$oLDFLAGS"
fi
AC_MSG_CHECKING(whether to require server cert)
AC_ARG_WITH(req-server-cert,
AS_HELP_STRING([--with-req-server-cert],[Require server SSL certificate by client]),
[case "$withval" in
yes)
AC_DEFINE(REQ_SERVER_CERT)
AC_MSG_RESULT(yes)
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
fi]
)
@ -578,6 +640,51 @@ AC_ARG_WITH(gssapi,
fi]
)
cons_with_freeipmi="NO"
AC_ARG_WITH(freeipmi,
AS_HELP_STRING([--with-freeipmi@<:@=PATH@:>@],
[Compile in FreeIPMI support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
FREEIPMICPPFLAGS="-I$withval/include"
if test "$use_dash_r" != "yes"; then
FREEIPMILDFLAGS="-L$withval/lib"
else
FREEIPMILDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
FREEIPMICPPFLAGS=""
FREEIPMILDFLAGS=""
fi
oCPPFLAGS="$CPPFLAGS"
oLDFLAGS="$LDFLAGS"
oLIBS="$LIBS"
have_freeipmi=no
CPPFLAGS="$CPPFLAGS $FREEIPMICPPFLAGS"
LDFLAGS="$LDFLAGS $FREEIPMILDFLAGS"
AC_CHECK_HEADER([ipmiconsole.h],
[LIBS="$LIBS -lipmiconsole"
AC_MSG_CHECKING(for freeipmi libraries -lipmiconsole)
AC_TRY_LINK([#include <ipmiconsole.h>
],[ipmiconsole_ctx_fd(0)],
[AC_MSG_RESULT(yes)
cons_with_freeipmi="YES"
AC_DEFINE(HAVE_FREEIPMI)
CONSLIBS="$CONSLIBS -lipmiconsole"
have_freeipmi=yes],
[AC_MSG_RESULT(no)])],)
LIBS="$oLIBS"
if test $have_freeipmi = no; then
CPPFLAGS="$oCPPFLAGS"
LDFLAGS="$oLDFLAGS"
fi
fi]
)
cons_with_dmalloc="NO"
AC_ARG_WITH(dmalloc,
AS_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
@ -689,6 +796,23 @@ AC_ARG_WITH(pam,
AC_MSG_RESULT(no)
fi],[AC_MSG_RESULT(no)])
cons_with_ipv6="NO"
AC_MSG_CHECKING(whether to support IPv6)
AC_ARG_WITH(ipv6,
AS_HELP_STRING([--with-ipv6],
[(experimental) Use IPv6 for client/server communication]),
[case "$withval" in
yes)
AC_DEFINE(USE_IPV6)
AC_MSG_RESULT(yes)
cons_with_ipv6="YES"
;;
*)
AC_MSG_RESULT(no)
;;
esac],[AC_MSG_RESULT(no)])
dnl Checks for pty allocation...
dnl According to the xemacs distribution:
dnl getpt() is the preferred pty allocation method on glibc systems.
@ -705,13 +829,6 @@ AC_CHECK_LIB(util, openpty)
AC_CHECK_FUNCS(openpty)
AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle gettimeofday strlcpy)
if test "$with_cycladests" != "yes"; then
AC_FUNC_SETPGRP
else
AC_DEFINE(SETPGRP_VOID, 1, [Define if setpgrp is POSIX])
AC_MSG_NOTICE([Building for a Cyclades-TS: setting SETPGRP_VOID because we cannot test this in cross-compilation])
fi
AC_CHECK_FUNC(strcasecmp,
[AC_DEFINE(HAVE_STRCASECMP, 1, [Define if strcasecmp is available])],
[AC_CHECK_FUNC(stricmp,
@ -737,11 +854,13 @@ echo " Unix domain sockets (--with-uds) : $cons_with_uds"
echo " TCP wrappers (--with-libwrap) : $cons_with_libwrap"
echo " OpenSSL (--with-openssl) : $cons_with_openssl"
echo " GSS-API (--with-gssapi) : $cons_with_gssapi"
echo " FreeIPMI (--with-freeipmi) : $cons_with_freeipmi"
if [ $cons_with_gssapi = "YES" ]; then
echo " strip @REALM (--with-striprealm): $cons_strip_realm"
fi
echo " dmalloc (--with-dmalloc) : $cons_with_dmalloc"
echo " PAM support (--with-pam) : $cons_with_pam"
echo " IPv6 support (--with-ipv6) : $cons_with_ipv6"
echo ""
echo "=============================================================="
]

5
conserver.cf/Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
prefix = @prefix@
mandir = @mandir@
@ -24,8 +25,8 @@ distclean: clean
install:
$(MKDIR) $(DESTDIR)$(mandir)/man5
$(INSTALL) conserver.cf.man $(DESTDIR)$(mandir)/man5/conserver.cf.5
$(INSTALL) conserver.passwd.man $(DESTDIR)$(mandir)/man5/conserver.passwd.5
$(INSTALL) -m 0644 conserver.cf.man $(DESTDIR)$(mandir)/man5/conserver.cf.5
$(INSTALL) -m 0644 conserver.passwd.man $(DESTDIR)$(mandir)/man5/conserver.passwd.5
$(MKDIR) $(DESTDIR)$(exampledir)
$(INSTALL) -m 0644 conserver.cf $(DESTDIR)$(exampledir)
$(INSTALL) -m 0644 conserver.passwd $(DESTDIR)$(exampledir)

261
conserver.cf/conserver.cf.man
View File

@ -1,5 +1,5 @@
.\" $Id: conserver.cf.man,v 1.78 2007/04/02 17:59:16 bryan Exp $
.TH CONSERVER.CF 5 "2007/04/02" "conserver-8.1.17" "conserver"
.\" $Id: conserver.cf.man,v 1.86 2015/06/02 17:19:31 bryan Exp $
.TH CONSERVER.CF 5 "2015/06/02" "conserver-8.2.1" "conserver"
.SH NAME
conserver.cf \- console configuration file for
.BR conserver (8)
@ -212,14 +212,22 @@ connections from the hosts without username authentication.
.TP
\f3break\fP \f2n\fP
.br
Define a break sequence where 0 <
Define a break sequence where (1 <=
.I n
< 10.
<= 9) or (a <=
.I n
<= z).
Break sequences are accessed via the
.RI ``^Ecl n ''
client escape sequence.
.RS
.TP
\f3confirm\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not to ask the client for confirmation before sending the
break sequence.
The default is ``no''.
.TP
\f3delay\fP \f2n\fP
.br
Set the time delay for the
@ -308,7 +316,7 @@ If the value of ``*'' is used, the configuration block will be applied to
all conserver hosts.
.RS
.TP
\f3autocomplete\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
\f3autocomplete\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Turn the console name autocompletion feature on or off.
If autocompletion is on, a client can use any unique leading portion of a
@ -322,7 +330,7 @@ an access list (see the
.B \-a
command-line flag).
.TP
\f3daemonmode\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
\f3daemonmode\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not to become a daemon when run (see the
.B \-d
@ -372,7 +380,7 @@ Set the port used by the master conserver process (see the
.B \-p
command-line flag).
.TP
\f3redirect\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
\f3redirect\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Turn redirection on or off (see the
.B \-R
@ -390,7 +398,7 @@ Set the base port number used by child processes (see the
.B \-b
command-line flag).
.TP
\f3setproctitle\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
\f3setproctitle\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not the process title shows master/group functionality
as well as the port number the process is listening on and how many
@ -407,7 +415,19 @@ credentials file location (see the
.B \-c
command-line flag).
.TP
\f3sslrequired\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
\f3sslcacertificatefile\fP \f2filename\fP
.br
Load the valid CA certificates for the
.SM SSL
connection from the PEM encoded file. This option overrides the global CA
list.
.TP
\f3sslreqclientcert\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not a certificate is required by the client to connect.
The default is ``no''.
.TP
\f3sslrequired\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not encryption is required when talking to clients (see the
.B \-E
@ -461,6 +481,13 @@ Assign the break sequence
as the default for the console, which is used by
the ``^Ecl0'' client escape sequence.
.TP
\f3breaklist\fP \f2n\fP[\f3,\fP...]|\f3""\fP
Associate a list of break sequences referenced by
.I n
with the console.
If ``*'' is used (the default), all defined break sequences will be available.
If the null string (``\f3""\fP'') is used, no sequences will be available.
.TP
\f3device\fP \f2filename\fP
.br
Assign the serial device
@ -591,9 +618,9 @@ Assign
as the host to connect to for accessing the console.
You must also set the
.B port
option as well.
Normally, only consoles of type ``host'' will use this value, however
if the
option for consoles of type ``host''.
Normally, only consoles of type ``host'' and ``ipmi'' will use this value,
however if the
.BR devicesubst ,
.BR execsubst ,
or
@ -627,6 +654,111 @@ If an `s', `m', or `h' is used after
the specified time is interpreted as seconds, minutes, or hours.
Set the timeout to zero to disable the idle timeout (the default).
.TP
\f3ipmiciphersuite\fP \f2number\fP
.br
Set the IPMI cipher suite. Syntactically valid
values are -1 (the default) and greater. Check the FreeIPMI documentation
for usable values.
.TP
\f3ipmikg\fP \f2string\fP|\f3""\fP
Set the BMC authentication key K_g to
.IR string .
A K_g value is a simple character string with the exception of `\e':
.RS
.RS
.sp
.PD 0
.TP 6
.B \e\e
backslash
.TP
.BI \e ooo
octal representation of a character (where
.I ooo
is one to three octal digits)
.TP
.BI \e c
character
.I c
.PD
.RE
.RE
.IP
The resulting value must be no more than 20 characters.
The null string (``\f3""\fP'') is the default.
.TP
\f3impiworkaround\fP [\f3!\fP]option[\f3,\fP...]|\f3""\fP
.br
You can turn off a workaround by prefixing it with a
.RB `` ! ''
character.
So, to turn off the
.B integrity
workaround, you would use
.BR !integrity .
The following are valid
.IR option s
and their mapping to FreeIPMI settings:
.RS
.sp
.PD 0
.TP 21
.B activation-status
.SM SKIP_SOL_ACTIVATION_STATUS
.TP
.B auth-capabilites
.SM AUTHENTICATION_CAPABILITIES
.TP
.B channel-payload
.SM SKIP_CHANNEL_PAYLOAD_SUPPORT
.TP
.B checksum
.SM NO_CHECKSUM_CHECK
.TP
.B default
.SM DEFAULT
.TP
.B ignore-payload-size
.SM IGNORE_SOL_PAYLOAD_SIZE
.TP
.B ignore-port
.SM IGNORE_SOL_PORT
.TP
.B integrity
.SM NON_EMPTY_INTEGRITY_CHECK_VALUE
.TP
.B intel-session
.SM INTEL_2_0_SESSION
.TP
.B packet-sequence
.SM INCREMENT_SOL_PACKET_SEQUENCE
.TP
.B privilege
.SM OPEN_SESSION_PRIVILEGE
.TP
.B serial-alerts
.SM SERIAL_ALERTS_DEFERRED
.TP
.B sun-session
.SM SUN_2_0_SESSION
.TP
.B supermicro-session
.SM SUPERMICRO_2_0_SESSION
.PD
.RE
.IP
If no
.B ipmiworkaround
is specified, the ``\f3default\fP'' workaround will be used.
The null string (``\f3""\fP'') unsets all workarounds,
including ``\f3default\fP''.
See the FreeIPMI documentation for details on what workarounds affect.
.TP
\f3ipmiprivlevel\fP \f2user\fP|\f2operator\fP|\f2admin\fP
.br
Set the privilege level for the username used during IPMI authentication.
The default privilege level is ``\f2admin\fP''.
.TP
\f3include\fP \f2default\fP
.br
The default block defined using the name
@ -907,6 +1039,13 @@ Default is
Set the parity option for the console.
Only consoles of type ``device'' will use this value.
.TP
\f3password\fP \f2password\fP|\f3""\fP
.br
Use
.I password
during IPMI authentication.
If the null string (``\f3""\fP'') is used (the default), no password will be used.
.TP
\f3port\fP \f2number\fP|\f2name\fP
.br
Set the port used to access the console.
@ -935,7 +1074,7 @@ terminal server by their physical numbering of
or
.RI 1.. n
(depending on if you like zero-based or one-based numbering).
Warning: you can generate a \-1 value with this formula,
Warning: you can generate a -1 value with this formula,
which will become a very high numbered positive
value (since things are stored unsigned).
You must also set the
@ -1040,6 +1179,13 @@ will be granted (or denied, if prefixed with `!') read-write access.
If the null string (``\f3""\fP'') is used, any
users previously defined for the console's read-write list are removed.
.TP
\f3tasklist\fP \f2c\fP[\f3,\fP...]|\f3""\fP
Associate a list of tasks referenced by
.I c
with the console.
If ``*'' is used (the default), all defined tasks will be available.
If the null string (``\f3""\fP'') is used, no tasks will be available.
.TP
\f3timestamp\fP [\f2number\fP[\f3m\fP|\f3h\fP|\f3d\fP|\f3l\fP]][\f3a\fP][\f3b\fP]|\f3""\fP
.br
Specifies the time between timestamps applied to the console
@ -1069,7 +1215,7 @@ A
.RB ` b '
can be specified to add logging of break sequences sent to the console.
.TP
\f3type\fP \f3device\fP|\f3exec\fP|\f3host\fP|\f3noop\fP|\f3uds\fP
\f3type\fP \f3device\fP|\f3ipmi\fP|\f3exec\fP|\f3host\fP|\f3noop\fP|\f3uds\fP
.br
Set the type of console.
A type of
@ -1078,6 +1224,16 @@ should be used for local serial ports (also set the
.B device
value).
A type of
.RB `` ipmi ''
should be used for IPMI serial over LAN consoles (also set the
.B host
value and possibly the
.BR username ,
.BR password ,
and
.BR ipmi *
values).
A type of
.RB `` exec ''
should be used for command invocations (perhaps also set the
.B exec
@ -1121,12 +1277,19 @@ See the
.B devicesubst
option for an explanation of the format string.
If the null string (``\f3""\fP'') is used, no replacements will be done.
.TP
\f3username\fP \f2username\fP|\f3""\fP
.br
Use
.I username
during IPMI authentication.
If the null string (``\f3""\fP'') is used (the default), the ``null'' user will be used.
.RE
.TP
\f3group\fP \f2name\fP
.br
Define a user group identified as
.I name
.IR name .
.RS
.TP
\f3users\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
@ -1153,6 +1316,74 @@ will be recorded with (or without, if prefixed with `!') access.
If the null string (``\f3""\fP'') is used, any
users previously defined for this group are removed.
.RE
.TP
\f3task\fP \f2c\fP
.br
Define a task where
.I c
is a lowercase alphanumeric (0-9a-z).
Tasks are invoked via the
.RI ``^Ec! c ''
client escape sequence.
.RS
.TP
\f3cmd\fP \f2command\fP|\f3""\fP
.br
Invoke
.I command
on the server when instructed by the client.
All file descriptors are closed, except for stderr (which is inherited from
the server).
The
.I command
is passed as an argument to ``/bin/sh -ce'' and is a ``fire and forget''
methodology (you need to check logs for any issues).
If the null string (``\f3""\fP'') is used, the entire task definition is ignored.
.TP
\f3confirm\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not to ask the client for confirmation before invoking the task.
The default is ``no''.
.TP
\f3description\fP \f2string\fP
.br
Set a description for the task. When a client lists tasks,
.I string
will be printed instead of the command defined above.
If the null string (``\f3""\fP'') is used, the command defined above will
be printed.
.TP
\f3runas\fP [\f2user\fP][:\f2group\fP]|\f3""\fP
.br
By default, the command invoked by
.B cmd
is run with the same privileges as the server.
If the server is running with root privileges, this option resets the user
and/or group of the invoked process to
.I user
and
.I group
respectively.
.I user
may be a username or numeric uid and
.I group
may be a group name or numeric gid.
Either one is optional.
If the server is not running with root privileges, these values
are not used.
If the null string (``\f3""\fP'') is specified, the default of running
with the same privileges as the server is restored.
.TP
\f3subst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
.br
Perform character substitutions on the
.B cmd
value.
See the
.B devicesubst
option for an explanation of the format string.
If the null string (``\f3""\fP'') is used, no replacements will be done.
.RE
.SH AUTHORS
Bryan Stansell, conserver.com
.SH "SEE ALSO"

2
conserver.cf/conserver.passwd.man
View File

@ -1,5 +1,5 @@
.\" $Id: conserver.passwd.man,v 1.10 2004/01/08 16:12:33 bryan Exp $
.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.17" "conserver"
.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.2.1" "conserver"
.SH NAME
conserver.passwd \- user access information for
.BR conserver (8)

28
conserver.html
View File

@ -3,7 +3,7 @@
<HTML>
<HEAD>
<META name="generator" content=
"HTML Tidy for Solaris (vers 7 December 2008), see www.w3.org">
"HTML Tidy for Solaris (vers 25 March 2009), see www.w3.org">
<META name="keywords" content=
"conserver,serial,console,serial console,unix,tty,ttya,ttyb, rs-232,rs232,bryan stansell,stansell,console server,terminal server,headless">
<META name="author" content=
@ -36,12 +36,12 @@ body {
"http://planetmirror.com/pub/conserver/">Australia</A>
&nbsp;&nbsp;<A href=
"http://conserver.linux-mirror.org/">Germany</A>
&nbsp;&nbsp;<A href=
"http://conserver.webdesign-zdg.de/">Germany</A>
&nbsp;&nbsp;<A href="http://conserver.rayba.co/">Germany</A>
&nbsp;&nbsp;<A href=
"http://conserver.cybermirror.org/">Germany</A>
&nbsp;&nbsp;<A href=
"http://conserver.oss-mirror.org/">Ireland</A>
&nbsp;&nbsp;<A href="http://conserver.shape.ws/">Malaysia</A>
&nbsp;&nbsp;<A href="http://conserver.rinet.ru/">Russia</A>
&nbsp;&nbsp;<A href="http://www.conserver.com/">US-West
(Primary)</A><BR>
@ -56,16 +56,11 @@ body {
--></TD>
<TD rowspan="2" align="right">
<FORM method="post" action=
"http://www.conserver.com/cgi-bin/htsearch">
<INPUT type="hidden" name="method" value="and">
<INPUT type="hidden" name="format" value="builtin-long">
<INPUT type="hidden" name="sort" value="score">
<INPUT type="hidden" name="config" value=""> <INPUT type=
"hidden" name="restrict" value=""> <INPUT type="hidden"
name="exclude" value=""> <INPUT type="text" size="20"
name="words" value=""> <INPUT type="submit" value=
"Search">
<FORM method="get" action=
"http://www.conserver.com/cgi-bin/omega">
<INPUT type="hidden" name="DEFAULTOP" value="and">
<INPUT type="text" size="20" name="P" value="">
<INPUT type="submit" value="Search">
</FORM>
</TD>
</TR>
@ -182,11 +177,8 @@ body {
<H3>Downloading</H3>
<P>The current version, released on Sep 29, 2009, is
<A href="8.1.17.tar.gz">8.1.17.tar.gz</A>. You can get it
via <A href=
"ftp://ftp.conserver.com/conserver/8.1.17.tar.gz">FTP</A>
or <A href="8.1.17.tar.gz">HTTP</A>. See the <A href=
<P>The current version, released on Jun 2, 2015, is
<A href="8.2.1.tar.gz">8.2.1.tar.gz</A>. See the <A href=
"CHANGES">CHANGES</A> file for information on the latest
updates.</P>

3
conserver/Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
prefix = @prefix@
@ -62,7 +63,7 @@ install: conserver
$(MKDIR) $(DESTDIR)$(sbindir)
$(INSTALL_PROGRAM) conserver $(DESTDIR)$(sbindir)
$(MKDIR) $(DESTDIR)$(mandir)/man8
$(INSTALL) conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
$(INSTALL) -m 0644 conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
$(MKDIR) $(DESTDIR)$(exampledir)
$(INSTALL) conserver.rc $(DESTDIR)$(exampledir)
$(MKDIR) $(DESTDIR)$(pkglibdir)

161
conserver/access.c
View File

@ -1,5 +1,5 @@
/*
* $Id: access.c,v 5.73 2004/05/23 16:44:25 bryan Exp $
* $Id: access.c,v 5.74 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -44,7 +44,14 @@
#include <readcfg.h>
#include <main.h>
#if USE_IPV6
# include <net/if.h>
# include <ifaddrs.h>
# include <sys/socket.h>
# include <netdb.h>
#endif
#if !USE_IPV6
/* Compare an Internet address (IPv4 expected), with an address pattern
* passed as a character string representing an address in the Internet
* standard `.' notation, optionally followed by a slash and an integer
@ -58,20 +65,14 @@
* Returns 0 if the addresses match, else returns 1.
*/
int
#if PROTOTYPES
AddrCmp(struct in_addr *addr, char *pattern)
#else
AddrCmp(addr, pattern)
struct in_addr *addr;
char *pattern;
#endif
{
in_addr_t hostaddr, pattern_addr, netmask;
char *p, *slash_posn;
static STRING *buf = (STRING *)0;
#if HAVE_INET_ATON
# if HAVE_INET_ATON
struct in_addr inetaddr;
#endif
# endif
if (buf == (STRING *)0)
buf = AllocString();
@ -84,15 +85,15 @@ AddrCmp(addr, pattern)
} else
p = pattern;
#if HAVE_INET_ATON
# if HAVE_INET_ATON
if (inet_aton(p, &inetaddr) == 0)
return 1;
pattern_addr = inetaddr.s_addr;
#else
# else
pattern_addr = inet_addr(p);
if (pattern_addr == (in_addr_t) (-1))
return 1; /* malformed address */
#endif
# endif
if (slash_posn) {
/* convert explicit netmask */
@ -121,33 +122,70 @@ AddrCmp(addr, pattern)
pattern_addr & netmask, pattern_addr, netmask));
return (hostaddr & netmask) != (pattern_addr & netmask);
}
#endif /* USE_IPV6 */
/* return the access type for a given host entry (ksb)
*/
char
#if PROTOTYPES
AccType(struct in_addr *addr, char **peername)
#else
AccType(addr, peername)
struct in_addr *addr;
char **peername;
#endif
AccType(INADDR_STYPE *addr, char **peername)
{
ACCESS *pACtmp;
socklen_t so;
char ret;
#if USE_IPV6
int error;
char host[NI_MAXHOST];
char ipaddr[NI_MAXHOST];
#else
struct hostent *he = (struct hostent *)0;
int a;
char ret;
#if TRUST_REVERSE_DNS
# if TRUST_REVERSE_DNS
char **revNames = (char **)0;
#endif
# endif
CONDDEBUG((1, "AccType(): ip=%s", inet_ntoa(*addr)));
#endif /* USE_IPV6 */
ret = config->defaultaccess;
so = sizeof(*addr);
#if TRUST_REVERSE_DNS
#if USE_IPV6
error =
getnameinfo((struct sockaddr *)addr, so, ipaddr, sizeof(ipaddr),
NULL, 0, NI_NUMERICHOST);
if (error) {
Error("AccType(): getnameinfo failed: %s", gai_strerror(error));
goto common_ret;
}
CONDDEBUG((1, "AccType(): ip=%s", ipaddr));
error =
getnameinfo((struct sockaddr *)addr, so, host, sizeof(host), NULL,
0, 0);
if (!error)
CONDDEBUG((1, "AccType(): host=%s", host));
for (pACtmp = pACList; pACtmp != (ACCESS *)0; pACtmp = pACtmp->pACnext) {
CONDDEBUG((1, "AccType(): who=%s, trust=%c", pACtmp->pcwho,
pACtmp->ctrust));
if (strstr(ipaddr, pACtmp->pcwho) != NULL) {
CONDDEBUG((1, "AccType(): match for ip=%s", ipaddr));
ret = pACtmp->ctrust;
goto common_ret;
}
if (!error && strstr(host, pACtmp->pcwho) != NULL) {
CONDDEBUG((1, "AccType(): match for host=%s", host));
ret = pACtmp->ctrust;
goto common_ret;
}
}
common_ret:
if (config->loghostnames == FLAGTRUE && !error)
*peername = StrDup(host);
#else
# if TRUST_REVERSE_DNS
/* if we trust reverse dns, we get the names associated with
* the address we're checking and then check each of those
* against the access list entries (below).
@ -177,7 +215,7 @@ AccType(addr, peername)
}
}
}
#endif
# endif
for (pACtmp = pACList; pACtmp != (ACCESS *)0; pACtmp = pACtmp->pACnext) {
CONDDEBUG((1, "AccType(): who=%s, trust=%c", pACtmp->pcwho,
@ -203,20 +241,20 @@ AccType(addr, peername)
inet_ntoa(*(struct in_addr *)
(he->h_addr_list[a]))));
if (
#if HAVE_MEMCMP
# if HAVE_MEMCMP
memcmp(&(addr->s_addr), he->h_addr_list[a],
he->h_length)
#else
# else
bcmp(&(addr->s_addr), he->h_addr_list[a],
he->h_length)
#endif
# endif
== 0) {
ret = pACtmp->ctrust;
goto common_ret;
}
}
}
#if TRUST_REVERSE_DNS
# if TRUST_REVERSE_DNS
/* we chop bits off client names so that we can put domain
* names in access lists or even top-level domains.
* allowed conserver.com, net;
@ -245,43 +283,49 @@ AccType(addr, peername)
}
}
}
#endif
# endif
}
common_ret:
if (config->loghostnames == FLAGTRUE && peername != (char **)0) {
#if TRUST_REVERSE_DNS
# if TRUST_REVERSE_DNS
if (revNames != (char **)0 && revNames[0] != (char *)0)
*peername = StrDup(revNames[0]);
#else
# else
if ((he =
gethostbyaddr((char *)addr, so,
AF_INET)) != (struct hostent *)0) {
*peername = StrDup(he->h_name);
}
#endif
# endif
}
#if TRUST_REVERSE_DNS
# if TRUST_REVERSE_DNS
common_ret2:
if (revNames != (char **)0) {
for (a = 0; revNames[a] != (char *)0; a++)
free(revNames[a]);
free(revNames);
}
#endif
# endif
#endif /* USE_IPV6 */
return ret;
}
void
#if PROTOTYPES
SetDefAccess(struct in_addr *pAddr, char *pHost)
SetDefAccess(
#if USE_IPV6
void
#else
SetDefAccess(pAddr, pHost)
struct in_addr *pAddr;
char *pHost;
struct in_addr *pAddr, char *pHost
#endif
)
{
ACCESS *a;
#if USE_IPV6
int error;
char addr[NI_MAXHOST];
struct ifaddrs *myAddrs, *ifa;
#endif /* USE_IPV6 */
while (pACList != (ACCESS *)0) {
a = pACList->pACnext;
@ -289,7 +333,39 @@ SetDefAccess(pAddr, pHost)
pACList = a;
}
#if USE_UNIX_DOMAIN_SOCKETS
#if USE_IPV6
/* get list of all addresses on system */
error = getifaddrs(&myAddrs);
if (error) {
Error("SetDefAccess(): getifaddrs: %s", strerror(errno));
return;
}
for (ifa = myAddrs; ifa != NULL; ifa = ifa->ifa_next) {
/* skip interfaces without address or in down state */
if (ifa->ifa_addr == NULL || !(ifa->ifa_flags & IFF_UP))
continue;
error =
getnameinfo(ifa->ifa_addr, sizeof(struct sockaddr_storage),
addr, sizeof(addr), NULL, 0, NI_NUMERICHOST);
if (error)
continue;
if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
OutOfMem();
if ((a->pcwho = StrDup(addr)) == (char *)0)
OutOfMem();
a->ctrust = 'a';
a->pACnext = pACList;
pACList = a;
CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
pACList->pcwho));
}
freeifaddrs(myAddrs);
#elif USE_UNIX_DOMAIN_SOCKETS
if ((pACList = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
OutOfMem();
if ((pACList->pcwho = StrDup("127.0.0.1")) == (char *)0)
@ -318,12 +394,7 @@ SetDefAccess(pAddr, pHost)
}
void
#if PROTOTYPES
DestroyAccessList(ACCESS *pACList)
#else
DestroyAccessList(pACList)
ACCESS *pACList;
#endif
{
if (pACList == (ACCESS *)0)
return;

14
conserver/access.h
View File

@ -1,5 +1,5 @@
/*
* $Id: access.h,v 5.26 2003/08/10 18:11:20 bryan Exp $
* $Id: access.h,v 5.27 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -44,6 +44,12 @@ typedef struct access {
struct access *pACnext; /* next access list */
} ACCESS;
extern char AccType PARAMS((struct in_addr *, char **));
extern void SetDefAccess PARAMS((struct in_addr *, char *));
extern void DestroyAccessList PARAMS((ACCESS *));
extern char AccType(INADDR_STYPE *, char **);
extern void SetDefAccess(
#if USE_IPV6
void
#else
struct in_addr *, char *
#endif
);
extern void DestroyAccessList(ACCESS *);

170
conserver/client.c
View File

@ -1,5 +1,5 @@
/*
* $Id: client.c,v 5.93 2009/09/26 09:20:15 bryan Exp $
* $Id: client.c,v 5.98 2015/06/02 17:19:31 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -43,9 +43,14 @@
#include <group.h>
#include <readcfg.h>
#if USE_IPV6
# include <sys/socket.h>
# include <netdb.h>
#endif /* USE_IPV6 */
#if defined(USE_LIBWRAP)
#include <syslog.h>
#include <tcpd.h>
# include <syslog.h>
# include <tcpd.h>
int allow_severity = LOG_INFO;
int deny_severity = LOG_WARNING;
#endif
@ -54,12 +59,7 @@ int deny_severity = LOG_WARNING;
/* find the next guy who wants to write on the console (ksb)
*/
void
#if PROTOTYPES
FindWrite(CONSENT *pCE)
#else
FindWrite(pCE)
CONSENT *pCE;
#endif
{
CONSCLIENT *pCLfound = (CONSCLIENT *)0;
CONSCLIENT *pCL;
@ -91,13 +91,7 @@ FindWrite(pCE)
}
void
#if PROTOTYPES
BumpClient(CONSENT *pCE, char *message)
#else
BumpClient(pCE, message)
CONSENT *pCE;
char *message;
#endif
{
if ((CONSCLIENT *)0 == pCE->pCLwr)
return;
@ -118,20 +112,13 @@ BumpClient(pCE, message)
#define REPLAYBUFFER 4096
void
#if PROTOTYPES
Replay(CONSENT *pCE, CONSFILE *fdOut, unsigned short back)
#else
Replay(pCE, fdOut, back)
CONSENT *pCE;
CONSFILE *fdOut;
unsigned short back;
#endif
{
CONSFILE *fdLog = (CONSFILE *)0;
STRING *line = (STRING *)0;
off_t file_pos;
off_t buf_pos;
char *buf;
char *buf = (char *)0;
char *bp = (char *)0;
int ch;
struct stat stLog;
@ -386,51 +373,45 @@ typedef struct HLnode {
} HELP;
static HELP aHLTable[] = {
{WHEN_ALWAYS, ". disconnect"},
{WHEN_ALWAYS | IS_LIMITED, "; move to another console"},
{WHEN_ALWAYS, "a attach read/write"},
{WHEN_ALWAYS, "b send broadcast message"},
{WHEN_ATTACH, "c toggle flow control"},
{WHEN_ATTACH, "d down a console"},
{WHEN_ALWAYS, "e change escape sequence"},
{WHEN_ALWAYS, "f force attach read/write"},
{WHEN_ALWAYS, "g group info"},
{WHEN_ALWAYS, "i information dump"},
{WHEN_ATTACH, "L toggle logging on/off"},
{WHEN_ATTACH, "l? break sequence list"},
{WHEN_ATTACH, "l0 send break per config file"},
{WHEN_ATTACH, "l1-9 send specific break sequence"},
{WHEN_ALWAYS, "m display the message of the day"},
{WHEN_ALWAYS, "n write a note to the logfile"},
{WHEN_ALWAYS, "o (re)open the tty and log file"},
{WHEN_ALWAYS, "p playback the last %hu lines"},
{WHEN_ALWAYS, "P set number of playback lines"},
{WHEN_ALWAYS, "r replay the last %hu lines"},
{WHEN_ALWAYS, "R set number of replay lines"},
{WHEN_ATTACH, "s spy mode (read only)"},
{WHEN_ALWAYS, "u show host status"},
{WHEN_ALWAYS, "v show version info"},
{WHEN_ALWAYS, "w who is on this console"},
{WHEN_ALWAYS, "x show console baud info"},
{WHEN_ALWAYS | IS_LIMITED, "z suspend the connection"},
{WHEN_ATTACH | IS_LIMITED, "| attach local command"},
{WHEN_ALWAYS, "? print this message"},
{WHEN_ALWAYS, "<cr> ignore/abort command"},
{WHEN_ALWAYS, "^R replay the last line"},
{WHEN_ATTACH, "\\ooo send character by octal code"},
{WHEN_EXPERT, "^I toggle tab expansion"},
{WHEN_EXPERT, "+(-) do (not) drop line"},
{WHEN_ALWAYS, ". disconnect"},
{WHEN_ALWAYS | IS_LIMITED, "; move to another console"},
{WHEN_ALWAYS, "a attach read/write"},
{WHEN_ALWAYS, "b send broadcast message"},
{WHEN_ATTACH, "c toggle flow control"},
{WHEN_ATTACH, "d down a console"},
{WHEN_ALWAYS, "e change escape sequence"},
{WHEN_ALWAYS, "f force attach read/write"},
{WHEN_ALWAYS, "g group info"},
{WHEN_ALWAYS, "i information dump"},
{WHEN_ATTACH, "L toggle logging on/off"},
{WHEN_ATTACH, "l? break sequence list"},
{WHEN_ATTACH, "l0 send break per config file"},
{WHEN_ATTACH, "l1-9a-z send specific break sequence"},
{WHEN_ALWAYS, "m display message of the day"},
{WHEN_ALWAYS, "n write a note to the logfile"},
{WHEN_ALWAYS, "o (re)open the tty and log file"},
{WHEN_ALWAYS, "p playback the last %hu lines"},
{WHEN_ALWAYS, "P set number of playback lines"},
{WHEN_ALWAYS, "r replay the last %hu lines"},
{WHEN_ALWAYS, "R set number of replay lines"},
{WHEN_ATTACH, "s spy mode (read only)"},
{WHEN_ALWAYS, "u show host status"},
{WHEN_ALWAYS, "v show version info"},
{WHEN_ALWAYS, "w who is on this console"},
{WHEN_ALWAYS, "x show console baud info"},
{WHEN_ALWAYS | IS_LIMITED, "z suspend the connection"},
{WHEN_ATTACH, "! invoke task"},
{WHEN_ATTACH | IS_LIMITED, "| attach local command"},
{WHEN_ALWAYS, "? print this message"},
{WHEN_ALWAYS, "<cr> ignore/abort command"},
{WHEN_ALWAYS, "^R replay the last line"},
{WHEN_ATTACH, "\\ooo send character by octal code"},
};
/* list the commands we know for the user (ksb)
*/
void
#if PROTOTYPES
HelpUser(CONSCLIENT *pCL)
#else
HelpUser(pCL, pCE)
CONSCLIENT *pCL;
#endif
{
int i, j, iCmp;
static char
@ -506,34 +487,19 @@ HelpUser(pCL, pCE)
}
int
#if PROTOTYPES
ClientAccessOk(CONSCLIENT *pCL)
#else
ClientAccessOk(pCL)
CONSCLIENT *pCL;
#endif
{
char *peername = (char *)0;
int retval = 1;
#if USE_UNIX_DOMAIN_SOCKETS
struct in_addr addr;
# if HAVE_INET_ATON
inet_aton("127.0.0.1", &addr);
# else
addr.s_addr = inet_addr("127.0.0.1");
# endif
pCL->caccess = AccType(&addr, &peername);
if (pCL->caccess == 'r') {
FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
-1);
retval = 0;
}
#else
#if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
socklen_t so;
int cfd;
struct sockaddr_in in_port;
# if USE_IPV6
int error;
char addr[NI_MAXHOST];
# endif
SOCKADDR_STYPE in_port;
int getpeer = -1;
cfd = FileFDNum(pCL->fd);
@ -560,20 +526,56 @@ ClientAccessOk(pCL)
retval = 0;
goto setpeer;
}
pCL->caccess = AccType(&in_port.sin_addr, &peername);
pCL->caccess = AccType(
# if USE_IPV6
&in_port,
# else
&in_port.sin_addr,
# endif
&peername);
if (pCL->caccess == 'r') {
FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
-1);
retval = 0;
}
setpeer:
#else
struct in_addr addr;
# if HAVE_INET_ATON
inet_aton("127.0.0.1", &addr);
# else
addr.s_addr = inet_addr("127.0.0.1");
# endif
pCL->caccess = AccType(&addr, &peername);
if (pCL->caccess == 'r') {
FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
-1);
retval = 0;
}
#endif
if (pCL->peername != (STRING *)0) {
BuildString((char *)0, pCL->peername);
if (peername != (char *)0)
BuildString(peername, pCL->peername);
#if USE_UNIX_DOMAIN_SOCKETS
#if USE_IPV6
else if (getpeer != -1) {
error =
getnameinfo((struct sockaddr *)&in_port, so, addr,
sizeof(addr), NULL, 0, NI_NUMERICHOST);
if (error) {
FileWrite(pCL->fd, FLAGFALSE, "getnameinfo failed\r\n",
-1);
Error("ClientAccessOk(): gatenameinfo: %s",
gai_strerror(error));
retval = 0;
}
BuildString(addr, pCL->peername);
} else
BuildString("<unknown>", pCL->peername);
#elif USE_UNIX_DOMAIN_SOCKETS
else
BuildString("127.0.0.1", pCL->peername);
#else

22
conserver/client.h
View File

@ -1,5 +1,5 @@
/*
* $Id: client.h,v 5.42 2007/04/02 18:18:59 bryan Exp $
* $Id: client.h,v 5.45 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -51,7 +51,9 @@ typedef enum clientState {
S_CEXEC, /* client execing a program */
S_REPLAY, /* set replay length for 'r' */
S_PLAYBACK, /* set replay length for 'p' */
S_NOTE /* send a note to the logfile */
S_NOTE, /* send a note to the logfile */
S_TASK, /* invoke a task on the server side */
S_CONFIRM /* confirm input */
} CLIENTSTATE;
typedef struct client { /* Connection Information: */
@ -85,12 +87,14 @@ typedef struct client { /* Connection Information: */
IOSTATE ioState; /* state of the socket */
time_t stateTimer; /* timer for various ioState states */
STRING *accmd; /* the command the user issued */
struct sockaddr_in
cnct_port; /* where from */
INADDR_STYPE cnct_port; /* where from */
FLAG confirmed; /* confirm state */
CLIENTSTATE cState; /* state needing confirmation */
char cOption; /* option initiating the confirmation */
} CONSCLIENT;
extern void Replay PARAMS((CONSENT *, CONSFILE *, unsigned short));
extern void HelpUser PARAMS((CONSCLIENT *));
extern void FindWrite PARAMS((CONSENT *));
extern int ClientAccessOk PARAMS((CONSCLIENT *));
extern void BumpClient PARAMS((CONSENT *, char *));
extern void Replay(CONSENT *, CONSFILE *, unsigned short);
extern void HelpUser(CONSCLIENT *);
extern void FindWrite(CONSENT *);
extern int ClientAccessOk(CONSCLIENT *);
extern void BumpClient(CONSENT *, char *);

513
conserver/consent.c
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.c,v 5.151 2007/04/09 15:52:28 bryan Exp $
* $Id: consent.c,v 5.155 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -88,37 +88,37 @@ BAUD baud[] = {
{"3500000", 32},
{"4000000", 33},
#else /* FOR_CYCLADES_TS */
#if defined(B115200)
# if defined(B115200)
{"115200", B115200},
#endif
#if defined(B57600)
# endif
# if defined(B57600)
{"57600", B57600},
#endif
#if defined(B38400)
# endif
# if defined(B38400)
{"38400", B38400},
#endif
#if defined(B19200)
# endif
# if defined(B19200)
{"19200", B19200},
#endif
#if defined(B9600)
# endif
# if defined(B9600)
{"9600", B9600},
#endif
#if defined(B4800)
# endif
# if defined(B4800)
{"4800", B4800},
#endif
#if defined(B2400)
# endif
# if defined(B2400)
{"2400", B2400},
#endif
#if defined(B1800)
# endif
# if defined(B1800)
{"1800", B1800},
#endif
# endif
{"1200", B1200},
#if defined(B600)
# if defined(B600)
{"600", B600},
#endif
#if defined(B300)
# endif
# if defined(B300)
{"300", B300},
#endif
# endif
#endif /* FOR_CYCLADES_TS */
};
@ -126,12 +126,7 @@ BAUD baud[] = {
/* find a baud rate for the string "9600x" -> B9600 (ksb)
*/
BAUD *
#if PROTOTYPES
FindBaud(char *pcMode)
#else
FindBaud(pcMode)
char *pcMode;
#endif
{
int i;
@ -143,9 +138,9 @@ FindBaud(pcMode)
}
# if !defined(PAREXT)
# define PAREXT 0
# endif
#if !defined(PAREXT)
# define PAREXT 0
#endif
struct parity parity[] = {
{"even", PARENB | CS7, 0},
{"mark", PARENB | CS7 | PARODD | PAREXT, 0},
@ -157,12 +152,7 @@ struct parity parity[] = {
/* find a parity "even" or "E" or "ev" -> EVEN
*/
PARITY *
#if PROTOTYPES
FindParity(char *pcMode)
#else
FindParity(pcMode)
char *pcMode;
#endif
{
int i;
@ -177,12 +167,7 @@ FindParity(pcMode)
/* setup a tty device (ksb)
*/
static int
#if PROTOTYPES
TtyDev(CONSENT *pCE)
#else
TtyDev(pCE)
CONSENT *pCE;
#endif
{
struct termios termp;
struct stat stPerm;
@ -290,25 +275,20 @@ TtyDev(pCE)
}
#endif
}
# if HAVE_STROPTS_H
#if HAVE_STROPTS_H
/*
* eat all the streams modules upto and including ttcompat
*/
while (ioctl(cofile, I_FIND, "ttcompat") == 1) {
ioctl(cofile, I_POP, 0);
}
# endif
#endif
pCE->fup = 1;
return 0;
}
void
#if PROTOTYPES
StopInit(CONSENT *pCE)
#else
StopInit(pCE)
CONSENT *pCE;
#endif
{
if (pCE->initcmd == (char *)0)
return;
@ -339,14 +319,52 @@ StopInit(pCE)
}
}
#if HAVE_FREEIPMI
ipmiconsole_ctx_t
IpmiSOLCreate(CONSENT *pCE)
{
ipmiconsole_ctx_t ctx;
struct ipmiconsole_ipmi_config ipmi;
struct ipmiconsole_protocol_config protocol;
struct ipmiconsole_engine_config engine;
if (ipmiconsole_engine_init(1, 0) < 0)
return 0;
ipmi.username = pCE->username;
ipmi.password = pCE->password;
if (pCE->ipmikg->used <= 1) { /* 1 == NULL only */
ipmi.k_g = NULL;
ipmi.k_g_len = 0;
} else {
ipmi.k_g = (unsigned char *)pCE->ipmikg->string;
ipmi.k_g_len = pCE->ipmikg->used - 1;
}
ipmi.privilege_level = pCE->ipmiprivlevel;
ipmi.cipher_suite_id = pCE->ipmiciphersuite;
ipmi.workaround_flags = pCE->ipmiworkaround;
protocol.session_timeout_len = -1;
protocol.retransmission_timeout_len = -1;
protocol.retransmission_backoff_count = -1;
protocol.keepalive_timeout_len = -1;
protocol.retransmission_keepalive_timeout_len = -1;
protocol.acceptable_packet_errors_count = -1;
protocol.maximum_retransmission_count = -1;
engine.engine_flags = IPMICONSOLE_ENGINE_OUTPUT_ON_SOL_ESTABLISHED;
engine.behavior_flags = 0;
engine.debug_flags = 0;
ctx = ipmiconsole_ctx_create(pCE->host, &ipmi, &protocol, &engine);
return ctx;
}
#endif
/* invoke the initcmd command */
void
#if PROTOTYPES
StartInit(CONSENT *pCE)
#else
StartInit(pCE)
CONSENT *pCE;
#endif
{
int i;
pid_t iNewGrp;
@ -447,19 +465,19 @@ StartInit(pCE)
close(1);
close(0);
# if HAVE_SETSID
#if HAVE_SETSID
iNewGrp = setsid();
if (-1 == iNewGrp) {
Error("[%s] setsid(): %s", pCE->server, strerror(errno));
iNewGrp = getpid();
}
# else
#else
iNewGrp = getpid();
# endif
#endif
if (dup(pout[0]) != 0 || dup(pin[1]) != 1) {
Error("[%s] StartInit(): fd sync error", pCE->server);
Bye(EX_OSERR);
exit(EX_OSERR);
}
close(pout[0]);
close(pin[1]);
@ -480,21 +498,61 @@ StartInit(pCE)
execve(apcArgv[0], apcArgv, environ);
Error("[%s] execve(%s): %s", pCE->server, apcArgv[2], strerror(errno));
Bye(EX_OSERR);
exit(EX_OSERR);
return;
}
/* We exit() here, so only call this in a child process before an exec() */
void
SetupTty(CONSENT *pCE, int fd)
{
struct termios n_tio;
#if HAVE_STROPTS_H && !defined(_AIX)
/* SYSVr4 semantics for opening stream ptys (gregf)
* under PTX (others?) we have to push the compatibility
* streams modules `ptem', `ld', and `ttcompat'
*/
ioctl(1, I_PUSH, "ptem");
ioctl(1, I_PUSH, "ldterm");
ioctl(1, I_PUSH, "ttcompat");
#endif
if (0 != tcgetattr(1, &n_tio)) {
exit(EX_OSERR);
}
n_tio.c_iflag &= ~(IGNCR | IUCLC);
n_tio.c_iflag |= ICRNL;
if (pCE->ixon == FLAGTRUE)
n_tio.c_iflag |= IXON;
if (pCE->ixany == FLAGTRUE)
n_tio.c_iflag |= IXANY;
if (pCE->ixoff == FLAGTRUE)
n_tio.c_iflag |= IXOFF;
n_tio.c_oflag &=
~(OLCUC | ONOCR | ONLRET | OFILL | NLDLY | CRDLY | TABDLY | BSDLY);
n_tio.c_oflag |= OPOST | ONLCR;
n_tio.c_lflag &= ~(XCASE | NOFLSH | ECHOK | ECHONL);
n_tio.c_lflag |= ISIG | ICANON | ECHO;
n_tio.c_cc[VEOF] = '\004';
n_tio.c_cc[VEOL] = '\000';
n_tio.c_cc[VERASE] = '\010';
n_tio.c_cc[VINTR] = '\003';
n_tio.c_cc[VKILL] = '@';
/* MIN */
n_tio.c_cc[VQUIT] = '\034';
n_tio.c_cc[VSTART] = '\021';
n_tio.c_cc[VSTOP] = '\023';
n_tio.c_cc[VSUSP] = '\032';
if (0 != tcsetattr(1, TCSANOW, &n_tio))
exit(EX_OSERR);
}
/* setup a virtual device (ksb)
*/
static int
#if PROTOTYPES
VirtDev(CONSENT *pCE)
#else
VirtDev(pCE)
CONSENT *pCE;
#endif
{
static struct termios n_tio;
int i;
pid_t iNewGrp;
extern char **environ;
@ -546,19 +604,19 @@ VirtDev(pCE)
close(1);
close(0);
# if HAVE_SETSID
#if HAVE_SETSID
iNewGrp = setsid();
if (-1 == iNewGrp) {
Error("[%s] setsid(): %s", pCE->server, strerror(errno));
iNewGrp = getpid();
}
# else
#else
iNewGrp = getpid();
# endif
#endif
if (dup(pCE->execSlaveFD) != 0 || dup(pCE->execSlaveFD) != 1) {
Error("[%s] fd sync error", pCE->server);
Bye(EX_OSERR);
exit(EX_OSERR);
}
if (geteuid() == 0) {
@ -569,52 +627,8 @@ VirtDev(pCE)
setuid(pCE->execuid);
}
}
# if HAVE_STROPTS_H && !defined(_AIX)
/* SYSVr4 semantics for opening stream ptys (gregf)
* under PTX (others?) we have to push the compatibility
* streams modules `ptem', `ld', and `ttcompat'
*/
CONDDEBUG((1, "VirtDev(): pushing ptemp onto pseudo-terminal"));
ioctl(0, I_PUSH, "ptem");
CONDDEBUG((1, "VirtDev(): pushing ldterm onto pseudo-terminal"));
ioctl(0, I_PUSH, "ldterm");
CONDDEBUG((1, "VirtDev(): pushing ttcompat onto pseudo-terminal"));
ioctl(0, I_PUSH, "ttcompat");
CONDDEBUG((1, "VirtDev(): done pushing modules onto pseudo-terminal"));
# endif
if (0 != tcgetattr(0, &n_tio)) {
Error("[%s] tcgetattr(0): %s", pCE->server, strerror(errno));
Bye(EX_OSERR);
}
n_tio.c_iflag &= ~(IGNCR | IUCLC);
n_tio.c_iflag |= ICRNL;
if (pCE->ixon == FLAGTRUE)
n_tio.c_iflag |= IXON;
if (pCE->ixany == FLAGTRUE)
n_tio.c_iflag |= IXANY;
if (pCE->ixoff == FLAGTRUE)
n_tio.c_iflag |= IXOFF;
n_tio.c_oflag &=
~(OLCUC | ONOCR | ONLRET | OFILL | NLDLY | CRDLY | TABDLY | BSDLY);
n_tio.c_oflag |= OPOST | ONLCR;
n_tio.c_lflag &= ~(XCASE | NOFLSH | ECHOK | ECHONL);
n_tio.c_lflag |= ISIG | ICANON | ECHO;
n_tio.c_cc[VEOF] = '\004';
n_tio.c_cc[VEOL] = '\000';
n_tio.c_cc[VERASE] = '\010';
n_tio.c_cc[VINTR] = '\003';
n_tio.c_cc[VKILL] = '@';
/* MIN */
n_tio.c_cc[VQUIT] = '\034';
n_tio.c_cc[VSTART] = '\021';
n_tio.c_cc[VSTOP] = '\023';
n_tio.c_cc[VSUSP] = '\032';
if (0 != tcsetattr(0, TCSANOW, &n_tio)) {
Error("[%s] tcsetattr(0,TCSANOW): %s", pCE->server,
strerror(errno));
Bye(EX_OSERR);
}
SetupTty(pCE, 0);
tcsetpgrp(0, iNewGrp);
@ -647,17 +661,12 @@ VirtDev(pCE)
execve(pcShell, ppcArgv, environ);
Error("[%s] execve(): %s", pCE->server, strerror(errno));
Bye(EX_OSERR);
exit(EX_OSERR);
return -1;
}
char *
#if PROTOTYPES
ConsState(CONSENT *pCE)
#else
ConsState(pCE)
CONSENT *pCE;
#endif
{
if (!pCE->fup)
return "down";
@ -692,14 +701,7 @@ ConsState(pCE)
* with the "runtime" members of the structure here.
*/
void
#if PROTOTYPES
ConsDown(CONSENT *pCE, FLAG downHard, FLAG force)
#else
ConsDown(pCE, downHard, force)
CONSENT *pCE;
FLAG downHard;
FLAG force;
#endif
{
if (force != FLAGTRUE &&
!(FileBufEmpty(pCE->fdlog) && FileBufEmpty(pCE->cofile) &&
@ -721,6 +723,14 @@ ConsDown(pCE, downHard, force)
FD_CLR(cofile, &winit);
FileClose(&pCE->cofile);
}
#if HAVE_FREEIPMI
/* need to do this after cofile close above as
* ipmiconsole_ctx_destroy will close the fd */
if (pCE->ipmictx != (ipmiconsole_ctx_t) 0) {
ipmiconsole_ctx_destroy(pCE->ipmictx);
pCE->ipmictx = (ipmiconsole_ctx_t) 0;
}
#endif
if (pCE->fdlog != (CONSFILE *)0) {
if (pCE->nolog) {
TagLogfile(pCE, "Console logging restored");
@ -748,15 +758,10 @@ ConsDown(pCE, downHard, force)
* We also maintian the select set for the caller.
*/
void
#if PROTOTYPES
ConsInit(CONSENT *pCE)
#else
ConsInit(pCE)
CONSENT *pCE;
#endif
{
time_t tyme;
extern int FallBack PARAMS((char **, int *));
extern int FallBack(char **, int *);
int cofile = -1;
int ret;
#if HAVE_GETTIMEOFDAY
@ -851,19 +856,86 @@ ConsInit(pCE)
break;
case HOST:
{
#if USE_IPV6
int error;
char host[NI_MAXHOST];
char serv[NI_MAXSERV];
struct addrinfo *ai, *rp, hints;
#else
struct sockaddr_in port;
struct hostent *hp;
#endif /* USE_IPV6 */
#if HAVE_SETSOCKOPT
int one = 1;
#endif
usleep(100000); /* Not all terminal servers can keep up */
#if HAVE_MEMSET
memset((void *)&port, 0, sizeof(port));
#if USE_IPV6
# if HAVE_MEMSET
memset(&hints, 0, sizeof(hints));
# else
bzero(&hints, sizeof(hints));
# endif
hints.ai_flags = AI_ADDRCONFIG;
hints.ai_socktype = SOCK_STREAM;
snprintf(serv, sizeof(serv), "%hu", pCE->netport);
error = getaddrinfo(pCE->host, serv, &hints, &ai);
if (error) {
Error("[%s] getaddrinfo(%s): %s: forcing down",
pCE->server, pCE->host, gai_strerror(error));
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
rp = ai;
while (rp) {
error =
getnameinfo(rp->ai_addr, rp->ai_addrlen, host,
sizeof(host), serv, sizeof(serv),
NI_NUMERICHOST | NI_NUMERICSERV);
if (error)
continue;
CONDDEBUG((1,
"[%s]: trying hostname=%s, ip=%s, port=%s",
pCE->server, pCE->host, host, serv));
cofile =
socket(rp->ai_family, rp->ai_socktype,
rp->ai_protocol);
if (cofile != -1) {
# if HAVE_SETSOCKOPT
if (setsockopt
(cofile, SOL_SOCKET, SO_KEEPALIVE,
(char *)&one, sizeof(one)) < 0)
goto fail;
# endif
if (!SetFlags(cofile, O_NONBLOCK, 0))
goto fail;
if ((ret =
connect(cofile, rp->ai_addr,
rp->ai_addrlen)) == 0)
goto success;
fail:
close(cofile);
}
rp = rp->ai_next;
}
Error("[%s]: Unable to connect to %s:%s", pCE->server,
host, serv);
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
success:
freeaddrinfo(ai);
#else
# if HAVE_MEMSET
memset((void *)&port, 0, sizeof(port));
# else
bzero((char *)&port, sizeof(port));
#endif
# endif
if ((hp = gethostbyname(pCE->host)) == NULL) {
Error("[%s] gethostbyname(%s): %s: forcing down",
@ -871,13 +943,13 @@ ConsInit(pCE)
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
#if HAVE_MEMCPY
# if HAVE_MEMCPY
memcpy(&port.sin_addr.s_addr, hp->h_addr_list[0],
hp->h_length);
#else
# else
bcopy(hp->h_addr_list[0], &port.sin_addr.s_addr,
hp->h_length);
#endif
# endif
port.sin_family = hp->h_addrtype;
port.sin_port = htons(pCE->netport);
@ -888,7 +960,7 @@ ConsInit(pCE)
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
#if HAVE_SETSOCKOPT
# if HAVE_SETSOCKOPT
if (setsockopt
(cofile, SOL_SOCKET, SO_KEEPALIVE, (char *)&one,
sizeof(one)) < 0) {
@ -899,7 +971,7 @@ ConsInit(pCE)
close(cofile);
return;
}
#endif
# endif
if (!SetFlags(cofile, O_NONBLOCK, 0)) {
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
@ -919,6 +991,7 @@ ConsInit(pCE)
return;
}
}
#endif /* USE_IPV6 */
}
if ((pCE->cofile =
FileOpenFD(cofile, simpleSocket)) == (CONSFILE *)0) {
@ -1032,6 +1105,56 @@ ConsInit(pCE)
TtyDev(pCE);
pCE->ioState = ISNORMAL;
break;
#if HAVE_FREEIPMI
case IPMI:
if (!(pCE->ipmictx = IpmiSOLCreate(pCE))) {
Error("[%s] Could not create IPMI context: forcing down",
pCE->server);
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
if (ipmiconsole_engine_submit(pCE->ipmictx, NULL, NULL) < 0) {
Error
("[%s] Could not connect to IPMI host `%s': forcing down",
pCE->server, pCE->host);
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
cofile = ipmiconsole_ctx_fd(pCE->ipmictx);
if (!SetFlags(cofile, O_NONBLOCK, 0)) {
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
if ((pCE->cofile =
FileOpenFD(cofile, simpleFile)) == (CONSFILE *)0) {
Error("[%s] FileOpenFD(simpleFile) failed: forcing down",
pCE->server);
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
if (ipmiconsole_ctx_status(pCE->ipmictx) ==
IPMICONSOLE_CTX_STATUS_SOL_ESTABLISHED) {
/* Read in the NULL from OUTPUT_ON_SOL_ESTABLISHED flag */
char b[1];
FileRead(pCE->cofile, b, 1); /* trust it's NULL */
pCE->ioState = ISNORMAL;
pCE->stateTimer = 0;
} else {
/* Error status cases will be handled in Kiddie() */
pCE->ioState = INCONNECT;
pCE->stateTimer = time((time_t *)0) + CONNECTTIMEOUT;
if (timers[T_STATE] == (time_t)0 ||
timers[T_STATE] > pCE->stateTimer)
timers[T_STATE] = pCE->stateTimer;
}
pCE->fup = 1;
break;
#endif
}
if (!pCE->fup) {
@ -1050,6 +1173,11 @@ ConsInit(pCE)
Verbose("[%s] port %hu on %s", pCE->server, pCE->netport,
pCE->host);
break;
#if HAVE_FREEIPMI
case IPMI:
Verbose("[%s] on %s", pCE->server);
break;
#endif
case NOOP:
Verbose("[%s] noop", pCE->server);
break;
@ -1066,7 +1194,12 @@ ConsInit(pCE)
/* if we're waiting for connect() to finish, watch the
* write bit, otherwise watch for the read bit
*/
if (pCE->ioState == INCONNECT)
if (pCE->ioState == INCONNECT
#if HAVE_FREEIPMI
/* We wait for read() with the libipmiconsole */
&& pCE->type != IPMI
#endif
)
FD_SET(cofile, &winit);
else
FD_SET(cofile, &rinit);
@ -1115,48 +1248,93 @@ ConsInit(pCE)
}
int
#if PROTOTYPES
AddrsMatch(char *addr1, char *addr2)
#else
AddrsMatch(addr1, addr2)
char *addr1;
char *addr2;
#endif
{
#if USE_IPV6
int error, ret = 0;
struct addrinfo *ai1, *ai2, hints;
#else
/* so, since we might use inet_addr, we're going to use
* (in_addr_t)(-1) as a sign of an invalid ip address.
* sad, but true.
*/
in_addr_t inAddr1 = (in_addr_t) (-1);
in_addr_t inAddr2 = (in_addr_t) (-1);
#if HAVE_INET_ATON
# if HAVE_INET_ATON
struct in_addr inetAddr1;
struct in_addr inetAddr2;
#endif
# endif
#endif /* USE_IPV6 */
/* first try simple character string match */
if (strcasecmp(addr1, addr2) == 0)
return 1;
#if USE_IPV6
# if HAVE_MEMSET
memset(&hints, 0, sizeof(hints));
# else
bzero(&hints, sizeof(hints));
# endif
hints.ai_flags = AI_ADDRCONFIG;
hints.ai_socktype = SOCK_STREAM;
error = getaddrinfo(addr1, NULL, &hints, &ai1);
if (error) {
Error("getaddrinfo(%s): %s", addr1, gai_strerror(error));
goto done;
}
error = getaddrinfo(addr2, NULL, &hints, &ai2);
if (error) {
Error("getaddrinfo(%s): %s", addr2, gai_strerror(error));
goto done;
}
for (; ai1 != NULL; ai1 = ai1->ai_next) {
for (; ai2 != NULL; ai2 = ai2->ai_next) {
if (ai1->ai_addr->sa_family != ai2->ai_addr->sa_family)
continue;
if (
# if HAVE_MEMCMP
memcmp(&ai1->ai_addr, &ai2->ai_addr,
sizeof(struct sockaddr_storage))
# else
bcmp(&ai1->ai_addr, &ai2->ai_addr,
sizeof(struct sockaddr_storage))
# endif
== 0) {
ret = 1;
goto done;
}
}
}
done:
freeaddrinfo(ai1);
freeaddrinfo(ai2);
Msg("compare %s and %s returns %d", addr1, addr2, ret);
return ret;
#else
/* now try ip address match (could have leading zeros or something) */
#if HAVE_INET_ATON
# if HAVE_INET_ATON
if (inet_aton(addr1, &inetAddr1) != 0)
inAddr1 = inetAddr1.s_addr;
if (inet_aton(addr2, &inetAddr2) != 0)
inAddr2 = inetAddr2.s_addr;
#else
# else
inAddr1 = inet_addr(addr1);
inAddr2 = inet_addr(addr2);
#endif
# endif
/* if both are ip addresses, we just match */
if (inAddr1 != (in_addr_t) (-1) && inAddr2 != (in_addr_t) (-1))
return !
#if HAVE_MEMCMP
# if HAVE_MEMCMP
memcmp(&inAddr1, &inAddr2, sizeof(inAddr1))
#else
# else
bcmp(&inAddr1, &inAddr2, sizeof(inAddr1))
#endif
# endif
;
/* both are hostnames...this sucks 'cause we have to copy one
@ -1184,11 +1362,11 @@ AddrsMatch(addr1, addr2)
if (addrs == (in_addr_t *) 0)
OutOfMem();
for (i = 0; i < c; i++) {
#if HAVE_MEMCPY
# if HAVE_MEMCPY
memcpy(&(addrs[i]), he->h_addr_list[i], he->h_length);
#else
# else
bcopy(he->h_addr_list[i], &(addrs[i]), he->h_length);
#endif
# endif
}
/* now process the second hostname */
@ -1208,12 +1386,12 @@ AddrsMatch(addr1, addr2)
for (j = 0; he->h_addr_list[j] != (char *)0; j++) {
for (i = 0; i < c; i++) {
if (
#if HAVE_MEMCMP
# if HAVE_MEMCMP
memcmp(&(addrs[i]), he->h_addr_list[j],
he->h_length)
#else
# else
bcmp(&(addrs[i]), he->h_addr_list[j], he->h_length)
#endif
# endif
== 0) {
free(addrs);
return 1;
@ -1247,28 +1425,24 @@ AddrsMatch(addr1, addr2)
}
for (i = 0; he->h_addr_list[i] != (char *)0; i++) {
if (
#if HAVE_MEMCMP
# if HAVE_MEMCMP
memcmp(iaddr, he->h_addr_list[i], he->h_length)
#else
# else
bcmp(iaddr, he->h_addr_list[i], he->h_length)
#endif
# endif
== 0)
return 1;
}
}
return 0;
#endif /* USE_IPV6 */
}
/* thread ther list of uniq console server machines, aliases for (ksb)
* machines will screw us up
*/
REMOTE *
#if PROTOTYPES
FindUniq(REMOTE *pRCAll)
#else
FindUniq(pRCAll)
REMOTE *pRCAll;
#endif
{
REMOTE *pRC;
@ -1291,12 +1465,7 @@ FindUniq(pRCAll)
}
void
#if PROTOTYPES
DestroyRemoteConsole(REMOTE *pRCList)
#else
DestroyRemoteConsole(pRCList)
REMOTE *pRCList;
#endif
{
NAMES *name = (NAMES *)0;

51
conserver/consent.h
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.h,v 5.68 2007/04/02 17:59:16 bryan Exp $
* $Id: consent.h,v 5.76 2015/06/02 17:19:31 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -57,9 +57,19 @@ typedef enum consType {
EXEC,
HOST,
NOOP,
UDS
UDS,
#if HAVE_FREEIPMI
IPMI,
#endif
} CONSTYPE;
#if HAVE_FREEIPMI
# define IPMIL_UNKNOWN (0)
# define IPMIL_USER (IPMICONSOLE_PRIVILEGE_USER+1)
# define IPMIL_OPERATOR (IPMICONSOLE_PRIVILEGE_OPERATOR+1)
# define IPMIL_ADMIN (IPMICONSOLE_PRIVILEGE_ADMIN+1)
#endif
typedef struct names {
char *name;
struct names *next;
@ -91,6 +101,17 @@ typedef struct consent { /* console information */
FLAG ixoff; /* XON/XOFF flow control on input */
#if defined(CRTSCTS)
FLAG crtscts; /* use hardware flow control */
#endif
#if HAVE_FREEIPMI
/* type == IPMI */
int ipmiprivlevel; /* IPMI authentication level */
ipmiconsole_ctx_t ipmictx; /* IPMI ctx */
unsigned int ipmiworkaround; /* IPMI workaround flags */
short ipmiwrkset; /* workaround flags set in config */
int ipmiciphersuite; /* IPMI cipher suite */
char *username; /* Username to log as */
char *password; /* Login Password */
STRING *ipmikg; /* IPMI k_g auth key */
#endif
/* type == HOST */
char *host; /* hostname */
@ -109,7 +130,7 @@ typedef struct consent { /* console information */
char *udssubst; /* socket file substitution pattern */
/* global stuff */
char *master; /* master hostname */
unsigned short breakNum; /* break type [1-9] */
unsigned short breakNum; /* break type [1-35] */
char *logfile; /* logfile */
off_t logfilemax; /* size limit for rolling logfile */
char *initcmd; /* initcmd command */
@ -122,11 +143,14 @@ typedef struct consent { /* console information */
unsigned short spinmax; /* initialization spin maximum */
unsigned short spintimer; /* initialization spin timer */
char *replstring; /* generic string for replacements */
char *tasklist; /* list of valid tasks */
char *breaklist; /* list of valid break sequences */
/* timestamp stuff */
int mark; /* Mark (chime) interval */
long nextMark; /* Next mark (chime) time */
FLAG activitylog; /* log attach/detach/bump */
FLAG breaklog; /* log breaks sent */
FLAG tasklog; /* log tasks invoked */
/* options */
FLAG ondemand; /* bring up on-demand */
FLAG reinitoncc; /* open if down on client connect */
@ -143,6 +167,8 @@ typedef struct consent { /* console information */
pid_t ipid; /* pid of virtual command */
pid_t initpid; /* pid of initcmd command */
CONSFILE *initfile; /* the command run on init */
pid_t taskpid; /* pid of task running */
CONSFILE *taskfile; /* the output from the task (read-only) */
STRING *wbuf; /* write() buffer */
int wbufIAC; /* next IAC location in wbuf */
IOSTATE ioState; /* state of the socket */
@ -183,12 +209,13 @@ typedef struct remote { /* console at another host */
NAMES *aliases; /* aliases for remote server name */
} REMOTE;
extern PARITY *FindParity PARAMS((char *));
extern BAUD *FindBaud PARAMS((char *));
extern void ConsInit PARAMS((CONSENT *));
extern void ConsDown PARAMS((CONSENT *, FLAG, FLAG));
extern REMOTE *FindUniq PARAMS((REMOTE *));
extern void DestroyRemoteConsole PARAMS((REMOTE *));
extern void StartInit PARAMS((CONSENT *));
extern void StopInit PARAMS((CONSENT *));
extern char *ConsState PARAMS((CONSENT *));
extern PARITY *FindParity(char *);
extern BAUD *FindBaud(char *);
extern void ConsInit(CONSENT *);
extern void ConsDown(CONSENT *, FLAG, FLAG);
extern REMOTE *FindUniq(REMOTE *);
extern void DestroyRemoteConsole(REMOTE *);
extern void StartInit(CONSENT *);
extern void StopInit(CONSENT *);
extern char *ConsState(CONSENT *);
extern void SetupTty(CONSENT *, int);

2
conserver/conserver.man
View File

@ -1,6 +1,6 @@
.\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine
.\" $Id: conserver.man,v 1.54 2006/12/31 02:02:48 bryan Exp $
.TH CONSERVER 8 "2006/12/31" "conserver-8.1.17" "conserver"
.TH CONSERVER 8 "2006/12/31" "conserver-8.2.1" "conserver"
.SH NAME
conserver \- console server daemon
.SH SYNOPSIS

33
conserver/convert.c
View File

@ -1,5 +1,5 @@
/*
* $Id: convert.c,v 1.12 2006/04/07 15:47:20 bryan Exp $
* $Id: convert.c,v 1.14 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -58,19 +58,12 @@ DestroyDataStructures()
}
char *
#if PROTOTYPES
ReadLine2(FILE *fp, STRING *save, int *iLine)
#else
ReadLine2(fp, save, iLine)
FILE *fp;
STRING *save;
int *iLine;
#endif
{
static char buf[1024];
char *wholeline = (char *)0;
char *ret = (char *)0;
int i, buflen, peek, commentCheck = 1, comment = 0;
int i, buflen, peek, commentCheck = 1;
static STRING *bufstr = (STRING *)0;
static STRING *wholestr = (STRING *)0;
@ -112,7 +105,6 @@ ReadLine2(fp, save, iLine)
if (!isspace((int)buf[i]))
break;
if (buf[i] == '#') {
comment = 1;
commentCheck = 0;
} else if (buf[i] != '\000') {
commentCheck = 0;
@ -123,14 +115,11 @@ ReadLine2(fp, save, iLine)
buflen = strlen(buf);
if ((buflen >= 1) && (buf[buflen - 1] == '\n')) {
(*iLine)++; /* Finally have a whole line */
/* if (comment == 0 && commentCheck == 0) { */
/* Finish off the chunk without the \n */
buf[buflen - 1] = '\000';
BuildString(buf, bufstr);
wholeline = BuildString(bufstr->string, wholestr);
/* }*/
peek = 1;
comment = 0;
commentCheck = 1;
BuildString((char *)0, bufstr);
} else {
@ -142,10 +131,6 @@ ReadLine2(fp, save, iLine)
/* If we hit the EOF and weren't peeking ahead
* and it's not a comment
*/
/*
if (!peek && (ret == (char *)0) && (comment == 0) &&
(commentCheck == 0)) {
*/
if (!peek && (ret == (char *)0)) {
(*iLine)++;
wholeline = BuildString(bufstr->string, wholestr);
@ -162,13 +147,7 @@ ReadLine2(fp, save, iLine)
* to manage the consoles
*/
void
#if PROTOTYPES
ReadCfg(char *pcFile, FILE *fp)
#else
ReadCfg(pcFile, fp)
char *pcFile;
FILE *fp;
#endif
{
int iLine;
unsigned char *acIn;
@ -432,7 +411,6 @@ ReadCfg(pcFile, fp)
(unsigned char *)ReadLine2(fp, acInSave,
&iLine)) != (unsigned char *)0) {
char *pcNext;
char cType;
acStart = PruneSpace((char *)acIn);
if (acStart[0] == '#') {
@ -478,7 +456,6 @@ ReadCfg(pcFile, fp)
printf("\ttrusted %s;\n", pcNext);
break;
default:
cType = ' ';
Error("%s(%d) unknown access key `%s'", pcFile, iLine,
acStart);
break;
@ -490,13 +467,7 @@ ReadCfg(pcFile, fp)
}
int
#if PROTOTYPES
main(int argc, char **argv)
#else
main(argc, argv)
int argc;
char **argv;
#endif
{
char *pcFile;
FILE *fp;

627
conserver/cutil.c
View File

File diff suppressed because it is too large Load Diff

167
conserver/cutil.h
View File

@ -1,22 +1,18 @@
/*
* $Id: cutil.h,v 1.69 2009/09/26 09:23:04 bryan Exp $
* $Id: cutil.h,v 1.70 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
#if PROTOTYPES
#include <stdarg.h>
#else
#include <varargs.h>
#endif
#if HAVE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
# include <openssl/ssl.h>
# include <openssl/err.h>
#endif
#if HAVE_GSSAPI
#include <gssapi/gssapi.h>
# include <gssapi/gssapi.h>
#endif
/* communication constants
@ -98,15 +94,15 @@ typedef struct consFile {
typedef struct item {
char *id;
void (*reg) PARAMS((char *));
void (*reg) (char *);
} ITEM;
typedef struct section {
char *id;
void (*begin) PARAMS((char *));
void (*end) PARAMS((void));
void (*abort) PARAMS((void));
void (*destroy) PARAMS((void));
void (*begin) (char *);
void (*end) (void);
void (*abort) (void);
void (*destroy) (void);
ITEM *items;
} SECTION;
@ -119,14 +115,14 @@ typedef enum substToken {
typedef struct subst {
/* function to retrieve a token type based on a character
*/
SUBSTTOKEN (*token) PARAMS((char));
SUBSTTOKEN (*token) (char);
/* data for callback function
*/
void *data;
/* function to retrieve a value (as a char* or int or both) for
* a substitution
*/
int (*value) PARAMS((char, char **, int *));
int (*value) (char, char **, int *);
} SUBST;
extern int isMultiProc, fDebug, fVerbose, fErrorPrinted;
@ -134,7 +130,9 @@ extern char *progname;
extern pid_t thepid;
#define MAXHOSTNAME 1024
extern char myHostname[];
#if !USE_IPV6
extern struct in_addr *myAddrs;
#endif
extern fd_set rinit;
extern fd_set winit;
extern int maxfd;
@ -145,73 +143,74 @@ extern char *file; /* used by ParseFile */
extern SECTION sections[]; /* used by ParseFile */
extern int isMaster;
extern const char *StrTime PARAMS((time_t *));
extern void Debug PARAMS((int, char *, ...));
extern void Error PARAMS((char *, ...));
extern void Msg PARAMS((char *, ...));
extern void Verbose PARAMS((char *, ...));
extern void SimpleSignal PARAMS((int, RETSIGTYPE(*)(int)));
extern int GetMaxFiles PARAMS(());
extern char *FmtCtl PARAMS((int, STRING *));
extern void FmtCtlStr PARAMS((char *, int, STRING *));
extern CONSFILE *FileOpenFD PARAMS((int, enum consFileType));
extern CONSFILE *FileOpenPipe PARAMS((int, int));
extern CONSFILE *FileOpen PARAMS((const char *, int, int));
extern int FileClose PARAMS((CONSFILE **));
extern int FileRead PARAMS((CONSFILE *, void *, int));
extern int FileWrite PARAMS((CONSFILE *, FLAG, char *, int));
extern void FileVWrite PARAMS((CONSFILE *, FLAG, char *, va_list));
extern void FilePrint PARAMS((CONSFILE *, FLAG, char *, ...));
extern int FileStat PARAMS((CONSFILE *, struct stat *));
extern int FileSeek PARAMS((CONSFILE *, off_t, int));
extern int FileSend PARAMS((CONSFILE *, const void *, size_t, int));
extern int FileFDNum PARAMS((CONSFILE *));
extern int FileFDOutNum PARAMS((CONSFILE *));
extern int FileUnopen PARAMS((CONSFILE *));
extern void OutOfMem PARAMS(());
extern char *BuildTmpString PARAMS((const char *));
extern char *BuildTmpStringChar PARAMS((const char));
extern char *BuildTmpStringPrint PARAMS((char *, ...));
extern char *BuildString PARAMS((const char *, STRING *));
extern char *BuildStringChar PARAMS((const char, STRING *));
extern char *BuildStringPrint PARAMS((STRING *, char *, ...));
extern char *BuildStringN PARAMS((const char *, int, STRING *));
extern char *ShiftString PARAMS((STRING *, int));
extern void InitString PARAMS((STRING *));
extern void DestroyString PARAMS((STRING *));
extern void DestroyStrings PARAMS((void));
extern STRING *AllocString PARAMS((void));
extern char *ReadLine PARAMS((FILE *, STRING *, int *));
extern enum consFileType FileGetType PARAMS((CONSFILE *));
extern void FileSetType PARAMS((CONSFILE *, enum consFileType));
extern void FileSetQuoteIAC PARAMS((CONSFILE *, FLAG));
extern FLAG FileSawQuoteSusp PARAMS((CONSFILE *));
extern FLAG FileSawQuoteExec PARAMS((CONSFILE *));
extern FLAG FileSawQuoteAbrt PARAMS((CONSFILE *));
extern FLAG FileSawQuoteGoto PARAMS((CONSFILE *));
extern void Bye PARAMS((int));
extern void DestroyDataStructures PARAMS((void));
extern int IsMe PARAMS((char *));
extern char *PruneSpace PARAMS((char *));
extern int FileCanRead PARAMS((CONSFILE *, fd_set *, fd_set *));
extern int FileCanWrite PARAMS((CONSFILE *, fd_set *, fd_set *));
extern int FileBufEmpty PARAMS((CONSFILE *));
extern int SetFlags PARAMS((int, int, int));
extern char *StrDup PARAMS((const char *));
extern int ParseIACBuf PARAMS((CONSFILE *, void *, int *));
extern void *MemMove PARAMS((void *, void *, size_t));
extern char *StringChar PARAMS((STRING *, int, char));
extern void ParseFile PARAMS((char *, FILE *, int));
extern void ProbeInterfaces PARAMS((in_addr_t));
extern void ProcessSubst
PARAMS((SUBST *, char **, char **, char *, char *));
extern char *MyVersion PARAMS((void));
extern unsigned int AtoU PARAMS((char *));
extern void StrCpy PARAMS((char *, const char *, unsigned int));
#if HAVE_OPENSSL
extern SSL *FileGetSSL PARAMS((CONSFILE *));
extern void FileSetSSL PARAMS((CONSFILE *, SSL *));
extern int SSLVerifyCallback PARAMS((int, X509_STORE_CTX *));
extern int FileSSLAccept PARAMS((CONSFILE *));
extern int FileCanSSLAccept PARAMS((CONSFILE *, fd_set *, fd_set *));
extern const char *StrTime(time_t *);
extern void Debug(int, char *, ...);
extern void Error(char *, ...);
extern void Msg(char *, ...);
extern void Verbose(char *, ...);
extern void SimpleSignal(int, RETSIGTYPE(*)(int));
extern int GetMaxFiles();
extern char *FmtCtl(int, STRING *);
extern void FmtCtlStr(char *, int, STRING *);
extern CONSFILE *FileOpenFD(int, enum consFileType);
extern CONSFILE *FileOpenPipe(int, int);
extern CONSFILE *FileOpen(const char *, int, int);
extern int FileClose(CONSFILE **);
extern int FileRead(CONSFILE *, void *, int);
extern int FileWrite(CONSFILE *, FLAG, char *, int);
extern void FileVWrite(CONSFILE *, FLAG, char *, va_list);
extern void FilePrint(CONSFILE *, FLAG, char *, ...);
extern int FileStat(CONSFILE *, struct stat *);
extern int FileSeek(CONSFILE *, off_t, int);
extern int FileSend(CONSFILE *, const void *, size_t, int);
extern int FileFDNum(CONSFILE *);
extern int FileFDOutNum(CONSFILE *);
extern int FileUnopen(CONSFILE *);
extern void OutOfMem();
extern char *BuildTmpString(const char *);
extern char *BuildTmpStringChar(const char);
extern char *BuildTmpStringPrint(char *, ...);
extern char *BuildString(const char *, STRING *);
extern char *BuildStringChar(const char, STRING *);
extern char *BuildStringPrint(STRING *, char *, ...);
extern char *BuildStringN(const char *, int, STRING *);
extern char *ShiftString(STRING *, int);
extern void InitString(STRING *);
extern void DestroyString(STRING *);
extern void DestroyStrings(void);
extern STRING *AllocString(void);
extern char *ReadLine(FILE *, STRING *, int *);
extern enum consFileType FileGetType(CONSFILE *);
extern void FileSetType(CONSFILE *, enum consFileType);
extern void FileSetQuoteIAC(CONSFILE *, FLAG);
extern FLAG FileSawQuoteSusp(CONSFILE *);
extern FLAG FileSawQuoteExec(CONSFILE *);
extern FLAG FileSawQuoteAbrt(CONSFILE *);
extern FLAG FileSawQuoteGoto(CONSFILE *);
extern void Bye(int);
extern void DestroyDataStructures(void);
extern int IsMe(char *);
extern char *PruneSpace(char *);
extern int FileCanRead(CONSFILE *, fd_set *, fd_set *);
extern int FileCanWrite(CONSFILE *, fd_set *, fd_set *);
extern int FileBufEmpty(CONSFILE *);
extern int SetFlags(int, int, int);
extern char *StrDup(const char *);
extern int ParseIACBuf(CONSFILE *, void *, int *);
extern void *MemMove(void *, void *, size_t);
extern char *StringChar(STRING *, int, char);
extern void ParseFile(char *, FILE *, int);
#if !USE_IPV6
extern void ProbeInterfaces(in_addr_t);
#endif
extern void ProcessSubst(SUBST *, char **, char **, char *, char *);
extern char *MyVersion(void);
extern unsigned int AtoU(char *);
extern void StrCpy(char *, const char *, unsigned int);
#if HAVE_OPENSSL
extern SSL *FileGetSSL(CONSFILE *);
extern void FileSetSSL(CONSFILE *, SSL *);
extern int SSLVerifyCallback(int, X509_STORE_CTX *);
extern int FileSSLAccept(CONSFILE *);
extern int FileCanSSLAccept(CONSFILE *, fd_set *, fd_set *);
#endif

80
conserver/fallback.c
View File

@ -1,5 +1,5 @@
/*
* $Id: fallback.c,v 5.61 2004/04/16 16:58:09 bryan Exp $
* $Id: fallback.c,v 5.62 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -27,44 +27,38 @@
* packages, i think things are ok...hopefully it's true!
*/
static int
#if PROTOTYPES
GetPseudoTTY(STRING *slave, int *slaveFD)
#else
GetPseudoTTY(slave, slaveFD)
STRING *slave;
int *slaveFD;
#endif
{
#if HAVE_OPENPTY
int fd = -1;
int sfd = -1;
int opty = 0;
char *pcName;
#if HAVE_SIGACTION
# if HAVE_SIGACTION
sigset_t oldmask, newmask;
#else
extern RETSIGTYPE FlagReapVirt PARAMS((int));
#endif
# else
extern RETSIGTYPE FlagReapVirt(int);
# endif
#if HAVE_SIGACTION
# if HAVE_SIGACTION
sigemptyset(&newmask);
sigaddset(&newmask, SIGCHLD);
if (sigprocmask(SIG_BLOCK, &newmask, &oldmask) < 0)
Error("GetPseudoTTY(): sigprocmask(SIG_BLOCK): %s",
strerror(errno));
#else
# else
SimpleSignal(SIGCHLD, SIG_DFL);
#endif
# endif
opty = openpty(&fd, &sfd, NULL, NULL, NULL);
#if HAVE_SIGACTION
# if HAVE_SIGACTION
if (sigprocmask(SIG_SETMASK, &oldmask, NULL) < 0)
Error("GetPseudoTTY(): sigprocmask(SIG_SETMASK): %s",
strerror(errno));
#else
# else
SimpleSignal(SIGCHLD, FlagReapVirt);
#endif
# endif
if (opty != 0) {
if (fd >= 0)
@ -84,15 +78,15 @@ GetPseudoTTY(slave, slaveFD)
*slaveFD = sfd;
return fd;
#else
#if (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX)
# if (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX)
int fd = -1;
int sfd = -1;
char *pcName;
#if HAVE_SIGACTION
# if HAVE_SIGACTION
sigset_t oldmask, newmask;
#else
extern RETSIGTYPE FlagReapVirt PARAMS((int));
#endif
# else
extern RETSIGTYPE FlagReapVirt(int);
# endif
int c;
/* clone list and idea stolen from xemacs distribution */
static char *clones[] = {
@ -111,48 +105,48 @@ GetPseudoTTY(slave, slaveFD)
if (fd < 0)
return -1;
#if HAVE_SIGACTION
# if HAVE_SIGACTION
sigemptyset(&newmask);
sigaddset(&newmask, SIGCHLD);
if (sigprocmask(SIG_BLOCK, &newmask, &oldmask) < 0)
Error("GetPseudoTTY(): sigprocmask(SIG_BLOCK): %s",
strerror(errno));
#else
# else
SimpleSignal(SIGCHLD, SIG_DFL);
#endif
# endif
#if HAVE_GRANTPT
# if HAVE_GRANTPT
grantpt(fd); /* change permission of slave */
#endif
# endif
#if HAVE_SIGACTION
# if HAVE_SIGACTION
if (sigprocmask(SIG_SETMASK, &oldmask, NULL) < 0)
Error("GetPseudoTTY(): sigprocmask(SIG_SETMASK): %s",
strerror(errno));
#else
# else
SimpleSignal(SIGCHLD, FlagReapVirt);
#endif
# endif
#if HAVE_UNLOCKPT
# if HAVE_UNLOCKPT
unlockpt(fd); /* unlock slave */
#endif
# endif
#if defined(_AIX)
# if defined(_AIX)
if ((pcName = ttyname(fd)) == (char *)0) {
close(fd);
return -1;
}
#else
# if HAVE_PTSNAME
# else
# if HAVE_PTSNAME
if ((pcName = ptsname(fd)) == (char *)0) {
close(fd);
return -1;
}
# else
# else
close(fd);
return -1;
# endif
#endif
# endif
# endif
/* go ahead and open the slave */
if ((sfd = open(pcName, O_RDWR, 0)) < 0) {
@ -166,7 +160,7 @@ GetPseudoTTY(slave, slaveFD)
*slaveFD = sfd;
return fd;
#else
# else
/*
* Below is the string for finding /dev/ptyXX. For each architecture we
* leave some pty's world writable because we don't have source for
@ -234,7 +228,7 @@ GetPseudoTTY(slave, slaveFD)
*slaveFD = sfd;
return fd;
#endif /* (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX) */
# endif /* (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX) */
#endif /* HAVE_OPENPTY */
}
@ -242,13 +236,7 @@ GetPseudoTTY(slave, slaveFD)
* get a pty using the GetPseudoTTY code above
*/
int
#if PROTOTYPES
FallBack(char **slave, int *sfd)
#else
FallBack(slave, sfd)
char **slave;
int *sfd;
#endif
{
int fd;
static STRING *pcTSlave = (STRING *)0;

1434
conserver/group.c
View File

File diff suppressed because it is too large Load Diff

41
conserver/group.h
View File

@ -1,5 +1,5 @@
/*
* $Id: group.h,v 5.49 2006/04/07 15:36:09 bryan Exp $
* $Id: group.h,v 5.52 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -64,25 +64,24 @@ typedef struct grpent { /* group info */
extern time_t timers[];
extern void Spawn PARAMS((GRPENT *, int));
extern int CheckPass PARAMS((char *, char *));
extern void TagLogfile PARAMS((const CONSENT *, char *, ...));
extern void TagLogfileAct PARAMS((const CONSENT *, char *, ...));
extern void DestroyGroup PARAMS((GRPENT *));
extern void DestroyConsent PARAMS((GRPENT *, CONSENT *));
extern void SendClientsMsg PARAMS((CONSENT *, char *));
extern void ResetMark PARAMS((void));
extern void DestroyConsentUsers PARAMS((CONSENTUSERS **));
extern CONSENTUSERS *ConsentFindUser PARAMS((CONSENTUSERS *, char *));
extern int ConsentUserOk PARAMS((CONSENTUSERS *, char *));
extern void DisconnectClient
PARAMS((GRPENT *, CONSCLIENT *, char *, FLAG));
extern int ClientAccess PARAMS((CONSENT *, char *));
extern void DestroyClient PARAMS((CONSCLIENT *));
extern int CheckPasswd PARAMS((CONSCLIENT *, char *));
extern void DeUtmp PARAMS((GRPENT *, int));
extern void ClientWantsWrite PARAMS((CONSCLIENT *));
extern void SendIWaitClientsMsg PARAMS((CONSENT *, char *));
extern void Spawn(GRPENT *, int);
extern int CheckPass(char *, char *, FLAG);
extern void TagLogfile(const CONSENT *, char *, ...);
extern void TagLogfileAct(const CONSENT *, char *, ...);
extern void DestroyGroup(GRPENT *);
extern void DestroyConsent(GRPENT *, CONSENT *);
extern void SendClientsMsg(CONSENT *, char *);
extern void ResetMark(void);
extern void DestroyConsentUsers(CONSENTUSERS **);
extern CONSENTUSERS *ConsentFindUser(CONSENTUSERS *, char *);
extern int ConsentUserOk(CONSENTUSERS *, char *);
extern void DisconnectClient(GRPENT *, CONSCLIENT *, char *, FLAG);
extern int ClientAccess(CONSENT *, char *);
extern void DestroyClient(CONSCLIENT *);
extern int CheckPasswd(CONSCLIENT *, char *, FLAG);
extern void DeUtmp(GRPENT *, int);
extern void ClientWantsWrite(CONSCLIENT *);
extern void SendIWaitClientsMsg(CONSENT *, char *);
#if HAVE_OPENSSL
extern int AttemptSSL PARAMS((CONSCLIENT *));
extern int AttemptSSL(CONSCLIENT *);
#endif

454
conserver/main.c
View File

@ -1,5 +1,5 @@
/*
* $Id: main.c,v 5.202 2009/09/26 09:23:04 bryan Exp $
* $Id: main.c,v 5.213 2015/06/02 17:19:31 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -54,9 +54,15 @@ int fAll = 0, fNoinit = 0, fVersion = 0, fStrip = 0, fReopen =
char *pcConfig = CONFIGFILE;
int cMaxMemb = MAXMEMB;
#if USE_IPV6
struct addrinfo *bindAddr;
struct addrinfo *bindBaseAddr;
#else
in_addr_t bindAddr = INADDR_ANY;
unsigned short bindPort;
unsigned short bindBasePort;
struct sockaddr_in in_port;
#endif
static STRING *startedMsg = (STRING *)0;
CONFIG *optConf = (CONFIG *)0;
CONFIG *config = (CONFIG *)0;
@ -69,11 +75,10 @@ CONFIG defConfig =
, FLAGFALSE
#endif
#if HAVE_OPENSSL
, (char *)0, FLAGTRUE
, (char *)0, FLAGTRUE, FLAGFALSE, (char *)0
#endif
};
struct sockaddr_in in_port;
CONSFILE *unifiedlog = (CONSFILE *)0;
#if HAVE_DMALLOC && DMALLOC_MARK_MAIN
@ -89,11 +94,7 @@ DH *dh4096 = (DH *)0;
DH *
#if PROTOTYPES
GetDH512(void)
#else
GetDH512()
#endif
{
static unsigned char dh512_p[] = {
0xF5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40, 0x18, 0x11, 0x8D,
@ -121,11 +122,7 @@ GetDH512()
}
DH *
#if PROTOTYPES
GetDH1024(void)
#else
GetDH1024()
#endif
{
static unsigned char dh1024_p[] = {
0xF4, 0x88, 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD, 0x20, 0xB4, 0x9D,
@ -159,11 +156,7 @@ GetDH1024()
}
DH *
#if PROTOTYPES
GetDH2048(void)
#else
GetDH2048()
#endif
{
static unsigned char dh2048_p[] = {
0xF6, 0x42, 0x57, 0xB7, 0x08, 0x7F, 0x08, 0x17, 0x72, 0xA2, 0xBA,
@ -210,11 +203,7 @@ GetDH2048()
}
DH *
#if PROTOTYPES
GetDH4096(void)
#else
GetDH4096()
#endif
{
static unsigned char dh4096_p[] = {
0xFA, 0x14, 0x72, 0x52, 0xC1, 0x4D, 0xE1, 0x5A, 0x49, 0xD4, 0xEF,
@ -287,14 +276,7 @@ GetDH4096()
}
DH *
#if PROTOTYPES
TmpDHCallback(SSL *ssl, int is_export, int keylength)
#else
TmpDHCallback(ssl, is_export, keylength)
SSL *ssl;
int is_export;
int keylength;
#endif
{
CONDDEBUG((1, "TmpDHCallback(): asked for a DH key length %u",
keylength));
@ -319,14 +301,11 @@ TmpDHCallback(ssl, is_export, keylength)
}
void
#if PROTOTYPES
SetupSSL(void)
#else
SetupSSL()
#endif
{
if (ctx == (SSL_CTX *)0) {
char *ciphers;
int verifymode;
SSL_load_error_strings();
if (!SSL_library_init()) {
Error("SetupSSL(): SSL_library_init() failed");
@ -360,7 +339,31 @@ SetupSSL()
} else {
ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH";
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback);
if (config->sslcacertificatefile != (char *)0) {
STACK_OF(X509_NAME) * cert_names;
cert_names =
SSL_load_client_CA_file(config->sslcacertificatefile);
if (cert_names != NULL) {
SSL_CTX_set_client_CA_list(ctx, cert_names);
if (SSL_CTX_load_verify_locations
(ctx, config->sslcacertificatefile, NULL) != 1) {
Error("Could not setup CA certificate file to '%s'",
config->sslcacertificatefile);
Bye(EX_UNAVAILABLE);
}
} else {
Error
("SetupSSL(): could not load SSL client CA list from `%s'",
config->sslcacertificatefile);
Bye(EX_SOFTWARE);
}
}
verifymode = SSL_VERIFY_PEER;
if (config->sslreqclientcert == FLAGTRUE)
verifymode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
SSL_CTX_set_verify(ctx, verifymode, SSLVerifyCallback);
SSL_CTX_set_options(ctx,
SSL_OP_ALL | SSL_OP_NO_SSLv2 |
SSL_OP_SINGLE_DH_USE);
@ -386,11 +389,7 @@ gss_name_t gss_myname = GSS_C_NO_NAME;
gss_cred_id_t gss_mycreds = GSS_C_NO_CREDENTIAL;
void
#if PROTOTYPES
SetupGSSAPI(void)
#else
SetupGSSAPI()
#endif
{
OM_uint32 stmaj, stmin;
char namestr[128];
@ -418,11 +417,7 @@ SetupGSSAPI()
#endif
void
#if PROTOTYPES
ReopenLogfile(void)
#else
ReopenLogfile()
#endif
{
static int tag = 1;
/* redirect stdout and stderr to the logfile.
@ -464,11 +459,7 @@ ReopenLogfile()
}
void
#if PROTOTYPES
ReopenUnifiedlog(void)
#else
ReopenUnifiedlog()
#endif
{
/* close any existing */
if (unifiedlog != (CONSFILE *)0)
@ -491,11 +482,7 @@ ReopenUnifiedlog()
/* become a daemon (ksb)
*/
static void
#if PROTOTYPES
Daemonize()
#else
Daemonize()
#endif
Daemonize(void)
{
int res;
#if !HAVE_SETSID
@ -556,12 +543,7 @@ Daemonize()
/* output a long message to the user (ksb)
*/
static void
#if PROTOTYPES
Usage(int wantfull)
#else
Usage(wantfull)
int wantfull;
#endif
{
static char u_terse[] =
"[-7dDEFhinoRSuvV] [-a type] [-m max] [-M master] [-p port] [-b port] [-c cred] [-C config] [-P passwd] [-L logfile] [-O min] [-U logfile]";
@ -620,11 +602,7 @@ Usage(wantfull)
/* show the user our version info (ksb)
*/
static void
#if PROTOTYPES
Version()
#else
Version()
#endif
Version(void)
{
static STRING *acA1 = (STRING *)0;
static STRING *acA2 = (STRING *)0;
@ -633,6 +611,9 @@ Version()
#if HAVE_DMALLOC
"dmalloc",
#endif
#if HAVE_FREEIPMI
"freeipmi",
#endif
#if USE_LIBWRAP
"libwrap",
#endif
@ -695,14 +676,23 @@ Version()
BuildStringChar('0' + DMALLOC_VERSION_MINOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + DMALLOC_VERSION_PATCH, acA1);
#if defined(DMALLOC_VERSION_BETA)
# if defined(DMALLOC_VERSION_BETA)
if (DMALLOC_VERSION_BETA != 0) {
BuildString("-b", acA1);
BuildStringChar('0' + DMALLOC_VERSION_BETA, acA1);
}
#endif
# endif
Msg("dmalloc version: %s", acA1->string);
#endif
#if HAVE_FREEIPMI
BuildString((char *)0, acA1);
BuildStringChar('0' + LIBIPMICONSOLE_VERSION_MAJOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + LIBIPMICONSOLE_VERSION_MINOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + LIBIPMICONSOLE_VERSION_PATCH, acA1);
Msg("freeipmi version: %s", acA1->string);
#endif
#if HAVE_OPENSSL
Msg("openssl version: %s", OPENSSL_VERSION_TEXT);
#endif
@ -714,11 +704,7 @@ Version()
}
void
#if PROTOTYPES
DestroyDataStructures(void)
#else
DestroyDataStructures()
#endif
{
GRPENT *pGE;
REMOTE *pRC;
@ -761,10 +747,17 @@ DestroyDataStructures()
DH_free(dh4096);
#endif
#if USE_IPV6
/* clean up addrinfo stucts */
freeaddrinfo(bindAddr);
freeaddrinfo(bindBaseAddr);
#else
if (myAddrs != (struct in_addr *)0)
free(myAddrs);
#endif
DestroyBreakList();
DestroyTaskList();
DestroyStrings();
DestroyUserList();
if (substData != (SUBST *)0)
@ -772,11 +765,7 @@ DestroyDataStructures()
}
void
#if PROTOTYPES
SummarizeDataStructures(void)
#else
SummarizeDataStructures()
#endif
{
GRPENT *pGE;
REMOTE *pRC;
@ -824,12 +813,24 @@ SummarizeDataStructures()
size += strlen(pCE->idlestring);
if (pCE->replstring != (char *)0)
size += strlen(pCE->replstring);
if (pCE->tasklist != (char *)0)
size += strlen(pCE->tasklist);
if (pCE->breaklist != (char *)0)
size += strlen(pCE->breaklist);
#if HAVE_FREEIPMI
if (pCE->username != (char *)0)
size += strlen(pCE->username);
if (pCE->password != (char *)0)
size += strlen(pCE->password);
#endif
if (pCE->fdlog != (CONSFILE *)0)
size += sizeof(CONSFILE);
if (pCE->cofile != (CONSFILE *)0)
size += sizeof(CONSFILE);
if (pCE->initfile != (CONSFILE *)0)
size += sizeof(CONSFILE);
if (pCE->taskfile != (CONSFILE *)0)
size += sizeof(CONSFILE);
if (pCE->aliases != (NAMES *)0) {
NAMES *n;
for (n = pCE->aliases; n != (NAMES *)0; n = n->next) {
@ -893,15 +894,18 @@ SummarizeDataStructures()
}
void
#if PROTOTYPES
DumpDataStructures(void)
#else
DumpDataStructures()
#endif
{
GRPENT *pGE;
CONSENT *pCE;
REMOTE *pRC;
int i;
TASKS *t;
#if HAVE_FREEIPMI
static STRING *tmpString = (STRING *)0;
if (tmpString == (STRING *)0)
tmpString = AllocString();
#endif
#if HAVE_DMALLOC && DMALLOC_MARK_MAIN
CONDDEBUG((1, "DumpDataStructures(): dmalloc / MarkMain"));
@ -945,6 +949,27 @@ DumpDataStructures()
pCE->execuid, pCE->execgid));
break;
#if HAVE_FREEIPMI
case IPMI:
CONDDEBUG((1,
"DumpDataStructures(): server=%s, type=IPMI",
EMPTYSTR(pCE->server)));
CONDDEBUG((1,
"DumpDataStructures(): host=%s, username=%s, password=%s, ipmiprivlevel=%d",
EMPTYSTR(pCE->host),
EMPTYSTR(pCE->username),
EMPTYSTR(pCE->password),
pCE->ipmiprivlevel));
CONDDEBUG((1,
"DumpDataStructures(): ipmiwrkset=%d, ipmiworkaround=%u, ipmiciphersuite=%d",
pCE->ipmiwrkset, pCE->ipmiworkaround,
pCE->ipmiciphersuite));
FmtCtlStr(pCE->ipmikg->string, pCE->ipmikg->used - 1,
tmpString);
CONDDEBUG((1, "DumpDataStructures(): ipmikg=%s",
EMPTYSTR(tmpString->string)));
break;
#endif
case HOST:
CONDDEBUG((1,
"DumpDataStructures(): server=%s, type=HOST",
@ -992,9 +1017,9 @@ DumpDataStructures()
pCE->nolog, FileFDNum(pCE->cofile),
FLAGSTR(pCE->activitylog), FLAGSTR(pCE->breaklog)));
CONDDEBUG((1,
"DumpDataStructures(): ixon=%s, ixany=%s, ixoff=%s",
FLAGSTR(pCE->ixon), FLAGSTR(pCE->ixany),
FLAGSTR(pCE->ixoff)));
"DumpDataStructures(): tasklog=%s, ixon=%s, ixany=%s, ixoff=%s",
FLAGSTR(pCE->tasklog), FLAGSTR(pCE->ixon),
FLAGSTR(pCE->ixany), FLAGSTR(pCE->ixoff)));
CONDDEBUG((1,
"DumpDataStructures(): autoreinit=%s, hupcl=%s, cstopb=%s, ondemand=%s",
FLAGSTR(pCE->autoreinit), FLAGSTR(pCE->hupcl),
@ -1019,6 +1044,11 @@ DumpDataStructures()
EMPTYSTR(pCE->motd), pCE->idletimeout,
EMPTYSTR(pCE->idlestring),
EMPTYSTR(pCE->replstring)));
CONDDEBUG((1,
"DumpDataStructures(): tasklist=%s, breaklist=%s, taskpid=%lu, taskfile=%d",
EMPTYSTR(pCE->tasklist), EMPTYSTR(pCE->breaklist),
(unsigned long)pCE->taskpid,
FileFDNum(pCE->taskfile)));
if (pCE->ro) {
CONSENTUSERS *u;
for (u = pCE->ro; u != (CONSENTUSERS *)0; u = u->next) {
@ -1046,6 +1076,20 @@ DumpDataStructures()
}
}
}
for (i = 0; i < BREAKLISTSIZE; i++) {
CONDDEBUG((1,
"DumpDataStructures(): break: #%c, string=%s, delay=%d, confirm=%s",
'1' + i + (i > 8 ? BREAKALPHAOFFSET : 0),
EMPTYSTR(breakList[i].seq->string), breakList[i].delay,
FLAGSTR(breakList[i].confirm)));
}
for (t = taskList; t != (TASKS *)0; t = t->next) {
CONDDEBUG((1,
"DumpDataStructures(): task: id=%c, cmd=%s, descr=%s, uid=%d, gid=%d, subst=%s, confirm=%s",
t->id, EMPTYSTR(t->cmd->string),
EMPTYSTR(t->descr->string), t->uid, t->gid,
EMPTYSTR(t->subst), FLAGSTR(t->confirm)));
}
}
/* This makes sure a directory exists and tries to create it if it
@ -1053,17 +1097,14 @@ DumpDataStructures()
*/
#if USE_UNIX_DOMAIN_SOCKETS
int
#if PROTOTYPES
VerifyEmptyDirectory(char *d)
#else
VerifyEmptyDirectory(d)
char *d;
#endif
{
struct stat dstat;
DIR *dir;
struct dirent *de;
# if 0 /* See below */
STRING *path = (STRING *)0;
# endif
int retval = 0;
while (1) {
@ -1104,7 +1145,7 @@ VerifyEmptyDirectory(d)
* database, config files, etc. too many important files could be
* shredded with a small typo.
*/
#if 0
# if 0
if (path == (STRING *)0)
path = AllocString();
BuildStringPrint(path, "%s/%s", d, de->d_name);
@ -1126,11 +1167,16 @@ VerifyEmptyDirectory(d)
break;
}
}
#endif
# endif
}
# if 0 /* See above */
if (path != (STRING *)0)
DestroyString(path);
# endif
/* free dir data structure */
closedir(dir);
return retval;
}
@ -1145,13 +1191,7 @@ VerifyEmptyDirectory(d)
* exit happy
*/
int
#if PROTOTYPES
main(int argc, char **argv)
#else
main(argc, argv)
int argc;
char **argv;
#endif
{
int i;
FILE *fpConfig = (FILE *)0;
@ -1164,9 +1204,14 @@ main(argc, argv)
int curuid = 0;
GRPENT *pGE = (GRPENT *)0;
#if !USE_UNIX_DOMAIN_SOCKETS
#if HAVE_INET_ATON
# if USE_IPV6
int s;
struct addrinfo hints;
# else
# if HAVE_INET_ATON
struct in_addr inetaddr;
#endif
# endif
# endif
#endif
isMultiProc = 1; /* make sure stuff has the pid */
@ -1197,6 +1242,9 @@ main(argc, argv)
setvbuf(stderr, NULL, _IOLBF, BUFSIZ);
#endif
/* Initialize the break list */
InitBreakList();
/* prep the config options */
if ((optConf = (CONFIG *)calloc(1, sizeof(CONFIG)))
== (CONFIG *)0)
@ -1364,7 +1412,115 @@ main(argc, argv)
if (fSyntaxOnly)
Msg("performing configuration file syntax check");
#if USE_UNIX_DOMAIN_SOCKETS
/* must do all this so IsMe() works right */
if (gethostname(myHostname, MAXHOSTNAME) != 0) {
Error("gethostname(): %s", strerror(errno));
Bye(EX_OSERR);
}
#if !USE_IPV6
ProbeInterfaces(bindAddr);
#endif
/* initialize the timers */
for (i = 0; i < T_MAX; i++)
timers[i] = (time_t)0;
/* read the config file */
if ((FILE *)0 == (fpConfig = fopen(pcConfig, "r"))) {
Error("fopen(%s): %s", pcConfig, strerror(errno));
Bye(EX_NOINPUT);
}
ReadCfg(pcConfig, fpConfig);
fclose(fpConfig);
#if !USE_UNIX_DOMAIN_SOCKETS
/* set up the port to bind to */
if (optConf->primaryport != (char *)0)
config->primaryport = StrDup(optConf->primaryport);
else if (pConfig->primaryport != (char *)0)
config->primaryport = StrDup(pConfig->primaryport);
else
config->primaryport = StrDup(defConfig.primaryport);
if (config->primaryport == (char *)0)
OutOfMem();
# if !USE_IPV6
/* Look for non-numeric characters */
for (i = 0; config->primaryport[i] != '\000'; i++)
if (!isdigit((int)config->primaryport[i]))
break;
if (config->primaryport[i] == '\000') {
/* numeric only */
bindPort = atoi(config->primaryport);
} else {
/* non-numeric only */
struct servent *pSE;
if ((struct servent *)0 ==
(pSE = getservbyname(config->primaryport, "tcp"))) {
Error("getservbyname(%s) failed", config->primaryport);
Bye(EX_OSERR);
} else {
bindPort = ntohs((unsigned short)pSE->s_port);
}
}
# endif
/* set up the secondary port to bind to */
if (optConf->secondaryport != (char *)0)
config->secondaryport = StrDup(optConf->secondaryport);
else if (pConfig->secondaryport != (char *)0)
config->secondaryport = StrDup(pConfig->secondaryport);
else
config->secondaryport = StrDup(defConfig.secondaryport);
if (config->secondaryport == (char *)0)
OutOfMem();
# if !USE_IPV6
/* Look for non-numeric characters */
for (i = 0; config->secondaryport[i] != '\000'; i++)
if (!isdigit((int)config->secondaryport[i]))
break;
if (config->secondaryport[i] == '\000') {
/* numeric only */
bindBasePort = atoi(config->secondaryport);
} else {
/* non-numeric only */
struct servent *pSE;
if ((struct servent *)0 ==
(pSE = getservbyname(config->secondaryport, "tcp"))) {
Error("getservbyname(%s) failed", config->secondaryport);
Bye(EX_OSERR);
} else {
bindBasePort = ntohs((unsigned short)pSE->s_port);
}
}
# endif
#endif
#if USE_IPV6
/* set up the address to bind to */
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags |= AI_PASSIVE;
/* create list or IPs suitable for primaryport */
s = getaddrinfo(interface, config->primaryport, &hints, &bindAddr);
if (s) {
Error("getaddrinfo(%s): %s", interface, gai_strerror(s));
Bye(EX_OSERR);
}
/* create list or IPs suitable for secondaryport */
s = getaddrinfo(interface, config->secondaryport, &hints,
&bindBaseAddr);
if (s) {
Error("getaddrinfo(%s): %s", interface, gai_strerror(s));
Bye(EX_OSERR);
}
#elif USE_UNIX_DOMAIN_SOCKETS
/* Don't do any redirects if we're purely local
* (but it allows them to see where remote consoles are)
*/
@ -1398,87 +1554,6 @@ main(argc, argv)
}
#endif
/* must do all this so IsMe() works right */
if (gethostname(myHostname, MAXHOSTNAME) != 0) {
Error("gethostname(): %s", strerror(errno));
Bye(EX_OSERR);
}
ProbeInterfaces(bindAddr);
/* initialize the timers */
for (i = 0; i < T_MAX; i++)
timers[i] = (time_t)0;
/* read the config file */
if ((FILE *)0 == (fpConfig = fopen(pcConfig, "r"))) {
Error("fopen(%s): %s", pcConfig, strerror(errno));
Bye(EX_NOINPUT);
}
ReadCfg(pcConfig, fpConfig);
fclose(fpConfig);
#if !USE_UNIX_DOMAIN_SOCKETS
/* set up the port to bind to */
if (optConf->primaryport != (char *)0)
config->primaryport = StrDup(optConf->primaryport);
else if (pConfig->primaryport != (char *)0)
config->primaryport = StrDup(pConfig->primaryport);
else
config->primaryport = StrDup(defConfig.primaryport);
if (config->primaryport == (char *)0)
OutOfMem();
/* Look for non-numeric characters */
for (i = 0; config->primaryport[i] != '\000'; i++)
if (!isdigit((int)config->primaryport[i]))
break;
if (config->primaryport[i] == '\000') {
/* numeric only */
bindPort = atoi(config->primaryport);
} else {
/* non-numeric only */
struct servent *pSE;
if ((struct servent *)0 ==
(pSE = getservbyname(config->primaryport, "tcp"))) {
Error("getservbyname(%s) failed", config->primaryport);
Bye(EX_OSERR);
} else {
bindPort = ntohs((unsigned short)pSE->s_port);
}
}
/* set up the secondary port to bind to */
if (optConf->secondaryport != (char *)0)
config->secondaryport = StrDup(optConf->secondaryport);
else if (pConfig->secondaryport != (char *)0)
config->secondaryport = StrDup(pConfig->secondaryport);
else
config->secondaryport = StrDup(defConfig.secondaryport);
if (config->secondaryport == (char *)0)
OutOfMem();
/* Look for non-numeric characters */
for (i = 0; config->secondaryport[i] != '\000'; i++)
if (!isdigit((int)config->secondaryport[i]))
break;
if (config->secondaryport[i] == '\000') {
/* numeric only */
bindBasePort = atoi(config->secondaryport);
} else {
/* non-numeric only */
struct servent *pSE;
if ((struct servent *)0 ==
(pSE = getservbyname(config->secondaryport, "tcp"))) {
Error("getservbyname(%s) failed", config->secondaryport);
Bye(EX_OSERR);
} else {
bindBasePort = ntohs((unsigned short)pSE->s_port);
}
}
#endif
if (optConf->passwdfile != (char *)0)
config->passwdfile = StrDup(optConf->passwdfile);
else if (pConfig->passwdfile != (char *)0)
@ -1568,12 +1643,29 @@ main(argc, argv)
else
config->sslrequired = defConfig.sslrequired;
if (optConf->sslreqclientcert != FLAGUNKNOWN)
config->sslreqclientcert = optConf->sslreqclientcert;
else if (pConfig->sslreqclientcert != FLAGUNKNOWN)
config->sslreqclientcert = pConfig->sslreqclientcert;
else
config->sslreqclientcert = defConfig.sslreqclientcert;
if (optConf->sslcredentials != (char *)0)
config->sslcredentials = StrDup(optConf->sslcredentials);
else if (pConfig->sslcredentials != (char *)0)
config->sslcredentials = StrDup(pConfig->sslcredentials);
else
config->sslcredentials = StrDup(defConfig.sslcredentials);
if (optConf->sslcacertificatefile != (char *)0)
config->sslcacertificatefile =
StrDup(optConf->sslcacertificatefile);
else if (pConfig->sslcacertificatefile != (char *)0)
config->sslcacertificatefile =
StrDup(pConfig->sslcacertificatefile);
else
config->sslcacertificatefile =
StrDup(defConfig.sslcacertificatefile);
#endif
#if HAVE_SETPROCTITLE
@ -1614,7 +1706,11 @@ main(argc, argv)
/* if no one can use us we need to come up with a default
*/
if (pACList == (ACCESS *)0)
#if USE_IPV6
SetDefAccess();
#else
SetDefAccess(myAddrs, myHostname);
#endif
/* spawn all the children, so fix kids has an initial pid
*/
@ -1636,13 +1732,15 @@ main(argc, argv)
local += pGE->imembers;
for (pRC = pRCList; (REMOTE *)0 != pRC; pRC = pRC->pRCnext)
remote++;
# if USE_UNIX_DOMAIN_SOCKETS
setproctitle("master: port 0, %d local, %d remote", local,
remote);
#else
setproctitle("master: port %hu, %d local, %d remote", bindPort,
setproctitle("master: port %hu, %d local, %d remote",
# if USE_IPV6
config->primaryport,
# elif USE_UNIX_DOMAIN_SOCKETS
0,
# else
bindPort,
# endif
local, remote);
#endif
}
#endif

15
conserver/main.h
View File

@ -1,5 +1,5 @@
/*
* $Id: main.h,v 5.54 2009/09/26 09:23:04 bryan Exp $
* $Id: main.h,v 5.55 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -39,11 +39,16 @@
extern char rcsid[];
extern int fAll, fNoinit, fInteractive, fStrip, fDaemon, fReopen,
fNoautoreup, fSyntaxOnly;
#if USE_IPV6
extern struct addrinfo *bindAddr;
extern struct addrinfo *bindBaseAddr;
#else
extern in_addr_t bindAddr;
extern struct sockaddr_in in_port;
#endif
extern unsigned short bindPort, bindBasePort;
extern char *pcConfig;
extern int cMaxMemb;
extern struct sockaddr_in in_port;
extern CONFIG *optConf;
extern CONFIG *config;
extern CONFIG defConfig;
@ -58,6 +63,6 @@ extern SSL_CTX *ctx;
extern gss_name_t gss_myname;
extern gss_cred_id_t gss_mycreds;
#endif
extern void ReopenLogfile PARAMS((void));
extern void ReopenUnifiedlog PARAMS((void));
extern void DumpDataStructures PARAMS((void));
extern void ReopenLogfile(void);
extern void ReopenUnifiedlog(void);
extern void DumpDataStructures(void);

155
conserver/master.c
View File

@ -1,5 +1,5 @@
/*
* $Id: master.c,v 5.136 2009/09/26 09:23:04 bryan Exp $
* $Id: master.c,v 5.141 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -49,12 +49,7 @@ static unsigned long dmallocMarkClientConnection = 0;
static RETSIGTYPE
#if PROTOTYPES
FlagSawCHLD(int sig)
#else
FlagSawCHLD(sig)
int sig;
#endif
{
fSawCHLD = 1;
#if !HAVE_SIGACTION
@ -66,12 +61,7 @@ FlagSawCHLD(sig)
* Called when master process receives SIGCHLD
*/
static void
#if PROTOTYPES
FixKids(int msfd)
#else
FixKids(msfd)
int msfd;
#endif
{
pid_t pid;
int UWbuf;
@ -135,12 +125,7 @@ FixKids(msfd)
* Called when master process receives SIGTERM
*/
static RETSIGTYPE
#if PROTOTYPES
FlagQuitIt(int arg)
#else
FlagQuitIt(arg)
int arg;
#endif
{
fSawQuit = 1;
#if !HAVE_SIGACTION
@ -152,12 +137,7 @@ FlagQuitIt(arg)
* want to do something special on SIGINT at some point.
*/
static RETSIGTYPE
#if PROTOTYPES
FlagSawINT(int arg)
#else
FlagSawINT(arg)
int arg;
#endif
{
fSawQuit = 1;
#if !HAVE_SIGACTION
@ -166,12 +146,7 @@ FlagSawINT(arg)
}
static RETSIGTYPE
#if PROTOTYPES
FlagSawHUP(int arg)
#else
FlagSawHUP(arg)
int arg;
#endif
{
fSawHUP = 1;
#if !HAVE_SIGACTION
@ -180,12 +155,7 @@ FlagSawHUP(arg)
}
static RETSIGTYPE
#if PROTOTYPES
FlagSawUSR2(int arg)
#else
FlagSawUSR2(arg)
int arg;
#endif
{
fSawUSR2 = 1;
#if !HAVE_SIGACTION
@ -194,12 +164,7 @@ FlagSawUSR2(arg)
}
static RETSIGTYPE
#if PROTOTYPES
FlagSawUSR1(int arg)
#else
FlagSawUSR1(arg)
int arg;
#endif
{
fSawUSR1 = 1;
#if !HAVE_SIGACTION
@ -210,12 +175,7 @@ FlagSawUSR1(arg)
/* Signal all the kids...
*/
void
#if PROTOTYPES
SignalKids(int arg)
#else
SignalKids(arg)
int arg;
#endif
{
GRPENT *pGE;
@ -232,12 +192,7 @@ SignalKids(arg)
}
REMOTE *
#if PROTOTYPES
FindRemoteConsole(char *args)
#else
FindRemoteConsole(args)
char *args;
#endif
{
REMOTE *pRC;
NAMES *name;
@ -254,13 +209,7 @@ FindRemoteConsole(args)
}
void
#if PROTOTYPES
CommandCall(CONSCLIENT *pCL, char *args)
#else
CommandCall(pCL, args)
CONSCLIENT *pCL;
char *args;
#endif
{
int found;
REMOTE *pRC, *pRCFound;
@ -383,13 +332,7 @@ CommandCall(pCL, args)
}
void
#if PROTOTYPES
DropMasterClient(CONSCLIENT *pCLServing, FLAG force)
#else
DropMasterClient(pCLServing, force)
CONSCLIENT *pCLServing;
FLAG force;
#endif
{
/* if we have data buffered and aren't forced to close,
* we can't close quite yet
@ -425,12 +368,7 @@ DropMasterClient(pCLServing, force)
}
void
#if PROTOTYPES
DoNormalRead(CONSCLIENT *pCLServing)
#else
DoNormalRead(pCLServing)
CONSCLIENT *pCLServing;
#endif
{
char *pcCmd;
char *pcArgs;
@ -461,8 +399,9 @@ DoNormalRead(pCLServing)
/* process password here...before we corrupt accmd */
if (pCLServing->iState == S_PASSWD) {
if (CheckPasswd(pCLServing, pCLServing->accmd->string) !=
AUTH_SUCCESS) {
if (CheckPasswd
(pCLServing, pCLServing->accmd->string, FLAGFALSE)
!= AUTH_SUCCESS) {
FileWrite(pCLServing->fd, FLAGFALSE,
"invalid password\r\n", -1);
BuildString((char *)0, pCLServing->accmd);
@ -564,7 +503,8 @@ DoNormalRead(pCLServing)
BuildString(pCLServing->peername->string,
pCLServing->acid);
if (pCLServing->caccess == 't' ||
CheckPasswd(pCLServing, "") == AUTH_SUCCESS) {
CheckPasswd(pCLServing, "",
FLAGTRUE) == AUTH_SUCCESS) {
pCLServing->iState = S_NORMAL;
Verbose("<master> login %s",
pCLServing->acid->string);
@ -584,11 +524,9 @@ DoNormalRead(pCLServing)
int iSep = 1;
if ((GRPENT *)0 != pGroups) {
#if USE_UNIX_DOMAIN_SOCKETS
FilePrint(pCLServing->fd, FLAGTRUE, "@0");
iSep = 0;
#else
struct sockaddr_in lcl;
#if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
SOCKADDR_STYPE lcl;
socklen_t so = sizeof(lcl);
if (-1 ==
getsockname(FileFDNum(pCLServing->fd),
@ -600,10 +538,25 @@ DoNormalRead(pCLServing)
FileFDNum(pCLServing->fd), strerror(errno));
iSep = -1;
} else {
# if USE_IPV6
int error;
char addr[NI_MAXHOST];
error =
getnameinfo((struct sockaddr *)&lcl, so, addr,
sizeof(addr), NULL, 0,
NI_NUMERICHOST);
if (!error)
FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
addr);
# else
FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
inet_ntoa(lcl.sin_addr));
# endif
iSep = 0;
}
#else
FilePrint(pCLServing->fd, FLAGTRUE, "@0");
iSep = 0;
#endif
}
if (iSep >= 0) {
@ -721,24 +674,24 @@ DoNormalRead(pCLServing)
/* this routine is used by the master console server process (ksb)
*/
void
#if PROTOTYPES
Master(void)
#else
Master()
#endif
{
int cfd;
int msfd;
socklen_t so;
fd_set rmask, wmask;
#if USE_UNIX_DOMAIN_SOCKETS
struct sockaddr_un master_port;
static STRING *portPath = (STRING *)0;
#else
#if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
# if USE_IPV6
struct addrinfo *rp;
# else
struct sockaddr_in master_port;
# endif
# if HAVE_SETSOCKOPT
int true = 1;
# endif
#else
struct sockaddr_un master_port;
static STRING *portPath = (STRING *)0;
#endif
FILE *fp;
CONSCLIENT *pCLServing = (CONSCLIENT *)0;
@ -778,13 +731,44 @@ Master()
/* set up port for master to listen on
*/
#if HAVE_MEMSET
#if !USE_IPV6
# if HAVE_MEMSET
memset((void *)&master_port, 0, sizeof(master_port));
#else
# else
bzero((char *)&master_port, sizeof(master_port));
# endif
#endif
#if USE_UNIX_DOMAIN_SOCKETS
#if USE_IPV6
for (rp = bindAddr; rp != NULL; rp = rp->ai_next) {
if ((msfd =
socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol)) < 0)
continue;
# if HAVE_SETSOCKOPT
if (setsockopt
(msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&true,
sizeof(true)) < 0)
goto fail;
# endif
if (!SetFlags(msfd, O_NONBLOCK, 0))
goto fail;
if (bind(msfd, rp->ai_addr, rp->ai_addrlen) == 0)
break;
fail:
close(msfd);
}
if (listen(msfd, SOMAXCONN) < 0) {
Error("Master(): listen(): %s", strerror(errno));
return;
}
/* save addrlen for accept */
so = rp->ai_addrlen;
#elif USE_UNIX_DOMAIN_SOCKETS
master_port.sun_family = AF_UNIX;
if (portPath == (STRING *)0)
@ -817,6 +801,11 @@ Master()
strerror(errno));
return;
}
# ifdef TRUST_UDS_CRED
/* Allow everyone to connect, but we later auth them via SO_PEERCRED */
chmod(master_port.sun_path, 0666);
# endif
#else
master_port.sin_family = AF_INET;
master_port.sin_addr.s_addr = bindAddr;
@ -983,7 +972,9 @@ Master()
dmallocMarkClientConnection = dmalloc_mark();
#endif
#if !USE_IPV6
so = sizeof(struct sockaddr_in);
#endif
for (cfd = 0; cfd == 0;) {
cfd =
accept(msfd, (struct sockaddr *)&pCLmfree->cnct_port, &so);

6
conserver/master.h
View File

@ -1,5 +1,5 @@
/*
* $Id: master.h,v 5.17 2003/10/03 14:23:37 bryan Exp $
* $Id: master.h,v 5.18 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -39,5 +39,5 @@
*/
extern CONSCLIENT *pCLmall;
extern CONSCLIENT *pCLmfree;
extern void Master PARAMS((void));
extern void SignalKids PARAMS((int));
extern void Master(void);
extern void SignalKids(int);

2022
conserver/readcfg.c
View File

File diff suppressed because it is too large Load Diff

40
conserver/readcfg.h
View File

@ -1,5 +1,5 @@
/*
* $Id: readcfg.h,v 5.45 2005/06/07 19:55:51 bryan Exp $
* $Id: readcfg.h,v 5.51 2015/06/02 17:19:31 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -7,6 +7,8 @@
*/
#define BREAKDELAYDEFAULT 250
#define BREAKLISTSIZE 35 /* ('z'-('a'-1))+('9'-('1'-1)) */
#define BREAKALPHAOFFSET 39 /* ('a'-('9'+1)) */
typedef struct config {
STRING *name;
@ -28,14 +30,28 @@ typedef struct config {
#if HAVE_OPENSSL
char *sslcredentials;
FLAG sslrequired;
FLAG sslreqclientcert;
char *sslcacertificatefile;
#endif
} CONFIG;
typedef struct breaks {
STRING *seq;
int delay;
FLAG confirm;
} BREAKS;
typedef struct tasks {
char id;
STRING *cmd;
STRING *descr;
uid_t uid;
gid_t gid;
char *subst;
FLAG confirm;
struct tasks *next;
} TASKS;
extern NAMES *userList; /* user list */
extern GRPENT *pGroups; /* group info */
extern REMOTE *pRCList; /* list of remote consoles we know about */
@ -43,15 +59,19 @@ extern REMOTE *pRCUniq; /* list of uniq console servers */
extern ACCESS *pACList; /* `who do you love' (or trust) */
extern CONSENTUSERS *pADList; /* list of admin users */
extern CONSENTUSERS *pLUList; /* list of limited users */
extern BREAKS breakList[9]; /* list of break sequences */
extern BREAKS breakList[BREAKLISTSIZE]; /* list of break sequences */
extern TASKS *taskList; /* list of tasks */
extern SUBST *taskSubst; /* substitution function data for tasks */
extern CONFIG *pConfig; /* settings seen by config parser */
extern SUBST *substData; /* substitution function data */
extern void ReadCfg PARAMS((char *, FILE *));
extern void ReReadCfg PARAMS((int, int));
extern void DestroyBreakList PARAMS((void));
extern void DestroyUserList PARAMS((void));
extern void DestroyConfig PARAMS((CONFIG *));
extern NAMES *FindUserList PARAMS((char *));
extern NAMES *AddUserList PARAMS((char *));
extern CONSENT *FindConsoleName PARAMS((CONSENT *, char *));
extern void ReadCfg(char *, FILE *);
extern void ReReadCfg(int, int);
extern void DestroyBreakList(void);
extern void InitBreakList(void);
extern void DestroyTaskList(void);
extern void DestroyUserList(void);
extern void DestroyConfig(CONFIG *);
extern NAMES *FindUserList(char *);
extern NAMES *AddUserList(char *);
extern CONSENT *FindConsoleName(CONSENT *, char *);

6
conserver/version.h
View File

@ -1,5 +1,5 @@
/*
* $Id: version.h,v 1.76 2009/09/29 06:24:53 bryan Exp $
* $Id: version.h,v 1.82 2015/06/01 15:36:59 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -15,7 +15,7 @@
All rights reserved.\n"
#define VERSION_MAJOR 8
#define VERSION_MINOR 1
#define VERSION_REV 17
#define VERSION_MINOR 2
#define VERSION_REV 1
#define VERSION_TEXT "conserver.com version"
#define VERSION_UINT (VERSION_MAJOR * 1000000 + VERSION_MINOR * 1000 + VERSION_REV)

3
console/Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
prefix = @prefix@
@ -56,6 +57,6 @@ install: console
$(MKDIR) $(DESTDIR)$(bindir)
$(INSTALL_PROGRAM) console $(DESTDIR)$(bindir)
$(MKDIR) $(DESTDIR)$(mandir)/man1
$(INSTALL) console.man $(DESTDIR)$(mandir)/man1/console.1
$(INSTALL) -m 0644 console.man $(DESTDIR)$(mandir)/man1/console.1
.PHONY: clean distclean install

313
console/console.c
View File

@ -1,5 +1,5 @@
/*
* $Id: console.c,v 5.184 2009/09/27 22:32:03 bryan Exp $
* $Id: console.c,v 5.191 2015/06/01 15:36:59 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -36,12 +36,16 @@
#include <readconf.h>
#include <version.h>
#if HAVE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/opensslv.h>
# include <openssl/ssl.h>
# include <openssl/err.h>
# include <openssl/opensslv.h>
#endif
#if HAVE_GSSAPI
#include <gssapi/gssapi.h>
# include <gssapi/gssapi.h>
#endif
#if USE_IPV6
# include <sys/socket.h>
# include <netdb.h>
#endif
@ -70,11 +74,7 @@ struct winsize ws;
SSL_CTX *ctx = (SSL_CTX *)0;
void
#if PROTOTYPES
SetupSSL(void)
#else
SetupSSL()
#endif
{
if (ctx == (SSL_CTX *)0) {
char *ciphers;
@ -91,6 +91,20 @@ SetupSSL()
Error("Could not load SSL default CA file and/or directory");
Bye(EX_UNAVAILABLE);
}
if (config->sslcacertificatefile != (char *)0 ||
config->sslcacertificatepath != (char *)0) {
if (SSL_CTX_load_verify_locations
(ctx, config->sslcacertificatefile,
config->sslcacertificatepath) != 1) {
if (config->sslcacertificatefile != (char *)0)
Error("Could not setup ca certificate file to '%s'",
config->sslcacertificatefile);
if (config->sslcacertificatepath != (char *)0)
Error("Could not setup ca certificate path to '%s'",
config->sslcacertificatepath);
Bye(EX_UNAVAILABLE);
}
}
if (config->sslcredentials != (char *)0) {
if (SSL_CTX_use_certificate_chain_file
(ctx, config->sslcredentials) != 1) {
@ -106,7 +120,11 @@ SetupSSL()
}
ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH";
} else {
# if defined(REQ_SERVER_CERT)
ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH";
# else
ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH";
# endif
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback);
SSL_CTX_set_options(ctx,
@ -124,12 +142,7 @@ SetupSSL()
}
void
#if PROTOTYPES
AttemptSSL(CONSFILE *pcf)
#else
AttemptSSL(pcf)
CONSFILE *pcf;
#endif
{
SSL *ssl;
@ -161,12 +174,7 @@ gss_ctx_id_t secctx = GSS_C_NO_CONTEXT;
gss_buffer_desc mytok = GSS_C_EMPTY_BUFFER;
int
#if PROTOTYPES
CanGetGSSContext(const char *servername)
#else
CanGetGSSContext(servername)
const char *servername;
#endif
{
char namestr[128];
gss_buffer_desc namebuf, dbuf;
@ -202,12 +210,7 @@ CanGetGSSContext(servername)
}
int
#if PROTOTYPES
AttemptGSSAPI(CONSFILE *pcf)
#else
AttemptGSSAPI(pcf)
CONSFILE *pcf;
#endif
{
OM_uint32 stmaj, stmin;
gss_buffer_desc servertok;
@ -228,7 +231,7 @@ AttemptGSSAPI(pcf)
GSS_C_MUTUAL_FLAG, 0,
GSS_C_NO_CHANNEL_BINDINGS, &servertok, NULL,
&mytok, NULL, NULL);
gss_release_buffer(NULL, &mytok);
gss_release_buffer(&stmin, &mytok);
ret = (stmaj == GSS_S_COMPLETE);
gss_release_name(&stmin, &gss_server_name);
@ -239,13 +242,7 @@ AttemptGSSAPI(pcf)
/* output a control (or plain) character as a UNIX user would expect it (ksb)
*/
static void
#if PROTOTYPES
PutCtlc(int c, FILE *fp)
#else
PutCtlc(c, fp)
int c;
FILE *fp;
#endif
{
if (0 != (0200 & c)) {
putc('M', fp);
@ -267,12 +264,7 @@ PutCtlc(c, fp)
/* output a long message to the user
*/
static void
#if PROTOTYPES
Usage(int wantfull)
#else
Usage(wantfull)
int wantfull;
#endif
{
static char *full[] = {
"7 strip the high bit off all console data",
@ -336,11 +328,7 @@ Usage(wantfull)
/* expain who we are and which revision we are (ksb)
*/
static void
#if PROTOTYPES
Version()
#else
Version()
#endif
Version(void)
{
int i;
static STRING *acA1 = (STRING *)0;
@ -358,9 +346,6 @@ Version()
#if HAVE_GSSAPI
"gssapi",
#endif
#if HAVE_PAM
"pam",
#endif
#if USE_UNIX_DOMAIN_SOCKETS
"uds",
#endif
@ -374,12 +359,12 @@ Version()
Msg(MyVersion());
#if USE_UNIX_DOMAIN_SOCKETS
Msg("default socket directory `%s\'", UDSDIR);
Msg("default socket directory `%s'", UDSDIR);
#else
Msg("default initial master server `%s\'", MASTERHOST);
Msg("default initial master server `%s'", MASTERHOST);
Msg("default port referenced as `%s'", DEFPORT);
#endif
Msg("default escape sequence `%s%s\'", FmtCtl(DEFATTN, acA1),
Msg("default escape sequence `%s%s'", FmtCtl(DEFATTN, acA1),
FmtCtl(DEFESC, acA2));
Msg("default site-wide configuration in `%s'", CLIENTCONFIGFILE);
Msg("default per-user configuration in `%s'", "$HOME/.consolerc");
@ -403,12 +388,12 @@ Version()
BuildStringChar('0' + DMALLOC_VERSION_MINOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + DMALLOC_VERSION_PATCH, acA1);
#if defined(DMALLOC_VERSION_BETA)
# if defined(DMALLOC_VERSION_BETA)
if (DMALLOC_VERSION_BETA != 0) {
BuildString("-b", acA1);
BuildStringChar('0' + DMALLOC_VERSION_BETA, acA1);
}
#endif
# endif
Msg("dmalloc version: %s", acA1->string);
#endif
#if HAVE_OPENSSL
@ -426,12 +411,7 @@ Version()
* c a plain character
*/
static int
#if PROTOTYPES
ParseChar(char **ppcSrc, char *pcOut)
#else
ParseChar(ppcSrc, pcOut)
char **ppcSrc, *pcOut;
#endif
{
int cvt, n;
char *pcScan = *ppcSrc;
@ -475,11 +455,7 @@ ParseChar(ppcSrc, pcOut)
/*
*/
static void
#if PROTOTYPES
ValidateEsc()
#else
ValidateEsc()
#endif
ValidateEsc(void)
{
unsigned char c1, c2;
@ -502,12 +478,7 @@ ValidateEsc()
/* find the two characters that makeup the users escape sequence (ksb)
*/
static void
#if PROTOTYPES
ParseEsc(char *pcText)
#else
ParseEsc(pcText)
char *pcText;
#endif
{
char *pcTemp;
char c1, c2;
@ -532,30 +503,85 @@ ParseEsc(pcText)
* as a side effect we set ThisHost to a short name for this host
*/
CONSFILE *
#if PROTOTYPES
GetPort(char *pcToHost, unsigned short sPort)
#else
GetPort(pcToHost, sPort)
char *pcToHost;
unsigned short sPort;
#endif
{
int s;
#if USE_UNIX_DOMAIN_SOCKETS
#if USE_IPV6
int error;
char host[NI_MAXHOST];
char serv[NI_MAXSERV];
struct addrinfo *ai, *rp, hints;
#elif USE_UNIX_DOMAIN_SOCKETS
struct sockaddr_un port;
static STRING *portPath = (STRING *)0;
#else
struct hostent *hp = (struct hostent *)0;
struct sockaddr_in port;
#endif
#if HAVE_MEMSET
memset((void *)(&port), '\000', sizeof(port));
#else
bzero((char *)(&port), sizeof(port));
#if HAVE_SETSOCKOPT
int one = 1;
#endif
#if USE_UNIX_DOMAIN_SOCKETS
#if USE_IPV6
# if HAVE_MEMSET
memset(&hints, 0, sizeof(hints));
# else
bzero(&hints, sizeof(hints));
# endif
#else
# if HAVE_MEMSET
memset((void *)(&port), '\000', sizeof(port));
# else
bzero((char *)(&port), sizeof(port));
# endif
#endif
#if USE_IPV6
hints.ai_flags = AI_ADDRCONFIG;
hints.ai_socktype = SOCK_STREAM;
snprintf(serv, sizeof(serv), "%hu", sPort);
error = getaddrinfo(pcToHost, serv, &hints, &ai);
if (error) {
Error("getaddrinfo(%s): %s", pcToHost, gai_strerror(error));
return (CONSFILE *)0;
}
rp = ai;
while (rp) {
error =
getnameinfo(rp->ai_addr, rp->ai_addrlen, host, sizeof(host),
serv, sizeof(serv),
NI_NUMERICHOST | NI_NUMERICSERV);
if (error) {
continue;
}
CONDDEBUG((1, "GetPort: hostname=%s, ip=%s, port=%s", pcToHost,
host, serv));
/* set up the socket to talk to the server for all consoles
* (it will tell us who to talk to to get a real connection)
*/
s = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol);
if (s != -1) {
# if HAVE_SETSOCKOPT
if (setsockopt
(s, SOL_SOCKET, SO_KEEPALIVE, (char *)&one,
sizeof(one)) < 0)
goto fail;
# endif
if (connect(s, rp->ai_addr, rp->ai_addrlen) == 0)
goto success;
fail:
close(s);
}
rp = rp->ai_next;
}
Error("Unable to connect to %s:%s", host, serv);
return (CONSFILE *)0;
success:
freeaddrinfo(ai);
#elif USE_UNIX_DOMAIN_SOCKETS
if (portPath == (STRING *)0)
portPath = AllocString();
BuildStringPrint(portPath, "%s/%hu", config->master, sPort);
@ -623,10 +649,19 @@ GetPort(pcToHost, sPort)
Error("socket(AF_INET,SOCK_STREAM): %s", strerror(errno));
return (CONSFILE *)0;
}
# if HAVE_SETSOCKOPT
if (setsockopt(s, SOL_SOCKET, SO_KEEPALIVE, (char *)&one, sizeof(one))
< 0) {
Error("setsockopt(SO_KEEPALIVE): %s", strerror(errno));
close(s);
return (CONSFILE *)0;
}
# endif
if (connect(s, (struct sockaddr *)(&port), sizeof(port)) < 0) {
Error("connect(): %hu@%s: %s", ntohs(port.sin_port), pcToHost,
strerror(errno));
close(s);
return (CONSFILE *)0;
}
#endif
@ -648,11 +683,7 @@ static struct termios o_tios;
* we really use cbreak at PUCC because we need even parity...
*/
static void
#if PROTOTYPES
C2Raw()
#else
C2Raw()
#endif
C2Raw(void)
{
struct termios n_tios;
@ -680,11 +711,7 @@ C2Raw()
* put the tty back as it was, however that was
*/
static void
#if PROTOTYPES
C2Cooked()
#else
C2Cooked()
#endif
C2Cooked(void)
{
if (!screwy)
return;
@ -693,11 +720,7 @@ C2Cooked()
}
void
#if PROTOTYPES
DestroyDataStructures(void)
#else
DestroyDataStructures()
#endif
{
C2Cooked();
if (cfstdout != (CONSFILE *)0)
@ -706,21 +729,17 @@ DestroyDataStructures()
DestroyConfig(optConf);
DestroyConfig(config);
DestroyTerminal(pTerm);
#if !USE_IPV6
if (myAddrs != (struct in_addr *)0)
free(myAddrs);
#endif
DestroyStrings();
if (substData != (SUBST *)0)
free(substData);
}
char *
#if PROTOTYPES
ReadReply(CONSFILE *fd, FLAG toEOF)
#else
ReadReply(fd, toEOF)
CONSFILE *fd;
FLAG toEOF;
#endif
{
int nr;
static char buf[1024];
@ -772,11 +791,7 @@ ReadReply(fd, toEOF)
}
static void
#if PROTOTYPES
ReapVirt(void)
#else
ReapVirt()
#endif
{
pid_t pid;
int UWbuf;
@ -817,12 +832,7 @@ static sig_atomic_t fSawReapVirt = 0;
static
#endif
RETSIGTYPE
#if PROTOTYPES
FlagReapVirt(int sig)
#else
FlagReapVirt(sig)
int sig;
#endif
{
fSawReapVirt = 1;
#if !HAVE_SIGACTION
@ -832,11 +842,7 @@ FlagReapVirt(sig)
/* invoke the execcmd command */
void
#if PROTOTYPES
ExecCmd(void)
#else
ExecCmd()
#endif
{
int i;
pid_t iNewGrp;
@ -914,15 +920,15 @@ ExecCmd()
close(1);
close(0);
# if HAVE_SETSID
#if HAVE_SETSID
iNewGrp = setsid();
if (-1 == iNewGrp) {
Error("ExecCmd(): setsid(): %s", strerror(errno));
iNewGrp = thepid;
}
# else
#else
iNewGrp = thepid;
# endif
#endif
if (dup(pout[0]) != 0 || dup(pin[1]) != 1) {
Error("ExecCmd(): fd sync error");
@ -942,12 +948,7 @@ ExecCmd()
}
void
#if PROTOTYPES
GetUserInput(STRING *str)
#else
GetUserInput(str)
STRING *str;
#endif
{
char c;
@ -993,12 +994,7 @@ GetUserInput(str)
}
void
#if PROTOTYPES
DoExec(CONSFILE *pcf)
#else
DoExec(pcf)
CONSFILE *pcf;
#endif
{
showExecData = 1;
FileWrite(cfstdout, FLAGFALSE, "exec: ", 6);
@ -1048,13 +1044,7 @@ DoExec(pcf)
}
void
#if PROTOTYPES
ExpandString(char *str, CONSFILE *c)
#else
ExpandString(str, c)
char *str;
CONSFILE *c;
#endif
{
char s;
short backslash = 0;
@ -1144,15 +1134,7 @@ ExpandString(str, c)
}
void
#if PROTOTYPES
PrintSubst(CONSFILE *pcf, char *pcMach, char *string, char *subst)
#else
PrintSubst(pcf, pcMach, string, subst)
CONSFILE *pcf;
char *pcMach;
char *string;
char *subst;
#endif
{
if (string == (char *)0)
return;
@ -1171,13 +1153,7 @@ PrintSubst(pcf, pcMach, string, subst)
}
void
#if PROTOTYPES
Interact(CONSFILE *pcf, char *pcMach)
#else
Interact(pcf, pcMach)
CONSFILE *pcf;
char *pcMach;
#endif
{
int i;
int nc;
@ -1352,7 +1328,7 @@ Interact(pcf, pcMach)
if (screwy)
break;
else {
FD_SET(0, &rinit);
FD_CLR(0, &rinit);
continue;
}
}
@ -1400,14 +1376,8 @@ Interact(pcf, pcMach)
/* interact with a group server (ksb)
*/
void
#if PROTOTYPES
CallUp(CONSFILE *pcf, char *pcMaster, char *pcMach, char *pcHow,
char *result)
#else
CallUp(pcf, pcMaster, pcMach, pcHow, result)
CONSFILE *pcf;
char *pcMaster, *pcMach, *pcHow, *result;
#endif
{
int fIn = '-';
char *r = (char *)0;
@ -1591,14 +1561,7 @@ char *cmdarg = (char *)0;
* and ask the machine master at pop.stat for more group leaders
*/
int
#if PROTOTYPES
DoCmds(char *master, char *pports, int cmdi)
#else
DoCmds(master, pports, cmdi)
char *master;
char *pports;
int cmdi;
#endif
{
CONSFILE *pcf;
char *t;
@ -1642,7 +1605,9 @@ DoCmds(master, pports, cmdi)
#endif
if (*ports == '\000') {
#if USE_UNIX_DOMAIN_SOCKETS
#if USE_IPV6
port = bindPort;
#elif USE_UNIX_DOMAIN_SOCKETS
port = 0;
#else
port = htons(bindPort);
@ -1651,7 +1616,9 @@ DoCmds(master, pports, cmdi)
Error("invalid port spec for %s: `%s'", serverName, ports);
continue;
} else {
#if USE_UNIX_DOMAIN_SOCKETS
#if USE_IPV6
port = (short)atoi(ports);
#elif USE_UNIX_DOMAIN_SOCKETS
port = (short)atoi(ports);
#else
port = htons((short)atoi(ports));
@ -1918,13 +1885,7 @@ DoCmds(master, pports, cmdi)
* exit happy or sad
*/
int
#if PROTOTYPES
main(int argc, char **argv)
#else
main(argc, argv)
int argc;
char **argv;
#endif
{
char *pcCmd;
struct passwd *pwdMe = (struct passwd *)0;
@ -2215,8 +2176,9 @@ main(argc, argv)
Version();
Bye(EX_OK);
}
#if !USE_IPV6
ProbeInterfaces(INADDR_ANY);
#endif
if (readSystemConf)
ReadConf(CLIENTCONFIGFILE, FLAGFALSE);
@ -2317,7 +2279,18 @@ main(argc, argv)
config->sslcredentials = StrDup(pConfig->sslcredentials);
else
config->sslcredentials = (char *)0;
if (pConfig->sslcacertificatefile != (char *)0 &&
pConfig->sslcacertificatefile[0] != '\000')
config->sslcacertificatefile =
StrDup(pConfig->sslcacertificatefile);
else
config->sslcacertificatefile = (char *)0;
if (pConfig->sslcacertificatepath != (char *)0 &&
pConfig->sslcacertificatepath[0] != '\000')
config->sslcacertificatepath =
StrDup(pConfig->sslcacertificatepath);
else
config->sslcacertificatepath = (char *)0;
if (optConf->sslenabled != FLAGUNKNOWN)
config->sslenabled = optConf->sslenabled;
else if (pConfig->sslenabled != FLAGUNKNOWN)
@ -2459,11 +2432,11 @@ main(argc, argv)
#if defined(TIOCGWINSZ)
if (interact == FLAGTRUE) {
int fd;
#if HAVE_MEMSET
# if HAVE_MEMSET
memset((void *)(&ws), '\000', sizeof(ws));
#else
# else
bzero((char *)(&ws), sizeof(ws));
#endif
# endif
if ((fd = open("/dev/tty", O_RDONLY)) != -1) {
ioctl(fd, TIOCGWINSZ, &ws);
}

23
console/console.man
View File

@ -1,5 +1,5 @@
.\" $Id: console.man,v 1.61 2006/04/03 13:32:12 bryan Exp $
.TH CONSOLE 1 "2006/04/03" "conserver-8.1.17" "conserver"
.\" $Id: console.man,v 1.66 2015/06/02 17:19:31 bryan Exp $
.TH CONSOLE 1 "2015/06/02" "conserver-8.2.1" "conserver"
.SH NAME
console \- console server client program
.SH SYNOPSIS
@ -564,6 +564,18 @@ Using the special value of ``0'' will cause the client to use the number
of lines of the current terminal (if that can be determined).
If the null string (``""'') is used, the replay length will not be overridden.
.TP
\f3sslcacertificatefile\fP \f2filename\fP
.br
Load the valid CA certificates for the
.SM SSL
connection from the PEM encoded file.
.TP
\f3sslcacertificatepath\fP \f2directory\fP
.br
Load the valid CA certificates for the
.SM SSL
connection from the PEM encoded files in the directory.
.TP
\f3sslcredentials\fP \f2filename\fP
.br
Set the
@ -845,7 +857,7 @@ list the break sequences available
.B l0
send the break sequence associated with this console
.TP
.B l1-9
.B l1-9a-z
send the specific break sequence
.TP
.B m
@ -868,7 +880,7 @@ replay the last 20 lines of output
set number of replay lines
.TP
.B s
switch to spy mode (read-only)
switch to spy mode (read only)
.TP
.B u
show status of hosts/users in this group
@ -885,6 +897,9 @@ examine this group's devices and modes
.B z
suspend this connection
.TP
.B !
invoke task
.TP
.B |
attach a local command to the console
.TP

21
console/getpassword.c
View File

@ -1,5 +1,5 @@
/*
* $Id: getpassword.c,v 1.8 2003/11/20 13:56:41 bryan Exp $
* $Id: getpassword.c,v 1.9 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -31,12 +31,7 @@ static STRING *pass = (STRING *)0;
* we really use cbreak at PUCC because we need even parity...
*/
static void
#if PROTOTYPES
C2Raw(int fd)
#else
C2Raw(fd)
int fd;
#endif
{
struct termios n_tios;
@ -64,12 +59,7 @@ C2Raw(fd)
* put the tty back as it was, however that was
*/
static void
#if PROTOTYPES
C2Normal(int fd)
#else
C2Normal(fd)
int fd;
#endif
{
if (!screwy)
return;
@ -78,12 +68,7 @@ C2Normal(fd)
}
char *
#if PROTOTYPES
GetPassword(char *prompt)
#else
GetPassword(prompt)
char *prompt;
#endif
{
int fd;
int nc;
@ -140,11 +125,7 @@ GetPassword(prompt)
}
void
#if PROTOTYPES
ClearPassword(void)
#else
ClearPassword()
#endif
{
if (pass == (STRING *)0 || pass->allocated == 0)
return;

6
console/getpassword.h
View File

@ -1,10 +1,10 @@
/*
* $Id: getpassword.h,v 1.3 2003/09/11 09:10:58 bryan Exp $
* $Id: getpassword.h,v 1.4 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
extern char *GetPassword PARAMS((char *));
extern void *ClearPassword PARAMS((void));
extern char *GetPassword(char *);
extern void *ClearPassword(void);

222
console/readconf.c
View File

@ -1,5 +1,5 @@
/*
* $Id: readconf.c,v 5.5 2006/04/03 13:32:12 bryan Exp $
* $Id: readconf.c,v 5.8 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -19,12 +19,7 @@ TERM *parserTermDefault = (TERM *)0;
TERM *pTerm = (TERM *)0;
void
#if PROTOTYPES
DestroyConfig(CONFIG *c)
#else
DestroyConfig(c)
CONFIG *c;
#endif
{
if (c == (CONFIG *)0)
return;
@ -39,17 +34,16 @@ DestroyConfig(c)
#if HAVE_OPENSSL
if (c->sslcredentials != (char *)0)
free(c->sslcredentials);
if (c->sslcacertificatefile != (char *)0)
free(c->sslcacertificatefile);
if (c->sslcacertificatepath != (char *)0)
free(c->sslcacertificatepath);
#endif
free(c);
}
void
#if PROTOTYPES
ApplyConfigDefault(CONFIG *c)
#else
ApplyConfigDefault(c)
CONFIG *c;
#endif
{
if (parserConfigDefault == (CONFIG *)0)
return;
@ -93,6 +87,22 @@ ApplyConfigDefault(c)
StrDup(parserConfigDefault->sslcredentials)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->sslcacertificatefile != (char *)0) {
if (c->sslcacertificatefile != (char *)0)
free(c->sslcacertificatefile);
if ((c->sslcacertificatefile =
StrDup(parserConfigDefault->sslcacertificatefile)) ==
(char *)0)
OutOfMem();
}
if (parserConfigDefault->sslcacertificatepath != (char *)0) {
if (c->sslcacertificatepath != (char *)0)
free(c->sslcacertificatepath);
if ((c->sslcacertificatepath =
StrDup(parserConfigDefault->sslcacertificatepath)) ==
(char *)0)
OutOfMem();
}
if (parserConfigDefault->sslrequired != FLAGUNKNOWN)
c->sslrequired = parserConfigDefault->sslrequired;
if (parserConfigDefault->sslenabled != FLAGUNKNOWN)
@ -101,12 +111,7 @@ ApplyConfigDefault(c)
}
void
#if PROTOTYPES
ConfigBegin(char *id)
#else
ConfigBegin(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigBegin(%s) [%s:%d]", id, file, line));
if (id == (char *)0 || id[0] == '\000') {
@ -124,11 +129,7 @@ ConfigBegin(id)
}
void
#if PROTOTYPES
ConfigEnd(void)
#else
ConfigEnd()
#endif
{
CONDDEBUG((1, "ConfigEnd() [%s:%d]", file, line));
@ -150,11 +151,7 @@ ConfigEnd()
}
void
#if PROTOTYPES
ConfigAbort(void)
#else
ConfigAbort()
#endif
{
CONDDEBUG((1, "ConfigAbort() [%s:%d]", file, line));
if (parserConfigTemp == (CONFIG *)0)
@ -165,11 +162,7 @@ ConfigAbort()
}
void
#if PROTOTYPES
ConfigDestroy(void)
#else
ConfigDestroy()
#endif
{
CONDDEBUG((1, "ConfigDestroy() [%s:%d]", file, line));
@ -186,12 +179,7 @@ ConfigDestroy()
}
void
#if PROTOTYPES
DestroyTerminal(TERM *t)
#else
DestroyTerminal(t)
TERM *t;
#endif
{
if (t == (TERM *)0)
return;
@ -207,12 +195,7 @@ DestroyTerminal(t)
}
void
#if PROTOTYPES
ApplyTermDefault(TERM *t)
#else
ApplyTermDefault(t)
TERM *t;
#endif
{
if (parserTermDefault == (TERM *)0)
return;
@ -246,12 +229,7 @@ ApplyTermDefault(t)
}
void
#if PROTOTYPES
TerminalBegin(char *id)
#else
TerminalBegin(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalBegin(%s) [%s:%d]", id, file, line));
if (id == (char *)0 || id[0] == '\000') {
@ -269,11 +247,7 @@ TerminalBegin(id)
}
void
#if PROTOTYPES
TerminalEnd(void)
#else
TerminalEnd()
#endif
{
static char *term = (char *)0;
@ -303,11 +277,7 @@ TerminalEnd()
}
void
#if PROTOTYPES
TerminalAbort(void)
#else
TerminalAbort()
#endif
{
CONDDEBUG((1, "TerminalAbort() [%s:%d]", file, line));
if (parserTermTemp == (TERM *)0)
@ -318,11 +288,7 @@ TerminalAbort()
}
void
#if PROTOTYPES
TerminalDestroy(void)
#else
TerminalDestroy()
#endif
{
CONDDEBUG((1, "TerminalDestroy() [%s:%d]", file, line));
@ -339,13 +305,7 @@ TerminalDestroy()
}
void
#if PROTOTYPES
ProcessYesNo(char *id, FLAG *flag)
#else
ProcessYesNo(id, flag)
char *id;
FLAG *flag;
#endif
{
if (id == (char *)0 || id[0] == '\000')
*flag = FLAGFALSE;
@ -358,12 +318,7 @@ ProcessYesNo(id, flag)
}
void
#if PROTOTYPES
ConfigItemEscape(char *id)
#else
ConfigItemEscape(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemEscape(%s) [%s:%d]", id, file, line));
@ -379,12 +334,7 @@ ConfigItemEscape(id)
}
void
#if PROTOTYPES
ConfigItemMaster(char *id)
#else
ConfigItemMaster(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemMaster(%s) [%s:%d]", id, file, line));
@ -400,12 +350,7 @@ ConfigItemMaster(id)
}
void
#if PROTOTYPES
ConfigItemPlayback(char *id)
#else
ConfigItemPlayback(id)
char *id;
#endif
{
int i;
@ -429,12 +374,7 @@ ConfigItemPlayback(id)
}
void
#if PROTOTYPES
ConfigItemPort(char *id)
#else
ConfigItemPort(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemPort(%s) [%s:%d]", id, file, line));
@ -450,12 +390,7 @@ ConfigItemPort(id)
}
void
#if PROTOTYPES
ConfigItemReplay(char *id)
#else
ConfigItemReplay(id)
char *id;
#endif
{
int i;
@ -479,12 +414,7 @@ ConfigItemReplay(id)
}
void
#if PROTOTYPES
ConfigItemSslcredentials(char *id)
#else
ConfigItemSslcredentials(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemSslcredentials(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
@ -505,12 +435,51 @@ ConfigItemSslcredentials(id)
}
void
#if PROTOTYPES
ConfigItemSslrequired(char *id)
ConfigItemSslcacertificatefile(char *id)
{
CONDDEBUG((1, "ConfigItemSslcacertificatefile(%s) [%s:%d]", id, file,
line));
#if HAVE_OPENSSL
if (parserConfigTemp->sslcacertificatefile != (char *)0)
free(parserConfigTemp->sslcacertificatefile);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->sslcacertificatefile = (char *)0;
return;
}
if ((parserConfigTemp->sslcacertificatefile = StrDup(id)) == (char *)0)
OutOfMem();
#else
ConfigItemSslrequired(id)
char *id;
Error
("sslcacertificatefile ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
ConfigItemSslcacertificatepath(char *id)
{
CONDDEBUG((1, "ConfigItemSslcacertificatepath(%s) [%s:%d]", id, file,
line));
#if HAVE_OPENSSL
if (parserConfigTemp->sslcacertificatepath != (char *)0)
free(parserConfigTemp->sslcacertificatepath);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->sslcacertificatepath = (char *)0;
return;
}
if ((parserConfigTemp->sslcacertificatepath = StrDup(id)) == (char *)0)
OutOfMem();
#else
Error
("sslcacertificatepath ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
ConfigItemSslrequired(char *id)
{
CONDDEBUG((1, "ConfigItemSslrequired(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
@ -523,12 +492,7 @@ ConfigItemSslrequired(id)
}
void
#if PROTOTYPES
ConfigItemSslenabled(char *id)
#else
ConfigItemSslenabled(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemSslenabled(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
@ -540,24 +504,14 @@ ConfigItemSslenabled(id)
}
void
#if PROTOTYPES
ConfigItemStriphigh(char *id)
#else
ConfigItemStriphigh(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemStriphigh(%s) [%s:%d]", id, file, line));
ProcessYesNo(id, &(parserConfigTemp->striphigh));
}
void
#if PROTOTYPES
ConfigItemUsername(char *id)
#else
ConfigItemUsername(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemUsername(%s) [%s:%d]", id, file, line));
@ -575,12 +529,7 @@ ConfigItemUsername(id)
SUBST *substData = (SUBST *)0;
SUBSTTOKEN
#if PROTOTYPES
SubstToken(char c)
#else
SubstToken(c)
char c;
#endif
{
switch (c) {
case 'u':
@ -592,14 +541,7 @@ SubstToken(c)
}
int
#if PROTOTYPES
SubstValue(char c, char **s, int *i)
#else
SubstValue(c, s, i)
char c;
char **s;
int *i;
#endif
{
int retval = 0;
@ -622,11 +564,7 @@ SubstValue(c, s, i)
}
void
#if PROTOTYPES
InitSubstCallback(void)
#else
InitSubstCallback()
#endif
{
if (substData == (SUBST *)0) {
if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0)
@ -638,12 +576,7 @@ InitSubstCallback()
void
#if PROTOTYPES
TerminalItemAttach(char *id)
#else
TerminalItemAttach(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalItemAttach(%s) [%s:%d]", id, file, line));
@ -659,12 +592,7 @@ TerminalItemAttach(id)
}
void
#if PROTOTYPES
TerminalItemAttachsubst(char *id)
#else
TerminalItemAttachsubst(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalItemAttachsubst(%s) [%s:%d]", id, file, line));
ProcessSubst(substData, (char **)0, &(parserTermTemp->attachsubst),
@ -672,12 +600,7 @@ TerminalItemAttachsubst(id)
}
void
#if PROTOTYPES
TerminalItemDetach(char *id)
#else
TerminalItemDetach(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalItemDetach(%s) [%s:%d]", id, file, line));
@ -693,12 +616,7 @@ TerminalItemDetach(id)
}
void
#if PROTOTYPES
TerminalItemDetachsubst(char *id)
#else
TerminalItemDetachsubst(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalItemDetachsubst(%s) [%s:%d]", id, file, line));
ProcessSubst(substData, (char **)0, &(parserTermTemp->detachsubst),
@ -712,6 +630,8 @@ ITEM keyConfig[] = {
{"port", ConfigItemPort},
{"replay", ConfigItemReplay},
{"sslcredentials", ConfigItemSslcredentials},
{"sslcacertificatefile", ConfigItemSslcacertificatefile},
{"sslcacertificatepath", ConfigItemSslcacertificatepath},
{"sslrequired", ConfigItemSslrequired},
{"sslenabled", ConfigItemSslenabled},
{"striphigh", ConfigItemStriphigh},
@ -736,13 +656,7 @@ SECTION sections[] = {
};
void
#if PROTOTYPES
ReadConf(char *filename, FLAG verbose)
#else
ReadConf(filename, verbose)
char *filename;
FLAG verbose;
#endif
{
FILE *fp;
@ -793,6 +707,10 @@ ReadConf(filename, verbose)
#if HAVE_OPENSSL
CONDDEBUG((1, "pConfig->sslcredentials = %s",
EMPTYSTR(pConfig->sslcredentials)));
CONDDEBUG((1, "pConfig->sslcacertificatefile = %s",
EMPTYSTR(pConfig->sslcacertificatefile)));
CONDDEBUG((1, "pConfig->sslcacertificatepath = %s",
EMPTYSTR(pConfig->sslcacertificatepath)));
CONDDEBUG((1, "pConfig->sslrequired = %s",
FLAGSTR(pConfig->sslrequired)));
CONDDEBUG((1, "pConfig->sslenabled = %s",

10
console/readconf.h
View File

@ -1,5 +1,5 @@
/*
* $Id: readconf.h,v 5.4 2006/04/03 13:32:12 bryan Exp $
* $Id: readconf.h,v 5.7 2014/04/20 06:45:07 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -18,6 +18,8 @@ typedef struct config {
unsigned short playback;
#if HAVE_OPENSSL
char *sslcredentials;
char *sslcacertificatefile;
char *sslcacertificatepath;
FLAG sslrequired;
FLAG sslenabled;
#endif
@ -35,6 +37,6 @@ extern CONFIG *pConfig;
extern TERM *pTerm;
extern SUBST *substData;
extern void ReadConf PARAMS((char *, FLAG));
extern void DestroyConfig PARAMS((CONFIG *));
extern void DestroyTerminal PARAMS((TERM *));
extern void ReadConf(char *, FLAG);
extern void DestroyConfig(CONFIG *);
extern void DestroyTerminal(TERM *);

1
contrib/chat/Makefile.in
View File

@ -1,4 +1,5 @@
### Path settings
datarootdir = @datarootdir@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
prefix = @prefix@

13
contrib/maketestcerts
View File

@ -6,12 +6,13 @@
# outside of my own purposes. If this helps, cool. In the end I put the
# rootcert.pem file in my global certs directory (OPENSSL_ROOT/ssl/certs),
# point the server to server.pem and point the client at client.pem. I
# then run the c_rehash command (I supposed it helps or is important).
# When it asks for a passphrase, use 'pass', otherwise this script won't
# work. Ugly, yeah, but it's an ok test.
# then run the c_rehash command.
#
# You can also use the sslcacertificatefile options to point the client/server
# at rootcert.pem instead of populating the global repository
#
[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -passin pass:pass -passout pass:pass
[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -nodes
US
California
Folsom
@ -25,7 +26,7 @@ EOD
[ -f rootcert.pem ] || openssl x509 -req -in rootreq.pem -sha1 -extensions v3_ca -signkey rootkey.pem -out rootcert.pem
[ -f root.pem ] || cat rootcert.pem rootkey.pem > root.pem
[ -f serverreq.pem -a -f serverkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -passin pass:pass -passout pass:pass
[ -f serverreq.pem -a -f serverkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -nodes
US
California
Folsom
@ -39,7 +40,7 @@ EOD
[ -f servercert.pem ] || openssl x509 -req -in serverreq.pem -sha1 -extensions usr_cert -CA root.pem -CAkey root.pem -CAcreateserial -out servercert.pem
[ -f server.pem ] || cat servercert.pem serverkey.pem rootcert.pem > server.pem
[ -f clientreq.pem -a -f clientkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem -passin pass:pass -passout pass:pass
[ -f clientreq.pem -a -f clientkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem -nodes
US
California
Folsom

41
contrib/redhat-rpm/conserver.init
View File

@ -25,31 +25,48 @@ DAEMON=/usr/sbin/conserver
[ -x $DAEMON ] || exit 1
start()
{
echo -n "Starting conserver: "
daemon --user "${RUNAS-}" $DAEMON ${OPTIONS--d}
RETVAL=$?
[ "$RETVAL" = 0 ] && touch /var/lock/subsys/conserver
echo
}
stop()
{
echo -n "Shutting down conserver: "
killproc conserver
RETVAL=$?
[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/conserver
echo
}
# See how we were called.
case "$1" in
start)
echo -n "Starting conserver: "
daemon --user "${RUNAS-}" $DAEMON ${OPTIONS--d}
echo
touch /var/lock/subsys/conserver
start
;;
stop)
echo -n "Shutting down conserver: "
killproc conserver
echo
rm -f /var/lock/subsys/conserver
stop
;;
status)
status conserver
;;
restart)
echo -n "Restarting conserver: "
stop
start
;;
reload)
echo -n "Reloading conserver: "
killproc conserver -HUP
RETVAL=$?
echo
;;
*)
echo "Usage: conserver {start|stop|restart|status}"
exit 1
echo "Usage: conserver {start|stop|restart|reload|status}"
RETVAL=1
esac
exit 0
exit $RETVAL

58
contrib/redhat-rpm/conserver.spec
View File

@ -4,7 +4,7 @@
#
%define pkg conserver
%define ver 8.1.17
%define ver 8.2.1
# define the name of the machine on which the main conserver
# daemon will be running if you don't want to use the default
@ -16,24 +16,26 @@
# compile arguments. defaults to 0
# example: rpmbuild -bb conserver.spec --with openssl
%define with_openssl %{?_with_openssl: 1} %{?!_with_openssl: 0}
%define with_libwrap %{?_with_libwrap: 1} %{?!_with_libwrap: 0}
%define with_pam %{?_with_pam: 1} %{?!_with_pam: 0}
%define with_dmalloc %{?_with_dmalloc: 1} %{?!_with_dmalloc: 0}
%define with_openssl %{?_with_openssl: 1} %{?!_with_openssl: 0}
%define with_libwrap %{?_with_libwrap: 1} %{?!_with_libwrap: 0}
%define with_pam %{?_with_pam: 1} %{?!_with_pam: 0}
%define with_dmalloc %{?_with_dmalloc: 1} %{?!_with_dmalloc: 0}
%define with_freeipmi %{?_with_freeipmi: 1} %{?!_with_freeipmi: 0}
# additionally you can use macros logfile pidfile
# example: rpmbuild -bb conserver.spec --define "pidfile /var/run/conserver/pid"
Summary: Serial console server daemon/client
Name: %{pkg}
Version: %{ver}
Release: %{distver}
License: BSD
Summary: Serial console server daemon/client
Group: System Environment/Daemons
URL: http://www.conserver.com/
Source: http://www.conserver.com/%{pkg}-%{ver}.tar.gz
BuildRoot: %{_tmppath}/%{pkg}-buildroot
%if %{with_openssl}
Requires: openssl
BuildRequires: openssl-devel
%endif
%if %{with_pam}
@ -46,15 +48,35 @@ Requires: tcp_wrappers
Requires: dmalloc
BuildRequires: dmalloc
%endif
%if %{with_freeipmi}
Requires: freeipmi
BuildRequires: freeipmi-devel
%endif
Prefix: %{_prefix}
%package server
Summary: Serial console server daemon
Group: System Environment/Daemons
%package client
Summary: Serial console server client
Group: Applications/Internet
%description
Conserver is an application that allows multiple users to watch a
Conserver is a daemon that allows multiple users to watch a
serial console at the same time. It can log the data, allows users to
take write-access of a console (one at a time), and has a variety of
bells and whistles to accentuate that basic functionality.
%description server
conserver-server is a daemon that allows multiple users to watch a
serial console at the same time. It can log the data, allows users to
take write-access of a console (one at a time), and has a variety of
bells and whistles to accentuate that basic functionality.
%description client
conserver-client to connect to conserver-server using a tcp port.
Allows multiple users to watch a serial console at the same time.
%prep
%{__rm} -rf %{buildroot}
@ -67,7 +89,7 @@ f="conserver/Makefile.in"
%{__mv} $f $f.orig
%{__sed} -e 's/^.*conserver\.rc.*$//' < $f.orig > $f
%configure %{?_with_openssl} %{?_with_libwrap} %{?_with_dmalloc} %{?_with_pam} %{?logfile: --with-logfile=%{logfile}} %{?pidfile: --with-pidfile=%{pidfile}} %{?master: --with-master=%{master}}
%configure %{?_with_openssl} %{?_with_libwrap} %{?_with_dmalloc} %{?_with_freeipmi} %{?_with_pam} %{?logfile: --with-logfile=%{logfile}} %{?pidfile: --with-pidfile=%{pidfile}} %{?master: --with-master=%{master}}
make
@ -97,7 +119,7 @@ make
%{__rm} -rf %{buildroot}
%post
%post server
if [ -x %{_initrddir}/conserver ]; then
/sbin/chkconfig --add conserver
fi
@ -107,7 +129,7 @@ if ! egrep '\<conserver\>' /etc/services > /dev/null 2>&1 ; then
fi
%preun
%preun server
if [ "$1" = 0 ]; then
if [ -x %{_initrddir}/conserver ]; then
%{_initrddir}/conserver stop
@ -115,17 +137,17 @@ if [ "$1" = 0 ]; then
fi
fi
# we need this even if empty
#%files
%files
%files server
%defattr(-,root,root)
%doc CHANGES FAQ INSTALL README conserver.cf
%config(noreplace) %{_sysconfdir}/conserver.cf
%config(noreplace) %{_sysconfdir}/conserver.passwd
%config(noreplace) %{_sysconfdir}/default/conserver
%attr(555,root,root) %{_initrddir}/conserver
%{_bindir}/console
%{_libdir}/conserver/convert
%{_mandir}/man1/console.1.gz
%{_mandir}/man8/conserver.8.gz
%{_mandir}/man5/conserver.cf.5.gz
%{_mandir}/man5/conserver.passwd.5.gz
@ -133,11 +155,19 @@ fi
%{_datadir}/examples/conserver/conserver.passwd
%{_sbindir}/conserver
%files client
%defattr(-,root,root)
%doc CHANGES FAQ INSTALL README
%{_bindir}/console
%{_mandir}/man1/console.1.gz
%changelog
* Wed Oct 14 2009 Jodok Ole Muellers <muellejo@aschendorff.de>
- Changed the conserver.spec file to create separate subpackages
for client and server by using the %package directive.
* Wed Sep 25 2009 Fabien Wernli
- added configure prerequisites
* Thu Sep 24 2009 Fabien Wernli
- added prefix to configure
- changed some hardcoded values to proper macros:
didn't work on x64 lib -> lib64

2
contrib/solaris-package/pkginfo
View File

@ -1,7 +1,7 @@
PKG="conserver"
NAME="Console server and client"
CATEGORY="system"
VERSION="8.1.17"
VERSION="8.2.1"
DESC="Console server and client"
CLASSES=none
ARCH=sparc

33
test/results/test2
View File

@ -1,19 +1,20 @@
[Enter `^Ec?' for help]
[help]
. disconnect ; move to another console
a attach read/write b send broadcast message
c toggle flow control d down a console
e change escape sequence f force attach read/write
g group info i information dump
L toggle logging on/off l? break sequence list
l0 send break per config file l1-9 send specific break sequence
m display the message of the day n write a note to the logfile
o (re)open the tty and log file p playback the last 60 lines
P set number of playback lines r replay the last 20 lines
R set number of replay lines s spy mode (read only)
u show host status v show version info
w who is on this console x show console baud info
z suspend the connection | attach local command
? print this message <cr> ignore/abort command
^R replay the last line \ooo send character by octal code
. disconnect ; move to another console
a attach read/write b send broadcast message
c toggle flow control d down a console
e change escape sequence f force attach read/write
g group info i information dump
L toggle logging on/off l? break sequence list
l0 send break per config file l1-9a-z send specific break sequence
m display message of the day n write a note to the logfile
o (re)open the tty and log file p playback the last 60 lines
P set number of playback lines r replay the last 20 lines
R set number of replay lines s spy mode (read only)
u show host status v show version info
w who is on this console x show console baud info
z suspend the connection ! invoke task
| attach local command ? print this message
<cr> ignore/abort command ^R replay the last line
\ooo send character by octal code
[disconnect]

33
test/results/test7
View File

@ -1,19 +1,20 @@
[Enter `^Ec?' for help]
[help]
. disconnect ; move to another console
a attach read/write b send broadcast message
c toggle flow control d down a console
e change escape sequence f force attach read/write
g group info i information dump
L toggle logging on/off l? break sequence list
l0 send break per config file l1-9 send specific break sequence
m display the message of the day n write a note to the logfile
o (re)open the tty and log file p playback the last 60 lines
P set number of playback lines r replay the last 20 lines
R set number of replay lines s spy mode (read only)
u show host status v show version info
w who is on this console x show console baud info
z suspend the connection | attach local command
? print this message <cr> ignore/abort command
^R replay the last line \ooo send character by octal code
. disconnect ; move to another console
a attach read/write b send broadcast message
c toggle flow control d down a console
e change escape sequence f force attach read/write
g group info i information dump
L toggle logging on/off l? break sequence list
l0 send break per config file l1-9a-z send specific break sequence
m display message of the day n write a note to the logfile
o (re)open the tty and log file p playback the last 60 lines
P set number of playback lines r replay the last 20 lines
R set number of replay lines s spy mode (read only)
u show host status v show version info
w who is on this console x show console baud info
z suspend the connection ! invoke task
| attach local command ? print this message
<cr> ignore/abort command ^R replay the last line
\ooo send character by octal code
[disconnect]