Merge pull request #101 from abbra/increase-gss-buffers

Increase buffer size for GSSAPI exchanges

.cirrus.yml

@@ -0,0 +1,48 @@
+env:
+  CIRRUS_CLONE_DEPTH: 1
+
+freebsd_13_task:
+  freebsd_instance:
+    image_family: freebsd-13-3
+  install_script:
+    - pkg install -y autoconf automake
+    - ./package/setup-configure
+  basic_script: &basic
+    - "[ -f Makefile ] && make distclean"
+    - ./configure || { cat config.log; exit 1; }
+    - make
+    - make test
+  uds_script: &uds
+    - "[ -f Makefile ] && make distclean"
+    - ./configure --with-trust-uds-cred --with-uds || { cat config.log; exit 1; }
+    - make
+    - make test
+  pam_ssl_script: &pamssl
+    - "[ -f Makefile ] && make distclean"
+    - ./configure --with-pam --with-openssl || { cat config.log; exit 1; }
+    - make
+    - make test
+  gssapi_script: &gssapi
+    - "[ -f Makefile ] && make distclean"
+    - ./configure --with-gssapi || { cat config.log; exit 1; }
+    - make
+    - make test
+
+linux_gcc_task:
+  container:
+    image: gcc:latest
+  install_script:
+    - ./package/setup-configure
+  basic_script: *basic
+  uds_script: *uds
+  pam_ssl_script: *pamssl
+
+#macos_task:
+#  osx_instance:
+#    image: mojave-xcode-10.1
+#  install_script:
+#    - brew install autoconf automake
+#    - ./package/setup-configure
+#  basic_script: *basic
+#  uds_script: *uds
+#  pam_ssl_script: *pamssl

.gitignore

@@ -0,0 +1 @@
+*.[ch]~

FAQ

@@ -184,7 +184,3 @@ directed to faq@conserver.com.  The FAQ answers the following questions:
     - Have you tried a search on the conserver site (it searches
       mailing list traffic as well) to see if someone else has gone
       through the same problem?
-
-#
-#  $Id: FAQ,v 1.9 2003/08/23 19:27:10 bryan Exp $
-#

INSTALL

@@ -156,8 +156,9 @@ Detailed Instructions
         --with-port=PORT        Specify port number [conserver]
         --with-base=PORT        Base port for secondary channel [0]
         --with-master=MASTER    Specify master server hostname [console]
-        --with-cffile=CFFILE    Specify config filename
+        --with-ccffile=CFFILE   Specify client config filename
-                                [SYSCONFDIR/conserver.cf]
+                                [SYSCONFDIR/console.cf]
+        --with-cffile=CFFILE    Specify config filename [SYSCONFDIR/conserver.cf]
         --with-pwdfile=PWDFILE  Specify password filename
                                 [SYSCONFDIR/conserver.passwd]
         --with-logfile=LOGFILE  Specify log filename [/var/log/conserver]
@@ -165,10 +166,23 @@ Detailed Instructions
         --with-maxmemb=MAXMEMB  Specify maximum consoles per process [16]
         --with-timeout=TIMEOUT  Specify connect() timeout in seconds [10]
         --with-trustrevdns      Trust reverse DNS information
+        --with-extmsgs          Produce extended messages
+        --with-rpath            Use -R as well as -L for libraries
+        --with-cycladests       (deprecated - noop) Build for a Cyclades TS
+        --with-uds[=DIR]        Use Unix domain sockets for client/server
+                                communication [/tmp/conserver]
+        --with-trust-uds-cred   Trust UDS credentials obtained via socket
         --with-libwrap[=PATH]   Compile in libwrap (tcp_wrappers) support
         --with-openssl[=PATH]   Compile in OpenSSL support
+        --with-req-server-cert  Require server SSL certificate by client
+        --with-gssapi[=PATH]    Compile in GSS-API support
+        --with-striprealm       retry username without @REALM with gss-api
+                                authentication
+        --with-freeipmi[=PATH]  Compile in FreeIPMI support
         --with-dmalloc[=PATH]   Compile in dmalloc support
         --with-pam              Enable PAM support
+        --with-ipv6             (experimental) Use IPv6 for client/server
+                                communication
 
       Not surprisingly, some match the old conserver/cons.h items...here
       they are for reference:
@@ -182,10 +196,11 @@ Detailed Instructions
       A couple of notes.  First, --with-libwrap will add tcp_wrappers
       lookups to all socket connections in the server.  --with-openssl
       will add encryption between the client and server when you connect
-      to a console.  things such as 'console -q', 'console -w', etc. are
+      to a console.  --with-uds will cause the client and server to use
-      still unencrypted, as well as connections from conserver to any
+      unix domain sockets for their communication, eliminating the
-      terminal servers.  --with-dmalloc should only be used to do memory
+      tcp communication they normally do (which means --with-master and
-      allocation debugging and not used in production.
+      --with-port are not used).  --with-dmalloc should only be used to
+      do memory allocation debugging and not used in production.
 
     - Run './configure'.  This will detect system specific
       information.  The --prefix option will redirect where things are
@@ -224,10 +239,10 @@ Detailed Instructions
         step.
 
       + Next, make sure conserver runs during boot.  The init script we
-        use under Solaris is installed in <PREFIX>/etc/conserver.rc.
+	use under Solaris is installed in
-        Use that or some form of it for your own /etc/init.d script or
+	<DATADIR>/examples/conserver/conserver.rc.  Use that or some
-        an entry in startup files (/etc/rc, /etc/rc.local, or
+	form of it for your own /etc/init.d script or an entry in
-        whatever).
+	startup files (/etc/rc, /etc/rc.local, or whatever).
 
       + Now for the fun stuff.  You need to create a conserver.cf and
         conserver.passwd file.  Those are defined with the
@@ -241,17 +256,6 @@ Detailed Instructions
 
 Other Information And Gotchas
 
-    - Debian Linux Distribution
-
-        The Debian folks have conserver distributed with the package
-        names of conserver-client and conserver-server.  They are in
-        the distribution "sid" and the "non-free" part (because the
-        Ohio State license doesn't explicitly allow for modification to
-        the code, even though it's totally implied and the intention of
-        the author - I've even got proof in email!  Oh well, can't
-        blame the Debian folks for being cautious - they've been burned
-        before, apparently).
-
     - Potential GCC bug
 
         Adam Morris <AMorris@providence.org> reported a problem with
@@ -271,8 +275,3 @@ Other Information And Gotchas
         connecting to servers, you might be tickling this bug and you
         can upgrade the compiler, turn off the optimization, or apply
         this code change.
-
-
-#
-#  $Id: INSTALL,v 1.37 2004/03/23 00:55:04 bryan Exp $
-#

LICENSE

@@ -1,115 +1,29 @@
-Since this piece of software has had many contiributors, there is a
+BSD 3-Clause License
-"chain" of licensing information embedded in the files.  I've copied
-what I could find here so that it's easy to reference.  The entire
-bundle of software is guided by these licensing statements.
-
-----------------------------------------------------------------------------
 
 Copyright (c) 2000, conserver.com
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
+modification, are permitted provided that the following conditions are met:
-met:
 
-  - Redistributions of source code must retain the above copyright notice,
+* Redistributions of source code must retain the above copyright notice, this
-    this list of conditions and the following disclaimer.
+  list of conditions and the following disclaimer.
 
-  - Redistributions in binary form must reproduce the above copyright
+* Redistributions in binary form must reproduce the above copyright notice,
-    notice, this list of conditions and the following disclaimer in the
+  this list of conditions and the following disclaimer in the documentation
-    documentation and/or other materials provided with the
+  and/or other materials provided with the distribution.
-    distribution.
 
-  - Neither the name of conserver.com nor the names of its contributors
+* Neither the name of the copyright holder nor the names of its
-    may be used to endorse or promote products derived from this
+  contributors may be used to endorse or promote products derived from
-    software without specific prior written permission.
+  this software without specific prior written permission.
 
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-----------------------------------------------------------------------------
-
-Copyright (c) 1998, GNAC, Inc.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-  - Redistributions of source code must retain the above copyright notice,
-    this list of conditions and the following disclaimer.
-
-  - Redistributions in binary form must reproduce the above copyright
-    notice, this list of conditions and the following disclaimer in the
-    documentation and/or other materials provided with the
-    distribution.
-
-  - Neither the name of GNAC, Inc. nor the names of its contributors
-    may be used to endorse or promote products derived from this
-    software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
-IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
-PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
-CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
-PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-----------------------------------------------------------------------------
-
-Copyright 1992 Purdue Research Foundation, West Lafayette, Indiana
-47907.  All rights reserved.
-
-This software is not subject to any license of the American Telephone
-and Telegraph Company or the Regents of the University of California.
-
-Permission is granted to anyone to use this software for any purpose on
-any computer system, and to alter it and redistribute it freely, subject
-to the following restrictions:
-
-1. Neither the authors nor Purdue University are responsible for any
-   consequences of the use of this software.
-
-2. The origin of this software must not be misrepresented, either by
-   explicit claim or by omission.  Credit to the authors and Purdue
-   University must appear in documentation and sources.
-
-3. Altered versions must be plainly marked as such, and must not be
-   misrepresented as being the original software.
-
-4. This notice may not be removed or altered.
-
-----------------------------------------------------------------------------
-
-Copyright (c) 1990 The Ohio State University.
-All rights reserved.
-
-Redistribution and use in source and binary forms are permitted
-provided that: (1) source distributions retain this entire copyright
-notice and comment, and (2) distributions including binaries display
-the following acknowledgement:  ``This product includes software
-developed by The Ohio State University and its contributors''
-in the documentation or other materials provided with the distribution
-and in all advertising materials mentioning features or use of this
-software. Neither the name of the University nor the names of its
-contributors may be used to endorse or promote products derived
-from this software without specific prior written permission.
-THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
-IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-
-----------------------------------------------------------------------------

LICENSES

@@ -0,0 +1,115 @@
+Since this piece of software has had many contiributors, there is a
+"chain" of licensing information embedded in the files.  I've copied
+what I could find here so that it's easy to reference.  The entire
+bundle of software is guided by these licensing statements.
+
+----------------------------------------------------------------------------
+
+Copyright (c) 2000, conserver.com
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+  - Redistributions of source code must retain the above copyright notice,
+    this list of conditions and the following disclaimer.
+
+  - Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in the
+    documentation and/or other materials provided with the
+    distribution.
+
+  - Neither the name of conserver.com nor the names of its contributors
+    may be used to endorse or promote products derived from this
+    software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+----------------------------------------------------------------------------
+
+Copyright (c) 1998, GNAC, Inc.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+  - Redistributions of source code must retain the above copyright notice,
+    this list of conditions and the following disclaimer.
+
+  - Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in the
+    documentation and/or other materials provided with the
+    distribution.
+
+  - Neither the name of GNAC, Inc. nor the names of its contributors
+    may be used to endorse or promote products derived from this
+    software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+----------------------------------------------------------------------------
+
+Copyright 1992 Purdue Research Foundation, West Lafayette, Indiana
+47907.  All rights reserved.
+
+This software is not subject to any license of the American Telephone
+and Telegraph Company or the Regents of the University of California.
+
+Permission is granted to anyone to use this software for any purpose on
+any computer system, and to alter it and redistribute it freely, subject
+to the following restrictions:
+
+1. Neither the authors nor Purdue University are responsible for any
+   consequences of the use of this software.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission.  Credit to the authors and Purdue
+   University must appear in documentation and sources.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. This notice may not be removed or altered.
+
+----------------------------------------------------------------------------
+
+Copyright (c) 1990 The Ohio State University.
+All rights reserved.
+
+Redistribution and use in source and binary forms are permitted
+provided that: (1) source distributions retain this entire copyright
+notice and comment, and (2) distributions including binaries display
+the following acknowledgement:  ``This product includes software
+developed by The Ohio State University and its contributors''
+in the documentation or other materials provided with the distribution
+and in all advertising materials mentioning features or use of this
+software. Neither the name of the University nor the names of its
+contributors may be used to endorse or promote products derived
+from this software without specific prior written permission.
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+
+----------------------------------------------------------------------------

LICENSES.md

@@ -0,0 +1,104 @@
+License Clarification
+=====================
+
+The licenses attached to this software ([LICENSES](LICENSES)) are supposed
+to paint a simple concept: that this software was built for the open source
+community and they result in a license compatible with [LICENSE](LICENSE).
+
+Unfortunately, the real world steps in and troubles can arise.  This note
+has been moved over from the [INSTALL](INSTALL) file:
+
+    The Debian folks have conserver distributed with the package
+    names of conserver-client and conserver-server.  They are in
+    the distribution "sid" and the "non-free" part (because the
+    Ohio State license doesn't explicitly allow for modification to
+    the code, even though it's totally implied and the intention of
+    the author - I've even got proof in email!  Oh well, can't
+    blame the Debian folks for being cautious - they've been burned
+    before, apparently).
+
+Here's a copy of the message I exchanged with Thomas A. Fine (original
+author at OSU) in 2001 that is referenced above:
+
+    Date: Wed, 27 Jun 2001 19:47:18 -0400 (EDT)
+    To: bryan@conserver.com
+    From: "Thomas A. Fine" <fine@head-cfa.harvard.edu>
+    Subject: Re: A conserver license question...
+    
+    > Hi Tom,
+    > 
+    > I had a little "problem" crop up that I was hoping you could help me
+    > with.  A guy out in net-land is trying to put a debian package together
+    > of the code I've been releasing (based on your original work) and they
+    > don't like part of the Ohio State license.  I've attached the message
+    > below.
+    > 
+    > I'm not sure what can be done.  One thought was a message from you that
+    > I could put with the code stating that modifications are ok would
+    > work.  Or maybe just modifying the original license statement.  Heck, I
+    > don't even know if either are 100% legal.  Maybe I need to talk to
+    > someone at Ohio State.
+    > 
+    > Well, if you have any ideas or suggestions, please let me know.  Don't
+    > know if I ever got a chance to thank you for the great stuff you
+    > started!  Thank you!  ;-)
+    
+    Well, if I knew then what I know now, I would have copyrighted it
+    under my own name, and not under OSU, and then I could change it.
+    Since I don't work there anymore, strictly speaking, I can't change
+    it.
+    
+    However, IMHO, this license allows modifications, without explicitly
+    stating it.  I can state without a doubt that this was my intention
+    at the time (and hence, OSU's intention, since I put in the copyright
+    while working for OSU).
+    
+    But also, since it allows use of the source, and since the statement
+    required for inclusion says "includes software ..." it seems pretty
+    clear that modification was both allowed and expected.  You can't
+    really use sources if you aren't changing them, and you certainly
+    can't include this software in some other product without making
+    modifications.
+    
+    As I recall, I more or less used the copyright that Berkeley was using
+    back then for there BSD-related software, so I'm surprised there's a
+    problem with it.
+    
+    I have to point out that version 1.2, available at
+    http://hea-www.harvard.edu/~fine/Tech/cs1.2/
+    is distributed entirely without copyright notices.  Interesting, no?
+    So I guess I could add a copyright notice to that.  But would I then
+    be violating the OSU copyright that I wrote for 1.1?  Since it is
+    a different version, I could probably write a new copyright notice 
+    and license and be free and clear.
+    
+    There's also Purdue's versions of the software.  It's mentioned on my
+    console server web page at
+    http://hea-www.harvard.edu/~fine/Tech/console-server.html
+    
+    So, pass this on to the people you're working with and let me know how
+    you want to proceed.
+    
+    	 tom
+
+In addition, a post to the Conserver Users mailing list in May 2020 contained:
+
+    From: Paul Wise via users <users@conserver.com>
+    To: users@conserver.com
+    Subject: Re: license change?
+    Date: Mon, 25 May 2020 12:42:28 +0800
+    
+    On Thu, 2019-07-04 at 10:20 +0200, Bryan Stansell via users wrote:
+    > So, it's more the lack of explicitly stating the code can be
+    > modified.
+    
+    Since then I talked to one of RedHat's lawyers and they mentioned that
+    they have dealt with this problem too and also concluded that these
+    licenses were intended to cover modification. The current wording of
+    the initial part of the BSD license reflects an attempt to correct an
+    earlier mistake (i.e. someone pointed out the error and Berkeley added
+    "with or without modification"). Also the anti-endorsement clause
+    implies a right to modify.
+
+Hopefully corporations (or, I suppose, their lawyers) will be happy with the
+explanation above and become comfortable with the stated license.

Makefile.in

@@ -1,4 +1,5 @@
 ### Path settings
+datarootdir = @datarootdir@
 prefix = @prefix@
 exec_prefix = @exec_prefix@
 bindir = @bindir@

PROTOCOL

@@ -0,0 +1,302 @@
+			   Conserver Protocol
+			   ==================
+
+
+What Is This?
+-------------
+
+The following is an attempt to describe the client/server protocol used
+between the server (conserver) and the client (console).  This document
+bases its information on conserver version 8.1.4, as it's the release
+currently available.  If there are changes to the client/server
+protocol, the INSTALL file should reference them and, ideally, this
+document will be updated.
+
+The information is looked at from the point of the server, since it's
+the server that controls all information and triggers actions on the
+client (like a suspend).  The client's perspective should be obvious
+from this information.
+
+
+SSL
+---
+
+The client and server can negotiate an SSL connection.  As far as the
+code is concerned, the SSL "layer" is transparent.  Data is sent and
+received just as if it was unencrypted.  Therefore, aside bringing up
+the SSL connection, the SSL bits are unimportant from a protocol
+standpoint.  The client and server still send and receive the same
+information - it just happens to be encrypted to everyone else.
+
+
+"On-The-Wire" Data
+------------------
+
+The low-level, "on-the-wire" data is encapsulated similar to the telnet
+protocol.  All data is sent "as-is" with the exception of 0xFF.  0xFF is
+used as a "command character" and both the client and server expect to
+see a predefined option after it.  The possible options are: 0xFF, 'E',
+'G', 'Z', and '.'.
+
+The 0xFF option says to use the literal character 0xFF.  So, if there is
+a 0xFF character in the data stream to be sent, the code will send two
+0xFF characters (it's similar to using '\\' in C strings to embed a
+'\').
+
+The other options are used in various contexts, which will be described
+in detail below.
+
+
+Life As A Server
+----------------
+
+There are three different interfaces presented to clients by the server.
+I'm going to name the three modes "master", "group", and "console".  The
+first two are line-based, and the third is character-based.
+
+To understand the differences, I must outline how conserver manages
+consoles.  When conserver starts, it reads the configuration file,
+listens on the master socket, and, for each group of consoles it must
+manage (where the group size is set by -m), it forks off a copy of
+itself.  Those child processes are what actually connect to the consoles
+and they each listen on a new socket for client connections.  So, you
+end up with a parent process (that knows about all consoles) that
+manages the child processes (that know only about consoles it manages),
+and everyone is listening on an individual socket for connections from
+clients.
+
+The parent process interacts with clients in "master" mode.  That mode
+expects line-based commands and responds similarly.  Because it's the
+master, it understands a certain set of commands that are different than
+in "group" mode.
+
+The child processes interact with clients in "group" mode first, and
+negotiate a change to "console" mode when a client requests a connection
+to a specific console.
+
+
+"master" Mode
+-------------
+
+When parent process gets a connection from a client, it either sends an
+"ok" string to signal it's ready or an error message (like "access from
+your host is refused") and the connection is dropped.  At this point,
+there are a small number of commands recognized by the server, since
+most are restricted to "logged in" clients.  Here's the list of
+available commands:
+
+    exit   disconnect
+    help   this help message
+    login  log in
+    ssl    start ssl session
+
+An "exit" is sent a "goodbye" response and the connection is dropped.  A
+"help" is sent the list above.  A "ssl" is sent an "ok" response and
+then the server expects the client to negotiate an ssl connection.  A
+"login" requires one argument (the username) and is either sent an "ok",
+meaning the client is logged in, or a "passwd?" followed by the local
+hostname, asking for the user's password, which it expects next.  If the
+client sends a valid password, an "ok" is sent, otherwise an error
+message and the connection is dropped.
+
+Upon successful login, the commands available are:
+
+    call      provide port for given console
+    exit      disconnect
+    groups    provide ports for group leaders
+    help      this help message
+    master    provide a list of master servers
+    newlogs*  close and open all logfiles (SIGUSR2)
+    pid       provide pid of master process
+    quit*     terminate conserver (SIGTERM)
+    restart*  restart conserver (SIGHUP) - deprecated
+    reconfig* reread config file (SIGHUP)
+    version   provide version info for server
+    up*       bring up all downed consoles (SIGUSR1)
+    * = requires admin privileges
+
+"exit" and "help" are the same as before the client logged login.
+
+The "call" command expects one argument, the console name to connect to.
+The server will respond with either a port number (if it's a locally
+managed console), an "@hostname" where hostname is the name of the
+remote conserver host managing the console (if it's a remotely managed
+console), or an error message (possibly multi-line).  The client is not
+disconnected, whatever the response.
+
+The "groups" command responds with a colon-separated list of port
+numbers, which correspond to each of the child processes running on the
+local host.  The client is not disconnected.
+
+The "master" command responds with a colon-separated list of "@hostname"
+names.  The list includes any hosts (including the possibility of the
+local host) which have locally managed consoles.  The client is not
+disconnected.
+
+The "newlogs" command reopens all logfiles used by conserver, assuming
+the user has administrative access.  It responds with a message starting
+with "ok" if successful and an error message otherwise (like
+"unauthorized command").  The client is disconnected if it's successful.
+
+The "pid" command responds with the pid of the master process (in this
+case, the one the client is talking to).  The client is not
+disconnected.
+
+The "quit" command will shut down conserver, assuming the user has
+administrative access.  It responds with a message starting with "ok" if
+successful and an error message otherwise (like "unauthorized command").
+The client is disconnected if it's successful.
+
+The "restart" command has been deprecated.  You should use "reconfig".
+
+The "reconfig" command will cause conserver to reread the configuration
+file and apply any changes, assuming the user has administrative access.
+It responds with a message starting with "ok" if successful and an error
+message otherwise (like "unauthorized command").  The client is not
+disconnected.
+
+The "version" command responds with the version string.  The client is
+not disconnected.
+
+The "up" command tries to "bring up" all disconnected consoles, assuming
+the user has administrative access.  It responds with a message starting
+with "ok" if successful and an error message otherwise (like
+"unauthorized command").  The client is disconnected if it's successful.
+
+
+"group" Mode
+------------
+
+When a child process gets a connection from a client, it either sends an
+"ok" string to signal it's ready or an error message (like "access from
+your host is refused") and the connection is dropped.  At this point,
+"group" mode acts just like "master" mode.  Once the client successfully
+logs in, however, "group" mode has the recognizes the following
+commands:
+
+    broadcast    send broadcast message
+    call         connect to given console
+    disconnect*  disconnect the given user(s)
+    examine      examine port and baud rates
+    exit         disconnect
+    group        show users in this group
+    help         this help message
+    hosts        show host status and user
+    info         show console information
+    textmsg      send a text message
+    * = requires admin privileges
+
+The "exit" and "help" commands are like the others documented above.
+
+The "broadcast" command expects a text string of the message to be sent
+to all users connected to this process.  An "ok" is sent as a response.
+
+The "call" command expects one argument, the console name to connect to,
+just like in "master" mode.  The difference here is that this requests
+the server to attach the client to the console and go into "console"
+mode.  If the attachment is successful, the response will begin with a
+'[' character.  If not, an error message is returned.  The success
+responses are:
+
+    [console is read-only]	 - console is read only
+    [read-only -- initializing]	 - console is initializing, and
+				   read-only for the time being
+    [line to console is down]	 - console is down
+    [attached]			 - attached read-write
+    [spy]			 - attached read-only
+
+
+The "disconnect" command expects an argument of the form "user@console"
+where either the "user" or "@console" part may be omitted.  Upon
+success, a response of the form "ok -- disconnected X users" is sent,
+where X is the number of users disconnected.  If a user is unauthorized
+or some other problem occurs, an error message (like "unauthorized
+command") is sent.
+
+The "examine" command returns a list of console information of the form
+that 'console -x' shows.
+
+The "group" command returns a list of console information of the form
+that 'console -w' shows.
+
+The "hosts" command returns a list of console information of the form
+that 'console -u' shows.
+
+The "info" command returns a list of console information of the form
+that 'console -i' shows.
+
+The "textmsg" command expects two arguments, the first being the
+recipient of the message in the form "user@console" (again, where the
+"user" or "@console" portion may be omitted) and the second being the
+string, like the "broadcast" command.  The server returns "ok".
+
+
+"console" Mode
+--------------
+
+As mentioned above, "console" mode is obtained by using the "call"
+command when connected to a child processes operating in "group" mode.
+
+"console" mode should look very familiar to a user of conserver, as it's
+what the user interacts with when connected to a console.  There's
+really nothings special here.  Each character received from the client
+is compared to the escape sequence, and if it matches, an action occurs
+on the server side.  If it doesn't match the escape sequence, the data
+is sent on to the console.  All data received from the console is sent
+to the client(s).  Of course, there are certain exceptions to these
+rules, based on the state of the console and the state of the client.
+And, certain escape sequences cause special behaviors to occur.
+
+Most escape sequences cause the server to send information back to the
+user.  Stuff like "^Ecw", "^Eci", and "^Ecu" are examples.  The escape
+sequence is absorbed by the server, the server sends the client a
+variety of information, and things continue as before.
+
+The more "interesting" escape sequences are the following.
+
+"^Ec;"  The server sends a 0xFF,'G' command sequence to the client, to
+	signal a wish to move to a new console.  The client then gets
+	put into the same state as the "^Ecz" sequence (paused), which
+	gives the client a chance to either resume the connection or
+	disconnect.
+
+"^Ec|"  The server sends a 0xFF,'E' command sequence to the client, to
+	signal a wish to have the client program interact with a
+	program, as opposed to the user.  The server discards all data
+	until it receives one of the following command sequences from
+	the client:
+
+	    0xFF,'E'	Signals successful redirection of interaction to
+			a program.  The server then responds with "[rw]"
+			or "[ro]" to tell the client whether or not they
+			have read-write access.  If not, the client
+			should abort the program and send the abort
+			command sequence below, as other data received by
+			the server will just get dropped.
+
+	    0xFF,'.'	Abort the operation.  The server assumes the
+			redirection didn't happen and returns the client
+			to it's normal mode.
+
+	The server keeps the client in the "redirected" state until it
+	receives a 0xFF,'.' command sequence from the client (which
+	usually occurs when the client command terminates).
+
+	If the client is "bumped" from read-write to read-only by
+	another user, the server will send the client a 0xFF,'.' command
+	sequence to tell it to abort the redirection and return control
+	back to the user.
+
+"^Ecz"  The server sends a 0xFF,'Z' command sequence to the client, to
+	signal a wish to suspend to client process.  The client is then
+	put into a "paused" state where it receives no more data from
+	the server.  When the client is ready to resume receiving data,
+	it sends a character of data to the server, at which point the
+	server discards the character and sends back a status message of
+	the form " -- MSG]".  The current set of possible messages are:
+
+	    " -- line down]"
+	    " -- read-only]"
+	    " -- attached (nologging)]"
+	    " -- attached]"
+	    " -- spy mode]"

README

@@ -1,59 +0,0 @@
-				README
-				======
-
-
-Maintainer/Enhancer
-
-    Bryan Stansell (bryan@conserver.com)
-
-
-Documentation
-
-    See the INSTALL file for installation, the conserver.html file for
-    an overview, and the man pages for specifics.
-
-
-Downloading
-
-    The latest version can be found at http://www.conserver.com/
-
-
-Systems Tested
-
-    Here's a list of systems that I've been told can successfully
-    compile conserver.  If anyone has more to add to this list (or
-    something on the list doesn't work any more), please let me know.
-
-	AIX 4.3.3/5.1/5.2, native cc
-	BSDI BSD/OS 3.X, gcc
-	Cygwin (w2k),gcc 2.95.3
-	DEC Tru64 4.0, gcc
-	DEC Tru64 4.0/5.1, native cc
-	FreeBSD 4.2/4.8/5.1 (x86), gcc
-	HP-UX 10.20, gcc
-	HP-UX 11.10 parisc and ia64, native cc
-	Irix 6.15, native cc
-	Linux 2.2.18 (x86), gcc
-	Linux 2.4.2 (x86), gcc
-	Linux ia64, native gcc
-	Linux RedHat 6.2 and 7.2 (x86), native gcc
-	MacOS X, native gcc
-	Solaris 2.5.1 thru 9 (sparc/x86), gcc
-	Solaris 7/8, native cc
-
-
-Contributions
-
-    Contributions distributed with the code can be found in the contrib
-    subdirectory.  Other tools that complement conserver are listed
-    below.
-
-    Zinc
-    ----
-    According to the website, Zinc is a console log output management
-    program.  For more information, visit the website at:
-    http://www.columbia.edu/acis/sy/unixdev/zinc
-
-#
-#  $Id: README,v 1.22 2003/08/23 19:34:24 bryan Exp $
-#

README.md

@@ -0,0 +1,35 @@
+Conserver
+=========
+
+[![Build Status](https://api.cirrus-ci.com/github/bstansell/conserver.svg)](https://cirrus-ci.com/github/bstansell/conserver)
+
+Conserver is an application that allows multiple users to watch a
+serial console at the same time. It can log the data, allows users to
+take write-access of a console (one at a time), and has a variety of
+bells and whistles to accentuate that basic functionality. The idea is
+that conserver will log all your serial traffic so you can go back and
+review why something crashed, look at changes (if done on the console),
+or tie the console logs into a monitoring system (just watch the
+logfiles it creates).  With multi-user capabilities you can work on
+equipment with others, mentor, train, etc. It also does all that
+client-server stuff so that, assuming you have a network connection,
+you can interact with any of the equipment from home or wherever.
+
+
+Documentation
+-------------
+
+See the `INSTALL` file for installation and the man pages for specifics.
+
+
+Downloading
+-----------
+
+The latest version can be found on [GitHub](https://github.com/bstansell/conserver/releases).
+
+
+Contributions
+-------------
+
+Contributions distributed with the code can be found in the `contrib`
+subdirectory.

TODO

@@ -54,8 +54,6 @@ Bryan Stansell
 
 - cyclades ts1000/2000 port : "Moses, Joel" <jmoses@deloitte.com>
 
-- config file for client (list of masters, for example)
-
 - strftime() idea for logfile names : Lars Kellogg-Stedman <lars@larsshack.org>
 
 - 9600baud log replay?
@@ -86,26 +84,25 @@ Bryan Stansell
     - not even sure if this is possible w/o confusing the client,
       but maybe with the new 8.1.0 client-server protocol, we can!
 
-- send a string when connected to a console, so you can set the
-  xterm title, for example : Richard Threadgill <richardt@tellme.com>
-    - this probably requires a client config file, so could play well
-      with the client config file requirement above
-
-- allow for very long replays (hundres of lines) : John Stoffel
-  <stoffel@lucent.com>
-
 - log rotation by date : Tom Pachla <tom.pachla@nlc-bnc.ca>
 
-- client config file (for -M, etc?) : Erik Sjolund
-  <erik.sjolund@sbc.su.se>
-
 - strict file permission checks on conserver.passwd/conserver.cf : Erik
   Sjolund <erik.sjolund@sbc.su.se>
 
-- embedded startup delays per remote host...or "group" of consoles in
+- netgroup support?  : Nikolaos Papavassiliou
-  some way 'cause some ssh connections to console servers need
+  <Nikolaos.Papavassiliou@reuters.com> and Phil Dibowitz <phil@usc.edu>
-  significant throttling : Jay McCanta <mccantaj@amgen.com>
 
-#
+- send sequences to console on client connect? (to repaint screen,
-#  $Id: TODO,v 1.47 2004/03/12 17:34:49 bryan Exp $
+  for example) : John Cagle <jcagle@gmail.com>
-#
+
+- uucp locks : Sebastian Zagrodzki <sebek@heron.net.icm.edu.pl>
+
+- support more than 9 break sequences : Danish Mirza <Danish@lehman.com>
+  thought it was easy, but adding more than could break things with
+  current encoding.  doable, will have to think harder about it.
+
+- reintroduce console grouping : Martin Turba
+  <martin.turba@igd.fraunhofer.de>
+
+- quick-recheck of down consoles (for uds) and possibly only log state
+  changes (instead of each try) : DJ Gregor <dj@gregor.com>

_config.yml

@@ -0,0 +1 @@
+theme: jekyll-theme-cayman

autologin/INSTALL.old

@@ -1,5 +1,3 @@
-# $Id: INSTALL.old,v 1.1 2003/11/04 02:36:24 bryan Exp $
-
 To install this program you need root access and access to the physical
 console of the machine (either through the console server or via the physical
 world).

autologin/Makefile.in

@@ -1,4 +1,5 @@
 ### Path settings
+datarootdir = @datarootdir@
 srcdir = @srcdir@
 top_srcdir = @top_srcdir@
 prefix = @prefix@
@@ -45,7 +46,7 @@ clean:
 distclean: clean
 	rm -f Makefile
 
-install:
+install: autologin
 	$(MKDIR) $(DESTDIR)$(bindir)
 	$(INSTALL_PROGRAM) autologin $(DESTDIR)$(bindir)
 

autologin/README

@@ -15,7 +15,3 @@ No one I've ever talked to found a need for something like autologin.
 Good luck.
 
 Bryan Stansell
-
-#
-#  $Id: README,v 1.2 2002/09/23 21:08:42 bryan Exp $
-#

autologin/README.old

@@ -1,5 +1,3 @@
-# $Id: README.old,v 1.1 2003/11/04 02:36:24 bryan Exp $
-
 This program can be used to put a root shell on the console at boot time.
 See the manual page.
 

autologin/autologin.c

@@ -34,13 +34,13 @@
  * to change the /etc/security/audit_event line.
  */
 
-#define	AUE_autologin			32900
+# define	AUE_autologin			32900
 
-#include <sys/unistd.h>
+# include <sys/unistd.h>
-#include <netdb.h>
+# include <netdb.h>
-#include <bsm/audit.h>
+# include <bsm/audit.h>
-#include <bsm/libbsm.h>
+# include <bsm/libbsm.h>
-#include <libintl.h>
+# include <libintl.h>
 #endif
 
 #include <compat.h>
@@ -68,12 +68,9 @@
  * Global variables
  */
 
-#ifndef	lint
+extern char *progname;
-char	*rcsid = "$Id: autologin.c,v 1.23 2002/09/21 06:29:39 bryan Exp $";
+gid_t awGrps[NGROUPS_MAX];
-#endif	/* not lint */
+int iGrps = 0;
-extern char	*progname;
-gid_t	 awGrps[NGROUPS_MAX];
-int	 iGrps = 0;
 
 /*
  * External variables
@@ -82,512 +79,439 @@ int	 iGrps = 0;
 extern int optind;
 extern char *optarg;
 
-void	make_utmp();
+void make_utmp();
-void	usage();
+void usage();
 
 int
-Process()
+Process(void)
 {
-	register int		 c;
+    int iErrs = 0;
-	int			 iErrs = 0;
+    int i, iNewGrp;
-	int			 i, iNewGrp;
+    gid_t wGid;
-	gid_t			 wGid;
+    uid_t wUid;
-	uid_t			 wUid;
+    char *pcCmd = (char *)0, *pcDevTty = (char *)0;
-	char			*pcCmd = (char *)0,
-				*pcDevTty = (char *)0;
-	char			*pcTmp;
 #ifdef	HAVE_GETUSERATTR
-	char			*pcGrps;
+    char *pcGrps;
-#endif
-	struct	passwd		*pwd;
-	struct	stat		 st;
-#ifdef HAVE_TERMIOS_H
-	struct	termios		 n_tio;
-#else
-# ifdef TIOCNOTTY
-#  ifdef O_CBREAK
-	auto struct tc n_tchars;
-#  else
-	auto struct tchars n_tchars;
-#  endif
-#  ifdef TIOCGLTC
-	auto struct ltchars n_ltchars;
-#  endif
-# else
-#  ifdef TIOCGETP
-	auto struct sgttyb n_sty;
-#  endif
-# endif
 #endif
+    struct passwd *pwd;
+    struct stat st;
+    struct termios n_tio;
 #if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
-	char			my_hostname[MAXHOSTNAMELEN];
+    char my_hostname[MAXHOSTNAMELEN];
 #endif
 
 
 #if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
-	if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
+    if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
-		(void) fprintf(stderr, "%s: gethostname: %s\n", strerror(errno));
+	(void)fprintf(stderr, "%s: gethostname: %s\n", progname,
-		exit(1);
+		      strerror(errno));
-		/* NOTREACHED */
+	exit(1);
-	}
+	/* NOTREACHED */
+    }
 #endif
-	if ((char *)0 != pcCommand) {
+    if ((char *)0 != pcCommand) {
-		if ((char *)0 == (pcCmd = (char *)malloc(strlen(pcCommand) + 4))) {
+	if ((char *)0 == (pcCmd = (char *)malloc(strlen(pcCommand) + 4))) {
-			(void) fprintf(stderr, "%s: malloc: %s\n", progname, strerror(errno));
+	    (void)fprintf(stderr, "%s: malloc: %s\n", progname,
-			exit(1);
+			  strerror(errno));
-			/* NOTREACHED */
+	    exit(1);
-		}
+	    /* NOTREACHED */
-		(void)strcpy(pcCmd, "-c ");
-		(void)strcat(pcCmd, pcCommand);
 	}
+	(void)strcpy(pcCmd, "-c ");
+	(void)strcat(pcCmd, pcCommand);
+    }
 
-	if ( (char *)0 != pcGroup ) {
+    if ((char *)0 != pcGroup) {
-		iErrs += addgroup(pcGroup);
+	iErrs += addgroup(pcGroup);
-	}
+    }
 
-	if ( (char *)0 == pcLogin ) {
+    if ((char *)0 == pcLogin) {
-		static char acLogin[17];
+	static char acLogin[17];
-		if ((struct passwd *)0 == (pwd = getpwuid(geteuid()))) {
+	if ((struct passwd *)0 == (pwd = getpwuid(geteuid()))) {
-			(void) fprintf(stderr, "%s: %d: uid unknown\n", progname, geteuid());
+	    (void)fprintf(stderr, "%s: %d: uid unknown\n", progname,
-			exit(1);
+			  geteuid());
-			/* NOTREACHED */
+	    exit(1);
-		}
+	    /* NOTREACHED */
-		pcLogin = strcpy(acLogin, pwd->pw_name);
-	} else if ((struct passwd *)0 == (pwd = getpwnam(pcLogin))) {
-		(void) fprintf(stderr, "%s: %s: login name unknown\n", progname, pcLogin);
-		exit(1);
-		/* NOTREACHED */
 	}
-	wUid = pwd->pw_uid;
+	pcLogin = strcpy(acLogin, pwd->pw_name);
-	wGid = pwd->pw_gid;
+    } else if ((struct passwd *)0 == (pwd = getpwnam(pcLogin))) {
-	(void)endpwent();
+	(void)fprintf(stderr, "%s: %s: login name unknown\n", progname,
+		      pcLogin);
+	exit(1);
+	/* NOTREACHED */
+    }
+    wUid = pwd->pw_uid;
+    wGid = pwd->pw_gid;
+    (void)endpwent();
 #ifdef	HAVE_GETUSERATTR
-	/* getuserattr() returns a funny list of groups:
+    /* getuserattr() returns a funny list of groups:
-	 *	"grp1\0grp2\0grp3\0\0"
+     *      "grp1\0grp2\0grp3\0\0"
-	 */
+     */
-	if (0 == getuserattr(pcLogin, S_SUGROUPS, &pcGrps, SEC_LIST)) {
+    if (0 == getuserattr(pcLogin, S_SUGROUPS, &pcGrps, SEC_LIST)) {
-		while ('\000' != *pcGrps) {
+	while ('\000' != *pcGrps) {
-			/* ignore "ALL" and any group beginning with '!' */
+	    /* ignore "ALL" and any group beginning with '!' */
-			if ('!' == *pcGrps || 0 != strcmp(pcGrps, "ALL")) {
+	    if ('!' == *pcGrps || 0 != strcmp(pcGrps, "ALL")) {
-				iErrs += addgroup(pcGrps);
+		iErrs += addgroup(pcGrps);
-			}
+	    }
-			pcGrps = pcGrps + strlen(pcGrps) + 1;
+	    pcGrps = pcGrps + strlen(pcGrps) + 1;
-		}
 	}
-#endif	/* HAVE_GETUSERATTR */
+    }
-	(void)endgrent();
+#endif /* HAVE_GETUSERATTR */
+    (void)endgrent();
 
-	if ((char *)0 != pcTty) {
+    if ((char *)0 != pcTty) {
-		if ( '/' == *pcTty ) {
+	if ('/' == *pcTty) {
-			pcDevTty = pcTty;
+	    pcDevTty = pcTty;
-		} else {
+	} else {
-			if ( (char *)0 == (pcDevTty = (char *)malloc(strlen(pcTty)+5+1) ) ) {
+	    if ((char *)0 ==
-				(void) fprintf(stderr, "%s: malloc: %s\n", progname, strerror(errno));
+		(pcDevTty = (char *)malloc(strlen(pcTty) + 5 + 1))) {
-				exit(1);
+		(void)fprintf(stderr, "%s: malloc: %s\n", progname,
-			}
+			      strerror(errno));
-			sprintf(pcDevTty, "/dev/%s", pcTty);
+		exit(1);
-		}
+	    }
+	    sprintf(pcDevTty, "/dev/%s", pcTty);
+	}
 
 
-		if (0 != stat(pcDevTty, &st)) {
+	if (0 != stat(pcDevTty, &st)) {
-			(void) fprintf(stderr, "%s: Can't stat %s: %s\n", progname, pcDevTty, strerror(errno));
+	    (void)fprintf(stderr, "%s: Can't stat %s: %s\n", progname,
-			++iErrs;
+			  pcDevTty, strerror(errno));
+	    ++iErrs;
 #if defined(VCHR) && defined(VMPC)
-		} else if (VCHR != st.st_type && VMPC != st.st_type) {
+	} else if (VCHR != st.st_type && VMPC != st.st_type) {
-			(void) fprintf(stderr, "%s: %s is not a character device\n", progname, pcDevTty);
+	    (void)fprintf(stderr, "%s: %s is not a character device\n",
-			++iErrs;
+			  progname, pcDevTty);
+	    ++iErrs;
 #endif
-		}
-	} else {
-		pcDevTty = (char *)0;
 	}
+    } else {
+	pcDevTty = (char *)0;
+    }
 
-	if (iErrs) {
+    if (iErrs) {
-		usage();
+	usage();
-		exit(1);
+	exit(1);
-		/* NOTREACHED */
+	/* NOTREACHED */
-	}
+    }
-	if (0 != geteuid()) {
+    if (0 != geteuid()) {
-		(void) fprintf(stderr, "%s: Must be root!!!\n", progname);
+	(void)fprintf(stderr, "%s: Must be root!!!\n", progname);
-		exit(1);
+	exit(1);
-		/* NOTREACHED */
+	/* NOTREACHED */
-	}
+    }
-	if (iGrps && 0 < setgroups(iGrps, awGrps)) {
+    if (iGrps && 0 < setgroups(iGrps, awGrps)) {
-		(void) fprintf(stderr, "%s: Can't setgroups(): %s\n", progname, strerror(errno));
+	(void)fprintf(stderr, "%s: Can't setgroups(): %s\n", progname,
-		exit(1);
+		      strerror(errno));
-		/* NOTREACHED */
+	exit(1);
-	}
+	/* NOTREACHED */
+    }
 
-	/* Close open files
+    /* Close open files
-	 */
+     */
-	for (i = (char *)0 == pcTty ? 3 : 0; i < getdtablesize(); ++i) {
+#if HAVE_CLOSEFROM
-		(void) close(i);
+    closefrom((char *)0 == pcTty ? 3 : 0);
-	}
+#else
+    for (i = (char *)0 == pcTty ? 3 : 0; i < getdtablesize(); ++i) {
+	(void)close(i);
+    }
+#endif
 
-	/* Make us a session leader so that when we open /dev/tty
+    /* Make us a session leader so that when we open /dev/tty
-	 * it will become our controlling terminal.
+     * it will become our controlling terminal.
-	 */
+     */
-	if (-1 == (iNewGrp = getsid(getpid()))) {
+    if (-1 == (iNewGrp = getsid(getpid()))) {
-		if (-1 == (iNewGrp = setsid())) {
+	if (-1 == (iNewGrp = setsid())) {
-			(void) fprintf(stderr, "%s: setsid: %d: %s\n", progname, iNewGrp, strerror(errno));
+	    (void)fprintf(stderr, "%s: setsid: %d: %s\n", progname,
-			iNewGrp = getpid();
+			  iNewGrp, strerror(errno));
-		}
+	    iNewGrp = getpid();
 	}
-
+    }
 #if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
-	if (!cannot_audit(0)) {
+    if (!cannot_audit(0)) {
 # if defined(HAVE_GETAUDIT_ADDR)
-		struct auditinfo_addr	audit_info;
+	struct auditinfo_addr audit_info;
 # else
-		struct auditinfo	audit_info;
+	struct auditinfo audit_info;
 # endif
-		au_mask_t		audit_mask;
+	au_mask_t audit_mask;
 # if !defined(HAVE_GETAUDIT_ADDR)
-		struct hostent		*hp;
+	struct hostent *hp;
 # endif
-		int			iAuditFile;
+	int iAuditFile;
-		int			fShowEvent = 1;
+	int fShowEvent = 1;
-		token_t			*ptAuditToken;
+	token_t *ptAuditToken;
 
-		(void)memset(&audit_info, 0, sizeof(audit_info));
+	(void)memset(&audit_info, 0, sizeof(audit_info));
-		audit_info.ai_auid = wUid;
+	audit_info.ai_auid = wUid;
-		audit_info.ai_asid = getpid();
+	audit_info.ai_asid = getpid();
-		audit_mask.am_success = audit_mask.am_failure = 0;
+	audit_mask.am_success = audit_mask.am_failure = 0;
-		(void) au_user_mask(pcLogin, &audit_mask);
+	(void)au_user_mask(pcLogin, &audit_mask);
-		audit_info.ai_mask.am_success = audit_mask.am_success;
+	audit_info.ai_mask.am_success = audit_mask.am_success;
-		audit_info.ai_mask.am_failure = audit_mask.am_failure;
+	audit_info.ai_mask.am_failure = audit_mask.am_failure;
 # if defined(HAVE_GETAUDIT_ADDR)
-		(void)aug_get_machine(my_hostname,
+	(void)aug_get_machine(my_hostname,
-				      &audit_info.ai_termid.at_addr[0],
+			      &audit_info.ai_termid.at_addr[0],
-				      &audit_info.ai_termid.at_type);
+			      &audit_info.ai_termid.at_type);
 # else
-		if ((char *)0 != (hp = gethostbyname(my_hostname))
+	if ((char *)0 != (hp = gethostbyname(my_hostname))
-		    && AF_INET == hp->h_addrtype) {
+	    && AF_INET == hp->h_addrtype) {
-			(void)memcpy(&audit_info.ai_termid.machine,
+	    (void)memcpy(&audit_info.ai_termid.machine, hp->h_addr,
-				     hp->h_addr,
+			 sizeof(audit_info.ai_termid.machine));
-				     sizeof(audit_info.ai_termid.machine));
-		}
-# endif
-# if defined(HAVE_GETAUDIT_ADDR)
-		if (0 > setaudit_addr(&audit_info, sizeof(audit_info)))
-# else
-		if (0 > setaudit(&audit_info))
-# endif
-		{
-			fprintf(stderr, "%s: setaudit failed: %s\n",
-				progname,
-				strerror(errno));
-			fShowEvent = 0;
-		}
-		if (fShowEvent) {
-			fShowEvent = au_preselect(AUE_autologin,
-						  &audit_mask,
-						  AU_PRS_SUCCESS,
-						  AU_PRS_REREAD);
-		}
-		if (fShowEvent) {
-			iAuditFile = au_open();
-# if defined(HAVE_GETAUDIT_ADDR)
-			ptAuditToken = au_to_subject_ex(wUid,
-						        wUid,
-						        wGid,
-						        wUid,
-						        wGid,
-						        audit_info.ai_asid,
-						        audit_info.ai_asid,
-						        &audit_info.ai_termid),
-# else
-			ptAuditToken = au_to_subject(wUid,
-						     wUid,
-						     wGid,
-						     wUid,
-						     wGid,
-						     audit_info.ai_asid,
-						     audit_info.ai_asid,
-						     &audit_info.ai_termid),
-# endif
-			(void)au_write(iAuditFile, ptAuditToken);
-			ptAuditToken = au_to_text(gettext("successful login"));
-			(void)au_write(iAuditFile, ptAuditToken);
-			if ((char *)0 != pcCmd) {
-				ptAuditToken = au_to_text(pcCmd);
-				(void)au_write(iAuditFile, ptAuditToken);
-			}
-# if defined(HAVE_GETAUDIT_ADDR)
-			ptAuditToken = au_to_return32(0, 0);
-# else
-			ptAuditToken = au_to_return(0, 0);
-# endif
-			(void)au_write(iAuditFile, ptAuditToken);
-			if(0 > au_close(iAuditFile, AU_TO_WRITE, AUE_autologin)) {
-				fprintf(stderr, "%s: audit write failed",
-					progname,
-					strerror(errno));
-			}
-		}
 	}
+# endif
+# if defined(HAVE_GETAUDIT_ADDR)
+	if (0 > setaudit_addr(&audit_info, sizeof(audit_info)))
+# else
+	if (0 > setaudit(&audit_info))
+# endif
+	{
+	    fprintf(stderr, "%s: setaudit failed: %s\n", progname,
+		    strerror(errno));
+	    fShowEvent = 0;
+	}
+	if (fShowEvent) {
+	    fShowEvent =
+		au_preselect(AUE_autologin, &audit_mask, AU_PRS_SUCCESS,
+			     AU_PRS_REREAD);
+	}
+	if (fShowEvent) {
+	    iAuditFile = au_open();
+# if defined(HAVE_GETAUDIT_ADDR)
+	    ptAuditToken =
+		au_to_subject_ex(wUid, wUid, wGid, wUid, wGid,
+				 audit_info.ai_asid, audit_info.ai_asid,
+				 &audit_info.ai_termid),
+# else
+	    ptAuditToken =
+		au_to_subject(wUid, wUid, wGid, wUid, wGid,
+			      audit_info.ai_asid, audit_info.ai_asid,
+			      &audit_info.ai_termid),
+# endif
+		(void)au_write(iAuditFile, ptAuditToken);
+	    ptAuditToken = au_to_text(gettext("successful login"));
+	    (void)au_write(iAuditFile, ptAuditToken);
+	    if ((char *)0 != pcCmd) {
+		ptAuditToken = au_to_text(pcCmd);
+		(void)au_write(iAuditFile, ptAuditToken);
+	    }
+# if defined(HAVE_GETAUDIT_ADDR)
+	    ptAuditToken = au_to_return32(0, 0);
+# else
+	    ptAuditToken = au_to_return(0, 0);
+# endif
+	    (void)au_write(iAuditFile, ptAuditToken);
+	    if (0 > au_close(iAuditFile, AU_TO_WRITE, AUE_autologin)) {
+		fprintf(stderr, "%s: audit write failed: %s", progname,
+			strerror(errno));
+	    }
+	}
+    }
 #endif
 
-	/* Open the TTY for stdin, stdout and stderr
+    /* Open the TTY for stdin, stdout and stderr
-	 */
+     */
-	if ((char *)0 != pcDevTty) {
+    if ((char *)0 != pcDevTty) {
 #ifdef TIOCNOTTY
-		if (-1 != (i = open("/dev/tty", 2, 0))) {
+	if (-1 != (i = open("/dev/tty", 2, 0))) {
-			if ( ioctl(i, TIOCNOTTY, (char *)0) )
+	    if (ioctl(i, TIOCNOTTY, (char *)0))
-				(void) fprintf(stderr, "%s: ioctl(%d, TIOCNOTTY, (char *)0): %s\n", progname, i, strerror(errno));
+		(void)fprintf(stderr,
-			(void) close(i);
+			      "%s: ioctl(%d, TIOCNOTTY, (char *)0): %s\n",
-		}
+			      progname, i, strerror(errno));
-#endif
+	    (void)close(i);
-		if (0 != open(pcDevTty, O_RDWR, 0666)) {
-			exit(1);
-			/* NOTREACHED */
-		}
-		dup(0);
-		dup(0);
 	}
+#endif
+	if (0 != open(pcDevTty, O_RDWR, 0666)) {
+	    exit(1);
+	    /* NOTREACHED */
+	}
+	dup(0);
+	dup(0);
+    }
 
-	/* put the tty in out process group
+    /* put the tty in out process group
-	 */
+     */
 #ifdef HAVE_TCGETPGRP
-	if (-1 >= (i = tcgetpgrp(0))){
+    if (-1 >= (i = tcgetpgrp(0))) {
-		(void) fprintf(stderr, "%s: tcgetpgrp: %s\n", progname, strerror(errno));
+	(void)fprintf(stderr, "%s: tcgetpgrp: %s\n", progname,
-	}
+		      strerror(errno));
+    }
 #endif
-#ifndef SETPGRP_VOID
+    if (-1 != i && setpgrp(0, i)) {
-	if (-1 != i && setpgrp(0, i) ){
+	(void)fprintf(stderr, "%s: setpgrp: %s, i = %d\n", progname,
-		(void) fprintf(stderr, "%s: setpgrp: %s, i = %d\n", progname, strerror(errno), i);
+		      strerror(errno), i);
-	}
+    }
-#endif
-
 #ifdef HAVE_TCSETPGRP
-	if (tcsetpgrp(0, iNewGrp)){
+    if (tcsetpgrp(0, iNewGrp)) {
-		(void) fprintf(stderr, "%s: tcsetpgrp: %s\n", progname, strerror(errno));
+	(void)fprintf(stderr, "%s: tcsetpgrp: %s\n", progname,
-	}
+		      strerror(errno));
-#endif
+    }
-#ifndef SETPGRP_VOID
-	if (-1 != iNewGrp && setpgrp(0, iNewGrp)){
-		(void) fprintf(stderr, "%s: setpgrp: %s, iNewGrp = %d\n", progname, strerror(errno), iNewGrp);
-	}
 #endif
+    if (-1 != iNewGrp && setpgrp(0, iNewGrp)) {
+	(void)fprintf(stderr, "%s: setpgrp: %s, iNewGrp = %d\n", progname,
+		      strerror(errno), iNewGrp);
+    }
 
-	/* put the tty in the correct mode
+    /* put the tty in the correct mode
-	 */
+     */
-#ifndef HAVE_TERMIOS_H
-	if (0 != ioctl(0, TIOCGETP, (char *)&n_sty)) {
-		fprintf(stderr, "%s: iotcl: getp: %s\n", progname, strerror(errno));
-		exit(10);
-	}
-#ifdef O_CBREAK
-	n_sty.sg_flags &= ~(O_CBREAK);
-	n_sty.sg_flags |= (O_CRMOD|O_ECHO);
-#else
-	n_sty.sg_flags &= ~(CBREAK);
-	n_sty.sg_flags |= (CRMOD|ECHO);
-#endif
-	n_sty.sg_kill = '\025';             /* ^U   */
-	n_sty.sg_erase = '\010';            /* ^H   */
-	if (0 != ioctl(0, TIOCSETP, (char *)&n_sty)) {
-		fprintf(stderr, "%s: iotcl: setp: %s\n", progname, strerror(errno));
-		exit(10);
-	}
-
-	/* stty undef all tty chars
-	 */
-#if 0
-	if (-1 == ioctl(0, TIOCGETC, (char *)&n_tchars)) {
-		fprintf(stderr, "%s: ioctl: getc: %s\n", progname, strerror(errno));
-		return;
-	}
-	n_tchars.t_intrc = -1;
-	n_tchars.t_quitc = -1;
-	if (-1 == ioctl(0, TIOCSETC, (char *)&n_tchars)) {
-		fprintf(stderr, "%s: ioctl: setc: %s\n", progname, strerror(errno));
-		return;
-	}
-#endif
-#ifdef TIOCGLTC
-	if (-1 == ioctl(0, TIOCGLTC, (char *)&n_ltchars)) {
-		fprintf(stderr, "%s: ioctl: gltc: %s\n", progname, strerror(errno));
-		return;
-	}
-	n_ltchars.t_suspc = -1;
-	n_ltchars.t_dsuspc = -1;
-	n_ltchars.t_flushc = -1;
-	n_ltchars.t_lnextc = -1;
-	if (-1 == ioctl(0, TIOCSLTC, (char *)&n_ltchars)) {
-		fprintf(stderr, "%s: ioctl: sltc: %s\n", progname, strerror(errno));
-		return;
-	}
-#endif
-#else	/* not using ioctl, using POSIX or sun stuff */
 #ifdef HAVE_TCGETATTR
-	if (0 != tcgetattr(0, &n_tio)) {
+    if (0 != tcgetattr(0, &n_tio)) {
-		(void) fprintf(stderr, "%s: tcgetattr: %s\n", progname, strerror(errno));
+	(void)fprintf(stderr, "%s: tcgetattr: %s\n", progname,
-		exit(1);
+		      strerror(errno));
-		/* NOTREACHED */
+	exit(1);
-	}
+	/* NOTREACHED */
+    }
 #else
-	if (0 != ioctl(0, TCGETS, &n_tio)) {
+    if (0 != ioctl(0, TCGETS, &n_tio)) {
-		(void) fprintf(stderr, "%s: iotcl: TCGETS: %s\n", progname, strerror(errno));
+	(void)fprintf(stderr, "%s: iotcl: TCGETS: %s\n", progname,
-		exit(1);
+		      strerror(errno));
-		/* NOTREACHED */
+	exit(1);
-	}
+	/* NOTREACHED */
+    }
 #endif
-	n_tio.c_iflag &= ~(IGNCR|IUCLC);
+    n_tio.c_iflag &= ~(IGNCR | IUCLC);
-	n_tio.c_iflag |= ICRNL|IXON|IXANY;
+    n_tio.c_iflag |= ICRNL | IXON | IXANY;
-	n_tio.c_oflag &= ~(OLCUC|ONOCR|ONLRET|OFILL|NLDLY|CRDLY|TABDLY|BSDLY);
+    n_tio.c_oflag &=
-	n_tio.c_oflag |= OPOST|ONLCR|TAB3;
+	~(OLCUC | ONOCR | ONLRET | OFILL | NLDLY | CRDLY | TABDLY | BSDLY);
-	n_tio.c_lflag &= ~(XCASE|NOFLSH|ECHOK|ECHONL);
+    n_tio.c_oflag |= OPOST | ONLCR | TAB3;
-	n_tio.c_lflag |= ISIG|ICANON|ECHO;
+    n_tio.c_lflag &= ~(XCASE | NOFLSH | ECHOK | ECHONL);
-	n_tio.c_cc[VEOF] = '\004';		/* ^D	*/
+    n_tio.c_lflag |= ISIG | ICANON | ECHO;
-	n_tio.c_cc[VEOL] = '\000';		/* EOL	*/
+    n_tio.c_cc[VEOF] = '\004';	/* ^D   */
-	n_tio.c_cc[VERASE] = '\010';		/* ^H	*/
+    n_tio.c_cc[VEOL] = '\000';	/* EOL  */
-	n_tio.c_cc[VINTR] = '\003';		/* ^C	*/
+    n_tio.c_cc[VERASE] = '\010';	/* ^H   */
-	n_tio.c_cc[VKILL] = '\025';		/* ^U	*/
+    n_tio.c_cc[VINTR] = '\003';	/* ^C   */
-	/* MIN */
+    n_tio.c_cc[VKILL] = '\025';	/* ^U   */
-	n_tio.c_cc[VQUIT] = '\034';		/* ^\	*/
+    /* MIN */
-	n_tio.c_cc[VSTART] = '\021';		/* ^Q	*/
+    n_tio.c_cc[VQUIT] = '\034';	/* ^\   */
-	n_tio.c_cc[VSTOP] = '\023';		/* ^S	*/
+    n_tio.c_cc[VSTART] = '\021';	/* ^Q   */
-	n_tio.c_cc[VSUSP] = '\032';		/* ^Z	*/
+    n_tio.c_cc[VSTOP] = '\023';	/* ^S   */
+    n_tio.c_cc[VSUSP] = '\032';	/* ^Z   */
 #ifdef HAVE_TCSETATTR
-	if (0 != tcsetattr(0, TCSANOW, &n_tio)) {
+    if (0 != tcsetattr(0, TCSANOW, &n_tio)) {
-		(void) fprintf(stderr, "%s: tcsetattr: %s\n", progname, strerror(errno));
+	(void)fprintf(stderr, "%s: tcsetattr: %s\n", progname,
-		exit(1);
+		      strerror(errno));
-		/* NOTREACHED */
+	exit(1);
-	}
+	/* NOTREACHED */
-#else
+    }
-#ifndef HAVE_TERMIOS_H
-	if (0 != ioctl(0, TCSETS, &n_tio)) {
-		(void) fprintf(stderr, "%s: ioctl: TCSETS: %s\n", progname, strerror(errno));
-		exit(1);
-		/* NOTREACHED */
-	}
 #endif
-#endif
-#endif	/* setup tty */
 
-	if (fMakeUtmp) {
+    if (fMakeUtmp) {
-		extern char *ttyname();
+	extern char *ttyname();
-		make_utmp(pcLogin, (char *)0 != pcTty ? pcTty : ttyname(0));
+	make_utmp(pcLogin, (char *)0 != pcTty ? pcTty : ttyname(0));
-	}
+    }
-	/* Change ownership and modes on the tty.
+    /* Change ownership and modes on the tty.
-	 */
+     */
-	if ((char *)0 != pcDevTty) {
+    if ((char *)0 != pcDevTty) {
-		(void) chown(pcDevTty, wUid, wGid);
+	(void)chown(pcDevTty, wUid, wGid);
-		(void) chmod(pcDevTty, (mode_t) TTYMODE);
+	(void)chmod(pcDevTty, (mode_t) TTYMODE);
-	}
+    }
 
-	if ((char *)0 != pcCmd) {
+    if ((char *)0 != pcCmd) {
-		execl(PATH_SU, "su", "-", pcLogin, pcCmd, (char *)0);
+	execl(PATH_SU, "su", "-", pcLogin, pcCmd, (char *)0);
-	} else {
+    } else {
-		execl(PATH_SU, "su", "-", pcLogin, (char *)0);
+	execl(PATH_SU, "su", "-", pcLogin, (char *)0);
-	}
+    }
 }
 
 #ifndef HAVE_PUTENV
 int
-putenv(pcAssign)
+putenv(char *pcAssign)
-char *pcAssign;
 {
-	register char *pcEq;
+    register char *pcEq;
 
-	if ((char *)0 != (pcEq = strchr(pcAssign, '='))) {
+    if ((char *)0 != (pcEq = strchr(pcAssign, '='))) {
-		*pcEq++ = '\000';
+	*pcEq++ = '\000';
-		(void)setenv(pcAssign, pcEq, 1);
+	(void)setenv(pcAssign, pcEq, 1);
-		*--pcEq = '=';
+	*--pcEq = '=';
-	} else {
+    } else {
-		unsetenv(pcAssign);
+	unsetenv(pcAssign);
-	}
+    }
 }
 #endif
 
 int
-addgroup(pcGrp)
+addgroup(char *pcGrp)
-char	*pcGrp;
 {
-	struct	group		*grp;
+    struct group *grp;
 
-	grp = getgrnam(pcGrp);
+    grp = getgrnam(pcGrp);
-	if ((struct group *)0 == grp) {
+    if ((struct group *)0 == grp) {
-		(void) fprintf(stderr, "%s: Unknown group: %s\n", progname, pcGrp);
+	(void)fprintf(stderr, "%s: Unknown group: %s\n", progname, pcGrp);
-		return(1);
+	return (1);
-	}
+    }
-	if (iGrps >= NGROUPS_MAX) {
+    if (iGrps >= NGROUPS_MAX) {
-		(void) fprintf(stderr, "%s: Too many groups specified with \"%s\".\n", progname, pcGrp);
+	(void)fprintf(stderr,
-		return(1);
+		      "%s: Too many groups specified with \"%s\".\n",
-	}
+		      progname, pcGrp);
-	awGrps[iGrps++] = grp->gr_gid;
+	return (1);
-	return(0);
+    }
+    awGrps[iGrps++] = grp->gr_gid;
+    return (0);
 }
 
 
 /* install a utmp entry to show the use we know is here is here		(ksb)
  */
 void
-make_utmp(pclogin, pctty)
+make_utmp(char *pclogin, char *pctty)
-char	*pclogin;
-char	*pctty;
 {
-	register int iFound, iPos;
+    register int iFound, iPos;
-	register int fdUtmp;
+    register int fdUtmp;
-	register char *pcDev;
+    register char *pcDev;
-	register struct utmp *up;
+    register struct utmp *up;
-	auto struct utmp outmp, utmp;
+    auto struct utmp utmp;
 
 
-	if ((char *)0 == pctty) {
+    if ((char *)0 == pctty) {
-		return;
+	return;
+    }
+
+    if ((fdUtmp = open(UTMP_FILE, O_RDWR, 0664)) < 0) {
+	return;
+    }
+
+    /* create empty utmp entry
+     */
+    (void)memset(&utmp, 0, sizeof(struct utmp));
+
+    /* Only the last portion of the tty is saved, unless it's
+     * all digits.  Then back up and include the previous part
+     * /dev/pty/02  -> pty/02 (not just 02)
+     */
+    if ((char *)0 != (pcDev = strrchr(pctty, '/'))) {
+	if (!*(pcDev + strspn(pcDev, "/0123456789"))) {
+	    while (pcDev != pctty && *--pcDev != '/') {
+	    }
 	}
-
+	if (*pcDev == '/') {
-	if ((fdUtmp = open(UTMP_FILE, O_RDWR, 0664)) < 0) {
+	    ++pcDev;
-		return;
-	}
-		
-	/* create empty utmp entry
-	 */
-	(void)memset(&utmp, 0, sizeof(struct utmp));
-
-	/* Only the last portion of the tty is saved, unless it's
-	 * all digits.  Then back up and include the previous part
-	 * /dev/pty/02  -> pty/02 (not just 02)
-	 */
-	if ((char *)0 != (pcDev = strrchr(pctty, '/'))) {
-		if (! *(pcDev + strspn(pcDev, "/0123456789"))) {
-			while (pcDev != pctty && *--pcDev != '/') {
-			}
-		}
-		if (*pcDev == '/') {
-			++pcDev;
-		}
-	} else {
-		pcDev = pctty;
 	}
+    } else {
+	pcDev = pctty;
+    }
 
 #ifdef HAVE_GETUTENT
-	/* look through getutent's by pid
+    /* look through getutent's by pid
-	 */
+     */
-	(void)setutent();
+    (void)setutent();
-	utmp.ut_pid = getpid();
+    utmp.ut_pid = getpid();
-	iFound = iPos = 0;
+    iFound = iPos = 0;
-	while ((up = getutent()) != NULL) {
+    while ((up = getutent()) != NULL) {
-		if (up->ut_pid == utmp.ut_pid) {
+	if (up->ut_pid == utmp.ut_pid) {
-			utmp = *up;
+	    utmp = *up;
-			++iFound;
+	    ++iFound;
-			break;
+	    break;
-		}
-		iPos++;
-	}
-	(void)endutent();
-	/* we were an initprocess, now we are a login shell
-	 */
-	utmp.ut_type = USER_PROCESS;
-	(void)strncpy(utmp.ut_user, pclogin, sizeof(utmp.ut_user));
-	if ('\000' == utmp.ut_line[0]) {
-		(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
 	}
+	iPos++;
+    }
+    (void)endutent();
+    /* we were an initprocess, now we are a login shell
+     */
+    utmp.ut_type = USER_PROCESS;
+    (void)strncpy(utmp.ut_user, pclogin, sizeof(utmp.ut_user));
+    if ('\000' == utmp.ut_line[0]) {
+	(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
+    }
 #else
-#ifdef HAVE_SETTTYENT
+# ifdef HAVE_SETTTYENT
-	{
+    {
 	register struct ttyent *ty;
 
 	/* look through ttyslots by line?
@@ -595,56 +519,56 @@ char	*pctty;
 	(void)setttyent();
 	iFound = iPos = 0;
 	while ((ty = getttyent()) != NULL) {
-		if (strcmp(ty->ty_name, pcDev) == 0) {
+	    if (strcmp(ty->ty_name, pcDev) == 0) {
-			++iFound;
+		++iFound;
-			break;
+		break;
-		}
+	    }
-		iPos++;
+	    iPos++;
 	}
 	/* fill in utmp from ty ZZZ */
 	(void)endttyent();
+    }
+    (void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
+    (void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
+    (void)strncpy(utmp.ut_host, "(autologin)", sizeof(utmp.ut_host));
+# else
+    /* look through /etc/utmp by hand (sigh)
+     */
+    iFound = iPos = 0;
+    while (sizeof(utmp) == read(fdUtmp, &utmp, sizeof(utmp))) {
+	if (0 == strncmp(utmp.ut_line, pcDev, sizeof(utmp.ut_line))) {
+	    ++iFound;
+	    break;
 	}
-	(void)strncpy(utmp.ut_line, pcDev, sizeof(utmp.ut_line));
+	iPos++;
-	(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
+    }
-	(void)strncpy(utmp.ut_host, "(autologin)", sizeof(utmp.ut_host));
+    (void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
-#else
+# endif
-	/* look through /etc/utmp by hand (sigh)
-	 */
-	iFound = iPos = 0;
-	while (sizeof(utmp) == read(fdUtmp, & utmp, sizeof(utmp))) {
-		if (0 == strncmp(utmp.ut_line, pcDev, sizeof(utmp.ut_line))) {
-			++iFound;
-			break;
-		}
-		iPos++;
-	}
-	(void)strncpy(utmp.ut_name, pclogin, sizeof(utmp.ut_name));
 #endif
-#endif
+    utmp.ut_time = time((time_t *)0);
-	utmp.ut_time = time((time_t *) 0);
 
-	if (0 == iFound) {
+    if (0 == iFound) {
-		fprintf(stderr, "%s: %s: no ttyslot\n", progname, pctty);
+	fprintf(stderr, "%s: %s: no ttyslot\n", progname, pctty);
-	} else if (-1 == lseek(fdUtmp, (off_t)(iPos*sizeof(utmp)), 0)) {
+    } else if (-1 == lseek(fdUtmp, (off_t) (iPos * sizeof(utmp)), 0)) {
-		fprintf(stderr, "%s: lseek: %s\n", progname, strerror(errno));
+	fprintf(stderr, "%s: lseek: %s\n", progname, strerror(errno));
-	} else {
+    } else {
-		(void)write(fdUtmp, (char *)&utmp, sizeof(utmp));
+	(void)write(fdUtmp, (char *)&utmp, sizeof(utmp));
-	}
+    }
-	(void)close(fdUtmp);
+    (void)close(fdUtmp);
 }
 
 
 void
-usage()
+usage(void)
 {
-	char *u_pch;
+    char *u_pch;
-	int u_loop;
+    int u_loop;
 
-	for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
+    for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
-		fprintf(stdout, "%s: usage%s\n", progname, u_pch);
+	fprintf(stdout, "%s: usage%s\n", progname, u_pch);
-	}
+    }
-	for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
+    for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
-		fprintf(stdout, "%s\n", u_pch);
+	fprintf(stdout, "%s\n", u_pch);
-	}
+    }
 
 }

autologin/autologin.m

@@ -1,7 +1,5 @@
 # mkcmd parser for autologin program
 %%
-static char *rcsid =
-	"$Id: autologin.m,v 1.1 2003/11/04 02:36:24 bryan Exp $";
 %%
 
 integer variable "iErrs" {

autologin/autologin.man

@@ -1,4 +1,3 @@
-.\" $Id: autologin.man,v 1.1 2003/11/04 02:36:24 bryan Exp $
 .TH AUTOLOGIN 8L PUCC
 .SH NAME
 autologin \- create an automatic login session from /etc/inittab
@@ -112,12 +111,21 @@ environment variable set to
 	ss10:2:respawn:/usr/local/etc/autologin \-e TERM=reg20 \-t/dev/tty10 \-lssinfo
 .ad
 .PP
-Adding the following line to \fI/etc/ttytab\fP on a Sun 4.1.\fIx\fP
+Adding the following line to
+.I /etc/ttytab
+on a Sun
+.RI 4.1. x
 machine establishes a root login on the console device:
+.br
 .na
 	console "/usr/local/etc/autologin \-lroot \-t"    xterm   on local secure
 .ad
-Note that \fIinit\fP provides the \fItty\fP argument on the end of the command.
+.PP
+Note that
+.I init
+provides the
+.I tty
+argument on the end of the command.
 .SH FILES
 /bin/su
 .br

autologin/main.c

@@ -13,174 +13,170 @@
 
 #ifndef HAVE_GETOPT
 static int
-	optopt;			/* character checked for validity	*/
+  optopt;			/* character checked for validity       */
 
 /* get option letter from argument vector, also does -number correctly
  * for nice, xargs, and stuff (these extras by ksb)
  * does +arg if you give a last argument of "+", else give (char *)0
  */
 static int
-getopt(nargc, nargv, ostr)
+getopt(int nargc, char **nargv, char *ostr)
-int nargc;
-char **nargv, *ostr;
 {
-	register char	*oli;		/* option letter list index	*/
+    register char *oli;		/* option letter list index     */
-	static char	EMSG[] = "";	/* just a null place		*/
+    static char EMSG[] = "";	/* just a null place            */
-	static char	*place = EMSG;	/* option letter processing	*/
+    static char *place = EMSG;	/* option letter processing     */
 
-	if ('\000' == *place) {		/* update scanning pointer */
+    if ('\000' == *place) {	/* update scanning pointer */
-		if (optind >= nargc)
+	if (optind >= nargc)
-			return EOF;
+	    return EOF;
-		if (nargv[optind][0] != '-') {
+	if (nargv[optind][0] != '-') {
-			register int iLen;
+	    register int iLen;
-			return EOF;
+	    return EOF;
-		}
-		place = nargv[optind];
-		if ('\000' == *++place)	/* "-" (stdin)		*/
-			return EOF;
-		if (*place == '-' && '\000' == place[1]) {
-			/* found "--"		*/
-			++optind;
-			return EOF;
-		}
-	}				/* option letter okay? */
-	/* if we find the letter, (not a `:')
-	 * or a digit to match a # in the list
-	 */
-	if ((optopt = *place++) == ':' ||
-	 ((char *)0 == (oli = strchr(ostr,optopt)) &&
-	  (!(isdigit(optopt)||'-'==optopt) || (char *)0 == (oli = strchr(ostr, '#'))))) {
-		if(!*place) ++optind;
-		return('?');
 	}
-	if ('#' == *oli) {		/* accept as -digits */
+	place = nargv[optind];
-		optarg = place -1;
+	if ('\000' == *++place)	/* "-" (stdin)              */
-		++optind;
+	    return EOF;
-		place = EMSG;
+	if (*place == '-' && '\000' == place[1]) {
-		return '#';
+	    /* found "--"           */
+	    ++optind;
+	    return EOF;
 	}
-	if (*++oli != ':') {		/* don't need argument */
+    }
-		optarg = NULL;
+    /* option letter okay? */
-		if ('\000' == *place)
+    /* if we find the letter, (not a `:')
-			++optind;
+     * or a digit to match a # in the list
-	} else {				/* need an argument */
+     */
-		if (*place) {			/* no white space */
+    if ((optopt = *place++) == ':' ||
-			optarg = place;
+	((char *)0 == (oli = strchr(ostr, optopt)) &&
-		} else if (nargc <= ++optind) {	/* no arg!! */
+	 (!(isdigit(optopt) || '-' == optopt) ||
-			place = EMSG;
+	  (char *)0 == (oli = strchr(ostr, '#'))))) {
-			return '*';
+	if (!*place)
-		} else {
+	    ++optind;
-			optarg = nargv[optind];	/* white space */
+	return ('?');
-		}
+    }
-		place = EMSG;
+    if ('#' == *oli) {		/* accept as -digits */
-		++optind;
+	optarg = place - 1;
+	++optind;
+	place = EMSG;
+	return '#';
+    }
+    if (*++oli != ':') {	/* don't need argument */
+	optarg = NULL;
+	if ('\000' == *place)
+	    ++optind;
+    } else {			/* need an argument */
+	if (*place) {		/* no white space */
+	    optarg = place;
+	} else if (nargc <= ++optind) {	/* no arg!! */
+	    place = EMSG;
+	    return '*';
+	} else {
+	    optarg = nargv[optind];	/* white space */
 	}
-	return optopt;			/* dump back option letter */
+	place = EMSG;
+	++optind;
+    }
+    return optopt;		/* dump back option letter */
 }
 #endif /* ! HAVE_GETOPT */
 
 char
-	*progname = "$Id: main.c,v 1.1 2003/11/04 02:36:24 bryan Exp $",
+ *progname = "", *au_terse[] = {
-	*au_terse[] = {
+    " [-u] [-c cmd] [-e env=value] [-g group] [-l login] [-t tty]",
-		" [-u] [-c cmd] [-e env=value] [-g group] [-l login] [-t tty]",
+    " -h",
-		" -h",
+    " -V",
-		" -V",
+    (char *)0
-		(char *)0
+}, *u_help[] = {
-	},
+
-	*u_help[] = {
+    "c cmd       command to run",
-		"c cmd       command to run",
+    "e env=value environment variable to set",
-		"e env=value environment variable to set",
+    "g group     initial group",
-		"g group     initial group",
+    "h           print this help message",
-		"h           print this help message",
+    "l login     login name",
-		"l login     login name",
+    "t tty       attach to this terminal",
-		"t tty       attach to this terminal",
+    "u           do no make utmp entry",
-		"u           do no make utmp entry",
+    "V           show version information", (char *)0
-		"V           show version information",
+}, *pcCommand = (char *)0, *pcGroup = (char *)0, *pcLogin =
-		(char *)0
+    (char *)0, *pcTty = (char *)0;
-	},
-	*pcCommand = (char *)0,
-	*pcGroup = (char *)0,
-	*pcLogin = (char *)0,
-	*pcTty = (char *)0;
 int
-	fMakeUtmp = 1,
+  fMakeUtmp = 1, iErrs = 0;
-	iErrs = 0;
 
 #ifndef u_terse
-#define u_terse	(au_terse[0])
+# define u_terse	(au_terse[0])
 #endif
 
-static char *rcsid =
-        "$Id: main.c,v 1.1 2003/11/04 02:36:24 bryan Exp $";
-
 /*
  * parser
  */
 int
-main(argc, argv)
+main(int argc, char **argv)
-int argc;
-char **argv;
 {
-	static char
+    static char
-		sbOpt[] = "c:e:g:hl:t:uV",
+      sbOpt[] = "c:e:g:hl:t:uV", *u_pch = (char *)0;
-		*u_pch = (char *)0;
+    static int
-	static int
+      u_loop = 0;
-		u_loop = 0;
+    register int u_curopt;
-	register int u_curopt;
+    extern int atoi();
-	extern int atoi();
 
-	progname = strrchr(argv[0], '/');
+    progname = strrchr(argv[0], '/');
-	if ((char *)0 == progname)
+    if ((char *)0 == progname)
-		progname = argv[0];
+	progname = argv[0];
-	else
+    else
-		++progname;
+	++progname;
-	while (EOF != (u_curopt = getopt(argc, argv, sbOpt))) {
+    while (EOF != (u_curopt = getopt(argc, argv, sbOpt))) {
-		switch (u_curopt) {
+	switch (u_curopt) {
-		case '*':
+	    case '*':
-			fprintf(stderr, "%s: option `-%c\' needs a parameter\n", progname, optopt);
+		fprintf(stderr, "%s: option `-%c\' needs a parameter\n",
-			exit(1);
+			progname, optopt);
-		case '?':
+		exit(1);
-			fprintf(stderr, "%s: unknown option `-%c\', use `-h\' for help\n", progname, optopt);
+	    case '?':
-			exit(1);
+		fprintf(stderr,
-		case 'c':
+			"%s: unknown option `-%c\', use `-h\' for help\n",
-			pcCommand = optarg;
+			progname, optopt);
-			continue;
+		exit(1);
-		case 'e':
+	    case 'c':
-			if (putenv(optarg) != 0) {
+		pcCommand = optarg;
-				 (void) fprintf(stderr, "%s: putenv(\"%s\"): failed\n", progname, optarg);
+		continue;
-				exit(1);
+	    case 'e':
-			}
+		if (putenv(optarg) != 0) {
-			continue;
+		    (void)fprintf(stderr, "%s: putenv(\"%s\"): failed\n",
-		case 'g':
+				  progname, optarg);
-			pcGroup = optarg;
+		    exit(1);
-			continue;
-		case 'h':
-			for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]); ++u_loop) {
-				if ('\000' == *u_pch) {
-					fprintf(stdout, "%s: with no parameters\n", progname);
-					continue;
-				}
-				fprintf(stdout, "%s: usage%s\n", progname, u_pch);
-			}
-			for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]); ++u_loop) {
-				fprintf(stdout, "%s\n", u_pch);
-			}
-			exit(0);
-		case 'l':
-			pcLogin = optarg;
-			continue;
-		case 't':
-			pcTty = optarg;
-			continue;
-		case 'u':
-			fMakeUtmp = 0;
-			continue;
-		case 'V':
-			printf("%s: %s\n", progname, rcsid);
-			exit(0);
 		}
-		break;
+		continue;
+	    case 'g':
+		pcGroup = optarg;
+		continue;
+	    case 'h':
+		for (u_loop = 0; (char *)0 != (u_pch = au_terse[u_loop]);
+		     ++u_loop) {
+		    if ('\000' == *u_pch) {
+			fprintf(stdout, "%s: with no parameters\n",
+				progname);
+			continue;
+		    }
+		    fprintf(stdout, "%s: usage%s\n", progname, u_pch);
+		}
+		for (u_loop = 0; (char *)0 != (u_pch = u_help[u_loop]);
+		     ++u_loop) {
+		    fprintf(stdout, "%s\n", u_pch);
+		}
+		exit(0);
+	    case 'l':
+		pcLogin = optarg;
+		continue;
+	    case 't':
+		pcTty = optarg;
+		continue;
+	    case 'u':
+		fMakeUtmp = 0;
+		continue;
+	    case 'V':
+		printf("%s\n", progname);
+		exit(0);
 	}
-	Process();
+	break;
-	exit(iErrs);
+    }
+    Process();
+    exit(iErrs);
 }

autologin/main.h

@@ -4,7 +4,7 @@
 
 extern char *progname, *au_terse[4], *u_help[9];
 #ifndef u_terse
-#define u_terse	(au_terse[0])
+# define u_terse	(au_terse[0])
 #endif
 extern int main();
 extern int fMakeUtmp, iErrs;
@@ -12,4 +12,3 @@ extern char *pcCommand, *pcGroup, *pcLogin, *pcTty;
 /* from std_help.m */
 /* from std_version.m */
 /* from autologin.m */
-

compat.h

@@ -8,6 +8,7 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <netinet/in.h>
+#include <sys/un.h>
 #include <arpa/inet.h>
 #include <netdb.h>
 #include <ctype.h>
@@ -34,18 +35,29 @@
 # define DEFESC		'c'
 #endif
 
+/* set the default length of the replay functions
+ * DEFREPLAY for 'r'
+ * DEFPLAYBACK for 'p'
+ */
+#if !defined(DEFREPLAY)
+# define DEFREPLAY	20
+#endif
+#if !defined(PLAYBACK)
+# define DEFPLAYBACK	60
+#endif
+
 /* For legacy compile-time setting of the port...
  */
 #if ! defined(DEFPORT)
-#  if defined(SERVICENAME)
+# if defined(SERVICENAME)
-#    define DEFPORT SERVICENAME
+#  define DEFPORT SERVICENAME
+# else
+#  if defined(PORTNUMBER)
+#   define DEFPORT PORTNUMBER
 #  else
-#    if defined(PORTNUMBER)
+#   define DEFPORT "conserver"
-#      define DEFPORT PORTNUMBER
-#    else
-#      define DEFPORT "conserver"
-#    endif
 #  endif
+# endif
 #endif
 
 #if STDC_HEADERS
@@ -91,6 +103,18 @@ typedef long fd_set;
 
 #include <termios.h>
 
+#ifndef TAB3
+# ifdef OXTABS
+#  define TAB3 OXTABS
+# else
+#  ifdef XTABS
+#   define TAB3 XTABS
+#  else
+#   define TAB3 0
+#  endif
+# endif
+#endif
+
 #ifdef HAVE_STROPTS_H
 # include <stropts.h>
 #endif
@@ -105,7 +129,7 @@ typedef long fd_set;
 #endif
 
 #if HAVE_TYPES_H
-#include <sys/types.h>
+# include <sys/types.h>
 #endif
 
 #if HAVE_SYS_WAIT_H
@@ -114,30 +138,30 @@ typedef long fd_set;
 #define LO(s) ((unsigned)((s) & 0377))
 #define HI(s) ((unsigned)(((s) >> 8) & 0377))
 #if !defined(WIFEXITED)
-#define WIFEXITED(s) (LO(s)==0)
+# define WIFEXITED(s) (LO(s)==0)
 #endif
 #if !defined(WEXITSTATUS)
-#define WEXITSTATUS(s) HI(s)
+# define WEXITSTATUS(s) HI(s)
 #endif
 #if !defined(WIFSIGNALED)
-#define WIFSIGNALED(s) ((LO(s)>0)&&(HI(s)==0))
+# define WIFSIGNALED(s) ((LO(s)>0)&&(HI(s)==0))
 #endif
 #if !defined(WTERMSIG)
-#define WTERMSIG(s) (LO(s)&0177)
+# define WTERMSIG(s) (LO(s)&0177)
 #endif
 #if !defined(WIFSTOPPED)
-#define WIFSTOPPED(s) ((LO(s)==0177)&&(HI(s)!=0))
+# define WIFSTOPPED(s) ((LO(s)==0177)&&(HI(s)!=0))
 #endif
 #if !defined(WSTOPSIG)
-#define WSTOPSIG(s) HI(s)
+# define WSTOPSIG(s) HI(s)
 #endif
 
 #if HAVE_SYSEXITS_H
-#include <sysexits.h>
+# include <sysexits.h>
 #else
-#define EX_OK 0
+# define EX_OK 0
-#define EX_UNAVAILABLE 69
+# define EX_UNAVAILABLE 69
-#define EX_TEMPFAIL 75
+# define EX_TEMPFAIL 75
 #endif
 
 #include <errno.h>
@@ -211,19 +235,19 @@ extern char *h_errlist[];
 #endif
 
 #ifdef HAVE_USERSEC_H
-#include <usersec.h>
+# include <usersec.h>
 #endif
 
 #ifdef HAVE_PTY_H
-#include <pty.h>
+# include <pty.h>
 #endif
 
 #ifdef HAVE_LIBUTIL_H
-#include <libutil.h>
+# include <libutil.h>
 #endif
 
 #ifdef HAVE_UTIL_H
-#include <util.h>
+# include <util.h>
 #endif
 
 
@@ -256,54 +280,66 @@ typedef int socklen_t;
  *  as legacy definitions.
  */
 #ifndef IUCLC
-#define IUCLC 0
+# define IUCLC 0
 #endif
 #ifndef OLCUC
-#define OLCUC 0
+# define OLCUC 0
 #endif
 #ifndef XCASE
-#define XCASE 0
+# define XCASE 0
 #endif
 /* Some systems don't have OFILL or *DLY. */
 #ifndef OFILL
-#define OFILL 0
+# define OFILL 0
 #endif
 #ifndef NLDLY
-#define NLDLY 0
+# define NLDLY 0
 #endif
 #ifndef CRDLY
-#define CRDLY 0
+# define CRDLY 0
 #endif
 #ifndef TABDLY
-#define TABDLY 0
+# define TABDLY 0
 #endif
 #ifndef BSDLY
-#define BSDLY 0
+# define BSDLY 0
 #endif
 #ifndef ONOCR
-#define ONOCR 0
+# define ONOCR 0
 #endif
 #ifndef ONLRET
-#define ONLRET 0
+# define ONLRET 0
 #endif
 
 #ifndef SEEK_SET
-#define SEEK_SET L_SET
+# define SEEK_SET L_SET
-#endif
-
-#ifndef PARAMS
-# if PROTOTYPES
-#  define PARAMS(protos) protos
-# else /* no PROTOTYPES */
-#  define PARAMS(protos) ()
-# endif	/* no PROTOTYPES */
 #endif
 
 /* setup a conditional debugging line */
 #ifndef CONDDEBUG
-#define CONDDEBUG(line) if (fDebug) {debugFileName=__FILE__; debugLineNo=__LINE__; Debug line;}
+# define CONDDEBUG(line) if (fDebug) {debugFileName=__FILE__; debugLineNo=__LINE__; Debug line;}
 #endif
 
 #if HAVE_DMALLOC
-#include <dmalloc.h>
+# include <dmalloc.h>
+#endif
+
+#if HAVE_FREEIPMI
+# include <ipmiconsole.h>
+#endif
+
+#ifndef INADDR_STYPE
+# if USE_IPV6
+#  define INADDR_STYPE struct sockaddr_storage
+# else
+#  define INADDR_STYPE struct in_addr
+# endif
+#endif
+
+#ifndef SOCKADDR_STYPE
+# if USE_IPV6
+#  define SOCKADDR_STYPE struct sockaddr_storage
+# else
+#  define SOCKADDR_STYPE struct sockaddr_in
+# endif
 #endif

config.h.in

@@ -1,356 +0,0 @@
-/* config.h.in.  Generated from configure.in by autoheader.  */
-
-/* Config file path */
-#undef CONFIGFILE
-
-/* ./configure invocation */
-#undef CONFIGINVOCATION
-
-/* TCP connection timeout */
-#undef CONNECTTIMEOUT
-
-/* Base socket used for secondary channel */
-#undef DEFBASEPORT
-
-/* Socket used to communicate */
-#undef DEFPORT
-
-/* Define to 1 if you have the `bigcrypt' function. */
-#undef HAVE_BIGCRYPT
-
-/* Define to 1 if you have the <bsm/audit.h> header file. */
-#undef HAVE_BSM_AUDIT_H
-
-/* Define to 1 if you have the <crypt.h> header file. */
-#undef HAVE_CRYPT_H
-
-/* have dmalloc support */
-#undef HAVE_DMALLOC
-
-/* Define to 1 if you have the `getaudit' function. */
-#undef HAVE_GETAUDIT
-
-/* Define to 1 if you have the `getaudit_addr' function. */
-#undef HAVE_GETAUDIT_ADDR
-
-/* Define to 1 if you have the `getdtablesize' function. */
-#undef HAVE_GETDTABLESIZE
-
-/* Define to 1 if you have the `getlogin' function. */
-#undef HAVE_GETLOGIN
-
-/* Define to 1 if you have the `getopt' function. */
-#undef HAVE_GETOPT
-
-/* Define to 1 if you have the <getopt.h> header file. */
-#undef HAVE_GETOPT_H
-
-/* Define to 1 if you have the `getprpwnam' function. */
-#undef HAVE_GETPRPWNAM
-
-/* Define to 1 if you have the `getrlimit' function. */
-#undef HAVE_GETRLIMIT
-
-/* Define to 1 if you have the `getsid' function. */
-#undef HAVE_GETSID
-
-/* Define to 1 if you have the `getspnam' function. */
-#undef HAVE_GETSPNAM
-
-/* Define to 1 if you have the `getuserattr' function. */
-#undef HAVE_GETUSERATTR
-
-/* Define to 1 if you have the `getutent' function. */
-#undef HAVE_GETUTENT
-
-/* Define to 1 if you have the `grantpt' function. */
-#undef HAVE_GRANTPT
-
-/* Define to 1 if you have the <hpsecurity.h> header file. */
-#undef HAVE_HPSECURITY_H
-
-/* Define to 1 if you have the `inet_aton' function. */
-#undef HAVE_INET_ATON
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Defined if in_addr_t exists */
-#undef HAVE_IN_ADDR_T
-
-/* Define to 1 if you have the `iscomsec' function. */
-#undef HAVE_ISCOMSEC
-
-/* Define to 1 if you have the `bsm' library (-lbsm). */
-#undef HAVE_LIBBSM
-
-/* Define to 1 if you have the `sec' library (-lsec). */
-#undef HAVE_LIBSEC
-
-/* Define to 1 if you have the `util' library (-lutil). */
-#undef HAVE_LIBUTIL
-
-/* Define to 1 if you have the <libutil.h> header file. */
-#undef HAVE_LIBUTIL_H
-
-/* Define to 1 if you have the `xnet' library (-lxnet). */
-#undef HAVE_LIBXNET
-
-/* Define to 1 if you have the `memcmp' function. */
-#undef HAVE_MEMCMP
-
-/* Define to 1 if you have the `memcpy' function. */
-#undef HAVE_MEMCPY
-
-/* Define to 1 if you have the `memmove' function. */
-#undef HAVE_MEMMOVE
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the `memset' function. */
-#undef HAVE_MEMSET
-
-/* Define to 1 if you have the `openpty' function. */
-#undef HAVE_OPENPTY
-
-/* have openssl support */
-#undef HAVE_OPENSSL
-
-/* have PAM support */
-#undef HAVE_PAM
-
-/* Define to 1 if you have the <prot.h> header file. */
-#undef HAVE_PROT_H
-
-/* Define to 1 if you have the `ptsname' function. */
-#undef HAVE_PTSNAME
-
-/* Define to 1 if you have the <pty.h> header file. */
-#undef HAVE_PTY_H
-
-/* Define to 1 if you have the `putenv' function. */
-#undef HAVE_PUTENV
-
-/* Defined if sa_len member exists in struct sockaddr */
-#undef HAVE_SA_LEN
-
-/* Define to 1 if you have the `setgroups' function. */
-#undef HAVE_SETGROUPS
-
-/* Define to 1 if you have the `setlinebuf' function. */
-#undef HAVE_SETLINEBUF
-
-/* Define to 1 if you have the `setpgrp' function. */
-#undef HAVE_SETPGRP
-
-/* Define to 1 if you have the `setproctitle' function. */
-#undef HAVE_SETPROCTITLE
-
-/* Define to 1 if you have the `setsid' function. */
-#undef HAVE_SETSID
-
-/* Define to 1 if you have the `setsockopt' function. */
-#undef HAVE_SETSOCKOPT
-
-/* Define to 1 if you have the `setttyent' function. */
-#undef HAVE_SETTTYENT
-
-/* Define to 1 if you have the `setvbuf' function. */
-#undef HAVE_SETVBUF
-
-/* Define to 1 if you have the <shadow.h> header file. */
-#undef HAVE_SHADOW_H
-
-/* Define to 1 if you have the `sigaction' function. */
-#undef HAVE_SIGACTION
-
-/* Defined if socklen_t exists */
-#undef HAVE_SOCKLEN_T
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define if strcasecmp is available */
-#undef HAVE_STRCASECMP
-
-/* Define to 1 if you have the `strerror' function. */
-#undef HAVE_STRERROR
-
-/* Define if stricmp is available */
-#undef HAVE_STRICMP
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the <stropts.h> header file. */
-#undef HAVE_STROPTS_H
-
-/* Define to 1 if you have the `sysconf' function. */
-#undef HAVE_SYSCONF
-
-/* Define to 1 if you have the <sysexits.h> header file. */
-#undef HAVE_SYSEXITS_H
-
-/* Define to 1 if you have the <sys/audit.h> header file. */
-#undef HAVE_SYS_AUDIT_H
-
-/* Define to 1 if you have the <sys/ioctl_compat.h> header file. */
-#undef HAVE_SYS_IOCTL_COMPAT_H
-
-/* Define to 1 if you have the <sys/ioctl.h> header file. */
-#undef HAVE_SYS_IOCTL_H
-
-/* Define to 1 if you have the <sys/param.h> header file. */
-#undef HAVE_SYS_PARAM_H
-
-/* Define to 1 if you have the <sys/proc.h> header file. */
-#undef HAVE_SYS_PROC_H
-
-/* Define to 1 if you have the <sys/resource.h> header file. */
-#undef HAVE_SYS_RESOURCE_H
-
-/* Define to 1 if you have the <sys/select.h> header file. */
-#undef HAVE_SYS_SELECT_H
-
-/* Define to 1 if you have the <sys/sockio.h> header file. */
-#undef HAVE_SYS_SOCKIO_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/time.h> header file. */
-#undef HAVE_SYS_TIME_H
-
-/* Define to 1 if you have the <sys/ttold.h> header file. */
-#undef HAVE_SYS_TTOLD_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <sys/uio.h> header file. */
-#undef HAVE_SYS_UIO_H
-
-/* Define to 1 if you have the <sys/vlimit.h> header file. */
-#undef HAVE_SYS_VLIMIT_H
-
-/* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
-#undef HAVE_SYS_WAIT_H
-
-/* Define to 1 if you have the `tcgetattr' function. */
-#undef HAVE_TCGETATTR
-
-/* Define to 1 if you have the `tcgetpgrp' function. */
-#undef HAVE_TCGETPGRP
-
-/* Define to 1 if you have the `tcsendbreak' function. */
-#undef HAVE_TCSENDBREAK
-
-/* Define to 1 if you have the `tcsetattr' function. */
-#undef HAVE_TCSETATTR
-
-/* Define to 1 if you have the `tcsetpgrp' function. */
-#undef HAVE_TCSETPGRP
-
-/* Define to 1 if you have the <ttyent.h> header file. */
-#undef HAVE_TTYENT_H
-
-/* Define to 1 if you have the <types.h> header file. */
-#undef HAVE_TYPES_H
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to 1 if you have the `unlockpt' function. */
-#undef HAVE_UNLOCKPT
-
-/* Define to 1 if you have the <usersec.h> header file. */
-#undef HAVE_USERSEC_H
-
-/* Define to 1 if you have the <util.h> header file. */
-#undef HAVE_UTIL_H
-
-/* Logfile path */
-#undef LOGFILEPATH
-
-/* Hostname of console server */
-#undef MASTERHOST
-
-/* Number of consoles per child process */
-#undef MAXMEMB
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Password file path */
-#undef PASSWDFILE
-
-/* pidfile to write to */
-#undef PIDFILE
-
-/* Define to 1 if the C compiler supports function prototypes. */
-#undef PROTOTYPES
-
-/* Define as the return type of signal handlers (`int' or `void'). */
-#undef RETSIGTYPE
-
-/* Define to 1 if the `setpgrp' function takes no argument. */
-#undef SETPGRP_VOID
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
-#undef TIME_WITH_SYS_TIME
-
-/* Defined if we trust reverse DNS */
-#undef TRUST_REVERSE_DNS
-
-/* Defined if we produce extended messages */
-#undef USE_EXTENDED_MESSAGES
-
-/* use tcp_wrappers libwrap */
-#undef USE_LIBWRAP
-
-/* Define to 1 if on AIX 3.
-   System headers sometimes define this.
-   We just want to avoid a redefinition error message.  */
-#ifndef _ALL_SOURCE
-# undef _ALL_SOURCE
-#endif
-
-/* Define like PROTOTYPES; this can be used by system headers. */
-#undef __PROTOTYPES
-
-/* Define to empty if `const' does not conform to ANSI C. */
-#undef const
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef mode_t
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef pid_t
-
-/* Define if <signal.h> does not define sig_atomic_t */
-#undef sig_atomic_t
-
-/* Define to `unsigned' if <sys/types.h> does not define. */
-#undef size_t

configure.ac

@@ -4,6 +4,7 @@ AH_TEMPLATE([DEFPORT], [Socket used to communicate])
 AH_TEMPLATE([DEFBASEPORT], [Base socket used for secondary channel])
 AH_TEMPLATE([MASTERHOST], [Hostname of console server])
 AH_TEMPLATE([CONFIGFILE], [Config file path])
+AH_TEMPLATE([CLIENTCONFIGFILE], [Client config file path])
 AH_TEMPLATE([PASSWDFILE], [Password file path])
 AH_TEMPLATE([LOGFILEPATH], [Logfile path])
 AH_TEMPLATE([MAXMEMB], [Number of consoles per child process])
@@ -13,17 +14,27 @@ AH_TEMPLATE([USE_LIBWRAP], [use tcp_wrappers libwrap])
 dnl AH_TEMPLATE([HAVE_POSIX_REGCOMP], [have POSIX regcomp])
 AH_TEMPLATE([HAVE_PAM], [have PAM support])
 AH_TEMPLATE([HAVE_OPENSSL], [have openssl support])
+AH_TEMPLATE([HAVE_GSSAPI], [have gss-api support])
+AH_TEMPLATE([HAVE_FREEIPMI], [have freeipmi support])
+AH_TEMPLATE([STRIP_REALM], [retry username without @REALM with gss-api authentication])
 AH_TEMPLATE([HAVE_DMALLOC], [have dmalloc support])
 AH_TEMPLATE([HAVE_SA_LEN],[Defined if sa_len member exists in struct sockaddr])
 AH_TEMPLATE([TRUST_REVERSE_DNS],[Defined if we trust reverse DNS])
 AH_TEMPLATE([USE_EXTENDED_MESSAGES],[Defined if we produce extended messages])
+AH_TEMPLATE([USE_UNIX_DOMAIN_SOCKETS],[Defined if we use Unix domain sockets])
+AH_TEMPLATE([USE_IPV6], [Defined if building with IPv6 support])
+AH_TEMPLATE([UDSDIR], [Directory for Unix domain sockets])
+AH_TEMPLATE([FOR_CYCLADES_TS], [Defined if building for a Cyclades TS])
+AH_TEMPLATE([REQ_SERVER_CERT], [Defined if client requires server SSL certificate])
+AH_TEMPLATE([TRUST_UDS_CRED], [Defined if we trust credentials from UDS client])
 
 dnl ### Normal initialization. ######################################
-AC_INIT
+AC_INIT([conserver],m4_esyscmd_s([./gen-version number]))
+AC_PREREQ(2.69)
 AC_CONFIG_SRCDIR([conserver/main.c])
 AC_CONFIG_HEADER(config.h)
 
-AC_DEFINE_UNQUOTED(CONFIGINVOCATION, "$0 $@")
+AC_DEFINE_UNQUOTED(CONFIGINVOCATION, "$0 $*")
 
 dnl ### Set some option defaults. ###################################
 if test -z "$CFLAGS"; then
@@ -32,6 +43,9 @@ fi
 MKDIR="mkdir -p -m 755"
 AC_SUBST(MKDIR)
 
+AC_SUBST(CONSERVER_VERSION, m4_esyscmd_s([./gen-version number]))
+AC_SUBST(CONSERVER_DATE, m4_esyscmd_s([./gen-version date]))
+
 
 dnl ### Custom settings. ############################################
 dnl AC_MSG_CHECKING(whether to allow 64bit compilation)
@@ -49,7 +63,7 @@ dnl AC_MSG_RESULT($with_64bit)
 
 AC_MSG_CHECKING(for port number specification)
 AC_ARG_WITH(port,
-	AC_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
+	AS_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(DEFPORT, "conserver")
@@ -65,7 +79,7 @@ AC_ARG_WITH(port,
 
 AC_MSG_CHECKING(for secondary channel base port)
 AC_ARG_WITH(base,
-	AC_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
+	AS_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(DEFBASEPORT, "0")
@@ -81,7 +95,7 @@ AC_ARG_WITH(base,
 
 AC_MSG_CHECKING(for master conserver hostname)
 AC_ARG_WITH(master,
-	AC_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
+	AS_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(MASTERHOST, "console")
@@ -95,9 +109,29 @@ AC_ARG_WITH(master,
 	[AC_DEFINE_UNQUOTED(MASTERHOST, "console")
 	AC_MSG_RESULT('console')])
 
+AC_MSG_CHECKING(for client configuration filename)
+AC_ARG_WITH(ccffile,
+	AS_HELP_STRING([--with-ccffile=CFFILE],[Specify client config filename @<:@SYSCONFDIR/console.cf@:>@]),
+	[case "$withval" in
+	    yes|no)
+		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
+		AC_MSG_RESULT('$sysconfdir/console.cf')
+		;;
+	    [[\\/]]* | ?:[[\\/]]* )
+		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, ["$withval"])
+		AC_MSG_RESULT('$withval')
+		;;
+	    *)
+		AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/$withval"])
+		AC_MSG_RESULT('$sysconfdir/$withval')
+		;;
+	esac],
+	[AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
+	AC_MSG_RESULT('$sysconfdir/console.cf')])
+
 AC_MSG_CHECKING(for configuration filename)
 AC_ARG_WITH(cffile,
-	AC_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
+	AS_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/conserver.cf"])
@@ -117,7 +151,7 @@ AC_ARG_WITH(cffile,
 
 AC_MSG_CHECKING(for password filename)
 AC_ARG_WITH(pwdfile,
-	AC_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
+	AS_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/conserver.passwd"])
@@ -137,7 +171,7 @@ AC_ARG_WITH(pwdfile,
 
 AC_MSG_CHECKING(for log filename)
 AC_ARG_WITH(logfile,
-	AC_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
+	AS_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(LOGFILEPATH, "/var/log/conserver")
@@ -154,7 +188,7 @@ AC_ARG_WITH(logfile,
 AC_SUBST(PIDFILE)
 AC_MSG_CHECKING(for PID filename)
 AC_ARG_WITH(pidfile,
-	AC_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
+	AS_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
 	[case "$withval" in
 	    yes|no)
 		PIDFILE="/var/run/conserver.pid"
@@ -169,7 +203,7 @@ AC_MSG_RESULT('$PIDFILE')
 
 AC_MSG_CHECKING(for MAXMEMB setting)
 AC_ARG_WITH(maxmemb,
-	AC_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
+	AS_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
 	[case "$withval" in
 	    yes|no)
 		AC_DEFINE_UNQUOTED(MAXMEMB, 16)
@@ -191,7 +225,7 @@ AC_ARG_WITH(maxmemb,
 
 AC_MSG_CHECKING(for connect() timeout)
 AC_ARG_WITH(timeout,
-	AC_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
+	AS_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
 	[if expr "$withval" : '[[0-9]]*$' >/dev/null 2>&1 &&
 	    test "$withval" -gt 0 -a "$withval" -lt 300; then
 		AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, $withval)
@@ -205,7 +239,7 @@ AC_ARG_WITH(timeout,
 
 AC_MSG_CHECKING(whether to trust reverse DNS)
 AC_ARG_WITH(trustrevdns,
-	AC_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
+	AS_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE(TRUST_REVERSE_DNS)
@@ -218,7 +252,7 @@ AC_ARG_WITH(trustrevdns,
 
 AC_MSG_CHECKING(whether to display extended messages)
 AC_ARG_WITH(extmsgs,
-	AC_HELP_STRING([--with-extmsgs],[Produce extended messages]),
+	AS_HELP_STRING([--with-extmsgs],[Produce extended messages]),
 	[case "$withval" in
 	    yes)
 		AC_DEFINE(USE_EXTENDED_MESSAGES)
@@ -229,6 +263,35 @@ AC_ARG_WITH(extmsgs,
 		;;
 	esac],[AC_MSG_RESULT(no)])
 
+use_dash_r=no
+AC_MSG_CHECKING(whether to use -R paths as well as -L)
+AC_ARG_WITH(rpath,
+	AS_HELP_STRING([--with-rpath],[Use -R as well as -L for libraries]),
+	[case "$withval" in
+	    yes|no)
+		AC_MSG_RESULT($withval)
+		use_dash_r=$withval
+		;;
+	    *)
+		AC_MSG_RESULT(no)
+		;;
+	esac],
+	[AC_MSG_RESULT(no)])
+
+AC_MSG_CHECKING(whether we are building for a Cyclades TS)
+AC_ARG_WITH(cycladests,
+	AS_HELP_STRING([--with-cycladests],[(deprecated - noop) Build for a Cyclades TS]),
+	[case "$withval" in
+	    yes)
+		AC_DEFINE(FOR_CYCLADES_TS)
+		AC_MSG_RESULT(yes)
+		;;
+	    *)
+		AC_MSG_RESULT(no)
+		;;
+	esac],[AC_MSG_RESULT(no)])
+
+
 dnl ### Check for compiler et al. ###################################
 AC_PROG_CC
 AC_PROG_INSTALL
@@ -238,7 +301,6 @@ AC_PROG_MAKE_SET
 dnl ### Compiler characteristics. ##################################
 AC_AIX
 AC_C_CONST
-AC_C_PROTOTYPES
 
 dnl AC_CHECK_SIZEOF(long)
 dnl if test "$ac_cv_sizeof_long" -gt 4; then
@@ -258,7 +320,7 @@ if test "$ac_cv_sys_posix_termios" != "yes"; then
     AC_MSG_ERROR([POSIX termios interface required])
 fi
 
-AC_CHECK_HEADERS(unistd.h getopt.h sys/vlimit.h sys/resource.h ttyent.h sys/ttold.h sys/uio.h sys/ioctl_compat.h usersec.h sys/select.h stropts.h sys/audit.h shadow.h sys/time.h crypt.h sysexits.h types.h sys/sockio.h sys/param.h)
+AC_CHECK_HEADERS(unistd.h getopt.h sys/vlimit.h sys/resource.h ttyent.h sys/ttold.h sys/uio.h sys/ioctl_compat.h usersec.h sys/select.h stropts.h sys/audit.h shadow.h sys/time.h crypt.h sysexits.h types.h sys/sockio.h sys/param.h sys/un.h)
 dnl sys/proc.h needs sys/param.h on openbsd, apparently
 AC_CHECK_HEADERS(sys/proc.h, [], [],
 [#if HAVE_SYS_PARAM_H
@@ -271,6 +333,7 @@ AC_TYPE_MODE_T
 AC_TYPE_SIGNAL
 AC_TYPE_PID_T
 AC_TYPE_SIZE_T
+AC_TYPE_UID_T
 
 AC_CHECK_TYPE([sig_atomic_t],,
     AC_DEFINE(sig_atomic_t, volatile int,
@@ -314,13 +377,109 @@ AC_SEARCH_LIBS(crypt,crypt)
 AC_SUBST(CONSLIBS)
 AC_SUBST(CONSCPPFLAGS)
 AC_SUBST(CONSLDFLAGS)
+
+AC_MSG_CHECKING(whether to use Unix domain sockets)
+cons_with_uds="NO"
+AC_ARG_WITH(uds,
+	AS_HELP_STRING([--with-uds@<:@=DIR@:>@    ],
+	    [Use Unix domain sockets for client/server communication @<:@/tmp/conserver@:>@]),
+	[case "$withval" in
+	    yes)
+		AC_DEFINE_UNQUOTED(UDSDIR, "/tmp/conserver")
+		AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
+		AC_MSG_RESULT([/tmp/conserver])
+		cons_with_uds="YES"
+		;;
+	    no)
+		AC_MSG_RESULT(no)
+		;;
+	    *)
+		AC_DEFINE_UNQUOTED(UDSDIR, "$withval")
+		AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
+		AC_MSG_RESULT('$withval')
+		cons_with_uds="YES"
+		if expr "$withval" : '/' >/dev/null 2>&1; then
+		    :
+		else
+		    echo "*** WARNING *** you may have better success using a fully-qualified path"
+		    echo "*** WARNING *** instead of '$withval'"
+		fi
+		;;
+	esac
+	
+	if test $cons_with_uds = YES; then
+	    AC_MSG_CHECKING(whether to trust UDS credentials)
+	    AC_ARG_WITH(trust-uds-cred,
+		    AS_HELP_STRING([--with-trust-uds-cred],[Trust UDS credentials obtained via socket]),
+		    [case "$withval" in
+			yes)
+			    AC_TRY_COMPILE([#include <sys/types.h>
+				    #include <sys/socket.h>],
+				    [
+struct sockpeercred u;
+u.uid = 0;
+#if !defined(SO_PEERCRED)
+#error "no SO_PEERCRED defined"
+#endif
+				    ],
+				    [AC_MSG_RESULT(yes)
+				     AC_DEFINE(UDS_CRED_STYPE, sockpeercred, [Defined to UDS credential structure name])
+				     AC_DEFINE(UDS_CRED_UID, uid, [Defined to UDS credential structure uid field])
+				     AC_DEFINE(UDS_CRED_SO, SO_PEERCRED, [Defined to UDS credential socket option])
+				     AC_DEFINE(TRUST_UDS_CRED)],
+				    [
+					AC_TRY_COMPILE([#include <sys/types.h>
+						#include <sys/socket.h>],
+						[
+struct ucred u;
+u.euid = 0;
+#if !defined(SO_PEERCRED)
+#error "no SO_PEERCRED defined"
+#endif
+						],
+						[AC_MSG_RESULT(yes)
+						AC_DEFINE(UDS_CRED_STYPE, ucred, [Defined to UDS credential structure name])
+						AC_DEFINE(UDS_CRED_UID, uid, [Defined to UDS credential structure uid field])
+						AC_DEFINE(UDS_CRED_SO, SO_PEERCRED, [Defined to UDS credential socket option])
+						AC_DEFINE(TRUST_UDS_CRED)],
+						[
+							AC_TRY_COMPILE([#include <sys/types.h>
+								#include <sys/socket.h>],
+								[
+struct peercred_struct u;
+u.euid = 0;
+#if !defined(SO_PEERID)
+#error "no SO_PEERID defined"
+#endif
+								],
+								[AC_MSG_RESULT(yes)
+								 AC_DEFINE(UDS_CRED_STYPE, peercred_struct, [Defined to UDS credential structure name])
+								 AC_DEFINE(UDS_CRED_UID, euid, [Defined to UDS credential structure uid field])
+								 AC_DEFINE(UDS_CRED_SO, SO_PEERID, [Defined to UDS credential socket option])
+								 AC_DEFINE(TRUST_UDS_CRED)],
+								[AC_MSG_RESULT(no)]),
+						    ])
+				    ])
+			    ;;
+			*)
+			    AC_MSG_RESULT(no)
+			    ;;
+		    esac],[AC_MSG_RESULT(no)])
+	fi
+	],[AC_MSG_RESULT(no)])
+
+cons_with_libwrap="NO"
 AC_ARG_WITH(libwrap,
-    AC_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
+    AS_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
 	[Compile in libwrap (tcp_wrappers) support]),
     [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    WRAPCPPFLAGS="-I$withval/include"
-	    WRAPLDFLAGS="-L$withval/lib"
+	    if test "$use_dash_r" != "yes"; then
+		WRAPLDFLAGS="-L$withval/lib"
+	    else
+		WRAPLDFLAGS="-L$withval/lib -R$withval/lib"
+	    fi
 	else
 	    WRAPCPPFLAGS=""
 	    WRAPLDFLAGS=""
@@ -341,6 +500,7 @@ AC_ARG_WITH(libwrap,
 		int deny_severity  = 0;
 		],[hosts_access((void *)0)],
 		[AC_MSG_RESULT(yes)
+		 cons_with_libwrap="YES"
 		 AC_DEFINE(USE_LIBWRAP)
 		 CONSLIBS="$CONSLIBS -lwrap"
 		 CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
@@ -353,6 +513,7 @@ AC_ARG_WITH(libwrap,
 		    int deny_severity  = 0;
 		    ],[hosts_access((void *)0)],
 		    [AC_MSG_RESULT(yes)
+		     cons_with_libwrap="YES"
 		     AC_DEFINE(USE_LIBWRAP)
 		     CONSLIBS="$CONSLIBS -lwrap -lnsl"
 		     CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
@@ -364,13 +525,18 @@ AC_ARG_WITH(libwrap,
     fi]
 )
 
+cons_with_openssl="NO"
 AC_ARG_WITH(openssl,
-    AC_HELP_STRING([--with-openssl@<:@=PATH@:>@],
+    AS_HELP_STRING([--with-openssl@<:@=PATH@:>@],
 	[Compile in OpenSSL support]),
     [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    OPENSSLCPPFLAGS="-I$withval/include"
-	    OPENSSLLDFLAGS="-L$withval/lib"
+	    if test "$use_dash_r" != "yes"; then
+		OPENSSLLDFLAGS="-L$withval/lib"
+	    else
+		OPENSSLLDFLAGS="-L$withval/lib -R$withval/lib"
+	    fi
 	else
 	    OPENSSLCPPFLAGS=""
 	    OPENSSLLDFLAGS=""
@@ -388,8 +554,9 @@ AC_ARG_WITH(openssl,
 	    [LIBS="$LIBS -lssl -lcrypto"
 	    AC_MSG_CHECKING(for openssl libraries -lssl and -lcrypto)
 	    AC_TRY_LINK([#include <openssl/ssl.h>
-		],[SSL_library_init()],
+		],[SSL_CTX_new(NULL)],
 		[AC_MSG_RESULT(yes)
+		cons_with_openssl="YES"
 		AC_DEFINE(HAVE_OPENSSL)
 		have_openssl=yes],
 		[AC_MSG_RESULT(no)])],)
@@ -399,16 +566,169 @@ AC_ARG_WITH(openssl,
 	    CPPFLAGS="$oCPPFLAGS"
 	    LDFLAGS="$oLDFLAGS"
 	fi
+
+	AC_MSG_CHECKING(whether to require server cert)
+	AC_ARG_WITH(req-server-cert,
+		AS_HELP_STRING([--with-req-server-cert],[Require server SSL certificate by client]),
+		[case "$withval" in
+		    yes)
+			AC_DEFINE(REQ_SERVER_CERT)
+			AC_MSG_RESULT(yes)
+			;;
+		    *)
+			AC_MSG_RESULT(no)
+			;;
+		esac],[AC_MSG_RESULT(no)])
     fi]
 )
 
+cons_with_gssapi="NO"
+cons_strip_realm="NO"
+AC_ARG_WITH(gssapi,
+    AS_HELP_STRING([--with-gssapi@<:@=PATH@:>@],
+	[Compile in GSS-API support]),
+    [if test "$withval" != "no"; then
+	if test "$withval" != "yes"; then
+	    GSSAPICPPFLAGS="-I$withval/include"
+	    if test "$use_dash_r" != "yes"; then
+		GSSAPILDFLAGS="-L$withval/lib"
+	    else
+		GSSAPILDFLAGS="-L$withval/lib -R$withval/lib"
+	    fi
+	else
+	    GSSAPICPPFLAGS=""
+	    GSSAPILDFLAGS=""
+	fi
+
+	oCPPFLAGS="$CPPFLAGS"
+	oLDFLAGS="$LDFLAGS"
+	oLIBS="$LIBS"
+	have_gssapi=no
+
+	CPPFLAGS="$CPPFLAGS $GSSAPICPPFLAGS"
+	LDFLAGS="$LDFLAGS $GSSAPILDFLAGS"
+
+	AC_CHECK_HEADER([gssapi/gssapi.h],
+	    [LIBS="$oLIBS -lgssapi"
+	    AC_MSG_CHECKING(for gssapi library -lgssapi)
+	    AC_TRY_LINK([#include <gssapi/gssapi.h>
+			 #include <stdio.h>
+		],[gss_create_empty_oid_set(NULL, NULL)],
+		[AC_MSG_RESULT(yes)
+		cons_with_gssapi="YES"
+		AC_DEFINE(HAVE_GSSAPI)
+		have_gssapi=yes],
+		[AC_MSG_RESULT(no)
+		LIBS="$oLIBS -lgssglue"
+		AC_MSG_CHECKING(for gssapi library -lgssglue)
+		AC_TRY_LINK([#include <gssapi/gssapi.h>
+			     #include <stdio.h>
+		    ],[gss_create_empty_oid_set(NULL, NULL)],
+		    [AC_MSG_RESULT(yes)
+		    cons_with_gssapi="YES"
+		    AC_DEFINE(HAVE_GSSAPI)
+		    have_gssapi=yes],
+		    [AC_MSG_RESULT(no)
+		    LIBS="$oLIBS -lgss"
+		    AC_MSG_CHECKING(for gssapi library -lgss)
+		    AC_TRY_LINK([#include <gssapi/gssapi.h>
+				 #include <stdio.h>
+			],[gss_create_empty_oid_set(NULL, NULL)],
+			[AC_MSG_RESULT(yes)
+			cons_with_gssapi="YES"
+			AC_DEFINE(HAVE_GSSAPI)
+			have_gssapi=yes],
+			[AC_MSG_RESULT(no)
+			LIBS="$oLIBS -lgssapi_krb5"
+			AC_MSG_CHECKING(for gssapi library -lgssapi_krb5)
+			AC_TRY_LINK([#include <gssapi/gssapi.h>
+			],[gss_create_empty_oid_set(NULL, NULL)],
+			[AC_MSG_RESULT(yes)
+			cons_with_gssapi="YES"
+			AC_DEFINE(HAVE_GSSAPI)
+			have_gssapi=yes],
+			[AC_MSG_RESULT(no)])])])])],)
+
+
+	if test $have_gssapi = no; then
+	    LIBS="$oLIBS"
+	    CPPFLAGS="$oCPPFLAGS"
+	    LDFLAGS="$oLDFLAGS"
+	else
+	    AC_MSG_CHECKING(whether to fallback to username without @REALM)
+	    AC_ARG_WITH(striprealm,
+		    AS_HELP_STRING([--with-striprealm],[retry username without @REALM with gss-api authentication]),
+		    [case "$withval" in
+			yes)
+			    AC_DEFINE(STRIP_REALM)
+			    AC_MSG_RESULT(yes)
+			    cons_strip_realm="YES"
+			    ;;
+			*)
+			    AC_MSG_RESULT(no)
+			    ;;
+		    esac],[AC_MSG_RESULT(no)])
+	fi
+    fi]
+)
+
+cons_with_freeipmi="NO"
+AC_ARG_WITH(freeipmi,
+    AS_HELP_STRING([--with-freeipmi@<:@=PATH@:>@],
+	[Compile in FreeIPMI support]),
+    [if test "$withval" != "no"; then
+	if test "$withval" != "yes"; then
+	    FREEIPMICPPFLAGS="-I$withval/include"
+	    if test "$use_dash_r" != "yes"; then
+		FREEIPMILDFLAGS="-L$withval/lib"
+	    else
+		FREEIPMILDFLAGS="-L$withval/lib -R$withval/lib"
+	    fi
+	else
+	    FREEIPMICPPFLAGS=""
+	    FREEIPMILDFLAGS=""
+	fi
+
+	oCPPFLAGS="$CPPFLAGS"
+	oLDFLAGS="$LDFLAGS"
+	oLIBS="$LIBS"
+	have_freeipmi=no
+
+	CPPFLAGS="$CPPFLAGS $FREEIPMICPPFLAGS"
+	LDFLAGS="$LDFLAGS $FREEIPMILDFLAGS"
+
+	AC_CHECK_HEADER([ipmiconsole.h],
+	    [LIBS="$LIBS -lipmiconsole"
+	    AC_MSG_CHECKING(for freeipmi libraries -lipmiconsole)
+	    AC_TRY_LINK([#include <ipmiconsole.h>
+		],[ipmiconsole_ctx_fd(0)],
+		[AC_MSG_RESULT(yes)
+		cons_with_freeipmi="YES"
+		AC_DEFINE(HAVE_FREEIPMI)
+		CONSLIBS="$CONSLIBS -lipmiconsole"
+		have_freeipmi=yes],
+		[AC_MSG_RESULT(no)])],)
+
+	LIBS="$oLIBS"
+	if test $have_freeipmi = no; then
+	    CPPFLAGS="$oCPPFLAGS"
+	    LDFLAGS="$oLDFLAGS"
+	fi
+    fi]
+)
+
+cons_with_dmalloc="NO"
 AC_ARG_WITH(dmalloc,
-    AC_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
+    AS_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
 	[Compile in dmalloc support]),
     [if test "$withval" != "no"; then
 	if test "$withval" != "yes"; then
 	    DMALLOCCPPFLAGS="-I$withval/include"
-	    DMALLOCLDFLAGS="-L$withval/lib"
+	    if test "$use_dash_r" != "yes"; then
+		DMALLOCLDFLAGS="-L$withval/lib"
+	    else
+		DMALLOCLDFLAGS="-L$withval/lib -R$withval/lib"
+	    fi
 	else
 	    DMALLOCCPPFLAGS=""
 	    DMALLOCLDFLAGS=""
@@ -428,6 +748,7 @@ AC_ARG_WITH(dmalloc,
 	    AC_TRY_LINK([#include <dmalloc.h>
 		],[dmalloc_debug(0)],
 		[AC_MSG_RESULT(yes)
+		cons_with_dmalloc="YES"
 		AC_DEFINE(HAVE_DMALLOC)
 		have_dmalloc=yes],
 		[AC_MSG_RESULT(no)])],)
@@ -476,9 +797,10 @@ dnl 	else
 dnl 	    AC_MSG_RESULT(no)
 dnl 	fi],[AC_MSG_RESULT(no)])
 
+cons_with_pam="NO"
 AC_MSG_CHECKING(for PAM support)
 AC_ARG_WITH(pam,
-    AC_HELP_STRING([--with-pam],
+    AS_HELP_STRING([--with-pam],
 	[Enable PAM support]),
 	[if test "$withval" = yes; then
 	    oLIBS="$LIBS"
@@ -488,6 +810,7 @@ AC_ARG_WITH(pam,
 		AC_MSG_CHECKING(for PAM library -lpam)
 		AC_TRY_LINK_FUNC([pam_start],
 		    [AC_MSG_RESULT(yes)
+		    cons_with_pam="YES"
 		    AC_DEFINE(HAVE_PAM)
 		    CONSLIBS="$CONSLIBS -lpam"],
 		    [LIBS="$LIBS -ldl"
@@ -495,6 +818,7 @@ AC_ARG_WITH(pam,
 		    AC_MSG_CHECKING(for PAM library -lpam with -ldl)
 		    AC_TRY_LINK_FUNC([pam_end],
 			[AC_MSG_RESULT(yes)
+			cons_with_pam="YES"
 			AC_DEFINE(HAVE_PAM)
 			CONSLIBS="$CONSLIBS -lpam -ldl"],
 			[AC_MSG_RESULT(no)])])],)
@@ -504,6 +828,23 @@ AC_ARG_WITH(pam,
 	    AC_MSG_RESULT(no)
 	fi],[AC_MSG_RESULT(no)])
 
+cons_with_ipv6="NO"
+AC_MSG_CHECKING(whether to support IPv6)
+AC_ARG_WITH(ipv6,
+	AS_HELP_STRING([--with-ipv6],
+	    [(experimental) Use IPv6 for client/server communication]),
+	[case "$withval" in
+	    yes)
+		AC_DEFINE(USE_IPV6)
+		AC_MSG_RESULT(yes)
+		cons_with_ipv6="YES"
+		;;
+	    *)
+		AC_MSG_RESULT(no)
+		;;
+	esac],[AC_MSG_RESULT(no)])
+
+
 dnl Checks for pty allocation...
 dnl According to the xemacs distribution:
 dnl   getpt()  is the preferred pty allocation method on glibc systems.
@@ -519,8 +860,7 @@ AC_CHECK_HEADERS(pty.h libutil.h util.h)
 AC_CHECK_LIB(util, openpty)
 AC_CHECK_FUNCS(openpty)
 
-AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle)
+AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle gettimeofday strlcpy closefrom nanosleep)
-AC_FUNC_SETPGRP
 AC_CHECK_FUNC(strcasecmp,
 	[AC_DEFINE(HAVE_STRCASECMP, 1, [Define if strcasecmp is available])],
 	[AC_CHECK_FUNC(stricmp,
@@ -536,4 +876,24 @@ AC_CHECK_FUNCS(getaudit getaudit_addr)
 dnl ### Create output files. #######################################
 AC_CONFIG_FILES([Makefile conserver/Makefile conserver.cf/Makefile console/Makefile autologin/Makefile contrib/chat/Makefile])
 AC_CONFIG_FILES([conserver/conserver.rc], [chmod +x conserver/conserver.rc])
+AC_CONFIG_FILES([conserver.cf/conserver.cf.man conserver.cf/conserver.passwd.man conserver/conserver.man console/console.man])
 AC_OUTPUT
+
+[
+echo "=============================================================="
+echo "                      Feature Summary"
+echo ""
+echo "  Unix domain sockets (--with-uds)       : $cons_with_uds"
+echo "         TCP wrappers (--with-libwrap)   : $cons_with_libwrap"
+echo "              OpenSSL (--with-openssl)   : $cons_with_openssl"
+echo "              GSS-API (--with-gssapi)    : $cons_with_gssapi"
+echo "             FreeIPMI (--with-freeipmi)  : $cons_with_freeipmi"
+if [ $cons_with_gssapi = "YES" ]; then
+echo "         strip @REALM (--with-striprealm): $cons_strip_realm"
+fi
+echo "              dmalloc (--with-dmalloc)   : $cons_with_dmalloc"
+echo "          PAM support (--with-pam)       : $cons_with_pam"
+echo "         IPv6 support (--with-ipv6)      : $cons_with_ipv6"
+echo ""
+echo "=============================================================="
+]

conserver.cf/INSTALL

@@ -1,11 +1,7 @@
 The two files you need to set up are the conserver.cf and conserver.passwd
-files.  See the sample conserver.cf and conserver.passwd files
+files.  See the sample conserver.cf and conserver.passwd files for examples
-for examples.  You can start with those and then modify extensively.
+(installed in <DATADIR>/examples/conserver).  You can start with those and
-The man page for conserver.cf and conserver.passwd should explain the
+then modify extensively.  The man page for conserver.cf and conserver.passwd
-files with enough detail to get you going.
+should explain the files with enough detail to get you going.
 
 That's about it.  Good luck.
-
-#
-#  $Id: INSTALL,v 1.3 2003/07/04 18:21:21 bryan Exp $
-#

conserver.cf/Makefile.in

@@ -1,4 +1,5 @@
 ### Path settings
+datarootdir = @datarootdir@
 srcdir = @srcdir@
 prefix = @prefix@
 mandir = @mandir@
@@ -24,8 +25,8 @@ distclean: clean
 
 install:
 	$(MKDIR) $(DESTDIR)$(mandir)/man5
-	$(INSTALL) conserver.cf.man $(DESTDIR)$(mandir)/man5/conserver.cf.5
+	$(INSTALL) -m 0644 conserver.cf.man $(DESTDIR)$(mandir)/man5/conserver.cf.5
-	$(INSTALL) conserver.passwd.man $(DESTDIR)$(mandir)/man5/conserver.passwd.5
+	$(INSTALL) -m 0644 conserver.passwd.man $(DESTDIR)$(mandir)/man5/conserver.passwd.5
 	$(MKDIR) $(DESTDIR)$(exampledir)
 	$(INSTALL) -m 0644 conserver.cf $(DESTDIR)$(exampledir)
 	$(INSTALL) -m 0644 conserver.passwd $(DESTDIR)$(exampledir)

conserver.cf/conserver.passwd.man.in

@@ -1,5 +1,4 @@
-.\" $Id: conserver.passwd.man,v 1.10 2004/01/08 16:12:33 bryan Exp $
+.TH CONSERVER.PASSWD 5 "@CONSERVER_DATE@" "conserver-@CONSERVER_VERSION@" "conserver"
-.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.3" "conserver"
 .SH NAME
 conserver.passwd \- user access information for
 .BR conserver (8)

conserver.cf/label.ps

@@ -1,5 +1,4 @@
 %!PS-Adobe-2.0 EPSF-1.2
-%%$Id: label.ps,v 1.1 2003/11/04 02:36:26 bryan Exp $
 %%Title: RJ-11
 %%Creator: A Braunsdorf
 %%CreationDate: 

conserver.cf/test.cf

@@ -1,7 +1,5 @@
 # dummy conserver config file
 #
-# $Id: test.cf,v 1.2 2003/07/04 18:04:05 bryan Exp $
-#
 default full {
 	rw *;
 }

conserver.html

@@ -1,273 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-
-<HTML>
-  <HEAD>
-    <META name="generator" content=
-    "HTML Tidy for Solaris (vers 1st May 2002), see www.w3.org">
-    <META name="keywords" content=
-    "conserver,serial,console,serial console,unix,tty,ttya,ttyb, rs-232,rs232,bryan stansell,stansell,console server,terminal server,headless">
-    <META name="author" content=
-    "Bryan Stansell &lt;bryan@conserver.com&gt;">
-    <LINK rel="SHORTCUT ICON" href="conserver.ico">
-    <LINK rel="icon" href="conserver.ico">
-
-    <TITLE>Conserver</TITLE>
-
-    <STYLE type="text/css">
- body {
-  background-color: #EEEEEE;
-  color: black;
- }
-    </STYLE>
-  </HEAD>
-
-  <BODY>
-    <TABLE summary="Logo" bgcolor="black" width="100%" align=
-    "center">
-      <TR>
-        <TD align="center"><IMG src="conserver.jpg" alt=
-        "Conserver"><BR>
-        </TD>
-      </TR>
-    </TABLE>
-
-    <TABLE summary="Conserver Page" width="80%" align="center">
-      <TR>
-        <TD colspan="2" align="center">Please pick your closest
-        mirror: &nbsp;&nbsp;<A href=
-        "http://planetmirror.com/pub/conserver/">Australia</A>
-        &nbsp;&nbsp;<A href="http://www.conserver.com/">US
-        (Primary)</A><BR>
-        <BR>
-        </TD>
-      </TR>
-
-      <TR>
-        <TD>
-        <!-- empty cell here, then search box on right spans two rows,
-             then we have the text that appears on the left, so things
-             appear in the right order so they look right in lynx
-        -->
-        </TD>
-
-        <TD rowspan="2" align="right">
-          <FORM method="post" action=
-          "http://www.conserver.com/cgi-bin/htsearch">
-            <INPUT type="HIDDEN" name="method" value="and"> <INPUT
-            type="HIDDEN" name="format" value="builtin-long">
-            <INPUT type="HIDDEN" name="sort" value="score"> <INPUT
-            type="HIDDEN" name="config" value="conserver.com">
-            <INPUT type="HIDDEN" name="restrict" value=""> <INPUT
-            type="HIDDEN" name="exclude" value=""> <INPUT type=
-            "TEXT" size="20" name="words" value=""> <INPUT type=
-            "SUBMIT" value="Search">
-          </FORM>
-        </TD>
-      </TR>
-
-      <TR>
-        <TD>
-          <H3>What is conserver?</H3>
-        </TD>
-      </TR>
-
-      <TR>
-        <TD colspan="2">
-          <P>From an email I once sent...</P>
-
-          <P>Conserver is an application that allows multiple users
-          to watch a serial console at the same time. It can log
-          the data, allows users to take write-access of a console
-          (one at a time), and has a variety of bells and whistles
-          to accentuate that basic functionality. The idea is that
-          conserver will log all your serial traffic so you can go
-          back and review why something crashed, look at changes
-          (if done on the console), or tie the console logs into a
-          monitoring system (just watch the logfiles it creates).
-          With multi-user capabilities you can work on equipment
-          with others, mentor, train, etc. It also does all that
-          client-server stuff so that, assuming you have a network
-          connection, you can interact with any of the equipment
-          from home or wherever.</P>
-
-          <H3>The FAQ</H3>
-          Here's the conserver <A href="FAQ">FAQ</A>. Got any
-          additions? Let me know. 
-
-          <H3>Mailing Lists</H3>
-
-          <P>There are currently two mailing lists available. <A
-          href=
-          "mailto:announce@conserver.com">announce@conserver.com</A>
-          is an announcement-only mailing list for informing of new
-          versions, major developments, etc. <A href=
-          "mailto:users@conserver.com">users@conserver.com</A> is
-          for general Q&amp;A, discussions, ideas, etc. for
-          conserver users. You can sign up by sending a message to
-          <A href=
-          "mailto:announce-request@conserver.com">announce-request@conserver.com</A>
-          or <A href=
-          "mailto:users-request@conserver.com">users-request@conserver.com</A>
-          with a subject of "subscribe" or head over to the online
-          <A href="https://www.conserver.com/mailman/listinfo">web
-          pages</A>.</P>
-
-          <H3>Origin</H3>
-
-          <P>The console server software found here is a heavily
-          modified version originally written by <A href=
-          "http://hea-www.harvard.edu/~fine/">Tom Fine</A> (<A
-          href=
-          "mailto:fine@head-cfa.harvard.edu">fine@head-cfa.harvard.edu</A>)
-          at <A href="http://www.ohio-state.edu/">Ohio State</A>
-          and then Kevin S Braunsdorf (<A href=
-          "mailto:ksb+conserver@sa.fedex.com">ksb+conserver@sa.fedex.com</A>)
-          at <A href="http://www.purdue.edu/">Purdue
-          University</A>. Patches from Robert Olson (<A href=
-          "mailto:olson@mcs.anl.gov">olson@mcs.anl.gov</A>) at <A
-          href="http://www.anl.gov/">Argonne National
-          Laboratory</A> were then applied to get network console
-          support.</P>
-
-          <P>Arnold de Leon (<A href=
-          "mailto:arnold@corp.webtv.net">arnold@corp.webtv.net</A>)
-          then fixed various bugs and added enhancements while at
-          <A href="http://www.synopsys.com/">Synopsys</A>. I then
-          took the result, continued fixing things, and added
-          features we found useful.</P>
-
-          <P><A href="http://www.gnac.com/">GNAC</A> (Global
-          Networking and Computing - currently <A href=
-          "http://www.certaintysolutions.com/">Certainty
-          Solutions</A>) has been supporting my coding efforts (in
-          too many ways to list) since 1996.</P>
-
-          <H3>The conserver.com Distribution</H3>
-
-          <P>The result is a combination of many people's work.
-          This version is being released in hopes that it will help
-          others. There is no warranty or support implied by the
-          distribution of the software.</P>
-
-          <P>So, what the heck is up with all the different
-          conserver versions? Well, the original authors are
-          continuing to distribute their own threads of the
-          software so you have three main threads (as far as I
-          know). First, there's Tom Fine's thread at <A href=
-          "http://hea-www.harvard.edu/~fine/Tech/console-server.html">
-          http://hea-www.harvard.edu/~fine/Tech/console-server.html</A>.
-          He isn't actively developing it, however, according to
-          the website. Next, there's Kevin Braunsdorf's version at
-          <A href=
-          "ftp://ftp.physics.purdue.edu/pub/pundits/">ftp://ftp.physics.purdue.edu/pub/pundits/</A>.
-          It doesn't look like Kevin is working on his thread ony
-          more either. No new versions have been out since August
-          2000 (version 8.5), but maybe this info will be out of
-          date by the time you read this (I last checked Feb 10,
-          2004). Lastly, the conserver.com version is based on
-          Kevin's "5.21-Beta" distribution, but since
-          <B>HEAVILY</B> modified and enhanced (more details in the
-          "Origin" section above).</P>
-
-          <P>If I were looking for a conserver package I would
-          definitely use the conserver.com distribution. Why? It's
-          actively maintained, has many more features than the
-          other versions (see <A href="CHANGES">CHANGES</A> for a
-          semi-scary history), and has an active user community.
-          Kevin's version does have UPS support (basic serial port
-          line toggling bits) which is missing in the conserver.com
-          version, but no one has asked me for it, so does anyone
-          actually need it?</P>
-
-          <H3>Downloading</H3>
-
-          <P>The current version, released on Mar 22, 2004, is <A
-          href="8.1.3.tar.gz">8.1.3.tar.gz</A>. You can get it via
-          <A href=
-          "ftp://ftp.conserver.com/conserver/8.1.3.tar.gz">FTP</A>
-          or <A href="8.1.3.tar.gz">HTTP</A>. See the <A href=
-          "CHANGES">CHANGES</A> file for information on the latest
-          updates.</P>
-
-          <P>As of version 6.1.7, the packaging and numbering
-          scheme has changed. I used to package conserver as
-          conserver-GNAC-v.vv. Since <A href=
-          "http://www.gnac.com/">GNAC</A> (now <A href=
-          "http://www.certaintysolutions.com/">Certainty
-          Solutions</A>) has changed its name I've decided to drop
-          the GNAC portion and use a three-digit version number
-          (conserver-v.v.v). Why change the version numbering? I
-          need to differentiate this thread of the code from the
-          original authors' and I couldn't come up with a good
-          replacement for the GNAC name - sad, but true.</P>
-
-          <H3>Installation</H3>
-
-          <P>Check the <A href="INSTALL">INSTALL</A> file for
-          instructions.</P>
-
-          <H3>Online Documentation</H3>
-
-          <P>I've put a small set of documentation <A href=
-          "docs/">here</A>. I'm hoping to expand it over time.</P>
-
-          <H3>Systems Tested</H3>
-
-          <P>Here's a list of systems that I've been told can
-          successfully compile conserver. If anyone has more to add
-          to this list (or something on the list doesn't work any
-          more), please let me know.</P>
-
-          <UL>
-            <LI>AIX 4.3.3/5.1/5.2, native cc</LI>
-
-            <LI>BSDI BSD/OS 3.X, gcc</LI>
-
-            <LI>Cygwin (w2k),gcc 2.95.3</LI>
-
-            <LI>DEC Tru64 4.0, gcc</LI>
-
-            <LI>DEC Tru64 4.0/5.1, native cc</LI>
-
-            <LI>FreeBSD 4.2/4.8/5.1 (x86), gcc</LI>
-
-            <LI>HP-UX 10.20, gcc</LI>
-
-            <LI>HP-UX 11.10 parisc and ia64, native cc</LI>
-
-            <LI>Irix 6.15, native cc</LI>
-
-            <LI>Linux 2.2.18 (x86), gcc</LI>
-
-            <LI>Linux 2.4.2 (x86), gcc</LI>
-
-            <LI>Linux ia64, native gcc</LI>
-
-            <LI>Linux RedHat 6.2 and 7.2 (x86), native gcc</LI>
-
-            <LI>MacOS X, native gcc</LI>
-
-            <LI>Solaris 2.5.1 thru 9 (sparc/x86), gcc</LI>
-
-            <LI>Solaris 7/8, native cc</LI>
-          </UL>
-
-          <H3>Other Good Information</H3>
-
-          <P>Zonker Harris has fabulous documents regarding the
-          hookup of consoles to terminal servers and other such
-          devices. His <A href="consoles/">Greater Scroll of
-          Console Knowledge</A> is a great place to start.</P>
-          <HR noshade>
-
-          <ADDRESS>
-            Bryan Stansell (<A href=
-            "mailto:bryan@conserver.com">bryan@conserver.com</A>)<BR>
-
-          </ADDRESS>
-        </TD>
-      </TR>
-    </TABLE>
-  </BODY>
-</HTML>
-

conserver/Makefile.in

@@ -1,5 +1,7 @@
 ### Path settings
+datarootdir = @datarootdir@
 srcdir = @srcdir@
+VPATH = @srcdir@
 top_srcdir = @top_srcdir@
 prefix = @prefix@
 exec_prefix = @exec_prefix@
@@ -7,6 +9,8 @@ sbindir = @sbindir@
 sysconfdir = @sysconfdir@
 mandir = @mandir@
 datadir = @datadir@
+libdir = @libdir@
+pkglibdir = $(libdir)/conserver
 exampledir = $(datadir)/examples/conserver
 
 ### Installation programs and flags
@@ -60,8 +64,10 @@ install: conserver
 	$(MKDIR) $(DESTDIR)$(sbindir)
 	$(INSTALL_PROGRAM) conserver $(DESTDIR)$(sbindir)
 	$(MKDIR) $(DESTDIR)$(mandir)/man8
-	$(INSTALL) conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
+	$(INSTALL) -m 0644 conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
 	$(MKDIR) $(DESTDIR)$(exampledir)
 	$(INSTALL) conserver.rc $(DESTDIR)$(exampledir)
+	$(MKDIR) $(DESTDIR)$(pkglibdir)
+	$(INSTALL) convert $(DESTDIR)$(pkglibdir)/convert
 
 .PHONY: clean distclean install

conserver/Sun-serial

@@ -1,5 +1,3 @@
-# $Id: Sun-serial,v 1.1 2003/11/04 02:36:25 bryan Exp $
-
 If you are going to be hooking Sun consoles to your console server, you
 will run into a problem:  The sun will halt whenever the cable is unplugged.
 It will also halt when the the console server is powered off and on.  To

conserver/access.c

@@ -1,6 +1,4 @@
 /*
- *  $Id: access.c,v 5.71 2003/11/20 13:56:38 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -44,6 +42,12 @@
 #include <readcfg.h>
 #include <main.h>
 
+#if USE_IPV6
+# include <net/if.h>
+# include <ifaddrs.h>
+# include <sys/socket.h>
+# include <netdb.h>
+#endif
 
 /* Compare an Internet address (IPv4 expected), with an address pattern
  * passed as a character string representing an address in the Internet
@@ -58,13 +62,7 @@
  * Returns 0 if the addresses match, else returns 1.
  */
 int
-#if PROTOTYPES
 AddrCmp(struct in_addr *addr, char *pattern)
-#else
-AddrCmp(addr, pattern)
-    struct in_addr *addr;
-    char *pattern;
-#endif
 {
     in_addr_t hostaddr, pattern_addr, netmask;
     char *p, *slash_posn;
@@ -125,29 +123,84 @@ AddrCmp(addr, pattern)
 /* return the access type for a given host entry			(ksb)
  */
 char
-#if PROTOTYPES
+AccType(INADDR_STYPE *addr, char **peername)
-AccType(struct in_addr *addr, char **peername)
-#else
-AccType(addr, peername)
-    struct in_addr *addr;
-    char **peername;
-#endif
 {
     ACCESS *pACtmp;
     socklen_t so;
+    char ret;
+#if USE_IPV6
+    int error;
+    char host[NI_MAXHOST];
+    char ipaddr[NI_MAXHOST];
+#else
     struct hostent *he = (struct hostent *)0;
     int a;
-    char ret;
+# if TRUST_REVERSE_DNS
-#if TRUST_REVERSE_DNS
     char **revNames = (char **)0;
-#endif
+# endif
 
     CONDDEBUG((1, "AccType(): ip=%s", inet_ntoa(*addr)));
+#endif /* USE_IPV6 */
 
     ret = config->defaultaccess;
     so = sizeof(*addr);
 
-#if TRUST_REVERSE_DNS
+#if USE_IPV6
+    /*
+     * XXX where is the TRUST_REVERSE_DNS support for IPv6???
+     *
+     * XXX IPv4 should use getnameinfo() et al as well
+     * (if available, they are in IEEE Std 1003.1g-2000)
+     */
+    error =
+	getnameinfo((struct sockaddr *)addr, so, ipaddr, sizeof(ipaddr),
+		    NULL, 0, NI_NUMERICHOST);
+    if (error) {
+	Error("AccType(): getnameinfo failed: %s", gai_strerror(error));
+	goto common_ret;
+    }
+    CONDDEBUG((1, "AccType(): ip=%s (%s)", ipaddr,
+	       addr->ss_family == AF_UNSPEC ? "AF_UNSPEC" : 
+	       addr->ss_family == AF_LOCAL ? "AF_LOCAL" : 
+	       addr->ss_family == AF_INET ? "AF_INET" : 
+	       addr->ss_family == AF_INET6 ? "AF_INET6" : "IF_???"));
+
+    error =
+	getnameinfo((struct sockaddr *)addr, so, host, sizeof(host), NULL,
+		    0, 0);
+    if (!error)
+	CONDDEBUG((1, "AccType(): host=%s", host));
+
+    for (pACtmp = pACList; pACtmp != (ACCESS *)0; pACtmp = pACtmp->pACnext) {
+	CONDDEBUG((1, "AccType(): who=%s, trust=%c", pACtmp->pcwho,
+		   pACtmp->ctrust));
+	if (addr->ss_family == AF_INET && pACtmp->isCIDR != 0) {
+	    if (AddrCmp
+		(&(((struct sockaddr_in *)addr)->sin_addr),
+		 pACtmp->pcwho) == 0) {
+		ret = pACtmp->ctrust;
+		goto common_ret;
+	    }
+	    continue;
+	}
+
+	if (strstr(ipaddr, pACtmp->pcwho) != NULL) {
+	    CONDDEBUG((1, "AccType(): match for ip=%s", ipaddr));
+	    ret = pACtmp->ctrust;
+	    goto common_ret;
+	}
+
+	if (!error && strstr(host, pACtmp->pcwho) != NULL) {
+	    CONDDEBUG((1, "AccType(): match for host=%s", host));
+	    ret = pACtmp->ctrust;
+	    goto common_ret;
+	}
+    }
+  common_ret:
+    if (config->loghostnames == FLAGTRUE && !error)
+	*peername = StrDup(host);
+#else  /* !USE_IPV6 */
+# if TRUST_REVERSE_DNS
     /* if we trust reverse dns, we get the names associated with
      * the address we're checking and then check each of those
      * against the access list entries (below).
@@ -171,12 +224,13 @@ AccType(addr, peername)
 		     hname = he->h_aliases[a++]) {
 		    if ((revNames[a] = StrDup(hname)) == (char *)0)
 			break;
-		    CONDDEBUG((1,"AccType(): revNames[%d]='%s'", a, hname));
+		    CONDDEBUG((1, "AccType(): revNames[%d]='%s'", a,
+			       hname));
 		}
 	    }
 	}
     }
-#endif
+# endif
 
     for (pACtmp = pACList; pACtmp != (ACCESS *)0; pACtmp = pACtmp->pACnext) {
 	CONDDEBUG((1, "AccType(): who=%s, trust=%c", pACtmp->pcwho,
@@ -202,20 +256,20 @@ AccType(addr, peername)
 			   inet_ntoa(*(struct in_addr *)
 				     (he->h_addr_list[a]))));
 		if (
-#if HAVE_MEMCMP
+# if HAVE_MEMCMP
 		       memcmp(&(addr->s_addr), he->h_addr_list[a],
 			      he->h_length)
-#else
+# else
 		       bcmp(&(addr->s_addr), he->h_addr_list[a],
 			    he->h_length)
-#endif
+# endif
 		       == 0) {
 		    ret = pACtmp->ctrust;
 		    goto common_ret;
 		}
 	    }
 	}
-#if TRUST_REVERSE_DNS
+# if TRUST_REVERSE_DNS
 	/* we chop bits off client names so that we can put domain
 	 * names in access lists or even top-level domains.
 	 *    allowed conserver.com, net;
@@ -244,53 +298,106 @@ AccType(addr, peername)
 		}
 	    }
 	}
-#endif
+# endif
     }
 
   common_ret:
     if (config->loghostnames == FLAGTRUE && peername != (char **)0) {
-#if TRUST_REVERSE_DNS
+# if TRUST_REVERSE_DNS
 	if (revNames != (char **)0 && revNames[0] != (char *)0)
 	    *peername = StrDup(revNames[0]);
-#else
+# else
 	if ((he =
 	     gethostbyaddr((char *)addr, so,
 			   AF_INET)) != (struct hostent *)0) {
 	    *peername = StrDup(he->h_name);
 	}
-#endif
+# endif
     }
-#if TRUST_REVERSE_DNS
+# if TRUST_REVERSE_DNS
   common_ret2:
     if (revNames != (char **)0) {
 	for (a = 0; revNames[a] != (char *)0; a++)
 	    free(revNames[a]);
 	free(revNames);
     }
-#endif
+# endif
+#endif /* USE_IPV6 */
     return ret;
 }
 
 void
-#if PROTOTYPES
+SetDefAccess(
-SetDefAccess(struct in_addr *pAddr, char *pHost)
+#if USE_IPV6
+		void
 #else
-SetDefAccess(pAddr, pHost)
+		struct in_addr *pAddr, char *pHost
-    struct in_addr *pAddr;
-    char *pHost;
 #endif
+    )
 {
-    char *pcDomain;
-    char *addr;
     ACCESS *a;
+#if USE_IPV6
+    int error;
+    char addr[NI_MAXHOST];
+    struct ifaddrs *myAddrs, *ifa;
+#endif /* USE_IPV6 */
 
+    while (pACList != (ACCESS *)0) {
+	a = pACList->pACnext;
+	DestroyAccessList(pACList);
+	pACList = a;
+    }
+
+#if USE_IPV6
+    /* get list of all addresses on system */
+    error = getifaddrs(&myAddrs);
+    if (error) {
+	Error("SetDefAccess(): getifaddrs: %s", strerror(errno));
+	return;
+    }
+
+    for (ifa = myAddrs; ifa != NULL; ifa = ifa->ifa_next) {
+	/* skip interfaces without address or in down state */
+	if (ifa->ifa_addr == NULL || !(ifa->ifa_flags & IFF_UP))
+	    continue;
+
+	error =
+	    getnameinfo(ifa->ifa_addr, sizeof(struct sockaddr_storage),
+			addr, sizeof(addr), NULL, 0, NI_NUMERICHOST);
+	if (error)
+	    continue;
+
+	if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
+	    OutOfMem();
+	if ((a->pcwho = StrDup(addr)) == (char *)0)
+	    OutOfMem();
+
+	a->ctrust = config->defaultaccess;
+	a->pACnext = pACList;
+	pACList = a;
+
+	CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
+		   pACList->pcwho));
+    }
+    freeifaddrs(myAddrs);
+#elif USE_UNIX_DOMAIN_SOCKETS
+    if ((pACList = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
+	OutOfMem();
+    if ((pACList->pcwho = StrDup("127.0.0.1")) == (char *)0)
+	OutOfMem();
+    pACList->ctrust = config->defaultaccess;
+    CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
+	       pACList->pcwho));
+#else
     while (pAddr->s_addr != (in_addr_t) 0) {
+	char *addr;
+
 	addr = inet_ntoa(*pAddr);
 	if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
 	    OutOfMem();
 	if ((a->pcwho = StrDup(addr)) == (char *)0)
 	    OutOfMem();
-	a->ctrust = 'a';
+	a->ctrust = config->defaultaccess;
 	a->pACnext = pACList;
 	pACList = a;
 
@@ -298,30 +405,11 @@ SetDefAccess(pAddr, pHost)
 		   pACList->pcwho));
 	pAddr++;
     }
-
+#endif
-    if ((char *)0 == (pcDomain = strchr(pHost, '.')))
-	return;
-    ++pcDomain;
-
-    if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
-	OutOfMem();
-    if ((a->pcwho = StrDup(pcDomain)) == (char *)0)
-	OutOfMem();
-    a->ctrust = 'a';
-    a->pACnext = pACList;
-    pACList = a;
-
-    CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
-	       pACList->pcwho));
 }
 
 void
-#if PROTOTYPES
 DestroyAccessList(ACCESS *pACList)
-#else
-DestroyAccessList(pACList)
-    ACCESS *pACList;
-#endif
 {
     if (pACList == (ACCESS *)0)
 	return;

conserver/access.h

@@ -1,6 +1,4 @@
 /*
- *  $Id: access.h,v 5.26 2003/08/10 18:11:20 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -44,6 +42,12 @@ typedef struct access {
     struct access *pACnext;	/* next access list                     */
 } ACCESS;
 
-extern char AccType PARAMS((struct in_addr *, char **));
+extern char AccType(INADDR_STYPE *, char **);
-extern void SetDefAccess PARAMS((struct in_addr *, char *));
+extern void SetDefAccess(
-extern void DestroyAccessList PARAMS((ACCESS *));
+#if USE_IPV6
+			    void
+#else
+			    struct in_addr *, char *
+#endif
+    );
+extern void DestroyAccessList(ACCESS *);

conserver/client.c

@@ -1,6 +1,4 @@
 /*
- *  $Id: client.c,v 5.81 2004/03/20 14:40:40 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -41,10 +39,16 @@
 #include <access.h>
 #include <client.h>
 #include <group.h>
+#include <readcfg.h>
+
+#if USE_IPV6
+# include <sys/socket.h>
+# include <netdb.h>
+#endif /* USE_IPV6 */
 
 #if defined(USE_LIBWRAP)
-#include <syslog.h>
+# include <syslog.h>
-#include <tcpd.h>
+# include <tcpd.h>
 int allow_severity = LOG_INFO;
 int deny_severity = LOG_WARNING;
 #endif
@@ -53,214 +57,171 @@ int deny_severity = LOG_WARNING;
 /* find the next guy who wants to write on the console			(ksb)
  */
 void
-#if PROTOTYPES
 FindWrite(CONSENT *pCE)
-#else
-FindWrite(pCE)
-    CONSENT *pCE;
-#endif
 {
+    CONSCLIENT *pCLfound = (CONSCLIENT *)0;
     CONSCLIENT *pCL;
 
-    /* make the first guy to have the `want write' bit set the writer
+    /* make the first guy (last on the list) to have the `want write' bit set
-     * (tell him of the promotion, too)  we could look for the
+     * the writer (tell him of the promotion, too)  we could look for the most
-     * most recent or some such... I guess it doesn't matter that
+     * recent or some such... I guess it doesn't matter that much.
-     * much.
      */
-    if (pCE->pCLwr != (CONSCLIENT *)0 || pCE->fronly ||
+    if (pCE->pCLwr != (CONSCLIENT *)0 || pCE->fronly)
-	!(pCE->fup && pCE->ioState == ISNORMAL &&
-	  pCE->initfile == (CONSFILE *)0))
 	return;
 
     for (pCL = pCE->pCLon; (CONSCLIENT *)0 != pCL; pCL = pCL->pCLnext) {
-	if (!pCL->fwantwr || pCL->fro)
+	if (pCL->fwantwr && !pCL->fro)
-	    continue;
+	    pCLfound = pCL;
-	pCL->fwantwr = 0;
+    }
-	pCL->fwr = 1;
+
+    if (pCLfound != (CONSCLIENT *)0) {
+	pCLfound->fwantwr = 0;
+	pCLfound->fwr = 1;
 	if (pCE->nolog) {
-	    FileWrite(pCL->fd, FLAGFALSE, "\r\n[attached (nologging)]\r\n",
+	    FileWrite(pCLfound->fd, FLAGFALSE,
-		      -1);
+		      "\r\n[attached (nologging)]\r\n", -1);
 	} else {
-	    FileWrite(pCL->fd, FLAGFALSE, "\r\n[attached]\r\n", -1);
+	    FileWrite(pCLfound->fd, FLAGFALSE, "\r\n[attached]\r\n", -1);
 	}
-	TagLogfileAct(pCE, "%s attached", pCL->acid->string);
+	TagLogfileAct(pCE, "%s attached", pCLfound->acid->string);
-	pCE->pCLwr = pCL;
+	pCE->pCLwr = pCLfound;
-	return;
     }
 }
 
-/* replay last iBack lines of the log file upon connect to console	(ksb)
+void
+BumpClient(CONSENT *pCE, char *message)
+{
+    if ((CONSCLIENT *)0 == pCE->pCLwr)
+	return;
+
+    if ((char *)0 != message)
+	FileWrite(pCE->pCLwr->fd, FLAGFALSE, message, -1);
+    pCE->pCLwr->fwantwr = 0;
+    pCE->pCLwr->fwr = 0;
+    pCE->pCLwr = (CONSCLIENT *)0;
+}
+
+/* replay last 'back' lines of the log file upon connect to console	(ksb)
  *
  * NB: we know the console might be spewing when the replay happens,
  * we want to just output what is in the log file and get out,
  * so we don't drop chars...
  */
+#define REPLAYBUFFER 4096
+
 void
-#if PROTOTYPES
+Replay(CONSENT *pCE, CONSFILE *fdOut, unsigned short back)
-Replay(CONSENT *pCE, CONSFILE *fdOut, int iBack)
-#else
-Replay(pCE, fdOut, iBack)
-    CONSENT *pCE;
-    CONSFILE *fdOut;
-    int iBack;
-#endif
 {
     CONSFILE *fdLog = (CONSFILE *)0;
+    STRING *line = (STRING *)0;
     off_t file_pos;
     off_t buf_pos;
-    char *buf;
+    char *buf = (char *)0;
     char *bp = (char *)0;
-    char *s;
-    int r;
     int ch;
     struct stat stLog;
-    struct lines {
-	int is_mark;
-	STRING *line;
-	STRING *mark_end;
-    } *lines;
-    int n_lines;
     int ln;
-    int i;
+    int was_mark = 0;
-    int j;
-    int u;
-    int is_mark;
-    char dummy[4];
 #if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
     unsigned long dmallocMarkReplay = 0;
 #endif
 
-    if (pCE != (CONSENT *)0) {
+    if (pCE != (CONSENT *)0 && pCE->logfile != (char *)0)
-	fdLog = pCE->fdlog;
+	fdLog = FileOpen(pCE->logfile, O_RDONLY, 0644);
-
-	/* no logfile and down and logfile defined?  try and open it */
-	if (fdLog == (CONSFILE *)0 && !pCE->fup &&
-	    pCE->logfile != (char *)0)
-	    fdLog = FileOpen(pCE->logfile, O_RDONLY, 0644);
-    }
 
     if (fdLog == (CONSFILE *)0) {
 	FileWrite(fdOut, FLAGFALSE, "[no log file on this console]\r\n",
 		  -1);
 	return;
     }
-
-    /* find the size of the file
-     */
-    if (0 != FileStat(fdLog, &stLog)) {
-	return;
-    }
 #if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
     dmallocMarkReplay = dmalloc_mark();
 #endif
 
-    file_pos = stLog.st_size - 1;
+    /* find the size of the file
+     */
+    if (0 != FileStat(fdLog, &stLog))
+	goto common_exit;
+
+    file_pos = stLog.st_size - 1;	/* point at last byte */
     buf_pos = file_pos + 1;
 
-    /* get space for the line information and initialize it
+    if ((char *)0 == (buf = malloc(REPLAYBUFFER)))
-     *
-     * we allocate room for one more line than requested to be able to
-     * do the mark ranges
-     */
-    if ((char *)0 == (buf = malloc(BUFSIZ))) {
 	OutOfMem();
-    }
+    bp = buf + 1;		/* just give it something - it resets below */
-    n_lines = iBack + 1;
+
-    lines = (struct lines *)calloc(n_lines, sizeof(*lines));
+    line = AllocString();
-    if ((struct lines *)0 == lines) {
-	OutOfMem();
-    }
-    for (i = 0; i < n_lines; i++) {
-	lines[i].mark_end = AllocString();
-	lines[i].line = AllocString();
-    }
-    ln = -1;
 
     /* loop as long as there is data in the file or we have not found
      * the requested number of lines
      */
-    while (file_pos >= 0) {
+    ln = -1;
+    for (; file_pos >= 0; file_pos--, bp--) {
 	if (file_pos < buf_pos) {
+	    int r;
 
 	    /* read one buffer worth of data a buffer boundary
 	     *
 	     * the first read will probably not get a full buffer but
 	     * the rest (as we work our way back in the file) should be
 	     */
-	    buf_pos = (file_pos / BUFSIZ) * BUFSIZ;
+	    buf_pos = (file_pos / REPLAYBUFFER) * REPLAYBUFFER;
 	    if (FileSeek(fdLog, buf_pos, SEEK_SET) < 0) {
 		goto common_exit;
 	    }
-	    if ((r = FileRead(fdLog, buf, BUFSIZ)) < 0) {
+	    if ((r = FileRead(fdLog, buf, REPLAYBUFFER)) < 0) {
 		goto common_exit;
 	    }
-	    bp = buf + r;
+	    bp = buf + r - 1;
 	}
 
 	/* process the next character
 	 */
-	--file_pos;
+	if ((ch = *bp) == '\n') {
-	if ((ch = *--bp) == '\n') {
 	    if (ln >= 0) {
+		int i;
+		int u;
+		int is_mark = 0;
 
 		/* reverse the text to put it in forward order
 		 */
-		u = lines[ln].line->used - 1;
+		u = line->used - 1;
 		for (i = 0; i < u / 2; i++) {
 		    int temp;
 
-		    temp = lines[ln].line->string[i];
+		    temp = line->string[i];
-		    lines[ln].line->string[i]
+		    line->string[i] = line->string[u - i - 1];
-			= lines[ln].line->string[u - i - 1];
+		    line->string[u - i - 1] = temp;
-		    lines[ln].line->string[u - i - 1] = temp;
 		}
 
 		/* see if this line is a MARK
 		 */
-		if (lines[ln].line->used > 0 &&
+		if (line->used > 0 && line->string[0] == '[') {
-		    lines[ln].line->string[0] == '[') {
+		    char dummy[4];
-		    i = sscanf(lines[ln].line->string + 1,
+		    int j;
+		    i = sscanf(line->string + 1,
 			       "-- MARK -- %3c %3c %d %d:%d:%d %d]\r\n",
 			       dummy, dummy, &j, &j, &j, &j, &j);
 		    is_mark = (i == 7);
-		} else {
-		    is_mark = 0;
 		}
 
 		/* process this line
 		 */
-		if (is_mark && ln > 0 && lines[ln - 1].is_mark) {
+		if (is_mark && was_mark) {
 		    /* this is a mark and the previous line is also
-		     * a mark, so make (or continue) that range
+		     * a mark, so reduce the line count 'cause it'll
+		     * go up by one and we're joining them on output.
 		     */
-		    if (0 == lines[ln - 1].mark_end->allocated) {
-			/* this is a new range - shuffle pointers
-			 *
-			 * remember that we are moving backward
-			 */
-			*(lines[ln - 1].mark_end) = *(lines[ln - 1].line);
-			InitString(lines[ln - 1].line);
-		    }
-		    /* if unallocated, cheat and shuffle pointers */
-		    if (0 == lines[ln - 1].line->allocated) {
-			*(lines[ln - 1].line) = *(lines[ln].line);
-			InitString(lines[ln].line);
-		    } else {
-			BuildString((char *)0, lines[ln - 1].line);
-			BuildStringN(lines[ln].line->string,
-				     lines[ln].line->used - 1,
-				     lines[ln - 1].line);
-			BuildString((char *)0, lines[ln].line);
-		    }
 		    ln--;
 		}
-		lines[ln].is_mark = is_mark;
+		was_mark = is_mark;
 	    }
 
 	    /* advance to the next line and break if we have enough
 	     */
 	    ln++;
-	    if (ln >= n_lines - 1) {
+	    BuildString((char *)0, line);
+	    if (ln >= back) {
 		break;
 	    }
 	}
@@ -271,91 +232,122 @@ Replay(pCE, fdOut, iBack)
 	if (ln < 0) {
 	    ln = 0;
 	}
-	BuildStringChar(ch, lines[ln].line);
+	BuildStringChar(ch, line);
 
 	/* if we've processed "a lot" of data for a line, then bail
 	 * why?  there must be some very long non-newline terminated
 	 * strings and if we just keep going back, we could spew lots
 	 * of data and chew up lots of memory
 	 */
-	if (lines[ln].line->used > MAXREPLAYLINELEN) {
+	if (line->used > MAXREPLAYLINELEN) {
 	    break;
 	}
     }
-    free(buf);
-    buf = (char *)0;
 
-    /* if we got back to beginning of file but saw some data, include it
+    /* move forward.  either we hit the beginning of the file and we
+     * move to the first byte, or we hit a \n and we move past it
      */
-    if (ln >= 0 && lines[ln].line->used > 0) {
+    file_pos++;
 
-	/* reverse the text to put it in forward order
+    /* Now output the lines, starting from where we stopped */
-	 */
+    if (FileSeek(fdLog, file_pos, SEEK_SET) >= 0) {
-	u = lines[ln].line->used - 1;
+	int eof = 0;
-	for (i = 0; i < u / 2; i++) {
+	int i = 0;
-	    int temp;
+	int r = 0;
+	STRING *mark_beg = (STRING *)0;
+	STRING *mark_end = (STRING *)0;
 
-	    temp = lines[ln].line->string[i];
+	mark_beg = AllocString();
-	    lines[ln].line->string[i]
+	mark_end = AllocString();
-		= lines[ln].line->string[u - i - 1];
+
-	    lines[ln].line->string[u - i - 1] = temp;
+	ln = 0;			/* number of lines output */
+	BuildString((char *)0, line);
+
+	while (ln < back && !eof) {
+	    if (r <= 0) {
+		if ((r = FileRead(fdLog, buf, REPLAYBUFFER)) < 0)
+		    eof = 1;
+		i = 0;
+	    }
+
+	    if (!eof)
+		BuildStringChar(buf[i], line);
+
+	    if (buf[i] == '\n' || eof) {
+		int is_mark = 0;
+		if (line->used > 0 && line->string[0] == '[') {
+		    char dummy[4];
+		    int j;
+		    int i;
+		    i = sscanf(line->string + 1,
+			       "-- MARK -- %3c %3c %d %d:%d:%d %d]\r\n",
+			       dummy, dummy, &j, &j, &j, &j, &j);
+		    is_mark = (i == 7);
+		}
+		if (is_mark) {
+		    if (mark_beg->used > 1) {
+			BuildString((char *)0, mark_end);
+			BuildString(line->string, mark_end);
+		    } else
+			BuildString(line->string, mark_beg);
+		} else {
+		    if (mark_beg->used > 1) {
+			if (mark_end->used > 1) {
+			    char *s;
+
+			    /* output the start of the range, stopping at the ']' */
+			    s = strrchr(mark_beg->string, ']');
+			    if ((char *)0 != s)
+				*s = '\000';
+			    FileWrite(fdOut, FLAGTRUE, mark_beg->string,
+				      -1);
+			    FileWrite(fdOut, FLAGTRUE, " .. ", 4);
+
+			    /* build the end string by removing the leading "[-- MARK -- "
+			     * and replacing "]\r\n" on the end with " -- MARK --]\r\n"
+			     */
+			    s = strrchr(mark_end->string, ']');
+			    if ((char *)0 != s)
+				*s = '\000';
+			    FileWrite(fdOut, FLAGTRUE,
+				      mark_end->string +
+				      sizeof("[-- MARK -- ") - 1, -1);
+			    FileWrite(fdOut, FLAGFALSE, " -- MARK --]\r\n",
+				      -1);
+			} else {
+			    FileWrite(fdOut, FLAGFALSE, mark_beg->string,
+				      mark_beg->used - 1);
+			}
+			BuildString((char *)0, mark_beg);
+			BuildString((char *)0, mark_end);
+			ln++;
+			if (ln >= back)
+			    break;
+		    }
+		    FileWrite(fdOut, FLAGFALSE, line->string,
+			      line->used - 1);
+		    ln++;
+		}
+		BuildString((char *)0, line);
+	    }
+
+	    /* move the counters */
+	    i++;
+	    r--;
 	}
-	ln++;
+	DestroyString(mark_end);
-    }
+	DestroyString(mark_beg);
-
-    /* copy the lines into the buffer and put them in order
-     */
-    for (i = ln - 1; i >= 0; i--) {
-	if (lines[i].is_mark && 0 != lines[i].mark_end->used) {
-	    int mark_len;
-
-	    /* output the start of the range, stopping at the ']'
-	     */
-	    s = strrchr(lines[i].line->string, ']');
-	    if ((char *)0 != s) {
-		*s = '\000';
-	    }
-	    FileWrite(fdOut, FLAGTRUE, lines[i].line->string,
-		      lines[i].line->used - 1);
-	    FileWrite(fdOut, FLAGTRUE, " .. ", 4);
-
-	    /* build the end string by removing the leading "[-- MARK -- "
-	     * and replacing "]\r\n" on the end with " -- MARK --]\r\n"
-	     */
-	    mark_len = sizeof("[-- MARK -- ") - 1;
-
-	    s = strrchr(lines[i].mark_end->string + mark_len, ']');
-	    if ((char *)0 != s) {
-		*s = '\000';
-	    }
-	    FileWrite(fdOut, FLAGTRUE,
-		      lines[i].mark_end->string + mark_len, -1);
-	    FileWrite(fdOut, FLAGFALSE, " -- MARK --]\r\n", -1);
-	    u = lines[i].mark_end->used;
-	    s = lines[i].mark_end->string;
-	} else
-	    FileWrite(fdOut, FLAGFALSE, lines[i].line->string,
-		      lines[i].line->used - 1);
     }
 
   common_exit:
 
-    /* if we opened the logfile, close it */
+    if (line != (STRING *)0)
-    if (fdLog != pCE->fdlog)
+	DestroyString(line);
+    if (buf != (char *)0)
+	free(buf);
+    if (fdLog != (CONSFILE *)0)
 	FileClose(&fdLog);
 
-    if ((struct lines *)0 != lines) {
-	for (i = 0; i < n_lines; i++) {
-	    DestroyString(lines[i].mark_end);
-	    DestroyString(lines[i].line);
-	}
-	free(lines);
-	lines = (struct lines *)0;
-    }
-    if ((char *)0 != buf) {
-	free(buf);
-	buf = (char *)0;
-    }
 #if HAVE_DMALLOC && DMALLOC_MARK_REPLAY
     CONDDEBUG((1, "Replay(): dmalloc / MarkReplay"));
     dmalloc_log_changed(dmallocMarkReplay, 1, 0, 1);
@@ -369,6 +361,7 @@ Replay(pCE, fdOut, iBack)
 #define WHEN_ATTACH	0x02
 #define WHEN_EXPERT	0x04	/* ZZZ no way to set his yet    */
 #define WHEN_ALWAYS	0x40
+#define IS_LIMITED	0x100
 
 #define HALFLINE	40
 
@@ -378,48 +371,45 @@ typedef struct HLnode {
 } HELP;
 
 static HELP aHLTable[] = {
-    {WHEN_ALWAYS, ".    disconnect"},
+    {WHEN_ALWAYS, ".       disconnect"},
-    {WHEN_ALWAYS, ";    move to another console"},
+    {WHEN_ALWAYS | IS_LIMITED, ";       move to another console"},
-    {WHEN_ALWAYS, "a    attach read/write"},
+    {WHEN_ALWAYS, "a       attach read/write"},
-    {WHEN_ALWAYS, "b    send broadcast message"},
+    {WHEN_ALWAYS, "b       send broadcast message"},
-    {WHEN_ATTACH, "c    toggle flow control"},
+    {WHEN_ATTACH, "c       toggle flow control"},
-    {WHEN_ATTACH, "d    down a console"},
+    {WHEN_ATTACH, "d       down a console"},
-    {WHEN_ALWAYS, "e    change escape sequence"},
+    {WHEN_ALWAYS, "e       change escape sequence"},
-    {WHEN_ALWAYS, "f    force attach read/write"},
+    {WHEN_ALWAYS, "f       force attach read/write"},
-    {WHEN_ALWAYS, "g    group info"},
+    {WHEN_ALWAYS, "g       group info"},
-    {WHEN_ALWAYS, "i    information dump"},
+    {WHEN_ALWAYS, "i       information dump"},
-    {WHEN_ATTACH, "L    toggle logging on/off"},
+    {WHEN_ATTACH, "L       toggle logging on/off"},
-    {WHEN_ATTACH, "l?   break sequence list"},
+    {WHEN_ATTACH, "l?      break sequence list"},
-    {WHEN_ATTACH, "l0   send break per config file"},
+    {WHEN_ATTACH, "l0      send break per config file"},
-    {WHEN_ATTACH, "l1-9 send specific break sequence"},
+    {WHEN_ATTACH, "l1-9a-z send specific break sequence"},
-    {WHEN_ALWAYS, "m    display the message of the day"},
+    {WHEN_ALWAYS, "m       display message of the day"},
-    {WHEN_ALWAYS, "o    (re)open the tty and log file"},
+    {WHEN_ALWAYS, "n       write a note to the logfile"},
-    {WHEN_ALWAYS, "p    replay the last 60 lines"},
+    {WHEN_ALWAYS, "o       (re)open the tty and log file"},
-    {WHEN_ALWAYS, "r    replay the last 20 lines"},
+    {WHEN_ALWAYS, "p       playback the last %hu lines"},
-    {WHEN_ATTACH, "s    spy read only"},
+    {WHEN_ALWAYS, "P       set number of playback lines"},
-    {WHEN_ALWAYS, "u    show host status"},
+    {WHEN_ALWAYS, "r       replay the last %hu lines"},
-    {WHEN_ALWAYS, "v    show version info"},
+    {WHEN_ALWAYS, "R       set number of replay lines"},
-    {WHEN_ALWAYS, "w    who is on this console"},
+    {WHEN_ATTACH, "s       spy mode (read only)"},
-    {WHEN_ALWAYS, "x    show console baud info"},
+    {WHEN_ALWAYS, "u       show host status"},
-    {WHEN_ALWAYS, "z    suspend the connection"},
+    {WHEN_ALWAYS, "v       show version info"},
-    {WHEN_ATTACH, "|    attach local command"},
+    {WHEN_ALWAYS, "w       who is on this console"},
-    {WHEN_ALWAYS, "?    print this message"},
+    {WHEN_ALWAYS, "x       show console baud info"},
-    {WHEN_ALWAYS, "<cr> ignore/abort command"},
+    {WHEN_ALWAYS | IS_LIMITED, "z       suspend the connection"},
-    {WHEN_ALWAYS, "^R   replay the last line"},
+    {WHEN_ATTACH, "!       invoke task"},
-    {WHEN_ATTACH, "\\ooo send character by octal code"},
+    {WHEN_ATTACH | IS_LIMITED, "|       attach local command"},
-    {WHEN_EXPERT, "^I   toggle tab expansion"},
+    {WHEN_ALWAYS, "?       print this message"},
-    {WHEN_EXPERT, "+(-) do (not) drop line"},
+    {WHEN_ALWAYS, "<cr>    ignore/abort command"},
+    {WHEN_ALWAYS, "^R      replay the last line"},
+    {WHEN_ATTACH, "\\ooo    send character by octal code"},
 };
 
 /* list the commands we know for the user				(ksb)
  */
 void
-#if PROTOTYPES
 HelpUser(CONSCLIENT *pCL)
-#else
-HelpUser(pCL)
-    CONSCLIENT *pCL;
-#endif
 {
     int i, j, iCmp;
     static char
@@ -440,15 +430,30 @@ HelpUser(pCL)
 
     BuildString((char *)0, acLine);
     for (i = 0; i < sizeof(aHLTable) / sizeof(HELP); ++i) {
-	if (0 == (aHLTable[i].iwhen & iCmp)) {
+	char *text;
+
+	if (aHLTable[i].iwhen & IS_LIMITED &&
+	    ConsentUserOk(pLUList, pCL->username->string) == 1)
 	    continue;
+
+	if (0 == (aHLTable[i].iwhen & iCmp))
+	    continue;
+
+	text = aHLTable[i].actext;
+	if (text[0] == 'p') {
+	    BuildTmpString((char *)0);
+	    text = BuildTmpStringPrint(text, pCL->playback);
+	} else if (text[0] == 'r') {
+	    BuildTmpString((char *)0);
+	    text = BuildTmpStringPrint(text, pCL->replay);
 	}
+
 	if (acLine->used != 0) {	/* second part of line */
-	    if (strlen(aHLTable[i].actext) < HALFLINE) {
+	    if (strlen(text) < HALFLINE) {
 		for (j = acLine->used; j <= HALFLINE; ++j) {
 		    BuildStringChar(' ', acLine);
 		}
-		BuildString(aHLTable[i].actext, acLine);
+		BuildString(text, acLine);
 		BuildString(acEoln, acLine);
 		FileWrite(pCL->fd, FLAGTRUE, acLine->string,
 			  acLine->used - 1);
@@ -463,7 +468,7 @@ HelpUser(pCL)
 	}
 	if (acLine->used == 0) {	/* at new line */
 	    BuildStringChar(' ', acLine);
-	    BuildString(aHLTable[i].actext, acLine);
+	    BuildString(text, acLine);
 	    if (acLine->used > HALFLINE) {
 		BuildString(acEoln, acLine);
 		FileWrite(pCL->fd, FLAGTRUE, acLine->string,
@@ -480,25 +485,27 @@ HelpUser(pCL)
 }
 
 int
-#if PROTOTYPES
 ClientAccessOk(CONSCLIENT *pCL)
-#else
-ClientAccessOk(pCL)
-    CONSCLIENT *pCL;
-#endif
 {
     char *peername = (char *)0;
+    int retval = 1;
+
+#if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
     socklen_t so;
     int cfd;
-    struct sockaddr_in in_port;
+# if USE_IPV6
-    int retval = 1;
+    int error;
+    char addr[NI_MAXHOST];
+# endif
+    SOCKADDR_STYPE in_port;
     int getpeer = -1;
 
     cfd = FileFDNum(pCL->fd);
     pCL->caccess = 'r';
-#if defined(USE_LIBWRAP)
+# if defined(USE_LIBWRAP)
     {
 	struct request_info request;
+	CONDDEBUG((1, "ClientAccessOk(): doing tcpwrappers check"));
 	request_init(&request, RQ_DAEMON, progname, RQ_FILE, cfd, 0);
 	fromhost(&request);
 	if (!hosts_access(&request)) {
@@ -508,7 +515,7 @@ ClientAccessOk(pCL)
 	    goto setpeer;
 	}
     }
-#endif
+# endif
 
     so = sizeof(in_port);
     if (-1 ==
@@ -517,22 +524,64 @@ ClientAccessOk(pCL)
 	retval = 0;
 	goto setpeer;
     }
-    pCL->caccess = AccType(&in_port.sin_addr, &peername);
+    pCL->caccess = AccType(
+# if USE_IPV6
+			      &in_port,
+# else
+			      &in_port.sin_addr,
+# endif
+			      &peername);
     if (pCL->caccess == 'r') {
 	FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
 		  -1);
 	retval = 0;
     }
-
   setpeer:
+#else
+    struct in_addr addr;
+
+# if HAVE_INET_ATON
+    inet_aton("127.0.0.1", &addr);
+# else
+    addr.s_addr = inet_addr("127.0.0.1");
+# endif
+    pCL->caccess = AccType(&addr, &peername);
+    if (pCL->caccess == 'r') {
+	FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
+		  -1);
+	retval = 0;
+    }
+#endif
+
     if (pCL->peername != (STRING *)0) {
 	BuildString((char *)0, pCL->peername);
 	if (peername != (char *)0)
 	    BuildString(peername, pCL->peername);
+#if USE_IPV6
+	else if (getpeer != -1) {
+	    error =
+		getnameinfo((struct sockaddr *)&in_port, so, addr,
+			    sizeof(addr), NULL, 0, NI_NUMERICHOST);
+	    if (error) {
+		FileWrite(pCL->fd, FLAGFALSE, "getnameinfo failed\r\n",
+			  -1);
+		Error("ClientAccessOk(): gatenameinfo: %s",
+		      gai_strerror(error));
+		retval = 0;
+	    }
+
+	    BuildString(addr, pCL->peername);
+	} else
+	    BuildString("<unknown>", pCL->peername);
+#elif USE_UNIX_DOMAIN_SOCKETS
+	else
+	    BuildString("127.0.0.1", pCL->peername);
+#else
 	else if (getpeer != -1)
 	    BuildString(inet_ntoa(in_port.sin_addr), pCL->peername);
 	else
 	    BuildString("<unknown>", pCL->peername);
+#endif
     }
     if (peername != (char *)0)
 	free(peername);

conserver/client.h

@@ -1,6 +1,4 @@
 /*
- *  $Id: client.h,v 5.36 2003/12/25 19:22:00 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -48,7 +46,12 @@ typedef enum clientState {
     S_QUOTE,			/* send any character we can spell         */
     S_BCAST,			/* send a broadcast message to all clients */
     S_CWAIT,			/* wait for client                         */
-    S_CEXEC			/* client execing a program                */
+    S_CEXEC,			/* client execing a program                */
+    S_REPLAY,			/* set replay length for 'r'               */
+    S_PLAYBACK,			/* set replay length for 'p'               */
+    S_NOTE,			/* send a note to the logfile              */
+    S_TASK,			/* invoke a task on the server side        */
+    S_CONFIRM			/* confirm input                           */
 } CLIENTSTATE;
 
 typedef struct client {		/* Connection Information:              */
@@ -58,6 +61,7 @@ typedef struct client {		/* Connection Information:              */
     short fwantwr;		/* (client) wants to write              */
     short fro;			/* read-only permission                 */
     short fecho;		/* echo commands (not set by machines)  */
+    short fiwait;		/* client wanting for console init      */
     STRING *acid;		/* login and location of client         */
     STRING *peername;		/* location of client                   */
     STRING *username;		/* login of client                      */
@@ -74,17 +78,22 @@ typedef struct client {		/* Connection Information:              */
      *pCLnext;			/* next person on this list             */
     /* next lists link clients on a console */
     char ic[2];			/* two character escape sequence        */
+    unsigned short replay;	/* lines to replay for 'r'              */
+    unsigned short playback;	/* lines to replay for 'p'              */
     CLIENTSTATE iState;		/* state for fsm in server              */
     char caccess;		/* did we trust the remote machine      */
     IOSTATE ioState;		/* state of the socket                  */
     time_t stateTimer;		/* timer for various ioState states */
     STRING *accmd;		/* the command the user issued          */
-    STRING *msg;		/* the broadcast message                */
+    INADDR_STYPE cnct_port;	/* where from                           */
-    struct sockaddr_in
+    FLAG confirmed;		/* confirm state                        */
-      cnct_port;		/* where from                           */
+    CLIENTSTATE cState;		/* state needing confirmation           */
+    char cOption;		/* option initiating the confirmation   */
+    size_t tokenSize;		/* buffer size for GSSAPI token         */
 } CONSCLIENT;
 
-extern void Replay PARAMS((CONSENT *, CONSFILE *, int));
+extern void Replay(CONSENT *, CONSFILE *, unsigned short);
-extern void HelpUser PARAMS((CONSCLIENT *));
+extern void HelpUser(CONSCLIENT *);
-extern void FindWrite PARAMS((CONSENT *));
+extern void FindWrite(CONSENT *);
-extern int ClientAccessOk PARAMS((CONSCLIENT *));
+extern int ClientAccessOk(CONSCLIENT *);
+extern void BumpClient(CONSENT *, char *);

conserver/consent.h

@@ -1,6 +1,4 @@
 /*
- *  $Id: consent.h,v 5.56 2004/02/20 14:58:14 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -55,9 +53,21 @@ typedef enum consType {
     UNKNOWNTYPE = 0,
     DEVICE,
     EXEC,
-    HOST
+    HOST,
+    NOOP,
+    UDS,
+#if HAVE_FREEIPMI
+    IPMI,
+#endif
 } CONSTYPE;
 
+#if HAVE_FREEIPMI
+# define IPMIL_UNKNOWN  (0)
+# define IPMIL_USER     (IPMICONSOLE_PRIVILEGE_USER+1)
+# define IPMIL_OPERATOR (IPMICONSOLE_PRIVILEGE_OPERATOR+1)
+# define IPMIL_ADMIN    (IPMICONSOLE_PRIVILEGE_ADMIN+1)
+#endif
+
 typedef struct names {
     char *name;
     struct names *next;
@@ -89,6 +99,17 @@ typedef struct consent {	/* console information                  */
     FLAG ixoff;			/* XON/XOFF flow control on input       */
 #if defined(CRTSCTS)
     FLAG crtscts;		/* use hardware flow control            */
+#endif
+#if HAVE_FREEIPMI
+    /* type == IPMI */
+    int ipmiprivlevel;		/* IPMI authentication level            */
+    ipmiconsole_ctx_t ipmictx;	/* IPMI ctx                             */
+    unsigned int ipmiworkaround;	/* IPMI workaround flags                */
+    short ipmiwrkset;		/* workaround flags set in config       */
+    int ipmiciphersuite;	/* IPMI cipher suite                    */
+    char *username;		/* Username to log as                   */
+    char *password;		/* Login Password                       */
+    STRING *ipmikg;		/* IPMI k_g auth key                    */
 #endif
     /* type == HOST */
     char *host;			/* hostname                             */
@@ -96,31 +117,45 @@ typedef struct consent {	/* console information                  */
     unsigned short port;	/* port number   |      portinc * port  */
     unsigned short portbase;	/* port base                            */
     unsigned short portinc;	/* port increment                       */
-    unsigned short raw;		/* raw or telnet protocol?              */
+    FLAG raw;			/* raw or telnet protocol?              */
     /* type == EXEC */
     char *exec;			/* exec command                         */
     char *execsubst;		/* exec substitution pattern            */
+    uid_t execuid;		/* user to run exec as                  */
+    gid_t execgid;		/* group to run exec as                 */
+    /* type == UDS */
+    char *uds;			/* socket file                          */
+    char *udssubst;		/* socket file substitution pattern     */
     /* global stuff */
     char *master;		/* master hostname                      */
-    unsigned short breakNum;	/* break type [1-9]                     */
+    unsigned short breakNum;	/* break type [1-35]                    */
     char *logfile;		/* logfile                              */
     off_t logfilemax;		/* size limit for rolling logfile       */
     char *initcmd;		/* initcmd command                      */
     char *initsubst;		/* initcmd substitution pattern         */
+    uid_t inituid;		/* user to run initcmd as               */
+    gid_t initgid;		/* group to run initcmd as              */
     char *motd;			/* motd                                 */
     time_t idletimeout;		/* idle timeout                         */
     char *idlestring;		/* string to print when idle            */
+    unsigned short spinmax;	/* initialization spin maximum          */
+    unsigned short spintimer;	/* initialization spin timer            */
+    char *replstring;		/* generic string for replacements      */
+    char *tasklist;		/* list of valid tasks                  */
+    char *breaklist;		/* list of valid break sequences        */
     /* timestamp stuff */
     int mark;			/* Mark (chime) interval                */
     long nextMark;		/* Next mark (chime) time               */
     FLAG activitylog;		/* log attach/detach/bump               */
     FLAG breaklog;		/* log breaks sent                      */
+    FLAG tasklog;		/* log tasks invoked                    */
     /* options */
     FLAG ondemand;		/* bring up on-demand                   */
     FLAG reinitoncc;		/* open if down on client connect       */
     FLAG striphigh;		/* strip high-bit of console data       */
     FLAG autoreinit;		/* auto-reinitialize if failed          */
     FLAG unloved;		/* copy "unloved" data to stdout        */
+    FLAG login;			/* allow logins to the console          */
 
     /*** runtime settings ***/
     CONSFILE *fdlog;		/* the local log file                   */
@@ -130,16 +165,26 @@ typedef struct consent {	/* console information                  */
     pid_t ipid;			/* pid of virtual command               */
     pid_t initpid;		/* pid of initcmd command               */
     CONSFILE *initfile;		/* the command run on init              */
+    pid_t taskpid;		/* pid of task running                  */
+    CONSFILE *taskfile;		/* the output from the task (read-only) */
     STRING *wbuf;		/* write() buffer                       */
     int wbufIAC;		/* next IAC location in wbuf            */
     IOSTATE ioState;		/* state of the socket                  */
     time_t stateTimer;		/* timer for ioState states             */
     time_t lastWrite;		/* time of last data sent to console    */
+#if HAVE_GETTIMEOFDAY
+    struct timeval lastInit;	/* time of last initialization          */
+#else
+    time_t lastInit;		/* time of last initialization          */
+#endif
+    unsigned short spincount;	/* initialization spin counter          */
 
     /*** state information ***/
     char acline[132 * 2 + 2];	/* max chars we will call a line        */
     int iend;			/* length of data stored in acline      */
     int telnetState;		/* state for telnet negotiations        */
+    FLAG sentDoEcho;		/* have we sent telnet DO ECHO cmd?     */
+    FLAG sentDoSGA;		/* have we sent telnet DO SGA cmd?      */
     unsigned short autoReUp;	/* is it coming back up automatically?  */
     FLAG downHard;		/* did it go down unexpectedly?         */
     unsigned short nolog;	/* don't log output                     */
@@ -162,11 +207,13 @@ typedef struct remote {		/* console at another host              */
     NAMES *aliases;		/* aliases for remote server name       */
 } REMOTE;
 
-extern PARITY *FindParity PARAMS((char *));
+extern PARITY *FindParity(char *);
-extern BAUD *FindBaud PARAMS((char *));
+extern BAUD *FindBaud(char *);
-extern void ConsInit PARAMS((CONSENT *));
+extern void ConsInit(CONSENT *);
-extern void ConsDown PARAMS((CONSENT *, FLAG, FLAG));
+extern void ConsDown(CONSENT *, FLAG, FLAG);
-extern REMOTE *FindUniq PARAMS((REMOTE *));
+extern REMOTE *FindUniq(REMOTE *);
-extern void DestroyRemoteConsole PARAMS((REMOTE *));
+extern void DestroyRemoteConsole(REMOTE *);
-extern void StartInit PARAMS((CONSENT *));
+extern void StartInit(CONSENT *);
-extern void StopInit PARAMS((CONSENT *));
+extern void StopInit(CONSENT *);
+extern char *ConsState(CONSENT *);
+extern void SetupTty(CONSENT *, int);

conserver/conserver.man.in

@@ -1,6 +1,4 @@
-.\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine
+.TH CONSERVER 8 "@CONSERVER_DATE@" "conserver-@CONSERVER_VERSION@" "conserver"
-.\" $Id: conserver.man,v 1.43 2004/03/23 01:02:29 bryan Exp $
-.TH CONSERVER 8 "2004/03/23" "conserver-8.1.3" "conserver"
 .SH NAME
 conserver \- console server daemon
 .SH SYNOPSIS
@@ -11,7 +9,7 @@ conserver \- console server daemon
 .RB [ \-m
 .IR max ]
 .RB [ \-M
-.IR addr ]
+.IR master ]
 .RB [ \-p
 .IR port ]
 .RB [ \-b
@@ -33,24 +31,36 @@ conserver \- console server daemon
 is the daemon that manages
 remote access to system consoles by multiple users via the
 .BR console (1)
-client program and logs all console output.
+client program and (optionally) log the console output.
-It can connect to consoles via local serial ports, terminal
+It can connect to consoles via local serial ports, Unix domain sockets, TCP
-servers that allow network access, or to any external program.
+sockets (for terminal servers and the like), or any external program.
 .PP
 When started,
 .B conserver
-reads its
+reads the
 .BR conserver.cf (5)
-file for details of each console it should manage,
+file for details of each console.
-including serial port or network parameters and logging options.
+The console type, logging options, serial or network parameters, and user access
-(Also, in environments where multiple servers share a cf file,
+levels are just a few of the things that can be specified.
-any server is able to refer clients to the particular server
+Command-line options are then applied, possibly overriding
-managing a requested console, so that the client need not have
+.BR conserver.cf (5)
-knowledge of the distribution of consoles among servers.)
+settings.
+.B Conserver
+categorizes consoles into two types: those it should actively manage, and
+those it should just know about, so it can refer clients to other
+.B conserver
+instances.
+If the
+.B master
+value of a console matches the hostname or ip address of the local machine,
+.B conserver
+will actively manage the console.
+Otherwise, it's considered a ``remote'' console and managed by a different
+server.
 .B Conserver
 forks a child for each group of consoles it must manage
 and assigns each process a port number to listen on.
-The maximum number of consoles managed by each child process is set using
+The maximum number of consoles managed by each child process is set using the
 .B \-m
 option.
 The
@@ -76,14 +86,31 @@ the
 .BR conserver.cf (5)
 access list.
 .PP
+When Unix domain sockets are used between the client and
+server (enabled using
+.BR --with-uds ),
+authentication checks are done on the hardcoded address ``127.0.0.1''.
+Automatic client redirection is also disabled (as if the
+.B \-R
+option was used) since the client cannot communicate with remote servers.
+The directory used to hold the sockets is checked to make sure it's empty
+when the server starts.
+The server will
+.B not
+remove any files in the directory itself, just in case the directory is
+accidentally specified as ``/etc'' or some other critical location.
+The server will do its best to remove all the sockets when it shuts down,
+but it could stop ungracefully (crash, ``kill -9'', etc)
+and leave files behind.
+It would then be up to the admin (or a creative startup script) to clean
+up the directory before the server will start again.
+.PP
 .B Conserver
 completely controls any connection to a console.
 All escape sequences given by the user to
 .B console
 are passed to the server without interpretation.
-The server recognizes and processes all escape sequences,
+The server recognizes and processes all escape sequences.
-The suspend sequence is recognized by the server and sent back to the
-client as a TCP out-of-band command, which the client processes.
 .PP
 The
 .B conserver
@@ -217,7 +244,7 @@ option.
 .B \-d
 Become a daemon.
 Disconnects from the controlling terminal and sends
-all output to the logfile (see
+all output (including any debug output) to the logfile (see
 .BR \-L ).
 .TP
 .B \-D
@@ -271,11 +298,21 @@ may be changed at compile time using the
 .B --with-maxmemb
 option.
 .TP
-.BI \-M addr
+.BI \-M master
-Set the address to listen on.
+Normally, this allows conserver to bind to a
-This allows conserver to bind to a
 particular IP address (like `127.0.0.1') instead of all interfaces.
 The default is to bind to all addresses.
+However, if
+.B --with-uds
+was used to enable Unix domain sockets for client/server communication,
+this points conserver to the directory where it should store the sockets.
+The default
+.I master
+directory
+.RB (`` /tmp/conserver '')
+may be changed at compile time using the
+.B --with-uds
+option.
 .TP
 .B \-n
 Obsolete (now a no-op); see
@@ -291,6 +328,9 @@ Enable periodic attempts (every
 .I min
 minutes) to open (``bring up'') all downed
 consoles (similar to sending a SIGUSR1).
+Without this option, or if
+.I min
+is zero, no periodic attempts occur.
 .TP
 .BI \-p port
 Set the TCP port for the master process to listen on.
@@ -301,6 +341,9 @@ The default
 may be changed at compile time using the
 .B --with-port
 option.
+If the
+.B --with-uds
+option was used, this option is ignored.
 .TP
 .BI \-P passwd
 Read the table of authorized user data from the file
@@ -347,13 +390,16 @@ The console aliases in a comma-separated list.
 .I type
 The type of console.
 Values will be a `/' for a local device, `|' for
-a command, or `!' for a remote port.
+a command, `!' for a remote port, `%' for a Unix domain socket,
+and `#' for a noop console.
 .TP
 .I details
 Multiple values are comma-separated and depend on the type of the console.
 Local devices will have the values of the device file and baud rate/parity.
 Commands will have string to invoke.
 Remote ports will have the values of the remote hostname and port number.
+Unix domain sockets will have the path to the socket.
+Noop consoles will have nothing.
 .RE
 .TP
 .B \-u
@@ -374,7 +420,7 @@ output, but all consoles, not
 just those without a user, are logged.
 Each line of output is prefixed with the console name.
 If a user is attached read/write, a `*' is appended to the console name,
-to allow log watching utilites to ignore potential user-introduced alarms.
+to allow log watching utilities to ignore potential user-introduced alarms.
 .TP
 .B \-v
 Echo the configuration as it is being read (be verbose).
@@ -394,7 +440,7 @@ The second style is the character-based, escape-sequence mode, while
 connected to a console.
 .PP
 The initial line-based mode begins the same for both the master process
-and it's children.
+and its children.
 Upon a successful (non-rejected) client connection, an ``ok'' is sent.
 The client then issues a command and the server responds to it with a
 result string (``ok'' being the sign of success for most commands).
@@ -402,7 +448,7 @@ The commands available are ``help'', ``ssl'' (if
 SSL was built into the code), ``login'', and ``exit''.
 Using the ``login'' command, the client authenticates and gains access to
 the extended command set.
-This is where the master process and it's children differ.
+This is where the master process and its children differ.
 The master process gives the client access to global commands, and the
 child provides commands for interacting with the consoles it manages.
 The ``help'' command, in both cases, will provide a complete
@@ -418,14 +464,16 @@ any interaction with the server is done with the default escape sequence.
 This is, by no means, a complete description of the entire client/server
 interaction.
 It is, however, a brief explanation in order to give a idea of
-what the program does.
+what the program does.  See the
+.B \s-1PROTOCOL\s0
+file in the distribution for further details.
 .SH FILES
 .PP
 The following default file locations may be overridden
 at compile time or by the command-line options described above.
 Run
 .B conserver \-V
-(with no other options) to see the defaults set at compile time.
+to see the defaults set at compile time.
 .PP
 .PD 0
 .TP 25
@@ -443,6 +491,9 @@ the master conserver process ID
 .TP
 .B /var/log/conserver
 log of errors and informational messages
+.TP
+.B /tmp/conserver
+directory to hold Unix domain sockets (if enabled)
 .PD
 .PP
 Additionally, output from individual consoles may be logged

conserver/convert.c

@@ -1,6 +1,4 @@
 /*
- *  $Id: convert.c,v 1.8 2003/11/20 13:56:38 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -41,6 +39,16 @@
 #include <master.h>
 #include <main.h>
 
+#if defined(USE_LIBWRAP)
+/* we don't use it...but we link to it */
+int allow_severity;
+int deny_severity;
+#endif
+
+
+SECTION sections[] = {
+    {(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
+};
 
 void
 DestroyDataStructures()
@@ -48,19 +56,12 @@ DestroyDataStructures()
 }
 
 char *
-#if PROTOTYPES
 ReadLine2(FILE *fp, STRING *save, int *iLine)
-#else
-ReadLine2(fp, save, iLine)
-    FILE *fp;
-    STRING *save;
-    int *iLine;
-#endif
 {
     static char buf[1024];
     char *wholeline = (char *)0;
     char *ret = (char *)0;
-    int i, buflen, peek, commentCheck = 1, comment = 0;
+    int i, buflen, peek, commentCheck = 1;
     static STRING *bufstr = (STRING *)0;
     static STRING *wholestr = (STRING *)0;
 
@@ -76,7 +77,7 @@ ReadLine2(fp, save, iLine)
 	   || peek) {
 	/* If we have a previously saved line, use it instead */
 	if (save->used) {
-	    strcpy(buf, save->string);
+	    StrCpy(buf, save->string, sizeof(buf));
 	    BuildString((char *)0, save);
 	}
 
@@ -102,7 +103,6 @@ ReadLine2(fp, save, iLine)
 		if (!isspace((int)buf[i]))
 		    break;
 	    if (buf[i] == '#') {
-		comment = 1;
 		commentCheck = 0;
 	    } else if (buf[i] != '\000') {
 		commentCheck = 0;
@@ -113,14 +113,11 @@ ReadLine2(fp, save, iLine)
 	buflen = strlen(buf);
 	if ((buflen >= 1) && (buf[buflen - 1] == '\n')) {
 	    (*iLine)++;		/* Finally have a whole line */
-/*	    if (comment == 0 && commentCheck == 0) { */
 	    /* Finish off the chunk without the \n */
 	    buf[buflen - 1] = '\000';
 	    BuildString(buf, bufstr);
 	    wholeline = BuildString(bufstr->string, wholestr);
-/*	    }*/
 	    peek = 1;
-	    comment = 0;
 	    commentCheck = 1;
 	    BuildString((char *)0, bufstr);
 	} else {
@@ -132,14 +129,10 @@ ReadLine2(fp, save, iLine)
     /* If we hit the EOF and weren't peeking ahead
      * and it's not a comment
      */
-    /*
-       if (!peek && (ret == (char *)0) && (comment == 0) &&
-       (commentCheck == 0)) {
-     */
     if (!peek && (ret == (char *)0)) {
 	(*iLine)++;
 	wholeline = BuildString(bufstr->string, wholestr);
-	if (wholeline[0] == '\000')
+	if (wholeline != (char *)0 && wholeline[0] == '\000')
 	    wholeline = (char *)0;
     }
 
@@ -152,13 +145,7 @@ ReadLine2(fp, save, iLine)
  * to manage the consoles
  */
 void
-#if PROTOTYPES
 ReadCfg(char *pcFile, FILE *fp)
-#else
-ReadCfg(pcFile, fp)
-    char *pcFile;
-    FILE *fp;
-#endif
 {
     int iLine;
     unsigned char *acIn;
@@ -422,7 +409,6 @@ ReadCfg(pcFile, fp)
 	    (unsigned char *)ReadLine2(fp, acInSave,
 				       &iLine)) != (unsigned char *)0) {
 	char *pcNext;
-	char cType;
 
 	acStart = PruneSpace((char *)acIn);
 	if (acStart[0] == '#') {
@@ -468,7 +454,6 @@ ReadCfg(pcFile, fp)
 		printf("\ttrusted %s;\n", pcNext);
 		break;
 	    default:
-		cType = ' ';
 		Error("%s(%d) unknown access key `%s'", pcFile, iLine,
 		      acStart);
 		break;
@@ -480,13 +465,7 @@ ReadCfg(pcFile, fp)
 }
 
 int
-#if PROTOTYPES
 main(int argc, char **argv)
-#else
-main(argc, argv)
-    int argc;
-    char **argv;
-#endif
 {
     char *pcFile;
     FILE *fp;

conserver/cutil.h

@@ -1,19 +1,26 @@
 /*
- *  $Id: cutil.h,v 1.61 2004/03/10 02:55:45 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
  */
 
-#if PROTOTYPES
 #include <stdarg.h>
-#else
-#include <varargs.h>
-#endif
 #if HAVE_OPENSSL
-#include <openssl/ssl.h>
+# include <openssl/ssl.h>
-#include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dh.h>
+# include <openssl/err.h>
+# if OPENSSL_VERSION_NUMBER < 0x10100000L
+#  define TLS_method SSLv23_method
+# endif/* OPENSSL_VERSION_NUMBER < 0x10100000L */
+# if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+#  define CIPHER_SEC0
+# else
+#  define CIPHER_SEC0 ":@SECLEVEL=0"
+# endif/* OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) */
+#endif
+#if HAVE_GSSAPI
+# include <gssapi/gssapi.h>
 #endif
 
 /* communication constants
@@ -45,6 +52,9 @@ typedef enum IOState {
 #if HAVE_OPENSSL
     INSSLACCEPT,
     INSSLSHUTDOWN,
+#endif
+#if HAVE_GSSAPI
+    INGSSACCEPT,
 #endif
     ISFLUSHING
 } IOSTATE;
@@ -70,6 +80,7 @@ typedef struct consFile {
     int fd;
     int fdout;			/* only used when a simplePipe */
     STRING *wbuf;
+    FLAG errored;
     FLAG quoteiac;
     FLAG sawiac;
     FLAG sawiacsusp;
@@ -89,78 +100,126 @@ typedef struct consFile {
 #endif
 } CONSFILE;
 
+typedef struct item {
+    char *id;
+    void (*reg)(char *);
+} ITEM;
+
+typedef struct section {
+    char *id;
+    void (*begin)(char *);
+    void (*end)(void);
+    void (*abort)(void);
+    void (*destroy)(void);
+    ITEM *items;
+} SECTION;
+
+typedef enum substToken {
+    ISNOTHING = 0,
+    ISNUMBER,
+    ISSTRING
+} SUBSTTOKEN;
+
+typedef struct subst {
+    /* function to retrieve a token type based on a character
+     */
+    SUBSTTOKEN (*token)(char);
+    /* data for callback function
+     */
+    void *data;
+    /* function to retrieve a value (as a char* or int or both) for
+     * a substitution
+     */
+    int (*value)(char, char **, int *);
+} SUBST;
+
 extern int isMultiProc, fDebug, fVerbose, fErrorPrinted;
 extern char *progname;
 extern pid_t thepid;
 #define MAXHOSTNAME 1024
 extern char myHostname[];
+#if !USE_IPV6
 extern struct in_addr *myAddrs;
+#endif
 extern fd_set rinit;
 extern fd_set winit;
 extern int maxfd;
 extern int debugLineNo;
 extern char *debugFileName;
+extern int line;		/* used by ParseFile */
+extern char *file;		/* used by ParseFile */
+extern SECTION sections[];	/* used by ParseFile */
+extern int isMaster;
 
-extern const char *StrTime PARAMS((time_t *));
+extern const char *StrTime(time_t *);
-extern void Debug PARAMS((int, char *, ...));
+extern void Debug(int, char *, ...);
-extern void Error PARAMS((char *, ...));
+extern void Error(char *, ...);
-extern void Msg PARAMS((char *, ...));
+extern void Msg(char *, ...);
-extern void Verbose PARAMS((char *, ...));
+extern void Verbose(char *, ...);
-extern void SimpleSignal PARAMS((int, RETSIGTYPE(*)(int)));
+extern void SimpleSignal(int, RETSIGTYPE(*)(int));
-extern int GetMaxFiles PARAMS(());
+extern int GetMaxFiles();
-extern char *FmtCtl PARAMS((int, STRING *));
+extern char *FmtCtl(int, STRING *);
-extern void FmtCtlStr PARAMS((char *, int, STRING *));
+extern void FmtCtlStr(char *, int, STRING *);
-extern CONSFILE *FileOpenFD PARAMS((int, enum consFileType));
+extern CONSFILE *FileOpenFD(int, enum consFileType);
-extern CONSFILE *FileOpenPipe PARAMS((int, int));
+extern CONSFILE *FileOpenPipe(int, int);
-extern CONSFILE *FileOpen PARAMS((const char *, int, int));
+extern CONSFILE *FileOpen(const char *, int, int);
-extern int FileClose PARAMS((CONSFILE **));
+extern int FileClose(CONSFILE **);
-extern int FileRead PARAMS((CONSFILE *, void *, int));
+extern int FileRead(CONSFILE *, void *, int);
-extern int FileWrite PARAMS((CONSFILE *, FLAG, char *, int));
+extern int FileWrite(CONSFILE *, FLAG, char *, int);
-extern void FileVWrite PARAMS((CONSFILE *, FLAG, char *, va_list));
+extern void FileVWrite(CONSFILE *, FLAG, char *, va_list);
-extern void FilePrint PARAMS((CONSFILE *, FLAG, char *, ...));
+extern void FilePrint(CONSFILE *, FLAG, char *, ...);
-extern int FileStat PARAMS((CONSFILE *, struct stat *));
+extern int FileStat(CONSFILE *, struct stat *);
-extern int FileSeek PARAMS((CONSFILE *, off_t, int));
+extern int FileSeek(CONSFILE *, off_t, int);
-extern int FileSend PARAMS((CONSFILE *, const void *, size_t, int));
+extern int FileSend(CONSFILE *, const void *, size_t, int);
-extern int FileFDNum PARAMS((CONSFILE *));
+extern int FileFDNum(CONSFILE *);
-extern int FileFDOutNum PARAMS((CONSFILE *));
+extern int FileFDOutNum(CONSFILE *);
-extern int FileUnopen PARAMS((CONSFILE *));
+extern int FileUnopen(CONSFILE *);
-extern void OutOfMem PARAMS(());
+extern void OutOfMem();
-extern char *BuildTmpString PARAMS((const char *));
+extern char *BuildTmpString(const char *);
-extern char *BuildTmpStringChar PARAMS((const char));
+extern char *BuildTmpStringChar(const char);
-extern char *BuildTmpStringPrint PARAMS((char *, ...));
+extern char *BuildTmpStringPrint(char *, ...);
-extern char *BuildString PARAMS((const char *, STRING *));
+extern char *BuildString(const char *, STRING *);
-extern char *BuildStringChar PARAMS((const char, STRING *));
+extern char *BuildStringChar(const char, STRING *);
-extern char *BuildStringPrint PARAMS((STRING *, char *, ...));
+extern char *BuildStringPrint(STRING *, char *, ...);
-extern char *BuildStringN PARAMS((const char *, int, STRING *));
+extern char *BuildStringN(const char *, int, STRING *);
-extern char *ShiftString PARAMS((STRING *, int));
+extern char *ShiftString(STRING *, int);
-extern void InitString PARAMS((STRING *));
+extern void InitString(STRING *);
-extern void DestroyString PARAMS((STRING *));
+extern void DestroyString(STRING *);
-extern void DestroyStrings PARAMS((void));
+extern void DestroyStrings(void);
-extern STRING *AllocString PARAMS((void));
+extern STRING *AllocString(void);
-extern char *ReadLine PARAMS((FILE *, STRING *, int *));
+extern char *ReadLine(FILE *, STRING *, int *);
-extern enum consFileType FileGetType PARAMS((CONSFILE *));
+extern enum consFileType FileGetType(CONSFILE *);
-extern void FileSetType PARAMS((CONSFILE *, enum consFileType));
+extern void FileSetType(CONSFILE *, enum consFileType);
-extern void FileSetQuoteIAC PARAMS((CONSFILE *, FLAG));
+extern void FileSetQuoteIAC(CONSFILE *, FLAG);
-extern FLAG FileSawQuoteSusp PARAMS((CONSFILE *));
+extern FLAG FileSawQuoteSusp(CONSFILE *);
-extern FLAG FileSawQuoteExec PARAMS((CONSFILE *));
+extern FLAG FileSawQuoteExec(CONSFILE *);
-extern FLAG FileSawQuoteAbrt PARAMS((CONSFILE *));
+extern FLAG FileSawQuoteAbrt(CONSFILE *);
-extern FLAG FileSawQuoteGoto PARAMS((CONSFILE *));
+extern FLAG FileSawQuoteGoto(CONSFILE *);
-extern void Bye PARAMS((int));
+extern void Bye(int);
-extern void DestroyDataStructures PARAMS((void));
+extern void DestroyDataStructures(void);
-extern int IsMe PARAMS((char *));
+extern int IsMe(char *);
-extern char *PruneSpace PARAMS((char *));
+extern char *PruneSpace(char *);
-extern int FileCanRead PARAMS((CONSFILE *, fd_set *, fd_set *));
+extern int FileCanRead(CONSFILE *, fd_set *, fd_set *);
-extern int FileCanWrite PARAMS((CONSFILE *, fd_set *, fd_set *));
+extern int FileCanWrite(CONSFILE *, fd_set *, fd_set *);
-extern int FileBufEmpty PARAMS((CONSFILE *));
+extern int FileBufEmpty(CONSFILE *);
-extern int SetFlags PARAMS((int, int, int));
+extern int SetFlags(int, int, int);
-extern char *StrDup PARAMS((char *));
+extern char *StrDup(const char *);
-extern int ParseIACBuf PARAMS((CONSFILE *, void *, int *));
+extern int ParseIACBuf(CONSFILE *, void *, int *);
-extern void *MemMove PARAMS((void *, void *, size_t));
+extern void *MemMove(void *, void *, size_t);
-extern char *StringChar PARAMS((STRING *, int, char));
+extern char *StringChar(STRING *, int, char);
-#if HAVE_OPENSSL
+extern void ParseFile(char *, FILE *, int);
-extern SSL *FileGetSSL PARAMS((CONSFILE *));
+#if !USE_IPV6
-extern void FileSetSSL PARAMS((CONSFILE *, SSL *));
+extern void ProbeInterfaces(in_addr_t);
-extern int SSLVerifyCallback PARAMS((int, X509_STORE_CTX *));
+#endif
-extern int FileSSLAccept PARAMS((CONSFILE *));
+extern void ProcessSubst(SUBST *, char **, char **, char *, char *);
-extern int FileCanSSLAccept PARAMS((CONSFILE *, fd_set *, fd_set *));
+extern char *MyVersion(void);
+extern unsigned int AtoU(char *);
+extern void StrCpy(char *, const char *, unsigned int);
+extern void Sleep(useconds_t);
+#if HAVE_OPENSSL
+extern SSL *FileGetSSL(CONSFILE *);
+extern void FileSetSSL(CONSFILE *, SSL *);
+extern int SSLVerifyCallback(int, X509_STORE_CTX *);
+extern int FileSSLAccept(CONSFILE *);
+extern int FileCanSSLAccept(CONSFILE *, fd_set *, fd_set *);
 #endif

conserver/fallback.c

@@ -1,6 +1,4 @@
 /*
- *  $Id: fallback.c,v 5.60 2003/11/20 13:56:38 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -27,44 +25,38 @@
  * packages, i think things are ok...hopefully it's true!
  */
 static int
-#if PROTOTYPES
 GetPseudoTTY(STRING *slave, int *slaveFD)
-#else
-GetPseudoTTY(slave, slaveFD)
-    STRING *slave;
-    int *slaveFD;
-#endif
 {
 #if HAVE_OPENPTY
     int fd = -1;
     int sfd = -1;
     int opty = 0;
     char *pcName;
-#if HAVE_SIGACTION
+# if HAVE_SIGACTION
     sigset_t oldmask, newmask;
-#else
+# else
-    extern RETSIGTYPE FlagReapVirt PARAMS((int));
+    extern RETSIGTYPE FlagReapVirt(int);
-#endif
+# endif
 
-#if HAVE_SIGACTION
+# if HAVE_SIGACTION
     sigemptyset(&newmask);
     sigaddset(&newmask, SIGCHLD);
     if (sigprocmask(SIG_BLOCK, &newmask, &oldmask) < 0)
 	Error("GetPseudoTTY(): sigprocmask(SIG_BLOCK): %s",
 	      strerror(errno));
-#else
+# else
     SimpleSignal(SIGCHLD, SIG_DFL);
-#endif
+# endif
 
     opty = openpty(&fd, &sfd, NULL, NULL, NULL);
 
-#if HAVE_SIGACTION
+# if HAVE_SIGACTION
     if (sigprocmask(SIG_SETMASK, &oldmask, NULL) < 0)
 	Error("GetPseudoTTY(): sigprocmask(SIG_SETMASK): %s",
 	      strerror(errno));
-#else
+# else
     SimpleSignal(SIGCHLD, FlagReapVirt);
-#endif
+# endif
 
     if (opty != 0) {
 	if (fd >= 0)
@@ -84,15 +76,15 @@ GetPseudoTTY(slave, slaveFD)
     *slaveFD = sfd;
     return fd;
 #else
-#if (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX)
+# if (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX)
     int fd = -1;
     int sfd = -1;
     char *pcName;
-#if HAVE_SIGACTION
+#  if HAVE_SIGACTION
     sigset_t oldmask, newmask;
-#else
+#  else
-    extern RETSIGTYPE FlagReapVirt PARAMS((int));
+    extern RETSIGTYPE FlagReapVirt(int);
-#endif
+#  endif
     int c;
     /* clone list and idea stolen from xemacs distribution */
     static char *clones[] = {
@@ -111,48 +103,48 @@ GetPseudoTTY(slave, slaveFD)
     if (fd < 0)
 	return -1;
 
-#if HAVE_SIGACTION
+#  if HAVE_SIGACTION
     sigemptyset(&newmask);
     sigaddset(&newmask, SIGCHLD);
     if (sigprocmask(SIG_BLOCK, &newmask, &oldmask) < 0)
 	Error("GetPseudoTTY(): sigprocmask(SIG_BLOCK): %s",
 	      strerror(errno));
-#else
+#  else
     SimpleSignal(SIGCHLD, SIG_DFL);
-#endif
+#  endif
 
-#if HAVE_GRANTPT
+#  if HAVE_GRANTPT
     grantpt(fd);		/* change permission of slave */
-#endif
+#  endif
 
-#if HAVE_SIGACTION
+#  if HAVE_SIGACTION
     if (sigprocmask(SIG_SETMASK, &oldmask, NULL) < 0)
 	Error("GetPseudoTTY(): sigprocmask(SIG_SETMASK): %s",
 	      strerror(errno));
-#else
+#  else
     SimpleSignal(SIGCHLD, FlagReapVirt);
-#endif
+#  endif
 
-#if HAVE_UNLOCKPT
+#  if HAVE_UNLOCKPT
     unlockpt(fd);		/* unlock slave */
-#endif
+#  endif
 
-#if defined(_AIX)
+#  if defined(_AIX)
     if ((pcName = ttyname(fd)) == (char *)0) {
 	close(fd);
 	return -1;
     }
-#else
+#  else
-# if HAVE_PTSNAME
+#   if HAVE_PTSNAME
     if ((pcName = ptsname(fd)) == (char *)0) {
 	close(fd);
 	return -1;
     }
-# else
+#   else
     close(fd);
     return -1;
-# endif
+#   endif
-#endif
+#  endif
 
     /* go ahead and open the slave */
     if ((sfd = open(pcName, O_RDWR, 0)) < 0) {
@@ -166,7 +158,7 @@ GetPseudoTTY(slave, slaveFD)
 
     *slaveFD = sfd;
     return fd;
-#else
+# else
     /*
      * Below is the string for finding /dev/ptyXX.  For each architecture we
      * leave some pty's world writable because we don't have source for
@@ -210,7 +202,7 @@ GetPseudoTTY(slave, slaveFD)
 	    continue;
 	}
 
-	if (0 > (fd = open(acMaster, O_RDWR | O_NDELAY, 0))) {
+	if (0 > (fd = open(acMaster, O_RDWR | O_NONBLOCK, 0))) {
 	    continue;
 	}
 	acSlave[iIndex] = *pcOne;
@@ -234,7 +226,7 @@ GetPseudoTTY(slave, slaveFD)
 
     *slaveFD = sfd;
     return fd;
-#endif /* (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX) */
+# endif/* (HAVE_PTSNAME && HAVE_GRANTPT && HAVE_UNLOCKPT) || defined(_AIX) */
 #endif /* HAVE_OPENPTY */
 }
 
@@ -242,13 +234,7 @@ GetPseudoTTY(slave, slaveFD)
  * get a pty using the GetPseudoTTY code above
  */
 int
-#if PROTOTYPES
 FallBack(char **slave, int *sfd)
-#else
-FallBack(slave, sfd)
-    char **slave;
-    int *sfd;
-#endif
 {
     int fd;
     static STRING *pcTSlave = (STRING *)0;

conserver/group.h

@@ -1,6 +1,4 @@
 /*
- *  $Id: group.h,v 5.43 2003/12/20 06:11:53 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -41,7 +39,8 @@
 #define T_REINIT	3
 #define T_AUTOUP	4
 #define T_ROLL		5
-#define T_MAX		6	/* T_MAX *must* be last */
+#define T_INITDELAY	6
+#define T_MAX		7	/* T_MAX *must* be last */
 
 /* return values used by CheckPass()
  */
@@ -63,23 +62,27 @@ typedef struct grpent {		/* group info                           */
 
 extern time_t timers[];
 
-extern void Spawn PARAMS((GRPENT *));
+extern void Spawn(GRPENT *, int);
-extern int CheckPass PARAMS((char *, char *));
+extern int CheckPass(char *, char *, FLAG);
-extern void TagLogfile PARAMS((const CONSENT *, char *, ...));
+extern void TagLogfile(const CONSENT *, char *, ...);
-extern void TagLogfileAct PARAMS((const CONSENT *, char *, ...));
+extern void TagLogfileAct(const CONSENT *, char *, ...);
-extern void DestroyGroup PARAMS((GRPENT *));
+extern void DestroyGroup(GRPENT *);
-extern void DestroyConsent PARAMS((GRPENT *, CONSENT *));
+extern void DestroyConsent(GRPENT *, CONSENT *);
-extern void SendClientsMsg PARAMS((CONSENT *, char *));
+extern void SendClientsMsg(CONSENT *, char *);
-extern void ResetMark PARAMS((void));
+extern void ResetMark(void);
-extern void DestroyConsentUsers PARAMS((CONSENTUSERS **));
+extern void DestroyConsentUsers(CONSENTUSERS **);
-extern CONSENTUSERS *ConsentFindUser PARAMS((CONSENTUSERS *, char *));
+extern CONSENTUSERS *ConsentFindUser(CONSENTUSERS *, char *);
-extern int ConsentUserOk PARAMS((CONSENTUSERS *, char *));
+extern int ConsentUserOk(CONSENTUSERS *, char *);
-extern void DisconnectClient
+extern void DisconnectClient(GRPENT *, CONSCLIENT *, char *, FLAG);
-PARAMS((GRPENT *, CONSCLIENT *, char *, FLAG));
+extern int ClientAccess(CONSENT *, char *);
-extern int ClientAccess PARAMS((CONSENT *, char *));
+extern void DestroyClient(CONSCLIENT *);
-extern void DestroyClient PARAMS((CONSCLIENT *));
+extern int CheckPasswd(CONSCLIENT *, char *, FLAG);
-extern int CheckPasswd PARAMS((CONSCLIENT *, char *));
+extern void DeUtmp(GRPENT *, int);
-extern void ExpandString PARAMS((char *, CONSENT *, short));
+extern void ClientWantsWrite(CONSCLIENT *);
+extern void SendIWaitClientsMsg(CONSENT *, char *);
 #if HAVE_OPENSSL
-extern int AttemptSSL PARAMS((CONSCLIENT *));
+extern int AttemptSSL(CONSCLIENT *);
+#endif
+#if HAVE_GSSAPI
+extern int AttemptGSSAPI(CONSCLIENT *);
 #endif

conserver/main.h

@@ -1,6 +1,4 @@
 /*
- *  $Id: main.h,v 5.51 2003/11/10 15:37:24 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -36,22 +34,32 @@
 
 /* program options and stuff
  */
-extern char rcsid[];
 extern int fAll, fNoinit, fInteractive, fStrip, fDaemon, fReopen,
     fNoautoreup, fSyntaxOnly;
+#if USE_IPV6
+extern struct addrinfo *bindAddr;
+extern struct addrinfo *bindBaseAddr;
+#else
 extern in_addr_t bindAddr;
+extern struct sockaddr_in in_port;
+#endif
 extern unsigned short bindPort, bindBasePort;
 extern char *pcConfig;
 extern int cMaxMemb;
-extern struct sockaddr_in in_port;
-extern int isMaster;
 extern CONFIG *optConf;
 extern CONFIG *config;
 extern CONFIG defConfig;
 extern CONSFILE *unifiedlog;
+#if USE_UNIX_DOMAIN_SOCKETS
+extern char *interface;
+#endif
 #if HAVE_OPENSSL
 extern SSL_CTX *ctx;
 #endif
-extern void ReopenLogfile PARAMS((void));
+#if HAVE_GSSAPI
-extern void ReopenUnifiedlog PARAMS((void));
+extern gss_name_t gss_myname;
-extern void DumpDataStructures PARAMS((void));
+extern gss_cred_id_t gss_mycreds;
+#endif
+extern void ReopenLogfile(void);
+extern void ReopenUnifiedlog(void);
+extern void DumpDataStructures(void);

conserver/master.c

@@ -1,6 +1,4 @@
 /*
- *  $Id: master.c,v 5.124 2003/12/25 19:22:00 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -36,7 +34,6 @@
 #include <access.h>
 #include <master.h>
 #include <readcfg.h>
-#include <version.h>
 #include <main.h>
 
 
@@ -50,12 +47,7 @@ static unsigned long dmallocMarkClientConnection = 0;
 
 
 static RETSIGTYPE
-#if PROTOTYPES
 FlagSawCHLD(int sig)
-#else
-FlagSawCHLD(sig)
-    int sig;
-#endif
 {
     fSawCHLD = 1;
 #if !HAVE_SIGACTION
@@ -67,11 +59,7 @@ FlagSawCHLD(sig)
  * Called when master process receives SIGCHLD
  */
 static void
-#if PROTOTYPES
+FixKids(int msfd)
-FixKids()
-#else
-FixKids()
-#endif
 {
     pid_t pid;
     int UWbuf;
@@ -124,7 +112,7 @@ FixKids()
 
 	    /* this kid kid is dead, start another
 	     */
-	    Spawn(pGE);
+	    Spawn(pGE, msfd);
 	    Verbose("group #%d pid %lu on port %hu", pGE->id,
 		    (unsigned long)pGE->pid, pGE->port);
 	}
@@ -135,12 +123,7 @@ FixKids()
  * Called when master process receives SIGTERM
  */
 static RETSIGTYPE
-#if PROTOTYPES
 FlagQuitIt(int arg)
-#else
-FlagQuitIt(arg)
-    int arg;
-#endif
 {
     fSawQuit = 1;
 #if !HAVE_SIGACTION
@@ -152,12 +135,7 @@ FlagQuitIt(arg)
  * want to do something special on SIGINT at some point.
  */
 static RETSIGTYPE
-#if PROTOTYPES
 FlagSawINT(int arg)
-#else
-FlagSawINT(arg)
-    int arg;
-#endif
 {
     fSawQuit = 1;
 #if !HAVE_SIGACTION
@@ -166,12 +144,7 @@ FlagSawINT(arg)
 }
 
 static RETSIGTYPE
-#if PROTOTYPES
 FlagSawHUP(int arg)
-#else
-FlagSawHUP(arg)
-    int arg;
-#endif
 {
     fSawHUP = 1;
 #if !HAVE_SIGACTION
@@ -180,12 +153,7 @@ FlagSawHUP(arg)
 }
 
 static RETSIGTYPE
-#if PROTOTYPES
 FlagSawUSR2(int arg)
-#else
-FlagSawUSR2(arg)
-    int arg;
-#endif
 {
     fSawUSR2 = 1;
 #if !HAVE_SIGACTION
@@ -194,12 +162,7 @@ FlagSawUSR2(arg)
 }
 
 static RETSIGTYPE
-#if PROTOTYPES
 FlagSawUSR1(int arg)
-#else
-FlagSawUSR1(arg)
-    int arg;
-#endif
 {
     fSawUSR1 = 1;
 #if !HAVE_SIGACTION
@@ -210,12 +173,7 @@ FlagSawUSR1(arg)
 /* Signal all the kids...
  */
 void
-#if PROTOTYPES
 SignalKids(int arg)
-#else
-SignalKids(arg)
-    int arg;
-#endif
 {
     GRPENT *pGE;
 
@@ -232,12 +190,7 @@ SignalKids(arg)
 }
 
 REMOTE *
-#if PROTOTYPES
 FindRemoteConsole(char *args)
-#else
-FindRemoteConsole(args)
-    char *args;
-#endif
 {
     REMOTE *pRC;
     NAMES *name;
@@ -254,13 +207,7 @@ FindRemoteConsole(args)
 }
 
 void
-#if PROTOTYPES
 CommandCall(CONSCLIENT *pCL, char *args)
-#else
-CommandCall(pCL, args)
-    CONSCLIENT *pCL;
-    char *args;
-#endif
 {
     int found;
     REMOTE *pRC, *pRCFound;
@@ -292,7 +239,8 @@ CommandCall(pCL, args)
 	    pRCFound = pRC;
 	}
     }
-    if (found == 0) {		/* Then look for substring matches */
+    if (found == 0 && config->autocomplete == FLAGTRUE) {
+	/* Then look for substring matches */
 	NAMES *name = (NAMES *)0;
 	int foundOne = 0;
 	for (pGE = pGroups; pGE != (GRPENT *)0; pGE = pGE->pGEnext) {
@@ -382,13 +330,7 @@ CommandCall(pCL, args)
 }
 
 void
-#if PROTOTYPES
 DropMasterClient(CONSCLIENT *pCLServing, FLAG force)
-#else
-DropMasterClient(pCLServing, force)
-    CONSCLIENT *pCLServing;
-    FLAG force;
-#endif
 {
     /* if we have data buffered and aren't forced to close,
      * we can't close quite yet
@@ -424,12 +366,7 @@ DropMasterClient(pCLServing, force)
 }
 
 void
-#if PROTOTYPES
 DoNormalRead(CONSCLIENT *pCLServing)
-#else
-DoNormalRead(pCLServing)
-    CONSCLIENT *pCLServing;
-#endif
 {
     char *pcCmd;
     char *pcArgs;
@@ -460,8 +397,9 @@ DoNormalRead(pCLServing)
 
 	    /* process password here...before we corrupt accmd */
 	    if (pCLServing->iState == S_PASSWD) {
-		if (CheckPasswd(pCLServing, pCLServing->accmd->string) !=
+		if (CheckPasswd
-		    AUTH_SUCCESS) {
+		    (pCLServing, pCLServing->accmd->string, FLAGFALSE)
+		    != AUTH_SUCCESS) {
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "invalid password\r\n", -1);
 		    BuildString((char *)0, pCLServing->accmd);
@@ -492,19 +430,25 @@ DoNormalRead(pCLServing)
 		    "login  log in\r\n",
 #if HAVE_OPENSSL
 		    "ssl    start ssl session\r\n",
+#endif
+#if HAVE_GSSAPI
+		    "gssapi log in with gssapi\r\n",
 #endif
 		    (char *)0
 		};
 		static char *apcHelp2[] = {
-		    "call      provide port for given console\r\n",
+		    "call       provide port for given console\r\n",
-		    "exit      disconnect\r\n",
+		    "exit       disconnect\r\n",
-		    "groups    provide ports for group leaders\r\n",
+		    "groups     provide ports for group leaders\r\n",
-		    "help      this help message\r\n",
+		    "help       this help message\r\n",
-		    "master    provide a list of master servers\r\n",
+		    "master     provide a list of master servers\r\n",
-		    "pid       provide pid of master process\r\n",
+		    "newlogs*   close and open all logfiles (SIGUSR2)\r\n",
-		    "quit*     terminate conserver (SIGTERM)\r\n",
+		    "pid        provide pid of master process\r\n",
-		    "restart*  restart conserver (SIGHUP)\r\n",
+		    "quit*      terminate conserver (SIGTERM)\r\n",
-		    "version   provide version info for server\r\n",
+		    "restart*   restart conserver (SIGHUP) - deprecated\r\n",
+		    "reconfig*  reread config file (SIGHUP)\r\n",
+		    "version    provide version info for server\r\n",
+		    "up*        bring up all downed consoles (SIGUSR1)\r\n",
 		    "* = requires admin privileges\r\n",
 		    (char *)0
 		};
@@ -527,6 +471,14 @@ DoNormalRead(pCLServing)
 		    DropMasterClient(pCLServing, FLAGFALSE);
 		    return;
 		}
+#endif
+#if HAVE_GSSAPI
+	    } else if (pCLServing->iState == S_IDENT &&
+		       strcmp(pcCmd, "gssapi") == 0) {
+		FileWrite(pCLServing->fd, FLAGFALSE, "ok\r\n", -1);
+		/* Change the I/O mode right away, we'll do the read
+		 * and accept when the select gets back to us */
+		pCLServing->ioState = INGSSACCEPT;
 #endif
 	    } else if (pCLServing->iState == S_IDENT &&
 		       strcmp(pcCmd, "login") == 0) {
@@ -549,7 +501,8 @@ DoNormalRead(pCLServing)
 			BuildString(pCLServing->peername->string,
 				    pCLServing->acid);
 			if (pCLServing->caccess == 't' ||
-			    CheckPasswd(pCLServing, "") == AUTH_SUCCESS) {
+			    CheckPasswd(pCLServing, "",
+					FLAGTRUE) == AUTH_SUCCESS) {
 			    pCLServing->iState = S_NORMAL;
 			    Verbose("<master> login %s",
 				    pCLServing->acid->string);
@@ -569,7 +522,9 @@ DoNormalRead(pCLServing)
 		int iSep = 1;
 
 		if ((GRPENT *)0 != pGroups) {
-		    struct sockaddr_in lcl;
+#if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
+		    SOCKADDR_STYPE lcl;
+
 		    socklen_t so = sizeof(lcl);
 		    if (-1 ==
 			getsockname(FileFDNum(pCLServing->fd),
@@ -579,22 +534,44 @@ DoNormalRead(pCLServing)
 				  -1);
 			Error("Master(): getsockname(%u): %s",
 			      FileFDNum(pCLServing->fd), strerror(errno));
-			Bye(EX_OSERR);
+			iSep = -1;
-		    }
+		    } else {
-		    FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
+# if USE_IPV6
-			      inet_ntoa(lcl.sin_addr));
+			int error;
-		    iSep = 0;
+			char addr[NI_MAXHOST];
-		}
+			error =
-		if (config->redirect == FLAGTRUE) {
+			    getnameinfo((struct sockaddr *)&lcl, so, addr,
-		    REMOTE *pRC;
+					sizeof(addr), NULL, 0,
-		    for (pRC = pRCUniq; (REMOTE *)0 != pRC;
+					NI_NUMERICHOST);
-			 pRC = pRC->pRCuniq) {
+			if (!error)
-			FilePrint(pCLServing->fd, FLAGTRUE, ":@%s" + iSep,
+			    FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
-				  pRC->rhost);
+				      addr);
+# else
+			FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
+				  inet_ntoa(lcl.sin_addr));
+# endif
 			iSep = 0;
 		    }
+#else
+		    FilePrint(pCLServing->fd, FLAGTRUE, "@0");
+		    iSep = 0;
+#endif
+		}
+		if (iSep >= 0) {
+		    if (config->redirect == FLAGTRUE) {
+			REMOTE *pRC;
+			char *s;
+			for (pRC = pRCUniq; (REMOTE *)0 != pRC;
+			     pRC = pRC->pRCuniq) {
+			    s = ":@%s";
+			    s += iSep;
+			    FilePrint(pCLServing->fd, FLAGTRUE, s,
+				      pRC->rhost);
+			    iSep = 0;
+			}
+		    }
+		    FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", -1);
 		}
-		FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", -1);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "pid") == 0) {
 		FilePrint(pCLServing->fd, FLAGFALSE, "%lu\r\n",
@@ -602,7 +579,7 @@ DoNormalRead(pCLServing)
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "version") == 0) {
 		FilePrint(pCLServing->fd, FLAGFALSE, "version `%s'\r\n",
-			  THIS_VERSION);
+			  MyVersion());
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "quit") == 0) {
 		if (ConsentUserOk(pADList, pCLServing->username->string) ==
@@ -629,16 +606,53 @@ DoNormalRead(pCLServing)
 		} else
 		    FileWrite(pCLServing->fd, FLAGFALSE,
 			      "unauthorized command\r\n", -1);
+	    } else if (pCLServing->iState == S_NORMAL &&
+		       strcmp(pcCmd, "reconfig") == 0) {
+		if (ConsentUserOk(pADList, pCLServing->username->string) ==
+		    1) {
+		    FileWrite(pCLServing->fd, FLAGFALSE,
+			      "ok -- reconfiguring\r\n", -1);
+		    Verbose("reconfig command by %s",
+			    pCLServing->acid->string);
+		    kill(thepid, SIGHUP);
+		} else
+		    FileWrite(pCLServing->fd, FLAGFALSE,
+			      "unauthorized command\r\n", -1);
+	    } else if (pCLServing->iState == S_NORMAL &&
+		       strcmp(pcCmd, "up") == 0) {
+		if (ConsentUserOk(pADList, pCLServing->username->string) ==
+		    1) {
+		    FileWrite(pCLServing->fd, FLAGFALSE,
+			      "ok -- bringing up consoles\r\n", -1);
+		    Verbose("up command by %s", pCLServing->acid->string);
+		    kill(thepid, SIGUSR1);
+		} else
+		    FileWrite(pCLServing->fd, FLAGFALSE,
+			      "unauthorized command\r\n", -1);
+	    } else if (pCLServing->iState == S_NORMAL &&
+		       strcmp(pcCmd, "newlogs") == 0) {
+		if (ConsentUserOk(pADList, pCLServing->username->string) ==
+		    1) {
+		    FileWrite(pCLServing->fd, FLAGFALSE,
+			      "ok -- opening new logfiles\r\n", -1);
+		    Verbose("newlogs command by %s",
+			    pCLServing->acid->string);
+		    kill(thepid, SIGUSR2);
+		} else
+		    FileWrite(pCLServing->fd, FLAGFALSE,
+			      "unauthorized command\r\n", -1);
 	    } else if (pCLServing->iState == S_NORMAL &&
 		       strcmp(pcCmd, "groups") == 0) {
 		int iSep = 1;
 		GRPENT *pGE;
+		char *s;
 
 		for (pGE = pGroups; pGE != (GRPENT *)0; pGE = pGE->pGEnext) {
 		    if (0 == pGE->imembers)
 			continue;
-		    FilePrint(pCLServing->fd, FLAGTRUE, ":%hu" + iSep,
+		    s = ":%hu";
-			      pGE->port);
+		    s += iSep;
+		    FilePrint(pCLServing->fd, FLAGTRUE, s, pGE->port);
 		    iSep = 0;
 		}
 		FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", 2);
@@ -663,18 +677,25 @@ DoNormalRead(pCLServing)
 /* this routine is used by the master console server process		(ksb)
  */
 void
-#if PROTOTYPES
 Master(void)
-#else
-Master()
-#endif
 {
     int cfd;
     int msfd;
     socklen_t so;
     fd_set rmask, wmask;
+#if USE_IPV6 || !USE_UNIX_DOMAIN_SOCKETS
+# if USE_IPV6
+    struct addrinfo *rp;
+# else
     struct sockaddr_in master_port;
-    int true = 1;
+# endif
+# if HAVE_SETSOCKOPT
+    int sock_opt_true = 1;
+# endif
+#else
+    struct sockaddr_un master_port;
+    static STRING *portPath = (STRING *)0;
+#endif
     FILE *fp;
     CONSCLIENT *pCLServing = (CONSCLIENT *)0;
     CONSCLIENT *pCL = (CONSCLIENT *)0;
@@ -691,6 +712,9 @@ Master()
 #endif
 #if defined(SIGPOLL)
     SimpleSignal(SIGPOLL, SIG_IGN);
+#endif
+#if defined(SIGXFSZ)
+    SimpleSignal(SIGXFSZ, SIG_IGN);
 #endif
     SimpleSignal(SIGCHLD, FlagSawCHLD);
     SimpleSignal(SIGTERM, FlagQuitIt);
@@ -710,11 +734,82 @@ Master()
 
     /* set up port for master to listen on
      */
-#if HAVE_MEMSET
+#if !USE_IPV6
+# if HAVE_MEMSET
     memset((void *)&master_port, 0, sizeof(master_port));
-#else
+# else
     bzero((char *)&master_port, sizeof(master_port));
+# endif
 #endif
+
+#if USE_IPV6
+    for (rp = bindAddr; rp != NULL; rp = rp->ai_next) {
+	if ((msfd =
+	     socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol)) < 0)
+	    continue;
+
+# if HAVE_SETSOCKOPT
+	if (setsockopt
+	    (msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&sock_opt_true,
+	     sizeof(sock_opt_true)) < 0)
+	    goto fail;
+# endif
+	if (!SetFlags(msfd, O_NONBLOCK, 0))
+	    goto fail;
+
+	if (bind(msfd, rp->ai_addr, rp->ai_addrlen) == 0)
+	    break;
+
+      fail:
+	close(msfd);
+    }
+
+    if (listen(msfd, SOMAXCONN) < 0) {
+	Error("Master(): listen(): %s", strerror(errno));
+	return;
+    }
+
+    /* save addrlen for accept */
+    so = rp->ai_addrlen;
+#elif USE_UNIX_DOMAIN_SOCKETS
+    master_port.sun_family = AF_UNIX;
+
+    if (portPath == (STRING *)0)
+	portPath = AllocString();
+    BuildStringPrint(portPath, "%s/0", interface);
+    if (portPath->used > sizeof(master_port.sun_path)) {
+	Error("Master(): path to socket too long: %s", portPath->string);
+	return;
+    }
+    StrCpy(master_port.sun_path, portPath->string,
+	   sizeof(master_port.sun_path));
+
+    if ((msfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
+	Error("Master(): socket(AF_UNIX,SOCK_STREAM): %s",
+	      strerror(errno));
+	return;
+    }
+
+    if (!SetFlags(msfd, O_NONBLOCK, 0))
+	return;
+
+    if (bind(msfd, (struct sockaddr *)&master_port, sizeof(master_port)) <
+	0) {
+	Error("Master(): bind(%s): %s", master_port.sun_path,
+	      strerror(errno));
+	return;
+    }
+    if (listen(msfd, SOMAXCONN) < 0) {
+	Error("Master(): listen(%s): %s", master_port.sun_path,
+	      strerror(errno));
+	return;
+    }
+# ifdef TRUST_UDS_CRED
+    /* Allow everyone to connect, but we later auth them via SO_PEERCRED */
+    chmod(master_port.sun_path, 0666);
+# endif
+
+#else
     master_port.sin_family = AF_INET;
     master_port.sin_addr.s_addr = bindAddr;
     master_port.sin_port = htons(bindPort);
@@ -724,15 +819,15 @@ Master()
 	      strerror(errno));
 	return;
     }
-#if  HAVE_SETSOCKOPT
+# if HAVE_SETSOCKOPT
     if (setsockopt
-	(msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&true,
+	(msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&sock_opt_true,
-	 sizeof(true)) < 0) {
+	 sizeof(sock_opt_true)) < 0) {
 	Error("Master(): setsockopt(%u,SO_REUSEADDR): %s", msfd,
 	      strerror(errno));
 	return;
     }
-#endif
+# endif
 
     if (!SetFlags(msfd, O_NONBLOCK, 0))
 	return;
@@ -748,6 +843,7 @@ Master()
 	      strerror(errno));
 	return;
     }
+#endif
 
     fp = fopen(PIDFILE, "w");
     if (fp) {
@@ -765,7 +861,7 @@ Master()
     for (fSawQuit = 0; !fSawQuit; /* can't close here :-( */ ) {
 	if (fSawCHLD) {
 	    fSawCHLD = 0;
-	    FixKids();
+	    FixKids(msfd);
 	}
 	if (fSawHUP) {
 	    fSawHUP = 0;
@@ -773,7 +869,7 @@ Master()
 	    ReopenLogfile();
 	    ReopenUnifiedlog();
 	    SignalKids(SIGHUP);
-	    ReReadCfg(msfd);
+	    ReReadCfg(msfd, msfd);
 	    /* fix up the client descriptors since ReReadCfg() doesn't
 	     * see them like it can in the child processes */
 	    for (pCL = pCLmall; pCL != (CONSCLIENT *)0; pCL = pCL->pCLscan) {
@@ -827,6 +923,17 @@ Master()
 			    pCLServing->ioState = ISNORMAL;
 		    }
 		    break;
+#endif
+#if HAVE_GSSAPI
+		case INGSSACCEPT:
+		    {
+			int r;
+			if ((r = AttemptGSSAPI(pCLServing)) < 0)
+			    DropMasterClient(pCLServing, FLAGFALSE);
+			else if (r == 1)
+			    pCLServing->ioState = ISNORMAL;
+		    }
+		    break;
 #endif
 		case ISNORMAL:
 		    if (FileCanRead(pCLServing->fd, &rmask, &wmask))
@@ -838,8 +945,8 @@ Master()
 			CONDDEBUG((1, "Master(): flushing fd %d",
 				   FileFDNum(pCLServing->fd)));
 			if (FileWrite
-			    (pCLServing->fd, FLAGFALSE, (char *)0,
+			    (pCLServing->fd, FLAGFALSE, (char *)0, 0)
-			     0) < 0) {
+			    < 0) {
 			    DropMasterClient(pCLServing, FLAGTRUE);
 			    break;
 			}
@@ -868,7 +975,9 @@ Master()
 	dmallocMarkClientConnection = dmalloc_mark();
 #endif
 
+#if !USE_IPV6
 	so = sizeof(struct sockaddr_in);
+#endif
 	for (cfd = 0; cfd == 0;) {
 	    cfd =
 		accept(msfd, (struct sockaddr *)&pCLmfree->cnct_port, &so);
@@ -943,6 +1052,9 @@ Master()
     }
 
     close(msfd);
+#if USE_UNIX_DOMAIN_SOCKETS
+    unlink(master_port.sun_path);
+#endif
 
     /* clean up the free list */
     while (pCLmfree != (CONSCLIENT *)0) {

conserver/master.h

@@ -1,6 +1,4 @@
 /*
- *  $Id: master.h,v 5.17 2003/10/03 14:23:37 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -39,5 +37,5 @@
  */
 extern CONSCLIENT *pCLmall;
 extern CONSCLIENT *pCLmfree;
-extern void Master PARAMS((void));
+extern void Master(void);
-extern void SignalKids PARAMS((int));
+extern void SignalKids(int);

conserver/readcfg.h

@@ -1,15 +1,16 @@
 /*
- *  $Id: readcfg.h,v 5.38 2003/11/10 15:37:24 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
  */
 
 #define BREAKDELAYDEFAULT 250
+#define BREAKLISTSIZE 35	/* ('z'-('a'-1))+('9'-('1'-1)) */
+#define BREAKALPHAOFFSET 39	/* ('a'-('9'+1)) */
 
 typedef struct config {
     STRING *name;
+    FLAG autocomplete;
     char defaultaccess;
     FLAG daemonmode;
     char *logfile;
@@ -17,37 +18,58 @@ typedef struct config {
     char *primaryport;
     FLAG redirect;
     FLAG loghostnames;
-    int reinitcheck;
+    int reinitcheck; /* stored in sec, configured in min or sec */
     char *secondaryport;
     char *unifiedlog;
+    int initdelay;
 #if HAVE_SETPROCTITLE
     FLAG setproctitle;
 #endif
 #if HAVE_OPENSSL
     char *sslcredentials;
     FLAG sslrequired;
+    FLAG sslreqclientcert;
+    char *sslcacertificatefile;
 #endif
 } CONFIG;
 
 typedef struct breaks {
     STRING *seq;
     int delay;
+    FLAG confirm;
 } BREAKS;
 
+typedef struct tasks {
+    char id;
+    STRING *cmd;
+    STRING *descr;
+    uid_t uid;
+    gid_t gid;
+    char *subst;
+    FLAG confirm;
+    struct tasks *next;
+} TASKS;
+
 extern NAMES *userList;		/* user list */
 extern GRPENT *pGroups;		/* group info */
 extern REMOTE *pRCList;		/* list of remote consoles we know about */
 extern REMOTE *pRCUniq;		/* list of uniq console servers */
 extern ACCESS *pACList;		/* `who do you love' (or trust) */
 extern CONSENTUSERS *pADList;	/* list of admin users */
-extern BREAKS breakList[9];	/* list of break sequences */
+extern CONSENTUSERS *pLUList;	/* list of limited users */
+extern BREAKS breakList[BREAKLISTSIZE];	/* list of break sequences */
+extern TASKS *taskList;		/* list of tasks */
+extern SUBST *taskSubst;	/* substitution function data for tasks */
 extern CONFIG *pConfig;		/* settings seen by config parser */
+extern SUBST *substData;	/* substitution function data */
 
-extern void ReadCfg PARAMS((char *, FILE *));
+extern void ReadCfg(char *, FILE *);
-extern void ReReadCfg PARAMS((int));
+extern void ReReadCfg(int, int);
-extern void DestroyBreakList PARAMS((void));
+extern void DestroyBreakList(void);
-extern void DestroyUserList PARAMS((void));
+extern void InitBreakList(void);
-extern void DestroyConfig PARAMS((CONFIG *));
+extern void DestroyTaskList(void);
-extern NAMES *FindUserList PARAMS((char *));
+extern void DestroyUserList(void);
-extern NAMES *AddUserList PARAMS((char *));
+extern void DestroyConfig(CONFIG *);
-extern CONSENT *FindConsoleName PARAMS((CONSENT *, char *));
+extern NAMES *FindUserList(char *);
+extern NAMES *AddUserList(char *);
+extern CONSENT *FindConsoleName(CONSENT *, char *);

conserver/version.h

@@ -1,6 +1,4 @@
 /*
- *  $Id: version.h,v 1.59 2004/03/16 04:17:31 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -14,4 +12,9 @@
 @(#) Copyright 2000 conserver.com.\n\
 All rights reserved.\n"
 
-#define THIS_VERSION "conserver.com version 8.1.3"
+#define VERSION_DATE	"2022/07/07"
+#define VERSION_MAJOR	8
+#define VERSION_MINOR	2
+#define VERSION_REV	7
+#define VERSION_TEXT	"conserver.com version"
+#define VERSION_UINT	(VERSION_MAJOR * 1000000 + VERSION_MINOR * 1000 + VERSION_REV)

console/Makefile.in

@@ -1,5 +1,7 @@
 ### Path settings
+datarootdir = @datarootdir@
 srcdir = @srcdir@
+VPATH = @srcdir@
 top_srcdir = @top_srcdir@
 prefix = @prefix@
 exec_prefix = @exec_prefix@
@@ -25,11 +27,11 @@ LIBS	= @LIBS@
 
 ### Makefile rules - no user-servicable parts below
 
-CONSOLE_OBJS = console.o getpassword.o ../conserver/cutil.o
+CONSOLE_OBJS = console.o getpassword.o readconf.o ../conserver/cutil.o
 CONSOLE_HDRS = ../config.h $(top_srcdir)/compat.h \
 	       $(top_srcdir)/conserver/cutil.h \
 	       $(top_srcdir)/conserver/version.h \
-	       $(srcdir)/getpassword.h
+	       $(srcdir)/getpassword.h $(srcdir)/readconf.h
 ALL = console
 
 
@@ -56,6 +58,6 @@ install: console
 	$(MKDIR) $(DESTDIR)$(bindir)
 	$(INSTALL_PROGRAM) console $(DESTDIR)$(bindir)
 	$(MKDIR) $(DESTDIR)$(mandir)/man1
-	$(INSTALL) console.man $(DESTDIR)$(mandir)/man1/console.1
+	$(INSTALL) -m 0644 console.man $(DESTDIR)$(mandir)/man1/console.1
 
 .PHONY: clean distclean install

console/console.man.in

@@ -1,45 +1,44 @@
-.\" $Id: console.man,v 1.45 2004/03/20 14:40:42 bryan Exp $
+.TH CONSOLE 1 "@CONSERVER_DATE@" "conserver-@CONSERVER_VERSION@" "conserver"
-.TH CONSOLE 1 "2004/03/20" "conserver-8.1.3" "conserver"
 .SH NAME
 console \- console server client program
 .SH SYNOPSIS
 .B console
-.RB [ \-aAEfFsS ]
+.RI [ generic-args ]
-.RB [ \-7Dv ]
+.RB [ \-aAfFsS ]
-.RB [ \-c
-.IR cred ]
-.BR [ \-M
-.IR mach ]
-.BR [ \-p
-.IR port ]
 .BR [ \-e
 .IR esc ]
-.BR [ \-l
-.IR user ]
 .I console
 .br
 .B console
-.RB [ \-hiIPrRuVwWx ]
+.RI [ generic-args ]
-.RB [ \-7Dv ]
+.RB [ \-iIuwWx ]
-.RB [ \-M
+.RI [ console ]
-.IR mach ]
-.RB [ \-p
-.IR port ]
-.RB [ \-d
-.RI [ user ][\fB@\fP console ]]
-.RB [ \- [ bB ]
-.IR message ]
-.RB [ \-t
-.RI [ user ][\fB@\fP console ]
-.IR message ]
 .br
 .B console
-.RB [ \-qQ ]
+.RI [ generic-args ]
-.RB [ \-7Dv ]
+.RB [ \-hPqQrRV ]
-.RB [ \-M
+.RB [ \- [ bB ]
-.IR mach ]
+.IR message ]
-.RB [ \-p
+.RB [ \-d
+.RI [ user ][\f3@\fP console ]]
+.RB [ \-t
+.RI [ user ][\f3@\fP console ]
+.IR message ]
+.RB [ \- [ zZ ]
+.IR cmd ]
+.PP
+.IR generic-args :
+.RB [ \-7DEknUv ]
+.RB [ \-c
+.IR cred ]
+.RB [ \-C
+.IR config ]
+.BR [ \-M
+.IR master ]
+.BR [ \-p
 .IR port ]
+.BR [ \-l
+.IR user ]
 .SH DESCRIPTION
 .B Console
 is used to manipulate console terminals remotely or to poll running
@@ -51,7 +50,8 @@ In the first form above,
 asks the user's password before
 granting interactive access to a console (on a non-trusted system),
 since such a session may provide single-user access.
-Only as much of the console name as is required to
+If the server's autocompletion feature is enabled,
+only as much of the console name as is required to
 identify it uniquely to the server is required.
 .PP
 For non-interactive options,
@@ -116,6 +116,10 @@ to users on the primary server.
 Load an SSL certificate and key from the PEM encoded file
 .IR cred .
 .TP
+.BI \-C config
+Use the per-user configuration file
+.IR config .
+.TP
 .B \-d
 Disconnect the users specified by
 .IR user @ console .
@@ -150,9 +154,13 @@ The default value is
 .B \-E
 If encryption has been built into the code
 .RB ( --with-openssl ),
-encrypted client connections are a requirement.
+encrypted client connections are, by default, a requirement.
-This option allows the client to connect to a console
+This option disables any attempt at creating an
-over a non-encrypted connection.
+encrypted connection.
+If you'd like to use encrypted connections when your server
+supports it, but fallback to non-encrypted otherwise, the
+.B \-U
+option is what you want.
 .TP
 .B \-f
 Same as
@@ -163,13 +171,17 @@ except it will force any existing connection into spy mode.
 Display a brief help message.
 .TP
 .B \-i
-Display information in a machine-parseable format (see below for the details).
+Display status information in a machine-parseable format (see below for the details).
 .TP
 .B \-I
 Same as
 .B \-i
 but just acts on the primary server.
 .TP
+.B \-k
+Abort the connection if the console is not in the `up' state immediately
+upon connecting.
+.TP
 .BI \-l user
 Set the login name used for authentication to
 .IR user .
@@ -179,19 +191,34 @@ uses $USER if its uid matches the user's real uid,
 or $LOGNAME if its uid matches the user's real uid,
 or else the name associated with the user's real uid.
 .TP
-.BI \-M mach
+.BI \-M master
 The
 .B console
 client program polls
-.I mach
+.I master
 as the primary server,
 rather than the default set at compile time (typically
 .RB `` console '').
 The default
-.I mach
+.I master
 may be changed at compile time using the
 .B --with-master
 option.
+If
+.B --with-uds
+is used to enable Unix domain sockets, however, this option points
+.B console
+to the directory which holds those sockets.
+The default
+.I master
+directory
+.RB (`` /tmp/conserver '')
+may be changed at compile time using the
+.B --with-uds
+option.
+.TP
+.BI \-n
+Do not read the system-wide configuration file.
 .TP
 .BI \-p port
 Set the port to connect to.
@@ -203,6 +230,9 @@ may be changed at compile time
 using the
 .B --with-port
 option.
+If the
+.B --with-uds
+option was used, this option is ignored.
 .TP
 .B \-P
 Display the pid of the master daemon process on each server.
@@ -264,6 +294,18 @@ and attached users
 .RI ( user @ host
 if attached read-write, `<spies>' if only users in spy mode, or `<none>').
 .TP
+.B \-U
+If encryption has been built into the code
+.RB ( --with-openssl ),
+encrypted client connections are, by default, a requirement.
+This option allows the client to attempt an encrypted connection
+but fall back to a non-encrypted connection if the server doesn't
+support encryption.
+If the encryption handshake is failing, disabling encryption on the
+client with the
+.B \-E
+option is probably what you want.
+.TP
 .B \-v
 Be more verbose when building the connection(s).
 Use this option in combination with any of `show' options (below)
@@ -289,6 +331,72 @@ but just acts on the primary server.
 .TP
 .B \-x
 Show a list of consoles and devices.
+.TP
+.BI \-z cmd
+Sends a command
+.RI ( cmd )
+to each server and displays the result.
+The valid commands are:
+.RS
+.sp
+.PD 0
+.TP 12
+.B bringup
+Try to connect all consoles marked as down (this is equivalent
+to sending the server a SIGUSR1)
+.TP
+.B SIGUSR1
+Same as
+.B bringup
+.TP
+.B help
+Displays the help message
+.TP
+.B pid
+Returns the pid of the server (this is equivalent to
+.BR \-P )
+.TP
+.B quit
+Instructs the server to shut down (this is equivalent to
+.B \-q
+or sending the server a SIGTERM)
+.TP
+.B SIGTERM
+Same as
+.B quit
+.TP
+.B reconfig
+Instructs the server to reload the configuration file, then
+perform the actions of
+.B reopen
+(this is equivalent to sending the server a SIGHUP)
+.TP
+.B SIGHUP
+Same as
+.B reconfig
+.TP
+.B reopen
+Instructs the server to reopen all logfiles, then
+perform the actions of
+.B bringup
+(this is equivalent to sending the server a SIGUSR2)
+.TP
+.B SIGUSR2
+Same as
+.B reopen
+.TP
+.B version
+Returns the version of the server (this is equivalent to
+.BR \-V )
+.PD
+.RE
+.TP
+.BI \-Z cmd
+Same as
+.B \-z
+but just sends
+.I cmd
+to the primary server.
 .PP
 The
 .BR \-A ,
@@ -297,12 +405,19 @@ The
 options have the same effect as their lower-case variants.
 In addition, they each request the last 20 lines of the console output after
 making the connection (as if
-.RB ` ^Ecr '
+.RB `` ^Ecr ''
 were typed).
 .PP
 The
+.BR \-i ,
+.BR \-u ,
+.BR \-w ", and"
+.B \-x
+options can be given a console name, which will limit their output to that console.
+.PP
+The
 .B \-i
-option outputs information regarding each console in 15 colon-separated fields.
+option outputs status information regarding each console in 15 colon-separated fields.
 .TP
 .I name
 The name of the console.
@@ -314,7 +429,8 @@ the console.
 .I type
 The type of console.
 Values will be a `/' for a local device, `|' for
-a command, or `!' for a remote port.
+a command, `!' for a remote port, `%' for a Unix domain socket,
+and `#' for a noop console.
 .TP
 .I console-details
 The details regarding the console.
@@ -325,6 +441,9 @@ Commands will have values of the command, the command's pid, the
 pseudo-tty, and file descriptor for the pseudo-tty.
 Remote ports will have values of the remote hostname, remote port number,
 ``raw'' or ``telnet'' protocol, and file descriptor for the socket connection.
+Unix domain sockets will have the path to the socket and the file
+descriptor for the socket connection.
+Noop consoles will have nothing.
 .TP
 .I users-list
 The details of each user connected to the console.
@@ -349,7 +468,7 @@ that the server can open the file for read, but not write.
 The details regarding the logging for the console.
 The comma-separated
 values will be the logfile, ``log'' or ``nolog'' (if logging is on
-or not - toggled via ^EcL), ``act'' or ``noact'' (if activity logging is
+or not - toggled via ``^EcL''), ``act'' or ``noact'' (if activity logging is
 enabled or not - the `a' timestamp option), the timestamp interval, and
 the file descriptor of the logfile.
 .TP
@@ -375,6 +494,321 @@ The idletimeout configuration option for the console.
 .TP
 .I idlestring
 The idlestring configuration option for the console.
+.SH CONFIGURATION
+.B Console
+reads configuration information from the system-wide configuration file
+.RB ( console.cf ),
+then the per-user configuration file
+.RB ( .consolerc ),
+and then applies command-line arguments.
+Each configuration location can override the previous.
+The same happens when parsing an individual file - the later entries
+always override the earlier entries.
+Because of that, you should put ``global'' defaults first and
+more specific defaults second.
+.PP
+The configuration file is read using the same parser as 
+.BR conserver.cf (5),
+and you should check that manpage for parser details.
+.B Console
+recognizes the following configuration blocks.
+.TP
+\f3config\fP \f2hostname\fP|\f2ipaddr\fP
+.br
+Define a configuration block for the client host named
+.I hostname
+or using the address
+.IR ipaddr .
+If the value of ``*'' is used, the configuration block will be applied to
+all client hosts.
+.RS
+.TP
+\f3escape\fP \f2esc\fP
+.br
+Set the escape sequence (see the
+.B \-e
+command-line flag).
+.TP
+\f3master\fP \f2master\fP
+.br
+Set the default master to
+.I master
+(see the
+.B \-M
+command-line flag).
+.TP
+\f3playback\fP \f2num\fP|\f3""\fP
+.br
+Override the playback length for the
+.B p
+escape command to
+.I num
+lines (if the server supports it).
+Using the special value of ``0'' will cause the client to use the number
+of lines of the current terminal (if that can be determined).
+If the null string (``""'') is used, the playback length will not be overridden.
+.TP
+\f3port\fP \f2port\fP
+.br
+Set the default port to
+.I port
+(see the
+.B \-p
+command-line flag).
+.TP
+\f3replay\fP \f2num\fP|\f3""\fP
+.br
+Override the replay length for the
+.B r
+escape command to
+.I num
+lines (if the server supports it).
+Using the special value of ``0'' will cause the client to use the number
+of lines of the current terminal (if that can be determined).
+If the null string (``""'') is used, the replay length will not be overridden.
+.TP
+\f3sslcacertificatefile\fP \f2filename\fP
+.br
+Load the valid CA certificates for the
+.SM SSL
+connection from the PEM encoded file.
+.TP
+\f3sslcacertificatepath\fP \f2directory\fP
+.br
+Load the valid CA certificates for the
+.SM SSL
+connection from the PEM encoded files in the directory.
+.TP
+\f3sslcredentials\fP \f2filename\fP
+.br
+Set the
+.SM SSL
+credentials file location (see the
+.B \-c
+command-line flag).
+.TP
+\f3sslenabled\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
+.br
+Set whether or not encryption is attempted when talking to servers (see the
+.B \-E
+command-line flag).
+.TP
+\f3sslrequired\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
+.br
+Set whether or not encryption is required when talking to servers (see the
+.B \-U
+command-line flag).
+.TP
+\f3striphigh\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
+.br
+Set whether or not to strip the high bit off all data received
+(see the
+.B \-7
+command-line flag).
+.TP
+\f3username\fP \f2user\fP
+.br
+Set the username passed to the server to
+.I user
+(see the
+.B \-l
+command-line flag).
+.RE
+.TP
+\f3terminal\fP \f2type\fP
+.br
+Define a configuration block when using a terminal of type
+.IR type .
+If the value of ``*'' is used, the configuration block will be applied to
+all terminal types.
+.RS
+.TP
+\f3attach\fP \f2string\fP|\f3""\fP
+.br
+Set a
+.I string
+to print when successfully attached to a console.
+Character substitions will be performed based on the
+.B attachsubst
+value and occur
+.I before
+interpretation of the special characters below.
+If the null string (``\f3""\fP'') is used, no string will be printed.
+.I string
+is a simple character string with the exception of `\e'
+and `^':
+.RS
+.RS
+.sp
+.PD 0
+.TP 6
+.B \ea
+alert
+.TP
+.B \eb
+backspace
+.TP
+.B \ef
+form-feed
+.TP
+.B \en
+newline
+.TP
+.B \er
+carriage-return
+.TP
+.B \et
+tab
+.TP
+.B \ev
+vertical-tab
+.TP
+.B \e\e
+backslash
+.TP
+.B \e^
+circumflex
+.TP
+.BI \e ooo
+octal representation of a character (where
+.I ooo
+is one to three octal digits)
+.TP
+.BI \e c
+character
+.I c
+.TP
+.B ^?
+delete
+.TP
+.BI ^ c
+control character
+.RI ( c
+is ``and''ed with 0x1f)
+.PD
+.RE
+.RE
+.IP
+An interesting use of
+.B attach
+and
+.B attachsubst
+would be:
+.RS
+.IP
+.ft CR
+.nf
+terminal xterm {
+    attach "^[]0;conserver: U@C^G";
+    attachsubst U=us,C=cs;
+}
+.fi
+.ft
+.RE
+.TP
+\f3attachsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
+.br
+Perform character substitutions on the
+.B attach
+value.
+A series of replacements can be defined by specifying a
+comma-separated list of
+\f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP
+sequences where
+.I c
+is any printable character,
+.I t
+specifies the replacement value,
+.I n
+is a field length (optional),
+and
+.I f
+is the format string.
+.I t
+can be one of the characters below, catagorized as a string replacement
+or a numeric replacement, which dictates the use of the
+.I n
+and
+.I f
+fields.
+.RS
+.RS
+.sp
+.PD 0
+.TP
+String Replacement
+.TP
+.B u
+username
+.TP
+.B c
+console name
+.sp
+.PP
+Numeric Replacement
+.TP
+none available (yet)
+.PD
+.RE
+.RE
+.IP
+For string replacements, if the replacement isn't at least
+.I n
+characters, it will be padded with space characters on the left.
+.I f
+must be `s'.
+For numeric replacements, the value will be formatted to at least
+.I n
+characters, padded with 0s if
+.I n
+begins with a 0, and space characters otherwise.
+.I f
+must be either `d', `x' or `X', specifying a decimal, lower-case
+hexadecimal, or an uppercase hexadecimal conversion.
+If the null string (``\f3""\fP'') is used, no replacements will be done.
+.TP
+\f3detach\fP \f2string\fP|\f3""\fP
+.br
+Set a
+.I string
+to print once detached from a console.
+Character substitions will be performed based on the
+.B detachsubst
+value.
+See the
+.B attach
+option for an explanation of
+.IR string .
+If the null string (``\f3""\fP'') is used, no string will be printed.
+.TP
+\f3detachsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
+.br
+Perform character substitutions on the
+.B detach
+value.
+See the
+.B attachsubst
+option for an explanation of the format string.
+.RE
+.PP
+A simple configuration to set a new default escape sequence and override
+the master location would be:
+.IP
+.ft CR
+.nf
+# override options for all hosts
+config * {
+    master localhost;
+    escape ^Ee;
+}
+# set things more specific to host1
+# note: if the entries were reversed, host1
+# would also use localhost.
+config host1 {
+    master console1;
+}
+.fi
+.ft
 .SH "ESCAPE SEQUENCES"
 The connection can be controlled by a two-character escape sequence, followed
 by a command.
@@ -426,7 +860,7 @@ list the break sequences available
 .B l0
 send the break sequence associated with this console
 .TP
-.B l1-9
+.B l1-9a-z
 send the specific break sequence
 .TP
 .B m
@@ -437,13 +871,19 @@ close (if open) and reopen the line (to clear errors (silo overflows))
 and the log file
 .TP
 .B p
-replay the last 60 lines of output
+playback the last 60 lines of output
+.TP
+.B P
+set number of playback lines
 .TP
 .B r
 replay the last 20 lines of output
 .TP
+.B R
+set number of replay lines
+.TP
 .B s
-switch to spy mode (read-only)
+switch to spy mode (read only)
 .TP
 .B u
 show status of hosts/users in this group
@@ -460,6 +900,9 @@ examine this group's devices and modes
 .B z
 suspend this connection
 .TP
+.B !
+invoke task
+.TP
 .B |
 attach a local command to the console
 .TP
@@ -481,7 +924,7 @@ specify three octal digits)
 If any other character is hit after the escape sequence, all three characters
 will be discarded.
 Note that a line break or a down command
-can only be sent from a full two-way attachment.
+can only be sent from a read-write connection.
 To send the escape sequence through the connection one must redefine
 the outer escape sequence, or use
 .BI ^Ec\e ooo
@@ -492,13 +935,17 @@ In the
 .B \-u
 output, the login ``<none>'' indicates no one is
 viewing that console, and the login ``<spies>'' indicates that
-no one has a full two-way attachment.
+no one has a read-write connection (only read-only).
-When no one is attached to
+.PP
-a console its output is cloned to the stdout of the server process if
+When running a local command via
-.B conserver
+.RB `` ^Ec| '',
-was started with the
+you can type 
-.B \-u
+.RB ` ^C '
-option.
+to send the command a SIGHUP,
+.RB ` ^\e '
+to send the command a SIGKILL, and
+.RB ` o '
+to toggle the display of the console data.
 .SH EXAMPLES
 .TP 15
 console \-u
@@ -550,6 +997,22 @@ or number of days is displayed.
 console \-e "^[1" lv426
 Requests a connection to the host ``lv426'' with the escape characters
 set to ``escape one''.
+.SH FILES
+.PP
+The following default file locations may be overridden
+at compile time or by the command-line options described above.
+Run
+.B console \-V
+to see the defaults set at compile time.
+.PP
+.PD 0
+.TP 25
+.B /etc/console.cf
+system-wide configuration file
+.TP
+.B \s-1$HOME\s0/.consolerc
+per-user configuration file
+.PD
 .SH BUGS
 It is possible to create a loop of console connections, with ugly results.
 Never run

console/getpassword.c

@@ -1,6 +1,4 @@
 /*
- *  $Id: getpassword.c,v 1.8 2003/11/20 13:56:41 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
@@ -31,12 +29,7 @@ static STRING *pass = (STRING *)0;
  * we really use cbreak at PUCC because we need even parity...
  */
 static void
-#if PROTOTYPES
 C2Raw(int fd)
-#else
-C2Raw(fd)
-    int fd;
-#endif
 {
     struct termios n_tios;
 
@@ -64,12 +57,7 @@ C2Raw(fd)
  * put the tty back as it was, however that was
  */
 static void
-#if PROTOTYPES
 C2Normal(int fd)
-#else
-C2Normal(fd)
-    int fd;
-#endif
 {
     if (!screwy)
 	return;
@@ -78,12 +66,7 @@ C2Normal(fd)
 }
 
 char *
-#if PROTOTYPES
 GetPassword(char *prompt)
-#else
-GetPassword(prompt)
-    char *prompt;
-#endif
 {
     int fd;
     int nc;
@@ -140,11 +123,7 @@ GetPassword(prompt)
 }
 
 void
-#if PROTOTYPES
 ClearPassword(void)
-#else
-ClearPassword()
-#endif
 {
     if (pass == (STRING *)0 || pass->allocated == 0)
 	return;

console/getpassword.h

@@ -1,10 +1,8 @@
 /*
- *  $Id: getpassword.h,v 1.3 2003/09/11 09:10:58 bryan Exp $
- *
  *  Copyright conserver.com, 2000
  *
  *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
  */
 
-extern char *GetPassword PARAMS((char *));
+extern char *GetPassword(char *);
-extern void *ClearPassword PARAMS((void));
+extern void *ClearPassword(void);

console/readconf.c

@@ -0,0 +1,726 @@
+/*
+ *  Copyright conserver.com, 2000
+ *
+ *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
+ */
+
+#include <compat.h>
+
+#include <cutil.h>
+#include <readconf.h>
+
+CONFIG *parserConfigTemp = (CONFIG *)0;
+CONFIG *parserConfigDefault = (CONFIG *)0;
+CONFIG *pConfig = (CONFIG *)0;
+TERM *parserTermTemp = (TERM *)0;
+TERM *parserTermDefault = (TERM *)0;
+TERM *pTerm = (TERM *)0;
+
+void
+DestroyConfig(CONFIG *c)
+{
+    if (c == (CONFIG *)0)
+	return;
+    if (c->username != (char *)0)
+	free(c->username);
+    if (c->master != (char *)0)
+	free(c->master);
+    if (c->port != (char *)0)
+	free(c->port);
+    if (c->escape != (char *)0)
+	free(c->escape);
+#if HAVE_OPENSSL
+    if (c->sslcredentials != (char *)0)
+	free(c->sslcredentials);
+    if (c->sslcacertificatefile != (char *)0)
+	free(c->sslcacertificatefile);
+    if (c->sslcacertificatepath != (char *)0)
+	free(c->sslcacertificatepath);
+#endif
+    free(c);
+}
+
+void
+ApplyConfigDefault(CONFIG *c)
+{
+    if (parserConfigDefault == (CONFIG *)0)
+	return;
+
+    if (parserConfigDefault->username != (char *)0) {
+	if (c->username != (char *)0)
+	    free(c->username);
+	if ((c->username =
+	     StrDup(parserConfigDefault->username)) == (char *)0)
+	    OutOfMem();
+    }
+    if (parserConfigDefault->master != (char *)0) {
+	if (c->master != (char *)0)
+	    free(c->master);
+	if ((c->master = StrDup(parserConfigDefault->master)) == (char *)0)
+	    OutOfMem();
+    }
+    if (parserConfigDefault->port != (char *)0) {
+	if (c->port != (char *)0)
+	    free(c->port);
+	if ((c->port = StrDup(parserConfigDefault->port)) == (char *)0)
+	    OutOfMem();
+    }
+    if (parserConfigDefault->escape != (char *)0) {
+	if (c->escape != (char *)0)
+	    free(c->escape);
+	if ((c->escape = StrDup(parserConfigDefault->escape)) == (char *)0)
+	    OutOfMem();
+    }
+    if (parserConfigDefault->striphigh != FLAGUNKNOWN)
+	c->striphigh = parserConfigDefault->striphigh;
+    if (parserConfigDefault->replay != FLAGUNKNOWN)
+	c->replay = parserConfigDefault->replay;
+    if (parserConfigDefault->playback != FLAGUNKNOWN)
+	c->playback = parserConfigDefault->playback;
+#if HAVE_OPENSSL
+    if (parserConfigDefault->sslcredentials != (char *)0) {
+	if (c->sslcredentials != (char *)0)
+	    free(c->sslcredentials);
+	if ((c->sslcredentials =
+	     StrDup(parserConfigDefault->sslcredentials)) == (char *)0)
+	    OutOfMem();
+    }
+    if (parserConfigDefault->sslcacertificatefile != (char *)0) {
+	if (c->sslcacertificatefile != (char *)0)
+	    free(c->sslcacertificatefile);
+	if ((c->sslcacertificatefile =
+	     StrDup(parserConfigDefault->sslcacertificatefile)) ==
+	    (char *)0)
+	    OutOfMem();
+    }
+    if (parserConfigDefault->sslcacertificatepath != (char *)0) {
+	if (c->sslcacertificatepath != (char *)0)
+	    free(c->sslcacertificatepath);
+	if ((c->sslcacertificatepath =
+	     StrDup(parserConfigDefault->sslcacertificatepath)) ==
+	    (char *)0)
+	    OutOfMem();
+    }
+    if (parserConfigDefault->sslrequired != FLAGUNKNOWN)
+	c->sslrequired = parserConfigDefault->sslrequired;
+    if (parserConfigDefault->sslenabled != FLAGUNKNOWN)
+	c->sslenabled = parserConfigDefault->sslenabled;
+#endif
+}
+
+void
+ConfigBegin(char *id)
+{
+    CONDDEBUG((1, "ConfigBegin(%s) [%s:%d]", id, file, line));
+    if (id == (char *)0 || id[0] == '\000') {
+	Error("empty config name [%s:%d]", file, line);
+	return;
+    }
+    if (parserConfigTemp != (CONFIG *)0)
+	DestroyConfig(parserConfigTemp);
+    if ((parserConfigTemp = (CONFIG *)calloc(1, sizeof(CONFIG)))
+	== (CONFIG *)0)
+	OutOfMem();
+    ApplyConfigDefault(parserConfigTemp);
+    parserConfigTemp->name = AllocString();
+    BuildString(id, parserConfigTemp->name);
+}
+
+void
+ConfigEnd(void)
+{
+    CONDDEBUG((1, "ConfigEnd() [%s:%d]", file, line));
+
+    if (parserConfigTemp == (CONFIG *)0)
+	return;
+
+    if (parserConfigTemp->name->used > 1) {
+	if ((parserConfigTemp->name->string[0] == '*' &&
+	     parserConfigTemp->name->string[1] == '\000') ||
+	    IsMe(parserConfigTemp->name->string)) {
+	    DestroyConfig(parserConfigDefault);
+	    parserConfigDefault = parserConfigTemp;
+	    parserConfigTemp = (CONFIG *)0;
+	}
+    }
+
+    DestroyConfig(parserConfigTemp);
+    parserConfigTemp = (CONFIG *)0;
+}
+
+void
+ConfigAbort(void)
+{
+    CONDDEBUG((1, "ConfigAbort() [%s:%d]", file, line));
+    if (parserConfigTemp == (CONFIG *)0)
+	return;
+
+    DestroyConfig(parserConfigTemp);
+    parserConfigTemp = (CONFIG *)0;
+}
+
+void
+ConfigDestroy(void)
+{
+    CONDDEBUG((1, "ConfigDestroy() [%s:%d]", file, line));
+
+    if (parserConfigTemp != (CONFIG *)0) {
+	DestroyConfig(parserConfigTemp);
+	parserConfigTemp = (CONFIG *)0;
+    }
+
+    if (parserConfigDefault != (CONFIG *)0) {
+	DestroyConfig(pConfig);
+	pConfig = parserConfigDefault;
+	parserConfigDefault = (CONFIG *)0;
+    }
+}
+
+void
+DestroyTerminal(TERM *t)
+{
+    if (t == (TERM *)0)
+	return;
+    if (t->attach != (char *)0)
+	free(t->attach);
+    if (t->attachsubst != (char *)0)
+	free(t->attachsubst);
+    if (t->detach != (char *)0)
+	free(t->detach);
+    if (t->detachsubst != (char *)0)
+	free(t->detachsubst);
+    free(t);
+}
+
+void
+ApplyTermDefault(TERM *t)
+{
+    if (parserTermDefault == (TERM *)0)
+	return;
+
+    if (parserTermDefault->attach != (char *)0) {
+	if (t->attach != (char *)0)
+	    free(t->attach);
+	if ((t->attach = StrDup(parserTermDefault->attach)) == (char *)0)
+	    OutOfMem();
+    }
+    if (parserTermDefault->attachsubst != (char *)0) {
+	if (t->attachsubst != (char *)0)
+	    free(t->attachsubst);
+	if ((t->attachsubst =
+	     StrDup(parserTermDefault->attachsubst)) == (char *)0)
+	    OutOfMem();
+    }
+    if (parserTermDefault->detach != (char *)0) {
+	if (t->detach != (char *)0)
+	    free(t->detach);
+	if ((t->detach = StrDup(parserTermDefault->detach)) == (char *)0)
+	    OutOfMem();
+    }
+    if (parserTermDefault->detachsubst != (char *)0) {
+	if (t->detachsubst != (char *)0)
+	    free(t->detachsubst);
+	if ((t->detachsubst =
+	     StrDup(parserTermDefault->detachsubst)) == (char *)0)
+	    OutOfMem();
+    }
+}
+
+void
+TerminalBegin(char *id)
+{
+    CONDDEBUG((1, "TerminalBegin(%s) [%s:%d]", id, file, line));
+    if (id == (char *)0 || id[0] == '\000') {
+	Error("empty terminal name [%s:%d]", file, line);
+	return;
+    }
+    if (parserTermTemp != (TERM *)0)
+	DestroyTerminal(parserTermTemp);
+    if ((parserTermTemp = (TERM *)calloc(1, sizeof(TERM)))
+	== (TERM *)0)
+	OutOfMem();
+    ApplyTermDefault(parserTermTemp);
+    parserTermTemp->name = AllocString();
+    BuildString(id, parserTermTemp->name);
+}
+
+void
+TerminalEnd(void)
+{
+    static char *term = (char *)0;
+
+    CONDDEBUG((1, "TerminalEnd() [%s:%d]", file, line));
+
+    if (parserTermTemp == (TERM *)0)
+	return;
+
+    if (term == (char *)0) {
+	if ((term = getenv("TERM")) == (char *)0) {
+	    term = "";
+	}
+    }
+
+    if (parserTermTemp->name->used > 1) {
+	if ((parserTermTemp->name->string[0] == '*' &&
+	     parserTermTemp->name->string[1] == '\000') ||
+	    strcmp(parserTermTemp->name->string, term) == 0) {
+	    DestroyTerminal(parserTermDefault);
+	    parserTermDefault = parserTermTemp;
+	    parserTermTemp = (TERM *)0;
+	}
+    }
+
+    DestroyTerminal(parserTermTemp);
+    parserTermTemp = (TERM *)0;
+}
+
+void
+TerminalAbort(void)
+{
+    CONDDEBUG((1, "TerminalAbort() [%s:%d]", file, line));
+    if (parserTermTemp == (TERM *)0)
+	return;
+
+    DestroyTerminal(parserTermTemp);
+    parserTermTemp = (TERM *)0;
+}
+
+void
+TerminalDestroy(void)
+{
+    CONDDEBUG((1, "TerminalDestroy() [%s:%d]", file, line));
+
+    if (parserTermTemp != (TERM *)0) {
+	DestroyTerminal(parserTermTemp);
+	parserTermTemp = (TERM *)0;
+    }
+
+    if (parserTermDefault != (TERM *)0) {
+	DestroyTerminal(pTerm);
+	pTerm = parserTermDefault;
+	parserTermDefault = (TERM *)0;
+    }
+}
+
+void
+ProcessYesNo(char *id, FLAG *flag)
+{
+    if (id == (char *)0 || id[0] == '\000')
+	*flag = FLAGFALSE;
+    else if (strcasecmp("yes", id) == 0 || strcasecmp("true", id) == 0 ||
+	     strcasecmp("on", id) == 0)
+	*flag = FLAGTRUE;
+    else if (strcasecmp("no", id) == 0 || strcasecmp("false", id) == 0 ||
+	     strcasecmp("off", id) == 0)
+	*flag = FLAGFALSE;
+}
+
+void
+ConfigItemEscape(char *id)
+{
+    CONDDEBUG((1, "ConfigItemEscape(%s) [%s:%d]", id, file, line));
+
+    if (parserConfigTemp->escape != (char *)0)
+	free(parserConfigTemp->escape);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->escape = (char *)0;
+	return;
+    }
+    if ((parserConfigTemp->escape = StrDup(id)) == (char *)0)
+	OutOfMem();
+}
+
+void
+ConfigItemMaster(char *id)
+{
+    CONDDEBUG((1, "ConfigItemMaster(%s) [%s:%d]", id, file, line));
+
+    if (parserConfigTemp->master != (char *)0)
+	free(parserConfigTemp->master);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->master = (char *)0;
+	return;
+    }
+    if ((parserConfigTemp->master = StrDup(id)) == (char *)0)
+	OutOfMem();
+}
+
+void
+ConfigItemPlayback(char *id)
+{
+    int i;
+
+    CONDDEBUG((1, "ConfigItemPlayback(%s) [%s:%d]", id, file, line));
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->playback = 0;
+	return;
+    }
+    for (i = 0; id[i] != '\000'; i++) {
+	if (!isdigit((int)id[i])) {
+	    Error("invalid playback value [%s:%d]", file, line);
+	    return;
+	}
+    }
+    if (i > 4) {
+	Error("playback value too large [%s:%d]", file, line);
+	return;
+    }
+    parserConfigTemp->playback = (unsigned short)atoi(id) + 1;
+}
+
+void
+ConfigItemPort(char *id)
+{
+    CONDDEBUG((1, "ConfigItemPort(%s) [%s:%d]", id, file, line));
+
+    if (parserConfigTemp->port != (char *)0)
+	free(parserConfigTemp->port);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->port = (char *)0;
+	return;
+    }
+    if ((parserConfigTemp->port = StrDup(id)) == (char *)0)
+	OutOfMem();
+}
+
+void
+ConfigItemReplay(char *id)
+{
+    int i;
+
+    CONDDEBUG((1, "ConfigItemReplay(%s) [%s:%d]", id, file, line));
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->replay = 0;
+	return;
+    }
+    for (i = 0; id[i] != '\000'; i++) {
+	if (!isdigit((int)id[i])) {
+	    Error("invalid replay value [%s:%d]", file, line);
+	    return;
+	}
+    }
+    if (i > 4) {
+	Error("replay value too large [%s:%d]", file, line);
+	return;
+    }
+    parserConfigTemp->replay = (unsigned short)atoi(id) + 1;
+}
+
+void
+ConfigItemSslcredentials(char *id)
+{
+    CONDDEBUG((1, "ConfigItemSslcredentials(%s) [%s:%d]", id, file, line));
+#if HAVE_OPENSSL
+    if (parserConfigTemp->sslcredentials != (char *)0)
+	free(parserConfigTemp->sslcredentials);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->sslcredentials = (char *)0;
+	return;
+    }
+    if ((parserConfigTemp->sslcredentials = StrDup(id)) == (char *)0)
+	OutOfMem();
+#else
+    Error
+	("sslcredentials ignored - encryption not compiled into code [%s:%d]",
+	 file, line);
+#endif
+}
+
+void
+ConfigItemSslcacertificatefile(char *id)
+{
+    CONDDEBUG((1, "ConfigItemSslcacertificatefile(%s) [%s:%d]", id, file,
+	       line));
+#if HAVE_OPENSSL
+    if (parserConfigTemp->sslcacertificatefile != (char *)0)
+	free(parserConfigTemp->sslcacertificatefile);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->sslcacertificatefile = (char *)0;
+	return;
+    }
+    if ((parserConfigTemp->sslcacertificatefile = StrDup(id)) == (char *)0)
+	OutOfMem();
+#else
+    Error
+	("sslcacertificatefile ignored - encryption not compiled into code [%s:%d]",
+	 file, line);
+#endif
+}
+
+void
+ConfigItemSslcacertificatepath(char *id)
+{
+    CONDDEBUG((1, "ConfigItemSslcacertificatepath(%s) [%s:%d]", id, file,
+	       line));
+#if HAVE_OPENSSL
+    if (parserConfigTemp->sslcacertificatepath != (char *)0)
+	free(parserConfigTemp->sslcacertificatepath);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->sslcacertificatepath = (char *)0;
+	return;
+    }
+    if ((parserConfigTemp->sslcacertificatepath = StrDup(id)) == (char *)0)
+	OutOfMem();
+#else
+    Error
+	("sslcacertificatepath ignored - encryption not compiled into code [%s:%d]",
+	 file, line);
+#endif
+}
+
+void
+ConfigItemSslrequired(char *id)
+{
+    CONDDEBUG((1, "ConfigItemSslrequired(%s) [%s:%d]", id, file, line));
+#if HAVE_OPENSSL
+    ProcessYesNo(id, &(parserConfigTemp->sslrequired));
+#else
+    Error
+	("sslrequired ignored - encryption not compiled into code [%s:%d]",
+	 file, line);
+#endif
+}
+
+void
+ConfigItemSslenabled(char *id)
+{
+    CONDDEBUG((1, "ConfigItemSslenabled(%s) [%s:%d]", id, file, line));
+#if HAVE_OPENSSL
+    ProcessYesNo(id, &(parserConfigTemp->sslenabled));
+#else
+    Error("sslenabled ignored - encryption not compiled into code [%s:%d]",
+	  file, line);
+#endif
+}
+
+void
+ConfigItemStriphigh(char *id)
+{
+    CONDDEBUG((1, "ConfigItemStriphigh(%s) [%s:%d]", id, file, line));
+    ProcessYesNo(id, &(parserConfigTemp->striphigh));
+}
+
+void
+ConfigItemUsername(char *id)
+{
+    CONDDEBUG((1, "ConfigItemUsername(%s) [%s:%d]", id, file, line));
+
+    if (parserConfigTemp->username != (char *)0)
+	free(parserConfigTemp->username);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserConfigTemp->username = (char *)0;
+	return;
+    }
+    if ((parserConfigTemp->username = StrDup(id)) == (char *)0)
+	OutOfMem();
+}
+
+SUBST *substData = (SUBST *)0;
+
+SUBSTTOKEN
+SubstToken(char c)
+{
+    switch (c) {
+	case 'u':
+	case 'c':
+	    return ISSTRING;
+	default:
+	    return ISNOTHING;
+    }
+}
+
+int
+SubstValue(char c, char **s, int *i)
+{
+    int retval = 0;
+
+    if (s != (char **)0) {
+	CONFIG *pc;
+	if (substData->data == (void *)0)
+	    return 0;
+
+	pc = (CONFIG *)(substData->data);
+	if (c == 'u') {
+	    (*s) = pc->username;
+	    retval = 1;
+	} else if (c == 'c') {
+	    (*s) = pc->console;
+	    retval = 1;
+	}
+    }
+
+    return retval;
+}
+
+void
+InitSubstCallback(void)
+{
+    if (substData == (SUBST *)0) {
+	if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0)
+	    OutOfMem();
+	substData->value = &SubstValue;
+	substData->token = &SubstToken;
+    }
+}
+
+
+void
+TerminalItemAttach(char *id)
+{
+    CONDDEBUG((1, "TerminalItemAttach(%s) [%s:%d]", id, file, line));
+
+    if (parserTermTemp->attach != (char *)0)
+	free(parserTermTemp->attach);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserTermTemp->attach = (char *)0;
+	return;
+    }
+    if ((parserTermTemp->attach = StrDup(id)) == (char *)0)
+	OutOfMem();
+}
+
+void
+TerminalItemAttachsubst(char *id)
+{
+    CONDDEBUG((1, "TerminalItemAttachsubst(%s) [%s:%d]", id, file, line));
+    ProcessSubst(substData, (char **)0, &(parserTermTemp->attachsubst),
+		 "attachsubst", id);
+}
+
+void
+TerminalItemDetach(char *id)
+{
+    CONDDEBUG((1, "TerminalItemDetach(%s) [%s:%d]", id, file, line));
+
+    if (parserTermTemp->detach != (char *)0)
+	free(parserTermTemp->detach);
+
+    if ((id == (char *)0) || (*id == '\000')) {
+	parserTermTemp->detach = (char *)0;
+	return;
+    }
+    if ((parserTermTemp->detach = StrDup(id)) == (char *)0)
+	OutOfMem();
+}
+
+void
+TerminalItemDetachsubst(char *id)
+{
+    CONDDEBUG((1, "TerminalItemDetachsubst(%s) [%s:%d]", id, file, line));
+    ProcessSubst(substData, (char **)0, &(parserTermTemp->detachsubst),
+		 "detachsubst", id);
+}
+
+ITEM keyConfig[] = {
+    {"escape", ConfigItemEscape},
+    {"master", ConfigItemMaster},
+    {"playback", ConfigItemPlayback},
+    {"port", ConfigItemPort},
+    {"replay", ConfigItemReplay},
+    {"sslcredentials", ConfigItemSslcredentials},
+    {"sslcacertificatefile", ConfigItemSslcacertificatefile},
+    {"sslcacertificatepath", ConfigItemSslcacertificatepath},
+    {"sslrequired", ConfigItemSslrequired},
+    {"sslenabled", ConfigItemSslenabled},
+    {"striphigh", ConfigItemStriphigh},
+    {"username", ConfigItemUsername},
+    {(char *)0, (void *)0}
+};
+
+ITEM keyTerminal[] = {
+    {"attach", TerminalItemAttach},
+    {"attachsubst", TerminalItemAttachsubst},
+    {"detach", TerminalItemDetach},
+    {"detachsubst", TerminalItemDetachsubst},
+    {(char *)0, (void *)0}
+};
+
+SECTION sections[] = {
+    {"config", ConfigBegin, ConfigEnd, ConfigAbort, ConfigDestroy,
+     keyConfig},
+    {"terminal", TerminalBegin, TerminalEnd, TerminalAbort,
+     TerminalDestroy, keyTerminal},
+    {(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
+};
+
+void
+ReadConf(char *filename, FLAG verbose)
+{
+    FILE *fp;
+
+    if ((FILE *)0 == (fp = fopen(filename, "r"))) {
+	if (verbose == FLAGTRUE)
+	    Error("could not open `%s'", filename);
+	return;
+    }
+
+    /* initialize the substition bits */
+    InitSubstCallback();
+
+    parserConfigDefault = pConfig;
+    pConfig = (CONFIG *)0;
+
+    parserTermDefault = pTerm;
+    pTerm = (TERM *)0;
+
+    ParseFile(filename, fp, 0);
+
+    /* shouldn't really happen, but in case i screw up the stuff
+     * ParseFile calls...
+     */
+    if (pConfig == (CONFIG *)0) {
+	if ((pConfig = (CONFIG *)calloc(1, sizeof(CONFIG)))
+	    == (CONFIG *)0)
+	    OutOfMem();
+    }
+
+    if (pTerm == (TERM *)0) {
+	if ((pTerm = (TERM *)calloc(1, sizeof(TERM)))
+	    == (TERM *)0)
+	    OutOfMem();
+    }
+
+    if (fDebug) {
+#define EMPTYSTR(x) x == (char *)0 ? "(null)" : x
+#define FLAGSTR(x) x == FLAGTRUE ? "true" : (x == FLAGFALSE ? "false" : "unset")
+	CONDDEBUG((1, "pConfig->username = %s",
+		   EMPTYSTR(pConfig->username)));
+	CONDDEBUG((1, "pConfig->master = %s", EMPTYSTR(pConfig->master)));
+	CONDDEBUG((1, "pConfig->port = %s", EMPTYSTR(pConfig->port)));
+	CONDDEBUG((1, "pConfig->escape = %s", EMPTYSTR(pConfig->escape)));
+	CONDDEBUG((1, "pConfig->striphigh = %s",
+		   FLAGSTR(pConfig->striphigh)));
+	CONDDEBUG((1, "pConfig->replay = %hu", pConfig->replay));
+	CONDDEBUG((1, "pConfig->playback = %hu", pConfig->playback));
+#if HAVE_OPENSSL
+	CONDDEBUG((1, "pConfig->sslcredentials = %s",
+		   EMPTYSTR(pConfig->sslcredentials)));
+	CONDDEBUG((1, "pConfig->sslcacertificatefile = %s",
+		   EMPTYSTR(pConfig->sslcacertificatefile)));
+	CONDDEBUG((1, "pConfig->sslcacertificatepath = %s",
+		   EMPTYSTR(pConfig->sslcacertificatepath)));
+	CONDDEBUG((1, "pConfig->sslrequired = %s",
+		   FLAGSTR(pConfig->sslrequired)));
+	CONDDEBUG((1, "pConfig->sslenabled = %s",
+		   FLAGSTR(pConfig->sslenabled)));
+#endif
+	CONDDEBUG((1, "pTerm->attach = %s", EMPTYSTR(pTerm->attach)));
+	CONDDEBUG((1, "pTerm->attachsubst = %s",
+		   EMPTYSTR(pTerm->attachsubst)));
+	CONDDEBUG((1, "pTerm->detach = %s", EMPTYSTR(pTerm->detach)));
+	CONDDEBUG((1, "pTerm->detachsubst = %s",
+		   EMPTYSTR(pTerm->detachsubst)));
+    }
+
+    fclose(fp);
+}

console/readconf.h

@@ -0,0 +1,41 @@
+/*
+ *  Copyright conserver.com, 2000
+ *
+ *  Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
+ */
+
+typedef struct config {
+    STRING *name;
+    char *console;
+    char *username;
+    char *master;
+    char *port;
+    char *escape;
+    FLAG striphigh;
+    FLAG exitdown;
+    unsigned short replay;
+    unsigned short playback;
+#if HAVE_OPENSSL
+    char *sslcredentials;
+    char *sslcacertificatefile;
+    char *sslcacertificatepath;
+    FLAG sslrequired;
+    FLAG sslenabled;
+#endif
+} CONFIG;
+
+typedef struct term {
+    STRING *name;
+    char *attach;
+    char *attachsubst;
+    char *detach;
+    char *detachsubst;
+} TERM;
+
+extern CONFIG *pConfig;
+extern TERM *pTerm;
+extern SUBST *substData;
+
+extern void ReadConf(char *, FLAG);
+extern void DestroyConfig(CONFIG *);
+extern void DestroyTerminal(TERM *);

contrib/README

@@ -22,7 +22,3 @@ I can't verify that these scripts will work for everyone.  Hopefully they
 will be helpful.
 
 Bryan Stansell
-
-#
-#  $Id: README,v 1.4 2003/09/29 14:29:37 bryan Exp $
-#

contrib/chat/Makefile.in

@@ -1,4 +1,5 @@
 ### Path settings
+datarootdir = @datarootdir@
 srcdir = @srcdir@
 top_srcdir = @top_srcdir@
 prefix = @prefix@

contrib/maketestcerts

@@ -6,12 +6,13 @@
 # outside of my own purposes.  If this helps, cool.  In the end I put the
 # rootcert.pem file in my global certs directory (OPENSSL_ROOT/ssl/certs),
 # point the server to server.pem and point the client at client.pem.  I
-# then run the c_rehash command (I supposed it helps or is important).
+# then run the c_rehash command.
-# When it asks for a passphrase, use 'pass', otherwise this script won't
+#
-# work.  Ugly, yeah, but it's an ok test.
+# You can also use the sslcacertificatefile options to point the client/server
+# at rootcert.pem instead of populating the global repository
 #
 
-[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -passin pass:pass -passout pass:pass
+[ -f rootreq.pem -a -f rootkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem -nodes
 US
 California
 Folsom
@@ -25,7 +26,7 @@ EOD
 [ -f rootcert.pem ] || openssl x509 -req -in rootreq.pem -sha1 -extensions v3_ca -signkey rootkey.pem -out rootcert.pem
 [ -f root.pem ] || cat rootcert.pem rootkey.pem > root.pem
 
-[ -f serverreq.pem -a -f serverkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -passin pass:pass -passout pass:pass
+[ -f serverreq.pem -a -f serverkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout serverkey.pem -out serverreq.pem -nodes
 US
 California
 Folsom
@@ -39,7 +40,7 @@ EOD
 [ -f servercert.pem ] || openssl x509 -req -in serverreq.pem -sha1 -extensions usr_cert -CA root.pem -CAkey root.pem -CAcreateserial -out servercert.pem
 [ -f server.pem ] || cat servercert.pem serverkey.pem rootcert.pem > server.pem
 
-[ -f clientreq.pem -a -f clientkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem -passin pass:pass -passout pass:pass
+[ -f clientreq.pem -a -f clientkey.pem ] || cat <<EOD | openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem -nodes
 US
 California
 Folsom

contrib/redhat-rpm/conserver.defaults

@@ -0,0 +1,5 @@
+# server options
+#OPTIONS="-p 33000 -d"
+# run as different user that root
+#RUNAS=conservr
+

contrib/redhat-rpm/conserver.init

@@ -7,44 +7,66 @@
 # config: /etc/conserver.cf
 #
 
+DAEMON=/usr/sbin/conserver
+
 # Source function library.
 . /etc/rc.d/init.d/functions
 
 # Source networking configuration.
 . /etc/sysconfig/network
 
+# Source defaults
+. /etc/default/conserver
+
 # Check that networking is up.
 [  ${NETWORKING} = "no" ] && exit 0
 
 # make sure conserver is installed and executable
-[ -x /usr/sbin/conserver  ] || exit 1
+[ -x $DAEMON  ] || exit 1
 
 
+start()
+{
+	echo -n "Starting conserver: "
+	daemon --user "${RUNAS-}" $DAEMON ${OPTIONS--d}
+	RETVAL=$?
+	[ "$RETVAL" = 0 ] && touch /var/lock/subsys/conserver
+	echo
+}
+
+stop()
+{
+	echo -n "Shutting down conserver: "
+	killproc conserver
+	RETVAL=$?
+	[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/conserver
+	echo
+}
+  
 # See how we were called.
 case "$1" in
   start)
-    echo -n "Starting conserver: "
+    start
-    daemon conserver -d
-    echo
-    touch /var/lock/subsys/conserver
     ;;
   stop)
-    echo -n "Shutting down conserver: "
+    stop
-    killproc conserver
-    echo
-    rm -f /var/lock/subsys/conserver
     ;;
   status)
     status conserver
     ;;
   restart)
-    echo -n "Restarting conserver: "
+    stop
+    start
+    ;;
+  reload)
+    echo -n "Reloading conserver: "
     killproc conserver -HUP
+    RETVAL=$?
     echo
     ;;
   *)
-    echo "Usage: conserver {start|stop|restart|status}"
+    echo "Usage: conserver {start|stop|restart|reload|status}"
-    exit 1
+    RETVAL=1
 esac
 
-exit 0
+exit $RETVAL

contrib/redhat-rpm/conserver.spec

@@ -3,8 +3,8 @@
 # platform that doesn't have red hat rpm >= 4.0.2 installed.
 #
 
-%define pkg  conserver
+%define pkg conserver
-%define ver  8.1.3
+%define ver 
 
 # define the name of the machine on which the main conserver
 # daemon will be running if you don't want to use the default
@@ -12,26 +12,71 @@
 %define master console
 
 # what red hat (or other distibution) version are you running?
-%define distver 6
+%define distver 1
+
+# compile arguments. defaults to 0
+# example: rpmbuild -bb conserver.spec --with openssl
+%define with_openssl  %{?_with_openssl:  1} %{?!_with_openssl:  0}
+%define with_libwrap  %{?_with_libwrap:  1} %{?!_with_libwrap:  0}
+%define with_pam      %{?_with_pam:      1} %{?!_with_pam:      0}
+%define with_dmalloc  %{?_with_dmalloc:  1} %{?!_with_dmalloc:  0}
+%define with_freeipmi %{?_with_freeipmi: 1} %{?!_with_freeipmi: 0}
+
+# additionally you can use macros logfile pidfile
+# example: rpmbuild -bb conserver.spec --define "pidfile /var/run/conserver/pid"
 
-Summary: Serial console server daemon/client
 Name: %{pkg}
 Version: %{ver}
-Release: 1.%{distver}
+Release: %{distver}
-Copyright: distributable
+License: BSD
+Summary: Serial console server daemon/client
 Group: System Environment/Daemons
 URL: http://www.conserver.com/
 Source: http://www.conserver.com/%{pkg}-%{ver}.tar.gz
 BuildRoot: %{_tmppath}/%{pkg}-buildroot
+%if %{with_openssl}
+Requires: openssl
+BuildRequires: openssl-devel
+%endif
+%if %{with_pam}
+BuildRequires: pam-devel
+%endif
+%if %{with_libwrap}
+Requires: tcp_wrappers
+%endif
+%if %{with_dmalloc}
+Requires: dmalloc
+BuildRequires: dmalloc
+%endif
+%if %{with_freeipmi}
+Requires: freeipmi
+BuildRequires: freeipmi-devel
+%endif
 Prefix: %{_prefix}
 
+%package server
+Summary: Serial console server daemon
+Group: System Environment/Daemons
+
+%package client
+Summary: Serial console server client
+Group: Applications/Internet
 
 %description
-Conserver is an application that allows multiple users to watch a
+Conserver is a daemon that allows multiple users to watch a
 serial console at the same time.  It can log the data, allows users to
 take write-access of a console (one at a time), and has a variety of
 bells and whistles to accentuate that basic functionality.
 
+%description server
+conserver-server is a daemon that allows multiple users to watch a
+serial console at the same time.  It can log the data, allows users to
+take write-access of a console (one at a time), and has a variety of
+bells and whistles to accentuate that basic functionality.
+
+%description client
+conserver-client to connect to conserver-server using a tcp port.
+Allows multiple users to watch a serial console at the same time.
 
 %prep
 %{__rm} -rf %{buildroot}
@@ -44,7 +89,8 @@ f="conserver/Makefile.in"
 %{__mv} $f $f.orig
 %{__sed} -e 's/^.*conserver\.rc.*$//' < $f.orig > $f
 
-%configure --with-master=%{master}
+%configure %{?_with_openssl} %{?_with_libwrap} %{?_with_dmalloc} %{?_with_freeipmi} %{?_with_pam} %{?logfile: --with-logfile=%{logfile}} %{?pidfile: --with-pidfile=%{pidfile}} %{?master: --with-master=%{master}}
+
 make
 
 
@@ -65,12 +111,15 @@ make
 %{__mkdir_p} %{buildroot}/%{_initrddir}
 %{__cp} contrib/redhat-rpm/conserver.init %{buildroot}/%{_initrddir}/conserver
 
+# install copy of init script defaults
+%{__mkdir_p} %{buildroot}/%{_sysconfdir}/default
+%{__cp} contrib/redhat-rpm/conserver.defaults %{buildroot}/%{_sysconfdir}/default/conserver
 
 %clean
 %{__rm} -rf %{buildroot}
 
 
-%post
+%post server
 if [ -x %{_initrddir}/conserver ]; then
   /sbin/chkconfig --add conserver
 fi
@@ -80,7 +129,7 @@ if ! egrep '\<conserver\>' /etc/services > /dev/null 2>&1 ; then
 fi
 
 
-%preun
+%preun server
 if [ "$1" = 0 ]; then
   if [ -x %{_initrddir}/conserver ]; then
     %{_initrddir}/conserver stop
@@ -88,18 +137,37 @@ if [ "$1" = 0 ]; then
   fi
 fi
 
+# we need this even if empty
+#%files
 
-%files
+%files server
 %defattr(-,root,root)
 %doc CHANGES FAQ INSTALL README conserver.cf
 %config(noreplace) %{_sysconfdir}/conserver.cf
 %config(noreplace) %{_sysconfdir}/conserver.passwd
+%config(noreplace) %{_sysconfdir}/default/conserver
 %attr(555,root,root) %{_initrddir}/conserver
-%{prefix}/bin/console
+%{_libdir}/conserver/convert
-%{prefix}/share/man/man1/console.1.gz
+%{_mandir}/man8/conserver.8.gz
-%{prefix}/share/man/man8/conserver.8.gz
+%{_mandir}/man5/conserver.cf.5.gz
-%{prefix}/share/man/man5/conserver.cf.5.gz
+%{_mandir}/man5/conserver.passwd.5.gz
-%{prefix}/share/man/man5/conserver.passwd.5.gz
+%{_datadir}/examples/conserver/conserver.cf
-%{prefix}/share/examples/conserver/conserver.cf
+%{_datadir}/examples/conserver/conserver.passwd
-%{prefix}/share/examples/conserver/conserver.passwd
+%{_sbindir}/conserver
-%{prefix}/sbin/conserver
+
+%files client
+%defattr(-,root,root)
+%doc CHANGES FAQ INSTALL README
+%{_bindir}/console
+%{_mandir}/man1/console.1.gz
+
+%changelog
+* Wed Oct 14 2009 Jodok Ole Muellers <muellejo@aschendorff.de>
+  - Changed the conserver.spec file to create separate subpackages
+    for client and server by using the %package directive.
+* Wed Sep 25 2009 Fabien Wernli
+  - added configure prerequisites
+* Thu Sep 24 2009 Fabien Wernli
+  - added prefix to configure
+  - changed some hardcoded values to proper macros:
+    didn't work on x64 lib -> lib64

contrib/solaris-package/pkginfo

@@ -1,7 +1,7 @@
 PKG="conserver"
 NAME="Console server and client"
 CATEGORY="system"
-VERSION="8.1.3"
+VERSION=
 DESC="Console server and client"
 CLASSES=none
 ARCH=sparc

gen-version

@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -e
+
+# awk gets stdin from /dev/null 'cause when autoconf runs this via m4_esyscmd_s,
+# stdin is closed and awk assumes there will always be an open stdin and you end
+# up with a bogus message:
+#
+#   awk: i/o error occurred while closing /dev/stdin
+#    input record number 20, file conserver/version.h
+#    source line number 1
+#
+#
+case "$1" in
+    number)
+	awk '$2=="VERSION_MAJOR"{maj=$NF} $2=="VERSION_MINOR"{min=$NF} $2=="VERSION_REV"{rev=$NF} END{print maj "." min "." rev}' conserver/version.h < /dev/null
+	;;
+
+    date)
+	awk '$2=="VERSION_DATE"{print $NF}' conserver/version.h < /dev/null | tr -d '"'
+	;;
+esac

package/README.md

@@ -0,0 +1,26 @@
+Testing Locally
+---------------
+
+You can run `./package/make-and-stage-release local` and the current code will be
+packaged into `./build` so anyone can configure and build code in a confined space.
+
+Creating a new release
+----------------------
+
+- Create a new release branch `git checkout -b release-vx.y.z`
+- Edit `conserver/version.h`
+- Update `CHANGES` with output of `./package/create-changes vx.y.z..`
+- Double-check and merge release branch
+- Run `GITHUB_TOKEN=xxxx ./package/make-and-stage-release` to tag release, create distribution, pgp sign, and push to github
+
+Requirements:
+
+- autoconf
+- githubrelease (pypi)
+- gpg
+
+Publishing a release
+--------------------
+
+- Use github to promote from draft or use the command output from `make-and-stage-release`
+- Send announcement on mailing lists

package/create-changes

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -e
+
+[ -z "$1" ] && echo "Usage: $0 tag" && exit 1
+range="$1"
+date=`./gen-version date`
+changedate=`date -j -f '%Y/%m/%d' "$date" '+%B %-d, %Y'`
+echo "version `./gen-version number` ($changedate):"
+git log --no-merges --pretty=tformat:'        - %s (%an <%ae>)' "$range" | tail -r | awk '{if (! l[$0]) {l[$0]++; print}}' | sed -e 's/ *(Bryan Stansell <bryan@conserver.com>)$//'

package/make-and-stage-release

@@ -0,0 +1,65 @@
+#!/bin/bash
+
+set -e
+
+case $(sed --help 2>&1) in
+  *GNU*) sed_i () { sed -i "$@"; };;
+  *) sed_i () { sed -i '' "$@"; };;
+esac
+
+local=false && [ "$1" = "local" ] && local=true
+
+[ -f conserver/version.h ] || { echo "you are in the wrong place" ; exit 1; }
+
+ver=`./gen-version number`
+
+if ! $local; then
+    echo "Ready to tag release v$ver (y/N)?"
+    read i
+    if [ "$i" = "y" ]; then
+	echo "Adding git tag v$ver"
+	git tag -a -m "Release $ver" v$ver
+    fi
+fi
+
+if [ ! -f ../conserver-$ver.tar.gz ] || $local; then
+    (
+	[ -d build ] && rm -rf build
+        mkdir build
+	archtag=v$ver
+	$local && archtag=HEAD
+	git archive --format=tar.gz --prefix=conserver-$ver/ $archtag | (cd build; tar zxf -)
+	cd build/conserver-$ver
+	../../package/setup-configure
+	rm -rf package
+	sed_i -e "/^%define ver/s| ver.*| ver $ver|" contrib/redhat-rpm/conserver.spec
+	sed_i -e "/^VERSION=/s|.*|VERSION=\"$ver\"|" contrib/solaris-package/pkginfo
+    )
+    $local && exit
+    echo "Creating ../conserver-$ver.tar.gz"
+    tar zcf ../conserver-$ver.tar.gz -C build conserver-$ver
+    rm -rf build
+
+    [ -f ../conserver-$ver.tar.gz.asc ] && rm ../conserver-$ver.tar.gz.asc
+fi
+if [ ! -f ../conserver-$ver.tar.gz.asc ]; then
+    echo "Signing ../conserver-$ver.tar.gz"
+    gpg -ab --local-user bryan@conserver.com ../conserver-$ver.tar.gz
+fi
+body="\`\`\`
+`sed -ne '/^ver/,/^$/p' CHANGES | sed -e '/^$/,$d'`
+\`\`\`"
+
+ls -l ../conserver-$ver.tar.gz*
+echo "Ready to push (y/N)?"
+read i
+if [ "$i" = "y" ]; then
+    git push --tags
+    githubrelease release bstansell/conserver create --name conserver-$ver --body "$body" v$ver ../conserver-$ver.tar.gz* 
+    echo You can publish this release on the website or with:
+    echo "    "githubrelease release bstansell/conserver publish v$ver
+else
+    echo Ok, here is the command I would have used:
+    echo "    "git push --tags
+    echo "    "githubrelease release bstansell/conserver create --name conserver-$ver --body \""$body"\" v$ver ../conserver-$ver.tar.gz* 
+fi

package/run-gindent

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+gindent -npro -i4 -ip4 -cli4 -br -brs -cdw -ce -npcs -ncs -nhnl -l75 -lc75 -nbbo -ppi1 `
+ echo -T SOCKADDR_STYPE
+ echo -T INADDR_STYPE
+ echo -T time_t
+ echo -T X509_STORE_CTX
+ echo -T FILE
+ echo -T SSL
+ echo -T fd_set
+ echo -T pam_handle_t
+ echo -T SSL_CTX
+ echo -T DH
+ sed -ne '/typedef/,/}/p' */*.[ch] | grep '^[ 	]*}' | sed -e 's/[ 	]*}/-T/' -e 's/;//' | sort -u
+ ` */*.[ch]

package/setup-configure

@@ -0,0 +1,21 @@
+#!/bin/sh
+
+set -e
+
+curl -s -o config.guess 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess'
+curl -s -o config.sub 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub'
+
+grep ^timestamp config.guess >/dev/null 2>&1 || cp package/config.guess .
+grep ^timestamp config.sub >/dev/null 2>&1 || cp package/config.sub .
+
+# We set lang to avoid this with the gcc docker image on cirrus:
+# 
+#   ./package/setup-configure
+#   perl: warning: Setting locale failed.
+#   perl: warning: Please check that your locale settings:
+#   	LANGUAGE = (unset),
+#   	LC_ALL = (unset),
+#   	LANG = "en_US.UTF-8"
+#       are supported and installed on your system.
+
+LANG=C autoreconf

test/dotest

@@ -14,6 +14,7 @@ cleanup()
 	[ "$i" != "conserver.log" ] && [ -f "$i" ] && rm -f "$i";
     done
     [ "$exitval" = 0 ] && rm -f conserver.log
+    [ -d 127.0.0.1 ] && sleep 1 && rm -rf 127.0.0.1
     exit $exitval
 }
 
@@ -25,14 +26,14 @@ dotest()
 	eval "$2" > test.out 2>&1
     else
 	echo "$1" | \
-	    ../console/console -M 127.0.0.1 -p 7777 shell > test.out 2>&1
+	    ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 shell > test.out 2>&1
     fi
     if [ "$record" ]; then
 	echo "recorded"
 	mv test.out results/test$testnum
     else
 	if [ -f results/test$testnum ]; then
-	    if diff -i test.out results/test$testnum >test$testnum.diff 2>&1; then
+	    if diff -i results/test$testnum >test$testnum.diff test.out 2>&1; then
 		echo "succeeded"
 		rm -f test$testnum.diff
 	    else
@@ -72,7 +73,7 @@ sleep 3
 
 [ ! -d results ] && mkdir results
 
-dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
 dotest 'c?c.'
 dotest 'cl?c.'
 dotest 'cdc.'
@@ -84,14 +85,16 @@ cp test2.cf c.cf
 kill -1 $pid
 sleep 3
 
-dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ 	][ 	]*/ /g'"
 dotest 'c?c.'
 dotest 'cl?c.'
 dotest 'cdc.'
-dotest 'coc.'
+dotest 'cocacoc.'
 
-dotest EVAL "echo 'tu.' | ../console/console -M 127.0.0.1 -p 7777 -e 'tu' shell"
+dotest EVAL "echo 'tu.' | ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -e 'tu' shell"
-dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -P | sed -e 's/:.*//'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -R | sed -e 's/ [^ ]*$//'"
-dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x sh | sed -e '1s/^[^:]*//'"
+dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x shell | sed -e 's/ on [^ ]* */ on /'"
 
 cleanup

test/results/test10

@@ -1,4 +1,6 @@
-console: shell is down
+[`shell' -- console is down]
 [Enter `^Ec?' for help]
-[up -- attached]
+[up]
+[ok]
+[up]
 [disconnect]

test/results/test12

@@ -1 +1 @@
-127.0.0.1
+version `conserver.com version

test/results/test13

@@ -1,3 +1,3 @@
- shellb                   on at  Local 
+ shellb                   on at   Local 
- shella                   on at  Local 
+ shella                   on at   Local 
- shell                    on at  Local 
+ shell                    on at   Local 

test/results/test14

@@ -0,0 +1,2 @@
+: ambiguous console abbreviation, `sh'
+	choices are shellb, shella, shell

test/results/test15

@@ -0,0 +1 @@
+ shell                    on at   Local 

test/results/test2

@@ -1,18 +1,20 @@
 [Enter `^Ec?' for help]
 [help]
- .    disconnect                        ;    move to another console
+ .       disconnect                     ;       move to another console
- a    attach read/write                 b    send broadcast message
+ a       attach read/write              b       send broadcast message
- c    toggle flow control               d    down a console
+ c       toggle flow control            d       down a console
- e    change escape sequence            f    force attach read/write
+ e       change escape sequence         f       force attach read/write
- g    group info                        i    information dump
+ g       group info                     i       information dump
- L    toggle logging on/off             l?   break sequence list
+ L       toggle logging on/off          l?      break sequence list
- l0   send break per config file        l1-9 send specific break sequence
+ l0      send break per config file     l1-9a-z send specific break sequence
- m    display the message of the day    o    (re)open the tty and log file
+ m       display message of the day     n       write a note to the logfile
- p    replay the last 60 lines          r    replay the last 20 lines
+ o       (re)open the tty and log file  p       playback the last 60 lines
- s    spy read only                     u    show host status
+ P       set number of playback lines   r       replay the last 20 lines
- v    show version info                 w    who is on this console
+ R       set number of replay lines     s       spy mode (read only)
- x    show console baud info            z    suspend the connection
+ u       show host status               v       show version info
- |    attach local command              ?    print this message
+ w       who is on this console         x       show console baud info
- <cr> ignore/abort command              ^R   replay the last line
+ z       suspend the connection         !       invoke task
- \ooo send character by octal code
+ |       attach local command           ?       print this message
+ <cr>    ignore/abort command           ^R      replay the last line
+ \ooo    send character by octal code
 [disconnect]

test/results/test5

@@ -1,4 +1,4 @@
-console: shell is down
+[`shell' -- console is down]
 [Enter `^Ec?' for help]
-[up -- attached]
+[up]
 [disconnect]

test/results/test7

@@ -1,18 +1,20 @@
 [Enter `^Ec?' for help]
 [help]
- .    disconnect                        ;    move to another console
+ .       disconnect                     ;       move to another console
- a    attach read/write                 b    send broadcast message
+ a       attach read/write              b       send broadcast message
- c    toggle flow control               d    down a console
+ c       toggle flow control            d       down a console
- e    change escape sequence            f    force attach read/write
+ e       change escape sequence         f       force attach read/write
- g    group info                        i    information dump
+ g       group info                     i       information dump
- L    toggle logging on/off             l?   break sequence list
+ L       toggle logging on/off          l?      break sequence list
- l0   send break per config file        l1-9 send specific break sequence
+ l0      send break per config file     l1-9a-z send specific break sequence
- m    display the message of the day    o    (re)open the tty and log file
+ m       display message of the day     n       write a note to the logfile
- p    replay the last 60 lines          r    replay the last 20 lines
+ o       (re)open the tty and log file  p       playback the last 60 lines
- s    spy read only                     u    show host status
+ P       set number of playback lines   r       replay the last 20 lines
- v    show version info                 w    who is on this console
+ R       set number of replay lines     s       spy mode (read only)
- x    show console baud info            z    suspend the connection
+ u       show host status               v       show version info
- |    attach local command              ?    print this message
+ w       who is on this console         x       show console baud info
- <cr> ignore/abort command              ^R   replay the last line
+ z       suspend the connection         !       invoke task
- \ooo send character by octal code
+ |       attach local command           ?       print this message
+ <cr>    ignore/abort command           ^R      replay the last line
+ \ooo    send character by octal code
 [disconnect]

test/test1.cf

@@ -7,6 +7,9 @@ default * {
 	timestamp "";
 	include full;
 }
+config * {
+	reinitcheck 1s;
+}
 break 5 {
 	string "\rtest\r";
 }