ExternalVendorCode/conserver
1
0
Fork 0
mirror of https://github.com/bstansell/conserver.git synced 2025-06-24 09:46:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: ExternalVendorCode:v8.1.3
Branches Tags
ExternalVendorCode:master ExternalVendorCode:cirrus-freebsd-fix
ExternalVendorCode:v8.2.7 ExternalVendorCode:v8.2.6 ExternalVendorCode:v8.2.5 ExternalVendorCode:v8.2.4 ExternalVendorCode:v8.2.3 ExternalVendorCode:v8.2.2 ExternalVendorCode:v8.2.1 ExternalVendorCode:v8.2.0 ExternalVendorCode:v8.1.20 ExternalVendorCode:v8.1.19 ExternalVendorCode:v8.1.18 ExternalVendorCode:v8.1.17 ExternalVendorCode:v8.1.16 ExternalVendorCode:v8.1.15 ExternalVendorCode:v8.1.14 ExternalVendorCode:v8.1.13 ExternalVendorCode:v8.1.12 ExternalVendorCode:v8.1.11 ExternalVendorCode:v8.1.10 ExternalVendorCode:v8.1.9 ExternalVendorCode:v8.1.8 ExternalVendorCode:v8.1.7 ExternalVendorCode:v8.1.6 ExternalVendorCode:v8.1.5 ExternalVendorCode:v8.1.4 ExternalVendorCode:v8.1.3 ExternalVendorCode:v8.1.2 ExternalVendorCode:v8.1.1 ExternalVendorCode:v8.1.0 ExternalVendorCode:v8.0.9 ExternalVendorCode:v8.0.8 ExternalVendorCode:v8.0.7 ExternalVendorCode:v8.0.6 ExternalVendorCode:v8.0.5 ExternalVendorCode:v8.0.4 ExternalVendorCode:v8.0.3 ExternalVendorCode:v8.0.2 ExternalVendorCode:v8.0.1 ExternalVendorCode:v8.0.0 ExternalVendorCode:v7.2.7 ExternalVendorCode:v7.2.6 ExternalVendorCode:v7.2.5 ExternalVendorCode:v7.2.4 ExternalVendorCode:v7.2.3 ExternalVendorCode:v7.2.2 ExternalVendorCode:v7.2.1 ExternalVendorCode:v7.2.0 ExternalVendorCode:v7.1.4 ExternalVendorCode:v7.1.3 ExternalVendorCode:v7.1.2 ExternalVendorCode:v7.1.1 ExternalVendorCode:v7.1.0 ExternalVendorCode:v7.0.3 ExternalVendorCode:v7.0.2 ExternalVendorCode:v7.0.1 ExternalVendorCode:v7.0.0 ExternalVendorCode:v6.1.7 ExternalVendorCode:vGNAC-6.16 ExternalVendorCode:vGNAC-6.15 ExternalVendorCode:vGNAC-6.14 ExternalVendorCode:vGNAC-6.13 ExternalVendorCode:vGNAC-6.12 ExternalVendorCode:vGNAC-6.11 ExternalVendorCode:vGNAC-6.10 ExternalVendorCode:vGNAC-6.09 ExternalVendorCode:vGNAC-6.08 ExternalVendorCode:vGNAC-6.07 ExternalVendorCode:vGNAC-6.06 ExternalVendorCode:vGNAC-6.05
...
compare: ExternalVendorCode:v8.1.13
Branches Tags
ExternalVendorCode:master ExternalVendorCode:cirrus-freebsd-fix
ExternalVendorCode:v8.2.7 ExternalVendorCode:v8.2.6 ExternalVendorCode:v8.2.5 ExternalVendorCode:v8.2.4 ExternalVendorCode:v8.2.3 ExternalVendorCode:v8.2.2 ExternalVendorCode:v8.2.1 ExternalVendorCode:v8.2.0 ExternalVendorCode:v8.1.20 ExternalVendorCode:v8.1.19 ExternalVendorCode:v8.1.18 ExternalVendorCode:v8.1.17 ExternalVendorCode:v8.1.16 ExternalVendorCode:v8.1.15 ExternalVendorCode:v8.1.14 ExternalVendorCode:v8.1.13 ExternalVendorCode:v8.1.12 ExternalVendorCode:v8.1.11 ExternalVendorCode:v8.1.10 ExternalVendorCode:v8.1.9 ExternalVendorCode:v8.1.8 ExternalVendorCode:v8.1.7 ExternalVendorCode:v8.1.6 ExternalVendorCode:v8.1.5 ExternalVendorCode:v8.1.4 ExternalVendorCode:v8.1.3 ExternalVendorCode:v8.1.2 ExternalVendorCode:v8.1.1 ExternalVendorCode:v8.1.0 ExternalVendorCode:v8.0.9 ExternalVendorCode:v8.0.8 ExternalVendorCode:v8.0.7 ExternalVendorCode:v8.0.6 ExternalVendorCode:v8.0.5 ExternalVendorCode:v8.0.4 ExternalVendorCode:v8.0.3 ExternalVendorCode:v8.0.2 ExternalVendorCode:v8.0.1 ExternalVendorCode:v8.0.0 ExternalVendorCode:v7.2.7 ExternalVendorCode:v7.2.6 ExternalVendorCode:v7.2.5 ExternalVendorCode:v7.2.4 ExternalVendorCode:v7.2.3 ExternalVendorCode:v7.2.2 ExternalVendorCode:v7.2.1 ExternalVendorCode:v7.2.0 ExternalVendorCode:v7.1.4 ExternalVendorCode:v7.1.3 ExternalVendorCode:v7.1.2 ExternalVendorCode:v7.1.1 ExternalVendorCode:v7.1.0 ExternalVendorCode:v7.0.3 ExternalVendorCode:v7.0.2 ExternalVendorCode:v7.0.1 ExternalVendorCode:v7.0.0 ExternalVendorCode:v6.1.7 ExternalVendorCode:vGNAC-6.16 ExternalVendorCode:vGNAC-6.15 ExternalVendorCode:vGNAC-6.14 ExternalVendorCode:vGNAC-6.13 ExternalVendorCode:vGNAC-6.12 ExternalVendorCode:vGNAC-6.11 ExternalVendorCode:vGNAC-6.10 ExternalVendorCode:vGNAC-6.09 ExternalVendorCode:vGNAC-6.08 ExternalVendorCode:vGNAC-6.07 ExternalVendorCode:vGNAC-6.06 ExternalVendorCode:vGNAC-6.05

10 Commits
v8.1.3 ... v8.1.13

Author SHA1 Message Date
Bryan Stansell
c418af32c7 Imported from conserver-8.1.13.tar.gz 2006-01-15 09:22:12 -08:00
Bryan Stansell
3cec1dde71 Imported from conserver-8.1.12.tar.gz 2005-09-05 16:15:33 -07:00
Bryan Stansell
892f52dbd4 Imported from conserver-8.1.11.tar.gz 2004-11-09 01:34:27 -08:00
Bryan Stansell
4ce124e121 Imported from conserver-8.1.10.tar.gz 2004-09-21 16:48:49 -07:00
Bryan Stansell
faad858599 Imported from conserver-8.1.9.tar.gz 2004-07-14 16:21:13 -07:00
Bryan Stansell
27475bdd30 Imported from conserver-8.1.8.tar.gz 2004-06-09 15:28:27 -07:00
Bryan Stansell
c0f8de9c24 Imported from conserver-8.1.7.tar.gz 2004-05-28 11:03:33 -07:00
Bryan Stansell
cf461c7ce8 Imported from conserver-8.1.6.tar.gz 2004-05-25 17:41:29 -07:00
Bryan Stansell
5c430d220b Imported from conserver-8.1.5.tar.gz 2004-05-07 09:05:25 -07:00
Bryan Stansell
8cd506c093 Imported from conserver-8.1.4.tar.gz 2004-04-13 13:30:28 -07:00
50 changed files with 6151 additions and 2118 deletions
Expand all files Collapse all files

127
CHANGES
View File

@ -1,6 +1,131 @@
CHANGES
=======
version 8.1.13 (Jan 15, 2006):
- use SIOCGIFNUM for interface count (if available) and catch
EINVAL on Solaris - patch by Peter Jeremy
<peter.jeremy@alcatel.com.au>
- console output now resets idle timer - suggested by Peter
Saunders <pajs@fodder.org.uk>
- bug fix for conserver process running out of control and using
up cpu - debugged with Alexandra N. Kossovsky
<Alexandra.Kossovsky@oktetlabs.ru>
version 8.1.12 (Sep 5, 2005):
- printf() fix for autologin - patch by Menno Duursma
<druiloor@zonnet.nl>
- newly spawned (from SIGHUP) processes didn't properly close
primary socket
- SSL certificates now work again (anonymous ciphers are not
allowed if a certificate is used)
- client options -x, -u, -w, and -i can now take a console name
to restrict output - suggested by Evan McClure
<emcclure@internap.com>
- convert program now installed in $libdir/conserver - patch by
Petter Reinholdtsen <pere@hungry.com>
- we now ignore SIGXFSZ, if it exists
- added 'limited' access option to remove certain functionality
from users - suggested by Sven Michels <sven@darkman.de>
- added client option -z/-Z for sending commands to servers
(reload, quit, etc) - based on suggestion by Joshua Pincus
<Joshua.Pincus@Sun.COM>
- added 'execrunas' and 'initrunas' console options to allow
'exec' and 'initcmd' execution as another user and/or group -
based on patch by Gary Mills <mills@cc.umanitoba.ca>
- the east coast mirror had to shut down (for now, at least)
- crash from bad pointer manipulation during log replay - reported by
Ryan Kirkpatrick <linux@rkirkpat.net>
version 8.1.11 (Nov 9, 2004):
- fixed array bounds and stack tromping - reported by Emmett
Hogan <hogan@bigcityit.com>
- most recent client to ask for read-write now gets it (used to
be first client to connect)
- client read-write mode now separate from console up/down state
- 'make autologin.install' now compiles autologin - reported by
Graham Merrill <teddgram@sbcglobal.net>
- new 'autocomplete' option for controlling shortest-prefix
console name matching (which has always been on)
- client now blocks on ^Eco, waiting for status of connection
- added 'a' and 'A' for upper and lowercase alphanumeric
(0-9a-z) conversions to the *subst config items - based on
patch by Jonathan Chen <jon+conserver@spock.org>
version 8.1.10 (Sep 21, 2004):
- fix "forwarding level too deep" issue with '^Ec;' - reported
by Han Pilmeyer <han.pilmeyer@hp.com>
version 8.1.9 (Jul 14, 2004):
- fixed bug processing access lists when duplicates exist in the
list - reported by Phil Dibowitz <phil@usc.edu>
- fixed bug where 'idletimeout' was not recognized in default
blocks - reported by John Cagle <jcagle@gmail.com>
- added an 'autocomplete' config option to set the console name
autocompletion behavior - suggested by John Stoffel
<stoffel@lucent.com>
version 8.1.8 (Jun 9, 2004):
- added 'initspinmax' and 'initspintimer' console options to
help calm console initialization "spinning"
- fixed setsockopt() error on 64bit solaris - reported by Trond
Hagen <trond@basefarm.no>
version 8.1.7 (May 28, 2004):
- cleaned up the manpages a bit to make things clearer and more
standard - reported by Dave Stuit <djs@tellme.com>
- added an east coast mirror! http://conserver.syr.edu/ -
thanks to Christopher T. Beers <ctbeers@syr.edu>
- primary group of users not included in '@group' syntax -
reported by Phil Dibowitz <phil@usc.edu>
- changed '@group' behavior such that groups are checked when
needed, instead of cached at startup, which is more logical
- missing variables when building convert with tcp_wrappers -
reported by Nikolaos Papavassiliou
<Nikolaos.Papavassiliou@reuters.com>
- added --with-rpath option - suggested by Phil Dibowitz
<phil@usc.edu>
version 8.1.6 (May 25, 2004):
- added ability to configure client via system-wide console.cf
file and per-user .consolerc - suggested (independently) by
Erik Sjolund <erik.sjolund@sbc.su.se> and Trevor Fiatal
<trevor@fiatal.net>
- fixed bug where break strings were not properly sent -
reported by Tim Small <tim@buttersideup.com>
- fixed bug in config file 'protocol' value handling - reported
by Kees Cook <kees@osdl.org>
- conserver no longer uses the local domain name in the default
access list (the default list is only created if no access
list is specified in the configuration file) - inspired by
William P LePera <lepera@us.ibm.com>
- added a 'terminal' console configuration block for printing
strings when attaching and detaching from consoles - suggested
by Richard Threadgill <richardt@tellme.com>
version 8.1.5 (May 7, 2004):
- changed remaining O_NDELAY flags to O_NONBLOCK
- added PROTOCOLS file to describe the client/server protocol
- added '#include' capability to conserver.cf file
- added '@group' syntax to conserver.cf file to support use of
system groups
- added -U client option to allow client to ask for encryption
but fall back to non-encrypted connections otherwise -
suggested by Mike Hendon <mike.hendon@uk.nomura.com>
- fixed bug where socket not properly deleted on exit - reported
by William P LePera <lepera@us.ibm.com>
- added 'initdelay' option for throttling startup of consoles -
suggested by Jay McCanta <mccantaj@amgen.com>
version 8.1.4 (Apr 13, 2004):
- fixed macro use in manpages to hopefully be more compatible
- removed extra newline of --MARK-- range output
- fixed bug where server -b option wasn't working - reported by
Nathan R. Hruby <nhruby@uga.edu>
- fixed client segfault when using -R, -t, -d, and -b options
- added a --with-uds configure option to have all client/server
communication happen via unix domain sockets - suggested by
William P LePera <lepera@us.ibm.com>
version 8.1.3 (Mar 22, 2004):
- fixed small memory and file descriptor leak in client when
using '^Ec;'
@ -698,5 +823,5 @@ before version 6.05:
and enhancements of various types were applied.
#
# $Id: CHANGES,v 1.162 2004/03/23 00:55:04 bryan Exp $
# $Id: CHANGES,v 1.212 2006/01/15 17:11:42 bryan Exp $
#

22
INSTALL
View File

@ -165,6 +165,9 @@ Detailed Instructions
--with-maxmemb=MAXMEMB Specify maximum consoles per process [16]
--with-timeout=TIMEOUT Specify connect() timeout in seconds [10]
--with-trustrevdns Trust reverse DNS information
--with-extmsgs Produce extended messages
--with-uds[=DIR] Use Unix domain sockets for client/server
communication [/tmp/conserver]
--with-libwrap[=PATH] Compile in libwrap (tcp_wrappers) support
--with-openssl[=PATH] Compile in OpenSSL support
--with-dmalloc[=PATH] Compile in dmalloc support
@ -182,10 +185,11 @@ Detailed Instructions
A couple of notes. First, --with-libwrap will add tcp_wrappers
lookups to all socket connections in the server. --with-openssl
will add encryption between the client and server when you connect
to a console. things such as 'console -q', 'console -w', etc. are
still unencrypted, as well as connections from conserver to any
terminal servers. --with-dmalloc should only be used to do memory
allocation debugging and not used in production.
to a console. --with-uds will cause the client and server to use
unix domain sockets for their communication, eliminating the
tcp communication they normally do (which means --with-master and
--with-port are not used). --with-dmalloc should only be used to
do memory allocation debugging and not used in production.
- Run './configure'. This will detect system specific
information. The --prefix option will redirect where things are
@ -224,10 +228,10 @@ Detailed Instructions
step.
+ Next, make sure conserver runs during boot. The init script we
use under Solaris is installed in <PREFIX>/etc/conserver.rc.
Use that or some form of it for your own /etc/init.d script or
an entry in startup files (/etc/rc, /etc/rc.local, or
whatever).
use under Solaris is installed in
<DATADIR>/examples/conserver/conserver.rc. Use that or some
form of it for your own /etc/init.d script or an entry in
startup files (/etc/rc, /etc/rc.local, or whatever).
+ Now for the fun stuff. You need to create a conserver.cf and
conserver.passwd file. Those are defined with the
@ -274,5 +278,5 @@ Other Information And Gotchas
#
# $Id: INSTALL,v 1.37 2004/03/23 00:55:04 bryan Exp $
# $Id: INSTALL,v 1.39 2005/05/21 13:47:16 bryan Exp $
#

306
PROTOCOL Normal file
View File

@ -0,0 +1,306 @@
Conserver Protocol
==================
What Is This?
-------------
The following is an attempt to describe the client/server protocol used
between the server (conserver) and the client (console). This document
bases it's information on conserver version 8.1.4, as it's the release
currently available. If there are changes to the client/server
protocol, the INSTALL file should reference them and, ideally, this
document will be updated.
The information is looked at from the point of the server, since it's
the server that controls all information and triggers actions on the
client (like a suspend). The client's perspective should be obvious
from this information.
SSL
---
The client and server can negotiate an SSL connection. As far as the
code is concerned, the SSL "layer" is transparent. Data is sent and
received just as if it was unencrypted. Therefore, aside bringing up
the SSL connection, the SSL bits are unimportant from a protocol
standpoint. The client and server still send and receive the same
information - it just happens to be encrypted to everyone else.
"On-The-Wire" Data
------------------
The low-level, "on-the-wire" data is encapsulated similar to the telnet
protocol. All data is sent "as-is" with the exception of 0xFF. 0xFF is
used as a "command character" and both the client and server expect to
see a predefined option after it. The possible options are: 0xFF, 'E',
'G', 'Z', and '.'.
The 0xFF option says to use the literal character 0xFF. So, if there is
a 0xFF character in the data stream to be sent, the code will send two
0xFF characters (it's similar to using '\\' in C strings to embed a
'\').
The other options are used in various contexts, which will be described
in detail below.
Life As A Server
----------------
There are three different interfaces presented to clients by the server.
I'm going to name the three modes "master", "group", and "console". The
first two are line-based, and the third is character-based.
To understand the differences, I must outline how conserver manages
consoles. When conserver starts, it reads the configuration file,
listens on the master socket, and, for each group of consoles it must
manage (where the group size is set by -m), it forks off a copy of
itself. Those child processes are what actually connect to the consoles
and they each listen on a new socket for client connections. So, you
end up with a parent process (that knows about all consoles) that
manages the child processes (that know only about consoles it manages),
and everyone is listening on an individual socket for connections from
clients.
The parent process interacts with clients in "master" mode. That mode
expects line-based commands and responds similarly. Because it's the
master, it understands a certain set of commands that are different than
in "group" mode.
The child processes interact with clients in "group" mode first, and
negotiate a change to "console" mode when a client requests a connection
to a specific console.
"master" Mode
-------------
When parent process gets a connection from a client, it either sends an
"ok" string to signal it's ready or an error message (like "access from
your host is refused") and the connection is dropped. At this point,
there are a small number of commands recognized by the server, since
most are restricted to "logged in" clients. Here's the list of
available commands:
exit disconnect
help this help message
login log in
ssl start ssl session
An "exit" is sent a "goodbye" response and the connection is dropped. A
"help" is sent the list above. A "ssl" is sent an "ok" response and
then the server expects the client to negotiate an ssl connection. A
"login" requires one argument (the username) and is either sent an "ok",
meaning the client is logged in, or a "passwd?" followed by the local
hostname, asking for the user's password, which it expects next. If the
client sends a valid password, an "ok" is sent, otherwise an error
message and the connection is dropped.
Upon successful login, the commands available are:
call provide port for given console
exit disconnect
groups provide ports for group leaders
help this help message
master provide a list of master servers
newlogs* close and open all logfiles (SIGUSR2)
pid provide pid of master process
quit* terminate conserver (SIGTERM)
restart* restart conserver (SIGHUP) - deprecated
reconfig* reread config file (SIGHUP)
version provide version info for server
up* bring up all downed consoles (SIGUSR1)
* = requires admin privileges
"exit" and "help" are the same as before the client logged login.
The "call" command expects one argument, the console name to connect to.
The server will respond with either a port number (if it's a locally
managed console), an "@hostname" where hostname is the name of the
remote conserver host managing the console (if it's a remotely managed
console), or an error message (possibly multi-line). The client is not
disconnected, whatever the response.
The "groups" command responds with a colon-separated list of port
numbers, which correspond to each of the child processes running on the
local host. The client is not disconnected.
The "master" command responds with a colon-separated list of "@hostname"
names. The list includes any hosts (including the possibility of the
local host) which have locally managed consoles. The client is not
disconnected.
The "newlogs" command reopens all logfiles used by conserver, assuming
the user has administrative access. It responds with a message starting
with "ok" if successful and an error message otherwise (like
"unauthorized command"). The client is disconnected if it's successful.
The "pid" command responds with the pid of the master process (in this
case, the one the client is talking to). The client is not
disconnected.
The "quit" command will shut down conserver, assuming the user has
administrative access. It responds with a message starting with "ok" if
successful and an error message otherwise (like "unauthorized command").
The client is disconnected if it's successful.
The "restart" command has been deprecated. You should use "reconfig".
The "reconfig" command will cause conserver to reread the configuration
file and apply any changes, assuming the user has administrative access.
It responds with a message starting with "ok" if successful and an error
message otherwise (like "unauthorized command"). The client is not
disconnected.
The "version" command responds with the version string. The client is
not disconnected.
The "up" command tries to "bring up" all disconnected consoles, assuming
the user has administrative access. It responds with a message starting
with "ok" if successful and an error message otherwise (like
"unauthorized command"). The client is disconnected if it's successful.
"group" Mode
------------
When a child process gets a connection from a client, it either sends an
"ok" string to signal it's ready or an error message (like "access from
your host is refused") and the connection is dropped. At this point,
"group" mode acts just like "master" mode. Once the client successfully
logs in, however, "group" mode has the recognizes the following
commands:
broadcast send broadcast message
call connect to given console
disconnect* disconnect the given user(s)
examine examine port and baud rates
exit disconnect
group show users in this group
help this help message
hosts show host status and user
info show console information
textmsg send a text message
* = requires admin privileges
The "exit" and "help" commands are like the others documented above.
The "broadcast" command expects a text string of the message to be sent
to all users connected to this process. An "ok" is sent as a response.
The "call" command expects one argument, the console name to connect to,
just like in "master" mode. The difference here is that this requests
the server to attach the client to the console and go into "console"
mode. If the attachment is successful, the response will begin with a
'[' character. If not, an error message is returned. The success
responses are:
[console is read-only] - console is read only
[read-only -- initializing] - console is initializing, and
read-only for the time being
[line to console is down] - console is down
[attached] - attached read-write
[spy] - attached read-only
The "disconnect" command expects an argument of the form "user@console"
where either the "user" or "@console" part may be omitted. Upon
success, a response of the form "ok -- disconnected X users" is sent,
where X is the number of users disconnected. If a user is unauthorized
or some other problem occurs, an error message (like "unauthorized
command") is sent.
The "examine" command returns a list of console information of the form
that 'console -x' shows.
The "group" command returns a list of console information of the form
that 'console -w' shows.
The "hosts" command returns a list of console information of the form
that 'console -u' shows.
The "info" command returns a list of console information of the form
that 'console -i' shows.
The "textmsg" command expects two arguments, the first being the
recipient of the message in the form "user@console" (again, where the
"user" or "@console" portion may be omitted) and the second being the
string, like the "broadcast" command. The server returns "ok".
"console" Mode
--------------
As mentioned above, "console" mode is obtained by using the "call"
command when connected to a child processes operating in "group" mode.
"console" mode should look very familiar to a user of conserver, as it's
what the user interacts with when connected to a console. There's
really nothings special here. Each character received from the client
is compared to the escape sequence, and if it matches, an action occurs
on the server side. If it doesn't match the escape sequence, the data
is sent on to the console. All data received from the console is sent
to the client(s). Of course, there are certain exceptions to these
rules, based on the state of the console and the state of the client.
And, certain escape sequences cause special behaviors to occur.
Most escape sequences cause the server to send information back to the
user. Stuff like "^Ecw", "^Eci", and "^Ecu" are examples. The escape
sequence is absorbed by the server, the server sends the client a
variety of information, and things continue as before.
The more "interesting" escape sequences are the following.
"^Ec;" The server sends a 0xFF,'G' command sequence to the client, to
signal a wish to move to a new console. The client then gets
put into the same state as the "^Ecz" sequence (paused), which
gives the client a chance to either resume the connection or
disconnect.
"^Ec|" The server sends a 0xFF,'E' command sequence to the client, to
signal a wish to have the client program interact with a
program, as opposed to the user. The server discards all data
until it receives one of the following command sequences from
the client:
0xFF,'E' Signals successful redirection of interaction to
a program. The server then responds with "[rw]"
or "[ro]" to tell the client whether or not they
have read-write access. If not, the client
should abort the program and send the abort
command sequence below, as other data received by
the server will just get dropped.
0xFF,'.' Abort the operation. The server assumes the
redirection didn't happen and returns the client
to it's normal mode.
The server keeps the client in the "redirected" state until it
receives a 0xFF,'.' command sequence from the client (which
usually occurs when the client command terminates).
If the client is "bumped" from read-write to read-only by
another user, the server will send the client a 0xFF,'.' command
sequence to tell it to abort the redirection and return control
back to the user.
"^Ecz" The server sends a 0xFF,'Z' command sequence to the client, to
signal a wish to suspend to client process. The client is then
put into a "paused" state where it receives no more data from
the server. When the client is ready to resume receiving data,
it sends a character of data to the server, at which point the
server discards the character and sends back a status message of
the form " -- MSG]". The current set of possible messages are:
" -- line down]"
" -- read-only]"
" -- attached (nologging)]"
" -- attached]"
" -- spy mode]"
#
# $Id: PROTOCOL,v 1.2 2005/09/05 21:54:03 bryan Exp $
#

8
README
View File

@ -16,6 +16,12 @@ Documentation
Downloading
The latest version can be found at http://www.conserver.com/
(US-West).
Mirrors of the site are at:
Australia http://planetmirror.com/pub/conserver/
Russia http://conserver.rinet.ru/
Systems Tested
@ -55,5 +61,5 @@ Contributions
http://www.columbia.edu/acis/sy/unixdev/zinc
#
# $Id: README,v 1.22 2003/08/23 19:34:24 bryan Exp $
# $Id: README,v 1.24 2005/09/05 21:46:43 bryan Exp $
#

27
TODO
View File

@ -86,26 +86,29 @@ Bryan Stansell
- not even sure if this is possible w/o confusing the client,
but maybe with the new 8.1.0 client-server protocol, we can!
- send a string when connected to a console, so you can set the
xterm title, for example : Richard Threadgill <richardt@tellme.com>
- this probably requires a client config file, so could play well
with the client config file requirement above
- allow for very long replays (hundres of lines) : John Stoffel
<stoffel@lucent.com>
- log rotation by date : Tom Pachla <tom.pachla@nlc-bnc.ca>
- client config file (for -M, etc?) : Erik Sjolund
<erik.sjolund@sbc.su.se>
- strict file permission checks on conserver.passwd/conserver.cf : Erik
Sjolund <erik.sjolund@sbc.su.se>
- embedded startup delays per remote host...or "group" of consoles in
some way 'cause some ssh connections to console servers need
significant throttling : Jay McCanta <mccantaj@amgen.com>
- netgroup support? : Nikolaos Papavassiliou
<Nikolaos.Papavassiliou@reuters.com> and Phil Dibowitz <phil@usc.edu>
- send sequences to console on client connect? (to repaint screen,
for example) : John Cagle <jcagle@gmail.com>
- uucp locks : Sebastian Zagrodzki <sebek@heron.net.icm.edu.pl>
- support more than 9 break sequences : Danish Mirza <Danish@lehman.com>
thought it was easy, but adding more than could break things with
current encoding. doable, will have to think harder about it.
- reintroduce console grouping : Martin Turba
<martin.turba@igd.fraunhofer.de>
#
# $Id: TODO,v 1.47 2004/03/12 17:34:49 bryan Exp $
# $Id: TODO,v 1.55 2005/06/06 23:02:36 bryan Exp $
#

2
autologin/Makefile.in
View File

@ -45,7 +45,7 @@ clean:
distclean: clean
rm -f Makefile
install:
install: autologin
$(MKDIR) $(DESTDIR)$(bindir)
$(INSTALL_PROGRAM) autologin $(DESTDIR)$(bindir)

4
autologin/autologin.c
View File

@ -69,7 +69,7 @@
*/
#ifndef lint
char *rcsid = "$Id: autologin.c,v 1.23 2002/09/21 06:29:39 bryan Exp $";
char *rcsid = "$Id: autologin.c,v 1.24 2004/12/12 07:36:07 bryan Exp $";
#endif /* not lint */
extern char *progname;
gid_t awGrps[NGROUPS_MAX];
@ -126,7 +126,7 @@ Process()
#if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM)
if (0 != gethostname(my_hostname, sizeof(my_hostname))) {
(void) fprintf(stderr, "%s: gethostname: %s\n", strerror(errno));
(void) fprintf(stderr, "%s: gethostname: %s\n", progname, strerror(errno));
exit(1);
/* NOTREACHED */
}

15
autologin/autologin.man
View File

@ -1,4 +1,4 @@
.\" $Id: autologin.man,v 1.1 2003/11/04 02:36:24 bryan Exp $
.\" $Id: autologin.man,v 1.2 2004/03/23 18:32:06 bryan Exp $
.TH AUTOLOGIN 8L PUCC
.SH NAME
autologin \- create an automatic login session from /etc/inittab
@ -112,12 +112,21 @@ environment variable set to
ss10:2:respawn:/usr/local/etc/autologin \-e TERM=reg20 \-t/dev/tty10 \-lssinfo
.ad
.PP
Adding the following line to \fI/etc/ttytab\fP on a Sun 4.1.\fIx\fP
Adding the following line to
.I /etc/ttytab
on a Sun
.RI 4.1. x
machine establishes a root login on the console device:
.br
.na
console "/usr/local/etc/autologin \-lroot \-t" xterm on local secure
.ad
Note that \fIinit\fP provides the \fItty\fP argument on the end of the command.
.PP
Note that
.I init
provides the
.I tty
argument on the end of the command.
.SH FILES
/bin/su
.br

3
compat.h
View File

@ -8,6 +8,9 @@
#include <sys/stat.h>
#include <fcntl.h>
#include <netinet/in.h>
#if USE_UNIX_DOMAIN_SOCKETS
#include <sys/un.h>
#endif
#include <arpa/inet.h>
#include <netdb.h>
#include <ctype.h>

606
config.guess vendored
View File

File diff suppressed because it is too large Load Diff

18
config.h.in
View File

@ -1,5 +1,8 @@
/* config.h.in. Generated from configure.in by autoheader. */
/* Client config file path */
#undef CLIENTCONFIGFILE
/* Config file path */
#undef CONFIGFILE
@ -57,6 +60,9 @@
/* Define to 1 if you have the `getspnam' function. */
#undef HAVE_GETSPNAM
/* Define to 1 if you have the `gettimeofday' function. */
#undef HAVE_GETTIMEOFDAY
/* Define to 1 if you have the `getuserattr' function. */
#undef HAVE_GETUSERATTR
@ -324,12 +330,18 @@
/* Defined if we trust reverse DNS */
#undef TRUST_REVERSE_DNS
/* Directory for Unix domain sockets */
#undef UDSDIR
/* Defined if we produce extended messages */
#undef USE_EXTENDED_MESSAGES
/* use tcp_wrappers libwrap */
#undef USE_LIBWRAP
/* Defined if we use Unix domain sockets */
#undef USE_UNIX_DOMAIN_SOCKETS
/* Define to 1 if on AIX 3.
System headers sometimes define this.
We just want to avoid a redefinition error message. */
@ -343,6 +355,9 @@
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
/* Define to `int' if <sys/types.h> doesn't define. */
#undef gid_t
/* Define to `int' if <sys/types.h> does not define. */
#undef mode_t
@ -354,3 +369,6 @@
/* Define to `unsigned' if <sys/types.h> does not define. */
#undef size_t
/* Define to `int' if <sys/types.h> doesn't define. */
#undef uid_t

147
config.sub vendored
View File

@ -1,9 +1,9 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
timestamp='2004-03-12'
timestamp='2006-01-02'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@ -21,14 +21,15 @@ timestamp='2004-03-12'
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
# 02110-1301, USA.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# Please send patches to <config-patches@gnu.org>. Submit a context
# diff and a properly formatted ChangeLog entry.
#
@ -70,7 +71,7 @@ Report bugs and patches to <config-patches@gnu.org>."
version="\
GNU config.sub ($timestamp)
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
@ -83,11 +84,11 @@ Try \`$me --help' for more information."
while test $# -gt 0 ; do
case $1 in
--time-stamp | --time* | -t )
echo "$timestamp" ; exit 0 ;;
echo "$timestamp" ; exit ;;
--version | -v )
echo "$version" ; exit 0 ;;
echo "$version" ; exit ;;
--help | --h* | -h )
echo "$usage"; exit 0 ;;
echo "$usage"; exit ;;
-- ) # Stop option processing
shift; break ;;
- ) # Use stdin as input.
@ -99,7 +100,7 @@ while test $# -gt 0 ; do
*local*)
# First pass through any local machine types.
echo $1
exit 0;;
exit ;;
* )
break ;;
@ -118,8 +119,9 @@ esac
# Here we must recognize all the valid KERNEL-OS combinations.
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
case $maybe_os in
nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \
kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*)
nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
storm-chaos* | os2-emx* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;;
@ -145,7 +147,7 @@ case $os in
-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-apple | -axis)
-apple | -axis | -knuth | -cray)
os=
basic_machine=$1
;;
@ -170,6 +172,10 @@ case $os in
-hiux*)
os=-hiuxwe2
;;
-sco6)
os=-sco5v6
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco5)
os=-sco3.2v5
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
@ -186,6 +192,10 @@ case $os in
# Don't forget version if it is 3.2v4 or newer.
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco5v6*)
# Don't forget version if it is 3.2v4 or newer.
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco*)
os=-sco3.2v2
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
@ -231,13 +241,14 @@ case $basic_machine in
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
| am33_2.0 \
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
| bfin \
| c4x | clipper \
| d10v | d30v | dlx | dsp16xx \
| fr30 | frv \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
| m32r | m32rle | m68000 | m68k | m88k | mcore \
| m32r | m32rle | m68000 | m68k | m88k | maxq | mb | microblaze | mcore \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mips16 \
| mips64 | mips64el \
@ -246,6 +257,7 @@ case $basic_machine in
| mips64vr4100 | mips64vr4100el \
| mips64vr4300 | mips64vr4300el \
| mips64vr5000 | mips64vr5000el \
| mips64vr5900 | mips64vr5900el \
| mipsisa32 | mipsisa32el \
| mipsisa32r2 | mipsisa32r2el \
| mipsisa64 | mipsisa64el \
@ -254,23 +266,28 @@ case $basic_machine in
| mipsisa64sr71k | mipsisa64sr71kel \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
| mt \
| msp430 \
| ns16k | ns32k \
| openrisc | or32 \
| or32 \
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
| sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
| sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv8 | sparcv9 | sparcv9b \
| sparc | sparc64 | sparc64b | sparc86x | sparclet | sparclite \
| sparcv8 | sparcv9 | sparcv9b \
| strongarm \
| tahoe | thumb | tic4x | tic80 | tron \
| v850 | v850e \
| we32k \
| x86 | xscale | xstormy16 | xtensa \
| x86 | xscale | xscalee[bl] | xstormy16 | xtensa \
| z8k)
basic_machine=$basic_machine-unknown
;;
m32c)
basic_machine=$basic_machine-unknown
;;
m6811 | m68hc11 | m6812 | m68hc12)
# Motorola 68HC11/12.
basic_machine=$basic_machine-unknown
@ -278,6 +295,9 @@ case $basic_machine in
;;
m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
;;
ms1)
basic_machine=mt-unknown
;;
# We use `pc' rather than `unknown'
# because (1) that's what they normally are, and
@ -298,9 +318,9 @@ case $basic_machine in
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
| avr-* \
| bs2000-* \
| bfin-* | bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
| clipper-* | cydra-* \
| clipper-* | craynv-* | cydra-* \
| d10v-* | d30v-* | dlx-* \
| elxsi-* \
| f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
@ -310,7 +330,7 @@ case $basic_machine in
| ip2k-* | iq2000-* \
| m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
| m88110-* | m88k-* | mcore-* \
| m88110-* | m88k-* | maxq-* | mcore-* \
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
| mips16-* \
| mips64-* | mips64el-* \
@ -319,6 +339,7 @@ case $basic_machine in
| mips64vr4100-* | mips64vr4100el-* \
| mips64vr4300-* | mips64vr4300el-* \
| mips64vr5000-* | mips64vr5000el-* \
| mips64vr5900-* | mips64vr5900el-* \
| mipsisa32-* | mipsisa32el-* \
| mipsisa32r2-* | mipsisa32r2el-* \
| mipsisa64-* | mipsisa64el-* \
@ -326,27 +347,32 @@ case $basic_machine in
| mipsisa64sb1-* | mipsisa64sb1el-* \
| mipsisa64sr71k-* | mipsisa64sr71kel-* \
| mipstx39-* | mipstx39el-* \
| mmix-* \
| mt-* \
| msp430-* \
| none-* | np1-* | nv1-* | ns16k-* | ns32k-* \
| none-* | np1-* | ns16k-* | ns32k-* \
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
| pyramid-* \
| romp-* | rs6000-* \
| sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
| sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
| sparc-* | sparc64-* | sparc64b-* | sparc86x-* | sparclet-* \
| sparclite-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
| tron-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
| x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
| xtensa-* \
| x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \
| xstormy16-* | xtensa-* \
| ymp-* \
| z8k-*)
;;
m32c-*)
;;
# Recognize the various machine names and aliases which stand
# for a CPU type and a company and sometimes even an OS.
386bsd)
@ -445,6 +471,10 @@ case $basic_machine in
basic_machine=j90-cray
os=-unicos
;;
craynv)
basic_machine=craynv-cray
os=-unicosmp
;;
cr16c)
basic_machine=cr16c-unknown
os=-elf
@ -452,6 +482,9 @@ case $basic_machine in
crds | unos)
basic_machine=m68k-crds
;;
crisv32 | crisv32-* | etraxfs*)
basic_machine=crisv32-axis
;;
cris | cris-* | etrax*)
basic_machine=cris-axis
;;
@ -481,6 +514,10 @@ case $basic_machine in
basic_machine=m88k-motorola
os=-sysv3
;;
djgpp)
basic_machine=i586-pc
os=-msdosdjgpp
;;
dpx20 | dpx20-*)
basic_machine=rs6000-bull
os=-bosx
@ -659,10 +696,6 @@ case $basic_machine in
mips3*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
;;
mmix*)
basic_machine=mmix-knuth
os=-mmixware
;;
monitor)
basic_machine=m68k-rom68k
os=-coff
@ -675,6 +708,9 @@ case $basic_machine in
basic_machine=i386-pc
os=-msdos
;;
ms1-*)
basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
;;
mvs)
basic_machine=i370-ibm
os=-mvs
@ -743,10 +779,6 @@ case $basic_machine in
np1)
basic_machine=np1-gould
;;
nv1)
basic_machine=nv1-cray
os=-unicosmp
;;
nsr-tandem)
basic_machine=nsr-tandem
;;
@ -754,9 +786,8 @@ case $basic_machine in
basic_machine=hppa1.1-oki
os=-proelf
;;
or32 | or32-*)
openrisc | openrisc-*)
basic_machine=or32-unknown
os=-coff
;;
os400)
basic_machine=powerpc-ibm
@ -787,6 +818,12 @@ case $basic_machine in
pc532 | pc532-*)
basic_machine=ns32k-pc532
;;
pc98)
basic_machine=i386-pc
;;
pc98-*)
basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
pentium | p5 | k5 | k6 | nexgen | viac3)
basic_machine=i586-pc
;;
@ -843,6 +880,10 @@ case $basic_machine in
basic_machine=i586-unknown
os=-pw32
;;
rdos)
basic_machine=i386-pc
os=-rdos
;;
rom68k)
basic_machine=m68k-rom68k
os=-coff
@ -1029,6 +1070,10 @@ case $basic_machine in
basic_machine=hppa1.1-winbond
os=-proelf
;;
xbox)
basic_machine=i686-pc
os=-mingw32
;;
xps | xps100)
basic_machine=xps100-honeywell
;;
@ -1059,6 +1104,9 @@ case $basic_machine in
romp)
basic_machine=romp-ibm
;;
mmix)
basic_machine=mmix-knuth
;;
rs6000)
basic_machine=rs6000-ibm
;;
@ -1075,12 +1123,9 @@ case $basic_machine in
we32k)
basic_machine=we32k-att
;;
sh3 | sh4 | sh[34]eb | sh[1234]le | sh[23]ele)
sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
basic_machine=sh-unknown
;;
sh64)
basic_machine=sh64-unknown
;;
sparc | sparcv8 | sparcv9 | sparcv9b)
basic_machine=sparc-sun
;;
@ -1154,20 +1199,23 @@ case $os in
| -aos* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
| -openbsd* | -solidbsd* \
| -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* \
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \
| -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
| -uxpv* | -beos* | -mpeix* | -udk* \
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly*)
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
| -skyos* | -haiku* | -rdos*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@ -1185,7 +1233,7 @@ case $os in
os=`echo $os | sed -e 's|nto|nto-qnx|'`
;;
-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
| -windows* | -osx | -abug | -netware* | -os9* | -beos* \
| -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \
| -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
;;
-mac*)
@ -1294,6 +1342,9 @@ case $os in
-kaos*)
os=-kaos
;;
-zvmoe)
os=-zvmoe
;;
-none)
;;
*)
@ -1371,9 +1422,15 @@ case $basic_machine in
*-be)
os=-beos
;;
*-haiku)
os=-haiku
;;
*-ibm)
os=-aix
;;
*-knuth)
os=-mmixware
;;
*-wec)
os=-proelf
;;
@ -1539,7 +1596,7 @@ case $basic_machine in
esac
echo $basic_machine$os
exit 0
exit
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)

203
configure vendored
View File

@ -847,6 +847,8 @@ Optional Packages:
--with-port=PORT Specify port number [conserver]
--with-base=PORT Base port for secondary channel [0]
--with-master=MASTER Specify master server hostname [console]
--with-ccffile=CFFILE Specify client config filename
[SYSCONFDIR/console.cf]
--with-cffile=CFFILE Specify config filename
[SYSCONFDIR/conserver.cf]
--with-pwdfile=PWDFILE Specify password filename
@ -857,6 +859,10 @@ Optional Packages:
--with-timeout=TIMEOUT Specify connect() timeout in seconds [10]
--with-trustrevdns Trust reverse DNS information
--with-extmsgs Produce extended messages
--with-uds[=DIR]
Use Unix domain sockets for client/server
communication [/tmp/conserver]
--with-rpath Use -R as well as -L for libraries
--with-libwrap[=PATH]
Compile in libwrap (tcp_wrappers) support
--with-openssl[=PATH]
@ -1312,6 +1318,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
ac_config_headers="$ac_config_headers config.h"
@ -1428,6 +1435,47 @@ _ACEOF
echo "${ECHO_T}'console'" >&6
fi;
echo "$as_me:$LINENO: checking for client configuration filename" >&5
echo $ECHO_N "checking for client configuration filename... $ECHO_C" >&6
# Check whether --with-ccffile or --without-ccffile was given.
if test "${with_ccffile+set}" = set; then
withval="$with_ccffile"
case "$withval" in
yes|no)
cat >>confdefs.h <<_ACEOF
#define CLIENTCONFIGFILE SYSCONFDIR "/console.cf"
_ACEOF
echo "$as_me:$LINENO: result: '$sysconfdir/console.cf'" >&5
echo "${ECHO_T}'$sysconfdir/console.cf'" >&6
;;
[\\/]* | ?:[\\/]* )
cat >>confdefs.h <<_ACEOF
#define CLIENTCONFIGFILE "$withval"
_ACEOF
echo "$as_me:$LINENO: result: '$withval'" >&5
echo "${ECHO_T}'$withval'" >&6
;;
*)
cat >>confdefs.h <<_ACEOF
#define CLIENTCONFIGFILE SYSCONFDIR "/$withval"
_ACEOF
echo "$as_me:$LINENO: result: '$sysconfdir/$withval'" >&5
echo "${ECHO_T}'$sysconfdir/$withval'" >&6
;;
esac
else
cat >>confdefs.h <<_ACEOF
#define CLIENTCONFIGFILE SYSCONFDIR "/console.cf"
_ACEOF
echo "$as_me:$LINENO: result: '$sysconfdir/console.cf'" >&5
echo "${ECHO_T}'$sysconfdir/console.cf'" >&6
fi;
echo "$as_me:$LINENO: checking for configuration filename" >&5
echo $ECHO_N "checking for configuration filename... $ECHO_C" >&6
@ -1692,6 +1740,79 @@ else
echo "${ECHO_T}no" >&6
fi;
echo "$as_me:$LINENO: checking whether to use Unix domain sockets" >&5
echo $ECHO_N "checking whether to use Unix domain sockets... $ECHO_C" >&6
cons_with_uds="NO"
# Check whether --with-uds or --without-uds was given.
if test "${with_uds+set}" = set; then
withval="$with_uds"
case "$withval" in
yes)
cat >>confdefs.h <<_ACEOF
#define UDSDIR "/tmp/conserver"
_ACEOF
cat >>confdefs.h <<\_ACEOF
#define USE_UNIX_DOMAIN_SOCKETS 1
_ACEOF
echo "$as_me:$LINENO: result: /tmp/conserver" >&5
echo "${ECHO_T}/tmp/conserver" >&6
cons_with_uds="YES"
;;
no)
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
;;
*)
cat >>confdefs.h <<_ACEOF
#define UDSDIR "$withval"
_ACEOF
cat >>confdefs.h <<\_ACEOF
#define USE_UNIX_DOMAIN_SOCKETS 1
_ACEOF
echo "$as_me:$LINENO: result: '$withval'" >&5
echo "${ECHO_T}'$withval'" >&6
cons_with_uds="YES"
if expr "$withval" : '/' >/dev/null 2>&1; then
:
else
echo "*** WARNING *** you may have better success using a fully-qualified path"
echo "*** WARNING *** instead of '$withval'"
fi
;;
esac
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi;
use_dash_r=no
echo "$as_me:$LINENO: checking whether to use -R paths as well as -L" >&5
echo $ECHO_N "checking whether to use -R paths as well as -L... $ECHO_C" >&6
# Check whether --with-rpath or --without-rpath was given.
if test "${with_rpath+set}" = set; then
withval="$with_rpath"
case "$withval" in
yes|no)
echo "$as_me:$LINENO: result: $withval" >&5
echo "${ECHO_T}$withval" >&6
use_dash_r=$withval
;;
*)
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
;;
esac
else
echo "$as_me:$LINENO: result: no" >&5
echo "${ECHO_T}no" >&6
fi;
ac_ext=c
ac_cpp='$CPP $CPPFLAGS'
ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
@ -4265,6 +4386,44 @@ _ACEOF
fi
echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5
echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6
if test "${ac_cv_type_uid_t+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
#include <sys/types.h>
_ACEOF
if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
$EGREP "uid_t" >/dev/null 2>&1; then
ac_cv_type_uid_t=yes
else
ac_cv_type_uid_t=no
fi
rm -f conftest*
fi
echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5
echo "${ECHO_T}$ac_cv_type_uid_t" >&6
if test $ac_cv_type_uid_t = no; then
cat >>confdefs.h <<\_ACEOF
#define uid_t int
_ACEOF
cat >>confdefs.h <<\_ACEOF
#define gid_t int
_ACEOF
fi
echo "$as_me:$LINENO: checking for sig_atomic_t" >&5
echo $ECHO_N "checking for sig_atomic_t... $ECHO_C" >&6
@ -5373,6 +5532,7 @@ fi
cons_with_libwrap="NO"
# Check whether --with-libwrap or --without-libwrap was given.
if test "${with_libwrap+set}" = set; then
@ -5380,7 +5540,11 @@ if test "${with_libwrap+set}" = set; then
if test "$withval" != "no"; then
if test "$withval" != "yes"; then
WRAPCPPFLAGS="-I$withval/include"
WRAPLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
WRAPLDFLAGS="-L$withval/lib"
else
WRAPLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
WRAPCPPFLAGS=""
WRAPLDFLAGS=""
@ -5576,6 +5740,7 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(exit $ac_status); }; }; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
cons_with_libwrap="YES"
cat >>confdefs.h <<\_ACEOF
#define USE_LIBWRAP 1
_ACEOF
@ -5634,6 +5799,7 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(exit $ac_status); }; }; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
cons_with_libwrap="YES"
cat >>confdefs.h <<\_ACEOF
#define USE_LIBWRAP 1
_ACEOF
@ -5663,6 +5829,7 @@ fi
fi;
cons_with_openssl="NO"
# Check whether --with-openssl or --without-openssl was given.
if test "${with_openssl+set}" = set; then
@ -5670,7 +5837,11 @@ if test "${with_openssl+set}" = set; then
if test "$withval" != "no"; then
if test "$withval" != "yes"; then
OPENSSLCPPFLAGS="-I$withval/include"
OPENSSLLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
OPENSSLLDFLAGS="-L$withval/lib"
else
OPENSSLLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
OPENSSLCPPFLAGS=""
OPENSSLLDFLAGS=""
@ -5865,6 +6036,7 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(exit $ac_status); }; }; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
cons_with_openssl="YES"
cat >>confdefs.h <<\_ACEOF
#define HAVE_OPENSSL 1
_ACEOF
@ -5892,6 +6064,7 @@ fi
fi;
cons_with_dmalloc="NO"
# Check whether --with-dmalloc or --without-dmalloc was given.
if test "${with_dmalloc+set}" = set; then
@ -5899,7 +6072,11 @@ if test "${with_dmalloc+set}" = set; then
if test "$withval" != "no"; then
if test "$withval" != "yes"; then
DMALLOCCPPFLAGS="-I$withval/include"
DMALLOCLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
DMALLOCLDFLAGS="-L$withval/lib"
else
DMALLOCLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
DMALLOCCPPFLAGS=""
DMALLOCLDFLAGS=""
@ -6094,6 +6271,7 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(exit $ac_status); }; }; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
cons_with_dmalloc="YES"
cat >>confdefs.h <<\_ACEOF
#define HAVE_DMALLOC 1
_ACEOF
@ -6124,6 +6302,7 @@ fi;
cons_with_pam="NO"
echo "$as_me:$LINENO: checking for PAM support" >&5
echo $ECHO_N "checking for PAM support... $ECHO_C" >&6
@ -6320,6 +6499,7 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(exit $ac_status); }; }; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
cons_with_pam="YES"
cat >>confdefs.h <<\_ACEOF
#define HAVE_PAM 1
_ACEOF
@ -6380,6 +6560,7 @@ if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(exit $ac_status); }; }; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
cons_with_pam="YES"
cat >>confdefs.h <<\_ACEOF
#define HAVE_PAM 1
_ACEOF
@ -6773,7 +6954,8 @@ done
for ac_func in getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle
for ac_func in getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle gettimeofday
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
echo "$as_me:$LINENO: checking for $ac_func" >&5
@ -8614,3 +8796,16 @@ if test "$no_create" != yes; then
$ac_cs_success || { (exit 1); exit 1; }
fi
echo "=============================================================="
echo " Feature Summary"
echo ""
echo " Unix domain sockets (--with-uds) : $cons_with_uds"
echo " TCP wrappers (--with-libwrap): $cons_with_libwrap"
echo " OpenSSL (--with-openssl): $cons_with_openssl"
echo " dmalloc (--with-dmalloc): $cons_with_dmalloc"
echo " PAM support (--with-pam) : $cons_with_pam"
echo ""
echo "=============================================================="

142
configure.in
View File

@ -4,6 +4,7 @@ AH_TEMPLATE([DEFPORT], [Socket used to communicate])
AH_TEMPLATE([DEFBASEPORT], [Base socket used for secondary channel])
AH_TEMPLATE([MASTERHOST], [Hostname of console server])
AH_TEMPLATE([CONFIGFILE], [Config file path])
AH_TEMPLATE([CLIENTCONFIGFILE], [Client config file path])
AH_TEMPLATE([PASSWDFILE], [Password file path])
AH_TEMPLATE([LOGFILEPATH], [Logfile path])
AH_TEMPLATE([MAXMEMB], [Number of consoles per child process])
@ -17,9 +18,12 @@ AH_TEMPLATE([HAVE_DMALLOC], [have dmalloc support])
AH_TEMPLATE([HAVE_SA_LEN],[Defined if sa_len member exists in struct sockaddr])
AH_TEMPLATE([TRUST_REVERSE_DNS],[Defined if we trust reverse DNS])
AH_TEMPLATE([USE_EXTENDED_MESSAGES],[Defined if we produce extended messages])
AH_TEMPLATE([USE_UNIX_DOMAIN_SOCKETS],[Defined if we use Unix domain sockets])
AH_TEMPLATE([UDSDIR], [Directory for Unix domain sockets])
dnl ### Normal initialization. ######################################
AC_INIT
AC_PREREQ(2.59)
AC_CONFIG_SRCDIR([conserver/main.c])
AC_CONFIG_HEADER(config.h)
@ -49,7 +53,7 @@ dnl AC_MSG_RESULT($with_64bit)
AC_MSG_CHECKING(for port number specification)
AC_ARG_WITH(port,
AC_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
AS_HELP_STRING([--with-port=PORT],[Specify port number @<:@conserver@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(DEFPORT, "conserver")
@ -65,7 +69,7 @@ AC_ARG_WITH(port,
AC_MSG_CHECKING(for secondary channel base port)
AC_ARG_WITH(base,
AC_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
AS_HELP_STRING([--with-base=PORT], [Base port for secondary channel @<:@0@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(DEFBASEPORT, "0")
@ -81,7 +85,7 @@ AC_ARG_WITH(base,
AC_MSG_CHECKING(for master conserver hostname)
AC_ARG_WITH(master,
AC_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
AS_HELP_STRING([--with-master=MASTER],[Specify master server hostname @<:@console@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(MASTERHOST, "console")
@ -95,9 +99,29 @@ AC_ARG_WITH(master,
[AC_DEFINE_UNQUOTED(MASTERHOST, "console")
AC_MSG_RESULT('console')])
AC_MSG_CHECKING(for client configuration filename)
AC_ARG_WITH(ccffile,
AS_HELP_STRING([--with-ccffile=CFFILE],[Specify client config filename @<:@SYSCONFDIR/console.cf@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
AC_MSG_RESULT('$sysconfdir/console.cf')
;;
[[\\/]]* | ?:[[\\/]]* )
AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, ["$withval"])
AC_MSG_RESULT('$withval')
;;
*)
AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/$withval"])
AC_MSG_RESULT('$sysconfdir/$withval')
;;
esac],
[AC_DEFINE_UNQUOTED(CLIENTCONFIGFILE, [SYSCONFDIR "/console.cf"])
AC_MSG_RESULT('$sysconfdir/console.cf')])
AC_MSG_CHECKING(for configuration filename)
AC_ARG_WITH(cffile,
AC_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
AS_HELP_STRING([--with-cffile=CFFILE],[Specify config filename @<:@SYSCONFDIR/conserver.cf@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(CONFIGFILE, [SYSCONFDIR "/conserver.cf"])
@ -117,7 +141,7 @@ AC_ARG_WITH(cffile,
AC_MSG_CHECKING(for password filename)
AC_ARG_WITH(pwdfile,
AC_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
AS_HELP_STRING([--with-pwdfile=PWDFILE],[Specify password filename @<:@SYSCONFDIR/conserver.passwd@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(PASSWDFILE, [SYSCONFDIR "/conserver.passwd"])
@ -137,7 +161,7 @@ AC_ARG_WITH(pwdfile,
AC_MSG_CHECKING(for log filename)
AC_ARG_WITH(logfile,
AC_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
AS_HELP_STRING([--with-logfile=LOGFILE],[Specify log filename @<:@/var/log/conserver@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(LOGFILEPATH, "/var/log/conserver")
@ -154,7 +178,7 @@ AC_ARG_WITH(logfile,
AC_SUBST(PIDFILE)
AC_MSG_CHECKING(for PID filename)
AC_ARG_WITH(pidfile,
AC_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
AS_HELP_STRING([--with-pidfile=PIDFILE],[Specify PID filepath @<:@/var/run/conserver.pid@:>@]),
[case "$withval" in
yes|no)
PIDFILE="/var/run/conserver.pid"
@ -169,7 +193,7 @@ AC_MSG_RESULT('$PIDFILE')
AC_MSG_CHECKING(for MAXMEMB setting)
AC_ARG_WITH(maxmemb,
AC_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
AS_HELP_STRING([--with-maxmemb=MAXMEMB],[Specify maximum consoles per process @<:@16@:>@]),
[case "$withval" in
yes|no)
AC_DEFINE_UNQUOTED(MAXMEMB, 16)
@ -191,7 +215,7 @@ AC_ARG_WITH(maxmemb,
AC_MSG_CHECKING(for connect() timeout)
AC_ARG_WITH(timeout,
AC_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
AS_HELP_STRING([--with-timeout=TIMEOUT],[Specify connect() timeout in seconds @<:@10@:>@]),
[if expr "$withval" : '[[0-9]]*$' >/dev/null 2>&1 &&
test "$withval" -gt 0 -a "$withval" -lt 300; then
AC_DEFINE_UNQUOTED(CONNECTTIMEOUT, $withval)
@ -205,7 +229,7 @@ AC_ARG_WITH(timeout,
AC_MSG_CHECKING(whether to trust reverse DNS)
AC_ARG_WITH(trustrevdns,
AC_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
AS_HELP_STRING([--with-trustrevdns],[Trust reverse DNS information]),
[case "$withval" in
yes)
AC_DEFINE(TRUST_REVERSE_DNS)
@ -218,7 +242,7 @@ AC_ARG_WITH(trustrevdns,
AC_MSG_CHECKING(whether to display extended messages)
AC_ARG_WITH(extmsgs,
AC_HELP_STRING([--with-extmsgs],[Produce extended messages]),
AS_HELP_STRING([--with-extmsgs],[Produce extended messages]),
[case "$withval" in
yes)
AC_DEFINE(USE_EXTENDED_MESSAGES)
@ -229,6 +253,50 @@ AC_ARG_WITH(extmsgs,
;;
esac],[AC_MSG_RESULT(no)])
AC_MSG_CHECKING(whether to use Unix domain sockets)
cons_with_uds="NO"
AC_ARG_WITH(uds,
AS_HELP_STRING([--with-uds@<:@=DIR@:>@ ],
[Use Unix domain sockets for client/server communication @<:@/tmp/conserver@:>@]),
[case "$withval" in
yes)
AC_DEFINE_UNQUOTED(UDSDIR, "/tmp/conserver")
AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
AC_MSG_RESULT([/tmp/conserver])
cons_with_uds="YES"
;;
no)
AC_MSG_RESULT(no)
;;
*)
AC_DEFINE_UNQUOTED(UDSDIR, "$withval")
AC_DEFINE(USE_UNIX_DOMAIN_SOCKETS)
AC_MSG_RESULT('$withval')
cons_with_uds="YES"
if expr "$withval" : '/' >/dev/null 2>&1; then
:
else
echo "*** WARNING *** you may have better success using a fully-qualified path"
echo "*** WARNING *** instead of '$withval'"
fi
;;
esac],[AC_MSG_RESULT(no)])
use_dash_r=no
AC_MSG_CHECKING(whether to use -R paths as well as -L)
AC_ARG_WITH(rpath,
AS_HELP_STRING([--with-rpath],[Use -R as well as -L for libraries]),
[case "$withval" in
yes|no)
AC_MSG_RESULT($withval)
use_dash_r=$withval
;;
*)
AC_MSG_RESULT(no)
;;
esac],
[AC_MSG_RESULT(no)])
dnl ### Check for compiler et al. ###################################
AC_PROG_CC
AC_PROG_INSTALL
@ -271,6 +339,7 @@ AC_TYPE_MODE_T
AC_TYPE_SIGNAL
AC_TYPE_PID_T
AC_TYPE_SIZE_T
AC_TYPE_UID_T
AC_CHECK_TYPE([sig_atomic_t],,
AC_DEFINE(sig_atomic_t, volatile int,
@ -314,13 +383,18 @@ AC_SEARCH_LIBS(crypt,crypt)
AC_SUBST(CONSLIBS)
AC_SUBST(CONSCPPFLAGS)
AC_SUBST(CONSLDFLAGS)
cons_with_libwrap="NO"
AC_ARG_WITH(libwrap,
AC_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
AS_HELP_STRING([--with-libwrap@<:@=PATH@:>@],
[Compile in libwrap (tcp_wrappers) support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
WRAPCPPFLAGS="-I$withval/include"
WRAPLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
WRAPLDFLAGS="-L$withval/lib"
else
WRAPLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
WRAPCPPFLAGS=""
WRAPLDFLAGS=""
@ -341,6 +415,7 @@ AC_ARG_WITH(libwrap,
int deny_severity = 0;
],[hosts_access((void *)0)],
[AC_MSG_RESULT(yes)
cons_with_libwrap="YES"
AC_DEFINE(USE_LIBWRAP)
CONSLIBS="$CONSLIBS -lwrap"
CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
@ -353,6 +428,7 @@ AC_ARG_WITH(libwrap,
int deny_severity = 0;
],[hosts_access((void *)0)],
[AC_MSG_RESULT(yes)
cons_with_libwrap="YES"
AC_DEFINE(USE_LIBWRAP)
CONSLIBS="$CONSLIBS -lwrap -lnsl"
CONSLDFLAGS="$CONSLDFLAGS $WRAPLDFLAGS"
@ -364,13 +440,18 @@ AC_ARG_WITH(libwrap,
fi]
)
cons_with_openssl="NO"
AC_ARG_WITH(openssl,
AC_HELP_STRING([--with-openssl@<:@=PATH@:>@],
AS_HELP_STRING([--with-openssl@<:@=PATH@:>@],
[Compile in OpenSSL support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
OPENSSLCPPFLAGS="-I$withval/include"
OPENSSLLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
OPENSSLLDFLAGS="-L$withval/lib"
else
OPENSSLLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
OPENSSLCPPFLAGS=""
OPENSSLLDFLAGS=""
@ -390,6 +471,7 @@ AC_ARG_WITH(openssl,
AC_TRY_LINK([#include <openssl/ssl.h>
],[SSL_library_init()],
[AC_MSG_RESULT(yes)
cons_with_openssl="YES"
AC_DEFINE(HAVE_OPENSSL)
have_openssl=yes],
[AC_MSG_RESULT(no)])],)
@ -402,13 +484,18 @@ AC_ARG_WITH(openssl,
fi]
)
cons_with_dmalloc="NO"
AC_ARG_WITH(dmalloc,
AC_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
AS_HELP_STRING([--with-dmalloc@<:@=PATH@:>@],
[Compile in dmalloc support]),
[if test "$withval" != "no"; then
if test "$withval" != "yes"; then
DMALLOCCPPFLAGS="-I$withval/include"
DMALLOCLDFLAGS="-L$withval/lib"
if test "$use_dash_r" != "yes"; then
DMALLOCLDFLAGS="-L$withval/lib"
else
DMALLOCLDFLAGS="-L$withval/lib -R$withval/lib"
fi
else
DMALLOCCPPFLAGS=""
DMALLOCLDFLAGS=""
@ -428,6 +515,7 @@ AC_ARG_WITH(dmalloc,
AC_TRY_LINK([#include <dmalloc.h>
],[dmalloc_debug(0)],
[AC_MSG_RESULT(yes)
cons_with_dmalloc="YES"
AC_DEFINE(HAVE_DMALLOC)
have_dmalloc=yes],
[AC_MSG_RESULT(no)])],)
@ -476,9 +564,10 @@ dnl else
dnl AC_MSG_RESULT(no)
dnl fi],[AC_MSG_RESULT(no)])
cons_with_pam="NO"
AC_MSG_CHECKING(for PAM support)
AC_ARG_WITH(pam,
AC_HELP_STRING([--with-pam],
AS_HELP_STRING([--with-pam],
[Enable PAM support]),
[if test "$withval" = yes; then
oLIBS="$LIBS"
@ -488,6 +577,7 @@ AC_ARG_WITH(pam,
AC_MSG_CHECKING(for PAM library -lpam)
AC_TRY_LINK_FUNC([pam_start],
[AC_MSG_RESULT(yes)
cons_with_pam="YES"
AC_DEFINE(HAVE_PAM)
CONSLIBS="$CONSLIBS -lpam"],
[LIBS="$LIBS -ldl"
@ -495,6 +585,7 @@ AC_ARG_WITH(pam,
AC_MSG_CHECKING(for PAM library -lpam with -ldl)
AC_TRY_LINK_FUNC([pam_end],
[AC_MSG_RESULT(yes)
cons_with_pam="YES"
AC_DEFINE(HAVE_PAM)
CONSLIBS="$CONSLIBS -lpam -ldl"],
[AC_MSG_RESULT(no)])])],)
@ -519,7 +610,7 @@ AC_CHECK_HEADERS(pty.h libutil.h util.h)
AC_CHECK_LIB(util, openpty)
AC_CHECK_FUNCS(openpty)
AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle)
AC_CHECK_FUNCS(getopt strerror getrlimit getsid setsid getuserattr setgroups tcgetpgrp tcsetpgrp tcgetattr tcsetattr tcsendbreak setpgrp getutent setttyent getspnam setlinebuf setvbuf ptsname grantpt unlockpt sigaction setsockopt getdtablesize putenv memset memcpy memcmp memmove sysconf getlogin inet_aton setproctitle gettimeofday)
AC_FUNC_SETPGRP
AC_CHECK_FUNC(strcasecmp,
[AC_DEFINE(HAVE_STRCASECMP, 1, [Define if strcasecmp is available])],
@ -537,3 +628,16 @@ dnl ### Create output files. #######################################
AC_CONFIG_FILES([Makefile conserver/Makefile conserver.cf/Makefile console/Makefile autologin/Makefile contrib/chat/Makefile])
AC_CONFIG_FILES([conserver/conserver.rc], [chmod +x conserver/conserver.rc])
AC_OUTPUT
[
echo "=============================================================="
echo " Feature Summary"
echo ""
echo " Unix domain sockets (--with-uds) : $cons_with_uds"
echo " TCP wrappers (--with-libwrap): $cons_with_libwrap"
echo " OpenSSL (--with-openssl): $cons_with_openssl"
echo " dmalloc (--with-dmalloc): $cons_with_dmalloc"
echo " PAM support (--with-pam) : $cons_with_pam"
echo ""
echo "=============================================================="
]

10
conserver.cf/INSTALL
View File

@ -1,11 +1,11 @@
The two files you need to set up are the conserver.cf and conserver.passwd
files. See the sample conserver.cf and conserver.passwd files
for examples. You can start with those and then modify extensively.
The man page for conserver.cf and conserver.passwd should explain the
files with enough detail to get you going.
files. See the sample conserver.cf and conserver.passwd files for examples
(installed in <DATADIR>/examples/conserver). You can start with those and
then modify extensively. The man page for conserver.cf and conserver.passwd
should explain the files with enough detail to get you going.
That's about it. Good luck.
#
# $Id: INSTALL,v 1.3 2003/07/04 18:21:21 bryan Exp $
# $Id: INSTALL,v 1.4 2005/05/21 13:47:18 bryan Exp $
#

461
conserver.cf/conserver.cf.man
View File

@ -1,5 +1,5 @@
.\" $Id: conserver.cf.man,v 1.58 2004/02/24 02:59:36 bryan Exp $
.TH CONSERVER.CF 5 "2004/02/24" "conserver-8.1.3" "conserver"
.\" $Id: conserver.cf.man,v 1.73 2005/06/09 07:09:31 bryan Exp $
.TH CONSERVER.CF 5 "2005/06/09" "conserver-8.1.13" "conserver"
.SH NAME
conserver.cf \- console configuration file for
.BR conserver (8)
@ -107,10 +107,27 @@ of things, we have:
"defa"ult my\e defs { rw *; in\eclude "other defs" ; }
.fi
.ft
.PP
There is one special line the parser recognizes: a ``#include'' statement.
It is of the form:
.IP
.B #include
.I filename
.PP
Any whitespace around
.I filename
is ignored, but whitespace embedded inside is preserved.
Everything in
.I filename
is taken literally, so none of the normal parser quoting applies.
The
.B #include
must begin in ``column 0'' - no whitespace is allowed between it and
the start of the physical line.
There is an include file depth limit of 10 to prevent infinite recursion.
.SH BLOCKS
.TP 8
.B access
.RI [ " hostname " | " ipaddr " ]
.TP
\f3access\fP \f2hostname\fP|\f2ipaddr\fP
.br
Define an access block for the host named
.I hostname
@ -121,10 +138,8 @@ all conserver hosts.
Access lists are used in a first match
fashion (top down), so order is important.
.RS
.TP 15
.B admin
.RI "[ [\fB!\fP]" username ,...
| "" ]
.TP
\f3admin\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
.br
Define a list of users making up the admin list for the console server.
If
@ -132,50 +147,80 @@ If
matches a previously defined group name, all members of the previous
group are applied to the admin list (with access reversed if prefixed
with a `!').
Otherwise, users will be granted (or denied if prefixed with `!') access.
If the null string (``""'') is used, any
If
.I username
doesn't match a previously defined group and
.I username
begins with `@', the name (minus the `@') is checked against the
host's group database.
All users found in the group will be granted (or denied, if prefixed
with `!') access.
If
.I username
doesn't match a previous group and doesn't begin with `@', the users
will be granted (or denied, if prefixed with `!') access.
If the null string (``\f3""\fP'') is used, any
users previously defined for the console servers's admin list are removed.
.TP
.B allowed
.IR hostname ", ..."
\f3allowed\fP \f2hostname\fP[\f3,\fP...]
.br
The list of hostnames are added to the ``allowed'' list, which grants
connections from the hosts but requires username authentication.
.TP
.B include
.I accessgroup
\f3include\fP \f2accessgroup\fP
.br
The access lists defined using the name
.I accessgroup
are applied to the current access block.
The included access block must be previously defined.
.TP
.B rejected
.IR hostname ", ..."
\f3limited\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
.br
Define a list of users with limited functionality on the console server.
These users will not be allowed to suspend their connection,
shift to another console, or attach to a local command.
If
.I username
matches a previously defined group name, all members of the previous
group are applied to the admin list (with access reversed if prefixed
with a `!').
If
.I username
doesn't match a previously defined group and
.I username
begins with `@', the name (minus the `@') is checked against the
host's group database.
All users found in the group will be granted (or denied, if prefixed
with `!') access.
If
.I username
doesn't match a previous group and doesn't begin with `@', the users
will be granted (or denied, if prefixed with `!') access.
If the null string (``\f3""\fP'') is used, any
users previously defined for the console server's limited list are removed.
.TP
\f3rejected\fP \f2hostname\fP[\f3,\fP...]
.br
The list of hostnames are added to the ``rejected'' list, which rejects
connections from the hosts.
.TP
.B trusted
.IR hostname ", ..."
\f3trusted\fP \f2hostname\fP[\f3,\fP...]
.br
The list of hostnames are added to the ``trusted'' list, which grants
connections from the hosts without username authentication.
.RE
.TP 8
.B break
.I n
.TP
\f3break\fP \f2n\fP
.br
Define a break sequence where 0 <
.I n
< 10.
Break sequences are accessed via the
.RI ``^El n ''
.RI ``^Ecl n ''
client escape sequence.
.RS
.TP 15
.B delay
.I n
.TP
\f3delay\fP \f2n\fP
.br
Set the time delay for the
.B \ed
@ -184,8 +229,7 @@ sequence to
milliseconds.
The default time delay is 250ms.
.TP
.B string
.I breakseq
\f3string\fP \f2breakseq\fP
.br
Assign the string
.IR breakseq
@ -194,6 +238,7 @@ to the specified slot
A break sequence is a simple character string with the exception of `\e'
and `^':
.RS
.RS
.sp
.PD 0
.TP 6
@ -251,9 +296,9 @@ is ``and''ed with 0x1f)
.PD
.RE
.RE
.TP 8
.B config
.RI [ " hostname " | " ipaddr " ]
.RE
.TP
\f3config\fP \f2hostname\fP|\f2ipaddr\fP
.br
Define a configuration block for the host named
.I hostname
@ -262,66 +307,90 @@ or using the address
If the value of ``*'' is used, the configuration block will be applied to
all conserver hosts.
.RS
.TP 15
.B defaultaccess
.RB [ " rejected " | " trusted " | " allowed " ]
.TP
\f3autocomplete\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
.br
Turn the console name autocompletion feature on or off.
If autocompletion is on, a client can use any unique leading portion of a
console name when connecting to a console.
Autocompletion is on by default.
.TP
\f3defaultaccess\fP \f3rejected\fP|\f3trusted\fP|\f3allowed\fP
.br
Set the default access permission for all hosts not matched by
an access list (see the
.B \-a
command-line flag).
.TP
.B daemonmode
.RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
\f3daemonmode\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
.br
Set whether or not to become a daemon when run (see the
.B \-d
command-line flag).
.TP
.B logfile
.I filename
\f3initdelay\fP \f2number\fP
.br
Set the number of seconds between console initializations.
All consoles with the same
.B host
value will be throttled as a group (those without a
.B host
value are their own group).
In other words, each console within a group will only be initialized after
.I number
seconds passes from the previous initialization of a console in that group.
Different throttle groups are initialized simultaneously.
One warning: since consoles are split up and managed by seperate conserver
processes, it's possible for more than one conserver process to
have a throttle group based on a particular
.B host
value.
If this happens, each conserver process will throttle their groups
independently of the other conserver processes, which results in a
more rapid initialization (per
.B host
value) than one might otherwise expect.
If
.I number
is zero, all consoles are initialized without delay.
.TP
\f3logfile\fP \f2filename\fP
.br
Set the logfile to write to when in daemon mode (see the
.B \-L
command-line flag).
.TP
.B passwdfile
.I filename
\f3passwdfile\fP \f2filename\fP
.br
Set the password file location used for authentication (see the
.B \-P
command-line flag).
.TP
.B primaryport
.RI [ " number " | " name " ]
\f3primaryport\fP \f2number\fP|\f2name\fP
.br
Set the port used by the master conserver process (see the
.B \-p
command-line flag).
.TP
.B redirect
.RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
\f3redirect\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
.br
Turn redirection on or off (see the
.B \-R
command-line flag).
.TP
.B reinitcheck
.I number
\f3reinitcheck\fP \f2number\fP
.br
Set the number of seconds used between reinitialization checks (see the
Set the number of minutes used between reinitialization checks (see the
.B \-O
command-line flag).
.TP
.B secondaryport
.RI [ " number " | " name " ]
\f3secondaryport\fP \f2number\fP|\f2name\fP
.br
Set the base port number used by child processes (see the
.B \-b
command-line flag).
.TP
.B setproctitle
.RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
\f3setproctitle\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
.br
Set whether or not the process title shows master/group functionality
as well as the port number the process is listening on and how many
@ -330,8 +399,7 @@ The operating system must support the
.BR setproctitle ()
call.
.TP
.B sslcredentials
.I filename
\f3sslcredentials\fP \f2filename\fP
.br
Set the
.SM SSL
@ -339,15 +407,13 @@ credentials file location (see the
.B \-c
command-line flag).
.TP
.B sslrequired
.RB [ " yes " | " true " | " on " | " no " | " false " | " off " ]
\f3sslrequired\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off
.br
Set whether or not encryption is required when talking to clients (see the
.B \-E
command-line flag).
.TP
.B unifiedlog
.I filename
\f3unifiedlog\fP \f2filename\fP
.br
Set the location of the unified log to
.IR filename .
@ -355,9 +421,8 @@ See the
.B \-U
command-line flag for details.
.RE
.TP 8
.B console
.I name
.TP
\f3console\fP \f2name\fP
.br
Define a console identified as
.IR name .
@ -365,18 +430,15 @@ The keywords are the same as the
.B default
block with the following addition.
.RS
.TP 15
.B aliases
.RI [ " name" ", ..."
| "" ]
.TP
\f3aliases\fP \f2name\fP[\f3,\fP...]|\f3""\fP
.br
Define a list of console aliases.
If the null string (``""'') is used, any
If the null string (``\f3""\fP'') is used, any
aliases previously defined for the console are removed.
.RE
.TP 8
.B default
.I name
.TP
\f3default\fP \f2name\fP
.br
Define a block of defaults identified as
.IR name .
@ -386,40 +448,34 @@ is ``*'', the automatically applied default block is defined (basically
all consoles have an implicit ``include "*";'' at the beginning
of their definition).
.RS
.TP 15
.B baud
.RB [ " 300 " | " 600 " | " 1800 " | " 2400 " | " 4800"
.RB | " 9600 " | " 19200 " | " 38400 " | " 57600 " | " 115200 " ]
.TP
\f3baud\fP \f3300\fP|\f3600\fP|\f31800\fP|\f32400\fP|\f34800\fP|\f39600\fP|\f319200\fP|\f338400\fP|\f357600\fP|\f3115200\fP
.br
Assign the baud rate to the console.
Only consoles of type ``device'' will use this value.
.TP
.B break
.I n
\f3break\fP \f2n\fP
.br
Assign the break sequence
.I n
as the default for the console, which is used by
the ``^Ecl0'' client escape sequence.
.TP
.B device
.I filename
\f3device\fP \f2filename\fP
.br
Assign the serial device
.I filename
as the access to the console.
Only consoles of type ``device'' will use this value.
.TP
.B devicesubst
.RI [ c = t [ n ] f "[,...]"
| "" ]
\f3devicesubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
.br
Perform character substitutions on the
.B device
value.
A series of replacements can be defined by specifying a
comma-separated list of
.IR c = t [ n ] f
\f2c\fP=\f2t\fP[\f2n\fP]\f2f\fP
sequences where
.I c
is any printable character,
@ -476,27 +532,45 @@ characters, padded with 0s if
.I n
begins with a 0, and space characters otherwise.
.I f
must be either `d', `x' or `X', specifying a decimal, lower-case
hexadecimal, or an uppercase hexadecimal conversion.
If the null string (``""'') is used, no replacements will be done.
must be either `d', `x', `X', `a', or `A', specifying a decimal, lowercase
hexadecimal (0-9a-f), uppercase hexadecimal (0-9A-F), lowercase
alphanumeric (0-9a-z), or uppercase alphanumeric (0-9A-Z) conversion.
If the null string (``\f3""\fP'') is used, no replacements will be done.
.TP
.B exec
.RI [ " command "
| "" ]
\f3exec\fP \f2command|\f3""\fP
.br
Assign the string
.I command
as the command to access the console.
Conserver will run the command by
invoking ``/bin/sh -ce "\fIcommand\fP"''.
If the null string (``""'') is used or no
invoking ``/bin/sh -ce "\f2command\fP"''.
If the null string (``\f3""\fP'') is used or no
.B exec
keyword is specified, conserver will use the command ``/bin/sh -i''.
Only consoles of type ``exec'' will use this value.
.TP
.B execsubst
.RI [ c = t [ n ] f "[,...]"
| "" ]
\f3execrunas\fP [\f2user\fP][:\f2group\fP]|\f3""\fP
.br
By default, the command invoked by
.B exec
is run with the same privileges as the server.
If the server is running with root privileges, this option resets the user
and/or group of the invoked process to
.I user
and
.I group
respectively.
.I user
may be a username or numeric uid and
.I group
may be a group name or numeric gid.
Either one is optional.
If the server is not running with root privileges, these values
are not used.
If the null string (``\f3""\fP'') is specified, the default of running
with the same privileges as the server is restored.
.TP
\f3execsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
.br
Perform character substitutions on the
.B exec
@ -504,10 +578,9 @@ value.
See the
.B devicesubst
option for an explanation of the format string.
If the null string (``""'') is used, no replacements will be done.
If the null string (``\f3""\fP'') is used, no replacements will be done.
.TP
.B host
.I hostname
\f3host\fP \f2hostname\fP
.br
Assign
.I hostname
@ -523,16 +596,14 @@ or
.B initsubst
keywords are used in any console type, this value is used.
.TP
.B idlestring
.RI [ " string "
| "" ]
\f3idlestring\fP \f2string\fP|\f3""\fP
.br
Assign the
.I string
that is sent to the console once the console is idle for an
.I idletimeout
amount of time.
If the null string (``""'') is used, the string is unset and
If the null string (``\f3""\fP'') is used, the string is unset and
the default is used.
The string is interpreted just as a
.B break
@ -542,8 +613,7 @@ configuration items for details) where all delays specified (via ``\ed'')
use the default delay time.
The default string is ``\en''.
.TP
.B idletimeout
.BR \fInumber\fP [ s | m | h ]
\f3idletimeout\fP \f2number\fP[\f3s\fP|\f3m\fP|\f3h\fP]
.br
Set the idle timeout of the console to
.I number
@ -553,17 +623,14 @@ If an `s', `m', or `h' is used after
the specified time is interpreted as seconds, minutes, or hours.
Set the timeout to zero to disable the idle timeout (the default).
.TP
.B include
.I default
\f3include\fP \f2default\fP
.br
The default block defined using the name
.I default
is applied to the current console or default block.
The included default block must be previously defined.
.TP
.B initcmd
.RI [ " command "
| "" ]
\f3initcmd\fP \f2command\fP|\f3""\fP
.br
Invoke
.I command
@ -573,12 +640,70 @@ to stdin, stdout, and stderr of
The
.I command
is passed as an argument to ``/bin/sh -ce''.
If the null string (``""'') is used, the command is unset and
If the null string (``\f3""\fP'') is used, the command is unset and
nothing is invoked.
.TP
.B initsubst
.RI [ c = t [ n ] f "[,...]"
| "" ]
\f3initrunas\fP [\f2user\fP][:\f2group\fP]|\f3""\fP
.br
By default, the command invoked by
.B initcmd
is run with the same privileges as the server.
If the server is running with root privileges, this option resets the user
and/or group of the invoked process to
.I user
and
.I group
respectively.
.I user
may be a username or numeric uid and
.I group
may be a group name or numeric gid.
Either one is optional.
If the server is not running with root privileges, these values
are not used.
If the null string (``\f3""\fP'') is specified, the default of running
with the same privileges as the server is restored.
.TP
\f3initspinmax\fP \f2n\fP|\f3""\fP
.br
Set the maximum number of ``spins'' allowed for the console to
.IR n ,
where 0 <=
.I n
<= 254.
A console is determined to be ``spinning'' if an attempt to initialize
the console occurs in under
.B initspintimer
seconds from its previous initialization and this quick
initialization occurs
.B initspinmax
times in a row.
If, at any point, the time between initializations is greater than
.BR initspintimer ,
the counter for reaching
.B initspinmax
resets to zero.
When a console is determined to be ``spinning'' it is forced down.
If the null string (``\f3""\fP'') is specified, the default of
.B 5
is used.
.TP
\f3initspintimer\fP \f2t\fP|\f3""\fP
.br
Set the number of seconds a console must be ``up'' to not be
considered ``spinning'' to
.IR t ,
where 0 <=
.I t
<= 254.
See
.B initspinmax
for a full description of console ``spinning.''
If the null string (``\f3""\fP'') is specified, the default of
.B 1
is used.
.TP
\f3initsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
.br
Perform character substitutions on the
.B initcmd
@ -586,11 +711,9 @@ value.
See the
.B devicesubst
option for an explanation of the format string.
If the null string (``""'') is used, no replacements will be done.
If the null string (``\f3""\fP'') is used, no replacements will be done.
.TP
.B logfile
.RI [ " filename "
| "" ]
\f3logfile\fP \f2filename\fP|\f3""\fP
.br
Assign the logfile specified by
.I filename
@ -598,15 +721,14 @@ to the console.
Any occurrence of ``&'' in
.I filename
will be replaced with the name of the console.
If the null string (``""'') is used, the logfile name is unset and
If the null string (``\f3""\fP'') is used, the logfile name is unset and
no logging will occur.
.TP
.B logfilemax
.BR \fInumber\fP [ k | m ]
\f3logfilemax\fP \f2number\fP[\f3k\fP|\f3m\fP]
.br
Enable automatic rotation of
.B logfile
once it's size exceeds
once its size exceeds
.I number
bytes.
Specifying
@ -635,8 +757,7 @@ logfile is read from the end of the file.
All data past the first newline is moved (not copied) to the new logfile
so that a replay of the console works and starts on a line boundary.
.TP
.B master
.RI [ " hostname " | " ipaddr " ]
\f3master\fP \f2hostname\fP|\f3ipaddr\fP
.br
Define which conserver host manages the console.
The host may be specified by
@ -644,19 +765,15 @@ The host may be specified by
or using the address
.IR ipaddr .
.TP
.B motd
.RI [ " message "
| "" ]
\f3motd\fP \f2message\fP|\f3""\fP
.br
Set the "message of the day" for the console to
.IR message ,
which gets displayed when a client attaches to the console.
If the null string (``""'') is used, the MOTD is unset and
If the null string (``\f3""\fP'') is used, the MOTD is unset and
no message will occur.
.TP
.B options
.RI [ " option" ,...
| "" ]
\f3options\fP [\f3!\fP]option[\f3,\fP...]|\f3""\fP
.br
You can negate the option by prefixing it with a
.RB `` ! ''
@ -760,7 +877,7 @@ Default is
.BR autoreinit .
.TP
.B unloved
Enable the sending of this console's output (prefixed with it's
Enable the sending of this console's output (prefixed with its
name) to the daemon's stdout (or the logfile if in daemon mode) when no
clients are connected to the console.
The conserver option
@ -771,14 +888,12 @@ Default is
.PD
.RE
.TP
.B parity
.RB [ " even " | " mark " | " none " | " odd " | " space " ]
\f3parity\fP \f3even\fP|\f3mark\fP|\f3none\fP|\f3odd\fP|\f3space\fP
.br
Set the parity option for the console.
Only consoles of type ``device'' will use this value.
.TP
.B port
.RI [ " number " | " name " ]
\f3port\fP \f2number\fP|\f2name\fP
.br
Set the port used to access the console.
The port may be specified as a
@ -820,8 +935,7 @@ or
.B initsubst
keywords are used in any console type, this value is used.
.TP
.B portbase
.I number
\f3portbase\fP \f2number\fP
.br
Set the base value for the port calculation formula.
.I number
@ -831,8 +945,7 @@ See
.B port
for the details of the formula.
.TP
.B portinc
.I number
\f3portinc\fP \f2number\fP
.br
Set the increment value for the port calculation formula.
.I number
@ -842,8 +955,7 @@ See
.B port
for the details of the formula.
.TP
.B protocol
.RB [ " telnet " | " raw " ]
\f3protocol\fP \f3telnet\fP|\f3raw\fP
.br
Set the protocol used to send and receive data from the console.
If
@ -857,9 +969,7 @@ The
console option still applies when data is read by the server, and if enabled,
can impact the encapsulation process.
.TP
.B ro
.RI "[ [\fB!\fP]" username ,...
| "" ]
\f3ro\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
.br
Define a list of users making up the read-only access list
for the console.
@ -868,14 +978,22 @@ If
matches a previously defined group name, all members of the previous
group are applied to the read-only access list (with access reversed
if prefixed with a `!').
Otherwise, users will be granted (or denied if prefixed with `!')
read-only access.
If the null string (``""'') is used, any
If
.I username
doesn't match a previously defined group and
.I username
begins with `@', the name (minus the `@') is checked against the
host's group database.
All users found in the group will be granted (or denied, if prefixed
with `!') read-only access.
If
.I username
doesn't match a previous group and doesn't begin with `@', the users
will be granted (or denied, if prefixed with `!') read-only access.
If the null string (``\f3""\fP'') is used, any
users previously defined for the console's read-only list are removed.
.TP
.B rw
.RI "[ [\fB!\fP]" username ,...
| "" ]
\f3rw\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
.br
Define a list of users making up the read-write access list
for the console.
@ -884,15 +1002,22 @@ If
matches a previously defined group name, all members of the previous
group are applied to the read-write access list (with access reversed
if prefixed with a `!').
Otherwise, users will be granted (or denied if prefixed with `!')
read-write access.
If the null string (``""'') is used, any
If
.I username
doesn't match a previously defined group and
.I username
begins with `@', the name (minus the `@') is checked against the
host's group database.
All users found in the group will be granted (or denied, if prefixed
with `!') read-write access.
If
.I username
doesn't match a previous group and doesn't begin with `@', the users
will be granted (or denied, if prefixed with `!') read-write access.
If the null string (``\f3""\fP'') is used, any
users previously defined for the console's read-write list are removed.
.TP
.B timestamp
[
.RB [ \fInumber\fP [ m | h | d | l ]][ a ][ b ]
| "" ]
\f3timestamp\fP [\f2number\fP[\f3m\fP|\f3h\fP|\f3d\fP|\f3l\fP]][\f3a\fP][\f3b\fP]|\f3""\fP
.br
Specifies the time between timestamps applied to the console
log file and whether to log read/write connection actions.
@ -921,8 +1046,7 @@ A
.RB ` b '
can be specified to add logging of break sequences sent to the console.
.TP
.B type
.RB [ " device " | " exec " | " host " ]
\f3type\fP \f3device\fP|\f3exec\fP|\f3host\fP
.br
Set the type of console.
The type
@ -942,17 +1066,14 @@ and
.B port
options).
.RE
.TP 8
.B group
.I name
.TP
\f3group\fP \f2name\fP
.br
Define a user group identified as
.I name
.RS
.TP 15
.B users
.RI "[ [\fB!\fP]" username ,...
| "" ]
.TP
\f3users\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP
.br
Define a list of users making up the group
.IR name .
@ -961,9 +1082,19 @@ If
matches a previously defined group name, all members of the previous
group are applied to the current group (with access reversed
if prefixed with a `!').
Otherwise, users will be recorded with (or without if prefixed with `!')
access.
If the null string (``""'') is used, any
If
.I username
doesn't match a previously defined group and
.I username
begins with `@', the name (minus the `@') is checked against the
host's group database.
All users found in the group will be recorded with (or without, if prefixed
with `!') access.
If
.I username
doesn't match a previous group and doesn't begin with `@', the users
will be recorded with (or without, if prefixed with `!') access.
If the null string (``\f3""\fP'') is used, any
users previously defined for this group are removed.
.RE
.SH AUTHORS

2
conserver.cf/conserver.passwd.man
View File

@ -1,5 +1,5 @@
.\" $Id: conserver.passwd.man,v 1.10 2004/01/08 16:12:33 bryan Exp $
.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.3" "conserver"
.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.13" "conserver"
.SH NAME
conserver.passwd \- user access information for
.BR conserver (8)

15
conserver.html
View File

@ -36,7 +36,8 @@
<TD colspan="2" align="center">Please pick your closest
mirror: &nbsp;&nbsp;<A href=
"http://planetmirror.com/pub/conserver/">Australia</A>
&nbsp;&nbsp;<A href="http://www.conserver.com/">US
&nbsp;&nbsp;<A href="http://conserver.rinet.ru/">Russia</A>
&nbsp;&nbsp;<A href="http://www.conserver.com/">US-West
(Primary)</A><BR>
<BR>
</TD>
@ -159,7 +160,7 @@
He isn't actively developing it, however, according to
the website. Next, there's Kevin Braunsdorf's version at
<A href=
"ftp://ftp.physics.purdue.edu/pub/pundits/">ftp://ftp.physics.purdue.edu/pub/pundits/</A>.
"http://www.npcguild.org/software/pundits/">http://www.npcguild.org/software/pundits/</A>.
It doesn't look like Kevin is working on his thread ony
more either. No new versions have been out since August
2000 (version 8.5), but maybe this info will be out of
@ -181,11 +182,11 @@
<H3>Downloading</H3>
<P>The current version, released on Mar 22, 2004, is <A
href="8.1.3.tar.gz">8.1.3.tar.gz</A>. You can get it via
<A href=
"ftp://ftp.conserver.com/conserver/8.1.3.tar.gz">FTP</A>
or <A href="8.1.3.tar.gz">HTTP</A>. See the <A href=
<P>The current version, released on Jan 15, 2006, is <A
href="8.1.13.tar.gz">8.1.13.tar.gz</A>. You can get it
via <A href=
"ftp://ftp.conserver.com/conserver/8.1.13.tar.gz">FTP</A>
or <A href="8.1.13.tar.gz">HTTP</A>. See the <A href=
"CHANGES">CHANGES</A> file for information on the latest
updates.</P>

4
conserver/Makefile.in
View File

@ -7,6 +7,8 @@ sbindir = @sbindir@
sysconfdir = @sysconfdir@
mandir = @mandir@
datadir = @datadir@
libdir = @libdir@
pkglibdir = $(libdir)/conserver
exampledir = $(datadir)/examples/conserver
### Installation programs and flags
@ -63,5 +65,7 @@ install: conserver
$(INSTALL) conserver.man $(DESTDIR)$(mandir)/man8/conserver.8
$(MKDIR) $(DESTDIR)$(exampledir)
$(INSTALL) conserver.rc $(DESTDIR)$(exampledir)
$(MKDIR) $(DESTDIR)$(pkglibdir)
$(INSTALL) convert $(DESTDIR)$(pkglibdir)/convert
.PHONY: clean distclean install

40
conserver/access.c
View File

@ -1,5 +1,5 @@
/*
* $Id: access.c,v 5.71 2003/11/20 13:56:38 bryan Exp $
* $Id: access.c,v 5.73 2004/05/23 16:44:25 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -171,7 +171,8 @@ AccType(addr, peername)
hname = he->h_aliases[a++]) {
if ((revNames[a] = StrDup(hname)) == (char *)0)
break;
CONDDEBUG((1,"AccType(): revNames[%d]='%s'", a, hname));
CONDDEBUG((1, "AccType(): revNames[%d]='%s'", a,
hname));
}
}
}
@ -280,11 +281,26 @@ SetDefAccess(pAddr, pHost)
char *pHost;
#endif
{
char *pcDomain;
char *addr;
ACCESS *a;
while (pACList != (ACCESS *)0) {
a = pACList->pACnext;
DestroyAccessList(pACList);
pACList = a;
}
#if USE_UNIX_DOMAIN_SOCKETS
if ((pACList = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
OutOfMem();
if ((pACList->pcwho = StrDup("127.0.0.1")) == (char *)0)
OutOfMem();
pACList->ctrust = 'a';
CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
pACList->pcwho));
#else
while (pAddr->s_addr != (in_addr_t) 0) {
char *addr;
addr = inet_ntoa(*pAddr);
if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
OutOfMem();
@ -298,21 +314,7 @@ SetDefAccess(pAddr, pHost)
pACList->pcwho));
pAddr++;
}
if ((char *)0 == (pcDomain = strchr(pHost, '.')))
return;
++pcDomain;
if ((a = (ACCESS *)calloc(1, sizeof(ACCESS))) == (ACCESS *)0)
OutOfMem();
if ((a->pcwho = StrDup(pcDomain)) == (char *)0)
OutOfMem();
a->ctrust = 'a';
a->pACnext = pACList;
pACList = a;
CONDDEBUG((1, "SetDefAccess(): trust=%c, who=%s", pACList->ctrust,
pACList->pcwho));
#endif
}
void

99
conserver/client.c
View File

@ -1,5 +1,5 @@
/*
* $Id: client.c,v 5.81 2004/03/20 14:40:40 bryan Exp $
* $Id: client.c,v 5.89 2005/09/04 00:28:58 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -41,6 +41,7 @@
#include <access.h>
#include <client.h>
#include <group.h>
#include <readcfg.h>
#if defined(USE_LIBWRAP)
#include <syslog.h>
@ -67,9 +68,7 @@ FindWrite(pCE)
* most recent or some such... I guess it doesn't matter that
* much.
*/
if (pCE->pCLwr != (CONSCLIENT *)0 || pCE->fronly ||
!(pCE->fup && pCE->ioState == ISNORMAL &&
pCE->initfile == (CONSFILE *)0))
if (pCE->pCLwr != (CONSCLIENT *)0 || pCE->fronly)
return;
for (pCL = pCE->pCLon; (CONSCLIENT *)0 != pCL; pCL = pCL->pCLnext) {
@ -89,6 +88,25 @@ FindWrite(pCE)
}
}
void
#if PROTOTYPES
BumpClient(CONSENT *pCE, char *message)
#else
BumpClient(pCE, message)
CONSENT *pCE;
char *message;
#endif
{
if ((CONSCLIENT *)0 == pCE->pCLwr)
return;
if ((char *)0 != message)
FileWrite(pCE->pCLwr->fd, FLAGFALSE, message, -1);
pCE->pCLwr->fwantwr = 0;
pCE->pCLwr->fwr = 0;
pCE->pCLwr = (CONSCLIENT *)0;
}
/* replay last iBack lines of the log file upon connect to console (ksb)
*
* NB: we know the console might be spewing when the replay happens,
@ -233,25 +251,21 @@ Replay(pCE, fdOut, iBack)
/* this is a mark and the previous line is also
* a mark, so make (or continue) that range
*/
if (0 == lines[ln - 1].mark_end->allocated) {
if (0 == lines[ln - 1].mark_end->used) {
/* this is a new range - shuffle pointers
*
* remember that we are moving backward
*/
*(lines[ln - 1].mark_end) = *(lines[ln - 1].line);
InitString(lines[ln - 1].line);
}
/* if unallocated, cheat and shuffle pointers */
if (0 == lines[ln - 1].line->allocated) {
*(lines[ln - 1].line) = *(lines[ln].line);
InitString(lines[ln].line);
} else {
BuildStringN(lines[ln - 1].line->string,
lines[ln - 1].line->used - 1,
lines[ln - 1].mark_end);
BuildString((char *)0, lines[ln - 1].line);
BuildStringN(lines[ln].line->string,
lines[ln].line->used - 1,
lines[ln - 1].line);
BuildString((char *)0, lines[ln].line);
}
BuildString((char *)0, lines[ln - 1].line);
BuildStringN(lines[ln].line->string,
lines[ln].line->used - 1,
lines[ln - 1].line);
BuildString((char *)0, lines[ln].line);
ln--;
}
lines[ln].is_mark = is_mark;
@ -315,8 +329,7 @@ Replay(pCE, fdOut, iBack)
if ((char *)0 != s) {
*s = '\000';
}
FileWrite(fdOut, FLAGTRUE, lines[i].line->string,
lines[i].line->used - 1);
FileWrite(fdOut, FLAGTRUE, lines[i].line->string, -1);
FileWrite(fdOut, FLAGTRUE, " .. ", 4);
/* build the end string by removing the leading "[-- MARK -- "
@ -369,6 +382,7 @@ Replay(pCE, fdOut, iBack)
#define WHEN_ATTACH 0x02
#define WHEN_EXPERT 0x04 /* ZZZ no way to set his yet */
#define WHEN_ALWAYS 0x40
#define IS_LIMITED 0x100
#define HALFLINE 40
@ -379,7 +393,7 @@ typedef struct HLnode {
static HELP aHLTable[] = {
{WHEN_ALWAYS, ". disconnect"},
{WHEN_ALWAYS, "; move to another console"},
{WHEN_ALWAYS | IS_LIMITED, "; move to another console"},
{WHEN_ALWAYS, "a attach read/write"},
{WHEN_ALWAYS, "b send broadcast message"},
{WHEN_ATTACH, "c toggle flow control"},
@ -401,8 +415,8 @@ static HELP aHLTable[] = {
{WHEN_ALWAYS, "v show version info"},
{WHEN_ALWAYS, "w who is on this console"},
{WHEN_ALWAYS, "x show console baud info"},
{WHEN_ALWAYS, "z suspend the connection"},
{WHEN_ATTACH, "| attach local command"},
{WHEN_ALWAYS | IS_LIMITED, "z suspend the connection"},
{WHEN_ATTACH | IS_LIMITED, "| attach local command"},
{WHEN_ALWAYS, "? print this message"},
{WHEN_ALWAYS, "<cr> ignore/abort command"},
{WHEN_ALWAYS, "^R replay the last line"},
@ -417,7 +431,7 @@ void
#if PROTOTYPES
HelpUser(CONSCLIENT *pCL)
#else
HelpUser(pCL)
HelpUser(pCL, pCE)
CONSCLIENT *pCL;
#endif
{
@ -440,9 +454,13 @@ HelpUser(pCL)
BuildString((char *)0, acLine);
for (i = 0; i < sizeof(aHLTable) / sizeof(HELP); ++i) {
if (0 == (aHLTable[i].iwhen & iCmp)) {
if (aHLTable[i].iwhen & IS_LIMITED &&
ConsentUserOk(pLUList, pCL->username->string) == 1)
continue;
}
if (0 == (aHLTable[i].iwhen & iCmp))
continue;
if (acLine->used != 0) { /* second part of line */
if (strlen(aHLTable[i].actext) < HALFLINE) {
for (j = acLine->used; j <= HALFLINE; ++j) {
@ -488,17 +506,34 @@ ClientAccessOk(pCL)
#endif
{
char *peername = (char *)0;
int retval = 1;
#if USE_UNIX_DOMAIN_SOCKETS
struct in_addr addr;
# if HAVE_INET_ATON
inet_aton("127.0.0.1", &addr);
# else
addr.s_addr = inet_addr("127.0.0.1");
# endif
pCL->caccess = AccType(&addr, &peername);
if (pCL->caccess == 'r') {
FileWrite(pCL->fd, FLAGFALSE, "access from your host refused\r\n",
-1);
retval = 0;
}
#else
socklen_t so;
int cfd;
struct sockaddr_in in_port;
int retval = 1;
int getpeer = -1;
cfd = FileFDNum(pCL->fd);
pCL->caccess = 'r';
#if defined(USE_LIBWRAP)
# if defined(USE_LIBWRAP)
{
struct request_info request;
CONDDEBUG((1, "ClientAccessOk(): doing tcpwrappers check"));
request_init(&request, RQ_DAEMON, progname, RQ_FILE, cfd, 0);
fromhost(&request);
if (!hosts_access(&request)) {
@ -508,7 +543,7 @@ ClientAccessOk(pCL)
goto setpeer;
}
}
#endif
# endif
so = sizeof(in_port);
if (-1 ==
@ -523,16 +558,22 @@ ClientAccessOk(pCL)
-1);
retval = 0;
}
setpeer:
#endif
if (pCL->peername != (STRING *)0) {
BuildString((char *)0, pCL->peername);
if (peername != (char *)0)
BuildString(peername, pCL->peername);
#if USE_UNIX_DOMAIN_SOCKETS
else
BuildString("127.0.0.1", pCL->peername);
#else
else if (getpeer != -1)
BuildString(inet_ntoa(in_port.sin_addr), pCL->peername);
else
BuildString("<unknown>", pCL->peername);
#endif
}
if (peername != (char *)0)
free(peername);

4
conserver/client.h
View File

@ -1,5 +1,5 @@
/*
* $Id: client.h,v 5.36 2003/12/25 19:22:00 bryan Exp $
* $Id: client.h,v 5.40 2005/06/07 19:55:51 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -58,6 +58,7 @@ typedef struct client { /* Connection Information: */
short fwantwr; /* (client) wants to write */
short fro; /* read-only permission */
short fecho; /* echo commands (not set by machines) */
short fiwait; /* client wanting for console init */
STRING *acid; /* login and location of client */
STRING *peername; /* location of client */
STRING *username; /* login of client */
@ -88,3 +89,4 @@ extern void Replay PARAMS((CONSENT *, CONSFILE *, int));
extern void HelpUser PARAMS((CONSCLIENT *));
extern void FindWrite PARAMS((CONSENT *));
extern int ClientAccessOk PARAMS((CONSCLIENT *));
extern void BumpClient PARAMS((CONSENT *, char *));

123
conserver/consent.c
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.c,v 5.137 2004/02/20 14:58:13 bryan Exp $
* $Id: consent.c,v 5.145 2005/06/08 18:09:40 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -324,20 +324,6 @@ StartInit(pCE)
StopInit(pCE);
}
if (pCE->pCLwr != (CONSCLIENT *)0) {
CONSCLIENT *pCL = pCE->pCLwr;
pCL->fwr = 0;
pCL->fwantwr = 1;
/*
FileWrite(pCL->fd,
"[forced to `spy' mode by initialization command]\r\n",
-1);
TagLogfileAct(pCE, "initialization command bumped %s",
pCL->acid->string);
*/
pCE->pCLwr = (CONSCLIENT *)0;
}
/* pin[0] = parent read, pin[1] = child write */
if (pipe(pin) != 0) {
Error("[%s] StartInit(): pipe(): %s", pCE->server,
@ -435,6 +421,13 @@ StartInit(pCE)
close(pout[0]);
close(pin[1]);
if (geteuid() == 0) {
if (pCE->initgid != 0)
setgid(pCE->initgid);
if (pCE->inituid != 0)
setuid(pCE->inituid);
}
tcsetpgrp(0, iNewGrp);
apcArgv[2] = pCE->initcmd;
@ -524,6 +517,15 @@ VirtDev(pCE)
Error("[%s] fd sync error", pCE->server);
Bye(EX_OSERR);
}
if (geteuid() == 0) {
if (pCE->execgid != 0)
setgid(pCE->execgid);
if (pCE->execuid != 0) {
fchown(0, pCE->execuid, -1);
setuid(pCE->execuid);
}
}
# if HAVE_STROPTS_H && !defined(_AIX)
/* SYSVr4 semantics for opening stream ptys (gregf)
* under PTX (others?) we have to push the compatibility
@ -606,6 +608,39 @@ VirtDev(pCE)
return -1;
}
char *
#if PROTOTYPES
ConsState(CONSENT *pCE)
#else
ConsState(pCE)
CONSENT *pCE;
#endif
{
if (!pCE->fup)
return "down";
if (pCE->initfile != (CONSFILE *)0)
return "initializing";
switch (pCE->ioState) {
case ISNORMAL:
return "up";
case INCONNECT:
return "connecting";
case ISDISCONNECTED:
return "disconnected";
#if HAVE_OPENSSL
case INSSLACCEPT:
return "SSL_accept";
case INSSLSHUTDOWN:
return "SSL_shutdown";
#endif
case ISFLUSHING:
return "flushing";
}
return "in unknown state";
}
/* down a console, virtual or real (ksb)
*
* this should be kept pretty simple, 'cause the config file reading code
@ -678,6 +713,40 @@ ConsInit(pCE)
extern int FallBack PARAMS((char **, int *));
int cofile = -1;
int ret;
#if HAVE_GETTIMEOFDAY
struct timeval tv;
#else
time_t tv;
#endif
if (pCE->spintimer > 0 && pCE->spinmax > 0) {
#if HAVE_GETTIMEOFDAY
if (gettimeofday(&tv, (void *)0) == 0) {
/* less than pCE->spintimer seconds gone by? */
if ((tv.tv_sec <= pCE->lastInit.tv_sec + pCE->spintimer - 1)
|| (tv.tv_sec == pCE->lastInit.tv_sec + 1 &&
tv.tv_usec <= pCE->lastInit.tv_usec)) {
#else
if ((tv = time((time_t *)0)) != (time_t)-1) {
/* less than pCE->spintimer seconds gone by? (approx) */
if (tv <= pCE->lastInit + pCE->spintimer) {
#endif
pCE->spincount++;
if (pCE->spincount >= pCE->spinmax) {
pCE->spincount = 0;
pCE->lastInit = tv;
Error
("[%s] initialization rate exceeded: forcing down",
pCE->server);
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
} else
pCE->spincount = 0;
pCE->lastInit = tv;
} else
pCE->spincount = 0;
}
/* clean up old stuff
*/
@ -734,7 +803,9 @@ ConsInit(pCE)
{
struct sockaddr_in port;
struct hostent *hp;
size_t one = 1;
#if HAVE_SETSOCKOPT
int one = 1;
#endif
usleep(100000); /* Not all terminal servers can keep up */
@ -767,6 +838,7 @@ ConsInit(pCE)
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
#if HAVE_SETSOCKOPT
if (setsockopt
(cofile, SOL_SOCKET, SO_KEEPALIVE, (char *)&one,
sizeof(one)) < 0) {
@ -776,6 +848,7 @@ ConsInit(pCE)
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
return;
}
#endif
if (!SetFlags(cofile, O_NONBLOCK, 0)) {
ConsDown(pCE, FLAGTRUE, FLAGTRUE);
@ -805,19 +878,18 @@ ConsInit(pCE)
if (ret == 0) {
pCE->ioState = ISNORMAL;
pCE->stateTimer = 0;
pCE->fup = 1;
} else {
pCE->ioState = INCONNECT;
pCE->stateTimer = time((time_t *)0) + CONNECTTIMEOUT;
if (timers[T_STATE] == (time_t)0 ||
timers[T_STATE] > pCE->stateTimer)
timers[T_STATE] = pCE->stateTimer;
pCE->fup = 1;
}
pCE->fup = 1;
break;
case DEVICE:
if (-1 ==
(cofile = open(pCE->device, O_RDWR | O_NDELAY, 0600))) {
(cofile = open(pCE->device, O_RDWR | O_NONBLOCK, 0600))) {
Error("[%s] open(%s): %s: forcing down", pCE->server,
pCE->device, strerror(errno));
@ -891,12 +963,19 @@ ConsInit(pCE)
}
if (pCE->downHard == FLAGTRUE) {
if (pCE->ioState == ISNORMAL)
if (pCE->ioState == ISNORMAL) {
Msg("[%s] console up", pCE->server);
else
pCE->downHard = FLAGFALSE;
} else
Msg("[%s] console initializing", pCE->server);
pCE->downHard = FLAGFALSE;
}
#if HAVE_GETTIMEOFDAY
if (gettimeofday(&tv, (void *)0) == 0)
pCE->lastInit = tv;
#else
if ((tv = time((time_t *)0)) != (time_t)-1)
pCE->lastInit = tv;
#endif
if (pCE->ioState == ISNORMAL)
StartInit(pCE);

17
conserver/consent.h
View File

@ -1,5 +1,5 @@
/*
* $Id: consent.h,v 5.56 2004/02/20 14:58:14 bryan Exp $
* $Id: consent.h,v 5.63 2005/06/08 18:09:40 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -96,10 +96,12 @@ typedef struct consent { /* console information */
unsigned short port; /* port number | portinc * port */
unsigned short portbase; /* port base */
unsigned short portinc; /* port increment */
unsigned short raw; /* raw or telnet protocol? */
FLAG raw; /* raw or telnet protocol? */
/* type == EXEC */
char *exec; /* exec command */
char *execsubst; /* exec substitution pattern */
uid_t execuid; /* user to run exec as */
gid_t execgid; /* group to run exec as */
/* global stuff */
char *master; /* master hostname */
unsigned short breakNum; /* break type [1-9] */
@ -107,9 +109,13 @@ typedef struct consent { /* console information */
off_t logfilemax; /* size limit for rolling logfile */
char *initcmd; /* initcmd command */
char *initsubst; /* initcmd substitution pattern */
uid_t inituid; /* user to run initcmd as */
gid_t initgid; /* group to run initcmd as */
char *motd; /* motd */
time_t idletimeout; /* idle timeout */
char *idlestring; /* string to print when idle */
unsigned short spinmax; /* initialization spin maximum */
unsigned short spintimer; /* initialization spin timer */
/* timestamp stuff */
int mark; /* Mark (chime) interval */
long nextMark; /* Next mark (chime) time */
@ -135,6 +141,12 @@ typedef struct consent { /* console information */
IOSTATE ioState; /* state of the socket */
time_t stateTimer; /* timer for ioState states */
time_t lastWrite; /* time of last data sent to console */
#if HAVE_GETTIMEOFDAY
struct timeval lastInit; /* time of last initialization */
#else
time_t lastInit; /* time of last initialization */
#endif
unsigned short spincount; /* initialization spin counter */
/*** state information ***/
char acline[132 * 2 + 2]; /* max chars we will call a line */
@ -170,3 +182,4 @@ extern REMOTE *FindUniq PARAMS((REMOTE *));
extern void DestroyRemoteConsole PARAMS((REMOTE *));
extern void StartInit PARAMS((CONSENT *));
extern void StopInit PARAMS((CONSENT *));
extern char *ConsState PARAMS((CONSENT *));

68
conserver/conserver.man
View File

@ -1,6 +1,6 @@
.\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine
.\" $Id: conserver.man,v 1.43 2004/03/23 01:02:29 bryan Exp $
.TH CONSERVER 8 "2004/03/23" "conserver-8.1.3" "conserver"
.\" $Id: conserver.man,v 1.51 2005/04/02 09:59:48 bryan Exp $
.TH CONSERVER 8 "2005/04/02" "conserver-8.1.13" "conserver"
.SH NAME
conserver \- console server daemon
.SH SYNOPSIS
@ -11,7 +11,7 @@ conserver \- console server daemon
.RB [ \-m
.IR max ]
.RB [ \-M
.IR addr ]
.IR master ]
.RB [ \-p
.IR port ]
.RB [ \-b
@ -50,7 +50,7 @@ knowledge of the distribution of consoles among servers.)
.B Conserver
forks a child for each group of consoles it must manage
and assigns each process a port number to listen on.
The maximum number of consoles managed by each child process is set using
The maximum number of consoles managed by each child process is set using the
.B \-m
option.
The
@ -76,14 +76,31 @@ the
.BR conserver.cf (5)
access list.
.PP
When Unix domain sockets are used between the client and
server (enabled using
.BR --with-uds ),
authentication checks are done on the hardcoded address ``127.0.0.1''.
Automatic client redirection is also disabled (as if the
.B \-R
option was used) since the client cannot communicate with remote servers.
The directory used to hold the sockets is checked to make sure it's empty
when the server starts.
The server will
.B not
remove any files in the directory itself, just in case the directory is
accidentally specified as ``/etc'' or some other critical location.
The server will do its best to remove all the sockets when it shuts down,
but it could stop ungracefully (crash, ``kill -9'', etc)
and leave files behind.
It would then be up to the admin (or a creative startup script) to clean
up the directory before the server will start again.
.PP
.B Conserver
completely controls any connection to a console.
All escape sequences given by the user to
.B console
are passed to the server without interpretation.
The server recognizes and processes all escape sequences,
The suspend sequence is recognized by the server and sent back to the
client as a TCP out-of-band command, which the client processes.
The server recognizes and processes all escape sequences.
.PP
The
.B conserver
@ -217,7 +234,7 @@ option.
.B \-d
Become a daemon.
Disconnects from the controlling terminal and sends
all output to the logfile (see
all output (including any debug output) to the logfile (see
.BR \-L ).
.TP
.B \-D
@ -271,11 +288,21 @@ may be changed at compile time using the
.B --with-maxmemb
option.
.TP
.BI \-M addr
Set the address to listen on.
This allows conserver to bind to a
.BI \-M master
Normally, this allows conserver to bind to a
particular IP address (like `127.0.0.1') instead of all interfaces.
The default is to bind to all addresses.
However, if
.B --with-uds
was used to enable Unix domain sockets for client/server communication,
this points conserver to the directory where it should store the sockets.
The default
.I master
directory
.RB (`` /tmp/conserver '')
may be changed at compile time using the
.B --with-uds
option.
.TP
.B \-n
Obsolete (now a no-op); see
@ -291,6 +318,9 @@ Enable periodic attempts (every
.I min
minutes) to open (``bring up'') all downed
consoles (similar to sending a SIGUSR1).
Without this option, or if
.I min
is zero, no periodic attempts occur.
.TP
.BI \-p port
Set the TCP port for the master process to listen on.
@ -301,6 +331,9 @@ The default
may be changed at compile time using the
.B --with-port
option.
If the
.B --with-uds
option was used, this option is ignored.
.TP
.BI \-P passwd
Read the table of authorized user data from the file
@ -394,7 +427,7 @@ The second style is the character-based, escape-sequence mode, while
connected to a console.
.PP
The initial line-based mode begins the same for both the master process
and it's children.
and its children.
Upon a successful (non-rejected) client connection, an ``ok'' is sent.
The client then issues a command and the server responds to it with a
result string (``ok'' being the sign of success for most commands).
@ -402,7 +435,7 @@ The commands available are ``help'', ``ssl'' (if
SSL was built into the code), ``login'', and ``exit''.
Using the ``login'' command, the client authenticates and gains access to
the extended command set.
This is where the master process and it's children differ.
This is where the master process and its children differ.
The master process gives the client access to global commands, and the
child provides commands for interacting with the consoles it manages.
The ``help'' command, in both cases, will provide a complete
@ -418,14 +451,16 @@ any interaction with the server is done with the default escape sequence.
This is, by no means, a complete description of the entire client/server
interaction.
It is, however, a brief explanation in order to give a idea of
what the program does.
what the program does. See the
.B \s-1PROTOCOL\s0
file in the distribution for further details.
.SH FILES
.PP
The following default file locations may be overridden
at compile time or by the command-line options described above.
Run
.B conserver \-V
(with no other options) to see the defaults set at compile time.
to see the defaults set at compile time.
.PP
.PD 0
.TP 25
@ -443,6 +478,9 @@ the master conserver process ID
.TP
.B /var/log/conserver
log of errors and informational messages
.TP
.B /tmp/conserver
directory to hold Unix domain sockets (if enabled)
.PD
.PP
Additionally, output from individual consoles may be logged

14
conserver/convert.c
View File

@ -1,5 +1,5 @@
/*
* $Id: convert.c,v 1.8 2003/11/20 13:56:38 bryan Exp $
* $Id: convert.c,v 1.10 2004/05/28 01:08:28 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -41,6 +41,16 @@
#include <master.h>
#include <main.h>
#if defined(USE_LIBWRAP)
/* we don't use it...but we link to it */
int allow_severity;
int deny_severity;
#endif
SECTION sections[] = {
{(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
};
void
DestroyDataStructures()
@ -139,7 +149,7 @@ ReadLine2(fp, save, iLine)
if (!peek && (ret == (char *)0)) {
(*iLine)++;
wholeline = BuildString(bufstr->string, wholestr);
if (wholeline[0] == '\000')
if (wholeline != (char *)0 && wholeline[0] == '\000')
wholeline = (char *)0;
}

1023
conserver/cutil.c
View File

File diff suppressed because it is too large Load Diff

42
conserver/cutil.h
View File

@ -1,5 +1,5 @@
/*
* $Id: cutil.h,v 1.61 2004/03/10 02:55:45 bryan Exp $
* $Id: cutil.h,v 1.64 2006/01/15 17:10:14 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -70,6 +70,7 @@ typedef struct consFile {
int fd;
int fdout; /* only used when a simplePipe */
STRING *wbuf;
FLAG errored;
FLAG quoteiac;
FLAG sawiac;
FLAG sawiacsusp;
@ -89,6 +90,37 @@ typedef struct consFile {
#endif
} CONSFILE;
typedef struct item {
char *id;
void (*reg) PARAMS((char *));
} ITEM;
typedef struct section {
char *id;
void (*begin) PARAMS((char *));
void (*end) PARAMS((void));
void (*abort) PARAMS((void));
void (*destroy) PARAMS((void));
ITEM *items;
} SECTION;
typedef enum substToken {
ISNOTHING = 0,
ISNUMBER,
ISSTRING
} SUBSTTOKEN;
typedef struct subst {
SUBSTTOKEN tokens[255];
/* data for callback function
*/
void *data;
/* function to retrieve a value (as a char* or int or both) for
* a substitution
*/
int (*callback) PARAMS((char, char **, int *));
} SUBST;
extern int isMultiProc, fDebug, fVerbose, fErrorPrinted;
extern char *progname;
extern pid_t thepid;
@ -100,6 +132,10 @@ extern fd_set winit;
extern int maxfd;
extern int debugLineNo;
extern char *debugFileName;
extern int line; /* used by ParseFile */
extern char *file; /* used by ParseFile */
extern SECTION sections[]; /* used by ParseFile */
extern int isMaster;
extern const char *StrTime PARAMS((time_t *));
extern void Debug PARAMS((int, char *, ...));
@ -157,6 +193,10 @@ extern char *StrDup PARAMS((char *));
extern int ParseIACBuf PARAMS((CONSFILE *, void *, int *));
extern void *MemMove PARAMS((void *, void *, size_t));
extern char *StringChar PARAMS((STRING *, int, char));
extern void ParseFile PARAMS((char *, FILE *, int));
extern void ProbeInterfaces PARAMS((in_addr_t));
extern void ProcessSubst
PARAMS((SUBST *, char **, char **, char *, char *));
#if HAVE_OPENSSL
extern SSL *FileGetSSL PARAMS((CONSFILE *));
extern void FileSetSSL PARAMS((CONSFILE *, SSL *));

4
conserver/fallback.c
View File

@ -1,5 +1,5 @@
/*
* $Id: fallback.c,v 5.60 2003/11/20 13:56:38 bryan Exp $
* $Id: fallback.c,v 5.61 2004/04/16 16:58:09 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -210,7 +210,7 @@ GetPseudoTTY(slave, slaveFD)
continue;
}
if (0 > (fd = open(acMaster, O_RDWR | O_NDELAY, 0))) {
if (0 > (fd = open(acMaster, O_RDWR | O_NONBLOCK, 0))) {
continue;
}
acSlave[iIndex] = *pcOne;

716
conserver/group.c
View File

File diff suppressed because it is too large Load Diff

10
conserver/group.h
View File

@ -1,5 +1,5 @@
/*
* $Id: group.h,v 5.43 2003/12/20 06:11:53 bryan Exp $
* $Id: group.h,v 5.48 2005/05/21 17:56:14 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -41,7 +41,8 @@
#define T_REINIT 3
#define T_AUTOUP 4
#define T_ROLL 5
#define T_MAX 6 /* T_MAX *must* be last */
#define T_INITDELAY 6
#define T_MAX 7 /* T_MAX *must* be last */
/* return values used by CheckPass()
*/
@ -63,7 +64,7 @@ typedef struct grpent { /* group info */
extern time_t timers[];
extern void Spawn PARAMS((GRPENT *));
extern void Spawn PARAMS((GRPENT *, int));
extern int CheckPass PARAMS((char *, char *));
extern void TagLogfile PARAMS((const CONSENT *, char *, ...));
extern void TagLogfileAct PARAMS((const CONSENT *, char *, ...));
@ -79,7 +80,8 @@ PARAMS((GRPENT *, CONSCLIENT *, char *, FLAG));
extern int ClientAccess PARAMS((CONSENT *, char *));
extern void DestroyClient PARAMS((CONSCLIENT *));
extern int CheckPasswd PARAMS((CONSCLIENT *, char *));
extern void ExpandString PARAMS((char *, CONSENT *, short));
extern void DeUtmp PARAMS((GRPENT *, int));
extern void ClientWantsWrite PARAMS((CONSCLIENT *));
#if HAVE_OPENSSL
extern int AttemptSSL PARAMS((CONSCLIENT *));
#endif

391
conserver/main.c
View File

@ -1,5 +1,5 @@
/*
* $Id: main.c,v 5.178 2004/03/11 16:23:59 bryan Exp $
* $Id: main.c,v 5.196 2005/06/11 02:31:05 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -40,10 +40,7 @@
#include <readcfg.h>
#include <version.h>
#include <net/if.h>
#if HAVE_SYS_SOCKIO_H
# include <sys/sockio.h>
#endif
#include <dirent.h>
#if HAVE_OPENSSL
# include <openssl/opensslv.h>
#endif
@ -53,9 +50,8 @@ int fAll = 0, fNoinit = 0, fVersion = 0, fStrip = 0, fReopen =
0, fNoautoreup = 0, fSyntaxOnly = 0;
char *pcConfig = CONFIGFILE;
int isMaster = 1;
int cMaxMemb = MAXMEMB;
in_addr_t bindAddr;
in_addr_t bindAddr = INADDR_ANY;
unsigned short bindPort;
unsigned short bindBasePort;
static STRING *startedMsg = (STRING *)0;
@ -63,9 +59,9 @@ CONFIG *optConf = (CONFIG *)0;
CONFIG *config = (CONFIG *)0;
char *interface = (char *)0;
CONFIG defConfig =
{ (STRING *)0, 'r', FLAGFALSE, LOGFILEPATH, PASSWDFILE, DEFPORT,
FLAGTRUE,
FLAGTRUE, 0, DEFBASEPORT, (char *)0
{ (STRING *)0, FLAGTRUE, 'r', FLAGFALSE, LOGFILEPATH, PASSWDFILE,
DEFPORT,
FLAGTRUE, FLAGTRUE, 0, DEFBASEPORT, (char *)0, 0
#if HAVE_SETPROCTITLE
, FLAGFALSE
#endif
@ -327,6 +323,7 @@ SetupSSL()
#endif
{
if (ctx == (SSL_CTX *)0) {
char *ciphers;
SSL_load_error_strings();
if (!SSL_library_init()) {
Error("SetupSSL(): SSL_library_init() failed");
@ -356,6 +353,9 @@ SetupSSL()
config->sslcredentials);
Bye(EX_SOFTWARE);
}
ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH";
} else {
ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH";
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback);
SSL_CTX_set_options(ctx,
@ -366,8 +366,7 @@ SetupSSL()
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_AUTO_RETRY);
SSL_CTX_set_tmp_dh_callback(ctx, TmpDHCallback);
if (SSL_CTX_set_cipher_list(ctx, "ALL:!LOW:!EXP:!MD5:@STRENGTH") !=
1) {
if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) {
Error("SetupSSL(): setting SSL cipher list failed");
Bye(EX_SOFTWARE);
}
@ -476,6 +475,9 @@ Daemonize()
#if defined(SIGTSTP)
SimpleSignal(SIGTSTP, SIG_IGN);
#endif
#if defined(SIGXFSZ)
SimpleSignal(SIGXFSZ, SIG_IGN);
#endif
fflush(stdout);
fflush(stderr);
@ -523,7 +525,7 @@ Usage(wantfull)
#endif
{
static char u_terse[] =
"[-7dDEFhinoRSuvV] [-a type] [-m max] [-M addr] [-p port] [-b port] [-c cred] [-C config] [-P passwd] [-L logfile] [-O min] [-U logfile]";
"[-7dDEFhinoRSuvV] [-a type] [-m max] [-M master] [-p port] [-b port] [-c cred] [-C config] [-P passwd] [-L logfile] [-O min] [-U logfile]";
static char *full[] = {
"7 strip the high bit off all console data",
"a type set the default access type",
@ -546,11 +548,19 @@ Usage(wantfull)
"i initialize console connections on demand",
"L logfile give a new logfile path to the server process",
"m max maximum consoles managed per process",
"M addr address to listen on (all addresses by default)",
#if USE_UNIX_DOMAIN_SOCKETS
"M master directory that holds the Unix domain sockets",
#else
"M master address to listen on (all addresses by default)",
#endif
"n obsolete - see -u",
"o reopen downed console on client connect",
"O min reopen all downed consoles every <min> minutes",
#if USE_UNIX_DOMAIN_SOCKETS
"p port ignored - Unix domain sockets compiled into code",
#else
"p port port to listen on",
#endif
"P passwd give a new passwd file to the server process",
"R disable automatic client redirection",
"S syntax check of configuration file",
@ -595,6 +605,9 @@ Version()
#endif
#if TRUST_REVERSE_DNS
"trustrevdns",
#endif
#if USE_UNIX_DOMAIN_SOCKETS
"uds",
#endif
(char *)0
};
@ -616,9 +629,13 @@ Version()
Msg("default pidfile is `%s'", PIDFILE);
Msg("default limit is %d member%s per group", MAXMEMB,
MAXMEMB == 1 ? "" : "s");
#if USE_UNIX_DOMAIN_SOCKETS
Msg("default socket directory `%s'", UDSDIR);
#else
Msg("default primary port referenced as `%s'", defConfig.primaryport);
Msg("default secondary base port referenced as `%s'",
defConfig.secondaryport);
#endif
BuildString((char *)0, acA1);
if (optionlist[0] == (char *)0)
@ -639,10 +656,12 @@ Version()
BuildStringChar('0' + DMALLOC_VERSION_MINOR, acA1);
BuildStringChar('.', acA1);
BuildStringChar('0' + DMALLOC_VERSION_PATCH, acA1);
#if defined(DMALLOC_VERSION_BETA)
if (DMALLOC_VERSION_BETA != 0) {
BuildString("-b", acA1);
BuildStringChar('0' + DMALLOC_VERSION_BETA, acA1);
}
#endif
Msg("dmalloc version: %s", acA1->string);
#endif
#if HAVE_OPENSSL
@ -684,6 +703,7 @@ DestroyDataStructures()
pACList = pAC;
}
DestroyConsentUsers(&pADList);
DestroyConsentUsers(&pLUList);
DestroyConfig(pConfig);
DestroyConfig(optConf);
@ -708,6 +728,8 @@ DestroyDataStructures()
DestroyBreakList();
DestroyStrings();
DestroyUserList();
if (substData != (SUBST *)0)
free(substData);
}
void
@ -839,13 +861,13 @@ DumpDataStructures()
GRPENT *pGE;
CONSENT *pCE;
REMOTE *pRC;
char *empty = "<empty>";
#if HAVE_DMALLOC && DMALLOC_MARK_MAIN
CONDDEBUG((1, "DumpDataStructures(): dmalloc / MarkMain"));
dmalloc_log_changed(dmallocMarkMain, 1, 0, 1);
#endif
#define EMPTYSTR(x) x == (char *)0 ? empty : x
#define EMPTYSTR(x) x == (char *)0 ? "(null)" : x
#define FLAGSTR(x) x == FLAGTRUE ? "true" : (x == FLAGFALSE ? "false" : "unset")
if (!fDebug)
return;
@ -877,6 +899,9 @@ DumpDataStructures()
EMPTYSTR(pCE->execSlave),
EMPTYSTR(pCE->exec),
(unsigned long)pCE->ipid));
CONDDEBUG((1,
"DumpDataStructures(): execuid=%d, execgid=%d",
pCE->execuid, pCE->execgid));
break;
case HOST:
@ -884,9 +909,9 @@ DumpDataStructures()
"DumpDataStructures(): server=%s, type=HOST",
EMPTYSTR(pCE->server)));
CONDDEBUG((1,
"DumpDataStructures(): host=%s, raw=%hu, netport=%hu, port=%hu, telnetState=%d",
EMPTYSTR(pCE->host), pCE->raw, pCE->netport,
pCE->port, pCE->telnetState));
"DumpDataStructures(): host=%s, raw=%s, netport=%hu, port=%hu, telnetState=%d",
EMPTYSTR(pCE->host), FLAGSTR(pCE->raw),
pCE->netport, pCE->port, pCE->telnetState));
break;
case UNKNOWNTYPE:
CONDDEBUG((1,
@ -908,36 +933,34 @@ DumpDataStructures()
CONDDEBUG((1,
"DumpDataStructures(): mark=%d, nextMark=%ld, autoReup=%hu, downHard=%s",
pCE->mark, pCE->nextMark, pCE->autoReUp,
pCE->downHard == FLAGTRUE ? "true" : "false"));
FLAGSTR(pCE->downHard)));
CONDDEBUG((1,
"DumpDataStructures(): nolog=%d, cofile=%d, activitylog=%s, breaklog=%s",
pCE->nolog, FileFDNum(pCE->cofile),
pCE->activitylog == FLAGTRUE ? "true" : "false",
pCE->breaklog == FLAGTRUE ? "true" : "false"));
FLAGSTR(pCE->activitylog), FLAGSTR(pCE->breaklog)));
CONDDEBUG((1,
"DumpDataStructures(): ixon=%s, ixany=%s, ixoff=%s",
pCE->ixon == FLAGTRUE ? "true" : "false",
pCE->ixany == FLAGTRUE ? "true" : "false",
pCE->ixoff == FLAGTRUE ? "true" : "false"));
FLAGSTR(pCE->ixon), FLAGSTR(pCE->ixany),
FLAGSTR(pCE->ixoff)));
CONDDEBUG((1,
"DumpDataStructures(): autoreinit=%s, hupcl=%s, cstopb=%s, ondemand=%s",
pCE->autoreinit == FLAGTRUE ? "true" : "false",
pCE->hupcl == FLAGTRUE ? "true" : "false",
pCE->cstopb == FLAGTRUE ? "true" : "false",
pCE->ondemand == FLAGTRUE ? "true" : "false"));
FLAGSTR(pCE->autoreinit), FLAGSTR(pCE->hupcl),
FLAGSTR(pCE->cstopb), FLAGSTR(pCE->ondemand)));
#if defined(CRTSCTS)
CONDDEBUG((1, "DumpDataStructures(): crtscts=%s",
pCE->crtscts == FLAGTRUE ? "true" : "false"));
FLAGSTR(pCE->crtscts)));
#endif
CONDDEBUG((1,
"DumpDataStructures(): reinitoncc=%s, striphigh=%s, unloved=%s",
pCE->reinitoncc == FLAGTRUE ? "true" : "false",
pCE->striphigh == FLAGTRUE ? "true" : "false",
pCE->unloved == FLAGTRUE ? "true" : "false"));
"DumpDataStructures(): reinitoncc=%s, striphigh=%s",
FLAGSTR(pCE->reinitoncc), FLAGSTR(pCE->striphigh)));
CONDDEBUG((1, "DumpDataStructures(): unloved=%s",
FLAGSTR(pCE->unloved)));
CONDDEBUG((1,
"DumpDataStructures(): initpid=%lu, initcmd=%s, initfile=%d",
(unsigned long)pCE->initpid, EMPTYSTR(pCE->initcmd),
FileFDNum(pCE->initfile)));
CONDDEBUG((1, "DumpDataStructures(): inituid=%d, initgid=%d",
pCE->inituid, pCE->initgid));
CONDDEBUG((1,
"DumpDataStructures(): motd=%s, idletimeout=%d, idlestring=%s",
EMPTYSTR(pCE->motd), pCE->idletimeout,
@ -971,187 +994,93 @@ DumpDataStructures()
}
}
/* fills the myAddrs array with host interface addresses */
void
/* This makes sure a directory exists and tries to create it if it
* doesn't. returns 0 for success, -1 for error
*/
#if USE_UNIX_DOMAIN_SOCKETS
int
#if PROTOTYPES
ProbeInterfaces(void)
VerifyEmptyDirectory(char *d)
#else
ProbeInterfaces()
VerifyEmptyDirectory(d)
char *d;
#endif
{
#ifdef SIOCGIFCONF
struct ifconf ifc;
struct ifreq *ifr;
#ifdef SIOCGIFFLAGS
struct ifreq ifrcopy;
#endif
int sock;
int r = 0, m = 0;
int bufsize = 2048;
int count = 0;
struct stat dstat;
DIR *dir;
struct dirent *de;
STRING *path = (STRING *)0;
int retval = 0;
/* if we use -M, just fill the array with that interface */
if (bindAddr != INADDR_ANY) {
myAddrs = (struct in_addr *)calloc(2, sizeof(struct in_addr));
if (myAddrs == (struct in_addr *)0)
OutOfMem();
#if HAVE_MEMCPY
memcpy(&(myAddrs[0].s_addr), &bindAddr, sizeof(in_addr_t));
#else
bcopy(&bindAddr, &(myAddrs[0].s_addr), sizeof(in_addr_t));
#endif
Verbose("interface address %s (-M option)", inet_ntoa(myAddrs[0]));
return;
}
if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
Error("ProbeInterfaces(): socket(): %s", strerror(errno));
Bye(EX_OSERR);
}
while (bufsize) {
ifc.ifc_len = bufsize;
ifc.ifc_req = (struct ifreq *)malloc(ifc.ifc_len);
if (ifc.ifc_req == (struct ifreq *)0)
OutOfMem();
if (ioctl(sock, SIOCGIFCONF, &ifc) != 0) {
free(ifc.ifc_req);
close(sock);
Error("ProbeInterfaces(): ioctl(SIOCGIFCONF): %s",
strerror(errno));
Bye(EX_OSERR);
}
/* if the return size plus a 512 byte "buffer zone" is less than
* the buffer we passed in (bufsize), we're done. otherwise
* allocate a bigger buffer and try again. with a too-small
* buffer, some implementations (freebsd) will fill the buffer
* best it can (leaving a gap - returning <=bufsize) and others
* (linux) will return a buffer length the same size as passed
* in (==bufsize). so, we'll assume a 512 byte gap would have
* been big enough to put one more record and as long as we have
* that "buffer zone", we should have all the interfaces.
*/
if (ifc.ifc_len + 512 < bufsize)
break;
free(ifc.ifc_req);
bufsize += 2048;
}
/* this is probably way overkill, but better to kill a few bytes
* than loop through looking for valid interfaces that are up
* twice, huh?
*/
count = ifc.ifc_len / sizeof(*ifr);
CONDDEBUG((1, "ProbeInterfaces(): ifc_len==%d max_count==%d",
ifc.ifc_len, count));
/* set up myAddrs array */
if (myAddrs != (struct in_addr *)0)
free(myAddrs);
myAddrs = (struct in_addr *)0;
if (count == 0) {
free(ifc.ifc_req);
close(sock);
return;
}
myAddrs = (struct in_addr *)calloc(count + 1, sizeof(struct in_addr));
if (myAddrs == (struct in_addr *)0)
OutOfMem();
for (m = r = 0; r < ifc.ifc_len;) {
struct sockaddr *sa;
ifr = (struct ifreq *)&ifc.ifc_buf[r];
sa = (struct sockaddr *)&ifr->ifr_addr;
/* don't use less than a ifreq sized chunk */
if ((ifc.ifc_len - r) < sizeof(*ifr))
break;
#ifdef HAVE_SA_LEN
if (sa->sa_len > sizeof(ifr->ifr_addr))
r += sizeof(ifr->ifr_name) + sa->sa_len;
else
#endif
r += sizeof(*ifr);
if (sa->sa_family == AF_INET) {
struct sockaddr_in *sin = (struct sockaddr_in *)sa;
#ifdef SIOCGIFFLAGS
/* make sure the interface is up */
ifrcopy = *ifr;
if ((ioctl(sock, SIOCGIFFLAGS, &ifrcopy) == 0) &&
((ifrcopy.ifr_flags & IFF_UP) == 0))
while (1) {
if (stat(d, &dstat) == -1) {
if (errno == ENOENT) {
if (mkdir(d, 0755) == -1) {
Error("mkdir(%s): %s", d, strerror(errno));
return -1;
}
CONDDEBUG((1, "VerifyEmptyDirectory: created `%s'", d));
continue;
#endif
CONDDEBUG((1, "ProbeInterfaces(): name=%s addr=%s",
ifr->ifr_name, inet_ntoa(sin->sin_addr)));
#if HAVE_MEMCPY
memcpy(&myAddrs[m], &(sin->sin_addr), sizeof(struct in_addr));
#else
bcopy(&(sin->sin_addr), &myAddrs[m], sizeof(struct in_addr));
#endif
Verbose("interface address %s (%s)", inet_ntoa(myAddrs[m]),
ifr->ifr_name);
m++;
} else {
Error("stat(%s): %s", d, strerror(errno));
return -1;
}
}
}
if (m == 0) {
free(myAddrs);
myAddrs = (struct in_addr *)0;
}
close(sock);
free(ifc.ifc_req);
#else /* use the hostname like the old code did (but use all addresses!) */
int count;
struct hostent *he;
/* if we use -M, just fill the array with that interface */
if (bindAddr != INADDR_ANY) {
myAddrs = (struct in_addr *)calloc(2, sizeof(struct in_addr));
if (myAddrs == (struct in_addr *)0)
OutOfMem();
#if HAVE_MEMCPY
memcpy(&(myAddrs[0].s_addr), &bindAddr, sizeof(in_addr_t));
#else
bcopy(&bindAddr, &(myAddrs[0].s_addr), sizeof(in_addr_t));
#endif
Verbose("interface address %s (-M option)", inet_ntoa(myAddrs[0]));
return;
if (S_ISDIR(dstat.st_mode))
break;
return -1;
}
Verbose("using hostname for interface addresses");
if ((struct hostent *)0 == (he = gethostbyname(myHostname))) {
Error("ProbeInterfaces(): gethostbyname(%s): %s", myHostname,
hstrerror(h_errno));
return;
}
if (4 != he->h_length || AF_INET != he->h_addrtype) {
Error
("ProbeInterfaces(): gethostbyname(%s): wrong address size (4 != %d) or address family (%d != %d)",
myHostname, he->h_length, AF_INET, he->h_addrtype);
return;
/* now make sure it's empty...erase anything you see, etc */
if ((dir = opendir(d)) == (DIR *) 0) {
Error("opendir(%s): %s", d, strerror(errno));
return -1;
}
for (count = 0; he->h_addr_list[count] != (char *)0; count++);
if (myAddrs != (struct in_addr *)0)
free(myAddrs);
myAddrs = (struct in_addr *)0;
if (count == 0)
return;
myAddrs = (struct in_addr *)calloc(count + 1, sizeof(struct in_addr));
if (myAddrs == (struct in_addr *)0)
OutOfMem();
for (count--; count >= 0; count--) {
#if HAVE_MEMCPY
memcpy(&(myAddrs[count].s_addr), he->h_addr_list[count],
he->h_length);
#else
bcopy(he->h_addr_list[count], &(myAddrs[count].s_addr),
he->h_length);
while ((de = readdir(dir)) != (struct dirent *)0) {
if ((strcmp(de->d_name, ".") == 0) ||
(strcmp(de->d_name, "..") == 0))
continue;
/* we're going to just let the user deal with non-empty directories */
Error("non-empty directory `%s'", d);
retval = -1;
break;
/* this is probably too extreme. if someone happens to point conserver
* at /etc, for example, it could (if running as root) nuke the password
* database, config files, etc. too many important files could be
* shredded with a small typo.
*/
#if 0
if (path == (STRING *)0)
path = AllocString();
BuildStringPrint(path, "%s/%s", d, de->d_name);
if (stat(path->string, &dstat) == -1) {
Error("stat(%s): %s", path->string, strerror(errno));
retval = -1;
break;
}
if (S_ISDIR(dstat.st_mode)) {
if (rmdir(path->string) != 0) {
Error("rmdir(%s): %s", path->string, strerror(errno));
retval = -1;
break;
}
} else {
if (unlink(path->string) != 0) {
Error("unlink(%s): %s", path->string, strerror(errno));
retval = -1;
break;
}
}
#endif
Verbose("interface address %s (hostname address)",
inet_ntoa(myAddrs[count]));
}
#endif
if (path != (STRING *)0)
DestroyString(path);
return retval;
}
#endif
/* find out where/who we are (ksb)
* parse optons
@ -1180,17 +1109,19 @@ main(argc, argv)
char *curuser = (char *)0;
int curuid = 0;
GRPENT *pGE = (GRPENT *)0;
#if !USE_UNIX_DOMAIN_SOCKETS
#if HAVE_INET_ATON
struct in_addr inetaddr;
#endif
#endif
isMultiProc = 1; /* make sure stuff has the pid */
thepid = getpid();
if ((char *)0 == (progname = strrchr(argv[0], '/'))) {
progname = StrDup(argv[0]);
progname = argv[0];
} else {
progname = StrDup(++progname);
++progname;
}
setpwent();
@ -1252,7 +1183,7 @@ main(argc, argv)
#endif
break;
case 'C':
pcConfig = StrDup(optarg);
pcConfig = optarg;
break;
case 'd':
optConf->daemonmode = FLAGTRUE;
@ -1379,37 +1310,46 @@ main(argc, argv)
if (fSyntaxOnly)
Msg("performing configuration file syntax check");
#if USE_UNIX_DOMAIN_SOCKETS
/* Don't do any redirects if we're purely local
* (but it allows them to see where remote consoles are)
*/
optConf->redirect = FLAGFALSE;
if (interface == (char *)0)
interface = UDSDIR;
#else
/* set up the address to bind to */
if (interface == (char *)0 ||
(interface[0] == '*' && interface[1] == '\000'))
bindAddr = INADDR_ANY;
else {
#if HAVE_INET_ATON
# if HAVE_INET_ATON
if (inet_aton(interface, &inetaddr) == 0) {
Error("inet_aton(%s): %s", interface, "invalid IP address");
Bye(EX_OSERR);
}
bindAddr = inetaddr.s_addr;
#else
# else
bindAddr = inet_addr(interface);
if (bindAddr == (in_addr_t) (-1)) {
Error("inet_addr(%s): %s", interface, "invalid IP address");
Bye(EX_OSERR);
}
#endif
# endif
}
if (fDebug) {
struct in_addr ba;
ba.s_addr = bindAddr;
CONDDEBUG((1, "main(): bind address set to `%s'", inet_ntoa(ba)));
}
#endif
/* must do all this so IsMe() works right */
if (gethostname(myHostname, MAXHOSTNAME) != 0) {
Error("gethostname(): %s", interface, strerror(errno));
Error("gethostname(): %s", strerror(errno));
Bye(EX_OSERR);
}
ProbeInterfaces();
ProbeInterfaces(bindAddr);
/* initialize the timers */
for (i = 0; i < T_MAX; i++)
@ -1423,6 +1363,7 @@ main(argc, argv)
ReadCfg(pcConfig, fpConfig);
fclose(fpConfig);
#if !USE_UNIX_DOMAIN_SOCKETS
/* set up the port to bind to */
if (optConf->primaryport != (char *)0)
config->primaryport = StrDup(optConf->primaryport);
@ -1482,6 +1423,7 @@ main(argc, argv)
bindBasePort = ntohs((unsigned short)pSE->s_port);
}
}
#endif
if (optConf->passwdfile != (char *)0)
config->passwdfile = StrDup(optConf->passwdfile);
@ -1529,6 +1471,13 @@ main(argc, argv)
else
config->redirect = defConfig.redirect;
if (optConf->autocomplete != FLAGUNKNOWN)
config->autocomplete = optConf->autocomplete;
else if (pConfig->autocomplete != FLAGUNKNOWN)
config->autocomplete = pConfig->autocomplete;
else
config->autocomplete = defConfig.autocomplete;
if (optConf->loghostnames != FLAGUNKNOWN)
config->loghostnames = optConf->loghostnames;
else if (pConfig->loghostnames != FLAGUNKNOWN)
@ -1549,6 +1498,14 @@ main(argc, argv)
if (config->unifiedlog == (char *)0)
OutOfMem();
}
if (optConf->initdelay != 0)
config->initdelay = optConf->initdelay;
else if (pConfig->initdelay != 0)
config->initdelay = pConfig->initdelay;
else
config->initdelay = defConfig.initdelay;
#if HAVE_OPENSSL
if (optConf->sslrequired != FLAGUNKNOWN)
config->sslrequired = optConf->sslrequired;
@ -1580,7 +1537,13 @@ main(argc, argv)
if (pGroups == (GRPENT *)0 && pRCList == (REMOTE *)0) {
Error("no consoles found in configuration file");
} else if (!fSyntaxOnly) {
} else if (fSyntaxOnly) {
/* short-circuit */
#if USE_UNIX_DOMAIN_SOCKETS
} else if (VerifyEmptyDirectory(interface) == -1) {
Error("Master(): %s: unusable socket directory", interface);
#endif
} else {
#if HAVE_OPENSSL
/* Prep the SSL layer */
SetupSSL();
@ -1602,8 +1565,7 @@ main(argc, argv)
if (pGE->imembers == 0)
continue;
Spawn(pGE);
Spawn(pGE, -1);
Verbose("group #%d pid %lu on port %hu", pGE->id,
(unsigned long)pGE->pid, pGE->port);
}
@ -1617,8 +1579,13 @@ main(argc, argv)
local += pGE->imembers;
for (pRC = pRCList; (REMOTE *)0 != pRC; pRC = pRC->pRCnext)
remote++;
# if USE_UNIX_DOMAIN_SOCKETS
setproctitle("master: port 0, %d local, %d remote", local,
remote);
#else
setproctitle("master: port %hu, %d local, %d remote", bindPort,
local, remote);
#endif
}
#endif

6
conserver/main.h
View File

@ -1,5 +1,5 @@
/*
* $Id: main.h,v 5.51 2003/11/10 15:37:24 bryan Exp $
* $Id: main.h,v 5.53 2004/05/21 04:15:17 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -44,11 +44,13 @@ extern unsigned short bindPort, bindBasePort;
extern char *pcConfig;
extern int cMaxMemb;
extern struct sockaddr_in in_port;
extern int isMaster;
extern CONFIG *optConf;
extern CONFIG *config;
extern CONFIG defConfig;
extern CONSFILE *unifiedlog;
#if USE_UNIX_DOMAIN_SOCKETS
extern char *interface;
#endif
#if HAVE_OPENSSL
extern SSL_CTX *ctx;
#endif

158
conserver/master.c
View File

@ -1,5 +1,5 @@
/*
* $Id: master.c,v 5.124 2003/12/25 19:22:00 bryan Exp $
* $Id: master.c,v 5.132 2005/09/05 22:22:53 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -68,9 +68,10 @@ FlagSawCHLD(sig)
*/
static void
#if PROTOTYPES
FixKids()
FixKids(int msfd)
#else
FixKids()
FixKids(msfd)
int msfd;
#endif
{
pid_t pid;
@ -124,7 +125,7 @@ FixKids()
/* this kid kid is dead, start another
*/
Spawn(pGE);
Spawn(pGE, msfd);
Verbose("group #%d pid %lu on port %hu", pGE->id,
(unsigned long)pGE->pid, pGE->port);
}
@ -292,7 +293,8 @@ CommandCall(pCL, args)
pRCFound = pRC;
}
}
if (found == 0) { /* Then look for substring matches */
if (found == 0 && config->autocomplete == FLAGTRUE) {
/* Then look for substring matches */
NAMES *name = (NAMES *)0;
int foundOne = 0;
for (pGE = pGroups; pGE != (GRPENT *)0; pGE = pGE->pGEnext) {
@ -496,15 +498,18 @@ DoNormalRead(pCLServing)
(char *)0
};
static char *apcHelp2[] = {
"call provide port for given console\r\n",
"exit disconnect\r\n",
"groups provide ports for group leaders\r\n",
"help this help message\r\n",
"master provide a list of master servers\r\n",
"pid provide pid of master process\r\n",
"quit* terminate conserver (SIGTERM)\r\n",
"restart* restart conserver (SIGHUP)\r\n",
"version provide version info for server\r\n",
"call provide port for given console\r\n",
"exit disconnect\r\n",
"groups provide ports for group leaders\r\n",
"help this help message\r\n",
"master provide a list of master servers\r\n",
"newlogs* close and open all logfiles (SIGUSR2)\r\n",
"pid provide pid of master process\r\n",
"quit* terminate conserver (SIGTERM)\r\n",
"restart* restart conserver (SIGHUP) - deprecated\r\n",
"reconfig* reread config file (SIGHUP)\r\n",
"version provide version info for server\r\n",
"up* bring up all downed consoles (SIGUSR1)\r\n",
"* = requires admin privileges\r\n",
(char *)0
};
@ -569,6 +574,10 @@ DoNormalRead(pCLServing)
int iSep = 1;
if ((GRPENT *)0 != pGroups) {
#if USE_UNIX_DOMAIN_SOCKETS
FilePrint(pCLServing->fd, FLAGTRUE, "@0");
iSep = 0;
#else
struct sockaddr_in lcl;
socklen_t so = sizeof(lcl);
if (-1 ==
@ -579,22 +588,26 @@ DoNormalRead(pCLServing)
-1);
Error("Master(): getsockname(%u): %s",
FileFDNum(pCLServing->fd), strerror(errno));
Bye(EX_OSERR);
}
FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
inet_ntoa(lcl.sin_addr));
iSep = 0;
}
if (config->redirect == FLAGTRUE) {
REMOTE *pRC;
for (pRC = pRCUniq; (REMOTE *)0 != pRC;
pRC = pRC->pRCuniq) {
FilePrint(pCLServing->fd, FLAGTRUE, ":@%s" + iSep,
pRC->rhost);
iSep = -1;
} else {
FilePrint(pCLServing->fd, FLAGTRUE, "@%s",
inet_ntoa(lcl.sin_addr));
iSep = 0;
}
#endif
}
if (iSep >= 0) {
if (config->redirect == FLAGTRUE) {
REMOTE *pRC;
for (pRC = pRCUniq; (REMOTE *)0 != pRC;
pRC = pRC->pRCuniq) {
FilePrint(pCLServing->fd, FLAGTRUE,
":@%s" + iSep, pRC->rhost);
iSep = 0;
}
}
FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", -1);
}
FileWrite(pCLServing->fd, FLAGFALSE, "\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "pid") == 0) {
FilePrint(pCLServing->fd, FLAGFALSE, "%lu\r\n",
@ -629,6 +642,41 @@ DoNormalRead(pCLServing)
} else
FileWrite(pCLServing->fd, FLAGFALSE,
"unauthorized command\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "reconfig") == 0) {
if (ConsentUserOk(pADList, pCLServing->username->string) ==
1) {
FileWrite(pCLServing->fd, FLAGFALSE,
"ok -- reconfiguring\r\n", -1);
Verbose("reconfig command by %s",
pCLServing->acid->string);
kill(thepid, SIGHUP);
} else
FileWrite(pCLServing->fd, FLAGFALSE,
"unauthorized command\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "up") == 0) {
if (ConsentUserOk(pADList, pCLServing->username->string) ==
1) {
FileWrite(pCLServing->fd, FLAGFALSE,
"ok -- bringing up consoles\r\n", -1);
Verbose("up command by %s", pCLServing->acid->string);
kill(thepid, SIGUSR1);
} else
FileWrite(pCLServing->fd, FLAGFALSE,
"unauthorized command\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "newlogs") == 0) {
if (ConsentUserOk(pADList, pCLServing->username->string) ==
1) {
FileWrite(pCLServing->fd, FLAGFALSE,
"ok -- opening new logfiles\r\n", -1);
Verbose("newlogs command by %s",
pCLServing->acid->string);
kill(thepid, SIGUSR2);
} else
FileWrite(pCLServing->fd, FLAGFALSE,
"unauthorized command\r\n", -1);
} else if (pCLServing->iState == S_NORMAL &&
strcmp(pcCmd, "groups") == 0) {
int iSep = 1;
@ -673,8 +721,15 @@ Master()
int msfd;
socklen_t so;
fd_set rmask, wmask;
#if USE_UNIX_DOMAIN_SOCKETS
struct sockaddr_un master_port;
static STRING *portPath = (STRING *)0;
#else
struct sockaddr_in master_port;
# if HAVE_SETSOCKOPT
int true = 1;
# endif
#endif
FILE *fp;
CONSCLIENT *pCLServing = (CONSCLIENT *)0;
CONSCLIENT *pCL = (CONSCLIENT *)0;
@ -691,6 +746,9 @@ Master()
#endif
#if defined(SIGPOLL)
SimpleSignal(SIGPOLL, SIG_IGN);
#endif
#if defined(SIGXFSZ)
SimpleSignal(SIGXFSZ, SIG_IGN);
#endif
SimpleSignal(SIGCHLD, FlagSawCHLD);
SimpleSignal(SIGTERM, FlagQuitIt);
@ -715,6 +773,40 @@ Master()
#else
bzero((char *)&master_port, sizeof(master_port));
#endif
#if USE_UNIX_DOMAIN_SOCKETS
master_port.sun_family = AF_UNIX;
if (portPath == (STRING *)0)
portPath = AllocString();
BuildStringPrint(portPath, "%s/0", interface);
if (portPath->used > sizeof(master_port.sun_path)) {
Error("Master(): path to socket too long: %s", portPath->string);
return;
}
strcpy(master_port.sun_path, portPath->string);
if ((msfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
Error("Master(): socket(AF_UNIX,SOCK_STREAM): %s",
strerror(errno));
return;
}
if (!SetFlags(msfd, O_NONBLOCK, 0))
return;
if (bind(msfd, (struct sockaddr *)&master_port, sizeof(master_port)) <
0) {
Error("Master(): bind(%s): %s", master_port.sun_path,
strerror(errno));
return;
}
if (listen(msfd, SOMAXCONN) < 0) {
Error("Master(): listen(%s): %s", master_port.sun_path,
strerror(errno));
return;
}
#else
master_port.sin_family = AF_INET;
master_port.sin_addr.s_addr = bindAddr;
master_port.sin_port = htons(bindPort);
@ -724,7 +816,7 @@ Master()
strerror(errno));
return;
}
#if HAVE_SETSOCKOPT
# if HAVE_SETSOCKOPT
if (setsockopt
(msfd, SOL_SOCKET, SO_REUSEADDR, (char *)&true,
sizeof(true)) < 0) {
@ -732,7 +824,7 @@ Master()
strerror(errno));
return;
}
#endif
# endif
if (!SetFlags(msfd, O_NONBLOCK, 0))
return;
@ -748,6 +840,7 @@ Master()
strerror(errno));
return;
}
#endif
fp = fopen(PIDFILE, "w");
if (fp) {
@ -765,7 +858,7 @@ Master()
for (fSawQuit = 0; !fSawQuit; /* can't close here :-( */ ) {
if (fSawCHLD) {
fSawCHLD = 0;
FixKids();
FixKids(msfd);
}
if (fSawHUP) {
fSawHUP = 0;
@ -773,7 +866,7 @@ Master()
ReopenLogfile();
ReopenUnifiedlog();
SignalKids(SIGHUP);
ReReadCfg(msfd);
ReReadCfg(msfd, msfd);
/* fix up the client descriptors since ReReadCfg() doesn't
* see them like it can in the child processes */
for (pCL = pCLmall; pCL != (CONSCLIENT *)0; pCL = pCL->pCLscan) {
@ -943,6 +1036,9 @@ Master()
}
close(msfd);
#if USE_UNIX_DOMAIN_SOCKETS
unlink(master_port.sun_path);
#endif
/* clean up the free list */
while (pCLmfree != (CONSCLIENT *)0) {

1366
conserver/readcfg.c
View File

File diff suppressed because it is too large Load Diff

8
conserver/readcfg.h
View File

@ -1,5 +1,5 @@
/*
* $Id: readcfg.h,v 5.38 2003/11/10 15:37:24 bryan Exp $
* $Id: readcfg.h,v 5.45 2005/06/07 19:55:51 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -10,6 +10,7 @@
typedef struct config {
STRING *name;
FLAG autocomplete;
char defaultaccess;
FLAG daemonmode;
char *logfile;
@ -20,6 +21,7 @@ typedef struct config {
int reinitcheck;
char *secondaryport;
char *unifiedlog;
int initdelay;
#if HAVE_SETPROCTITLE
FLAG setproctitle;
#endif
@ -40,11 +42,13 @@ extern REMOTE *pRCList; /* list of remote consoles we know about */
extern REMOTE *pRCUniq; /* list of uniq console servers */
extern ACCESS *pACList; /* `who do you love' (or trust) */
extern CONSENTUSERS *pADList; /* list of admin users */
extern CONSENTUSERS *pLUList; /* list of limited users */
extern BREAKS breakList[9]; /* list of break sequences */
extern CONFIG *pConfig; /* settings seen by config parser */
extern SUBST *substData; /* substitution function data */
extern void ReadCfg PARAMS((char *, FILE *));
extern void ReReadCfg PARAMS((int));
extern void ReReadCfg PARAMS((int, int));
extern void DestroyBreakList PARAMS((void));
extern void DestroyUserList PARAMS((void));
extern void DestroyConfig PARAMS((CONFIG *));

4
conserver/version.h
View File

@ -1,5 +1,5 @@
/*
* $Id: version.h,v 1.59 2004/03/16 04:17:31 bryan Exp $
* $Id: version.h,v 1.72 2006/01/15 17:10:44 bryan Exp $
*
* Copyright conserver.com, 2000
*
@ -14,4 +14,4 @@
@(#) Copyright 2000 conserver.com.\n\
All rights reserved.\n"
#define THIS_VERSION "conserver.com version 8.1.3"
#define THIS_VERSION "conserver.com version 8.1.13"

4
console/Makefile.in
View File

@ -25,11 +25,11 @@ LIBS = @LIBS@
### Makefile rules - no user-servicable parts below
CONSOLE_OBJS = console.o getpassword.o ../conserver/cutil.o
CONSOLE_OBJS = console.o getpassword.o readconf.o ../conserver/cutil.o
CONSOLE_HDRS = ../config.h $(top_srcdir)/compat.h \
$(top_srcdir)/conserver/cutil.h \
$(top_srcdir)/conserver/version.h \
$(srcdir)/getpassword.h
$(srcdir)/getpassword.h $(srcdir)/readconf.h
ALL = console

744
console/console.c
View File

File diff suppressed because it is too large Load Diff

511
console/console.man
View File

@ -1,45 +1,45 @@
.\" $Id: console.man,v 1.45 2004/03/20 14:40:42 bryan Exp $
.TH CONSOLE 1 "2004/03/20" "conserver-8.1.3" "conserver"
.\" $Id: console.man,v 1.58 2005/09/05 22:17:33 bryan Exp $
.TH CONSOLE 1 "2005/09/05" "conserver-8.1.13" "conserver"
.SH NAME
console \- console server client program
.SH SYNOPSIS
.B console
.RB [ \-aAEfFsS ]
.RB [ \-7Dv ]
.RB [ \-c
.IR cred ]
.BR [ \-M
.IR mach ]
.BR [ \-p
.IR port ]
.RI [ generic-args ]
.RB [ \-aAfFsS ]
.BR [ \-e
.IR esc ]
.BR [ \-l
.IR user ]
.I console
.br
.B console
.RB [ \-hiIPrRuVwWx ]
.RB [ \-7Dv ]
.RB [ \-M
.IR mach ]
.RB [ \-p
.IR port ]
.RB [ \-d
.RI [ user ][\fB@\fP console ]]
.RB [ \- [ bB ]
.IR message ]
.RB [ \-t
.RI [ user ][\fB@\fP console ]
.IR message ]
.RI [ generic-args ]
.RB [ \-iIuwWx ]
.RI [ console ]
.br
.B console
.RB [ \-qQ ]
.RB [ \-7Dv ]
.RB [ \-M
.IR mach ]
.RB [ \-p
.RI [ generic-args ]
.RB [ \-hPqQrRV ]
.RB [ \- [ bB ]
.IR message ]
.RB [ \-d
.RI [ user ][\f3@\fP console ]]
.RB [ \-t
.RI [ user ][\f3@\fP console ]
.IR message ]
.RB [ \- [ zZ ]
.IR cmd ]
.PP
.IR generic-args :
.RB [ \-7DEnUv ]
.RB [ \-c
.IR cred ]
.RB [ \-C
.IR config ]
.BR [ \-M
.IR master ]
.BR [ \-p
.IR port ]
.BR [ \-l
.IR user ]
.SH DESCRIPTION
.B Console
is used to manipulate console terminals remotely or to poll running
@ -51,7 +51,8 @@ In the first form above,
asks the user's password before
granting interactive access to a console (on a non-trusted system),
since such a session may provide single-user access.
Only as much of the console name as is required to
If the server's autocompletion feature is enabled,
only as much of the console name as is required to
identify it uniquely to the server is required.
.PP
For non-interactive options,
@ -116,6 +117,10 @@ to users on the primary server.
Load an SSL certificate and key from the PEM encoded file
.IR cred .
.TP
.BI \-C config
Use the per-user configuration file
.IR config .
.TP
.B \-d
Disconnect the users specified by
.IR user @ console .
@ -150,9 +155,13 @@ The default value is
.B \-E
If encryption has been built into the code
.RB ( --with-openssl ),
encrypted client connections are a requirement.
This option allows the client to connect to a console
over a non-encrypted connection.
encrypted client connections are, by default, a requirement.
This option disables any attempt at creating an
encrypted connection.
If you'd like to use encrypted connections when your server
supports it, but fallback to non-encrypted otherwise, the
.B \-U
option is what you want.
.TP
.B \-f
Same as
@ -163,7 +172,7 @@ except it will force any existing connection into spy mode.
Display a brief help message.
.TP
.B \-i
Display information in a machine-parseable format (see below for the details).
Display status information in a machine-parseable format (see below for the details).
.TP
.B \-I
Same as
@ -179,19 +188,34 @@ uses $USER if its uid matches the user's real uid,
or $LOGNAME if its uid matches the user's real uid,
or else the name associated with the user's real uid.
.TP
.BI \-M mach
.BI \-M master
The
.B console
client program polls
.I mach
.I master
as the primary server,
rather than the default set at compile time (typically
.RB `` console '').
The default
.I mach
.I master
may be changed at compile time using the
.B --with-master
option.
If
.B --with-uds
is used to enable Unix domain sockets, however, this option points
.B console
to the directory which holds those sockets.
The default
.I master
directory
.RB (`` /tmp/conserver '')
may be changed at compile time using the
.B --with-uds
option.
.TP
.BI \-n
Do not read the system-wide configuration file.
.TP
.BI \-p port
Set the port to connect to.
@ -203,6 +227,9 @@ may be changed at compile time
using the
.B --with-port
option.
If the
.B --with-uds
option was used, this option is ignored.
.TP
.B \-P
Display the pid of the master daemon process on each server.
@ -264,6 +291,18 @@ and attached users
.RI ( user @ host
if attached read-write, `<spies>' if only users in spy mode, or `<none>').
.TP
.B \-U
If encryption has been built into the code
.RB ( --with-openssl ),
encrypted client connections are, by default, a requirement.
This option allows the client to attempt an encrypted connection
but fall back to a non-encrypted connection if the server doesn't
support encryption.
If the encryption handshake is failing, disabling encryption on the
client with the
.B \-E
option is probably what you want.
.TP
.B \-v
Be more verbose when building the connection(s).
Use this option in combination with any of `show' options (below)
@ -289,6 +328,72 @@ but just acts on the primary server.
.TP
.B \-x
Show a list of consoles and devices.
.TP
.BI \-z cmd
Sends a command
.RI ( cmd )
to each server and displays the result.
The valid commands are:
.RS
.sp
.PD 0
.TP 12
.B bringup
Try to connect all consoles marked as down (this is equivalent
to sending the server a SIGUSR1)
.TP
.B SIGUSR1
Same as
.B bringup
.TP
.B help
Displays the help message
.TP
.B pid
Returns the pid of the server (this is equivalent to
.BR \-P )
.TP
.B quit
Instructs the server to shut down (this is equivalent to
.B \-q
or sending the server a SIGTERM)
.TP
.B SIGTERM
Same as
.B quit
.TP
.B reconfig
Instructs the server to reload the configuration file, then
perform the actions of
.B reopen
(this is equivalent to sending the server a SIGHUP)
.TP
.B SIGHUP
Same as
.B reconfig
.TP
.B reopen
Instructs the server to reopen all logfiles, then
perform the actions of
.B bringup
(this is equivalent to sending the server a SIGUSR2)
.TP
.B SIGUSR2
Same as
.B reopen
.TP
.B version
Returns the version of the server (this is equivalent to
.BR \-V )
.PD
.RE
.TP
.BI \-Z cmd
Same as
.B \-z
but just sends
.I cmd
to the primary server.
.PP
The
.BR \-A ,
@ -297,12 +402,19 @@ The
options have the same effect as their lower-case variants.
In addition, they each request the last 20 lines of the console output after
making the connection (as if
.RB ` ^Ecr '
.RB `` ^Ecr ''
were typed).
.PP
The
.BR \-i ,
.BR \-u ,
.BR \-w ", and"
.B \-x
options can be given a console name, which will limit their output to that console.
.PP
The
.B \-i
option outputs information regarding each console in 15 colon-separated fields.
option outputs status information regarding each console in 15 colon-separated fields.
.TP
.I name
The name of the console.
@ -349,7 +461,7 @@ that the server can open the file for read, but not write.
The details regarding the logging for the console.
The comma-separated
values will be the logfile, ``log'' or ``nolog'' (if logging is on
or not - toggled via ^EcL), ``act'' or ``noact'' (if activity logging is
or not - toggled via ``^EcL''), ``act'' or ``noact'' (if activity logging is
enabled or not - the `a' timestamp option), the timestamp interval, and
the file descriptor of the logfile.
.TP
@ -375,6 +487,287 @@ The idletimeout configuration option for the console.
.TP
.I idlestring
The idlestring configuration option for the console.
.SH CONFIGURATION
.B Console
reads configuration information from the system-wide configuration file
.RB ( console.cf ),
then the per-user configuration file
.RB ( .consolerc ),
and then applies command-line arguments.
Each configuration location can override the previous.
The same happens when parsing an individual file - the later entries
always override the earlier entries.
Because of that, you should put ``global'' defaults first and
more specific defaults second.
.PP
The configuration file is read using the same parser as
.BR conserver.cf (5),
and you should check that manpage for parser details.
.B Console
recognizes the following configuration blocks.
.TP
\f3config\fP \f2hostname\fP|\f2ipaddr\fP
.br
Define a configuration block for the client host named
.I hostname
or using the address
.IR ipaddr .
If the value of ``*'' is used, the configuration block will be applied to
all client hosts.
.RS
.TP
\f3escape\fP \f2esc\fP
.br
Set the escape sequence (see the
.B \-e
command-line flag).
.TP
\f3master\fP \f2master\fP
.br
Set the default master to
.I master
(see the
.B \-M
command-line flag).
.TP
\f3port\fP \f2port\fP
.br
Set the default port to
.I port
(see the
.B \-p
command-line flag).
.TP
\f3sslcredentials\fP \f2filename\fP
.br
Set the
.SM SSL
credentials file location (see the
.B \-c
command-line flag).
.TP
\f3sslenabled\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not encryption is attempted when talking to servers (see the
.B \-E
command-line flag).
.TP
\f3sslrequired\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not encryption is required when talking to servers (see the
.B \-U
command-line flag).
.TP
\f3striphigh\fP \f3yes\fP|\f3true\fP|\f3on\fP|\f3no\fP|\f3false\fP|\f3off\fP
.br
Set whether or not to strip the high bit off all data received
(see the
.B \-7
command-line flag).
.TP
\f3username\fP \f2user\fP
.br
Set the username passed to the server to
.I user
(see the
.B \-l
command-line flag).
.RE
.TP
\f3terminal\fP \f2type\fP
.br
Define a configuration block when using a terminal of type
.IR type .
If the value of ``*'' is used, the configuration block will be applied to
all terminal types.
.RS
.TP
\f3attach\fP \f2string\fP|\f3""\fP
.br
Set a
.I string
to print when successfully attached to a console.
Character substitions will be performed based on the
.B attachsubst
value and occur
.I before
interpretation of the special characters below.
If the null string (``\f3""\fP'') is used, no string will be printed.
.I string
is a simple character string with the exception of `\e'
and `^':
.RS
.RS
.sp
.PD 0
.TP 6
.B \ea
alert
.TP
.B \eb
backspace
.TP
.B \ef
form-feed
.TP
.B \en
newline
.TP
.B \er
carriage-return
.TP
.B \et
tab
.TP
.B \ev
vertical-tab
.TP
.B \e\e
backslash
.TP
.B \e^
circumflex
.TP
.BI \e ooo
octal representation of a character (where
.I ooo
is one to three octal digits)
.TP
.BI \e c
character
.I c
.TP
.B ^?
delete
.TP
.BI ^ c
control character
.RI ( c
is ``and''ed with 0x1f)
.PD
.RE
.RE
.IP
An interesting use of
.B attach
and
.B attachsubst
would be:
.RS
.IP
.ft CR
.nf
terminal xterm {
attach "^[]0;conserver: U@C^G";
attachsubst U=us,C=cs;
}
.fi
.ft
.RE
.TP
\f3attachsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
.br
Perform character substitutions on the
.B attach
value.
A series of replacements can be defined by specifying a
comma-separated list of
\f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP
sequences where
.I c
is any printable character,
.I t
specifies the replacement value,
.I n
is a field length (optional),
and
.I f
is the format string.
.I t
can be one of the characters below, catagorized as a string replacement
or a numeric replacement, which dictates the use of the
.I n
and
.I f
fields.
.RS
.RS
.sp
.PD 0
.TP
String Replacement
.TP
.B u
username
.TP
.B c
console name
.sp
.PP
Numeric Replacement
.TP
none available (yet)
.PD
.RE
.RE
.IP
For string replacements, if the replacement isn't at least
.I n
characters, it will be padded with space characters on the left.
.I f
must be `s'.
For numeric replacements, the value will be formatted to at least
.I n
characters, padded with 0s if
.I n
begins with a 0, and space characters otherwise.
.I f
must be either `d', `x' or `X', specifying a decimal, lower-case
hexadecimal, or an uppercase hexadecimal conversion.
If the null string (``\f3""\fP'') is used, no replacements will be done.
.TP
\f3detach\fP \f2string\fP|\f3""\fP
.br
Set a
.I string
to print once detached from a console.
Character substitions will be performed based on the
.B detachsubst
value.
See the
.B attach
option for an explanation of
.IR string .
If the null string (``\f3""\fP'') is used, no string will be printed.
.TP
\f3detachsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP
.br
Perform character substitutions on the
.B detach
value.
See the
.B attachsubst
option for an explanation of the format string.
.RE
.PP
A simple configuration to set a new default escape sequence and override
the master location would be:
.IP
.ft CR
.nf
# override options for all hosts
config * {
master localhost;
escape ^Ee;
}
# set things more specific to host1
# note: if the entries were reversed, host1
# would also use localhost.
config host1 {
master console1;
}
.fi
.ft
.SH "ESCAPE SEQUENCES"
The connection can be controlled by a two-character escape sequence, followed
by a command.
@ -481,7 +874,7 @@ specify three octal digits)
If any other character is hit after the escape sequence, all three characters
will be discarded.
Note that a line break or a down command
can only be sent from a full two-way attachment.
can only be sent from a read-write connection.
To send the escape sequence through the connection one must redefine
the outer escape sequence, or use
.BI ^Ec\e ooo
@ -492,13 +885,17 @@ In the
.B \-u
output, the login ``<none>'' indicates no one is
viewing that console, and the login ``<spies>'' indicates that
no one has a full two-way attachment.
When no one is attached to
a console its output is cloned to the stdout of the server process if
.B conserver
was started with the
.B \-u
option.
no one has a read-write connection (only read-only).
.PP
When running a local command via
.RB `` ^Ec| '',
you can type
.RB ` ^C '
to send the command a SIGHUP,
.RB ` ^\e '
to send the command a SIGKILL, and
.RB ` o '
to toggle the display of the console data.
.SH EXAMPLES
.TP 15
console \-u
@ -550,6 +947,22 @@ or number of days is displayed.
console \-e "^[1" lv426
Requests a connection to the host ``lv426'' with the escape characters
set to ``escape one''.
.SH FILES
.PP
The following default file locations may be overridden
at compile time or by the command-line options described above.
Run
.B console \-V
to see the defaults set at compile time.
.PP
.PD 0
.TP 25
.B /etc/console.cf
system-wide configuration file
.TP
.B \s-1$HOME\s0/.consolerc
per-user configuration file
.PD
.SH BUGS
It is possible to create a loop of console connections, with ugly results.
Never run

719
console/readconf.c Normal file
View File

@ -0,0 +1,719 @@
/*
* $Id: readconf.c,v 5.3 2005/06/11 02:32:21 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
#include <compat.h>
#include <cutil.h>
#include <readconf.h>
CONFIG *parserConfigTemp = (CONFIG *)0;
CONFIG *parserConfigDefault = (CONFIG *)0;
CONFIG *pConfig = (CONFIG *)0;
TERM *parserTermTemp = (TERM *)0;
TERM *parserTermDefault = (TERM *)0;
TERM *pTerm = (TERM *)0;
void
#if PROTOTYPES
DestroyConfig(CONFIG *c)
#else
DestroyConfig(c)
CONFIG *c;
#endif
{
if (c == (CONFIG *)0)
return;
if (c->username != (char *)0)
free(c->username);
if (c->master != (char *)0)
free(c->master);
if (c->port != (char *)0)
free(c->port);
if (c->escape != (char *)0)
free(c->escape);
#if HAVE_OPENSSL
if (c->sslcredentials != (char *)0)
free(c->sslcredentials);
#endif
free(c);
}
void
#if PROTOTYPES
ApplyConfigDefault(CONFIG *c)
#else
ApplyConfigDefault(c)
CONFIG *c;
#endif
{
if (parserConfigDefault == (CONFIG *)0)
return;
if (parserConfigDefault->username != (char *)0) {
if (c->username != (char *)0)
free(c->username);
if ((c->username =
StrDup(parserConfigDefault->username)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->master != (char *)0) {
if (c->master != (char *)0)
free(c->master);
if ((c->master = StrDup(parserConfigDefault->master)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->port != (char *)0) {
if (c->port != (char *)0)
free(c->port);
if ((c->port = StrDup(parserConfigDefault->port)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->escape != (char *)0) {
if (c->escape != (char *)0)
free(c->escape);
if ((c->escape = StrDup(parserConfigDefault->escape)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->striphigh != FLAGUNKNOWN)
c->striphigh = parserConfigDefault->striphigh;
#if HAVE_OPENSSL
if (parserConfigDefault->sslcredentials != (char *)0) {
if (c->sslcredentials != (char *)0)
free(c->sslcredentials);
if ((c->sslcredentials =
StrDup(parserConfigDefault->sslcredentials)) == (char *)0)
OutOfMem();
}
if (parserConfigDefault->sslrequired != FLAGUNKNOWN)
c->sslrequired = parserConfigDefault->sslrequired;
if (parserConfigDefault->sslenabled != FLAGUNKNOWN)
c->sslenabled = parserConfigDefault->sslenabled;
#endif
}
void
#if PROTOTYPES
ConfigBegin(char *id)
#else
ConfigBegin(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigBegin(%s) [%s:%d]", id, file, line));
if (id == (char *)0 || id[0] == '\000') {
Error("empty config name [%s:%d]", file, line);
return;
}
if (parserConfigTemp != (CONFIG *)0)
DestroyConfig(parserConfigTemp);
if ((parserConfigTemp = (CONFIG *)calloc(1, sizeof(CONFIG)))
== (CONFIG *)0)
OutOfMem();
ApplyConfigDefault(parserConfigTemp);
parserConfigTemp->name = AllocString();
BuildString(id, parserConfigTemp->name);
}
void
#if PROTOTYPES
ConfigEnd(void)
#else
ConfigEnd()
#endif
{
CONDDEBUG((1, "ConfigEnd() [%s:%d]", file, line));
if (parserConfigTemp == (CONFIG *)0)
return;
if (parserConfigTemp->name->used > 1) {
if ((parserConfigTemp->name->string[0] == '*' &&
parserConfigTemp->name->string[1] == '\000') ||
IsMe(parserConfigTemp->name->string)) {
DestroyConfig(parserConfigDefault);
parserConfigDefault = parserConfigTemp;
parserConfigTemp = (CONFIG *)0;
}
}
DestroyConfig(parserConfigTemp);
parserConfigTemp = (CONFIG *)0;
}
void
#if PROTOTYPES
ConfigAbort(void)
#else
ConfigAbort()
#endif
{
CONDDEBUG((1, "ConfigAbort() [%s:%d]", file, line));
if (parserConfigTemp == (CONFIG *)0)
return;
DestroyConfig(parserConfigTemp);
parserConfigTemp = (CONFIG *)0;
}
void
#if PROTOTYPES
ConfigDestroy(void)
#else
ConfigDestroy()
#endif
{
CONDDEBUG((1, "ConfigDestroy() [%s:%d]", file, line));
if (parserConfigTemp != (CONFIG *)0) {
DestroyConfig(parserConfigTemp);
parserConfigTemp = (CONFIG *)0;
}
if (parserConfigDefault != (CONFIG *)0) {
DestroyConfig(pConfig);
pConfig = parserConfigDefault;
parserConfigDefault = (CONFIG *)0;
}
}
void
#if PROTOTYPES
DestroyTerminal(TERM *t)
#else
DestroyTerminal(t)
TERM *t;
#endif
{
if (t == (TERM *)0)
return;
if (t->attach != (char *)0)
free(t->attach);
if (t->attachsubst != (char *)0)
free(t->attachsubst);
if (t->detach != (char *)0)
free(t->detach);
if (t->detachsubst != (char *)0)
free(t->detachsubst);
free(t);
}
void
#if PROTOTYPES
ApplyTermDefault(TERM *t)
#else
ApplyTermDefault(t)
TERM *t;
#endif
{
if (parserTermDefault == (TERM *)0)
return;
if (parserTermDefault->attach != (char *)0) {
if (t->attach != (char *)0)
free(t->attach);
if ((t->attach = StrDup(parserTermDefault->attach)) == (char *)0)
OutOfMem();
}
if (parserTermDefault->attachsubst != (char *)0) {
if (t->attachsubst != (char *)0)
free(t->attachsubst);
if ((t->attachsubst =
StrDup(parserTermDefault->attachsubst)) == (char *)0)
OutOfMem();
}
if (parserTermDefault->detach != (char *)0) {
if (t->detach != (char *)0)
free(t->detach);
if ((t->detach = StrDup(parserTermDefault->detach)) == (char *)0)
OutOfMem();
}
if (parserTermDefault->detachsubst != (char *)0) {
if (t->detachsubst != (char *)0)
free(t->detachsubst);
if ((t->detachsubst =
StrDup(parserTermDefault->detachsubst)) == (char *)0)
OutOfMem();
}
}
void
#if PROTOTYPES
TerminalBegin(char *id)
#else
TerminalBegin(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalBegin(%s) [%s:%d]", id, file, line));
if (id == (char *)0 || id[0] == '\000') {
Error("empty terminal name [%s:%d]", file, line);
return;
}
if (parserTermTemp != (TERM *)0)
DestroyTerminal(parserTermTemp);
if ((parserTermTemp = (TERM *)calloc(1, sizeof(TERM)))
== (TERM *)0)
OutOfMem();
ApplyTermDefault(parserTermTemp);
parserTermTemp->name = AllocString();
BuildString(id, parserTermTemp->name);
}
void
#if PROTOTYPES
TerminalEnd(void)
#else
TerminalEnd()
#endif
{
static char *term = (char *)0;
CONDDEBUG((1, "TerminalEnd() [%s:%d]", file, line));
if (parserTermTemp == (TERM *)0)
return;
if (term == (char *)0) {
if ((term = getenv("TERM")) == (char *)0) {
term = "";
}
}
if (parserTermTemp->name->used > 1) {
if ((parserTermTemp->name->string[0] == '*' &&
parserTermTemp->name->string[1] == '\000') ||
strcmp(parserTermTemp->name->string, term) == 0) {
DestroyTerminal(parserTermDefault);
parserTermDefault = parserTermTemp;
parserTermTemp = (TERM *)0;
}
}
DestroyTerminal(parserTermTemp);
parserTermTemp = (TERM *)0;
}
void
#if PROTOTYPES
TerminalAbort(void)
#else
TerminalAbort()
#endif
{
CONDDEBUG((1, "TerminalAbort() [%s:%d]", file, line));
if (parserTermTemp == (TERM *)0)
return;
DestroyTerminal(parserTermTemp);
parserTermTemp = (TERM *)0;
}
void
#if PROTOTYPES
TerminalDestroy(void)
#else
TerminalDestroy()
#endif
{
CONDDEBUG((1, "TerminalDestroy() [%s:%d]", file, line));
if (parserTermTemp != (TERM *)0) {
DestroyTerminal(parserTermTemp);
parserTermTemp = (TERM *)0;
}
if (parserTermDefault != (TERM *)0) {
DestroyTerminal(pTerm);
pTerm = parserTermDefault;
parserTermDefault = (TERM *)0;
}
}
void
#if PROTOTYPES
ProcessYesNo(char *id, FLAG *flag)
#else
ProcessYesNo(id, flag)
char *id;
FLAG *flag;
#endif
{
if (id == (char *)0 || id[0] == '\000')
*flag = FLAGFALSE;
else if (strcasecmp("yes", id) == 0 || strcasecmp("true", id) == 0 ||
strcasecmp("on", id) == 0)
*flag = FLAGTRUE;
else if (strcasecmp("no", id) == 0 || strcasecmp("false", id) == 0 ||
strcasecmp("off", id) == 0)
*flag = FLAGFALSE;
}
void
#if PROTOTYPES
ConfigItemEscape(char *id)
#else
ConfigItemEscape(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemEscape(%s) [%s:%d]", id, file, line));
if (parserConfigTemp->escape != (char *)0)
free(parserConfigTemp->escape);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->escape = (char *)0;
return;
}
if ((parserConfigTemp->escape = StrDup(id)) == (char *)0)
OutOfMem();
}
void
#if PROTOTYPES
ConfigItemMaster(char *id)
#else
ConfigItemMaster(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemMaster(%s) [%s:%d]", id, file, line));
if (parserConfigTemp->master != (char *)0)
free(parserConfigTemp->master);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->master = (char *)0;
return;
}
if ((parserConfigTemp->master = StrDup(id)) == (char *)0)
OutOfMem();
}
void
#if PROTOTYPES
ConfigItemPort(char *id)
#else
ConfigItemPort(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemPort(%s) [%s:%d]", id, file, line));
if (parserConfigTemp->port != (char *)0)
free(parserConfigTemp->port);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->port = (char *)0;
return;
}
if ((parserConfigTemp->port = StrDup(id)) == (char *)0)
OutOfMem();
}
void
#if PROTOTYPES
ConfigItemSslcredentials(char *id)
#else
ConfigItemSslcredentials(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemSslcredentials(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
if (parserConfigTemp->sslcredentials != (char *)0)
free(parserConfigTemp->sslcredentials);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->sslcredentials = (char *)0;
return;
}
if ((parserConfigTemp->sslcredentials = StrDup(id)) == (char *)0)
OutOfMem();
#else
Error
("sslcredentials ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
#if PROTOTYPES
ConfigItemSslrequired(char *id)
#else
ConfigItemSslrequired(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemSslrequired(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
ProcessYesNo(id, &(parserConfigTemp->sslrequired));
#else
Error
("sslrequired ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
#if PROTOTYPES
ConfigItemSslenabled(char *id)
#else
ConfigItemSslenabled(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemSslenabled(%s) [%s:%d]", id, file, line));
#if HAVE_OPENSSL
ProcessYesNo(id, &(parserConfigTemp->sslenabled));
#else
Error("sslenabled ignored - encryption not compiled into code [%s:%d]",
file, line);
#endif
}
void
#if PROTOTYPES
ConfigItemStriphigh(char *id)
#else
ConfigItemStriphigh(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemStriphigh(%s) [%s:%d]", id, file, line));
ProcessYesNo(id, &(parserConfigTemp->striphigh));
}
void
#if PROTOTYPES
ConfigItemUsername(char *id)
#else
ConfigItemUsername(id)
char *id;
#endif
{
CONDDEBUG((1, "ConfigItemUsername(%s) [%s:%d]", id, file, line));
if (parserConfigTemp->username != (char *)0)
free(parserConfigTemp->username);
if ((id == (char *)0) || (*id == '\000')) {
parserConfigTemp->username = (char *)0;
return;
}
if ((parserConfigTemp->username = StrDup(id)) == (char *)0)
OutOfMem();
}
SUBST *substData = (SUBST *)0;
int
#if PROTOTYPES
SubstCallback(char c, char **s, int *i)
#else
SubstCallback(c, s, i)
char c;
char **s;
int *i;
#endif
{
int retval = 0;
if (substData == (SUBST *)0) {
if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0)
OutOfMem();
substData->callback = &SubstCallback;
substData->tokens['u'] = ISSTRING;
substData->tokens['c'] = ISSTRING;
}
if (s != (char **)0) {
CONFIG *pc;
if (substData->data == (void *)0)
return 0;
pc = (CONFIG *)(substData->data);
if (c == 'u') {
(*s) = pc->username;
retval = 1;
} else if (c == 'c') {
(*s) = pc->console;
retval = 1;
}
}
return retval;
}
void
#if PROTOTYPES
TerminalItemAttach(char *id)
#else
TerminalItemAttach(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalItemAttach(%s) [%s:%d]", id, file, line));
if (parserTermTemp->attach != (char *)0)
free(parserTermTemp->attach);
if ((id == (char *)0) || (*id == '\000')) {
parserTermTemp->attach = (char *)0;
return;
}
if ((parserTermTemp->attach = StrDup(id)) == (char *)0)
OutOfMem();
}
void
#if PROTOTYPES
TerminalItemAttachsubst(char *id)
#else
TerminalItemAttachsubst(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalItemAttachsubst(%s) [%s:%d]", id, file, line));
ProcessSubst(substData, (char **)0, &(parserTermTemp->attachsubst),
"attachsubst", id);
}
void
#if PROTOTYPES
TerminalItemDetach(char *id)
#else
TerminalItemDetach(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalItemDetach(%s) [%s:%d]", id, file, line));
if (parserTermTemp->detach != (char *)0)
free(parserTermTemp->detach);
if ((id == (char *)0) || (*id == '\000')) {
parserTermTemp->detach = (char *)0;
return;
}
if ((parserTermTemp->detach = StrDup(id)) == (char *)0)
OutOfMem();
}
void
#if PROTOTYPES
TerminalItemDetachsubst(char *id)
#else
TerminalItemDetachsubst(id)
char *id;
#endif
{
CONDDEBUG((1, "TerminalItemDetachsubst(%s) [%s:%d]", id, file, line));
ProcessSubst(substData, (char **)0, &(parserTermTemp->detachsubst),
"detachsubst", id);
}
ITEM keyConfig[] = {
{"escape", ConfigItemEscape},
{"master", ConfigItemMaster},
{"port", ConfigItemPort},
{"sslcredentials", ConfigItemSslcredentials},
{"sslrequired", ConfigItemSslrequired},
{"sslenabled", ConfigItemSslenabled},
{"striphigh", ConfigItemStriphigh},
{"username", ConfigItemUsername},
{(char *)0, (void *)0}
};
ITEM keyTerminal[] = {
{"attach", TerminalItemAttach},
{"attachsubst", TerminalItemAttachsubst},
{"detach", TerminalItemDetach},
{"detachsubst", TerminalItemDetachsubst},
{(char *)0, (void *)0}
};
SECTION sections[] = {
{"config", ConfigBegin, ConfigEnd, ConfigAbort, ConfigDestroy,
keyConfig},
{"terminal", TerminalBegin, TerminalEnd, TerminalAbort,
TerminalDestroy, keyTerminal},
{(char *)0, (void *)0, (void *)0, (void *)0, (void *)0}
};
void
#if PROTOTYPES
ReadConf(char *filename, FLAG verbose)
#else
ReadConf(filename, verbose)
char *filename;
FLAG verbose;
#endif
{
FILE *fp;
if ((FILE *)0 == (fp = fopen(filename, "r"))) {
if (verbose == FLAGTRUE)
Error("could not open `%s'", filename);
return;
}
/* initialize the substition bits */
SubstCallback('\000', (char **)0, (int *)0);
parserConfigDefault = pConfig;
pConfig = (CONFIG *)0;
parserTermDefault = pTerm;
pTerm = (TERM *)0;
ParseFile(filename, fp, 0);
/* shouldn't really happen, but in case i screw up the stuff
* ParseFile calls...
*/
if (pConfig == (CONFIG *)0) {
if ((pConfig = (CONFIG *)calloc(1, sizeof(CONFIG)))
== (CONFIG *)0)
OutOfMem();
}
if (pTerm == (TERM *)0) {
if ((pTerm = (TERM *)calloc(1, sizeof(TERM)))
== (TERM *)0)
OutOfMem();
}
if (fDebug) {
#define EMPTYSTR(x) x == (char *)0 ? "(null)" : x
#define FLAGSTR(x) x == FLAGTRUE ? "true" : (x == FLAGFALSE ? "false" : "unset")
CONDDEBUG((1, "pConfig->username = %s",
EMPTYSTR(pConfig->username)));
CONDDEBUG((1, "pConfig->master = %s", EMPTYSTR(pConfig->master)));
CONDDEBUG((1, "pConfig->port = %s", EMPTYSTR(pConfig->port)));
CONDDEBUG((1, "pConfig->escape = %s", EMPTYSTR(pConfig->escape)));
CONDDEBUG((1, "pConfig->striphigh = %s",
FLAGSTR(pConfig->striphigh)));
#if HAVE_OPENSSL
CONDDEBUG((1, "pConfig->sslcredentials = %s",
EMPTYSTR(pConfig->sslcredentials)));
CONDDEBUG((1, "pConfig->sslrequired = %s",
FLAGSTR(pConfig->sslrequired)));
CONDDEBUG((1, "pConfig->sslenabled = %s",
FLAGSTR(pConfig->sslenabled)));
#endif
CONDDEBUG((1, "pTerm->attach = %s", EMPTYSTR(pTerm->attach)));
CONDDEBUG((1, "pTerm->attachsubst = %s",
EMPTYSTR(pTerm->attachsubst)));
CONDDEBUG((1, "pTerm->detach = %s", EMPTYSTR(pTerm->detach)));
CONDDEBUG((1, "pTerm->detachsubst = %s",
EMPTYSTR(pTerm->detachsubst)));
}
fclose(fp);
}

38
console/readconf.h Normal file
View File

@ -0,0 +1,38 @@
/*
* $Id: readconf.h,v 5.3 2004/05/25 23:03:25 bryan Exp $
*
* Copyright conserver.com, 2000
*
* Maintainer/Enhancer: Bryan Stansell (bryan@conserver.com)
*/
typedef struct config {
STRING *name;
char *console;
char *username;
char *master;
char *port;
char *escape;
FLAG striphigh;
#if HAVE_OPENSSL
char *sslcredentials;
FLAG sslrequired;
FLAG sslenabled;
#endif
} CONFIG;
typedef struct term {
STRING *name;
char *attach;
char *attachsubst;
char *detach;
char *detachsubst;
} TERM;
extern CONFIG *pConfig;
extern TERM *pTerm;
extern SUBST *substData;
extern void ReadConf PARAMS((char *, FLAG));
extern void DestroyConfig PARAMS((CONFIG *));
extern void DestroyTerminal PARAMS((TERM *));

2
contrib/redhat-rpm/conserver.spec
View File

@ -4,7 +4,7 @@
#
%define pkg conserver
%define ver 8.1.3
%define ver 8.1.13
# define the name of the machine on which the main conserver
# daemon will be running if you don't want to use the default

2
contrib/solaris-package/pkginfo
View File

@ -1,7 +1,7 @@
PKG="conserver"
NAME="Console server and client"
CATEGORY="system"
VERSION="8.1.3"
VERSION="8.1.13"
DESC="Console server and client"
CLASSES=none
ARCH=sparc

19
test/dotest
View File

@ -14,6 +14,7 @@ cleanup()
[ "$i" != "conserver.log" ] && [ -f "$i" ] && rm -f "$i";
done
[ "$exitval" = 0 ] && rm -f conserver.log
[ -d 127.0.0.1 ] && sleep 1 && rm -rf 127.0.0.1
exit $exitval
}
@ -25,14 +26,14 @@ dotest()
eval "$2" > test.out 2>&1
else
echo "$1" | \
../console/console -M 127.0.0.1 -p 7777 shell > test.out 2>&1
../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 shell > test.out 2>&1
fi
if [ "$record" ]; then
echo "recorded"
mv test.out results/test$testnum
else
if [ -f results/test$testnum ]; then
if diff -i test.out results/test$testnum >test$testnum.diff 2>&1; then
if diff -i results/test$testnum >test$testnum.diff test.out 2>&1; then
echo "succeeded"
rm -f test$testnum.diff
else
@ -72,7 +73,7 @@ sleep 3
[ ! -d results ] && mkdir results
dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest 'c?c.'
dotest 'cl?c.'
dotest 'cdc.'
@ -84,14 +85,16 @@ cp test2.cf c.cf
kill -1 $pid
sleep 3
dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -u | sed -e 's/[0-9][0-9]*//g' -e 's/[ ][ ]*/ /g'"
dotest 'c?c.'
dotest 'cl?c.'
dotest 'cdc.'
dotest 'coc.'
dotest 'cocacoc.'
dotest EVAL "echo 'tu.' | ../console/console -M 127.0.0.1 -p 7777 -e 'tu' shell"
dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -P | sed -e 's/:.*//'"
dotest EVAL "../console/console -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
dotest EVAL "echo 'tu.' | ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -e 'tu' shell"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -R | sed -e 's/ [^ ]*$//'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x sh | sed -e '1s/^[^:]*//'"
dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x shell | sed -e 's/ on [^ ]* */ on /'"
cleanup

6
test/results/test10
View File

@ -1,4 +1,6 @@
console: shell is down
[`shell' -- console is down]
[Enter `^Ec?' for help]
[up -- attached]
[up]
[ok]
[up]
[disconnect]

2
test/results/test12
View File

@ -1 +1 @@
127.0.0.1
version `conserver.com version

2
test/results/test14 Normal file
View File

@ -0,0 +1,2 @@
: ambiguous console abbreviation, `sh'
choices are shellb, shella, shell

1
test/results/test15 Normal file
View File

@ -0,0 +1 @@
shell on at Local

4
test/results/test5
View File

@ -1,4 +1,4 @@
console: shell is down
[`shell' -- console is down]
[Enter `^Ec?' for help]
[up -- attached]
[up]
[disconnect]