Befator-Inc-Firmen-Netzwerk/MSYS2-packages
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
MSYS2-packages/inetutils/inetutils-2.5-1.src.patch
Christoph Reiter 9d231907e8 inetutils: Update to 2.5 
sync with cygwin
2024-01-05 11:12:40 +01:00

6970 lines
215 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

--- origsrc/inetutils-2.5/configure.ac 2023-08-01 03:32:24.000000000 +0900
+++ src/inetutils-2.5/configure.ac 2023-12-30 20:53:27.818375100 +0900
@@ -215,7 +215,8 @@ AM_CONDITIONAL([ENABLE_libls], [test "$e
# At least OpenSolaris is missing <protocols/talkd.h>.
AC_CHECK_HEADER(protocols/talkd.h, , ,
[IU_FLUSHLEFT([#include <sys/types.h>
- #include <sys/socket.h>])])
+ #include <sys/socket.h>
+ #include <protocols/osockaddr.h>])])
if test "$ac_cv_header_protocols_talkd_h" = no; then
AC_MSG_WARN([protocols/talkd.h is not available, not building talk, nor talkd])
--- origsrc/inetutils-2.5/doc/inetutils.texi 2023-01-01 09:35:18.000000000 +0900
+++ src/inetutils-2.5/doc/inetutils.texi 2023-12-30 20:53:27.843360700 +0900
@@ -27,32 +27,32 @@
@dircategory Individual utilities
@direntry
-* dnsdomainname: (inetutils)dnsdomainname invocation. Show DNS domain name.
+@c * dnsdomainname: (inetutils)dnsdomainname invocation. Show DNS domain name.
* ftp: (inetutils)ftp invocation. FTP client.
* ftpd: (inetutils)ftpd invocation. FTP Daemon.
-* hostname: (inetutils)hostname invocation. Show or set system host name.
+@c * hostname: (inetutils)hostname invocation. Show or set system host name.
* ifconfig: (inetutils)ifconfig invocation. Configure network interfaces.
* inetd: (inetutils)inetd invocation. Internet super-server.
-* logger: (inetutils)logger invocation. Send messages to the system log.
-* ping6: (inetutils)ping6 invocation. Packets to IPv6 network hosts.
-* ping: (inetutils)ping invocation. Packets to network hosts.
-* rcp: (inetutils)rcp invocation. Remote copy
-* rexec: (inetutils)rexec invocation. Remote execution client.
-* rexecd: (inetutils)rexecd invocation. Remote execution server.
-* rlogin: (inetutils)rlogin invocation. Remote login.
-* rlogind: (inetutils)rlogind invocation. Remote login server.
-* rsh: (inetutils)rsh invocation. Remote shell.
-* rshd: (inetutils)rshd invocation. Remote shell server.
+@c * logger: (inetutils)logger invocation. Send messages to the system log.
+@c * ping6: (inetutils)ping6 invocation. Packets to IPv6 network hosts.
+@c * ping: (inetutils)ping invocation. Packets to network hosts.
+@c * rcp: (inetutils)rcp invocation. Remote copy
+@c * rexec: (inetutils)rexec invocation. Remote execution client.
+@c * rexecd: (inetutils)rexecd invocation. Remote execution server.
+@c * rlogin: (inetutils)rlogin invocation. Remote login.
+@c * rlogind: (inetutils)rlogind invocation. Remote login server.
+@c * rsh: (inetutils)rsh invocation. Remote shell.
+@c * rshd: (inetutils)rshd invocation. Remote shell server.
* syslogd: (inetutils)syslogd invocation. Syslog server.
* talk: (inetutils)talk invocation. Talk client.
* talkd: (inetutils)talkd invocation. Talk server.
* telnet: (inetutils)telnet invocation. User interface to TELNET.
* telnetd: (inetutils)telnetd invocation. Telnet server.
-* tftp: (inetutils)tftp invocation. TFTP client.
-* tftpd: (inetutils)tftpd invocation. TFTP server.
-* traceroute: (inetutils)traceroute invocation. Trace the route to a host.
+@c * tftp: (inetutils)tftp invocation. TFTP client.
+@c * tftpd: (inetutils)tftpd invocation. TFTP server.
+@c * traceroute: (inetutils)traceroute invocation. Trace the route to a host.
* uucpd: (inetutils)uucpd invocation. Unix to Unix Copy.
-* whois: (inetutils)whois invocation. Whois user interface.
+@c * whois: (inetutils)whois invocation. Whois user interface.
@end direntry
@copying
@@ -95,39 +95,39 @@ Documentation License''.
* Introduction:: Caveats, overview, and authors.
* Common options:: Common options.
-Diagnostic programs
-
-* dnsdomainname invocation:: Show DNS domain name.
-* hostname invocation:: Show or set system host name.
-* ifconfig invocation:: Configure network interfaces.
-* logger invocation:: Send messages to system log.
-* ping invocation:: Packets to network hosts.
-* ping6 invocation:: Packets to IPv6 network hosts.
-* traceroute invocation:: Trace the route to a host.
-* whois invocation:: Whois user interface.
-
+@c Diagnostic programs
+@c
+@c * dnsdomainname invocation:: Show DNS domain name.
+@c * hostname invocation:: Show or set system host name.
+@c * ifconfig invocation:: Configure network interfaces.
+@c * logger invocation:: Send messages to system log.
+@c * ping invocation:: Packets to network hosts.
+@c * ping6 invocation:: Packets to IPv6 network hosts.
+@c * traceroute invocation:: Trace the route to a host.
+@c * whois invocation:: Whois user interface.
+@c
Clients
* ftp invocation:: FTP client.
-* rcp invocation:: Remote copy
-* rexec invocation:: Remote execution client.
-* rlogin invocation:: Remote login.
-* rsh invocation:: Remote shell.
+@c * rcp invocation:: Remote copy
+@c * rexec invocation:: Remote execution client.
+@c * rlogin invocation:: Remote login.
+@c * rsh invocation:: Remote shell.
* talk invocation:: Talk client.
* telnet invocation:: User interface to TELNET.
-* tftp invocation:: TFTP client.
+@c * tftp invocation:: TFTP client.
Daemons
* inetd invocation:: Internet super-server.
* syslogd invocation:: Syslog server.
* ftpd invocation:: FTP Daemon.
-* rexecd invocation:: Remote execution server.
-* rlogind invocation:: Remote login server.
-* rshd invocation:: Remote shell server.
+@c * rexecd invocation:: Remote execution server.
+@c * rlogind invocation:: Remote login server.
+@c * rshd invocation:: Remote shell server.
* talkd invocation:: Talk server.
* telnetd invocation:: Telnet server.
-* tftpd invocation:: TFTP server.
+@c * tftpd invocation:: TFTP server.
* uucpd invocation:: Unix to Unix Copy.
Appendix
@@ -228,1288 +228,1288 @@ Failure is indicated by a nonzero value
it may differ on unusual platforms, as POSIX requires only that it be
nonzero.
-@node dnsdomainname invocation
-@chapter @command{dnsdomainname}: Show DNS domain name
-@pindex dnsdomainname
-
-@command{dnsdomainname} is a program to show the domain part of the
-system's fully qualified domain name. For example, if the FQDN of the
-system is @code{name.example.org} the command will show
-@code{example.org}.
-The output is not necessarily related to the NIS/YP domain name.
-
-The tool uses gethostname to get the host name of the system and
-then getaddrinfo to resolve it into a canonical name.
-The domain part of the canonical name is shown, i.e., the part
-after the first period@tie{}(@code{.}) of the official name.
-
-@noindent
-Synopsis:
-
-@example
-dnsdomainname [@var{option}@dots{}]
-@end example
-
-@noindent
-There is no command specific option.
-
-@node hostname invocation
-@chapter @command{hostname}: Show or set system host name.
-@pindex hostname
-
-@command{hostname} is a program to show or to set the name of a
-host system.
-
-@noindent
-Synopsis:
-
-@example
-hostname [@var{option}@dots{}]
-hostname @var{name}
-@end example
-
-@noindent
-where @var{name} is the name to be used by the running host.
-
-@section Command line options
-@anchor{hostname options}
-
-@table @option
-@item -a
-@itemx --aliases
-@opindex -a
-@opindex --aliases
-Get alias names.
-
-@item -d
-@itemx --domain
-@opindex -d
-@opindex --domain
-Get DNS domain name.
-
-@item -f
-@itemx --fqdn
-@itemx --long
-@opindex -f
-@opindex --fqdn
-@opindex --long
-Get DNS host name or Fully Qualified Domain Name.
-
-@item -F @var{file}
-@itemx --file=@var{file}
-@opindex -F
-@opindex --file
-Set host name or NIS domain name from FILE.
-
-@item -i
-@itemx --ip-addresses
-@opindex -i
-@opindex --ip-addresses
-Get addresses for the host name.
-
-@item -s
-@itemx --short
-@opindex -s
-@opindex --short
-Get short host name.
-
-@item -y
-@itemx --yp
-@itemx --nis
-@opindex -y
-@opindex --yp
-@opindex --nis
-Get NIS/YP domain name.
-@end table
-
-@node ifconfig invocation
-@chapter @command{ifconfig}: Configure network interfaces
-@pindex ifconfig
-
-@command{ifconfig} is a program to retrieve and to set selected
-properties of network interfaces. It is best viewed as a tool to
-get information, rather than for changing the behaviour of adapters,
-since it is hard to support property setting in a portable manner.
-
-@noindent
-Synopsis:
-
-@example
-ifconfig @var{iface} [@var{arg}@dots{}]
-ifconfig -i @var{iface} [@var{option}@dots{}] [-i @var{iface2} [@var{option}@dots{}]]
-@end example
-
-@section Command line options
-@anchor{ifconfig options}
-
-@table @option
-@item -a
-@itemx --all
-@opindex -a
-@opindex --all
-Display all available interfaces, including those that not are
-marked as `up', i.e., also the inactive interfaces.
-
-@item -A @var{addr}
-@itemx --address=@var{addr}
-@opindex -A
-@opindex --address
-Set address of selected interface to @var{addr}.
-
-@item -b @var{addr}
-@itemx -B @var{addr}
-@itemx --brdaddr=@var{addr}
-@itemx --broadcast=@var{addr}
-@opindex -b
-@opindex -B
-@opindex --brdaddr
-@opindex --broadcast
-Set broadcast address of selected interface to @var{addr}.
-
-@item -d @var{addr}
-@itemx -p @var{addr}
-@itemx --dstaddr=@var{addr}
-@itemx --peer=@var{addr}
-@opindex -d
-@opindex -p
-@opindex --dstaddr
-@opindex --peer
-Set destination (peer) address of selected interface.
-
-@item --down
-@opindex --down
-Deactivate the selected interface.
-
-@item -F @var{list}
-@itemx --flags=@var{list}
-@opindex -F
-@opindex --flags
-Change those interface flags mentioned in @var{list}.
-The argument is a comma separated list of one ore more
-flag names to be set, or in case the name is prepended
-with @samp{no}, the corresponding flag is cleared.
-The output of @command{ifconfig} with the option @option{--help}
-contains a list of available flag names.
-
-@item --format=@var{format}
-@opindex --format
-Select output format; the value @samp{help} prints a list
-of all available formats.
-
-@item -i @var{name}
-@itemx --interface=@var{name}
-@opindex -i
-@opindex --interface
-Select the named interface for any following action.
-
-@item -l
-@itemx --list
-@opindex -l
-@opindex --list
-List, with name only, all available interfaces, or only those
-selected should at least one option @option{-i} have specified.
-
-@item -m @var{mask}
-@itemx --netmask=@var{mask}
-@opindex -m
-@opindex --netmask
-Set netmask of selected interface to @var{mask}.
-
-@item --metric=@var{n}
-@opindex --metric
-Set the metric of selected interface to the number @var{n}.
-
-@item -M @var{n}
-@itemx --mtu=@var{n}
-@opindex -M
-@opindex --mtu
-Set MTU of selected interface to the number @var{n}.
-
-@item -s
-@itemx --short
-@opindex -s
-@opindex --short
-Use short output format. This is identical to specifying
-@samp{--format=netstat}.
-
-@item --up
-@opindex --up
-Activate the selected interface.
-
-@item -v
-@itemx --verbose
-@opindex -v
-@opindex --verbose
-Print informational messages when configuring an interface.
-@end table
-
-Observe that the use of program options is the only manner
-in which @command{ifconfig} is able to handle multiple
-interfaces in one invocation. Once a particular interface
-has been selected using @option{-i}, it is affected by any
-following option until replaced by another interface selector.
-This is also the main cause, that @command{ifconfig} is
-unable to treat options independently of their order, as is
-mostly the case in other GNU software.
-
-@section Formatted status output
-@anchor{ifconfig formats}
-
-The status of one or more interfaces can be presented in a number
-of different formats. A list of them is printed by the option
-@option{--format=help}. In the following table the valid formats
-are given, each is used in the form @option{--format=@var{name}}.
-
-@table @asis
-@item check
-@itemx check-existence
-@itemx ?
-Place holders for the ability to check whether the interfaces
-selected by one or more options @option{-i} are determining
-existing interfaces in the running system. No output in case
-of success, an error message in case of a failure.
-
-@item gnu
-@itemx default
-Standard GNU output format.
-
-@item gnu-one-entry
-Like the previous format, but with intermediary newlines removed.
-
-@item help
-Display a list of valid formats, together with a short description
-for each choice.
-
-@item net-tools
-Imitation of presentation used by the implementation in @samp{net-tools}.
-Default format for GNU/Linux.
-
-@item netstat
-Terse output with statistics, similar to that of @code{netstat -i}.
-
-@item osf
-Format variant of @samp{unix} preferred by OSF's implementation.
-
-@item unix
-Traditional UNIX type format. Default for BSD, HPUX and Solaris.
-@end table
-
-@section Legacy syntax
-@anchor{ifconfig legacy syntax}
-
-The traditional mode of invoking @command{ifconfig} is via
-a parsed command line, without all use of program switches
-and options, relying fully on argument parsing. This mode
-of use is supported also in the present implementation,
-but keep in mind that only one interface can be manipulated
-using this legacy syntax.
-
-@example
-ifconfig NAME [ADDR [DSTADDR]] [broadcast BRDADDR] [netmask MASK]
- [metric N] [mtu N] [up|down]
-@end example
-
-As is conventional, only the primary address and possibly the
-peer destination address are stated as bare arguments, without
-a specifying keyword.
-Some slight variation on this syntax will depend on the target
-system for which the program is being built, as not all platforms
-support identical abilities.
-The best information is found via the usage massage
-@samp{ifconfig --usage}.
-
-@node logger invocation
-@chapter @command{logger}: Send messages to system log
-@pindex logger
-
-@command{logger} is a program to send entries to system log. It
-provides a shell command interface similar to the system log module.
-For background information,
-@pxref{Syslog, , Syslog, libc, The GNU C Library Reference Manual}.
-
-@noindent
-Synopsis:
-
-@example
-logger [@var{option}@dots{}] [@var{message}]
-@end example
-
-@section Command line options
-@anchor{logger options}
-
-@table @option
-@item -4
-@itemx --ipv4
-@opindex -4
-@opindex --ipv4
-Use IPv4 as transport when logging to a host. The default behaviour
-is to use whatever IP version that matches the host.
-
-@item -6
-@itemx --ipv6
-@opindex -6
-@opindex --ipv6
-Use IPv6 as transport when logging to a host. The option is present
-also on systems without support for IPv6, but will then issue a warning
-and then fall back to IPv4 when delivering the message.
-
-Both options are most influencial when the target host is named using
-a symbolic name, but numerical addresses for host or source must also
-match if either of @option{--ipv4} or @option{--ipv6} is stated.
-
-@item -f @var{file}
-@itemx --file=@var{file}
-@opindex -f
-@opindex --file
-Log the content of the specified file. If @var{file} is @samp{-} then
-standard input is assumed.
-
-@item -h @var{host}
-@itemx --host=@var{host}
-@opindex -h
-@opindex --host
-Send messages to the given host or socket. The @var{host} argument
-can be either a local UNIX socket name (containing a slash @samp{/}),
-or be of the form
-
-@example
-@var{host}[:@var{port}]
-@end example
-
-@noindent
-where @var{host} is the remote host name or IP address, and the
-optional @var{port} is a decimal port number or symbolic service
-name from @file{/etc/services}. If @var{port} is not specified,
-the port number corresponding to the @samp{syslog} service is used.
-If a numerical IPv6 address is given without a port specification,
-then the address must be enclosed within brackets (like [::1]).
-
-@item -i[@var{pid}]
-@itemx --id=[@var{pid}]
-@opindex -i
-@opindex --id
-Add process ID to each message. If @var{pid} is not supplied, use the
-process ID of the logger process with each line. Notice, that
-@var{pid} is an optional argument. When supplied to the @option{-i}
-option, it must follow the @samp{i} letter immediately, without any
-separating whitespace. When supplied to the @option{--id} form, it
-must be separated from it by exactly one equals sign.
-
-@item -p @var{priority}
-@itemx --priority=@var{priority}
-@opindex -p
-@opindex --priority
-Enter the message with the specified priority. The priority may be
-specified numerically or as a @samp{facility.level} pair. For
-example, @option{-p local3.info} logs the message at the informational
-level in the @samp{local3} facility. The default is
-@samp{user.notice}.
-
-The actual list of supported facilities and levels is system specific.
-
-@item -s
-@itemx --stderr
-@opindex -s
-@opindex --stderr
-Log the message to standard error, as well as to the system log.
-
-@item -S @var{addr}
-@itemx --source=@var{addr}
-@opindex -S
-@opindex --source
-Supply the source IP address for INET connections. This option is
-useful in conjunction with @option{--host} (see above). The kind of
-address specified here (IPv4 or IPv6) will propagate to influence
-the resolution of the host address, if it is a symbolic name.
-
-@item -t @var{tag}
-@itemx --tag=@var{tag}
-@opindex -t
-@opindex --tag
-Mark every line in the log with the specified tag.
-
-@item -u @var{socket}
-@itemx --unix=@var{socket}
-@opindex -h
-@opindex --host
-Send messages to the given local UNIX socket. The @var{socket} argument
-can be either an absolute path (starting with a slash @samp{/}), or a relative
-path understood relative to the current working directory.
-@end table
-
-The options are followed by the message which should be written to the
-log. If not specified, and the @option{-f} flag is not provided,
-standard input is logged.
-
-@section Examples
-@anchor{logger examples}
-
-The following examples illustrate the usage of the @command{logger}
-command:
-
-@enumerate 1
-@item Log the message @samp{System rebooted} to the local syslog.
-Use default facility and priority:
-
-@example
-logger System rebooted
-@end example
-
-@item Run command and send its error output to the channel
-@samp{local0.err}. Mark each message with tag @samp{cmd}:
-
-@example
-command 2>&1 | logger -p local0.err -t cmd
-@end example
-
-@item Log each line from file @file{warnings} to channel
-@samp{daemon.warn} on host @samp{logger.runasimi.org},
-using the source IP @samp{10.10.10.1}:
-
-@example
-logger -p daemon.warn -h logger.runasimi.org -S 10.10.10.1 \
-@verb{| |}--file warnings
-@end example
-@end enumerate
-
-@node ping invocation
-@chapter @command{ping}: Packets to network hosts
-@pindex ping
-
-@c FIXME: The text is far to detailed about the actual implementation
-@c of ping. A user doesn't need to know that we are using TIMEVAL, or
-@c how things are padded.
-
-@command{ping} uses ICMP datagrams to provoke a response
-from the chosen destination host, mainly intending to probe
-whether it is alive.
-
-The used datagram, of type @code{ECHO_REQUEST}, contains some header
-information and some additional payload, usually a time stamp.
-By a suitable choice of payload, different host or router properties
-are detectable, as the emitted datagram travels to its destination.
-
-@ignore %* Too detailed for end user.
-@command{ping} uses the ICMP protocol's mandatory
-@code{ECHO_REQUEST} datagram to elicit an ICMP type @code{ECHO_REPLY}
-packet from a host or gateway.
-@code{ECHO_REQUEST} datagrams (@dfn{pings}) have an IP and
-an ICMP header, followed by a @dfn{struct timeval} and then
-an arbitrary number of @dfn{padding} bytes used to fill out the packet.
-@end ignore
-
-@noindent
-Synopsis:
-
-@example
-ping [@var{option}@dots{}] @var{host}
-@end example
-
-@noindent
-Sending echo requests is the standard use of @command{ping},
-but by far not the only use case.
-
-@menu
-* Ping options::
-* Fault isolation::
-* Duplicate and damaged packets::
-* Data patterns::
-* TTL details::
-* Further remarks::
-@end menu
-
-@node Ping options
-@section Command line options
-@anchor{ping options}
-
-@c Options controlling ICMP request types:
-@c --address Send ICMP_ADDRESS packets (root only)
-@c --echo Send ICMP_ECHO packets (default)
-@c --mask Same as --address
-@c --timestamp Send ICMP_TIMESTAMP packets
-@c -t, --type=TYPE Send TYPE packets
-
-Selection of packet type is handled by these first options:
-
-@table @option
-@item --address
-@opindex --address
-Send ICMP_ADDRESS packets, thus requesting the address netmask
-in use by the targetted host.
-
-@item --echo
-@opindex --echo
-Send ICMP_ECHO requests.
-This is the default action.
-
-@item --mask
-@opindex --mask
-Identical to @option{--address}.
-
-@item --timestamp
-@opindex --timestamp
-Send ICMP_TIMESTAMP packets, thereby requesting a timed response
-from the targetted host.
-
-In successful cases three time values are returned.
-All are expected to state the number of milliseconds since
-midnight@tie{}UTC.
-The first of these, @samp{icmp_otime}, contains the original
-time of sending the request.
-Then comes @samp{icmp_rtime}, the time of reception by the target,
-and finally, @samp{icmp_ttime}, the time of transmitting an answer
-back to the originator.
-
-@item -t @var{type}
-@itemx --type=@var{type}
-@opindex --type
-@opindex -t
-Send @var{type} packets. Accepted values are @samp{address},
-@samp{echo}, @samp{mask}, and @samp{timestamp}.
-@end table
-
-@c Options valid for all request types:
-@c -c, --count=NUMBER Stop after sending NUMBER packets
-@c -d, --debug Set the SO_DEBUG option
-@c -i, --interval=NUMBER Wait NUMBER seconds between sending each packet
-@c -n, --numeric Do not resolve host addresses
-@c -r, --ignore-routing Send directly to a host on an attached network
-@c -T, --tos=NUM Set type-of-service to NUM
-@c --ttl=NUMBER Set specified time-to-live on packet
-
-@noindent
-The following options are available for all packet types:
-
-@table @option
-@item -c @var{n}
-@itemx --count=@var{n}
-@opindex -c
-@opindex --count
-Stop after sending and receiving answers to a total of
-@var{n} packets.
-
-@item -d
-@itemx --debug
-@opindex -d
-@opindex --debug
-Set the SO_DEBUG option on the socket being used.
-
-@item -i @var{n}
-@itemx --interval=@var{n}
-@opindex -i
-@opindex --interval
-Wait @var{n} seconds until sending next packet.
-The default is to wait for one second between packets.
-This option is incompatible with the option @option{-f}.
-
-@item -n
-@itemx --numeric
-@opindex -n
-@opindex --numeric
-Numeric output only. No attempt will be made to resolve
-symbolic names for host addresses.
-
-@item -r
-@itemx --ignore-routing
-@opindex -r
-@opindex --ignore-routing-log
-Bypass the normal routing tables and send directly to a host on an
-attached network. If the host is not on a directly attached network,
-an error is returned. This option can be used to ping a local host
-through an interface that has no route through it (e.g., after the
-interface was dropped by @command{routed}).
-
-@item -T @var{num}
-@itemx --tos=@var{num}
-@opindex -T
-@opindex --tos
-Set type-of-service, TOS field, to @var{num} on
-transmitted packets.
-
-@item --ttl=@var{n}
-@opindex --ttl
-Set the specified number @var{n} as value of time-to-live when
-transmitting packets. Acceptable values are 1 to 255, inclusive.
-
-@item -v
-@itemx --verbose
-@opindex -v
-@opindex --verbose
-Produce more verbose output, giving more statistics.
-
-@item -w @var{n}
-@itemx --timeout=@var{n}
-@opindex -w
-@opindex --timeout
-Stop after @var{n} seconds.
-
-@item -W @var{n}
-@itemx --linger=@var{n}
-@opindex -W
-@opindex --linger
-Maximum number of seconds @var{n} to wait for a response.
-@end table
-
-@c Options valid for --echo requests:
-@c -f, --flood Flood ping (root only)
-@c --ip-timestamp=FLAG Timestamp IP option of types tsonly,
-@c tsaddr, or (not yet implemented) prespec.
-@c -l, --preload=NUMBER Send NUMBER packets as fast as possible before
-@c falling into normal mode of behavior (root only)
-@c -p, --pattern=PATTERN Fill ICMP packet with given pattern (hex)
-@c -q, --quiet no packet message
-@c -R, --route Record route IP option
-@c -s, --size=NUMBER Send NUMBER data octets
-
-Finally, these last options are relevant only for sending echo requests,
-allowing many variations in order to detect various peculiarities of
-the targeted host, or the intermediary routers for that matter.
-
-@table @option
-@item -f
-@itemx --flood
-@opindex -f
-@opindex --flood
-Flood ping. Outputs packets as fast as they come back or one hundred
-times per second, whichever is more. For every ECHO_REQUEST packet
-sent, a period @samp{.} is printed, while for every ECHO_REPLY
-received in reply, a backspace is printed.
-This provides a rapid display of how many packets are being dropped.
-Only the super-user may use this option.
-This can be very hard on a network and should be used with caution.
-
-@item --ip-timestamp=@var{flag}
-@opindex --ip-timestamp
-Include IP option Timestamp in transmitted packets.
-The value @var{flag} is either @samp{tsonly}, which only records up
-to nine time stamps, or @samp{tsaddr}, which records IP
-addresses as well as time stamps, but for at most four hosts.
-
-@item -l @var{n}
-@itemx --preload=@var{n}
-@opindex -l
-@opindex --preload
-If @var{n} is specified, ping sends that many packets as fast as
-possible before falling into its normal mode of operation.
-
-@item -p @var{pat}
-@itemx --pattern=@var{pat}
-@opindex -p
-@opindex --pattern
-You may specify up to 16 pad bytes to fill out the packet you send.
-This is useful for diagnosing data-dependent problems in a network.
-For example, @option{-p ff} will cause the sent packet to be filled
-with all ones.
-
-@item -q
-@itemx --quiet
-@opindex -q
-@opindex --quiet
-Do not print timing for each transmitted packet.
-@item -R
-@itemx --route
-@opindex -R
-@opindex --route
-Record route. Includes the @code{RECORD_ROUTE} field in the
-ECHO_REQUEST packet and displays the route buffer on returned packets.
-Note that the IP header is only large enough for nine
-such routes.
-Many hosts ignore or discard this option.
-
-@item -s @var{n}
-@itemx --size=@var{n}
-@opindex -s
-@opindex --size
-Specifies the number of data bytes to be sent. The default is 56,
-which translates into 64@tie{}ICMP data bytes, taking
-the 8@tie{}bytes of ICMP header data into account.
-@end table
-
-@node Fault isolation
-@section Using ping for network fault isolation
-
-When using @command{ping} for fault isolation, it should first be run
-on the local host, to verify that the local network interface is up
-and running. Then, hosts and gateways further and further away should
-be pinged. Round-trip times and packet loss statistics are computed.
-If duplicate packets are received, they are not included in the packet
-loss calculation, although the round trip time of these packets is
-used in calculating the minimum/average/maximum round-trip time
-numbers. When the specified number of packets have been sent (and
-received) or if the program is terminated with a @samp{SIGINT}, a
-brief summary is displayed.
-
-This program is intended for use in network testing, measurement and
-management. Because of the load it can impose on the network, it is
-unwise to use ping during normal operations or from automated scripts.
-
-@ignore
-@section ICMP Packet Details
-
-An IP header without options consists of 20 bytes.
-An ICMP type ECHO_REQUEST packet contains an additional
-8 bytes worth of ICMP header followed by an arbitrary
-amount of data.
-When a packet size is stated, that indicates
-the size of the extra piece of data (the default is 56).
-Thus the amount of data received as an IP packet
-with an ICMP type ECHO_REPLY, will always be 8 bytes larger
-than the requested data space (the ICMP header).
-
-If the data space is at least eight bytes large, ping uses the first
-eight bytes of this space to include a timestamp which it uses in the
-computation of round trip times. If less than eight bytes of pad are
-specified, no round trip times are given.
-@end ignore
-
-@node Duplicate and damaged packets
-@section Duplicate and damaged packets
-
-Ping will report duplicate and damaged packets. Duplicate packets
-should never occur, and seem to be caused by inappropriate link-level
-retransmissions. Duplicates may occur in many situations and are
-rarely (if ever) a good sign, although the presence of low levels of
-duplicates may not always be cause for alarm.
-
-Damaged packets are obviously serious cause for alarm and often
-indicate broken hardware somewhere in the ping packet's path (in the
-network or in the hosts).
-
-@node Data patterns
-@section Trying different data patterns
-
-The (inter)network layer should never treat packets differently
-depending on the data contained in the data portion. Unfortunately,
-data-dependent problems have been known to sneak into networks and
-remain undetected for long periods of time. In many cases the
-particular pattern that will have problems is something that doesn't
-have sufficient ``transitions'', such as all ones or all zeros, or a
-pattern right at the edge, such as almost all zeros. It isn't
-necessarily enough to specify a data pattern of all zeros (for
-example) on the command line because the pattern that is of interest
-is at the data link level, and the relationship between what you type
-and what the controllers transmit can be complicated.
-
-This means that if you have a data-dependent problem you will probably
-have to do a lot of testing to find it. If you are lucky, you may
-manage to find a file that either can't be sent across your network or
-that takes much longer to transfer than other similar length files.
-You can then examine this file for repeated patterns that you can test
-using the @option{-p} option of ping.
-
-@node TTL details
-@section TTL details
-
-The TTL field, @dfn{Time To Live}, of an IP
-packet represents the maximum number of IP routers
-that the packet can go through before being discarded.
-In current practice you can expect each router on the
-Internet to decrement the TTL field by exactly one.
-
-The TCP/IP specification states that the TTL field
-of a new TCP packet should be set to 60,
-but many systems use smaller values (4.3BSD used 30
-and 4.2BSD used 15).
-
-The maximum possible value of this field is 255, and most UNIX systems
-set the TTL field of ICMP (type @code{ECHO_REQUEST})
-packets to 255. This is why you will find you can ping some hosts,
-but not reach them with @command{telnet} or @command{ftp}.
-
-During normal operation, @command{ping} prints the TTL value
-for every packet it receives.
-When a remote system receives an ICMP packet,
-it can do one of three things to the TTL field
-in its response packet:
-
-@itemize @bullet
-@item
-Not to change it. This is what Berkeley UNIX systems did before the
-4.3BSD-Tahoe release. In this case the TTL value in the
-received packet will be 255 minus the number of routers in the
-round-trip path.
-
-@item
-Set it to 255. This is what current Berkeley UNIX systems do. In this
-case the TTL value in the received packet will be 255 minus the
-number of routers in the path from the remote system to the pinging
-host.
-
-@item
-Set it to some other value. Some machines use the same value for
-ICMP packets that they use for TCP packets,
-for example either 30 or 60.
-Others may use completely arbitrary values.
-
-@end itemize
-
-@node Further remarks
-@section Further observations
-Many hosts and gateways ignore the @code{RECORD_ROUTE} field, since
-the maximum IP header length is far to small to hold all
-the routes.
-There is not much that can be done about this.
-
-Flood pinging is not recommended in general, and flood pinging the
-broadcast address should only be done under very controlled
-conditions.
-
-Some BSD variants offer a kernel setting to inhibit all replies
-to ICMP_MASKREQ packets, but in general, Unices are designed either
-to answer the request with a valid netmask, or to drop the request,
-causing @command{ping} to wait for a timeout condition.
-
-@node ping6 invocation
-@chapter @command{ping6}: Packets to IPv6 network hosts
-@pindex ping6
-
-@command{ping6} uses ICMPv6 datagrams to get a response
-from the chosen destination host.
-The most common use is to probe whether the remote
-system is responsive.
-Observe that this program only uses IPv6 datagrams.
-
-Each datagram, of type @code{ECHO_REQUEST}, carries some header
-information and some additional payload, usually a time stamp.
-Making a suitable choice of payload, it is possible to probe
-different host or router properties on the way as the emitted
-datagram travels to its destination.
-
-@noindent
-Synopsis:
-
-@example
-ping6 [@var{option}@dots{}] @var{host}
-@end example
-
-@noindent
-Sending simple, timed echo requests is the standard use
-of @command{ping6}, but is by far not the only use case.
-
-This command is a close parallel to @command{ping},
-except that it handles IPv6 and is thus not able
-to handle peculiarities of IPv4.
-
-@section Command line options
-@anchor{ping6 options}
-
-@table @option
-@item -c @var{n}
-@itemx --count=@var{n}
-@opindex -c
-@opindex --count
-Stop after sending and receiving answers to a total of
-@var{n} packets.
-
-@item -d
-@itemx --debug
-@opindex -d
-@opindex --debug
-Set the SO_DEBUG option on the socket being used.
-
-@item -f
-@itemx --flood
-@opindex -f
-@opindex --flood
-Flood ping.
-Outputs packets as fast as they come back,
-or one hundred times per second, whichever is more.
-For every ECHO_REQUEST packet sent, a period @samp{.} is printed,
-while for every ECHO_REPLY received in reply, a backspace is printed.
-
-This provides a rapid display of how many packets are being dropped.
-Only the super-user may use this option.
-This mode can be very hard on a network.
-It should be used with caution!
-
-@item --hoplimit=@var{n}
-@opindex --hoplimit
-Limit maximal distance to @var{n}.
-Acceptable values are 1 to 255, inclusive.
-
-@item -i @var{n}
-@itemx --interval=@var{n}
-@opindex -i
-@opindex --interval
-Wait @var{n} seconds until sending next packet.
-The default is to wait for one second between packets.
-This option is incompatible with the option @option{-f}.
-
-@item -l @var{n}
-@itemx --preload=@var{n}
-@opindex -l
-@opindex --preload
-Sends @var{n} packets as fast as possible before falling
-back to the normal mode of operation.
-
-@item -n
-@itemx --numeric
-@opindex -n
-@opindex --numeric
-Numeric output only.
-No attempt will be made to resolve symbolic names for host addresses.
-
-@item -p @var{pattern}
-@itemx --pattern=@var{pattern}
-@opindex -p
-@opindex --pattern
-Up to 16 hexadecimal pad bytes are given as @var{pattern}.
-These are use for filling out the packets you send.
-This option is useful for diagnosing data-dependent problems
-within a network.
-As an example, @option{-p ff} will cause the sent packets
-to have payloads with every bit set to one.
-
-@item -q
-@itemx --quiet
-@opindex -q
-@opindex --quiet
-Do not print timing result of each transmitted packet.
-
-@item -r
-@itemx --ignore-routing
-@opindex -r
-@opindex --ignore-routing-log
-Bypass the normal routing tables and send directly
-to a host on an attached network.
-If the host is not on a directly attached network,
-an error is returned.
-This option can be used to ping a local host
-through an interface, for which there is no
-assigned route, such as when the interface
-was dropped by @command{routed}.
-
-@item -s @var{n}
-@itemx --size=@var{n}
-@opindex -s
-@opindex --size
-Specifies the number of data bytes to be sent. The default is 56,
-which translates into 64@tie{}ICMP data bytes, taking
-the 8@tie{}bytes of ICMP header data into account.
-
-@item -T @var{num}
-@itemx --tos=@var{num}
-@opindex -T
-@opindex --tos
-Set the traffic class to @var{num} on transmitted packets.
-
-@item --ttl=@var{n}
-@opindex --ttl
-Synonym for @option{--hoplimit}.
-
-@item -v
-@itemx --verbose
-@opindex -v
-@opindex --verbose
-Produce more verbose output, giving more statistics.
-
-@item -w @var{n}
-@itemx --timeout=@var{n}
-@opindex -w
-@opindex --timeout
-Stop after @var{n} seconds.
-@end table
-
-The documentation of @command{ping} provides several
-pieces of information, and discussions, relevant to
-the use of @command{ping6}.
-Keep in mind, though, that the differing address family
-causes some discrepancy.
-@xref{ping invocation}.
-
-@node traceroute invocation
-@chapter @command{traceroute}: Trace the route to a host
-@pindex traceroute
-
-@command{traceroute} prints a trace of the route
-IP@tie{}packets are travelling to a remote host.
-
-@noindent
-Synopsis:
-
-@example
-traceroute [@var{option}@dots{}] @var{host}
-@end example
-
-@section Command line options
-@anchor{traceroute options}
-
-@table @option
-@item -f @var{num}
-@itemx --first-hop=@var{num}
-@opindex -f
-@opindex --first-hop
-Set the initial hop distance to @var{num}, instead of the default 1.
-This immediately allows probing packets to sense routing
-properties closer to the target host, skipping routers close
-to the local host. Quicker analysis of problems known to lie
-at some routing distance is the outcome.
-
-@item -g @var{gates}
-@itemx --gateways=@var{gates}
-@opindex -g
-@opindex --gateways
-Set intermediary hosts used in loose source routing.
-The argument @var{gates} is a list of gateways,
-using spaces, commata, or semicola as separators.
-These hosts must be traversed in the given order
-before the intended host receives any datagram.
-At most eight host names or addresses may be specified.
-Multiple uses of @option{-g} produce a concatenated list.
-
-@item -I
-@itemx --icmp
-@opindex -I
-@opindex --icmp
-Use ICMP ECHO datagrams for probing the remote host.
-
-@item -m @var{num}
-@itemx --max-hop=@var{num}
-@opindex -m
-@opindex --max-hop
-Set the maximum time-to-live allowed for probing.
-In other words, stop probing when the hop distance
-is in excess of @var{num}.
-The default limit is 64.
-
-@item -M @var{method}
-@itemx --type=@var{method}
-@opindex -M
-@opindex --type
-Use @var{method} as carrier packets for traceroute operations.
-Supported choices are @samp{icmp} and @samp{udp}, where @samp{udp}
-is the default type.
-
-@item -p @var{port}
-@itemx --port=@var{port}
-@opindex -p
-@opindex --port
-Set destination port of target to @var{port}.
-The default value is 33434.
-
-@item -q @var{num}
-@itemx --tries=@var{num}
-@opindex -q
-@opindex --tries
-Send a total of @var{num} probe packets per hop, defaulting to 3.
-
-@item --resolve-hostnames
-@opindex --resolve-hostnames
-Attempt to resolve all addresses as hostnames.
-
-@item -t @var{num}
-@itemx --tos=@var{num}
-@opindex -t
-@opindex --tos
-Set type-of-service, TOS field, to @var{num} on
-transmitted packets.
-
-@item -w @var{num}
-@itemx --wait=@var{num}
-@opindex -w
-@opindex --wait
-Set timeout in seconds, within which a returning response
-packet is accepted as such.
-Default waiting time is three seconds.
-@end table
-
-@section Diagnostic tokens
-@anchor{traceroute printing}
-
-During execution, @command{traceroute} sends three datagrams
-for each value for the TTL field, printing a diagnostic line
-of output for these. The TTL field is then steadily increased
-until the intended host responds, or some intermediary gateway
-returns a datagram to the effect that the target cannot be
-reached due to one reason or another.
-
-Each line of output displays a sequence number, followed by
-diagnostic annotation. Any responding host has its address
-printed without repetition, together with a measured timing.
-In case there is no response within a time period of three seconds,
-an asterisque @samp{*} is printed.
-
-When an intermediate router responds with an exceptional state,
-the time elapsed since emitting the original datagram is printed,
-followed by an additional short hand hint of the reason:
-
-@table @samp
-@item !F
-Fragmentation needed by gateway.
-
-@item !H
-Host not reachable from gateway.
-
-@item !N
-Network not reachable from gateway.
-
-@item !P
-Protocol not usable at host, or within network.
-
-@item !S
-Source routing failed at gateway.
-
-@item !T
-Host or network not reachable for stated type of service, TOS.
-
-@item !U
-Isolated host, not reachable.
-
-@item !X
-Forbidden by remote administration.
-@end table
-
-@node whois invocation
-@chapter @command{whois}: User interface to WHOIS data bases.
-@pindex whois
-
-The functionality of a world wide Internet is dependent on
-stored node information of different kinds.
-Registrars keep much relevant material in WHOIS data bases.
-This utility @command{whois} is able to query those sources
-for general and for particular properties of most domains.
-
-For many domains there are names of suitable data base servers
-hard coded into @command{whois}, ready to query for domain
-relevant information.
-Since servers' names do change from time to time,
-this utility might occasionally need some guidance using
-a suitable command line option.
-
-@noindent
-Synopsis:
-
-@example
-whois [@var{OPTION}@dots{}] @var{OBJECT}@dots{}
-@end example
-
-@section Command line options
-@anchor{whois options}
-
-@table @option
-@item -a
-@opindex -a
-Search all data bases.
-
-@item -F
-@opindex -F
-Fast and raw output. Implies @option{-r}.
-
-@item -g @var{source}:@var{first}-@var{last}
-@opindex -g
-Find updates for an object from provider @var{source},
-starting from the version with serial key @var{first},
-and ending with serial key @var{last}.
-
-@item -h @var{host}
-@itemx --server=@var{host}
-@opindex -h
-@opindex --server
-Connect to server @var{host}.
-
-@item -H
-@opindex -H
-Hide legal disclaimers.
-
-@item -i @var{attr}[,@var{attr2}@dots{}]
-@opindex -i
-Do an inverse lookup for specified attributes.
-Use a comma separated list for multiple attributes.
-
-@item -l
-@opindex -l
-One level less specific lookup.
-Applies to RPSL only.
-
-@item -L
-@opindex -L
-Find all less specific matches.
-
-@item -m
-@opindex -m
-Find more specific matches, one level deeper.
-
-@item -M
-@opindex -M
-Find all more specific matches.
-
-@item -p @var{port}
-@opindex -p
-Connect to server port @var{port}.
-
-@item -q @{version|sources@}
-@opindex -q
-Query specified server info.
-Applies to RPSL only.
-
-@item -r
-@opindex -r
-Turn off recursive lookups.
-
-@item -R
-@opindex -R
-Force output to show local copy of the domain object,
-even if it contains a referral.
-
-@item -s @var{source}[,@var{source2}@dots{}]
-@opindex -s
-Search the data base at @var{source}.
-A comma separated list queries multiple providers.
-
-@item -S
-@opindex -S
-Tell server to refrain from syntactic sugar.
-
-@item -t @var{type}
-@opindex -t
-Request a template for objects of type @var{type}.
-Use the value @samp{all} for a list of possible types.
-
-@item -T @var{type}[,@var{type2}@dots{}]
-@opindex -T
-Search only for objects of type @var{type}.
-A comma separated list allows for multiple types.
-
-@item -V
-@itemx --verbose
-@opindex -V
-@opindex --verbose
-Verbosely explain all actions taken.
-
-@item -x
-@opindex -x
-Search only for exact matches.
-Applicable only to RPSL.
-@end table
-
-@section Environment variables
-@anchor{whois environment}
-
-@command{whois} holds an internal list of information servers
-and their assigned data bases.
-Queries are examined against this list to select the most
-plausible server, but the hint can always be overruled on
-the command line by use of the option @option{-h}.
-If neither of these have a say, then the default server to ask
-is @samp{whois.internic.net}, but this name is in turn overruled
-by a server name in the environment variable @env{WHOIS_SERVER}.
-
-@table @env
-@item LANG
-When the server @samp{whois.nic.ad.jp} is queried, and only then,
-any non-Japanese locale in @env{LANG} will ask the server to reply
-with English text, not Japanese.
-
-@item WHOIS_HIDE
-When set, the effect on @command{whois} is as if the
-option @option{-H} had been given.
-
-@item WHOIS_SERVER
-Data base server to query when internal hinting is inconclusive.
-When unset, @samp{whois.internic.net} is used as default server.
-
-@end table
-
+@c @node dnsdomainname invocation
+@c @chapter @command{dnsdomainname}: Show DNS domain name
+@c @pindex dnsdomainname
+@c
+@c @command{dnsdomainname} is a program to show the domain part of the
+@c system's fully qualified domain name. For example, if the FQDN of the
+@c system is @code{name.example.org} the command will show
+@c @code{example.org}.
+@c The output is not necessarily related to the NIS/YP domain name.
+@c
+@c The tool uses gethostname to get the host name of the system and
+@c then getaddrinfo to resolve it into a canonical name.
+@c The domain part of the canonical name is shown, i.e., the part
+@c after the first period@tie{}(@code{.}) of the official name.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c dnsdomainname [@var{option}@dots{}]
+@c @end example
+@c
+@c @noindent
+@c There is no command specific option.
+@c
+@c @node hostname invocation
+@c @chapter @command{hostname}: Show or set system host name.
+@c @pindex hostname
+@c
+@c @command{hostname} is a program to show or to set the name of a
+@c host system.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c hostname [@var{option}@dots{}]
+@c hostname @var{name}
+@c @end example
+@c
+@c @noindent
+@c where @var{name} is the name to be used by the running host.
+@c
+@c @section Command line options
+@c @anchor{hostname options}
+@c
+@c @table @option
+@c @item -a
+@c @itemx --aliases
+@c @opindex -a
+@c @opindex --aliases
+@c Get alias names.
+@c
+@c @item -d
+@c @itemx --domain
+@c @opindex -d
+@c @opindex --domain
+@c Get DNS domain name.
+@c
+@c @item -f
+@c @itemx --fqdn
+@c @itemx --long
+@c @opindex -f
+@c @opindex --fqdn
+@c @opindex --long
+@c Get DNS host name or Fully Qualified Domain Name.
+@c
+@c @item -F @var{file}
+@c @itemx --file=@var{file}
+@c @opindex -F
+@c @opindex --file
+@c Set host name or NIS domain name from FILE.
+@c
+@c @item -i
+@c @itemx --ip-addresses
+@c @opindex -i
+@c @opindex --ip-addresses
+@c Get addresses for the host name.
+@c
+@c @item -s
+@c @itemx --short
+@c @opindex -s
+@c @opindex --short
+@c Get short host name.
+@c
+@c @item -y
+@c @itemx --yp
+@c @itemx --nis
+@c @opindex -y
+@c @opindex --yp
+@c @opindex --nis
+@c Get NIS/YP domain name.
+@c @end table
+@c
+@c @node ifconfig invocation
+@c @chapter @command{ifconfig}: Configure network interfaces
+@c @pindex ifconfig
+@c
+@c @command{ifconfig} is a program to retrieve and to set selected
+@c properties of network interfaces. It is best viewed as a tool to
+@c get information, rather than for changing the behaviour of adapters,
+@c since it is hard to support property setting in a portable manner.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c ifconfig @var{iface} [@var{arg}@dots{}]
+@c ifconfig -i @var{iface} [@var{option}@dots{}] [-i @var{iface2} [@var{option}@dots{}]]
+@c @end example
+@c
+@c @section Command line options
+@c @anchor{ifconfig options}
+@c
+@c @table @option
+@c @item -a
+@c @itemx --all
+@c @opindex -a
+@c @opindex --all
+@c Display all available interfaces, including those that not are
+@c marked as `up', i.e., also the inactive interfaces.
+@c
+@c @item -A @var{addr}
+@c @itemx --address=@var{addr}
+@c @opindex -A
+@c @opindex --address
+@c Set address of selected interface to @var{addr}.
+@c
+@c @item -b @var{addr}
+@c @itemx -B @var{addr}
+@c @itemx --brdaddr=@var{addr}
+@c @itemx --broadcast=@var{addr}
+@c @opindex -b
+@c @opindex -B
+@c @opindex --brdaddr
+@c @opindex --broadcast
+@c Set broadcast address of selected interface to @var{addr}.
+@c
+@c @item -d @var{addr}
+@c @itemx -p @var{addr}
+@c @itemx --dstaddr=@var{addr}
+@c @itemx --peer=@var{addr}
+@c @opindex -d
+@c @opindex -p
+@c @opindex --dstaddr
+@c @opindex --peer
+@c Set destination (peer) address of selected interface.
+@c
+@c @item --down
+@c @opindex --down
+@c Deactivate the selected interface.
+@c
+@c @item -F @var{list}
+@c @itemx --flags=@var{list}
+@c @opindex -F
+@c @opindex --flags
+@c Change those interface flags mentioned in @var{list}.
+@c The argument is a comma separated list of one ore more
+@c flag names to be set, or in case the name is prepended
+@c with @samp{no}, the corresponding flag is cleared.
+@c The output of @command{ifconfig} with the option @option{--help}
+@c contains a list of available flag names.
+@c
+@c @item --format=@var{format}
+@c @opindex --format
+@c Select output format; the value @samp{help} prints a list
+@c of all available formats.
+@c
+@c @item -i @var{name}
+@c @itemx --interface=@var{name}
+@c @opindex -i
+@c @opindex --interface
+@c Select the named interface for any following action.
+@c
+@c @item -l
+@c @itemx --list
+@c @opindex -l
+@c @opindex --list
+@c List, with name only, all available interfaces, or only those
+@c selected should at least one option @option{-i} have specified.
+@c
+@c @item -m @var{mask}
+@c @itemx --netmask=@var{mask}
+@c @opindex -m
+@c @opindex --netmask
+@c Set netmask of selected interface to @var{mask}.
+@c
+@c @item --metric=@var{n}
+@c @opindex --metric
+@c Set the metric of selected interface to the number @var{n}.
+@c
+@c @item -M @var{n}
+@c @itemx --mtu=@var{n}
+@c @opindex -M
+@c @opindex --mtu
+@c Set MTU of selected interface to the number @var{n}.
+@c
+@c @item -s
+@c @itemx --short
+@c @opindex -s
+@c @opindex --short
+@c Use short output format. This is identical to specifying
+@c @samp{--format=netstat}.
+@c
+@c @item --up
+@c @opindex --up
+@c Activate the selected interface.
+@c
+@c @item -v
+@c @itemx --verbose
+@c @opindex -v
+@c @opindex --verbose
+@c Print informational messages when configuring an interface.
+@c @end table
+@c
+@c Observe that the use of program options is the only manner
+@c in which @command{ifconfig} is able to handle multiple
+@c interfaces in one invocation. Once a particular interface
+@c has been selected using @option{-i}, it is affected by any
+@c following option until replaced by another interface selector.
+@c This is also the main cause, that @command{ifconfig} is
+@c unable to treat options independently of their order, as is
+@c mostly the case in other GNU software.
+@c
+@c @section Formatted status output
+@c @anchor{ifconfig formats}
+@c
+@c The status of one or more interfaces can be presented in a number
+@c of different formats. A list of them is printed by the option
+@c @option{--format=help}. In the following table the valid formats
+@c are given, each is used in the form @option{--format=@var{name}}.
+@c
+@c @table @asis
+@c @item check
+@c @itemx check-existence
+@c @itemx ?
+@c Place holders for the ability to check whether the interfaces
+@c selected by one or more options @option{-i} are determining
+@c existing interfaces in the running system. No output in case
+@c of success, an error message in case of a failure.
+@c
+@c @item gnu
+@c @itemx default
+@c Standard GNU output format.
+@c
+@c @item gnu-one-entry
+@c Like the previous format, but with intermediary newlines removed.
+@c
+@c @item help
+@c Display a list of valid formats, together with a short description
+@c for each choice.
+@c
+@c @item net-tools
+@c Imitation of presentation used by the implementation in @samp{net-tools}.
+@c Default format for GNU/Linux.
+@c
+@c @item netstat
+@c Terse output with statistics, similar to that of @code{netstat -i}.
+@c
+@c @item osf
+@c Format variant of @samp{unix} preferred by OSF's implementation.
+@c
+@c @item unix
+@c Traditional UNIX type format. Default for BSD, HPUX and Solaris.
+@c @end table
+@c
+@c @section Legacy syntax
+@c @anchor{ifconfig legacy syntax}
+@c
+@c The traditional mode of invoking @command{ifconfig} is via
+@c a parsed command line, without all use of program switches
+@c and options, relying fully on argument parsing. This mode
+@c of use is supported also in the present implementation,
+@c but keep in mind that only one interface can be manipulated
+@c using this legacy syntax.
+@c
+@c @example
+@c ifconfig NAME [ADDR [DSTADDR]] [broadcast BRDADDR] [netmask MASK]
+@c [metric N] [mtu N] [up|down]
+@c @end example
+@c
+@c As is conventional, only the primary address and possibly the
+@c peer destination address are stated as bare arguments, without
+@c a specifying keyword.
+@c Some slight variation on this syntax will depend on the target
+@c system for which the program is being built, as not all platforms
+@c support identical abilities.
+@c The best information is found via the usage massage
+@c @samp{ifconfig --usage}.
+@c
+@c @node logger invocation
+@c @chapter @command{logger}: Send messages to system log
+@c @pindex logger
+@c
+@c @command{logger} is a program to send entries to system log. It
+@c provides a shell command interface similar to the system log module.
+@c For background information,
+@c @pxref{Syslog, , Syslog, libc, The GNU C Library Reference Manual}.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c logger [@var{option}@dots{}] [@var{message}]
+@c @end example
+@c
+@c @section Command line options
+@c @anchor{logger options}
+@c
+@c @table @option
+@c @item -4
+@c @itemx --ipv4
+@c @opindex -4
+@c @opindex --ipv4
+@c Use IPv4 as transport when logging to a host. The default behaviour
+@c is to use whatever IP version that matches the host.
+@c
+@c @item -6
+@c @itemx --ipv6
+@c @opindex -6
+@c @opindex --ipv6
+@c Use IPv6 as transport when logging to a host. The option is present
+@c also on systems without support for IPv6, but will then issue a warning
+@c and then fall back to IPv4 when delivering the message.
+@c
+@c Both options are most influencial when the target host is named using
+@c a symbolic name, but numerical addresses for host or source must also
+@c match if either of @option{--ipv4} or @option{--ipv6} is stated.
+@c
+@c @item -f @var{file}
+@c @itemx --file=@var{file}
+@c @opindex -f
+@c @opindex --file
+@c Log the content of the specified file. If @var{file} is @samp{-} then
+@c standard input is assumed.
+@c
+@c @item -h @var{host}
+@c @itemx --host=@var{host}
+@c @opindex -h
+@c @opindex --host
+@c Send messages to the given host or socket. The @var{host} argument
+@c can be either a local UNIX socket name (containing a slash @samp{/}),
+@c or be of the form
+@c
+@c @example
+@c @var{host}[:@var{port}]
+@c @end example
+@c
+@c @noindent
+@c where @var{host} is the remote host name or IP address, and the
+@c optional @var{port} is a decimal port number or symbolic service
+@c name from @file{/etc/services}. If @var{port} is not specified,
+@c the port number corresponding to the @samp{syslog} service is used.
+@c If a numerical IPv6 address is given without a port specification,
+@c then the address must be enclosed within brackets (like [::1]).
+@c
+@c @item -i[@var{pid}]
+@c @itemx --id=[@var{pid}]
+@c @opindex -i
+@c @opindex --id
+@c Add process ID to each message. If @var{pid} is not supplied, use the
+@c process ID of the logger process with each line. Notice, that
+@c @var{pid} is an optional argument. When supplied to the @option{-i}
+@c option, it must follow the @samp{i} letter immediately, without any
+@c separating whitespace. When supplied to the @option{--id} form, it
+@c must be separated from it by exactly one equals sign.
+@c
+@c @item -p @var{priority}
+@c @itemx --priority=@var{priority}
+@c @opindex -p
+@c @opindex --priority
+@c Enter the message with the specified priority. The priority may be
+@c specified numerically or as a @samp{facility.level} pair. For
+@c example, @option{-p local3.info} logs the message at the informational
+@c level in the @samp{local3} facility. The default is
+@c @samp{user.notice}.
+@c
+@c The actual list of supported facilities and levels is system specific.
+@c
+@c @item -s
+@c @itemx --stderr
+@c @opindex -s
+@c @opindex --stderr
+@c Log the message to standard error, as well as to the system log.
+@c
+@c @item -S @var{addr}
+@c @itemx --source=@var{addr}
+@c @opindex -S
+@c @opindex --source
+@c Supply the source IP address for INET connections. This option is
+@c useful in conjunction with @option{--host} (see above). The kind of
+@c address specified here (IPv4 or IPv6) will propagate to influence
+@c the resolution of the host address, if it is a symbolic name.
+@c
+@c @item -t @var{tag}
+@c @itemx --tag=@var{tag}
+@c @opindex -t
+@c @opindex --tag
+@c Mark every line in the log with the specified tag.
+@c
+@c @item -u @var{socket}
+@c @itemx --unix=@var{socket}
+@c @opindex -h
+@c @opindex --host
+@c Send messages to the given local UNIX socket. The @var{socket} argument
+@c can be either an absolute path (starting with a slash @samp{/}), or a relative
+@c path understood relative to the current working directory.
+@c @end table
+@c
+@c The options are followed by the message which should be written to the
+@c log. If not specified, and the @option{-f} flag is not provided,
+@c standard input is logged.
+@c
+@c @section Examples
+@c @anchor{logger examples}
+@c
+@c The following examples illustrate the usage of the @command{logger}
+@c command:
+@c
+@c @enumerate 1
+@c @item Log the message @samp{System rebooted} to the local syslog.
+@c Use default facility and priority:
+@c
+@c @example
+@c logger System rebooted
+@c @end example
+@c
+@c @item Run command and send its error output to the channel
+@c @samp{local0.err}. Mark each message with tag @samp{cmd}:
+@c
+@c @example
+@c command 2>&1 | logger -p local0.err -t cmd
+@c @end example
+@c
+@c @item Log each line from file @file{warnings} to channel
+@c @samp{daemon.warn} on host @samp{logger.runasimi.org},
+@c using the source IP @samp{10.10.10.1}:
+@c
+@c @example
+@c logger -p daemon.warn -h logger.runasimi.org -S 10.10.10.1 \
+@c @verb{| |}--file warnings
+@c @end example
+@c @end enumerate
+@c
+@c @node ping invocation
+@c @chapter @command{ping}: Packets to network hosts
+@c @pindex ping
+@c
+@c @c FIXME: The text is far to detailed about the actual implementation
+@c @c of ping. A user doesn't need to know that we are using TIMEVAL, or
+@c @c how things are padded.
+@c
+@c @command{ping} uses ICMP datagrams to provoke a response
+@c from the chosen destination host, mainly intending to probe
+@c whether it is alive.
+@c
+@c The used datagram, of type @code{ECHO_REQUEST}, contains some header
+@c information and some additional payload, usually a time stamp.
+@c By a suitable choice of payload, different host or router properties
+@c are detectable, as the emitted datagram travels to its destination.
+@c
+@c @ignore %* Too detailed for end user.
+@c @command{ping} uses the ICMP protocol's mandatory
+@c @code{ECHO_REQUEST} datagram to elicit an ICMP type @code{ECHO_REPLY}
+@c packet from a host or gateway.
+@c @code{ECHO_REQUEST} datagrams (@dfn{pings}) have an IP and
+@c an ICMP header, followed by a @dfn{struct timeval} and then
+@c an arbitrary number of @dfn{padding} bytes used to fill out the packet.
+@c @end ignore
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c ping [@var{option}@dots{}] @var{host}
+@c @end example
+@c
+@c @noindent
+@c Sending echo requests is the standard use of @command{ping},
+@c but by far not the only use case.
+@c
+@c @menu
+@c * Ping options::
+@c * Fault isolation::
+@c * Duplicate and damaged packets::
+@c * Data patterns::
+@c * TTL details::
+@c * Further remarks::
+@c @end menu
+@c
+@c @node Ping options
+@c @section Command line options
+@c @anchor{ping options}
+@c
+@c @c Options controlling ICMP request types:
+@c @c --address Send ICMP_ADDRESS packets (root only)
+@c @c --echo Send ICMP_ECHO packets (default)
+@c @c --mask Same as --address
+@c @c --timestamp Send ICMP_TIMESTAMP packets
+@c @c -t, --type=TYPE Send TYPE packets
+@c
+@c Selection of packet type is handled by these first options:
+@c
+@c @table @option
+@c @item --address
+@c @opindex --address
+@c Send ICMP_ADDRESS packets, thus requesting the address netmask
+@c in use by the targetted host.
+@c
+@c @item --echo
+@c @opindex --echo
+@c Send ICMP_ECHO requests.
+@c This is the default action.
+@c
+@c @item --mask
+@c @opindex --mask
+@c Identical to @option{--address}.
+@c
+@c @item --timestamp
+@c @opindex --timestamp
+@c Send ICMP_TIMESTAMP packets, thereby requesting a timed response
+@c from the targetted host.
+@c
+@c In successful cases three time values are returned.
+@c All are expected to state the number of milliseconds since
+@c midnight@tie{}UTC.
+@c The first of these, @samp{icmp_otime}, contains the original
+@c time of sending the request.
+@c Then comes @samp{icmp_rtime}, the time of reception by the target,
+@c and finally, @samp{icmp_ttime}, the time of transmitting an answer
+@c back to the originator.
+@c
+@c @item -t @var{type}
+@c @itemx --type=@var{type}
+@c @opindex --type
+@c @opindex -t
+@c Send @var{type} packets. Accepted values are @samp{address},
+@c @samp{echo}, @samp{mask}, and @samp{timestamp}.
+@c @end table
+@c
+@c @c Options valid for all request types:
+@c @c -c, --count=NUMBER Stop after sending NUMBER packets
+@c @c -d, --debug Set the SO_DEBUG option
+@c @c -i, --interval=NUMBER Wait NUMBER seconds between sending each packet
+@c @c -n, --numeric Do not resolve host addresses
+@c @c -r, --ignore-routing Send directly to a host on an attached network
+@c @c -T, --tos=NUM Set type-of-service to NUM
+@c @c --ttl=NUMBER Set specified time-to-live on packet
+@c
+@c @noindent
+@c The following options are available for all packet types:
+@c
+@c @table @option
+@c @item -c @var{n}
+@c @itemx --count=@var{n}
+@c @opindex -c
+@c @opindex --count
+@c Stop after sending and receiving answers to a total of
+@c @var{n} packets.
+@c
+@c @item -d
+@c @itemx --debug
+@c @opindex -d
+@c @opindex --debug
+@c Set the SO_DEBUG option on the socket being used.
+@c
+@c @item -i @var{n}
+@c @itemx --interval=@var{n}
+@c @opindex -i
+@c @opindex --interval
+@c Wait @var{n} seconds until sending next packet.
+@c The default is to wait for one second between packets.
+@c This option is incompatible with the option @option{-f}.
+@c
+@c @item -n
+@c @itemx --numeric
+@c @opindex -n
+@c @opindex --numeric
+@c Numeric output only. No attempt will be made to resolve
+@c symbolic names for host addresses.
+@c
+@c @item -r
+@c @itemx --ignore-routing
+@c @opindex -r
+@c @opindex --ignore-routing-log
+@c Bypass the normal routing tables and send directly to a host on an
+@c attached network. If the host is not on a directly attached network,
+@c an error is returned. This option can be used to ping a local host
+@c through an interface that has no route through it (e.g., after the
+@c interface was dropped by @command{routed}).
+@c
+@c @item -T @var{num}
+@c @itemx --tos=@var{num}
+@c @opindex -T
+@c @opindex --tos
+@c Set type-of-service, TOS field, to @var{num} on
+@c transmitted packets.
+@c
+@c @item --ttl=@var{n}
+@c @opindex --ttl
+@c Set the specified number @var{n} as value of time-to-live when
+@c transmitting packets. Acceptable values are 1 to 255, inclusive.
+@c
+@c @item -v
+@c @itemx --verbose
+@c @opindex -v
+@c @opindex --verbose
+@c Produce more verbose output, giving more statistics.
+@c
+@c @item -w @var{n}
+@c @itemx --timeout=@var{n}
+@c @opindex -w
+@c @opindex --timeout
+@c Stop after @var{n} seconds.
+@c
+@c @item -W @var{n}
+@c @itemx --linger=@var{n}
+@c @opindex -W
+@c @opindex --linger
+@c Maximum number of seconds @var{n} to wait for a response.
+@c @end table
+@c
+@c @c Options valid for --echo requests:
+@c @c -f, --flood Flood ping (root only)
+@c @c --ip-timestamp=FLAG Timestamp IP option of types tsonly,
+@c @c tsaddr, or (not yet implemented) prespec.
+@c @c -l, --preload=NUMBER Send NUMBER packets as fast as possible before
+@c @c falling into normal mode of behavior (root only)
+@c @c -p, --pattern=PATTERN Fill ICMP packet with given pattern (hex)
+@c @c -q, --quiet no packet message
+@c @c -R, --route Record route IP option
+@c @c -s, --size=NUMBER Send NUMBER data octets
+@c
+@c Finally, these last options are relevant only for sending echo requests,
+@c allowing many variations in order to detect various peculiarities of
+@c the targeted host, or the intermediary routers for that matter.
+@c
+@c @table @option
+@c @item -f
+@c @itemx --flood
+@c @opindex -f
+@c @opindex --flood
+@c Flood ping. Outputs packets as fast as they come back or one hundred
+@c times per second, whichever is more. For every ECHO_REQUEST packet
+@c sent, a period @samp{.} is printed, while for every ECHO_REPLY
+@c received in reply, a backspace is printed.
+@c This provides a rapid display of how many packets are being dropped.
+@c Only the super-user may use this option.
+@c This can be very hard on a network and should be used with caution.
+@c
+@c @item --ip-timestamp=@var{flag}
+@c @opindex --ip-timestamp
+@c Include IP option Timestamp in transmitted packets.
+@c The value @var{flag} is either @samp{tsonly}, which only records up
+@c to nine time stamps, or @samp{tsaddr}, which records IP
+@c addresses as well as time stamps, but for at most four hosts.
+@c
+@c @item -l @var{n}
+@c @itemx --preload=@var{n}
+@c @opindex -l
+@c @opindex --preload
+@c If @var{n} is specified, ping sends that many packets as fast as
+@c possible before falling into its normal mode of operation.
+@c
+@c @item -p @var{pat}
+@c @itemx --pattern=@var{pat}
+@c @opindex -p
+@c @opindex --pattern
+@c You may specify up to 16 pad bytes to fill out the packet you send.
+@c This is useful for diagnosing data-dependent problems in a network.
+@c For example, @option{-p ff} will cause the sent packet to be filled
+@c with all ones.
+@c
+@c @item -q
+@c @itemx --quiet
+@c @opindex -q
+@c @opindex --quiet
+@c Do not print timing for each transmitted packet.
+@c @item -R
+@c @itemx --route
+@c @opindex -R
+@c @opindex --route
+@c Record route. Includes the @code{RECORD_ROUTE} field in the
+@c ECHO_REQUEST packet and displays the route buffer on returned packets.
+@c Note that the IP header is only large enough for nine
+@c such routes.
+@c Many hosts ignore or discard this option.
+@c
+@c @item -s @var{n}
+@c @itemx --size=@var{n}
+@c @opindex -s
+@c @opindex --size
+@c Specifies the number of data bytes to be sent. The default is 56,
+@c which translates into 64@tie{}ICMP data bytes, taking
+@c the 8@tie{}bytes of ICMP header data into account.
+@c @end table
+@c
+@c @node Fault isolation
+@c @section Using ping for network fault isolation
+@c
+@c When using @command{ping} for fault isolation, it should first be run
+@c on the local host, to verify that the local network interface is up
+@c and running. Then, hosts and gateways further and further away should
+@c be pinged. Round-trip times and packet loss statistics are computed.
+@c If duplicate packets are received, they are not included in the packet
+@c loss calculation, although the round trip time of these packets is
+@c used in calculating the minimum/average/maximum round-trip time
+@c numbers. When the specified number of packets have been sent (and
+@c received) or if the program is terminated with a @samp{SIGINT}, a
+@c brief summary is displayed.
+@c
+@c This program is intended for use in network testing, measurement and
+@c management. Because of the load it can impose on the network, it is
+@c unwise to use ping during normal operations or from automated scripts.
+@c
+@c @ignore
+@c @section ICMP Packet Details
+@c
+@c An IP header without options consists of 20 bytes.
+@c An ICMP type ECHO_REQUEST packet contains an additional
+@c 8 bytes worth of ICMP header followed by an arbitrary
+@c amount of data.
+@c When a packet size is stated, that indicates
+@c the size of the extra piece of data (the default is 56).
+@c Thus the amount of data received as an IP packet
+@c with an ICMP type ECHO_REPLY, will always be 8 bytes larger
+@c than the requested data space (the ICMP header).
+@c
+@c If the data space is at least eight bytes large, ping uses the first
+@c eight bytes of this space to include a timestamp which it uses in the
+@c computation of round trip times. If less than eight bytes of pad are
+@c specified, no round trip times are given.
+@c @end ignore
+@c
+@c @node Duplicate and damaged packets
+@c @section Duplicate and damaged packets
+@c
+@c Ping will report duplicate and damaged packets. Duplicate packets
+@c should never occur, and seem to be caused by inappropriate link-level
+@c retransmissions. Duplicates may occur in many situations and are
+@c rarely (if ever) a good sign, although the presence of low levels of
+@c duplicates may not always be cause for alarm.
+@c
+@c Damaged packets are obviously serious cause for alarm and often
+@c indicate broken hardware somewhere in the ping packet's path (in the
+@c network or in the hosts).
+@c
+@c @node Data patterns
+@c @section Trying different data patterns
+@c
+@c The (inter)network layer should never treat packets differently
+@c depending on the data contained in the data portion. Unfortunately,
+@c data-dependent problems have been known to sneak into networks and
+@c remain undetected for long periods of time. In many cases the
+@c particular pattern that will have problems is something that doesn't
+@c have sufficient ``transitions'', such as all ones or all zeros, or a
+@c pattern right at the edge, such as almost all zeros. It isn't
+@c necessarily enough to specify a data pattern of all zeros (for
+@c example) on the command line because the pattern that is of interest
+@c is at the data link level, and the relationship between what you type
+@c and what the controllers transmit can be complicated.
+@c
+@c This means that if you have a data-dependent problem you will probably
+@c have to do a lot of testing to find it. If you are lucky, you may
+@c manage to find a file that either can't be sent across your network or
+@c that takes much longer to transfer than other similar length files.
+@c You can then examine this file for repeated patterns that you can test
+@c using the @option{-p} option of ping.
+@c
+@c @node TTL details
+@c @section TTL details
+@c
+@c The TTL field, @dfn{Time To Live}, of an IP
+@c packet represents the maximum number of IP routers
+@c that the packet can go through before being discarded.
+@c In current practice you can expect each router on the
+@c Internet to decrement the TTL field by exactly one.
+@c
+@c The TCP/IP specification states that the TTL field
+@c of a new TCP packet should be set to 60,
+@c but many systems use smaller values (4.3BSD used 30
+@c and 4.2BSD used 15).
+@c
+@c The maximum possible value of this field is 255, and most UNIX systems
+@c set the TTL field of ICMP (type @code{ECHO_REQUEST})
+@c packets to 255. This is why you will find you can ping some hosts,
+@c but not reach them with @command{telnet} or @command{ftp}.
+@c
+@c During normal operation, @command{ping} prints the TTL value
+@c for every packet it receives.
+@c When a remote system receives an ICMP packet,
+@c it can do one of three things to the TTL field
+@c in its response packet:
+@c
+@c @itemize @bullet
+@c @item
+@c Not to change it. This is what Berkeley UNIX systems did before the
+@c 4.3BSD-Tahoe release. In this case the TTL value in the
+@c received packet will be 255 minus the number of routers in the
+@c round-trip path.
+@c
+@c @item
+@c Set it to 255. This is what current Berkeley UNIX systems do. In this
+@c case the TTL value in the received packet will be 255 minus the
+@c number of routers in the path from the remote system to the pinging
+@c host.
+@c
+@c @item
+@c Set it to some other value. Some machines use the same value for
+@c ICMP packets that they use for TCP packets,
+@c for example either 30 or 60.
+@c Others may use completely arbitrary values.
+@c
+@c @end itemize
+@c
+@c @node Further remarks
+@c @section Further observations
+@c Many hosts and gateways ignore the @code{RECORD_ROUTE} field, since
+@c the maximum IP header length is far to small to hold all
+@c the routes.
+@c There is not much that can be done about this.
+@c
+@c Flood pinging is not recommended in general, and flood pinging the
+@c broadcast address should only be done under very controlled
+@c conditions.
+@c
+@c Some BSD variants offer a kernel setting to inhibit all replies
+@c to ICMP_MASKREQ packets, but in general, Unices are designed either
+@c to answer the request with a valid netmask, or to drop the request,
+@c causing @command{ping} to wait for a timeout condition.
+@c
+@c @node ping6 invocation
+@c @chapter @command{ping6}: Packets to IPv6 network hosts
+@c @pindex ping6
+@c
+@c @command{ping6} uses ICMPv6 datagrams to get a response
+@c from the chosen destination host.
+@c The most common use is to probe whether the remote
+@c system is responsive.
+@c Observe that this program only uses IPv6 datagrams.
+@c
+@c Each datagram, of type @code{ECHO_REQUEST}, carries some header
+@c information and some additional payload, usually a time stamp.
+@c Making a suitable choice of payload, it is possible to probe
+@c different host or router properties on the way as the emitted
+@c datagram travels to its destination.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c ping6 [@var{option}@dots{}] @var{host}
+@c @end example
+@c
+@c @noindent
+@c Sending simple, timed echo requests is the standard use
+@c of @command{ping6}, but is by far not the only use case.
+@c
+@c This command is a close parallel to @command{ping},
+@c except that it handles IPv6 and is thus not able
+@c to handle peculiarities of IPv4.
+@c
+@c @section Command line options
+@c @anchor{ping6 options}
+@c
+@c @table @option
+@c @item -c @var{n}
+@c @itemx --count=@var{n}
+@c @opindex -c
+@c @opindex --count
+@c Stop after sending and receiving answers to a total of
+@c @var{n} packets.
+@c
+@c @item -d
+@c @itemx --debug
+@c @opindex -d
+@c @opindex --debug
+@c Set the SO_DEBUG option on the socket being used.
+@c
+@c @item -f
+@c @itemx --flood
+@c @opindex -f
+@c @opindex --flood
+@c Flood ping.
+@c Outputs packets as fast as they come back,
+@c or one hundred times per second, whichever is more.
+@c For every ECHO_REQUEST packet sent, a period @samp{.} is printed,
+@c while for every ECHO_REPLY received in reply, a backspace is printed.
+@c
+@c This provides a rapid display of how many packets are being dropped.
+@c Only the super-user may use this option.
+@c This mode can be very hard on a network.
+@c It should be used with caution!
+@c
+@c @item --hoplimit=@var{n}
+@c @opindex --hoplimit
+@c Limit maximal distance to @var{n}.
+@c Acceptable values are 1 to 255, inclusive.
+@c
+@c @item -i @var{n}
+@c @itemx --interval=@var{n}
+@c @opindex -i
+@c @opindex --interval
+@c Wait @var{n} seconds until sending next packet.
+@c The default is to wait for one second between packets.
+@c This option is incompatible with the option @option{-f}.
+@c
+@c @item -l @var{n}
+@c @itemx --preload=@var{n}
+@c @opindex -l
+@c @opindex --preload
+@c Sends @var{n} packets as fast as possible before falling
+@c back to the normal mode of operation.
+@c
+@c @item -n
+@c @itemx --numeric
+@c @opindex -n
+@c @opindex --numeric
+@c Numeric output only.
+@c No attempt will be made to resolve symbolic names for host addresses.
+@c
+@c @item -p @var{pattern}
+@c @itemx --pattern=@var{pattern}
+@c @opindex -p
+@c @opindex --pattern
+@c Up to 16 hexadecimal pad bytes are given as @var{pattern}.
+@c These are use for filling out the packets you send.
+@c This option is useful for diagnosing data-dependent problems
+@c within a network.
+@c As an example, @option{-p ff} will cause the sent packets
+@c to have payloads with every bit set to one.
+@c
+@c @item -q
+@c @itemx --quiet
+@c @opindex -q
+@c @opindex --quiet
+@c Do not print timing result of each transmitted packet.
+@c
+@c @item -r
+@c @itemx --ignore-routing
+@c @opindex -r
+@c @opindex --ignore-routing-log
+@c Bypass the normal routing tables and send directly
+@c to a host on an attached network.
+@c If the host is not on a directly attached network,
+@c an error is returned.
+@c This option can be used to ping a local host
+@c through an interface, for which there is no
+@c assigned route, such as when the interface
+@c was dropped by @command{routed}.
+@c
+@c @item -s @var{n}
+@c @itemx --size=@var{n}
+@c @opindex -s
+@c @opindex --size
+@c Specifies the number of data bytes to be sent. The default is 56,
+@c which translates into 64@tie{}ICMP data bytes, taking
+@c the 8@tie{}bytes of ICMP header data into account.
+@c
+@c @item -T @var{num}
+@c @itemx --tos=@var{num}
+@c @opindex -T
+@c @opindex --tos
+@c Set the traffic class to @var{num} on transmitted packets.
+@c
+@c @item --ttl=@var{n}
+@c @opindex --ttl
+@c Synonym for @option{--hoplimit}.
+@c
+@c @item -v
+@c @itemx --verbose
+@c @opindex -v
+@c @opindex --verbose
+@c Produce more verbose output, giving more statistics.
+@c
+@c @item -w @var{n}
+@c @itemx --timeout=@var{n}
+@c @opindex -w
+@c @opindex --timeout
+@c Stop after @var{n} seconds.
+@c @end table
+@c
+@c The documentation of @command{ping} provides several
+@c pieces of information, and discussions, relevant to
+@c the use of @command{ping6}.
+@c Keep in mind, though, that the differing address family
+@c causes some discrepancy.
+@c @xref{ping invocation}.
+@c
+@c @node traceroute invocation
+@c @chapter @command{traceroute}: Trace the route to a host
+@c @pindex traceroute
+@c
+@c @command{traceroute} prints a trace of the route
+@c IP@tie{}packets are travelling to a remote host.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c traceroute [@var{option}@dots{}] @var{host}
+@c @end example
+@c
+@c @section Command line options
+@c @anchor{traceroute options}
+@c
+@c @table @option
+@c @item -f @var{num}
+@c @itemx --first-hop=@var{num}
+@c @opindex -f
+@c @opindex --first-hop
+@c Set the initial hop distance to @var{num}, instead of the default 1.
+@c This immediately allows probing packets to sense routing
+@c properties closer to the target host, skipping routers close
+@c to the local host. Quicker analysis of problems known to lie
+@c at some routing distance is the outcome.
+@c
+@c @item -g @var{gates}
+@c @itemx --gateways=@var{gates}
+@c @opindex -g
+@c @opindex --gateways
+@c Set intermediary hosts used in loose source routing.
+@c The argument @var{gates} is a list of gateways,
+@c using spaces, commata, or semicola as separators.
+@c These hosts must be traversed in the given order
+@c before the intended host receives any datagram.
+@c At most eight host names or addresses may be specified.
+@c Multiple uses of @option{-g} produce a concatenated list.
+@c
+@c @item -I
+@c @itemx --icmp
+@c @opindex -I
+@c @opindex --icmp
+@c Use ICMP ECHO datagrams for probing the remote host.
+@c
+@c @item -m @var{num}
+@c @itemx --max-hop=@var{num}
+@c @opindex -m
+@c @opindex --max-hop
+@c Set the maximum time-to-live allowed for probing.
+@c In other words, stop probing when the hop distance
+@c is in excess of @var{num}.
+@c The default limit is 64.
+@c
+@c @item -M @var{method}
+@c @itemx --type=@var{method}
+@c @opindex -M
+@c @opindex --type
+@c Use @var{method} as carrier packets for traceroute operations.
+@c Supported choices are @samp{icmp} and @samp{udp}, where @samp{udp}
+@c is the default type.
+@c
+@c @item -p @var{port}
+@c @itemx --port=@var{port}
+@c @opindex -p
+@c @opindex --port
+@c Set destination port of target to @var{port}.
+@c The default value is 33434.
+@c
+@c @item -q @var{num}
+@c @itemx --tries=@var{num}
+@c @opindex -q
+@c @opindex --tries
+@c Send a total of @var{num} probe packets per hop, defaulting to 3.
+@c
+@c @item --resolve-hostnames
+@c @opindex --resolve-hostnames
+@c Attempt to resolve all addresses as hostnames.
+@c
+@c @item -t @var{num}
+@c @itemx --tos=@var{num}
+@c @opindex -t
+@c @opindex --tos
+@c Set type-of-service, TOS field, to @var{num} on
+@c transmitted packets.
+@c
+@c @item -w @var{num}
+@c @itemx --wait=@var{num}
+@c @opindex -w
+@c @opindex --wait
+@c Set timeout in seconds, within which a returning response
+@c packet is accepted as such.
+@c Default waiting time is three seconds.
+@c @end table
+@c
+@c @section Diagnostic tokens
+@c @anchor{traceroute printing}
+@c
+@c During execution, @command{traceroute} sends three datagrams
+@c for each value for the TTL field, printing a diagnostic line
+@c of output for these. The TTL field is then steadily increased
+@c until the intended host responds, or some intermediary gateway
+@c returns a datagram to the effect that the target cannot be
+@c reached due to one reason or another.
+@c
+@c Each line of output displays a sequence number, followed by
+@c diagnostic annotation. Any responding host has its address
+@c printed without repetition, together with a measured timing.
+@c In case there is no response within a time period of three seconds,
+@c an asterisque @samp{*} is printed.
+@c
+@c When an intermediate router responds with an exceptional state,
+@c the time elapsed since emitting the original datagram is printed,
+@c followed by an additional short hand hint of the reason:
+@c
+@c @table @samp
+@c @item !F
+@c Fragmentation needed by gateway.
+@c
+@c @item !H
+@c Host not reachable from gateway.
+@c
+@c @item !N
+@c Network not reachable from gateway.
+@c
+@c @item !P
+@c Protocol not usable at host, or within network.
+@c
+@c @item !S
+@c Source routing failed at gateway.
+@c
+@c @item !T
+@c Host or network not reachable for stated type of service, TOS.
+@c
+@c @item !U
+@c Isolated host, not reachable.
+@c
+@c @item !X
+@c Forbidden by remote administration.
+@c @end table
+@c
+@c @node whois invocation
+@c @chapter @command{whois}: User interface to WHOIS data bases.
+@c @pindex whois
+@c
+@c The functionality of a world wide Internet is dependent on
+@c stored node information of different kinds.
+@c Registrars keep much relevant material in WHOIS data bases.
+@c This utility @command{whois} is able to query those sources
+@c for general and for particular properties of most domains.
+@c
+@c For many domains there are names of suitable data base servers
+@c hard coded into @command{whois}, ready to query for domain
+@c relevant information.
+@c Since servers' names do change from time to time,
+@c this utility might occasionally need some guidance using
+@c a suitable command line option.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c whois [@var{OPTION}@dots{}] @var{OBJECT}@dots{}
+@c @end example
+@c
+@c @section Command line options
+@c @anchor{whois options}
+@c
+@c @table @option
+@c @item -a
+@c @opindex -a
+@c Search all data bases.
+@c
+@c @item -F
+@c @opindex -F
+@c Fast and raw output. Implies @option{-r}.
+@c
+@c @item -g @var{source}:@var{first}-@var{last}
+@c @opindex -g
+@c Find updates for an object from provider @var{source},
+@c starting from the version with serial key @var{first},
+@c and ending with serial key @var{last}.
+@c
+@c @item -h @var{host}
+@c @itemx --server=@var{host}
+@c @opindex -h
+@c @opindex --server
+@c Connect to server @var{host}.
+@c
+@c @item -H
+@c @opindex -H
+@c Hide legal disclaimers.
+@c
+@c @item -i @var{attr}[,@var{attr2}@dots{}]
+@c @opindex -i
+@c Do an inverse lookup for specified attributes.
+@c Use a comma separated list for multiple attributes.
+@c
+@c @item -l
+@c @opindex -l
+@c One level less specific lookup.
+@c Applies to RPSL only.
+@c
+@c @item -L
+@c @opindex -L
+@c Find all less specific matches.
+@c
+@c @item -m
+@c @opindex -m
+@c Find more specific matches, one level deeper.
+@c
+@c @item -M
+@c @opindex -M
+@c Find all more specific matches.
+@c
+@c @item -p @var{port}
+@c @opindex -p
+@c Connect to server port @var{port}.
+@c
+@c @item -q @{version|sources@}
+@c @opindex -q
+@c Query specified server info.
+@c Applies to RPSL only.
+@c
+@c @item -r
+@c @opindex -r
+@c Turn off recursive lookups.
+@c
+@c @item -R
+@c @opindex -R
+@c Force output to show local copy of the domain object,
+@c even if it contains a referral.
+@c
+@c @item -s @var{source}[,@var{source2}@dots{}]
+@c @opindex -s
+@c Search the data base at @var{source}.
+@c A comma separated list queries multiple providers.
+@c
+@c @item -S
+@c @opindex -S
+@c Tell server to refrain from syntactic sugar.
+@c
+@c @item -t @var{type}
+@c @opindex -t
+@c Request a template for objects of type @var{type}.
+@c Use the value @samp{all} for a list of possible types.
+@c
+@c @item -T @var{type}[,@var{type2}@dots{}]
+@c @opindex -T
+@c Search only for objects of type @var{type}.
+@c A comma separated list allows for multiple types.
+@c
+@c @item -V
+@c @itemx --verbose
+@c @opindex -V
+@c @opindex --verbose
+@c Verbosely explain all actions taken.
+@c
+@c @item -x
+@c @opindex -x
+@c Search only for exact matches.
+@c Applicable only to RPSL.
+@c @end table
+@c
+@c @section Environment variables
+@c @anchor{whois environment}
+@c
+@c @command{whois} holds an internal list of information servers
+@c and their assigned data bases.
+@c Queries are examined against this list to select the most
+@c plausible server, but the hint can always be overruled on
+@c the command line by use of the option @option{-h}.
+@c If neither of these have a say, then the default server to ask
+@c is @samp{whois.internic.net}, but this name is in turn overruled
+@c by a server name in the environment variable @env{WHOIS_SERVER}.
+@c
+@c @table @env
+@c @item LANG
+@c When the server @samp{whois.nic.ad.jp} is queried, and only then,
+@c any non-Japanese locale in @env{LANG} will ask the server to reply
+@c with English text, not Japanese.
+@c
+@c @item WHOIS_HIDE
+@c When set, the effect on @command{whois} is as if the
+@c option @option{-H} had been given.
+@c
+@c @item WHOIS_SERVER
+@c Data base server to query when internal hinting is inconclusive.
+@c When unset, @samp{whois.internic.net} is used as default server.
+@c
+@c @end table
+@c
@node ftp invocation
@chapter @command{ftp}: FTP client
@pindex ftp
@@ -2369,521 +2369,521 @@ encountered. If a macro named init is d
executed as the last step in the auto-login process.
@end table
-@node rcp invocation
-@chapter @command{rcp}: Copy files between machines
-@pindex rcp
-
-@command{rcp} copies files between machines. Each file or directory
-argument is either a remote file name of the form
-@samp{rname@@rhost:path}, or a local file name (containing no @samp{:}
-characters, or a @samp{/} before any @samp{:}s).
-
-@noindent
-Synopsis:
-
-@example
-rcp [@var{option}]@dots{} @var{old-file} @var{new-file}
-rcp [@var{option}]@dots{} @var{files}@dots{} @var{directory}
-@end example
-
-@section Command line options
-@anchor{rcp options}
-
-@table @option
-@item -4
-@itemx --ipv4
-@opindex -4
-@opindex --ipv4
-Use only IPv4.
-
-@item -6
-@itemx --ipv6
-@opindex -6
-@opindex --ipv6
-Use only IPv6.
-
-@item -d @var{directory}
-@itemx --target-directory=@var{directory}
-@opindex -d
-@opindex --target-directory
-Copy all source arguments into @var{directory}.
-
-@item -f
-@itemx --from
-@opindex -f
-@opindex --from
-(Server mode only.) Copying from remote host.
-
-@item -k @var{realm}
-@itemx --realm=@var{realm}
-@opindex -k
-@opindex --realm
-The option requests rcp to obtain tickets for the remote host in
-realm @var{realm} instead of the remote host's realm.
-
-@item -K
-@itemx --kerberos
-@opindex -K
-@opindex --kerberos
-Turns off all Kerberos authentication.
-
-@item -p
-@itemx --preserve
-@opindex -p
-@opindex --preserve
-Causes @code{rcp} to attempt to preserve (duplicate) in its copies the
-modification times and modes of the source files, ignoring the umask.
-By default, the mode and owner of the target file are preserved
-if the target itself already exists; otherwise the mode of the source
-file is modified by the @code{umask} setting on the destination host.
-
-@item -r
-@itemx --recursive
-@opindex -r
-@opindex --recursive
-If any of the source files are directories, @command{rcp} copies each
-subtree rooted at that name; in this case the destination must be a
-directory.
-
-@item -t
-@itemx --to
-@opindex -t
-@opindex --to
-(Server mode only.) Copying to remote host.
-
-@item -x
-@itemx --encrypt
-@opindex -x
-@opindex --encrypt
-Turns on encryption for all data passed via the @command{rcp} session.
-This may impact response time and CPU utilization, but provides increased
-security.
-
-@end table
-
-@command{rcp} doesn't detect all cases where the target of a copy
-might be a file in cases where only a directory should be legal.
-
-@command{rcp} can be confused by any output generated by commands in a
-@file{.login}, @file{.profile}, or @file{.cshrc} file on the remote
-host.
-
-The destination user and hostname may have to be specified as
-@samp{rhost.rname} when the destination machine is running the 4.2BSD
-version of @command{rcp}.
-
-@node rexec invocation
-@chapter @command{rexec}: a remote execution program
-@pindex rexec
-
-@command{rexec} is a program that executes a program on another host.
-
-@noindent
-Synopsis:
-
-@example
-rexec --user=@var{login} --password=@var{pass} --host=@var{host} \
-@verb{| |}[OPTION] @var{command}
-@end example
-
-@section Command line options
-@anchor{rexec options}
-
-@table @option
-@item -4
-@itemx --ipv4
-@opindex -4
-@opindex --ipv4
-Use only IPv4 connections as all times.
-
-@item -6
-@itemx --ipv6
-@opindex -6
-@opindex --ipv6
-Use only IPv6 connections.
-
-@item -a
-@itemx --ipany
-@opindex -a
-@opindex --ipany
-Allow any address family for connections. This is the default.
-
-@item -e
-@itemx --error=@var{port}
-@opindex -e
-@opindex --error
-Specify the TCP port to use for stderr redirection, in case it is not
-specified a random port will be used.
-
-@item -h
-@item --host=@var{name}
-@opindex -h
-@opindex --host
-Specify the host with whom to connect: symbolic name or address.
-
-@item -n
-@itemx --noerr
-@opindex -n
-@opindex --noerr
-If specified, an error stream will not be created.
-
-@item -p
-@itemx --password=@var{passwd}
-@opindex -p
-@opindex --password
-Specify the password for logging-in. The special value
-consisting of a single dash @samp{-} will make @command{rexec}
-read a single line from stdin. This input is then used
-as password and is passed as such to the remote server.
-Thus it is possible to hide vital access information
-slightly better than the full disclosure implicit in
-the text of a command line option.
-
-@item -P
-@itemx --port=@var{num}
-@opindex -P
-@opindex --port
-Specify to which numerical port a connection shall be sought.
-If it is not specified, then use port 512/tcp by default.
-
-@item -u
-@itemx --user=@var{name}
-@opindex -u
-@opindex --user
-Specify the user with whom to log into the server.
-@end table
-
-@node rlogin invocation
-@chapter @command{rlogin}: Remote login
-@pindex rlogin
-
-The @command{rlogin} command starts a terminal session on the
-specified remote host, provided the required authentication
-is successful. The remote terminal type is the same as that
-given in the @env{TERM} local environment variable.
-The terminal and the window size stay the same, if the remote
-host supports them, and any changes in size are transferred
-as need may be.
-
-When using the @command{rlogin} command, you can create a link
-in your path, using a host name as the link name. For example:
-
-@example
-# ln -s /usr/bin/rlogin @var{hostname}
-# @var{hostname} -8
-@end example
-
-@noindent
-Afterwards, the use of @var{hostname} will automatically invoke
-@command{rlogin} to direct a log in request to the remote host
-named @var{hostname}.
-
-@command{rlogin} allows access to the remote host without the use of a
-password. The prerequisite is a suitable specification in @file{~/.rhosts}.
-For details, @xref{rcmd, , rcmd, libc, The GNU C Library Reference Manual}.
-
-@section Command line options
-@anchor{rlogin options}
-
-The options are as follows :
-
-@table @option
-@item -4
-@itemx --ipv4
-@opindex -4
-@opindex --ipv4
-Use only IPv4.
-
-@item -6
-@itemx --ipv6
-@opindex -6
-@opindex --ipv6
-Use only IPv6.
-
-@item -8
-@itemx --8-bit
-@opindex -8
-@opindex --8-bit
-Allows an eight-bit input data path at all times; otherwise parity
-bits are stripped except when the remote side's stop and start
-characters are other than @kbd{C-S}/@kbd{C-Q}.
-
-@item -d
-@itemx --debug
-@opindex -d
-@opindex --debug
-Turns on socket debugging on the TCP sockets used for communication
-with the remote host.
-
-@item -e @var{char}
-@itemx --escape=@var{char}
-@opindex -e
-@opindex --escape
-Allows user specification of the escape character, which is @samp{~}
-by default. This specification may be as a literal character, or as
-an octal value in the form @samp{\nnn}.
-
-@item -E
-@itemx --no-escape
-@opindex -E
-@opindex --no-escape
-Stops any character from being recognized as an escape character.
-When used with the @option{-8} option, this provides a completely
-transparent connection.
-
-@item -l @var{user}
-@itemx --user=@var{user}
-@opindex -l
-@opindex --user
-By default, the remote username is the same as the local username.
-This option, and the @samp{user@@host} format, allow the remote
-user name to be made explicit, or changed.
-@end table
-
-@noindent
-The next three options are available only if the program
-has been compiled with support for Kerberos authentication.
-
-@table @option
-@item -k @var{realm}
-@itemx --realm=@var{realm}
-@opindex -k
-@opindex --realm
-The option requests rlogin to obtain tickets for the remote host in
-realm @var{realm} instead of the remote host's realm.
-
-@item -K
-@itemx --kerberos
-@opindex -K
-@opindex --kerberos
-Turns off all Kerberos authentication.
-
-@item -x
-@itemx --encrypt
-@opindex -x
-@opindex --encrypt
-Turns on encryption for all data passed via the rlogin session.
-This may impact response time and CPU utilization, but provides
-increased security.
-@end table
-
-@section Escape characters and flow control
-
-As long as the connection stands, the client program @command{rsh}
-is observing the input stream in order to detect so called
-escape sequences, allowing the user to execute some local
-actions without having to tear down the remote connection.
-
-The sequences consist of two characters, the first of which
-always is the distinguished character @var{escape-char}.
-The following sequences are supported:
-
-@c An input line of the form of the two-character sequence
-@itemize @bullet
-@item
-@kbd{@var{escape-char} .} disconnects from the remote host.
-
-@item
-@kbd{@var{escape-char} C-d} does the same.
-(Termios character @samp{VEOF}.)
-
-@item
-@kbd{@var{escape-char} C-z} suspends the session, halting the
-remote process, but keeping it ready for resumed processing.
-The user is given access to a local shell.
-(Termios character @samp{VSUSP}.)
-
-@item
-@kbd{@var{escape-char} @var{delayed-suspend-char}} implements
-a half-way suspend, in the sense of stopping local input from
-reaching the remote side, but still displaying all output from
-the remote host on the local terminal. The remote process is
-still running, but the local user is given a local shell until
-the resuming the original command.
-Normally, only BSD systems offer this mode.
-(Termios character @samp{VDSUSP}.)
-@end itemize
-
-@noindent
-By default, the character tilde @samp{~} is assigned to @var{escape-char},
-but it can be changed using the option @option{--escape}.
-The processing of escape sequences can even be disable using
-the option @option{--no-escape}.
-On BSD systems, @var{delayed-suspend-char} is usually set to @kbd{C-Y}.
-It displays as @samp{dsusp} using @command{stty}.
-
-All echoing takes place at the remote site, so that the @command{rlogin}
-is transparent except possibly for transmission delays.
-Flow control via @kbd{C-S} and @kbd{C-Q}, if at all supported,
-will stop and start the flow of data on the local terminal.
-Flushing of input and output on interrupts is also
-handled properly.
-
-On the server side the @code{iruserok} and @code{ruserok} functions
-are used to authenticate the connection request, unless Kerberised
-mode is in effect. See the appropriate man pages for more information.
-
-@section Kerberos Authentication
-
-If @command{rlogin} was compiled with kerberos support, options
-@option{-x}, @option{-k}, @option{-K} are available. Each user may
-have a private authorization list in the file @file{.k5login} in their
-home directory. Each line in this file should contain a Kerberos
-principal name of the form @samp{principal/instance@@realm}. If the
-originating user is authenticated to one of the principals named in
-@file{.k5login}, access is granted to the account. The principal
-@samp{accountname@@localrealm} is granted access if there is no
-@file{.k5login} file. Otherwise a login and password will be prompted
-for on the remote machine as in @command{login}. To avoid certain
-security problems, the @file{.k5login} file must be owned by the remote
-user. If Kerberos authentication fails, a warning message is printed
-and the standard Berkeley rlogin is used instead.
-
-@node rsh invocation
-@chapter @command{rsh}: Remote shell
-@pindex rsh
-
-@command{rsh} executes commands on a remote host and copies its local
-standard input to that of the remote command, as well as the remote
-standard output to the local standard output, and the remote standard
-error to the local standard error. Locally raised interrupt, quit and
-terminate signals are all propagated to the remote command. Normally
-@command{rsh} terminates when the remote command does so.
-
-When using the @command{rsh} command, you can for convenience create
-a link in your path, using a host name as name of the link. For example:
-
-@example
-# ln -s /usr/bin/rsh @var{hostname}
-# @var{hostname} ls
-@end example
-
-@noindent
-Afterwards, @var{hostname} will be passed to @command{rsh} as host name
-whenever the command @var{hostname} is issued.
-
-@command{rsh} allows access to the remote host without the use of a
-password. The prerequisite is a suitable specification in @file{~/.rhosts}.
-For details, @xref{rcmd, , rcmd, libc, The GNU C Library Reference Manual}.
-
-If no command is specified for @command{rsh} ar argument following the
-host name, then you will be logged in on the remote host using @command{rlogin}.
-
-@section Command line options
-@anchor{rsh options}
-
-The options are as follows :
-
-@table @option
-@item -4
-@itemx --ipv4
-@opindex -4
-@opindex --ipv4
-Use only IPv4.
-
-@item -6
-@itemx --ipv6
-@opindex -6
-@opindex --ipv6
-Use only IPv6.
-
-@item -d
-@itemx --debug
-@opindex -d
-@opindex --debug
-Turns on socket debugging used for communication with the remote host.
-
-@item -l @var{user}
-@itemx --user=@var{user}
-@opindex -l
-@opindex --user
-By default, the remote username is the same as the local username.
-The @option{-l} option and the @samp{username@@host} format allow the
-remote user name to be specified. Kerberos authentication is used,
-whenever available, and authorization is determined as in @command{rlogin}
-(@pxref{rlogin invocation}).
-
-@item -n
-@itemx --no-input
-@opindex -n
-@opindex --no-input
-Use @file{/dev/null} for all input, telling the server side that
-we send no material. This can prevent the remote process from
-blocking, should it optionally accept more input.
-The option is void together with encryption.
-@end table
-
-@noindent
-The next three options are available only if the program
-has been compiled with support for Kerberos authentication.
-
-@table @option
-@item -k @var{realm}
-@itemx --realm=@var{realm}
-@opindex -k
-@opindex --realm
-The option requests rsh to obtain tickets for the remote host in
-realm @var{realm} instead of the remote host's realm.
-
-@item -K
-@itemx --kerberos
-@opindex -K
-@opindex --kerberos
-Turns off all Kerberos authentication.
-
-@item -x
-@itemx --encrypt
-@opindex -x
-@opindex --encrypt
-Turns on encryption for all data passed via the rsh session. This
-may impact response time and CPU utilization, but provides increased
-security.
-@end table
-
-@noindent
-Finally, some compatibility options are present:
-
-@table @option
-@item -8
-@itemx --8-bit
-@itemx -e @var{char}
-@itemx --escape=@var{char}
-@itemx -E
-@itemx --no-escape
-Ignored during normal operation, but passed on to @command{rlogin}
-when @command{rsh} is invoked without a command argument.
-@end table
-
-@section Note on stream redirections
-
-Beware that non-quoted shell metacharacters are interpreted on the local
-machine, while quoted metacharacters are interpreted on the remote
-machine. For example:
-
-@example
-rsh otherhost cat remotefile >> localfile
-rsh otherhost cat remotefile ">>" otherfile
-@end example
-
-@noindent
-The first command appends the contents of @file{remotefile}, as found
-on the remote host, to the file @file{localfile} on the local host,
-since the local shell will intercept the redirection and will thus
-receive whatever the remote process directs to stdout.
-
-In contrast, the second command will append the contents of the same
-file @file{remotefile} to a file named @file{otherfile} again, but this
-time the file is located on the remote host. The effect of quoting
-the redirection operator is to execute the command
-
-@example
-cat remotefile >> localfile
-@end example
-
-@noindent
-entirely on the remote most, whence stdout at the remote host will
-have nothing to transmit to the listening local host!.
-
+@c @node rcp invocation
+@c @chapter @command{rcp}: Copy files between machines
+@c @pindex rcp
+@c
+@c @command{rcp} copies files between machines. Each file or directory
+@c argument is either a remote file name of the form
+@c @samp{rname@@rhost:path}, or a local file name (containing no @samp{:}
+@c characters, or a @samp{/} before any @samp{:}s).
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c rcp [@var{option}]@dots{} @var{old-file} @var{new-file}
+@c rcp [@var{option}]@dots{} @var{files}@dots{} @var{directory}
+@c @end example
+@c
+@c @section Command line options
+@c @anchor{rcp options}
+@c
+@c @table @option
+@c @item -4
+@c @itemx --ipv4
+@c @opindex -4
+@c @opindex --ipv4
+@c Use only IPv4.
+@c
+@c @item -6
+@c @itemx --ipv6
+@c @opindex -6
+@c @opindex --ipv6
+@c Use only IPv6.
+@c
+@c @item -d @var{directory}
+@c @itemx --target-directory=@var{directory}
+@c @opindex -d
+@c @opindex --target-directory
+@c Copy all source arguments into @var{directory}.
+@c
+@c @item -f
+@c @itemx --from
+@c @opindex -f
+@c @opindex --from
+@c (Server mode only.) Copying from remote host.
+@c
+@c @item -k @var{realm}
+@c @itemx --realm=@var{realm}
+@c @opindex -k
+@c @opindex --realm
+@c The option requests rcp to obtain tickets for the remote host in
+@c realm @var{realm} instead of the remote host's realm.
+@c
+@c @item -K
+@c @itemx --kerberos
+@c @opindex -K
+@c @opindex --kerberos
+@c Turns off all Kerberos authentication.
+@c
+@c @item -p
+@c @itemx --preserve
+@c @opindex -p
+@c @opindex --preserve
+@c Causes @code{rcp} to attempt to preserve (duplicate) in its copies the
+@c modification times and modes of the source files, ignoring the umask.
+@c By default, the mode and owner of the target file are preserved
+@c if the target itself already exists; otherwise the mode of the source
+@c file is modified by the @code{umask} setting on the destination host.
+@c
+@c @item -r
+@c @itemx --recursive
+@c @opindex -r
+@c @opindex --recursive
+@c If any of the source files are directories, @command{rcp} copies each
+@c subtree rooted at that name; in this case the destination must be a
+@c directory.
+@c
+@c @item -t
+@c @itemx --to
+@c @opindex -t
+@c @opindex --to
+@c (Server mode only.) Copying to remote host.
+@c
+@c @item -x
+@c @itemx --encrypt
+@c @opindex -x
+@c @opindex --encrypt
+@c Turns on encryption for all data passed via the @command{rcp} session.
+@c This may impact response time and CPU utilization, but provides increased
+@c security.
+@c
+@c @end table
+@c
+@c @command{rcp} doesn't detect all cases where the target of a copy
+@c might be a file in cases where only a directory should be legal.
+@c
+@c @command{rcp} can be confused by any output generated by commands in a
+@c @file{.login}, @file{.profile}, or @file{.cshrc} file on the remote
+@c host.
+@c
+@c The destination user and hostname may have to be specified as
+@c @samp{rhost.rname} when the destination machine is running the 4.2BSD
+@c version of @command{rcp}.
+@c
+@c @node rexec invocation
+@c @chapter @command{rexec}: a remote execution program
+@c @pindex rexec
+@c
+@c @command{rexec} is a program that executes a program on another host.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c rexec --user=@var{login} --password=@var{pass} --host=@var{host} \
+@c @verb{| |}[OPTION] @var{command}
+@c @end example
+@c
+@c @section Command line options
+@c @anchor{rexec options}
+@c
+@c @table @option
+@c @item -4
+@c @itemx --ipv4
+@c @opindex -4
+@c @opindex --ipv4
+@c Use only IPv4 connections as all times.
+@c
+@c @item -6
+@c @itemx --ipv6
+@c @opindex -6
+@c @opindex --ipv6
+@c Use only IPv6 connections.
+@c
+@c @item -a
+@c @itemx --ipany
+@c @opindex -a
+@c @opindex --ipany
+@c Allow any address family for connections. This is the default.
+@c
+@c @item -e
+@c @itemx --error=@var{port}
+@c @opindex -e
+@c @opindex --error
+@c Specify the TCP port to use for stderr redirection, in case it is not
+@c specified a random port will be used.
+@c
+@c @item -h
+@c @item --host=@var{name}
+@c @opindex -h
+@c @opindex --host
+@c Specify the host with whom to connect: symbolic name or address.
+@c
+@c @item -n
+@c @itemx --noerr
+@c @opindex -n
+@c @opindex --noerr
+@c If specified, an error stream will not be created.
+@c
+@c @item -p
+@c @itemx --password=@var{passwd}
+@c @opindex -p
+@c @opindex --password
+@c Specify the password for logging-in. The special value
+@c consisting of a single dash @samp{-} will make @command{rexec}
+@c read a single line from stdin. This input is then used
+@c as password and is passed as such to the remote server.
+@c Thus it is possible to hide vital access information
+@c slightly better than the full disclosure implicit in
+@c the text of a command line option.
+@c
+@c @item -P
+@c @itemx --port=@var{num}
+@c @opindex -P
+@c @opindex --port
+@c Specify to which numerical port a connection shall be sought.
+@c If it is not specified, then use port 512/tcp by default.
+@c
+@c @item -u
+@c @itemx --user=@var{name}
+@c @opindex -u
+@c @opindex --user
+@c Specify the user with whom to log into the server.
+@c @end table
+@c
+@c @node rlogin invocation
+@c @chapter @command{rlogin}: Remote login
+@c @pindex rlogin
+@c
+@c The @command{rlogin} command starts a terminal session on the
+@c specified remote host, provided the required authentication
+@c is successful. The remote terminal type is the same as that
+@c given in the @env{TERM} local environment variable.
+@c The terminal and the window size stay the same, if the remote
+@c host supports them, and any changes in size are transferred
+@c as need may be.
+@c
+@c When using the @command{rlogin} command, you can create a link
+@c in your path, using a host name as the link name. For example:
+@c
+@c @example
+@c # ln -s /usr/bin/rlogin @var{hostname}
+@c # @var{hostname} -8
+@c @end example
+@c
+@c @noindent
+@c Afterwards, the use of @var{hostname} will automatically invoke
+@c @command{rlogin} to direct a log in request to the remote host
+@c named @var{hostname}.
+@c
+@c @command{rlogin} allows access to the remote host without the use of a
+@c password. The prerequisite is a suitable specification in @file{~/.rhosts}.
+@c For details, @xref{rcmd, , rcmd, libc, The GNU C Library Reference Manual}.
+@c
+@c @section Command line options
+@c @anchor{rlogin options}
+@c
+@c The options are as follows :
+@c
+@c @table @option
+@c @item -4
+@c @itemx --ipv4
+@c @opindex -4
+@c @opindex --ipv4
+@c Use only IPv4.
+@c
+@c @item -6
+@c @itemx --ipv6
+@c @opindex -6
+@c @opindex --ipv6
+@c Use only IPv6.
+@c
+@c @item -8
+@c @itemx --8-bit
+@c @opindex -8
+@c @opindex --8-bit
+@c Allows an eight-bit input data path at all times; otherwise parity
+@c bits are stripped except when the remote side's stop and start
+@c characters are other than @kbd{C-S}/@kbd{C-Q}.
+@c
+@c @item -d
+@c @itemx --debug
+@c @opindex -d
+@c @opindex --debug
+@c Turns on socket debugging on the TCP sockets used for communication
+@c with the remote host.
+@c
+@c @item -e @var{char}
+@c @itemx --escape=@var{char}
+@c @opindex -e
+@c @opindex --escape
+@c Allows user specification of the escape character, which is @samp{~}
+@c by default. This specification may be as a literal character, or as
+@c an octal value in the form @samp{\nnn}.
+@c
+@c @item -E
+@c @itemx --no-escape
+@c @opindex -E
+@c @opindex --no-escape
+@c Stops any character from being recognized as an escape character.
+@c When used with the @option{-8} option, this provides a completely
+@c transparent connection.
+@c
+@c @item -l @var{user}
+@c @itemx --user=@var{user}
+@c @opindex -l
+@c @opindex --user
+@c By default, the remote username is the same as the local username.
+@c This option, and the @samp{user@@host} format, allow the remote
+@c user name to be made explicit, or changed.
+@c @end table
+@c
+@c @noindent
+@c The next three options are available only if the program
+@c has been compiled with support for Kerberos authentication.
+@c
+@c @table @option
+@c @item -k @var{realm}
+@c @itemx --realm=@var{realm}
+@c @opindex -k
+@c @opindex --realm
+@c The option requests rlogin to obtain tickets for the remote host in
+@c realm @var{realm} instead of the remote host's realm.
+@c
+@c @item -K
+@c @itemx --kerberos
+@c @opindex -K
+@c @opindex --kerberos
+@c Turns off all Kerberos authentication.
+@c
+@c @item -x
+@c @itemx --encrypt
+@c @opindex -x
+@c @opindex --encrypt
+@c Turns on encryption for all data passed via the rlogin session.
+@c This may impact response time and CPU utilization, but provides
+@c increased security.
+@c @end table
+@c
+@c @section Escape characters and flow control
+@c
+@c As long as the connection stands, the client program @command{rsh}
+@c is observing the input stream in order to detect so called
+@c escape sequences, allowing the user to execute some local
+@c actions without having to tear down the remote connection.
+@c
+@c The sequences consist of two characters, the first of which
+@c always is the distinguished character @var{escape-char}.
+@c The following sequences are supported:
+@c
+@c @c An input line of the form of the two-character sequence
+@c @itemize @bullet
+@c @item
+@c @kbd{@var{escape-char} .} disconnects from the remote host.
+@c
+@c @item
+@c @kbd{@var{escape-char} C-d} does the same.
+@c (Termios character @samp{VEOF}.)
+@c
+@c @item
+@c @kbd{@var{escape-char} C-z} suspends the session, halting the
+@c remote process, but keeping it ready for resumed processing.
+@c The user is given access to a local shell.
+@c (Termios character @samp{VSUSP}.)
+@c
+@c @item
+@c @kbd{@var{escape-char} @var{delayed-suspend-char}} implements
+@c a half-way suspend, in the sense of stopping local input from
+@c reaching the remote side, but still displaying all output from
+@c the remote host on the local terminal. The remote process is
+@c still running, but the local user is given a local shell until
+@c the resuming the original command.
+@c Normally, only BSD systems offer this mode.
+@c (Termios character @samp{VDSUSP}.)
+@c @end itemize
+@c
+@c @noindent
+@c By default, the character tilde @samp{~} is assigned to @var{escape-char},
+@c but it can be changed using the option @option{--escape}.
+@c The processing of escape sequences can even be disable using
+@c the option @option{--no-escape}.
+@c On BSD systems, @var{delayed-suspend-char} is usually set to @kbd{C-Y}.
+@c It displays as @samp{dsusp} using @command{stty}.
+@c
+@c All echoing takes place at the remote site, so that the @command{rlogin}
+@c is transparent except possibly for transmission delays.
+@c Flow control via @kbd{C-S} and @kbd{C-Q}, if at all supported,
+@c will stop and start the flow of data on the local terminal.
+@c Flushing of input and output on interrupts is also
+@c handled properly.
+@c
+@c On the server side the @code{iruserok} and @code{ruserok} functions
+@c are used to authenticate the connection request, unless Kerberised
+@c mode is in effect. See the appropriate man pages for more information.
+@c
+@c @section Kerberos Authentication
+@c
+@c If @command{rlogin} was compiled with kerberos support, options
+@c @option{-x}, @option{-k}, @option{-K} are available. Each user may
+@c have a private authorization list in the file @file{.k5login} in their
+@c home directory. Each line in this file should contain a Kerberos
+@c principal name of the form @samp{principal/instance@@realm}. If the
+@c originating user is authenticated to one of the principals named in
+@c @file{.k5login}, access is granted to the account. The principal
+@c @samp{accountname@@localrealm} is granted access if there is no
+@c @file{.k5login} file. Otherwise a login and password will be prompted
+@c for on the remote machine as in @command{login}. To avoid certain
+@c security problems, the @file{.k5login} file must be owned by the remote
+@c user. If Kerberos authentication fails, a warning message is printed
+@c and the standard Berkeley rlogin is used instead.
+@c
+@c @node rsh invocation
+@c @chapter @command{rsh}: Remote shell
+@c @pindex rsh
+@c
+@c @command{rsh} executes commands on a remote host and copies its local
+@c standard input to that of the remote command, as well as the remote
+@c standard output to the local standard output, and the remote standard
+@c error to the local standard error. Locally raised interrupt, quit and
+@c terminate signals are all propagated to the remote command. Normally
+@c @command{rsh} terminates when the remote command does so.
+@c
+@c When using the @command{rsh} command, you can for convenience create
+@c a link in your path, using a host name as name of the link. For example:
+@c
+@c @example
+@c # ln -s /usr/bin/rsh @var{hostname}
+@c # @var{hostname} ls
+@c @end example
+@c
+@c @noindent
+@c Afterwards, @var{hostname} will be passed to @command{rsh} as host name
+@c whenever the command @var{hostname} is issued.
+@c
+@c @command{rsh} allows access to the remote host without the use of a
+@c password. The prerequisite is a suitable specification in @file{~/.rhosts}.
+@c For details, @xref{rcmd, , rcmd, libc, The GNU C Library Reference Manual}.
+@c
+@c If no command is specified for @command{rsh} ar argument following the
+@c host name, then you will be logged in on the remote host using @command{rlogin}.
+@c
+@c @section Command line options
+@c @anchor{rsh options}
+@c
+@c The options are as follows :
+@c
+@c @table @option
+@c @item -4
+@c @itemx --ipv4
+@c @opindex -4
+@c @opindex --ipv4
+@c Use only IPv4.
+@c
+@c @item -6
+@c @itemx --ipv6
+@c @opindex -6
+@c @opindex --ipv6
+@c Use only IPv6.
+@c
+@c @item -d
+@c @itemx --debug
+@c @opindex -d
+@c @opindex --debug
+@c Turns on socket debugging used for communication with the remote host.
+@c
+@c @item -l @var{user}
+@c @itemx --user=@var{user}
+@c @opindex -l
+@c @opindex --user
+@c By default, the remote username is the same as the local username.
+@c The @option{-l} option and the @samp{username@@host} format allow the
+@c remote user name to be specified. Kerberos authentication is used,
+@c whenever available, and authorization is determined as in @command{rlogin}
+@c (@pxref{rlogin invocation}).
+@c
+@c @item -n
+@c @itemx --no-input
+@c @opindex -n
+@c @opindex --no-input
+@c Use @file{/dev/null} for all input, telling the server side that
+@c we send no material. This can prevent the remote process from
+@c blocking, should it optionally accept more input.
+@c The option is void together with encryption.
+@c @end table
+@c
+@c @noindent
+@c The next three options are available only if the program
+@c has been compiled with support for Kerberos authentication.
+@c
+@c @table @option
+@c @item -k @var{realm}
+@c @itemx --realm=@var{realm}
+@c @opindex -k
+@c @opindex --realm
+@c The option requests rsh to obtain tickets for the remote host in
+@c realm @var{realm} instead of the remote host's realm.
+@c
+@c @item -K
+@c @itemx --kerberos
+@c @opindex -K
+@c @opindex --kerberos
+@c Turns off all Kerberos authentication.
+@c
+@c @item -x
+@c @itemx --encrypt
+@c @opindex -x
+@c @opindex --encrypt
+@c Turns on encryption for all data passed via the rsh session. This
+@c may impact response time and CPU utilization, but provides increased
+@c security.
+@c @end table
+@c
+@c @noindent
+@c Finally, some compatibility options are present:
+@c
+@c @table @option
+@c @item -8
+@c @itemx --8-bit
+@c @itemx -e @var{char}
+@c @itemx --escape=@var{char}
+@c @itemx -E
+@c @itemx --no-escape
+@c Ignored during normal operation, but passed on to @command{rlogin}
+@c when @command{rsh} is invoked without a command argument.
+@c @end table
+@c
+@c @section Note on stream redirections
+@c
+@c Beware that non-quoted shell metacharacters are interpreted on the local
+@c machine, while quoted metacharacters are interpreted on the remote
+@c machine. For example:
+@c
+@c @example
+@c rsh otherhost cat remotefile >> localfile
+@c rsh otherhost cat remotefile ">>" otherfile
+@c @end example
+@c
+@c @noindent
+@c The first command appends the contents of @file{remotefile}, as found
+@c on the remote host, to the file @file{localfile} on the local host,
+@c since the local shell will intercept the redirection and will thus
+@c receive whatever the remote process directs to stdout.
+@c
+@c In contrast, the second command will append the contents of the same
+@c file @file{remotefile} to a file named @file{otherfile} again, but this
+@c time the file is located on the remote host. The effect of quoting
+@c the redirection operator is to execute the command
+@c
+@c @example
+@c cat remotefile >> localfile
+@c @end example
+@c
+@c @noindent
+@c entirely on the remote most, whence stdout at the remote host will
+@c have nothing to transmit to the listening local host!.
+@c
@node talk invocation
@chapter @command{talk}: a communication program
@pindex talk
@@ -3082,104 +3082,104 @@ is to be disabled. Standard choices are
@samp{kerberos_v4}, and @samp{kerberos_v5}.
@end table
-@node tftp invocation
-@chapter @command{tftp}: TFTP client
-@pindex tftp
-
-@command{tftp} is the user interface to the Internet TFTP, Trivial
-File Transfer Protocol, which allows users to transfer files to and
-from a remote machine. The remote host may be specified on the
-command line, in which case @command{tftp} uses host as the default
-host for future transfers.
-
-@noindent
-Synopsis:
-
-@example
-tftp [@var{option}]@dots{} @var{host}
-@end example
-
-@section Commands
-
-Once @command{tftp} is running, it issues the prompt and recognizes
-the following commands:
-
-@table @code
-@item ? @var{command-name}
-Print help information.
-
-@item ascii
-Shorthand for @code{mode ascii}
-
-@item binary
-Shorthand for @code{mode binary}
-
-@item connect @var{host-name} [@var{port}]
-Set the host (and optionally port) for transfers. Note that the TFTP
-protocol, unlike the FTP protocol, does not maintain connections
-between transfers; thus, the connect command does not actually create
-a connection, but merely remembers what host is to be used for
-transfers. You do not have to use the connect command; the remote
-host can be specified as part of the get or put commands.
-
-@item get @var{file-name}
-@itemx get @var{remotename} @var{localname}
-@itemx get @var{file}@dots{}
-Get a file, or a set of files, from the specified sources. The source can
-be in one of two forms: a file name on the remote host, if the host has
-already been specified, or a string of the form @samp{host:filename}
-to specify both a host and file name at the same time. If the latter
-form is used, the last hostname specified becomes the default for
-future transfers. When specifying a numeric IPv6 address as host
-part, then this address must be enclosed between square brackets,
-since it contains colons and would interfere with the delimiter
-before the file name. Brackets are optional for IPv4 addresses.
-
-@example
-tftp> get [2001:1234::12]:issue
-@end example
-
-@item mode @var{transfer-mode}
-Set the mode for transfers; @var{transfer-mode} may be one of
-@samp{ascii} or @samp{binary}. The default is @samp{ascii}.
-
-@item put @var{file}
-@itemx put @var{localfile} @var{remotefile}
-@itemx put @var{file}@dots{} @var{remote-directory}
-Put a file or set of files to the specified remote file or directory.
-The destination can be in one of two forms: a filename on the remote
-host, if the host has already been specified, or a string of the form
-@samp{host:filename} to specify both a host and filename at the same
-time. If the latter form is used, the hostname specified becomes the
-default for future transfers. If the @file{remote-directory} form is
-used, the remote host is assumed to be a UNIX machine. The same use
-of square brackets for enclosing numeric IPv6 addresses applies here,
-as was mentioned for the command @command{get}.
-
-@item quit
-Exit @command{tftp}. An end of file also exits.
-
-@item rexmt @var{retransmission-timeout}
-Set the per-packet retransmission timeout, in seconds.
-
-@item status
-Show current status.
-
-@item timeout @var{total-transmission-timeout}
-Set the total transmission timeout, in seconds.
-
-@item trace
-Toggle packet tracing.
-
-@item verbose
-Toggle verbose mode.
-@end table
-
-Because there is no user-login or validation within the @command{tftp}
-protocol, the remote site will probably have some sort of file-access
-restrictions in place. The exact methods are specific to each site
-and therefore difficult to document here.
-
+@c @node tftp invocation
+@c @chapter @command{tftp}: TFTP client
+@c @pindex tftp
+@c
+@c @command{tftp} is the user interface to the Internet TFTP, Trivial
+@c File Transfer Protocol, which allows users to transfer files to and
+@c from a remote machine. The remote host may be specified on the
+@c command line, in which case @command{tftp} uses host as the default
+@c host for future transfers.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c tftp [@var{option}]@dots{} @var{host}
+@c @end example
+@c
+@c @section Commands
+@c
+@c Once @command{tftp} is running, it issues the prompt and recognizes
+@c the following commands:
+@c
+@c @table @code
+@c @item ? @var{command-name}
+@c Print help information.
+@c
+@c @item ascii
+@c Shorthand for @code{mode ascii}
+@c
+@c @item binary
+@c Shorthand for @code{mode binary}
+@c
+@c @item connect @var{host-name} [@var{port}]
+@c Set the host (and optionally port) for transfers. Note that the TFTP
+@c protocol, unlike the FTP protocol, does not maintain connections
+@c between transfers; thus, the connect command does not actually create
+@c a connection, but merely remembers what host is to be used for
+@c transfers. You do not have to use the connect command; the remote
+@c host can be specified as part of the get or put commands.
+@c
+@c @item get @var{file-name}
+@c @itemx get @var{remotename} @var{localname}
+@c @itemx get @var{file}@dots{}
+@c Get a file, or a set of files, from the specified sources. The source can
+@c be in one of two forms: a file name on the remote host, if the host has
+@c already been specified, or a string of the form @samp{host:filename}
+@c to specify both a host and file name at the same time. If the latter
+@c form is used, the last hostname specified becomes the default for
+@c future transfers. When specifying a numeric IPv6 address as host
+@c part, then this address must be enclosed between square brackets,
+@c since it contains colons and would interfere with the delimiter
+@c before the file name. Brackets are optional for IPv4 addresses.
+@c
+@c @example
+@c tftp> get [2001:1234::12]:issue
+@c @end example
+@c
+@c @item mode @var{transfer-mode}
+@c Set the mode for transfers; @var{transfer-mode} may be one of
+@c @samp{ascii} or @samp{binary}. The default is @samp{ascii}.
+@c
+@c @item put @var{file}
+@c @itemx put @var{localfile} @var{remotefile}
+@c @itemx put @var{file}@dots{} @var{remote-directory}
+@c Put a file or set of files to the specified remote file or directory.
+@c The destination can be in one of two forms: a filename on the remote
+@c host, if the host has already been specified, or a string of the form
+@c @samp{host:filename} to specify both a host and filename at the same
+@c time. If the latter form is used, the hostname specified becomes the
+@c default for future transfers. If the @file{remote-directory} form is
+@c used, the remote host is assumed to be a UNIX machine. The same use
+@c of square brackets for enclosing numeric IPv6 addresses applies here,
+@c as was mentioned for the command @command{get}.
+@c
+@c @item quit
+@c Exit @command{tftp}. An end of file also exits.
+@c
+@c @item rexmt @var{retransmission-timeout}
+@c Set the per-packet retransmission timeout, in seconds.
+@c
+@c @item status
+@c Show current status.
+@c
+@c @item timeout @var{total-transmission-timeout}
+@c Set the total transmission timeout, in seconds.
+@c
+@c @item trace
+@c Toggle packet tracing.
+@c
+@c @item verbose
+@c Toggle verbose mode.
+@c @end table
+@c
+@c Because there is no user-login or validation within the @command{tftp}
+@c protocol, the remote site will probably have some sort of file-access
+@c restrictions in place. The exact methods are specific to each site
+@c and therefore difficult to document here.
+@c
@node inetd invocation
@chapter @command{inetd}: Internet super-server
@pindex inetd
@@ -4186,574 +4186,574 @@ that a single @samp{@@} on a line by its
upon every user allowed to access the FTP service.
This gives a Draconian, protective configuration.
-@node rexecd invocation
-@chapter @command{rexecd}: server for @code{rexec}
-@pindex rexecd
-
-@command{rexecd} is the server for the @code{rexec} routine. The
-server provides remote execution facilities with authentication based
-on user names and passwords. It passes error messages and notices
-to the @code{syslog} facility @samp{LOG_DAEMON}.
-
-@example
-rexecd [@var{option}]@dots{}
-@end example
-
-@command{rexecd} listens for service requests at the port indicated in
-the @samp{exec} service specification. When a service request is
-received the following protocol is initiated:
-
-@enumerate
-@item
-The server reads characters from the socket up to a NUL (@samp{\0})
-byte. The resultant string is interpreted as an ASCII number, base
-10.
-
-@item
-If the number received in step 1 is non-zero, it is interpreted as the
-port number of a secondary stream to be used for the stderr. A second
-connection is then created to the specified port on the client's
-machine.
-
-@item
-A NUL terminated user name of at most 16 characters is retrieved on
-the initial socket.
-
-@item
-A NUL terminated, unencrypted password of at most 16 characters is
-retrieved on the initial socket.
-
-@item
-A NUL terminated command to be passed to a shell is retrieved on the
-initial socket. The length of the command is limited by the upper
-bound on the size of the system's argument list.
-
-@item
-@command{rexecd} then validates the user as is done at login time and,
-if the authentication was successful, changes to the user's home
-directory, and establishes the user and group protections of the user.
-If any of these steps fail the connection is aborted with a diagnostic
-message returned.
-
-@item
-A NUL byte is returned on the initial socket and the command line is
-passed to the normal login shell of the user. The shell inherits the
-network connections established by rexecd.
-@end enumerate
-
-@section Invoking
-
-The only option is as follows:
-
-@table @option
-@item -l
-@itemx --logging
-@opindex -l
-@opindex --logging
-Raise logging level for this service; use more than once for
-increased verbosity. The @code{syslog} facility in use is
-@samp{LOG_DAEMON}.
-
-@end table
-
-Should @command{rexecd} have been built with PAM support,
-it reads any setting specified for a service named @samp{rexec}.
-
-@section Diagnostics
-
-Except for the last one listed below, all diagnostic messages are
-returned on the initial socket, after which any network connections
-are closed. An error is indicated by a leading byte with a value of 1
-(0 is returned in step 7 above upon successful completion of all the
-steps prior to the command execution).
-
-@table @samp
-@item username too long
-The name is longer than 16 characters.
-
-@item password too long
-The password is longer than 16 characters.
-
-@item command too long
-The command line passed exceeds the size of the argument list (as
-configured into the system).
-
-@item Login incorrect.
-No password file entry for the user name existed.
-
-@item Password incorrect.
-The wrong password was supplied.
-
-@item No remote directory.
-The chdir command to the home directory failed.
-
-@item Try again.
-A fork by the server failed.
-
-@item <shellname>: @dots{}
-The user's login shell could not be started. This message is returned
-on the connection associated with the stderr, and is not ...
-@c FIXME: Fill this out.
-@end table
-
-@emph{Note}, that indicating @samp{Login incorrect} as opposed to
-@samp{Password incorrect} is a security breach which allows people to
-probe a system for users with null passwords.
-
-@node rlogind invocation
-@chapter @command{rlogind}: Remote login server
-@pindex rlogind
-
-@command{rlogind} is the server for the @command{rlogin} client program
-(@pxref{rlogin invocation}). The server provides a remote login
-facility with authentication based on privileged port numbers from
-trusted hosts, or using authentication according to a Kerberos
-protocol.
-
-@command{rlogind} in daemon mode listens for service requests at the
-port indicated in the @samp{login} service specification. A common
-alternative is to have the super-server @command{inetd} listen at
-the same port, which then invokes @command{rlogind} as demand arises.
-In Kerberised mode, the port is either @samp{eklogin}, or
-@samp{klogin}, depending on preset encryption, or none.
-
-The standard authentication procedure assumes the integrity of each
-client machine and of the connecting medium. This is insecure, since
-it transmits credentials in clear text, but is useful in an ``open''
-environment. This weakness is reduced when running the service
-in Kerberised version, at the price of a larger complexity of the
-supporting infrastructure. Using an encrypting Kerberised service
-even avoids all clear text processing.
-
-@section Invoking
-
-The available options are as follows:
-
-@table @option
-@item -4
-@itemx --ipv4
-@opindex -4
-@opindex --ipv4
-Accept only IPv4 connections in daemon mode.
-
-@item -6
-@itemx --ipv6
-@opindex -6
-@opindex --ipv6
-Only IPv6 connections in daemon mode.
-
-@item -a
-@itemx --verify-hostname
-@opindex -a
-@opindex --verify-hostname
-Ask hostname for verification.
-
-@item -d[@var{max}]
-@itemx --daemon[=@var{max}]
-@opindex -d
-@opindex --daemon
-Run in background daemon mode, optionally setting the maximal
-number of simultaneously running client sessions. The default
-limit is 10.
-
-@item -D[@var{level}]
-@itemx --debug[=@var{level}]
-@opindex -D
-@opindex -debug
-Set debug level, not implemented.
-
-@item -l
-@itemx --no-rhosts
-@opindex -l
-@opindex --no-rhosts
-Ignore client's @file{.rhosts} file.
-
-@item -L @var{name}
-@itemx --local-domain=@var{name}
-@opindex -L
-@opindex --local-domain
-Set local domain name, to which the server host belongs. By default
-the domain is recovered from the canonical name of the host.
-
-@item -n
-@itemx --no-keepalive
-@opindex -n
-@opindex --no-keepalive
-Do not set SO_KEEPALIVE on sockets. This decreases the ability
-to close lost connections to once active clients.
-
-@item -o
-@itemx --allow-root
-@opindex -o
-@opindex --allow-root
-Allow the root user to login, which is disallowed by default.
-
-@item -p @var{port}
-@itemx --port=@var{port}
-@opindex -p
-@opindex --port
-Listen on given port. Applicable only in daemon mode.
-
-@item -r
-@itemx --reverse-required
-@opindex -r
-@opindex --reverse-required
-Require reverse resolvability of remote host's numerical IP.
-@end table
-
-For sites requiring improved authentication, Kerberos
-authentication is a viable decision, and possibly even
-with encryption for enhanced integrity. Three additional
-options are available for an executable @command{rlogind}
-compiled with Kerberos support.
-
-@table @option
-@item -k
-@itemx --kerberos
-@opindex -k
-@opindex --kerberos
-Activate Kerberos authentication on all incoming requests.
-
-@item -S @var{name}
-@itemx --server-principal=@var{name}
-@opindex -S
-@opindex --server-principal
-Set Kerberos server name, overriding canonical hostname.
-
-@item -x
-@itemx --encrypt
-@opindex -x
-@opindex --encrypt
-Activate encryption of all data passed via the @command{rlogind} session.
-This may impact response time and CPU utilization, but provides
-increased security. Only for Kerberised mode of operation.
-@end table
-
-Should @command{rlogind} have been built with PAM support,
-it reads any setting specified for a service named either
-@samp{rlogin} or @samp{krlogin}, the latter name for clients
-using Kerberised authentication.
-
-@section Kerberos specific details
-
-The option @option{-k} is mandatory for Kerberised operation mode,
-while addition of the option @option{-x} will also demand encryption
-of every request to this particular server.
-
-@command{rlogind} will, in Kerberised operation mode, as default
-instantiate itself using the principal name
-@samp{host/canonical_name@@DEFAULT_REALM}, a compound arranged
-from the running host's canonical name, and from the default realm
-configured for the system. Either of these can be overridden
-using the option @option{--server-principal}, as follows:
-
-@example
-rlogind -k -S alias.server.our
-rlogind --kerberos --server-principal=@@NEW.REALM
-rlogind -k -x -S rlogin/backup.ex.org@@OUR.REALM
-@end example
-
-When overriding only the realm, with the option @option{-S},
-an initial at-sign is mandatory.
-
-@section Protocol details
-
-When a service request is received, in non-Kerberised mode,
-the following protocol is initiated:
-
-@enumerate
-@item
-The server checks the client's source port. If the port is not in the
-range 512-1023, the server aborts the connection.
-
-@item
-The server next checks the client's source address and requests the
-corresponding host name. If the hostname cannot be determined, the
-numerical representation of the host address is used. If the
-hostname is in the same domain as the server (according to the last
-two components of the domain name), or if the option @option{-a} is
-in effect, the address for the hostname is requested, verifying that
-the name and address correspond. Normal authentication is considered
-as failed, should this address verification fail.
-@end enumerate
-
-Once the source port and address have been checked, @command{rlogind}
-proceeds
-with the authentication process as described in @ref{rshd invocation}.
-The server
-then allocates a pseudo terminal, and manipulates file descriptors so
-that the slave half of the pseudo terminal becomes the stdin, stdout,
-and stderr for a login process. The login process is an instance of
-the @command{login} program, invoked with the option @option{-f} if
-authentication had succeeded. If automatic authentication had failed,
-the user is prompted to log in as if on a standard terminal line.
-
-The parent of the login process manipulates the master side of the
-pseudo terminal, operating as an intermediary between the login
-process and the client instance of the rlogin program. In normal
-operation, the packet protocol described in @samp{PTY} is invoked to
-provide flow control using @kbd{C-S}/@kbd{C-Q}, and to propagate interrupt
-signals to the remote program. The login process transmits the
-client terminal's baud rate, and its terminal type, as found in the
-environment variable @env{TERM}. The screen or window size of the
-terminal is requested from the client, and any later window size changes
-at the client's side are propagated to the pseudo terminal as well.
-
-Transport-level keepalive messages are enabled unless the
-option @option{-n} was in effect when starting @code{rlogind}.
-The use of keepalive messages allows sessions to be timed out,
-should the client crash, or otherwise become unreachable.
-
-@xref{ruserok, , ruserok, libc, The GNU C Library Reference Manual},
-for details.
-
-@section Diagnostics
-
-The exchange protocol states that a negotiation reaches a successful
-completion as soon as the server @command{rlogind} transmits back to
-the client a single null byte, marking the completion of all
-information exchange.
-
-Error conditions are instead transmitted back to the client as
-a message containing an initial byte value 1, followed by a C-string
-indicating the cause of failure. All network connections are closed
-at the server side after this message. Some common messages follow:
-
-@table @samp
-@item Permission denied.
-The client presented insufficient credentials,
-or the client's address is not sufficiently resolvable
-to pass the checks induced by options @option{-a} or @option{-r}.
-
-@item Try again.
-A fork by the server failed.
-@end table
-
-@node rshd invocation
-@chapter @command{rshd}: Remote shell server
-@pindex rshd
-
-The @command{rshd} server is the server for the @code{rcmd} routine
-and, consequently, for the @command{rsh} (@pxref{rsh invocation})
-program. The server provides remote execution facilities with
-authentication based on privileged port numbers from trusted hosts.
-The @command{rshd} server listens for service requests at the port
-indicated in the @samp{cmd} service specification. When a service
-request is received the following protocol is initiated:
-
-@enumerate
-@item
-The server checks the client's source port. If the port is not in the
-range 512--1023, the server aborts the connection. However, this
-condition is not applied for Kerberized service.
-
-@item
-The server reads characters from the socket up to a NUL (@samp{\0})
-byte. The resultant string is interpreted as an ASCII number, base
-10.
-
-@item
-If the number received in step 2 is non-zero, it is interpreted as the
-port number of a secondary stream to be used for the stderr. A second
-connection is then created to the specified port on the client's
-machine. The source port of this second connection is also in the
-range 512--1023.
-
-@item
-The server checks the client's source address and requests the
-corresponding host name. If the hostname cannot be determined, the
-dot-notation representation of the host address is used. If the
-hostname is in the same domain as the server (according to the last
-two components of the domain name), or if the @option{-a} option is
-given, the addresses for the hostname are requested, verifying that
-the name and address correspond. If address verification fails, the
-connection is aborted with the message, @samp{Host address mismatch.}
-
-@item
-A null terminated user name of at most 16 characters is retrieved on
-the initial socket. This user name is interpreted as the user
-identity on the client's machine.
-
-@item
-A null terminated user name of at most 16 characters is retrieved on
-the initial socket. This user name is interpreted as a user identity
-to use on the server's machine.
-
-@item
-A null terminated command to be passed to a shell is retrieved on the
-initial socket. The length of the command is limited by the upper
-bound on the size of the system's argument list.
-
-@item
-Rshd then validates the user using @code{ruserok}, which uses the file
-@file{/etc/hosts.equiv} and the @file{.rhosts} file found in the
-user's home directory. The @option{-l} option prevents @code{ruserok}
-from doing any validation based on the user's @file{.rhosts} file,
-unless the user is the superuser.
-
-@item
-If the file @file{/etc/nologin} exists and the user is not the
-superuser, the connection is closed.
-
-@item
-A null byte is returned on the initial socket and the command line is
-passed to the normal login shell of the user. The shell inherits the
-network connections established by @command{rshd}.
-
-@item
-Transport-level keepalive messages are enabled unless the @option{-n}
-option is present. The use of keepalive messages allows sessions to
-be timed out if the client crashes or becomes unreachable.
-
-@item
-The @option{-L} option causes all successful accesses to be logged to
-@command{syslogd} (@pxref{syslogd invocation}) as @samp{auth.info}
-messages.
-@end enumerate
-
-@xref{ruserok, , ruserok, libc, The GNU C Library Reference Manual},
-for details.
-
-@section Invoking
-
-The options are as follows:
-
-@table @option
-@item -a
-@itemx --verify-hostname
-@opindex -a
-@opindex --verify-hostname
-Ask hostname for verification.
-
-@c @item -d
-@c @itemx --daemon
+@c @node rexecd invocation
+@c @chapter @command{rexecd}: server for @code{rexec}
+@c @pindex rexecd
+@c
+@c @command{rexecd} is the server for the @code{rexec} routine. The
+@c server provides remote execution facilities with authentication based
+@c on user names and passwords. It passes error messages and notices
+@c to the @code{syslog} facility @samp{LOG_DAEMON}.
+@c
+@c @example
+@c rexecd [@var{option}]@dots{}
+@c @end example
+@c
+@c @command{rexecd} listens for service requests at the port indicated in
+@c the @samp{exec} service specification. When a service request is
+@c received the following protocol is initiated:
+@c
+@c @enumerate
+@c @item
+@c The server reads characters from the socket up to a NUL (@samp{\0})
+@c byte. The resultant string is interpreted as an ASCII number, base
+@c 10.
+@c
+@c @item
+@c If the number received in step 1 is non-zero, it is interpreted as the
+@c port number of a secondary stream to be used for the stderr. A second
+@c connection is then created to the specified port on the client's
+@c machine.
+@c
+@c @item
+@c A NUL terminated user name of at most 16 characters is retrieved on
+@c the initial socket.
+@c
+@c @item
+@c A NUL terminated, unencrypted password of at most 16 characters is
+@c retrieved on the initial socket.
+@c
+@c @item
+@c A NUL terminated command to be passed to a shell is retrieved on the
+@c initial socket. The length of the command is limited by the upper
+@c bound on the size of the system's argument list.
+@c
+@c @item
+@c @command{rexecd} then validates the user as is done at login time and,
+@c if the authentication was successful, changes to the user's home
+@c directory, and establishes the user and group protections of the user.
+@c If any of these steps fail the connection is aborted with a diagnostic
+@c message returned.
+@c
+@c @item
+@c A NUL byte is returned on the initial socket and the command line is
+@c passed to the normal login shell of the user. The shell inherits the
+@c network connections established by rexecd.
+@c @end enumerate
+@c
+@c @section Invoking
+@c
+@c The only option is as follows:
+@c
+@c @table @option
+@c @item -l
+@c @itemx --logging
+@c @opindex -l
+@c @opindex --logging
+@c Raise logging level for this service; use more than once for
+@c increased verbosity. The @code{syslog} facility in use is
+@c @samp{LOG_DAEMON}.
+@c
+@c @end table
+@c
+@c Should @command{rexecd} have been built with PAM support,
+@c it reads any setting specified for a service named @samp{rexec}.
+@c
+@c @section Diagnostics
+@c
+@c Except for the last one listed below, all diagnostic messages are
+@c returned on the initial socket, after which any network connections
+@c are closed. An error is indicated by a leading byte with a value of 1
+@c (0 is returned in step 7 above upon successful completion of all the
+@c steps prior to the command execution).
+@c
+@c @table @samp
+@c @item username too long
+@c The name is longer than 16 characters.
+@c
+@c @item password too long
+@c The password is longer than 16 characters.
+@c
+@c @item command too long
+@c The command line passed exceeds the size of the argument list (as
+@c configured into the system).
+@c
+@c @item Login incorrect.
+@c No password file entry for the user name existed.
+@c
+@c @item Password incorrect.
+@c The wrong password was supplied.
+@c
+@c @item No remote directory.
+@c The chdir command to the home directory failed.
+@c
+@c @item Try again.
+@c A fork by the server failed.
+@c
+@c @item <shellname>: @dots{}
+@c The user's login shell could not be started. This message is returned
+@c on the connection associated with the stderr, and is not ...
+@c @c FIXME: Fill this out.
+@c @end table
+@c
+@c @emph{Note}, that indicating @samp{Login incorrect} as opposed to
+@c @samp{Password incorrect} is a security breach which allows people to
+@c probe a system for users with null passwords.
+@c
+@c @node rlogind invocation
+@c @chapter @command{rlogind}: Remote login server
+@c @pindex rlogind
+@c
+@c @command{rlogind} is the server for the @command{rlogin} client program
+@c (@pxref{rlogin invocation}). The server provides a remote login
+@c facility with authentication based on privileged port numbers from
+@c trusted hosts, or using authentication according to a Kerberos
+@c protocol.
+@c
+@c @command{rlogind} in daemon mode listens for service requests at the
+@c port indicated in the @samp{login} service specification. A common
+@c alternative is to have the super-server @command{inetd} listen at
+@c the same port, which then invokes @command{rlogind} as demand arises.
+@c In Kerberised mode, the port is either @samp{eklogin}, or
+@c @samp{klogin}, depending on preset encryption, or none.
+@c
+@c The standard authentication procedure assumes the integrity of each
+@c client machine and of the connecting medium. This is insecure, since
+@c it transmits credentials in clear text, but is useful in an ``open''
+@c environment. This weakness is reduced when running the service
+@c in Kerberised version, at the price of a larger complexity of the
+@c supporting infrastructure. Using an encrypting Kerberised service
+@c even avoids all clear text processing.
+@c
+@c @section Invoking
+@c
+@c The available options are as follows:
+@c
+@c @table @option
+@c @item -4
+@c @itemx --ipv4
+@c @opindex -4
+@c @opindex --ipv4
+@c Accept only IPv4 connections in daemon mode.
+@c
+@c @item -6
+@c @itemx --ipv6
+@c @opindex -6
+@c @opindex --ipv6
+@c Only IPv6 connections in daemon mode.
+@c
+@c @item -a
+@c @itemx --verify-hostname
+@c @opindex -a
+@c @opindex --verify-hostname
+@c Ask hostname for verification.
+@c
+@c @item -d[@var{max}]
+@c @itemx --daemon[=@var{max}]
@c @opindex -d
@c @opindex --daemon
-@c Daemon mode.
-
-@item -k
-@itemx --kerberos
-@opindex -k
-@opindex --kerberos
-Use Kerberos authentication.
-
-@item -l
-@itemx --no-rhosts
-@opindex -l
-@opindex --no-rhosts
-Ignore @file{.rhosts} file.
-
-@item -L
-@itemx --log-sessions
-@opindex -L
-@opindex --log-sessions
-Log successful logins.
-
-@item -n
-@itemx --no-keepalive
-@opindex -n
-@opindex --no-keepalive
-Do not set SO_KEEPALIVE.
-
-@item -S @var{name}
-@itemx --servername=@var{name}
-@opindex -S
-@opindex --servername
-Set Kerberos server name, overriding canonical hostname.
-
-@item -v
-@itemx --vacuous
-@opindex -v
-@opindex --vacuous
-Fail any call asking for non-Kerberos authentication.
-
-@c OBSOLETE?
-@c @item -x
-@c @itemx --encrypt
-@c @opindex -x
-@c @opindex --encrypt
-@c Turns on DES encryption for all data passed via the @command{rshd}
-@c session. This may impact response time and CPU utilization, but
-@c provides increased security.
-
+@c Run in background daemon mode, optionally setting the maximal
+@c number of simultaneously running client sessions. The default
+@c limit is 10.
+@c
@c @item -D[@var{level}]
@c @itemx --debug[=@var{level}]
@c @opindex -D
@c @opindex -debug
@c Set debug level, not implemented.
-
+@c
+@c @item -l
+@c @itemx --no-rhosts
+@c @opindex -l
+@c @opindex --no-rhosts
+@c Ignore client's @file{.rhosts} file.
+@c
+@c @item -L @var{name}
+@c @itemx --local-domain=@var{name}
+@c @opindex -L
+@c @opindex --local-domain
+@c Set local domain name, to which the server host belongs. By default
+@c the domain is recovered from the canonical name of the host.
+@c
+@c @item -n
+@c @itemx --no-keepalive
+@c @opindex -n
+@c @opindex --no-keepalive
+@c Do not set SO_KEEPALIVE on sockets. This decreases the ability
+@c to close lost connections to once active clients.
+@c
@c @item -o
@c @itemx --allow-root
@c @opindex -o
@c @opindex --allow-root
-@c Allow uid == 0 to login, disabled by default
-
+@c Allow the root user to login, which is disallowed by default.
+@c
@c @item -p @var{port}
@c @itemx --port=@var{port}
@c @opindex -p
@c @opindex --port
-@c Listen on given port (valid only in daemon mode).
-
-@item -r
-@itemx --reverse-required
-@opindex -r
-@opindex --reverse-required
-Demand that the client's IP address be resolvable
-as a host name.
-@end table
-
-Should @command{rshd} have been built with PAM support,
-it reads any setting specified for a service named either
-@samp{rsh} or @samp{krsh}, the latter name for clients
-seeking Kerberised authentication.
-
-@section Diagnostics
-
-Except for the last one listed below, all diagnostic messages are
-returned on the initial socket, after which any network connections
-are closed. An error is indicated by a leading byte with a value of 1
-(0 is returned in step 10 above upon successful completion of all the
-steps prior to the execution of the login shell).
-
-@table @samp
-@item Locuser too long
-The name of the user on the client's machine is longer than 16
-characters.
-
-@item Ruser too long
-The name of the user on the remote machine is longer than 16
-characters.
-
-@item Command too long
-The command line passed exceeds the size of the argument list (as
-configured into the system).
-
-@item Login incorrect
-No password file entry for the user name existed.
-
-@item Remote directory
-The chdir command to the home directory failed.
-
-@item Permission denied
-The authentication procedure described above failed,
-or address resolution was insufficient.
-
-@item Can't make pipe.
-The pipe needed for the stderr, wasn't created.
-
-@item Can't fork; try again.
-A fork by the server failed.
-
-@item <shellname>: @dots{}
-The user's login shell could not be started. This message is returned
-on the connection associated with the stderr, and is not preceded by a
-flag byte.
-@end table
-
-The authentication procedure used here assumes the integrity of each
-client machine and the connecting medium. This is insecure, but is
-useful in an ``open'' environment.
-
+@c Listen on given port. Applicable only in daemon mode.
+@c
+@c @item -r
+@c @itemx --reverse-required
+@c @opindex -r
+@c @opindex --reverse-required
+@c Require reverse resolvability of remote host's numerical IP.
+@c @end table
+@c
+@c For sites requiring improved authentication, Kerberos
+@c authentication is a viable decision, and possibly even
+@c with encryption for enhanced integrity. Three additional
+@c options are available for an executable @command{rlogind}
+@c compiled with Kerberos support.
+@c
+@c @table @option
+@c @item -k
+@c @itemx --kerberos
+@c @opindex -k
+@c @opindex --kerberos
+@c Activate Kerberos authentication on all incoming requests.
+@c
+@c @item -S @var{name}
+@c @itemx --server-principal=@var{name}
+@c @opindex -S
+@c @opindex --server-principal
+@c Set Kerberos server name, overriding canonical hostname.
+@c
+@c @item -x
+@c @itemx --encrypt
+@c @opindex -x
+@c @opindex --encrypt
+@c Activate encryption of all data passed via the @command{rlogind} session.
+@c This may impact response time and CPU utilization, but provides
+@c increased security. Only for Kerberised mode of operation.
+@c @end table
+@c
+@c Should @command{rlogind} have been built with PAM support,
+@c it reads any setting specified for a service named either
+@c @samp{rlogin} or @samp{krlogin}, the latter name for clients
+@c using Kerberised authentication.
+@c
+@c @section Kerberos specific details
+@c
+@c The option @option{-k} is mandatory for Kerberised operation mode,
+@c while addition of the option @option{-x} will also demand encryption
+@c of every request to this particular server.
+@c
+@c @command{rlogind} will, in Kerberised operation mode, as default
+@c instantiate itself using the principal name
+@c @samp{host/canonical_name@@DEFAULT_REALM}, a compound arranged
+@c from the running host's canonical name, and from the default realm
+@c configured for the system. Either of these can be overridden
+@c using the option @option{--server-principal}, as follows:
+@c
+@c @example
+@c rlogind -k -S alias.server.our
+@c rlogind --kerberos --server-principal=@@NEW.REALM
+@c rlogind -k -x -S rlogin/backup.ex.org@@OUR.REALM
+@c @end example
+@c
+@c When overriding only the realm, with the option @option{-S},
+@c an initial at-sign is mandatory.
+@c
+@c @section Protocol details
+@c
+@c When a service request is received, in non-Kerberised mode,
+@c the following protocol is initiated:
+@c
+@c @enumerate
+@c @item
+@c The server checks the client's source port. If the port is not in the
+@c range 512-1023, the server aborts the connection.
+@c
+@c @item
+@c The server next checks the client's source address and requests the
+@c corresponding host name. If the hostname cannot be determined, the
+@c numerical representation of the host address is used. If the
+@c hostname is in the same domain as the server (according to the last
+@c two components of the domain name), or if the option @option{-a} is
+@c in effect, the address for the hostname is requested, verifying that
+@c the name and address correspond. Normal authentication is considered
+@c as failed, should this address verification fail.
+@c @end enumerate
+@c
+@c Once the source port and address have been checked, @command{rlogind}
+@c proceeds
+@c with the authentication process as described in @ref{rshd invocation}.
+@c The server
+@c then allocates a pseudo terminal, and manipulates file descriptors so
+@c that the slave half of the pseudo terminal becomes the stdin, stdout,
+@c and stderr for a login process. The login process is an instance of
+@c the @command{login} program, invoked with the option @option{-f} if
+@c authentication had succeeded. If automatic authentication had failed,
+@c the user is prompted to log in as if on a standard terminal line.
+@c
+@c The parent of the login process manipulates the master side of the
+@c pseudo terminal, operating as an intermediary between the login
+@c process and the client instance of the rlogin program. In normal
+@c operation, the packet protocol described in @samp{PTY} is invoked to
+@c provide flow control using @kbd{C-S}/@kbd{C-Q}, and to propagate interrupt
+@c signals to the remote program. The login process transmits the
+@c client terminal's baud rate, and its terminal type, as found in the
+@c environment variable @env{TERM}. The screen or window size of the
+@c terminal is requested from the client, and any later window size changes
+@c at the client's side are propagated to the pseudo terminal as well.
+@c
+@c Transport-level keepalive messages are enabled unless the
+@c option @option{-n} was in effect when starting @code{rlogind}.
+@c The use of keepalive messages allows sessions to be timed out,
+@c should the client crash, or otherwise become unreachable.
+@c
+@c @xref{ruserok, , ruserok, libc, The GNU C Library Reference Manual},
+@c for details.
+@c
+@c @section Diagnostics
+@c
+@c The exchange protocol states that a negotiation reaches a successful
+@c completion as soon as the server @command{rlogind} transmits back to
+@c the client a single null byte, marking the completion of all
+@c information exchange.
+@c
+@c Error conditions are instead transmitted back to the client as
+@c a message containing an initial byte value 1, followed by a C-string
+@c indicating the cause of failure. All network connections are closed
+@c at the server side after this message. Some common messages follow:
+@c
+@c @table @samp
+@c @item Permission denied.
+@c The client presented insufficient credentials,
+@c or the client's address is not sufficiently resolvable
+@c to pass the checks induced by options @option{-a} or @option{-r}.
+@c
+@c @item Try again.
+@c A fork by the server failed.
+@c @end table
+@c
+@c @node rshd invocation
+@c @chapter @command{rshd}: Remote shell server
+@c @pindex rshd
+@c
+@c The @command{rshd} server is the server for the @code{rcmd} routine
+@c and, consequently, for the @command{rsh} (@pxref{rsh invocation})
+@c program. The server provides remote execution facilities with
+@c authentication based on privileged port numbers from trusted hosts.
+@c The @command{rshd} server listens for service requests at the port
+@c indicated in the @samp{cmd} service specification. When a service
+@c request is received the following protocol is initiated:
+@c
+@c @enumerate
+@c @item
+@c The server checks the client's source port. If the port is not in the
+@c range 512--1023, the server aborts the connection. However, this
+@c condition is not applied for Kerberized service.
+@c
+@c @item
+@c The server reads characters from the socket up to a NUL (@samp{\0})
+@c byte. The resultant string is interpreted as an ASCII number, base
+@c 10.
+@c
+@c @item
+@c If the number received in step 2 is non-zero, it is interpreted as the
+@c port number of a secondary stream to be used for the stderr. A second
+@c connection is then created to the specified port on the client's
+@c machine. The source port of this second connection is also in the
+@c range 512--1023.
+@c
+@c @item
+@c The server checks the client's source address and requests the
+@c corresponding host name. If the hostname cannot be determined, the
+@c dot-notation representation of the host address is used. If the
+@c hostname is in the same domain as the server (according to the last
+@c two components of the domain name), or if the @option{-a} option is
+@c given, the addresses for the hostname are requested, verifying that
+@c the name and address correspond. If address verification fails, the
+@c connection is aborted with the message, @samp{Host address mismatch.}
+@c
+@c @item
+@c A null terminated user name of at most 16 characters is retrieved on
+@c the initial socket. This user name is interpreted as the user
+@c identity on the client's machine.
+@c
+@c @item
+@c A null terminated user name of at most 16 characters is retrieved on
+@c the initial socket. This user name is interpreted as a user identity
+@c to use on the server's machine.
+@c
+@c @item
+@c A null terminated command to be passed to a shell is retrieved on the
+@c initial socket. The length of the command is limited by the upper
+@c bound on the size of the system's argument list.
+@c
+@c @item
+@c Rshd then validates the user using @code{ruserok}, which uses the file
+@c @file{/etc/hosts.equiv} and the @file{.rhosts} file found in the
+@c user's home directory. The @option{-l} option prevents @code{ruserok}
+@c from doing any validation based on the user's @file{.rhosts} file,
+@c unless the user is the superuser.
+@c
+@c @item
+@c If the file @file{/etc/nologin} exists and the user is not the
+@c superuser, the connection is closed.
+@c
+@c @item
+@c A null byte is returned on the initial socket and the command line is
+@c passed to the normal login shell of the user. The shell inherits the
+@c network connections established by @command{rshd}.
+@c
+@c @item
+@c Transport-level keepalive messages are enabled unless the @option{-n}
+@c option is present. The use of keepalive messages allows sessions to
+@c be timed out if the client crashes or becomes unreachable.
+@c
+@c @item
+@c The @option{-L} option causes all successful accesses to be logged to
+@c @command{syslogd} (@pxref{syslogd invocation}) as @samp{auth.info}
+@c messages.
+@c @end enumerate
+@c
+@c @xref{ruserok, , ruserok, libc, The GNU C Library Reference Manual},
+@c for details.
+@c
+@c @section Invoking
+@c
+@c The options are as follows:
+@c
+@c @table @option
+@c @item -a
+@c @itemx --verify-hostname
+@c @opindex -a
+@c @opindex --verify-hostname
+@c Ask hostname for verification.
+@c
+@c @c @item -d
+@c @c @itemx --daemon
+@c @c @opindex -d
+@c @c @opindex --daemon
+@c @c Daemon mode.
+@c
+@c @item -k
+@c @itemx --kerberos
+@c @opindex -k
+@c @opindex --kerberos
+@c Use Kerberos authentication.
+@c
+@c @item -l
+@c @itemx --no-rhosts
+@c @opindex -l
+@c @opindex --no-rhosts
+@c Ignore @file{.rhosts} file.
+@c
+@c @item -L
+@c @itemx --log-sessions
+@c @opindex -L
+@c @opindex --log-sessions
+@c Log successful logins.
+@c
+@c @item -n
+@c @itemx --no-keepalive
+@c @opindex -n
+@c @opindex --no-keepalive
+@c Do not set SO_KEEPALIVE.
+@c
+@c @item -S @var{name}
+@c @itemx --servername=@var{name}
+@c @opindex -S
+@c @opindex --servername
+@c Set Kerberos server name, overriding canonical hostname.
+@c
+@c @item -v
+@c @itemx --vacuous
+@c @opindex -v
+@c @opindex --vacuous
+@c Fail any call asking for non-Kerberos authentication.
+@c
+@c @c OBSOLETE?
+@c @c @item -x
+@c @c @itemx --encrypt
+@c @c @opindex -x
+@c @c @opindex --encrypt
+@c @c Turns on DES encryption for all data passed via the @command{rshd}
+@c @c session. This may impact response time and CPU utilization, but
+@c @c provides increased security.
+@c
+@c @c @item -D[@var{level}]
+@c @c @itemx --debug[=@var{level}]
+@c @c @opindex -D
+@c @c @opindex -debug
+@c @c Set debug level, not implemented.
+@c
+@c @c @item -o
+@c @c @itemx --allow-root
+@c @c @opindex -o
+@c @c @opindex --allow-root
+@c @c Allow uid == 0 to login, disabled by default
+@c
+@c @c @item -p @var{port}
+@c @c @itemx --port=@var{port}
+@c @c @opindex -p
+@c @c @opindex --port
+@c @c Listen on given port (valid only in daemon mode).
+@c
+@c @item -r
+@c @itemx --reverse-required
+@c @opindex -r
+@c @opindex --reverse-required
+@c Demand that the client's IP address be resolvable
+@c as a host name.
+@c @end table
+@c
+@c Should @command{rshd} have been built with PAM support,
+@c it reads any setting specified for a service named either
+@c @samp{rsh} or @samp{krsh}, the latter name for clients
+@c seeking Kerberised authentication.
+@c
+@c @section Diagnostics
+@c
+@c Except for the last one listed below, all diagnostic messages are
+@c returned on the initial socket, after which any network connections
+@c are closed. An error is indicated by a leading byte with a value of 1
+@c (0 is returned in step 10 above upon successful completion of all the
+@c steps prior to the execution of the login shell).
+@c
+@c @table @samp
+@c @item Locuser too long
+@c The name of the user on the client's machine is longer than 16
+@c characters.
+@c
+@c @item Ruser too long
+@c The name of the user on the remote machine is longer than 16
+@c characters.
+@c
+@c @item Command too long
+@c The command line passed exceeds the size of the argument list (as
+@c configured into the system).
+@c
+@c @item Login incorrect
+@c No password file entry for the user name existed.
+@c
+@c @item Remote directory
+@c The chdir command to the home directory failed.
+@c
+@c @item Permission denied
+@c The authentication procedure described above failed,
+@c or address resolution was insufficient.
+@c
+@c @item Can't make pipe.
+@c The pipe needed for the stderr, wasn't created.
+@c
+@c @item Can't fork; try again.
+@c A fork by the server failed.
+@c
+@c @item <shellname>: @dots{}
+@c The user's login shell could not be started. This message is returned
+@c on the connection associated with the stderr, and is not preceded by a
+@c flag byte.
+@c @end table
+@c
+@c The authentication procedure used here assumes the integrity of each
+@c client machine and the connecting medium. This is insecure, but is
+@c useful in an ``open'' environment.
+@c
@node talkd invocation
@chapter @command{talkd}: a server for communication between users
@pindex talkd
@@ -5141,162 +5141,162 @@ In all other cases the result would be
where @code{$USER} is the value of the corresponding environment
variable and could possibly be empty.
-@node tftpd invocation
-@chapter @command{tftpd}: TFTP server
-@pindex tftpd
-
-@command{tftpd} is intended to be invoked via @command{inetd}
-at all times.
-
-@noindent
-Synopsis:
-
-@example
-tftpd [@var{options}] [@var{directory} @dots{}]
-@end example
-
-@table @option
-@item -g @var{group}
-@itemx --group=@var{group}
-@opindex -g
-@opindex --group
-Specify group membership of the process owner.
-This is used only along with the option @option{-s},
-and replaces the group membership that comes from
-the process owner himself.
-
-@item -l
-@itemx --logging
-@opindex -l
-@opindex --logging
-Enable logging.
-
-@item -n
-@itemx --nonexistent
-@opindex -n
-@opindex --nonexistent
-Supress negative acknowledgement of requests for nonexistent relative
-filenames.
-
-@item -s @var{dir}
-@itemx --secure-dir=@var{dir}
-@opindex -s
-@opindex --secure-dir
-Let the serving process change its root directory to @var{dir}
-before attending to any requests.
-This directory is not observable by any client, but improves
-server isolation, since servable contents must be located
-below this chrooted directory @var{dir}.
-
-@item -u @var{user}
-@itemx --user=@var{user}
-@opindex -u
-@opindex --user
-Specify the process owner for serving requests.
-Only relevant along with the option @option{-s}.
-The default name is @samp{nobody}.
-@end table
-
-@section Directory prefixes
-@anchor{tftpd validation}
-
-In addition to options, an invocation of @command{tftpd} can
-specify an optional list of directory prefixes.
-These are approved of according to two principles:
-
-@itemize @bullet
-@item
-Relative pathnames are ignored.
-
-@item
-At most twenty prefixes are approved, the rest is discarded.
-@end itemize
-
-@noindent
-A request for a file is decided upon as a consequence
-of evaluating these criteria:
-
-@itemize @bullet
-@item
-Every file request containing the substring @samp{/../} is denied,
-as is a file name beginning with @samp{../}.
-
-@item
-Write requests must specify absolute locations.
-
-@item
-A file request, if specified as an @emph{absolute} pathname,
-must begin with one of the approved directory prefixes,
-should at least one such prefix have been accepted.
-
-@item
-In the absence of a prefix collection, any absolute pathname is
-accepted, should the corresponding file exist.
-
-@item
-A file request, if specified as a @emph{relative} name,
-will only be searched for below the acceptable prefixes,
-should at least one such prefix have been approved.
-
-@item
-A request for a relatively named file, is denied in the absence
-of approved directory prefixes.
-
-@item
-The resulting file must be world readable, or world writable,
-for a read request, or a write request, to succeed.
-@end itemize
-
-@section Use cases
-@anchor{tftpd setup cases}
-
-The standard use case is an entry in @file{/etc/inetd.conf} like
-
-@example
-tftp dgram udp4 wait root /usr/sbin/tftpd \
-@verb{ } tftpd /tftpboot /altboot
-@end example
-
-@noindent
-This would allow the TFTP client to use any of
-
-@example
-get kernel
-get /tftpboot/kernel
-get kernel.alt
-get /altboot/kernel.alt
-get /etc/motd
-@end example
-
-@noindent
-given that @file{/tftpboot/kernel} and @file{/altboot/kernel.alt} exist.
-Observe that also @file{/etc/motd} is accessible, inspite there being
-no explicit mention of standard file locations.
-
-A stronger mode of running a TFTP server is to use the `secure mode',
-meaning that the serving process is running in a chrooted mode.
-Then a suitable configuration could be
-
-@example
-tftp dgram udp4 wait root /usr/sbin/tftpd \
-@verb{ } tftpd --secure-dir=/srv/tftp-root /tftpboot /altboot
-@end example
-
-@noindent
-Supposing the files @file{kernel} and @file{kernel.alt} to exist
-in the common directory @file{/srv/tftp-root/altboot/},
-all the previously suggested client requests for a kernel would
-still be granted, but now any request for @file{/etc/motd}
-would be declined, and would get a reply `File not found' back.
-
-The chrooted setting is denying access outside of
-@file{/srv/tftp-root}, yet is not indicating this lock-in
-to the client, and is thus improving server isolation.
-Since neither of @option{-u} and @option{-g} were specified,
-the configuration reproduced above will in fact have the
-transmitting server process running with the default
-owner set to @samp{nobody:nogroup}.
-
+@c @node tftpd invocation
+@c @chapter @command{tftpd}: TFTP server
+@c @pindex tftpd
+@c
+@c @command{tftpd} is intended to be invoked via @command{inetd}
+@c at all times.
+@c
+@c @noindent
+@c Synopsis:
+@c
+@c @example
+@c tftpd [@var{options}] [@var{directory} @dots{}]
+@c @end example
+@c
+@c @table @option
+@c @item -g @var{group}
+@c @itemx --group=@var{group}
+@c @opindex -g
+@c @opindex --group
+@c Specify group membership of the process owner.
+@c This is used only along with the option @option{-s},
+@c and replaces the group membership that comes from
+@c the process owner himself.
+@c
+@c @item -l
+@c @itemx --logging
+@c @opindex -l
+@c @opindex --logging
+@c Enable logging.
+@c
+@c @item -n
+@c @itemx --nonexistent
+@c @opindex -n
+@c @opindex --nonexistent
+@c Supress negative acknowledgement of requests for nonexistent relative
+@c filenames.
+@c
+@c @item -s @var{dir}
+@c @itemx --secure-dir=@var{dir}
+@c @opindex -s
+@c @opindex --secure-dir
+@c Let the serving process change its root directory to @var{dir}
+@c before attending to any requests.
+@c This directory is not observable by any client, but improves
+@c server isolation, since servable contents must be located
+@c below this chrooted directory @var{dir}.
+@c
+@c @item -u @var{user}
+@c @itemx --user=@var{user}
+@c @opindex -u
+@c @opindex --user
+@c Specify the process owner for serving requests.
+@c Only relevant along with the option @option{-s}.
+@c The default name is @samp{nobody}.
+@c @end table
+@c
+@c @section Directory prefixes
+@c @anchor{tftpd validation}
+@c
+@c In addition to options, an invocation of @command{tftpd} can
+@c specify an optional list of directory prefixes.
+@c These are approved of according to two principles:
+@c
+@c @itemize @bullet
+@c @item
+@c Relative pathnames are ignored.
+@c
+@c @item
+@c At most twenty prefixes are approved, the rest is discarded.
+@c @end itemize
+@c
+@c @noindent
+@c A request for a file is decided upon as a consequence
+@c of evaluating these criteria:
+@c
+@c @itemize @bullet
+@c @item
+@c Every file request containing the substring @samp{/../} is denied,
+@c as is a file name beginning with @samp{../}.
+@c
+@c @item
+@c Write requests must specify absolute locations.
+@c
+@c @item
+@c A file request, if specified as an @emph{absolute} pathname,
+@c must begin with one of the approved directory prefixes,
+@c should at least one such prefix have been accepted.
+@c
+@c @item
+@c In the absence of a prefix collection, any absolute pathname is
+@c accepted, should the corresponding file exist.
+@c
+@c @item
+@c A file request, if specified as a @emph{relative} name,
+@c will only be searched for below the acceptable prefixes,
+@c should at least one such prefix have been approved.
+@c
+@c @item
+@c A request for a relatively named file, is denied in the absence
+@c of approved directory prefixes.
+@c
+@c @item
+@c The resulting file must be world readable, or world writable,
+@c for a read request, or a write request, to succeed.
+@c @end itemize
+@c
+@c @section Use cases
+@c @anchor{tftpd setup cases}
+@c
+@c The standard use case is an entry in @file{/etc/inetd.conf} like
+@c
+@c @example
+@c tftp dgram udp4 wait root /usr/sbin/tftpd \
+@c @verb{ } tftpd /tftpboot /altboot
+@c @end example
+@c
+@c @noindent
+@c This would allow the TFTP client to use any of
+@c
+@c @example
+@c get kernel
+@c get /tftpboot/kernel
+@c get kernel.alt
+@c get /altboot/kernel.alt
+@c get /etc/motd
+@c @end example
+@c
+@c @noindent
+@c given that @file{/tftpboot/kernel} and @file{/altboot/kernel.alt} exist.
+@c Observe that also @file{/etc/motd} is accessible, inspite there being
+@c no explicit mention of standard file locations.
+@c
+@c A stronger mode of running a TFTP server is to use the `secure mode',
+@c meaning that the serving process is running in a chrooted mode.
+@c Then a suitable configuration could be
+@c
+@c @example
+@c tftp dgram udp4 wait root /usr/sbin/tftpd \
+@c @verb{ } tftpd --secure-dir=/srv/tftp-root /tftpboot /altboot
+@c @end example
+@c
+@c @noindent
+@c Supposing the files @file{kernel} and @file{kernel.alt} to exist
+@c in the common directory @file{/srv/tftp-root/altboot/},
+@c all the previously suggested client requests for a kernel would
+@c still be granted, but now any request for @file{/etc/motd}
+@c would be declined, and would get a reply `File not found' back.
+@c
+@c The chrooted setting is denying access outside of
+@c @file{/srv/tftp-root}, yet is not indicating this lock-in
+@c to the client, and is thus improving server isolation.
+@c Since neither of @option{-u} and @option{-g} were specified,
+@c the configuration reproduced above will in fact have the
+@c transmitting server process running with the default
+@c owner set to @samp{nobody:nogroup}.
+@c
@node uucpd invocation
@chapter @command{uucpd}: Unix to Unix Copy relay daemon.
@pindex uucpd
--- origsrc/inetutils-2.5/ftp/cmds.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ftp/cmds.c 2023-12-30 20:53:27.874344900 +0900
@@ -100,6 +100,10 @@
# endif
#endif /* !DEFPORT */
+#ifdef __CYGWIN__
+typedef _sig_func_ptr sig_t;
+#endif
+
/* Returns true if STR is entirely lower case. */
static int
all_lower (char *str)
@@ -309,6 +313,13 @@ setpeer (int argc, char **argv)
if (autologin)
login (host);
+#ifdef __CYGWIN__
+# ifndef unix
+# define unix
+# endif
+# define NBBY 8
+#endif /* __CYGWIN__ */
+
#if (defined unix || defined __unix || defined __unix__) && NBBY == 8
/*
* this ifdef is to keep someone form "porting" this to an incompatible
@@ -1917,7 +1928,7 @@ quote1 (char *initial, int argc, char **
len += strlen (strcpy (&buf[len], argv[i]));
}
}
- if (command (buf) == PRELIM)
+ if (command ("%s", buf) == PRELIM)
{
while (getreply (0) == PRELIM)
continue;
--- origsrc/inetutils-2.5/ftp/ftp.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ftp/ftp.c 2023-12-30 20:58:32.165422000 +0900
@@ -90,6 +90,11 @@
#include "ftp_var.h"
#include "attribute.h"
+#ifdef __CYGWIN__
+#include <io.h>
+typedef _sig_func_ptr sig_t;
+#endif
+
#if !HAVE_DECL_FCLOSE
/* Some systems don't declare fclose in <stdio.h>, so do it ourselves. */
extern int fclose (FILE *);
@@ -674,7 +679,15 @@ sendrequest (char *cmd, char *local, cha
}
else
{
+#ifdef __CYGWIN__
+ if (curtype != TYPE_A) {
+ fin = fopen (local, "rb");
+ } else {
+ fin = fopen (local, "r");
+ }
+#else
fin = fopen (local, "r");
+#endif
if (fin == NULL)
{
error (0, errno, "local: %s", local);
@@ -718,6 +731,7 @@ sendrequest (char *cmd, char *local, cha
break;
case TYPE_I:
case TYPE_L:
+ setmode (fileno (fin), O_BINARY);
rc = lseek (fileno (fin), restart_point, SEEK_SET);
break;
}
@@ -786,6 +800,8 @@ sendrequest (char *cmd, char *local, cha
case TYPE_I:
case TYPE_L:
+ setmode (fileno (fin), O_BINARY);
+ setmode (fileno (dout), O_BINARY);
errno = d = 0;
while ((c = read (fileno (fin), buf, bufsize)) > 0)
{
@@ -1021,7 +1037,17 @@ recvrequest (char *cmd, char *local, cha
{
struct stat st;
+#ifdef __CYGWIN__
+ {
+ char nmode[8];
+ strcpy (nmode, lmode);
+ if (curtype != TYPE_A)
+ strcat (nmode, "b");
+ fout = fopen (local, nmode);
+ }
+#else
fout = fopen (local, lmode);
+#endif
if (fout == NULL || fstat (fileno (fout), &st) < 0)
{
error (0, errno, "local: %s", local);
@@ -1050,6 +1076,8 @@ recvrequest (char *cmd, char *local, cha
case TYPE_I:
case TYPE_L:
+ setmode (fileno (fout), O_BINARY);
+ setmode (fileno (din), O_BINARY);
if (restart_point && lseek (fileno (fout), restart_point, SEEK_SET) < 0)
{
error (0, errno, "local: %s", local);
@@ -1528,10 +1556,15 @@ noport:
result = ERROR; /* For success detection. */
if (data_addr.ss_family != AF_INET || doepsv4)
{
+ char *p;
/* Use EPRT mode. */
getnameinfo ((struct sockaddr *) &data_addr, ctladdrlen,
ia, sizeof (ia), portstr, sizeof (portstr),
NI_NUMERICHOST | NI_NUMERICSERV);
+ /* Remove IPv6 link local address postfix */
+ p = strchr (ia, '%');
+ if (p)
+ *p = '\0';
result = command ("EPRT |%d|%s|%s|",
(data_addr.ss_family == AF_INET) ? 1 : 2,
ia, portstr);
--- origsrc/inetutils-2.5/ftpd/auth.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ftpd/auth.c 2023-12-30 20:53:27.895330400 +0900
@@ -18,6 +18,17 @@
#include <config.h>
+#ifdef __CYGWIN__
+# undef ERROR
+# include <windows.h>
+# include <pwd.h>
+# include <sys/cygwin.h>
+# include <io.h>
+# define is_winnt (GetVersion() < 0x80000000)
+#else
+# define is_winnt (0)
+#endif
+
#include <sys/types.h>
#include <stdlib.h>
#include <string.h>
@@ -43,6 +54,9 @@
shell as returned by getusershell(). Disallow anyone mentioned in the file
PATH_FTPUSERS to allow people such as root and uucp to be avoided. */
+static int
+do_cygwin_auth (const char* passwd, struct credentials *pcred);
+
int
auth_user (const char *name, struct credentials *pcred)
{
@@ -92,8 +106,8 @@ auth_user (const char *name, struct cred
*/
if (strcmp (name, "ftp") == 0 || strcmp (name, "anonymous") == 0)
{
- if (checkuser (PATH_FTPUSERS, "ftp")
- || checkuser (PATH_FTPUSERS, "anonymous"))
+ if (checkuser (PATH_FTPUSERS, "ftp", NULL)
+ || checkuser (PATH_FTPUSERS, "anonymous", NULL))
{
snprintf (pcred->message, len, "User %s access denied.",
name);
@@ -110,6 +124,8 @@ auth_user (const char *name, struct cred
snprintf (pcred->message, len, "User %s unknown.", name);
err = 1;
}
+ if (err == 0)
+ checkuser (PATH_FTPCHROOT, pcred->name, &pcred->rootdir);
return err;
}
@@ -128,7 +144,7 @@ auth_user (const char *name, struct cred
break;
endusershell ();
- if (cp == NULL || checkuser (PATH_FTPUSERS, name))
+ if (cp == NULL || checkuser (PATH_FTPUSERS, name, NULL))
{
sprintf (pcred->message, "User %s access denied.", name);
return 1;
@@ -148,7 +164,8 @@ auth_user (const char *name, struct cred
if (err == 0)
{
- pcred->dochroot = checkuser (PATH_FTPCHROOT, pcred->name);
+ pcred->dochroot =
+ checkuser (PATH_FTPCHROOT, pcred->name, &pcred->rootdir);
#if defined WITH_PAM && !defined WITH_LINUX_PAM
if (pcred->auth_type == AUTH_TYPE_PAM)
@@ -183,18 +200,49 @@ auth_pass (const char *passwd, struct cr
case AUTH_TYPE_PASSWD:
default:
{
+#ifdef __CYGWIN__
+ if (!is_winnt)
+ {
+#endif /* __CYGWIN__ */
char *xpasswd;
char *salt = pcred->passwd;
/* Try to authenticate the user. */
if (pcred->passwd == NULL || *pcred->passwd == '\0')
return 1; /* Failed. */
- xpasswd = crypt (passwd, salt);
+ xpasswd = (char*) crypt (passwd, salt);
return (!xpasswd || strcmp (xpasswd, pcred->passwd) != 0);
+#ifdef __CYGWIN__
+ } else {
+ return do_cygwin_auth (passwd, pcred);
+ }
+#endif /* __CYGWIN__ */
}
} /* switch (auth_type) */
return -1;
}
+#ifdef __CYGWIN__
+static int
+do_cygwin_auth (const char* passwd, struct credentials *pcred)
+{
+ struct passwd *p;
+ if ((pcred == NULL) || (pcred->name == NULL) || (pcred->name[0] == '\0'))
+ return 1;
+
+ /* can't "recreate" p from contents of pcred, because
+ struct passwd might contain extension elements
+ unknown to us
+ */
+ p = getpwnam (pcred->name);
+ if (p == NULL)
+ return 1;
+
+ HANDLE hToken = (HANDLE) cygwin_logon_user (p, passwd);
+ cygwin_set_impersonation_token (hToken);
+ return (hToken == INVALID_HANDLE_VALUE); // non-zero on error
+}
+#endif /* __CYGWIN__ */
+
int
sgetcred (const char *name, struct credentials *pcred)
{
--- origsrc/inetutils-2.5/ftpd/conf.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ftpd/conf.c 2023-12-30 21:01:38.957327700 +0900
@@ -58,11 +58,11 @@ display_file (const char *name, int code
* Return 1 if yes, 0 otherwise.
*/
int
-checkuser (const char *filename, const char *name)
+checkuser (const char *filename, const char *name, char **path)
{
FILE *fp;
int found = 0, ngroups = 0;
- char *p, line[BUFSIZ];
+ char *p = NULL, line[BUFSIZ];
gid_t *groups = NULL;
struct passwd *pwd = NULL;
@@ -88,6 +88,7 @@ checkuser (const char *filename, const c
/* Wildcard entry, a single '@'. */
if (p[0] == '@' && (p[1] == 0 || isblank (p[1])))
{
+ p++;
found = 1;
break;
}
@@ -116,7 +117,8 @@ checkuser (const char *filename, const c
while (*p && (isalnum (*p) || *p == '_' || *p == '-'))
p++;
- *p = '\0'; /* Group name ends here. */
+ if (*p)
+ *p++ = '\0'; /* Group name ends here. */
grp = getgrnam (gname);
if (grp)
@@ -135,13 +137,46 @@ checkuser (const char *filename, const c
}
/* User name ends at the first blank character. */
- if (strncmp (p, name, strlen (name)) == 0
+ if (strncasecmp (p, name, strlen (name)) == 0
&& (p[strlen (name)] == 0 || isblank (p[strlen (name)])))
{
+ p += strlen (name);
found = 1;
break;
}
}
+
+ /* Extract the second field and set to *path */
+ if (found && path && p)
+ {
+ char *pend;
+ while (*p && isblank (*p))
+ p++;
+ pend = p;
+ while (*pend && !isblank (*pend))
+ pend++;
+ *pend = '\0';
+ if (*p)
+ {
+ char *buf = malloc (strlen (*path) + strlen (p) + 2);
+ if (buf)
+ {
+ if (*p != '/')
+ sprintf(buf, "%s/%s", *path, p);
+ else
+ sprintf(buf, "%s", p);
+ free (*path);
+ *path = sgetsave (buf);
+ free(buf);
+ }
+ else
+ {
+ perror_reply (421, "Local resource failure: malloc");
+ dologout (1);
+ }
+ }
+ }
+
free (groups);
fclose (fp);
}
--- origsrc/inetutils-2.5/ftpd/extern.h 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ftpd/extern.h 2023-12-30 20:53:27.920316500 +0900
@@ -53,7 +53,7 @@
#include <netinet/in.h>
extern void cwd (const char *);
-extern int checkuser (const char *filename, const char *name);
+extern int checkuser (const char *filename, const char *name, char **path);
extern void delete (const char *);
extern int display_file (const char *name, int code);
extern void dologout (int);
--- origsrc/inetutils-2.5/ftpd/ftpcmd.y 2023-01-01 09:35:18.000000000 +0900
+++ src/inetutils-2.5/ftpd/ftpcmd.y 2023-12-30 20:53:27.925313600 +0900
@@ -593,7 +593,7 @@ cmd
# endif /* BSD */
#endif /* !HAVE_UNAME */
-#if defined unix || defined __unix || defined __unix__
+#if defined unix || defined __unix || defined __unix__ || defined __CYGWIN__
sys_type = "UNIX";
#else
sys_type = "UNKNOWN";
--- origsrc/inetutils-2.5/ftpd/ftpd.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ftpd/ftpd.c 2023-12-30 21:05:35.998333100 +0900
@@ -111,6 +111,10 @@
# define LOG_FTP LOG_DAEMON /* Use generic facility. */
#endif
+#ifndef LARGE_TRANSFER_BLOCKSIZE
+# define LARGE_TRANSFER_BLOCKSIZE 4096
+#endif
+
#ifndef MAP_FAILED
# define MAP_FAILED (void*)-1
#endif
@@ -446,11 +450,21 @@ static struct argp argp = {
NULL
};
+#if defined(WITH_WRAP) && defined(__CYGWIN__)
+extern int allow_severity; /* set value in main() */
+extern int deny_severity; /* set value in main() */
+#endif
+
int
main (int argc, char *argv[], char **envp)
{
int index;
+#if defined(WITH_WRAP) && defined(__CYGWIN__)
+ allow_severity = LOG_INFO;
+ deny_severity = LOG_NOTICE;
+#endif
+
set_program_name (argv[0]);
#ifdef HAVE_TZSET
@@ -561,7 +575,7 @@ main (int argc, char *argv[], char **env
}
#endif
-#ifdef F_SETOWN
+#if defined(F_SETOWN) && !defined(__CYGWIN__)
if (fcntl (STDIN_FILENO, F_SETOWN, getpid ()) == -1)
syslog (LOG_ERR, "fcntl F_SETOWN: %m");
#endif
@@ -685,19 +699,55 @@ complete_login (struct credentials *pcre
/* We MUST do a chdir () after the chroot. Otherwise
the old current directory will be accessible as "."
outside the new root! */
- if (chroot (pcred->rootdir) < 0 || chdir (pcred->homedir) < 0)
+ char *subdir = strstr(pcred->rootdir, "/./");
+ if (subdir)
+ *subdir++ = '\0';
+ if (chroot (pcred->rootdir) < 0)
{
reply (550, "Can't set guest privileges.");
goto bad;
}
+ if (seteuid ((uid_t)pcred->uid) < 0)
+ {
+ reply(550, "Can't set uid.");
+ goto bad;
+ }
+ if (chdir (pcred->homedir) < 0)
+ {
+ reply(550, "Can't access home directory.");
+ goto bad;
+ }
+ if (subdir && chdir (subdir) < 0)
+ {
+ reply(550, "Can't change directory to %s.", subdir);
+ goto bad;
+ }
}
else if (pcred->dochroot)
{
- if (chroot (pcred->rootdir) < 0 || chdir (pcred->homedir) < 0)
+ char *subdir = strstr(pcred->rootdir, "/./");
+ if (subdir)
+ *subdir++ = '\0';
+ if (chroot (pcred->rootdir) < 0)
{
reply (550, "Can't change root.");
goto bad;
}
+ if (seteuid ((uid_t)pcred->uid) < 0)
+ {
+ reply(550, "Can't set uid.");
+ goto bad;
+ }
+ if (chdir (pcred->homedir) < 0)
+ {
+ reply(550, "Can't access home directory.");
+ goto bad;
+ }
+ if (subdir && chdir (subdir) < 0)
+ {
+ reply(550, "Can't change directory to %s.", subdir);
+ goto bad;
+ }
}
if (seteuid ((uid_t) pcred->uid) < 0)
@@ -708,6 +758,11 @@ complete_login (struct credentials *pcre
if (!pcred->guest && !pcred->dochroot) /* Remaining case. */
{
+ if (seteuid ((uid_t)pcred->uid) < 0)
+ {
+ reply(550, "Can't set uid.");
+ goto bad;
+ }
if (chdir (pcred->rootdir) < 0)
{
if (chdir ("/") < 0)
@@ -863,7 +918,7 @@ end_login (struct credentials *pcred)
char *remotehost = pcred->remotehost;
int atype = pcred->auth_type;
- if (seteuid ((uid_t) 0) == -1)
+ if (seteuid (getuid ()) == -1)
_exit (EXIT_FAILURE);
if (pcred->logged_in)
@@ -975,6 +1030,11 @@ retrieve (const char *cmd, const char *n
if (cmd == 0)
{
+#ifdef __CYGWIN__
+ if (type != TYPE_A)
+ fin = fopen (name, "rb"), closefunc = fclose;
+ else
+#endif
fin = fopen (name, "r"), closefunc = fclose;
st.st_size = 0;
}
@@ -1062,6 +1122,13 @@ store (const char *name, const char *mod
FILE *fout, *din;
struct stat st;
int (*closefunc) (FILE *);
+ char nmode[8];
+
+ strcpy (nmode, mode);
+#ifdef __CYGWIN__
+ if (type != TYPE_A)
+ strcat (nmode, "b");
+#endif
if (unique && stat (name, &st) == 0)
{
@@ -1077,8 +1144,16 @@ store (const char *name, const char *mod
}
if (restart_point)
- mode = "r+";
- fout = fopen (name, mode);
+ {
+#ifdef __CYGWIN__
+ if (type != TYPE_A)
+ mode = "rb+";
+ else
+#endif
+ mode = "r+";
+ strcpy (nmode, mode);
+ }
+ fout = fopen (name, nmode);
closefunc = fclose;
if (fout == NULL || fstat (fileno (fout), &st) < 0)
{
@@ -1154,7 +1229,7 @@ getdatasock (const char *mode)
if (data >= 0)
return fdopen (data, mode);
- if (seteuid ((uid_t) 0) == -1)
+ if (seteuid (getuid ()) == -1)
_exit (EXIT_FAILURE);
s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0);
if (s < 0)
@@ -1321,9 +1396,12 @@ static void
send_data (FILE *instr, FILE *outstr, off_t blksize)
{
int c, cnt, filefd, netfd;
- char *buf = MAP_FAILED, *bp;
+ char *buf = MAP_FAILED;
off_t curpos;
+#ifdef HAVE_MMAP
+ char *bp;
off_t len, filesize;
+#endif
transflag++;
if (setjmp (urgcatch))
@@ -1416,7 +1494,14 @@ send_data (FILE *instr, FILE *outstr, of
len = filesize;
do
{
+#ifdef __CYGWIN__
+ cnt = write (netfd, bp,
+ (len < LARGE_TRANSFER_BLOCKSIZE ?
+ len : LARGE_TRANSFER_BLOCKSIZE));
+#else
cnt = write (netfd, bp, len);
+#endif /* __CYGWIN__ */
+
len -= cnt;
bp += cnt;
if (cnt > 0)
@@ -1441,6 +1526,9 @@ send_data (FILE *instr, FILE *outstr, of
syslog (LOG_DEBUG, "Starting at position %jd.", curpos);
}
+ if (blksize <= 0)
+ blksize = LARGE_TRANSFER_BLOCKSIZE;
+
buf = malloc ((u_int) blksize);
if (buf == NULL)
{
@@ -1980,7 +2068,7 @@ passive (int epsv, int af)
else /* !AF_INET6 */
((struct sockaddr_in *) &pasv_addr)->sin_port = 0;
- if (seteuid ((uid_t) 0) == -1)
+ if (seteuid (getuid ()) == -1)
_exit (EXIT_FAILURE);
if (bind (pdata, (struct sockaddr *) &pasv_addr, pasv_addrlen) < 0)
{
--- origsrc/inetutils-2.5/ftpd/server_mode.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ftpd/server_mode.c 2023-12-30 20:53:27.941303900 +0900
@@ -57,8 +57,14 @@ static void reapchild (int);
extern int hosts_ctl (char *, char *, char *, char *);
# endif
+#ifdef __CYGWIN__
+/* provided by library (e.g. extern, here) on cygwin */
+extern int allow_severity; /* set value in main() */
+extern int deny_severity; /* set value in main() */
+#else
int allow_severity = LOG_INFO;
int deny_severity = LOG_NOTICE;
+#endif
static int
check_host (struct sockaddr *sa, socklen_t len)
--- origsrc/inetutils-2.5/lib/sys_select.in.h 2023-12-30 03:04:55.000000000 +0900
+++ src/inetutils-2.5/lib/sys_select.in.h 2023-12-30 20:53:27.975103800 +0900
@@ -42,7 +42,7 @@
# @INCLUDE_NEXT@ @NEXT_SYS_SELECT_H@
#elif (@HAVE_SYS_SELECT_H@ \
- && (defined _CYGWIN_SYS_TIME_H \
+ && (defined __CYGWIN__ \
|| (!defined _GL_SYS_SELECT_H_REDIRECT_FROM_SYS_TIME_H \
&& ((defined __osf__ && defined _SYS_TIME_H_ \
&& defined _OSF_SOURCE) \
--- origsrc/inetutils-2.5/libinetutils/daemon.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/libinetutils/daemon.c 2023-12-30 20:53:27.985101900 +0900
@@ -49,6 +49,7 @@
#include <fcntl.h>
#include <unistd.h>
#include <signal.h>
+#include <syslog.h>
#include <error.h>
#include <stdlib.h>
#include <sys/types.h>
@@ -101,13 +102,87 @@
#define MAXFD 64
+/* copy signal stuff from inetd.c -- POSIX says that the various
+ signal interfaces should not be mixed in the same program.
+ Because inetd uses 'most recent signal interface' it can find,
+ we should too.
+*/
+
+#define SIGBLOCK (sigmask(SIGCHLD)|sigmask(SIGHUP)|sigmask(SIGALRM))
+#if defined(HAVE_SIGACTION)
+# define SIGSTATUS sigset_t
+# define sigstatus_empty(s) sigemptyset(&s)
+#else
+# define SIGSTATUS long
+# define sigstatus_empty(s) s = 0
+#endif
+
+static void
+signal_set_handler (int signo, void (*handler) ())
+{
+#if defined(HAVE_SIGACTION)
+ struct sigaction sa;
+ memset ((char *)&sa, 0, sizeof(sa));
+ sigemptyset (&sa.sa_mask);
+ sigaddset (&sa.sa_mask, signo);
+#ifdef SA_RESTART
+ sa.sa_flags = SA_RESTART;
+#endif
+ sa.sa_handler = handler;
+ sigaction (signo, &sa, NULL);
+#elif defined(HAVE_SIGVEC)
+ struct sigvec sv;
+ memset (&sv, 0, sizeof(sv));
+ sv.sv_mask = SIGBLOCK;
+ sv.sv_handler = handler;
+ sigvec (signo, &sv, NULL);
+#else /* !HAVE_SIGVEC */
+ signal (signo, handler);
+#endif /* HAVE_SIGACTION */
+}
+
+static void
+signal_block (SIGSTATUS *old_status)
+{
+#ifdef HAVE_SIGACTION
+ sigset_t sigs;
+
+ sigemptyset (&sigs);
+ sigaddset (&sigs, SIGCHLD);
+ sigaddset (&sigs, SIGHUP);
+ sigaddset (&sigs, SIGALRM);
+ sigprocmask (SIG_BLOCK, &sigs, old_status);
+#else
+ long omask = sigblock (SIGBLOCK);
+ if (old_status)
+ *old_status = omask;
+#endif
+}
+
+static void
+signal_unblock (SIGSTATUS *status)
+{
+#ifdef HAVE_SIGACTION
+ if (status)
+ sigprocmask (SIG_SETMASK, status, 0);
+ else
+ {
+ sigset_t empty;
+ sigemptyset (&empty);
+ sigprocmask (SIG_SETMASK, &empty, 0);
+ }
+#else
+ sigsetmask (status ? *status : 0);
+#endif
+}
+
void
waitdaemon_timeout (int signo MAYBE_UNUSED)
{
int left;
left = alarm (0);
- signal (SIGALRM, SIG_DFL);
+ signal_set_handler (SIGALRM, SIG_DFL);
if (left == 0)
error (EXIT_FAILURE, 0, "timed out waiting for child");
}
@@ -136,9 +211,29 @@ waitdaemon (int nochdir, int noclose, in
default: /* In the parent. */
if (maxwait > 0)
{
- signal (SIGALRM, waitdaemon_timeout);
+ int status;
+ pid_t wpid;
+
+ signal_unblock(NULL);
+ signal_set_handler (SIGALRM, waitdaemon_timeout);
alarm (maxwait);
- pause ();
+ do
+ {
+ wpid = waitpid(childpid, &status, WUNTRACED
+#ifdef WCONTINUED /* Not all implementations support this */
+ | WCONTINUED
+#endif
+ );
+ if (wpid == -1)
+ {
+ /* should't happen for timeouts, because the
+ SIGALRM handler will error (and exit). However,
+ we may recieve some OTHER signal...
+ */
+ error (1, 0, "interrupted while waiting for child");
+ }
+ }
+ while (!WIFEXITED(status) && !WIFSIGNALED(status));
}
_exit (EXIT_SUCCESS);
}
@@ -150,7 +245,7 @@ waitdaemon (int nochdir, int noclose, in
then SIGHUP is sent to all process belonging to the same session,
i.e., also to the second child.
*/
- signal (SIGHUP, SIG_IGN);
+ signal_set_handler (SIGHUP, SIG_IGN);
switch (fork ())
{
@@ -200,5 +295,9 @@ waitdaemon (int nochdir, int noclose, in
int
daemon (int nochdir, int noclose)
{
+#ifdef __CYGWIN__
+ return (waitdaemon (nochdir, noclose, 5) == -1) ? -1 : 0;
+#else
return (waitdaemon (nochdir, noclose, 0) == -1) ? -1 : 0;
+#endif
}
--- origsrc/inetutils-2.5/libinetutils/logwtmp.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/libinetutils/logwtmp.c 2023-12-30 20:53:27.991097000 +0900
@@ -48,6 +48,10 @@
extern int errno;
#endif
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
+
#ifdef HAVE_UTMPX_H
static void
_logwtmp (struct utmpx *ut)
@@ -60,9 +64,9 @@ _logwtmp (struct utmp *ut)
static int fd = -1;
if (fd < 0)
- fd = open (OUR_WTMP, O_WRONLY | O_APPEND, 0);
+ fd = open (OUR_WTMP, O_WRONLY | O_APPEND | O_BINARY, 0);
#else
- int fd = open (OUR_WTMP, O_WRONLY | O_APPEND, 0);
+ int fd = open (OUR_WTMP, O_WRONLY | O_APPEND | O_BINARY, 0);
#endif
if (fd >= 0)
--- origsrc/inetutils-2.5/libinetutils/setsig.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/libinetutils/setsig.c 2023-12-30 20:53:27.997094200 +0900
@@ -24,6 +24,10 @@
#include <signal.h>
+#ifdef __CYGWIN__
+typedef _sig_func_ptr sig_t;
+#endif
+
/* This is exactly like the traditional signal function, but turns on the
SA_RESTART bit where possible. */
sighandler_t
--- origsrc/inetutils-2.5/ping/ping.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ping/ping.c 2023-12-30 20:53:28.014082200 +0900
@@ -276,8 +276,12 @@ main (int argc, char **argv)
setlocale (LC_ALL, "");
#endif
+#ifdef __CYGWIN__
+ is_root = true;
+#else
if (getuid () == 0)
is_root = true;
+#endif
/* Parse command line */
iu_argp_init ("ping", program_authors);
--- origsrc/inetutils-2.5/ping/ping6.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/ping/ping6.c 2023-12-30 20:53:28.020078700 +0900
@@ -142,6 +142,7 @@ parse_opt (int key, char *arg, struct ar
{
char *endptr;
static unsigned char pattern[MAXPATTERN];
+ double v;
switch (key)
{
@@ -169,9 +170,11 @@ parse_opt (int key, char *arg, struct ar
#endif
case 'i':
+ v = strtod (arg, &endptr);
+ if (*endptr)
+ argp_error (state, "invalid value (`%s' near `%s')", arg, endptr);
options |= OPT_INTERVAL;
- interval = ping_cvt_number (arg, 0, 0);
- interval *= PING_PRECISION;
+ interval = v * PING_PRECISION;
if (!is_root && interval < PING_MIN_USER_INTERVAL)
error (EXIT_FAILURE, 0, "option value too small: %s", arg);
break;
@@ -252,8 +255,12 @@ main (int argc, char **argv)
setlocale (LC_ALL, "");
#endif
+#ifdef __CYGWIN__
+ is_root = true;
+#else
if (getuid () == 0)
is_root = true;
+#endif
/* Parse command line */
iu_argp_init ("ping6", program_authors);
@@ -850,6 +857,7 @@ ping_init (int type MAYBE_UNUSED, int id
return NULL;
}
+#if defined(ICMP6_FILTER) & !defined(__CYGWIN__)
/* Tell which ICMPs we are interested in. */
ICMP6_FILTER_SETBLOCKALL (&filter);
ICMP6_FILTER_SETPASS (ICMP6_ECHO_REPLY, &filter);
@@ -865,13 +873,16 @@ ping_init (int type MAYBE_UNUSED, int id
close (fd);
return NULL;
}
+#endif
+#ifdef IPV6_RECVHOPLIMIT
err = setsockopt (fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on, sizeof (on));
if (err)
{
close (fd);
return NULL;
}
+#endif
/* Allocate PING structure and initialize it to default values */
p = malloc (sizeof (*p));
--- origsrc/inetutils-2.5/src/inetd.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/src/inetd.c 2023-12-30 21:07:07.459315500 +0900
@@ -136,6 +136,12 @@
#include "version-etc.h"
#include "attribute.h"
+#ifdef __CYGWIN__
+#include <windows.h>
+#include <sys/cygwin.h>
+#endif /* __CYGWIN__ */
+
+
#ifndef EAI_ADDRFAMILY
# define EAI_ADDRFAMILY 1
#endif
@@ -149,7 +155,14 @@
#endif
#define SIGBLOCK (sigmask(SIGCHLD)|sigmask(SIGHUP)|sigmask(SIGALRM))
+enum {
+ NO_DAEMON = 0,
+ UNIX_DAEMON
+};
+
bool debug = false;
+static int daemonize = UNIX_DAEMON;
+
int nsock, maxsock;
fd_set allsock;
int options;
@@ -197,6 +210,13 @@ static struct argp_option argp_options[]
{"resolve", OPT_RESOLVE, NULL, 0,
"resolve IP addresses when setting environment variables "
"(see --environment)", GRP + 1},
+#ifdef __CYGWIN__
+ {0,0,0,0,"Cygwin-specific options:",GRP + 2},
+ {"no-daemonize", 'D', NULL, 0,
+ "Do not run as a daemon", GRP + 2},
+ {"traditional-daemon", 'T', NULL, 0,
+ "This option is present for backwards compatibility.", GRP + 2},
+#endif /* __CYGWIN__ */
#undef GRP
{NULL, 0, NULL, 0, NULL, 0}
};
@@ -237,6 +257,16 @@ parse_opt (int key, char *arg, struct ar
resolve_option = true;
break;
+#ifdef __CYGWIN__
+ case 'D': /* don't become a daemon */
+ daemonize = NO_DAEMON;
+ break;
+
+ case 'T': /* act like a normal unix daemon */
+ daemonize = UNIX_DAEMON;
+ break;
+#endif /* __CYGWIN__ */
+
default:
return ARGP_ERR_UNKNOWN;
}
@@ -411,6 +441,44 @@ signal_unblock (SIGSTATUS *status)
#endif
}
+#ifdef __CYGWIN__
+void
+hide_console ()
+{
+ HMODULE lib;
+ HWND WINAPI (*GetConsoleWindow) (void) = NULL;
+ HWND console = NULL;
+
+ AllocConsole ();
+ if (lib = LoadLibrary ("kernel32.dll"))
+ GetConsoleWindow = (HWND WINAPI (*) (void))
+ GetProcAddress (lib, "GetConsoleWindow");
+
+ if (GetConsoleWindow)
+ /* If GetConsoleWindow exists (W2K and newer), use it. */
+ console = GetConsoleWindow ();
+ if (!console)
+ {
+ /* Get console window handle as described in KB article Q124103 */
+ char title[32];
+ snprintf (title, 32, "inetd.%d", getpid ());
+ SetConsoleTitle (title);
+ Sleep (40);
+ console = FindWindow (NULL, title);
+ if (console)
+ {
+ char ctitle[256];
+ if (!GetWindowText (console, ctitle, 256) || strcmp (title, ctitle))
+ console = NULL;
+ }
+ }
+ if (console)
+ ShowWindow (console, SW_HIDE);
+}
+#endif /* __CYGWIN__ */
+
+
+
void
run_service (int ctrl, struct servtab *sep)
{
@@ -430,6 +498,10 @@ run_service (int ctrl, struct servtab *s
close (ctrl);
dup2 (0, 1);
dup2 (0, 2);
+#ifdef __CYGWIN__
+ if (strcmp (sep->se_user, "root"))
+ {
+#endif
pwd = getpwnam (sep->se_user);
if (pwd == NULL)
{
@@ -451,6 +523,13 @@ run_service (int ctrl, struct servtab *s
_exit (EXIT_FAILURE);
}
}
+#ifdef __CYGWIN__
+ }
+ else
+ {
+ pwd = getpwuid (getuid ());
+ }
+#endif
if (pwd->pw_uid)
{
if (grp && grp->gr_gid)
@@ -464,8 +543,8 @@ run_service (int ctrl, struct servtab *s
}
else if (setgid (pwd->pw_gid) < 0)
{
- syslog (LOG_ERR, "%s: can't set gid %d: %m",
- sep->se_service, pwd->pw_gid);
+ syslog (LOG_ERR, "%s: can't set gid %d uid(%d): %m",
+ sep->se_service, pwd->pw_gid, pwd->pw_uid);
_exit (EXIT_FAILURE);
}
#ifdef HAVE_INITGROUPS
@@ -1271,6 +1350,10 @@ nextconfig (const char *file)
}
while ((sep = getconfigent (fconfig, file, &line)))
{
+#ifdef __CYGWIN__
+ if (strcmp (sep->se_user, "root"))
+ {
+#endif
pwd = getpwnam (sep->se_user);
if (pwd == NULL)
{
@@ -1288,6 +1371,9 @@ nextconfig (const char *file)
continue;
}
}
+#ifdef __CYGWIN__
+ }
+#endif
if (ISMUX (sep))
{
sep->se_fd = -1;
@@ -1491,10 +1577,48 @@ set_proc_title (char *a, int s)
}
else
snprintf (buf, sizeof buf, "-%s", a);
- strncpy (cp, buf, LastArg - cp);
- cp += strlen (cp);
- while (cp < LastArg)
- *cp++ = ' ';
+
+ /* the non-portable code in the #else block relies on
+ the system allocating all of the strings in argv[]
+ contiguously. On cygwin this is not necessarily so,
+ and to assume otherwise will lead to segfaults.
+ The downside here is we get supposed ps entries for
+ internal services like:
+ '-echo' instead of '-echo [remoteIP]' (okay?)
+ '-char' instead of '-chargen [remoteIP]' (awful)
+ '-disc' instead of '-discard [remoteIP]' (awful)
+ because the original argv[0] might be 'inetd' unless
+ it was specifically invoked with a full path. However,
+ this is mostly moot:
+ (1) cygwin's ps uses its own internal version of the
+ exe name (or GetModuleName) and then calls
+ cygwin_conv_xxx() for display.
+ (2) procps DOES use the modified argv[0] value
+ */
+ {
+#ifdef __CYGWIN__
+ char* LastNullChar = cp + strlen(cp);
+ char** scan;
+#else
+ char* LastNullChar = LastArg;
+#endif
+
+ strncpy (cp, buf, LastNullChar - cp);
+ cp += strlen (cp);
+ while (cp < LastNullChar)
+ *cp++ = ' ';
+
+#ifdef __CYGWIN__
+ /* individually blank out the rest of the args */
+ for (scan = Argv + 1; *scan != NULL; scan++)
+ {
+ char* nullChar = *scan + strlen(*scan);
+ cp = *scan;
+ while (cp < nullChar)
+ *cp++ = ' ';
+ }
+#endif
+ }
}
/*
@@ -1933,6 +2057,16 @@ main (int argc, char *argv[], char *envp
envp++;
LastArg = envp[-1] + strlen (envp[-1]);
+#ifdef __CYGWIN__
+ /* on cygwin, open the log early -- because even
+ help and cmdline processing messages go directly
+ to syslog. This is because inetd is often run
+ under the SYSTEM account (which is not quite like
+ the *nix 'root')
+ */
+ openlog("inetd", LOG_PID | LOG_NOWAIT, LOG_DAEMON);
+#endif
+
/* Parse command line */
iu_argp_init ("inetd", program_authors);
argp_parse (&argp, argc, argv, 0, &index, NULL);
@@ -1956,7 +2090,7 @@ main (int argc, char *argv[], char *envp
config_files[1] = newstr (PATH_INETDDIR);
}
- if (!debug)
+ if ((debug == 0) && daemonize)
{
if (daemon (0, 0) < 0)
{
@@ -1966,6 +2100,12 @@ main (int argc, char *argv[], char *envp
};
}
+#ifndef __CYGWIN__
+ exception_list except_list;
+ cygwin_internal (CW_INIT_EXCEPTIONS, &except_list);
+ hide_console ();
+#endif /* __CYGWIN__ */
+
openlog ("inetd", LOG_PID | LOG_NOWAIT, LOG_DAEMON);
if (pidfile_option)
@@ -1988,6 +2128,7 @@ main (int argc, char *argv[], char *envp
signal_set_handler (SIGCHLD, reapchild);
signal_set_handler (SIGPIPE, SIG_IGN);
+#ifndef __CYGWIN__
{
/* space for daemons to overwrite environment for ps */
#define DUMMYSIZE 100
@@ -1997,6 +2138,7 @@ main (int argc, char *argv[], char *envp
dummy[DUMMYSIZE - 1] = '\0';
setenv ("inetd_dummy", dummy, 1);
}
+#endif /* __CYGWIN__ */
for (;;)
{
--- origsrc/inetutils-2.5/src/syslogd.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/src/syslogd.c 2023-12-30 21:21:29.053148100 +0900
@@ -338,7 +338,8 @@ enum
OPT_NO_FORWARD = 256,
OPT_NO_KLOG,
OPT_NO_UNIXAF,
- OPT_IPANY
+ OPT_IPANY,
+ OPT_RCDIR
};
static struct argp_option argp_options[] = {
@@ -365,6 +366,7 @@ static struct argp_option argp_options[]
{"mark", 'm', "INTVL", 0, "specify timestamp interval in minutes"
" (0 for no timestamping)", GRP + 1},
{"no-detach", 'n', NULL, 0, "do not enter daemon mode", GRP + 1},
+ {"no-daemonize", 'D', NULL, 0, "Synonym for -n", GRP + 1},
{"no-forward", OPT_NO_FORWARD, NULL, 0, "do not forward any messages "
"(overrides --hop)", GRP + 1},
#ifdef PATH_KLOG
@@ -378,7 +380,7 @@ static struct argp_option argp_options[]
{"rcfile", 'f', "FILE", 0, "override configuration file (default: "
PATH_LOGCONF ")",
GRP + 1},
- {"rcdir", 'D', "DIR", 0, "override configuration directory (default: "
+ {"rcdir", OPT_RCDIR, "DIR", 0, "override configuration directory (default: "
PATH_LOGCONFD ")", GRP + 1},
{"socket", 'p', "FILE", 0, "override default unix domain socket " PATH_LOG,
GRP + 1},
@@ -450,6 +452,7 @@ parse_opt (int key, char *arg, struct ar
break;
case 'n':
+ case 'D':
NoDetach = 1;
break;
@@ -473,7 +476,7 @@ parse_opt (int key, char *arg, struct ar
ConfFile = arg;
break;
- case 'D':
+ case OPT_RCDIR:
ConfDir = arg;
break;
@@ -1128,7 +1131,11 @@ printsys (const char *msg)
char *lp, *q, line[MAXLINE + 1];
const char *p;
+#ifdef __CYGWIN__
+ strcpy (line, "kernel: ");
+#else
strcpy (line, "vmunix: ");
+#endif
lp = line + strlen (line);
for (p = msg; *p != '\0';)
{
--- origsrc/inetutils-2.5/src/uucpd.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/src/uucpd.c 2023-12-30 20:53:28.080045400 +0900
@@ -88,6 +88,12 @@
#include <attribute.h>
#include <libinetutils.h>
+#ifdef __CYGWIN__
+#include <windows.h>
+#include <sys/cygwin.h>
+#define is_winnt (GetVersion() < 0x80000000)
+#endif
+
void dologin (struct passwd *pw, struct sockaddr *sap, socklen_t salen);
void dologout (void);
void doit (struct sockaddr *sap, socklen_t salen);
@@ -180,6 +186,8 @@ readline (register char *p, register int
if (c == '\n' || c == '\r')
{
*p = '\0';
+ if (c == '\r')
+ continue;
return (0);
}
*p++ = c;
@@ -229,12 +237,29 @@ doit (struct sockaddr *sap, socklen_t sa
fprintf (stderr, "passwd read\n");
return;
}
+#ifdef __CYGWIN__
+ if (!is_winnt)
+ {
+#endif
xpasswd = crypt (passwd, pw->pw_passwd);
if (strcmp (xpasswd, pw->pw_passwd))
{
fprintf (stderr, "Login incorrect.");
return;
}
+#ifdef __CYGWIN__
+ }
+ else
+ {
+ HANDLE hToken = cygwin_logon_user (pw, passwd);
+ if (hToken == INVALID_HANDLE_VALUE)
+ {
+ fprintf (stderr, "Login incorrect.");
+ return;
+ }
+ cygwin_set_impersonation_token (hToken);
+ }
+#endif
}
/* XXX: Compare only shell base name to "uucico"?
--- origsrc/inetutils-2.5/talk/Makefile.am 2023-01-01 09:35:18.000000000 +0900
+++ src/inetutils-2.5/talk/Makefile.am 2023-12-30 20:53:28.095036900 +0900
@@ -17,6 +17,7 @@
# along with this program. If not, see `http://www.gnu.org/licenses/'.
AM_CPPFLAGS = \
+ -I$(top_srcdir)/headers \
$(iu_INCLUDES) \
$(NCURSES_INCLUDE) $(INCIDN)
--- origsrc/inetutils-2.5/talk/ctl.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/talk/ctl.c 2023-12-30 20:53:28.100033000 +0900
@@ -55,6 +55,7 @@
#include <sys/types.h>
#include <sys/socket.h>
+#include <protocols/osockaddr.h>
#include <protocols/talkd.h>
#include <netinet/in.h>
#include "talk.h"
@@ -85,7 +86,7 @@ open_sockt (void)
#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
my_addr.sin_len = sizeof (my_addr);
#endif
- my_addr.sin_addr = my_machine_addr;
+ my_addr.sin_addr.s_addr = INADDR_ANY;
my_addr.sin_port = 0;
sockt = socket (AF_INET, SOCK_STREAM, 0);
if (sockt <= 0)
@@ -95,6 +96,7 @@ open_sockt (void)
length = sizeof (my_addr);
if (getsockname (sockt, (struct sockaddr *) &my_addr, &length) == -1)
p_error ("Bad address for socket");
+ my_addr.sin_addr = my_machine_addr;
return 0;
}
@@ -110,7 +112,7 @@ open_ctl (void)
ctl_addr.sin_len = sizeof (ctl_addr);
#endif
ctl_addr.sin_port = 0;
- ctl_addr.sin_addr = my_machine_addr;
+ ctl_addr.sin_addr.s_addr = INADDR_ANY;
ctl_sockt = socket (AF_INET, SOCK_DGRAM, 0);
if (ctl_sockt <= 0)
p_error ("Bad socket");
@@ -119,6 +121,7 @@ open_ctl (void)
length = sizeof (ctl_addr);
if (getsockname (ctl_sockt, (struct sockaddr *) &ctl_addr, &length) == -1)
p_error ("Bad address for ctl socket");
+ ctl_addr.sin_addr = my_machine_addr;
return 0;
}
--- origsrc/inetutils-2.5/talk/ctl_transact.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/talk/ctl_transact.c 2023-12-30 20:53:28.104030900 +0900
@@ -53,6 +53,7 @@
#include <time.h>
#include <netinet/in.h>
#include <sys/select.h>
+#include <protocols/osockaddr.h>
#include <protocols/talkd.h>
#include <errno.h>
#include "talk_ctl.h"
@@ -88,11 +89,11 @@ ctl_transact (struct in_addr target, CTL
*/
do
{
- wait.tv_sec = CTL_WAIT;
- wait.tv_usec = 0;
/* resend message until a response is obtained */
do
{
+ wait.tv_sec = CTL_WAIT;
+ wait.tv_usec = 0;
cc = sendto (ctl_sockt, (char *) &msg, sizeof (msg), 0,
(struct sockaddr *) &daemon_addr,
sizeof (daemon_addr));
--- origsrc/inetutils-2.5/talk/get_addrs.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/talk/get_addrs.c 2023-12-30 21:14:23.839832200 +0900
@@ -53,6 +53,7 @@
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
+#include <protocols/osockaddr.h>
#include <protocols/talkd.h>
#include <netdb.h>
#include <stdio.h>
@@ -71,7 +72,11 @@ get_addrs (char *my_machine_name, char *
#if HAVE_DECL_GETADDRINFO || defined HAVE_IDN || defined HAVE_IDN2
int err;
#endif
+#ifdef HAVE_IDN
char *lhost, *rhost;
+#else
+ char *rhost;
+#endif
#if HAVE_DECL_GETADDRINFO
struct addrinfo hints, *res, *ai;
#else /* !HAVE_DECL_GETADDRINFO */
@@ -96,7 +101,6 @@ get_addrs (char *my_machine_name, char *
exit (-1);
}
#else /* !HAVE_IDN && !HAVE_IDN2 */
- lhost = my_machine_name;
rhost = his_machine_name;
#endif
@@ -114,16 +118,14 @@ get_addrs (char *my_machine_name, char *
hints.ai_flags |= AI_IDN;
# endif
- err = getaddrinfo (lhost, NULL, &hints, &res);
+ err = getaddrinfo (rhost, NULL, &hints, &res);
if (err)
{
- fprintf (stderr, "talk: %s: %s\n", lhost, gai_strerror (err));
+ fprintf (stderr, "talk: %s: %s\n", rhost, gai_strerror (err));
exit (-1);
}
- /* Perform all sanity checks available.
- * Reduction of tests?
- */
+ /* Perform all sanity checks available. */
for (ai = res; ai; ai = ai->ai_next)
{
int f;
@@ -135,98 +137,33 @@ get_addrs (char *my_machine_name, char *
if (f < 0)
continue;
- /* Attempt binding to this local address. */
- if (bind (f, ai->ai_addr, ai->ai_addrlen))
- {
- close (f);
- f = -1;
- continue;
- }
-
- /* We have a usable address. */
+ /* We have a usable address family! */
close (f);
break;
}
if (ai)
- memcpy (&my_machine_addr,
+ memcpy (&his_machine_addr,
&((struct sockaddr_in *) ai->ai_addr)->sin_addr,
- sizeof (my_machine_addr));
+ sizeof (his_machine_addr));
freeaddrinfo (res);
if (!ai)
{
- fprintf (stderr, "talk: %s: %s\n", lhost, "address not found");
+ fprintf (stderr, "talk: %s: %s\n", rhost, "address not found");
exit (-1);
}
#else /* !HAVE_DECL_GETADDRINFO */
- hp = gethostbyname (lhost);
+ hp = gethostbyname (rhost);
if (hp == NULL)
{
- fprintf (stderr, "talk: %s(%s): ", lhost, my_machine_name);
+ fprintf (stderr, "talk: %s(%s): ", rhost, his_machine_name);
herror ((char *) NULL);
exit (-1);
}
- memmove (&my_machine_addr, hp->h_addr, hp->h_length);
-#endif /* !HAVE_DECL_GETADDRINFO */
-
- /*
- * If the callee is on-machine, just copy the
- * network address, otherwise do a lookup...
- */
- if (strcmp (rhost, lhost))
- {
-#if HAVE_DECL_GETADDRINFO
- err = getaddrinfo (rhost, NULL, &hints, &res);
- if (err)
- {
- fprintf (stderr, "talk: %s: %s\n", rhost, gai_strerror (err));
- exit (-1);
- }
-
- /* Perform all sanity checks available. */
- for (ai = res; ai; ai = ai->ai_next)
- {
- int f;
-
- if (ai->ai_family != AF_INET)
- continue;
-
- f = socket (ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (f < 0)
- continue;
-
- /* We have a usable address family! */
- close (f);
- break;
- }
-
- if (ai)
- memcpy (&his_machine_addr,
- &((struct sockaddr_in *) ai->ai_addr)->sin_addr,
- sizeof (his_machine_addr));
-
- freeaddrinfo (res);
- if (!ai)
- {
- fprintf (stderr, "talk: %s: %s\n", rhost, "address not found");
- exit (-1);
- }
-
-#else /* !HAVE_DECL_GETADDRINFO */
- hp = gethostbyname (rhost);
- if (hp == NULL)
- {
- fprintf (stderr, "talk: %s(%s): ", rhost, his_machine_name);
- herror ((char *) NULL);
- exit (-1);
- }
- memmove (&his_machine_addr, hp->h_addr, hp->h_length);
+ memmove (&his_machine_addr, hp->h_addr, hp->h_length);
#endif /* !HAVE_DECL_GETADDRINFO */
- }
- else
- his_machine_addr = my_machine_addr;
/* Find the server's port. */
sp = getservbyname ("ntalk", "udp");
@@ -238,6 +175,41 @@ get_addrs (char *my_machine_name, char *
}
daemon_port = ntohs (sp->s_port);
+ /* look up the address of the local host
+ which can communicate with remote host */
+ {
+ int f;
+ struct sockaddr_in addr;
+ socklen_t length;
+
+ f = socket (AF_INET, SOCK_DGRAM, 0);
+ if (f < 0)
+ {
+ fprintf (stderr, "talk: Bad socket: ");
+ herror ((char *) NULL);
+ exit (-1);
+ }
+ memset (&addr, 0, sizeof(addr));
+ addr.sin_family = AF_INET;
+ addr.sin_port = htons (daemon_port);
+ addr.sin_addr = his_machine_addr;
+ if (connect (f, (struct sockaddr *)&addr, sizeof(addr)) < 0)
+ {
+ fprintf (stderr, "talk: Coundn't connect to control socket: ");
+ herror ((char *) NULL);
+ exit (-1);
+ }
+ length = sizeof (addr);
+ if (getsockname (f, (struct sockaddr *)&addr, &length) < 0)
+ {
+ fprintf (stderr, "talk: Bad address for ctl socket: ");
+ herror ((char *) NULL);
+ exit (-1);
+ }
+ close (f);
+ my_machine_addr = addr.sin_addr;
+ }
+
#if defined HAVE_IDN || defined HAVE_IDN2
free (lhost);
free (rhost);
--- origsrc/inetutils-2.5/talk/get_names.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/talk/get_names.c 2023-12-30 20:53:28.117022700 +0900
@@ -54,6 +54,7 @@
#include <sys/param.h>
#include <sys/socket.h>
#include <netinet/in.h>
+#include <protocols/osockaddr.h>
#include <protocols/talkd.h>
#include <pwd.h>
#include <libinetutils.h>
--- origsrc/inetutils-2.5/talk/invite.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/talk/invite.c 2023-12-30 20:53:28.154003100 +0900
@@ -55,6 +55,7 @@
#include <time.h>
#include <signal.h>
#include <netinet/in.h>
+#include <protocols/osockaddr.h>
#include <protocols/talkd.h>
#include <errno.h>
#include <unistd.h>
--- origsrc/inetutils-2.5/talk/io.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/talk/io.c 2023-12-30 20:53:28.158999200 +0900
@@ -67,6 +67,8 @@
#include <sys/select.h>
#include "talk.h"
+#include <sys/socket.h>
+
#define A_LONG_TIME 10000000
/*
--- origsrc/inetutils-2.5/talk/look_up.c 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/talk/look_up.c 2023-12-30 20:53:28.164996300 +0900
@@ -52,6 +52,7 @@
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
+#include <protocols/osockaddr.h>
#include <protocols/talkd.h>
#include <unistd.h>
#include <errno.h>
--- origsrc/inetutils-2.5/talkd/Makefile.am 2023-01-01 09:35:18.000000000 +0900
+++ src/inetutils-2.5/talkd/Makefile.am 2023-12-30 20:53:28.169992400 +0900
@@ -19,6 +19,7 @@
@PATHDEFS_MAKE@
AM_CPPFLAGS = \
+ -I$(top_srcdir)/headers \
$(iu_INCLUDES) \
$(PATHDEF_DEV) \
$(PATHDEF_TTY_PFX) $(PATHDEF_UTMP) $(PATHDEF_UTMPX)
--- origsrc/inetutils-2.5/talkd/intalkd.h 2023-12-30 02:34:46.000000000 +0900
+++ src/inetutils-2.5/talkd/intalkd.h 2023-12-30 20:53:28.173991000 +0900
@@ -21,6 +21,7 @@
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#include <protocols/osockaddr.h>
#include <protocols/talkd.h>
#include <netdb.h>
#include <syslog.h>
Reference in New Issue View Git Blame Copy Permalink