Use err(3). Put includes in alphabetical order.

Rewrote man page in mdoc format. Document -v and -p flags.
svn path=/head/; revision=29735
2024-11-27 04:53:28 +00:00 · 1997-09-23 06:36:27 +00:00 · 1997-09-23 06:36:27 +00:00 · ecdf56e7d9 · 2020-12-20 02:59:44 +00:00
commit ecdf56e7d9
parent 330f19d310
5 changed files with 113 additions and 132 deletions
--- a/usr.sbin/keyserv/crypt_server.c
+++ b/usr.sbin/keyserv/crypt_server.c
@ -28,25 +28,24 @@
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 *	$Id: crypt_server.c,v 1.1.1.1 1997/05/28 15:44:22 wpaul Exp $
 */
 #include <stdio.h>
 #include <sys/types.h>
 #include <sys/param.h>
 #include <stdlib.h>
 #include <dirent.h>
 #include <dlfcn.h>
 #include <err.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <rpc/des_crypt.h>
 #include <rpc/des.h>
 #include <string.h>
 #include <dlfcn.h>
 #include "crypt.h"
 #ifndef lint
-static const char rcsid[] = "$Id: crypt_server.c,v 1.1.1.1 1997/05/28 15:44:22 wpaul Exp $";
+static const char rcsid[] =
-#endif
+	"$Id$";
 #endif /* not lint */
 /*
 * The U.S. government stupidly believes that a) it can keep strong
--- a/usr.sbin/keyserv/keyserv.8
+++ b/usr.sbin/keyserv/keyserv.8
@ -1,77 +1,79 @@
 .\" @(#)keyserv.1m 1.21 93/07/14 SMI; from SVr4
-'\"macro stdmacro
+.\"macro stdmacro
 .\" Copyright 1989 AT&T
 .\" @(#)keyserv.8c 1.8 89/03/29 SMI;
 .\".TH KEYSERV 8C "9 September 1987"
-.nr X
+.Dd September 14, 1992
-.TH keyserv 1M "14 Sep 1992"
+.Dt KEYSERV 8
-.SH NAME
+.Os
-keyserv \- server for storing private encryption keys
+.Sh NAME
-.SH SYNOPSIS
+.Nm keyserv
-.B keyserv 
+.Nd server for storing private encryption keys
-[
+.Sh SYNOPSIS
-.B \-d
+.Nm keyserv 
-] [
+.Op Fl d
-.B \-D
+.Op Fl D
-] [
+.Op Fl n
-.B \-n
+.Op Fl p Ar path
-]
+.Op Fl v
-.SH AVAILABILITY
+.Sh AVAILABILITY
 .LP
 SUNWcsu
-.SH DESCRIPTION
+.Sh DESCRIPTION
-.IX "keyserv" "" "\fLkeyserv\fP \(em server for storing private encryption keys"
+.Nm Keyserv
 .IX "NFS security" "server for storing private encryption keys" "" "server for storing private encryption keys \(em \fLkeyserv\fP"
 .IX "encryption keys"  "server for storing private keys" "" "server for storing private keys \(em \fLkeyserv\fP"
 .LP
 .B keyserv
 is a daemon that is used for storing the
 private encryption keys of each
 user logged into the system.
 These encryption keys are used for accessing
 secure network services such as secure NFS.
-.P
+.Pp
 Normally, root's key is read from the file
-.B /etc/.rootkey
+.Pa /etc/.rootkey
 when the daemon is started.
 This is useful during power-fail reboots
 when no one is around to type a password. 
-.P
+.Pp
 If a client with no secret key calls 
-.BR keyserv , 
+.Nm keyserv , 
 then the key of user 
-.B nobody 
+.Em nobody 
 is used instead as the default key.
-.SH OPTIONS
+.Pp
-.TP 10
+The following options are available:
-.B \-d 
+.Bl -tag -width indent
 .It Fl d
 Disable the use of default keys for
-.BR nobody .
+.Em nobody .
-.TP
+.It Fl D
 .B \-D 
 Run in debugging mode and log all requests to 
-.BR keyserv .
+.Nm keyserv .
-.TP
+.It Fl n
 .B \-n
 Root's secret key is not read from
-.BR /etc/.rootkey .
+.Pa /etc/.rootkey .
 Instead,
-.B keyserv
+.Nm
 prompts the user for the password to decrypt
 root's key stored in the
-.B /etc/publickey
+.Pa /etc/publickey
 database and then stores the decrypted key in
-.B /etc/.rootkey
+.Pa /etc/.rootkey
 for future use.
 This option is useful if the
-.B /etc/.rootkey
+.Pa /etc/.rootkey
 file ever gets out of date or corrupted.
-.SH FILES
+.It Fl p Ar path
-.PD 0
+Specify where to search for
-.TP 20
+.Pa libdes.so.3 .
-.B /etc/.rootkey
+Default is
-.PD
+.Pa /usr/lib .
-.SH "SEE ALSO"
+.It Fl v
-.BR keylogin (1),
+Display status of DES support (enabled/disabled).
-.BR keylogout (1),
+.El
-.BR publickey (5)
+.Sh FILES
 .Bl -tag -width /usr/lib/libdes.so.3. -compact
 .It Pa /etc/.rootkey
 .It Pa /usr/lib/libdes.so.3.
 .El
 .Sh "SEE ALSO"
 .Xr keylogin 1 ,
 .Xr keylogout 1 ,
 .Xr publickey 5
--- a/usr.sbin/keyserv/keyserv.c
+++ b/usr.sbin/keyserv/keyserv.c
@ -27,7 +27,13 @@
 * Mountain View, California  94043
 */
-#pragma ident	"@(#)keyserv.c	1.15	94/04/25 SMI"
+#ifndef lint
 #if 0
 static char sccsid[] = "@(#)keyserv.c	1.15	94/04/25 SMI";
 #endif
 static const char rcsid[] =
 	"$Id$";
 #endif /* not lint */
 /*
 * Copyright (c) 1986 - 1991 by Sun Microsystems, Inc.
@ -41,18 +47,18 @@
 * process on the local transport only
 */
 #include <err.h>
 #include <pwd.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <pwd.h>
 #include <unistd.h>
 #include <string.h>
 #include <unistd.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <rpc/rpc.h>
 #include <rpc/pmap_clnt.h>
 #include <sys/param.h>
 #include <sys/file.h>
 #include <pwd.h>
 #include <rpc/des_crypt.h>
 #include <rpc/des.h>
 #include <rpc/key_prot.h>
@ -107,8 +113,6 @@ main(argc, argv)
 	char *argv[];
 {
 	int nflag = 0;
 	extern char *optarg;
 	extern int optind;
 	int c;
 	register SVCXPRT *transp;
 	int sock = RPC_ANYSOCK;
@ -142,10 +146,8 @@ main(argc, argv)
 	load_des(warn, path);
 	__des_crypt_LOCAL = _my_crypt;
-	if (svc_auth_reg(AUTH_DES, _svcauth_des) == -1) {
+	if (svc_auth_reg(AUTH_DES, _svcauth_des) == -1)
-		fprintf(stderr, "failed to register AUTH_DES authenticator\n");
+		errx(1, "failed to register AUTH_DES authenticator");
 		exit(1);
 	}
 	if (optind != argc) {
 		usage();
@ -155,10 +157,8 @@ main(argc, argv)
 	 * Initialize
 	 */
 	(void) umask(066);	/* paranoia */
-	if (geteuid() != 0) {
+	if (geteuid() != 0)
-		(void) fprintf(stderr, "%s must be run as root\n", argv[0]);
+		errx(1, "keyserv must be run as root");
 		exit(1);
 	}
 	setmodulus(HEXMODULUS);
 	getrootkey(&masterkey, nflag);
@ -170,51 +170,31 @@ main(argc, argv)
 	unlink(KEYSERVSOCK);
 	transp = svcudp_create(RPC_ANYSOCK);
-	if (transp == NULL) {
+	if (transp == NULL)
-		fprintf(stderr, "cannot create udp service.");
+		errx(1, "cannot create udp service");
-		exit(1);
+	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, IPPROTO_UDP))
-	}
+		errx(1, "unable to register (KEY_PROG, KEY_VERS, udp)");
-	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, IPPROTO_UDP)) {
+	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, IPPROTO_UDP))
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS, udp).");
+		errx(1, "unable to register (KEY_PROG, KEY_VERS2, udp)");
 		exit(1);
 	}
 	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, IPPROTO_UDP)) {
 		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS2, udp).");
 		exit(1);
 	}
 	transp = svctcp_create(RPC_ANYSOCK, 0, 0);
-	if (transp == NULL) {
+	if (transp == NULL)
-		fprintf(stderr, "cannot create tcp service.");
+		errx(1, "cannot create tcp service");
-		exit(1);
+	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, IPPROTO_TCP))
-	}
+		errx(1, "unable to register (KEY_PROG, KEY_VERS, tcp)");
-	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, IPPROTO_TCP)) {
+	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, IPPROTO_TCP))
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS, tcp).");
+		errx(1, "unable to register (KEY_PROG, KEY_VERS2, tcp)");
 		exit(1);
 	}
 	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, IPPROTO_TCP)) {
 		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS2, tcp).");
 		exit(1);
 	}
 	transp = svcunix_create(sock, 0, 0, KEYSERVSOCK);
 	chmod(KEYSERVSOCK, 0666);
-	if (transp == NULL) {
+	if (transp == NULL)
-		fprintf(stderr, "cannot create AF_UNIX service.");
+		errx(1, "cannot create AF_UNIX service");
-		exit(1);
+	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, 0))
-	}
+		errx(1, "unable to register (KEY_PROG, KEY_VERS, unix)");
-	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, 0)) {
+	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, 0))
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS, unix).");
+		errx(1, "unable to register (KEY_PROG, KEY_VERS2, unix)");
-		exit(1);
+	if (!svc_register(transp, CRYPT_PROG, CRYPT_VERS, crypt_prog_1, 0))
-	}
+		errx(1, "unable to register (CRYPT_PROG, CRYPT_VERS, unix)");
 	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, 0)) {
 		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS2, unix).");
 		exit(1);
 	}
 	if (!svc_register(transp, CRYPT_PROG, CRYPT_VERS, crypt_prog_1, 0)) {
 		fprintf(stderr, "unable to register (CRYPT_PROG, CRYPT_VERS, unix).");
 		exit(1);
 	}
 	if (!debugging) {
 		daemon(0,0);
@ -286,24 +266,21 @@ getrootkey(master, prompt)
 			return (0);
 		}
 		if (read(fd, secret, HEXKEYBYTES) < HEXKEYBYTES) {
-			(void) fprintf(stderr,
+			warnx("the key read from %s was too short", ROOTKEY);
 			    "keyserv: the key read from %s was too short.\n",
 			    ROOTKEY);
 			(void) close(fd);
 			return (0);
 		}
 		(void) close(fd);
 		if (!getnetname(name)) {
-		    (void) fprintf(stderr, "keyserv: \
+		    warnx(
-failed to generate host's netname when establishing root's key.\n");
+	"failed to generate host's netname when establishing root's key");
 		    return (0);
 		}
 		memcpy(netstore.st_priv_key, secret, HEXKEYBYTES);
 		memset(netstore.st_pub_key, 0, HEXKEYBYTES);
 		netstore.st_netname = name;
 		if (pk_netput(0, &netstore) != KEY_SUCCESS) {
-		    (void) fprintf(stderr,
+		    warnx("could not set root's key and netname");
 			"keyserv: could not set root's key and netname.\n");
 		    return (0);
 		}
 		return (1);
@ -315,13 +292,11 @@ failed to generate host's netname when establishing root's key.\n");
 	passwd2des(passwd, (char *)master);
 	getnetname(name);
 	if (!getsecretkey(name, secret, passwd)) {
-		(void) fprintf(stderr,
+		warnx("can't find %s's secret key", name);
 		"Can't find %s's secret key\n", name);
 		return (0);
 	}
 	if (secret[0] == 0) {
-		(void) fprintf(stderr,
+		warnx("password does not decrypt secret key for %s", name);
 	"Password does not decrypt secret key for %s\n", name);
 		return (0);
 	}
 	(void) pk_setkey(0, secret);
--- a/usr.sbin/keyserv/keyserv_uid.c
+++ b/usr.sbin/keyserv/keyserv_uid.c
@ -28,24 +28,23 @@
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 *	$Id: keyserv_uid.c,v 1.13 1997/01/19 20:23:05 wpaul Exp $
 */
 #include <signal.h>
 #include <stdio.h>
 #include <sys/types.h>
 #include <string.h>
 #include <unistd.h>
 #include <sys/types.h>
 #include <rpc/key_prot.h>
 #include <rpc/des.h>
 #include <signal.h>
 #include <sys/socket.h>
 #include <sys/param.h>
 #include <unistd.h>
 #include "keyserv.h"
 #ifndef lint
-static const char rcsid[] = "$Id: keyserv_uid.c,v 1.13 1997/01/19 20:23:05 wpaul Exp $";
+static const char rcsid[] =
 	"$Id$";
 #endif
 /*
--- a/usr.sbin/keyserv/setkey.c
+++ b/usr.sbin/keyserv/setkey.c
@ -27,7 +27,13 @@
 * Mountain View, California  94043
 */
-#pragma ident	"@(#)setkey.c	1.11	94/04/25 SMI"
+#ifndef lint
 #if 0
 static char sccsid[] = "@(#)setkey.c	1.11	94/04/25 SMI";
 #endif
 static const char rcsid[] =
 	"$Id$";
 #endif /* not lint */
 /*
 * Copyright (c) 1986 - 1991 by Sun Microsystems, Inc.
@ -39,17 +45,17 @@
 * and use them to decrypt and encrypt DES keys.
 * Cache the common keys, so the expensive computation is avoided.
 */
 #include <mp.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 #include <sys/types.h>
 #include <mp.h>
 #include <rpc/rpc.h>
 #include <rpc/key_prot.h>
 #include <rpc/des_crypt.h>
 #include <rpc/des.h>
 #include <sys/errno.h>
 #include <string.h>
 #include "keyserv.h"
 static MINT *MODULUS;