From bryan@stansell.org Wed Jun 1 23:29:18 2005 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.13.4/8.13.4) with ESMTP id j526TItW025960 for ; Wed, 1 Jun 2005 23:29:18 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.13.4/8.13.4/Submit) id j526TIVQ025959 for users@conserver.com; Wed, 1 Jun 2005 23:29:18 -0700 (PDT) Date: Wed, 1 Jun 2005 23:29:18 -0700 From: Bryan Stansell To: users@conserver.com Subject: SSL, certs, and conserver (fix included) Message-ID: <20050602062918.GJ4552@underdog.stansell.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Jun 2005 06:29:19 -0000 it all started with an innocent enough question: On Thu, May 26, 2005 at 11:00:35PM +0100, Michael Doyle wrote: > Can anyone give me an example of using conserver with generated ssl cert's > (i.e. -c file) for both the server and client. I've compiled conserver with > openssl support and a tcpdump confirms that traffic is encrypted between > server and client but when I start the daemon with a ' -c' pointing to a > self signed certificate file I created, the client happily connects to > consoles even though I've not specified the equivalent on the client side. > My understanding is that if I use a cert then the server and client need to > be using the same. Any pointers appreciated. and in looking into it, i notice certs weren't working right. the good news is, being on a plane gave me time enough to really dig into this and i found the problem (pretty simple, actually). i've included the patch below, for those who'd actually like to use certs before the next release. here's a description of how things are coded to work (once you apply the patch).... - neither side uses -c the ssl bits are allowed to use an unauthenticated cipher to set up the encryption. that just works. now, if you use the -c option on either side, that side disables the unauthenticated ciphers and requires a valid cert handshake. so if... - server side uses -c since the anonymous ciphers are not allowed, the client *must* validate/accept the server's certificate for the handshake to complete. the servers does *not* require a certificate from the client. if the client provides a certificate, however, the server *must* validate it as well. - client side uses -c again, since the anonymous ciphers are not allowed (on the client, this time), a valid handshake has to happen. apparently this can only happen (at least with the code the way it is) if the server provides a certficate. therefore, you *must* give the server a cert if you use -c on the client, in which case you're in the boat above. crazy stuff, no? i think for the most common cases, this behavior is correct. you want the client to validate a server cert. and if you give the client a cert, you want the server to validate it. if anyone is still having issues after applying the patch below, let me know. it was working well for me and the certs generated with the contrib/maketestcerts script. Bryan =================================== diff -c -r conserver-8.1.11-orig/conserver/main.c conserver-8.1.11/conserver/main.c *** conserver-8.1.11-orig/conserver/main.c Tue Jul 13 22:28:42 2004 --- conserver-8.1.11/conserver/main.c Wed Jun 1 22:50:35 2005 *************** *** 323,328 **** --- 323,329 ---- #endif { if (ctx == (SSL_CTX *)0) { + char *ciphers; SSL_load_error_strings(); if (!SSL_library_init()) { Error("SetupSSL(): SSL_library_init() failed"); *************** *** 352,357 **** --- 353,361 ---- config->sslcredentials); Bye(EX_SOFTWARE); } + ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH"; + } else { + ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH"; } SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback); SSL_CTX_set_options(ctx, *************** *** 362,368 **** SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY); SSL_CTX_set_tmp_dh_callback(ctx, TmpDHCallback); ! if (SSL_CTX_set_cipher_list(ctx, "ALL:!LOW:!EXP:!MD5:@STRENGTH") != 1) { Error("SetupSSL(): setting SSL cipher list failed"); Bye(EX_SOFTWARE); --- 366,372 ---- SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY); SSL_CTX_set_tmp_dh_callback(ctx, TmpDHCallback); ! if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) { Error("SetupSSL(): setting SSL cipher list failed"); Bye(EX_SOFTWARE); diff -c -r conserver-8.1.11-orig/console/console.c conserver-8.1.11/console/console.c *** conserver-8.1.11-orig/console/console.c Mon Oct 25 00:18:20 2004 --- conserver-8.1.11/console/console.c Wed Jun 1 22:50:13 2005 *************** *** 69,74 **** --- 69,75 ---- #endif { if (ctx == (SSL_CTX *)0) { + char *ciphers; SSL_load_error_strings(); if (!SSL_library_init()) { Error("SSL library initialization failed"); *************** *** 95,100 **** --- 96,104 ---- config->sslcredentials); Bye(EX_UNAVAILABLE); } + ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH"; + } else { + ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH"; } SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback); SSL_CTX_set_options(ctx, *************** *** 104,110 **** SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY); ! if (SSL_CTX_set_cipher_list(ctx, "ALL:!LOW:!EXP:!MD5:@STRENGTH") != 1) { Error("Setting SSL cipher list failed"); Bye(EX_UNAVAILABLE); --- 108,114 ---- SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY); ! if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) { Error("Setting SSL cipher list failed"); Bye(EX_UNAVAILABLE); From phil@metallica.usc.edu Wed Jun 1 23:45:39 2005 Received: from metallica.usc.edu (metallica.usc.edu [128.125.10.57]) by underdog.stansell.org (8.13.4/8.13.4) with ESMTP id j526jTSi026093 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 1 Jun 2005 23:45:36 -0700 (PDT) Received: from metallica.usc.edu (localhost.localdomain [127.0.0.1]) by metallica.usc.edu (8.12.11/8.12.11) with ESMTP id j526jSR5019792; Wed, 1 Jun 2005 23:45:28 -0700 Received: (from phil@localhost) by metallica.usc.edu (8.12.11/8.12.11/Submit) id j526jOvp019791; Wed, 1 Jun 2005 23:45:24 -0700 Date: Wed, 1 Jun 2005 23:45:24 -0700 From: Phil Dibowitz To: Bryan Stansell Subject: Re: SSL, certs, and conserver (fix included) Message-ID: <20050602064524.GX28855@usc.edu> References: <20050602062918.GJ4552@underdog.stansell.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="jVsR2ALpK8IGZh9q" Content-Disposition: inline In-Reply-To: <20050602062918.GJ4552@underdog.stansell.org> User-Agent: Mutt/1.5.4i X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Jun 2005 06:45:40 -0000 --jVsR2ALpK8IGZh9q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jun 01, 2005 at 11:29:18PM -0700, Bryan Stansell wrote: > it all started with an innocent enough question: >=20 > On Thu, May 26, 2005 at 11:00:35PM +0100, Michael Doyle wrote: > > Can anyone give me an example of using conserver with generated ssl cer= t's > > (i.e. -c file) for both the server and client. I've compiled conserver = with > > openssl support and a tcpdump confirms that traffic is encrypted between > > server and client but when I start the daemon with a ' -c' pointing to a > > self signed certificate file I created, the client happily connects to > > consoles even though I've not specified the equivalent on the client si= de. > > My understanding is that if I use a cert then the server and client nee= d to > > be using the same. Any pointers appreciated. >=20 > and in looking into it, i notice certs weren't working right. the good > news is, being on a plane gave me time enough to really dig into this > and i found the problem (pretty simple, actually). i've included the > patch below, for those who'd actually like to use certs before the next > release. Oh - that explains why it "worked" for me - I was allowing unauthenticated ciphers.... I assume that was the part that _wasn't_ broken. OK. Cool. --=20 Phil Dibowitz Systems Architect and Administrator Enterprise Infrastructure / ISD / USC UCC 174 - 213-821-5427 --jVsR2ALpK8IGZh9q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFCnqsE7lkZ1Iyv898RAh48AKCDOKih8pLvDuqrbuifjFNIqEDxoACcCSWr 9biFYrNsvPY2Df8HRGXiiE4= =8nK4 -----END PGP SIGNATURE----- --jVsR2ALpK8IGZh9q-- From shijialist@yahoo.ca Thu Jun 16 13:32:45 2005 Received: from web42108.mail.yahoo.com (web42108.mail.yahoo.com [66.218.93.201]) by underdog.stansell.org (8.13.4/8.13.4) with SMTP id j5GKWZLp002596 for ; Thu, 16 Jun 2005 13:32:42 -0700 (PDT) Received: (qmail 6732 invoked by uid 60001); 16 Jun 2005 20:32:34 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.ca; h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=yx9RaOOtibFl7KHfj3jsLe6v38MdMsI2G/+4p6KJwGORr0srF784Qq79GyMBmnC4f1i2/Dfu9JneGDF8A/t8aZv/q5lpVmhyBeERD+7ZbTF1FU0wbplRqEOawhPLqJLTySW+KVFmsd4cwl2PwcgGDGPwGMVK83SDebSuZjhH2x0= ; Message-ID: <20050616203234.6730.qmail@web42108.mail.yahoo.com> Received: from [130.63.237.207] by web42108.mail.yahoo.com via HTTP; Thu, 16 Jun 2005 16:32:34 EDT Date: Thu, 16 Jun 2005 16:32:34 -0400 (EDT) From: "James.Q.L" Subject: RE: new to console server / client (ASM, Yech!) To: Zonker Harris In-Reply-To: <2C84084C165E7B409F9294D2B2DECC8701D83CF7@inc-svc-01.inc.bigbandnet.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com, consoles@conserver.com X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2005 20:32:46 -0000 I have done some testing on conserver with ASM. please see below. --- Zonker Harris wrote: > > > First off; An ASM!! Oh My GOD! :-P > (I declared the End Of Life on that during my days > at Cisco, in the early 90's! Lots of warts on that > unit! Save your pennies, and look for something > better, ASAP! :-| hold it, we have 4 ASMs :) > OK, now, let me clarify; > > 1) Which part of Canada are you from? ;-) Toronto, the center of the... er, never mind :) > 2) PolyCentre is making the reverse-TCP connections > to the ASM, and the ASM is making the physical > serial connection with the RJ-11 jacks to your > hosts, yes? > > 3) You (or your users) then connect to the Poly Centre > in order to communicate with the consoles (through > the ASM), have I got that right so far? yes. > The ASM should be replaced in this function, since > the unit has a SEVERE problem passing LOTS of data > at once. While capable (even in the mid-90's) of being > a 112-port terminal server, it's top port speed was > 38.4 Kbps, but the bigger issues were in Hardware > Flow Control, and 'busy' ports... > [snip] thanks for the warning. we have been looking for replacements. however, there is no sign as of when. though, AFAIK the ASM has been in used for really looong time and working fine. > > I don't recall if the unit sent Serial BREAK. It was > early in Sun's life, and I wasn't paying attention to > that when I did the other testing. My guess is, that > it DOES send break, too. Bet to replace the ASM with > something Sun Safe. (See my BREAK testing pages for > more info. > http://www.conserver.com/consoles/BREAK-off/breakoff.html > I tried sending the break with (ctrl ecl 0) and it succeeded. so now the problem is to confirm if there will be serial break problem (if terminal servers send BREAK at inopportune times) ? that testing process looks dreadful ;/ I don't know if i can count on this... since the ASM has been working fine with Polycentre, is it likely that there won't be serial break problem with conserver? other than the serial break question, conserver seems working fine with ASM. thanks. James. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From conserver@sanitarium.net Wed Jun 22 11:18:02 2005 Received: from asylum.sanitarium.net (asylum.sanitarium.net [24.173.162.174]) by underdog.stansell.org (8.13.4/8.13.4) with SMTP id j5MIHt8V023187 for ; Wed, 22 Jun 2005 11:18:00 -0700 (PDT) Received: (qmail 30560 invoked by uid 12313); 22 Jun 2005 14:18:17 -0400 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 22 Jun 2005 14:18:17 -0400 Date: Wed, 22 Jun 2005 14:18:15 -0400 (EDT) From: Kevin Korb X-X-Sender: kmk@asylum.sanitarium.net To: users@conserver.com Subject: logging of "loved" output Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jun 2005 18:18:03 -0000 Hello, I am currently using conserver with the -u option to log "unloved" output to stdout which I then capture and parse with other programs. Unfortunately that does not include any output that happens while a user is attatched to the port. I need conserver to send all console output to stdout for processessing regardless of loved or unloved. I have played with the -U option a bit trying to get it to output to stdout with things like -U- but that didn't work. I also discovered that -u and -U seem to handle CRLF translations differently which is a problem for me with -U. I took a look into the source code and attempted to comment out the if command that prevents the logging of loved output but that didn't seem to help and the conserver code is a bit too convoluted for my limited knowledge of C. Can anyone help with this? TIA -- Kevin From bryan@stansell.org Wed Jun 22 12:16:24 2005 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.13.4/8.13.4) with ESMTP id j5MJGOSA023761 for ; Wed, 22 Jun 2005 12:16:24 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.13.4/8.13.4/Submit) id j5MJGO4K023760 for users@conserver.com; Wed, 22 Jun 2005 12:16:24 -0700 (PDT) Date: Wed, 22 Jun 2005 12:16:24 -0700 From: Bryan Stansell To: users@conserver.com Subject: Re: logging of "loved" output Message-ID: <20050622191624.GF27090@underdog.stansell.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jun 2005 19:16:25 -0000 On Wed, Jun 22, 2005 at 02:18:15PM -0400, Kevin Korb wrote: > I have played with the -U option a bit trying to get it to output to > stdout with things like -U- but that didn't work. I also discovered > that -u and -U seem to handle CRLF translations differently which is a > problem for me with -U. yep, you have to give a filename to -U. '-' isn't special - it'll just create a file called '-'. you shouldn't see any difference between the -u and -U output as far as cr/lf are concerned...the code is writing the same data to each. if you end up seeing something, then it could be your tty doing translations of that data when going to your terminal. > I took a look into the source code and attempted to comment out the if > command that prevents the logging of loved output but that didn't seem > to help and the conserver code is a bit too convoluted for my limited > knowledge of C. Can anyone help with this? check out lines 2644 and 2656 of conserver/group.c. you'll see checks for "pCEServing->pCLwr == (CONSCLIENT *)0". remove those and -u will output everything. personally, i'd use -U with a filename and get the log parsing stuff to just read from a file (lots of tools out there do that...gnu tail can even do cool things to help). or, even better, i'd be logging all the console data to individual files and letting something like logsurfer do it's magic to watch them all. then you see *all* the data, instead of the possibly-truncated info that -u/-U give you (yes, it truncates long lines...because of the way it wants to output individual lines per console, it has to buffer things to prevent madness on devices that don't produce line-oriented output). anyway, good luck - and hopefully something here helps. Bryan From conserver@sanitarium.net Wed Jun 22 12:37:38 2005 Received: from asylum.sanitarium.net (asylum.sanitarium.net [24.173.162.174]) by underdog.stansell.org (8.13.4/8.13.4) with SMTP id j5MJbT1A023971 for ; Wed, 22 Jun 2005 12:37:34 -0700 (PDT) Received: (qmail 3367 invoked by uid 12313); 22 Jun 2005 15:37:50 -0400 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 22 Jun 2005 15:37:50 -0400 Date: Wed, 22 Jun 2005 15:37:48 -0400 (EDT) From: Kevin Korb X-X-Sender: kmk@asylum.sanitarium.net To: Bryan Stansell Subject: Re: logging of "loved" output In-Reply-To: <20050622191624.GF27090@underdog.stansell.org> Message-ID: References: <20050622191624.GF27090@underdog.stansell.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jun 2005 19:37:39 -0000 This is the patch that I tried: --- conserver/group.c.orig 2005-06-02 17:21:10.000000000 -0400 +++ conserver/group.c 2005-06-02 17:36:36.000000000 -0400 @@ -2558,8 +2558,7 @@ * or output to unifiedlog if it's open */ if (unifiedlog != (CONSFILE *)0 || - (pCEServing->pCLwr == (CONSCLIENT *)0 && - pCEServing->unloved == FLAGTRUE)) { + pCEServing->pCLwr == (CONSCLIENT *)0) { /* run through the console ouptut, * add each character to the output line * drop and reset if we have too much @@ -2572,8 +2571,7 @@ continue; /* unloved */ - if (pCEServing->pCLwr == (CONSCLIENT *)0 && - pCEServing->unloved == FLAGTRUE) { + if (pCEServing->pCLwr == (CONSCLIENT *)0) { write(1, pCEServing->server, strlen(pCEServing->server)); write(1, ": ", 2); write(1, pCEServing->acline, pCEServing->iend); Those are different line numbers than what you said but the text looks to be the same. The patch didn't seem to have any effect. All I get on stdout is the login/logout messages with nothing in between. There is a difference in how conserver treats CRLF between -u and -U because when I run -Ufile I get 1 timestamp at the top and then never get another one. The only time -U logs timestamps is when I am actually logged in. I already adapted my tools to use a file (actually a named pipe) so I am happy with either making -u ouput everything or making -U act like -u in terms of CRLF. I just need one of them to work the way I want it to. -- Kevin On Wed, 22 Jun 2005, Bryan Stansell wrote: > Date: Wed, 22 Jun 2005 12:16:24 -0700 > From: Bryan Stansell > To: users@conserver.com > Subject: Re: logging of "loved" output > > On Wed, Jun 22, 2005 at 02:18:15PM -0400, Kevin Korb wrote: >> I have played with the -U option a bit trying to get it to output to >> stdout with things like -U- but that didn't work. I also discovered >> that -u and -U seem to handle CRLF translations differently which is a >> problem for me with -U. > > yep, you have to give a filename to -U. '-' isn't special - it'll just > create a file called '-'. > > you shouldn't see any difference between the -u and -U output as far as > cr/lf are concerned...the code is writing the same data to each. if you > end up seeing something, then it could be your tty doing translations of > that data when going to your terminal. > >> I took a look into the source code and attempted to comment out the if >> command that prevents the logging of loved output but that didn't seem >> to help and the conserver code is a bit too convoluted for my limited >> knowledge of C. Can anyone help with this? > > check out lines 2644 and 2656 of conserver/group.c. you'll see checks > for "pCEServing->pCLwr == (CONSCLIENT *)0". remove those and -u will > output everything. > > personally, i'd use -U with a filename and get the log parsing stuff to > just read from a file (lots of tools out there do that...gnu tail can > even do cool things to help). or, even better, i'd be logging all the > console data to individual files and letting something like logsurfer do > it's magic to watch them all. then you see *all* the data, instead of > the possibly-truncated info that -u/-U give you (yes, it truncates long > lines...because of the way it wants to output individual lines per > console, it has to buffer things to prevent madness on devices that > don't produce line-oriented output). > > anyway, good luck - and hopefully something here helps. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > From conserver@sanitarium.net Wed Jun 22 13:54:11 2005 Received: from asylum.sanitarium.net (asylum.sanitarium.net [24.173.162.174]) by underdog.stansell.org (8.13.4/8.13.4) with SMTP id j5MKs3fZ027407 for ; Wed, 22 Jun 2005 13:54:08 -0700 (PDT) Received: (qmail 8465 invoked by uid 12313); 22 Jun 2005 16:54:24 -0400 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 22 Jun 2005 16:54:24 -0400 Date: Wed, 22 Jun 2005 16:54:21 -0400 (EDT) From: Kevin Korb X-X-Sender: kmk@asylum.sanitarium.net To: users@conserver.com Subject: Re: logging of "loved" output In-Reply-To: <20050622191624.GF27090@underdog.stansell.org> Message-ID: References: <20050622191624.GF27090@underdog.stansell.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jun 2005 20:54:12 -0000 OK, I have it working the way I want it to now. The trick was to use the logfile option in the config file instead of -u or -U. That seems to be working perfectly for me. Thanks for the suggestion. -- Kevin On Wed, 22 Jun 2005, Bryan Stansell wrote: > Date: Wed, 22 Jun 2005 12:16:24 -0700 > From: Bryan Stansell > To: users@conserver.com > Subject: Re: logging of "loved" output > > On Wed, Jun 22, 2005 at 02:18:15PM -0400, Kevin Korb wrote: >> I have played with the -U option a bit trying to get it to output to >> stdout with things like -U- but that didn't work. I also discovered >> that -u and -U seem to handle CRLF translations differently which is a >> problem for me with -U. > > yep, you have to give a filename to -U. '-' isn't special - it'll just > create a file called '-'. > > you shouldn't see any difference between the -u and -U output as far as > cr/lf are concerned...the code is writing the same data to each. if you > end up seeing something, then it could be your tty doing translations of > that data when going to your terminal. > >> I took a look into the source code and attempted to comment out the if >> command that prevents the logging of loved output but that didn't seem >> to help and the conserver code is a bit too convoluted for my limited >> knowledge of C. Can anyone help with this? > > check out lines 2644 and 2656 of conserver/group.c. you'll see checks > for "pCEServing->pCLwr == (CONSCLIENT *)0". remove those and -u will > output everything. > > personally, i'd use -U with a filename and get the log parsing stuff to > just read from a file (lots of tools out there do that...gnu tail can > even do cool things to help). or, even better, i'd be logging all the > console data to individual files and letting something like logsurfer do > it's magic to watch them all. then you see *all* the data, instead of > the possibly-truncated info that -u/-U give you (yes, it truncates long > lines...because of the way it wants to output individual lines per > console, it has to buffer things to prevent madness on devices that > don't produce line-oriented output). > > anyway, good luck - and hopefully something here helps. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > From bryan@stansell.org Wed Jun 22 15:20:44 2005 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.13.4/8.13.4) with ESMTP id j5MMKhJ9028064 for ; Wed, 22 Jun 2005 15:20:43 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.13.4/8.13.4/Submit) id j5MMKh63028063 for users@conserver.com; Wed, 22 Jun 2005 15:20:43 -0700 (PDT) Date: Wed, 22 Jun 2005 15:20:43 -0700 From: Bryan Stansell To: users@conserver.com Subject: Re: logging of "loved" output Message-ID: <20050622222043.GK27090@underdog.stansell.org> References: <20050622191624.GF27090@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jun 2005 22:20:44 -0000 On Wed, Jun 22, 2005 at 03:37:48PM -0400, Kevin Korb wrote: > Those are different line numbers than what you said but the text looks > to be the same. The patch didn't seem to have any effect. All I get on > stdout is the login/logout messages with nothing in between. you zapped the wrong lines. you want to keep the 'unloved' stuff and nuke the 'pCLwr' stuff. > There is a difference in how conserver treats CRLF between -u and -U > because when I run -Ufile I get 1 timestamp at the top and then never > get another one. The only time -U logs timestamps is when I am actually > logged in. huh? as i said, conserver doesn't do anything different between the two methods...they both output the same data. now, interpreting things a bit differently, based on hints above, it could be that file buffering is biting you. stuff going to the file based on -U will, by default, be buffered to a block at a time...instead of line based or character based. is *that* what's happening? (all file output is that way, actually). what confuses me is you're saying things behave differently when you're logged in. i'm not seeing that behavior. if you could specify how to reproduce the problem, that would be good. your other message said the 'logfile' option helped. that just sends stuff that would have been stdout/stderr to a file. unless you hacked the -u code, you still wouldn't get output when users are attached. basically, i'm thoroughly confused. i'm glad it's working for you, but i'm hoping that if there are issues, i can get more details and fix things. Bryan From conserver@sanitarium.net Wed Jun 22 15:53:44 2005 Received: from asylum.sanitarium.net (asylum.sanitarium.net [24.173.162.174]) by underdog.stansell.org (8.13.4/8.13.4) with SMTP id j5MMrE71028268 for ; Wed, 22 Jun 2005 15:53:41 -0700 (PDT) Received: (qmail 1298 invoked by uid 12313); 22 Jun 2005 18:53:35 -0400 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 22 Jun 2005 18:53:35 -0400 Date: Wed, 22 Jun 2005 18:53:32 -0400 (EDT) From: Kevin Korb X-X-Sender: kmk@asylum.sanitarium.net To: Bryan Stansell Subject: Re: logging of "loved" output In-Reply-To: <20050622222043.GK27090@underdog.stansell.org> Message-ID: References: <20050622191624.GF27090@underdog.stansell.org> <20050622222043.GK27090@underdog.stansell.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jun 2005 22:53:45 -0000 OK, I went back to my log file from when I was testing with -U and at first it looks like what I described however when I dig into it with a hex editor I can see what is happening... When I was attached I saw: [timestamp] [port]*: data\r\n When I was NOT attached in I saw: [timestamp] [port]: \rdata\r\n This difference was probably just a tcsh vs syslog thing and not related to conserver. The first \r was overwriting the timestamp on my display and causing it to dissapear. The \r at the end was also getting truncated most of the time do to the length of the lines causing the results to look even more random. I am going to stick with my current setup for now since using the logfile option in the config file doesn't truncate the lines like -U and -u did. BTW, the I am not using conserver for the timestamping. I have timestamp set to "" in the config file and I am piping the output through multilog (http://cr.yp.to/daemontools/multilog.html) to get tai64n formatted timestamps instead which is why I wanted output to stdout before. Now I am getting that functionality by setting the logfile to a named pipe that multilog is reading. Not sure why the Linux consoles are putting in all those extra \r chars. Thanks for the help. -- Kevin On Wed, 22 Jun 2005, Bryan Stansell wrote: > Date: Wed, 22 Jun 2005 15:20:43 -0700 > From: Bryan Stansell > To: users@conserver.com > Subject: Re: logging of "loved" output > > On Wed, Jun 22, 2005 at 03:37:48PM -0400, Kevin Korb wrote: >> Those are different line numbers than what you said but the text looks >> to be the same. The patch didn't seem to have any effect. All I get on >> stdout is the login/logout messages with nothing in between. > > you zapped the wrong lines. you want to keep the 'unloved' stuff and > nuke the 'pCLwr' stuff. > >> There is a difference in how conserver treats CRLF between -u and -U >> because when I run -Ufile I get 1 timestamp at the top and then never >> get another one. The only time -U logs timestamps is when I am actually >> logged in. > > huh? as i said, conserver doesn't do anything different between the two > methods...they both output the same data. > > now, interpreting things a bit differently, based on hints above, it > could be that file buffering is biting you. stuff going to the file > based on -U will, by default, be buffered to a block at a time...instead > of line based or character based. is *that* what's happening? (all > file output is that way, actually). > > what confuses me is you're saying things behave differently when you're > logged in. i'm not seeing that behavior. if you could specify how to > reproduce the problem, that would be good. > > your other message said the 'logfile' option helped. that just sends > stuff that would have been stdout/stderr to a file. unless you hacked > the -u code, you still wouldn't get output when users are attached. > > basically, i'm thoroughly confused. i'm glad it's working for you, but > i'm hoping that if there are issues, i can get more details and fix > things. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > From phil@metallica.usc.edu Sat Jun 25 17:53:25 2005 Received: from metallica.usc.edu (metallica.usc.edu [128.125.10.57]) by underdog.stansell.org (8.13.4/8.13.4) with ESMTP id j5Q0rIdI014056 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 25 Jun 2005 17:53:24 -0700 (PDT) Received: from metallica.usc.edu (localhost.localdomain [127.0.0.1]) by metallica.usc.edu (8.12.11/8.12.11) with ESMTP id j5Q0rITo025142 for ; Sat, 25 Jun 2005 17:53:18 -0700 Received: (from phil@localhost) by metallica.usc.edu (8.12.11/8.12.11/Submit) id j5Q0rIev025141 for users@conserver.com; Sat, 25 Jun 2005 17:53:18 -0700 Date: Sat, 25 Jun 2005 17:53:17 -0700 From: Phil Dibowitz To: users@conserver.com Subject: [OT] Pinout for Equinox to Sun? Message-ID: <20050626005317.GK4602@usc.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="h/VGaWN5ITqlMCVM" Content-Disposition: inline User-Agent: Mutt/1.5.4i X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jun 2005 00:53:26 -0000 --h/VGaWN5ITqlMCVM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hey folks, This is a bit off-topic, but this is about the best place I can think to as= k. I have an equinox ELS16 terminal server and a sun I want to connect togethe= r, and their website has this wiring diagram: EQS-Sun 1-8 2-7 3-3 4-not used 5-6 6-5 7-not used 8-1 Which doesn't work at all. The sun is an old ultra2. This is all at home - = at work we use cyclades. Anyone have any pinouts that work from an EQS to a DB25 Sun serial port? --=20 Phil Dibowitz Systems Architect and Administrator Enterprise Infrastructure / ISD / USC UCC 180 - 213-821-5427 --h/VGaWN5ITqlMCVM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFCvfx97lkZ1Iyv898RAtXFAJ9US4uL+f3pc8IGlvebUiivk1DsxgCgvp47 5S1MXANmiMc8GY8sBMVzylw= =UEcj -----END PGP SIGNATURE----- --h/VGaWN5ITqlMCVM-- From phil@metallica.usc.edu Sat Jun 25 18:16:57 2005 Received: from metallica.usc.edu (metallica.usc.edu [128.125.10.57]) by underdog.stansell.org (8.13.4/8.13.4) with ESMTP id j5Q1GnsS014251 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 25 Jun 2005 18:16:55 -0700 (PDT) Received: from metallica.usc.edu (localhost.localdomain [127.0.0.1]) by metallica.usc.edu (8.12.11/8.12.11) with ESMTP id j5Q1Gntg025199 for ; Sat, 25 Jun 2005 18:16:49 -0700 Received: (from phil@localhost) by metallica.usc.edu (8.12.11/8.12.11/Submit) id j5Q1Gjb1025198 for users@conserver.com; Sat, 25 Jun 2005 18:16:45 -0700 Date: Sat, 25 Jun 2005 18:16:45 -0700 From: Phil Dibowitz To: users@conserver.com Subject: Re: [OT] Pinout for Equinox to Sun? Message-ID: <20050626011645.GL4602@usc.edu> References: <20050626005317.GK4602@usc.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="suroagWEfFHnktSq" Content-Disposition: inline In-Reply-To: <20050626005317.GK4602@usc.edu> User-Agent: Mutt/1.5.4i X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.6 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jun 2005 01:16:57 -0000 --suroagWEfFHnktSq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jun 25, 2005 at 05:53:17PM -0700, Phil Dibowitz wrote: > Hey folks, >=20 > This is a bit off-topic, but this is about the best place I can think to = ask. >=20 > I have an equinox ELS16 terminal server and a sun I want to connect toget= her, > and their website has this wiring diagram: Nevermind, I got it - had to piece together several charts, but the correct pinout is: EQS-Sun 1-5 2-6 3-2 4-notused 5-3 6-7 7-notused 8-4 --=20 Phil Dibowitz Systems Architect and Administrator Enterprise Infrastructure / ISD / USC UCC 180 - 213-821-5427 --suroagWEfFHnktSq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFCvgH97lkZ1Iyv898RAp1rAJ9rPdLOUSZjpPtJA6kZw5wcFdA0vACgoYyv CQAFofGLm+C2h3VgtU0gryk= =x9Ud -----END PGP SIGNATURE----- --suroagWEfFHnktSq--