if [ `sed -e 's/^#define \([^ ]*\).*/\1/' -e t -e d config.h | \
egrep 'HAVE_OPENSSL_BIO_H|HAVE_OPENSSL_ERR_H|HAVE_OPENSSL_SSL_H'|\
wc -l` -eq 3 ]; then \
- sed -e '/^#ifdef *HAVE_OPENSSL$$/d' \
- -e '/^#endif$$/d' "$$src" >"$@"; \
+ sed -e '/^#ifndef *HAVE_OPENSSL$$/,/^#endif$$/d' "$$src"; \
else \
- sed -e '/^#ifdef *HAVE_OPENSSL$$/,/^#endif$$/d' "$$src" >"$@"; \
- fi; \
+ sed -e '/^#ifdef *HAVE_OPENSSL$$/,/^#endif$$/d' "$$src"; \
+ fi | \
if sed -e 's/^#define \([^ ]*\).*/\1/' -e t -e d config.h | \
grep 'HAVE_SECURITY_PAM_APPL_H' >/dev/null 2>&1; then \
- sed -e '/^#ifdef *HAVE_PAM$$/d' \
- -e '/^#endif$$/d' "$$src" >"$@"; \
+ sed -e '/^#ifndef *HAVE_PAM$$/,/^#endif$$/d'; \
else \
- sed -e '/^#ifdef *HAVE_PAM$$/,/^#endif$$/d' "$$src" >"$@"; \
- fi
+ sed -e '/^#ifdef *HAVE_PAM$$/,/^#endif$$/d'; \
+ fi | \
+ sed -e '/^#/d' >"$@"
@out=`echo "$@" 2>/dev/null|sed -e 's/\.[^.]*$$/.ps/'`; \
man -Tps "./$@" >"$${out}" 2>/dev/null || rm -f "$${out}"
if [ `sed -e 's/^#define \([^ ]*\).*/\1/' -e t -e d config.h | \
egrep 'HAVE_OPENSSL_BIO_H|HAVE_OPENSSL_ERR_H|HAVE_OPENSSL_SSL_H'|\
wc -l` -eq 3 ]; then \
- sed -e '/^#ifdef *HAVE_OPENSSL$$/d' \
- -e '/^#endif$$/d' "$$src" >"$@"; \
+ sed -e '/^#ifndef *HAVE_OPENSSL$$/,/^#endif$$/d' "$$src"; \
else \
- sed -e '/^#ifdef *HAVE_OPENSSL$$/,/^#endif$$/d' "$$src" >"$@"; \
- fi; \
+ sed -e '/^#ifdef *HAVE_OPENSSL$$/,/^#endif$$/d' "$$src"; \
+ fi | \
if sed -e 's/^#define \([^ ]*\).*/\1/' -e t -e d config.h | \
grep 'HAVE_SECURITY_PAM_APPL_H' >/dev/null 2>&1; then \
- sed -e '/^#ifdef *HAVE_PAM$$/d' \
- -e '/^#endif$$/d' "$$src" >"$@"; \
+ sed -e '/^#ifndef *HAVE_PAM$$/,/^#endif$$/d'; \
else \
- sed -e '/^#ifdef *HAVE_PAM$$/,/^#endif$$/d' "$$src" >"$@"; \
- fi
+ sed -e '/^#ifdef *HAVE_PAM$$/,/^#endif$$/d'; \
+ fi | \
+ sed -e '/^#/d' >"$@"
@out=`echo "$@" 2>/dev/null|sed -e 's/\.[^.]*$$/.ps/'`; \
man -Tps "./$@" >"$${out}" 2>/dev/null || rm -f "$${out}"
#define STDC_HEADERS 1
/* Most recent revision number in the version control system */
-#define VCS_REVISION "153"
+#define VCS_REVISION "155"
/* Version number of package */
#define VERSION "2.9"
ac_compiler_gnu=$ac_cv_c_compiler_gnu
-VCS_REVISION=153
+VCS_REVISION=155
cat >>confdefs.h <<_ACEOF
dnl This is the one location where the authoritative version number is stored
AC_INIT(shellinabox, 2.9, markus@shellinabox.com)
-VCS_REVISION=153
+VCS_REVISION=155
AC_SUBST(VCS_REVISION)
AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
[Most recent revision number in the version control system])
};
VT100.prototype.about = function() {
- alert("VT100 Terminal Emulator " + "2.9 (revision 153)" +
+ alert("VT100 Terminal Emulator " + "2.9 (revision 155)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com");
};
};
ShellInABox.prototype.about = function() {
- alert("Shell In A Box version " + "2.9 (revision 153)" +
+ alert("Shell In A Box version " + "2.9 (revision 155)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com" +
(typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?
.TP
.B shellinaboxd
[\ \fB-b\fP\ | \fB--background\fP[\fB=\fP\fIpidfile\fP]\ ]
+#ifdef HAVE_OPENSSL
[\ \fB-c\fP\ | \fB--cert=\fP\fIcertdir\fP\ ]
+#endif
[\ \fB--cert-fd=\fP\fIfd\fP\ ]
[\ \fB--cgi\fP[\fB=\fP\fIportrange\fP]\ ]
[\ \fB-d\fP\ | \fB--debug\fP\ ]
[\ \fB-n\fP\ | \fB--numeric\fP\ ]
[\ \fB-p\fP\ | \fB--port=\fP\fIport\fP\ ]
[\ \fB-s\fP\ | \fB--service=\fP\fIservice\fP\ ]
+#ifdef HAVE_OPENSSL
[\ \fB-t\fP\ | \fB--disable-ssl\fP\ ]
+#endif
[\ \fB--disable-ssl-menu\fP\ ]
[\ \fB-q\fP\ | \fB--quiet\fP\ ]
[\ \fB-u\fP\ | \fB--user=\fP\fIuid\fP\ ]
.B shellinaboxd
as a background daemon process. Optionally, write the process id to
.IR pidfile .
+#ifdef HAVE_OPENSSL
.TP
\fB-c\fP\ |\ \fB--cert=\fP\fIcertdir\fP
If built with SSL/TLS support enabled, the daemon will look in
.B SNI
support, it does offer an alternative solution for securely providing
the private key data to the daemon.
+#endif
.TP
\fB--cgi\fP[\fB=\fP\fIportrange\fP]
Instead of running
\fB-s\fP\ |\ \fB--service=\fP\fIservice\fP
One or more services can be registered on different URL paths:
.in +4
-\fISERVICE\fP := <url-path> ':' \fIAPPLICATON\fP
+\fISERVICE\fP := <url-path> ':' \fIAPPLICATION\fP
.in
-There is one pre-defined \fIapplication\fP, 'LOGIN'. It causes the
+
+There is a pre-defined \fIapplication\fP, 'LOGIN', which causes the
daemon to invoke
.B /bin/login
-to request the user's name and password, and to start his
-login shell. This is the default option, if no
+requesting the user's name and password, and starting his
+login shell. This is the default option for the
+.B root
+user, if no
.B --service
was defined. Starting
.B /bin/login
.B root
privileges.
+There is another pre-defined \fIapplication\fP, 'SSH'. Instead of invoking
+.BR /bin/login ,
+it calls
+.BR ssh .
+This is the default option for unprivileged users, if no
+.B --service
+was defined. This operation is available to both privileged and regular
+users. If the optional \fIhost\fP parameter is omitted,
+.B shellinaboxd
+connects to
+.BR localhost .
+
Alternatively, an \fIapplication\fP can be specified by providing a
\fIuser\fP description, a working directory, and a command line:
.in +4
-\fIAPPLICATION\fP := 'LOGIN' | \fIUSER\fP ':' \fICWD\fP ':' <cmdline>
+\fIAPPLICATION\fP := 'LOGIN' | 'SSH' [ ':' <host> ] | \fIUSER\fP ':' \fICWD\fP ':' <cmdline>
#ifdef HAVE_PAM
.in
\fIservice\fP description:
.in +4
#endif
-\fIUSER\fP :=
#ifdef HAVE_PAM
-'AUTH' |
+\fIUSER\fP := 'AUTH' |
+#endif
+#ifndef HAVE_PAM
+\fIUSER\fP :=
#endif
<username> ':' <groupname>
.in
.B --service
has been requested,
.B shellinaboxd
-defaults to attaching
-.B /bin/login
-to the root directory of the web server. This is equivalent to saying
-.BR --service=/:LOGIN .
+defaults to attaching the default service to the root directory of the web
+server. For
+.BR root ,
+this is
+.BR /bin/login ,
+and for unprivileged users, this is \fBssh localhost\fP. This is equivalent
+to saying
+.BR --service=/:LOGIN ,
+or
+.BR --service=/:SSH ,
+respectively.
.RE
+#ifdef HAVE_OPENSSL
.TP
\fB-t\fP\ |\ \fB--disable-ssl\fP
By default,
This option is also useful during testing or for deployment in trusted
intranets, if SSL certificates are unavailable.
+#endif
.TP
\fB--disable-ssl-menu\fP
If the user should not be able to switch between HTTP and HTTPS modes, this
};
VT100.prototype.about = function() {
- alert("VT100 Terminal Emulator " + "2.9 (revision 153)" +
+ alert("VT100 Terminal Emulator " + "2.9 (revision 155)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com");
};