Use err(3). Put includes in alphabetical order.

Rewrote man page in mdoc format.
Document -v and -p flags.

5 files changed, 113 insertions, 132 deletions

diff --git a/usr.sbin/keyserv/crypt_server.c b/usr.sbin/keyserv/crypt_server.c
index 620ceaa..ff3f460 100644
--- a/usr.sbin/keyserv/crypt_server.c
+++ b/usr.sbin/keyserv/crypt_server.c
@@ -28,25 +28,24 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
- *	$Id: crypt_server.c,v 1.1.1.1 1997/05/28 15:44:22 wpaul Exp $
  */
 
-#include <stdio.h>
 #include <sys/types.h>
 #include <sys/param.h>
-#include <stdlib.h>
 #include <dirent.h>
+#include <dlfcn.h>
 #include <err.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
 #include <rpc/des_crypt.h>
 #include <rpc/des.h>
-#include <string.h>
-#include <dlfcn.h>
 #include "crypt.h"
 
 #ifndef lint
-static const char rcsid[] = "$Id: crypt_server.c,v 1.1.1.1 1997/05/28 15:44:22 wpaul Exp $";
-#endif
+static const char rcsid[] =
+	"$Id$";
+#endif /* not lint */
 
 /*
  * The U.S. government stupidly believes that a) it can keep strong
diff --git a/usr.sbin/keyserv/keyserv.8 b/usr.sbin/keyserv/keyserv.8
index 0ae24c4..48eac9b 100644
--- a/usr.sbin/keyserv/keyserv.8
+++ b/usr.sbin/keyserv/keyserv.8
@@ -1,77 +1,79 @@
 .\" @(#)keyserv.1m 1.21 93/07/14 SMI; from SVr4
-'\"macro stdmacro
+.\"macro stdmacro
 .\" Copyright 1989 AT&T
 .\" @(#)keyserv.8c 1.8 89/03/29 SMI;
 .\".TH KEYSERV 8C "9 September 1987"
-.nr X
-.TH keyserv 1M "14 Sep 1992"
-.SH NAME
-keyserv \- server for storing private encryption keys
-.SH SYNOPSIS
-.B keyserv 
-[
-.B \-d
-] [
-.B \-D
-] [
-.B \-n
-]
-.SH AVAILABILITY
-.LP
+.Dd September 14, 1992
+.Dt KEYSERV 8
+.Os
+.Sh NAME
+.Nm keyserv
+.Nd server for storing private encryption keys
+.Sh SYNOPSIS
+.Nm keyserv 
+.Op Fl d
+.Op Fl D
+.Op Fl n
+.Op Fl p Ar path
+.Op Fl v
+.Sh AVAILABILITY
 SUNWcsu
-.SH DESCRIPTION
-.IX "keyserv" "" "\fLkeyserv\fP \(em server for storing private encryption keys"
-.IX "NFS security" "server for storing private encryption keys" "" "server for storing private encryption keys \(em \fLkeyserv\fP"
-.IX "encryption keys"  "server for storing private keys" "" "server for storing private keys \(em \fLkeyserv\fP"
-.LP
-.B keyserv
+.Sh DESCRIPTION
+.Nm Keyserv
 is a daemon that is used for storing the
 private encryption keys of each
 user logged into the system.
 These encryption keys are used for accessing
 secure network services such as secure NFS.
-.P
+.Pp
 Normally, root's key is read from the file
-.B /etc/.rootkey
+.Pa /etc/.rootkey
 when the daemon is started.
 This is useful during power-fail reboots
 when no one is around to type a password. 
-.P
+.Pp
 If a client with no secret key calls 
-.BR keyserv , 
+.Nm keyserv , 
 then the key of user 
-.B nobody 
+.Em nobody 
 is used instead as the default key.
-.SH OPTIONS
-.TP 10
-.B \-d 
+.Pp
+The following options are available:
+.Bl -tag -width indent
+.It Fl d
 Disable the use of default keys for
-.BR nobody .
-.TP
-.B \-D 
+.Em nobody .
+.It Fl D
 Run in debugging mode and log all requests to 
-.BR keyserv .
-.TP
-.B \-n
+.Nm keyserv .
+.It Fl n
 Root's secret key is not read from
-.BR /etc/.rootkey .
+.Pa /etc/.rootkey .
 Instead,
-.B keyserv
+.Nm
 prompts the user for the password to decrypt
 root's key stored in the
-.B /etc/publickey
+.Pa /etc/publickey
 database and then stores the decrypted key in
-.B /etc/.rootkey
+.Pa /etc/.rootkey
 for future use.
 This option is useful if the
-.B /etc/.rootkey
+.Pa /etc/.rootkey
 file ever gets out of date or corrupted.
-.SH FILES
-.PD 0
-.TP 20
-.B /etc/.rootkey
-.PD
-.SH "SEE ALSO"
-.BR keylogin (1),
-.BR keylogout (1),
-.BR publickey (5)
+.It Fl p Ar path
+Specify where to search for
+.Pa libdes.so.3 .
+Default is
+.Pa /usr/lib .
+.It Fl v
+Display status of DES support (enabled/disabled).
+.El
+.Sh FILES
+.Bl -tag -width /usr/lib/libdes.so.3. -compact
+.It Pa /etc/.rootkey
+.It Pa /usr/lib/libdes.so.3.
+.El
+.Sh "SEE ALSO"
+.Xr keylogin 1 ,
+.Xr keylogout 1 ,
+.Xr publickey 5
diff --git a/usr.sbin/keyserv/keyserv.c b/usr.sbin/keyserv/keyserv.c
index fcf7090..e49dded 100644
--- a/usr.sbin/keyserv/keyserv.c
+++ b/usr.sbin/keyserv/keyserv.c
@@ -27,7 +27,13 @@
  * Mountain View, California  94043
  */
 
-#pragma ident	"@(#)keyserv.c	1.15	94/04/25 SMI"
+#ifndef lint
+#if 0
+static char sccsid[] = "@(#)keyserv.c	1.15	94/04/25 SMI";
+#endif
+static const char rcsid[] =
+	"$Id$";
+#endif /* not lint */
 
 /*
  * Copyright (c) 1986 - 1991 by Sun Microsystems, Inc.
@@ -41,18 +47,18 @@
  * process on the local transport only
  */
 
+#include <err.h>
+#include <pwd.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <pwd.h>
-#include <unistd.h>
 #include <string.h>
+#include <unistd.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <rpc/rpc.h>
 #include <rpc/pmap_clnt.h>
 #include <sys/param.h>
 #include <sys/file.h>
-#include <pwd.h>
 #include <rpc/des_crypt.h>
 #include <rpc/des.h>
 #include <rpc/key_prot.h>
@@ -107,8 +113,6 @@ main(argc, argv)
 	char *argv[];
 {
 	int nflag = 0;
-	extern char *optarg;
-	extern int optind;
 	int c;
 	register SVCXPRT *transp;
 	int sock = RPC_ANYSOCK;
@@ -142,10 +146,8 @@ main(argc, argv)
 
 	load_des(warn, path);
 	__des_crypt_LOCAL = _my_crypt;
-	if (svc_auth_reg(AUTH_DES, _svcauth_des) == -1) {
-		fprintf(stderr, "failed to register AUTH_DES authenticator\n");
-		exit(1);
-	}
+	if (svc_auth_reg(AUTH_DES, _svcauth_des) == -1)
+		errx(1, "failed to register AUTH_DES authenticator");
 
 	if (optind != argc) {
 		usage();
@@ -155,10 +157,8 @@ main(argc, argv)
 	 * Initialize
 	 */
 	(void) umask(066);	/* paranoia */
-	if (geteuid() != 0) {
-		(void) fprintf(stderr, "%s must be run as root\n", argv[0]);
-		exit(1);
-	}
+	if (geteuid() != 0)
+		errx(1, "keyserv must be run as root");
 	setmodulus(HEXMODULUS);
 	getrootkey(&masterkey, nflag);
 
@@ -170,51 +170,31 @@ main(argc, argv)
 	unlink(KEYSERVSOCK);
 
 	transp = svcudp_create(RPC_ANYSOCK);
-	if (transp == NULL) {
-		fprintf(stderr, "cannot create udp service.");
-		exit(1);
-	}
-	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, IPPROTO_UDP)) {
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS, udp).");
-		exit(1);
-	}
-	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, IPPROTO_UDP)) {
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS2, udp).");
-		exit(1);
-	}
+	if (transp == NULL)
+		errx(1, "cannot create udp service");
+	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, IPPROTO_UDP))
+		errx(1, "unable to register (KEY_PROG, KEY_VERS, udp)");
+	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, IPPROTO_UDP))
+		errx(1, "unable to register (KEY_PROG, KEY_VERS2, udp)");
 
 	transp = svctcp_create(RPC_ANYSOCK, 0, 0);
-	if (transp == NULL) {
-		fprintf(stderr, "cannot create tcp service.");
-		exit(1);
-	}
-	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, IPPROTO_TCP)) {
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS, tcp).");
-		exit(1);
-	}
-	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, IPPROTO_TCP)) {
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS2, tcp).");
-		exit(1);
-	}
+	if (transp == NULL)
+		errx(1, "cannot create tcp service");
+	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, IPPROTO_TCP))
+		errx(1, "unable to register (KEY_PROG, KEY_VERS, tcp)");
+	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, IPPROTO_TCP))
+		errx(1, "unable to register (KEY_PROG, KEY_VERS2, tcp)");
 
 	transp = svcunix_create(sock, 0, 0, KEYSERVSOCK);
 	chmod(KEYSERVSOCK, 0666);
-	if (transp == NULL) {
-		fprintf(stderr, "cannot create AF_UNIX service.");
-		exit(1);
-	}
-	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, 0)) {
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS, unix).");
-		exit(1);
-	}
-	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, 0)) {
-		fprintf(stderr, "unable to register (KEY_PROG, KEY_VERS2, unix).");
-		exit(1);
-	}
-	if (!svc_register(transp, CRYPT_PROG, CRYPT_VERS, crypt_prog_1, 0)) {
-		fprintf(stderr, "unable to register (CRYPT_PROG, CRYPT_VERS, unix).");
-		exit(1);
-	}
+	if (transp == NULL)
+		errx(1, "cannot create AF_UNIX service");
+	if (!svc_register(transp, KEY_PROG, KEY_VERS, keyprogram, 0))
+		errx(1, "unable to register (KEY_PROG, KEY_VERS, unix)");
+	if (!svc_register(transp, KEY_PROG, KEY_VERS2, keyprogram, 0))
+		errx(1, "unable to register (KEY_PROG, KEY_VERS2, unix)");
+	if (!svc_register(transp, CRYPT_PROG, CRYPT_VERS, crypt_prog_1, 0))
+		errx(1, "unable to register (CRYPT_PROG, CRYPT_VERS, unix)");
 
 	if (!debugging) {
 		daemon(0,0);
@@ -286,24 +266,21 @@ getrootkey(master, prompt)
 			return (0);
 		}
 		if (read(fd, secret, HEXKEYBYTES) < HEXKEYBYTES) {
-			(void) fprintf(stderr,
-			    "keyserv: the key read from %s was too short.\n",
-			    ROOTKEY);
+			warnx("the key read from %s was too short", ROOTKEY);
 			(void) close(fd);
 			return (0);
 		}
 		(void) close(fd);
 		if (!getnetname(name)) {
-		    (void) fprintf(stderr, "keyserv: \
-failed to generate host's netname when establishing root's key.\n");
+		    warnx(
+	"failed to generate host's netname when establishing root's key");
 		    return (0);
 		}
 		memcpy(netstore.st_priv_key, secret, HEXKEYBYTES);
 		memset(netstore.st_pub_key, 0, HEXKEYBYTES);
 		netstore.st_netname = name;
 		if (pk_netput(0, &netstore) != KEY_SUCCESS) {
-		    (void) fprintf(stderr,
-			"keyserv: could not set root's key and netname.\n");
+		    warnx("could not set root's key and netname");
 		    return (0);
 		}
 		return (1);
@@ -315,13 +292,11 @@ failed to generate host's netname when establishing root's key.\n");
 	passwd2des(passwd, (char *)master);
 	getnetname(name);
 	if (!getsecretkey(name, secret, passwd)) {
-		(void) fprintf(stderr,
-		"Can't find %s's secret key\n", name);
+		warnx("can't find %s's secret key", name);
 		return (0);
 	}
 	if (secret[0] == 0) {
-		(void) fprintf(stderr,
-	"Password does not decrypt secret key for %s\n", name);
+		warnx("password does not decrypt secret key for %s", name);
 		return (0);
 	}
 	(void) pk_setkey(0, secret);
diff --git a/usr.sbin/keyserv/keyserv_uid.c b/usr.sbin/keyserv/keyserv_uid.c
index f38e3b0..add3d33 100644
--- a/usr.sbin/keyserv/keyserv_uid.c
+++ b/usr.sbin/keyserv/keyserv_uid.c
@@ -28,24 +28,23 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
- *	$Id: keyserv_uid.c,v 1.13 1997/01/19 20:23:05 wpaul Exp $
  */
 
+#include <signal.h>
 #include <stdio.h>
-#include <sys/types.h>
 #include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
 #include <rpc/key_prot.h>
 #include <rpc/des.h>
-#include <signal.h>
 #include <sys/socket.h>
 #include <sys/param.h>
-#include <unistd.h>
 
 #include "keyserv.h"
 
 #ifndef lint
-static const char rcsid[] = "$Id: keyserv_uid.c,v 1.13 1997/01/19 20:23:05 wpaul Exp $";
+static const char rcsid[] =
+	"$Id$";
 #endif
 
 /*
diff --git a/usr.sbin/keyserv/setkey.c b/usr.sbin/keyserv/setkey.c
index bdafae9..8403913 100644
--- a/usr.sbin/keyserv/setkey.c
+++ b/usr.sbin/keyserv/setkey.c
@@ -27,7 +27,13 @@
  * Mountain View, California  94043
  */
 
-#pragma ident	"@(#)setkey.c	1.11	94/04/25 SMI"
+#ifndef lint
+#if 0
+static char sccsid[] = "@(#)setkey.c	1.11	94/04/25 SMI";
+#endif
+static const char rcsid[] =
+	"$Id$";
+#endif /* not lint */
 
 /*
  * Copyright (c) 1986 - 1991 by Sun Microsystems, Inc.
@@ -39,17 +45,17 @@
  * and use them to decrypt and encrypt DES keys.
  * Cache the common keys, so the expensive computation is avoided.
  */
+#include <mp.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #include <unistd.h>
 #include <sys/types.h>
-#include <mp.h>
 #include <rpc/rpc.h>
 #include <rpc/key_prot.h>
 #include <rpc/des_crypt.h>
 #include <rpc/des.h>
 #include <sys/errno.h>
-#include <string.h>
 #include "keyserv.h"
 
 static MINT *MODULUS;