Code merge and diff reduce with "base" telnet. This is the "later"

telnet, so it was treated as the reference code, except where later commits were made to "base" telnet.
2001-08-20 12:28:40 +00:00 · 2001-08-20 12:28:40 +00:00 · 62fa01a04b
commit 62fa01a04b
parent 83e59be2f6
50 changed files with 566 additions and 580 deletions
--- a/contrib/telnet/libtelnet/auth.h
+++ b/contrib/telnet/libtelnet/auth.h
@ -31,6 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)auth.h	8.1 (Berkeley) 6/4/93
+ * $FreeBSD$
 */

 /*
@ -83,5 +84,5 @@ typedef struct XauthP {

 #include "auth-proto.h"

-extern auth_debug_mode;
+extern int auth_debug_mode;
 #endif
--- a/contrib/telnet/libtelnet/enc_des.c
+++ b/contrib/telnet/libtelnet/enc_des.c
@ -52,7 +52,8 @@ static const char sccsid[] = "@(#)enc_des.c	8.3 (Berkeley) 5/30/95";
 #include "key-proto.h"
 #include "misc-proto.h"

-extern encrypt_debug_mode;
+extern int encrypt_debug_mode;
+void des_set_random_generator_seed(des_cblock *); /* XXX */

 #define	CFB	0
 #define	OFB	1
--- a/contrib/telnet/libtelnet/genget.c
+++ b/contrib/telnet/libtelnet/genget.c
@ -50,12 +50,11 @@ static const char rcsid[] =
 * the length is returned.  If *s1 is a prefix of *s2,
 * the length of *s1 is returned.
 */
-	int
-isprefix(s1, s2)
-	register char *s1, *s2;
+int
+isprefix(char *s1, char *s2)
 {
 	char *os1;
-	register char c1, c2;
+	char c1, c2;

 	if (*s1 == '\0')
 		return(-1);
@ -73,14 +72,11 @@ isprefix(s1, s2)

 static char *ambiguous;		/* special return value for command routines */

-	char **
-genget(name, table, stlen)
-	char	*name;		/* name to match */
-	char	**table;	/* name entry in table */
-	int	stlen;
+char **
+genget(char *name, char **table, int stlen)
 {
-	register char **c, **found;
-	register int n;
+	char **c, **found;
+	int n;

 	if (name == 0)
 	    return 0;
@ -101,9 +97,8 @@ genget(name, table, stlen)
 /*
 * Function call version of Ambiguous()
 */
-	int
-Ambiguous(s)
-	char **s;
+int
+Ambiguous(char *s)
 {
-	return(s == &ambiguous);
+	return((char **)s == &ambiguous);
 }
--- a/contrib/telnet/libtelnet/getent.c
+++ b/contrib/telnet/libtelnet/getent.c
@ -40,11 +40,15 @@ static const char rcsid[] =
 #endif
 #endif /* not lint */

+#ifdef	HAS_CGETENT
+#include <stdlib.h>
+#endif
+
 static char *area;

 /*ARGSUSED*/
-getent(cp, name)
-char *cp, *name;
+int
+getent(char *cp, char *name)
 {
 #ifdef	HAS_CGETENT
 	char *dba[2];
@ -60,8 +64,7 @@ char *cp, *name;
 #ifndef	SOLARIS
 /*ARGSUSED*/
 char *
-Getstr(id, cpp)
-char *id, **cpp;
+Getstr(char *id, char **cpp)
 {
 # ifdef	HAS_CGETENT
 	char *answer;
--- a/contrib/telnet/libtelnet/kerberos5.c
+++ b/contrib/telnet/libtelnet/kerberos5.c
@ -9,7 +9,7 @@ static
 #ifdef __STDC__
 const
 #endif
-char rcsid_kerberos5_c[] = "$Id: kerberos5.c,v 1.1 1997/09/04 06:11:15 markm Exp $";
+char rcsid_kerberos5_c[] = "$FreeBSD$";
 #endif /* lint */

 /*-
@ -46,7 +46,7 @@ char rcsid_kerberos5_c[] = "$Id: kerberos5.c,v 1.1 1997/09/04 06:11:15 markm Exp
 */

 #ifndef lint
-static char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";
+static const char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";
 #endif /* not lint */

 /*
@ -72,15 +72,14 @@ static char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";

 #ifdef	KRB5
 #include <arpa/telnet.h>
-#include <stdio.h>
-#include <krb5/krb5.h>
-#include <krb5/asn1.h>
-#include <krb5/crc-32.h>
-#include <krb5/los-proto.h>
-#include <krb5/ext-proto.h>
 #include <com_err.h>
-#include <netdb.h>
 #include <ctype.h>
+#include <krb5.h>
+#include <krb5_asn1.h>
+#include <netdb.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>

 /* kerberos 5 include files (ext-proto.h) will get an appropriate stdlib.h
   and string.h/strings.h */
@ -89,7 +88,7 @@ static char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";
 #include "auth.h"
 #include "misc.h"

-extern auth_debug_mode;
+extern int auth_debug_mode;

 #ifdef	FORWARD
 int forward_flags = 0;  /* Flags get set in telnet/main.c on -f and -F */
--- a/contrib/telnet/libtelnet/misc-proto.h
+++ b/contrib/telnet/libtelnet/misc-proto.h
@ -31,6 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)misc-proto.h	8.1 (Berkeley) 6/4/93
+ * $FreeBSD$
 */

 /*
@ -76,4 +77,5 @@ void net_encrypt P((void));
 int telnet_spin P((void));
 char *telnet_getenv P((char *));
 char *telnet_gets P((char *, char *, int, int));
+void printsub P((int, unsigned char *, int));
 #endif
--- a/contrib/telnet/libtelnet/misc.c
+++ b/contrib/telnet/libtelnet/misc.c
@ -43,8 +43,12 @@ static const char rcsid[] =
 #include <stdio.h>
 #include <stdlib.h>
 #include "misc.h"
+#if	defined(AUTHENTICATION)
 #include "auth.h"
+#endif
+#ifdef	ENCRYPTION
 #include "encrypt.h"
+#endif	/* ENCRYPTION */

 char *RemoteHostName;
 char *LocalHostName;
--- a/contrib/telnet/libtelnet/pk.c
+++ b/contrib/telnet/libtelnet/pk.c
@ -10,24 +10,24 @@
 	char secret[HEXKEYBYTES + 1];
 */

-#include <stdio.h>
 #include <sys/time.h>
-#include <string.h>
-#include <fcntl.h>
 #include <openssl/des.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
 #include "mp.h"
 #include "pk.h"
-#if defined(SOLARIS2) || defined(LINUX)
+#if defined(SOLARIS2) || defined(LINUX) || defined(__FreeBSD__)
 #include <stdlib.h>
 #endif
 
+static void adjust(char keyout[HEXKEYBYTES+1], char *keyin);
+
 /*
 * Choose top 128 bits of the common key to use as our idea key.
 */
-static
-extractideakey(ck, ideakey)
-        MINT *ck;
-        IdeaData *ideakey;
+static void
+extractideakey(MINT *ck, IdeaData *ideakey)
 {
        MINT *a;
        MINT *z;
@ -55,10 +55,8 @@ extractideakey(ck, ideakey)
 * Choose middle 64 bits of the common key to use as our des key, possibly
 * overwriting the lower order bits by setting parity. 
 */
-static
-extractdeskey(ck, deskey)
-        MINT *ck;
-        DesData *deskey;
+static void
+extractdeskey(MINT *ck, DesData *deskey)
 {
        MINT *a;
        MINT *z;
@ -85,7 +83,8 @@ extractdeskey(ck, deskey)
 /*
 * get common key from my secret key and his public key
 */
-void common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey)
+void
+common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey)
 {
        MINT *public;
        MINT *secret;
@ -109,55 +108,25 @@ void common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey
 	mfree(modulus);
 }

-
 /*
 * Generate a seed
 */
-void getseed(seed, seedsize)
-        char *seed;
-        int seedsize;
+void
+getseed(char *seed, int seedsize)
 {
-#if 0
-        int i,f;
-        int rseed;
-        struct timeval tv;
-	long devrand;
-
-        (void)gettimeofday(&tv, (struct timezone *)NULL);
-        rseed = tv.tv_sec + tv.tv_usec;
-/* XXX What the hell is this?! */
-        for (i = 0; i < 8; i++) {
-                rseed ^= (rseed << 8);
-        }
-
-	f=open("/dev/random",O_NONBLOCK|O_RDONLY);
-	if (f>=0)
-	{
-		read(f,&devrand,sizeof(devrand));
-		close(f);
-	}
-        srand48((long)rseed^devrand);
-
-        for (i = 0; i < seedsize; i++) {
-                seed[i] = (lrand48() & 0xff);
-        }
-#else
 	int i;

 	srandomdev();
 	for (i = 0; i < seedsize; i++) {
 		seed[i] = random() & 0xff;
 	}
-#endif
 }

-
 /*
 * Generate a random public/secret key pair
 */
-void genkeys(public, secret)
-        char *public;
-        char *secret;
+void
+genkeys(char *public, char *secret)
 {
        int i;
 
@ -200,9 +169,8 @@ void genkeys(public, secret)
 /*
 * Adjust the input key so that it is 0-filled on the left
 */
-adjust(keyout, keyin)
-        char keyout[HEXKEYBYTES+1];
-        char *keyin;
+static void
+adjust(char keyout[HEXKEYBYTES+1], char *keyin)
 {
        char *p;
        char *s;
@ -220,9 +188,8 @@ adjust(keyout, keyin)
 static char hextab[17] = "0123456789ABCDEF";

 /* given a DES key, cbc encrypt and translate input to terminated hex */
-void pk_encode(in, out, key)
-char *in,*out;
-DesData *key;
+void
+pk_encode(char *in, char *out, DesData *key)
 {
 	char buf[256];
 	DesData i;
@ -242,9 +209,8 @@ DesData *key;
 }

 /* given a DES key, translate input from hex and decrypt */
-void pk_decode(in, out, key)
-char *in,*out;
-DesData *key;
+void
+pk_decode(char *in, char *out, DesData *key)
 {
 	char buf[256];
 	DesData i;
--- a/contrib/telnet/libtelnet/sra.c
+++ b/contrib/telnet/libtelnet/sra.c
@ -15,8 +15,12 @@

 #if !defined(NOPAM)
 #include <security/pam_appl.h>
+#else
+#include <unistd.h>
 #endif

+#include <pwd.h>
+#include <syslog.h>
 #include <ttyent.h>

 #include "auth.h"
@ -32,8 +36,8 @@ IdeaData ik;
 extern int auth_debug_mode;
 extern char *line;

-static sra_valid = 0;
-static passwd_sent = 0;
+static int sra_valid = 0;
+static int passwd_sent = 0;

 static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
 			  		AUTHTYPE_SRA, };
@ -45,12 +49,11 @@ static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
 #define SRA_ACCEPT 4
 #define SRA_REJECT 5

+static int check_user(const char *, const char *);
+
 /* support routine to send out authentication message */
-static int Data(ap, type, d, c)
-Authenticator *ap;
-int type;
-void *d;
-int c;
+static int
+Data(Authenticator *ap, int type, void *d, int c)
 {
        unsigned char *p = str_data + 4;
 	unsigned char *cd = (unsigned char *)d;
@ -80,9 +83,8 @@ int c;
        return(net_write(str_data, p - str_data));
 }

-int sra_init(ap, server)
-Authenticator *ap;
-int server;
+int
+sra_init(Authenticator *ap, int server)
 {
 	if (server)
 		str_data[3] = TELQUAL_REPLY;
@ -105,8 +107,8 @@ int server;
 }

 /* client received a go-ahead for sra */
-int sra_send(ap)
-Authenticator *ap;
+int
+sra_send(Authenticator *ap)
 {
 	/* send PKA */

@ -123,10 +125,8 @@ Authenticator *ap;
 }

 /* server received an IS -- could be SRA KEY, USER, or PASS */
-void sra_is(ap, data, cnt)
-Authenticator *ap;
-unsigned char *data;
-int cnt;
+void
+sra_is(Authenticator *ap, unsigned char *data, int cnt)
 {
 	int valid;
 	Session_Key skey;
@ -217,13 +217,9 @@ bad:
 	auth_finished(ap, AUTH_REJECT);
 }

-extern char *getpass();
-
 /* client received REPLY -- could be SRA KEY, CONTINUE, ACCEPT, or REJECT */
-void sra_reply(ap, data, cnt)
-Authenticator *ap;
-unsigned char *data;
-int cnt;
+void
+sra_reply(Authenticator *ap, unsigned char *data, int cnt)
 {
 	extern char *telnet_gets();
 	char uprompt[256],tuser[256];
@ -322,10 +318,8 @@ int cnt;
 	}
 }

-int sra_status(ap, name, level)
-Authenticator *ap;
-char *name;
-int level;
+int
+sra_status(Authenticator *ap, char *name, int level)
 {
 	if (level < AUTH_USER)
 		return(level);
@ -339,9 +333,8 @@ int level;
 #define	BUMP(buf, len)		while (*(buf)) {++(buf), --(len);}
 #define	ADDC(buf, len, c)	if ((len) > 0) {*(buf)++ = (c); --(len);}

-void sra_printsub(data, cnt, buf, buflen)
-unsigned char *data, *buf;
-int cnt, buflen;
+void
+sra_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen)
 {
 	char lbuf[32];
 	register int i;
@ -405,8 +398,7 @@ struct	passwd *pw;
 * Helper function for sgetpwnam().
 */
 char *
-sgetsave(s)
-	char *s;
+sgetsave(char *s)
 {
 	char *new = malloc((unsigned) strlen(s) + 1);

@ -417,16 +409,8 @@ sgetsave(s)
 	return (new);
 }

-#include <pwd.h>
-#include <syslog.h>
-#ifdef USE_SHADOW
-#include <shadow.h>
-#endif
-
-
 struct passwd *
-sgetpwnam(name)
-	char *name;
+sgetpwnam(char *name)
 {
 	static struct passwd save;
 	register struct passwd *p;
@ -465,8 +449,7 @@ syslog(LOG_WARNING,"%s\n",save.pw_dir);
 }

 static int
-isroot(user)
-char *user;
+isroot(const char *user)
 {
 	struct passwd *pw;

@ -476,8 +459,7 @@ char *user;
 }

 static int
-rootterm(ttyn)
-char *ttyn;
+rootterm(char *ttyn)
 {
 	struct ttyent *t;

@ -485,11 +467,8 @@ char *ttyn;
 }

 #ifdef NOPAM
-char *crypt();
-
-int check_user(name, pass)
-char *name;
-char *pass;
+static int
+check_user(const char *name, const char *pass)
 {
 	register char *cp;
 	char *xpasswd, *salt;
@ -535,6 +514,7 @@ struct cred_t {
 };
 typedef struct cred_t cred_t;

+int
 auth_conv(int num_msg, const struct pam_message **msg,
 	struct pam_response **resp, void *appdata)
 {
@ -576,10 +556,10 @@ auth_conv(int num_msg, const struct pam_message **msg,
 /*
 * The PAM version as a side effect may put a new username in *name.
 */
-int check_user(const char *name, const char *pass)
+static int
+check_user(const char *name, const char *pass)
 {
 	pam_handle_t *pamh = NULL;
-	const char *tmpl_user;
 	const void *item;
 	int rval;
 	int e;
@ -623,7 +603,7 @@ int check_user(const char *name, const char *pass)
 		 */
 		if ((e = pam_get_item(pamh, PAM_USER, &item)) ==
 		    PAM_SUCCESS) {
-			strcpy(name, (const char *) item);
+			strcpy((char *) name, (const char *) item);
 		} else
 			syslog(LOG_ERR, "Couldn't get PAM_USER: %s",
 			pam_strerror(pamh, e));
--- a/contrib/telnet/telnet/commands.c
+++ b/contrib/telnet/telnet/commands.c
@ -53,6 +53,7 @@ static const char sccsid[] = "@(#)commands.c	8.4 (Berkeley) 5/30/95";
 #include <fcntl.h>
 #endif	/* CRAY */

+#include <string.h>
 #include <signal.h>
 #include <netdb.h>
 #include <ctype.h>
@ -63,6 +64,7 @@ static const char sccsid[] = "@(#)commands.c	8.4 (Berkeley) 5/30/95";
 #include <stdlib.h>

 #include <arpa/telnet.h>
+#include <arpa/inet.h>

 #include "general.h"

@ -88,10 +90,9 @@ static const char sccsid[] = "@(#)commands.c	8.4 (Berkeley) 5/30/95";
 #include <netinet/ip.h>
 #include <netinet/ip6.h>

-
-#ifndef	MAXHOSTNAMELEN
-#define	MAXHOSTNAMELEN 256
-#endif	MAXHOSTNAMELEN
+#ifndef       MAXHOSTNAMELEN
+#define       MAXHOSTNAMELEN 256
+#endif        MAXHOSTNAMELEN

 #if	defined(IPPROTO_IP) && defined(IP_TOS)
 int tos = -1;
@ -110,7 +111,6 @@ static int help(int argc, char *argv[]);
 static int call();
 static void cmdrc(char *m1, char *m2);
 static int switch_af(struct addrinfo **aip);
-
 int quit(void);

 typedef struct {
@ -125,11 +125,11 @@ static char saveline[256];
 static int margc;
 static char *margv[20];

-#if	defined(SKEY)
+#if	defined(OPIE)
 #include <sys/wait.h>
-#define PATH_SKEY	"/usr/bin/key"
+#define PATH_OPIEKEY	"/usr/bin/opiekey"
    int
-skey_calc(argc, argv)
+opie_calc(argc, argv)
 	int argc;
 	char **argv;
 {
@ -142,7 +142,7 @@ skey_calc(argc, argv)

 	switch(fork()) {
 	case 0:
-		execv(PATH_SKEY, argv);
+		execv(PATH_OPIEKEY, argv);
 		exit (1);
 	case -1:
 		perror("fork");
@ -1452,7 +1452,6 @@ shell(argc, argv)
 	     * Fire up the shell in the child.
 	     */
 	    register char *shellp, *shellname;
-	    extern char *strrchr();

 	    shellp = getenv("SHELL");
 	    if (shellp == NULL)
@ -1462,9 +1461,9 @@ shell(argc, argv)
 	    else
 		shellname++;
 	    if (argc > 1)
-		execl(shellp, shellname, "-c", &saveline[1], 0);
+		execl(shellp, shellname, "-c", &saveline[1], (char *)0);
 	    else
-		execl(shellp, shellname, 0);
+		execl(shellp, shellname, (char *)0);
 	    perror("Execl");
 	    _exit(1);
 	}
@ -1741,7 +1740,6 @@ env_init()
 	extern char **environ;
 	register char **epp, *cp;
 	register struct env_lst *ep;
-	extern char *strchr();

 	for (epp = environ; *epp; epp++) {
 		if ((cp = strchr(*epp, '='))) {
@ -2362,7 +2360,7 @@ tn(argc, argv)
    int argc;
    char *argv[];
 {
-    char *srp = 0, *strrchr();
+    char *srp = 0;
    int proto, opt;
    int sourceroute(), srlen;
    int srcroute = 0, result;
@ -2582,7 +2580,7 @@ tn(argc, argv)
 		tos = tp->t_tos;
 # endif
 	    if (tos < 0)
-		tos = 020;	/* Low Delay bit */
+		tos = IPTOS_LOWDELAY;
 	    if (tos
 		&& (setsockopt(net, IPPROTO_IP, IP_TOS,
 		    (char *)&tos, sizeof(int)) < 0)
@ -2711,8 +2709,8 @@ static char
 #if	defined(unix)
 	zhelp[] =	"suspend telnet",
 #endif	/* defined(unix) */
-#if	defined(SKEY)
-	skeyhelp[] =    "compute response to s/key challenge",
+#if	defined(OPIE)
+	opiehelp[] =    "compute response to OPIE challenge",
 #endif
 	shellhelp[] =	"invoke a subshell",
 	envhelp[] =	"change environment variables ('environ ?' for more)",
@ -2723,6 +2721,7 @@ static Command cmdtab[] = {
 	{ "logout",	logouthelp,	logout,		1 },
 	{ "display",	displayhelp,	display,	0 },
 	{ "mode",	modestring,	modecmd,	0 },
+	{ "telnet",	openhelp,	tn,		0 },
 	{ "open",	openhelp,	tn,		0 },
 	{ "quit",	quithelp,	quit,		0 },
 	{ "send",	sendhelp,	sendcmd,	0 },
@ -2750,8 +2749,8 @@ static Command cmdtab[] = {
 #endif
 	{ "environ",	envhelp,	env_cmd,	0 },
 	{ "?",		helphelp,	help,		0 },
-#if	defined(SKEY)
-	{ "skey",       skeyhelp,       skey_calc,      0 },
+#if	defined(OPIE)
+	{ "opie",       opiehelp,       opie_calc,      0 },
 #endif		
 	{ 0, 0, 0, 0 }
 };
@ -2901,6 +2900,7 @@ help(argc, argv)
 				printf("%-*s\t%s\n", HELPINDENT, c->name,
 								    c->help);
 			}
+		return 0;
 	}
 	else while (--argc > 0) {
 		register char *arg;
@ -2913,7 +2913,7 @@ help(argc, argv)
 		else
 			printf("%s\n", c->help);
 	}
-	return(0);
+	return 0;
 }

 static char *rcname = 0;
@ -3186,7 +3186,7 @@ sourceroute(ai, arg, cpp, lenp, protop, optp)
 			cp2 = 0;

 		hints.ai_flags = AI_NUMERICHOST;
- 		error = getaddrinfo(cp, NULL, &hints, &res);
+		error = getaddrinfo(cp, NULL, &hints, &res);
 		if (error == EAI_NODATA) {
 			hints.ai_flags = 0;
 			error = getaddrinfo(cp, NULL, &hints, &res);
@ -3260,6 +3260,3 @@ sourceroute(ai, arg, cpp, lenp, protop, optp)
 	freeaddrinfo(res);
 	return 1;
 }
-
-
-
--- a/contrib/telnet/telnet/main.c
+++ b/contrib/telnet/telnet/main.c
@ -46,6 +46,8 @@ static const char sccsid[] = "@(#)main.c	8.3 (Berkeley) 5/30/95";
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <stdlib.h>
+#include <string.h>
+#include <unistd.h>

 #include "ring.h"
 #include "externs.h"
@ -112,13 +114,8 @@ usage()
 	    "\n\t[-e char] [-l user] [-n tracefile] ",
 #endif
 #if defined(TN3270) && defined(unix)
-# ifdef AUTHENTICATION
-	    "[-noasynch] [-noasynctty]\n\t"
-	    "[-noasyncnet] [-r] [-s src_addr] [-t transcom] ",
-# else
 	    "[-noasynch] [-noasynctty] [-noasyncnet] [-r]\n\t"
 	    "[-s src_addr] [-t transcom] ",
-# endif
 #else
 	    "[-r] [-s src_addr] [-u] ",
 #endif
@ -143,10 +140,8 @@ main(argc, argv)
 	int argc;
 	char *argv[];
 {
-	extern char *optarg;
-	extern int optind;
 	int ch;
-	char *user, *strrchr();
+	char *user;
 	char *src_addr = NULL;
 #ifdef	FORWARD
 	extern int forward_flags;
@ -167,7 +162,11 @@ main(argc, argv)
 	user = NULL;

 	rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE;
+#ifdef AUTHENTICATION
 	autologin = 1;
+#else
+	autologin = -1;
+#endif

 #if defined(ENCRYPTION)
 	encrypt_auto(1);
@ -232,7 +231,11 @@ main(argc, argv)
 #endif
 			break;
 		case 'a':
+#ifdef	AUTHENTICATION
 			/* It's the default now, so ignore */
+#else
+			autologin = 1;
+#endif
 			break;
 		case 'c':
 			skiprc = 1;
@ -288,6 +291,11 @@ main(argc, argv)
 #endif
 			break;
 		case 'l':
+#ifdef	AUTHENTICATION
+			/* This is the default now, so ignore it */
+#else
+			autologin = 1;
+#endif
 			user = optarg;
 			break;
 		case 'n':
@ -326,12 +334,22 @@ main(argc, argv)
 			family = AF_UNIX;
 			break;
 		case 'x':
+#ifdef	ENCRYPTION
 			/* This is the default now, so ignore it */
+#else
+			fprintf(stderr,
+			    "%s: Warning: -x ignored, no ENCRYPT support.\n",
+								prompt);
+#endif	/* ENCRYPTION */
 			break;
 		case 'y':
 #ifdef	ENCRYPTION
 			encrypt_auto(0);
 			decrypt_auto(0);
+#else
+			fprintf(stderr,
+			    "%s: Warning: -y ignored, no ENCRYPT support.\n",
+								prompt);
 #endif	/* ENCRYPTION */
 			break;
 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
@ -350,6 +368,8 @@ main(argc, argv)
 			/* NOTREACHED */
 		}
 	}
+	if (autologin == -1)
+		autologin = (rlogin == _POSIX_VDISABLE) ? 0 : 1;

 	argc -= optind;
 	argv += optind;
--- a/contrib/telnet/telnet/ring.c
+++ b/contrib/telnet/telnet/ring.c
@ -51,8 +51,8 @@ static const char rcsid[] =
 *
 */

-#include	<stdio.h>
 #include	<errno.h>
+#include	<stdio.h>
 #include	<string.h>

 #ifdef	size_t
@ -105,9 +105,9 @@ static u_long ring_clock = 0;

 /* Buffer state transition routines */

-	int
-    ring_init(ring, buffer, count)
-Ring *ring;
+    int
+ring_init(ring, buffer, count)
+    Ring *ring;
    unsigned char *buffer;
    int count;
 {
@ -302,7 +302,7 @@ ring_supply_data(ring, buffer, count)

    while (count) {
 	i = MIN(count, ring_empty_consecutive(ring));
-	memmove(ring->supply, buffer, i);
+	memcpy(ring->supply, buffer, i);
 	ring_supplied(ring, i);
 	count -= i;
 	buffer += i;
@ -324,7 +324,7 @@ ring_consume_data(ring, buffer, count)

    while (count) {
 	i = MIN(count, ring_full_consecutive(ring));
-	memmove(buffer, ring->consume, i);
+	memcpy(buffer, ring->consume, i);
 	ring_consumed(ring, i);
 	count -= i;
 	buffer += i;
--- a/contrib/telnet/telnet/ring.h
+++ b/contrib/telnet/telnet/ring.h
@ -31,6 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)ring.h	8.1 (Berkeley) 6/6/93
+ * $FreeBSD$
 */

 #if defined(P)
@ -101,5 +102,5 @@ extern void
 #endif	/* ENCRYPTION */

 extern void
-    ring_clear_mark(),
-    ring_mark();
+    ring_clear_mark P((Ring *)),
+    ring_mark P((Ring *));
--- a/contrib/telnet/telnet/sys_bsd.c
+++ b/contrib/telnet/telnet/sys_bsd.c
@ -334,7 +334,7 @@ TerminalDefaultChars()
    nttyb.sg_kill = ottyb.sg_kill;
    nttyb.sg_erase = ottyb.sg_erase;
 #else	/* USE_TERMIO */
-    memmove(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc));
+    memcpy(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc));
 # ifndef	VDISCARD
    termFlushChar = CONTROL('O');
 # endif
@ -633,7 +633,7 @@ TerminalNewMode(f)
 	(void) signal(SIGINT, intr);
 #endif
 #ifdef  SIGQUIT
-        (void) signal(SIGQUIT, intr2);
+	(void) signal(SIGQUIT, intr2);
 #endif
 #ifdef	SIGTSTP
 	(void) signal(SIGTSTP, susp);
@ -1160,7 +1160,7 @@ process_rings(netin, netout, netex, ttyin, ttyout, poll)
 		    int i;
 		    i = recv(net, netiring.supply + c, canread - c, MSG_OOB);
 		    if (i == c &&
-			 memcmp(netiring.supply, netiring.supply + c, i) == 0) {
+			memcmp(netiring.supply, netiring.supply + c, i) == 0) {
 			bogus_oob = 1;
 			first = 0;
 		    } else if (i < 0) {
--- a/contrib/telnet/telnet/telnet.1
+++ b/contrib/telnet/telnet/telnet.1
@ -37,12 +37,12 @@
 .Os
 .Sh NAME
 .Nm telnet
-.Nd user interface to the 
+.Nd user interface to the
 .Tn TELNET
 protocol
 .Sh SYNOPSIS
 .Nm
-.Op Fl 468EFKLNcdfruy
+.Op Fl 468EFKLNacdfruxy
 .Op Fl S Ar tos
 .Op Fl X Ar authtype
 .Op Fl e Ar escapechar
@ -58,7 +58,7 @@ protocol
 The
 .Nm
 command
-is used to communicate with another host using the 
+is used to communicate with another host using the
 .Tn TELNET
 protocol.
 If
@ -114,7 +114,7 @@ or, on systems that support it, a symbolic
 TOS name found in the
 .Pa /etc/iptos
 file.
-.It Fl X Ar atype 
+.It Fl X Ar atype
 Disables the
 .Ar atype
 type of authentication.
@ -142,7 +142,7 @@ Sets the initial value of the
 .Ic debug
 toggle to
 .Dv TRUE .
-.It Fl e Ar escapechar 
+.It Fl e Ar escapechar
 Sets the initial
 .Nm
 escape character to
@ -165,7 +165,7 @@ realm
 .Ar realm
 instead of the remote host's realm, as determined by
 .Xr krb_realmofhost 3 .
-.It Fl l Ar user 
+.It Fl l Ar user
 When connecting to the remote system, if the remote system
 understands the
 .Ev ENVIRON
@ -179,7 +179,7 @@ option.
 This option may also be used with the
 .Ic open
 command.
-.It Fl n Ar tracefile 
+.It Fl n Ar tracefile
 Opens
 .Ar tracefile
 for recording trace information.
@ -252,7 +252,7 @@ either \*(Lqcharacter at a time\*(Rq
 or \*(Lqold line by line\*(Rq
 depending on what the remote system supports.
 .Pp
-When 
+When
 .Dv LINEMODE
 is enabled, character processing is done on the
 local system, under the control of the remote system.  When input
@ -271,7 +271,7 @@ to turn off and on the local echo
 (this would mostly be used to enter passwords
 without the password being echoed).
 .Pp
-If the 
+If the
 .Dv LINEMODE
 option is enabled, or if the
 .Ic localchars
@ -286,7 +286,7 @@ and
 characters are trapped locally, and sent as
 .Tn TELNET
 protocol sequences to the remote side.
-If 
+If
 .Dv LINEMODE
 has ever been enabled, then the user's
 .Ic susp
@ -297,9 +297,9 @@ are also sent as
 protocol sequences,
 and
 .Ic quit
-is sent as a 
+is sent as a
 .Dv TELNET ABORT
-instead of 
+instead of
 .Dv BREAK .
 There are options (see
 .Ic toggle
@ -340,7 +340,7 @@ and
 commands).
 .Pp
 .Bl -tag -width "mode type"
-.It Ic auth Ar argument ... 
+.It Ic auth Ar argument ...
 The auth command manipulates the information sent through the
 .Dv TELNET AUTHENTICATE
 option.  Valid arguments for the
@ -365,7 +365,7 @@ authentication.
 Close a
 .Tn TELNET
 session and return to command mode.
-.It Ic display Ar argument ... 
+.It Ic display Ar argument ...
 Displays all, or some, of the
 .Ic set
 and
@ -460,7 +460,7 @@ Valid arguments for the
 .Ic environ
 command are:
 .Bl -tag -width Fl
-.It Ic define Ar variable value 
+.It Ic define Ar variable value
 Define the variable
 .Ar variable
 to have a value of
@ -470,15 +470,15 @@ The
 .Ar value
 may be enclosed in single or double quotes so
 that tabs and spaces may be included.
-.It Ic undefine Ar variable 
+.It Ic undefine Ar variable
 Remove
 .Ar variable
 from the list of environment variables.
-.It Ic export Ar variable 
+.It Ic export Ar variable
 Mark the variable
 .Ar variable
 to be exported to the remote side.
-.It Ic unexport Ar variable 
+.It Ic unexport Ar variable
 Mark the variable
 .Ar variable
 to not be exported unless
@ -512,7 +512,7 @@ If the remote side also supports the concept of
 suspending a user's session for later reattachment,
 the logout argument indicates that you
 should terminate the session immediately.
-.It Ic mode Ar type 
+.It Ic mode Ar type
 .Ar Type
 is one of several options, depending on the state of the
 .Tn TELNET
@ -533,40 +533,40 @@ Enable the
 option, or, if the remote side does not understand the
 .Dv LINEMODE
 option, then attempt to enter \*(Lqold-line-by-line\*(Rq mode.
-.It Ic isig Pq Ic \-isig 
-Attempt to enable (disable) the 
+.It Ic isig Pq Ic \-isig
+Attempt to enable (disable) the
 .Dv TRAPSIG
-mode of the 
+mode of the
 .Dv LINEMODE
 option.
-This requires that the 
+This requires that the
 .Dv LINEMODE
 option be enabled.
-.It Ic edit Pq Ic \-edit 
-Attempt to enable (disable) the 
+.It Ic edit Pq Ic \-edit
+Attempt to enable (disable) the
 .Dv EDIT
-mode of the 
+mode of the
 .Dv LINEMODE
 option.
-This requires that the 
+This requires that the
 .Dv LINEMODE
 option be enabled.
-.It Ic softtabs Pq Ic \-softtabs 
-Attempt to enable (disable) the 
+.It Ic softtabs Pq Ic \-softtabs
+Attempt to enable (disable) the
 .Dv SOFT_TAB
-mode of the 
+mode of the
 .Dv LINEMODE
 option.
-This requires that the 
+This requires that the
 .Dv LINEMODE
 option be enabled.
-.It Ic litecho Pq Ic \-litecho 
-Attempt to enable (disable) the 
+.It Ic litecho Pq Ic \-litecho
+Attempt to enable (disable) the
 .Dv LIT_ECHO
-mode of the 
+mode of the
 .Dv LINEMODE
 option.
-This requires that the 
+This requires that the
 .Dv LINEMODE
 option be enabled.
 .It Ic ?\&
@ -623,7 +623,7 @@ Close any open
 session and exit
 .Nm .
 An end of file (in command mode) will also close a session and exit.
-.It Ic send Ar arguments 
+.It Ic send Ar arguments
 Sends one or more special character sequences to the remote host.
 The following are the arguments which may be specified
 (more than one argument may be specified at a time):
@ -745,8 +745,8 @@ Prints out help information for the
 .Ic send
 command.
 .El
-.It Ic set Ar argument value 
-.It Ic unset Ar argument value 
+.It Ic set Ar argument value
+.It Ic unset Ar argument value
 The
 .Ic set
 command will set any one of a number of
@ -1050,20 +1050,20 @@ Displays the legal
 .Pq Ic unset
 commands.
 .El
-.It Ic skey Ar sequence challenge 
+.It Ic opie Ar sequence challenge
 The
-.Ic skey
-command computes a response to the S/Key challenge.
-.It Ic slc Ar state 
+.Ic opie
+command computes a response to the OPIE challenge.
+.It Ic slc Ar state
 The
 .Ic slc
 command (Set Local Characters) is used to set
 or change the state of the special
-characters when the 
+characters when the
 .Dv TELNET LINEMODE
 option has
 been enabled.  Special characters are characters that get
-mapped to 
+mapped to
 .Tn TELNET
 commands sequences (like
 .Ic ip
@ -1089,7 +1089,7 @@ was started.
 .It Ic import
 Switch to the remote defaults for the special characters.
 The remote default characters are those of the remote system
-at the time when the 
+at the time when the
 .Tn TELNET
 connection was established.
 .It Ic ?\&
@ -1102,7 +1102,7 @@ Show the current status of
 .Nm .
 This includes the peer one is connected to, as well
 as the current mode.
-.It Ic toggle Ar arguments ... 
+.It Ic toggle Ar arguments ...
 Toggle (between
 .Dv TRUE
 and
@ -1365,17 +1365,17 @@ Suspend
 .Nm .
 This command only works when the user is using the
 .Xr csh  1  .
-.It Ic \&! Op Ar command 
+.It Ic \&! Op Ar command
 Execute a single command in a subshell on the local
 system.  If
 .Ar command
 is omitted, then an interactive
 subshell is invoked.
-.It Ic ?\& Op Ar command 
+.It Ic ?\& Op Ar command
 Get help.  With no arguments,
 .Nm
 prints a help summary.
-If 
+If
 .Ar command
 is specified,
 .Nm
@ -1413,11 +1413,10 @@ command appeared in
 .Pp
 IPv6 support was added by WIDE/KAME project.
 .Sh NOTES
-.Pp
 On some remote systems, echo has to be turned off manually when in
 \*(Lqold line by line\*(Rq mode.
 .Pp
-In \*(Lqold line by line\*(Rq mode or 
+In \*(Lqold line by line\*(Rq mode or
 .Dv LINEMODE
 the terminal's
 .Ic eof
--- a/contrib/telnet/telnet/telnet.c
+++ b/contrib/telnet/telnet/telnet.c
@ -53,9 +53,7 @@ static const char rcsid[] =
 #endif	/* defined(unix) */

 #include <arpa/telnet.h>
-
 #include <ctype.h>
-
 #include <stdlib.h>
 #include <unistd.h>

@ -126,7 +124,9 @@ int
 	clienteof = 0;

 char *prompt = 0;
+#ifdef ENCRYPTION
 char *line;		/* hack around breakage in sra.c :-( !! */
+#endif

 cc_t escape;
 cc_t rlogin;
@ -643,7 +643,7 @@ mklist(buf, name)
 	register char c, *cp, **argvp, *cp2, **argv, **avt;

 	if (name) {
-		if ((int)strlen(name) > 40) {
+		if (strlen(name) > 40) {
 			name = 0;
 			unknown[0] = name_unknown;
 		} else {
@ -802,7 +802,7 @@ gettermname()
 				(setupterm(tname, 1, &err) == 0)) {
 			tnamep = mklist(termbuf, tname);
 		} else {
-			if (tname && ((int)strlen(tname) <= 40)) {
+			if (tname && (strlen(tname) <= 40)) {
 				unknown[0] = tname;
 				upcase(tname);
 			} else
@ -2452,7 +2452,7 @@ netclear()
 		next = nextitem(next);
 	    } while (wewant(next) && (nfrontp > next));
 	    length = next-thisitem;
-	    memmove(good, thisitem, length);
+	    memcpy(good, thisitem, length);
 	    good += length;
 	    thisitem = next;
 	} else {
--- a/contrib/telnet/telnet/utilities.c
+++ b/contrib/telnet/telnet/utilities.c
@ -47,9 +47,8 @@ static const char rcsid[] =
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/time.h>
-#include <unistd.h>
-
 #include <ctype.h>
+#include <unistd.h>

 #include "general.h"

--- a/contrib/telnet/telnetd/ext.h
+++ b/contrib/telnet/telnetd/ext.h
@ -85,7 +85,7 @@ extern char *unptyip;  /* pointer to remaining characters in buffer */
 #endif

 extern int	pty, net;
-extern char	*line;
+extern char	line[16];
 extern int	SYNCHing;		/* we are in TELNET SYNCH mode */

 #ifndef	P
--- a/contrib/telnet/telnetd/pathnames.h
+++ b/contrib/telnet/telnetd/pathnames.h
@ -43,7 +43,7 @@
 # endif

 #else
- 
+
 # define	_PATH_TTY	"/dev/tty"
 # ifndef _PATH_LOGIN
 #  define	_PATH_LOGIN	"/bin/login"
--- a/contrib/telnet/telnetd/state.c
+++ b/contrib/telnet/telnetd/state.c
@ -721,6 +721,7 @@ wontoption(option)
 			 */
 			if (lmodetype != REAL_LINEMODE)
 				break;
+			lmodetype = KLUDGE_LINEMODE;
 # endif	/* KLUDGELINEMODE */
 			clientstat(TELOPT_LINEMODE, WONT, 0);
 			break;
@ -1551,10 +1552,14 @@ send_status()
 		if (my_want_state_is_will(i)) {
 			ADD(WILL);
 			ADD_DATA(i);
+			if (i == IAC)
+				ADD(IAC);
 		}
 		if (his_want_state_is_will(i)) {
 			ADD(DO);
 			ADD_DATA(i);
+			if (i == IAC)
+				ADD(IAC);
 		}
 	}

--- a/contrib/telnet/telnetd/sys_term.c
+++ b/contrib/telnet/telnetd/sys_term.c
@ -481,14 +481,10 @@ getnpty()
 *
 * Returns the file descriptor of the opened pty.
 */
-#ifndef	__GNUC__
-char *line = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-#else
-static char Xline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-char *line = Xline;
-#endif
 #ifdef	CRAY
-char *myline = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+char myline[16];
+#else
+char line[16];
 #endif	/* CRAY */

 	int
@ -517,7 +513,8 @@ int *ptynum;
 #endif

 #ifndef	__hpux
-	(void) strcpy(line, "/dev/ptyXX");
+	(void) strcpy(line, _PATH_DEV);
+	(void) strcat(line, "ptyXX");
 	p1 = &line[8];
 	p2 = &line[9];
 #else
@ -568,11 +565,11 @@ int *ptynum;
 	struct stat sb;

 	for (*ptynum = lowpty; *ptynum <= highpty; (*ptynum)++) {
-		(void) sprintf(myline, "/dev/pty/%03d", *ptynum);
+		(void) sprintf(myline, "%spty/%03d", _PATH_DEV, *ptynum);
 		p = open(myline, 2);
 		if (p < 0)
 			continue;
-		(void) sprintf(line, "/dev/ttyp%03d", *ptynum);
+		(void) sprintf(line, "%sp%03d", _PATH_TTY, *ptynum);
 		/*
 		 * Here are some shenanigans to make sure that there
 		 * are no listeners lurking on the line.
@ -1300,6 +1297,7 @@ cleanopen(line)
 		(void) signal(SIGHUP, SIG_IGN);
 		(void) ioctl(t, TCVHUP, (char *)0);
 		(void) signal(SIGHUP, SIG_DFL);
+		setpgrp();

 #ifdef	UNICOS7x
 		if (secflag) {
@ -1359,7 +1357,7 @@ login_tty(t)
 	 * the indirect /dev/tty interface.
 	 */
 	close(t);
-	if ((t = open("/dev/tty", O_RDWR)) < 0)
+	if ((t = open(_PATH_TTY, O_RDWR)) < 0)
 		fatalperror(net, "open(/dev/tty)");
 #  endif
 # else
@ -1452,7 +1450,7 @@ startslave(host, autologin, autoname)
 		wtmp.ut_pid = pid;
 		SCPYN(wtmp.ut_user, "LOGIN");
 		SCPYN(wtmp.ut_host, host);
-		SCPYN(wtmp.ut_line, line + sizeof("/dev/") - 1);
+		SCPYN(wtmp.ut_line, line + sizeof(_PATH_DEV) - 1);
 #ifndef	__hpux
 		SCPYN(wtmp.ut_id, wtmp.ut_line+3);
 #else
@ -1584,7 +1582,7 @@ start_login(host, autologin, name)

 	memset(&utmpx, 0, sizeof(utmpx));
 	SCPYN(utmpx.ut_user, ".telnet");
-	SCPYN(utmpx.ut_line, line + sizeof("/dev/") - 1);
+	SCPYN(utmpx.ut_line, line + sizeof(_PATH_DEV) - 1);
 	utmpx.ut_pid = pid;
 	utmpx.ut_id[0] = 't';
 	utmpx.ut_id[1] = 'n';
@ -1898,7 +1896,7 @@ cleanup(sig)
 # if (BSD > 43) || defined(convex)
 	char *p;

-	p = line + sizeof("/dev/") - 1;
+	p = line + sizeof(_PATH_DEV) - 1;
 	if (logout(p))
 		logwtmp(p, "", "");
 	(void)chmod(line, 0666);
@ -2209,7 +2207,7 @@ cleantmpdir(jid, tpath, user)
 							tpath);
 		break;
 	case 0:
-		execl(CLEANTMPCMD, CLEANTMPCMD, user, tpath, 0);
+		execl(CLEANTMPCMD, CLEANTMPCMD, user, tpath, (char *)0);
 		syslog(LOG_ERR, "TMPDIR cleanup(%s): execl(%s) failed: %m",
 							tpath, CLEANTMPCMD);
 		exit(1);
@ -2247,7 +2245,7 @@ rmut()
 	 * This updates the utmpx and utmp entries and make a wtmp/x entry
 	 */

-	SCPYN(utmpx.ut_line, line + sizeof("/dev/") - 1);
+	SCPYN(utmpx.ut_line, line + sizeof(_PATH_DEV) - 1);
 	utxp = getutxline(&utmpx);
 	if (utxp) {
 		utxp->ut_type = DEAD_PROCESS;
@ -2308,7 +2306,7 @@ rmut()
 	}
 	(void) chmod(line, 0666);
 	(void) chown(line, 0, 0);
-	line[strlen("/dev/")] = 'p';
+	line[strlen(_PATH_DEV)] = 'p';
 	(void) chmod(line, 0666);
 	(void) chown(line, 0, 0);
 }  /* end of rmut */
--- a/contrib/telnet/telnetd/telnetd.8
+++ b/contrib/telnet/telnetd/telnetd.8
@ -76,7 +76,7 @@ option may be used to start up
 .Nm
 manually, instead of through
 .Xr inetd 8 .
-If started up this way, 
+If started up this way,
 .Ar port
 may be specified to run
 .Nm
@ -156,7 +156,7 @@ to print out debugging information
 to the connection, allowing the user to see what
 .Nm
 is doing.
-There are several possible values for 
+There are several possible values for
 .Ar debugmode :
 .Bl -tag -width exercise
 .It Cm options
@ -164,7 +164,7 @@ Print information about the negotiation of
 .Tn TELNET
 options.
 .It Cm report
-Print the 
+Print the
 .Cm options
 information, plus some additional information
 about what processing is going on.
@ -339,7 +339,7 @@ a specific authentication type without having to recompile
 operates by allocating a pseudo-terminal device (see
 .Xr pty 4 )
 for a client, then creating a login process which has
-the slave side of the pseudo-terminal as 
+the slave side of the pseudo-terminal as
 .Dv stdin ,
 .Dv stdout
 and
@ -353,7 +353,7 @@ between the remote client and the login process.
 .Pp
 When a
 .Tn TELNET
-session is started up, 
+session is started up,
 .Nm
 sends
 .Tn TELNET
@ -432,7 +432,7 @@ Whenever a
 .Dv DO TIMING-MARK
 command is received, it is always responded
 to with a
-.Dv WILL TIMING-MARK
+.Dv WILL TIMING-MARK .
 .It "WILL LOGOUT"
 When a
 .Dv DO LOGOUT
@ -528,9 +528,34 @@ is compiled with support for data encryption, and
 indicates a willingness to decrypt
 the data stream.
 .El
+.Sh NOTES
+By default
+.Nm
+will read the
+.Em \&he ,
+.Em \&hn ,
+and
+.Em \&im
+capabilities from
+.Pa /etc/gettytab
+and use that information (if present) to determine
+what to display before the login: prompt. You can
+also use a System V style
+.Pa /etc/issue
+file by using the
+.Em \&if
+capability, which will override
+.Em \&im .
+The information specified in either
+.Em \&im
+or
+.Em \&if
+will be displayed to both console and remote logins.
+.\" .Sh ENVIRONMENT
 .Sh FILES
 .Bl -tag -width /usr/ucb/bftp -compact
 .It Pa /etc/services
+.It Pa /etc/gettytab
 .It Pa /etc/inittab
 (UNICOS systems only)
 .It Pa /etc/iptos
@ -541,6 +566,7 @@ the data stream.
 .Sh "SEE ALSO"
 .Xr bftp 1 ,
 .Xr login 1 ,
+.Xr gettytab 5 ,
 .Xr telnet 1
 (if supported)
 .Sh STANDARDS
--- a/contrib/telnet/telnetd/telnetd.c
+++ b/contrib/telnet/telnetd/telnetd.c
@ -60,7 +60,9 @@ static const char rcsid[] =
 #include <err.h>
 #include <arpa/inet.h>

+#include <sys/mman.h>
 #include <libutil.h>
+#include <paths.h>
 #include <utmp.h>

 #if	defined(_SC_CRAY_SECURE_SYS)
@ -847,7 +849,6 @@ doit(who)
 #else
 	for (;;) {
 		char *lp;
-		extern char *line, *getpty();

 		if ((lp = getpty()) == NULL)
 			fatal(net, "Out of ptys");
@ -867,10 +868,10 @@ doit(who)
 	if (secflag) {
 		char slave_dev[16];

-		sprintf(tty_dev, "/dev/pty/%03d", ptynum);
+		sprintf(tty_dev, "%spty/%03d", _PATH_DEV, ptynum);
 		if (setdevs(tty_dev, &dv) < 0)
 		 	fatal(net, "cannot set pty security");
-		sprintf(slave_dev, "/dev/ttyp%03d", ptynum);
+		sprintf(slave_dev, "%sp%03d", _PATH_TTY, ptynum);
 		if (setdevs(slave_dev, &dv) < 0)
 		 	fatal(net, "cannot set tty security");
 	}
@ -880,7 +881,7 @@ doit(who)
 	if (realhostname_sa(remote_hostname, sizeof(remote_hostname) - 1,
 	    who, who->sa_len) == HOSTNAME_INVALIDADDR && registerd_host_only)
 		fatal(net, "Couldn't resolve your address into a host name.\r\n\
-	 Please contact your net administrator");
+	Please contact your net administrator");
 	remote_hostname[sizeof(remote_hostname) - 1] = '\0';

 	trimdomain(remote_hostname, UT_HOSTSIZE);
--- a/contrib/telnet/telnetd/termstat.c
+++ b/contrib/telnet/telnetd/termstat.c
@ -171,30 +171,30 @@ localstat()

 	if (uselinemode) {
 		/*
-	 * Check for state of BINARY options.
+		 * Check for state of BINARY options.
 		 *
 		 * We only need to do the binary dance if we are actually going
 		 * to use linemode.  As this confuses some telnet clients
 		 * that don't support linemode, and doesn't gain us
 		 * anything, we don't do it unless we're doing linemode.
 		 * -Crh (henrich@msu.edu)
-	 */
+		 */

-	if (tty_isbinaryin()) {
-		if (his_want_state_is_wont(TELOPT_BINARY))
-			send_do(TELOPT_BINARY, 1);
-	} else {
-		if (his_want_state_is_will(TELOPT_BINARY))
-			send_dont(TELOPT_BINARY, 1);
-	}
+		if (tty_isbinaryin()) {
+			if (his_want_state_is_wont(TELOPT_BINARY))
+				send_do(TELOPT_BINARY, 1);
+		} else {
+			if (his_want_state_is_will(TELOPT_BINARY))
+				send_dont(TELOPT_BINARY, 1);
+		}

-	if (tty_isbinaryout()) {
-		if (my_want_state_is_wont(TELOPT_BINARY))
-			send_will(TELOPT_BINARY, 1);
-	} else {
-		if (my_want_state_is_will(TELOPT_BINARY))
-			send_wont(TELOPT_BINARY, 1);
-	}
+		if (tty_isbinaryout()) {
+			if (my_want_state_is_wont(TELOPT_BINARY))
+				send_will(TELOPT_BINARY, 1);
+		} else {
+			if (my_want_state_is_will(TELOPT_BINARY))
+				send_wont(TELOPT_BINARY, 1);
+		}
 	}

 #ifdef	ENCRYPTION
--- a/contrib/telnet/telnetd/utility.c
+++ b/contrib/telnet/telnetd/utility.c
@ -43,6 +43,7 @@ static const char rcsid[] =
 #include <locale.h>
 #include <sys/utsname.h>
 #endif
+#include <string.h>
 #define PRINTOPTIONS
 #include "telnetd.h"

@ -438,11 +439,6 @@ putf(cp, where)
 	char *slash;
 	time_t t;
 	char db[100];
-#ifdef	STREAMSPTY
-	extern char *strchr();
-#else
-	extern char *strrchr();
-#endif
 #ifdef __FreeBSD__
 	static struct utsname kerninfo;

--- a/crypto/telnet/libtelnet/auth.h
+++ b/crypto/telnet/libtelnet/auth.h
@ -31,6 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)auth.h	8.1 (Berkeley) 6/4/93
+ * $FreeBSD$
 */

 /*
@ -83,5 +84,5 @@ typedef struct XauthP {

 #include "auth-proto.h"

-extern auth_debug_mode;
+extern int auth_debug_mode;
 #endif
--- a/crypto/telnet/libtelnet/enc_des.c
+++ b/crypto/telnet/libtelnet/enc_des.c
@ -52,7 +52,8 @@ static const char sccsid[] = "@(#)enc_des.c	8.3 (Berkeley) 5/30/95";
 #include "key-proto.h"
 #include "misc-proto.h"

-extern encrypt_debug_mode;
+extern int encrypt_debug_mode;
+void des_set_random_generator_seed(des_cblock *); /* XXX */

 #define	CFB	0
 #define	OFB	1
--- a/crypto/telnet/libtelnet/genget.c
+++ b/crypto/telnet/libtelnet/genget.c
@ -50,12 +50,11 @@ static const char rcsid[] =
 * the length is returned.  If *s1 is a prefix of *s2,
 * the length of *s1 is returned.
 */
-	int
-isprefix(s1, s2)
-	register char *s1, *s2;
+int
+isprefix(char *s1, char *s2)
 {
 	char *os1;
-	register char c1, c2;
+	char c1, c2;

 	if (*s1 == '\0')
 		return(-1);
@ -73,14 +72,11 @@ isprefix(s1, s2)

 static char *ambiguous;		/* special return value for command routines */

-	char **
-genget(name, table, stlen)
-	char	*name;		/* name to match */
-	char	**table;	/* name entry in table */
-	int	stlen;
+char **
+genget(char *name, char **table, int stlen)
 {
-	register char **c, **found;
-	register int n;
+	char **c, **found;
+	int n;

 	if (name == 0)
 	    return 0;
@ -101,9 +97,8 @@ genget(name, table, stlen)
 /*
 * Function call version of Ambiguous()
 */
-	int
-Ambiguous(s)
-	char **s;
+int
+Ambiguous(char *s)
 {
-	return(s == &ambiguous);
+	return((char **)s == &ambiguous);
 }
--- a/crypto/telnet/libtelnet/getent.c
+++ b/crypto/telnet/libtelnet/getent.c
@ -40,11 +40,15 @@ static const char rcsid[] =
 #endif
 #endif /* not lint */

+#ifdef	HAS_CGETENT
+#include <stdlib.h>
+#endif
+
 static char *area;

 /*ARGSUSED*/
-getent(cp, name)
-char *cp, *name;
+int
+getent(char *cp, char *name)
 {
 #ifdef	HAS_CGETENT
 	char *dba[2];
@ -60,8 +64,7 @@ char *cp, *name;
 #ifndef	SOLARIS
 /*ARGSUSED*/
 char *
-Getstr(id, cpp)
-char *id, **cpp;
+Getstr(char *id, char **cpp)
 {
 # ifdef	HAS_CGETENT
 	char *answer;
--- a/crypto/telnet/libtelnet/kerberos5.c
+++ b/crypto/telnet/libtelnet/kerberos5.c
@ -9,7 +9,7 @@ static
 #ifdef __STDC__
 const
 #endif
-char rcsid_kerberos5_c[] = "$Id: kerberos5.c,v 1.1 1997/09/04 06:11:15 markm Exp $";
+char rcsid_kerberos5_c[] = "$FreeBSD$";
 #endif /* lint */

 /*-
@ -46,7 +46,7 @@ char rcsid_kerberos5_c[] = "$Id: kerberos5.c,v 1.1 1997/09/04 06:11:15 markm Exp
 */

 #ifndef lint
-static char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";
+static const char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";
 #endif /* not lint */

 /*
@ -72,15 +72,14 @@ static char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";

 #ifdef	KRB5
 #include <arpa/telnet.h>
-#include <stdio.h>
-#include <krb5/krb5.h>
-#include <krb5/asn1.h>
-#include <krb5/crc-32.h>
-#include <krb5/los-proto.h>
-#include <krb5/ext-proto.h>
 #include <com_err.h>
-#include <netdb.h>
 #include <ctype.h>
+#include <krb5.h>
+#include <krb5_asn1.h>
+#include <netdb.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>

 /* kerberos 5 include files (ext-proto.h) will get an appropriate stdlib.h
   and string.h/strings.h */
@ -89,7 +88,7 @@ static char sccsid[] = "@(#)kerberos5.c	8.3 (Berkeley) 5/30/95";
 #include "auth.h"
 #include "misc.h"

-extern auth_debug_mode;
+extern int auth_debug_mode;

 #ifdef	FORWARD
 int forward_flags = 0;  /* Flags get set in telnet/main.c on -f and -F */
--- a/crypto/telnet/libtelnet/misc-proto.h
+++ b/crypto/telnet/libtelnet/misc-proto.h
@ -31,6 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)misc-proto.h	8.1 (Berkeley) 6/4/93
+ * $FreeBSD$
 */

 /*
@ -76,4 +77,5 @@ void net_encrypt P((void));
 int telnet_spin P((void));
 char *telnet_getenv P((char *));
 char *telnet_gets P((char *, char *, int, int));
+void printsub P((int, unsigned char *, int));
 #endif
--- a/crypto/telnet/libtelnet/misc.c
+++ b/crypto/telnet/libtelnet/misc.c
@ -43,8 +43,12 @@ static const char rcsid[] =
 #include <stdio.h>
 #include <stdlib.h>
 #include "misc.h"
+#if	defined(AUTHENTICATION)
 #include "auth.h"
+#endif
+#ifdef	ENCRYPTION
 #include "encrypt.h"
+#endif	/* ENCRYPTION */

 char *RemoteHostName;
 char *LocalHostName;
--- a/crypto/telnet/libtelnet/pk.c
+++ b/crypto/telnet/libtelnet/pk.c
@ -10,24 +10,24 @@
 	char secret[HEXKEYBYTES + 1];
 */

-#include <stdio.h>
 #include <sys/time.h>
-#include <string.h>
-#include <fcntl.h>
 #include <openssl/des.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
 #include "mp.h"
 #include "pk.h"
-#if defined(SOLARIS2) || defined(LINUX)
+#if defined(SOLARIS2) || defined(LINUX) || defined(__FreeBSD__)
 #include <stdlib.h>
 #endif
 
+static void adjust(char keyout[HEXKEYBYTES+1], char *keyin);
+
 /*
 * Choose top 128 bits of the common key to use as our idea key.
 */
-static
-extractideakey(ck, ideakey)
-        MINT *ck;
-        IdeaData *ideakey;
+static void
+extractideakey(MINT *ck, IdeaData *ideakey)
 {
        MINT *a;
        MINT *z;
@ -55,10 +55,8 @@ extractideakey(ck, ideakey)
 * Choose middle 64 bits of the common key to use as our des key, possibly
 * overwriting the lower order bits by setting parity. 
 */
-static
-extractdeskey(ck, deskey)
-        MINT *ck;
-        DesData *deskey;
+static void
+extractdeskey(MINT *ck, DesData *deskey)
 {
        MINT *a;
        MINT *z;
@ -85,7 +83,8 @@ extractdeskey(ck, deskey)
 /*
 * get common key from my secret key and his public key
 */
-void common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey)
+void
+common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey)
 {
        MINT *public;
        MINT *secret;
@ -109,55 +108,25 @@ void common_key(char *xsecret, char *xpublic, IdeaData *ideakey, DesData *deskey
 	mfree(modulus);
 }

-
 /*
 * Generate a seed
 */
-void getseed(seed, seedsize)
-        char *seed;
-        int seedsize;
+void
+getseed(char *seed, int seedsize)
 {
-#if 0
-        int i,f;
-        int rseed;
-        struct timeval tv;
-	long devrand;
-
-        (void)gettimeofday(&tv, (struct timezone *)NULL);
-        rseed = tv.tv_sec + tv.tv_usec;
-/* XXX What the hell is this?! */
-        for (i = 0; i < 8; i++) {
-                rseed ^= (rseed << 8);
-        }
-
-	f=open("/dev/random",O_NONBLOCK|O_RDONLY);
-	if (f>=0)
-	{
-		read(f,&devrand,sizeof(devrand));
-		close(f);
-	}
-        srand48((long)rseed^devrand);
-
-        for (i = 0; i < seedsize; i++) {
-                seed[i] = (lrand48() & 0xff);
-        }
-#else
 	int i;

 	srandomdev();
 	for (i = 0; i < seedsize; i++) {
 		seed[i] = random() & 0xff;
 	}
-#endif
 }

-
 /*
 * Generate a random public/secret key pair
 */
-void genkeys(public, secret)
-        char *public;
-        char *secret;
+void
+genkeys(char *public, char *secret)
 {
        int i;
 
@ -200,9 +169,8 @@ void genkeys(public, secret)
 /*
 * Adjust the input key so that it is 0-filled on the left
 */
-adjust(keyout, keyin)
-        char keyout[HEXKEYBYTES+1];
-        char *keyin;
+static void
+adjust(char keyout[HEXKEYBYTES+1], char *keyin)
 {
        char *p;
        char *s;
@ -220,9 +188,8 @@ adjust(keyout, keyin)
 static char hextab[17] = "0123456789ABCDEF";

 /* given a DES key, cbc encrypt and translate input to terminated hex */
-void pk_encode(in, out, key)
-char *in,*out;
-DesData *key;
+void
+pk_encode(char *in, char *out, DesData *key)
 {
 	char buf[256];
 	DesData i;
@ -242,9 +209,8 @@ DesData *key;
 }

 /* given a DES key, translate input from hex and decrypt */
-void pk_decode(in, out, key)
-char *in,*out;
-DesData *key;
+void
+pk_decode(char *in, char *out, DesData *key)
 {
 	char buf[256];
 	DesData i;
--- a/crypto/telnet/libtelnet/sra.c
+++ b/crypto/telnet/libtelnet/sra.c
@ -15,8 +15,12 @@

 #if !defined(NOPAM)
 #include <security/pam_appl.h>
+#else
+#include <unistd.h>
 #endif

+#include <pwd.h>
+#include <syslog.h>
 #include <ttyent.h>

 #include "auth.h"
@ -32,8 +36,8 @@ IdeaData ik;
 extern int auth_debug_mode;
 extern char *line;

-static sra_valid = 0;
-static passwd_sent = 0;
+static int sra_valid = 0;
+static int passwd_sent = 0;

 static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
 			  		AUTHTYPE_SRA, };
@ -45,12 +49,11 @@ static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
 #define SRA_ACCEPT 4
 #define SRA_REJECT 5

+static int check_user(const char *, const char *);
+
 /* support routine to send out authentication message */
-static int Data(ap, type, d, c)
-Authenticator *ap;
-int type;
-void *d;
-int c;
+static int
+Data(Authenticator *ap, int type, void *d, int c)
 {
        unsigned char *p = str_data + 4;
 	unsigned char *cd = (unsigned char *)d;
@ -80,9 +83,8 @@ int c;
        return(net_write(str_data, p - str_data));
 }

-int sra_init(ap, server)
-Authenticator *ap;
-int server;
+int
+sra_init(Authenticator *ap, int server)
 {
 	if (server)
 		str_data[3] = TELQUAL_REPLY;
@ -105,8 +107,8 @@ int server;
 }

 /* client received a go-ahead for sra */
-int sra_send(ap)
-Authenticator *ap;
+int
+sra_send(Authenticator *ap)
 {
 	/* send PKA */

@ -123,10 +125,8 @@ Authenticator *ap;
 }

 /* server received an IS -- could be SRA KEY, USER, or PASS */
-void sra_is(ap, data, cnt)
-Authenticator *ap;
-unsigned char *data;
-int cnt;
+void
+sra_is(Authenticator *ap, unsigned char *data, int cnt)
 {
 	int valid;
 	Session_Key skey;
@ -217,13 +217,9 @@ bad:
 	auth_finished(ap, AUTH_REJECT);
 }

-extern char *getpass();
-
 /* client received REPLY -- could be SRA KEY, CONTINUE, ACCEPT, or REJECT */
-void sra_reply(ap, data, cnt)
-Authenticator *ap;
-unsigned char *data;
-int cnt;
+void
+sra_reply(Authenticator *ap, unsigned char *data, int cnt)
 {
 	extern char *telnet_gets();
 	char uprompt[256],tuser[256];
@ -322,10 +318,8 @@ int cnt;
 	}
 }

-int sra_status(ap, name, level)
-Authenticator *ap;
-char *name;
-int level;
+int
+sra_status(Authenticator *ap, char *name, int level)
 {
 	if (level < AUTH_USER)
 		return(level);
@ -339,9 +333,8 @@ int level;
 #define	BUMP(buf, len)		while (*(buf)) {++(buf), --(len);}
 #define	ADDC(buf, len, c)	if ((len) > 0) {*(buf)++ = (c); --(len);}

-void sra_printsub(data, cnt, buf, buflen)
-unsigned char *data, *buf;
-int cnt, buflen;
+void
+sra_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen)
 {
 	char lbuf[32];
 	register int i;
@ -405,8 +398,7 @@ struct	passwd *pw;
 * Helper function for sgetpwnam().
 */
 char *
-sgetsave(s)
-	char *s;
+sgetsave(char *s)
 {
 	char *new = malloc((unsigned) strlen(s) + 1);

@ -417,16 +409,8 @@ sgetsave(s)
 	return (new);
 }

-#include <pwd.h>
-#include <syslog.h>
-#ifdef USE_SHADOW
-#include <shadow.h>
-#endif
-
-
 struct passwd *
-sgetpwnam(name)
-	char *name;
+sgetpwnam(char *name)
 {
 	static struct passwd save;
 	register struct passwd *p;
@ -465,8 +449,7 @@ syslog(LOG_WARNING,"%s\n",save.pw_dir);
 }

 static int
-isroot(user)
-char *user;
+isroot(const char *user)
 {
 	struct passwd *pw;

@ -476,8 +459,7 @@ char *user;
 }

 static int
-rootterm(ttyn)
-char *ttyn;
+rootterm(char *ttyn)
 {
 	struct ttyent *t;

@ -485,11 +467,8 @@ char *ttyn;
 }

 #ifdef NOPAM
-char *crypt();
-
-int check_user(name, pass)
-char *name;
-char *pass;
+static int
+check_user(const char *name, const char *pass)
 {
 	register char *cp;
 	char *xpasswd, *salt;
@ -535,6 +514,7 @@ struct cred_t {
 };
 typedef struct cred_t cred_t;

+int
 auth_conv(int num_msg, const struct pam_message **msg,
 	struct pam_response **resp, void *appdata)
 {
@ -576,10 +556,10 @@ auth_conv(int num_msg, const struct pam_message **msg,
 /*
 * The PAM version as a side effect may put a new username in *name.
 */
-int check_user(const char *name, const char *pass)
+static int
+check_user(const char *name, const char *pass)
 {
 	pam_handle_t *pamh = NULL;
-	const char *tmpl_user;
 	const void *item;
 	int rval;
 	int e;
@ -623,7 +603,7 @@ int check_user(const char *name, const char *pass)
 		 */
 		if ((e = pam_get_item(pamh, PAM_USER, &item)) ==
 		    PAM_SUCCESS) {
-			strcpy(name, (const char *) item);
+			strcpy((char *) name, (const char *) item);
 		} else
 			syslog(LOG_ERR, "Couldn't get PAM_USER: %s",
 			pam_strerror(pamh, e));
--- a/crypto/telnet/telnet/commands.c
+++ b/crypto/telnet/telnet/commands.c
@ -53,6 +53,7 @@ static const char sccsid[] = "@(#)commands.c	8.4 (Berkeley) 5/30/95";
 #include <fcntl.h>
 #endif	/* CRAY */

+#include <string.h>
 #include <signal.h>
 #include <netdb.h>
 #include <ctype.h>
@ -63,6 +64,7 @@ static const char sccsid[] = "@(#)commands.c	8.4 (Berkeley) 5/30/95";
 #include <stdlib.h>

 #include <arpa/telnet.h>
+#include <arpa/inet.h>

 #include "general.h"

@ -88,10 +90,9 @@ static const char sccsid[] = "@(#)commands.c	8.4 (Berkeley) 5/30/95";
 #include <netinet/ip.h>
 #include <netinet/ip6.h>

-
-#ifndef	MAXHOSTNAMELEN
-#define	MAXHOSTNAMELEN 256
-#endif	MAXHOSTNAMELEN
+#ifndef       MAXHOSTNAMELEN
+#define       MAXHOSTNAMELEN 256
+#endif        MAXHOSTNAMELEN

 #if	defined(IPPROTO_IP) && defined(IP_TOS)
 int tos = -1;
@ -110,7 +111,6 @@ static int help(int argc, char *argv[]);
 static int call();
 static void cmdrc(char *m1, char *m2);
 static int switch_af(struct addrinfo **aip);
-
 int quit(void);

 typedef struct {
@ -125,11 +125,11 @@ static char saveline[256];
 static int margc;
 static char *margv[20];

-#if	defined(SKEY)
+#if	defined(OPIE)
 #include <sys/wait.h>
-#define PATH_SKEY	"/usr/bin/key"
+#define PATH_OPIEKEY	"/usr/bin/opiekey"
    int
-skey_calc(argc, argv)
+opie_calc(argc, argv)
 	int argc;
 	char **argv;
 {
@ -142,7 +142,7 @@ skey_calc(argc, argv)

 	switch(fork()) {
 	case 0:
-		execv(PATH_SKEY, argv);
+		execv(PATH_OPIEKEY, argv);
 		exit (1);
 	case -1:
 		perror("fork");
@ -1452,7 +1452,6 @@ shell(argc, argv)
 	     * Fire up the shell in the child.
 	     */
 	    register char *shellp, *shellname;
-	    extern char *strrchr();

 	    shellp = getenv("SHELL");
 	    if (shellp == NULL)
@ -1462,9 +1461,9 @@ shell(argc, argv)
 	    else
 		shellname++;
 	    if (argc > 1)
-		execl(shellp, shellname, "-c", &saveline[1], 0);
+		execl(shellp, shellname, "-c", &saveline[1], (char *)0);
 	    else
-		execl(shellp, shellname, 0);
+		execl(shellp, shellname, (char *)0);
 	    perror("Execl");
 	    _exit(1);
 	}
@ -1741,7 +1740,6 @@ env_init()
 	extern char **environ;
 	register char **epp, *cp;
 	register struct env_lst *ep;
-	extern char *strchr();

 	for (epp = environ; *epp; epp++) {
 		if ((cp = strchr(*epp, '='))) {
@ -2362,7 +2360,7 @@ tn(argc, argv)
    int argc;
    char *argv[];
 {
-    char *srp = 0, *strrchr();
+    char *srp = 0;
    int proto, opt;
    int sourceroute(), srlen;
    int srcroute = 0, result;
@ -2582,7 +2580,7 @@ tn(argc, argv)
 		tos = tp->t_tos;
 # endif
 	    if (tos < 0)
-		tos = 020;	/* Low Delay bit */
+		tos = IPTOS_LOWDELAY;
 	    if (tos
 		&& (setsockopt(net, IPPROTO_IP, IP_TOS,
 		    (char *)&tos, sizeof(int)) < 0)
@ -2711,8 +2709,8 @@ static char
 #if	defined(unix)
 	zhelp[] =	"suspend telnet",
 #endif	/* defined(unix) */
-#if	defined(SKEY)
-	skeyhelp[] =    "compute response to s/key challenge",
+#if	defined(OPIE)
+	opiehelp[] =    "compute response to OPIE challenge",
 #endif
 	shellhelp[] =	"invoke a subshell",
 	envhelp[] =	"change environment variables ('environ ?' for more)",
@ -2723,6 +2721,7 @@ static Command cmdtab[] = {
 	{ "logout",	logouthelp,	logout,		1 },
 	{ "display",	displayhelp,	display,	0 },
 	{ "mode",	modestring,	modecmd,	0 },
+	{ "telnet",	openhelp,	tn,		0 },
 	{ "open",	openhelp,	tn,		0 },
 	{ "quit",	quithelp,	quit,		0 },
 	{ "send",	sendhelp,	sendcmd,	0 },
@ -2750,8 +2749,8 @@ static Command cmdtab[] = {
 #endif
 	{ "environ",	envhelp,	env_cmd,	0 },
 	{ "?",		helphelp,	help,		0 },
-#if	defined(SKEY)
-	{ "skey",       skeyhelp,       skey_calc,      0 },
+#if	defined(OPIE)
+	{ "opie",       opiehelp,       opie_calc,      0 },
 #endif		
 	{ 0, 0, 0, 0 }
 };
@ -2901,6 +2900,7 @@ help(argc, argv)
 				printf("%-*s\t%s\n", HELPINDENT, c->name,
 								    c->help);
 			}
+		return 0;
 	}
 	else while (--argc > 0) {
 		register char *arg;
@ -2913,7 +2913,7 @@ help(argc, argv)
 		else
 			printf("%s\n", c->help);
 	}
-	return(0);
+	return 0;
 }

 static char *rcname = 0;
@ -3186,7 +3186,7 @@ sourceroute(ai, arg, cpp, lenp, protop, optp)
 			cp2 = 0;

 		hints.ai_flags = AI_NUMERICHOST;
- 		error = getaddrinfo(cp, NULL, &hints, &res);
+		error = getaddrinfo(cp, NULL, &hints, &res);
 		if (error == EAI_NODATA) {
 			hints.ai_flags = 0;
 			error = getaddrinfo(cp, NULL, &hints, &res);
@ -3260,6 +3260,3 @@ sourceroute(ai, arg, cpp, lenp, protop, optp)
 	freeaddrinfo(res);
 	return 1;
 }
-
-
-
--- a/crypto/telnet/telnet/main.c
+++ b/crypto/telnet/telnet/main.c
@ -46,6 +46,8 @@ static const char sccsid[] = "@(#)main.c	8.3 (Berkeley) 5/30/95";
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <stdlib.h>
+#include <string.h>
+#include <unistd.h>

 #include "ring.h"
 #include "externs.h"
@ -112,13 +114,8 @@ usage()
 	    "\n\t[-e char] [-l user] [-n tracefile] ",
 #endif
 #if defined(TN3270) && defined(unix)
-# ifdef AUTHENTICATION
-	    "[-noasynch] [-noasynctty]\n\t"
-	    "[-noasyncnet] [-r] [-s src_addr] [-t transcom] ",
-# else
 	    "[-noasynch] [-noasynctty] [-noasyncnet] [-r]\n\t"
 	    "[-s src_addr] [-t transcom] ",
-# endif
 #else
 	    "[-r] [-s src_addr] [-u] ",
 #endif
@ -143,10 +140,8 @@ main(argc, argv)
 	int argc;
 	char *argv[];
 {
-	extern char *optarg;
-	extern int optind;
 	int ch;
-	char *user, *strrchr();
+	char *user;
 	char *src_addr = NULL;
 #ifdef	FORWARD
 	extern int forward_flags;
@ -167,7 +162,11 @@ main(argc, argv)
 	user = NULL;

 	rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE;
+#ifdef AUTHENTICATION
 	autologin = 1;
+#else
+	autologin = -1;
+#endif

 #if defined(ENCRYPTION)
 	encrypt_auto(1);
@ -232,7 +231,11 @@ main(argc, argv)
 #endif
 			break;
 		case 'a':
+#ifdef	AUTHENTICATION
 			/* It's the default now, so ignore */
+#else
+			autologin = 1;
+#endif
 			break;
 		case 'c':
 			skiprc = 1;
@ -288,6 +291,11 @@ main(argc, argv)
 #endif
 			break;
 		case 'l':
+#ifdef	AUTHENTICATION
+			/* This is the default now, so ignore it */
+#else
+			autologin = 1;
+#endif
 			user = optarg;
 			break;
 		case 'n':
@ -326,12 +334,22 @@ main(argc, argv)
 			family = AF_UNIX;
 			break;
 		case 'x':
+#ifdef	ENCRYPTION
 			/* This is the default now, so ignore it */
+#else
+			fprintf(stderr,
+			    "%s: Warning: -x ignored, no ENCRYPT support.\n",
+								prompt);
+#endif	/* ENCRYPTION */
 			break;
 		case 'y':
 #ifdef	ENCRYPTION
 			encrypt_auto(0);
 			decrypt_auto(0);
+#else
+			fprintf(stderr,
+			    "%s: Warning: -y ignored, no ENCRYPT support.\n",
+								prompt);
 #endif	/* ENCRYPTION */
 			break;
 #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC)
@ -350,6 +368,8 @@ main(argc, argv)
 			/* NOTREACHED */
 		}
 	}
+	if (autologin == -1)
+		autologin = (rlogin == _POSIX_VDISABLE) ? 0 : 1;

 	argc -= optind;
 	argv += optind;
--- a/crypto/telnet/telnet/ring.c
+++ b/crypto/telnet/telnet/ring.c
@ -51,8 +51,8 @@ static const char rcsid[] =
 *
 */

-#include	<stdio.h>
 #include	<errno.h>
+#include	<stdio.h>
 #include	<string.h>

 #ifdef	size_t
@ -105,9 +105,9 @@ static u_long ring_clock = 0;

 /* Buffer state transition routines */

-	int
-    ring_init(ring, buffer, count)
-Ring *ring;
+    int
+ring_init(ring, buffer, count)
+    Ring *ring;
    unsigned char *buffer;
    int count;
 {
@ -302,7 +302,7 @@ ring_supply_data(ring, buffer, count)

    while (count) {
 	i = MIN(count, ring_empty_consecutive(ring));
-	memmove(ring->supply, buffer, i);
+	memcpy(ring->supply, buffer, i);
 	ring_supplied(ring, i);
 	count -= i;
 	buffer += i;
@ -324,7 +324,7 @@ ring_consume_data(ring, buffer, count)

    while (count) {
 	i = MIN(count, ring_full_consecutive(ring));
-	memmove(buffer, ring->consume, i);
+	memcpy(buffer, ring->consume, i);
 	ring_consumed(ring, i);
 	count -= i;
 	buffer += i;
--- a/crypto/telnet/telnet/ring.h
+++ b/crypto/telnet/telnet/ring.h
@ -31,6 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)ring.h	8.1 (Berkeley) 6/6/93
+ * $FreeBSD$
 */

 #if defined(P)
@ -101,5 +102,5 @@ extern void
 #endif	/* ENCRYPTION */

 extern void
-    ring_clear_mark(),
-    ring_mark();
+    ring_clear_mark P((Ring *)),
+    ring_mark P((Ring *));
--- a/crypto/telnet/telnet/sys_bsd.c
+++ b/crypto/telnet/telnet/sys_bsd.c
@ -334,7 +334,7 @@ TerminalDefaultChars()
    nttyb.sg_kill = ottyb.sg_kill;
    nttyb.sg_erase = ottyb.sg_erase;
 #else	/* USE_TERMIO */
-    memmove(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc));
+    memcpy(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc));
 # ifndef	VDISCARD
    termFlushChar = CONTROL('O');
 # endif
@ -633,7 +633,7 @@ TerminalNewMode(f)
 	(void) signal(SIGINT, intr);
 #endif
 #ifdef  SIGQUIT
-        (void) signal(SIGQUIT, intr2);
+	(void) signal(SIGQUIT, intr2);
 #endif
 #ifdef	SIGTSTP
 	(void) signal(SIGTSTP, susp);
@ -1160,7 +1160,7 @@ process_rings(netin, netout, netex, ttyin, ttyout, poll)
 		    int i;
 		    i = recv(net, netiring.supply + c, canread - c, MSG_OOB);
 		    if (i == c &&
-			 memcmp(netiring.supply, netiring.supply + c, i) == 0) {
+			memcmp(netiring.supply, netiring.supply + c, i) == 0) {
 			bogus_oob = 1;
 			first = 0;
 		    } else if (i < 0) {
--- a/crypto/telnet/telnet/telnet.1
+++ b/crypto/telnet/telnet/telnet.1
@ -37,12 +37,12 @@
 .Os
 .Sh NAME
 .Nm telnet
-.Nd user interface to the 
+.Nd user interface to the
 .Tn TELNET
 protocol
 .Sh SYNOPSIS
 .Nm
-.Op Fl 468EFKLNcdfruy
+.Op Fl 468EFKLNacdfruxy
 .Op Fl S Ar tos
 .Op Fl X Ar authtype
 .Op Fl e Ar escapechar
@ -58,7 +58,7 @@ protocol
 The
 .Nm
 command
-is used to communicate with another host using the 
+is used to communicate with another host using the
 .Tn TELNET
 protocol.
 If
@ -114,7 +114,7 @@ or, on systems that support it, a symbolic
 TOS name found in the
 .Pa /etc/iptos
 file.
-.It Fl X Ar atype 
+.It Fl X Ar atype
 Disables the
 .Ar atype
 type of authentication.
@ -142,7 +142,7 @@ Sets the initial value of the
 .Ic debug
 toggle to
 .Dv TRUE .
-.It Fl e Ar escapechar 
+.It Fl e Ar escapechar
 Sets the initial
 .Nm
 escape character to
@ -165,7 +165,7 @@ realm
 .Ar realm
 instead of the remote host's realm, as determined by
 .Xr krb_realmofhost 3 .
-.It Fl l Ar user 
+.It Fl l Ar user
 When connecting to the remote system, if the remote system
 understands the
 .Ev ENVIRON
@ -179,7 +179,7 @@ option.
 This option may also be used with the
 .Ic open
 command.
-.It Fl n Ar tracefile 
+.It Fl n Ar tracefile
 Opens
 .Ar tracefile
 for recording trace information.
@ -252,7 +252,7 @@ either \*(Lqcharacter at a time\*(Rq
 or \*(Lqold line by line\*(Rq
 depending on what the remote system supports.
 .Pp
-When 
+When
 .Dv LINEMODE
 is enabled, character processing is done on the
 local system, under the control of the remote system.  When input
@ -271,7 +271,7 @@ to turn off and on the local echo
 (this would mostly be used to enter passwords
 without the password being echoed).
 .Pp
-If the 
+If the
 .Dv LINEMODE
 option is enabled, or if the
 .Ic localchars
@ -286,7 +286,7 @@ and
 characters are trapped locally, and sent as
 .Tn TELNET
 protocol sequences to the remote side.
-If 
+If
 .Dv LINEMODE
 has ever been enabled, then the user's
 .Ic susp
@ -297,9 +297,9 @@ are also sent as
 protocol sequences,
 and
 .Ic quit
-is sent as a 
+is sent as a
 .Dv TELNET ABORT
-instead of 
+instead of
 .Dv BREAK .
 There are options (see
 .Ic toggle
@ -340,7 +340,7 @@ and
 commands).
 .Pp
 .Bl -tag -width "mode type"
-.It Ic auth Ar argument ... 
+.It Ic auth Ar argument ...
 The auth command manipulates the information sent through the
 .Dv TELNET AUTHENTICATE
 option.  Valid arguments for the
@ -365,7 +365,7 @@ authentication.
 Close a
 .Tn TELNET
 session and return to command mode.
-.It Ic display Ar argument ... 
+.It Ic display Ar argument ...
 Displays all, or some, of the
 .Ic set
 and
@ -460,7 +460,7 @@ Valid arguments for the
 .Ic environ
 command are:
 .Bl -tag -width Fl
-.It Ic define Ar variable value 
+.It Ic define Ar variable value
 Define the variable
 .Ar variable
 to have a value of
@ -470,15 +470,15 @@ The
 .Ar value
 may be enclosed in single or double quotes so
 that tabs and spaces may be included.
-.It Ic undefine Ar variable 
+.It Ic undefine Ar variable
 Remove
 .Ar variable
 from the list of environment variables.
-.It Ic export Ar variable 
+.It Ic export Ar variable
 Mark the variable
 .Ar variable
 to be exported to the remote side.
-.It Ic unexport Ar variable 
+.It Ic unexport Ar variable
 Mark the variable
 .Ar variable
 to not be exported unless
@ -512,7 +512,7 @@ If the remote side also supports the concept of
 suspending a user's session for later reattachment,
 the logout argument indicates that you
 should terminate the session immediately.
-.It Ic mode Ar type 
+.It Ic mode Ar type
 .Ar Type
 is one of several options, depending on the state of the
 .Tn TELNET
@ -533,40 +533,40 @@ Enable the
 option, or, if the remote side does not understand the
 .Dv LINEMODE
 option, then attempt to enter \*(Lqold-line-by-line\*(Rq mode.
-.It Ic isig Pq Ic \-isig 
-Attempt to enable (disable) the 
+.It Ic isig Pq Ic \-isig
+Attempt to enable (disable) the
 .Dv TRAPSIG
-mode of the 
+mode of the
 .Dv LINEMODE
 option.
-This requires that the 
+This requires that the
 .Dv LINEMODE
 option be enabled.
-.It Ic edit Pq Ic \-edit 
-Attempt to enable (disable) the 
+.It Ic edit Pq Ic \-edit
+Attempt to enable (disable) the
 .Dv EDIT
-mode of the 
+mode of the
 .Dv LINEMODE
 option.
-This requires that the 
+This requires that the
 .Dv LINEMODE
 option be enabled.
-.It Ic softtabs Pq Ic \-softtabs 
-Attempt to enable (disable) the 
+.It Ic softtabs Pq Ic \-softtabs
+Attempt to enable (disable) the
 .Dv SOFT_TAB
-mode of the 
+mode of the
 .Dv LINEMODE
 option.
-This requires that the 
+This requires that the
 .Dv LINEMODE
 option be enabled.
-.It Ic litecho Pq Ic \-litecho 
-Attempt to enable (disable) the 
+.It Ic litecho Pq Ic \-litecho
+Attempt to enable (disable) the
 .Dv LIT_ECHO
-mode of the 
+mode of the
 .Dv LINEMODE
 option.
-This requires that the 
+This requires that the
 .Dv LINEMODE
 option be enabled.
 .It Ic ?\&
@ -623,7 +623,7 @@ Close any open
 session and exit
 .Nm .
 An end of file (in command mode) will also close a session and exit.
-.It Ic send Ar arguments 
+.It Ic send Ar arguments
 Sends one or more special character sequences to the remote host.
 The following are the arguments which may be specified
 (more than one argument may be specified at a time):
@ -745,8 +745,8 @@ Prints out help information for the
 .Ic send
 command.
 .El
-.It Ic set Ar argument value 
-.It Ic unset Ar argument value 
+.It Ic set Ar argument value
+.It Ic unset Ar argument value
 The
 .Ic set
 command will set any one of a number of
@ -1050,20 +1050,20 @@ Displays the legal
 .Pq Ic unset
 commands.
 .El
-.It Ic skey Ar sequence challenge 
+.It Ic opie Ar sequence challenge
 The
-.Ic skey
-command computes a response to the S/Key challenge.
-.It Ic slc Ar state 
+.Ic opie
+command computes a response to the OPIE challenge.
+.It Ic slc Ar state
 The
 .Ic slc
 command (Set Local Characters) is used to set
 or change the state of the special
-characters when the 
+characters when the
 .Dv TELNET LINEMODE
 option has
 been enabled.  Special characters are characters that get
-mapped to 
+mapped to
 .Tn TELNET
 commands sequences (like
 .Ic ip
@ -1089,7 +1089,7 @@ was started.
 .It Ic import
 Switch to the remote defaults for the special characters.
 The remote default characters are those of the remote system
-at the time when the 
+at the time when the
 .Tn TELNET
 connection was established.
 .It Ic ?\&
@ -1102,7 +1102,7 @@ Show the current status of
 .Nm .
 This includes the peer one is connected to, as well
 as the current mode.
-.It Ic toggle Ar arguments ... 
+.It Ic toggle Ar arguments ...
 Toggle (between
 .Dv TRUE
 and
@ -1365,17 +1365,17 @@ Suspend
 .Nm .
 This command only works when the user is using the
 .Xr csh  1  .
-.It Ic \&! Op Ar command 
+.It Ic \&! Op Ar command
 Execute a single command in a subshell on the local
 system.  If
 .Ar command
 is omitted, then an interactive
 subshell is invoked.
-.It Ic ?\& Op Ar command 
+.It Ic ?\& Op Ar command
 Get help.  With no arguments,
 .Nm
 prints a help summary.
-If 
+If
 .Ar command
 is specified,
 .Nm
@ -1413,11 +1413,10 @@ command appeared in
 .Pp
 IPv6 support was added by WIDE/KAME project.
 .Sh NOTES
-.Pp
 On some remote systems, echo has to be turned off manually when in
 \*(Lqold line by line\*(Rq mode.
 .Pp
-In \*(Lqold line by line\*(Rq mode or 
+In \*(Lqold line by line\*(Rq mode or
 .Dv LINEMODE
 the terminal's
 .Ic eof
--- a/crypto/telnet/telnet/telnet.c
+++ b/crypto/telnet/telnet/telnet.c
@ -53,9 +53,7 @@ static const char rcsid[] =
 #endif	/* defined(unix) */

 #include <arpa/telnet.h>
-
 #include <ctype.h>
-
 #include <stdlib.h>
 #include <unistd.h>

@ -126,7 +124,9 @@ int
 	clienteof = 0;

 char *prompt = 0;
+#ifdef ENCRYPTION
 char *line;		/* hack around breakage in sra.c :-( !! */
+#endif

 cc_t escape;
 cc_t rlogin;
@ -643,7 +643,7 @@ mklist(buf, name)
 	register char c, *cp, **argvp, *cp2, **argv, **avt;

 	if (name) {
-		if ((int)strlen(name) > 40) {
+		if (strlen(name) > 40) {
 			name = 0;
 			unknown[0] = name_unknown;
 		} else {
@ -802,7 +802,7 @@ gettermname()
 				(setupterm(tname, 1, &err) == 0)) {
 			tnamep = mklist(termbuf, tname);
 		} else {
-			if (tname && ((int)strlen(tname) <= 40)) {
+			if (tname && (strlen(tname) <= 40)) {
 				unknown[0] = tname;
 				upcase(tname);
 			} else
@ -2452,7 +2452,7 @@ netclear()
 		next = nextitem(next);
 	    } while (wewant(next) && (nfrontp > next));
 	    length = next-thisitem;
-	    memmove(good, thisitem, length);
+	    memcpy(good, thisitem, length);
 	    good += length;
 	    thisitem = next;
 	} else {
--- a/crypto/telnet/telnet/utilities.c
+++ b/crypto/telnet/telnet/utilities.c
@ -47,9 +47,8 @@ static const char rcsid[] =
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/time.h>
-#include <unistd.h>
-
 #include <ctype.h>
+#include <unistd.h>

 #include "general.h"

--- a/crypto/telnet/telnetd/ext.h
+++ b/crypto/telnet/telnetd/ext.h
@ -85,7 +85,7 @@ extern char *unptyip;  /* pointer to remaining characters in buffer */
 #endif

 extern int	pty, net;
-extern char	*line;
+extern char	line[16];
 extern int	SYNCHing;		/* we are in TELNET SYNCH mode */

 #ifndef	P
--- a/crypto/telnet/telnetd/pathnames.h
+++ b/crypto/telnet/telnetd/pathnames.h
@ -43,7 +43,7 @@
 # endif

 #else
- 
+
 # define	_PATH_TTY	"/dev/tty"
 # ifndef _PATH_LOGIN
 #  define	_PATH_LOGIN	"/bin/login"
--- a/crypto/telnet/telnetd/state.c
+++ b/crypto/telnet/telnetd/state.c
@ -721,6 +721,7 @@ wontoption(option)
 			 */
 			if (lmodetype != REAL_LINEMODE)
 				break;
+			lmodetype = KLUDGE_LINEMODE;
 # endif	/* KLUDGELINEMODE */
 			clientstat(TELOPT_LINEMODE, WONT, 0);
 			break;
@ -1551,10 +1552,14 @@ send_status()
 		if (my_want_state_is_will(i)) {
 			ADD(WILL);
 			ADD_DATA(i);
+			if (i == IAC)
+				ADD(IAC);
 		}
 		if (his_want_state_is_will(i)) {
 			ADD(DO);
 			ADD_DATA(i);
+			if (i == IAC)
+				ADD(IAC);
 		}
 	}

--- a/crypto/telnet/telnetd/sys_term.c
+++ b/crypto/telnet/telnetd/sys_term.c
@ -481,14 +481,10 @@ getnpty()
 *
 * Returns the file descriptor of the opened pty.
 */
-#ifndef	__GNUC__
-char *line = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-#else
-static char Xline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-char *line = Xline;
-#endif
 #ifdef	CRAY
-char *myline = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+char myline[16];
+#else
+char line[16];
 #endif	/* CRAY */

 	int
@ -517,7 +513,8 @@ int *ptynum;
 #endif

 #ifndef	__hpux
-	(void) strcpy(line, "/dev/ptyXX");
+	(void) strcpy(line, _PATH_DEV);
+	(void) strcat(line, "ptyXX");
 	p1 = &line[8];
 	p2 = &line[9];
 #else
@ -568,11 +565,11 @@ int *ptynum;
 	struct stat sb;

 	for (*ptynum = lowpty; *ptynum <= highpty; (*ptynum)++) {
-		(void) sprintf(myline, "/dev/pty/%03d", *ptynum);
+		(void) sprintf(myline, "%spty/%03d", _PATH_DEV, *ptynum);
 		p = open(myline, 2);
 		if (p < 0)
 			continue;
-		(void) sprintf(line, "/dev/ttyp%03d", *ptynum);
+		(void) sprintf(line, "%sp%03d", _PATH_TTY, *ptynum);
 		/*
 		 * Here are some shenanigans to make sure that there
 		 * are no listeners lurking on the line.
@ -1300,6 +1297,7 @@ cleanopen(line)
 		(void) signal(SIGHUP, SIG_IGN);
 		(void) ioctl(t, TCVHUP, (char *)0);
 		(void) signal(SIGHUP, SIG_DFL);
+		setpgrp();

 #ifdef	UNICOS7x
 		if (secflag) {
@ -1359,7 +1357,7 @@ login_tty(t)
 	 * the indirect /dev/tty interface.
 	 */
 	close(t);
-	if ((t = open("/dev/tty", O_RDWR)) < 0)
+	if ((t = open(_PATH_TTY, O_RDWR)) < 0)
 		fatalperror(net, "open(/dev/tty)");
 #  endif
 # else
@ -1452,7 +1450,7 @@ startslave(host, autologin, autoname)
 		wtmp.ut_pid = pid;
 		SCPYN(wtmp.ut_user, "LOGIN");
 		SCPYN(wtmp.ut_host, host);
-		SCPYN(wtmp.ut_line, line + sizeof("/dev/") - 1);
+		SCPYN(wtmp.ut_line, line + sizeof(_PATH_DEV) - 1);
 #ifndef	__hpux
 		SCPYN(wtmp.ut_id, wtmp.ut_line+3);
 #else
@ -1584,7 +1582,7 @@ start_login(host, autologin, name)

 	memset(&utmpx, 0, sizeof(utmpx));
 	SCPYN(utmpx.ut_user, ".telnet");
-	SCPYN(utmpx.ut_line, line + sizeof("/dev/") - 1);
+	SCPYN(utmpx.ut_line, line + sizeof(_PATH_DEV) - 1);
 	utmpx.ut_pid = pid;
 	utmpx.ut_id[0] = 't';
 	utmpx.ut_id[1] = 'n';
@ -1898,7 +1896,7 @@ cleanup(sig)
 # if (BSD > 43) || defined(convex)
 	char *p;

-	p = line + sizeof("/dev/") - 1;
+	p = line + sizeof(_PATH_DEV) - 1;
 	if (logout(p))
 		logwtmp(p, "", "");
 	(void)chmod(line, 0666);
@ -2209,7 +2207,7 @@ cleantmpdir(jid, tpath, user)
 							tpath);
 		break;
 	case 0:
-		execl(CLEANTMPCMD, CLEANTMPCMD, user, tpath, 0);
+		execl(CLEANTMPCMD, CLEANTMPCMD, user, tpath, (char *)0);
 		syslog(LOG_ERR, "TMPDIR cleanup(%s): execl(%s) failed: %m",
 							tpath, CLEANTMPCMD);
 		exit(1);
@ -2247,7 +2245,7 @@ rmut()
 	 * This updates the utmpx and utmp entries and make a wtmp/x entry
 	 */

-	SCPYN(utmpx.ut_line, line + sizeof("/dev/") - 1);
+	SCPYN(utmpx.ut_line, line + sizeof(_PATH_DEV) - 1);
 	utxp = getutxline(&utmpx);
 	if (utxp) {
 		utxp->ut_type = DEAD_PROCESS;
@ -2308,7 +2306,7 @@ rmut()
 	}
 	(void) chmod(line, 0666);
 	(void) chown(line, 0, 0);
-	line[strlen("/dev/")] = 'p';
+	line[strlen(_PATH_DEV)] = 'p';
 	(void) chmod(line, 0666);
 	(void) chown(line, 0, 0);
 }  /* end of rmut */
--- a/crypto/telnet/telnetd/telnetd.8
+++ b/crypto/telnet/telnetd/telnetd.8
@ -76,7 +76,7 @@ option may be used to start up
 .Nm
 manually, instead of through
 .Xr inetd 8 .
-If started up this way, 
+If started up this way,
 .Ar port
 may be specified to run
 .Nm
@ -156,7 +156,7 @@ to print out debugging information
 to the connection, allowing the user to see what
 .Nm
 is doing.
-There are several possible values for 
+There are several possible values for
 .Ar debugmode :
 .Bl -tag -width exercise
 .It Cm options
@ -164,7 +164,7 @@ Print information about the negotiation of
 .Tn TELNET
 options.
 .It Cm report
-Print the 
+Print the
 .Cm options
 information, plus some additional information
 about what processing is going on.
@ -339,7 +339,7 @@ a specific authentication type without having to recompile
 operates by allocating a pseudo-terminal device (see
 .Xr pty 4 )
 for a client, then creating a login process which has
-the slave side of the pseudo-terminal as 
+the slave side of the pseudo-terminal as
 .Dv stdin ,
 .Dv stdout
 and
@ -353,7 +353,7 @@ between the remote client and the login process.
 .Pp
 When a
 .Tn TELNET
-session is started up, 
+session is started up,
 .Nm
 sends
 .Tn TELNET
@ -432,7 +432,7 @@ Whenever a
 .Dv DO TIMING-MARK
 command is received, it is always responded
 to with a
-.Dv WILL TIMING-MARK
+.Dv WILL TIMING-MARK .
 .It "WILL LOGOUT"
 When a
 .Dv DO LOGOUT
@ -528,9 +528,34 @@ is compiled with support for data encryption, and
 indicates a willingness to decrypt
 the data stream.
 .El
+.Sh NOTES
+By default
+.Nm
+will read the
+.Em \&he ,
+.Em \&hn ,
+and
+.Em \&im
+capabilities from
+.Pa /etc/gettytab
+and use that information (if present) to determine
+what to display before the login: prompt. You can
+also use a System V style
+.Pa /etc/issue
+file by using the
+.Em \&if
+capability, which will override
+.Em \&im .
+The information specified in either
+.Em \&im
+or
+.Em \&if
+will be displayed to both console and remote logins.
+.\" .Sh ENVIRONMENT
 .Sh FILES
 .Bl -tag -width /usr/ucb/bftp -compact
 .It Pa /etc/services
+.It Pa /etc/gettytab
 .It Pa /etc/inittab
 (UNICOS systems only)
 .It Pa /etc/iptos
@ -541,6 +566,7 @@ the data stream.
 .Sh "SEE ALSO"
 .Xr bftp 1 ,
 .Xr login 1 ,
+.Xr gettytab 5 ,
 .Xr telnet 1
 (if supported)
 .Sh STANDARDS
--- a/crypto/telnet/telnetd/telnetd.c
+++ b/crypto/telnet/telnetd/telnetd.c
@ -60,7 +60,9 @@ static const char rcsid[] =
 #include <err.h>
 #include <arpa/inet.h>

+#include <sys/mman.h>
 #include <libutil.h>
+#include <paths.h>
 #include <utmp.h>

 #if	defined(_SC_CRAY_SECURE_SYS)
@ -847,7 +849,6 @@ doit(who)
 #else
 	for (;;) {
 		char *lp;
-		extern char *line, *getpty();

 		if ((lp = getpty()) == NULL)
 			fatal(net, "Out of ptys");
@ -867,10 +868,10 @@ doit(who)
 	if (secflag) {
 		char slave_dev[16];

-		sprintf(tty_dev, "/dev/pty/%03d", ptynum);
+		sprintf(tty_dev, "%spty/%03d", _PATH_DEV, ptynum);
 		if (setdevs(tty_dev, &dv) < 0)
 		 	fatal(net, "cannot set pty security");
-		sprintf(slave_dev, "/dev/ttyp%03d", ptynum);
+		sprintf(slave_dev, "%sp%03d", _PATH_TTY, ptynum);
 		if (setdevs(slave_dev, &dv) < 0)
 		 	fatal(net, "cannot set tty security");
 	}
@ -880,7 +881,7 @@ doit(who)
 	if (realhostname_sa(remote_hostname, sizeof(remote_hostname) - 1,
 	    who, who->sa_len) == HOSTNAME_INVALIDADDR && registerd_host_only)
 		fatal(net, "Couldn't resolve your address into a host name.\r\n\
-	 Please contact your net administrator");
+	Please contact your net administrator");
 	remote_hostname[sizeof(remote_hostname) - 1] = '\0';

 	trimdomain(remote_hostname, UT_HOSTSIZE);
--- a/crypto/telnet/telnetd/termstat.c
+++ b/crypto/telnet/telnetd/termstat.c
@ -171,30 +171,30 @@ localstat()

 	if (uselinemode) {
 		/*
-	 * Check for state of BINARY options.
+		 * Check for state of BINARY options.
 		 *
 		 * We only need to do the binary dance if we are actually going
 		 * to use linemode.  As this confuses some telnet clients
 		 * that don't support linemode, and doesn't gain us
 		 * anything, we don't do it unless we're doing linemode.
 		 * -Crh (henrich@msu.edu)
-	 */
+		 */

-	if (tty_isbinaryin()) {
-		if (his_want_state_is_wont(TELOPT_BINARY))
-			send_do(TELOPT_BINARY, 1);
-	} else {
-		if (his_want_state_is_will(TELOPT_BINARY))
-			send_dont(TELOPT_BINARY, 1);
-	}
+		if (tty_isbinaryin()) {
+			if (his_want_state_is_wont(TELOPT_BINARY))
+				send_do(TELOPT_BINARY, 1);
+		} else {
+			if (his_want_state_is_will(TELOPT_BINARY))
+				send_dont(TELOPT_BINARY, 1);
+		}

-	if (tty_isbinaryout()) {
-		if (my_want_state_is_wont(TELOPT_BINARY))
-			send_will(TELOPT_BINARY, 1);
-	} else {
-		if (my_want_state_is_will(TELOPT_BINARY))
-			send_wont(TELOPT_BINARY, 1);
-	}
+		if (tty_isbinaryout()) {
+			if (my_want_state_is_wont(TELOPT_BINARY))
+				send_will(TELOPT_BINARY, 1);
+		} else {
+			if (my_want_state_is_will(TELOPT_BINARY))
+				send_wont(TELOPT_BINARY, 1);
+		}
 	}

 #ifdef	ENCRYPTION
--- a/crypto/telnet/telnetd/utility.c
+++ b/crypto/telnet/telnetd/utility.c
@ -43,6 +43,7 @@ static const char rcsid[] =
 #include <locale.h>
 #include <sys/utsname.h>
 #endif
+#include <string.h>
 #define PRINTOPTIONS
 #include "telnetd.h"

@ -438,11 +439,6 @@ putf(cp, where)
 	char *slash;
 	time_t t;
 	char db[100];
-#ifdef	STREAMSPTY
-	extern char *strchr();
-#else
-	extern char *strrchr();
-#endif
 #ifdef __FreeBSD__
 	static struct utsname kerninfo;