man
diff --git a/man/man1/9p.1 b/man/man1/9p.1
index 12fc5f0..c7000fb 100644
--- a/man/man1/9p.1
+++ b/man/man1/9p.1
@@ -44,6 +44,10 @@
]
.B stat
.I path
+.PP
+.B 9p
+.B rdwr
+.I path
.SH DESCRIPTION
.I 9p
is a trivial 9P client that can access a single file on a 9P server.
@@ -85,6 +89,18 @@
on
.I path
and print the result
+.TP
+.B rdwr
+Open
+.I path
+for reading and writing.
+Then repeat until end-of-file on standard input:
+copy a line from the file to standard output,
+copy a line from standard input to the file.
+Print errors, but don't give up.
+.B Rdwr
+is useful for interacting with servers like
+.IR factotum (4).
.PD
.PP
.I 9p
diff --git a/man/man1/INDEX b/man/man1/INDEX
index 489bb07..366206d 100644
--- a/man/man1/INDEX
+++ b/man/man1/INDEX
@@ -114,12 +114,16 @@
ndbmkhash ndb.1
ndbmkhosts ndb.1
ndbquery ndb.1
-netkey netkey.1
news news.1
p p.1
img page.1
page page.1
psv page.1
+netkey passwd.1
+passwd passwd.1
+pem pem.1
+pemdecode pem.1
+pemencode pem.1
pic pic.1
tpic pic.1
plot plot.1
@@ -144,8 +148,21 @@
wait rc.1
whatis rc.1
~ rc.1
+readcons readcons.1
rio rio.1
rm rm.1
+asn12dsa rsa.1
+asn12rsa rsa.1
+dsa2pub rsa.1
+dsa2ssh rsa.1
+dsagen rsa.1
+rsa rsa.1
+rsa2csr rsa.1
+rsa2pub rsa.1
+rsa2ssh rsa.1
+rsa2x509 rsa.1
+rsafill rsa.1
+rsagen rsa.1
B sam.1
E sam.1
sam sam.1
@@ -154,6 +171,7 @@
samterm sam.1
scat scat.1
aescbc secstore.1
+ipso secstore.1
secstore secstore.1
secstored secstored.1
secuser secstored.1
@@ -165,6 +183,7 @@
sprog spell.1
split split.1
src src.1
+ssh-agent ssh-agent.1
auxstats stats.1
stats stats.1
strings strings.1
diff --git a/man/man1/netkey.1 b/man/man1/netkey.1
deleted file mode 100644
index 60f17bb..0000000
--- a/man/man1/netkey.1
+++ /dev/null
@@ -1,20 +0,0 @@
-.TH NETKEY 1
-.SH NAME
-netkey \- challenge-response authentication
-.SH SYNOPSIS
-.PP
-.B netkey
-.SH DESCRIPTION
-.PP
-.I Netkey
-prompts for a password to encrypt network challenges.
-It is a substitute for a SecureNet box.
-.SH SOURCE
-.B \*9/src/cmd/netkey.c
-.SH "SEE ALSO"
-.IR encrypt (3)
-.PP
-Robert Morris and Ken Thompson,
-``UNIX Password Security,''
-.I AT&T Bell Laboratories Technical Journal
-Vol 63 (1984), pp. 1649-1672
diff --git a/man/man1/pem.1 b/man/man1/pem.1
index 2002ae1..391cd5c 100644
--- a/man/man1/pem.1
+++ b/man/man1/pem.1
@@ -1,4 +1,4 @@
-.TH PEM 8
+.TH PEM 1
.SH NAME
pemdecode, pemencode \- encode files in Privacy Enhanced Mail (PEM) format
.SH SYNOPSIS
@@ -20,7 +20,7 @@
other applications, notably TLS.
PEM encodes data in base 64
(see
-.IR encode (2))
+.IR encode (3))
between lines of the form:
.IP
.EX
@@ -33,7 +33,7 @@
may be any string describing the encoded data.
The most common use of PEM format on Plan 9 is for encoding
X.509 certificates; see
-.IR rsa (8).
+.IR rsa (1).
.PP
.I Pemdecode
extracts the named
diff --git a/man/man1/readcons.1 b/man/man1/readcons.1
new file mode 100644
index 0000000..8fa1c39
--- /dev/null
+++ b/man/man1/readcons.1
@@ -0,0 +1,30 @@
+.TH READCONS 1
+.SH NAME
+readcons \- prompt console for input
+.SH SYNOPSIS
+.B readcons
+[
+.B -d
+.I default
+]
+[
+.B -s
+]
+.I prompt
+.SH DESCRIPTION
+.I Readcons
+prompts at the console for input, copying the typed string
+to standard output.
+If the
+.B -s
+flag is given, the input is not displayed (secret).
+If the user types an empty string (just a newline) and
+the
+.B -d
+option is given, then
+.I default
+is printed instead of an empty string.
+.SH SOURCE
+.B \*9/src/cmd/readcons.c
+.SH SEE ALSO
+.IR readcons (3)
diff --git a/man/man1/rsa.1 b/man/man1/rsa.1
index 42a2ae7..b01c979 100644
--- a/man/man1/rsa.1
+++ b/man/man1/rsa.1
@@ -1,4 +1,4 @@
-.TH RSA 8
+.TH RSA 1
.SH NAME
dsagen, rsagen, rsafill, asn12dsa, asn12rsa, dsa2pub, rsa2csr, rsa2pub, dsa2ssh, rsa2ssh, rsa2x509 \- generate and format dsa and rsa keys
.SH SYNOPSIS
@@ -305,9 +305,9 @@
and configure a remote Unix system to allow those keys for logins:
.IP
.EX
-rsagen -t 'service=ssh' >rsa1
-rsagen -t 'service=ssh-rsa' >rsa2
-dsagen -t 'service=ssh-dss' >dsa2
+rsagen -t 'service=ssh role=decrypt' >rsa1
+rsagen -t 'service=ssh-rsa role=sign' >rsa2
+dsagen -t 'service=ssh-dss role=sign' >dsa2
.EE
.PP
Convert existing Unix SSH version 2 keys instead of generating new ones:
diff --git a/man/man1/secstore.1 b/man/man1/secstore.1
index ee35fb6..01c7903 100644
--- a/man/man1/secstore.1
+++ b/man/man1/secstore.1
@@ -188,7 +188,9 @@
encrypts and decrypts using AES (Rijndael) in cipher
block chaining (CBC) mode.
.SH SOURCE
-.B \*9/src/cmd/secstore
+.B \*9/bin/ipso
+.br
+.B \*9/src/cmd/auth/secstore
.SH SEE ALSO
.IR factotum (4),
.IR secstored (1)
diff --git a/man/man1/secstored.1 b/man/man1/secstored.1
index b43e1c4..3eee78b 100644
--- a/man/man1/secstored.1
+++ b/man/man1/secstored.1
@@ -59,6 +59,6 @@
.B \*9/ndb/auth
for mapping local userid to RADIUS userid
.SH SOURCE
-.B \*9/src/cmd/secstore
+.B \*9/src/cmd/auth/secstore
.SH SEE ALSO
.IR secstore (1)
diff --git a/man/man3/INDEX b/man/man3/INDEX
index b64cc21..86c5369 100644
--- a/man/man3/INDEX
+++ b/man/man3/INDEX
@@ -282,6 +282,8 @@
announce dial.3
dial dial.3
dialparse dial.3
+freenetconninfo dial.3
+getnetconninfo dial.3
listen dial.3
netmkaddr dial.3
reject dial.3
@@ -340,6 +342,7 @@
stringnbgop draw.3
stringnop draw.3
stringop draw.3
+asn1toDSApriv dsa.3
dsa dsa.3
dsagen dsa.3
dsaprivalloc dsa.3
diff --git a/man/man3/authsrv.3 b/man/man3/authsrv.3
index 6b64ed8..a0b6857 100644
--- a/man/man3/authsrv.3
+++ b/man/man3/authsrv.3
@@ -212,7 +212,7 @@
.SH SOURCE
.B \*9/src/libauthsrv
.SH SEE ALSO
-.IR netkey (1),
+.IR passwd (1),
.IR dial (3),
Plan 9's
\fIauthsrv\fR(6).
diff --git a/man/man3/dial.3 b/man/man3/dial.3
index 0c8c96a..7177e53 100644
--- a/man/man3/dial.3
+++ b/man/man3/dial.3
@@ -1,6 +1,6 @@
.TH DIAL 3
.SH NAME
-dial, announce, listen, accept, reject, netmkaddr, dialparse \- make and break network connections
+dial, announce, listen, accept, reject, netmkaddr, getnetconninfo, freenetconninfo, dialparse \- make and break network connections
.SH SYNOPSIS
.B #include <u.h>
.br
@@ -26,12 +26,12 @@
.\" .PP
.\" .B
.\" void setnetmtpt(char *to, int tolen, char *from)
-.\" .PP
-.\" .B
-.\" NetConnInfo* getnetconninfo(char *conndir, int fd)
-.\" .PP
-.\" .B
-.\" void freenetconninfo(NetConnINfo*)
+.PP
+.B
+NetConnInfo* getnetconninfo(char *dir, int fd)
+.PP
+.B
+void freenetconninfo(NetConnINfo*)
.PP
.B
int dialparse(char *addr, char **net, char **unix,
@@ -94,19 +94,19 @@
networks in common between source and destination
until a call succeeds.
It returns a file descriptor open for reading and writing the
-.B data
-file in the line directory.
-The
-.B addr
-file in the line directory contains the address called.
-.\" If the network allows the local address to be set,
-.\" as is the case with UDP and TCP port numbers, and
-.\" .IR local
-.\" is non-zero, the local address will be set to
-.\" .IR local .
+call.
+.\" .B data
+.\" file in the line directory.
+.\" The
+.\" .B addr
+.\" file in the line directory contains the address called.
+If the network allows the local address to be set,
+as is the case with UDP and TCP port numbers, and
+.IR local
+is non-zero, the local address will be set to
+.IR local .
.IR Dial 's
-.IR local ,
-.IR dir ,
+.IR dir
and
.I cfdp
arguments
@@ -166,39 +166,41 @@
parses a network address as described above
into a network name, a Unix domain socket address,
an IPv4 host address, and an IPv4 port number.
-.\" .PP
-.\" .I Getnetconninfo
-.\" returns a structure containing information about a
-.\" network connection. The structure is:
-.\" .EX
-.\" typedef struct NetConnInfo NetConnInfo;
-.\" struct NetConnInfo
-.\" {
-.\" char *dir; /* connection directory */
-.\" char *root; /* network root */
-.\" char *spec; /* binding spec */
-.\" char *lsys; /* local system */
-.\" char *lserv; /* local service */
-.\" char *rsys; /* remote system */
-.\" char *rserv; /* remote service */
-.\" };
-.\" .EE
-.\" .PP
-.\" The information is obtained from the connection directory,
-.\" .IR conndir .
-.\" If
-.\" .I conndir
-.\" is nil, the directory is obtained by performing
-.\" .IR fd2path (3)
-.\" on
-.\" .IR fd .
-.\" .I Getnetconninfo
-.\" returns either a completely specified structure, or
-.\" nil if either the structure can't be allocated or the
-.\" network directory can't be determined.
-.\" The structure
-.\" is freed using
-.\" .IR freenetconninfo .
+.PP
+.I Getnetconninfo
+returns a structure containing information about a
+network connection. The structure is:
+.PP
+.EX
+ typedef struct NetConnInfo NetConnInfo;
+ struct NetConnInfo
+ {
+ char *dir; /* connection directory */
+ char *root; /* network root */
+ char *spec; /* binding spec */
+ char *lsys; /* local system */
+ char *lserv; /* local service */
+ char *rsys; /* remote system */
+ char *rserv; /* remote service */
+ char *laddr; /* local address */
+ char *raddr; /* remote address */
+ };
+.EE
+.PP
+The information is obtained from the
+`line directory'
+.IR dir ,
+or if
+.I dir
+is nil, from the connection file descriptor
+.IR fd .
+.I Getnetconninfo
+returns either a completely specified structure, or
+nil if either the structure can't be allocated or the
+network directory can't be determined.
+The structure
+is freed using
+.IR freenetconninfo .
.\" .PP
.\" .I Setnetmtpt
.\" copies the name of the network mount point into
@@ -307,6 +309,8 @@
.B \*9/src/lib9/announce.c
.br
.B \*9/src/lib9/_p9dialparse.c
+.br
+.B \*9/src/lib9/getnetconn.c
.SH DIAGNOSTICS
.IR Dial ,
.IR announce ,
diff --git a/man/man3/dsa.3 b/man/man3/dsa.3
index c29d287..41532b8 100644
--- a/man/man3/dsa.3
+++ b/man/man3/dsa.3
@@ -1,6 +1,6 @@
.TH DSA 3
.SH NAME
-dsagen, dsasign, dsaverify, dsapuballoc, dsapubfree, dsaprivalloc, dsaprivfree, dsasigalloc, dsasigfree, dsaprivtopub - digital signature algorithm
+asn1toDSApriv, dsagen, dsasign, dsaverify, dsapuballoc, dsapubfree, dsaprivalloc, dsaprivfree, dsasigalloc, dsasigfree, dsaprivtopub - digital signature algorithm
.SH SYNOPSIS
.B #include <u.h>
.br
@@ -39,6 +39,9 @@
.PP
.B
DSApub* dsaprivtopub(DSApriv*)
+.PP
+.B
+DSApriv* asn1toDSApriv(uchar *priv, int npriv)
.SH DESCRIPTION
.PP
DSA is the NIST approved digital signature algorithm. The owner of a key publishes
@@ -120,6 +123,13 @@
and
.I dsasigfree
are provided to manage signature storage.
+.PP
+.I Asn1toDSApriv
+converts an ASN1 formatted DSA private key into the corresponding
+.B DSApriv
+structure; see
+.IR rsa (3)
+for other ASN1 routines.
.SH SOURCE
.B \*9/src/libsec
.SH SEE ALSO
diff --git a/man/man3/readcons.3 b/man/man3/readcons.3
index 1f5d986..dd284b9 100644
--- a/man/man3/readcons.3
+++ b/man/man3/readcons.3
@@ -29,7 +29,9 @@
is non-zero, the input is not echoed to the screen.
.SH EXAMPLE
A stripped-down version of
-.IR netkey (1):
+.I netkey
+(see
+.IR passwd (1)):
.IP
.EX
pass = readcons("password", nil, 1);
diff --git a/man/man4/factotum.4 b/man/man4/factotum.4
index 148f649..3a2d3d7 100644
--- a/man/man4/factotum.4
+++ b/man/man4/factotum.4
@@ -704,10 +704,10 @@
.I auth_proxy
(see
.IR auth (3)).
-The protocols follow
-.IR p9any (7)
-and
-.IR p9sk1 (7).
+.\" The protocols follow
+.\" .IR p9any (7)
+.\" and
+.\" .IR p9sk1 (7).
.\" XXX - write about how server keys are selected and used
.\" XXX - write about protocol itself
.\" XXX - write about server ai
@@ -1017,4 +1017,6 @@
.IR tokenize .
The response is a hexadecimal string of length 32.
.SH SOURCE
-.B \*9/src/cmd/factotum
+.B \*9/src/cmd/auth/factotum
+.SH SEE ALSO
+.IR ssh-agent (1)
