described in my final project paper.

is to add HMACs to events to ensure they that events cannot be
injected into an experiment by an unauthorized client.

* The frontend now generates a secret key for each experiment and
  stores that into a file and in the DB.

* Each of the event clients, as well as the event producers
  (scheduler, tevc) have a new -k option to specify the name of the
  file. Two new event library functions were added for clients to give
  the key:

    event_handle_t
    event_register_withkeyfile(char *name, int threaded, char *keyfile);

    event_handle_t
    event_register_withkeydata(char *name, int threaded,
	   		       unsigned char *keydata, int keylen);

* When the library is in possesion of a key, it will generate an HMAC
  and attach it to outgoing notifications. A client receiving a
  notification will compute an HMAC and compare it against the HMAC in
  the notification. If they do not compare, the notification is
  dropped with a warning message printed (the client callback never
  gets the notification). If the client has not provided a key, then
  the HMAC in the incoming notification is ignored.

* The scheduler also takes a -k option, and will compute HMACs for all
  of the static events ahead of time. That keeps it off the critical
  path.

* The tevc client also takes a -k option. However, tevc will always
  try to find the keyfile (default path) so that it can attach the
  HMAC to dynamic events before sending them to the scheduler (which
  will check to make sure it matches). The scheduler will not accept
  dynamic events without unless the HMAC is present and matches.

* I have rebuilt the elvin librarys, removing all of the X goop and
  the SSL goop. Smaller binaries. So, I had to add -lcrypto to all of
  the client makefiles to that programs link.

* The program-agent got a few more changes. The command string is no
  longer passed inside the event; it comes in when the program agent
  is started, via a config file generated from tmcd data. This gets
  rid of our mostly insecure remote execution facility.

of stuff in the new image. Also added client side install targets
every place I could think of.

and reponds to PROGRAM events. Currently, just start and stop. Start
takes a COMMAND= argument, and allows arbitrary command lines since I
pass the whole thing off to the shell. Caveat; the agent runs as root
and starts the program as root. You can has as many program objects in
your NS file as you like, but each one can be started once; you have
to either stop or wait for the old one to finish before trying to
start again.

system programs. Build two versions of the event library, one for non
threaded programs and another (libevent_r.a) for threaded versions.
Remove all that -pthread goo from all of the makefiles, except for the
scheduler (which is threaded); it gets linked as before, but with
-levent_r instead. If you try and use the threaded API without the
proper link, the library will print an error message and quit.

tbsend.c and tbrecv.c, which are trivial examples of how to send
and receive a sample event.

Also several changes for building on FreeBSD. I've left the older
Makefiles in place so Ian can continue to build in his environmant
(Linux?).