out who is returning 100+ level errors.

and treat those as fatal errors instead of user errors.

Also includes some PhantomNet-specific restrictions (e.g. only
allows use of the main Utah Emulab testbed  aggregate).

This excercise stretched the limits of what we can reasonably do
before introducing real per-testbed branding/policy mechanisms to
the php/web front-end.  My changes ain't exactly pretty...

Please take care when adding any testbed-specific changes to the
code.  There are three flavors now to consider in the logic.

1) Implement the latest dataset read/write access settings from frontend to
   backend. Also updates for simultaneous read-only usage.

2) New configure options: PROTOGENI_LOCALUSER and PROTOGENI_GENIWEBLOGIN.

   The first changes the way that projects and users are treated at the
   CM. When set, we create real accounts (marked as nonlocal) for users and
   also create real projects (also marked as nonlocal). Users are added to
   those projects according to their credentials. The underlying experiment
   is thus owned by the user and in the project, although all the work is
   still done by the geniuser pseudo user. The advantage of this approach
   is that we can use standard emulab access checks to control access to
   objects like datasets. Maybe images too at some point.

   NOTE: Users are not removed from projects once they are added; we are
   going to need to deal with this, perhaps by adding an expiration stamp
   to the groups_membership tables, and using the credential expiration to
   mark it.

   The second new configure option turns on the web login via the geni
   trusted signer. So, if I create a sliver on a backend cluster when both
   options are set, I can use the trusted signer to log into my newly
   created account on the cluster, and see it (via the emulab classic web
   interface).

   All this is in flux, might end up being a bogus approach in the end.

when a user logs in so that their home directory and projects are exported
from ops. Otherwise things break.

Since we really do not want to do this too often, exports_setup is
exporting anyone who is logged in within the last week, and the web
interface is calling out to exports_setup only once a day for each user.

This can be "improved" but I am worried we are fighting a losing battle and
will eventually yank this code anyway.

cloudlab/aptlab generated projects.

php to the backend newimageid script so that the web interface does not
have to worry about provenance issues. Cleaner too. Also some cleanups to
log image spew.

Also clean up some commented out stuff from the pnet index page.

And a couple of minor fixes.

And a couple of fixes.

If an alternate_domans_THISHOMEBASE.php file is present, include it.
This file should contain alternate page view options and global
variable overrides (see code for SetDomainDefs() in defs.php3).

Base variables off of requested virtual server name instead of
hard coding them.

A changed look and some cases feel for the Emulab UI for when
users come in through a PhantomNet domain.  This commit contains
a very spare conversion attempt, just to see if I can get things
moving in the right direction.

via shellinabox.

That option is no longer supported as of PHP 5.4.

To turn this option on, define SPEWFROMOPS=1 in your defs file. This
will result in a redirect message from boss which will send the wget
client over to ops. 

A perl setuid root cgi script is run from the webserver on ops when a
/spewrpmtar request is made. This script sends the key,nodeid,file
over to boss via XMLRPC (as elabman). The return is simple yes or no,
the caller is allowed (not allowed) to have that file. Since the
ops script runs as root, it can spew the file back to the caller.

Note that the elabinelab checks for the elabinelab source code are
gone; we are now open source. Also, we spew that file from /share now,
to be consistent.

This commit is intended to makes the license status of Emulab and
ProtoGENI source files more clear.  It replaces license symbols like
"EMULAB-COPYRIGHT" and "GENIPUBLIC-COPYRIGHT" with {{{ }}}-delimited
blocks that contain actual license statements.

This change was driven by the fact that today, most people acquire and
track Emulab and ProtoGENI sources via git.

Before the Emulab source code was kept in git, the Flux Research Group
at the University of Utah would roll distributions by making tar
files.  As part of that process, the Flux Group would replace the
license symbols in the source files with actual license statements.

When the Flux Group moved to git, people outside of the group started
to see the source files with the "unexpanded" symbols.  This meant
that people acquired source files without actual license statements in
them.  All the relevant files had Utah *copyright* statements in them,
but without the expanded *license* statements, the licensing status of
the source files was unclear.

This commit is intended to clear up that confusion.

Most Utah-copyrighted files in the Emulab source tree are distributed
under the terms of the Affero GNU General Public License, version 3
(AGPLv3).

Most Utah-copyrighted files related to ProtoGENI are distributed under
the terms of the GENI Public License, which is a BSD-like open-source
license.

Some Utah-copyrighted files in the Emulab source tree are distributed
under the terms of the GNU Lesser General Public License, version 2.1
(LGPL).

We had a couple of different problems actually.

* We allow users to insert html into many DB fields (say, a project or
  experiment description).

* We did not sanitize that output when displaying back.

* We did not sanitize initial page arguments that were reflected in the
  output (say, in a form).

Since no one has the time to analyze every line of code, I took a couple of
shortcuts. The first is that I changed the regex table to not allow any <>
chars to go from the user into the DB. Brutal, but in fact there are only a
couple of places where a user legitimately needs them. For example, a
startup command that includes redirection. I handle those as special
cases. As more come up, we can fix them.

I did a quick pass through all of the forms, and made sure that we run
htmlspecialchars on everything including initial form args. This was not
too bad cause of the way all of the forms are structured, with a
"formfields" array.

I also removed a bunch of obsolete code and added an update script to
actually remove them from the www directory.

Lastly, I purged some XMLRPC code I did a long time ago in the Begin
Experiment path. Less complexity, easier to grok and fix.

	modified:   sql/database-fill.sql
	modified:   sql/dbfill-update.sql

automatically record a new CA certificate. Hand the certificate off
to cacontrol, which will provisionally accept the certificate so that
the caller can then register their other certificates.