summaryrefslogtreecommitdiffstats
path: root/src/appl/bsd
diff options
context:
space:
mode:
authorKen Raeburn <raeburn@mit.edu>2002-03-08 23:08:36 +0000
committerKen Raeburn <raeburn@mit.edu>2002-03-08 23:08:36 +0000
commitb5f97443b59be33a2b3b923f3410eef330959a11 (patch)
treec65f1bc385ff99171bea588968122ac2c3e06f64 /src/appl/bsd
parent0e76dadc3a2619cb092ed75552d337347caedfd2 (diff)
downloadkrb5-b5f97443b59be33a2b3b923f3410eef330959a11.tar.gz
krb5-b5f97443b59be33a2b3b923f3410eef330959a11.tar.xz
krb5-b5f97443b59be33a2b3b923f3410eef330959a11.zip
revert accidental checkin of unfinished changes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14257 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl/bsd')
-rw-r--r--src/appl/bsd/Makefile.in4
-rw-r--r--src/appl/bsd/krcp.c35
-rw-r--r--src/appl/bsd/krlogind.c61
-rw-r--r--src/appl/bsd/krshd.c23
-rw-r--r--src/appl/bsd/login.c3
5 files changed, 45 insertions, 81 deletions
diff --git a/src/appl/bsd/Makefile.in b/src/appl/bsd/Makefile.in
index f596999c06..92b4dc872b 100644
--- a/src/appl/bsd/Makefile.in
+++ b/src/appl/bsd/Makefile.in
@@ -60,8 +60,8 @@ install::
) || exit 1; \
done
f=$(V4RCP); \
- if test -n "$$f" ; then $(INSTALL_PROGRAM) $$f \
- $(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`.real; \
+ if test -n "$$f" ; then $(INSTALL_SETUID) $$f \
+ $(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`; \
$(INSTALL_DATA) $(srcdir)/$$f.M \
${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \
fi
diff --git a/src/appl/bsd/krcp.c b/src/appl/bsd/krcp.c
index c48ed80eb1..5ad6a25a1e 100644
--- a/src/appl/bsd/krcp.c
+++ b/src/appl/bsd/krcp.c
@@ -47,8 +47,6 @@ char copyright[] =
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/ioctl.h>
-
-#include <syslog.h>
#include <netinet/in.h>
@@ -95,7 +93,6 @@ Key_schedule v4_schedule;
CREDENTIALS v4_cred;
KTEXT_ST v4_ticket;
MSG_DAT v4_msg_data;
-int v4_only;
#endif
void v4_send_auth(char *, char *), try_normal(char **);
@@ -128,7 +125,6 @@ int forcenet;
struct passwd *pwd;
int userid;
int port = 0;
-static const char *me;
struct buffer {
unsigned int cnt;
@@ -177,12 +173,6 @@ int main(argc, argv)
}
#endif
- me = strrchr (argv[0], '/');
- if (me)
- me++;
- else
- me = argv[0];
-
pwd = getpwuid(userid = getuid());
if (pwd == 0) {
fprintf(stderr, "who are you?\n");
@@ -254,11 +244,6 @@ int main(argc, argv)
else
usage ();
goto next_arg;
-#ifdef KRB5_KRB4_COMPAT
- case '4':
- v4_only = 1;
- break;
-#endif
#endif /* KERBEROS */
/* The rest of these are not for users. */
case 'd':
@@ -267,7 +252,6 @@ int main(argc, argv)
case 'f': /* "from" */
iamremote = 1;
- openlog (me, LOG_PID, LOG_DAEMON);
rcmd_stream_init_normal();
#if defined(KERBEROS)
if (encryptflag)
@@ -280,7 +264,6 @@ int main(argc, argv)
case 't': /* "to" */
iamremote = 1;
- openlog (me, LOG_PID, LOG_DAEMON);
rcmd_stream_init_normal();
#if defined(KERBEROS)
if (encryptflag)
@@ -442,10 +425,6 @@ int main(argc, argv)
cmd, targ);
host = thost;
#ifdef KERBEROS
-#ifdef KRB5_KRB4_COMPAT
- if (v4_only)
- goto try_krb4;
-#endif
authopts = AP_OPTS_MUTUAL_REQUIRED;
status = kcmd(&sock, &host,
port,
@@ -470,7 +449,6 @@ int main(argc, argv)
/* Don't fall back to less safe methods. */
exit (1);
#ifdef KRB5_KRB4_COMPAT
- try_krb4:
fprintf(stderr, "Trying krb4 rcp...\n");
if (strncmp(buf, "-x rcp", 6) == 0)
memcpy(buf, "rcp -x", 6);
@@ -973,11 +951,8 @@ krb5_sigtype
lostconn(signumber)
int signumber;
{
- char *reason = signumber ? "signal" : "eof";
if (iamremote == 0)
- fprintf(stderr, "rcp: lost connection (%s)\n", reason);
- else
- syslog(LOG_ERR, "lost connection (%s)", reason);
+ fprintf(stderr, "rcp: lost connection\n");
exit(1);
}
@@ -1276,14 +1251,8 @@ error(fmt, va_alist)
void usage()
{
#ifdef KERBEROS
-# ifdef KRB5_KRB4_COMPAT
-# define POPT "[-PN | -PO | -4]"
-# else
-# define POPT "[-PN | -PO]"
-# endif
fprintf(stderr,
- "Usage:\trcp " POPT " [-p] [-x] [-k realm] f1 f2\n"
- " or:\trcp " POPT " [-r] [-p] [-x] [-k realm] f1 ... fn d2\n");
+ "Usage: \trcp [-PN | -PO] [-p] [-x] [-k realm] f1 f2; or:\n\trcp [-PN | -PO] [-r] [-p] [-x] [-k realm] f1 ... fn d2\n");
#else
fputs("usage: rcp [-p] f1 f2; or: rcp [-rp] f1 ... fn d2\n", stderr);
#endif
diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c
index dc3a556f33..76d1f5397c 100644
--- a/src/appl/bsd/krlogind.c
+++ b/src/appl/bsd/krlogind.c
@@ -300,8 +300,8 @@ char lusername[UT_NAMESIZE+1];
char rusername[UT_NAMESIZE+1];
char *krusername = 0;
char term[64];
-char rhost_name[NI_MAXHOST];
-char rhost_addra[NI_MAXHOST];
+char rhost_name[MAXDNAME];
+char rhost_addra[16];
krb5_principal client;
int do_inband = 0;
@@ -322,7 +322,7 @@ extern int daemon(int, int);
#define VHANG_LAST /* vhangup must occur on close, not open */
#endif
-void fatal(int, const char *), fatalperror(int, const char *), doit(int, struct sockaddr *), usage(void), do_krb_login(char *, char *), getstr(int, char *, int, char *);
+void fatal(int, const char *), fatalperror(int, const char *), doit(int, struct sockaddr_in *), usage(void), do_krb_login(char *, char *), getstr(int, char *, int, char *);
void protocol(int, int);
int princ_maps_to_lname(krb5_principal, char *), default_realm(krb5_principal);
krb5_sigtype cleanup(int);
@@ -353,7 +353,7 @@ int main(argc, argv)
extern int opterr, optind;
extern char * optarg;
int on = 1, fromlen, ch;
- struct sockaddr_storage from;
+ struct sockaddr_in from;
int debug_port = 0;
int fd;
int do_fork = 0;
@@ -542,7 +542,7 @@ int main(argc, argv)
syslog(LOG_ERR, "fork: %s", error_message(errno));
case 0:
(void) close(s);
- doit(fd, (struct sockaddr *) &from);
+ doit(fd, &from);
close(fd);
exit(0);
default:
@@ -570,7 +570,7 @@ int main(argc, argv)
fd = 0;
}
- doit(fd, (struct sockaddr *) &from);
+ doit(fd, &from);
return 0;
}
@@ -593,7 +593,7 @@ int pid; /* child process id */
void doit(f, fromp)
int f;
- struct sockaddr *fromp;
+ struct sockaddr_in *fromp;
{
int p, t, on = 1;
register struct hostent *hp;
@@ -640,28 +640,24 @@ void doit(f, fromp)
sa.sa_flags = 0;
#endif
- if (fromp->sa_family == AF_INET)
- portnum = ntohs(((struct sockaddr_in *)fromp)->sin_port);
-#ifdef KRB5_USE_INET6
- else if (fromp->sa_family == AF_INET6)
- portnum = ntohs(((struct sockaddr_in6 *)fromp)->sin6_port);
-#endif
- else
- fatal(f, "Permission denied - Malformed from address\n");
-
- if (getnameinfo (fromp, socklen(fromp), rhost_name, sizeof(rhost_name),
- 0, 0, 0))
- rhost_name[0] = 0;
- if (getnameinfo (fromp, socklen(fromp), rhost_addra, sizeof(rhost_addra),
- 0, 0, NI_NUMERICHOST))
- strcpy(rhost_addra, "??");
-
+ fromp->sin_port = ntohs((u_short)fromp->sin_port);
hp = gethostbyaddr((char *) &fromp->sin_addr, sizeof (struct in_addr),
fromp->sin_family);
strncpy(rhost_addra, inet_ntoa(fromp->sin_addr), sizeof (rhost_addra));
+ rhost_addra[sizeof (rhost_addra) -1] = '\0';
+ if (hp != NULL) {
+ /* Save hostent information.... */
+ strncpy(rhost_name,hp->h_name,sizeof (rhost_name));
+ rhost_name[sizeof (rhost_name) - 1] = '\0';
+ } else
+ rhost_name[0] = '\0';
+
+ if (fromp->sin_family != AF_INET)
+ fatal(f, "Permission denied - Malformed from address\n");
#ifndef KERBEROS
- if (portnum >= IPPORT_RESERVED || portnum < IPPORT_RESERVED/2)
+ if (fromp->sin_port >= IPPORT_RESERVED ||
+ fromp->sin_port < IPPORT_RESERVED/2)
fatal(f, "Permission denied - Connection from bad port");
#endif /* KERBEROS */
@@ -820,7 +816,7 @@ void doit(f, fromp)
setenv("TERM",term, 1);
}
- retval = pty_make_sane_hostname(fromp, maxhostlen,
+ retval = pty_make_sane_hostname((struct sockaddr *) fromp, maxhostlen,
stripdomain, always_ip,
&rhost_sane);
if (retval)
@@ -847,7 +843,7 @@ void doit(f, fromp)
** The master blocks here until it reads a byte.
*/
- (void) close(syncpipe[1]);
+(void) close(syncpipe[1]);
if (read(syncpipe[0], &c, 1) != 1) {
/*
* Problems read failed ...
@@ -871,7 +867,7 @@ void doit(f, fromp)
* will fail to work properly
*/
#endif /* KERBEROS */
- ioctl(f, FIONBIO, &on);
+ ioctl(f, FIONBIO, &on);
ioctl(p, FIONBIO, &on);
/* FIONBIO doesn't always work on ptys, use fcntl to set O_NDELAY? */
@@ -1386,10 +1382,7 @@ recvauth(valid_checksum)
{
krb5_auth_context auth_context = NULL;
krb5_error_code status;
- struct sockaddr_storage peer_addr, local_addr;
-#if 0
struct sockaddr_in peersin, laddr;
-#endif
int len;
krb5_data inbuf;
char v4_instance[INST_SZ]; /* V4 Instance */
@@ -1401,12 +1394,12 @@ recvauth(valid_checksum)
*valid_checksum = 0;
len = sizeof(laddr);
- if (getsockname(netf, (struct sockaddr *)&local_addr, &len)) {
+ if (getsockname(netf, (struct sockaddr *)&laddr, &len)) {
exit(1);
}
-
- len = sizeof(peer_addr);
- if (getpeername(netf, (struct sockaddr *)&peer_addr, &len)) {
+
+ len = sizeof(peersin);
+ if (getpeername(netf, (struct sockaddr *)&peersin, &len)) {
syslog(LOG_ERR, "get peer name failed %d", netf);
exit(1);
}
diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c
index 3e047470dc..6f7f447d99 100644
--- a/src/appl/bsd/krshd.c
+++ b/src/appl/bsd/krshd.c
@@ -216,7 +216,7 @@ int maxhostlen = 0;
int stripdomain = 1;
int always_ip = 0;
-static krb5_error_code recvauth(int netfd, struct sockaddr *peersin,
+static krb5_error_code recvauth(int netfd, struct sockaddr_in peersin,
int *valid_checksum);
#else /* !KERBEROS */
@@ -264,7 +264,7 @@ void error (char *fmt, ...)
;
void usage(void), getstr(int, char *, int, char *),
- doit(int, struct sockaddr *);
+ doit(int, struct sockaddr_in *);
#ifndef HAVE_INITGROUPS
int initgroups(char* name, gid_t basegid) {
@@ -286,7 +286,7 @@ int main(argc, argv)
struct linger linger;
#endif
int on = 1, fromlen;
- struct sockaddr_storage from;
+ struct sockaddr_in from;
extern int opterr, optind;
extern char *optarg;
int ch;
@@ -492,7 +492,7 @@ int main(argc, argv)
fatal(fd, "Configuration error: mutually exclusive options specified");
}
- doit(dup(fd), (struct sockaddr *) &from);
+ doit(dup(fd), &from);
return 0;
}
@@ -609,7 +609,7 @@ cleanup(signumber)
void doit(f, fromp)
int f;
- struct sockaddr *fromp;
+ struct sockaddr_in *fromp;
{
char *cp;
#ifdef KERBEROS
@@ -817,7 +817,7 @@ void doit(f, fromp)
exit(1);
}
- if ((status = recvauth(f, fromaddr, &valid_checksum))) {
+ if ((status = recvauth(f, fromaddr,&valid_checksum))) {
error("Authentication failed: %s\n", error_message(status));
exit(1);
}
@@ -945,11 +945,14 @@ void doit(f, fromp)
if (port) {
/* Place entry into wtmp */
sprintf(ttyn,"krsh%ld",(long) (getpid() % 9999999));
+ pty_logwtmp(ttyn,locuser,sane_host);
+ }
+ /* We are simply execing a program over rshd : log entry into wtmp,
+ as kexe(pid), then finish out the session right after that.
+ Syslog should have the information as to what was exec'd */
+ else {
+ pty_logwtmp(ttyn,locuser,sane_host);
}
- /* else: We are simply execing a program over rshd : log entry into wtmp,
- as kexe(pid), then finish out the session right after that.
- Syslog should have the information as to what was exec'd */
- pty_logwtmp(ttyn,locuser,sane_host);
#ifdef CRAY
diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c
index e2fd62d27f..dee36247a5 100644
--- a/src/appl/bsd/login.c
+++ b/src/appl/bsd/login.c
@@ -818,8 +818,7 @@ static int verify_krb_v4_tgt (realm)
memcpy ((char *) &addr, (char *)hp->h_addr, sizeof (addr));
/* Do we have rcmd.<host> keys? */
#if 0 /* Be paranoid. If srvtab exists, assume it must contain the
- right key. The more paranoid mode also helps avoid a
- possible DNS spoofing issue. */
+ right key. */
have_keys = read_service_key (rcmd_str, phost, realm, 0, KEYFILE, key)
? 0 : 1;
memset (key, 0, sizeof (key));
generated by cgit (git 2.34.1) at 2025-06-13 08:56:18 +0000