6 files changed, 25 insertions, 244 deletions

diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog
index 4628fd6010..494259188b 100644
--- a/src/appl/bsd/ChangeLog
+++ b/src/appl/bsd/ChangeLog
@@ -1,3 +1,20 @@
+Thu Oct 31 22:14:00 1996  Sam Hartman  <hartmans@planet-zorp.MIT.EDU>
+
+	* krlogind.c (doit): Remove tab3 because it isn't very useful and
+ 	isn't always present.
+
+Thu Oct 31 19:19:54 1996  Sam Hartman  <hartmans@mit.edu>
+
+	* klogind.M kshd.M:  document -r goes away [138]
+
+	* krshd.c (doit): Do not support rhosts authentication.  This was
+ 	never used by any clients and the cruft in kcmd.c was creating
+ 	problems. [138]
+
+	* krlogind.c (do_krb_login): Remove broken rhosts support. [138]
+
+	* kcmd.c: Remove ruserok and associated cruft along with killpg. [138]
+
 Tue Oct 29 10:09:39 1996  Theodore Y. Ts'o  <tytso@mit.edu>
 
 	* login.c: Make the defaults be to *not* to get Kerberos V4
diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c
index 877020c15b..4b66c37953 100644
--- a/src/appl/bsd/kcmd.c
+++ b/src/appl/bsd/kcmd.c
@@ -425,178 +425,6 @@ getport(alport)
 
 
 
-#ifdef HAVE_SETREUID
-#if defined(sun)
-/* The IMP  and ultrix do not like multiple defined routines 
-   and since it does not have users with NFS filesystems 
-   mounted, the ruserok on it's OS will work just fine. 
-   However that is not the case with SUNS who's ruserok which 
-   is provided with the OS has problems with it's seteuid
-   ( which will eventually be traced no doubt to using
-   setreuid(-1,pgid)).
-   Therefore we provide a version of ruserok with fixes
-   the seteuid problem....Drawback - it can only be used
-   by a root process.*/
-
-#ifndef convex
-ruserok(rhost, superuser, ruser, luser)
-     const char *rhost;
-     int superuser;
-     const char *ruser, *luser;
-{
-    FILE *hostf;
-    char fhost[MAXHOSTNAMELEN];
-    int first = 1;
-    register char *sp, *p;
-    int baselen = -1;
-    int euid = -1;
-    
-    sp = rhost;
-    p = fhost;
-    while (*sp) {
-	if (*sp == '.') {
-	    if (baselen == -1)
-	      baselen = sp - rhost;
-	    *p++ = *sp++;
-	} else {
-	    *p++ = islower(*sp) ? toupper(*sp++) : *sp++;
-	}
-    }
-    *p = '\0';
-    hostf = superuser ? (FILE *)0 : fopen("/etc/hosts.equiv", "r");
-  again:
-    if (hostf) {
-	if (!_validuser(hostf, fhost, luser, ruser, baselen)) {
-	    (void) fclose(hostf);
-	    if (euid != -1)
-	      (void) setreuid ( 0,euid);
-	    return(0);
-	}
-	(void) fclose(hostf);
-    }
-    if (first == 1) {
-	struct stat sbuf;
-	struct passwd *pwd;
-	char pbuf[MAXPATHLEN];
-	
-	first = 0;
-	if ((pwd = getpwnam(luser)) == NULL)
-	  return(-1);
-	/*
-	 * Read .rhosts as the local user to avoid NFS mapping the 
-	 * root uid to something that can't read .rhosts.
-	 */
-	euid = geteuid();
-	if (euid != -1)
-	  (void) setreuid ( 0,pwd->pw_uid);
-	(void)strcpy(pbuf, pwd->pw_dir);
-	(void)strcat(pbuf, "/.rhosts");
-	if ((hostf = fopen(pbuf, "r")) == NULL){
-	    if (euid != -1)
-	      (void) setreuid ( 0,euid);
-	    return(-1);
-	}
-	(void)fstat(fileno(hostf), &sbuf);
-	if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) {
-	    fclose(hostf);
-	    if (euid != -1)
-	      (void) setreuid ( 0,euid);
-	    return(-1);
-	}
-	goto again;
-    }
-    if (euid != -1)
-      (void) setreuid ( 0,euid);
-    return (-1);
-}
-
-
-
-_validuser(hostf, rhost, luser, ruser, baselen)
-     char *rhost, *luser, *ruser;
-     FILE *hostf;
-     int baselen;
-{
-    char *user;
-    char ahost[MAXHOSTNAMELEN];
-    register char *p;
-    
-    while (fgets(ahost, sizeof (ahost), hostf)) {
-	p = ahost;
-	while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') {
-	    *p = islower(*p) ? toupper(*p) : *p;
-	    p++;
-	}
-	if (*p == ' ' || *p == '\t') {
-	    *p++ = '\0';
-	    while (*p == ' ' || *p == '\t')
-	      p++;
-	    user = p;
-	    while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0')
-	      p++;
-	} else
-	  user = p;
-	*p = '\0';
-	if (_checkhost(rhost, ahost, baselen) &&
-	    !strcmp(ruser, *user ? user : luser)) {
-	    return (0);
-	}
-    }
-    return (-1);
-}
-#endif	/* convex */
-
-
-
-_checkhost(rhost, lhost, len)
-     char *rhost, *lhost;
-     int len;
-{
-    static char ldomain[MAXHOSTNAMELEN + 1];
-    static char *domainp = NULL;
-    static int nodomain = 0;
-    register char *cp;
-    
-    if (len == -1)
-      return(!strcmp(rhost, lhost));
-    if (strncmp(rhost, lhost, len))
-      return(0);
-    if (!strcmp(rhost, lhost))
-      return(1);
-    if (*(lhost + len) != '\0')
-      return(0);
-    if (nodomain)
-      return(0);
-    if (!domainp) {
-	if (gethostname(ldomain, sizeof(ldomain)) == -1) {
-	    nodomain = 1;
-	    return(0);
-	}
-	ldomain[MAXHOSTNAMELEN] = 0;
-	if ((domainp = strchr(ldomain, '.')) == (char *)NULL) {
-	    nodomain = 1;
-	    return(0);
-	}
-	for (cp = ++domainp; *cp; ++cp)
-	  if (islower(*cp))
-	    *cp = toupper(*cp);
-    }
-    return(!strcmp(domainp, rhost + len +1));
-    
-}
-#endif /* ! sun */
-#endif /* HAVE_SETREUID */
-
-
-#if defined (hpux)
-int setreuid(real,eff)
-     int real,eff;
-{
-    int tmpint = -1;
-    return(setresuid(real,eff,tmpint));
-}
-#endif
-
 
 
 #ifndef HAVE_STRSAVE
@@ -620,15 +448,3 @@ char *sp;
 
 #endif
 
-#ifdef SYSV
-
-int killpg(pid,sig)
-     int pid,sig;
-{
-    
-    if ( pid >= 0)
-      pid *= -1;
-    return(kill(pid,sig));
-}
-
-#endif
diff --git a/src/appl/bsd/klogind.M b/src/appl/bsd/klogind.M
index fbd015b2fa..3db26c8f33 100644
--- a/src/appl/bsd/klogind.M
+++ b/src/appl/bsd/klogind.M
@@ -59,10 +59,6 @@ in.
 Allow Kerberos V5 and Kerberos V4 as acceptable authentication
 mechanisms.  This is the same as including \fB\-4\fP and \fB\-5\fP.
 
-.IP \fB\-r\fP 
-Trust the remote hostname as an authentication system using the 
- \fI.rhosts\fP authorization list.  This option may
-be desupported in future version of klogind.
 
 .IP \fB\-p\fP
  If all other authorization checks fail, prompt the user
diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c
index d878e1ebaf..2df7c80709 100644
--- a/src/appl/bsd/krlogind.c
+++ b/src/appl/bsd/krlogind.c
@@ -41,7 +41,6 @@ char copyright[] =
  * 1) Check authentication.
  * 2) Check authorization via the access-control files: 
  *    ~/.k5login (using krb5_kuserok) and/or
- *    ~/.rhosts  (using ruserok).
  * 3) Prompt for password if any checks fail, or if so configured.
  * Allow login if all goes well either by calling the accompanying 
  * login.krb5 or /bin/login, according to the definition of 
@@ -53,7 +52,6 @@ char copyright[] =
  * -k means trust krb4 or krb5
 * -5 means trust krb5
 * -4 means trust krb4
- * -r means trust .rhosts  (using ruserok).
  * -p and -P means prompt for password.
  *    If the -P option is passed, then the password is verified in 
  * addition to all other checks. If -p is not passed with -k or -r,
@@ -72,9 +70,7 @@ char copyright[] =
  *   KERBEROS - Define this if application is to be kerberised.
  *   CRYPT    - Define this if encryption is to be an option.
  *   DO_NOT_USE_K_LOGIN - Define this if you want to use /bin/login
- *              instead  of the accompanying login.krb5. In that case,
- *              the remote user's name must be present in the local
- *              .rhosts file, regardless of any options specified.
+ *              instead  of the accompanying login.krb5. 
  *   KRB5_KRB4_COMPAT - Define this if v4 rlogin clients are also to be served.
  *   ALWAYS_V5_KUSEROK - Define this if you want .k5login to be
  *              checked even for v4 clients (instead of .klogin).
@@ -250,7 +246,7 @@ krb5_ccache ccache = NULL;
 
 krb5_keytab keytab = NULL;
 
-#define ARGSTR	"rk54ciepPD:S:M:L:?"
+#define ARGSTR	"k54ciepPD:S:M:L:?"
 #else /* !KERBEROS */
 #define ARGSTR	"rpPD:?"
 #define (*des_read)  read
@@ -314,7 +310,6 @@ krb5_error_code recvauth();
 */
 #define AUTH_KRB4 (0x1)
 #define AUTH_KRB5 (0x2)
-#define AUTH_RHOSTS (0x4)
 int auth_ok = 0, auth_sent = 0;
 int do_encrypt = 0, passwd_if_fail = 0, passwd_req = 0;
 int checksum_required = 0, checksum_ignored = 0;
@@ -357,9 +352,6 @@ int main(argc, argv)
     opterr = 0;
     while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
       switch (ch) {
-	case 'r':         
-	auth_ok |= AUTH_RHOSTS;
-	  break;
 #ifdef KERBEROS
 	case 'k':
 #ifdef KRB5_KRB4_COMPAT
@@ -562,11 +554,6 @@ int syncpipe[2];
     desinbuf.data = des_inbuf;
     desoutbuf.data = des_outpkt+4;    /* Set up des buffers */
 
-    /* Must come from privileged port when .rhosts is being looked into */
-    if ((auth_ok&AUTH_RHOSTS) 
-	&& (fromp->sin_port >= IPPORT_RESERVED ||
-	    fromp->sin_port < IPPORT_RESERVED/2))
-      non_privileged = 1;
 #else /* !KERBEROS */
     if (fromp->sin_port >= IPPORT_RESERVED ||
 	fromp->sin_port < IPPORT_RESERVED/2)
@@ -627,7 +614,7 @@ int syncpipe[2];
 	new_termio.c_iflag &= ~(IXON|IXANY|BRKINT|INLCR|ICRNL);
 #else
 	new_termio.c_lflag |= (ICANON|ECHO|ISIG|IEXTEN);
-	new_termio.c_oflag |= (ONLCR|OPOST|TAB3);
+	new_termio.c_oflag |= (ONLCR|OPOST);
 	new_termio.c_iflag|= (IXON|IXANY|BRKINT|INLCR|ICRNL);
 #endif /*Do we need binary stream?*/
 	new_termio.c_iflag &= ~(ISTRIP);
@@ -1117,16 +1104,6 @@ do_krb_login(host)
 #endif
 
     
-/* See if we pass .rhosts.*/
-    if (auth_ok&AUTH_RHOSTS) {
-	/* Cannot check .rhosts unless connection from a privileged port. */
-	if (!non_privileged) {
-	    pwd = (struct passwd *) getpwnam(lusername);
-	    if (pwd &&
-		!ruserok(rhost_name, pwd->pw_uid == 0, rusername, lusername))
-		auth_sent |= AUTH_RHOSTS;
-	}
-    }
 
     if (checksum_required && !valid_checksum) {
 	if (auth_sent & AUTH_KRB5) {
@@ -1348,7 +1325,7 @@ void usage()
 {
 #ifdef KERBEROS
     syslog(LOG_ERR, 
-	   "usage: klogind [-rke45pP] [-D port] or [r/R][k/K][x/e][p/P]logind");
+	   "usage: klogind [-ke45pP] [-D port] or [r/R][k/K][x/e][p/P]logind");
 #else
     syslog(LOG_ERR, 
 	   "usage: rlogind [-rpP] [-D port] or [r/R][p/P]logind");
diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c
index 74e701db9a..4f064e9ee0 100644
--- a/src/appl/bsd/krshd.c
+++ b/src/appl/bsd/krshd.c
@@ -41,7 +41,6 @@ char copyright[] =
  * 1) Check authentication.
  * 2) Check authorization via the access-control files: 
  *    ~/.k5login (using krb5_kuserok) and/or
- *    ~/.rhosts  (using ruserok).
  * Execute command if configured authoriztion checks pass, else deny 
  * permission.
  *
@@ -50,12 +49,8 @@ char copyright[] =
  * take priority. The options are:
  * -k means trust krb4 or krb5
 * -5 means trust krb5
-* -4 means trust krb4
- * -r means trust .rhosts  (using ruserok).
+* -4 means trust krb4 (using .klogin)
  * 
- *     If no command-line arguments are present, then the presence of the 
- * letters kKrR in the program-name before "shd" determine the 
- * behaviour of the program exactly as with the command-line arguments.
  */
      
 /* DEFINES:
@@ -155,7 +150,7 @@ char copyright[] =
 #include "com_err.h"
 #include "loginpaths.h"
 
-#define ARGSTR	"rek54ciD:S:M:AP:?L:"
+#define ARGSTR	"ek54ciD:S:M:AP:?L:"
 
 
 #define RSHD_BUFSIZ 5120
@@ -184,7 +179,7 @@ int netf;
 
 #else /* !KERBEROS */
 
-#define ARGSTR	"rRD:?"
+#define ARGSTR	"RD:?"
 #define (*des_read)  read
 #define (*des_write) write
      
@@ -204,7 +199,6 @@ int netf;
 */
 #define AUTH_KRB4 (0x1)
 #define AUTH_KRB5 (0x2)
-#define AUTH_RHOSTS (0x4)
 int auth_ok = 0, auth_sent = 0;
 int checksum_required = 0, checksum_ignored = 0;
 char *progname;
@@ -285,9 +279,6 @@ int main(argc, argv)
     opterr = 0;
     while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
       switch (ch) {
-	case 'r':         
-	auth_ok |= AUTH_RHOSTS;
-	  break;
 #ifdef KERBEROS
 	case 'k':
 #ifdef KRB5_KRB4_COMPAT
@@ -1005,17 +996,6 @@ void doit(f, fromp)
 	}
 
 	
-    if (auth_ok&AUTH_RHOSTS) {
-	/* Cannot check .rhosts unless connection from privileged port */
-	if (!non_privileged) {
-	    if (ruserok(hostname, pwd->pw_uid == 0,
-			remuser, locuser) < 0) {
-		syslog(LOG_ERR ,
-		       "Principal %s (%s@%s) for local user %s failed ruserok.\n",
-		       kremuser, remuser, hostname, locuser);
-	    } else auth_sent |=AUTH_RHOSTS;
-	}
-    }
 #else
     if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' &&
 	ruserok(hostname, pwd->pw_uid == 0, remuser, locuser) < 0) {
@@ -1614,7 +1594,7 @@ loglogin(host, flag, failures, ue)
 void usage()
 {
 #ifdef KERBEROS
-    syslog(LOG_ERR, "usage: kshd [-rRkK] or [r/R][k/K]shd");
+    syslog(LOG_ERR, "usage: kshd [-54ecikK]  ");
 #else
     syslog(LOG_ERR, "usage: rshd");
 #endif
diff --git a/src/appl/bsd/kshd.M b/src/appl/bsd/kshd.M
index 5a10c5bc0e..df95c4db97 100644
--- a/src/appl/bsd/kshd.M
+++ b/src/appl/bsd/kshd.M
@@ -60,11 +60,6 @@ authorization check is passed, then the user is allowed to log in.
 Allow Kerberos5 and Kerberos4 as acceptable authentication
 mechanisms.  This is the same as including \fB\-4\fP and \fB\-5\fP.
 
-.IP \fB\-r\fP 
-Trust the remote hostname as an authentication system using the 
- \fI.rhosts\fP authorization list.  This option may be desupported in a future version.
-
-
 .IP \fB\-e\fP
 Require the client to encrypt the connection.  Only Kerberos5 clients
 support encryption.