summaryrefslogtreecommitdiffstats
path: root/src/appl
Commit message (Collapse)AuthorAgeFilesLines
...
* * Use login.krb5 -f from klogindSam Hartman1996-09-304-39/+37
| | | | | | * Allow login.krb5 -f to authorize root login. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9135 dc483132-0cff-0310-8789-dd5450dbe970
* Fix goto labels so it compiles without krb4 supportSam Hartman1996-09-302-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9134 dc483132-0cff-0310-8789-dd5450dbe970
* * cmds.c (setpeer): Apply jik's fix so "-n" actually works asTom Yu1996-09-272-2/+8
| | | | | | intended. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9130 dc483132-0cff-0310-8789-dd5450dbe970
* Check in all of jik's patches besides the forward commandSam Hartman1996-09-217-3/+76
| | | | | | | | | | and init stanza. I think that as a low-priority fix, someone should rewrite the posix_signals stuff in sys_bsd.c to be more consistent with the rest of the code; it is correct but in a different style. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9102 dc483132-0cff-0310-8789-dd5450dbe970
* Preliminary fixed version of patch to deal with reading in credentialsSam Hartman1996-09-212-17/+38
| | | | | | and writing them out later. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9101 dc483132-0cff-0310-8789-dd5450dbe970
* * login.c: fix a security-threating race condition: chown'ing theBarry Jaspan1996-09-112-6/+131
| | | | | | | | ccache to the user can be bad if the user can delete the file first and make it a symlink to something else. The solution is to re-create the ccache after login as setuid() to the user. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9084 dc483132-0cff-0310-8789-dd5450dbe970
* Remove left-over .Sanitize fileTheodore Tso1996-09-111-31/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9076 dc483132-0cff-0310-8789-dd5450dbe970
* * telnet.1: Update -x flag usage to reflect our behavior ofTom Yu1996-09-102-1/+6
| | | | | | dropping connection if encryption cannot be negotiated. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9070 dc483132-0cff-0310-8789-dd5450dbe970
* remove ".so man1/header.doc" and extra args to .THTom Yu1996-09-1023-28/+50
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9069 dc483132-0cff-0310-8789-dd5450dbe970
* Don't allow the environment variable RESOLV_HOST_CONF to be set forTheodore Tso1996-09-072-0/+6
| | | | | | Linux's sake. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9057 dc483132-0cff-0310-8789-dd5450dbe970
* login.M: Document that login_krb4_convert is off by defaultTheodore Tso1996-09-063-3/+18
| | | | | | | | | login.c: Turn login_krb4_convert off by default, since it causes problems if you don't have krb524d running on the KDC. This is necessary because a Solaris socket bug causes login to hang for 45 seconds if krb524d isn't present on the KDC. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9041 dc483132-0cff-0310-8789-dd5450dbe970
* TCP performance fix (see 2203 in krb5-bugs): write out encrypted dataSam Hartman1996-09-023-31/+54
| | | | | | | | and length as one packet, not with two calls to write. This should also happen to rsh, rcp, and possibly telnet. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9020 dc483132-0cff-0310-8789-dd5450dbe970
* Removed Cygnus-specific infoJeff Bigler1996-08-304-278/+41
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9015 dc483132-0cff-0310-8789-dd5450dbe970
* man page rewrite from Cygnus. (Got rid of tmac.doc dependency, whichJeff Bigler1996-08-292-1459/+1508
| | | | | | breaks under HP-UX) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9006 dc483132-0cff-0310-8789-dd5450dbe970
* man page tweak from CygnusJeff Bigler1996-08-294-66/+67
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9005 dc483132-0cff-0310-8789-dd5450dbe970
* man page rewrite from Cygnus. (Got rid of dependency on tmac.doc, whichJeff Bigler1996-08-292-1216/+1225
| | | | | | breaks under HP-UX) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9004 dc483132-0cff-0310-8789-dd5450dbe970
* man page rewrites/tweaks/edits from CygnusJeff Bigler1996-08-296-334/+471
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9003 dc483132-0cff-0310-8789-dd5450dbe970
* * Fix core dumpSam Hartman1996-08-221-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8964 dc483132-0cff-0310-8789-dd5450dbe970
* * Include new MH patch from kenh@cmf.nrl.navy.mil. I have audited theSam Hartman1996-08-223-293/+325
| | | | | | | | | | | | patch against the old patch and krb5 changes, and it looks clean. He claims it compiles and works; it's certainly not any worse than the previous patch. * Popper now checks the client name to see that it matches the supplied credentials. If I understand the previous code, it didn't exactly care who you Kerberos-authenticated as. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8963 dc483132-0cff-0310-8789-dd5450dbe970
* Fix bug that caused files transmitted by a NetBSD box to have fileSam Hartman1996-08-102-1/+8
| | | | | | | | | | names of (null). CVS: ---------------------------------------------------------------------- automatically CVS: CVS: Committing in . CVS: CVS: Modified Files: ---------------------------------------------------------------------- git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8922 dc483132-0cff-0310-8789-dd5450dbe970
* On systems with setup_term, don't define it in telnet.c or meSam Hartman1996-08-053-1/+12
| | | | | | | might get into nasty loops if tcgetent is defined in terms of setup_term. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8902 dc483132-0cff-0310-8789-dd5450dbe970
* s/struct fd_set/fd_set/gSam Hartman1996-08-052-5/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8901 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Determine sizeof short, int, long for secure.cEzra Peisach1996-07-302-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8861 dc483132-0cff-0310-8789-dd5450dbe970
* * secure.c: Do not assume sizeof(long) = 4 for sending lengths OTWEzra Peisach1996-07-303-3/+24
| | | | | | * configure.in: Determine sizeof short, int, long for secure.c git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8860 dc483132-0cff-0310-8789-dd5450dbe970
* * Define a non-zero FUDGE_FACTOR for GSSAPI; I have it set to 64 now,Sam Hartman1996-07-273-9/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | even though I tend to see 52 bytes of increased data because I'm not sure that the 52 bytes is constant across all implementations ands options. * When allocating outbuf, set bufsize to the size that was actually allocated; it tends not to be nbyte+FUDGE_FACTOR exactly, and you smash the heap if you store a different size than you actually allocate. * If a secure_putbyte fails, set nout to zero so you don't run off the end of the buffer next time around. * Only write out foure bytes of net_len, no matter how big it is. The right answer is to have it be some 32-bit type but I'm not sure if I should use the krb5 type, the GSSAPI type, or what. (Remember, this code has ifdefs for KerberosIV without GSSAPI) * While we're at it, if secure_write fails while writing out a file in the client, notice the error. (a break in an inner loop didn't break out quite far enough) With these changes, I am able to get and put multi-megabyte files even on an Alpha. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8847 dc483132-0cff-0310-8789-dd5450dbe970
* *** empty log message ***Marc Horowitz1996-07-261-0/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8840 dc483132-0cff-0310-8789-dd5450dbe970
* * ftpd.c (auth_data): the logic which dealt with multiple acceptorMarc Horowitz1996-07-241-207/+204
| | | | | | names and fallback was just broken. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8793 dc483132-0cff-0310-8789-dd5450dbe970
* this commit includes all the changes on the OV_9510_INTEGRATION andMarc Horowitz1996-07-2215-747/+731
| | | | | | | | | OV_MERGE branches. This includes, but is not limited to, the new openvision admin system, and major changes to gssapi to add functionality, and bring the implementation in line with rfc1964. before committing, the code was built and tested for netbsd and solaris. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8774 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typo so that krsh doesn't exit when using the default portTheodore Tso1996-06-242-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8545 dc483132-0cff-0310-8789-dd5450dbe970
* Krb4: get the right includesSam Hartman1996-06-243-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8543 dc483132-0cff-0310-8789-dd5450dbe970
* Drop support for -u because it allows us to removeSam Hartman1996-06-244-243/+13
| | | | | | dependencies from utmp.h and it didn't work anyway. This fixes some Hpux compile problems as well. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8542 dc483132-0cff-0310-8789-dd5450dbe970
* * klogind should do a better job of initializing output flags on ttySam Hartman1996-06-245-1/+48
| | | | | | | * Fix so login.krb5 compiles with Athena Kerberos libs (needed for rsaix build) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8540 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize auth_context to NULL before calling krb5_sendauth - otherwiseEzra Peisach1996-06-152-1/+4
| | | | | | | it is treated as pointing to valid memory... (Patch provided by Bill Sommerfeld) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8367 dc483132-0cff-0310-8789-dd5450dbe970
* Remove tests that are not needed with the pty library in placeEzra Peisach1996-06-152-22/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8366 dc483132-0cff-0310-8789-dd5450dbe970
* * ftpd.c (authdata): misplaced braces caused server to not be able toKevin Mitchell1996-06-132-1/+8
| | | | | | | use ftp principle if it was present. Client looks for ftp first, then tries host; ftpd was looking only for host. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8355 dc483132-0cff-0310-8789-dd5450dbe970
* cvsignore hackeryTom Yu1996-06-1020-20/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8288 dc483132-0cff-0310-8789-dd5450dbe970
* Update .Sanitize files to reflect current file statusTheodore Tso1996-06-062-2/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8246 dc483132-0cff-0310-8789-dd5450dbe970
* When reading in the test value from a file, don't free freeTheodore Tso1996-06-062-2/+8
| | | | | | inbuf.value until after the last place where we use it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8245 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Ezra's changes to allow compiling w/o krb4Tom Yu1996-06-042-0/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8212 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Ezra's patches to allow compilation w/o krb4Tom Yu1996-06-042-0/+15
| | | | | | support git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8211 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in,configure.in: allow compilation w/o krb4 (Ezra'sTom Yu1996-06-043-1/+25
| | | | | | patches) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8210 dc483132-0cff-0310-8789-dd5450dbe970
* * login.c: Ezra's patches to trim unsed arg fromTom Yu1996-06-041-6/+14
| | | | | | verify_krb_v5_tgt, etc. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8209 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in, configure.in: back out previous changes and useTom Yu1996-06-033-7/+8
| | | | | | Ezra's patches instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8207 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in, Makefile.in: only link getdtablesize.o if neededTom Yu1996-06-033-2/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8205 dc483132-0cff-0310-8789-dd5450dbe970
* Use secure context for loginSam Hartman1996-05-232-1/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8116 dc483132-0cff-0310-8789-dd5450dbe970
* krlogind.c krshd.c:Richard Basch1996-05-094-1/+63
| | | | | | | | | Use the default service principal as the basis for the rcache name. login.c: SVR4 systems typically do not do mail/motd checks in login; they do it in the profiles (/etc/profile). Follow that convention... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7951 dc483132-0cff-0310-8789-dd5450dbe970
* Use the default service principal (don't assume it is "host") as theRichard Basch1996-05-092-1/+6
| | | | | | basis for the replay cache name. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7950 dc483132-0cff-0310-8789-dd5450dbe970
* cygnus merge:Ken Raeburn1996-05-028-64/+156
| | | | | | | | | | | | | | | | | | | | | | | | | * configure.in: Fix typo in Apr 16 HP-UX change. * state.c (envvarok): nuke all KRB5* environment variables, not just the previously selected ones. * telnetd.c (telnet -> doit): moved SIGTTOU handler before the first thing which would cause the terminal driver to get upset. * sys_term.c (line): Remove initialization silliness. The non-GNUC method was Just Wrong, do it the other way always. (Xline): Specify length, not contents. * termio-tn.c (readstream_termio): new file, provides isolated version of M_IOCTL handling for systems where termio and termios can't be compiled together. * termios-tn.c (readstream_termios): new file, provides isolated version of M_IOCTL handling for systems where termio and termios can't be compiled together. * telnetd.c (readstream): use readstream_termios and readstream_termio to handle getmsg with M_IOCTL. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7883 dc483132-0cff-0310-8789-dd5450dbe970
* Merge with Cygnus sources, changes from Mark Eichin, Marc Horowitz, ChrisKen Raeburn1996-05-0113-629/+1547
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Provenzano and me: * Makefile.in (install): Install correct set of man pages, and check for failures. * kshd.M, klogind.M: Renamed from kr*.M versions. * login.M: New file. Man page for login with some description of new features. * rlogin.M: Remove references to using program with target hostname as argv[0]. * rsh.M: Ditto. Also document -f, -F, -x options. * login.c: Massive changes. Split much functionality out of main and into separate file sections: terminal flag settings, Kerberos 4 and 5 support, UNIX password support, mail check, signal handler handling, some other support routines. Revamp controlling tty and process group handling. For AFS configuration, use setpag and run aklog. Try validating password using krb5. Always set tty flags, not just for rlogin session. When validating tickets, treat an existing key file that doesn't contain the key we think we want (possibly because DNS was spoofed) as an error condition. * Makefile.in (LOGINLIBS): List libkrb524.a here. (LIBOBJS): Not here. (login.krb5): Reverse the order of LIBOBJS and LOGINLIBS. * configure.in: Check for --with-afs. Add AFS libs and define SETPAG if supplied. * login.c (KRB5_GET_TICKETS, KRB4_GET_TICKETS, KRB_RUN_AKLOG): new macros selecting single signon options. krb5.conf profile support for control over authentication options, above the compile time selection. (conf_affirmative): new function, recognize yes/no in profile value. (login_get_kconf): new function, look for all [login] flags and set them in appropriate globals (via login_conf_set array.) (main, sleepexit, destroy_tickets): Check the new login_* flags. (main): rename KRB4_USE_524 to KRB4_CONVERT. * configure.in: Added checks for tcsetpgrp, tcgetpgrp, setpgid. * krlogind.c (control): Use tcgetpgrp if it's available. * loginpaths.h (RPATH, LPATH, LPATH_root): Define HP/UX 9.04 versions, conditionalized on __hpux and !hpux. * login.c and configure.in: instead of checking _IBMR2 and __sgi__, write configure tests to check for the existence of /etc/environment and /etc/TIMEZONE files, respectively. * forward.c (rd_and_store_for_creds) : If chown fails then only pass failure back if owner is different than intended owner. This is to make rsh.exp test work without requiring root privlidges. * login.c (main): Don't set TERM to an empty value. (stypeof) [__hpux]: Return null if unknown. * krlogin.c (catchild): remove hp/ux kludge because of aclocal.m4 fix. (speeds): test __hpux for hpux speed list. (main): test __hpux for use of FIOSSAIOSTAT and FIOSSAIOOWN (USE_TERMIO): test __hpux for bsdtty/ptyio headers. * krlogind.c: test __hpux for bsdtty/ptyio headers. (doit): test __hpux for use of setpgrp2. * krcp.c (main): test __hpux as well for remsh vs. rsh. * krcp.c (des_write): Make sure the buffer for the encrypted data is large enough. Only return an error in malloc fails. * krsh.c (main): Always turn on anyport -A option. * krlogind.c (ptsname): Declare if it's going to be used. * krshd.c (main): Use basename of argv[0] for progname. * login.c (dofork): On linux, TIOCNOTTY causes us to die on a SIGHUP, so don't even try it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7881 dc483132-0cff-0310-8789-dd5450dbe970
* hpux is unix. really, it isKen Raeburn1996-05-012-0/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7880 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-02 20:20:57 +0000