cygnus merge:

* configure.in: Fix typo in Apr 16 HP-UX change.

* state.c (envvarok): nuke all KRB5* environment variables, not just the
previously selected ones.

* telnetd.c (telnet -> doit): moved SIGTTOU handler before the first thing
which would cause the terminal driver to get upset.

* sys_term.c (line): Remove initialization silliness.  The non-GNUC method was
Just Wrong, do it the other way always.
(Xline): Specify length, not contents.

* termio-tn.c (readstream_termio): new file, provides isolated version of
M_IOCTL handling for systems where termio and termios can't be compiled
together.
* termios-tn.c (readstream_termios): new file, provides isolated version of
M_IOCTL handling for systems where termio and termios can't be compiled
together.
* telnetd.c (readstream): use readstream_termios and readstream_termio to
handle getmsg with M_IOCTL.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7883 dc483132-0cff-0310-8789-dd5450dbe970

8 files changed, 156 insertions, 64 deletions

diff --git a/src/appl/telnet/telnetd/ChangeLog b/src/appl/telnet/telnetd/ChangeLog
index 21fa61c27..2bcce3a87 100644
--- a/src/appl/telnet/telnetd/ChangeLog
+++ b/src/appl/telnet/telnetd/ChangeLog
@@ -1,6 +1,38 @@
+Wed May  1 21:14:45 1996  Ken Raeburn  <raeburn@cygnus.com>
+
+	* configure.in: Fix typo in Apr 16 HP-UX change.
+
+	Thu Apr 18 16:17:55 1996  Mark Eichin  <eichin@cygnus.com>
+
+	* state.c (envvarok): nuke all KRB5* environment variables, not
+	just the previously selected ones.
+
+	Fri Mar 29 01:21:29 1996  Marc Horowitz  <marc@mit.edu>
+
+	* telnetd.c (telnet -> doit): moved SIGTTOU handler before the
+ 	first thing which would cause the terminal driver to get upset.
+
+	Mon Mar 25 01:05:50 1996  Ken Raeburn  <raeburn@cygnus.com>
+
+	* sys_term.c (line): Remove initialization silliness.  The
+	non-GNUC method was Just Wrong, do it the other way always.
+	(Xline): Specify length, not contents.
+
+	Wed Feb 28 22:27:46 1996  Mark Eichin  <eichin@cygnus.com>
+
+	* termio-tn.c (readstream_termio): new file, provides isolated
+	version of M_IOCTL handling for systems where termio and termios
+	can't be compiled together.
+	* termios-tn.c (readstream_termios): new file, provides isolated
+	version of M_IOCTL handling for systems where termio and termios
+	can't be compiled together.
+	* telnetd.c (readstream): use readstream_termios and
+	readstream_termio to handle getmsg with M_IOCTL.
+
 Thu Apr 18 16:33:42 1996  Sam Hartman  <hartmans@mit.edu>
 
-	* state.c (suboption): Don't accept authentication suboptions after authentication negotiation complete. 
+	* state.c (suboption): Don't accept authentication suboptions
+	after authentication negotiation complete.
 	(envvarok):  exclude KRB5_KTNAME and KRB5CCNAME
 
 Tue Apr 16 12:23:02 1996  Sam Hartman  <hartmans@mit.edu>
diff --git a/src/appl/telnet/telnetd/Makefile.in b/src/appl/telnet/telnetd/Makefile.in
index a0421779f..26887b9e8 100644
--- a/src/appl/telnet/telnetd/Makefile.in
+++ b/src/appl/telnet/telnetd/Makefile.in
@@ -29,6 +29,8 @@ CFLAGS = $(CCOPTS) $(AUTH_DEF) $(OTHERDEFS) $(DEFS) $(LOCALINCLUDES)
 ARPA_TELNET= $(srcdir)/../arpa/telnet.h
 
 SRCS=	$(srcdir)/telnetd.c \
+	$(srcdir)/termio-tn.c \
+	$(srcdir)/termios-tn.c \
 	$(srcdir)/state.c \
 	$(srcdir)/termstat.c \
 	$(srcdir)/slc.c \
@@ -38,6 +40,8 @@ SRCS=	$(srcdir)/telnetd.c \
 	$(srcdir)/authenc.c \
 	$(GETTYSRC)
 OBJS=	telnetd.o \
+	termio-tn.o \
+	termios-tn.o \
 	state.o \
 	termstat.o \
 	slc.o \
diff --git a/src/appl/telnet/telnetd/configure.in b/src/appl/telnet/telnetd/configure.in
index 42a3c7ed8..97af7585b 100644
--- a/src/appl/telnet/telnetd/configure.in
+++ b/src/appl/telnet/telnetd/configure.in
@@ -29,14 +29,14 @@ dnl Make our operating system-specific security checks and definitions for
 dnl login.
 dnl
 case $krb5_cv_host in
-*-*-hpux-*)
+*-*-hpux*)
      broken_streams=yes
      ;;
 *-*-irix*)
      # Irix doesn't have a working granpt, and more over
      # you can't push anything onto a pty, so telnetd really
      # Really wants to treat it as if it doesn't have streams
-    broken_streams=yes
+     broken_streams=yes
      ;;
 esac
 if test -z "$broken_streams" ; then
diff --git a/src/appl/telnet/telnetd/state.c b/src/appl/telnet/telnetd/state.c
index 2faed7198..c398db214 100644
--- a/src/appl/telnet/telnetd/state.c
+++ b/src/appl/telnet/telnetd/state.c
@@ -1144,7 +1144,7 @@ suboption()
 
 	if (his_state_is_wont(TELOPT_TTYPE))	/* Ignore if option disabled */
 		break;
-sb_auth_complete();
+	sb_auth_complete();
 	settimer(ttypesubopt);
 
 	if (SB_EOF() || SB_GET() != TELQUAL_IS) {
@@ -1264,7 +1264,7 @@ sb_auth_complete();
     case TELOPT_XDISPLOC: {
 	if (SB_EOF() || SB_GET() != TELQUAL_IS)
 		return;
-sb_auth_complete();
+	sb_auth_complete();
 	settimer(xdisplocsubopt);
 	subpointer[SB_LEN()] = '\0';
 	(void)setenv("DISPLAY", (char *)subpointer, 1);
@@ -1280,7 +1280,7 @@ sb_auth_complete();
 
 	if (SB_EOF())
 		return;
-sb_auth_complete();
+	sb_auth_complete();
 	c = SB_GET();
 	if (c == TELQUAL_IS) {
 		if (subchar == TELOPT_OLD_ENVIRON)
@@ -1435,10 +1435,10 @@ sb_auth_complete();
 		case ENV_USERVAR:
 			*cp = '\0';
 			if (envvarok(varp)) {
-			    if (valp)
-				(void)setenv(varp, valp, 1);
-			    else
-				unsetenv(varp);
+				if (valp)
+					(void)setenv(varp, valp, 1);
+				else
+					unsetenv(varp);
 			}
 			cp = varp = (char *)subpointer;
 			valp = 0;
@@ -1456,10 +1456,10 @@ sb_auth_complete();
 	}
 	*cp = '\0';
 	if (envvarok(varp)) {
-	    if (valp)
-		(void)setenv(varp, valp, 1);
-	    else
-		unsetenv(varp);
+		if (valp)
+			(void)setenv(varp, valp, 1);
+		else
+			unsetenv(varp);
 	}
 	break;
     }  /* end of case TELOPT_NEW_ENVIRON */
@@ -1476,12 +1476,12 @@ sb_auth_complete();
 		 */
 		break;
 	case TELQUAL_IS:
-	  if (!auth_negotiated)
-  auth_is(subpointer, SB_LEN());
+		if (!auth_negotiated)
+			auth_is(subpointer, SB_LEN());
 		break;
 	case TELQUAL_NAME:
-	  if (!auth_negotiated)
-  auth_name(subpointer, SB_LEN());
+		if (!auth_negotiated)
+			auth_name(subpointer, SB_LEN());
 		break;
 	}
 	break;
@@ -1642,16 +1642,28 @@ send_status()
 }
 
 static int envvarok(varp)
-  char *varp;
+	char *varp;
 {
-    if (!strncmp(varp, "LD_", 3) || !strncmp(varp, "_RLD_", 5) ||
-	!strncmp(varp, "ELF_LD_", 7) || !strncmp(varp, "AOUT_LD_", 8) ||
-        !strcmp(varp, "LIBPATH") || !strcmp(varp, "IFS") ||
-!strcmp(varp, "KRB5_KTNAME")|| !strcmp(varp, "KRB5CCNAME")||
-	strchr(varp, '='))
-    {
-	syslog(LOG_INFO, "Rejected the attempt to modify the environment variable \"%s\"", varp);
-	return 0;
-    }
-    return 1;
+	if (!strchr(varp, '=') &&
+	    strncmp(varp, "LD_", strlen("LD_")) && /* most systems */
+	    strncmp(varp, "_RLD_", strlen("_RLD_")) && /* irix */
+	    strncmp(varp, "KRB5", strlen("KRB5")) && /* v5 */
+	    /* The above is a catch-all for now.  Here are some of the
+	       specific ones we must avoid passing, at least until we
+	       can prove it can be done safely.  Keep this list around
+	       in case someone wants to remove the catch-all.  */
+	    strcmp(varp, "KRB5_CONFIG") && /* v5 */
+	    strcmp(varp, "KRB5CCNAME") &&  /* v5 */
+	    strcmp(varp, "KRB5_KTNAME") && /* v5 */
+	    strcmp(varp, "KRBTKFILE") &&   /* v4 */
+	    strcmp(varp, "KRB_CONF") &&	   /* cns v4 */
+	    strcmp(varp, "KRB_REALMS") &&  /* cns v4 */
+	    strcmp(varp, "LIBPATH") &&     /* AIX */
+	    strcmp(varp, "IFS")) {
+		return 1;
+	} else {
+		syslog(LOG_INFO, "Rejected the attempt to modify the environment variable \"%s\"", varp);
+		return 0;
+	}
+
 }
diff --git a/src/appl/telnet/telnetd/sys_term.c b/src/appl/telnet/telnetd/sys_term.c
index ac76cd864..829260b55 100644
--- a/src/appl/telnet/telnetd/sys_term.c
+++ b/src/appl/telnet/telnetd/sys_term.c
@@ -482,12 +482,9 @@ getnpty()
  *
  * Returns the file descriptor of the opened pty.
  */
-#ifndef	__GNUC__
-char *line = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-#else
-static char Xline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+static char Xline[17];
 char *line = Xline;
-#endif
+
 #ifdef	CRAY
 char *myline = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
 #endif	/* CRAY */
@@ -1050,7 +1047,6 @@ termbuf.c_cflag |= HUPCL;
 #ifndef	O_NOCTTY
 #define	O_NOCTTY	0
 #endif
-
 #endif	/* !defined(CRAY) || !defined(NEWINIT) */
 
 
diff --git a/src/appl/telnet/telnetd/telnetd.c b/src/appl/telnet/telnetd/telnetd.c
index 1fd55e624..c3660d2c2 100644
--- a/src/appl/telnet/telnetd/telnetd.c
+++ b/src/appl/telnet/telnetd/telnetd.c
@@ -933,6 +933,15 @@ pty_init();
 #endif
 
 	init_env();
+
+#ifdef	SIGTTOU
+	/*
+	 * Ignoring SIGTTOU keeps the kernel from blocking us.
+	 * we tweak the tty with an ioctl()
+	 * (in ttioct() in /sys/tty.c in a BSD kernel)
+	 */
+	(void) signal(SIGTTOU, SIG_IGN);
+#endif
 	/*
 	 * get terminal type.
 	 */
@@ -1137,13 +1146,6 @@ telnet(f, p, host)
 #ifdef	SIGTSTP
 	(void) signal(SIGTSTP, SIG_IGN);
 #endif
-#ifdef	SIGTTOU
-	/*
-	 * Ignoring SIGTTOU keeps the kernel from blocking us
-	 * in ttioct() in /sys/tty.c.
-	 */
-	(void) signal(SIGTTOU, SIG_IGN);
-#endif
 
 	(void) signal(SIGCHLD, cleanup);
 
@@ -1533,28 +1535,13 @@ int readstream(p, ibuf, bufsize)
 
 	case M_IOCTL:
 		ip = (struct iocblk *) (ibuf+1);
-
-		switch (ip->ioc_cmd) {
-		case TCSETS:
-		case TCSETSW:
-		case TCSETSF:
-			tsp = (struct termios *)
-					(ibuf+1 + sizeof(struct iocblk));
-			vstop = tsp->c_cc[VSTOP];
-			vstart = tsp->c_cc[VSTART];
-			ixon = tsp->c_iflag & IXON;
-			break;
-		case TCSETA:
-		case TCSETAW:
-		case TCSETAF:
-			tp = (struct termio *) (ibuf+1 + sizeof(struct iocblk));
-			vstop = tp->c_cc[VSTOP];
-			vstart = tp->c_cc[VSTART];
-			ixon = tp->c_iflag & IXON;      
-			break;
-		default:
-			errno = EAGAIN;
-			return(-1);
+		if (readstream_termio(ip->ioc_cmd, ibuf, 
+				      &vstop, &vstart, &ixon)) {
+		  if (readstream_termios(ip->ioc_cmd, ibuf, 
+					 &vstop, &vstart, &ixon)) {
+		    errno = EAGAIN;
+		    return(-1);
+		  }
 		}
 
 		newflow =  (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0;
diff --git a/src/appl/telnet/telnetd/termio-tn.c b/src/appl/telnet/telnetd/termio-tn.c
new file mode 100644
index 000000000..24eaffdce
--- /dev/null
+++ b/src/appl/telnet/telnetd/termio-tn.c
@@ -0,0 +1,31 @@
+/* handle having mutually exclusive termio vs. termios */
+/* return 0 if handled */
+#ifdef	STREAMSPTY
+#include <sys/types.h>
+#include <sys/stream.h>
+#include <sys/ioctl.h>
+#include <termio.h>
+
+int readstream_termio(cmd, ibuf, vstop, vstart, ixon)
+     int cmd;
+     char *ibuf;
+     char *vstop, *vstart;
+     int *ixon;
+{
+  struct termio *tp;
+  switch (cmd) {
+  case TCSETA:
+  case TCSETAW:
+  case TCSETAF:
+    tp = (struct termio *) (ibuf+1 + sizeof(struct iocblk));
+#if 0				/* VSTOP/VSTART only in termios!? */
+    *vstop = tp->c_cc[VSTOP];
+    *vstart = tp->c_cc[VSTART];
+#endif
+    *ixon = tp->c_iflag & IXON;      
+    return 0;
+  }
+  return -1;
+}
+
+#endif /* STREAMSPTY */
diff --git a/src/appl/telnet/telnetd/termios-tn.c b/src/appl/telnet/telnetd/termios-tn.c
new file mode 100644
index 000000000..4712a3326
--- /dev/null
+++ b/src/appl/telnet/telnetd/termios-tn.c
@@ -0,0 +1,30 @@
+/* handle having mutually exclusive termio vs. termios */
+/* return 0 if handled */
+#ifdef	STREAMSPTY
+#include <sys/types.h>
+#include <sys/stream.h>
+#include <sys/ioctl.h>
+#include <termios.h>
+
+int readstream_termios(cmd, ibuf, vstop, vstart, ixon)
+     int cmd;
+     char *ibuf;
+     char *vstop, *vstart;
+     int *ixon;
+{
+  struct termios *tsp;
+  switch (cmd) {
+  case TCSETS:
+  case TCSETSW:
+  case TCSETSF:
+    tsp = (struct termios *)
+      (ibuf+1 + sizeof(struct iocblk));
+    *vstop = tsp->c_cc[VSTOP];
+    *vstart = tsp->c_cc[VSTART];
+    *ixon = tsp->c_iflag & IXON;
+    return 0;
+  }
+  return -1;
+}
+
+#endif /* STREAMSPTY */