diff options
author | Theodore Tso <tytso@mit.edu> | 1994-08-18 23:03:05 +0000 |
---|---|---|
committer | Theodore Tso <tytso@mit.edu> | 1994-08-18 23:03:05 +0000 |
commit | 0bd95a2b721033bd543e1b5c040a9cfca45aa4c2 (patch) | |
tree | 3c03e94bf81db49f07df9d366551e3cd43e80eec /src/appl/bsd | |
parent | ef9c510ceab1afc54bbe15a2a27a3dcb71b7513a (diff) | |
download | krb5-0bd95a2b721033bd543e1b5c040a9cfca45aa4c2.tar.gz krb5-0bd95a2b721033bd543e1b5c040a9cfca45aa4c2.tar.xz krb5-0bd95a2b721033bd543e1b5c040a9cfca45aa4c2.zip |
Fix KRB4 handling (was broken, just like kdc directory)
Fix bug to allow cross-realm forwarded credentials to work.
Store the forwarded credentials in a pid-dependent file, so that
different rlogin sessions get different credentials caches.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4197 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl/bsd')
-rw-r--r-- | src/appl/bsd/ChangeLog | 17 | ||||
-rw-r--r-- | src/appl/bsd/Makefile.in | 22 | ||||
-rw-r--r-- | src/appl/bsd/configure.in | 6 | ||||
-rw-r--r-- | src/appl/bsd/forward.c | 12 |
4 files changed, 43 insertions, 14 deletions
diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index fd97c1430..0e89c87d6 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,8 +1,25 @@ +Thu Aug 18 18:57:44 1994 Theodore Y. Ts'o (tytso at tsx-11) + + * Makefile.in: + * configure.in: Fix KRB4 handling; do it here in configure.in + instead of in Makefile.in + Thu Aug 18 18:55:36 1994 Mark Eichin (eichin@perdiem) * configure.in (LOGINLIBS): always substitute it, even if it isn't set. +Thu Aug 18 17:09:36 1994 Theodore Y. Ts'o (tytso at tsx-11) + + * forward.c (get_for_creds): Fix bug to allow cross-realm + forwarded credentials to work. + + * forward.c (rd_and_store_for_creds): Store the forwarded + credentials in a file which is PID dependent, to allow for + different sessions in an rlogin session. + + * Makefile: Add $(SETENVOBJ) to all programs that use forward.c + Tue Aug 16 22:41:25 1994 Mark Eichin (eichin@cygnus.com) * krlogind.c: add sys/ioctl.h. diff --git a/src/appl/bsd/Makefile.in b/src/appl/bsd/Makefile.in index 5ea022a7c..06b1e054d 100644 --- a/src/appl/bsd/Makefile.in +++ b/src/appl/bsd/Makefile.in @@ -3,7 +3,7 @@ SETENVSRC=@SETENVSRC@ SETENVOBJ=@SETENVOBJ@ ISODELIB=@ISODELIB@ COMERRLIB=$(BUILDTOP)/util/et/libcom_err.a -K4LIB = $(KRB4)/lib/libkrb.a +K4LIB = @K4LIB@ KLIB = $(TOPLIBD)/libkrb5.a $(TOPLIBD)/libcrypto.a $(ISODELIB) $(COMERRLIB) LOGINLIBS = @LOGINLIBS@ @@ -22,32 +22,32 @@ DEFINES= $(RSH) $(RPROGS) \ all:: rsh rcp rlogin krshd krlogind login.krb5 clean:: rsh rcp rlogin krshd krlogind login.krb5 -rsh: krsh.o kcmd.o forward.o - $(CC) $(CFLAGS) -o rsh krsh.o kcmd.o forward.o $(KLIB) $(LIBS) +rsh: krsh.o kcmd.o forward.o $(SETENVOBJ) + $(CC) $(CFLAGS) -o rsh krsh.o kcmd.o forward.o $(SETENVOBJ) $(KLIB) $(LIBS) install:: $(INSTALL_PROGRAM) rsh $(DESTDIR)$(CLIENT_BINDIR)/rsh -rcp: krcp.o kcmd.o forward.o $(LIBOBJS) - $(CC) $(CFLAGS) -o rcp krcp.o kcmd.o forward.o $(LIBOBJS) $(KLIB) $(LIBS) +rcp: krcp.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) + $(CC) $(CFLAGS) -o rcp krcp.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KLIB) $(LIBS) install:: $(INSTALL_PROGRAM) rcp $(DESTDIR)$(CLIENT_BINDIR)/rcp -rlogin: krlogin.o kcmd.o forward.o - $(CC) $(CFLAGS) -o rlogin krlogin.o kcmd.o forward.o $(KLIB) $(LIBS) +rlogin: krlogin.o kcmd.o forward.o $(SETENVOBJ) + $(CC) $(CFLAGS) -o rlogin krlogin.o kcmd.o forward.o $(SETENVOBJ) $(KLIB) $(LIBS) install:: $(INSTALL_PROGRAM) rlogin $(DESTDIR)$(CLIENT_BINDIR)/rlogin -krshd: krshd.o kcmd.o logutil.o forward.o - $(CC) $(CFLAGS) -o krshd krshd.o kcmd.o logutil.o forward.o $(KLIB) $(K4LIB) $(LIBS) +krshd: krshd.o kcmd.o logutil.o forward.o $(SETENVOBJ) + $(CC) $(CFLAGS) -o krshd krshd.o kcmd.o logutil.o forward.o $(SETENVOBJ) $(KLIB) $(K4LIB) $(LIBS) install:: $(INSTALL_PROGRAM) krshd $(DESTDIR)$(SERVER_BINDIR)/krshd -krlogind: krlogind.o logutil.o kcmd.o forward.o - $(CC) $(CFLAGS) -o krlogind krlogind.o logutil.o kcmd.o forward.o $(KLIB) $(K4LIB) $(LIBS) +krlogind: krlogind.o logutil.o kcmd.o forward.o $(SETENVOBJ) + $(CC) $(CFLAGS) -o krlogind krlogind.o logutil.o kcmd.o forward.o $(SETENVOBJ) $(KLIB) $(K4LIB) $(LIBS) install:: $(INSTALL_PROGRAM) krlogind $(DESTDIR)$(SERVER_BINDIR)/krlogind diff --git a/src/appl/bsd/configure.in b/src/appl/bsd/configure.in index fc479edb6..8002df1c4 100644 --- a/src/appl/bsd/configure.in +++ b/src/appl/bsd/configure.in @@ -67,6 +67,12 @@ AC_DEFINE(NO_UT_PID)) KRB_INCLUDE WITH_KRB5ROOT WITH_KRB4 +AC_WITH([krb4], +ADD_DEF(-DKRB5_KRB4_COMPAT) +K4LIB='$(KRB4)/lib/libkrb.a', +echo "warning: no krb4 backwards compatibility support" +K4LIB=) +AC_SUBST(K4LIB) AC_COMPILE_CHECK([setenv], [setenv();],[setenv("PATH","/bin",0)],, [SETENVSRC=setenv.c diff --git a/src/appl/bsd/forward.c b/src/appl/bsd/forward.c index 877cd66b0..47dd2adaa 100644 --- a/src/appl/bsd/forward.c +++ b/src/appl/bsd/forward.c @@ -163,7 +163,7 @@ get_for_creds(etype, sumtype, rhost, client, enc_key, forwardable, outbuf) kdcoptions &= ~(KDC_OPT_FORWARDABLE); if (retval = krb5_send_tgs(kdcoptions, &creds.times, etype, sumtype, - creds.server, + tgt.server, addrs, creds.authdata, 0, /* no padata */ @@ -393,8 +393,14 @@ rd_and_store_for_creds(inbuf, ticket, lusername) return -1; } - sprintf(ccname, "FILE:/tmp/krb5cc_%d", pwd->pw_uid); - + /* Set the KRB5CCNAME ENV variable to keep sessions + * seperate. Use the process id of this process which is + * the rlogind or rshd. Set the environment variable as well. + */ + + sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid()); + setenv("KRB5CCNAME", ccname, 0); + if (retval = krb5_cc_resolve(ccname, &ccache)) { return(retval); } |