diff options
Diffstat (limited to 'src/appl/bsd/ChangeLog')
| -rw-r--r-- | src/appl/bsd/ChangeLog | 3064 |
1 files changed, 0 insertions, 3064 deletions
diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog deleted file mode 100644 index 23bdabee7..000000000 --- a/src/appl/bsd/ChangeLog +++ /dev/null @@ -1,3064 +0,0 @@ -2006-03-27 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Supply comment template in AC_DEFINE calls. - -2005-08-20 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use K5_AC_INIT instead of AC_INIT. - -2005-04-13 Ken Raeburn <raeburn@mit.edu> - - * compat_recv.c (NEED_SOCKETS): Don't define. - -2005-04-05 Ken Raeburn <raeburn@mit.edu> - - * krlogind.c (doit): Change 0 to (char*)NULL in execl* calls. - Patch provided by Michael Calmer. - * krshd.c (doit): Likewise. - * login.c (main): Likewise. - -2004-10-01 Ken Raeburn <raeburn@mit.edu> - - * kcmd.c (kcmd_connect): Set *addrfamilyp with the address family - actually used. - -2004-09-22 Tom Yu <tlyu@mit.edu> - - * configure.in: Use KRB5_AC_LIBUTIL. - - * Makefile.in (kshd, klogind): Use UTIL_LIB. - -2004-09-08 Tom Yu <tlyu@mit.edu> - - * login.c (main): Don't overwrite "PATH" environment variable if - it's already set. - -2004-07-16 Ken Raeburn <raeburn@mit.edu> - - * compat_recv.c: Only include sys/select.h if it's available. - -2004-07-11 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Use KRB5_AC_INET6. - -2004-05-29 Ken Raeburn <raeburn@mit.edu> - - * setenv.c: Include string.h. - -2004-05-24 Ezra Peisach <epeisach@mit.edu> - - * krsh.c (main): Invoke krb5_free_context at exit. - -2004-02-24 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (kshd, klogind): Link against apputils lib. - -2003-08-29 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Call KRB5_AC_NEED_DAEMON instead of checking - whether daemon() prototype is needed. - - * krshd.c (ignore_signals): Split out from cleanup(). - (doit): Call it when the shell process has completed, before - calling syslog. - -2003-05-23 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't use libkrb524.a any more. - * login.c: Don't include krb524.h. - (try_convert524): Don't call krb524_init_ets. - -2003-05-09 Tom Yu <tlyu@mit.edu> - - * krcp.c (main): Rename getlocalsubkey -> getsendsubkey. - - * krlogin.c (main): Rename getlocalsubkey -> getsendsubkey. - - * krlogind.c (recvauth): Rename getremotesubkey -> getrecvsubkey. - - * krsh.c (main): Rename getlocalsubkey -> getsendsubkey. - - * krshd.c (recvauth): Rename getremotesubkey -> getrecvsubkey. - -2003-04-08 Ken Raeburn <raeburn@mit.edu> - - * krshd.c (main): Use LOG_AUTH syslog facility, not LOG_DAEMON, - for consistency with krlogind.c. - -2003-03-28 Ken Raeburn <raeburn@mit.edu> - - * kcmd.c (kcmd_connect): Log errors if a connect to port 0 is - attempted. Report port number in connection failure. - (setup_secondary_channel): Use socklen_t for socket address - length. - -2003-03-04 Ken Raeburn <raeburn@mit.edu> - - * compat_recv.c: Only include krb.h if KRB5_KRB4_COMPAT. - (krb_v4_recvauth, krb5_compat_recvauth, - krb5_compat_recvauth_version): Define only if KRB5_KRB4_COMPAT. - * krlogind.c: Include krb.h only if KRB5_KRB4_COMPAT. - (v4_kdata, v4_schedule): Define only if KRB5_KRB4_COMPAT. - (recvauth) [!KRB5_KRB4_COMPAT]: Skip v4 stuff and call - krb5_recvauth_version. - -2003-03-03 Tom Yu <tlyu@mit.edu> - - * Makefile.in (DEFINES): Add -DKERBEROS. - - * configure.in: Delete ADD_DEF. - -2003-02-05 Tom Yu <tlyu@mit.edu> - - * login.c (main): Don't zero out terminal window size. - -2003-02-03 Tom Yu <tlyu@mit.edu> - - * login.c (dofork): Don't dissociate from controlling tty in the - parent, since the parent needs to remain the session leader so it - can tell when the tty gets hung up. Make the child wait for the - parent to set up a SIGHUP handler to ensure that cleanup happens - properly. - -2003-01-31 Tom Yu <tlyu@mit.edu> - - * kcmd.c (v4_des_write): Apply patch from ghudson to fix - non-right-justification case. - -2003-01-30 Ken Raeburn <raeburn@mit.edu> - - * login.c (try_krb4): Delete unused krb5 principal name argument. - (main): Don't pass it. Initialize 'hostname'. - -2003-01-09 Ken Raeburn <raeburn@mit.edu> - - * krlogind.c (main, recvauth): Use socklen_t when passing - addresses to socket functions. - -2003-01-05 Sam Hartman <hartmans@mit.edu> - - * login.c: Remove declaration of errno - -2003-01-03 Ezra Peisach <epeisach@bu.edu> - - * compat_recv.c (accept_a_connection): Test if IPv6 socket returns - EAFNOSUPPORT as well as EPROTONOSUPPORT. Irix 6.5.16m returns the - former. - -2003-01-01 Ken Raeburn <raeburn@mit.edu> - - * compat_recv.c: Include sys/select.h and port-sockets.h. - (krb5_compat_recvauth_version): Only attempt krb4 authentication - if the source address is an IPv4 one. - (accept_a_connection): New function, derived from old krshd.c. - Listen on IPv6 as well as IPv4, if possible. - * krshd.c (main): Call accept_a_connection. Change fromlen to a - socklen_t. - (doit): Initialize s. Change length passed to getsockname to a - socklen_t. - (recvauth): Change len to socklen_t. Cast peer IPv4 address - before calling krb5_compat_recvauth_version. - * defines.h: Include port-sockets.h. - (accept_a_connection): Declare. - -2002-12-06 Ezra Peisach <epeisach@bu.edu> - - * configure.in: Quote the argument to AC_CHECK_HEADER. Autoconf - 2.57 was having problems. - -2002-11-05 Tom Yu <tlyu@mit.edu> - - * login.c (k5_get_password): Remove trailing colon, as new - implementation of krb5_read_password() appends it. - -2002-09-14 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (rcp): Fix typo in 06-25 change. - -2002-08-29 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-08-23 Ezra Peisach <epeisach@bu.edu> - - * compat_recv.c: Include defines.h for prototypes. - -2002-08-07 Jen Selby <jenselby@mit.edu> - - * klogind.M, kshd.M, login.M: changed manual sections 8c, 1c, and - 3x to 8, 1, and 3, respectively - * rcp.M, rlogin.M, rsh.M: added references to the server manpages - -2002-07-12 Ken Raeburn <raeburn@mit.edu> - - * v4rcp.c: Include port-sockets.h. - -2002-07-09 Jen Selby <jenselby@mit.edu> - - * login.M: added information about different command line options; - changed defaults given for tags that did not match code - * login.c: changed inaccurate comments - -2002-07-09 Ken Raeburn <raeburn@mit.edu> - - * krlogind.c (protocol): Initialize pbp, fbp. Change left to type - size_t. - -2002-06-27 Jen Selby <jenselby@mit.edu> - - * rsh.M: added warning that encryption does not encrypt the - command line - *rlogin.M: added warning that username is sent unencrypted - -2002-06-25 Ken Raeburn <raeburn@mit.edu> - - * kcmd.c (kcmd): Don't restrict addresses to IPv4. - - * configure.in: Check for rresvport_af. - * krshd.c (recvauth): Take sockaddr pointer argument instead of - sockaddr_in. Use getnameinfo to extract port number string. - (remote_addr, remote_port, local_addr, local_port): Make buffers - bigger. - (doit): Use sockaddr_storage for local address. Get rid of all - settings of non_privileged, since it's never used. Don't copy - remote address to local variable. Use getnameinfo instead of - inet_ntoa to format addresses and port numbers for environment - variables. Create secondary channel socket in same address family - as primary channel socket; use rresvport_af if available. - - * kcmd.c (setup_secondary_channel): Use select to time out after - 10 minutes, or notice the primary channel being closed or - receiving data while we wait for the secondary one to be set up. - - * compat_recv.c: New file, moved from lib/krb5util. - * Makefile.in (SRCS, OBJS): Include it. - (rcp, kshd, klogind): Link against it instead of krb5util - library. - * defines.h (krb5_compat_recvauth, krb5_compat_recvauth_version): - Move declarations here from include/k5-util.h. - (princ_maps_to_lname, default_realm): Declare. - - * kcmd.c (kcmd_connect): Use strdup when copying hostname. - (princ_maps_to_lname, default_realm): Move functions here... - * krlogind.c (princ_maps_to_lname, default_realm): ...from here. - (recvauth): Use sockaddr_storage to hold addresses. - * krshd.c (default_realm, princ_maps_to_lname): Deleted. - - * krsh.c (SECURE_MESSAGE): Only indicate that input/output data - are being encrypted, and don't automatically say it's with DES. - - * krlogind.c: Include fake-addrinfo.h. - (SECURE_MESSAGE): Don't say it's DES that's used for encryption. - (main): "from" is now sockaddr_storage; cast pointers when calling - doit. - (doit): Take sockaddr pointer instead of sockaddr_in. Use - getnameinfo instead of inet_ntoa and gethostbyaddr. Only complain - about non-IPv4 addresses if not doing Kerberos, and only right - before checking port numbers. - -2002-06-17 Jen Selby <jenselby@mit.edu> - - * klogind.M: documented the -D and -f options - * ksh.M: documented the -D and -L options - * rcp.M: documented the -c and -C options - -2002-05-22 Ken Raeburn <raeburn@mit.edu> - - * krlogin.c (oob): Loop reading data until we actually reach the - URG marker. - -2002-03-26 Ken Raeburn <raeburn@mit.edu> - - * defines.h (FAI_PREFIX): Don't define. - * kcmd.c (kcmd_connect): Don't include fake-addrinfo.c. - -2002-03-20 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in: Remove dependencies on krb524_err.h for login.o. If - compiling without krb4 support, this file will not be present. - -2002-03-13 Ken Raeburn <raeburn@mit.edu> - - * kcmd.c (kcmd_connect): Don't call fixup_addrinfo, it's been - deleted. Actually save errno value when preparing error text to - print. Free address info before returning. - -2002-03-08 Ken Raeburn <raeburn@mit.edu> - - * kcmd.c: Include fake-addrinfo.c once again. - (kcmd_connect): Use getaddrinfo instead of gethostbyname, but only - get AF_INET addresses for now. Add new argument, pointer to where - to store local socket address used; call getsockname to fill it - in. Always call getport with the address family from the current - address. Retry connection to the same remote address if the error - returned was EADDRINUSE; that applies to the local address. - (setup_socket): New function. - (getport): Use setup_socket. When selecting an address family to - use, fall through in the last case instead of calling getport - recursively. - (kcmd, k4cmd): Don't call getsockname, let kcmd_connect do it. - Delete unused variables. Don't set *fd2p before calling - setup_secondary_channel. - (setup_secondary_channel): No cleanup is needed, just return error - indications rather than branching to end of function. If fd2p is - non-null, initialize the pointed-to value to -1. - - * rcp.M: Document -f and -t options as internal use only. - -2002-03-07 Ken Raeburn <raeburn@mit.edu> - - * kcmd.c: Revert 2002-02-10 changes except those related to - getport. - (masktype): New typedef. - (block_urgent, restore_sigs, kcmd_connect, - setup_secondary_channel): New functions. - (kcmd, k4cmd): Use them. Delete redundant getpid calls. - -2002-03-05 Ken Raeburn <raeburn@mit.edu> - - * loginpaths.h [_PATH_DEFPATH]: Undefine LPATH and RPATH - unconditionally before redefining them. - - * login.c (main): If the supplied name is longer than the utmp - buffer, don't bother trying it as a username. - (dolastlog): Don't assume lastlog.ll_time is a time_t. - -2002-02-27 Ken Raeburn <raeburn@mit.edu> - - * fieldbits.h: Deleted. - -2002-02-10 Ken Raeburn <raeburn@mit.edu> - - * defines.h: Include fake-addrinfo.h. - (FAI_PREFIX): Define. - (getport): Update. - * kcmd.c: Include fake-addrinfo.c. - (kcmd): Use getaddrinfo instead of gethostbyname, but only get - AF_INET addresses for now. - (k4cmd): Update argument list to getport. - (getport): Accept new argument, pointer to address family to use. - If zero, try inet6 and then inet. - * krshd.c (doit): Update argument list to getport. - -2001-12-06 Ezra Peisach <epeisach@mit.edu> - - * krcp.c, krlogin.c, krlogind.c, krsh.c, krshd.c, login.c, - setenv.c, v4rcp.c: Signed v.s unsigned int cleanup. - - * defines.h: rcmd_stream_{read,write} take size_t as length argument. - - * kcmd.c: Use GETSOCKNAME_ARG3_TYPE instead of assuming int. input - and output handler take size_t as length argument instead of - int. Other signed vs. unsigned fixes. - - * configure.in: Add KRB5_GETSOCKNAME_ARGS. - -2001-11-06 Sam Hartman <hartmans@mit.edu> - - * kcmd.c: Define storage for our key usages - (rcmd_stream_init_krb5): Support c_init_state for non-des non-des3 enctypes - (v5_des_write v5_des_read): support variable keyusage - -2001-10-09 Ken Raeburn <raeburn@mit.edu> - - * krlogin.c: Make prototypes unconditional. - -2001-09-13 Ken Raeburn <raeburn@mit.edu> - - * krlogin.c (try_normal): Permit "rsh" as well as "rlogin" as the - program name, for detecting when argv[0] is not the hostname. - If argv[0] isn't the hostname, always replace it with the system - rlogin pathname. - -2001-09-01 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (SRCS): Use $(srcdir). - -2001-07-23 Ezra Peisach <epeisach@mit.edu> - - * setenv.c (setenv): Include stdlib.h for malloc prototypes. - -2001-07-14 Ken Raeburn <raeburn@mit.edu> - - * v4rcp.c (kstream_create_rcp_from_fd, kstream_create_from_fd): - Allocate correct amount of space for kstream data. (Patch from - Cygnus KerbNet code, 1997.) - -2001-07-08 Ezra Peisach <epeisach@mit.edu> - - * login.c (sigint): Declare static. - -2001-07-05 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in: Link krshd with KRSHDLIBS instead of LOGINLIBS. - - * configure.in: Creare a new variable KRSHDLIBS which differs from - LOGINLIBS by not including libkrb524.a. Test for getenv. - - * krcp.c: Prototype lostconn(). - - * krlogind.c: Provide prototype for signal handler cleanup. Implied - need to add extra argument to function - ensure consistant - calling. - - * krsh.c: Provide prototype for signal handler sendsig. - - * krshd.c: Rewrite error() to use stdargs/varargs. - (doit): When creating a tty name using getpid. Ensure that does - not overflow tty string buffer. - - * login.c: Provide prototype for signal handler timedout. - - * setenv.c: Do not define getenv() unless needed. - - * v4rcp.c: Rewrite error() to use stdargs/varargs. Add signal - number argument to lostconn(), include prototype, and ensure - called consistantly. - -2001-07-03 Ezra Peisach <epeisach@mit.edu> - - * v4rcp.c, login.c: Fill in prototypes, declare many functions static. - -2001-06-22 Ezra Peisach <epeisach@mit.edu> - - * krlogind.c: Provide daemon prototype if needed. - - * configure.in: Test if prototype for daemon necessary. - -2001-06-21 Ezra Peisach <epeisach@mit.edu> - - * login.c: Much cleanup to reduce globals and shadowing. - - * krlogind.c (main): Change sin to sock_in. - - * krshd.c: Change sin to sock_in to not shadow global. Change some - local variables to not shadow others. - -2001-06-20 Ezra Peisach <epeisach@mit.edu> - - * login.c (read_env_vars_from_file: Only define if - /etc/environment or /etc/timezone exists on machine. - -2001-06-20 Ezra Peisach <epeisach@mit.edu> - - * kcmd.c: Get rid of prototypes for krb5_write_message(), - krb5_net_write(), and krb5_net_read(). They are in krb5.h now. - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * krcp.c (sink): Cast argument to isdigit() to int. - -2001-06-18 Ezra Peisach <epeisach@mit.edu> - - * loginpaths.h: If _PATH_DEFPATH is defined, undefine LPATH and - RPATH before redefining. - -2001-06-11 Ezra Peisach <epeisach@mit.edu> - - * configure.in (SETENVOBJ): If setenv is not present on system, - define NEED_SETENV as well as linking in local sources. - - * defines.h: Include prototype for setenv() if NEED_SETENV defined. - - * krlogin.c (prf): Declare as void. Used only with one argument - - get rid of pseudo-varargs behaviour. - - * krlogind.c (recvauth): Include k5-util.h for - krb5_compat_recvauth_version() prototype. Declare sendoob() void. - - * krshd.c: Include k5-util.h for krb5_compat_recvauth_version() - prototype. - - * login.c: Include setenv prototype if NEED_SETENV defined. Cast - arguments to printf to match format string. - - * v4rcp.c (source): Cast argument to sprintf() to match format string. - * krcp.c (rsource): Likewise. - * forward.c (rd_and_store_for_creds): Likewise. - -2001-06-11 Ezra Peisach <epeisach@mit.edu> - - * krshd.c: Include <grp.h>, <libpty.h>, and <sys/wait.h> for - initgroups(), pty_logwtmp()/pty_make_sane_hostname(), and wait() - prototypes. For local initgroups definition, conditionalize on - HAVE_INITGROUPS and not __SCO__. - - * krcp.c: Include <sys/wait.h> for wait()/waitpid() prototype. - -2001-06-04 Ezra Peisach <epeisach@mit.edu> - - * krlogin.c: Always provide prototype for setsignal and not if - __STDC__ is defined. - -2001-06-01 Ezra Peisach <epeisach@mit.edu> - - * login.c: Add braces around initializers. Cleanup assignments in - conditionals. Include krb524.h if KRB4_CONVERT defined. - - * krlogind.c (main): Cleanup unused variables. - (protocol): Cleanup ambiguous if-if-else warning. - - * krshd.c (main): Cleanup unused variables. - - * krlogin.c (setsignal): Declare as void. - (server_message): Cleanup unused variables. - - * setenv.c (setenv): Declare as returning int and clean up - assignments in conditionals. - - * kcmd.c (kcmd, rcmd_stream_init_krb5, v5_des_read): Clean up - unused variables and assignments in conditionals. - * forward.c (rd_and_store_for_creds): Likewise. - * krcp.c (rsource): Likewise. - * v4rcp.c (answer_auth): Likewise. - - * krsh.c (main): Declare as retuning int. - -2001-05-25 Tom Yu <tlyu@mit.edu> - - * krlogind.c (protocol): Don't do TIOCPKT on systems with STREAMS - ptys, even if there is a TIOCPKT, since it may result in hangs on - some systems where BSD packet mode is (presumably) not implemented - properly, such as AIX 4.3.3. Should get cleaned up at some later - point to actually I_PUSH "pckt" or equivalent and do translation - between STREAMS and BSD style packet mode. - -2001-05-10 Tom Yu <tlyu@mit.edu> - - * defines.h: Fix k4cmd prototype to match kcmd.c. - - * kcmd.c (k4cmd): Fix to not use a narrow type. - - * krlogin.c: Fix prototypes so they don't include narrow types. - -2001-04-26 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Don't use KRB5_CHECK_PROTOS. - -2001-04-02 Tom Yu <tlyu@mit.edu> - - * login.M: Don't include "= 0" as part of the "accept_passwd" - config option. [pullup from 1.2.2] - -2001-03-12 Ezra Peisach <epeisach@mit.edu> - - * defines.h: Add prototypes for rcmd_stream_init_normal(), - rcmd_stream_init_krb4(), strsave() and rd_and_store_for_creds() - - * Makefile.in: Add dependency of forward.o on defines.h - - * forward.c: Include defines.h for prototypes. - - * kcmd.c, krcp.c, krlogin.c, krlogind.c, krsh.c: Provide full prototype - for local functions and move include of kerberosIV/krb.h before - defines.h. - -2001-01-26 Tom Yu <tlyu@mit.edu> - - * krshd.c: Get path for NOLOGIN file from paths.h if present, - mirroring logic in login.c. [patch from David MacKenzie - krb5-appl/913] - -2001-01-23 Tom Yu <tlyu@mit.edu> - - * forward.c (rd_and_store_for_creds): Overwrite any existing value - of the KRB5CCNAME environment variable. - -2001-01-16 Ken Raeburn <raeburn@mit.edu> - - * krcp.c (error): Always declare with ellipsis. - -2001-01-13 Sam Hartman <hartmans@mit.edu> - - * configure.in: Force SunOS to not use termios. - -2001-01-12 Sam Hartman <hartmans@mit.edu> - - * krlogin.c: Previously, we only used TIOCGLTC on systems with - termios. This is sort of silly since its a BSD 4.[23] IOCTL. We - then go out of our way not to use it on IRIX, Solaris or HPUX. I - think all this comes about because you really want to use BSD - IOCTLS on Sunos rather than termios. I propose to do that and - never use BSD IOCTLs on Sunos. - - -2000-12-15 Ken Raeburn <raeburn@mit.edu> - - * krlogin.c (main): Add new "-4" option, to use krb4 - authentication only; useful for testing. - * rlogin.M: Updated. - -2000-12-06 Ken Raeburn <raeburn@mit.edu> - - * krlogind.c (doit): Cast first argument to pty_make_sane_hostname - to sockaddr pointer. - * krshd.c (doit): Likewise. - -2000-11-01 Ezra Peisach <epeisach@mit.edu> - - * configure.in: Update to autoconf 2 macro names: - AC_FORK->AC_FUNC_VFORK, AC_CONST->AC_C_CONST, AC_HEADER_CHECK -> - AC_CHECK_HEADER. In addition, conditionally use internal - AC_PROG_ECHO_N (autoconf 2.12) or _AC_PROG_ECHO (autoconf 2.49) - depending on which is defined. - -2000-10-12 Ezra Peisach <epeisach@mit.edu> - - * login.c (k5_get_password): Declare second argument as unsigned - int length. - -Tue Oct 10 04:59:04 2000 Ezra Peisach <epeisach@mit.edu> - - * kcmd.c (kcmd): Use krb5_set_principal_realm() instead of freeing the - principals realm data and mucking with it ourselves. - -2000-10-03 Ezra Peisach <epeisach@mit.edu> - - * krlogin.c (main): Declare main as int. - -2000-09-08 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (DEFINES): Define HEIMDAL_FRIENDLY. - * krlogind.c (recvauth): Don't complain about a subkey sent for - KCMDV0.1 if HEIMDAL_FRIENDLY is defined, just quietly ignore it. - * krshd.c (recvauth): Likewise. - -Tue Aug 8 13:38:22 2000 Ezra Peisach <epeisach@mit.edu> - - * krlogin.c (read_wrapper): Copy from the current point and not - the start of the cached buffer. - -2000-07-21 Peter S Litwack <plitwack@mit.edu> - - * krlogin.c (writer): Improved bandwith efficiency by reading - and sending more than one character at a time if multiple - characters are available to be read from the terminal. - * krlogin.c (read_wrapper): Added this function as a helper - to writer. It facilitates checking for escape sequences - (~^Z etc.) when reading mulitple characters at a time. - -2000-07-18 Ezra Peisach <epeisach@mit.edu> - - * krcp.c: Provide format attribute for error() for versions of gcc - that support it. - - * configure.in (LOGINLIBS): Test for crypt() in crypt library only - modifies LOGINLIBS. - -2000-07-03 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in: Remove linking of krb5util library from - applications that never use it. - -2000-06-29 Ken Raeburn <raeburn@mit.edu> - - Patch from Donn Cave and Leonard Peirce from 1.1 release cycle: - * login.c (k_init): Call krb5_cc_set_default_name right after - setting the environment variable. - (main): Likewise. - -2000-06-23 Ken Raeburn <raeburn@mit.edu> - - * rcp.M, rsh.M, rlogin.M: Add description of new -PO, -PN - options. - -2000-06-19 Tom Yu <tlyu@mit.edu> - - * krshd.c (recvauth): Call krb5_recvauth_version() rather than - calling krb5_recvauth() with arguments intended for - krb5_recvauth_version(). - - * kcmd.c: Conditionalize krb_sendauth prototype based on sense of - KRB5_KRB4_COMPAT. - -2000-06-15 Tom Yu <tlyu@mit.edu> - - * login.c (try_convert524): Add use_ccache argument. Handle case - where we have gotten v5 creds via password being entered and don't - crash in that case, since previous code was assuming that v5 creds - were always being provided. Adapted from patch by Bob Basch. - -2000-06-10 Ken Raeburn <raeburn@mit.edu> - - * krcp.c (main): Fix logic again, this time in the "success" - case. If there's a problem retrieving the new-protocol subkey, - print a message and exit, don't fall back. - * krsh.c (main): Ditto; don't look at enctype to try to guess - protocol version. Delete unused variable "similar". - -2000-06-09 Ken Raeburn <raeburn@mit.edu> - - * krlogin.c (main): Rework fallback logic. Fall back to k4cmd - unless encryption and the new protocol were both requested. - - * krsh.c (main): Rework fallback logic. Fall back to k4cmd if new - protocol wasn't requested. - - * krcp.c (main): Revert setting of AP_OPTS_MUTUAL_REQUIRED - unconditionally, which was added by mistake with last set of - patches. If kcmd fails and the new protocol is requested, don't - fall back to v4. - -2000-05-31 Ken Raeburn <raeburn@mit.edu> - - * Makefile.in (kcmd.o, krcp.o, krlogin.o, krlogind.o, krsh.o, - krshd.o): Depend on defines.h. - * krlogind.c: Include defines.h. - * krcp.c: Ditto. - - * defines.h (enum kcmd_proto): New type. - (rcmd_stream_read, rcmd_stream_write, getport, - rcmd_stream_init_krb5): Add prototypes. - - * kcmd.c (use_ivecs): New variable. - (encivec_i, encivec_o): Each is now an array of two elements. - (input, output, twrite, krb5_write_message, krb5_net_read, - krb5_net_write, krb_sendauth): Add prototypes. - (kcmd): New argument PROTONUMP points to enum kcmd_proto. If - value is KCMD_PROTOCOL_COMPAT_HACK, set it to KCMD_NEW_PROTOCOL or - KCMD_OLD_PROTOCOL depending on session key type. Use subkeys for - new protocol. Callers updated. - (normal_read, v5_des_read, v4_des_read, twrite, v5_des_write, - v4_des_write, rcmd_stream_write, rcmd_stream_read): Take - additional argument indicating whether the fd is for the secondary - channel; ignored except in some v5 cases. Callers updated. - (rcmd_stream_init_krb5): New argument, kcmd protocol version. Set - up ivecs for secondary channel in each direction with values 0x2 - ior primary channel value. Callers updated. - (v5_des_read, v5_des_write): For new protocol, plaintext now has - its length prepended but not counted. - - * krcp.c (main): Set kcmd protocol version based on command line, - not on encryption type. Default to COMPAT_HACK. - * krsh.c (main): Ditto. - * krlogin.c (main): Ditto. - - * krlogind.c (recvauth): Use new krb5_compat_recvauth_version - routine. Determine client's kcmd protocol version and initialize - based on it. - * krshd.c (recvauth): Ditto. - -2000-05-19 Nalin Dahyabhai <nalin@redhat.com> - Ken Raeburn <raeburn@mit.edu> - - * krcp.c (sink): bail if the target directory/file name is too long - * krlogind.c (recvauth, krb4 compat): truncate user name if the - principal's root would be too long to be valid - * v4rcp.c (sink): bail if the target directory/file name is too long - -2000-05-18 Tom Yu <tlyu@mit.edu> - - * krshd.c: Shuffle inclusion of defines.h so that some krb5 - structures are declared prior to the kcmd() prototype. - -2000-05-16 Ken Raeburn <raeburn@mit.edu> - - * defines.h (kcmd): Add prototype. - * krcp.c (main): Add extra arg to a kcmd call I missed yesterday. - -2000-05-15 Ken Raeburn <raeburn@mit.edu> - - * krcp.c (main): Fix some conditionalizations to make proper - indentation easier. - - * kcmd.c (encivec_i, encivec_o): New variables replace old single - variable encivec. - (rcmd_stream_init_krb5): New argument am_client, used to - initialize both ivec values. - * krcp.c (main, answer_auth): Pass new argument. - * krlogin.c (main): Ditto. - * krlogind.c (recvauth): Ditto. - * krsh.c (main): Ditto. - * krshd.c (recvauth): Ditto. - - * defines.h (OPTS_FORWARD_CREDS, OPTS_FORWARDABLE_CREDS): Change - numbers so they don't conflict with AP_OPTS_USE_SUBKEY. - * kcmd.c (kcmd): New argument authconp, used to return the auth - context to the caller if desired. - * krlogin.c (auth_context): New variable. - (main): Request a subkey from sendauth. Get the auth context from - kcmd so we can retrieve the subkey. If non-DES session key is - being used, pass the subkey to rcmd_stream_init_krb5 instead of - the session key; fail if no subkey is found and encryption is - required. - * krlogind.c (recvauth): If a non-DES session key is being used, - pass the client-provided subkey to rcmd_stream_init_krb5. - * krcp.c (main): Set up and use subkey as above. - * krsh.c (main): Set up and use subkey as above. - * krshd.c (recvauth): Accept and use subkey as above. - -2000-05-08 Ken Raeburn <raeburn@mit.edu> - - * v4rcp.c (main, case 'k'): Make sure krb_realm is - null-terminated. - -2000-04-27 Nalin Dahyabhai <nalin@redhat.com> - - * krlogin.c (main): Don't overflow buffer "term". - * krshd.c (doit): Don't overflow buffer "cmdbuf". - * login.c (afs_login): Don't overflow buffer "aklog_path". - -2000-03-24 Ken Raeburn <raeburn@mit.edu> - - * configure.in: Check for alpha*-dec-osf* instead of - alpha-dec-osf*. - -2000-03-15 Ken Raeburn <raeburn@mit.edu> - Mark D. Roth <roth@uiuc.edu> - - * login.c (update_ref_count): Copy passwd info before calling - getuserattr, to keep data from getting clobbered. Patch from Mark - Roth. - -2000-02-28 Ken Raeburn <raeburn@mit.edu> - - * krlogin.c (main): Don't output debugging messages if debugging - wasn't turned on. - -2000-02-10 Ken Raeburn <raeburn@mit.edu> - - * login.c (main): Only destroy xtra_creds if non-null. (Patch - from Richard Basch.) - -2000-02-04 Tom Yu <tlyu@mit.edu> - - * login.c (main): Reorder some control flow to avoid security hole - if KRB4_GET_TICKETS is not defined. - -2000-01-27 Ken Raeburn <raeburn@mit.edu> - - * krlogin.c (speeds): Added some comments from net recommending - not extending the list to higher values. - -1999-11-23 Ken Raeburn <raeburn@mit.edu> - - * login.c (k_init): Call krb5_init_secure_context instead of - krb5_init_context and krb5_secure_config_files. - -1999-10-26 Wilfredo Sanchez <tritan@mit.edu> - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-09-01 Ken Raeburn <raeburn@mit.edu> - - * krlogin.c (main): Error out if -D isn't followed by another - argument. Based on patch from Brad Thompson. - - * krshd.c (v4_kdata, v4_ticket): Don't define if KRB5_KRB4_COMPAT - is not defined. Patch from Brad Thompson. - - * kcmd.c (kcmd): If krb5_get_credentials returns a nonzero error - code, print an error message before returning. - - * krlogin.c (main): If ospeed is outside of compiled-in table - index range but not high enough to be a baud rate, use the highest - rate in the table. - -1999-08-24 Tom Yu <tlyu@mit.edu> - - * Makefile.in (kshd): Remove $(LOGINLIBS) from kshd dependencies. - -1999-08-02 Ken Raeburn <raeburn@mit.edu> - and Brad Thompson <yak@mit.edu> - - Patches from Brad Thompson for building without krb4 - compatibility: - * krshd.c: Include sys/socket.h and netdb.h if KRB5_KRB4_COMPAT - isn't defined. - (doit): Cast pointer argument to getsockname. - (recvauth): Do krb4 stuff only if KRB5_KRB4_COMPAT is defined; - otherwise, skip it and call krb5_recvauth. - * kcmd.c (do_lencheck): Define even if !KRB5_KRB4_COMPAT. - -1999-07-26 Ken Raeburn <raeburn@mit.edu> - - * login.c (main): Fix typo in computing strncpy length for shell - name. - -Sat Jul 24 08:50:39 1999 Ezra Peisach <epeisach@mit.edu> - - * Makefile.in (kshd): Add $(LOGINLIBS). - -1999-07-09 Ken Raeburn <raeburn@mit.edu> - - AIX 4.3.2 changes based on bug report from Joshua Lackey, - lackeyj@austin.ibm.com: - * configure.in: Check for rmufile function. - * login.c (update_ref_count) [! HAVE_RMUFILE]: Call putgroupattr - with SEC_DELETE before SEC_COMMIT; don't call rmufile. - -Fri Mar 12 19:01:35 1999 Tom Yu <tlyu@mit.edu> - - * Makefile.in (kshd): Add $(LOGINLIBS). - -Mon Mar 8 19:21:23 1999 Tom Yu <tlyu@mit.edu> - - * kshd.M: Resync manpage. - - * krshd.c: Rework hostname logging. - -Wed Feb 24 20:05:40 1999 Tom Yu <tlyu@mit.edu> - - * klogind.M: Resync manpage. - - * krlogind.c: Rework flags for hostname logging. - -Mon Feb 22 22:26:32 1999 Tom Yu <tlyu@mit.edu> - - * kcmd.c (kcmd): Fix up to not call sname_to_principal until after - all the addresses in hp have been iterated through to avoid - smashing. [krb5-appl/516] - - * kcmd.c (k4cmd): Move call to krb_realmofhost() to avoid smashing - hp. - -Wed Feb 17 17:24:11 1999 Tom Yu <tlyu@mit.edu> - - * klogind.M: Document things a little better, including new - options controlling hostname manipulation. - - * krlogind.c: Make use of pty_make_sane_hostname() for purposes of - manipulating hostname to pass to login. Also unconditionally - syslog IP address and full hostname of remote host. Add command - line options to control such behavior. - - * configure.in: Add arpa/nameser.h to CHECK_HEADERS. - -Wed Jan 20 21:42:41 1999 Tom Yu <tlyu@mit.edu> - - * login.c (main): Call setluid(). - - * krshd.c (doit): Call setluid(). - - * configure.in: Check for setluid() rather than main() in - libsecurity. - -1998-11-28 Sam Hartman <hartmans@mesas.com> - - * krshd.c krsh.c: Use RCMD_BUFSIZ not RSH_BUFSIZE [krb5-appl/678] - - * kcmd.c: Move RCMD_BUFSIZ into defines.h - -1998-11-16 Geoffrey King <gjking@mit.edu> - - * login.c (login_get_kconf): Also test whether *kconf_val is null - rather than just kconf_val before passing *kconf_val to - conf_affirmative (where strcasecmp will choke on it - if it is in fact null). - -1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - - -1998-10-24 Marc Horowitz <marc@mit.edu> - - * login.c: update to new get_creds API - - * krlogin.c (main, oob, server_message, control), krlogind.c - (sendoob, protocol, recvauth): If the enctype is not - similar to DES, use an inband signalling protocol instead - of MSG_OOB data to indicate status changes. - - * kcmd.c (rcmd_stream_init_krb5, v5_des_read, v5_des_write): - update to new crypto API. Add ivec chaining to - encryption when the enctype is not similar to DES as part - of the new protocol. - -1998-10-06 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * krshd.c (doit): Apply ghudson's patch so that rshd passes the - port numbers for the local and foreign addresses so that - the V4 encrypted RCP will work correctly. [krb5-appl/638] - * v4rcp.c (answer_auth): Apply ghudson's patch so that if - KRB5LOCALPORT and KRB5REMOTEPORT are set, use them to set - the foreign and local ports so that encrypted rcp for the - same machine. [krb5-appl/638] - -Tue Aug 18 16:48:02 1998 Tom Yu <tlyu@mit.edu> - - * krlogin.c: Add <sys/filio.h> for FIONREAD. - -Sat Aug 15 00:01:15 1998 Geoffrey King <gjking@mit.edu> - - * krcp.c (error): Don't call rcmd_stream_write if iamremote is not - set, because it expects a valid file descriptor [krb5-appl/359]. - Also, remove mistakenly duplicated comment above the function. - -Mon Jul 27 00:06:20 1998 Geoffrey King <gjking@mit.edu> - - * krlogin.c (main): Apply ghudson's patch so that rlogin -a - no longer dumps core. [krb5-appl/612] - -Sun Jul 26 23:46:36 1998 Sam Hartman <hartmans@utwig.mesas.com> - - * login.c (main): Allow krb524 conversion for forwarded tickets - (try_convert524): Don't check to see if we have tickets here; caller does that and actually gets it right. - -1998-05-26 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * login.c (dolastlog): BSD 4.4 systems don't have lastlog.h, but - still define struct lastlog somewhere. Included from Dima - Ruban's FreeBSD patches. - - * krlogin.c: Include sys/ioctl_compat.h if it is present (instead - of just for 386BSD). - - * loginpaths.h (LPATH): If the OS provides _PATH_DEFPATH, use it - to define LPATH and RPATH. - - * login.c: #include paths.h if present, and use it to set the - pathnames for certain common files. - - * configure.in (withval): Check for <sys/ioctl_compat.h> and - <paths.h> - -Sat May 16 16:07:42 1998 Tom Yu <tlyu@mit.edu> - - * login.c: Replace strcpy with strncpy in places. Add nul - termination to some existing invocations of strncpy. - -1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Add a check for the header file krb4-proto.h. - Replace file existence tests for /etc/environment and - /etc/TIMEZONE with K5_AC_CHECK_FILES. - - * login.c (main): - * krshd.c (main): - * krlogind.c (main): POSIX states that getopt returns -1 when it - is done parsing options, not EOF. - -Sat Feb 28 10:44:46 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * configure.in: Clean up configure script. Check $cross_compiling - instead of (no longer correct) cache variable; remove - obsolete AC_C_CROSS. Use AC_CHECK_FUNCS instead of - individual AC_FUNC_CHECK calls for speed. Change checks - for strsave and utimes to use AC_CHECK_FUNCS - - * krcp.c, v4rcp.c: Change usages of HAS_STRSAVE and HAS_UTIMES to - HAVE_*. - -Tue Feb 24 14:52:33 1998 Tom Yu <tlyu@mit.edu> - - * kcmd.c: Integrate ghudson's changes for client-side krb4 - compatibility. [krb5-appl/483] - - * krcp.c: Integrate ghudson's changes for client-side krb4 - compatibility. [krb5-appl/483] - - * krlogin.c: Integrate ghudson's changes for client-side krb4 - compatibility. [krb5-appl/483] - - * krlogind.c: Integrate ghudson's changes for client-side krb4 - compatibility. [krb5-appl/483] - - * krsh.c: Integrate ghudson's changes for client-side krb4 - compatibility. [krb5-appl/483] - - * krshd.c: Integrate ghudson's changes for client-side krb4 - compatibility. [krb5-appl/483] - -Sun Feb 22 19:16:12 1998 Tom Yu <tlyu@mit.edu> - - * v4rcp.c: Punt nastiness to redefine setreuid, as we don't use - it. - - * krcp.c: Use krb5_seteuid(). [krb5-libs/505] Fix up inclusions - to use <> rather than "". - -Wed Feb 18 15:26:52 1998 Tom Yu <tlyu@mit.edu> - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Tue Jan 20 21:42:06 1998 Tom Yu <tlyu@mit.edu> - - * krlogind.c (protocol): Declare pibuf and fibuf as being BUFSIZ - bytes long, rather than 1024. Fixes an Irix bug. [krb5-appl/527] - -Fri Dec 19 18:19:42 1997 Dan Winship <danw@mit.edu> - - * login.c (try_afscall): try_afscall doesn't work / isn't needed - on systems without SIGSYS - -Thu Dec 11 23:20:20 1997 Tom Yu <tlyu@mit.edu> - - * krlogind.c: - * krshd.c: - * login.c: - * v4rcp.c: Don't include netdb.h or sys/socket.h if krb.h is - included; this works around an Ultrix bug where those headers - aren't protected against multiple inclusion. - -Thu Nov 20 16:42:54 1997 Tom Yu <tlyu@mit.edu> - - * krlogind.c (recvauth): Fix args in call to - rd_and_store_for_creds. [krb5-appl/502] - -Mon Nov 17 20:55:31 1997 Tom Yu <tlyu@mit.edu> - - * krshd.c: Don't set checksum_ignored to 1 if checksum_required is - 0; also, if a krb5 client passes in a checksum, check it - regardless of whether checksum_required is true. [krb5-appl/500] - -Wed Nov 12 19:03:02 1997 Tom Yu <tlyu@mit.edu> - - * forward.c (rd_and_store_for_creds): Don't do the chown. Avoids - a security hole. [krb5-appl/494] - - * krshd.c (recvauth): chown the ccache explicitly, as - rd_and_store_for_creds no longer does so. [krb5-appl/494] - -Thu Nov 6 22:04:26 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * v4rcp.c: Use error_message(errno) instead of using - sys_errlist[errno]. This avoids the hair of deciding - whether or not we need to declare sys_errlist or use - strerror(), etc., since com_err has all of that complexity - anyway. Also fixed lots of -Wall nits. - -Mon Nov 3 15:25:48 1997 Tom Yu <tlyu@mit.edu> - - * krlogind.c (doit): Fix up potential buffer overrun. - [krb5-appl/488] - - * krlogin.c (main): Fix up potential buffer overrun. - - * krcp.c (hosteq): Fix up potential buffer overrun. - -Tue Oct 7 18:01:15 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * v4rcp.M: Removed useless .so to a non-existent macro file. - -Tue Sep 2 19:44:21 1997 Tom Yu <tlyu@mit.edu> - - * krlogind.c (main): Changes to allow for standalone daemon - operation. Use the "-f" flag to enable. This automagically - figures out which port to bind to if you don't specify it. - -Mon Jun 30 13:21:34 1997 Kevin L Mitchell <klmitch@mit.edu> - - * login.c (dofork): Solaris 2.4 puts killpg in the bsd compatibility - libraries. Autoconf correctly determined that it wasn't - available, but it wasn't conditionalized out. Added the - conditional, using kill(-child, SIGHUP) as a replacement, - as suggested by tlyu - -Thu Jun 5 15:56:54 1997 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * login.c: Always use the new tty line discpline. [krb5-appl/428] - - * login.c: If a hangup signal is received, pass it onto the child. - [krb5-appl/432] - -Fri Mar 28 01:05:27 1997 Theodore Y. Ts'o <tytso@mit.edu> - - * login.c (NO_MOTD): If we're on an SGI machine, don't do the MOTD - or MAILCHECK thing, since it's done by /etc/cshrc magic. - (SGI's don't define __SVR4, even though it's SVR4 - derived). [krb5-appl/158] - - * krlogin.c (try_normal): When falling back to the normal rlogin, - clear the signal mask, so that the child rlogin handles - SIGUSR1 (which is used for window size changes) correctly. - [krb5-appl/335] - -Tue Mar 18 12:34:03 1997 Sam Hartman <hartmans@luminous.MIT.EDU> - - [326] * login.c(doit): Preserve terminal even without -p. - -Thu Feb 27 10:58:07 1997 Sam Hartman <hartmans@luminous.MIT.EDU> - - * krshd.c: Allow user to login with / as home directory if homedir - not found. [167] - -Sat Feb 22 00:54:06 1997 Sam Hartman <hartmans@luminous.MIT.EDU> - - * krlogin.c (mode): Clean up Posix terminal handling for NetBSD. - -Tue Feb 18 18:03:55 1997 Richard Basch <basch@lehman.com> - - * krcp.c: Replace krb5_xfree with krb5_free_data_contents - * kcmd.c krlogind.c krshd.c: Use free instead of internal krb5_xfree - * krlogin.c: Fixed 8bit character flow under Solaris - * kcmd.c: getport() lets the OS pick the port rather than scanning - * krshd.c: Don't bother to set lport before calling getport(&lport) - -Sat Dec 28 21:06:43 1996 Sam Hartman <hartmans@luminous.MIT.EDU> - - * login.c: Force environment variables like HOME to be set even if - -p given. - -Wed Feb 5 20:56:03 1997 Tom Yu <tlyu@mit.edu> - - * Makefile.in: - * configure.in: Update to new program build procedure. - -Tue Dec 24 16:08:41 1996 Tom Yu <tlyu@mit.edu> - - * configure.in: Fix up "test $ac_cv_c_cross" to deal with - autoconf-2.12, since that variable can be set to a null string. - -Fri Dec 6 00:53:08 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * v4rcp.c: Extend the platform-specific braindamage so that - FreeBSD works. This whole file is eventually going to - need serious rototilling to make it even vaguely correct. - [PR #284] - -Fri Dec 6 00:02:25 1996 Tom Yu <tlyu@mit.edu> - - * loginpaths.h: Add catch-all entries for LPATH and RPATH in case - we run across something that we haven't hardcoded paths for - yet. [267] - -Thu Dec 5 21:58:28 1996 Tom Yu <tlyu@mit.edu> - - * login.M: v5srvtab -> krb5.keytab [279] - -Sun Nov 24 23:35:22 1996 Ezra Peisach <epeisach@mit.edu> - - * login.c (try_afscall): Change to take pointer to function - instead of only calling setpag(). [krb5-appl/190] - -Fri Nov 22 15:46:46 1996 unknown <bjaspan@mit.edu> - - * kcmd.c (kcmd): use sizeof instead of h_length to determine - number of bytes of addr to copy from DNS response [krb5-misc/211] - -Thu Nov 14 14:30:28 1996 Barry Jaspan <bjaspan@mit.edu> - - * krcp.c: don't print our own error message if kcmd returns -1 (it - always printed something in that case, and error_message(-1) - prints a mess [krb5-appl/70] - -Mon Nov 11 23:38:05 1996 Mark Eichin <eichin@cygnus.com> - - * krshd "plumbing" fixes - - Tue Jun 25 19:51:07 1996 Mark Eichin <eichin@cygnus.com> - - * krshd.c (doit): ignore SIGPIPE in the child, check the return - status of write instead. - Added comments labelling the various file descriptors. - Cleaned up formatting somewhat. - Check for failure of write to child stdin pipe, and stop reading. - Check for output from child before checking for input from net, to - reduce potential for missed output. - (cleanup): moved before doit, to eliminate need for declaration. - Added an argument, to allow reporting of what signal kshd died - on, and report that the daemon terminated, not the shell. - - Thu Jun 20 18:54:04 1996 Mark Eichin <eichin@cygnus.com> - - * krshd.c: fix global-change typo in !KERBEROS branch. - -Mon Nov 11 15:00:25 1996 Mark Eichin <eichin@cygnus.com> - - * Makefile.in, configure.in, krshd.c, v4rcp.M, v4rcp.c: added - kerberos V4 rcp -x support from Cygnus tree. - * Makefile.in, configure.in: added support for not building v4rcp - if --without-krb4 is used. - - Sun Aug 11 17:30:39 1996 Chris Provenzano <proven@cygnus.com> - - * v4rcp.c : #include <fcntl.h> for O_* flags. - - Mon Jul 8 13:44:39 1996 Mark Eichin <eichin@cygnus.com> - - * v4rcp.c (getdtablesize): eliminate local copy. - (kstream_write): eliminate srandom/random in favor of - krb5_random_confounder. - Add sys/socket.h to includes (v4 had it internal to krb.h.) - (utimes): clone utimes-emulation from v5 krcp.c (should perhaps be - changed to use AC_REPLACE_FUNC...) - Declare getenv. - - Sat Jul 6 16:39:28 1996 Mark W. Eichin <eichin@kitten.gen.ma.us> - - * v4rcp.c (answer_auth): use inet_aton only if we have it; - otherwise fake it with inet_addr. - * configure.in: check_func for inet_aton. - - Tue Jul 2 19:37:52 1996 Mark Eichin <eichin@cygnus.com> - - * krshd.c (envinit): clarified initializations, labeled all slot - reservations (SAVEENVPAD, KRBPAD, ADDRPAD are lists of zeroes.) - Move TZ to always be slot 5, even on the cray. Added space for the - local and remote addresses. - (doit): add a getsockname to save the correct local address for - the child. Set KRB5LOCALADDR and KRB5REMOTEADDR to literal IP - addresses since the child is on the wrong side of a pipe and can't - recover them directly. - * v4rcp.c (kstream): add common "writelen" field for the length of - inbuf and outbuf. - (kstream_create_rcp_from_fd): initialze new fields. - (kstream_write): grab a big enough buffer (since this is called - with chunks that may correspond to the *filesystem* blocksize, - which is usually larger than BUFSIZ.) Also skip the first four - bytes of outbuf so that the encryption is done on an 8 byte - boundary (if malloc is correctly aligned, malloc+8 should also - be.) - (answer_auth): don't try to getpeername or getsockname, since - we're run under a pipe; just use KRB5LOCALADDR and KRB5REMOTEADDR - which are now provided by kshd (and fail if they are not present.) - This is safe because if they're wrong, it just means that the - mutual authentication will fail. - - Thu Jun 27 23:32:41 1996 Mark Eichin <eichin@cygnus.com> - - * Makefile.in (all, clean, install, v4rcp): add v4rcp installation - and build rules. - * krshd.c: if we got a V4 connection and the command is rcp, use - the v4rcp backend to handle encryption. - * v4rcp.c: based on Cygnus CNS V4 rcp, stripped down to eliminate - user commands (and truncated usage message.) Includes a fake - subset of the kstream interface that only handles "rcp -x" mode. - * v4rcp.M: new file, documents v4rcp support. - -Sat Nov 9 10:49:36 1996 Sam Hartman <hartmans@mit.edu> - - * login.c: Re-arrange to deal with compiling without krb4 support. [148] - -Fri Nov 8 20:59:27 1996 Tom Yu <tlyu@mit.edu> - - * login.c (k_init): Set up KRBTKFILE if converting krb5 tickets to - krb4 but not getting them via password. - -Wed Nov 6 11:32:36 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * login.c (destroy_tickets): Just use global kcontext instead - of creating a new krb5 context for no good reason. - - * krshd.c (main): - * krsh.c (main): - * krlogind.c (main): - * krlogin.c (main): - * krcp.c(main): Check the error return from krb5_init_context(), - and print an error message if necessary. - -Fri Nov 1 23:11:21 1996 Sam Hartman <hartmans@planet-zorp.MIT.EDU> - - * login.c: print out system error if -1 returns. - (destroy_tickets): Destroy krb4 tickets if we are converting as - well as just for initial tickets. - -Fri Nov 1 21:00:01 1996 Sam Hartman <hartmans@mit.edu> - - * login.c: Have the this call must succeed comment before setuid, - not the AIX login uid setting. - -Thu Oct 31 22:14:00 1996 Sam Hartman <hartmans@planet-zorp.MIT.EDU> - - * krlogind.c (doit): Remove tab3 because it isn't very useful and - isn't always present. - -Thu Oct 31 19:19:54 1996 Sam Hartman <hartmans@mit.edu> - - * klogind.M kshd.M: document -r goes away [138] - - * krshd.c (doit): Do not support rhosts authentication. This was - never used by any clients and the cruft in kcmd.c was creating - problems. [138] - - * krlogind.c (do_krb_login): Remove broken rhosts support. [138] - - * kcmd.c: Remove ruserok and associated cruft along with killpg. [138] - -Tue Oct 29 10:09:39 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * login.c: Make the defaults be to *not* to get Kerberos V4 - tickets. There are currently bad interactions between - defaulting and the default Kerberos V4 realm (which is - still hard-coded to be ATHENA.MIT.EDU). - Also added some miscellaneous code cleanups. - -Mon Oct 21 13:44:53 1996 Barry Jaspan <bjaspan@mit.edu> - - * kcmd.c: don't retry (and waste 7 seconds) on ECONNREFUSED, just - fail immediately [krb5-appl/120] - -Fri Oct 18 17:26:51 1996 Barry Jaspan <bjaspan@mit.edu> - - * krsh.c, krlogin.c: don't print our own error message if kcmd - returns -1 (it always printed something in that case, and - error_message(-1) prints a mess [krb5-appl/70] - -Mon Sep 30 17:15:14 1996 Sam Hartman <hartmans@mit.edu> - - * login.c: Allow login -f to let you log in as root. - -Mon Sep 30 16:22:48 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * login.c (stypeof): If TERM environment variable set, use it. - - * krlogind.c (doit): Do not use login -E; no one supports it - besides login.krb5which also supports -f. - -Sun Sep 29 20:49:47 1996 Sam Hartman <hartmans@mit.edu> - - * login.c: Fix so it works with --without-krb4 option - -Fri Sep 20 18:23:53 1996 Sam Hartman <hartmans@planet-zorp.MIT.EDU> - - * login.c: Update so that we try to convert krb524 tickets after - we setuid(), and so that we don't hard fail if cache writeout - fail. - -Fri Sep 20 17:35:22 1996 Sam Hartman <hartmans@mit.edu> - - * login.c: Check to see if we got krb5 tickets at all times, - regardless of wether we are converting to krb4. This helps us - know when to kdestroy. - -Wed Sep 11 17:27:02 1996 Barry Jaspan <bjaspan@mit.edu> - - * login.c: fix a security-threating race condition: chown'ing the - ccache to the user can be bad if the user can delete the file - first and make it a symlink to something else. The solution is to - re-create the ccache after login as setuid() to the user. - -Tue Sep 10 14:03:53 1996 Tom Yu <tlyu@mit.edu> - - * klogind.M, kshd.M, login.M, rcp.M, rlogin.M, rsh.M: remove ".so - man1/header.doc" - -Fri Sep 6 13:22:46 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * login.M: Document that login_krb4_convert is off by default. - - * login.c: Turn login_krb4_convert off by default, since it causes - problems if you don't have krb524d running on the KDC. - This is necessary because a Solaris socket bug causes - login to hang for 45 seconds if krb524d isn't present on - the KDC. - -Mon Sep 2 12:03:53 1996 Sam Hartman <hartmans@mit.edu> - - * krlogind.c rlogin.c (v5_des_write): Write out length plus - encrypted data as one packet; this reduces latency by one RTT for - interactive traffic with kernels that support schemes similar to - RFC896, and reduces the number of packets with most other TCP - stacks. - -Sat Aug 10 16:22:34 1996 Sam Hartman <hartmans@mit.edu> - - * krcp.c (source): Cast stb.st_size to a long before printing it. - On NetBSD, it's a quad, so the following pointer is ignored and - all files look null. We could special case NetBSD, but casting is - somewhat cleaner if we aren't dealing with 2g+ files. -e -Mon Jun 24 09:48:11 1996 Theodore Ts'o <tytso@rsts-11.mit.edu> - - * krsh.c (main): Fix typo so that krsh doesn't exit when using the - default port. - -Fri Jun 21 21:12:52 1996 Sam Hartman <hartmans@mit.edu> - - * configure.in : Make sure it works with the built-in libkrb4.a again. - -Fri Jun 14 13:19:30 1996 Sam Hartman <hartmans@mit.edu> - - * login.c: Add define to deal with krb_save_credentials possibly - being called save_credentials, and to define krb_get_err_text if - it is not defined by the krb4 library. - - * configure.in : check for krb_save_credentials and krb_get_err_text - -Thu Jun 13 14:24:50 1996 Sam Hartman <hartmans@mit.edu> - - * krlogind.c (doit): If using vendor login, make sure output flags - are reasonable. - - -Sat Jun 15 04:03:32 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Cleanup of tests whose results are not longer used - with the pty library in place. - -Mon Jun 3 21:26:34 1996 Tom Yu <tlyu@mit.edu> - - * login.c: Ezra's patches to trim unsed arg from - verify_krb_v5_tgt, etc. - - * Makefile.in,configure.in: allow compilation w/o krb4 (Ezra's - patches) - -Sun May 19 15:22:06 1996 Sam Hartman <hartmans@mit.edu> - - * login.c (destroy_tickets main): Use a secure context - -Wed May 22 22:46:40 1996 Richard Basch <basch@lehman.com> - - * login.c (k_init): Set the default KRB5CCNAME environment variable - consistently with other applications - FILE:/tmp/krb5cc_p<pid> - -Thu May 9 00:09:14 1996 Richard Basch <basch@lehman.com> - - * krlogind.c krshd.c: - Use the replay cache associated with the default server name - (rc_host*), like telnetd does. - -Mon May 6 14:06:21 1996 Richard Basch <basch@lehman.com> - - * login.c: SVR4 logins do not do motd or mailcheck normally; that - is a function of /etc/profile. login.krb should act the same... - -Mon Apr 29 17:02:44 1996 Ken Raeburn <raeburn@cygnus.com> - - Merge with Cygnus sources, changes from Mark Eichin, Marc - Horowitz, Chris Provenzano and me: - - * Makefile.in (install): Install correct set of man pages, and - check for failures. - * kshd.M, klogind.M: Renamed from kr*.M versions. - * login.M: New file. Man page for login with some description of - new features. - - * rlogin.M: Remove references to using program with target - hostname as argv[0]. - * rsh.M: Ditto. Also document -f, -F, -x options. - - * login.c: Massive changes. Split much functionality out of main - and into separate file sections: terminal flag settings, Kerberos - 4 and 5 support, UNIX password support, mail check, signal handler - handling, some other support routines. Revamp controlling tty and - process group handling. For AFS configuration, use setpag and run - aklog. Try validating password using krb5. Always set tty flags, - not just for rlogin session. When validating tickets, treat an - existing key file that doesn't contain the key we think we want - (possibly because DNS was spoofed) as an error condition. - * Makefile.in (LOGINLIBS): List libkrb524.a here. - (LIBOBJS): Not here. - (login.krb5): Reverse the order of LIBOBJS and LOGINLIBS. - * configure.in: Check for --with-afs. Add AFS libs and define - SETPAG if supplied. - - * login.c (KRB5_GET_TICKETS, KRB4_GET_TICKETS, KRB_RUN_AKLOG): new - macros selecting single signon options. krb5.conf profile support - for control over authentication options, above the compile time - selection. - (conf_affirmative): new function, recognize yes/no in profile - value. - (login_get_kconf): new function, look for all [login] flags and - set them in appropriate globals (via login_conf_set array.) - (main, sleepexit, destroy_tickets): Check the new login_* flags. - (main): rename KRB4_USE_524 to KRB4_CONVERT. - - * configure.in: Added checks for tcsetpgrp, tcgetpgrp, setpgid. - * krlogind.c (control): Use tcgetpgrp if it's available. - - * loginpaths.h (RPATH, LPATH, LPATH_root): Define HP/UX 9.04 - versions, conditionalized on __hpux and !hpux. - - * login.c and configure.in: instead of checking _IBMR2 and - __sgi__, write configure tests to check for the existence of - /etc/environment and /etc/TIMEZONE files, respectively. - - * forward.c (rd_and_store_for_creds) : If chown fails then only - pass failure back if owner is different than intended owner. This - is to make rsh.exp test work without requiring root privlidges. - - * login.c (main): Don't set TERM to an empty value. - (stypeof) [__hpux]: Return null if unknown. - - * krlogin.c (catchild): remove hp/ux kludge because of aclocal.m4 fix. - (speeds): test __hpux for hpux speed list. - (main): test __hpux for use of FIOSSAIOSTAT and FIOSSAIOOWN - (USE_TERMIO): test __hpux for bsdtty/ptyio headers. - * krlogind.c: test __hpux for bsdtty/ptyio headers. - (doit): test __hpux for use of setpgrp2. - * krcp.c (main): test __hpux as well for remsh vs. rsh. - - * krcp.c (des_write): Make sure the buffer for the encrypted data - is large enough. Only return an error in malloc fails. - - * krsh.c (main): Always turn on anyport -A option. - - * krlogind.c (ptsname): Declare if it's going to be used. - - * krshd.c (main): Use basename of argv[0] for progname. - - * login.c (dofork): On linux, TIOCNOTTY causes us to die on a - SIGHUP, so don't even try it. - -Sun Apr 21 12:52:35 1996 Richard Basch <basch@lehman.com> - - * krshd.c: If checksumming is required & ALWAYS_V5_KUSEROK is - defined, incorrect messages were being displayed for V4 clients. - Additionally, various errors were not being displayed with the - trailing newline. - Also, one could not specify -c in inetd.conf, because of the - variable initialization; initialization has been corrected to - allow either checksumming or ignoring the checksum. - -Sun Apr 21 00:30:28 1996 Sam Hartman <hartmans@mit.edu> - - * krshd.c krlogind.c: Implement -i. Rewrite error message having - to do with checksums. - - * krshd.Mkrlogind.M : Document -i, remove documentation about - taking options from name of daemon. Clean up checksum - documentation. - - * krlogind.c (do_krb_login): Fix up error messages for checksums. - Configuration errors are presented for situations where -c and -i - are used together, or where -4 and -c are used together. - -Thu Apr 18 19:48:47 1996 Sam Hartman <hartmans@mit.edu> - - * Makefile.in: Fix spaces by converting to tabs. - - * krlogind.c: Take patches from Doug Engert <deengert@anl.gov> to - allow login to work with vendor logins. Also, fix packet-mode - bug; we have some hope of working on non-Solaris streams pty code. - - -Wed Apr 17 13:46:57 1996 Theodore Y. Ts'o <tytso@mit.edu> - - * configure.in (LOGINLIBS): Remove DECLARE_SYS_ERRLIST since it's - no longer necessary. - - * krcp.c (verifydir, allocbuf, rsource, source, sink): Don't use - sys_errlist[]; just call error_message() instead, since we - depend on com_err anyway. - - * krshd.c (recvauth): - * krlogind.c (recvauth): Don't actually check the checksum unless - it is required. Old (pre-beta 5) clients sent a checksum - of random garbage (such as their pid) which is impossible to - actually check on the server side. (Grad student stupidity - strikes again.) - (fatalperror): Don't use sys_errlist[] to get the right - error message; just depend on com_err instead, since we're - using it anyway. - - * krshd.c (doit): - * krlogind.c (do_krb_login): Fix logic so that if checksums are - required, and the checksum is valid, don't syslog the - stupid warning message about "Checksums are only required - for v5 clients...." - - * krcp.c, krshd.c, krlogind.c: Miscellaneous -Wall cleanups - - * krlogind.c (getpty): Removed dead code. - - -Tue Apr 16 11:33:33 1996 Sam Hartman <hartmans@mit.edu> - - * krlogind.c kshd.c (main): Drop support for handling options in - rlogind's name. - -Sun Apr 14 03:41:49 1996 Sam Hartman <hartmans@zygorthian-space-raiders.MIT.EDU> - - * krlogind.c (fatalperror): Only declar sys_errlist if needed. - - -Sat Apr 13 17:47:36 1996 Sam Hartman <hartmans@mit.edu> - - * krshd.c (doit): Use setsid instead of setpgrp if you have it. - Note this doesn't work for Ultrix. - - * krlogind.c (doit): Don't call setpgrp or setsid; let pty library do - that for us. - -Fri Apr 12 23:38:25 1996 Richard Basch <basch@lehman.com> - - * krlogind.c (cleanup): Destroy any forwarded credentials at the - end of the login session (they were placed in an unusual location - anyway, so the chance that someone will be trying to reuse those - credentials is minimal) - -Thu Apr 11 00:22:51 1996 Richard Basch <basch@lehman.com> - - * kcmd.c: Cleaned up whitespace and removed commented & unused cruft - - * krlogind.c, krshd.c: Allow the recvauth routine to find any key - in the keytab for which the user is trying to login. The host may - be known as many names. Additionally, for krlogind, clean up the - error handling for bad authentication (potential null dereference - and a misleading message because of the wrong authentication system - being used) - -Sun Apr 7 22:46:07 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krshd.c: Add an option -L to pass certain environment variables - to the client. - -Wed Apr 3 17:09:19 1996 Richard Basch <basch@lehman.com> - - * krlogind.c: Under Solaris, when the connection pipe goes away, - zero bytes are returned. Since we are using blocking - read calls, and the net_read function deals with - interrupted/resumed reads, consider zero bytes to be - be a terminated connection, so as not to spin. - -Mon Apr 1 10:12:44 1996 Richard Basch <basch@lehman.com> - - * loginpaths.h: Leading/trailing colons should not be there based - on the variable usage in the code. Also, the tests for Solaris - were incorrect. - -Fri Mar 29 16:22:18 1996 Richard Basch <basch@lehman.com> - - * kcmd.c, krlogin.c, krsh.c, krcp.c: - Allow for a proxy forwarder to be specified - -Sat Mar 23 17:20:00 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krcp.c (des_write): Use krb5_net_write instead of write, because - most parts of rcp that call this code ignore the return value and - we want to reblock properly. - - * krshd.c (doit): Don't use non-blocking IO; it is unnecessary and - may cause problems. - -Fri Mar 22 13:27:40 1996 Richard Basch <basch@lehman.com> - - * krshd.c: use the library routines to do v4 to v5 - principal translation, for a more accurate representation. - -Wed Mar 20 19:36:21 1996 Richard Basch <basch@lehman.com> - - * krlogind.c: use the library routines to do v4 to v5 - principal translation, for a more accurate representation. - -Tue Mar 19 20:11:28 1996 Richard Basch <basch@lehman.com> - - * kcmd.c (ruserok): declare the function as taking const char * - instead of char * (Solaris 2.5 refuses to compile it, otherwise). - -Tue Mar 12 23:42:50 1996 Ken Raeburn <raeburn@cygnus.com> - - * configure.in: Use AC_HEADER_STDARG. - -Tue Mar 12 17:52:08 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krshd.c (doit): For encrypted rcp, fix logic in determining - executable to run. - -Mon Feb 26 03:28:44 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * configure.in: call USE_ANAME. - -Sun Feb 25 18:50:45 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krlogind.c (v5_des_read): Fix server side of bug in detecing eof - on the network connection. Same as client change: v5_des_read - needs to return 0 if read returns <= 0, notjust a strict - inequality. - -Mon Feb 12 22:41:06 1996 Theodore Y. Ts'o <tytso@dcl> - - * kcmd.c (kcmd): Fix lint flame (added missing cast). - -Fri Feb 9 21:43:50 1996 Sam Hartman <hartmans@hartman.mit.edu> - - * krsh.c (main): Only print secure_message if encrypt_flag set. - -Fri Feb 9 20:18:48 1996 <hartmans@mit.edu> - - * krlogind.c (recvauth): Fix v4 incompatability created by - checksum code; if using v4, don't try to verify a v5 checksum. - -Fri Feb 2 16:10:56 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * configure.in (save_path): Look for "ucb" varients in - /usr/athena/bin if --enable-athena specified. - - * krsh.c krlogin.c krcp.c (try_normal): If --enable-athena, don't - quit just because we are encrypted. - -Thu Feb 1 00:09:13 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * rcp.M: Fix typo. - - * krcp.c (des_write): If rcp tries to write to stdin, redirect it - to stdout. That way it works with pipes; the right thing is for - rcp to not try and do this, but introducing remread and remwrite - as variables is significantly more work for only slightly better - code. - (main): Use rsh encryption; not user-to-user. Note that we still - support the answer_auth mechanism for incoming connections - so older clients work, but this is depricated. - (send_auth): expunged with pleasure; answer_auth should go in a - a version or two. - -Wed Jan 31 16:24:50 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krsh.c (main): Print SECURE_MESSAGE when appropriate. - - * krshd.c (doit): Fork and handle pipes either if stderr signal - processing is enabled *or* encryption is enabled. Rsh always - enables stderr, but rcp won't. - (SECURE_MESSAGE): Moving to client where it belongs, so the stderr - channel doesn't get corrupted for rcp. Besides, the client can - determine if it is talking to a tty and only print this message to - a tty. - - * krlogind.c (recvauth): Pas ccache to rd_and_store_for_creds - - * krshd.c (recvauth): Pass address of ccache to rd_and_store_for_creds - (ccache): new global variable. - (cleanup): Destroy ccache if we have one. - (doit): Destroy cache on normal terination. - - * forward.c (rd_and_store_for_creds): Take a pointer to a ccache; - we should provide the caller with a way of destroying forwarded - credentials. - -Tue Jan 30 17:56:49 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krshd.c (envinit): Expand to have space KRB5_CCNAME - (doit): Put krb5_ccname at the end of envinit; this is - handled differently that other variables, because TZ may or may not - beset, so our position cannot be fixed. - - -Sat Jan 27 18:40:31 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * kcmd.c (kcmd): We no longer need F_SETOWN as nothing in appl/bsd - handles oob data with signals any more. - -Fri Jan 26 00:37:23 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krlogin.c (reader): Deal with exceptions even while writing. - (reader): Fix bogus select bug; actually select on writing - -Wed Jan 24 00:34:42 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krlogind.M krshd.M: Update to document new options. - - * Makefile.in (install): Install as kshd and klogind not krshd and - krlogind. - - * krshd.c (main): Use krlogind-style options (-54kce) - - * krlogind.c (main): Change option parsing to support new format. - (do_krb_login): Use auth_ok and auth_sent masks instead of passed_* - -Tue Jan 23 18:10:55 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krshd.c (recvauth): Use the correct username in strlen call for - allocating chksumbuf. - - * krlogind.c (recvauth): Code to copy checksum verification code. - - -Mon Jan 22 15:14:11 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krshd.c (recvauth): Update to expect port in checksum. - - * kcmd.c (kcmd): Include port in string of checksumed data to - distinguish between encrypted and unencrypted rlogin. - - -Mon Jan 22 18:14:05 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krcp.c: Use KRB5_STDARG_P. - - * configure.in: Add KRB5_CHECK_PROTOS for prototyps definitions. - - -Fri Jan 19 10:45:29 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krshd.c (recvauth): Verify checksum against command line and - remote user. - (recvauth): Fix accidental memory leak with authenticator and fix - include correct username in checksum - - * kcmd.c: Send authenticator with checksum of command line and - remote user. - - * krlogin.c (des_read): Return 0 or -1 on close/error respectively. - -Wed Jan 17 15:14:33 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * krlogin.c (reader): Use select to find out-of-band data, not signals. - (oob): No longer a signal handler; just a function. - (writer): get rid of copytochild setup as sigurg no longer needed - (main): Don't block SIGURG - * configure.in : Include sys/time.h check - -Mon Jan 15 16:16:07 1996 Sam Hartman <hartmans@tertius.mit.edu> - - * login.c (main): ttyslot usable here as well - - * krlogind.c (doit): update_utmp can use ttyslot. - -Thu Jan 11 12:40:08 1996 Ezra Peisach (epeisach@paris) - - * krsh.c, krlogin.c: (main): Ultrix cc does not support automatic - aggregate initiailzation of structures. - -Thu Jan 11 11:27:04 1996 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krcp.c (error): Convert to use varargs. - - * configure.in: Check for stdarg.h - -Wed Jan 10 21:26:20 1996 Theodore Y. Ts'o <tytso@dcl> - - * kcmd.c (getport): Clear the sin structure to be zero. (From - Doug Engert.) - - * krsh.c (main): Added code to default port to 544 if service not - found. (From Doug Engert.) - - * krlogin.c (main): Added code to default port to 543 or 2105 if - service not found. (From Doug Engert.) - - * login.c (main): Save KRB5CCNAME environment variable, which may - have been set by forward.c. Add code for SGI to set - environment for its /etc/TIMEZONE (untested). Don't print - MOTD twice on Suns, added #ifdef NO_MOTD. (Patches from - Doug Engert). - - * kcmd.c: Removed extern global of krb5_kdc_req_sumtype, which - wasn't being used anyway. - -Tue Jan 9 22:51:16 1996 Theodore Y. Ts'o <tytso@dcl> - - * forward.c (get_for_creds): Removed no longer used function. - - * kcmd.c (kcmd): Convert from using get_for_creds() from forward.c - to using the official library routine, krb5_fwd_tgt_creds(). - -Fri Dec 22 17:42:11 1995 Theodore Y. Ts'o <tytso@dcl> - - * login.c (main): If HAVE_SHADOW is defined, and no shadow - password entry is availble, try using the password entry - in the password file. - -Tue Dec 19 17:11:37 1995 Theodore Y. Ts'o <tytso@dcl> - - * kcmd.c: Also include unistd.h, if it's available. - -Tue Dec 5 20:44:39 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * configure.in: Use krb5util library. - - * login.c (main): Change two-argument call to syslog to three - arguments to handle screw cases in hostnames. - -Fri Dec 1 17:25:02 1995 Theodore Y. Ts'o <tytso@dcl> - - * login.c (main, dofork): Applied patch from Scott Schwartz - <schwartz@galapagos.cse.psu.edu> - - Under SunOS, and maybe other systems, there is a a problem - with krlogind.c and a similar problem with login.c as - distributed with K5.5. - - The bug is that rlogind forks a child but retains a - controlling tty. If the child is in the same process - group as the parent, which is will if you don't use a job - control shell (chsh /bin/rc), keyboard signals will kill - the daemon. telnetd dissociates itself properly, but then - login.krb5 waits for the shell to finish, but login.krb5 - has the same ctty as the shell and is in the same process - group, so it has the same problem. - - In BSD you used to be able to give up your ctty at will, - but SunOS seems to have setsid as the only mechanism to - perform that action, and setsid can only succeed in - limited circumstances. Rlogind ought to be fixed to - behave more like telnetd, but independent of that, - login.krb5 needs to be patched if kerberos is to work - properly under SunOS. - -Sun Nov 12 12:39:23 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * krlogind.c (doit): Clear iextn for NetBSD and other 4.4-based - systems so that ctrl-o isn't special. - -Sat Oct 21 17:33:37 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * login.c (main): Don't set LOGNAME twice. - -Sun Nov 12 04:44:50 1995 Mark W. Eichin <eichin@cygnus.com> - - * krshd.c (doit): drag TZ= from parent environment into envinit to - pass to child. - (envinit, TZENV): add one more slot for optional TZ, and mark it. - -Thu Nov 2 16:16:47 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krlogin.c, krcp.c, krsh.c (main): If invoked with -D port, do - not die if entry is missing from /etc/services. - -Mon Oct 16 17:27:43 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * login.c (main): Don't print warning about no tickets obtained if - we didn't ask for a password. Also, define LOGNAME for so sysvish - systems are happy. Patch from ramus@nersc.gov. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * krcp.c, krlogin.c, krlogind.c, krsh.c, krshd.c : - s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Sun Aug 27 15:35:04 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * rlogin.M: Document -f and -F options. - -Mon Aug 7 17:32:29 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * krlogind.c: Close the write side of the syncpipe in the parent - so we get SIGPIPE if child dies. - - * login.c (main): Use new interface to pty_update_utmp - - * configure.in (LOGINLIBS): Check for utmp.h and utmpx.h. - - * krlogind.c (doit): Use new format for pty_update_utmp - * Include utmp.h because libpty.h no longer does. - -Fri Aug 4 00:50:41 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * krlogind.c: don't include utmp.h, since libty.h grabs it. - -Wed Aug 2 13:06:02 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * krlogind.c (main): call pty_init()call pty_init() - -Tue Aug 1 08:43:22 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in : Remove references to logutil.c and logutil.o - - - * krshd.c (doit): Replace logwtmp with pty_logwtmp - - * login.c (main): use pty_update_utmp not update_utmp - - * logutil.c: Removed because all its functionality is incorperated - into libpty. - - * krlogind.c (doit): Pass length of line to pty_getpty - -Mon Jul 31 17:07:59 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * login.c (main): Don't call TIOCSETD under Posix. - * Include iexten in terminal flags. - - - * krlogin.c: Don't include termio.h here either. - - * login.c: Remove special casing of AIX to include termio.h; it - breaks almost all terminal handling, because it's the - compatibility file for applications written for the RT. Instead, - just define CNUL if not already defined by ttychars.h - - -Sat Jul 29 04:37:33 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU> - - * configure.in: Don't link with -lkadm - - -Fri Jul 28 16:49:02 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * Makefile.in (LOCAL_LIBRARIES): include -lpty; also included in - DEPLOCAL_LIBRARIES. - - * krlogind.c (doit): Use pipe for synchronization so pty can be - opened in slave. Use libpty for pty handling. - (cleanup): Use pty_cleanup to do most work. - -Thu Jul 27 15:02:03 EDT 1995 Paul Park (pjpark@mit.edu) - * krshd.c - Check for interrupted select. Should fix bug #1555. - - -Thu Jul 13 17:49:54 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * configure.in : Short circuit the streams test for AIX to false - because AIX strops.h trashes definition of _IO from sys/ioctl.h. - I think this is fixed in AIX4, so the test is only bypassed for - AIX3. - -Tue Jul 11 12:50:16 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * krlogind.c (getpty): Use ptsname before ttyname; it has a higher - chance of doing what we want. - -Fri Jul 7 15:40:42 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Remove all explcitit library handling. - * configure.in - Add USE_<mumble> and KRB5_LIBRARIES. - -Wed Jul 5 20:03:37 1995 Theodore Y. Ts'o (tytso@dcl) - - * krcp.c, krlogin.c, krlogind.c, krshd.c, login.c: Remove - declaration of errno altoghether. "extern int errno;" is - always wrong. - - * login.c (main): Don't use the TIOCLSET ioctl unless we're not - using POSIX_TERMIOS. Don't just blindly set the file - status flags to 0. Instead, do a fcntl(0, F_GETFL), and - then reset the nonblocking flags. - -Sun Jul 2 19:48:27 1995 Sam Hartman <hartmans@tertius.mit.edu> - - * krcp.c: make errno extern - - * krshd.c: errno should be extern so it doesn't mask the libc - definition in AIX. - -Tue Jun 27 23:50:56 1995 Tom Yu (tlyu@dragons-lair) - - * krlogin.c: don't redeclare noltc, defltc if we happen to have - TIOCGLTC in addition to POSIX_TERMIOS - -Tue Jun 27 16:18:49 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - When checking number/type of arguments to {get,set}pgrp - attempt to set __STDC__ in a vain attempt to ensure that we - get function prototype checking turned on. OSF/1's native - compiler didn't really care what's passed as arguments unless - __STDC__'s set. - * krcp.c - Change usage of BUFSIZ to RCP_BUFSIZ. Remove & from in - front of array. It's redundant. - * krlogin.c - Change usage of BUFSIZ to RLOGIN_BUFSIZ. Add signal - name parameter to signal handlers to conform to prototype. - * krlogind.c - Change usage of BUFSIZ to RLOGIND_BUFSIZ. Cast 4th - argument to setsockopt(2) to be const char *. - * krsh.c - Change usage of BUFSIZ to RSH_BUFSIZ. Cast 4th argument - to setsockopt(2) to be const char *. - * krshd.c - Change usage of BUFSIZ to RSHD_BUFSIZ. - -Thu Jun 22 14:36:46 1995 Theodore Y. Ts'o <tytso@dcl> - - * configure.in: Change AC_HAVE_HEADERS with AC_CHECK_HEADERS, and - check for string.h as well. - - * krsh.c: Don't include ext-proto.h; move the #include of the - header files which we actually needed into krsh.c, using - the autoconf standard define's. - -Wed Jun 21 17:29:27 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * login.c: Change RETSIGTYPE to krb5_sigtype to be consistant. - - * configure.in (LOGINLIBS): Add KRB5_SIGTYPE to declare krb5_sigtype. - -Tue Jun 20 13:00:25 1995 Tom Yu (tlyu@dragons-lair) - - * krlogin.c: HAS_STDLIB_H -> HAVE_STDLIB_H - -Mon Jun 19 13:34:23 EDT 1995 Paul Park (pjpark@mit.edu) - * login.c - Change setluid call to check for luid and then set it if - it fails, also make this logic conditional under HAVE_SETLUID. - * configure.in - For OSF/1 systems where libsecurity is present, set - HAVE_SETLUID. We'll need to determine similar tests for other - extended security systems that we are to support in the future. - - -Thu Jun 15 17:32:20 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - Change explicit library names to -l<lib> form, and - change target link line to use $(LD) and associated flags. - Also, remove DBMLIB, it was not used. Also, for K4, use - KRB4_LIB and KRB4_CRYPTO_LIB, these were - split out. - * configure.in - Remove dbm library checks, these are no longer needed - with the Berkeley database code. Also, add shared library - usage check. - -Sat Jun 10 22:56:10 1995 Tom Yu (tlyu@dragons-lair) - - * forward.c, kcmd.c, krcp.c, krlogind.c, krshd.c: - krb5_auth_context redefinitions - -Fri Jun 9 18:26:30 1995 <tytso@rsx-11.mit.edu> - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Wed May 31 17:16:44 1995 Tom Yu (tlyu@dragons-lair) - - * loginpaths.h: #ifdef ultrix => #ifdef __ultrix - -Sun May 21 16:36:39 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * loginpaths.h: Add NetBSD paths. - - * login.c: Define TAB3 to 0 if non existant - - * krlogin.c (mode): ifdef code based on TABDLY existing on - machine. (netbsd lacks this). - - * krcp.c: Declare sys_errlist only if needed by the OS. - - * configure.in: Add DECLARE_SYS_ERRLIST - Check for libcrypt defining the function crypt - -Mon May 15 10:43:30 1995 <tytso@rsx-11.mit.edu> - - * login.c (main): Only try to use TIOCSETD if it is defined - (instead of relying on _IBMR2 *not* being defined). - - Only try to use TIOCNXCL if it is defined. - - * krcp.c: If setreuid() is emulated using setresuid(), - #define HAVE_SETREUID so it gets used. - -Sat May 13 08:59:38 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krshd.c (recvauth): Use krb5_auth_con_genaddrs to set the port - on the connection so that credential forwarding works. - -Tue May 9 08:17:18 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * krshd.c (main): Cast a sockaddr_in * to sockaddr * in call to - accept. - - * kcmd.c: Add <stdlib.h> - - * krcp.c: Add <stdlib.h>. - -Sat May 6 18:12:37 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krcp.c (answer_auth): Added const declaration to filenames. - -Fri May 05 09:16:16 1995 Chris Provenzano (proven@mit.edu) - - * krcp.c (answer_auth()): Requires two new args that are passed - from the command line. The first -c is to pass the filename - of the remote credential cache. The second -C is to pass - the filename of the remote krb5.conf file. - -Thu May 04 23:53:23 1995 Chris Provenzano (proven@mit.edu) - - * krcp.c (answer_auth()): Don't destroy the credential cache. - -Wed May 03 20:10:39 1995 Chris Provenzano (proven@mit.edu) - - * krcp.c (answer_auth()): Set auth_context = NULL before using it. - -Wed May 03 03:30:51 1995 Chris Provenzano (proven@mit.edu) - - * krlogind.c, krshd.c: (krb5_compat_recvauth()): - No longer needs the rc_type arg. - -Tue May 2 22:12:39 1995 Theodore Y. Ts'o (tytso@dcl) - - * krcp.c (main): Don't try to play uid swapping games if the - effective uid is not zero. - - * kcmd.c (kcmd): Bug fix to jik's bug fix. (Caused by our code - drift since jik's changes went in, and not sufficiently - careful checking of jik's patches before applying it.) - -Mon May 01 15:56:32 1995 Chris Provenzano - - * kcmd.c (kcmd()): Bug fixes from jik. - - * krlogind.c (recvauth()): Changes to auth_context to better - support full addresses, for rd_cred() and friends. - -Sat Apr 29 01:26:06 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (login.krb5): Link the libraries twice due to - circular dependency in the libraries. (read_password in - libdes425.a depends on krb5_read_password in libkrb5.a) - -Fri Apr 28 20:33:06 1995 Theodore Y. Ts'o <tytso@dcl> - - * login.c (main): Don't use setreuid() to play games with the real - uid, since not all systems have setreuid(). This method - of communicating to in_tkt what the correct owner of the - ticket file is completely broken, anyway. We skip the - setreuid() entirely, and then chown the ticket file to the - correct owner and group afterwards. - -Fri Apr 28 17:59:19 1995 Mark Eichin <eichin@cygnus.com> - - * Makefile.in (KLIB): include KRB4_LIB directly, to satisfy both - versions of the dependencies. - -Fri Apr 28 16:55:14 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - change position of KRB4_LIB for krshd and krlogind - so that it links correctly for both --with-krb4 - and --with-krb4=/usr/athena. - -Fri Apr 28 16:12:57 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in (PATH): use internal AC_PROG_ECHO_N because change - in path might change behavior of echo (example: solaris, native - shell, with GNU echo (-n) in user path, but only Solaris echo (\c) - in path here.) - -Fri Apr 28 07:52:45 1995 Theodore Y. Ts'o <tytso@lurch.mit.edu> - - * login.c: Lots of lint cleanup; declare functions before they - are used, add appropriate return types (int or void) - to functions as necessary, etc. - -Thu Apr 27 21:44:17 1995 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * login.c: Remove definition of krb_err_txt. krb.h defines it. - -Thu Apr 27 17:41:06 1995 Mark Eichin <eichin@cygnus.com> - - * Makefile.in (krshd, login.krb5, krlogind): KRB4_LIB needs to - appear before KLIB since it uses des425. - -Thu Apr 27 14:36:54 1995 Mark Eichin <eichin@cygnus.com> - - * Makefile.in (LOCALINCLUDE): get kerberosIV headers for login.c - (login.krb): link against krb4 libs. - * configure.in: check AC_CONST so it works. - -Thu Apr 27 13:54:21 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: use WITH_KRB4 as-is. - * Makefile.in (krshd, krlogind): use KRB4_LIB directly. - -Thu Apr 27 01:09:19 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krcp.c (answer_auth): Should not call krb5_cc_close after - krb5_cc_destroy. (encrypted rcp failed). - - * krlogind.c (main): -S option was not getting a keytab. (passing - a char * to krb5_compat_recvauth). - - * krshd.c (recvauth): extract the client principal from ticket - before calling krb5_kuserok on a NULL principal. - (main): -S option was not getting a keytab (passing a char *). - - * krcp.c: (main): Missing htons on port number when specified on - command line. - -Wed Apr 26 21:09:34 1995 Chris Provenzano (proven@mit.edu) - - * kcmd.c (kcmd()) : Don't use hp->h_name use host_save instead. - -Wed Apr 26 17:43:08 1995 Mark Eichin <eichin@cygnus.com> - - * logutil.c (EMPTY): linux has UT_UNKNOWN, not EMPTY. - -Wed Apr 26 09:41:35 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> - - * krlogind.c (main): LOG_AUTH in openlog arguments in wrong place. - (recvauth): Do not copy principal on a V4 request. The - ticket portion is not set by krb5_compat_recvauth for these. - - * configure.in: Check for libutil. Under OSF/1, logwtmp is stored - there. - -Wed Apr 26 07:19:18 1995 Chris Provenzano (proven@mit.edu) - - * krlogind.c (doit()) : If TIOCOTTY is defined unset the - controlling tty before setting it to another tty. - -Tue Apr 25 21:23:28 1995 Chris Provenzano (proven@mit.edu) - - * forward.c (rd_and_store_for_creds()) : Rewritten to use - auth_context and the new krb5_rd_creds(). - * forward.c (get_for_creds()) : New function replacing - krb5_get_for_creds() and uses auth_context and new - krb5_mk_creds() routine. - * kcmd.c (kcmd()): Use new get_for_creds() routine. - * krlogind.c (recvauth()): Use new rd_and_store_for_creds() routine. - -Sat Apr 22 00:42:22 1995 Theodore Y. Ts'o (tytso@dcl) - - * rlogind (main, doit): The variable krb5_override_default_realm - is obsolete. Use the krb5_set_default_realm function instead. - - * krshd.c (main, doit): The variable krb5_override_default_realm - is obsolete. Use the krb5_set_default_realm function instead. - -Fri Apr 21 21:11:17 1995 Theodore Y. Ts'o (tytso@dcl) - - * krshd.c: Add #include for <sys/stat.h>, which is now needed. - -Fri Apr 21 17:18:57 1995 Mark Eichin <eichin@cygnus.com> - - rlogin testing changes from ian@cygnus.com. - -Fri Apr 21 17:13:48 1995 Mark Eichin <eichin@cygnus.com> - - More changes from ian@cygnus.com to support testing. - -Fri Apr 21 14:07:15 1995 Mark Eichin <eichin@cygnus.com> - - Added Ian's changes with minor tweaks. These are used by the testsuite. - -Fri Apr 07 15:46:54 1995 Chris Provenzano (proven@mit.edu) - - * configure.in, krlogind.c, krsh.c, krshd.c, login.c, logutil.c. - A bunch of patches from Ezra to get BSD to work on - The Alpha that looked reasonable. - -Mon Mar 27 07:56:26 1995 Chris Provenzano (proven@mit.edu) - - * krcp.c (send_auth()): Use new calling convention for krb5_rd_req(). - - * krshd.c (recvauth()): Use new calling convention for - krb5_compat_recvauth(). - - * krlogind.c (recvauth()): Use new calling convention for - krb5_compat_recvauth(). - -Fri Mar 24 15:04:25 1995 Ian Lance Taylor <ian@cygnus.com> - - * krlogind.c (srvtab): New global variable. - (krb5_override_default_realm): Declare. - (ARGSTR): Add "S:M:L:" to Kerberos version. - (login_program): New global variable. - (main): Handle -S, -M, and -L arguments. Call SO_REUSEADDR on - socket if debug_port set. - (doit): Use login_program instead of LOGIN_PROGRAM. - (recvauth): Pass srvtab to krb5_compat_recvauth. - * krlogind.M: Document -S, -M, and -L. - -Fri Mar 24 15:04:25 1995 Ian Lance Taylor <ian@cygnus.com> - - * krcp.c (forcenet): New global vraiable. - (main): Accept -D and -N arguments. Pass Kerberos realm to remote - rcp execution. - (hosteq): If -N specified, always return 0. - * rcp.M: Document -D and -N. - * krshd.c (ARGSTR): Add "P:" to KERBEROS version. - (kprogdir): New global variable. - (main): Handle -P. - (path): Remove global variable. - (path_rest): Remove explicit size. - (envinit): Use 0 instead of path. - (PATHENV): define. - (doit): Use kprogdir variable instead of KPROGDIR macro when - setting path. Build path in allocated memory rather than using a - fixed size array. If the command starts with "rcp ", force use of - kprogdir/rcp if it exists. - * krshd.M: Document -P. - -Thu Mar 23 18:18:31 1995 Ian Lance Taylor <ian@cygnus.com> - - * krshd.c (ARGSTR): Add S:M:A to KERBEROS version. - (srvtab): New global variable. - (krb5_override_default_realm): Declare. - (main): Handle -S, -M and -A arguments. Call SO_REUSEADDR on - socket if debug_port set. - (doit): If -A used, allocate a random port for the stderr stream, - rather than allocating a reserved port. Don't call initgroups if - not changing the uid. - (recvauth): Pass srvtab to krb5_compat_recvauth. - * krshd.M: Document -S, -M, and -A. - * krsh.c (main): Accept -A, and pass it to kcmd. - * rsh.M: Document -A. - * kcmd.c (kcmd): Add new argument anyport. If it is set, permit - any port for the stderr stream, rather than requiring a reserved - port. Initialize ret_cred to NULL. - * krcp.c (main): Pass 0 for anyport to kcmd. - * krlogin.c (main): Pass 0 for anyport to kcmd. - -Thu Mar 23 23:23:25 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (krshd): Move $(K4LIB) after $(KLIB) so that if - we're using des425, the V5 crypto library can be picked up. - - * configure.in: Use the correct path to find libdes425 - -Thu Mar 23 20:22:57 1995 Mark Eichin <eichin@cygnus.com> - - * logutil.c (update_wtmp): initialize ut from ent the way the V4 - code did. Appears to handle SunOS case (when nearly all of the - ifdef's are off) correctly now. - -Tue Mar 14 16:08:08 1995 <tytso@rsx-11.mit.edu> - - * Makefile.in, configure.in: Use the libdes425 library so that the - DES code doesn't get dragged in twice. - - * krlogind.c: Include <sys/time.h> so that Linux can get the - FD_SET macros. - - * kcmd.c (kcmd): Close the credentials cache when you're done with - it. - - * krlogind.c (doit): Always initialize the Krb5 error table. - - * krlogind.c (main, doit): Minor type fixes to gethostbyname(), - accept(). - -Tue Mar 14 12:30:23 1995 Chris Provenzano (proven@mit.edu) - - * kcmd.c (kcmd()): Don't pass any data to sendauth() to be - checksummed. The remote side doesn't check it anyway. - -Fri Mar 10 18:32:22 1995 Theodore Y. Ts'o <tytso@dcl> - - * kcmd.c (kcmd): Initialize ret_cred to zero so that in case of an - error, we don't try to free stack garbage. - -Fri Mar 10 11:09:34 1995 Chris Provenzano (proven@mit.edu) - - * kcmd.c (kcmd()) Use new calling convention for krb5_sendauth(). - * krcp.c () Use new calling convention for krb5_mk_req_extended(). - -Thu Mar 2 12:26:29 1995 Theodore Y. Ts'o <tytso@dcl> - - * Makefile.in (ISODELIB): Remove reference to $(ISODELIB). - -Wed Mar 1 11:54:50 1995 Theodore Y. Ts'o <tytso@dcl> - - * configure.in: Remove ISODE_INCLUDE and ISODE_DEFS, replace check - for -lsocket and -lnsl with WITH_NETLIB check. - -Tue Feb 28 01:41:04 1995 John Gilmore (gnu at toad.com) - - * forward.c, kcmd.c, krcp.c, krlogin.c, krlogind.c, krsh.c, - krshd.c: Avoid <krb5/...> and <com_err.h> includes. - -Tue Feb 14 15:30:55 1995 Chris Provenzano (proven@mit.edu) - - * kcmd.c Call krb5_sendauth() and krb5_get_credentials() with - new calling convention. - - * krcp.c (answer_auth()) Call krb5_mk_req_extended90 with new - calling convention. - -Fri Feb 3 11:51:55 1995 Theodore Y. Ts'o (tytso@dcl) - - * krcp.c (tgt_keyproc): Add keytype parameter to field. - -Mon Jan 30 07:58:16 1995 Chris Provenzano (proven@mit.edu) - - * Removed all #include <krb5/crc-32.h> - - * Removed krb5_enctype argument passed to krb5_get_for_creds() - -Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu) - - * Removed all narrow types and references to wide.h and narrow.h - -Wed Jan 18 14:33:50 1995 Mark Eichin <eichin@cygnus.com> - - * krlogind.c (v4_des_read, v5_des_read): When reading length, - ignore everything before a leading zero (MSB first "reasonable" - value) to compensate for rlogin (mis)use of BSD-OOB data. - * krlogin.c (des_read): same code (in both versions of des_read.) - -Wed Jan 18 01:07:56 1995 Mark Eichin <eichin@cygnus.com> - - * configure.in: undo streams test. It turns out that we want sunos - to *fail* that test, since it doesn't have a streams PTEM module - anyhow. - * krlogind.c: don't include sys/tty.h and sys/ptyvar.h if we don't - HAVE_STREAMS already. - * krlogin.c: do the same thing. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - - * krsh.c (main): Use htons(debug_port). - -Wed Jan 11 01:25:09 1995 Mark Eichin <eichin@cygnus.com> - - * logutil.c (update_wtmp): declare missing variables if - HAVE_SETUTENT isn't set. - (update_utmp): declare tty at top of function. - -Tue Jan 10 19:43:18 1995 Mark Eichin (eichin@cygnus.com) - - * krlogin.c (doit): use exit_handler for signal exits, don't use - exit directly. - (exit_handler): new function, avoids type collision from misusing - exit directly as a signal handler. - -Tue Jan 10 15:23:31 1995 Richard Basch (probe@tardis) - - * configure.in: Streams test needs to include sys/types.h - - * krsh.c: Include sys/time.h (linux) - -Mon Jan 9 21:48:54 1995 Theodore Y. Ts'o (tytso@dcl) - - * kcmd.c, krlogin.c, krcp.c: Always include fcntl.h, and never - sys/fcntl.h. - - * krshd.c: Always define the Kerberos V4 data structures. - -Tue Jan 3 16:54:02 1995 Richard Basch (probe@tardis) - - * krshd.c - Cleaned up comments - - * krsh.c - Removed debugging statement - - * kcmd.c - Removed old sgi code (it has POSIX_SIGNALS). - -Mon Jan 2 12:35:18 1995 Richard Basch (probe@tardis) - - * krsh.c - * krshd.c - Added encrypted rsh support. - It still isn't entirely secure; as the command-line could - be spoofed by an active attack, but the data sharing is... - - * krlogind.c - Ultrix doesn't have a fully functional POSIX termios. - - * krshd.c - Cleaned up some of the #ifdef's and code duplication. - Fixed decl. of return variable for getopt() [int not char] - -Fri Dec 30 18:35:50 1994 Richard Basch (probe@tardis) - - * krlogin.c - Don't need: #ifdef _AIX, #undef _BSD, #endif - - * Makefile.in - Fixed man page installation when build tree != source tree - - * configure.in - No need to do the fcntl check - Changed GETPGRP_ONEARG detection (and assign it when it - takes one argument, not void). - - * logutil.c - * login.c - Tidied up the code a bit. - Do not rely on NO_UT_TYPE (it has problems with AIX headers) - - * krlogind.c - Tidied up the code a bit. - Set the controlling tty for Ultrix - Do not rely on NO_UT_TYPE (it has problems with AIX headers) - -Thu Dec 29 10:12:48 1994 Richard Basch (probe@tardis) - - * krlogind.c - Conditionalize grantpt/unlockpt on HAVE_GRANTPT (not just Sun) - Conditionalized references to ut_type and ut_pid. - Try all the methods for getting a pty... - - * logutil.c - Conditionalized references to ut_type and ut_pid. - - * configure.in - Conditionalize grantpt/unlockpt on HAVE_GRANTPT - Corrected a minor syntactical error with extraneous "]," - -Thu Dec 29 01:38:17 1994 Richard Basch <probe@k9> - - * krlogind.c: - Error checks for Solaris tty setup routines (grantpt/unlockpt) - Commented out the OOB code, as it causes problems currently. - Cleaned up some of the #ifdef's for logging incoming users - Removed extraneous declaration of malloc() - Pass a "" for the hostname rather than NULL to update_utmp. - Some additional cosmetic changes. - Included/excluded SYSV code (SYSV is not defined anywhere) - -Wed Dec 28 14:59:58 1994 Richard Basch (probe@tardis) - - * krlogin.c - * krlogind.c - * krsh.c - * krshd.c - Corrected the arguments to select, based on sizeof fd_set. - Converted what remained to use FD_* macros, instead of bitshift - - * login.c - Changed uid_type to uid_t, gid_type to gid_t - Added shadow password support - Always use cfset*speed when POSIX_TERMIOS is defined - - * configure.in - Changed the PATH for looking for BSD r* commands - Use AC_TRY_LINK instead of AC_TRY_COMPILE for the setenv test. - Cache results of compile/link tests. - Added shadow password support. - Don't bother checking for sys/stream.h; done elsewhere - Look for the function ptsname. - - * logutil.c - Search to the proper position in the utmp/utmpx files. - Corrected arguments for the utmpx routines. - - * krlogind.c - Revamped the tty setup routines. - -Tue Dec 27 14:42:15 1994 Richard Basch (probe@tardis) - - * krlogin.c - Cleaned up some of the includes - - * krlogind.c - * krshd.c - * logutil.c - * login.c - Revamped the utmp/wtmp handling routines - - * Makefile.in - Fixed the "krlogin" program define for "krsh" - - * configure.in - Changed the HAVE_STREAMS macro to not try <sys/tty.h> - Corrected the text for the setpgrp arguments check - -Tue Dec 27 06:15:42 1994 Richard Basch (probe@tardis) - - * krlogind.c - Use the file descriptor macros (eg. FD_SET) to handle fd arrays - Change #ifdef STREAMS to #ifdef HAVE_STREAMS - Started to add SYS-V utmp handling - Ripped out the old termio code. - Include <unistd.h> and <stdlib.h> where available. - - * configure.in - Combined KRB5_UT* macros into CHECK_UTMP, with more checks. - Changed obsolete AC_COMPILE_CHECK to use newer macros. - -Mon Dec 26 13:51:20 1994 Richard Basch (probe@tardis) - - * Makefile.in - * configure.in - * krcp.c - * krsh.c - * krlogin.c - Removed the hard-coded paths for the BSD rlogin/rcp/rsh programs. - Let "configure" find the programs for us... - -Mon Dec 19 15:09:57 1994 Theodore Y. Ts'o (tytso@dcl) - - * krcp.c (des_write): - * krlogin.c (des_write): - * krlogind.c (v5_des_write): Fix byte swapping code (Missing shift - instructions). - - * krlogind.c (v4_des_read, v4_des_write): Fixed byte swapping code - so that V4 des compatibility works on 64 bit - architectures. - -Fri Nov 18 01:19:13 1994 Mark Eichin <eichin@cygnus.com> - - * Makefile.in (install): add install rules for krlogind.M, - krshd.M, rlogin.M, rcp.M, rsh.M. (Section numbers are explicit, - and this should probably be changed.) - (from Ted Lemon <mellon@ipd.wellsfargo.com> - -Fri Nov 18 01:10:34 1994 Mark Eichin <eichin@cygnus.com> - - * configure.in: use new macros KRB5_UTPID, KRB5_UTTYPE, and - KRB5_UTHOST (from epeisach). - -Wed Nov 16 11:45:01 1994 Richard Basch (probe@tardis) - - * krlogin.c: - If the system includes a SA_RESTART signal flag, use it. - We want to be able to resume the read() system call after - a SIGURG comes. - -Fri Nov 11 00:53:57 1994 Theodore Y. Ts'o (tytso@dcl) - - * forward.c (mk_cred, rd_cred): Move mk_cred and rd_cred to - libkrb.a. - -Tue Nov 8 23:52:58 1994 Theodore Y. Ts'o (tytso@dcl) - - * krshd.c (setpgrp): Defining setpgrp(a,b) to setpgrp() if - SETPGRP_TWOARG is not set can cause infinite macro - recursion on some C preprocessors. Fix by putting the - #ifdef for SETPGRP_TWOARG where setpgrp is actually - called, instead of trying to redefine setpgrp(). - -Mon Nov 7 21:22:00 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add check for stdlib.h - - * configure.in: Remove unused check for HAVE_GETDTABLESIZE - (especially since we replace it with AC_REPLACE_FUNCS - later!) - - * getdtablesize.c: Use POSIX method of obtaining fd table size, - if available. - -Wed Nov 02 22:21:00 1994 Richard Basch (probe@tardis) - - * configure.in: - Moved POSIX signal check to aclocal.m4, and calls it (CHECK_SIGNALS) - Added POSIX setjmp check (CHECK_SETJMP). - Added checks for waitpid and setsid functions. - - * kcmd.c: - Include <signal.h> not <sys/signal.h>. - Don't bother declaring sigmask when POSIX_SIGNALS is set. - - * krcp.c: - Replaced the conditionalized BITS64 code with more portable code. - Use mode_t instead of int, for file modes. - Use waitpid, instead of wait, where available (HAVE_WAITPID). - Added POSIX signal handling (POSIX_SIGNALS). - - * krlogin.c: - Include <unistd.h> and <stdlib.h> if available - Replaced the conditionalized BITS64 code with more portable code. - Use cfgetospeed() if POSIX_TERMIOS is defined. It was already being - used, so there is no need to use two methods. - Use waitpid, instead of wait, where available (HAVE_WAITPID). - Added POSIX setjmp handling (POSIX_SETJMP) - Added POSIX signal handling (POSIX_SIGNALS). - - * krlogind.c: - Added POSIX signal handling (POSIX_SIGNALS). - Corrected an error in the arguments to chmod(). - Call setsid() if HAVE_SETSID is defined. - Try not conditionalizing on __alpha; use other #ifdef's. - Replaced the conditionalized BITS64 code with more portable code. - - * krsh.c: - Added POSIX signal handling (POSIX_SIGNALS) - - * krshd.c: - Declare and manipulate the file descriptor arrays properly, - rather than bit shifting and passing them to select as - (long *). Some systems (eg. AIX) declare them to be structs. - Added POSIX signal handling (POSIX_SIGNALS) - - * login.c: - Include <unistd.h> and <stdlib.h> if available - Added POSIX setjmp handling (POSIX_SETJMP) - Added POSIX signal handling (POSIX_SIGNALS) - Use waitpid, instead of wait, where available (HAVE_WAITPID). - - * logutil.c: - Don't redeclare time(); it may conflict with the system header files. - Include <unistd.h> first. - -Thu Oct 27 20:07:03 1994 Mark Eichin (eichin@cygnus.com) - - * login.c (main): if CSTATUS is missing, don't set c_cc[VSTATUS] - (for sunos.) - -Thu Oct 27 16:12:19 1994 Mark Eichin (eichin@cygnus.com) - - * krlogin.c (des_write): get rid of srandom, since seeding is done - directly in krb5_random_confounder. get rid of unused variables. - * krlogind.c (v4_des_write): use krb5_random_confounder - directly. get rid of unused variables. - -Thu Oct 27 14:50:40 1994 Mark Eichin (eichin@cygnus.com) - - * login.c (main): if CDISCARD is missing, use CFLUSH instead. - -Thu Oct 27 14:47:41 1994 Mark Eichin (eichin@cygnus.com) - - * configure.in: fix typo in "use streams interface" test (ttold.h - not ttyold.h) - -Thu Oct 27 14:31:17 1994 Mark Eichin (eichin@cygnus.com) - - * configure.in: check for srand48, srand, and srandom. - * krlogind.c (v4_des_write): use the best available of the three - random number systems for padding (based on code from - lib/crypto/os/rnd_confoun.c.) - -Wed Oct 26 00:04:02 1994 Theodore Y. Ts'o (tytso@dcl) - - * krsh.c (main): - * krlogind.c (protocol, v5_des_read): Check for both EAGAIN in - addition to EWOULDBLOCK. - -Mon Oct 24 14:46:07 1994 (tytso@rsx-11) - - * Makefile.in: The Kerberos V4 libraries must be linked in after - the V5 libraries; compat_recvauth pulls in the V4 routines. - - * kcmd.c (kcmd): Don't free host_save; it's supposed to be - returned by kcmd to the caller! - - * configure.in - * krlogin.c (des_write): Don't check for srand48 and then try to - define srandom to be srand48. This breaks on machines - which have both srandom and srand48. Instead, use - krb5_random_confounder; it will do the right thing. - -Wed Oct 19 12:36:47 1994 Theodore Y. Ts'o (tytso@dcl) - - * krlogind.c (protocol): Change yet another variable to be an - unsigned char. - - * login.c (main): Add other termios c_cc initializations for the - ALPHA. - - * krlogind.c (protocol): Make protocol buffers be unsigned, since - we're comparing against unsigned data. - -Tue Oct 18 15:48:37 1994 Mark Eichin (eichin@cygnus.com) - - * configure.in (HAVE_STREAMS): test for streams interface headers - in a way that fails on sunos but works on solaris. - * krlogin.c: use HAVE_STREAMS. - * krlogind.c: use HAVE_STREAMS, fix TIOCPKT_* test. - -Tue Oct 4 17:14:38 1994 Theodore Y. Ts'o (tytso@dcl) - - * krcp.c (tgt_keyproc): Add widen.h and narrow.h around - declaration so that argument types are widened. - -Mon Oct 3 13:21:51 1994 Theodore Y. Ts'o (tytso@dcl) - - * logutil.c (logwtmp): Remove declaration for strncpy(). - -Fri Sep 30 17:04:24 1994 Theodore Y. Ts'o (tytso@dcl) - - * krshd.c: Use ifdef for SETPGRP_TWOARG and HAVE_KILLPG - - * krlogind.c: Use ifdef include of HAVE_SYS_TTY_H and - HAVE_SYS_PTYVAR_H (suncc doesn't #define solaris). - -Thu Sep 29 22:50:05 1994 Theodore Y. Ts'o (tytso@dcl) - - * Makefile.in: "make clean" should remove the executables - - * Makefile.in: Relink executables if libraries change - -Thu Sep 29 17:55:57 1994 Mark Eichin (eichin@tweedledumber.cygnus.com) - - * krlogin.c (mode): ifdef VLNEXT instead of svr4 for ^V fixing. - (doit): ditto. - krlogin.c, configure.in: include sys/tty.h and sys/ttold.h only if - they're both there. - - -Wed Sep 28 20:57:24 1994 Mark Eichin (eichin@tweedledumber.cygnus.com) - - * configure.in (srand48): check for srand48, and if it exists, - substitute it for srandom (and lrand48 for random.) - (K4LIB): add libdes.a, needed for des_pcbc_encrypt. - -Wed Sep 28 14:36:29 1994 Mark Eichin (eichin@rtl.cygnus.com) - - * Makefile.in: always put $(K4LIB) before $(KLIB) so that - references to libcrypto.a get resolved. - -Thu Aug 18 18:57:44 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * Makefile.in: - * configure.in: Fix KRB4 handling; do it here in configure.in - instead of in Makefile.in - -Thu Aug 18 18:55:36 1994 Mark Eichin (eichin@perdiem) - - * configure.in (LOGINLIBS): always substitute it, even if it isn't - set. - -Thu Aug 18 17:09:36 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * forward.c (get_for_creds): Fix bug to allow cross-realm - forwarded credentials to work. - - * forward.c (rd_and_store_for_creds): Store the forwarded - credentials in a file which is PID dependent, to allow for - different sessions in an rlogin session. - - * Makefile: Add $(SETENVOBJ) to all programs that use forward.c - -Tue Aug 16 22:41:25 1994 Mark Eichin (eichin@cygnus.com) - - * krlogind.c: add sys/ioctl.h. - -Tue Aug 16 22:36:29 1994 Mark Eichin (eichin@cygnus.com) - - * configure.in: set LOGINLIBS to -lodm -ls -lcfg if the system has - all three (and is probably an AIX system.) - * Makefile.in: use LOGINLIBS for login.krb5. - * krshd.c: use HAVE_SYS_SELECT_H. - -Tue Aug 16 17:58:09 1994 Mark Eichin (eichin@cygnus.com) - - * krcp.c: check HAVE_VFORK_H - * configure.in: use AC_VFORK (runtime test -- consider just using - fork instead.) - -Sat Aug 13 02:04:37 1994 Mark Eichin (eichin@perdiem) - - * Makefile.in (DEFINES): set LOGIN_PROGRAM correctly. - -Thu Aug 11 23:16:31 1994 Mark Eichin (eichin@perdiem) - - * krsh.c: Don't (mis)declare getpwuid ever. - -Sun Aug 7 04:43:24 1994 Mark Eichin (eichin@cygnus.com) - - * krlogin.c (oob): FWRITE (and out) not needed w/POSIX_TERMIOS - * logutil.c: if EMPTY is missing, use UT_UNKNOWN instead. - * login.c (main): some systems just don't have TIOCLSET - -Fri Aug 5 18:47:00 1994 Mark Eichin (eichin@cygnus.com) - - * configure.in: test for sigprocmask and sigset_t to set POSIX_SIGNALS. - * krlogin.c, kcmd.c: use POSIX_SIGNALS. - -Fri Aug 5 15:35:54 1994 Mark Eichin (eichin@cygnus.com) - - * configure.in, logutil.c: check for NO_UT_PID, use it. - -Wed Jul 27 12:52:04 1994 Mark Eichin (eichin@cygnus.com) - - * krlogind.c, krlogin.c, krcp.c: define roundup if needed. - - * Makefile.in: add LIBOBJS, dependency for getdtablesize.o. - * getdtablesize.c: new file. - * configure.in: build getdtablesize.c if needed. - - * login.c: HAVE_TTYENT_H. - * configure.in: add ttyent.h to HEADERS test. - - * krshd.c: HAVE_SYS_LABEL_H, which seems to be SunOS 4 specific. - * krlogind.c: ditto. - * configure.in: test for add sys/label.h to HEADERS test. - - * krcp.c (rsource): USE_DIRENT_H. - - * configure.in: test for HAVE_UNISTD_H. - * logutil.c: use HAVE_UNISTD_H. - -Tue Jul 26 00:25:57 1994 Mark Eichin (eichin@cygnus.com) - - * krlogin.c: include <fcntl.h> - - * configure.in: Added tests for NO_UT_HOST, NO_UT_EXIT. - * logutil.c: use them. - - * configure.in: add CHECK_DIRENT, CHECK_FCNTL. - - * configure.in: Added tests for HAVE_SETOWN, HAVE_SYS_FILIO_H. - * krlogin.c, krsh.c, krshd.c, krlogin.c, krlogind.c: use them. - -Sat Jul 23 08:48:50 1994 Tom Yu (tlyu@dragons-lair) - - * kcmd.c: - * krshd.c: include ext-proto.h to avoid type warnings - -Sat Jul 16 02:24:31 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * kcmd.c: - * krsh.c: index->strchr, rindex->strrchr, add (char *) cast to - malloc, have proper include for the string functions. - -Fri Jul 15 15:03:11 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * krcp.c: add utimes() emulation for systems that only have the - POSIX utime() call. - -Mon Jun 27 22:03:48 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * krlogind.c: remove spurious debugging #undef of KRB5_KRB4_COMPAT - |