diff options
| author | assar <assar@FreeBSD.org> | 2001-02-13 16:46:19 +0000 |
|---|---|---|
| committer | assar <assar@FreeBSD.org> | 2001-02-13 16:46:19 +0000 |
| commit | 3a971fe69aad52dfd248901ae796e64a96ae3e37 (patch) | |
| tree | ac7b5c62510ffa9f0316643bcb19a3fed3d5bef7 /crypto/heimdal/appl/rsh | |
| parent | 2934fc23653f64b32f4db32233d7eda11ca274f0 (diff) | |
| parent | ebfe6dc471c206300fd82c7c0fd145f683aa52f6 (diff) | |
| download | FreeBSD-src-3a971fe69aad52dfd248901ae796e64a96ae3e37.zip FreeBSD-src-3a971fe69aad52dfd248901ae796e64a96ae3e37.tar.gz | |
This commit was generated by cvs2svn to compensate for changes in r72445,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'crypto/heimdal/appl/rsh')
| -rw-r--r-- | crypto/heimdal/appl/rsh/ChangeLog | 69 | ||||
| -rw-r--r-- | crypto/heimdal/appl/rsh/Makefile.am | 5 | ||||
| -rw-r--r-- | crypto/heimdal/appl/rsh/Makefile.in | 327 | ||||
| -rw-r--r-- | crypto/heimdal/appl/rsh/rsh.c | 134 | ||||
| -rw-r--r-- | crypto/heimdal/appl/rsh/rsh_locl.h | 6 | ||||
| -rw-r--r-- | crypto/heimdal/appl/rsh/rshd.c | 146 |
6 files changed, 401 insertions, 286 deletions
diff --git a/crypto/heimdal/appl/rsh/ChangeLog b/crypto/heimdal/appl/rsh/ChangeLog index 869bc88..4a40ac7 100644 --- a/crypto/heimdal/appl/rsh/ChangeLog +++ b/crypto/heimdal/appl/rsh/ChangeLog @@ -1,3 +1,72 @@ +2001-01-09 Assar Westerlund <assar@sics.se> + + * rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of + krb5_rd_cred + +2000-12-31 Assar Westerlund <assar@sics.se> + + * rshd.c (main): handle krb5_init_context failure consistently + * rsh.c (main): handle krb5_init_context failure consistently + +2000-12-05 Johan Danielsson <joda@pdc.kth.se> + + * rshd.c: require encryption if passed -x + +2000-11-15 Assar Westerlund <assar@sics.se> + + * rshd.c (loop): check that the fd's aren't too large to select on + * rsh.c (loop, proto): check that the fd's aren't too large to + select on + +2000-08-10 Assar Westerlund <assar@sics.se> + + * rsh.c: move code to do config/command parsing correctly. + +2000-08-09 Assar Westerlund <assar@sics.se> + + * rsh.c (main): only fetch stuff from krb5.conf when no option has + been given + +2000-08-01 Assar Westerlund <assar@sics.se> + + * rsh.c (doit): loop until we create an error socket of an + supported socket family + +2000-07-02 Assar Westerlund <assar@sics.se> + + * rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se> + do not call syslog with a variable as format string + + * rsh_locl.h (_PATH_ETC_ENVIRONMENT): add + +2000-06-09 Assar Westerlund <assar@sics.se> + + * rsh.c (main): work-around for setuid and capabilities bug fixed + in Linux 2.2.16 + +2000-06-06 Johan Danielsson <joda@pdc.kth.se> + + * rsh.c: nuke long option from -z + + * rsh.c: don't try to encrypt if auth is broken (Daniel Kouril) + +2000-06-03 Assar Westerlund <assar@sics.se> + + * rshd.c (doit): check return value of getspnam. From + <haba@pdc.kth.se> + +2000-05-23 Assar Westerlund <assar@sics.se> + + * rsh.c (proto): select on the normal socket when waiting for the + daemon to connect back to the stderr port, so that we discover + when data arrives there before. when that happens, we assume that + the daemon did not manage to connect (because of NAT/whatever) and + continue as if `-e' was given + * rshd.c (doit): if we fail to connect back to the stderr port, + act as if `-e' was given on the client side, i.e. without the + special TCP-connection. This tries to make things better when + running the head against a NAT wall, for example. + 2000-02-07 Assar Westerlund <assar@sics.se> * Makefile.am (LDADD): make sure we use the heimdal libdes diff --git a/crypto/heimdal/appl/rsh/Makefile.am b/crypto/heimdal/appl/rsh/Makefile.am index c005b9e..3c340ad 100644 --- a/crypto/heimdal/appl/rsh/Makefile.am +++ b/crypto/heimdal/appl/rsh/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am,v 1.14 2000/02/07 03:13:00 assar Exp $ +# $Id: Makefile.am,v 1.15 2000/11/15 22:51:10 assar Exp $ include $(top_srcdir)/Makefile.am.common @@ -14,7 +14,6 @@ rshd_SOURCES = rshd.c common.c rsh_locl.h LDADD = $(LIB_kafs) \ $(LIB_krb5) \ - $(top_builddir)/lib/des/libdes.la \ $(LIB_krb4) \ - $(top_builddir)/lib/des/libdes.la \ + $(LIB_des) \ $(LIB_roken) diff --git a/crypto/heimdal/appl/rsh/Makefile.in b/crypto/heimdal/appl/rsh/Makefile.in index 75c989d..0ba1b86 100644 --- a/crypto/heimdal/appl/rsh/Makefile.in +++ b/crypto/heimdal/appl/rsh/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.14 2000/02/07 03:13:00 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.15 2000/11/15 22:51:10 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,24 +170,20 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) @@ -181,8 +195,13 @@ rsh_SOURCES = rsh.c common.c rsh_locl.h rshd_SOURCES = rshd.c common.c rsh_locl.h -LDADD = $(LIB_kafs) $(LIB_krb5) $(top_builddir)/lib/des/libdes.la $(LIB_krb4) $(top_builddir)/lib/des/libdes.la $(LIB_roken) +LDADD = $(LIB_kafs) \ + $(LIB_krb5) \ + $(LIB_krb4) \ + $(LIB_des) \ + $(LIB_roken) +subdir = appl/rsh mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -194,71 +213,57 @@ PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ -rsh_OBJECTS = rsh.$(OBJEXT) common.$(OBJEXT) +am_rsh_OBJECTS = rsh.$(OBJEXT) common.$(OBJEXT) +rsh_OBJECTS = $(am_rsh_OBJECTS) rsh_LDADD = $(LDADD) -@KRB4_TRUE@@KRB5_FALSE@rsh_DEPENDENCIES = \ -@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/kafs/libkafs.la \ -@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la +@KRB4_FALSE@@KRB5_FALSE@rsh_DEPENDENCIES = @KRB4_FALSE@@KRB5_TRUE@rsh_DEPENDENCIES = \ @KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \ -@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la -@KRB4_FALSE@@KRB5_FALSE@rsh_DEPENDENCIES = \ -@KRB4_FALSE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la +@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_TRUE@@KRB5_FALSE@rsh_DEPENDENCIES = \ +@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/kafs/libkafs.la @KRB4_TRUE@@KRB5_TRUE@rsh_DEPENDENCIES = \ @KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/kafs/libkafs.la \ @KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \ -@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la +@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la rsh_LDFLAGS = -rshd_OBJECTS = rshd.$(OBJEXT) common.$(OBJEXT) +am_rshd_OBJECTS = rshd.$(OBJEXT) common.$(OBJEXT) +rshd_OBJECTS = $(am_rshd_OBJECTS) rshd_LDADD = $(LDADD) -@KRB4_TRUE@@KRB5_FALSE@rshd_DEPENDENCIES = \ -@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/kafs/libkafs.la \ -@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la +@KRB4_FALSE@@KRB5_FALSE@rshd_DEPENDENCIES = @KRB4_FALSE@@KRB5_TRUE@rshd_DEPENDENCIES = \ @KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \ -@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la -@KRB4_FALSE@@KRB5_FALSE@rshd_DEPENDENCIES = \ -@KRB4_FALSE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la +@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_TRUE@@KRB5_FALSE@rshd_DEPENDENCIES = \ +@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/kafs/libkafs.la @KRB4_TRUE@@KRB5_TRUE@rshd_DEPENDENCIES = \ @KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/kafs/libkafs.la \ @KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ -@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \ -@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la +@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la rshd_LDFLAGS = -CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(rsh_SOURCES) $(rshd_SOURCES) +depcomp = DIST_COMMON = ChangeLog Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best SOURCES = $(rsh_SOURCES) $(rshd_SOURCES) -OBJECTS = $(rsh_OBJECTS) $(rshd_OBJECTS) +OBJECTS = $(am_rsh_OBJECTS) $(am_rshd_OBJECTS) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/rsh/Makefile @@ -281,15 +286,18 @@ install-binPROGRAMS: $(bin_PROGRAMS) $(mkinstalldirs) $(DESTDIR)$(bindir) @list='$(bin_PROGRAMS)'; for p in $$list; do \ if test -f $$p; then \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \ else :; fi; \ done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - list='$(bin_PROGRAMS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " rm -f $(DESTDIR)$(bindir)/$$f"; \ + rm -f $(DESTDIR)$(bindir)/$$f; \ done mostlyclean-libexecPROGRAMS: @@ -306,31 +314,20 @@ install-libexecPROGRAMS: $(libexec_PROGRAMS) $(mkinstalldirs) $(DESTDIR)$(libexecdir) @list='$(libexec_PROGRAMS)'; for p in $$list; do \ if test -f $$p; then \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libexecdir)/$$f"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libexecdir)/$$f; \ else :; fi; \ done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - list='$(libexec_PROGRAMS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + @list='$(libexec_PROGRAMS)'; for p in $$list; do \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " rm -f $(DESTDIR)$(libexecdir)/$$f"; \ + rm -f $(DESTDIR)$(libexecdir)/$$f; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -342,15 +339,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -368,26 +356,36 @@ rsh$(EXEEXT): $(rsh_OBJECTS) $(rsh_DEPENDENCIES) rshd$(EXEEXT): $(rshd_OBJECTS) $(rshd_DEPENDENCIES) @rm -f rshd$(EXEEXT) $(LINK) $(rshd_LDFLAGS) $(rshd_OBJECTS) $(rshd_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -400,17 +398,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = appl/rsh - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -439,7 +436,7 @@ uninstall: uninstall-am all-am: Makefile $(PROGRAMS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(bindir) $(DESTDIR)$(libexecdir) @@ -453,6 +450,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-binPROGRAMS mostlyclean-libexecPROGRAMS \ mostlyclean-compile mostlyclean-libtool \ mostlyclean-tags mostlyclean-generic @@ -493,8 +491,9 @@ clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ check-local check check-am installcheck-am installcheck install-exec-am \ install-exec install-data-local install-data-am install-data install-am \ install uninstall-am uninstall all-local all-redirect all-am all \ -installdirs mostlyclean-generic distclean-generic clean-generic \ -maintainer-clean-generic clean mostlyclean distclean maintainer-clean +install-strip installdirs mostlyclean-generic distclean-generic \ +clean-generic maintainer-clean-generic clean mostlyclean distclean \ +maintainer-clean install-suid-programs: @@ -502,7 +501,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -514,8 +516,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -584,87 +586,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/appl/rsh/rsh.c b/crypto/heimdal/appl/rsh/rsh.c index 5033c4f..7b97f58 100644 --- a/crypto/heimdal/appl/rsh/rsh.c +++ b/crypto/heimdal/appl/rsh/rsh.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,12 +32,12 @@ */ #include "rsh_locl.h" -RCSID("$Id: rsh.c,v 1.47 2000/02/06 05:58:55 assar Exp $"); +RCSID("$Id: rsh.c,v 1.57 2000/12/31 07:36:54 assar Exp $"); enum auth_method auth_method; -int do_encrypt; -int do_forward; -int do_forwardable; +int do_encrypt = -1; +int do_forward = -1; +int do_forwardable = -1; int do_unique_tkfile = 0; char *unique_tkfile = NULL; char tkfile[MAXPATHLEN]; @@ -62,6 +62,9 @@ loop (int s, int errsock) fd_set real_readset; int count = 1; + if (s >= FD_SETSIZE || errsock >= FD_SETSIZE) + errx (1, "fd too large"); + FD_ZERO(&real_readset); FD_SET(s, &real_readset); if (errsock != -1) { @@ -404,7 +407,7 @@ proto (int s, int errsock, struct sockaddr *thataddr = (struct sockaddr *)&thataddr_ss; struct sockaddr_storage erraddr_ss; struct sockaddr *erraddr = (struct sockaddr *)&erraddr_ss; - int addrlen; + socklen_t addrlen; int ret; addrlen = sizeof(thisaddr_ss); @@ -441,14 +444,48 @@ proto (int s, int errsock, return 1; } - errsock2 = accept (errsock, NULL, NULL); - if (errsock2 < 0) { - warn ("accept"); - close (errsock); - return 1; - } - close (errsock); + for (;;) { + fd_set fdset; + + if (errsock >= FD_SETSIZE || s >= FD_SETSIZE) + errx (1, "fd too large"); + + FD_ZERO(&fdset); + FD_SET(errsock, &fdset); + FD_SET(s, &fdset); + + ret = select (max(errsock, s) + 1, &fdset, NULL, NULL, NULL); + if (ret < 0) { + if (errno == EINTR) + continue; + warn ("select"); + close (errsock); + return 1; + } + if (FD_ISSET(errsock, &fdset)) { + errsock2 = accept (errsock, NULL, NULL); + close (errsock); + if (errsock2 < 0) { + warn ("accept"); + return 1; + } + break; + } + + /* + * there should not arrive any data on this fd so if it's + * readable it probably indicates that the other side when + * away. + */ + + if (FD_ISSET(s, &fdset)) { + warnx ("socket closed"); + close (errsock); + errsock2 = -1; + break; + } + } } else { if (net_write (s, "0", 2) != 2) { warn ("write"); @@ -490,8 +527,7 @@ proto (int s, int errsock, /* * Return in `res' a copy of the concatenation of `argc, argv' into - * malloced space. - */ + * malloced space. */ static size_t construct_command (char **res, int argc, char **argv) @@ -673,7 +709,7 @@ doit (const char *hostname, continue; } if (do_errsock) { - struct addrinfo *ea; + struct addrinfo *ea, *eai; struct addrinfo hints; memset (&hints, 0, sizeof(hints)); @@ -682,15 +718,23 @@ doit (const char *hostname, hints.ai_family = a->ai_family; hints.ai_flags = AI_PASSIVE; - error = getaddrinfo (NULL, "0", &hints, &ea); + errsock = -1; + + error = getaddrinfo (NULL, "0", &hints, &eai); if (error) errx (1, "getaddrinfo: %s", gai_strerror(error)); - errsock = socket (ea->ai_family, ea->ai_socktype, ea->ai_protocol); + for (ea = eai; ea != NULL; ea = ea->ai_next) { + errsock = socket (ea->ai_family, ea->ai_socktype, + ea->ai_protocol); + if (errsock < 0) + continue; + if (bind (errsock, ea->ai_addr, ea->ai_addrlen) < 0) + err (1, "bind"); + break; + } if (errsock < 0) err (1, "socket"); - if (bind (errsock, ea->ai_addr, ea->ai_addrlen) < 0) - err (1, "bind"); - freeaddrinfo (ea); + freeaddrinfo (eai); } else errsock = -1; @@ -732,7 +776,7 @@ struct getargs args[] = { NULL }, { "encrypt", 'x', arg_flag, &do_encrypt, "Encrypt connection", NULL }, - { "encrypt", 'z', arg_negative_flag, &do_encrypt, + { NULL, 'z', arg_negative_flag, &do_encrypt, "Don't encrypt connection", NULL }, { "forward", 'f', arg_flag, &do_forward, "Forward credentials", NULL }, @@ -782,12 +826,15 @@ main(int argc, char **argv) const char *local_user; char *host = NULL; int host_index = -1; - int status; + int status; + uid_t uid; priv_port1 = priv_port2 = IPPORT_RESERVED-1; priv_socket1 = rresvport(&priv_port1); priv_socket2 = rresvport(&priv_port2); - setuid(getuid()); + uid = getuid (); + if (setuid (uid) || (uid != 0 && setuid(0) == 0)) + err (1, "setuid"); set_progname (argv[0]); @@ -798,27 +845,32 @@ main(int argc, char **argv) status = krb5_init_context (&context); if (status) - errx(1, "krb5_init_context failed: %u", status); + errx(1, "krb5_init_context failed: %d", status); - do_forwardable = krb5_config_get_bool (context, NULL, - "libdefaults", - "forwardable", - NULL); - - do_forward = krb5_config_get_bool (context, NULL, - "libdefaults", - "forward", - NULL); - - do_encrypt = krb5_config_get_bool (context, NULL, - "libdefaults", - "encrypt", - NULL); - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) usage (1); + if (do_forwardable == -1) + do_forwardable = krb5_config_get_bool (context, NULL, + "libdefaults", + "forwardable", + NULL); + + if (do_forward == -1) + do_forward = krb5_config_get_bool (context, NULL, + "libdefaults", + "forward", + NULL); + else if (do_forward == 0) + do_forwardable = 0; + + if (do_encrypt == -1) + do_encrypt = krb5_config_get_bool (context, NULL, + "libdefaults", + "encrypt", + NULL); + if (do_forwardable) do_forward = 1; @@ -939,6 +991,8 @@ main(int argc, char **argv) else tmp_port = krb5_getportbyname(context, "shell", "tcp", 514); auth_method = AUTH_BROKEN; + if (do_encrypt) + errx (1, "encryption not supported with priv port authentication"); ret = doit_broken (argc, argv, host_index, host, user, local_user, tmp_port, diff --git a/crypto/heimdal/appl/rsh/rsh_locl.h b/crypto/heimdal/appl/rsh/rsh_locl.h index 7eb1f68..3418abc 100644 --- a/crypto/heimdal/appl/rsh/rsh_locl.h +++ b/crypto/heimdal/appl/rsh/rsh_locl.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: rsh_locl.h,v 1.23 2000/02/06 05:58:55 assar Exp $ */ +/* $Id: rsh_locl.h,v 1.24 2000/07/02 15:48:46 assar Exp $ */ #ifdef HAVE_CONFIG_H #include <config.h> @@ -112,6 +112,10 @@ #define _PATH_DEFPATH "/usr/bin:/bin" #endif +#ifndef _PATH_ETC_ENVIRONMENT +#define _PATH_ETC_ENVIRONMENT "/etc/environment" +#endif + /* * */ diff --git a/crypto/heimdal/appl/rsh/rshd.c b/crypto/heimdal/appl/rsh/rshd.c index 9bbdf11..cd7eb7b 100644 --- a/crypto/heimdal/appl/rsh/rshd.c +++ b/crypto/heimdal/appl/rsh/rshd.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,7 +32,7 @@ */ #include "rsh_locl.h" -RCSID("$Id: rshd.c,v 1.30 2000/02/06 05:58:56 assar Exp $"); +RCSID("$Id: rshd.c,v 1.39 2001/01/09 18:44:29 assar Exp $"); enum auth_method auth_method; @@ -63,6 +63,13 @@ static int do_newpag = 1; static int do_version; static int do_help = 0; +#if defined(DCE) +int dfsk5ok = 0; +int dfspag = 0; +int dfsfwd = 0; +krb5_ticket *user_ticket; +#endif + static void syslog_and_die (const char *m, ...) { @@ -215,7 +222,7 @@ save_krb5_creds (int s, } krb5_cc_initialize(context,ccache,client); - ret = krb5_rd_cred(context, auth_context, ccache,&remote_cred); + ret = krb5_rd_cred2(context, auth_context, ccache, &remote_cred); krb5_data_free (&remote_cred); if (ret) return 0; @@ -356,6 +363,8 @@ recv_krb5_auth (int s, u_char *buf, do_encrypt = 1; memmove (cmd, cmd + 3, strlen(cmd) - 2); } else { + if(do_encrypt) + fatal (s, "Encryption required"); do_encrypt = 0; } @@ -381,6 +390,10 @@ recv_krb5_auth (int s, u_char *buf, } } +#if defined(DCE) + user_ticket = ticket; +#endif + return 0; } @@ -393,6 +406,9 @@ loop (int from0, int to0, int max_fd; int count = 2; + if(from0 >= FD_SETSIZE || from1 >= FD_SETSIZE || from2 >= FD_SETSIZE) + errx (1, "fd too large"); + FD_ZERO(&real_readset); FD_SET(from0, &real_readset); FD_SET(from1, &real_readset); @@ -521,17 +537,42 @@ is_reserved(u_short port) */ static void -setup_environment (char *env[7], struct passwd *pwd) +setup_environment (char ***env, const struct passwd *pwd) { - asprintf (&env[0], "USER=%s", pwd->pw_name); - asprintf (&env[1], "HOME=%s", pwd->pw_dir); - asprintf (&env[2], "SHELL=%s", pwd->pw_shell); - asprintf (&env[3], "PATH=%s", _PATH_DEFPATH); - asprintf (&env[4], "SSH_CLIENT=only_to_make_bash_happy"); + int i, j, path; + char **e; + + i = 0; + path = 0; + *env = NULL; + + i = read_environment(_PATH_ETC_ENVIRONMENT, env); + e = *env; + for (j = 0; j < i; j++) { + if (!strncmp(e[j], "PATH=", 5)) { + path = 1; + } + } + + e = *env; + e = realloc(e, (i + 7) * sizeof(char *)); + + asprintf (&e[i++], "USER=%s", pwd->pw_name); + asprintf (&e[i++], "HOME=%s", pwd->pw_dir); + asprintf (&e[i++], "SHELL=%s", pwd->pw_shell); + if (! path) { + asprintf (&e[i++], "PATH=%s", _PATH_DEFPATH); + } + asprintf (&e[i++], "SSH_CLIENT=only_to_make_bash_happy"); +#if defined(DCE) + if (getenv("KRB5CCNAME")) + asprintf (&e[i++], "KRB5CCNAME=%s", getenv("KRB5CCNAME")); +#else if (do_unique_tkfile) - asprintf (&env[5], "KRB5CCNAME=%s", tkfile); - else env[5] = NULL; - env[6] = NULL; + asprintf (&e[i++], "KRB5CCNAME=%s", tkfile); +#endif + e[i++] = NULL; + *env = e; } static void @@ -545,14 +586,14 @@ doit (int do_kerberos, int check_rhosts) struct sockaddr *thataddr = (struct sockaddr *)&thataddr_ss; struct sockaddr_storage erraddr_ss; struct sockaddr *erraddr = (struct sockaddr *)&erraddr_ss; - int addrlen; + socklen_t addrlen; int port; int errsock = -1; char client_user[COMMAND_SZ], server_user[USERNAME_SZ]; char cmd[COMMAND_SZ]; struct passwd *pwd; int s = STDIN_FILENO; - char *env[7]; + char **env; addrlen = sizeof(thisaddr_ss); if (getsockname (s, thisaddr, &addrlen) < 0) @@ -606,8 +647,10 @@ doit (int do_kerberos, int check_rhosts) syslog_and_die ("socket: %m"); if (connect (errsock, erraddr, - socket_sockaddr_size (erraddr)) < 0) - syslog_and_die ("connect: %m"); + socket_sockaddr_size (erraddr)) < 0) { + syslog (LOG_WARNING, "connect: %m"); + close (errsock); + } } if(do_kerberos) { @@ -646,6 +689,10 @@ doit (int do_kerberos, int check_rhosts) syslog_and_die("recv_bsd_auth failed"); } +#if defined(DCE) && defined(AIX) + esetenv("AUTHSTATE", "DCE", 1); +#endif + pwd = getpwnam (server_user); if (pwd == NULL) fatal (s, "Login incorrect."); @@ -662,30 +709,15 @@ doit (int do_kerberos, int check_rhosts) long today; sp = getspnam(server_user); - today = time(0)/(24L * 60 * 60); - if (sp->sp_expire > 0) - if (today > sp->sp_expire) - fatal(s, "Account has expired."); + if (sp != NULL) { + today = time(0)/(24L * 60 * 60); + if (sp->sp_expire > 0) + if (today > sp->sp_expire) + fatal(s, "Account has expired."); + } } #endif -#ifdef HAVE_SETLOGIN - if (setlogin(pwd->pw_name) < 0) - syslog(LOG_ERR, "setlogin() failed: %m"); -#endif - -#ifdef HAVE_SETPCRED - if (setpcred (pwd->pw_name, NULL) == -1) - syslog(LOG_ERR, "setpcred() failure: %m"); -#endif /* HAVE_SETPCRED */ - if (initgroups (pwd->pw_name, pwd->pw_gid) < 0) - fatal (s, "Login incorrect."); - - if (setgid(pwd->pw_gid) < 0) - fatal (s, "Login incorrect."); - - if (setuid (pwd->pw_uid) < 0) - fatal (s, "Login incorrect."); #ifdef KRB5 { @@ -703,8 +735,36 @@ doit (int do_kerberos, int check_rhosts) if (kerberos_status) krb5_start_session(); } + chown(tkfile + 5, pwd->pw_uid, -1); + +#if defined(DCE) + if (kerberos_status) { + esetenv("KRB5CCNAME", tkfile, 1); + dfspag = krb5_dfs_pag(context, kerberos_status, user_ticket->client, server_user); + } +#endif + #endif +#ifdef HAVE_SETLOGIN + if (setlogin(pwd->pw_name) < 0) + syslog(LOG_ERR, "setlogin() failed: %m"); +#endif + +#ifdef HAVE_SETPCRED + if (setpcred (pwd->pw_name, NULL) == -1) + syslog(LOG_ERR, "setpcred() failure: %m"); +#endif /* HAVE_SETPCRED */ + + if (initgroups (pwd->pw_name, pwd->pw_gid) < 0) + fatal (s, "Login incorrect."); + + if (setgid(pwd->pw_gid) < 0) + fatal (s, "Login incorrect."); + + if (setuid (pwd->pw_uid) < 0) + fatal (s, "Login incorrect."); + if (chdir (pwd->pw_dir) < 0) fatal (s, "Remote directory."); @@ -714,7 +774,7 @@ doit (int do_kerberos, int check_rhosts) close (errsock); } - setup_environment (env, pwd); + setup_environment (&env, pwd); if (do_encrypt) { setup_copier (); @@ -736,7 +796,7 @@ doit (int do_kerberos, int check_rhosts) #ifdef KRB5 /* XXX */ - { + if (kerberos_status) { krb5_ccache ccache; krb5_error_code status; @@ -811,7 +871,13 @@ main(int argc, char **argv) } #ifdef KRB5 - krb5_init_context (&context); + { + krb5_error_code ret; + + ret = krb5_init_context (&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + } #endif if(port_str) { |
