diff options
-rw-r--r-- | bin/rcp/Makefile | 14 | ||||
-rw-r--r-- | bin/rcp/rcp.c | 159 | ||||
-rw-r--r-- | bin/rcp/util.c | 2 | ||||
-rw-r--r-- | usr.bin/rsh/Makefile | 13 | ||||
-rw-r--r-- | usr.bin/rsh/rsh.c | 166 |
5 files changed, 13 insertions, 341 deletions
diff --git a/bin/rcp/Makefile b/bin/rcp/Makefile index 435a350..a9a4da5 100644 --- a/bin/rcp/Makefile +++ b/bin/rcp/Makefile @@ -5,20 +5,6 @@ PROG= rcp SRCS= rcp.c util.c CFLAGS+=-DBINDIR=${BINDIR} -.if defined(MAKE_KERBEROS4) && !defined(NO_OPENSSL) && !defined(NOCRYPT) -SRCS+= krcmd.c kcmd.c rcmd_util.c -DPADD= ${LIBUTIL} ${LIBKRB} ${LIBCRYPTO} -CFLAGS+=-DCRYPT -DHAVE_CONFIG_H \ - -I${.CURDIR}/../../kerberosIV/include \ - -I${.CURDIR}/../../crypto/kerberosIV/include \ - -I${.CURDIR}/../../crypto/kerberosIV/lib/roken \ - -I${.CURDIR}/../../crypto/kerberosIV/appl/bsd \ - -I${.CURDIR} -LDADD= -lutil -lkrb -lcrypto -DISTRIBUTION= krb4 -.PATH: ${.CURDIR}/../../crypto/kerberosIV/appl/bsd -.endif - BINOWN= root BINMODE=4555 INSTALLFLAGS=-fschg diff --git a/bin/rcp/rcp.c b/bin/rcp/rcp.c index 8ea6be5..d7262b4 100644 --- a/bin/rcp/rcp.c +++ b/bin/rcp/rcp.c @@ -81,26 +81,7 @@ __FBSDID("$FreeBSD$"); #include "extern.h" -#ifdef KERBEROS -#include <openssl/des.h> -#include <krb.h> -#include "bsd_locl.h" - -char dst_realm_buf[REALM_SZ]; -char *dest_realm = NULL; -int use_kerberos = 1; -CREDENTIALS cred; -Key_schedule schedule; -extern char *krb_realmofhost(); -#ifdef CRYPT -int doencrypt = 0; -#define OPTIONS "46dfKk:prtx" -#else -#define OPTIONS "46dfKk:prt" -#endif -#else #define OPTIONS "46dfprt" -#endif struct passwd *pwd; u_short port; @@ -115,10 +96,6 @@ static char **argv_copy; #define CMDNEEDS 64 char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ -#ifdef KERBEROS -int kerberos(char **, char *, char *, char *); -void oldw(const char *, ...) __printflike(1, 2); -#endif int response(void); void rsource(char *, struct stat *); void run_err(const char *, ...) __printflike(1, 2); @@ -134,9 +111,6 @@ main(int argc, char *argv[]) struct servent *sp; int ch, fflag, i, tflag; char *targ, *shell; -#ifdef KERBEROS - char *k; -#endif /* * Prepare for execing ourselves. @@ -165,24 +139,6 @@ main(int argc, char *argv[]) family = PF_INET6; break; - case 'K': -#ifdef KERBEROS - use_kerberos = 0; -#endif - break; -#ifdef KERBEROS - case 'k': - dest_realm = dst_realm_buf; - (void)strncpy(dst_realm_buf, optarg, REALM_SZ - 1); - dst_realm_buf[REALM_SZ - 1] = '\0'; - break; -#ifdef CRYPT - case 'x': - doencrypt = 1; - /* des_set_key(cred.session, schedule); */ - break; -#endif -#endif case 'p': pflag = 1; break; @@ -208,26 +164,7 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; -#ifdef KERBEROS - k = auth_getval("auth_list"); - if (k && !strstr(k, "kerberos")) - use_kerberos = 0; - if (use_kerberos) { -#ifdef CRYPT - shell = doencrypt ? "ekshell" : "kshell"; -#else - shell = "kshell"; -#endif - if ((sp = getservbyname(shell, "tcp")) == NULL) { - use_kerberos = 0; - oldw("can't get entry for %s/tcp service", shell); - sp = getservbyname(shell = "shell", "tcp"); - } - } else - sp = getservbyname(shell = "shell", "tcp"); -#else sp = getservbyname(shell = "shell", "tcp"); -#endif if (sp == NULL) errx(1, "%s/tcp: unknown service", shell); port = sp->s_port; @@ -257,20 +194,9 @@ main(int argc, char *argv[]) rem = -1; /* Command to be executed on remote system using "rsh". */ -#ifdef KERBEROS - (void)snprintf(cmd, sizeof(cmd), - "rcp%s%s%s%s", iamrecursive ? " -r" : "", -#ifdef CRYPT - (doencrypt && use_kerberos ? " -x" : ""), -#else - "", -#endif - pflag ? " -p" : "", targetshouldbedirectory ? " -d" : ""); -#else (void)snprintf(cmd, sizeof(cmd), "rcp%s%s%s", iamrecursive ? " -r" : "", pflag ? " -p" : "", targetshouldbedirectory ? " -d" : ""); -#endif (void)signal(SIGPIPE, lostconn); @@ -348,17 +274,10 @@ toremote(char *targ, int argc, char *argv[]) err(1, "malloc"); (void)snprintf(bp, len, "%s -t %s", cmd, targ); host = thost; -#ifdef KERBEROS - if (use_kerberos) - rem = kerberos(&host, bp, - pwd->pw_name, - tuser ? tuser : pwd->pw_name); - else -#endif - rem = rcmd_af(&host, port, - pwd->pw_name, - tuser ? tuser : pwd->pw_name, - bp, 0, family); + rem = rcmd_af(&host, port, + pwd->pw_name, + tuser ? tuser : pwd->pw_name, + bp, 0, family); if (rem < 0) exit(1); if (family == PF_INET) { @@ -417,12 +336,7 @@ tolocal(int argc, char *argv[]) if ((bp = malloc(len)) == NULL) err(1, "malloc"); (void)snprintf(bp, len, "%s -f %s", cmd, src); - rem = -#ifdef KERBEROS - use_kerberos ? - kerberos(&host, bp, pwd->pw_name, suser) : -#endif - rcmd_af(&host, port, pwd->pw_name, suser, bp, 0, + rem = rcmd_af(&host, port, pwd->pw_name, suser, bp, 0, family); (void)free(bp); if (rem < 0) { @@ -814,44 +728,6 @@ screwup: exit(1); } -#ifdef KERBEROS -int -kerberos(char **host, char *bp, char *locuser, char *user) -{ - if (use_kerberos) { - setuid(getuid()); - rem = KSUCCESS; - errno = 0; - if (dest_realm == NULL) - dest_realm = krb_realmofhost(*host); - rem = -#ifdef CRYPT - doencrypt ? - krcmd_mutual(host, - port, user, bp, 0, dest_realm, &cred, schedule) : -#endif - krcmd(host, port, user, bp, 0, dest_realm); - - if (rem < 0) { - if (errno == ECONNREFUSED) - oldw("remote host doesn't support Kerberos"); - else if (errno == ENOENT) - oldw("can't provide Kerberos authentication data"); - execv(_PATH_RCP, argv_copy); - err(1, "execv: %s", _PATH_RCP); - } - } else { -#ifdef CRYPT - if (doencrypt) - errx(1, - "the -x option requires Kerberos authentication"); -#endif - rem = rcmd_af(host, port, locuser, user, bp, 0, family); - } - return (rem); -} -#endif /* KERBEROS */ - int response(void) { @@ -888,39 +764,14 @@ response(void) void usage(void) { -#ifdef KERBEROS -#ifdef CRYPT - (void)fprintf(stderr, "%s\n%s\n", - "usage: rcp [-46Kpx] [-k realm] f1 f2", - " rcp [-46Kprx] [-k realm] f1 ... fn directory"); -#else - (void)fprintf(stderr, "%s\n%s\n", - "usage: rcp [-46Kp] [-k realm] f1 f2", - " rcp [-46Kpr] [-k realm] f1 ... fn directory"); -#endif -#else (void)fprintf(stderr, "%s\n%s\n", "usage: rcp [-46p] f1 f2", " rcp [-46pr] f1 ... fn directory"); -#endif exit(1); } #include <stdarg.h> -#ifdef KERBEROS -void -oldw(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - (void)fprintf(stderr, "rcp: "); - (void)vfprintf(stderr, fmt, ap); - (void)fprintf(stderr, ", using standard rcp\n"); - va_end(ap); -} -#endif - void run_err(const char *fmt, ...) { diff --git a/bin/rcp/util.c b/bin/rcp/util.c index 28e188c..15b1b9e 100644 --- a/bin/rcp/util.c +++ b/bin/rcp/util.c @@ -33,7 +33,7 @@ #ifndef lint #if 0 -static char sccsid[] = "@(#)util.c 8.2 (Berkeley) 4/2/94"; +static const char sccsid[] = "@(#)util.c 8.2 (Berkeley) 4/2/94"; #endif #endif /* not lint */ #include <sys/cdefs.h> diff --git a/usr.bin/rsh/Makefile b/usr.bin/rsh/Makefile index 844c1f2..fd4644e 100644 --- a/usr.bin/rsh/Makefile +++ b/usr.bin/rsh/Makefile @@ -5,19 +5,6 @@ PROG= rsh SRCS= rsh.c CFLAGS+=-I${.CURDIR}/../../libexec/rlogind -.if defined(MAKE_KERBEROS4) && !defined(NO_OPENSSL) && !defined(NOCRYPT) -SRCS+= krcmd.c kcmd.c rcmd_util.c -CFLAGS+=-DKERBEROS -DCRYPT -DHAVE_CONFIG_H -I- \ - -I${.CURDIR}/../../kerberosIV/include \ - -I${.CURDIR}/../../crypto/kerberosIV/include \ - -I${.CURDIR}/../../crypto/kerberosIV/lib/roken \ - -I${.CURDIR}/../../crypto/kerberosIV/appl/bsd -DPADD= ${LIBUTIL} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} ${LIBCOM_ERR} -LDADD= -lutil -lkrb -lcrypto -lcrypt -lcom_err -DISTRIBUTION= krb4 -.PATH: ${.CURDIR}/../../crypto/kerberosIV/appl/bsd -.endif - BINOWN= root BINMODE=4555 INSTALLFLAGS=-fschg diff --git a/usr.bin/rsh/rsh.c b/usr.bin/rsh/rsh.c index a4a3a74..2830f13 100644 --- a/usr.bin/rsh/rsh.c +++ b/usr.bin/rsh/rsh.c @@ -73,18 +73,6 @@ __FBSDID("$FreeBSD$"); #include <unistd.h> #include <err.h> -#ifdef KERBEROS -#include <openssl/des.h> -#include <krb.h> -#include "krb.h" - -CREDENTIALS cred; -Key_schedule schedule; -int use_kerberos = 1, doencrypt; -char dst_realm_buf[REALM_SZ], *dest_realm; -extern char *krb_realmofhost(); -#endif - /* * rsh - remote shell */ @@ -110,9 +98,6 @@ main(int argc, char *argv[]) uid_t uid; char *args, *host, *p, *user; int timeout = 0; -#ifdef KERBEROS - const char *k; -#endif argoff = asrsh = dflag = nflag = 0; one = 1; @@ -134,15 +119,7 @@ main(int argc, char *argv[]) argoff = 1; } -#ifdef KERBEROS -#ifdef CRYPT -#define OPTIONS "468KLde:k:l:nt:wx" -#else -#define OPTIONS "468KLde:k:l:nt:w" -#endif -#else #define OPTIONS "468KLde:l:nt:w" -#endif while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1) switch(ch) { case '4': @@ -153,11 +130,6 @@ main(int argc, char *argv[]) family = PF_INET6; break; - case 'K': -#ifdef KERBEROS - use_kerberos = 0; -#endif - break; case 'L': /* -8Lew are ignored to allow rlogin aliases */ case 'e': case 'w': @@ -169,22 +141,9 @@ main(int argc, char *argv[]) case 'l': user = optarg; break; -#ifdef KERBEROS - case 'k': - dest_realm = dst_realm_buf; - strncpy(dest_realm, optarg, REALM_SZ); - break; -#endif case 'n': nflag = 1; break; -#ifdef KERBEROS -#ifdef CRYPT - case 'x': - doencrypt = 1; - break; -#endif -#endif case 't': timeout = atoi(optarg); break; @@ -214,80 +173,14 @@ main(int argc, char *argv[]) if (!user) user = pw->pw_name; -#ifdef KERBEROS -#ifdef CRYPT - /* -x turns off -n */ - if (doencrypt) - nflag = 0; -#endif -#endif - args = copyargs(argv); sp = NULL; -#ifdef KERBEROS - k = auth_getval("auth_list"); - if (k && !strstr(k, "kerberos")) - use_kerberos = 0; - if (use_kerberos) { - sp = getservbyname((doencrypt ? "ekshell" : "kshell"), "tcp"); - if (sp == NULL) { - use_kerberos = 0; - warnx( - "warning, using standard rsh: can't get entry for %s/tcp service", - doencrypt ? "ekshell" : "kshell"); - } - } -#endif if (sp == NULL) sp = getservbyname("shell", "tcp"); if (sp == NULL) errx(1, "shell/tcp: unknown service"); -#ifdef KERBEROS -try_connect: - if (use_kerberos) { - struct hostent *hp; - - /* fully qualify hostname (needed for krb_realmofhost) */ - hp = gethostbyname(host); - if (hp != NULL && !(host = strdup(hp->h_name))) - err(1, NULL); - - rem = KSUCCESS; - errno = 0; - if (dest_realm == NULL) - dest_realm = krb_realmofhost(host); - -#ifdef CRYPT - if (doencrypt) { - rem = krcmd_mutual(&host, sp->s_port, user, args, - &rfd2, dest_realm, &cred, schedule); - des_set_key(&cred.session, schedule); - } else -#endif - rem = krcmd(&host, sp->s_port, user, args, &rfd2, - dest_realm); - if (rem < 0) { - use_kerberos = 0; - sp = getservbyname("shell", "tcp"); - if (sp == NULL) - errx(1, "shell/tcp: unknown service"); - if (errno == ECONNREFUSED) - warnx( - "warning, using standard rsh: remote host doesn't support Kerberos"); - if (errno == ENOENT) - warnx( - "warning, using standard rsh: can't provide Kerberos auth data"); - goto try_connect; - } - } else { - if (doencrypt) - errx(1, "the -x flag requires Kerberos authentication"); - rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args, - &rfd2, family); - } -#else if (timeout) { signal(SIGALRM, connect_timeout); alarm(timeout); @@ -298,7 +191,6 @@ try_connect: signal(SIGALRM, SIG_DFL); alarm(0); } -#endif if (rem < 0) exit(1); @@ -331,15 +223,8 @@ try_connect: else (void)shutdown(rem, 1); -#ifdef KERBEROS -#ifdef CRYPT - if (!doencrypt) -#endif -#endif - { - (void)ioctl(rfd2, FIONBIO, &one); - (void)ioctl(rem, FIONBIO, &one); - } + (void)ioctl(rfd2, FIONBIO, &one); + (void)ioctl(rem, FIONBIO, &one); talk(nflag, omask, pid, rem, timeout); @@ -379,14 +264,7 @@ rewrite: } if (!FD_ISSET(rem, &rembits)) goto rewrite; -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - wc = des_enc_write(rem, bp, cc, schedule, &cred.session); - else -#endif -#endif - wc = write(rem, bp, cc); + wc = write(rem, bp, cc); if (wc < 0) { if (errno == EWOULDBLOCK) goto rewrite; @@ -429,14 +307,7 @@ done: errx(1, "timeout reached (%d seconds)\n", timeout); if (FD_ISSET(rfd2, &ready)) { errno = 0; -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - cc = des_enc_read(rfd2, buf, sizeof buf, schedule, &cred.session); - else -#endif -#endif - cc = read(rfd2, buf, sizeof buf); + cc = read(rfd2, buf, sizeof buf); if (cc <= 0) { if (errno != EWOULDBLOCK) FD_CLR(rfd2, &readfrom); @@ -445,14 +316,7 @@ done: } if (FD_ISSET(rem, &ready)) { errno = 0; -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - cc = des_enc_read(rem, buf, sizeof buf, schedule, &cred.session); - else -#endif -#endif - cc = read(rem, buf, sizeof buf); + cc = read(rem, buf, sizeof buf); if (cc <= 0) { if (errno != EWOULDBLOCK) FD_CLR(rem, &readfrom); @@ -477,14 +341,7 @@ sendsig(int sig) char signo; signo = sig; -#ifdef KERBEROS -#ifdef CRYPT - if (doencrypt) - (void)des_enc_write(rfd2, &signo, 1, schedule, &cred.session); - else -#endif -#endif - (void)write(rfd2, &signo, 1); + (void)write(rfd2, &signo, 1); } char * @@ -513,15 +370,6 @@ usage(void) { (void)fprintf(stderr, - "usage: rsh [-46] [-ndK%s]%s[-l login] [-t timeout] host [command]\n", -#ifdef KERBEROS -#ifdef CRYPT - "x", " [-k realm] "); -#else - "", " [-k realm] "); -#endif -#else - "", " "); -#endif + "usage: rsh [-46] [-nd] [-l login] [-t timeout] host [command]\n"); exit(1); } |