summaryrefslogtreecommitdiffstats
path: root/libexec/rlogind
Commit message (Collapse)AuthorAgeFilesLines
* mdoc(7) police: use the new features of the Nm macro.ru2000-11-201-2/+2
|
* remove trailing periods from SEE ALSO.ben2000-11-151-2/+2
|
* Removed broken PAM support from rshd(8) and rlogind(8). rshd doesru2000-10-123-174/+0
| | | | | | | not allocate a pty(4) so it is not suitable at all for interactive PAM modules. rlogind calls login(1) which is already PAM enabled. Approved by: markm
* Make it compile without -DNO_PAM again.ru2000-10-062-1/+5
|
* sprintf() -> snprintf() paranoia.kris2000-08-041-2/+2
|
* Make compilable without -DINET6.ume2000-07-281-6/+2
| | | | | | | With shut up unused variable warnings. PR: bin/20225 Submitted by: Paul Herman <pherman@frenchfries.net>
* Use libcrypto instead of libdes.markm2000-02-241-1/+1
|
* sync iruserok() extension API with other BSDsshin2000-02-011-15/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some of rcmd related function is need to be updated to support IPv6. Some of them are already updated as standard document. But there is also several de-facto functions and they are not listed in standard documents. They are, iruserok() (used by rlogind, rshd) ruserok() (used by kerberos, etc) KAME package updated those functions in original way. iruserok_af() ruserok_af() But recently there was discussion on IETF IPng mailing list about how to sync those API, and it is decided, -Those function is not standard and not documented. -But let BSDs sync their API as de-facto. And after some discussion, it is announced that -add update to iruserok() as iruserok_sa() -no ruserok() API change(it is only updated internaly) So I sync those API before 4.0 is released. The changes are, -prototype changes -ruserok() internal update (use iruserok_sa() inside) -removal of ruserok_af() -change iruserok_af() as static functioin, and also prefix the name with __. -add iruserok_sa() (Just call __iruserok_af() inside) -adding flag AI_ALL to getipnodebyaddr() called from __icheckhost(). This is necessary to support IPv4 communication via AF_INET6 socket could be correctly authenticated via iruserok_sa() -irusreok_af() call is replaced to iruserok_sa() call in rlogind, and rshd. Approved by: jkh
* several tcp apps IPv6 updateshin2000-01-253-18/+71
| | | | | | | | | | | | -inetd -rshd -rlogind -telnetd -rsh -rlogin Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* . mdoc(7)'fyphantom2000-01-071-7/+17
| | | | | | | | . add Xrs to hosts.equiv(5), auth.conf(5), services(5) to some pages . sort Xrs in SEE ALSO sections Patches based on PR: docs/15680 Submitted by: Christian Weisgerber <naddy@mips.rhein-neckar.de>
* Fix for new Kerberos4. Make a fist cut at PAM-ising while I'm here.markm1999-09-194-146/+177
|
* Fix more Common Error brokenness.markm1999-09-061-2/+2
|
* $Id$ -> $FreeBSD$peter1999-08-283-3/+3
|
* Ufff. cflags -> chflags. I could have sworn this change has been inimp1999-08-211-3/+3
| | | | | | my last three successful make buildworlds... Noticed by: phk
* Remove all flags from devices before we try to assert ownership andimp1999-08-211-1/+3
| | | | | | | set permissions. Bug not fixed: We silently ignore failures of chflags, chmod and chown.
* More egcs warning fixes:imp1999-04-251-3/+4
| | | | | | | | | | o main returns int not void o use return 0 at end of main when needed o use braces to avoid potentially ambiguous else o don't default to type int (and also remove a useless register modifier). Reviewed by: obrien and chuckr
* Ensure that things returned by gethostname() andbrian1999-04-071-3/+3
| | | | | | | | | | friends are terminated and allow for a maximum host name length of MAXHOSTNAMELEN - 1. Put parenthesis around sizeof args. Make some variables static. Fix telnetd -u (broken by my last commit) Prompted by: bde
* Use realhostname() rather than various combinations ofbrian1999-04-061-27/+2
| | | | | | gethostbyaddr() & gethostbyname(). Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
* Oops, I missed a few more /etc/nologin references yesterday. It appearsasami1999-01-121-2/+2
| | | | | | my check of the tree was incomplete. Sorry guys. Reported by: Ben Smithurst <ben@scientia.demon.co.uk>
* As previously threatened, clean up the rshd -a option and make it defaultpeter1998-12-161-47/+21
| | | | | | | | | | | | | | | | on rshd and rlogind. However, note that: 1: rshd used to drop a connection with -a if the hostname != ip address. This is unneeded, because iruserok() does it's own checking. It was also wrong if .rhosts had an explicit IP address in it, connections would be dropped from that host solely because the DNS was mismatched even though it was explicitly intended to work by IP address. 2: rlogind and rshd check the hostname mappings by default now because that is what goes into the utmp/wtmp and logs. If the hostname != ip address, then it uses the IP address for logging/utmp/wtmp purposes. There isn't much point logging ficticious hostnames. 3: rshd -a is now accepted (but ignored) for compatability. If you really want to make life miserable for people with bad reverse DNS, use tcpd in paranoid mode (which is questionable anyway, given DNS ttl tweaking).
* Add -lcrypt when building kerberos.jb1998-09-051-3/+3
|
* Fix LIBDIR (for aout/ELF).markm1998-08-061-2/+2
|
* Sort #includes. Add rcsid. Add man page section in .Xrefs.charnier1997-11-252-13/+15
|
* Changes for the new KTH Kerberos.markm1997-09-282-12/+26
| | | | Also make -Wall a bit quieter.
* compare return value from getopt against -1 rather than EOF, per the finalimp1997-03-281-2/+2
| | | | posix standard on the topic.
* Fix various buffer overflows that may or may not be exploitable.imp1997-03-241-5/+7
| | | | | | | Fixes PR 2588 Reviewed by: Dan Cross? Submitted by: Julian Assange
* Revert $FreeBSD$ to $Id$peter1997-02-223-3/+3
|
* Some patches for source routed packets from OpenBSD.imp1997-02-091-14/+14
| | | | | | | | | | | | | | | Rev 1.16 deraadt: do not warn about valid options; invalid options correctly quit Rev 1.15 deraadt: need not clear options since bad ones cause exit; provos@ws1.physnet.uni-hamburg.de Rev 1.14 deraadt: IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed out by provos@wserver.physnet.uni-hamburg.de. also another 1-char buffer overflow. Reviewed by: Peter Wemm Obtained from: OpenSBD
* Make the long-awaited change from $Id$ to $FreeBSD$jkh1997-01-143-3/+3
| | | | | | | | This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
* Sort cross references.wosch1997-01-131-4/+2
|
* Document the -k, -v and -x options.mpp1996-12-161-1/+15
| | | | Closes PR# 801.
* add forgotten $Id$wosch1996-09-223-0/+4
|
* Fix some compilation warnings.pst1996-09-211-1/+1
|
* #include <kerberosIV/des.h> -> #include <des.h>markm1996-02-111-1/+1
|
* Rename des_set_key -> des_set_key_krb. (libdes conflict)markm1996-02-031-1/+1
|
* Section FILES and SEE ALSO completedwosch1996-01-281-1/+13
|
* Fix typo.nate1995-12-021-1/+1
|
* It is not necessary to check if a '-' is in lusername., Checking ifguido1995-12-011-1/+1
| | | | | lusername starts with a '-' is enough. Otherwise, no users with a '-' in there name can use rlogin.
* Stop rlogind from bogusly ignoring an explicit .rhosts file for root.peter1995-11-201-3/+2
| | | | It still correctly ignores hosts.equiv. This is now consistant with rshd.
* Added a -D option to set the TCP_NODELAY socket option. This improvesdg1995-10-152-5/+17
| | | | responsiveness at the expense of some additional network traffic.
* Kerberos can now deal with multi-homed clients.gibbs1995-10-051-1/+1
| | | | | | | | | | | | | | Kerberos obtains a network address for the local host from the routing tables and uses it consistently for all Kerberos transactions. This ensures that packets only leave the *authenticated* interface. Clients who open and use their own sockets for encrypted or authenticated correspondance to kerberos services should bind their sockets to the same address as that used by kerberos. krb_get_local_addr() and krb_bind_local_addr() allow clients to obtain the local address or bind a socket to the local address used by Kerberos respectively. Reviewed by: Mark Murray <markm>, Garrett Wollman <wollman> Obtained from: concept by Dieter Dworkin Muller <dworkin@village.org>
* Remove trailing whitespace.rgrimes1995-05-301-1/+1
|
* Add distribution=krb for P-HKwollman1994-11-201-0/+1
|
* First level of changes for bringing in eBones (kerberos).csgr1994-09-291-5/+10
| | | | | | | | - Get rid of inverse logic (NOKERBEROS and NOEBONES) in src/makefile, and replace with MAKE_KERBEROS and MAKE_EBONES. (Far fewer contortions, and both default to off.) IF YOU WANT KERBEROS, YOU HAVE TO EXPLICITLY DEFINE ONE OF THESE. - Make Makefiles kerberos-aware.
* Plug security hole that was already fixed in 1.1. It preventsguido1994-08-151-0/+5
| | | | | | | | user from specifying their hostname when rlogin()-ing in (using rlogin -f-h<host>) Reviewed by: Submitted by:
* Update to new make macros and disable Kerberos because we haven't got itwollman1994-08-051-5/+5
| | | | set up right yet.
* BSD 4.4 Lite Libexec Sourcesrgrimes1994-05-274-0/+976
OpenPOWER on IntegriCloud