1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
|
2007-07-12 Love Hörnquist Åstrand <lha@it.su.se>
* rsh.c: Fix pointer vs strict alias rules.
* rshd.c: Fix pointer vs strict alias rules.
2007-01-04 Love Hörnquist Åstrand <lha@it.su.se>
* rshd.c: Declare iruserok if needed, based on bug report from
David Love.
2006-11-14 Love Hörnquist Åstrand <lha@it.su.se>
* rsh_locl.h: Forward decl.
2006-10-14 Love Hörnquist Åstrand <lha@it.su.se>
* rsh_locl.h: Include "crypto-headers.h".
2006-10-07 Love Hörnquist Åstrand <lha@it.su.se>
* Makefile.am: Add man_MANS to EXTRA_DIST
2006-04-27 Love Hörnquist Åstrand <lha@it.su.se>
* Makefile.am: rshd_SOURCES += add limits_conf.c
* rsh_locl.h: Include "loginpaths.h"
* rshd.c: Read limits from limits.confon non-root login, patch
from Daniel Ahlin
2006-02-27 Johan Danielsson <joda@pdc.kth.se>
* rshd.8: grammar (from Thomas Klausner)
2006-01-31 Johan Danielsson <joda@pdc.kth.se>
* rshd.c (krb5_start_session): syslog failures to store cred cache
2005-12-21 Love Hörnquist Åstrand <lha@it.su.se>
* rshd.c (doit): move creation of users ticket file to later to
avoid seteuid/setuid dance. this breaks DCE, so remove support for
it completely.
2005-10-22 Love Hörnquist Åstrand <lha@it.su.se>
* rshd.c: Check return value from asprintf instead of string !=
NULL since it undefined behavior on Linux. From Björn Sandell
* rsh.c: Check return value from asprintf instead of string !=
NULL since it undefined behavior on Linux. From Björn Sandell
2005-06-08 Love Hörnquist Åstrand <lha@it.su.se>
* rshd.c: init some important variables and check that they are
set checking authentication, all to please gcc
2005-05-27 Love Hörnquist Åstrand <lha@it.su.se>
* rshd.c: case uid_t to unsigned long in printf format
2005-04-27 Love Hörnquist Åstrand <lha@it.su.se>
* rsh_locl.h: Use larger buffer for recving data to be compatible
with older versions of heimdal (0.4 branch specificly)
* rshd.c: Use larger buffer for recving data to be compatible with
older versions of heimdal (0.4 branch specificly)
2005-04-25 Love Hörnquist Åstrand <lha@it.su.se>
* rshd.c: use snprintf to format tkfile
2005-04-24 Love Hörnquist Åstrand <lha@it.su.se>
* rsh.c: use strlcat
* rsh.c: use strlcpy
* rsh_locl.h: forward declaration for private structures
2005-04-20 Love Hörnquist Åstrand <lha@it.su.se>
* rsh.c: cast size_t to unsigned long
2004-09-21 Johan Danielsson <joda@pdc.kth.se>
* rshd.c: rename loop to rshd_loop
* rshd.c: pass errsock status to init_ivecs
* rsh.c: rename loop() to rsh_loop()
* rsh.c (loop): pass errsock status to init_ivecs
* common.c (init_ivecs): if we don't have an errsock the ivecs
should point to the same data
* rshd.c: if we don't have an errsock, dup stdout to stderr (this
would normally be done by inetd, but not by mini_inetd).
* rshd.c: move keepalive setting to after setting up sockets
2004-02-20 Johan Danielsson <joda@pdc.kth.se>
* rsh.1: reorder and document some options
* rsh_locl.h: include kafs.h if krb4 || krb5
* rsh.c: reorder some options
2003-09-04 Johan Danielsson <joda@pdc.kth.se>
* rsh.1: document -d
2003-08-19 Johan Danielsson <joda@pdc.kth.se>
* rshd.c: -P also with KRB5
2003-04-22 Love Hörnquist Åstrand <lha@it.su.se>
* rsh.1: replace > with \*[Gt]
2003-04-16 Johan Danielsson <joda@pdc.kth.se>
* rsh.c: use krb5_appdefault to get defaults for forward and
encrypt
* rshd.c: use ARG_MAX + 1
* rshd.c (read_str): return allocated string
* rsh_locl.h: set NCARGS to 8k if undefined
2003-03-23 Assar Westerlund <assar@kth.se>
* rsh.c (loop): only check errsock if it's valid
2003-03-18 Love Love Hörnquist Åstrand <lha@it.su.se>
* rshd.c: do krb5_afslog when compling with afs support
* rsh_locl.h: always include kafs.h
2002-11-22 Johan Danielsson <joda@pdc.kth.se>
* rshd.8: clarify -x and kerberos 5
2002-11-01 Johan Danielsson <joda@pdc.kth.se>
* rsh_locl.h: bump COMMAND_SZ to NCARGS+1
2002-09-04 Johan Danielsson <joda@pdc.kth.se>
* rsh.c: free some memory
2002-09-04 Assar Westerlund <assar@kth.se>
* common.c: krb5_crypto_block_size -> krb5_crypto_getblocksize
2002-09-04 Johan Danielsson <joda@pdc.kth.se>
* rsh.1: document -P
2002-09-03 Johan Danielsson <joda@pdc.kth.se>
* rsh.c: revert to protocol v1 if not asked for specific protocol
* rshd.c: handle protocol version 2
* rsh.c: handle protocol version 2
* common.c: handle protocol version 2
* rsh_locl.h: handle protocol version 2
2002-02-18 Johan Danielsson <joda@pdc.kth.se>
* rshd.c: don't show options that doesn't apply
* rsh.c: don't show options that doesn't apply
* rsh_locl.h: if we're not building with any kerberos support,
just call read/write directly
* common.c: if we're not building with any kerberos support, just
call read/write directly
* rshd.c: make this build without krb5; also use the addrinfo
interface to mini_inetd, and set the keepalive option if requested
* rsh.c: make this build without krb5
* rsh_locl.h: make this build without krb5
* common.c: make this build without krb5
2001-11-30 Johan Danielsson <joda@pdc.kth.se>
* rshd.c: make the syslog messages somewhat more informative
2001-08-15 Johan Danielsson <joda@pdc.kth.se>
* rsh.c: only complain about encryption flag when old
authentication is requested
2001-08-07 Johan Danielsson <joda@pdc.kth.se>
* rsh.c: don't try broken auth if rresvport failed; try to give
some more informative error messages
2001-07-31 Johan Danielsson <joda@pdc.kth.se>
* rshd.8: add an EXAMPLE
* rshd.8: manual page
* rshd.c: add some compat flags
* rsh.1: manual page
* rsh.c: iff -d, set the SO_DEBUG flags of the stdout and stderr
socket; implement parsing user@host
2001-07-19 Assar Westerlund <assar@sics.se>
* rshd.c (fatal): use vsnprintf correctly
2001-02-07 Assar Westerlund <assar@sics.se>
* Makefile.am: add login_access
* rshd.c (login_access): add prototype
(syslog_and_die, fatal): add printf attributes
(*): AIX -> _AIX
(doit): use login_access
based on patches from Ake Sandgren <ake@cs.umu.se>
2001-01-09 Assar Westerlund <assar@sics.se>
* rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of
krb5_rd_cred
2000-12-31 Assar Westerlund <assar@sics.se>
* rshd.c (main): handle krb5_init_context failure consistently
* rsh.c (main): handle krb5_init_context failure consistently
2000-12-05 Johan Danielsson <joda@pdc.kth.se>
* rshd.c: require encryption if passed -x
2000-11-15 Assar Westerlund <assar@sics.se>
* rshd.c (loop): check that the fd's aren't too large to select on
* rsh.c (loop, proto): check that the fd's aren't too large to
select on
2000-08-10 Assar Westerlund <assar@sics.se>
* rsh.c: move code to do config/command parsing correctly.
2000-08-09 Assar Westerlund <assar@sics.se>
* rsh.c (main): only fetch stuff from krb5.conf when no option has
been given
2000-08-01 Assar Westerlund <assar@sics.se>
* rsh.c (doit): loop until we create an error socket of an
supported socket family
2000-07-02 Assar Westerlund <assar@sics.se>
* rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se>
do not call syslog with a variable as format string
* rsh_locl.h (_PATH_ETC_ENVIRONMENT): add
2000-06-09 Assar Westerlund <assar@sics.se>
* rsh.c (main): work-around for setuid and capabilities bug fixed
in Linux 2.2.16
2000-06-06 Johan Danielsson <joda@pdc.kth.se>
* rsh.c: nuke long option from -z
* rsh.c: don't try to encrypt if auth is broken (Daniel Kouril)
2000-06-03 Assar Westerlund <assar@sics.se>
* rshd.c (doit): check return value of getspnam. From
<haba@pdc.kth.se>
2000-05-23 Assar Westerlund <assar@sics.se>
* rsh.c (proto): select on the normal socket when waiting for the
daemon to connect back to the stderr port, so that we discover
when data arrives there before. when that happens, we assume that
the daemon did not manage to connect (because of NAT/whatever) and
continue as if `-e' was given
* rshd.c (doit): if we fail to connect back to the stderr port,
act as if `-e' was given on the client side, i.e. without the
special TCP-connection. This tries to make things better when
running the head against a NAT wall, for example.
2000-02-07 Assar Westerlund <assar@sics.se>
* Makefile.am (LDADD): make sure we use the heimdal libdes
2000-02-06 Assar Westerlund <assar@sics.se>
* *: conditionalize des stuff on KRB4
1999-12-16 Assar Westerlund <assar@sics.se>
* rsh.c (doit): addrinfo returned from getaddrinfo() is not usable
directly as hints. copy it and set AI_PASSIVE.
1999-11-20 Assar Westerlund <assar@sics.se>
* rsh.c (main): remember to close the priviledged sockets before
calling rlogin
1999-11-02 Assar Westerlund <assar@sics.se>
* rsh.c (main): redo the v4/v5 selection for consistency. -4 ->
try only v4 -5 -> try only v5 none, -45 -> try v5, v4
1999-10-26 Assar Westerlund <assar@sics.se>
* rshd.c (main): ignore SIGPIPE
* common.c (do_read): the encoded length can be longer than the
buffer being used, allocate memory for it dynamically. From Brian
A May <bmay@dgs.monash.edu.au>
1999-10-14 Assar Westerlund <assar@sics.se>
* rsh.c (proto): be more careful and don't print errno when read()
returns 0
1999-09-20 Assar Westerlund <assar@sics.se>
* rshd.c (recv_krb4_auth): set `iv'
1999-08-16 Assar Westerlund <assar@sics.se>
* common.c (do_read): be careful with the return value from
krb5_net_read
1999-08-05 Assar Westerlund <assar@sics.se>
* rsh.c: call freehostent
* rsh.c: remove some dead code
1999-08-04 Assar Westerlund <assar@sics.se>
* rshd.c: re-write the handling of forwarded credentials and
stuff. From Miroslav Ruda <ruda@ics.muni.cz>
* rsh_locl.h: always include kafs.h
* rsh.c: add `-z' and `-G' options
* rsh.c (loop): shutdown one side of the TCP connection on EOF.
From Brian A May <bmay@dgs.monash.edu.au>
* common.c (do_read): handle EOF. From Brian A May
<bmay@dgs.monash.edu.au>
1999-08-01 Assar Westerlund <assar@sics.se>
* rsh.c: const fixes
1999-07-29 Assar Westerlund <assar@sics.se>
* rshd.c: v6-ify
* rsh.c: v6-ify
1999-07-28 Assar Westerlund <assar@sics.se>
* rsh_locl.h: move around kafs.h
1999-07-24 Assar Westerlund <assar@sics.se>
* rsh_locl.h: <shadow.h>
* rsh.c, rshd.c: improve forwarding and implement unique ccache on
server. From Miroslav Ruda <ruda@ics.muni.cz>
1999-07-03 Assar Westerlund <assar@sics.se>
* rsh.c (construct_command): handle argc == 0 for generality
1999-06-23 Assar Westerlund <assar@sics.se>
* rsh.c: new option `-e' for not trying to open an stderr socket
1999-06-17 Assar Westerlund <assar@sics.se>
* rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we
don't leave any data inside des_enc_read. (that constant should
really be exported in some way...)
1999-06-15 Assar Westerlund <assar@sics.se>
* rsh.c: use get_default_username and resulting const pollution
1999-05-21 Assar Westerlund <assar@sics.se>
* rsh.c (main): try $USERNAME
1999-05-14 Assar Westerlund <assar@sics.se>
* rshd.c (doit): afslog correctly
1999-05-11 Assar Westerlund <assar@sics.se>
* rsh.c (main): add fallback to rlogin
1999-05-10 Assar Westerlund <assar@sics.se>
* rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL.
check return value from krb5_crypto_init
* common.c (do_write, do_read): always return -1 for failure
(net_write, net_read): remove. they already exist in libroken
1999-05-09 Assar Westerlund <assar@sics.se>
* rsh.c: make sure it tries with all other authentication methods
after one has failed
* rsh.c (main): detect the case of no command given.
1999-04-11 Assar Westerlund <assar@sics.se>
* rsh.c: new option --forwardable. use print_version
Sat Apr 10 17:10:55 1999 Assar Westerlund <assar@sics.se>
* rshd.c (setup_copier): use `socketpair' instead of `pipe'. Some
shells don't think it's a rsh session if they find a pipe at the
other end.
(setup_environment): add SSH_CLIENT just to make bash happy
* common.c (do_read): use krb5_get_wrapped_length
Wed Mar 24 03:59:42 1999 Assar Westerlund <assar@sics.se>
* rsh.c (loop): more braces to make gcc happy
Tue Mar 23 17:08:32 1999 Johan Danielsson <joda@hella.pdc.kth.se>
* rsh_locl.h: kafs.h
* rshd.c: add `-P', `-v', and `-L' flags
Thu Mar 18 11:37:24 1999 Johan Danielsson <joda@hella.pdc.kth.se>
* Makefile.am: include Makefile.am.common
Tue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se>
* appl/rsh/rshd.c: update to new crypto framework
* appl/rsh/rsh_locl.h: update to new crypto framework
* appl/rsh/rsh.c: update to new crypto framework
* appl/rsh/common.c: update to new crypto framework
Mon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se>
* appl/rsh/rsh.c (main): initialize host
* appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not
encrypting.
Thu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se>
* appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user'
Thu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se>
* appl/rsh/rshd.c: use krb5_verify_authenticator_checksum
Sat Apr 18 21:13:06 1998 Johan Danielsson <joda@emma.pdc.kth.se>
* appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified.
Sun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se>
* appl/rsh/rshd.c (recv_krb5_auth): swap the order of the
`local_user' and the `remote_user'
* appl/rsh/rsh.c (send_krb5_auth): swap the order of the
`local_user' and the `remote_user'
Sat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se>
* appl/rsh/rshd.c: updated to use getarg.
changed `struct fd_set' to `fd_set'.
implemented broken/BSD authentication (requires iruserok)
Wed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se>
* appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH
* appl/rsh/Makefile.am: set BINDIR
* appl/rsh/rsh.c: implemented BSD-style reserved port
`authentication'
Sun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se>
* appl/rsh/rshd.c: syslog remote shells
Tue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se>
* appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server
parameter to krb5_rd_req/krb5_recvauth. Set addresses in
auth_context.
Fri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se>
* appl/rsh/rshd.c: implement forwarding
* appl/rsh/rsh.c: Use getarg. Implement forwarding.
Sun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se>
* appl/rsh: Conditionalize the krb4-support.
Wed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se>
* appl/rsh/rsh.c: use the correct user for the checksum
Mon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se>
* appl/rsh/rshd.c: Now works. Also implementd encryption and
`-p'.
* appl/rsh/common.c: new file
Mon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se>
* appl/rsh: New program.
|