+Thu Oct 31 22:14:00 1996 Sam Hartman <hartmans@planet-zorp.MIT.EDU>
+
+ * krlogind.c (doit): Remove tab3 because it isn't very useful and
+ isn't always present.
+
+Thu Oct 31 19:19:54 1996 Sam Hartman <hartmans@mit.edu>
+
+ * klogind.M kshd.M: document -r goes away [138]
+
+ * krshd.c (doit): Do not support rhosts authentication. This was
+ never used by any clients and the cruft in kcmd.c was creating
+ problems. [138]
+
+ * krlogind.c (do_krb_login): Remove broken rhosts support. [138]
+
+ * kcmd.c: Remove ruserok and associated cruft along with killpg. [138]
+
Tue Oct 29 10:09:39 1996 Theodore Y. Ts'o <tytso@mit.edu>
* login.c: Make the defaults be to *not* to get Kerberos V4
-#ifdef HAVE_SETREUID
-#if defined(sun)
-/* The IMP and ultrix do not like multiple defined routines
- and since it does not have users with NFS filesystems
- mounted, the ruserok on it's OS will work just fine.
- However that is not the case with SUNS who's ruserok which
- is provided with the OS has problems with it's seteuid
- ( which will eventually be traced no doubt to using
- setreuid(-1,pgid)).
- Therefore we provide a version of ruserok with fixes
- the seteuid problem....Drawback - it can only be used
- by a root process.*/
-
-#ifndef convex
-ruserok(rhost, superuser, ruser, luser)
- const char *rhost;
- int superuser;
- const char *ruser, *luser;
-{
- FILE *hostf;
- char fhost[MAXHOSTNAMELEN];
- int first = 1;
- register char *sp, *p;
- int baselen = -1;
- int euid = -1;
-
- sp = rhost;
- p = fhost;
- while (*sp) {
- if (*sp == '.') {
- if (baselen == -1)
- baselen = sp - rhost;
- *p++ = *sp++;
- } else {
- *p++ = islower(*sp) ? toupper(*sp++) : *sp++;
- }
- }
- *p = '\0';
- hostf = superuser ? (FILE *)0 : fopen("/etc/hosts.equiv", "r");
- again:
- if (hostf) {
- if (!_validuser(hostf, fhost, luser, ruser, baselen)) {
- (void) fclose(hostf);
- if (euid != -1)
- (void) setreuid ( 0,euid);
- return(0);
- }
- (void) fclose(hostf);
- }
- if (first == 1) {
- struct stat sbuf;
- struct passwd *pwd;
- char pbuf[MAXPATHLEN];
-
- first = 0;
- if ((pwd = getpwnam(luser)) == NULL)
- return(-1);
- /*
- * Read .rhosts as the local user to avoid NFS mapping the
- * root uid to something that can't read .rhosts.
- */
- euid = geteuid();
- if (euid != -1)
- (void) setreuid ( 0,pwd->pw_uid);
- (void)strcpy(pbuf, pwd->pw_dir);
- (void)strcat(pbuf, "/.rhosts");
- if ((hostf = fopen(pbuf, "r")) == NULL){
- if (euid != -1)
- (void) setreuid ( 0,euid);
- return(-1);
- }
- (void)fstat(fileno(hostf), &sbuf);
- if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) {
- fclose(hostf);
- if (euid != -1)
- (void) setreuid ( 0,euid);
- return(-1);
- }
- goto again;
- }
- if (euid != -1)
- (void) setreuid ( 0,euid);
- return (-1);
-}
-
-
-
-_validuser(hostf, rhost, luser, ruser, baselen)
- char *rhost, *luser, *ruser;
- FILE *hostf;
- int baselen;
-{
- char *user;
- char ahost[MAXHOSTNAMELEN];
- register char *p;
-
- while (fgets(ahost, sizeof (ahost), hostf)) {
- p = ahost;
- while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') {
- *p = islower(*p) ? toupper(*p) : *p;
- p++;
- }
- if (*p == ' ' || *p == '\t') {
- *p++ = '\0';
- while (*p == ' ' || *p == '\t')
- p++;
- user = p;
- while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0')
- p++;
- } else
- user = p;
- *p = '\0';
- if (_checkhost(rhost, ahost, baselen) &&
- !strcmp(ruser, *user ? user : luser)) {
- return (0);
- }
- }
- return (-1);
-}
-#endif /* convex */
-
-
-
-_checkhost(rhost, lhost, len)
- char *rhost, *lhost;
- int len;
-{
- static char ldomain[MAXHOSTNAMELEN + 1];
- static char *domainp = NULL;
- static int nodomain = 0;
- register char *cp;
-
- if (len == -1)
- return(!strcmp(rhost, lhost));
- if (strncmp(rhost, lhost, len))
- return(0);
- if (!strcmp(rhost, lhost))
- return(1);
- if (*(lhost + len) != '\0')
- return(0);
- if (nodomain)
- return(0);
- if (!domainp) {
- if (gethostname(ldomain, sizeof(ldomain)) == -1) {
- nodomain = 1;
- return(0);
- }
- ldomain[MAXHOSTNAMELEN] = 0;
- if ((domainp = strchr(ldomain, '.')) == (char *)NULL) {
- nodomain = 1;
- return(0);
- }
- for (cp = ++domainp; *cp; ++cp)
- if (islower(*cp))
- *cp = toupper(*cp);
- }
- return(!strcmp(domainp, rhost + len +1));
-
-}
-#endif /* ! sun */
-#endif /* HAVE_SETREUID */
-
-
-#if defined (hpux)
-int setreuid(real,eff)
- int real,eff;
-{
- int tmpint = -1;
- return(setresuid(real,eff,tmpint));
-}
-#endif
-
#ifndef HAVE_STRSAVE
#endif
-#ifdef SYSV
-
-int killpg(pid,sig)
- int pid,sig;
-{
-
- if ( pid >= 0)
- pid *= -1;
- return(kill(pid,sig));
-}
-
-#endif
Allow Kerberos V5 and Kerberos V4 as acceptable authentication
mechanisms. This is the same as including \fB\-4\fP and \fB\-5\fP.
-.IP \fB\-r\fP
-Trust the remote hostname as an authentication system using the
- \fI.rhosts\fP authorization list. This option may
-be desupported in future version of klogind.
.IP \fB\-p\fP
If all other authorization checks fail, prompt the user
* 1) Check authentication.
* 2) Check authorization via the access-control files:
* ~/.k5login (using krb5_kuserok) and/or
- * ~/.rhosts (using ruserok).
* 3) Prompt for password if any checks fail, or if so configured.
* Allow login if all goes well either by calling the accompanying
* login.krb5 or /bin/login, according to the definition of
* -k means trust krb4 or krb5
* -5 means trust krb5
* -4 means trust krb4
- * -r means trust .rhosts (using ruserok).
* -p and -P means prompt for password.
* If the -P option is passed, then the password is verified in
* addition to all other checks. If -p is not passed with -k or -r,
* KERBEROS - Define this if application is to be kerberised.
* CRYPT - Define this if encryption is to be an option.
* DO_NOT_USE_K_LOGIN - Define this if you want to use /bin/login
- * instead of the accompanying login.krb5. In that case,
- * the remote user's name must be present in the local
- * .rhosts file, regardless of any options specified.
+ * instead of the accompanying login.krb5.
* KRB5_KRB4_COMPAT - Define this if v4 rlogin clients are also to be served.
* ALWAYS_V5_KUSEROK - Define this if you want .k5login to be
* checked even for v4 clients (instead of .klogin).
krb5_keytab keytab = NULL;
-#define ARGSTR "rk54ciepPD:S:M:L:?"
+#define ARGSTR "k54ciepPD:S:M:L:?"
#else /* !KERBEROS */
#define ARGSTR "rpPD:?"
#define (*des_read) read
*/
#define AUTH_KRB4 (0x1)
#define AUTH_KRB5 (0x2)
-#define AUTH_RHOSTS (0x4)
int auth_ok = 0, auth_sent = 0;
int do_encrypt = 0, passwd_if_fail = 0, passwd_req = 0;
int checksum_required = 0, checksum_ignored = 0;
opterr = 0;
while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
switch (ch) {
- case 'r':
- auth_ok |= AUTH_RHOSTS;
- break;
#ifdef KERBEROS
case 'k':
#ifdef KRB5_KRB4_COMPAT
desinbuf.data = des_inbuf;
desoutbuf.data = des_outpkt+4; /* Set up des buffers */
- /* Must come from privileged port when .rhosts is being looked into */
- if ((auth_ok&AUTH_RHOSTS)
- && (fromp->sin_port >= IPPORT_RESERVED ||
- fromp->sin_port < IPPORT_RESERVED/2))
- non_privileged = 1;
#else /* !KERBEROS */
if (fromp->sin_port >= IPPORT_RESERVED ||
fromp->sin_port < IPPORT_RESERVED/2)
new_termio.c_iflag &= ~(IXON|IXANY|BRKINT|INLCR|ICRNL);
#else
new_termio.c_lflag |= (ICANON|ECHO|ISIG|IEXTEN);
- new_termio.c_oflag |= (ONLCR|OPOST|TAB3);
+ new_termio.c_oflag |= (ONLCR|OPOST);
new_termio.c_iflag|= (IXON|IXANY|BRKINT|INLCR|ICRNL);
#endif /*Do we need binary stream?*/
new_termio.c_iflag &= ~(ISTRIP);
#endif
-/* See if we pass .rhosts.*/
- if (auth_ok&AUTH_RHOSTS) {
- /* Cannot check .rhosts unless connection from a privileged port. */
- if (!non_privileged) {
- pwd = (struct passwd *) getpwnam(lusername);
- if (pwd &&
- !ruserok(rhost_name, pwd->pw_uid == 0, rusername, lusername))
- auth_sent |= AUTH_RHOSTS;
- }
- }
if (checksum_required && !valid_checksum) {
if (auth_sent & AUTH_KRB5) {
{
#ifdef KERBEROS
syslog(LOG_ERR,
- "usage: klogind [-rke45pP] [-D port] or [r/R][k/K][x/e][p/P]logind");
+ "usage: klogind [-ke45pP] [-D port] or [r/R][k/K][x/e][p/P]logind");
#else
syslog(LOG_ERR,
"usage: rlogind [-rpP] [-D port] or [r/R][p/P]logind");
* 1) Check authentication.
* 2) Check authorization via the access-control files:
* ~/.k5login (using krb5_kuserok) and/or
- * ~/.rhosts (using ruserok).
* Execute command if configured authoriztion checks pass, else deny
* permission.
*
* take priority. The options are:
* -k means trust krb4 or krb5
* -5 means trust krb5
-* -4 means trust krb4
- * -r means trust .rhosts (using ruserok).
+* -4 means trust krb4 (using .klogin)
*
- * If no command-line arguments are present, then the presence of the
- * letters kKrR in the program-name before "shd" determine the
- * behaviour of the program exactly as with the command-line arguments.
*/
/* DEFINES:
#include "com_err.h"
#include "loginpaths.h"
-#define ARGSTR "rek54ciD:S:M:AP:?L:"
+#define ARGSTR "ek54ciD:S:M:AP:?L:"
#define RSHD_BUFSIZ 5120
#else /* !KERBEROS */
-#define ARGSTR "rRD:?"
+#define ARGSTR "RD:?"
#define (*des_read) read
#define (*des_write) write
*/
#define AUTH_KRB4 (0x1)
#define AUTH_KRB5 (0x2)
-#define AUTH_RHOSTS (0x4)
int auth_ok = 0, auth_sent = 0;
int checksum_required = 0, checksum_ignored = 0;
char *progname;
opterr = 0;
while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
switch (ch) {
- case 'r':
- auth_ok |= AUTH_RHOSTS;
- break;
#ifdef KERBEROS
case 'k':
#ifdef KRB5_KRB4_COMPAT
}
- if (auth_ok&AUTH_RHOSTS) {
- /* Cannot check .rhosts unless connection from privileged port */
- if (!non_privileged) {
- if (ruserok(hostname, pwd->pw_uid == 0,
- remuser, locuser) < 0) {
- syslog(LOG_ERR ,
- "Principal %s (%s@%s) for local user %s failed ruserok.\n",
- kremuser, remuser, hostname, locuser);
- } else auth_sent |=AUTH_RHOSTS;
- }
- }
#else
if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' &&
ruserok(hostname, pwd->pw_uid == 0, remuser, locuser) < 0) {
void usage()
{
#ifdef KERBEROS
- syslog(LOG_ERR, "usage: kshd [-rRkK] or [r/R][k/K]shd");
+ syslog(LOG_ERR, "usage: kshd [-54ecikK] ");
#else
syslog(LOG_ERR, "usage: rshd");
#endif
Allow Kerberos5 and Kerberos4 as acceptable authentication
mechanisms. This is the same as including \fB\-4\fP and \fB\-5\fP.
-.IP \fB\-r\fP
-Trust the remote hostname as an authentication system using the
- \fI.rhosts\fP authorization list. This option may be desupported in a future version.
-
-
.IP \fB\-e\fP
Require the client to encrypt the connection. Only Kerberos5 clients
support encryption.