revert accidental checkin of unfinished changes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14257 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/appl/bsd/Makefile.in b/src/appl/bsd/Makefile.in
index f596999c061e577c0f8ef0cfe75a40687b9d456e..92b4dc872b5f01861c1817f4eebb0000616b589a 100644 (file)
--- a/src/appl/bsd/Makefile.in
+++ b/src/appl/bsd/Makefile.in
@@ -60,8 +60,8 @@ install::
          ) || exit 1; \
        done
        f=$(V4RCP); \
-       if test -n "$$f" ; then $(INSTALL_PROGRAM) $$f \
-               $(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`.real; \
+       if test -n "$$f" ; then $(INSTALL_SETUID) $$f \
+               $(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`; \
        $(INSTALL_DATA) $(srcdir)/$$f.M \
                ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \
        fi

diff --git a/src/appl/bsd/krcp.c b/src/appl/bsd/krcp.c
index c48ed80eb109d135ce9a3792b4ebe0a51fac9251..5ad6a25a1e50a1704b99da838939b2e20883b03a 100644 (file)
--- a/src/appl/bsd/krcp.c
+++ b/src/appl/bsd/krcp.c
@@ -47,8 +47,6 @@ char copyright[] =
 #include <sys/stat.h>
 #include <sys/time.h>
 #include <sys/ioctl.h>
-
-#include <syslog.h>
      
 #include <netinet/in.h>
      
@@ -95,7 +93,6 @@ Key_schedule v4_schedule;
 CREDENTIALS v4_cred;
 KTEXT_ST v4_ticket;
 MSG_DAT v4_msg_data;
-int v4_only;
 #endif
 
 void   v4_send_auth(char *, char *), try_normal(char **);
@@ -128,7 +125,6 @@ int forcenet;
 struct passwd *pwd;
 int    userid;
 int    port = 0;
-static const char *me;
 
 struct buffer {
     unsigned int cnt;
@@ -177,12 +173,6 @@ int main(argc, argv)
     }
 #endif
 
-    me = strrchr (argv[0], '/');
-    if (me)
-       me++;
-    else
-       me = argv[0];
-
     pwd = getpwuid(userid = getuid());
     if (pwd == 0) {
        fprintf(stderr, "who are you?\n");
@@ -254,11 +244,6 @@ int main(argc, argv)
            else
                usage ();
            goto next_arg;
-#ifdef KRB5_KRB4_COMPAT
-       case '4':
-           v4_only = 1;
-           break;
-#endif
 #endif /* KERBEROS */
            /* The rest of these are not for users. */
          case 'd':
@@ -267,7 +252,6 @@ int main(argc, argv)
            
          case 'f':             /* "from" */
            iamremote = 1;
-           openlog (me, LOG_PID, LOG_DAEMON);
            rcmd_stream_init_normal();
 #if defined(KERBEROS)
            if (encryptflag)
@@ -280,7 +264,6 @@ int main(argc, argv)
            
          case 't':             /* "to" */
            iamremote = 1;
-           openlog (me, LOG_PID, LOG_DAEMON);
            rcmd_stream_init_normal();
 #if defined(KERBEROS)
            if (encryptflag)
@@ -442,10 +425,6 @@ int main(argc, argv)
                                   cmd, targ);
                    host = thost;
 #ifdef KERBEROS
-#ifdef KRB5_KRB4_COMPAT
-                   if (v4_only)
-                       goto try_krb4;
-#endif
                    authopts = AP_OPTS_MUTUAL_REQUIRED;
                    status = kcmd(&sock, &host,
                                  port,
@@ -470,7 +449,6 @@ int main(argc, argv)
                            /* Don't fall back to less safe methods.  */
                            exit (1);
 #ifdef KRB5_KRB4_COMPAT
-                   try_krb4:
                        fprintf(stderr, "Trying krb4 rcp...\n");
                        if (strncmp(buf, "-x rcp", 6) == 0)
                            memcpy(buf, "rcp -x", 6);
@@ -973,11 +951,8 @@ krb5_sigtype
   lostconn(signumber)
     int signumber;
 {
-    char *reason = signumber ? "signal" : "eof";
     if (iamremote == 0)
-       fprintf(stderr, "rcp: lost connection (%s)\n", reason);
-    else
-       syslog(LOG_ERR, "lost connection (%s)", reason);
+      fprintf(stderr, "rcp: lost connection\n");
     exit(1);
 }
 
@@ -1276,14 +1251,8 @@ error(fmt, va_alist)
 void usage()
 {
 #ifdef KERBEROS
-# ifdef KRB5_KRB4_COMPAT
-#  define POPT "[-PN | -PO | -4]"
-# else
-#  define POPT "[-PN | -PO]"
-# endif
     fprintf(stderr,
-           "Usage:\trcp " POPT " [-p] [-x] [-k realm] f1 f2\n"
-           "   or:\trcp " POPT " [-r] [-p] [-x] [-k realm] f1 ... fn d2\n");
+           "Usage: \trcp [-PN | -PO] [-p] [-x] [-k realm] f1 f2; or:\n\trcp [-PN | -PO] [-r] [-p] [-x] [-k realm] f1 ... fn d2\n");
 #else
     fputs("usage: rcp [-p] f1 f2; or: rcp [-rp] f1 ... fn d2\n", stderr);
 #endif

diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c
index dc3a556f33cabd0becd56349de21312891dde9ce..76d1f5397c24016125723690248d38ed9a553a6d 100644 (file)
--- a/src/appl/bsd/krlogind.c
+++ b/src/appl/bsd/krlogind.c
@@ -300,8 +300,8 @@ char                lusername[UT_NAMESIZE+1];
 char           rusername[UT_NAMESIZE+1];
 char            *krusername = 0;
 char           term[64];
-char            rhost_name[NI_MAXHOST];
-char           rhost_addra[NI_MAXHOST];
+char            rhost_name[MAXDNAME];
+char           rhost_addra[16];
 krb5_principal  client;
 int            do_inband = 0;
 
@@ -322,7 +322,7 @@ extern int daemon(int, int);
 #define VHANG_LAST             /* vhangup must occur on close, not open */
 #endif
 
-void   fatal(int, const char *), fatalperror(int, const char *), doit(int, struct sockaddr *), usage(void), do_krb_login(char *, char *), getstr(int, char *, int, char *);
+void   fatal(int, const char *), fatalperror(int, const char *), doit(int, struct sockaddr_in *), usage(void), do_krb_login(char *, char *), getstr(int, char *, int, char *);
 void   protocol(int, int);
 int    princ_maps_to_lname(krb5_principal, char *), default_realm(krb5_principal);
 krb5_sigtype   cleanup(int);
@@ -353,7 +353,7 @@ int main(argc, argv)
     extern int opterr, optind;
     extern char * optarg;
     int on = 1, fromlen, ch;
-    struct sockaddr_storage from;
+    struct sockaddr_in from;
     int debug_port = 0;
     int fd;
     int do_fork = 0;
@@ -542,7 +542,7 @@ int main(argc, argv)
                    syslog(LOG_ERR, "fork: %s", error_message(errno));
                case 0:
                    (void) close(s);
-                   doit(fd, (struct sockaddr *) &from);
+                   doit(fd, &from);
                    close(fd);
                    exit(0);
                default:
@@ -570,7 +570,7 @@ int main(argc, argv)
        fd = 0;
     }
 
-    doit(fd, (struct sockaddr *) &from);
+    doit(fd, &from);
     return 0;
 }
 
@@ -593,7 +593,7 @@ int pid; /* child process id */
 
 void doit(f, fromp)
   int f;
-  struct sockaddr *fromp;
+  struct sockaddr_in *fromp;
 {
     int p, t, on = 1;
     register struct hostent *hp;
@@ -640,28 +640,24 @@ void doit(f, fromp)
     sa.sa_flags = 0;
 #endif
 
-    if (fromp->sa_family == AF_INET)
-       portnum = ntohs(((struct sockaddr_in *)fromp)->sin_port);
-#ifdef KRB5_USE_INET6
-    else if (fromp->sa_family == AF_INET6)
-       portnum = ntohs(((struct sockaddr_in6 *)fromp)->sin6_port);
-#endif
-    else
-       fatal(f, "Permission denied - Malformed from address\n");
-
-    if (getnameinfo (fromp, socklen(fromp), rhost_name, sizeof(rhost_name),
-                    0, 0, 0))
-       rhost_name[0] = 0;
-    if (getnameinfo (fromp, socklen(fromp), rhost_addra, sizeof(rhost_addra),
-                    0, 0, NI_NUMERICHOST))
-       strcpy(rhost_addra, "??");
-
+    fromp->sin_port = ntohs((u_short)fromp->sin_port);
     hp = gethostbyaddr((char *) &fromp->sin_addr, sizeof (struct in_addr),
                       fromp->sin_family);
     strncpy(rhost_addra, inet_ntoa(fromp->sin_addr), sizeof (rhost_addra));
+    rhost_addra[sizeof (rhost_addra) -1] = '\0';
+    if (hp != NULL) {
+       /* Save hostent information.... */
+       strncpy(rhost_name,hp->h_name,sizeof (rhost_name));
+       rhost_name[sizeof (rhost_name) - 1] = '\0';
+    } else
+       rhost_name[0] = '\0';
+    
+    if (fromp->sin_family != AF_INET)
+      fatal(f, "Permission denied - Malformed from address\n");
     
 #ifndef KERBEROS
-    if (portnum >= IPPORT_RESERVED || portnum < IPPORT_RESERVED/2)
+    if (fromp->sin_port >= IPPORT_RESERVED ||
+       fromp->sin_port < IPPORT_RESERVED/2)
       fatal(f, "Permission denied - Connection from bad port");
 #endif /* KERBEROS */
     
@@ -820,7 +816,7 @@ void doit(f, fromp)
         setenv("TERM",term, 1);
     }
 
-    retval = pty_make_sane_hostname(fromp, maxhostlen,
+    retval = pty_make_sane_hostname((struct sockaddr *) fromp, maxhostlen,
                                    stripdomain, always_ip,
                                    &rhost_sane);
     if (retval)
@@ -847,7 +843,7 @@ void doit(f, fromp)
      **      The master blocks here until it reads a byte.
      */
     
-    (void) close(syncpipe[1]);
+(void) close(syncpipe[1]);
     if (read(syncpipe[0], &c, 1) != 1) {
        /*
         * Problems read failed ...
@@ -871,7 +867,7 @@ void doit(f, fromp)
        * will fail to work properly
        */
 #endif /* KERBEROS */
-       ioctl(f, FIONBIO, &on);
+      ioctl(f, FIONBIO, &on);
     ioctl(p, FIONBIO, &on);
 
     /* FIONBIO doesn't always work on ptys, use fcntl to set O_NDELAY? */
@@ -1386,10 +1382,7 @@ recvauth(valid_checksum)
 {
     krb5_auth_context auth_context = NULL;
     krb5_error_code status;
-    struct sockaddr_storage peer_addr, local_addr;
-#if 0
     struct sockaddr_in peersin, laddr;
-#endif
     int len;
     krb5_data inbuf;
     char v4_instance[INST_SZ]; /* V4 Instance */
@@ -1401,12 +1394,12 @@ recvauth(valid_checksum)
 
     *valid_checksum = 0;
     len = sizeof(laddr);
-    if (getsockname(netf, (struct sockaddr *)&local_addr, &len)) {
+    if (getsockname(netf, (struct sockaddr *)&laddr, &len)) {
            exit(1);
     }
-
-    len = sizeof(peer_addr);
-    if (getpeername(netf, (struct sockaddr *)&peer_addr, &len)) {
+       
+    len = sizeof(peersin);
+    if (getpeername(netf, (struct sockaddr *)&peersin, &len)) {
        syslog(LOG_ERR, "get peer name failed %d", netf);
        exit(1);
     }

diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c
index 3e047470dcec7161dd9d503988d926448189eff4..6f7f447d99b4b3729eefa844a38fc0ec80f5f652 100644 (file)
--- a/src/appl/bsd/krshd.c
+++ b/src/appl/bsd/krshd.c
@@ -216,7 +216,7 @@ int maxhostlen = 0;
 int stripdomain = 1;
 int always_ip = 0;
 
-static krb5_error_code recvauth(int netfd, struct sockaddr *peersin,
+static krb5_error_code recvauth(int netfd, struct sockaddr_in peersin,
                                int *valid_checksum);
 
 #else /* !KERBEROS */
@@ -264,7 +264,7 @@ void        error (char *fmt, ...)
      ;
 
 void usage(void), getstr(int, char *, int, char *), 
-    doit(int, struct sockaddr *);
+    doit(int, struct sockaddr_in *);
 
 #ifndef HAVE_INITGROUPS
 int initgroups(char* name, gid_t basegid) {
@@ -286,7 +286,7 @@ int main(argc, argv)
     struct linger linger;
 #endif
     int on = 1, fromlen;
-    struct sockaddr_storage from;
+    struct sockaddr_in from;
     extern int opterr, optind;
     extern char *optarg;
     int ch;
@@ -492,7 +492,7 @@ int main(argc, argv)
        fatal(fd, "Configuration error: mutually exclusive options specified");
     }
 
-    doit(dup(fd), (struct sockaddr *) &from);
+    doit(dup(fd), &from);
     return 0;
 }
 
@@ -609,7 +609,7 @@ cleanup(signumber)
 
 void doit(f, fromp)
      int f;
-     struct sockaddr *fromp;
+     struct sockaddr_in *fromp;
 {
     char *cp;
 #ifdef KERBEROS
@@ -817,7 +817,7 @@ void doit(f, fromp)
        exit(1);
     }
 
-    if ((status = recvauth(f, fromaddr, &valid_checksum))) {
+    if ((status = recvauth(f, fromaddr,&valid_checksum))) {
        error("Authentication failed: %s\n", error_message(status));
        exit(1);
     }
@@ -945,11 +945,14 @@ void doit(f, fromp)
     if (port) {
        /* Place entry into wtmp */
        sprintf(ttyn,"krsh%ld",(long) (getpid() % 9999999));
+       pty_logwtmp(ttyn,locuser,sane_host);
+    }
+    /*      We are simply execing a program over rshd : log entry into wtmp,
+           as kexe(pid), then finish out the session right after that.
+           Syslog should have the information as to what was exec'd */
+    else {
+       pty_logwtmp(ttyn,locuser,sane_host);
     }
-    /* else: We are simply execing a program over rshd : log entry into wtmp,
-            as kexe(pid), then finish out the session right after that.
-            Syslog should have the information as to what was exec'd */
-    pty_logwtmp(ttyn,locuser,sane_host);
     
 #ifdef CRAY
     

diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c
index e2fd62d27fb7b538be31a9c0f8ec44a0718a6009..dee36247a5141218a06844a89db3c16233a5823d 100644 (file)
--- a/src/appl/bsd/login.c
+++ b/src/appl/bsd/login.c
@@ -818,8 +818,7 @@ static int verify_krb_v4_tgt (realm)
     memcpy ((char *) &addr, (char *)hp->h_addr, sizeof (addr));
     /* Do we have rcmd.<host> keys? */
 #if 0 /* Be paranoid.  If srvtab exists, assume it must contain the
-        right key.  The more paranoid mode also helps avoid a
-        possible DNS spoofing issue.  */
+        right key.  */
     have_keys = read_service_key (rcmd_str, phost, realm, 0, KEYFILE, key)
        ? 0 : 1;
     memset (key, 0, sizeof (key));