More option handling changes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7839 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/appl/telnet/telnetd/ChangeLog b/src/appl/telnet/telnetd/ChangeLog
index 2c7c36b63f240467716e7f7b4dd38e5896e053aa..21fa61c27b46c9ebbbc564622418216337ba6ef7 100644 (file)
--- a/src/appl/telnet/telnetd/ChangeLog
+++ b/src/appl/telnet/telnetd/ChangeLog
@@ -1,3 +1,8 @@
+Thu Apr 18 16:33:42 1996  Sam Hartman  <hartmans@mit.edu>
+
+       * state.c (suboption): Don't accept authentication suboptions after authentication negotiation complete. 
+       (envvarok):  exclude KRB5_KTNAME and KRB5CCNAME
+
 Tue Apr 16 12:23:02 1996  Sam Hartman  <hartmans@mit.edu>
 
        * configure.in : Treat HPUX as if it doesn't have streams.

diff --git a/src/appl/telnet/telnetd/state.c b/src/appl/telnet/telnetd/state.c
index 0f19371ce5324810affa91d5020e4ef18f076492..2faed71980db4d0415b8d239ace88c3ed982461d 100644 (file)
--- a/src/appl/telnet/telnetd/state.c
+++ b/src/appl/telnet/telnetd/state.c
@@ -1476,10 +1476,12 @@ sb_auth_complete();
                 */
                break;
        case TELQUAL_IS:
-               auth_is(subpointer, SB_LEN());
+         if (!auth_negotiated)
+  auth_is(subpointer, SB_LEN());
                break;
        case TELQUAL_NAME:
-               auth_name(subpointer, SB_LEN());
+         if (!auth_negotiated)
+  auth_name(subpointer, SB_LEN());
                break;
        }
        break;
@@ -1640,11 +1642,12 @@ send_status()
 }
 
 static int envvarok(varp)
-char *varp;
+  char *varp;
 {
     if (!strncmp(varp, "LD_", 3) || !strncmp(varp, "_RLD_", 5) ||
        !strncmp(varp, "ELF_LD_", 7) || !strncmp(varp, "AOUT_LD_", 8) ||
         !strcmp(varp, "LIBPATH") || !strcmp(varp, "IFS") ||
+!strcmp(varp, "KRB5_KTNAME")|| !strcmp(varp, "KRB5CCNAME")||
        strchr(varp, '='))
     {
        syslog(LOG_INFO, "Rejected the attempt to modify the environment variable \"%s\"", varp);