+Mon Sep 30 17:15:14 1996 Sam Hartman <hartmans@mit.edu>
+
+ * login.c: Allow login -f to let you log in as root.
+
+Mon Sep 30 16:22:48 1996 Sam Hartman <hartmans@tertius.mit.edu>
+
+ * login.c (stypeof): If TERM environment variable set, use it.
+
+ * krlogind.c (doit): Do not use login -E; no one supports it
+ besides login.krb5which also supports -f.
+
Sun Sep 29 20:49:47 1996 Sam Hartman <hartmans@mit.edu>
* login.c: Fix so it works with --without-krb4 option
* 3) Prompt for password if any checks fail, or if so configured.
* Allow login if all goes well either by calling the accompanying
* login.krb5 or /bin/login, according to the definition of
- * DO_NOT_USE_K_LOGIN.
+ * DO_NOT_USE_K_LOGIN.l
*
* The configuration is done either by command-line arguments passed by
* inetd, or by the name of the daemon. If command-line arguments are
*/
#define LOG_REMOTE_REALM
#define CRYPT
-
+#define USE_LOGIN_F
#ifdef HAVE_UNISTD_H
#include <unistd.h>
int pid; /* child process id */
void doit(f, fromp)
- int f;
- struct sockaddr_in *fromp;
+ int f;
+ struct sockaddr_in *fromp;
{
int p, t, on = 1;
register struct hostent *hp;
#if defined(POSIX_TERMIOS) && !defined(ultrix)
tcgetattr(t,&new_termio);
-#if !(defined(DO_NOT_USE_K_LOGIN)&&defined(USE_LOGIN_F))
+#if !defined(USE_LOGIN_F)
new_termio.c_lflag &= ~(ICANON|ECHO|ISIG|IEXTEN);
new_termio.c_iflag &= ~(IXON|IXANY|BRKINT|INLCR|ICRNL);
#else
}
#endif
-#ifdef DO_NOT_USE_K_LOGIN
#ifdef USE_LOGIN_F
/* use the vendors login, which has -p and -f. Tested on
* AIX 4.1.4 and HPUX 10
#else /* USE_LOGIN_F */
execl(login_program, "login", "-r", rhost_name, 0);
#endif /* USE_LOGIN_F */
-#else
- if (passwd_req)
- execl(login_program, "login","-h", rhost_name, lusername, 0);
- else
- execl(login_program, "login", "-h", rhost_name, "-e", lusername, 0);
-#endif
fatalperror(2, login_program);
/*NOTREACHED*/
#endif
-#if defined(DO_NOT_USE_K_LOGIN)&&!defined(USE_LOGIN_F)
+#if!defined(USE_LOGIN_F)
/* Pass down rusername and lusername to login. */
(void) write(p, rusername, strlen(rusername) +1);
(void) write(p, lusername, strlen(lusername) +1);
-#endif
-#if !defined(DO_NOT_USE_K_LOGIN) || !defined(USE_LOGIN_F)
/* stuff term info down to login */
if ((write(p, term, strlen(term)+1) != (int) strlen(term)+1)) {
/*
sprintf(buferror,"Cannot write slave pty %s ",line);
fatalperror(f,buferror);
}
-#endif /* DO_NOT_USE_K_LOGIN && USE_LOGIN_F */
+
+#endif
protocol(f, p);
signal(SIGCHLD, SIG_IGN);
cleanup();
pass hostname to telnetd, etc.
.TP
\fB\-f\fP \fIname\fP
-Perform pre-authenticated login, e.g., datakit, xterm, etc.; does not
+Perform pre-authenticated login, e.g., datakit, xterm, etc.;
allow preauthenticated login as root.
.TP
\fB\-F\fP \fIname\fP
* login -r hostname (for rlogind)
* login -h hostname (for telnetd, etc.)
* login -f name (for pre-authenticated login: datakit, xterm, etc.,
- * does not allow preauthenticated login as root)
+ * does allow preauthenticated login as root)
* login -F name (for pre-authenticated login: datakit, xterm, etc.,
* allows preauthenticated login as root)
* login -e name (for pre-authenticated encrypted, must do term
}
\f
/* Main routines */
-#define EXCL_AUTH_TEST if (rflag || kflag || Kflag || eflag || fflag || Fflag ) { \
+#define EXCL_AUTH_TEST if (rflag || kflag || Kflag || eflag || fflag ) { \
fprintf(stderr, \
"login: only one of -r, -k, -K, -e, -F, and -f allowed.\n"); \
exit(1);\
struct group *gr;
int ch;
char *p;
- int fflag, hflag, pflag, rflag, Fflag, cnt;
+ int fflag, hflag, pflag, rflag, cnt;
int kflag, Kflag, eflag;
int quietlog, passwd_req, ioctlval;
sigtype timedout();
(void)gethostname(tbuf, sizeof(tbuf));
domain = strchr(tbuf, '.');
- Fflag = fflag = hflag = pflag = rflag = kflag = Kflag = eflag = 0;
+ fflag = hflag = pflag = rflag = kflag = Kflag = eflag = 0;
passwd_req = 1;
while ((ch = getopt(argc, argv, "Ffeh:pr:k:K:")) != EOF)
switch (ch) {
break;
case 'F':
EXCL_AUTH_TEST;
- Fflag = 1;
+ fflag = 1;
break;
case 'h':
EXCL_HOST_TEST;
#endif /* KRB5_GET_TICKETS */
if (username == NULL) {
- fflag = Fflag = 0;
+ fflag = 0;
getloginname();
}
if (pwd == NULL || pwd->pw_uid)
checknologin();
- /*
- * Disallow automatic login to root.
- * If not invoked by root, disallow if the uid's differ.
- */
- if (fflag && pwd) {
- int uid = (int) getuid();
-
- passwd_req =
- (pwd->pw_uid == 0 || (uid && uid != pwd->pw_uid));
- }
/*
* Allows automatic login by root.
* If not invoked by root, disallow if the uid's differ.
*/
- if (Fflag && pwd) {
+ if (fflag && pwd) {
int uid = (int) getuid();
passwd_req = (uid && uid != pwd->pw_uid);
}
if (!quietlog) {
#ifdef KRB4_KLOGIN
- if (!krbflag && !fflag && !Fflag && !eflag )
+ if (!krbflag && !fflag && !eflag )
printf("\nWarning: No Kerberos tickets obtained.\n\n");
#endif /* KRB4_KLOGIN */
motd ();
char *
stypeof(ttyid)
- char *ttyid;
+ char *ttyid;
{
+char *cp = getenv("term");
+
#ifndef HAVE_TTYENT_H
- return(UNKNOWN);
+if (cp)
+ return cp;
+else return(UNKNOWN);
#else
struct ttyent *t;
-
- return(ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN);
+ if (cp)
+ return cp;
+ else return(ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN);
#endif
}
projects / krb5.git / commitdiff