checksum provides additionl security by preventing an attacker from
changing the initial connection information. To benefit from this
security, only Kerberos5 should be trusted; Kerberos4 and rhosts
-authentication do not include this checksum. If thi options is
+authentication do not include this checksum. If this options is
specified, older Kerberos5 clients that do not send a checksum in the
authenticator will not be able to authenticate to this server.
.PP
}
environ = envinit;
- cp = strrchr(pwd->pw_shell, '/');
- if (cp)
- cp++;
- else
- cp = pwd->pw_shell;
-
#ifdef KERBEROS
/* To make Kerberos rcp work correctly, we must ensure that we
invoke Kerberos rcp on this end, not normal rcp, even if the
(do_encrypt && !strncmp(cmdbuf, "-x rcp ", 7))) {
char *copy;
struct stat s;
+ int offst = 0;
copy = malloc(strlen(cmdbuf) + 1);
if (copy == NULL) {
}
strcpy(copy, cmdbuf);
if (do_encrypt && !strncmp(cmdbuf, "-x ", 3)) {
- strcpy(cmdbuf + 3, kprogdir);
- cp = copy + 6;
- } else {
- strcpy(cmdbuf, kprogdir);
- cp = copy + 3;
+ offst = 3;
}
+
+ strcpy((char *) cmdbuf + offst, kprogdir);
+ cp = copy + 3 + offst;
+
strcat(cmdbuf, "/rcp");
- if (stat(cmdbuf, &s) >= 0)
+ if (stat((char *)cmdbuf + offst, &s) >= 0)
strcat(cmdbuf, cp);
else
strcpy(cmdbuf, copy);
}
#endif
+ cp = strrchr(pwd->pw_shell, '/');
+ if (cp)
+ cp++;
+ else
+ cp = pwd->pw_shell;
+
if (do_encrypt && !strncmp(cmdbuf, "-x ", 3)) {
execl(pwd->pw_shell, cp, "-c", (char *)cmdbuf + 3, 0);
}
- else
+ else {
execl(pwd->pw_shell, cp, "-c", cmdbuf, 0);
-
+}
perror(pwd->pw_shell);
perror(cp);
exit(1);