From 133f40ef3c44b1521a3a2217799f6b9ec4a269d3 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Fri, 15 Dec 2000 07:11:07 +0000 Subject: [PATCH] add "-4" option to rlogin to not try krb5 auth git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12894 dc483132-0cff-0310-8789-dd5450dbe970 --- src/appl/bsd/ChangeLog | 6 ++++++ src/appl/bsd/krlogin.c | 26 +++++++++++++++++++++++++- src/appl/bsd/rlogin.M | 5 ++++- 3 files changed, 35 insertions(+), 2 deletions(-) diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index 05c91afb1..903d09899 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,9 @@ +2000-12-15 Ken Raeburn + + * krlogin.c (main): Add new "-4" option, to use krb4 + authentication only; useful for testing. + * rlogin.M: Updated. + 2000-12-06 Ken Raeburn * krlogind.c (doit): Cast first argument to pty_make_sane_hostname diff --git a/src/appl/bsd/krlogin.c b/src/appl/bsd/krlogin.c index 1fd439058..3b7a6637a 100644 --- a/src/appl/bsd/krlogin.c +++ b/src/appl/bsd/krlogin.c @@ -375,6 +375,7 @@ main(argc, argv) #ifdef KRB5_KRB4_COMPAT KTEXT_ST v4_ticket; MSG_DAT v4_msg_data; + int v4only = 0; #endif #endif int port, debug_port = 0; @@ -514,11 +515,25 @@ main(argc, argv) argv++, argc--; goto another; } +#ifdef KRB5_KRB4_COMPAT + if (argc > 0 && !strcmp(*argv, "-4")) { + v4only++; + argv++, argc--; + goto another; + } +#endif /* krb4 */ #endif /* KERBEROS */ if (host == 0) goto usage; if (argc > 0) goto usage; +#ifdef KRB5_KRB4_COMPAT + if (kcmd_proto != KCMD_PROTOCOL_COMPAT_HACK && v4only) { + com_err (argv[0], 0, + "-4 is incompatible with -PO/-PN"); + exit(1); + } +#endif pwd = getpwuid(getuid()); if (pwd == 0) { fprintf(stderr, "Who are you?\n"); @@ -637,6 +652,10 @@ main(argc, argv) if (Fflag) authopts |= OPTS_FORWARDABLE_CREDS; +#ifdef KRB5_KRB4_COMPAT + if (v4only) + goto try_v4; +#endif status = kcmd(&sock, &host, port, null_local_username ? "" : pwd->pw_name, name ? name : pwd->pw_name, term, @@ -655,6 +674,7 @@ main(argc, argv) exit (1); #ifdef KRB5_KRB4_COMPAT fprintf(stderr, "Trying krb4 rlogin...\n"); + try_v4: status = k4cmd(&sock, &host, port, null_local_username ? "" : pwd->pw_name, name ? name : pwd->pw_name, term, @@ -710,7 +730,11 @@ main(argc, argv) #ifdef KERBEROS fprintf (stderr, "usage: rlogin host [-option] [-option...] [-k realm ] [-t ttytype] [-l username]\n"); - fprintf (stderr, " where option is e, 7, 8, noflow, n, a, x, f, F, or c\n"); +#ifdef KRB5_KRB4_COMPAT + fprintf (stderr, " where option is e, 7, 8, noflow, n, a, x, f, F, c, 4, PO, or PN\n"); +#else + fprintf (stderr, " where option is e, 7, 8, noflow, n, a, x, f, F, c, PO, or PN\n"); +#endif #else /* !KERBEROS */ fprintf (stderr, "usage: rlogin host [-option] [-option...] [-t ttytype] [-l username]\n"); diff --git a/src/appl/bsd/rlogin.M b/src/appl/bsd/rlogin.M index 601fe460b..56c11aa29 100644 --- a/src/appl/bsd/rlogin.M +++ b/src/appl/bsd/rlogin.M @@ -25,7 +25,7 @@ rlogin \- remote login .I rhost [\fB\-e\fP\fI\|c\fP] [\fB\-8\fP] [\fB\-c\fP] [ \fB\-a\fP] [\fB\-f\fP] [\fB\-F\fP] [\fB\-t\fP \fItermtype\fP] [\fB\-n\fP] [\fB\-7\fP] -[\fB\-PN | \-PO\fP] +[\fB\-PN | \-PO\fP] [\fB\-4\fP] [\fB\-d\fP] [\fB\-k\fP \fIrealm\fP] [\fB\-x\fP] [\fB\-L\fP] [\fB\-l\fP \fIusername\fP] .PP @@ -144,6 +144,9 @@ old one, but is not interoperable with older servers. (An "input/output error" and a closed connection is the most likely result of attempting this combination.) If neither option is specified, some simple heuristics are used to guess which to try. +.TP +\fB\-4\fP +Use Kerberos V4 authentication only; don't try Kerberos V5. .SH SEE ALSO rsh(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3), rlogin(1) [UCB version] -- 2.26.2