From 9cefbad7f53cffbe75044262b98bd34ebe3ae2fd Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 15 Dec 2008 20:29:01 +0000 Subject: [PATCH] Remove krb4 support in the applications. login's ability to run aklog has been preserved and made unconditional on krb4 support, since aklog can now do krb5 auth. The config variable is now named krb_run_aklog (as it was sometimes documented), not krb4_run_aklog as it previously was. ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21450 dc483132-0cff-0310-8789-dd5450dbe970 --- src/appl/bsd/Makefile.in | 58 +- src/appl/bsd/compat_recv.c | 581 ------------------- src/appl/bsd/configure.in | 27 +- src/appl/bsd/defines.h | 15 - src/appl/bsd/forward.c | 1 - src/appl/bsd/kcmd.c | 328 ----------- src/appl/bsd/klogind.M | 56 +- src/appl/bsd/krcp.c | 85 +-- src/appl/bsd/krlogin.c | 49 -- src/appl/bsd/krlogind.c | 212 ++----- src/appl/bsd/krsh.c | 36 -- src/appl/bsd/krshd.c | 292 +++++----- src/appl/bsd/login.M | 24 +- src/appl/bsd/login.c | 615 +------------------- src/appl/bsd/rlogin.M | 5 +- src/appl/bsd/v4rcp.M | 52 -- src/appl/bsd/v4rcp.c | 1110 ------------------------------------ 17 files changed, 234 insertions(+), 3312 deletions(-) delete mode 100644 src/appl/bsd/compat_recv.c delete mode 100644 src/appl/bsd/v4rcp.M delete mode 100644 src/appl/bsd/v4rcp.c diff --git a/src/appl/bsd/Makefile.in b/src/appl/bsd/Makefile.in index 59fe38b54..ce5522f7c 100644 --- a/src/appl/bsd/Makefile.in +++ b/src/appl/bsd/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=appl/bsd mydir=. BUILDTOP=$(REL)..$(S).. -LOCALINCLUDES=@KRB4_INCLUDES@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -11,15 +10,13 @@ SETENVOBJ=@SETENVOBJ@ LOGINLIBS=@LOGINLIBS@ LIBOBJS=@LIBOBJS@ -V4RCP=@V4RCP@ -V4RCPO=@V4RCPO@ KRSHDLIBS=@KRSHDLIBS@ SRCS= $(srcdir)/krcp.c $(srcdir)/krlogin.c $(srcdir)/krsh.c $(srcdir)/kcmd.c \ - $(srcdir)/forward.c $(srcdir)/compat_recv.c \ - $(srcdir)/login.c $(srcdir)/krshd.c $(srcdir)/krlogind.c -OBJS= krcp.o krlogin.o krsh.o kcmd.o forward.o compat_recv.o $(SETENVOBJ) \ - login.o krshd.o krlogind.o $(V4RCPO) $(LIBOBJS) + $(srcdir)/forward.c $(srcdir)/login.c $(srcdir)/krshd.c \ + $(srcdir)/krlogind.c +OBJS= krcp.o krlogin.o krsh.o kcmd.o forward.o $(SETENVOBJ) login.o krshd.o \ + krlogind.o $(LIBOBJS) UCB_RLOGIN = @UCB_RLOGIN@ UCB_RSH = @UCB_RSH@ @@ -33,22 +30,19 @@ DEFINES = $(RSH) $(BSD) $(RPROGS) -DKERBEROS \ -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\" \ -DHEIMDAL_FRIENDLY -all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP) +all:: rsh rcp rlogin kshd klogind login.krb5 clean:: - $(RM) rsh rcp rlogin kshd klogind login.krb5 v4rcp + $(RM) rsh rcp rlogin kshd klogind login.krb5 -rsh: krsh.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB4COMPAT_DEPLIBS) - $(CC_LINK) -o rsh krsh.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB4COMPAT_LIBS) +rsh: krsh.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB5_BASE_DEPLIBS) + $(CC_LINK) -o rsh krsh.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB5_BASE_LIBS) -rcp: krcp.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB4COMPAT_DEPLIBS) - $(CC_LINK) -o rcp krcp.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB4COMPAT_LIBS) +rcp: krcp.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB5_BASE_DEPLIBS) + $(CC_LINK) -o rcp krcp.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB5_BASE_LIBS) -v4rcp: v4rcp.o $(SETENVOBJ) $(LIBOBJS) $(KRB4COMPAT_DEPLIBS) - $(CC_LINK) -o v4rcp v4rcp.o $(SETENVOBJ) $(LIBOBJS) $(KRB4COMPAT_LIBS) - -rlogin: krlogin.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB4COMPAT_DEPLIBS) - $(CC_LINK) -o rlogin krlogin.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB4COMPAT_LIBS) +rlogin: krlogin.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB5_BASE_DEPLIBS) + $(CC_LINK) -o rlogin krlogin.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRB5_BASE_LIBS) install:: for f in rsh rcp rlogin; do \ @@ -58,18 +52,12 @@ install:: ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1 \ ) || exit 1; \ done - f=$(V4RCP); \ - if test -n "$$f" ; then $(INSTALL_SETUID) $$f \ - $(DESTDIR)$(CLIENT_BINDIR)/`echo $$f|sed '$(transform)'`; \ - $(INSTALL_DATA) $(srcdir)/$$f.M \ - ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \ - fi -kshd: krshd.o kcmd.o forward.o compat_recv.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(KRB4COMPAT_DEPLIBS) $(APPUTILS_DEPLIB) - $(CC_LINK) -o kshd krshd.o kcmd.o forward.o compat_recv.o $(SETENVOBJ) $(LIBOBJS) $(KRSHDLIBS) $(PTY_LIB) $(UTIL_LIB) $(KRB4COMPAT_LIBS) $(APPUTILS_LIB) +kshd: krshd.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(KRB5_BASE_DEPLIBS) $(APPUTILS_DEPLIB) + $(CC_LINK) -o kshd krshd.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(KRSHDLIBS) $(PTY_LIB) $(UTIL_LIB) $(KRB5_BASE_LIBS) $(APPUTILS_LIB) -klogind: krlogind.o kcmd.o forward.o compat_recv.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(KRB4COMPAT_DEPLIBS) $(APPUTILS_DEPLIB) - $(CC_LINK) -o klogind krlogind.o kcmd.o forward.o compat_recv.o $(SETENVOBJ) $(LIBOBJS) $(PTY_LIB) $(UTIL_LIB) $(KRB4COMPAT_LIBS) $(APPUTILS_LIB) +klogind: krlogind.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(KRB5_BASE_DEPLIBS) $(APPUTILS_DEPLIB) + $(CC_LINK) -o klogind krlogind.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(PTY_LIB) $(UTIL_LIB) $(KRB5_BASE_LIBS) $(APPUTILS_LIB) install:: for f in kshd klogind; do \ @@ -83,8 +71,8 @@ install:: # No program name transformation is done with login.krb5 since it is directly # referenced by klogind. # -login.krb5: login.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(KRB4COMPAT_DEPLIBS) - $(CC_LINK) -o login.krb5 login.o $(SETENVOBJ) $(LIBOBJS) $(LOGINLIBS) $(PTY_LIB) $(KRB4COMPAT_LIBS) +login.krb5: login.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(KRB5_BASE_DEPLIBS) + $(CC_LINK) -o login.krb5 login.o $(SETENVOBJ) $(LIBOBJS) $(LOGINLIBS) $(PTY_LIB) $(KRB5_BASE_LIBS) install:: $(INSTALL_PROGRAM) login.krb5 $(DESTDIR)$(SERVER_BINDIR)/login.krb5 @@ -141,16 +129,6 @@ $(OUTPRE)forward.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ $(SRCTOP)/include/socket-utils.h defines.h forward.c -$(OUTPRE)compat_recv.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h compat_recv.c defines.h $(OUTPRE)login.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/libpty.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ diff --git a/src/appl/bsd/compat_recv.c b/src/appl/bsd/compat_recv.c deleted file mode 100644 index 1e54941e1..000000000 --- a/src/appl/bsd/compat_recv.c +++ /dev/null @@ -1,581 +0,0 @@ -/* - * lib/krb5/krb/compat_recv.c - * - * Copyright 1993, 2008 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * convenience sendauth/recvauth functions, with compatibility with V4 - * recvauth. - * - * NOTE: linking in this function will pull in V4 kerberos routines. - * - * WARNING: In the V4-style arguments, the ticket and kdata arguments - * have different types than the V4 recvauth; in V4, they were KTEXT - * and AUTH_DAT *, respectively. Here, they are KTEXT * and AUTH_DAT ** - * and they are allocated by recvauth if and only if we end up talking - * to a V4 sendauth. - */ - -#include "k5-int.h" -#if !defined(_MACINTOSH) -#ifdef KRB5_KRB4_COMPAT -#include -#endif -#include "com_err.h" -#include - -#include -#include - -#include "defines.h" - -#ifdef KRB5_KRB4_COMPAT -static int krb_v4_recvauth(long options, int fd, KTEXT ticket, - char *service, char *instance, - struct sockaddr_in *faddr, - struct sockaddr_in *laddr, - AUTH_DAT *kdata, - char *filename, - Key_schedule schedule, - char *version); -#endif - -#define KRB_V4_SENDAUTH_VERS "AUTHV0.1" /* MUST be 8 chars long */ -#define KRB_V5_SENDAUTH_VERS "KRB5_SENDAUTH_V1.0" - -#define KRB5_RECVAUTH_V4 4 -#define KRB5_RECVAUTH_V5 5 - -#ifdef KRB5_KRB4_COMPAT -krb5_error_code -krb5_compat_recvauth(context, auth_context, - /* IN */ - fdp, appl_version, server, flags, keytab, - v4_options, v4_service, v4_instance, v4_faddr, v4_laddr, - v4_filename, - /* OUT */ - ticket, - auth_sys, v4_kdata, v4_schedule, v4_version) - krb5_context context; - krb5_auth_context *auth_context; - krb5_pointer fdp; - char *appl_version; - krb5_principal server; - krb5_int32 flags; - krb5_keytab keytab; - krb5_ticket ** ticket; - krb5_int32 *auth_sys; - - /* - * Version 4 arguments - */ - krb5_int32 v4_options; /* bit-pattern of options */ - char *v4_service; /* service expected */ - char *v4_instance; /* inst expected (may be filled in) */ - struct sockaddr_in *v4_faddr; /* foreign address */ - struct sockaddr_in *v4_laddr; /* local address */ - AUTH_DAT **v4_kdata; /* kerberos data (returned) */ - char *v4_filename; /* name of file with service keys */ - Key_schedule v4_schedule; /* key schedule (return) */ - char *v4_version; /* version string (filled in) */ -{ - union verslen { - krb5_int32 len; - char vers[4]; - } vers; - char *buf; - int len, length; - krb5_int32 retval; - int fd = *( (int *) fdp); -#ifdef KRB5_KRB4_COMPAT - KTEXT v4_ticket; /* storage for client's ticket */ -#endif - - if ((retval = krb5_net_read(context, fd, vers.vers, 4)) != 4) - return((retval < 0) ? errno : ECONNABORTED); - -#ifdef KRB5_KRB4_COMPAT - if (!strncmp(vers.vers, KRB_V4_SENDAUTH_VERS, 4)) { - /* - * We must be talking to a V4 sendauth; read in the - * rest of the version string and make sure. - */ - if ((retval = krb5_net_read(context, fd, vers.vers, 4)) != 4) - return((retval < 0) ? errno : ECONNABORTED); - - if (strncmp(vers.vers, KRB_V4_SENDAUTH_VERS+4, 4)) - return KRB5_SENDAUTH_BADAUTHVERS; - - *auth_sys = KRB5_RECVAUTH_V4; - - *v4_kdata = (AUTH_DAT *) malloc( sizeof(AUTH_DAT) ); - v4_ticket = (KTEXT) malloc(sizeof(KTEXT_ST)); - - retval = krb_v4_recvauth(v4_options, fd, v4_ticket, - v4_service, v4_instance, v4_faddr, - v4_laddr, *v4_kdata, v4_filename, - v4_schedule, v4_version); - krb5_xfree(v4_ticket); - /* - * XXX error code translation? - */ - switch (retval) { - case RD_AP_OK: - return 0; - case RD_AP_TIME: - return KRB5KRB_AP_ERR_SKEW; - case RD_AP_EXP: - return KRB5KRB_AP_ERR_TKT_EXPIRED; - case RD_AP_NYV: - return KRB5KRB_AP_ERR_TKT_NYV; - case RD_AP_NOT_US: - return KRB5KRB_AP_ERR_NOT_US; - case RD_AP_UNDEC: - return KRB5KRB_AP_ERR_BAD_INTEGRITY; - case RD_AP_REPEAT: - return KRB5KRB_AP_ERR_REPEAT; - case RD_AP_MSG_TYPE: - return KRB5KRB_AP_ERR_MSG_TYPE; - case RD_AP_MODIFIED: - return KRB5KRB_AP_ERR_MODIFIED; - case RD_AP_ORDER: - return KRB5KRB_AP_ERR_BADORDER; - case RD_AP_BADD: - return KRB5KRB_AP_ERR_BADADDR; - default: - return KRB5_SENDAUTH_BADRESPONSE; - } - } -#endif - - /* - * Assume that we're talking to a V5 recvauth; read in the - * the version string, and make sure it matches. - */ - - len = (int) ntohl(vers.len); - - if (len < 0 || len > 255) - return KRB5_SENDAUTH_BADAUTHVERS; - - buf = malloc((unsigned) len); - if (!buf) - return ENOMEM; - - length = krb5_net_read(context, fd, buf, len); - if (len != length) { - krb5_xfree(buf); - if (len < 0) - return errno; - else - return ECONNABORTED; - } - - if (strcmp(buf, KRB_V5_SENDAUTH_VERS)) { - krb5_xfree(buf); - return KRB5_SENDAUTH_BADAUTHVERS; - } - krb5_xfree(buf); - - *auth_sys = KRB5_RECVAUTH_V5; - - retval = krb5_recvauth(context, auth_context, fdp, appl_version, server, - flags | KRB5_RECVAUTH_SKIP_VERSION, - keytab, ticket); - - return retval; -} - -krb5_error_code -krb5_compat_recvauth_version(context, auth_context, - /* IN */ - fdp, server, flags, keytab, - v4_options, v4_service, v4_instance, v4_faddr, - v4_laddr, - v4_filename, - /* OUT */ - ticket, - auth_sys, v4_kdata, v4_schedule, - version) - krb5_context context; - krb5_auth_context *auth_context; - krb5_pointer fdp; - krb5_principal server; - krb5_int32 flags; - krb5_keytab keytab; - krb5_ticket ** ticket; - krb5_int32 *auth_sys; - - /* - * Version 4 arguments - */ - krb5_int32 v4_options; /* bit-pattern of options */ - char *v4_service; /* service expected */ - char *v4_instance; /* inst expected (may be filled in) */ - struct sockaddr_in *v4_faddr; /* foreign address */ - struct sockaddr_in *v4_laddr; /* local address */ - AUTH_DAT **v4_kdata; /* kerberos data (returned) */ - char *v4_filename; /* name of file with service keys */ - Key_schedule v4_schedule; /* key schedule (return) */ - krb5_data *version; /* application version filled in */ -{ - union verslen { - krb5_int32 len; - char vers[4]; - } vers; - char *buf; - int len, length; - krb5_int32 retval; - int fd = *( (int *) fdp); -#ifdef KRB5_KRB4_COMPAT - KTEXT v4_ticket; /* storage for client's ticket */ -#endif - - if ((retval = krb5_net_read(context, fd, vers.vers, 4)) != 4) - return((retval < 0) ? errno : ECONNABORTED); - -#ifdef KRB5_KRB4_COMPAT - if (v4_faddr->sin_family == AF_INET - && !strncmp(vers.vers, KRB_V4_SENDAUTH_VERS, 4)) { - /* - * We must be talking to a V4 sendauth; read in the - * rest of the version string and make sure. - */ - if ((retval = krb5_net_read(context, fd, vers.vers, 4)) != 4) - return((retval < 0) ? errno : ECONNABORTED); - - if (strncmp(vers.vers, KRB_V4_SENDAUTH_VERS+4, 4)) - return KRB5_SENDAUTH_BADAUTHVERS; - - *auth_sys = KRB5_RECVAUTH_V4; - - *v4_kdata = (AUTH_DAT *) malloc( sizeof(AUTH_DAT) ); - v4_ticket = (KTEXT) malloc(sizeof(KTEXT_ST)); - - version->length = KRB_SENDAUTH_VLEN; /* no trailing \0! */ - version->data = malloc (KRB_SENDAUTH_VLEN + 1); - version->data[KRB_SENDAUTH_VLEN] = 0; - if (version->data == 0) - return ENOMEM; - retval = krb_v4_recvauth(v4_options, fd, v4_ticket, - v4_service, v4_instance, v4_faddr, - v4_laddr, *v4_kdata, v4_filename, - v4_schedule, version->data); - krb5_xfree(v4_ticket); - /* - * XXX error code translation? - */ - switch (retval) { - case RD_AP_OK: - return 0; - case RD_AP_TIME: - return KRB5KRB_AP_ERR_SKEW; - case RD_AP_EXP: - return KRB5KRB_AP_ERR_TKT_EXPIRED; - case RD_AP_NYV: - return KRB5KRB_AP_ERR_TKT_NYV; - case RD_AP_NOT_US: - return KRB5KRB_AP_ERR_NOT_US; - case RD_AP_UNDEC: - return KRB5KRB_AP_ERR_BAD_INTEGRITY; - case RD_AP_REPEAT: - return KRB5KRB_AP_ERR_REPEAT; - case RD_AP_MSG_TYPE: - return KRB5KRB_AP_ERR_MSG_TYPE; - case RD_AP_MODIFIED: - return KRB5KRB_AP_ERR_MODIFIED; - case RD_AP_ORDER: - return KRB5KRB_AP_ERR_BADORDER; - case RD_AP_BADD: - return KRB5KRB_AP_ERR_BADADDR; - default: - return KRB5_SENDAUTH_BADRESPONSE; - } - } -#endif - - /* - * Assume that we're talking to a V5 recvauth; read in the - * the version string, and make sure it matches. - */ - - len = (int) ntohl(vers.len); - - if (len < 0 || len > 255) - return KRB5_SENDAUTH_BADAUTHVERS; - - buf = malloc((unsigned) len); - if (!buf) - return ENOMEM; - - length = krb5_net_read(context, fd, buf, len); - if (len != length) { - krb5_xfree(buf); - if (len < 0) - return errno; - else - return ECONNABORTED; - } - - if (strcmp(buf, KRB_V5_SENDAUTH_VERS)) { - krb5_xfree(buf); - return KRB5_SENDAUTH_BADAUTHVERS; - } - krb5_xfree(buf); - - *auth_sys = KRB5_RECVAUTH_V5; - - retval = krb5_recvauth_version(context, auth_context, fdp, server, - flags | KRB5_RECVAUTH_SKIP_VERSION, - keytab, ticket, version); - - return retval; -} -#endif /* KRB5_KRB4_COMPAT */ - - -#ifndef max -#define max(a,b) (((a) > (b)) ? (a) : (b)) -#endif /* max */ - -#ifdef KRB5_KRB4_COMPAT -static int -krb_v4_recvauth(options, fd, ticket, service, instance, faddr, laddr, kdata, - filename, schedule, version) -long options; /* bit-pattern of options */ -int fd; /* file descr. to read from */ -KTEXT ticket; /* storage for client's ticket */ -char *service; /* service expected */ -char *instance; /* inst expected (may be filled in) */ -struct sockaddr_in *faddr; /* address of foreign host on fd */ -struct sockaddr_in *laddr; /* local address */ -AUTH_DAT *kdata; /* kerberos data (returned) */ -char *filename; /* name of file with service keys */ -Key_schedule schedule; /* key schedule (return) */ -char *version; /* version string (filled in) */ -{ - int cc, old_vers = 0; - int rem; - krb5_int32 tkt_len, priv_len; - krb5_ui_4 cksum; - u_char tmp_buf[MAX_KTXT_LEN+max(KRB_SENDAUTH_VLEN+1,21)]; - - /* read the application version string */ - if ((krb_net_read(fd, version, KRB_SENDAUTH_VLEN) != - KRB_SENDAUTH_VLEN)) - return(errno); - version[KRB_SENDAUTH_VLEN] = '\0'; - - /* get the length of the ticket */ - if (krb_net_read(fd, (char *)&tkt_len, sizeof(tkt_len)) != - sizeof(tkt_len)) - return(errno); - - /* sanity check */ - ticket->length = ntohl((unsigned long)tkt_len); - if ((ticket->length <= 0) || (ticket->length > MAX_KTXT_LEN)) { - if (options & KOPT_DO_MUTUAL) { - rem = KFAILURE; - goto mutual_fail; - } else - return(KFAILURE); /* XXX there may still be junk on the fd? */ - } - - /* read the ticket */ - if (krb_net_read(fd, (char *) ticket->dat, ticket->length) - != ticket->length) - return(errno); - - /* - * now have the ticket. decrypt it to get the authenticated - * data. - */ - rem = krb_rd_req(ticket,service,instance,faddr->sin_addr.s_addr, - kdata,filename); - - if (old_vers) return(rem); /* XXX can't do mutual with old client */ - - /* if we are doing mutual auth, compose a response */ - if (options & KOPT_DO_MUTUAL) { - if (rem != KSUCCESS) - /* the krb_rd_req failed */ - goto mutual_fail; - - /* add one to the (formerly) sealed checksum, and re-seal it - for return to the client */ - cksum = kdata->checksum + 1; - cksum = htonl(cksum); -#ifndef NOENCRYPTION - key_sched(kdata->session,schedule); -#endif /* !NOENCRYPTION */ - priv_len = krb_mk_priv((unsigned char *)&cksum, - tmp_buf, - (unsigned long) sizeof(cksum), - schedule, - &kdata->session, - laddr, - faddr); - if (priv_len < 0) { - /* re-sealing failed; notify the client */ - rem = KFAILURE; /* XXX */ -mutual_fail: - priv_len = -1; - tkt_len = htonl((unsigned long) priv_len); - /* a length of -1 is interpreted as an authentication - failure by the client */ - if ((cc = krb_net_write(fd, (char *)&tkt_len, sizeof(tkt_len))) - != sizeof(tkt_len)) - return(cc); - return(rem); - } else { - /* re-sealing succeeded, send the private message */ - tkt_len = htonl((unsigned long)priv_len); - if ((cc = krb_net_write(fd, (char *)&tkt_len, sizeof(tkt_len))) - != sizeof(tkt_len)) - return(cc); - if ((cc = krb_net_write(fd, (char *)tmp_buf, (int) priv_len)) - != (int) priv_len) - return(cc); - } - } - return(rem); -} -#endif -#endif - -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#include "port-sockets.h" - -int -accept_a_connection (int debug_port, struct sockaddr *from, - socklen_t *fromlenp) -{ - int n, s, fd, s4 = -1, s6 = -1, on = 1; - fd_set sockets; - - FD_ZERO(&sockets); - -#ifdef KRB5_USE_INET6 - { - struct sockaddr_in6 sock_in6; - - if ((s = socket(AF_INET6, SOCK_STREAM, PF_UNSPEC)) < 0) { - if ((errno == EPROTONOSUPPORT) || (errno == EAFNOSUPPORT)) - goto skip_ipv6; - fprintf(stderr, "Error in socket(INET6): %s\n", strerror(errno)); - exit(2); - } - - memset((char *) &sock_in6, 0,sizeof(sock_in6)); - sock_in6.sin6_family = AF_INET6; - sock_in6.sin6_port = htons(debug_port); - sock_in6.sin6_addr = in6addr_any; - - (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, - (char *)&on, sizeof(on)); - - if ((bind(s, (struct sockaddr *) &sock_in6, sizeof(sock_in6))) < 0) { - fprintf(stderr, "Error in bind(INET6): %s\n", strerror(errno)); - exit(2); - } - - if ((listen(s, 5)) < 0) { - fprintf(stderr, "Error in listen(INET6): %s\n", strerror(errno)); - exit(2); - } - s6 = s; - FD_SET(s, &sockets); - skip_ipv6: - ; - } -#endif - - { - struct sockaddr_in sock_in; - - if ((s = socket(AF_INET, SOCK_STREAM, PF_UNSPEC)) < 0) { - fprintf(stderr, "Error in socket: %s\n", strerror(errno)); - exit(2); - } - - memset((char *) &sock_in, 0,sizeof(sock_in)); - sock_in.sin_family = AF_INET; - sock_in.sin_port = htons(debug_port); - sock_in.sin_addr.s_addr = INADDR_ANY; - - (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, - (char *)&on, sizeof(on)); - - if ((bind(s, (struct sockaddr *) &sock_in, sizeof(sock_in))) < 0) { - if (s6 >= 0 && errno == EADDRINUSE) - goto try_ipv6_only; - fprintf(stderr, "Error in bind: %s\n", strerror(errno)); - exit(2); - } - - if ((listen(s, 5)) < 0) { - fprintf(stderr, "Error in listen: %s\n", strerror(errno)); - exit(2); - } - s4 = s; - FD_SET(s, &sockets); - try_ipv6_only: - ; - } - if (s4 == -1 && s6 == -1) { - fprintf(stderr, "No valid sockets established, exiting\n"); - exit(2); - } - n = select(((s4 < s6) ? s6 : s4) + 1, &sockets, 0, 0, 0); - if (n < 0) { - fprintf(stderr, "select error: %s\n", strerror(errno)); - exit(2); - } else if (n == 0) { - fprintf(stderr, "internal error? select returns 0\n"); - exit(2); - } - if (s6 != -1 && FD_ISSET(s6, &sockets)) { - if (s4 != -1) - close(s4); - s = s6; - } else if (FD_ISSET(s4, &sockets)) { - if (s6 != -1) - close(s6); - s = s4; - } else { - fprintf(stderr, - "internal error? select returns positive, " - "but neither fd available\n"); - exit(2); - } - - if ((fd = accept(s, from, fromlenp)) < 0) { - fprintf(stderr, "Error in accept: %s\n", strerror(errno)); - exit(2); - } - - close(s); - return fd; -} diff --git a/src/appl/bsd/configure.in b/src/appl/bsd/configure.in index 5c70d8b2b..330c87d51 100644 --- a/src/appl/bsd/configure.in +++ b/src/appl/bsd/configure.in @@ -42,30 +42,15 @@ alpha*-dec-osf*) ;; esac dnl -dnl krshd does not use krb524... -dnl KRSHDLIBS="$LOGINLIBS" -dnl -if test "$with_krb4" = "" || test "$with_krb4" = no; then - AC_MSG_RESULT(no krb4 support) - V4RCP= - V4RCPO= -else - AC_MSG_RESULT(Adding in krb4 rcp support) - V4RCP=v4rcp - V4RCPO=v4rcp.o -fi -dnl dnl AC_SUBST(KRSHDLIBS) AC_SUBST(LOGINLIBS) -AC_SUBST(V4RCP) -AC_SUBST(V4RCPO) dnl AC_FUNC_VFORK AC_TYPE_MODE_T AC_CHECK_FUNCS(isatty inet_aton getenv gettosbyname killpg initgroups setpriority setreuid setresuid waitpid setsid ptsname setlogin tcgetpgrp tcsetpgrp setpgid strsave utimes rmufile rresvport_af) -AC_CHECK_HEADERS(unistd.h stdlib.h string.h sys/filio.h sys/sockio.h sys/label.h sys/tty.h ttyent.h lastlog.h sys/select.h sys/ptyvar.h utmp.h sys/time.h krb4-proto.h sys/ioctl_compat.h paths.h arpa/nameser.h) +AC_CHECK_HEADERS(unistd.h stdlib.h string.h sys/filio.h sys/sockio.h sys/label.h sys/tty.h ttyent.h lastlog.h sys/select.h sys/ptyvar.h utmp.h sys/time.h sys/ioctl_compat.h paths.h arpa/nameser.h) AC_HEADER_STDARG AC_REPLACE_FUNCS(getdtablesize) dnl @@ -168,17 +153,7 @@ K5_AC_CHECK_FILES(/etc/environment /etc/TIMEZONE) dnl dnl AC_C_CONST -if test "$krb5_cv_build_krb4_libs" = yes; then - AC_DEFINE(HAVE_KRB_GET_ERR_TEXT) - AC_DEFINE(HAVE_KRB_SAVE_CREDENTIALS) -else - oldlibs=$LIBS - LIBS=" $KRB4_LIB -lkrb5 -lcrypto -lcom_err" - AC_CHECK_FUNCS(krb_get_err_text krb_save_credentials) - LIBS=$oldlibs -fi -AC_CHECK_HEADERS(krb4-proto.h) KRB5_AC_LIBUTIL KRB5_BUILD_PROGRAM V5_AC_OUTPUT_MAKEFILE diff --git a/src/appl/bsd/defines.h b/src/appl/bsd/defines.h index ac7948ab9..d04182bb9 100644 --- a/src/appl/bsd/defines.h +++ b/src/appl/bsd/defines.h @@ -44,18 +44,6 @@ extern void rcmd_stream_init_krb5 (krb5_keyblock *in_keyblock, extern void rcmd_stream_init_normal(void); -#if defined(KRB5_KRB4_COMPAT) && !defined(SKIP_V4_PROTO) -extern void rcmd_stream_init_krb4(C_Block, int, int, int); - -extern int k4cmd(int *sock, char **ahost, unsigned int rport, - char *locuser, - char *remuser, char *cmd, int *fd2p, KTEXT ticket, - char *service, char *realm, CREDENTIALS *cred, - Key_schedule schedule, MSG_DAT *msg_data, - struct sockaddr_in *laddr, struct sockaddr_in *faddr, - long authopts, int anyport); -#endif - #ifndef HAVE_STRSAVE extern char *strsave(const char *sp); #endif @@ -95,6 +83,3 @@ krb5_compat_recvauth_version(krb5_context, krb5_auth_context *, #endif #include "port-sockets.h" - -int accept_a_connection (int debug_port, struct sockaddr *from, - socklen_t *fromlenp); diff --git a/src/appl/bsd/forward.c b/src/appl/bsd/forward.c index a055da290..1ac2a2a2e 100644 --- a/src/appl/bsd/forward.c +++ b/src/appl/bsd/forward.c @@ -27,7 +27,6 @@ #include "k5-int.h" -#define SKIP_V4_PROTO /* To skip the krb4 prototypes */ #include "defines.h" /* Decode, decrypt and store the forwarded creds in the local ccache. */ diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c index 755314338..c4212b302 100644 --- a/src/appl/bsd/kcmd.c +++ b/src/appl/bsd/kcmd.c @@ -90,16 +90,10 @@ #include #include "k5-int.h" -#ifdef KRB5_KRB4_COMPAT -#include -#endif #include "defines.h" extern krb5_context bsd_context; -#ifdef KRB5_KRB4_COMPAT -extern Key_schedule v4_schedule; -#endif #define START_PORT 5120 /* arbitrary */ @@ -140,27 +134,8 @@ static char *store_ptr = storage; static int twrite(int, char *, size_t, int); static int v5_des_read(int, char *, size_t, int), v5_des_write(int, char *, size_t, int); -#ifdef KRB5_KRB4_COMPAT -static int v4_des_read(int, char *, size_t, int), - v4_des_write(int, char *, size_t, int); -static C_Block v4_session; -static int right_justify; -#endif static int do_lencheck; -#ifdef KRB5_KRB4_COMPAT -extern int -krb_sendauth(long options, int fd, KTEXT ticket, - char *service, char *inst, char *realm, - unsigned KRB4_32 checksum, - MSG_DAT *msg_data, - CREDENTIALS *cred, - Key_schedule schedule, - struct sockaddr_in *laddr, - struct sockaddr_in *faddr, - char *version); -#endif - #ifdef POSIX_SIGNALS typedef sigset_t masktype; #else @@ -631,133 +606,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm, } - -#ifdef KRB5_KRB4_COMPAT -int -k4cmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, ticket, service, realm, - cred, schedule, msg_data, laddr, faddr, authopts, anyport) - int *sock; - char **ahost; - unsigned int rport; - char *locuser, *remuser, *cmd; - int *fd2p; - KTEXT ticket; - char *service; - char *realm; - CREDENTIALS *cred; - Key_schedule schedule; - MSG_DAT *msg_data; - struct sockaddr_in *laddr, *faddr; - long authopts; - int anyport; -{ - int s; - masktype oldmask; - struct sockaddr_in sockin, from; - char c; - int lport = START_PORT; - int rc; - char *host_save; - int status; - int addrfamily = AF_INET; - - block_urgent(&oldmask); - if (kcmd_connect (&s, &addrfamily, &sockin, *ahost, &host_save, rport, &lport, laddr) == -1) { - restore_sigs(&oldmask); - return -1; - } - *ahost = host_save; - /* If realm is null, look up from table */ - if ((realm == NULL) || (realm[0] == '\0')) { - realm = krb_realmofhost(host_save); - } - lport--; - status = setup_secondary_channel(s, fd2p, &lport, &addrfamily, &from, - anyport); - if (status) - goto bad; - - /* set up the needed stuff for mutual auth */ - *faddr = sockin; - - status = krb_sendauth(authopts, s, ticket, service, *ahost, - realm, (unsigned long) getpid(), msg_data, - cred, schedule, laddr, faddr, "KCMDV0.1"); - if (status != KSUCCESS) { - fprintf(stderr, "krb_sendauth failed: %s\n", krb_get_err_text(status)); - status = -1; - goto bad2; - } - (void) write(s, remuser, strlen(remuser)+1); - (void) write(s, cmd, strlen(cmd)+1); - -reread: - if ((rc=read(s, &c, 1)) != 1) { - if (rc==-1) { - perror(*ahost); - } else { - fprintf(stderr,"rcmd: bad connection with remote host\n"); - } - status = -1; - goto bad2; - } - if (c != 0) { - /* If rlogind was compiled on SunOS4, and it somehow - got the shared library version numbers wrong, it - may give an ld.so warning about an old version of a - shared library. Just ignore any such warning. - Note that the warning is a characteristic of the - server; we may not ourselves be running under - SunOS4. */ - if (c == 'l') { - char *check = "d.so: warning:"; - char *p; - char cc; - - p = check; - while (read(s, &c, 1) == 1) { - if (*p == '\0') { - if (c == '\n') - break; - } else { - if (c != *p) - break; - ++p; - } - } - - if (*p == '\0') - goto reread; - - cc = 'l'; - (void) write(2, &cc, 1); - if (p != check) - (void) write(2, check, (unsigned) (p - check)); - } - - (void) write(2, &c, 1); - while (read(s, &c, 1) == 1) { - (void) write(2, &c, 1); - if (c == '\n') - break; - } - status = -1; - goto bad2; - } - restore_sigs(&oldmask); - *sock = s; - return (KSUCCESS); - bad2: - if (lport) - (void) close(*fd2p); - bad: - (void) close(s); - restore_sigs(&oldmask); - return (status); -} -#endif /* KRB5_KRB4_COMPAT */ - - static int setup_socket (struct sockaddr *sa, GETSOCKNAME_ARG3_TYPE len) { @@ -937,25 +785,6 @@ void rcmd_stream_init_krb5(in_keyblock, encrypt_flag, lencheck, am_client, abort(); } -#ifdef KRB5_KRB4_COMPAT -void rcmd_stream_init_krb4(session, encrypt_flag, lencheck, justify) - C_Block session; - int encrypt_flag; - int lencheck; - int justify; -{ - if (!encrypt_flag) { - rcmd_stream_init_normal(); - return; - } - do_lencheck = lencheck; - right_justify = justify; - input = v4_des_read; - output = v4_des_write; - memcpy(v4_session, session, sizeof(v4_session)); -} -#endif - int rcmd_stream_read(fd, buf, len, sec) int fd; register char *buf; @@ -1011,7 +840,6 @@ static int v5_des_read(fd, buf, len, secondary) nstored = 0; } - /* See the comment in v4_des_read. */ while (1) { cc = krb5_net_read(bsd_context, fd, &c, 1); /* we should check for non-blocking here, but we'd have @@ -1150,162 +978,6 @@ static int v5_des_write(fd, buf, len, secondary) } - -#ifdef KRB5_KRB4_COMPAT - -static int -v4_des_read(fd, buf, len, secondary) -int fd; -char *buf; -size_t len; -int secondary; -{ - int nreturned = 0; - krb5_ui_4 net_len, rd_len; - int cc; - unsigned char c; - - if (nstored >= len) { - memcpy(buf, store_ptr, len); - store_ptr += len; - nstored -= len; - return(len); - } else if (nstored) { - memcpy(buf, store_ptr, nstored); - nreturned += nstored; - buf += nstored; - len -= nstored; - nstored = 0; - } - - /* We're fetching the length which is MSB first, and the MSB - has to be zero unless the client is sending more than 2^24 - (16M) bytes in a single write (which is why this code is used - in rlogin but not rcp or rsh.) The only reasons we'd get - something other than zero are: - -- corruption of the tcp stream (which will show up when - everything else is out of sync too) - -- un-caught Berkeley-style "pseudo out-of-band data" which - happens any time the user hits ^C twice. - The latter is *very* common, as shown by an 'rlogin -x -d' - using the CNS V4 rlogin. Mark EIchin 1/95 - */ - while (1) { - cc = krb_net_read(fd, &c, 1); - if (cc <= 0) return cc; /* read error */ - if (cc == 1) { - if (c == 0 || !do_lencheck) break; - } - } - - net_len = c; - if ((cc = krb_net_read(fd, &c, 1)) != 1) return 0; - net_len = (net_len << 8) | c; - if ((cc = krb_net_read(fd, &c, 1)) != 1) return 0; - net_len = (net_len << 8) | c; - if ((cc = krb_net_read(fd, &c, 1)) != 1) return 0; - net_len = (net_len << 8) | c; - - /* Note: net_len is unsigned */ - if (net_len > sizeof(des_inbuf)) { - errno = EIO; - return(-1); - } - /* the writer tells us how much real data we are getting, but - we need to read the pad bytes (8-byte boundary) */ - rd_len = roundup(net_len, 8); - if ((cc = krb_net_read(fd, des_inbuf, rd_len)) != rd_len) { - errno = EIO; - return(-1); - } - (void) pcbc_encrypt((des_cblock *) des_inbuf, - (des_cblock *) storage, - (int) ((net_len < 8) ? 8 : net_len), - v4_schedule, - &v4_session, - DECRYPT); - /* - * when the cleartext block is < 8 bytes, it is "right-justified" - * in the block, so we need to adjust the pointer to the data - */ - if (net_len < 8 && right_justify) - store_ptr = storage + 8 - net_len; - else - store_ptr = storage; - nstored = net_len; - if (nstored > len) { - memcpy(buf, store_ptr, len); - nreturned += len; - store_ptr += len; - nstored -= len; - } else { - memcpy(buf, store_ptr, nstored); - nreturned += nstored; - nstored = 0; - } - - return(nreturned); -} - -static int -v4_des_write(fd, buf, len, secondary) -int fd; -char *buf; -size_t len; -int secondary; -{ - static char garbage_buf[8]; - unsigned char *len_buf = (unsigned char *) des_outpkt; - - /* - * pcbc_encrypt outputs in 8-byte (64 bit) increments - * - * it zero-fills the cleartext to 8-byte padding, - * so if we have cleartext of < 8 bytes, we want - * to insert random garbage before it so that the ciphertext - * differs for each transmission of the same cleartext. - * if len < 8 - sizeof(long), sizeof(long) bytes of random - * garbage should be sufficient; leave the rest as-is in the buffer. - * if len > 8 - sizeof(long), just garbage fill the rest. - */ - -#ifdef min -#undef min -#endif -#define min(a,b) ((a < b) ? a : b) - - if (len < 8) { - if (right_justify) { - krb5_random_confounder(8 - len, garbage_buf); - /* this "right-justifies" the data in the buffer */ - (void) memcpy(garbage_buf + 8 - len, buf, len); - } else { - krb5_random_confounder(8 - len, garbage_buf + len); - (void) memcpy(garbage_buf, buf, len); - } - } - (void) pcbc_encrypt((des_cblock *) ((len < 8) ? garbage_buf : buf), - (des_cblock *) (des_outpkt+4), - (int) ((len < 8) ? 8 : len), - v4_schedule, - &v4_session, - ENCRYPT); - - /* tell the other end the real amount, but send an 8-byte padded - packet */ - len_buf[0] = (len & 0xff000000) >> 24; - len_buf[1] = (len & 0xff0000) >> 16; - len_buf[2] = (len & 0xff00) >> 8; - len_buf[3] = (len & 0xff); - if (write(fd, des_outpkt, roundup(len,8)+4) != roundup(len,8)+4) { - errno = EIO; - return(-1); - } - return(len); -} - -#endif /* KRB5_KRB4_COMPAT */ - #ifndef HAVE_STRSAVE /* Strsave was a routine in the version 4 krb library: we put it here for compatablilty with version 5 krb library, since kcmd.o is linked diff --git a/src/appl/bsd/klogind.M b/src/appl/bsd/klogind.M index de4cd342e..574ae67b1 100644 --- a/src/appl/bsd/klogind.M +++ b/src/appl/bsd/klogind.M @@ -10,7 +10,7 @@ klogind \- remote login server .SH SYNOPSIS .B klogind [ -.B \-kr54cpPef +.B \-rcpPef ] [[ \fB\-w\fP[\fBip\fP|\fImaxhostlen\fP[\fB,\fP[\fBno\fP]\fBstriplocal\fP ]] ] [ \fB\-D\fP \fIport\fP ] @@ -40,37 +40,19 @@ Check authorization via the access-control files \fI.k5login\fP and Prompt for password if any checks fail and the \fI-p\fP option was supplied. .PP If the authentication succeeds, login the user by calling the accompanying -login.krb5 or /bin/login, according to the definition of -DO_NOT_USE_K_LOGIN. +login.krb5. +.PP +klogind allows Kerberos V5 authentication with the \fI.k5login\fP +access control file to be trusted. If this authorization check is +passed, then the user is allowed to log in. If the user has no +\fI.k5login\fP file, the login will be authorized if the results of +krb5_aname_to_localname conversion matches the account name. Unless +special rules are configured, this will be true if and only if the +Kerberos principal of the connecting user is in the default local +realm and the principal portion matches the account name. .PP The configuration of \fIklogind\fP is done by command line arguments passed by inetd. The options are: -.IP \fB\-5\fP 10 -Allow Kerberos V5 authentication with the \fI.k5login\fP access control -file to be trusted. If this authentication system is used by the client -and the authorization check is passed, then the user is allowed to log in. -If the user has no \fI.k5login\fP file, the login will be authorized if -the results of krb5_aname_to_localname conversion matches the account -name. Unless special rules are configured, this will be true if and only -if the Kerberos principal of the connecting user is in the default local -realm and the principal portion matches the account name. - -.IP \fB\-4\fP -Allow Kerberos V4 authentication with the \fI.klogin\fP access control -file to be trusted. If this authentication system is used by the client -and the authorization check is passed, then the user is allowed to log -in. - -.IP \fB\-k\fP -Allow Kerberos V5 and Kerberos V4 as acceptable authentication -mechanisms. This is the same as including \fB\-4\fP and \fB\-5\fP. - - -.IP \fB\-p\fP - If all other authorization checks fail, prompt the user -for a password If this option is not included, access is denied -without successful authentication and authorization using one of the -previous mechanisms. .IP \fB\-P\fP Prompt the user for a password. @@ -82,15 +64,13 @@ Create an encrypted session. .IP \fB\-c\fP Require Kerberos V5 clients to present a cryptographic checksum of -initial connection information like the name of the user that the client -is trying to access in the initial authenticator. This checksum -provides additionl security by preventing an attacker from changing the -initial connection information. To benefit from this security, only -Kerberos V5 should be trusted; Kerberos V4 and rhosts authentication do -not include this checksum. If this option is specified, older Kerberos -V5 clients that do not send a checksum in the authenticator will not be -able to authenticate to this server. This option is mutually exclusive -with the \fB-i\fP option. +initial connection information like the name of the user that the +client is trying to access in the initial authenticator. This +checksum provides additionl security by preventing an attacker from +changing the initial connection information. If this option is +specified, older Kerberos V5 clients that do not send a checksum in +the authenticator will not be able to authenticate to this server. +This option is mutually exclusive with the \fB-i\fP option. If neither the \fB-c\fP or \fB-i\fP options are specified,then checksums are validated if presented. Since it is difficult to remove diff --git a/src/appl/bsd/krcp.c b/src/appl/bsd/krcp.c index 24994ef5a..07a747b10 100644 --- a/src/appl/bsd/krcp.c +++ b/src/appl/bsd/krcp.c @@ -68,30 +68,18 @@ char copyright[] = #include #include -#ifdef KRB5_KRB4_COMPAT -#include -#endif - #include "defines.h" #define RCP_BUFSIZ 4096 int sock; -struct sockaddr_in local, foreign; /* set up by kcmd used by v4_send_auth */ char *krb_realm = NULL; char *krb_cache = NULL; char *krb_config = NULL; krb5_encrypt_block eblock; /* eblock for encrypt/decrypt */ krb5_context bsd_context; -#ifdef KRB5_KRB4_COMPAT -Key_schedule v4_schedule; -CREDENTIALS v4_cred; -KTEXT_ST v4_ticket; -MSG_DAT v4_msg_data; -#endif - -void v4_send_auth(char *, char *), try_normal(char **); +void try_normal(char **); char **save_argv(int, char **); #ifndef HAVE_STRSAVE char *strsave(); @@ -422,8 +410,8 @@ int main(argc, argv) &cred, 0, /* No seq # */ 0, /* No server seq # */ - &local, - &foreign, + (struct sockaddr_in *) 0, + (struct sockaddr_in *) 0, &auth_context, authopts, 0, /* Not any port # */ 0, @@ -432,25 +420,7 @@ int main(argc, argv) if (kcmd_proto == KCMD_NEW_PROTOCOL) /* Don't fall back to less safe methods. */ exit (1); -#ifdef KRB5_KRB4_COMPAT - fprintf(stderr, "Trying krb4 rcp...\n"); - if (strncmp(buf, "-x rcp", 6) == 0) - memcpy(buf, "rcp -x", 6); - status = k4cmd(&sock, &host, port, - pwd->pw_name, - tuser ? tuser : pwd->pw_name, buf, - 0, &v4_ticket, "rcmd", krb_realm, - NULL, NULL, NULL, - &local, &foreign, 0L, 0); - if (status) - try_normal(orig_argv); - if (encryptflag) - v4_send_auth(host, krb_realm); - rcmd_stream_init_krb4(v4_cred.session, encryptflag, 0, - 0); -#else try_normal(orig_argv); -#endif } else { krb5_boolean similar; @@ -552,7 +522,7 @@ int main(argc, argv) 0, /* No seq # */ 0, /* No server seq # */ (struct sockaddr_in *) 0, - &foreign, + (struct sockaddr_in *) 0, &auth_context, authopts, 0, /* Not any port # */ 0, @@ -561,24 +531,7 @@ int main(argc, argv) if (kcmd_proto == KCMD_NEW_PROTOCOL) /* Don't fall back to less safe methods. */ exit (1); -#ifdef KRB5_KRB4_COMPAT - fprintf(stderr, "Trying krb4 rcp...\n"); - if (strncmp(buf, "-x rcp", 6) == 0) - memcpy(buf, "rcp -x", 6); - status = k4cmd(&sock, &host, port, - pwd->pw_name, suser, buf, - 0, &v4_ticket, "rcmd", krb_realm, - NULL, NULL, NULL, - &local, &foreign, 0L, 0); - if (status) - try_normal(orig_argv); - if (encryptflag) - v4_send_auth(host, krb_realm); - rcmd_stream_init_krb4(v4_cred.session, encryptflag, 0, - 0); -#else try_normal(orig_argv); -#endif } else { krb5_keyblock *key = &cred->keyblock; @@ -1406,34 +1359,4 @@ char storage[2*RCP_BUFSIZ]; /* storage for the decryption */ int nstored = 0; char *store_ptr = storage; -#ifdef KRB5_KRB4_COMPAT -void -v4_send_auth(host,realm) -char *host; -char *realm; -{ - long authopts; - - if ((realm == NULL) || (realm[0] == '\0')) - realm = krb_realmofhost(host); - /* this needs to be sent again, because the - rcp process needs the key. the rshd has - grabbed the first one. */ - authopts = KOPT_DO_MUTUAL; - if ((rem = krb_sendauth(authopts, sock, &v4_ticket, - "rcmd", host, - realm, (unsigned long) getpid(), - &v4_msg_data, - &v4_cred, v4_schedule, - &local, - &foreign, - "KCMDV0.1")) != KSUCCESS) { - fprintf(stderr, - "krb_sendauth mutual fail: %s\n", - krb_get_err_text(rem)); - exit(1); - } -} -#endif /* KRB5_KRB4_COMPAT */ - #endif /* KERBEROS */ diff --git a/src/appl/bsd/krlogin.c b/src/appl/bsd/krlogin.c index 79d3827b5..98b61ac2b 100644 --- a/src/appl/bsd/krlogin.c +++ b/src/appl/bsd/krlogin.c @@ -157,9 +157,6 @@ char copyright[] = #ifdef KERBEROS #include #include -#ifdef KRB5_KRB4_COMPAT -#include -#endif #include "defines.h" #define RLOGIN_BUFSIZ 5120 @@ -173,11 +170,6 @@ struct sockaddr_in local, foreign; krb5_context bsd_context; krb5_auth_context auth_context; -#ifdef KRB5_KRB4_COMPAT -Key_schedule v4_schedule; -CREDENTIALS v4_cred; -#endif - #ifndef UCB_RLOGIN #define UCB_RLOGIN "/usr/ucb/rlogin" #endif @@ -381,11 +373,6 @@ main(argc, argv) int sock; krb5_flags authopts; krb5_error_code status; -#ifdef KRB5_KRB4_COMPAT - KTEXT_ST v4_ticket; - MSG_DAT v4_msg_data; - int v4only = 0; -#endif #endif int port, debug_port = 0; enum kcmd_proto kcmd_proto = KCMD_PROTOCOL_COMPAT_HACK; @@ -523,25 +510,11 @@ main(argc, argv) argv++, argc--; goto another; } -#ifdef KRB5_KRB4_COMPAT - if (argc > 0 && !strcmp(*argv, "-4")) { - v4only++; - argv++, argc--; - goto another; - } -#endif /* krb4 */ #endif /* KERBEROS */ if (host == 0) goto usage; if (argc > 0) goto usage; -#ifdef KRB5_KRB4_COMPAT - if (kcmd_proto != KCMD_PROTOCOL_COMPAT_HACK && v4only) { - com_err (argv[0], 0, - "-4 is incompatible with -PO/-PN"); - exit(1); - } -#endif pwd = getpwuid(getuid()); if (pwd == 0) { fprintf(stderr, "Who are you?\n"); @@ -661,10 +634,6 @@ main(argc, argv) if (Fflag) authopts |= OPTS_FORWARDABLE_CREDS; -#ifdef KRB5_KRB4_COMPAT - if (v4only) - goto try_v4; -#endif status = kcmd(&sock, &host, port, null_local_username ? "" : pwd->pw_name, name ? name : pwd->pw_name, term, @@ -681,21 +650,7 @@ main(argc, argv) if (kcmd_proto == KCMD_NEW_PROTOCOL && encrypt_flag) /* Don't fall back to something less secure. */ exit (1); -#ifdef KRB5_KRB4_COMPAT - fprintf(stderr, "Trying krb4 rlogin...\n"); - try_v4: - status = k4cmd(&sock, &host, port, - null_local_username ? "" : pwd->pw_name, - name ? name : pwd->pw_name, term, - 0, &v4_ticket, "rcmd", krb_realm, - &v4_cred, v4_schedule, &v4_msg_data, &local, &foreign, - (encrypt_flag) ? KOPT_DO_MUTUAL : 0L, 0); - if (status) - try_normal(orig_argv); - rcmd_stream_init_krb4(v4_cred.session, encrypt_flag, 1, 1); -#else try_normal(orig_argv); -#endif } else { krb5_keyblock *key = 0; @@ -739,11 +694,7 @@ main(argc, argv) #ifdef KERBEROS fprintf (stderr, "usage: rlogin host [-option] [-option...] [-k realm ] [-t ttytype] [-l username]\n"); -#ifdef KRB5_KRB4_COMPAT - fprintf (stderr, " where option is e, 7, 8, noflow, n, a, x, f, F, c, 4, PO, or PN\n"); -#else fprintf (stderr, " where option is e, 7, 8, noflow, n, a, x, f, F, c, PO, or PN\n"); -#endif #else /* !KERBEROS */ fprintf (stderr, "usage: rlogin host [-option] [-option...] [-t ttytype] [-l username]\n"); diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c index 219ff0199..01b4ef205 100644 --- a/src/appl/bsd/krlogind.c +++ b/src/appl/bsd/krlogind.c @@ -75,9 +75,7 @@ char copyright[] = * The configuration is done either by command-line arguments passed by * inetd, or by the name of the daemon. If command-line arguments are * present, they take priority. The options are: - * -k means trust krb4 or krb5 -* -5 means trust krb5 -* -4 means trust krb4 + * -k means trust krb5 * -p and -P means prompt for password. * If the -P option is passed, then the password is verified in * addition to all other checks. If -p is not passed with -k or -r, @@ -97,9 +95,6 @@ char copyright[] = * CRYPT - Define this if encryption is to be an option. * DO_NOT_USE_K_LOGIN - Define this if you want to use /bin/login * instead of the accompanying login.krb5. - * KRB5_KRB4_COMPAT - Define this if v4 rlogin clients are also to be served. - * ALWAYS_V5_KUSEROK - Define this if you want .k5login to be - * checked even for v4 clients (instead of .klogin). * LOG_ALL_LOGINS - Define this if you want to log all logins. * LOG_OTHER_USERS - Define this if you want to log all principals * that do not map onto the local user. @@ -234,28 +229,15 @@ struct winsize { #ifdef KERBEROS #include "k5-int.h" -#ifdef KRB5_KRB4_COMPAT -#include -#endif #include #ifdef HAVE_UTMP_H #include #include #endif -int auth_sys = 0; /* Which version of Kerberos used to authenticate */ - -#define KRB5_RECVAUTH_V4 4 -#define KRB5_RECVAUTH_V5 5 - int non_privileged = 0; /* set when connection is seen to be from */ /* a non-privileged port */ -#ifdef KRB5_KRB4_COMPAT -AUTH_DAT *v4_kdata; -Key_schedule v4_schedule; -#endif - #include "com_err.h" #include "defines.h" @@ -268,7 +250,7 @@ krb5_ccache ccache = NULL; krb5_keytab keytab = NULL; -#define ARGSTR "k54ciepPD:S:M:L:fw:?" +#define ARGSTR "k5ciepPD:S:M:L:fw:?" #else /* !KERBEROS */ #define ARGSTR "rpPD:f?" #endif /* KERBEROS */ @@ -334,18 +316,7 @@ int princ_maps_to_lname(krb5_principal, char *), default_realm(krb5_principal); krb5_sigtype cleanup(int); krb5_error_code recvauth(int *); -/* There are two authentication related masks: - * auth_ok and auth_sent. -* The auth_ok mask is the oring of authentication systems any one -* of which can be used. -* The auth_sent mask is the oring of one or more authentication/authorization -* systems that succeeded. If the anding -* of these two masks is true, then authorization is successful. -*/ -#define AUTH_KRB4 (0x1) -#define AUTH_KRB5 (0x2) -int auth_ok = 0, auth_sent = 0; -int do_encrypt = 0, passwd_if_fail = 0, passwd_req = 0; +int do_encrypt = 0, passwd_req = 0; int checksum_required = 0, checksum_ignored = 0; int stripdomain = 1; @@ -397,15 +368,9 @@ int main(argc, argv) switch (ch) { #ifdef KERBEROS case 'k': -#ifdef KRB5_KRB4_COMPAT - auth_ok |= (AUTH_KRB5|AUTH_KRB4); -#else - auth_ok |= AUTH_KRB5; -#endif /* KRB5_KRB4_COMPAT*/ break; case '5': - auth_ok |= AUTH_KRB5; break; case 'c': checksum_required = 1; @@ -414,11 +379,6 @@ int main(argc, argv) checksum_ignored = 1; break; -#ifdef KRB5_KRB4_COMPAT - case '4': - auth_ok |= AUTH_KRB4; - break; -#endif #ifdef CRYPT case 'x': /* Use encryption. */ case 'X': @@ -439,7 +399,6 @@ int main(argc, argv) break; #endif case 'p': - passwd_if_fail = 1; /* Passwd reqd if any check fails */ break; case 'P': /* passwd is a must */ passwd_req = 1; @@ -618,10 +577,6 @@ void doit(f, fromp) if (setsockopt(f, SOL_SOCKET, SO_KEEPALIVE, (const char *) &on, sizeof (on)) < 0) syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); - if (auth_ok == 0) { - syslog(LOG_CRIT, "No authentication systems were enabled; all connections will be refused."); - fatal(f, "All authentication systems disabled; connection refused."); - } if (checksum_required&&checksum_ignored) { syslog( LOG_CRIT, "Checksums are required and ignored; these options are mutually exclusive--check the documentation."); @@ -1233,8 +1188,7 @@ do_krb_login(host_addr, hostname) exit(1); } - /* Check authentication. This can be either Kerberos V5, */ - /* Kerberos V4, or host-based. */ + /* Check authentication. */ if ((status = recvauth(&valid_checksum))) { if (ticket) krb5_free_ticket(bsd_context, ticket); @@ -1249,56 +1203,22 @@ do_krb_login(host_addr, hostname) /* OK we have authenticated this user - now check authorization. */ /* The Kerberos authenticated programs must use krb5_kuserok or kuserok*/ -#ifndef KRB5_KRB4_COMPAT - if (auth_sys == KRB5_RECVAUTH_V4) { - fatal(netf, "This server does not support Kerberos V4"); - } -#endif - - -#if (defined(ALWAYS_V5_KUSEROK) || !defined(KRB5_KRB4_COMPAT)) - /* krb5_kuserok returns 1 if OK */ - if (client && krb5_kuserok(bsd_context, client, lusername)) - auth_sent |= ((auth_sys == KRB5_RECVAUTH_V4)?AUTH_KRB4:AUTH_KRB5); -#else - if (auth_sys == KRB5_RECVAUTH_V4) { - /* kuserok returns 0 if OK */ - if (!kuserok(v4_kdata, lusername)) - auth_sent |= AUTH_KRB4; - } else { - /* krb5_kuserok returns 1 if OK */ - if (client && krb5_kuserok(bsd_context, client, lusername)) - auth_sent |= AUTH_KRB5; - } -#endif - - + /* krb5_kuserok returns 1 if OK */ + if (!client || !krb5_kuserok(bsd_context, client, lusername)) { + if (asprintf(&msg_fail, + "User %s is not authorized to login to account %s", + krusername, lusername) >= 0) + fatal(netf, msg_fail); + else + fatal(netf, + "User is not authorized to login to specified account"); + } if (checksum_required && !valid_checksum) { - if (auth_sent & AUTH_KRB5) { - syslog(LOG_WARNING, "Client did not supply required checksum--connection rejected."); + syslog(LOG_WARNING, "Client did not supply required checksum--connection rejected."); - fatal(netf, "You are using an old Kerberos5 without initial connection support; only newer clients are authorized."); - } else { - syslog(LOG_WARNING, - "Configuration error: Requiring checksums with -c is inconsistent with allowing Kerberos V4 connections."); - } + fatal(netf, "You are using an old Kerberos5 without initial connection support; only newer clients are authorized."); } - if (auth_ok&auth_sent) /* This should be bitwise.*/ - return; - - if (ticket) - krb5_free_ticket(bsd_context, ticket); - - if (auth_sent) - fatal(netf, "Access denied because of improper credentials"); - else if (asprintf(&msg_fail, - "User %s is not authorized to login to account %s", - krusername, lusername) >= 0) - fatal(netf, msg_fail); - else - fatal(netf, "User is not authorized to login to specified account"); - /* NOTREACHED */ } #endif /* KERBEROS */ @@ -1332,10 +1252,10 @@ void usage() { #ifdef KERBEROS syslog(LOG_ERR, - "usage: klogind [-ke45pPf] [-D port] [-w[ip|maxhostlen[,[no]striplocal]]] or [r/R][k/K][x/e][p/P]logind"); + "usage: klogind [-ePf] [-D port] [-w[ip|maxhostlen[,[no]striplocal]]] or [r/R][k/K][x/e][p/P]logind"); #else syslog(LOG_ERR, - "usage: rlogind [-rpPf] [-D port] or [r/R][p/P]logind"); + "usage: rlogind [-rPf] [-D port] or [r/R][p/P]logind"); #endif } @@ -1359,9 +1279,6 @@ recvauth(valid_checksum) struct sockaddr_storage peersin, laddr; socklen_t len; krb5_data inbuf; -#ifdef KRB5_KRB4_COMPAT - char v4_instance[INST_SZ]; /* V4 Instance */ -#endif krb5_data version; krb5_authenticator *authenticator; krb5_rcache rcache; @@ -1380,10 +1297,6 @@ recvauth(valid_checksum) exit(1); } -#ifdef KRB5_KRB4_COMPAT - strlcpy(v4_instance, "*", sizeof(v4_instance)); -#endif - if ((status = krb5_auth_con_init(bsd_context, &auth_context))) return status; @@ -1412,38 +1325,15 @@ recvauth(valid_checksum) if (status) return status; } -#ifdef KRB5_KRB4_COMPAT - status = krb5_compat_recvauth_version(bsd_context, &auth_context, - &netf, - NULL, /* Specify daemon principal */ - 0, /* no flags */ - keytab, /* normally NULL to use v5srvtab */ - - do_encrypt ? KOPT_DO_MUTUAL : 0, /*v4_opts*/ - "rcmd", /* v4_service */ - v4_instance, /* v4_instance */ - ss2sin(&peersin), /* foriegn address */ - ss2sin(&laddr), /* our local address */ - "", /* use default srvtab */ - - &ticket, /* return ticket */ - &auth_sys, /* which authentication system*/ - &v4_kdata, v4_schedule, - &version); -#else - auth_sys = KRB5_RECVAUTH_V5; status = krb5_recvauth_version(bsd_context, &auth_context, &netf, NULL, 0, keytab, &ticket, &version); -#endif if (status) { - if (auth_sys == KRB5_RECVAUTH_V5) { - /* - * clean up before exiting - */ - getstr(netf, lusername, sizeof (lusername), "locuser"); - getstr(netf, term, sizeof(term), "Terminal type"); - getstr(netf, rusername, sizeof(rusername), "remuser"); - } + /* + * clean up before exiting + */ + getstr(netf, lusername, sizeof (lusername), "locuser"); + getstr(netf, term, sizeof(term), "Terminal type"); + getstr(netf, rusername, sizeof(rusername), "remuser"); return status; } @@ -1451,32 +1341,24 @@ recvauth(valid_checksum) getstr(netf, term, sizeof(term), "Terminal type"); kcmd_proto = KCMD_UNKNOWN_PROTOCOL; - if (auth_sys == KRB5_RECVAUTH_V5) { - if (version.length != 9) { - fatal (netf, "bad application version length"); - } - if (!memcmp (version.data, "KCMDV0.1", 9)) - kcmd_proto = KCMD_OLD_PROTOCOL; - else if (!memcmp (version.data, "KCMDV0.2", 9)) - kcmd_proto = KCMD_NEW_PROTOCOL; + if (version.length != 9) { + fatal (netf, "bad application version length"); } -#ifdef KRB5_KRB4_COMPAT - if (auth_sys == KRB5_RECVAUTH_V4) - kcmd_proto = KCMD_V4_PROTOCOL; -#endif + if (!memcmp (version.data, "KCMDV0.1", 9)) + kcmd_proto = KCMD_OLD_PROTOCOL; + else if (!memcmp (version.data, "KCMDV0.2", 9)) + kcmd_proto = KCMD_NEW_PROTOCOL; + + if (!(checksum_ignored && kcmd_proto == KCMD_OLD_PROTOCOL)) { - if ((auth_sys == KRB5_RECVAUTH_V5) - && !(checksum_ignored - && kcmd_proto == KCMD_OLD_PROTOCOL)) { - if ((status = krb5_auth_con_getauthenticator(bsd_context, auth_context, &authenticator))) return status; - + if (authenticator->checksum) { struct sockaddr_in adr; socklen_t adr_length = sizeof(adr); - char * chksumbuf; + char * chksumbuf = NULL; if (getsockname(netf, (struct sockaddr *) &adr, &adr_length) != 0) goto error_cleanup; if (asprintf(&chksumbuf, "%u:%s%s", ntohs(adr.sin_port), term, lusername) < 0) @@ -1500,32 +1382,6 @@ recvauth(valid_checksum) krb5_free_authenticator(bsd_context, authenticator); } - -#ifdef KRB5_KRB4_COMPAT - if (auth_sys == KRB5_RECVAUTH_V4) { - - rcmd_stream_init_krb4(v4_kdata->session, do_encrypt, 1, 1); - - /* We do not really know the remote user's login name. - * Assume it to be the same as the first component of the - * principal's name. - */ - strncpy(rusername, v4_kdata->pname, sizeof(rusername) - 1); - rusername[sizeof(rusername) - 1] = '\0'; - - status = krb5_425_conv_principal(bsd_context, v4_kdata->pname, - v4_kdata->pinst, v4_kdata->prealm, - &client); - if (status) return status; - - status = krb5_unparse_name(bsd_context, client, &krusername); - - return status; - } -#endif - - /* Must be V5 */ - if ((status = krb5_copy_principal(bsd_context, ticket->enc_part2->client, &client))) return status; diff --git a/src/appl/bsd/krsh.c b/src/appl/bsd/krsh.c index ac92057a4..1999bb5e1 100644 --- a/src/appl/bsd/krsh.c +++ b/src/appl/bsd/krsh.c @@ -64,17 +64,9 @@ char copyright[] = #ifdef KERBEROS #include #include -#ifdef KRB5_KRB4_COMPAT -#include -#endif #include "defines.h" #endif /* KERBEROS */ -#ifdef KRB5_KRB4_COMPAT -#include -Key_schedule v4_schedule; -#endif - /* * rsh - remote shell */ @@ -96,11 +88,6 @@ krb5_sigtype sendsig(int); krb5_context bsd_context; krb5_creds *cred; -#ifdef KRB5_KRB4_COMPAT -Key_schedule v4_schedule; -CREDENTIALS v4_cred; -#endif - int encrypt_flag = 0; char *krb_realm = (char *)0; void try_normal(char **); @@ -149,10 +136,6 @@ main(argc, argv0) krb5_error_code status; krb5_auth_context auth_context; int fflag = 0, Fflag = 0; -#ifdef KRB5_KRB4_COMPAT - KTEXT_ST v4_ticket; - MSG_DAT v4_msg_data; -#endif #endif /* KERBEROS */ int debug_port = 0; enum kcmd_proto kcmd_proto = KCMD_PROTOCOL_COMPAT_HACK; @@ -383,26 +366,7 @@ main(argc, argv0) ones. */ if (kcmd_proto == KCMD_NEW_PROTOCOL) exit (1); -#ifdef KRB5_KRB4_COMPAT - /* No encrypted Kerberos 4 rsh. */ - if (encrypt_flag) - exit(1); -#ifdef HAVE_ISATTY - if (isatty(fileno(stderr))) - fprintf(stderr, "Trying krb4 rsh...\n"); -#endif - status = k4cmd(&rem, &host, debug_port, - pwd->pw_name, - user ? user : pwd->pw_name, args, - &rfd2, &v4_ticket, "rcmd", krb_realm, - &v4_cred, v4_schedule, &v4_msg_data, - &local, &foreign, 0L, 0); - if (status) - try_normal(argv0); - rcmd_stream_init_krb4(v4_cred.session, encrypt_flag, 0, 1); -#else try_normal(argv0); -#endif } else { krb5_keyblock *key = &cred->keyblock; diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c index 8570b600e..aa3f2edb9 100644 --- a/src/appl/bsd/krshd.c +++ b/src/appl/bsd/krshd.c @@ -39,25 +39,14 @@ char copyright[] = * This is the rshell daemon. The very basic protocol for checking * authentication and authorization is: * 1) Check authentication. - * 2) Check authorization via the access-control files: - * ~/.k5login (using krb5_kuserok) and/or + * 2) Check authorization via the access-control files: + * ~/.k5login (using krb5_kuserok) * Execute command if configured authoriztion checks pass, else deny * permission. - * - * The configuration is done either by command-line arguments passed by inetd, - * or by the name of the daemon. If command-line arguments are present, they - * take priority. The options are: - * -k means trust krb4 or krb5 - * -5 means trust krb5 - * -4 means trust krb4 (using .klogin) - * */ /* DEFINES: * KERBEROS - Define this if application is to be kerberised. - * KRB5_KRB4_COMPAT - Define this if v4 rlogin clients are also to be served. - * ALWAYS_V5_KUSEROK - Define this if you want .k5login to be - * checked even for v4 clients (instead of .klogin). * LOG_ALL_LOGINS - Define this if you want to log all logins. * LOG_OTHER_USERS - Define this if you want to log all principals that do * not map onto the local user. @@ -87,10 +76,7 @@ char copyright[] = #include #include #include -#if !defined(KERBEROS) || !defined(KRB5_KRB4_COMPAT) -/* Ultrix doesn't protect it vs multiple inclusion, and krb.h includes it */ #include -#endif #include #include #include @@ -122,10 +108,7 @@ char copyright[] = #include #include -#if !defined(KERBEROS) || !defined(KRB5_KRB4_COMPAT) -/* Ultrix doesn't protect it vs multiple inclusion, and krb.h includes it */ #include -#endif #ifdef CRAY #ifndef NO_UDB @@ -159,10 +142,6 @@ char copyright[] = #include "k5-int.h" #include #include "loginpaths.h" -#ifdef KRB5_KRB4_COMPAT -#include -Key_schedule v4_schedule; -#endif #include #include @@ -186,7 +165,7 @@ Key_schedule v4_schedule; #define MAXDNAME 256 /*per the rfc*/ #endif -#define ARGSTR "ek54ciD:S:M:AP:?L:w:" +#define ARGSTR "ek5ciD:S:M:AP:?L:w:" @@ -218,22 +197,13 @@ static krb5_error_code recvauth(int netfd, struct sockaddr *peersin, #endif /* KERBEROS */ +static int accept_a_connection (int debug_port, struct sockaddr *from, + socklen_t *fromlenp); #ifndef HAVE_KILLPG #define killpg(pid, sig) kill(-(pid), (sig)) #endif -/* There are two authentication related masks: - * auth_ok and auth_sent. -* The auth_ok mask is the oring of authentication systems any one -* of which can be used. -* The auth_sent mask is the oring of one or more authentication/authorization -* systems that succeeded. If the anding -* of these two masks is true, then authorization is successful. -*/ -#define AUTH_KRB4 (0x1) -#define AUTH_KRB5 (0x2) -int auth_ok = 0, auth_sent = 0; int checksum_required = 0, checksum_ignored = 0; char *progname; @@ -321,15 +291,9 @@ int main(argc, argv) switch (ch) { #ifdef KERBEROS case 'k': -#ifdef KRB5_KRB4_COMPAT - auth_ok |= (AUTH_KRB5|AUTH_KRB4); -#else - auth_ok |= AUTH_KRB5; -#endif /* KRB5_KRB4_COMPAT*/ break; case '5': - auth_ok |= AUTH_KRB5; break; case 'c': checksum_required = 1; @@ -338,12 +302,6 @@ int main(argc, argv) checksum_ignored = 1; break; -#ifdef KRB5_KRB4_COMPAT - case '4': - auth_ok |= AUTH_KRB4; - break; -#endif - case 'e': require_encrypt = 1; break; @@ -538,16 +496,6 @@ char *kremuser; krb5_principal client; krb5_authenticator *kdata; -#ifdef KRB5_KRB4_COMPAT -AUTH_DAT *v4_kdata; -KTEXT v4_ticket; -#endif - -int auth_sys = 0; /* Which version of Kerberos used to authenticate */ - -#define KRB5_RECVAUTH_V4 4 -#define KRB5_RECVAUTH_V5 5 - static void ignore_signals() { @@ -1091,31 +1039,14 @@ void doit(f, fromp) } #ifdef KERBEROS - -#if defined(KRB5_KRB4_COMPAT) && !defined(ALWAYS_V5_KUSEROK) - if (auth_sys == KRB5_RECVAUTH_V4) { - /* kuserok returns 0 if OK */ - if (kuserok(v4_kdata, locuser)){ - syslog(LOG_ERR , - "Principal %s (%s@%s (%s)) for local user %s failed kuserok.\n", - kremuser, remuser, hostaddra, hostname, locuser); - } - else auth_sent |= AUTH_KRB4; - } else -#endif - { - /* krb5_kuserok returns 1 if OK */ - if (!krb5_kuserok(bsd_context, client, locuser)){ - syslog(LOG_ERR , - "Principal %s (%s@%s (%s)) for local user %s failed krb5_kuserok.\n", - kremuser, remuser, hostaddra, hostname, locuser); - } - else - auth_sent |= - ((auth_sys == KRB5_RECVAUTH_V4) ? AUTH_KRB4 : AUTH_KRB5); - } - - + /* krb5_kuserok returns 1 if OK */ + if (!krb5_kuserok(bsd_context, client, locuser)){ + syslog(LOG_ERR , + "Principal %s (%s@%s (%s)) for local user %s failed krb5_kuserok.\n", + kremuser, remuser, hostaddra, hostname, locuser); + error("Permission denied.\n"); + goto signout_please; + } #else if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' && ruserok(hostname[0] ? hostname : hostaddra, @@ -1127,26 +1058,14 @@ void doit(f, fromp) if (checksum_required && !valid_checksum) { - if (auth_sent & AUTH_KRB5) { - syslog(LOG_WARNING, "Client did not supply required checksum--connection rejected."); - error( "You are using an old Kerberos5 client without checksum support; only newer clients are authorized.\n"); - goto signout_please; - } else { - syslog(LOG_WARNING, - "Configuration error: Requiring checksums with -c is inconsistent with allowing Kerberos V4 connections."); - } + syslog(LOG_WARNING, "Client did not supply required checksum--connection rejected."); + error( "You are using an old Kerberos5 client without checksum support; only newer clients are authorized.\n"); + goto signout_please; } if (require_encrypt&&(!do_encrypt)) { error("You must use encryption.\n"); goto signout_please; } - if (!(auth_ok&auth_sent)) { - if (auth_sent) - error("Another authentication mechanism must be used to access this host.\n"); - else - error("Permission denied.\n"); - goto signout_please; - } if (pwd->pw_uid && !access(NOLOGIN, F_OK)) { error("Logins currently disabled.\n"); @@ -1519,10 +1438,7 @@ void doit(f, fromp) strlcpy(cmdbuf + offst, kprogdir, sizeof(cmdbuf) - offst); cp = copy + 3 + offst; - if (auth_sys == KRB5_RECVAUTH_V4) - strlcat(cmdbuf, "/v4rcp", sizeof(cmdbuf)); - else - strlcat(cmdbuf, "/rcp", sizeof(cmdbuf)); + strlcat(cmdbuf, "/rcp", sizeof(cmdbuf)); if (stat((char *)cmdbuf + offst, &s2) >= 0) strlcat(cmdbuf, cp, sizeof(cmdbuf)); @@ -1771,7 +1687,7 @@ loglogin(host, flag, failures, ue) void usage() { #ifdef KERBEROS - syslog(LOG_ERR, "usage: kshd [-54ecikK] "); + syslog(LOG_ERR, "usage: kshd [-eciK] "); #else syslog(LOG_ERR, "usage: rshd"); #endif @@ -1798,9 +1714,6 @@ recvauth(netfd, peersin, valid_checksum) struct sockaddr_in laddr; socklen_t len; krb5_data inbuf; -#ifdef KRB5_KRB4_COMPAT - char v4_instance[INST_SZ]; /* V4 Instance */ -#endif krb5_authenticator *authenticator; krb5_ticket *ticket; krb5_rcache rcache; @@ -1822,10 +1735,6 @@ recvauth(netfd, peersin, valid_checksum) #define SIZEOF_INADDR sizeof(struct in_addr) #endif -#ifdef KRB5_KRB4_COMPAT - strlcpy(v4_instance, "*", sizeof(v4_instance)); -#endif - status = krb5_auth_con_init(bsd_context, &auth_context); if (status) return status; @@ -1855,66 +1764,25 @@ recvauth(netfd, peersin, valid_checksum) if (status) return status; } -#ifdef KRB5_KRB4_COMPAT - status = krb5_compat_recvauth_version(bsd_context, &auth_context, &netfd, - NULL, /* Specify daemon principal */ - 0, /* no flags */ - keytab, /* normally NULL to use v5srvtab */ - 0, /* v4_opts */ - "rcmd", /* v4_service */ - v4_instance, /* v4_instance */ - (struct sockaddr_in *)peersin, /* foreign address */ - &laddr, /* our local address */ - "", /* use default srvtab */ - - &ticket, /* return ticket */ - &auth_sys, /* which authentication system*/ - &v4_kdata, 0, &version); -#else status = krb5_recvauth_version(bsd_context, &auth_context, &netfd, NULL, /* daemon principal */ 0, /* no flags */ keytab, /* normally NULL to use v5srvtab */ &ticket, /* return ticket */ &version); /* application version string */ - auth_sys = KRB5_RECVAUTH_V5; -#endif if (status) { - if (auth_sys == KRB5_RECVAUTH_V5) { - /* - * clean up before exiting - */ - getstr(netfd, locuser, sizeof(locuser), "locuser"); - getstr(netfd, cmdbuf, sizeof(cmdbuf), "command"); - getstr(netfd, remuser, sizeof(locuser), "remuser"); - } + /* + * clean up before exiting + */ + getstr(netfd, locuser, sizeof(locuser), "locuser"); + getstr(netfd, cmdbuf, sizeof(cmdbuf), "command"); + getstr(netfd, remuser, sizeof(locuser), "remuser"); return status; } getstr(netfd, locuser, sizeof(locuser), "locuser"); getstr(netfd, cmdbuf, sizeof(cmdbuf), "command"); -#ifdef KRB5_KRB4_COMPAT - if (auth_sys == KRB5_RECVAUTH_V4) { - rcmd_stream_init_normal(); - - /* We do not really know the remote user's login name. - * Assume it to be the same as the first component of the - * principal's name. - */ - strlcpy(remuser, v4_kdata->pname, sizeof(remuser)); - - status = krb5_425_conv_principal(bsd_context, v4_kdata->pname, - v4_kdata->pinst, v4_kdata->prealm, - &client); - if (status) return status; - - status = krb5_unparse_name(bsd_context, client, &kremuser); - - return status; - } -#endif /* KRB5_KRB4_COMPAT */ - /* Must be V5 */ kcmd_proto = KCMD_UNKNOWN_PROTOCOL; @@ -2061,3 +1929,115 @@ void fatal(f, msg) } exit(1); } + +static int +accept_a_connection (int debug_port, struct sockaddr *from, + socklen_t *fromlenp) +{ + int n, s, fd, s4 = -1, s6 = -1, on = 1; + fd_set sockets; + + FD_ZERO(&sockets); + +#ifdef KRB5_USE_INET6 + { + struct sockaddr_in6 sock_in6; + + if ((s = socket(AF_INET6, SOCK_STREAM, PF_UNSPEC)) < 0) { + if ((errno == EPROTONOSUPPORT) || (errno == EAFNOSUPPORT)) + goto skip_ipv6; + fprintf(stderr, "Error in socket(INET6): %s\n", strerror(errno)); + exit(2); + } + + memset((char *) &sock_in6, 0,sizeof(sock_in6)); + sock_in6.sin6_family = AF_INET6; + sock_in6.sin6_port = htons(debug_port); + sock_in6.sin6_addr = in6addr_any; + + (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, + (char *)&on, sizeof(on)); + + if ((bind(s, (struct sockaddr *) &sock_in6, sizeof(sock_in6))) < 0) { + fprintf(stderr, "Error in bind(INET6): %s\n", strerror(errno)); + exit(2); + } + + if ((listen(s, 5)) < 0) { + fprintf(stderr, "Error in listen(INET6): %s\n", strerror(errno)); + exit(2); + } + s6 = s; + FD_SET(s, &sockets); + skip_ipv6: + ; + } +#endif + + { + struct sockaddr_in sock_in; + + if ((s = socket(AF_INET, SOCK_STREAM, PF_UNSPEC)) < 0) { + fprintf(stderr, "Error in socket: %s\n", strerror(errno)); + exit(2); + } + + memset((char *) &sock_in, 0,sizeof(sock_in)); + sock_in.sin_family = AF_INET; + sock_in.sin_port = htons(debug_port); + sock_in.sin_addr.s_addr = INADDR_ANY; + + (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, + (char *)&on, sizeof(on)); + + if ((bind(s, (struct sockaddr *) &sock_in, sizeof(sock_in))) < 0) { + if (s6 >= 0 && errno == EADDRINUSE) + goto try_ipv6_only; + fprintf(stderr, "Error in bind: %s\n", strerror(errno)); + exit(2); + } + + if ((listen(s, 5)) < 0) { + fprintf(stderr, "Error in listen: %s\n", strerror(errno)); + exit(2); + } + s4 = s; + FD_SET(s, &sockets); + try_ipv6_only: + ; + } + if (s4 == -1 && s6 == -1) { + fprintf(stderr, "No valid sockets established, exiting\n"); + exit(2); + } + n = select(((s4 < s6) ? s6 : s4) + 1, &sockets, 0, 0, 0); + if (n < 0) { + fprintf(stderr, "select error: %s\n", strerror(errno)); + exit(2); + } else if (n == 0) { + fprintf(stderr, "internal error? select returns 0\n"); + exit(2); + } + if (s6 != -1 && FD_ISSET(s6, &sockets)) { + if (s4 != -1) + close(s4); + s = s6; + } else if (FD_ISSET(s4, &sockets)) { + if (s6 != -1) + close(s6); + s = s4; + } else { + fprintf(stderr, + "internal error? select returns positive, " + "but neither fd available\n"); + exit(2); + } + + if ((fd = accept(s, from, fromlenp)) < 0) { + fprintf(stderr, "Error in accept: %s\n", strerror(errno)); + exit(2); + } + + close(s); + return fd; +} diff --git a/src/appl/bsd/login.M b/src/appl/bsd/login.M index 0fceb3529..3a1b05b4b 100644 --- a/src/appl/bsd/login.M +++ b/src/appl/bsd/login.M @@ -19,8 +19,8 @@ tickets for the user. will prompt for a username, or take one on the command line, as .I login.krb5 username and will then prompt for a password. This password will be used to -acquire Kerberos Version 5 tickets and Kerberos Version 4 tickets (if -possible.) It will also attempt to run +acquire Kerberos Version 5 tickets (if possible.) It will also attempt +to run .I aklog to get \fIAFS\fP tokens for the user. The version 5 tickets will be tested against a local @@ -40,12 +40,6 @@ pass hostname to rlogind. Must be the last argument. \fB\-h\fP \fIhostname\fP pass hostname to telnetd, etc. Must be the last argument. .TP -\fB\-k\fP \fIhostname\fP -Use Kerberos V4 to login. Must be the last argument. -.TP -\fB\-K\fP \fIhostname\fP -Use Kerberos V4 to login. Must be the last argument. -.TP \fB\-f\fP \fIname\fP Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root. @@ -66,17 +60,6 @@ stanza. A collection of options dealing with initial authentication are provided: .IP krb5_get_tickets Use password to get V5 tickets. Default value true. -.IP krb4_get_tickets -Use password to get V4 tickets. Default value false. -.IP krb4_convert -Use Kerberos conversion daemon to get V4 tickets. Default value -false. If false, and krb4_get_tickets is true, then login will get -the V5 tickets directly using the Kerberos V4 protocol directly. -This does not currently work with non MIT-V4 salt types -(such as the AFS3 salt type.) Note that if configuration parameter -is true, and the krb524d is not running, login will hang for -approximately a minute under Solaris, -due to a Solaris socket emulation bug. .IP krb_run_aklog Attempt to run aklog. Default value false. .IP aklog_path @@ -92,6 +75,3 @@ associated with .PP .SH SEE ALSO rlogind(8), rlogin(1), telnetd(8) -.SH BUGS -Should use a config file to select use of V5, V4, and AFS, as well as -policy for startup. diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c index 419f0e158..57680ad3c 100644 --- a/src/appl/bsd/login.c +++ b/src/appl/bsd/login.c @@ -32,10 +32,6 @@ char copyright[] = # login stanza krb5_get_tickets = 1 # use password to get v5 tickets - krb4_get_tickets = 0 - # use password to get v4 tickets - krb4_convert = 0 - # use kerberos conversion daemon to get v4 tickets krb_run_aklog = 0 # attempt to run aklog aklog_path = $(prefix)/bin/aklog @@ -46,14 +42,8 @@ char copyright[] = #define KRB5_GET_TICKETS int login_krb5_get_tickets = 1; -#ifdef KRB5_KRB4_COMPAT -#define KRB4_GET_TICKETS -int login_krb4_get_tickets = 0; -#define KRB4_CONVERT -int login_krb4_convert = 0; #define KRB_RUN_AKLOG int login_krb_run_aklog = 0; -#endif /* KRB5_KRB4_COMPAT */ int login_accept_passwd = 0; @@ -67,10 +57,6 @@ int login_accept_passwd = 0; * allows preauthenticated login as root) * login -e name (for pre-authenticated encrypted, must do term * negotiation) - * ifdef KRB4_KLOGIN - * login -k hostname (for Kerberos V4 rlogind with password access) - * login -K hostname (for Kerberos V4 rlogind with restricted access) - * endif KRB4_KLOGIN * * only one of: -r -f -e -k -K -F * only one of: -r -h -k -K @@ -159,44 +145,6 @@ typedef sigtype (*handler)(); #include "osconf.h" #endif /* KRB5_GET_TICKETS */ -#ifdef KRB4_KLOGIN -/* support for running under v4 klogind, -k -K flags */ -#define KRB4 -#endif - -#if (defined(KRB4_GET_TICKETS) || defined(KRB4_CONVERT)) -/* support for prompting for v4 initial tickets */ -#define KRB4 -#endif - -#ifdef KRB4 -#include -#include -#ifdef HAVE_KRB4_PROTO_H -#include -#endif -#include -#ifdef BIND_HACK -#include -#include -#endif /* BIND_HACK */ - -/* Hacks to maintain compatability with Athena libkrb*/ -#ifndef HAVE_KRB_SAVE_CREDENTIALS -#define krb_save_credentials save_credentials -#endif /*HAVE_KRB_SAVE_CREDENTIALS*/ - -#ifndef HAVE_KRB_GET_ERR_TEXT - -static const char *krb_get_err_text(kerror) - int kerror; -{ - return krb_err_txt[kerror]; -} - -#endif /*HAVE_KRB_GET_ERR_TEXT*/ -#endif /* KRB4 */ - #ifndef __STDC__ #ifndef volatile #define volatile @@ -302,13 +250,8 @@ char term[64], *username; -#ifdef KRB4 -#define KRB_ENVIRON "KRBTKFILE" /* Ticket file environment variable */ -#define KRB_TK_DIR "/tmp/tkt_" /* Where to put the ticket */ -#endif /* KRB4_GET_TICKETS */ - -#if defined(KRB4_GET_TICKETS) || defined(KRB5_GET_TICKETS) -#define MAXPWSIZE 128 /* Biggest string accepted for KRB4 +#ifdef KRB5_GET_TICKETS +#define MAXPWSIZE 128 /* Biggest string accepted for KRB5 passsword */ #endif @@ -353,12 +296,8 @@ static struct login_confs { } login_conf_set[] = { #ifdef KRB5_GET_TICKETS {"krb5_get_tickets", &login_krb5_get_tickets}, + {"krb_run_aklog", &login_krb_run_aklog}, #endif -#ifdef KRB5_KRB4_COMPAT - {"krb4_get_tickets", &login_krb4_get_tickets}, - {"krb4_convert", &login_krb4_convert}, - {"krb4_run_aklog", &login_krb_run_aklog}, -#endif /* KRB5_KRB4_COMPAT */ }; static char *conf_yes[] = { @@ -501,20 +440,8 @@ char ccfile[MAXPATHLEN+6]; /* FILE:path+\0 */ int krbflag; /* set if tickets have been obtained */ #endif /* KRB5_GET_TICKETS */ -#ifdef KRB4_GET_TICKETS -static int got_v4_tickets; -AUTH_DAT *kdata = (AUTH_DAT *) NULL; -char tkfile[MAXPATHLEN]; -#endif - -#ifdef KRB4_GET_TICKETS -static void k_init (ttyn, realm) - char *ttyn; - char *realm; -#else void k_init (ttyn) char *ttyn; -#endif { #ifdef KRB5_GET_TICKETS krb5_error_code retval; @@ -541,22 +468,6 @@ void k_init (ttyn) } #endif -#ifdef KRB4_GET_TICKETS - if (krb_get_lrealm(realm, 1) != KSUCCESS) { - strncpy(realm, KRB_REALM, sizeof(realm)); - realm[sizeof(realm) - 1] = '\0'; - } - if (login_krb4_get_tickets || login_krb4_convert) { - /* Set up the ticket file environment variable */ - strncpy(tkfile, KRB_TK_DIR, sizeof(tkfile)); - tkfile[sizeof(tkfile) - 1] = '\0'; - strncat(tkfile, strrchr(ttyn, '/')+1, - sizeof(tkfile) - strlen(tkfile)); - (void) unlink (tkfile); - setenv(KRB_ENVIRON, tkfile, 1); - } -#endif - #ifdef BIND_HACK /* Set name server timeout to be reasonable, so that people don't take 5 minutes to @@ -637,236 +548,8 @@ static int have_v5_tickets (me) } #endif /* KRB5_GET_TICKETS */ -#ifdef KRB4_CONVERT -static int -try_convert524(kctx, me, use_ccache) - krb5_context kctx; - krb5_principal me; - int use_ccache; -{ - krb5_principal kpcserver; - krb5_error_code kpccode; - int kpcval; - krb5_creds increds, *v5creds; - CREDENTIALS v4creds; - - - /* If we have forwarded v5 tickets, retrieve the credentials from - * the cache; otherwise, the v5 credentials are in my_creds. - */ - if (use_ccache) { - /* cc->ccache, already set up */ - /* client->me, already set up */ - kpccode = krb5_build_principal(kctx, &kpcserver, - krb5_princ_realm(kctx, me)->length, - krb5_princ_realm(kctx, me)->data, - "krbtgt", - krb5_princ_realm(kctx, me)->data, - NULL); - if (kpccode) { - com_err("login/v4", kpccode, - "while creating service principal name"); - return 0; - } - - memset((char *) &increds, 0, sizeof(increds)); - increds.client = me; - increds.server = kpcserver; - increds.times.endtime = 0; - increds.keyblock.enctype = ENCTYPE_DES_CBC_CRC; - kpccode = krb5_get_credentials(kctx, 0, ccache, - &increds, &v5creds); - krb5_free_principal(kctx, kpcserver); - increds.server = NULL; - if (kpccode) { - com_err("login/v4", kpccode, "getting V5 credentials"); - return 0; - } - - kpccode = krb524_convert_creds_kdc(kctx, v5creds, &v4creds); - krb5_free_creds(kctx, v5creds); - } else - kpccode = krb524_convert_creds_kdc(kctx, &my_creds, &v4creds); - if (kpccode) { - com_err("login/v4", kpccode, "converting to V4 credentials"); - return 0; - } - /* this is stolen from the v4 kinit */ - /* initialize ticket cache */ - if ((kpcval = in_tkt(v4creds.pname,v4creds.pinst) - != KSUCCESS)) { - com_err("login/v4", kpcval, - "trying to create the V4 ticket file"); - return 0; - } - /* stash ticket, session key, etc. for future use */ - if ((kpcval = krb_save_credentials(v4creds.service, - v4creds.instance, - v4creds.realm, - v4creds.session, - v4creds.lifetime, - v4creds.kvno, - &(v4creds.ticket_st), - v4creds.issue_date))) { - com_err("login/v4", kpcval, - "trying to save the V4 ticket"); - return 0; - } - got_v4_tickets = 1; - strncpy(tkfile, tkt_string(), sizeof(tkfile)); - tkfile[sizeof(tkfile) - 1] = '\0'; - return 1; -} -#endif - -#ifdef KRB4_GET_TICKETS -static int -try_krb4 (user_pwstring, realm) - char *user_pwstring; - char *realm; -{ - int krbval, kpass_ok = 0; - - krbval = krb_get_pw_in_tkt(username, "", realm, - "krbtgt", realm, - DEFAULT_TKT_LIFE, - user_pwstring); - - switch (krbval) { - case INTK_OK: - kpass_ok = 1; - krbflag = 1; - strncpy(tkfile, tkt_string(), sizeof(tkfile)); - tkfile[sizeof(tkfile) - 1] = '\0'; - break; - /* These errors should be silent */ - /* So the Kerberos database can't be probed */ - case KDC_NULL_KEY: - case KDC_PR_UNKNOWN: - case INTK_BADPW: - case KDC_PR_N_UNIQUE: - case -1: - break; -#if 0 /* I want to see where INTK_W_NOTALL comes from before letting - kpass_ok be set in that case. KR */ - /* These should be printed but are not fatal */ - case INTK_W_NOTALL: - krbflag = 1; - kpass_ok = 1; - fprintf(stderr, "Kerberos error: %s\n", - krb_get_err_text(krbval)); - break; -#endif - default: - fprintf(stderr, "Kerberos error: %s\n", - krb_get_err_text(krbval)); - break; - } - got_v4_tickets = kpass_ok; - return kpass_ok; -} -#endif /* KRB4_GET_TICKETS */ - /* Kerberos ticket-handling routines */ -#ifdef KRB4_GET_TICKETS -/* call already conditionalized on login_krb4_get_tickets */ -/* - * Verify the Kerberos ticket-granting ticket just retrieved for the - * user. If the Kerberos server doesn't respond, assume the user is - * trying to fake us out (since we DID just get a TGT from what is - * supposedly our KDC). If the rcmd. service is unknown (i.e., - * the local srvtab doesn't have it), let her in. - * - * Returns 1 for confirmation, -1 for failure, 0 for uncertainty. - */ -static int verify_krb_v4_tgt (realm) - char *realm; -{ - char hostname[MAXHOSTNAMELEN], phost[BUFSIZ]; - struct hostent *hp; - KTEXT_ST ticket; - AUTH_DAT authdata; - unsigned KRB4_32 addr; - static /*const*/ char rcmd_str[] = "rcmd"; -#if 0 - char key[8]; -#endif - int krbval, retval, have_keys; - - if (gethostname(hostname, sizeof(hostname)) == -1) { - perror ("cannot retrieve local hostname"); - return -1; - } - strncpy (phost, krb_get_phost (hostname), sizeof (phost)); - phost[sizeof(phost)-1] = 0; - hp = gethostbyname (hostname); - if (!hp) { - perror ("cannot retrieve local host address"); - return -1; - } - memcpy ((char *) &addr, (char *)hp->h_addr, sizeof (addr)); - /* Do we have rcmd. keys? */ -#if 0 /* Be paranoid. If srvtab exists, assume it must contain the - right key. The more paranoid mode also helps avoid a - possible DNS spoofing issue. */ - have_keys = read_service_key (rcmd_str, phost, realm, 0, KEYFILE, key) - ? 0 : 1; - memset (key, 0, sizeof (key)); -#else - have_keys = 0 == access (KEYFILE, F_OK); -#endif - krbval = krb_mk_req (&ticket, rcmd_str, phost, realm, 0); - if (krbval == KDC_PR_UNKNOWN) { - /* - * Our rcmd. principal isn't known -- just assume valid - * for now? This is one case that the user _could_ fake out. - */ - if (have_keys) - return -1; - else - return 0; - } - else if (krbval != KSUCCESS) { - printf ("Unable to verify Kerberos TGT: %s\n", - krb_get_err_text(krbval)); -#ifndef SYSLOG42 - syslog (LOG_NOTICE|LOG_AUTH, "Kerberos TGT bad: %s", - krb_get_err_text(krbval)); -#endif - return -1; - } - /* got ticket, try to use it */ - krbval = krb_rd_req (&ticket, rcmd_str, phost, addr, &authdata, ""); - if (krbval != KSUCCESS) { - if (krbval == RD_AP_UNDEC && !have_keys) - retval = 0; - else { - retval = -1; - printf ("Unable to verify `rcmd' ticket: %s\n", - krb_get_err_text(krbval)); - } -#ifndef SYSLOG42 - syslog (LOG_NOTICE|LOG_AUTH, "can't verify rcmd ticket: %s;%s\n", - krb_get_err_text(krbval), - retval - ? "srvtab found, assuming failure" - : "no srvtab found, assuming success"); -#endif - goto EGRESS; - } - /* - * The rcmd. ticket has been received _and_ verified. - */ - retval = 1; - /* do cleanup and return */ -EGRESS: - memset (&ticket, 0, sizeof (ticket)); - memset (&authdata, 0, sizeof (authdata)); - return retval; -} -#endif /* KRB4_GET_TICKETS */ - static void destroy_tickets() { #ifdef KRB5_GET_TICKETS @@ -877,10 +560,6 @@ static void destroy_tickets() krb5_cc_destroy (kcontext, cache); } #endif -#ifdef KRB4_GET_TICKETS - if (login_krb4_get_tickets || login_krb4_convert) - dest_tkt(); -#endif /* KRB4_GET_TICKETS */ } /* AFS support routines */ @@ -927,15 +606,15 @@ static int try_afscall (scall) static void afs_login () { -#if defined(KRB4_GET_TICKETS) && defined(SETPAG) - if (login_krb4_get_tickets && pwd->pw_uid) { +#if defined(SETPAG) + if (login_krb5_get_tickets && pwd->pw_uid) { /* Only reset the pag for non-root users. */ /* This allows root to become anything. */ pagflag = try_setpag (); } #endif #ifdef KRB_RUN_AKLOG - if (got_v4_tickets && login_krb_run_aklog) { + if (got_v5_tickets && login_krb_run_aklog) { /* KPROGDIR is $(prefix)/bin */ char aklog_path[MAXPATHLEN]; struct stat st; @@ -1047,10 +726,6 @@ int main(argc, argv) krb5_principal me; krb5_creds save_v5creds; krb5_ccache xtra_creds = NULL; -#endif -#ifdef KRB4_GET_TICKETS - CREDENTIALS save_v4creds; - char realm[REALM_SZ]; #endif char *ccname = 0; /* name of forwarded cache */ char *tz = 0; @@ -1080,9 +755,6 @@ int main(argc, argv) * login as root. * -h is used by other servers to pass the name of the * remote host to login so that it may be placed in utmp and wtmp - * -k is used by klogind to cause the Kerberos V4 autologin protocol; - * -K is used by klogind to cause the Kerberos V4 autologin - * protocol with restricted access. */ (void)gethostname(tbuf, sizeof(tbuf)); domain = strchr(tbuf, '.'); @@ -1133,33 +805,6 @@ int main(argc, argv) *p = '\0'; hostname = optarg; break; -#ifdef KRB4_KLOGIN - case 'k': - case 'K': - EXCL_AUTH_TEST; - EXCL_HOST_TEST; - if (getuid()) { - fprintf(stderr, - "login: -%c for super-user only.\n", ch); - exit(1); - } - /* "-k hostname" must be last args */ - if (optind != argc) { - fprintf(stderr, "Syntax error.\n"); - exit(1); - } - if (ch == 'K') - Kflag = 1; - else - kflag = 1; - passwd_req = (do_krb_login(optarg, Kflag ? 1 : 0) == -1); - if (domain && - (p = strchr(optarg, '.')) && - (!strcmp(p, domain))) - *p = '\0'; - hostname = optarg; - break; -#endif /* KRB4_KLOGIN */ case 'e': EXCL_AUTH_TEST; if (getuid()) { @@ -1243,18 +888,13 @@ int main(argc, argv) ask for username if we don't have it already look it up in local pw or shadow file (to get crypt string) ask for password - try and get v4, v5 tickets with it + try and get v5 tickets with it try and use the tickets against the local srvtab if the password matches, always let them in if the ticket decrypts, let them in. - v5 needs to work, does v4? */ -#ifdef KRB4_GET_TICKETS - k_init (ttyn, realm); -#else k_init (ttyn); -#endif for (cnt = 0;; username = NULL) { #ifdef KRB5_GET_TICKETS @@ -1293,17 +933,6 @@ int main(argc, argv) if (!unix_needs_passwd()) break; - /* we have several sets of code: - 1) get v5 tickets alone -DKRB5_GET_TICKETS - 2) get v4 tickets alone [** don't! only get them *with* v5 **] - 3) get both tickets -DKRB5_GET_TICKETS -DKRB4_GET_TICKETS - 3a) use krb524 calls to get the v4 tickets -DKRB4_CONVERT plus (3). - 4) get no tickets and use the password file (none of thes defined.) - - Likewise we need to (optionally?) test these tickets against - local srvtabs. - */ - #ifdef KRB5_GET_TICKETS if (login_krb5_get_tickets) { /* rename these to something more verbose */ @@ -1325,16 +954,7 @@ int main(argc, argv) if (pwd->pw_uid != 0) { /* Don't get tickets for root */ try_krb5(&me, user_pwstring); -#ifdef KRB4_GET_TICKETS - if (login_krb4_get_tickets && - !(got_v5_tickets && login_krb4_convert)) - try_krb4(user_pwstring, realm); -#endif - krbflag = (got_v5_tickets -#ifdef KRB4_GET_TICKETS - || got_v4_tickets -#endif - ); + krbflag = got_v5_tickets; memset (user_pwstring, 0, sizeof(user_pwstring)); /* password wiped, so we can relax */ setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); @@ -1371,13 +991,6 @@ int main(argc, argv) break; /* we're ok */ } } -#ifdef KRB4_GET_TICKETS - else if (got_v4_tickets) { - if (login_krb4_get_tickets && - (verify_krb_v4_tgt(realm) != -1)) - break; /* we're ok */ - } -#endif /* KRB4_GET_TICKETS */ bad_login: setpriority(PRIO_PROCESS, 0, 0 + PRIO_OFFSET); @@ -1481,21 +1094,10 @@ int main(argc, argv) forwarded_v5_tickets = 1; #endif /* KRB5_GET_TICKETS */ -#if defined(KRB5_GET_TICKETS) && defined(KRB4_CONVERT) - if (login_krb4_convert && !got_v4_tickets) { - if (got_v5_tickets||forwarded_v5_tickets) - try_convert524(kcontext, me, forwarded_v5_tickets); - } -#endif - #ifdef KRB5_GET_TICKETS if (login_krb5_get_tickets) dofork(); #endif -#ifdef KRB4_GET_TICKETS - else if (login_krb4_get_tickets) - dofork(); -#endif /* If the user's shell does not do job control we should put it in a different process group than than us, and set the tty process group @@ -1552,17 +1154,16 @@ int main(argc, argv) (void) initgroups(username, pwd->pw_gid); /* - * The V5 ccache and V4 ticket file are both created as root. - * They need to be owned by the user, and chown (a) assumes - * they are stored in a file and (b) allows a race condition - * in which a user can delete the file (if the directory - * sticky bit is not set) and make it a symlink to somewhere - * else; on some platforms, chown() on a symlink actually - * changes the owner of the pointed-to file. This is Bad. + * The V5 ccache is created as root. It needs to be owned by the + * user, and chown (a) assumes they are stored in a file and (b) + * allows a race condition in which a user can delete the file (if + * the directory sticky bit is not set) and make it a symlink to + * somewhere else; on some platforms, chown() on a symlink + * actually changes the owner of the pointed-to file. This is + * Bad. * - * So, we suck the V5 and V4 krbtgts into memory here, destroy - * the ccache/ticket file, and recreate them later after the - * setuid. + * So, we suck the V5 krbtgt into memory here, destroy the + * ccache/ticket file, and recreate them later after the setuid. * * With the new v5 api, v5 tickets are kept in memory until written * out after the setuid. However, forwarded tickets still @@ -1606,28 +1207,10 @@ int main(argc, argv) } #endif /* KRB5_GET_TICKETS */ -#ifdef KRB4_GET_TICKETS - if (got_v4_tickets) { - memset(&save_v4creds, 0, sizeof(save_v4creds)); - - retval = krb_get_cred("krbtgt", realm, realm, &save_v4creds); - if (retval != KSUCCESS) { - syslog(LOG_ERR, - "%s while retrieving V4 initial ticket for copy", - error_message(retval)); - rewrite_ccache = 0; - } - } -#endif /* KRB4_GET_TICKETS */ - #ifdef KRB5_GET_TICKETS if (forwarded_v5_tickets) destroy_tickets(); #endif -#ifdef KRB4_GET_TICKETS - else if (got_v4_tickets) - destroy_tickets(); -#endif #ifdef OQUOTA quota(Q_DOWARN, pwd->pw_uid, (dev_t)-1, 0); @@ -1702,29 +1285,6 @@ int main(argc, argv) } #endif /* KRB5_GET_TICKETS */ -#ifdef KRB4_GET_TICKETS - if (got_v4_tickets && rewrite_ccache) { - if ((retval = in_tkt(save_v4creds.pname, save_v4creds.pinst)) - != KSUCCESS) { - syslog(LOG_ERR, - "%s while re-initializing V4 ticket cache as user", - error_message((retval == -1)?errno:retval)); - } else if ((retval = krb_save_credentials(save_v4creds.service, - save_v4creds.instance, - save_v4creds.realm, - save_v4creds.session, - save_v4creds.lifetime, - save_v4creds.kvno, - &(save_v4creds.ticket_st), - save_v4creds.issue_date)) - != KSUCCESS) { - syslog(LOG_ERR, - "%s while re-storing V4 tickets as user", - error_message(retval)); - } - } -#endif /* KRB4_GET_TICKETS */ - if (*pwd->pw_shell == '\0') pwd->pw_shell = BSHELL; @@ -1779,12 +1339,6 @@ int main(argc, argv) if (term[0]) (void)setenv("TERM", term, 0); -#ifdef KRB4_GET_TICKETS - /* tkfile[0] is only set if we got tickets above */ - if (login_krb4_get_tickets && tkfile[0]) - (void) setenv(KRB_ENVIRON, tkfile, 1); -#endif /* KRB4_GET_TICKETS */ - #ifdef KRB5_GET_TICKETS /* ccfile[0] is only set if we got tickets above */ if (login_krb5_get_tickets && ccfile[0]) { @@ -1796,33 +1350,6 @@ int main(argc, argv) if (tty[sizeof("tty")-1] == 'd') syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); if (pwd->pw_uid == 0) -#ifdef KRB4_KLOGIN - if (kdata) { - if (hostname) { - char buf[BUFSIZ]; -#ifdef UT_HOSTSIZE - (void) snprintf(buf, sizeof(buf), - "ROOT LOGIN (krb) %s from %.*s, %s.%s@%s", - tty, UT_HOSTSIZE, hostname, - kdata->pname, kdata->pinst, - kdata->prealm); -#else - (void) snprintf(buf, sizeof(buf), - "ROOT LOGIN (krb) %s from %s, %s.%s@%s", - tty, hostname, - kdata->pname, kdata->pinst, - kdata->prealm); -#endif - syslog(LOG_NOTICE, "%s", buf); - } else { - syslog(LOG_NOTICE, - "ROOT LOGIN (krb) %s, %s.%s@%s", - tty, - kdata->pname, kdata->pinst, - kdata->prealm); - } - } else -#endif /* KRB4_KLOGIN */ { if (hostname) { #ifdef UT_HOSTSIZE @@ -1840,10 +1367,6 @@ int main(argc, argv) afs_login(); if (!quietlog) { -#ifdef KRB4_KLOGIN - if (!krbflag && !fflag && !eflag ) - printf("\nWarning: No Kerberos tickets obtained.\n\n"); -#endif /* KRB4_KLOGIN */ motd(); check_mail(); } @@ -2218,100 +1741,6 @@ int doremotelogin(host) return(ruserok(host, (pwd->pw_uid == 0), rusername, username)); } -#ifdef KRB4_KLOGIN -int do_krb_login(host, strict) - char *host; - int strict; -{ - int rc; - struct sockaddr_in sin; - char instance[INST_SZ], version[9]; - long authoptions = 0L; - struct hostent *hp = gethostbyname(host); - static char lusername[UT_NAMESIZE+1]; - - /* - * Kerberos autologin protocol. - */ - - (void) memset((char *) &sin, 0, (int) sizeof(sin)); - - if (hp) - (void) memcpy ((char *)&sin.sin_addr, hp->h_addr, - sizeof(sin.sin_addr)); - else - sin.sin_addr.s_addr = inet_addr(host); - - if ((hp == NULL) && (sin.sin_addr.s_addr == -1)) { - printf("Hostname did not resolve to an address, so Kerberos authentication failed\r\n"); - /* - * No host addr prevents auth, so - * punt krb and require password - */ - if (strict) { - goto paranoid; - } else { - pwd = NULL; - return(-1); - } - } - - kdata = (AUTH_DAT *)malloc( sizeof(AUTH_DAT) ); - ticket = (KTEXT) malloc(sizeof(KTEXT_ST)); - - (void) strlcpy(instance, "*", sizeof(instance)); - if ((rc=krb_recvauth(authoptions, 0, ticket, "rcmd", - instance, &sin, - (struct sockaddr_in *)0, - kdata, "", (bit_64 *) 0, version))) { - printf("Kerberos rlogin failed: %s\r\n",krb_get_err_text(rc)); - if (strict) { -paranoid: - /* - * Paranoid hosts, such as a Kerberos server, - * specify the Klogind daemon to disallow - * even password access here. - */ - printf("Sorry, you must have Kerberos authentication to access this host.\r\n"); - exit(1); - } - } - (void) lgetstr(lusername, sizeof (lusername), "Local user"); - (void) lgetstr(term, sizeof(term), "Terminal type"); - username = lusername; - if (getuid()) { - pwd = NULL; - return(-1); - } - pwd = getpwnam(lusername); - if (pwd == NULL) { - pwd = NULL; - return(-1); - } - - /* - * if Kerberos login failed because of an error in krb_recvauth, - * return the indication of a bad attempt. User will be prompted - * for a password. We CAN'T check the .rhost file, because we need - * the remote username to do that, and the remote username is in the - * Kerberos ticket. This affects ONLY the case where there is - * Kerberos on both ends, but Kerberos fails on the server end. - */ - if (rc) { - return(-1); - } - - if ((rc=kuserok(kdata,lusername))) { - printf("login: %s has not given you permission to login without a password.\r\n",lusername); - if (strict) { - exit(1); - } - return(-1); - } - return(0); -} -#endif /* KRB4_KLOGIN */ - void lgetstr(buf, cnt, err) char *buf, *err; int cnt; @@ -2335,15 +1764,11 @@ void lgetstr(buf, cnt, err) void sleepexit(eval) int eval; { -#ifdef KRB4_GET_TICKETS - if (login_krb4_get_tickets && krbflag) - (void) destroy_tickets(); -#endif /* KRB4_GET_TICKETS */ sleep((u_int)5); exit(eval); } -#if defined(KRB4_GET_TICKETS) || defined(KRB5_GET_TICKETS) +#ifdef KRB5_GET_TICKETS static int hungup = 0; static sigtype @@ -2351,7 +1776,7 @@ sighup() { hungup = 1; } -/* call already conditionalized on login_krb4_get_tickets */ +/* call already conditionalized on login_krb5_get_tickets */ /* * This routine handles cleanup stuff, and the like. * It exits only in the child process. @@ -2436,7 +1861,7 @@ dofork() /* Leave */ exit(0); } -#endif /* KRB4_GET_TICKETS */ +#endif /* KRB5_GET_TICKETS */ #ifndef HAVE_STRSAVE diff --git a/src/appl/bsd/rlogin.M b/src/appl/bsd/rlogin.M index e2597823e..595884280 100644 --- a/src/appl/bsd/rlogin.M +++ b/src/appl/bsd/rlogin.M @@ -25,7 +25,7 @@ rlogin \- remote login .I rhost [\fB\-e\fP\fI\|c\fP] [\fB\-8\fP] [\fB\-c\fP] [ \fB\-a\fP] [\fB\-f\fP] [\fB\-F\fP] [\fB\-t\fP \fItermtype\fP] [\fB\-n\fP] [\fB\-7\fP] -[\fB\-PN | \-PO\fP] [\fB\-4\fP] +[\fB\-PN | \-PO\fP] [\fB\-d\fP] [\fB\-k\fP \fIrealm\fP] [\fB\-x\fP] [\fB\-L\fP] [\fB\-l\fP \fIusername\fP] .PP @@ -145,9 +145,6 @@ old one, but is not interoperable with older servers. (An "input/output error" and a closed connection is the most likely result of attempting this combination.) If neither option is specified, some simple heuristics are used to guess which to try. -.TP -\fB\-4\fP -Use Kerberos V4 authentication only; don't try Kerberos V5. .SH SEE ALSO rsh(1), kerberos(1), krb_sendauth(3), krb_realmofhost(3), rlogin(1) [UCB version], klogind(8) diff --git a/src/appl/bsd/v4rcp.M b/src/appl/bsd/v4rcp.M deleted file mode 100644 index 97721a801..000000000 --- a/src/appl/bsd/v4rcp.M +++ /dev/null @@ -1,52 +0,0 @@ -.\" appl/bsd/v4rcp.M -.TH V4RCP 1 -.SH NAME -v4rcp \- back end for Kerberos V4 rcp -.SH SYNOPSIS -.B v4rcp -.I not invoked by users -.SH DESCRIPTION -This program is -.B not -for user execution. The usage message indicates this. -.PP -Kerberos Version 4 -.I rsh -did not support encryption. In order to perform -encrypted file transfer, the version 4 -.I rcp -program did a second authentication, directly to the -.I rcp -process at the other end. This meant that -.I rcp -needed to be -.IR setuid -to root in order to read the -.IR krb-srvtab -file on the remote end. -.PP -Rather than add this complexity into the main Kerberos 5 -.I rcp -the Kerberos 5 -.I kshd -instead detects the use of Kerberos 4 authentication, and checks the -command for the program name -.I rcp -and then substitutes the full pathname of -.I v4rcp -instead. Since -.I v4rcp -is installed -.IR setuid -to root, it can perform the the authentication and get the session key -needed to encrypt the file transfer. -.PP -Kerberos 5 -.I rcp -instead uses the encryption support built in to Kerberos 5 -.I rsh -and -.I kshd -directly. -.SH SEE ALSO -rsh(1), rcp(1), kshd(8) diff --git a/src/appl/bsd/v4rcp.c b/src/appl/bsd/v4rcp.c deleted file mode 100644 index 85357e997..000000000 --- a/src/appl/bsd/v4rcp.c +++ /dev/null @@ -1,1110 +0,0 @@ -/* Stripped down Kerberos V4 rcp, for server-side use only */ -/* based on Cygnus CNS V4-96q1 src/appl/bsd/rcp.c. */ - -/* - * rcp.c - */ - -/* - * Copyright (c) 1983 The Regents of the University of California. - * All rights reserved. - * - * Redistribution and use in source and binary forms are permitted - * provided that the above copyright notice and this paragraph are - * duplicated in all such forms and that any documentation, - * advertising materials, and other materials related to such - * distribution and use acknowledge that the software was developed - * by the University of California, Berkeley. The name of the - * University may not be used to endorse or promote products derived - * from this software without specific prior written permission. - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifndef lint -char copyright[] = -"@(#) Copyright (c) 1983 The Regents of the University of California.\n\ - All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -static char sccsid[] = "@(#)rcp.c 5.10 (Berkeley) 9/20/88"; -#endif /* not lint */ - -/* - * rcp - */ -#ifdef KERBEROS -#include "k5-int.h" -#include -#include -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_STDLIB_H -#include -#endif -#include -#include -#include -#ifndef KERBEROS -/* Ultrix doesn't protect it vs multiple inclusion, and krb.h includes it */ -#include -#endif -#include -#include -#include -#ifdef NEED_SYS_FCNTL_H -#include -#endif -#include - -#include -#include -#include -#include -#include -#include -#ifndef KERBEROS -/* Ultrix doesn't protect it vs multiple inclusion, and krb.h includes it */ -#include -#endif -#include -#include - -#include "port-sockets.h" - -#ifdef KERBEROS -#include -#include - - -void sink(int, char **), source(int, char **), - rsource(char *, struct stat *), usage(void); -/*VARARGS*/ -void error (char *fmt, ...) -#if !defined (__cplusplus) && (__GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7)) - __attribute__ ((__format__ (__printf__, 1, 2))) -#endif - ; -int response(void); -#if !defined(HAVE_UTIMES) -int utimes(); -#endif - - -#if 0 -#include -#else -/* we don't have full kstream in v5, so fake it... */ - -typedef struct { - int encrypting; - int read_fd, write_fd; - des_key_schedule *sched; - des_cblock *ivec; - /* used on the read side */ - char *inbuf; - char *outbuf; - int writelen; - char* retbuf; - int retbuflen; - int retlen; - int returned; -} *kstream; - -static kstream kstream_create_rcp_from_fd(read_fd, write_fd, sched, ivec) - int read_fd, write_fd; - des_key_schedule *sched; - des_cblock *ivec; -{ - kstream tmp = (kstream)malloc(sizeof(*tmp)); - if (tmp == NULL) - return NULL; - tmp->encrypting = 1; - tmp->read_fd = read_fd; - tmp->write_fd = write_fd; - /* they're static in this file, so just hang on to the pointers */ - tmp->sched = sched; - tmp->ivec = ivec; - tmp->inbuf = 0; - tmp->outbuf = 0; - tmp->writelen = 0; - tmp->retbuf = 0; - tmp->retbuflen = 0; - tmp->returned = 0; - tmp->retlen = 0; - return tmp; -} - -static kstream kstream_create_from_fd(read_fd, write_fd, sched, session) - int read_fd, write_fd; - Key_schedule *sched; - des_cblock *session; -{ - /* just set it up... */ - kstream tmp = (kstream)malloc(sizeof(*tmp)); - if (tmp == NULL) - return NULL; - tmp->encrypting = 0; - tmp->read_fd = read_fd; - tmp->write_fd = write_fd; - return tmp; -} - - -/* always set to 0 here anyway */ -#define kstream_set_buffer_mode(x,y) - -static int kstream_read(krem, buf, len) - kstream krem; - char *buf; - unsigned int len; -{ - if(krem->encrypting) { - /* when we get a length, we have to read the whole block. However, - we have to hand it to the user in the chunks they want, which - may be smaller if BUFSIZ doesn't match. [the caller can deal if - the incoming blocks are smaller...] */ - if (krem->returned) { - int remaining = krem->retlen - krem->returned; - int returning; - - if (remaining <= len) { - returning = remaining; - } else { - returning = len; - } - memcpy(buf, krem->retbuf+krem->returned, returning); - krem->returned += returning; - if (krem->returned == krem->retlen) krem->returned = 0; - - return returning; - } - - /* we need 4 bytes to get a length, and once we have that we know how - much to get to fill the buffer. Then we can hand back bits, or loop. */ - { - int cc; - unsigned char clen[4]; - unsigned int x = 0; - unsigned int sz, off; - - cc = read(krem->read_fd, clen, 4); - if (cc != 4) return cc; - x <<= 8; x += clen[0] & 0xff; - x <<= 8; x += clen[1] & 0xff; - x <<= 8; x += clen[2] & 0xff; - x <<= 8; x += clen[3] & 0xff; - sz = (x + 7) & (~7U); - - if (krem->retbuflen < sz) { - if (krem->retbuflen == 0) - krem->retbuf = (char*)malloc(sz>(BUFSIZ)?sz:(BUFSIZ)); - else - krem->retbuf = (char*)realloc(krem->retbuf, sz); - if(!krem->retbuf) { errno = ENOMEM; return -1; } - krem->retbuflen = sz>(BUFSIZ)?sz:(BUFSIZ); - } - - /* get all of it */ - off = 0; - do { - cc = read(krem->read_fd, krem->retbuf+off, sz-off); - if (cc <= 0) return cc; - off += cc; - } while (off < sz); - - /* decrypt it */ - des_pcbc_encrypt ((des_cblock *)krem->retbuf, - (des_cblock *)krem->retbuf, - (int) sz, *krem->sched, krem->ivec, - DECRYPT); - - /* now retbuf has sz bytes, return len or x of them to the user */ - if (x <= len) { - memcpy(buf, krem->retbuf, x); - return x; - } else { - memcpy(buf, krem->retbuf, len); - /* defer the rest */ - krem->returned = len; - krem->retlen = x; - return len; - } - } - } else { - return read(krem->read_fd, buf, len); - } -} - -static int kstream_write(krem, buf, len) - kstream krem; - char *buf; - unsigned int len; -{ - if (krem->encrypting) { - unsigned long x; - int st; - unsigned int outlen = (len + 7) & (~7U); - - if (krem->writelen < outlen || krem->outbuf == 0) { - krem->inbuf = (char*)realloc(krem->inbuf, outlen ? outlen : 1); - krem->outbuf = (char*)realloc(krem->outbuf, outlen+8); - if(!krem->inbuf || !krem->outbuf) { errno = ENOMEM; return -1; } - krem->writelen = outlen; - } - - outlen = (len + 7) & (~7U); - - memcpy(krem->inbuf, buf, len); - krb5_random_confounder(outlen-len, krem->inbuf+len); - buf = krem->inbuf; - - x = len; - krem->outbuf[3+4] = x & 0xff; x >>= 8; - krem->outbuf[2+4] = x & 0xff; x >>= 8; - krem->outbuf[1+4] = x & 0xff; x >>= 8; - krem->outbuf[0+4] = x & 0xff; x >>= 8; - if (x) - abort (); - /* memset(outbuf+4+4, 0x42, BUFSIZ); */ - st = des_pcbc_encrypt ((des_cblock *)buf, (des_cblock *)(krem->outbuf+4+4), - (int) outlen, - *krem->sched, krem->ivec, ENCRYPT); - - if (st) abort(); - return write(krem->write_fd, krem->outbuf+4, 4+outlen); - } else { - return write(krem->write_fd, buf, len); - } -} - -/* 0 = stdin, read; 1 = stdout, write */ -#define rem 0,1 - -#endif - - -#ifdef _AUX_SOURCE -#define vfork fork -#endif -#ifdef NOVFORK -#define vfork fork -#endif - -#ifndef roundup -#define roundup(x,y) ((((x)+(y)-1)/(y))*(y)) -#endif - -int sock; -CREDENTIALS cred; -MSG_DAT msg_data; -struct sockaddr_in foreign, local; -Key_schedule schedule; - -KTEXT_ST ticket; -AUTH_DAT kdata; -static des_cblock crypt_session_key; -char krb_realm[REALM_SZ]; -char **save_argv(int, char **), *krb_realmofhost(); -#ifndef HAVE_STRSAVE -static char *strsave(char *); -#endif -#ifdef NOENCRYPTION -#define des_read read -#define des_write write -#else /* !NOENCRYPTION */ -void answer_auth(void); -int encryptflag = 0; -#endif /* NOENCRYPTION */ -#include "rpaths.h" -#else /* !KERBEROS */ -#define des_read read -#define des_write write -#endif /* KERBEROS */ - -kstream krem; -int errs; -krb5_sigtype lostconn(int); -int iamremote, targetshouldbedirectory; -int iamrecursive; -int pflag; -int force_net; -struct passwd *pwd; -int userid; -int port; - -char *getenv(); - -struct buffer { - int cnt; - char *buf; -} *allocbuf(struct buffer *, int, int); - -#define NULLBUF (struct buffer *) 0 - -#define ga() (void) kstream_write (krem, "", 1) - -int main(argc, argv) - int argc; - char **argv; -{ - char portarg[20], rcpportarg[20]; -#ifdef ATHENA - static char curhost[256]; -#endif /* ATHENA */ -#ifdef KERBEROS - char realmarg[REALM_SZ + 5]; -#endif /* KERBEROS */ - - portarg[0] = '\0'; - rcpportarg[0] = '\0'; - realmarg[0] = '\0'; - - pwd = getpwuid(userid = getuid()); - if (pwd == 0) { - fprintf(stderr, "who are you?\n"); - exit(1); - } - -#ifdef KERBEROS - krb_realm[0] = '\0'; /* Initially no kerberos realm set */ -#endif /* KERBEROS */ - for (argc--, argv++; argc > 0 && **argv == '-'; argc--, argv++) { - (*argv)++; - while (**argv) switch (*(*argv)++) { - - case 'r': - iamrecursive++; - break; - - case 'p': /* preserve mtimes and atimes */ - pflag++; - break; - - case 'P': /* Set port to use. */ - port = atoi(*argv); - snprintf(portarg, sizeof(portarg), " -p%d", port); - snprintf(rcpportarg, sizeof(rcpportarg), " -P%d", - port); - port = htons(port); - goto next_arg; - - case 'N': - /* Force use of network even on local machine. */ - force_net++; - break; - -#ifdef KERBEROS -#ifndef NOENCRYPTION - case 'x': - encryptflag++; - break; -#endif - case 'k': /* Change kerberos realm */ - argc--, argv++; - if (argc == 0) - usage(); - strncpy(krb_realm,*argv,REALM_SZ); - krb_realm[REALM_SZ-1] = 0; - snprintf(realmarg, sizeof(realmarg), " -k %s", - krb_realm); - goto next_arg; -#endif /* KERBEROS */ - /* The rest of these are not for users. */ - case 'd': - targetshouldbedirectory = 1; - break; - - case 'f': /* "from" */ - iamremote = 1; -#if defined(KERBEROS) && !defined(NOENCRYPTION) - if (encryptflag) { - answer_auth(); - krem = kstream_create_rcp_from_fd (rem, - &schedule, - &crypt_session_key); - } else - krem = kstream_create_from_fd (rem, 0, 0); - if (krem == NULL) { - error("rcp: out of memory\n"); - exit(1); - } - kstream_set_buffer_mode (krem, 0); -#endif /* KERBEROS && !NOENCRYPTION */ - (void) response(); - if (setuid(userid)) { - error("rcp: can't setuid(user)\n"); - exit(1); - } - source(--argc, ++argv); - exit(errs); - - case 't': /* "to" */ - iamremote = 1; -#if defined(KERBEROS) && !defined(NOENCRYPTION) - if (encryptflag) { - answer_auth(); - krem = kstream_create_rcp_from_fd (rem, - &schedule, - &crypt_session_key); - } else - krem = kstream_create_from_fd (rem, 0, 0); - if (krem == NULL) { - error("rcp: out of memory\n"); - exit(1); - } - kstream_set_buffer_mode (krem, 0); -#endif /* KERBEROS && !NOENCRYPTION */ - if (setuid(userid)) { - error("rcp: can't setuid(user)\n"); - exit(1); - } - sink(--argc, ++argv); - exit(errs); - - default: - usage(); - } -#ifdef KERBEROS - next_arg: ; -#endif /* KERBEROS */ - } - usage(); - return 1; -} - -static void verifydir(cp) - char *cp; -{ - struct stat stb; - - if (stat(cp, &stb) >= 0) { - if ((stb.st_mode & S_IFMT) == S_IFDIR) - return; - errno = ENOTDIR; - } - error("rcp: %s: %s.\n", cp, error_message(errno)); - exit(1); -} - -void source(argc, argv) - int argc; - char **argv; -{ - char *last, *name; - struct stat stb; - static struct buffer buffer; - struct buffer *bp; - int x, readerr, f; - unsigned int amt; - off_t i; - char buf[BUFSIZ]; - - for (x = 0; x < argc; x++) { - name = argv[x]; - if ((f = open(name, 0)) < 0) { - error("rcp: %s: %s\n", name, error_message(errno)); - continue; - } - if (fstat(f, &stb) < 0) - goto notreg; - switch (stb.st_mode&S_IFMT) { - - case S_IFREG: - break; - - case S_IFDIR: - if (iamrecursive) { - (void) close(f); - rsource(name, &stb); - continue; - } - /* fall into ... */ - default: -notreg: - (void) close(f); - error("rcp: %s: not a plain file\n", name); - continue; - } - last = strrchr(name, '/'); - if (last == 0) - last = name; - else - last++; - if (pflag) { - /* - * Make it compatible with possible future - * versions expecting microseconds. - */ - (void) snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n", - stb.st_mtime, stb.st_atime); - kstream_write (krem, buf, strlen (buf)); - if (response() < 0) { - (void) close(f); - continue; - } - } - (void) snprintf(buf, sizeof(buf), "C%04o %ld %s\n", - (unsigned int) stb.st_mode&07777, - (long) stb.st_size, last); - kstream_write (krem, buf, strlen (buf)); - if (response() < 0) { - (void) close(f); - continue; - } - if ((bp = allocbuf(&buffer, f, BUFSIZ)) == NULLBUF) { - (void) close(f); - continue; - } - readerr = 0; - for (i = 0; i < stb.st_size; i += bp->cnt) { - amt = bp->cnt; - if (i + amt > stb.st_size) - amt = stb.st_size - i; - if (readerr == 0 && read(f, bp->buf, amt) != amt) - readerr = errno; - kstream_write (krem, bp->buf, amt); - } - (void) close(f); - if (readerr == 0) - ga(); - else - error("rcp: %s: %s\n", name, error_message(readerr)); - (void) response(); - } -} - -#ifndef USE_DIRENT_H -#include -#else -#include -#endif - -void rsource(name, statp) - char *name; - struct stat *statp; -{ - DIR *d = opendir(name); - char *last; - char buf[BUFSIZ]; - char *bufv[1]; -#ifdef USE_DIRENT_H - struct dirent *dp; -#else - struct direct *dp; -#endif - - if (d == 0) { - error("rcp: %s: %s\n", name, error_message(errno)); - return; - } - last = strrchr(name, '/'); - if (last == 0) - last = name; - else - last++; - if (pflag) { - (void) snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n", - statp->st_mtime, statp->st_atime); - kstream_write (krem, buf, strlen (buf)); - if (response() < 0) { - closedir(d); - return; - } - } - (void) sprintf(buf, sizeof(buf), "D%04o %d %s\n", - (unsigned int) statp->st_mode&07777, 0, last); - kstream_write (krem, buf, strlen (buf)); - if (response() < 0) { - closedir(d); - return; - } - while ((dp = readdir(d))) { - if (dp->d_ino == 0) - continue; - if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) - continue; - if (strlen(name) + 1 + strlen(dp->d_name) >= BUFSIZ - 1) { - error("%s/%s: Name too long.\n", name, dp->d_name); - continue; - } - (void) snprintf(buf, sizeof(buf), "%s/%s", name, dp->d_name); - bufv[0] = buf; - source(1, bufv); - } - closedir(d); - kstream_write (krem, "E\n", 2); - (void) response(); -} - -int response() -{ - char resp, c, rbuf[BUFSIZ], *cp = rbuf; - - if (kstream_read (krem, &resp, 1) != 1) - lostconn(0); - switch (resp) { - - case 0: /* ok */ - return (0); - - default: - *cp++ = resp; - /* fall into... */ - case 1: /* error, followed by err msg */ - case 2: /* fatal error, "" */ - do { - if (kstream_read (krem, &c, 1) != 1) - lostconn(0); - *cp++ = c; - } while (cp < &rbuf[BUFSIZ] && c != '\n'); - if (iamremote == 0) - (void) write(2, rbuf, (unsigned) (cp - rbuf)); - errs++; - if (resp == 1) - return (-1); - exit(1); - } - /*NOTREACHED*/ - return -1; -} - -krb5_sigtype lostconn(signum) - int signum; -{ - - if (iamremote == 0) - fprintf(stderr, "rcp: lost connection\n"); - exit(1); -} - -#if !defined(HAVE_UTIMES) -#include -#include - -/* - * We emulate utimes() instead of utime() as necessary because - * utimes() is more powerful than utime(), and rcp actually tries to - * set the microsecond values; we don't want to take away - * functionality unnecessarily. - */ -int utimes(file, tvp) -const char *file; -struct timeval *tvp; -{ - struct utimbuf times; - - times.actime = tvp[0].tv_sec; - times.modtime = tvp[1].tv_sec; - return(utime(file, ×)); -} -#endif - -void sink(argc, argv) - int argc; - char **argv; -{ - off_t i, j; - char *targ, *whopp, *cp; - int of, wrerr, exists, first, amt; - mode_t mode; - unsigned int count; - off_t size; - struct buffer *bp; - static struct buffer buffer; - struct stat stb; - int targisdir = 0; - mode_t mask = umask(0); - char *myargv[1]; - char cmdbuf[BUFSIZ], nambuf[BUFSIZ]; - int setimes = 0; - struct timeval tv[2]; -#define atime tv[0] -#define mtime tv[1] -#define SCREWUP(str) { whopp = str; goto screwup; } - - if (!pflag) - (void) umask(mask); - if (argc != 1) { - error("rcp: ambiguous target\n"); - exit(1); - } - targ = *argv; - if (targetshouldbedirectory) - verifydir(targ); - ga(); - if (stat(targ, &stb) == 0 && (stb.st_mode & S_IFMT) == S_IFDIR) - targisdir = 1; - for (first = 1; ; first = 0) { - cp = cmdbuf; - if (kstream_read (krem, cp, 1) <= 0) - return; - if (*cp++ == '\n') - SCREWUP("unexpected '\\n'"); - do { - if (kstream_read(krem, cp, 1) != 1) - SCREWUP("lost connection"); - } while (*cp++ != '\n'); - *cp = 0; - if (cmdbuf[0] == '\01' || cmdbuf[0] == '\02') { - if (iamremote == 0) - (void) write(2, cmdbuf+1, strlen(cmdbuf+1)); - if (cmdbuf[0] == '\02') - exit(1); - errs++; - continue; - } - *--cp = 0; - cp = cmdbuf; - if (*cp == 'E') { - ga(); - return; - } - -#define getnum(t) (t) = 0; while (isdigit((int) *cp)) (t) = (t) * 10 + (*cp++ - '0'); - if (*cp == 'T') { - setimes++; - cp++; - getnum(mtime.tv_sec); - if (*cp++ != ' ') - SCREWUP("mtime.sec not delimited"); - getnum(mtime.tv_usec); - if (*cp++ != ' ') - SCREWUP("mtime.usec not delimited"); - getnum(atime.tv_sec); - if (*cp++ != ' ') - SCREWUP("atime.sec not delimited"); - getnum(atime.tv_usec); - if (*cp++ != '\0') - SCREWUP("atime.usec not delimited"); - ga(); - continue; - } - if (*cp != 'C' && *cp != 'D') { - /* - * Check for the case "rcp remote:foo\* local:bar". - * In this case, the line "No match." can be returned - * by the shell before the rcp command on the remote is - * executed so the ^Aerror_message convention isn't - * followed. - */ - if (first) { - error("%s\n", cp); - exit(1); - } - SCREWUP("expected control record"); - } - cp++; - mode = 0; - for (; cp < cmdbuf+5; cp++) { - if (*cp < '0' || *cp > '7') - SCREWUP("bad mode"); - mode = (mode << 3) | (*cp - '0'); - } - if (*cp++ != ' ') - SCREWUP("mode not delimited"); - size = 0; - while (isdigit((int) *cp)) - size = size * 10 + (*cp++ - '0'); - if (*cp++ != ' ') - SCREWUP("size not delimited"); - if (targisdir) { - if (strlen(targ) + strlen(cp) + 1 < sizeof(nambuf)) { - (void) snprintf(nambuf, sizeof(nambuf), - "%s%s%s", targ, - *targ ? "/" : "", cp); - } else { - SCREWUP("target directory name too long"); - } - } else { - if (strlen(targ) + 1 < sizeof(nambuf)) - (void) strncpy(nambuf, targ, sizeof(nambuf)-1); - else - SCREWUP("target pathname too long"); - } - nambuf[sizeof(nambuf)-1] = '\0'; - exists = stat(nambuf, &stb) == 0; - if (cmdbuf[0] == 'D') { - if (exists) { - if ((stb.st_mode&S_IFMT) != S_IFDIR) { - errno = ENOTDIR; - goto bad; - } - if (pflag) - (void) chmod(nambuf, mode); - } else if (mkdir(nambuf, mode) < 0) - goto bad; - myargv[0] = nambuf; - sink(1, myargv); - if (setimes) { - setimes = 0; - if (utimes(nambuf, tv) < 0) - error("rcp: can't set times on %s: %s\n", - nambuf, error_message(errno)); - } - continue; - } - if ((of = open(nambuf, O_WRONLY|O_CREAT|O_TRUNC, mode)) < 0) { - bad: - error("rcp: %s: %s\n", nambuf, error_message(errno)); - continue; - } -#ifdef NO_FCHMOD - if (exists && pflag) - (void) chmod(nambuf, mode); -#else - if (exists && pflag) - (void) fchmod(of, mode); -#endif - ga(); - if ((bp = allocbuf(&buffer, of, BUFSIZ)) == NULLBUF) { - (void) close(of); - continue; - } - cp = bp->buf; - count = 0; - wrerr = 0; - for (i = 0; i < size; i += BUFSIZ) { - amt = BUFSIZ; - if (i + amt > size) - amt = size - i; - count += amt; - do { - j = kstream_read(krem, cp, amt); - if (j <= 0) { - if (j == 0) - error("rcp: dropped connection"); - else - error("rcp: %s\n", - error_message(errno)); - exit(1); - } - amt -= j; - cp += j; - } while (amt > 0); - if (count == bp->cnt) { - if (wrerr == 0 && - write(of, bp->buf, count) != count) - wrerr++; - count = 0; - cp = bp->buf; - } - } - if (count != 0 && wrerr == 0 && - write(of, bp->buf, count) != count) - wrerr++; -#ifndef __SCO__ - if (ftruncate(of, size)) - error("rcp: can't truncate %s: %s\n", - nambuf, error_message(errno)); -#endif - (void) close(of); - (void) response(); - if (setimes) { - setimes = 0; - if (utimes(nambuf, tv) < 0) - error("rcp: can't set times on %s: %s\n", - nambuf, error_message(errno)); - } - if (wrerr) - error("rcp: %s: %s\n", nambuf, error_message(errno)); - else - ga(); - } -screwup: - error("rcp: protocol screwup: %s\n", whopp); - exit(1); -} - -struct buffer * -allocbuf(bp, fd, blksize) - struct buffer *bp; - int fd, blksize; -{ - int size; -#ifndef NOSTBLKSIZE - struct stat stb; - - if (fstat(fd, &stb) < 0) { - error("rcp: fstat: %s\n", error_message(errno)); - return (NULLBUF); - } - size = roundup(stb.st_blksize, blksize); - if (size == 0) -#endif - size = blksize; - if (bp->cnt < size) { - if (bp->buf != 0) - free(bp->buf); - bp->buf = (char *)malloc((unsigned) size); - if (bp->buf == 0) { - error("rcp: malloc: out of memory\n"); - return (NULLBUF); - } - } - bp->cnt = size; - return (bp); -} - -void -error(char *fmt, ...) -{ - va_list ap; - char buf[BUFSIZ], *cp = buf; - - va_start(ap, fmt); - - errs++; - *cp++ = 1; - (void) vsnprintf(cp, sizeof(buf) - (cp-buf), fmt, ap); - va_end(ap); - - if (krem) - (void) kstream_write(krem, buf, strlen(buf)); - if (iamremote == 0) - (void) write(2, buf+1, strlen(buf+1)); -} - -void usage() -{ - fprintf(stderr, -"v4rcp: this program only acts as a server, and is not for user function.\n"); - exit(1); -} - -#ifdef KERBEROS - -char ** -save_argv(argc, argv) -int argc; -char **argv; -{ - register int i; - - char **local_argv = (char **)calloc((unsigned) argc+1, - (unsigned) sizeof(char *)); - /* allocate an extra pointer, so that it is initialized to NULL - and execv() will work */ - for (i = 0; i < argc; i++) - local_argv[i] = strsave(argv[i]); - return(local_argv); -} - -#ifndef HAVE_STRSAVE -static char * -strsave(sp) -char *sp; -{ - register char *ret; - - ret = strdup(sp); - if (ret == NULL) { - fprintf(stderr, "rcp: no memory for saving args\n"); - exit(1); - } - return ret; -} -#endif - -#ifndef NOENCRYPTION -#undef rem -#define rem 0 - -void -answer_auth() -{ - int status; - long authopts = KOPT_DO_MUTUAL; - char instance[INST_SZ]; - char version[9]; - char *srvtab; - char *envaddr; - -#if 0 - int sin_len; - - sin_len = sizeof (struct sockaddr_in); - if (getpeername(rem, &foreign, &sin_len) < 0) { - perror("getpeername"); - exit(1); - } - - sin_len = sizeof (struct sockaddr_in); - if (getsockname(rem, &local, &sin_len) < 0) { - perror("getsockname"); - exit(1); - } -#else - if ((envaddr = getenv("KRB5LOCALADDR"))) { -#ifdef HAVE_INET_ATON - inet_aton(envaddr, &local.sin_addr); -#else - local.sin_addr.s_addr = inet_addr(envaddr); -#endif - local.sin_family = AF_INET; - envaddr = getenv("KRB5LOCALPORT"); - if (envaddr) - local.sin_port = htons(atoi(envaddr)); - else - local.sin_port = 0; - } else { - fprintf(stderr, "v4rcp: couldn't get local address (KRB5LOCALADDR)\n"); - exit(1); - } - if ((envaddr = getenv("KRB5REMOTEADDR"))) { -#ifdef HAVE_INET_ATON - inet_aton(envaddr, &foreign.sin_addr); -#else - foreign.sin_addr.s_addr = inet_addr(envaddr); -#endif - foreign.sin_family = AF_INET; - envaddr = getenv("KRB5REMOTEPORT"); - if (envaddr) - foreign.sin_port = htons(atoi(envaddr)); - else - foreign.sin_port = 0; - } else { - fprintf(stderr, "v4rcp: couldn't get remote address (KRB5REMOTEADDR)\n"); - exit(1); - } - -#endif - strlcpy(instance, "*", sizeof(instance)); - - /* If rshd was invoked with the -s argument, it will set the - environment variable KRB_SRVTAB. We use that to get the - srvtab file to use. If we do use the environment variable, - we reset to our real user ID (which will already have been - set up by rsh). Since rcp is setuid root, we would - otherwise have a security hole. If we are using the normal - srvtab (KEYFILE in krb.h, normally set to /etc/krb-srvtab), - we must keep our effective uid of root, because that file - can only be read by root. */ - srvtab = (char *) getenv("KRB_SRVTAB"); - if (srvtab == NULL) - srvtab = ""; - if (*srvtab != '\0') - (void) setuid (userid); - - if ((status = krb_recvauth(authopts, rem, &ticket, "rcmd", instance, - &foreign, - &local, - &kdata, - srvtab, - schedule, - version)) != KSUCCESS) { - fprintf(stderr, "krb_recvauth mutual fail: %s\n", - krb_get_err_text(status)); - exit(1); - } - memcpy(&crypt_session_key, &kdata.session, sizeof (crypt_session_key)); - return; -} -#endif /* !NOENCRYPTION */ - -#endif /* KERBEROS */ -- 2.26.2