From 9eada0d3f0b3773fb2dd2f221d9a12ec8c550cb6 Mon Sep 17 00:00:00 2001 From: Richard Basch Date: Sun, 21 Apr 1996 16:55:40 +0000 Subject: [PATCH] * krshd.c: If checksumming is required & ALWAYS_V5_KUSEROK is defined, incorrect messages were being displayed for V4 clients. Additionally, various errors were not being displayed with the trailing newline. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7852 dc483132-0cff-0310-8789-dd5450dbe970 --- src/appl/bsd/ChangeLog | 7 +++++++ src/appl/bsd/krshd.c | 17 +++++++++++------ 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index 5258ed76c..944c04a9c 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,10 @@ +Sun Apr 21 12:52:35 1996 Richard Basch + + * krshd.c: If checksumming is required & ALWAYS_V5_KUSEROK is + defined, incorrect messages were being displayed for V4 clients. + Additionally, various errors were not being displayed with the + trailing newline. + Sun Apr 21 00:30:28 1996 Sam Hartman * krshd.c krlogind.c: Implement -i. Rewrite error message having diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c index 7445f3980..c64f20381 100644 --- a/src/appl/bsd/krshd.c +++ b/src/appl/bsd/krshd.c @@ -1000,7 +1000,9 @@ void doit(f, fromp) "Principal %s (%s@%s) for local user %s failed krb5_kuserok.\n", kremuser, remuser, hostname, locuser); } - else auth_sent |= AUTH_KRB5; + else + auth_sent |= + ((auth_sys == KRB5_RECVAUTH_V4) ? AUTH_KRB4 : AUTH_KRB5); } @@ -1027,7 +1029,7 @@ void doit(f, fromp) if (checksum_required && !valid_checksum) { if (auth_sent & AUTH_KRB5) { syslog(LOG_WARNING, "Client did not supply required checksum--connection rejected."); - error( "You are using an old Kerberos5 without initial connection support; only newer clients are authorized."); + error( "You are using an old Kerberos5 client without checksum support; only newer clients are authorized.\n"); goto signout_please; } else { syslog(LOG_WARNING, @@ -1035,12 +1037,15 @@ void doit(f, fromp) } } if (require_encrypt&&(!do_encrypt)) { - error("You must use encryption."); - goto signout_please; + error("You must use encryption.\n"); + goto signout_please; } if (!(auth_ok&auth_sent)) { - error("Permission denied."); - goto signout_please; + if (auth_sent) + error("Another authentication mechanism must be used to access this host.\n"); + else + error("Permission denied.\n"); + goto signout_please; } if (pwd->pw_uid && !access("/etc/nologin", F_OK)) { -- 2.26.2