This commit was manufactured by cvs2svn to create tag

[krb5.git] / src / appl / bsd / ChangeLog

2000-06-19  Tom Yu  <tlyu@mit.edu>

        * krshd.c (recvauth): Call krb5_recvauth_version() rather than
        calling krb5_recvauth() with arguments intended for
        krb5_recvauth_version().

        * kcmd.c: Conditionalize krb_sendauth prototype based on sense of
        KRB5_KRB4_COMPAT.

2000-06-15  Tom Yu  <tlyu@mit.edu>

        * login.c (try_convert524): Add use_ccache argument.  Handle case
        where we have gotten v5 creds via password being entered and don't
        crash in that case, since previous code was assuming that v5 creds
        were always being provided.  Adapted from patch by Bob Basch.

2000-06-10  Ken Raeburn  <raeburn@mit.edu>

        * krcp.c (main): Fix logic again, this time in the "success"
        case.  If there's a problem retrieving the new-protocol subkey,
        print a message and exit, don't fall back.
        * krsh.c (main): Ditto; don't look at enctype to try to guess
        protocol version.  Delete unused variable "similar".

2000-06-09  Ken Raeburn  <raeburn@mit.edu>

        * krlogin.c (main): Rework fallback logic.  Fall back to k4cmd
        unless encryption and the new protocol were both requested.

        * krsh.c (main): Rework fallback logic.  Fall back to k4cmd if new
        protocol wasn't requested.

        * krcp.c (main): Revert setting of AP_OPTS_MUTUAL_REQUIRED
        unconditionally, which was added by mistake with last set of
        patches.  If kcmd fails and the new protocol is requested, don't
        fall back to v4.

2000-05-31  Ken Raeburn  <raeburn@mit.edu>

        * Makefile.in (kcmd.o, krcp.o, krlogin.o, krlogind.o, krsh.o,
        krshd.o): Depend on defines.h.
        * krlogind.c: Include defines.h.
        * krcp.c: Ditto.

        * defines.h (enum kcmd_proto): New type.
        (rcmd_stream_read, rcmd_stream_write, getport,
        rcmd_stream_init_krb5): Add prototypes.

        * kcmd.c (use_ivecs): New variable.
        (encivec_i, encivec_o): Each is now an array of two elements.
        (input, output, twrite, krb5_write_message, krb5_net_read,
        krb5_net_write, krb_sendauth): Add prototypes.
        (kcmd): New argument PROTONUMP points to enum kcmd_proto.  If
        value is KCMD_PROTOCOL_COMPAT_HACK, set it to KCMD_NEW_PROTOCOL or
        KCMD_OLD_PROTOCOL depending on session key type.  Use subkeys for
        new protocol.  Callers updated.
        (normal_read, v5_des_read, v4_des_read, twrite, v5_des_write,
        v4_des_write, rcmd_stream_write, rcmd_stream_read): Take
        additional argument indicating whether the fd is for the secondary
        channel; ignored except in some v5 cases.  Callers updated.
        (rcmd_stream_init_krb5): New argument, kcmd protocol version.  Set
        up ivecs for secondary channel in each direction with values 0x2
        ior primary channel value.  Callers updated.
        (v5_des_read, v5_des_write): For new protocol, plaintext now has
        its length prepended but not counted.

        * krcp.c (main): Set kcmd protocol version based on command line,
        not on encryption type.  Default to COMPAT_HACK.
        * krsh.c (main): Ditto.
        * krlogin.c (main): Ditto.

        * krlogind.c (recvauth): Use new krb5_compat_recvauth_version
        routine.  Determine client's kcmd protocol version and initialize
        based on it.
        * krshd.c (recvauth): Ditto.

2000-05-19  Nalin Dahyabhai  <nalin@redhat.com>
            Ken Raeburn  <raeburn@mit.edu>

        * krcp.c (sink): bail if the target directory/file name is too long
        * krlogind.c (recvauth, krb4 compat): truncate user name if the
        principal's root would be too long to be valid
        * v4rcp.c (sink): bail if the target directory/file name is too long

2000-05-18  Tom Yu  <tlyu@mit.edu>

        * krshd.c: Shuffle inclusion of defines.h so that some krb5
        structures are declared prior to the kcmd() prototype.

2000-05-16  Ken Raeburn  <raeburn@mit.edu>

        * defines.h (kcmd): Add prototype.
        * krcp.c (main): Add extra arg to a kcmd call I missed yesterday.

2000-05-15  Ken Raeburn  <raeburn@mit.edu>

        * krcp.c (main): Fix some conditionalizations to make proper
        indentation easier.

        * kcmd.c (encivec_i, encivec_o): New variables replace old single
        variable encivec.
        (rcmd_stream_init_krb5): New argument am_client, used to
        initialize both ivec values.
        * krcp.c (main, answer_auth): Pass new argument.
        * krlogin.c (main): Ditto.
        * krlogind.c (recvauth): Ditto.
        * krsh.c (main): Ditto.
        * krshd.c (recvauth): Ditto.

        * defines.h (OPTS_FORWARD_CREDS, OPTS_FORWARDABLE_CREDS): Change
        numbers so they don't conflict with AP_OPTS_USE_SUBKEY.
        * kcmd.c (kcmd): New argument authconp, used to return the auth
        context to the caller if desired.
        * krlogin.c (auth_context): New variable.
        (main): Request a subkey from sendauth.  Get the auth context from
        kcmd so we can retrieve the subkey.  If non-DES session key is
        being used, pass the subkey to rcmd_stream_init_krb5 instead of
        the session key; fail if no subkey is found and encryption is
        required.
        * krlogind.c (recvauth): If a non-DES session key is being used,
        pass the client-provided subkey to rcmd_stream_init_krb5.
        * krcp.c (main): Set up and use subkey as above.
        * krsh.c (main): Set up and use subkey as above.
        * krshd.c (recvauth): Accept and use subkey as above.

2000-05-08  Ken Raeburn  <raeburn@mit.edu>

        * v4rcp.c (main, case 'k'): Make sure krb_realm is
        null-terminated.

2000-04-27  Nalin Dahyabhai  <nalin@redhat.com>

        * krlogin.c (main): Don't overflow buffer "term".
        * krshd.c (doit): Don't overflow buffer "cmdbuf".
        * login.c (afs_login): Don't overflow buffer "aklog_path".

2000-03-24  Ken Raeburn  <raeburn@mit.edu>

        * configure.in: Check for alpha*-dec-osf* instead of
        alpha-dec-osf*.

2000-03-15  Ken Raeburn  <raeburn@mit.edu>
            Mark D. Roth  <roth@uiuc.edu>

        * login.c (update_ref_count): Copy passwd info before calling
        getuserattr, to keep data from getting clobbered.  Patch from Mark
        Roth.

2000-02-28  Ken Raeburn  <raeburn@mit.edu>

        * krlogin.c (main): Don't output debugging messages if debugging
        wasn't turned on.

2000-02-10  Ken Raeburn  <raeburn@mit.edu>

        * login.c (main): Only destroy xtra_creds if non-null.  (Patch
        from Richard Basch.)

2000-02-04  Tom Yu  <tlyu@mit.edu>

        * login.c (main): Reorder some control flow to avoid security hole
        if KRB4_GET_TICKETS is not defined.

2000-01-27  Ken Raeburn  <raeburn@mit.edu>

        * krlogin.c (speeds): Added some comments from net recommending
        not extending the list to higher values.

1999-11-23  Ken Raeburn  <raeburn@mit.edu>

        * login.c (k_init): Call krb5_init_secure_context instead of
        krb5_init_context and krb5_secure_config_files.

1999-10-26  Tom Yu  <tlyu@mit.edu>

        * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
        LOCAL_INCLUDES such that one can override CFLAGS from the command
        line without losing CPP search patchs and defines. Some associated
        Makefile cleanup. [from wsanchez@apple.com]

1999-09-01  Ken Raeburn  <raeburn@mit.edu>

        * krlogin.c (main): Error out if -D isn't followed by another
        argument.  Based on patch from Brad Thompson.

        * krshd.c (v4_kdata, v4_ticket): Don't define if KRB5_KRB4_COMPAT
        is not defined.  Patch from Brad Thompson.

        * kcmd.c (kcmd): If krb5_get_credentials returns a nonzero error
        code, print an error message before returning.

        * krlogin.c (main): If ospeed is outside of compiled-in table
        index range but not high enough to be a baud rate, use the highest
        rate in the table.

1999-08-24  Tom Yu  <tlyu@mit.edu>

        * Makefile.in (kshd): Remove $(LOGINLIBS) from kshd dependencies.

1999-08-02  Ken Raeburn  <raeburn@mit.edu>
        and Brad Thompson  <yak@mit.edu>

        Patches from Brad Thompson for building without krb4
        compatibility:
        * krshd.c: Include sys/socket.h and netdb.h if KRB5_KRB4_COMPAT
        isn't defined.
        (doit): Cast pointer argument to getsockname.
        (recvauth): Do krb4 stuff only if KRB5_KRB4_COMPAT is defined;
        otherwise, skip it and call krb5_recvauth.
        * kcmd.c (do_lencheck): Define even if !KRB5_KRB4_COMPAT.

1999-07-26  Ken Raeburn  <raeburn@mit.edu>

        * login.c (main): Fix typo in computing strncpy length for shell
        name.

Sat Jul 24 08:50:39 1999  Ezra Peisach  <epeisach@mit.edu>

        * Makefile.in (kshd): Add $(LOGINLIBS).

1999-07-09  Ken Raeburn  <raeburn@mit.edu>

        AIX 4.3.2 changes based on bug report from Joshua Lackey,
        lackeyj@austin.ibm.com:
        * configure.in: Check for rmufile function.
        * login.c (update_ref_count) [! HAVE_RMUFILE]: Call putgroupattr
        with SEC_DELETE before SEC_COMMIT; don't call rmufile.

Fri Mar 12 19:01:35 1999  Tom Yu  <tlyu@mit.edu>

        * Makefile.in (kshd): Add $(LOGINLIBS).

Mon Mar  8 19:21:23 1999  Tom Yu  <tlyu@mit.edu>

        * kshd.M: Resync manpage.

        * krshd.c: Rework hostname logging.

Wed Feb 24 20:05:40 1999  Tom Yu  <tlyu@mit.edu>

        * klogind.M: Resync manpage.

        * krlogind.c: Rework flags for hostname logging.

Mon Feb 22 22:26:32 1999  Tom Yu  <tlyu@mit.edu>

        * kcmd.c (kcmd): Fix up to not call sname_to_principal until after
        all the addresses in hp have been iterated through to avoid
        smashing. [krb5-appl/516]

        * kcmd.c (k4cmd): Move call to krb_realmofhost() to avoid smashing
        hp.

Wed Feb 17 17:24:11 1999  Tom Yu  <tlyu@mit.edu>

        * klogind.M: Document things a little better, including new
        options controlling hostname manipulation.

        * krlogind.c: Make use of pty_make_sane_hostname() for purposes of
        manipulating hostname to pass to login.  Also unconditionally
        syslog IP address and full hostname of remote host.  Add command
        line options to control such behavior.

        * configure.in: Add arpa/nameser.h to CHECK_HEADERS.

Wed Jan 20 21:42:41 1999  Tom Yu  <tlyu@mit.edu>

        * login.c (main): Call setluid().

        * krshd.c (doit): Call setluid().

        * configure.in: Check for setluid() rather than main() in
        libsecurity.

1998-11-28  Sam Hartman  <hartmans@mesas.com>

        * krshd.c krsh.c:  Use RCMD_BUFSIZ not RSH_BUFSIZE [krb5-appl/678]

        * kcmd.c: Move RCMD_BUFSIZ into defines.h

1998-11-16  Geoffrey King  <gjking@mit.edu>

        * login.c (login_get_kconf): Also test whether *kconf_val is null
                rather than just kconf_val before passing *kconf_val to
                conf_affirmative (where strcasecmp will choke on it
                if it is in fact null).

1998-11-13  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * Makefile.in: Set the myfulldir and mydir variables (which are
                relative to buildtop and thisconfigdir, respectively.)


1998-10-24  Marc Horowitz  <marc@mit.edu>

        * login.c: update to new get_creds API
        
        * krlogin.c (main, oob, server_message, control), krlogind.c
                (sendoob, protocol, recvauth): If the enctype is not
                similar to DES, use an inband signalling protocol instead
                of MSG_OOB data to indicate status changes.

        * kcmd.c (rcmd_stream_init_krb5, v5_des_read, v5_des_write):
                update to new crypto API.  Add ivec chaining to
                encryption when the enctype is not similar to DES as part
                of the new protocol.

1998-10-06  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * krshd.c (doit): Apply ghudson's patch so that rshd passes the
                port numbers for the local and foreign addresses so that
                the V4 encrypted RCP will work correctly.  [krb5-appl/638]
        * v4rcp.c (answer_auth): Apply ghudson's patch so that if
                KRB5LOCALPORT and KRB5REMOTEPORT are set, use them to set
                the foreign and local ports so that encrypted rcp for the
                same machine.  [krb5-appl/638]

Tue Aug 18 16:48:02 1998  Tom Yu  <tlyu@mit.edu>

        * krlogin.c: Add <sys/filio.h> for FIONREAD.

Sat Aug 15 00:01:15 1998  Geoffrey King  <gjking@mit.edu>

        * krcp.c (error): Don't call rcmd_stream_write if iamremote is not
        set, because it expects a valid file descriptor [krb5-appl/359].
        Also, remove mistakenly duplicated comment above the function.

Mon Jul 27 00:06:20 1998  Geoffrey King  <gjking@mit.edu>

        * krlogin.c (main): Apply ghudson's patch so that rlogin -a
        no longer dumps core. [krb5-appl/612]

Sun Jul 26 23:46:36 1998  Sam Hartman  <hartmans@utwig.mesas.com>

        * login.c (main): Allow krb524 conversion for forwarded tickets
        (try_convert524): Don't check to see if we have tickets here; caller  does that and actually gets it right.

1998-05-26  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * login.c (dolastlog): BSD 4.4 systems don't have lastlog.h, but
                still define struct lastlog somewhere.  Included from Dima
                Ruban's FreeBSD patches.

        * krlogin.c: Include sys/ioctl_compat.h if it is present (instead
                of just for 386BSD).  

        * loginpaths.h (LPATH): If the OS provides _PATH_DEFPATH, use it
                to define LPATH and RPATH.

        * login.c: #include paths.h if present, and use it to set the
                pathnames for certain common files.

        * configure.in (withval): Check for <sys/ioctl_compat.h> and
           <paths.h>

Sat May 16 16:07:42 1998  Tom Yu  <tlyu@mit.edu>

        * login.c: Replace strcpy with strncpy in places.  Add nul
        termination to some existing invocations of strncpy.

1998-05-06  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * configure.in: Add a check for the header file krb4-proto.h.
                Replace file existence tests for /etc/environment and
                /etc/TIMEZONE with K5_AC_CHECK_FILES.

        * login.c (main): 
        * krshd.c (main): 
        * krlogind.c (main): POSIX states that getopt returns -1 when it
                is done parsing options, not EOF.

Sat Feb 28 10:44:46 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * configure.in: Clean up configure script.  Check $cross_compiling
                instead of (no longer correct) cache variable; remove
                obsolete AC_C_CROSS.  Use AC_CHECK_FUNCS instead of
                individual AC_FUNC_CHECK calls for speed.  Change checks
                for strsave and utimes to use AC_CHECK_FUNCS

        * krcp.c, v4rcp.c: Change usages of HAS_STRSAVE and HAS_UTIMES to
                HAVE_*.

Tue Feb 24 14:52:33 1998  Tom Yu  <tlyu@mit.edu>

        * kcmd.c: Integrate ghudson's changes for client-side krb4
        compatibility. [krb5-appl/483]
        
        * krcp.c: Integrate ghudson's changes for client-side krb4
        compatibility. [krb5-appl/483]

        * krlogin.c: Integrate ghudson's changes for client-side krb4
        compatibility. [krb5-appl/483]

        * krlogind.c: Integrate ghudson's changes for client-side krb4
        compatibility. [krb5-appl/483]

        * krsh.c: Integrate ghudson's changes for client-side krb4
        compatibility. [krb5-appl/483]

        * krshd.c: Integrate ghudson's changes for client-side krb4
        compatibility. [krb5-appl/483]

Sun Feb 22 19:16:12 1998  Tom Yu  <tlyu@mit.edu>

        * v4rcp.c: Punt nastiness to redefine setreuid, as we don't use
        it.

        * krcp.c: Use krb5_seteuid(). [krb5-libs/505]  Fix up inclusions
        to use <> rather than "".

Wed Feb 18 15:26:52 1998  Tom Yu  <tlyu@mit.edu>

        * Makefile.in: Remove trailing slash from thisconfigdir.  Fix up
        BUILDTOP for new conventions.

Mon Feb  2 17:02:29 1998  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile

Tue Jan 20 21:42:06 1998  Tom Yu  <tlyu@mit.edu>

        * krlogind.c (protocol): Declare pibuf and fibuf as being BUFSIZ
        bytes long, rather than 1024.  Fixes an Irix bug. [krb5-appl/527]

Fri Dec 19 18:19:42 1997  Dan Winship  <danw@mit.edu>

        * login.c (try_afscall): try_afscall doesn't work / isn't needed
        on systems without SIGSYS

Thu Dec 11 23:20:20 1997  Tom Yu  <tlyu@mit.edu>

        * krlogind.c:
        * krshd.c:
        * login.c:
        * v4rcp.c: Don't include netdb.h or sys/socket.h if krb.h is
        included; this works around an Ultrix bug where those headers
        aren't protected against multiple inclusion.

Thu Nov 20 16:42:54 1997  Tom Yu  <tlyu@mit.edu>

        * krlogind.c (recvauth): Fix args in call to
        rd_and_store_for_creds. [krb5-appl/502]

Mon Nov 17 20:55:31 1997  Tom Yu  <tlyu@mit.edu>

        * krshd.c: Don't set checksum_ignored to 1 if checksum_required is
        0; also, if a krb5 client passes in a checksum, check it
        regardless of whether checksum_required is true. [krb5-appl/500]

Wed Nov 12 19:03:02 1997  Tom Yu  <tlyu@mit.edu>

        * forward.c (rd_and_store_for_creds): Don't do the chown.  Avoids
        a security hole. [krb5-appl/494]

        * krshd.c (recvauth): chown the ccache explicitly, as
        rd_and_store_for_creds no longer does so. [krb5-appl/494]

Thu Nov  6 22:04:26 1997  Theodore Y. Ts'o  <tytso@mit.edu>

        * v4rcp.c: Use error_message(errno) instead of using
                sys_errlist[errno].  This avoids the hair of deciding
                whether or not we need to declare sys_errlist or use
                strerror(), etc., since com_err has all of that complexity
                anyway.  Also fixed lots of -Wall nits.

Mon Nov  3 15:25:48 1997  Tom Yu  <tlyu@mit.edu>

        * krlogind.c (doit): Fix up potential buffer overrun.
        [krb5-appl/488]

        * krlogin.c (main): Fix up potential buffer overrun.

        * krcp.c (hosteq): Fix up potential buffer overrun.

Tue Oct  7 18:01:15 1997  Theodore Y. Ts'o  <tytso@mit.edu>

        * v4rcp.M: Removed useless .so to a non-existent macro file.

Tue Sep  2 19:44:21 1997  Tom Yu  <tlyu@mit.edu>

        * krlogind.c (main): Changes to allow for standalone daemon
        operation.  Use the "-f" flag to enable.  This automagically
        figures out which port to bind to if you don't specify it.

Mon Jun 30 13:21:34 1997  Kevin L Mitchell  <klmitch@mit.edu>

        * login.c (dofork): Solaris 2.4 puts killpg in the bsd compatibility
                libraries.  Autoconf correctly determined that it wasn't
                available, but it wasn't conditionalized out.  Added the
                conditional, using kill(-child, SIGHUP) as a replacement,
                as suggested by tlyu

Thu Jun  5 15:56:54 1997  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * login.c: Always use the new tty line discpline.  [krb5-appl/428]

        * login.c: If a hangup signal is received, pass it onto the child.
                [krb5-appl/432]

Fri Mar 28 01:05:27 1997  Theodore Y. Ts'o  <tytso@mit.edu>

        * login.c (NO_MOTD): If we're on an SGI machine, don't do the MOTD
                or MAILCHECK thing, since it's done by /etc/cshrc magic.
                (SGI's don't define __SVR4, even though it's SVR4
                derived).  [krb5-appl/158]

        * krlogin.c (try_normal): When falling back to the normal rlogin,
                clear the signal mask, so that the child rlogin handles
                SIGUSR1 (which is used for window size changes) correctly.
                [krb5-appl/335]

Tue Mar 18 12:34:03 1997  Sam Hartman  <hartmans@luminous.MIT.EDU>

 [326]  * login.c(doit):  Preserve terminal even without -p.

Thu Feb 27 10:58:07 1997  Sam Hartman  <hartmans@luminous.MIT.EDU>

        * krshd.c: Allow user to login with / as home directory if homedir
        not found. [167]

Sat Feb 22 00:54:06 1997  Sam Hartman  <hartmans@luminous.MIT.EDU>

        * krlogin.c (mode): Clean up Posix terminal handling for NetBSD.

Tue Feb 18 18:03:55 1997  Richard Basch  <basch@lehman.com>

        * krcp.c: Replace krb5_xfree with krb5_free_data_contents
        * kcmd.c krlogind.c krshd.c: Use free instead of internal krb5_xfree
        * krlogin.c: Fixed 8bit character flow under Solaris
        * kcmd.c: getport() lets the OS pick the port rather than scanning
        * krshd.c: Don't bother to set lport before calling getport(&lport)

Sat Dec 28 21:06:43 1996  Sam Hartman  <hartmans@luminous.MIT.EDU>

        * login.c: Force environment variables like HOME to be set even if
        -p given.

Wed Feb  5 20:56:03 1997  Tom Yu  <tlyu@mit.edu>

        * Makefile.in:
        * configure.in: Update to new program build procedure.

Tue Dec 24 16:08:41 1996  Tom Yu  <tlyu@mit.edu>

        * configure.in: Fix up "test $ac_cv_c_cross" to deal with
        autoconf-2.12, since that variable can be set to a null string.

Fri Dec  6 00:53:08 1996  Theodore Y. Ts'o  <tytso@mit.edu>

        * v4rcp.c: Extend the platform-specific braindamage so that
                FreeBSD works.  This whole file is eventually going to
                need serious rototilling to make it even vaguely correct.
                [PR #284]

Fri Dec  6 00:02:25 1996  Tom Yu  <tlyu@mit.edu>

        * loginpaths.h: Add catch-all entries for LPATH and RPATH in case
        we run across something that we haven't hardcoded paths for
        yet. [267]

Thu Dec  5 21:58:28 1996  Tom Yu  <tlyu@mit.edu>

        * login.M: v5srvtab -> krb5.keytab [279]

Sun Nov 24 23:35:22 1996  Ezra Peisach  <epeisach@mit.edu>

        * login.c (try_afscall): Change to take pointer to function
                instead of only calling setpag(). [krb5-appl/190]

Fri Nov 22 15:46:46 1996  unknown  <bjaspan@mit.edu>

        * kcmd.c (kcmd): use sizeof instead of h_length to determine
        number of bytes of addr to copy from DNS response [krb5-misc/211]

Thu Nov 14 14:30:28 1996  Barry Jaspan  <bjaspan@mit.edu>

        * krcp.c: don't print our own error message if kcmd returns -1 (it
        always printed something in that case, and error_message(-1)
        prints a mess [krb5-appl/70]

Mon Nov 11 23:38:05 1996  Mark Eichin  <eichin@cygnus.com>

        * krshd "plumbing" fixes

        Tue Jun 25 19:51:07 1996  Mark Eichin  <eichin@cygnus.com>

        * krshd.c (doit): ignore SIGPIPE in the child, check the return
        status of write instead.
        Added comments labelling the various file descriptors.
        Cleaned up formatting somewhat.
        Check for failure of write to child stdin pipe, and stop reading.
        Check for output from child before checking for input from net, to
        reduce potential for missed output.
        (cleanup): moved before doit, to eliminate need for declaration.
        Added an argument, to allow reporting of what signal kshd died
        on, and report that the daemon terminated, not the shell.

        Thu Jun 20 18:54:04 1996  Mark Eichin  <eichin@cygnus.com>

        * krshd.c: fix global-change typo in !KERBEROS branch.

Mon Nov 11 15:00:25 1996  Mark Eichin  <eichin@cygnus.com>

        * Makefile.in, configure.in, krshd.c, v4rcp.M, v4rcp.c: added
        kerberos V4 rcp -x support from Cygnus tree.
        * Makefile.in, configure.in: added support for not building v4rcp
        if --without-krb4 is used.
        
        Sun Aug 11 17:30:39 1996  Chris Provenzano  <proven@cygnus.com>

        * v4rcp.c : #include <fcntl.h> for O_* flags.

        Mon Jul  8 13:44:39 1996  Mark Eichin  <eichin@cygnus.com>

        * v4rcp.c (getdtablesize): eliminate local copy.
        (kstream_write): eliminate srandom/random in favor of
        krb5_random_confounder.
        Add sys/socket.h to includes (v4 had it internal to krb.h.)
        (utimes): clone utimes-emulation from v5 krcp.c (should perhaps be
        changed to use AC_REPLACE_FUNC...)
        Declare getenv.

        Sat Jul  6 16:39:28 1996  Mark W. Eichin  <eichin@kitten.gen.ma.us>

        * v4rcp.c (answer_auth): use inet_aton only if we have it;
        otherwise fake it with inet_addr.
        * configure.in: check_func for inet_aton.

        Tue Jul  2 19:37:52 1996  Mark Eichin  <eichin@cygnus.com>

        * krshd.c (envinit): clarified initializations, labeled all slot
        reservations (SAVEENVPAD, KRBPAD, ADDRPAD are lists of zeroes.)
        Move TZ to always be slot 5, even on the cray. Added space for the
        local and remote addresses.
        (doit): add a getsockname to save the correct local address for
        the child. Set KRB5LOCALADDR and KRB5REMOTEADDR to literal IP
        addresses since the child is on the wrong side of a pipe and can't
        recover them directly.
        * v4rcp.c (kstream): add common "writelen" field for the length of
        inbuf and outbuf.
        (kstream_create_rcp_from_fd): initialze new fields.
        (kstream_write): grab a big enough buffer (since this is called
        with chunks that may correspond to the *filesystem* blocksize,
        which is usually larger than BUFSIZ.) Also skip the first four
        bytes of outbuf so that the encryption is done on an 8 byte
        boundary (if malloc is correctly aligned, malloc+8 should also
        be.)
        (answer_auth): don't try to getpeername or getsockname, since
        we're run under a pipe; just use KRB5LOCALADDR and KRB5REMOTEADDR
        which are now provided by kshd (and fail if they are not present.)
        This is safe because if they're wrong, it just means that the
        mutual authentication will fail.

        Thu Jun 27 23:32:41 1996  Mark Eichin  <eichin@cygnus.com>

        * Makefile.in (all, clean, install, v4rcp): add v4rcp installation
        and build rules.
        * krshd.c: if we got a V4 connection and the command is rcp, use
        the v4rcp backend to handle encryption.
        * v4rcp.c: based on Cygnus CNS V4 rcp, stripped down to eliminate
        user commands (and truncated usage message.)  Includes a fake
        subset of the kstream interface that only handles "rcp -x" mode.
        * v4rcp.M: new file, documents v4rcp support.

Sat Nov  9 10:49:36 1996  Sam Hartman  <hartmans@mit.edu>

        * login.c: Re-arrange to deal with compiling without krb4 support. [148]

Fri Nov  8 20:59:27 1996  Tom Yu  <tlyu@mit.edu>

        * login.c (k_init): Set up KRBTKFILE if converting krb5 tickets to
        krb4 but not getting them via password.

Wed Nov  6 11:32:36 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * login.c (destroy_tickets): Just use global kcontext instead
                of creating a new krb5 context for no good reason.

        * krshd.c (main): 
        * krsh.c (main): 
        * krlogind.c (main): 
        * krlogin.c (main): 
        * krcp.c(main): Check the error return from krb5_init_context(),
                and print an error message if necessary.

Fri Nov  1 23:11:21 1996  Sam Hartman  <hartmans@planet-zorp.MIT.EDU>

        * login.c: print out system error if -1 returns.
        (destroy_tickets): Destroy krb4 tickets if we are converting as
        well as just for initial tickets.

Fri Nov  1 21:00:01 1996  Sam Hartman  <hartmans@mit.edu>

        * login.c: Have the this call must succeed comment before setuid,
        not the AIX login uid setting.

Thu Oct 31 22:14:00 1996  Sam Hartman  <hartmans@planet-zorp.MIT.EDU>

        * krlogind.c (doit): Remove tab3 because it isn't very useful and
        isn't always present.

Thu Oct 31 19:19:54 1996  Sam Hartman  <hartmans@mit.edu>

        * klogind.M kshd.M:  document -r goes away [138]

        * krshd.c (doit): Do not support rhosts authentication.  This was
        never used by any clients and the cruft in kcmd.c was creating
        problems. [138]

        * krlogind.c (do_krb_login): Remove broken rhosts support. [138]

        * kcmd.c: Remove ruserok and associated cruft along with killpg. [138]

Tue Oct 29 10:09:39 1996  Theodore Y. Ts'o  <tytso@mit.edu>

        * login.c: Make the defaults be to *not* to get Kerberos V4
                tickets.  There are currently bad interactions between
                defaulting and the default Kerberos V4 realm (which is
                still hard-coded to be ATHENA.MIT.EDU).
                Also added some miscellaneous code cleanups.

Mon Oct 21 13:44:53 1996  Barry Jaspan  <bjaspan@mit.edu>

        * kcmd.c: don't retry (and waste 7 seconds) on ECONNREFUSED, just
        fail immediately [krb5-appl/120]

Fri Oct 18 17:26:51 1996  Barry Jaspan  <bjaspan@mit.edu>

        * krsh.c, krlogin.c: don't print our own error message if kcmd
        returns -1 (it always printed something in that case, and
        error_message(-1) prints a mess [krb5-appl/70]

Mon Sep 30 17:15:14 1996  Sam Hartman  <hartmans@mit.edu>

        * login.c: Allow login -f to let you log in as root.

Mon Sep 30 16:22:48 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * login.c (stypeof): If TERM environment variable set, use it.

        * krlogind.c (doit): Do not use login -E; no one supports it
        besides login.krb5which also supports -f.

Sun Sep 29 20:49:47 1996  Sam Hartman  <hartmans@mit.edu>

        * login.c: Fix so it works with --without-krb4 option

Fri Sep 20 18:23:53 1996  Sam Hartman  <hartmans@planet-zorp.MIT.EDU>

        * login.c: Update so that we try to convert krb524 tickets after
        we setuid(), and so that we don't hard fail if cache writeout
        fail.

Fri Sep 20 17:35:22 1996  Sam Hartman  <hartmans@mit.edu>

        * login.c: Check to see if we got krb5 tickets at all times,
        regardless of wether we are converting to krb4.  This helps us
        know when to kdestroy.

Wed Sep 11 17:27:02 1996  Barry Jaspan  <bjaspan@mit.edu>

        * login.c: fix a security-threating race condition: chown'ing the
        ccache to the user can be bad if the user can delete the file
        first and make it a symlink to something else.  The solution is to
        re-create the ccache after login as setuid() to the user.
        
Tue Sep 10 14:03:53 1996  Tom Yu  <tlyu@mit.edu>

        * klogind.M, kshd.M, login.M, rcp.M, rlogin.M, rsh.M: remove ".so
                man1/header.doc"

Fri Sep  6 13:22:46 1996  Theodore Y. Ts'o  <tytso@mit.edu>

        * login.M: Document that login_krb4_convert is off by default.

        * login.c: Turn login_krb4_convert off by default, since it causes
                problems if you don't have krb524d running on the KDC.
                This is necessary because a Solaris socket bug causes
                login to hang for 45 seconds if krb524d isn't present on
                the KDC.

Mon Sep  2 12:03:53 1996  Sam Hartman  <hartmans@mit.edu>

        * krlogind.c rlogin.c (v5_des_write): Write out length plus
        encrypted data as one packet; this reduces latency by one RTT for
        interactive traffic with kernels that support schemes similar to
        RFC896, and reduces the number of packets with most other TCP
        stacks.

Sat Aug 10 16:22:34 1996  Sam Hartman  <hartmans@mit.edu>

        * krcp.c (source): Cast stb.st_size to a long before printing it.
        On NetBSD, it's a quad, so the following pointer is ignored and
        all files look null.  We could special case NetBSD, but casting is
        somewhat cleaner if we aren't dealing with 2g+ files.
e
Mon Jun 24 09:48:11 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>

        * krsh.c (main): Fix typo so that krsh doesn't exit when using the
                default port.

Fri Jun 21 21:12:52 1996  Sam Hartman  <hartmans@mit.edu>

        * configure.in : Make sure it works with the built-in libkrb4.a again.

Fri Jun 14 13:19:30 1996  Sam Hartman  <hartmans@mit.edu>

        * login.c: Add define to deal with krb_save_credentials possibly
        being called save_credentials, and to define krb_get_err_text if
        it is not defined by the krb4 library.

        * configure.in :  check for krb_save_credentials and krb_get_err_text

Thu Jun 13 14:24:50 1996  Sam Hartman  <hartmans@mit.edu>

        * krlogind.c (doit): If using vendor login, make sure output flags
        are reasonable.


Sat Jun 15 04:03:32 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * configure.in: Cleanup of tests whose results are not longer used
                with the pty library in place.

Mon Jun  3 21:26:34 1996  Tom Yu  <tlyu@mit.edu>

        * login.c: Ezra's patches to trim unsed arg from
                verify_krb_v5_tgt, etc.

        * Makefile.in,configure.in: allow compilation w/o krb4 (Ezra's
                patches)

Sun May 19 15:22:06 1996  Sam Hartman  <hartmans@mit.edu>

        * login.c (destroy_tickets main):  Use a secure context

Wed May 22 22:46:40 1996  Richard Basch  <basch@lehman.com>

        * login.c (k_init): Set the default KRB5CCNAME environment variable
        consistently with other applications - FILE:/tmp/krb5cc_p<pid>

Thu May  9 00:09:14 1996  Richard Basch  <basch@lehman.com>

        * krlogind.c krshd.c:
        Use the replay cache associated with the default server name
        (rc_host*), like telnetd does.

Mon May  6 14:06:21 1996  Richard Basch  <basch@lehman.com>

        * login.c: SVR4 logins do not do motd or mailcheck normally; that
        is a function of /etc/profile.  login.krb should act the same...

Mon Apr 29 17:02:44 1996  Ken Raeburn  <raeburn@cygnus.com>

        Merge with Cygnus sources, changes from Mark Eichin, Marc
        Horowitz, Chris Provenzano and me:

        * Makefile.in (install): Install correct set of man pages, and
        check for failures.
        * kshd.M, klogind.M: Renamed from kr*.M versions.
        * login.M: New file. Man page for login with some description of
        new features.

        * rlogin.M: Remove references to using program with target
        hostname as argv[0].
        * rsh.M: Ditto.  Also document -f, -F, -x options.

        * login.c: Massive changes.  Split much functionality out of main
        and into separate file sections: terminal flag settings, Kerberos
        4 and 5 support, UNIX password support, mail check, signal handler
        handling, some other support routines.  Revamp controlling tty and
        process group handling.  For AFS configuration, use setpag and run
        aklog.  Try validating password using krb5.  Always set tty flags,
        not just for rlogin session.  When validating tickets, treat an
        existing key file that doesn't contain the key we think we want
        (possibly because DNS was spoofed) as an error condition.
        * Makefile.in (LOGINLIBS): List libkrb524.a here.
        (LIBOBJS): Not here.
        (login.krb5): Reverse the order of LIBOBJS and LOGINLIBS.
        * configure.in: Check for --with-afs.  Add AFS libs and define
        SETPAG if supplied.

        * login.c (KRB5_GET_TICKETS, KRB4_GET_TICKETS, KRB_RUN_AKLOG): new
        macros selecting single signon options.  krb5.conf profile support
        for control over authentication options, above the compile time
        selection.
        (conf_affirmative): new function, recognize yes/no in profile
        value.
        (login_get_kconf): new function, look for all [login] flags and
        set them in appropriate globals (via login_conf_set array.)
        (main, sleepexit, destroy_tickets): Check the new login_* flags.
        (main): rename KRB4_USE_524 to KRB4_CONVERT.

        * configure.in: Added checks for tcsetpgrp, tcgetpgrp, setpgid.
        * krlogind.c (control): Use tcgetpgrp if it's available.

        * loginpaths.h (RPATH, LPATH, LPATH_root): Define HP/UX 9.04
        versions, conditionalized on __hpux and !hpux.

        * login.c and configure.in: instead of checking _IBMR2 and
        __sgi__, write configure tests to check for the existence of
        /etc/environment and /etc/TIMEZONE files, respectively.

        * forward.c (rd_and_store_for_creds) : If chown fails then only
        pass failure back if owner is different than intended owner. This
        is to make rsh.exp test work without requiring root privlidges.

        * login.c (main): Don't set TERM to an empty value.
        (stypeof) [__hpux]: Return null if unknown.

        * krlogin.c (catchild): remove hp/ux kludge because of aclocal.m4 fix.
        (speeds): test __hpux for hpux speed list.
        (main): test __hpux for use of FIOSSAIOSTAT and FIOSSAIOOWN
        (USE_TERMIO): test __hpux for bsdtty/ptyio headers.
        * krlogind.c: test __hpux for bsdtty/ptyio headers.
        (doit): test __hpux for use of setpgrp2.
        * krcp.c (main): test __hpux as well for remsh vs. rsh.

        * krcp.c (des_write): Make sure the buffer for the encrypted data
        is large enough. Only return an error in malloc fails.

        * krsh.c (main): Always turn on anyport -A option.

        * krlogind.c (ptsname): Declare if it's going to be used.

        * krshd.c (main): Use basename of argv[0] for progname.

        * login.c (dofork): On linux, TIOCNOTTY causes us to die on a
        SIGHUP, so don't even try it.

Sun Apr 21 12:52:35 1996  Richard Basch  <basch@lehman.com>

        * krshd.c: If checksumming is required & ALWAYS_V5_KUSEROK is
        defined, incorrect messages were being displayed for V4 clients.
        Additionally, various errors were not being displayed with the
        trailing newline.
        Also, one could not specify -c in inetd.conf, because of the
        variable initialization; initialization has been corrected to
        allow either checksumming or ignoring the checksum.

Sun Apr 21 00:30:28 1996  Sam Hartman  <hartmans@mit.edu>

        * krshd.c krlogind.c: Implement -i.  Rewrite error message having
        to do with checksums.

        * krshd.Mkrlogind.M : Document -i, remove documentation about
        taking options from name of daemon.  Clean up checksum
        documentation.

        * krlogind.c (do_krb_login): Fix up error messages for checksums.
        Configuration errors are presented for situations where -c and -i
        are used together, or where -4 and -c are used together.

Thu Apr 18 19:48:47 1996  Sam Hartman  <hartmans@mit.edu>

        * Makefile.in: Fix spaces by converting to tabs.

        * krlogind.c: Take patches from Doug Engert <deengert@anl.gov> to
        allow login to work with vendor logins.  Also, fix packet-mode
        bug; we have some hope of working on non-Solaris streams pty code.


Wed Apr 17 13:46:57 1996  Theodore Y. Ts'o  <tytso@mit.edu>

        * configure.in (LOGINLIBS): Remove DECLARE_SYS_ERRLIST since it's
                no longer necessary.

        * krcp.c (verifydir, allocbuf, rsource, source, sink): Don't use
                sys_errlist[]; just call error_message() instead, since we
                depend on com_err anyway.

        * krshd.c (recvauth): 
        * krlogind.c (recvauth): Don't actually check the checksum unless
                it is required.  Old (pre-beta 5) clients sent a checksum
                of random garbage (such as their pid) which is impossible to
                actually check on the server side.  (Grad student stupidity
                strikes again.)
                (fatalperror): Don't use sys_errlist[] to get the right
                error message; just depend on com_err instead, since we're
                using it anyway.

        * krshd.c (doit): 
        * krlogind.c (do_krb_login): Fix logic so that if checksums are
                required, and the checksum is valid, don't syslog the
                stupid warning message about "Checksums are only required
                for v5 clients...."
        
        * krcp.c, krshd.c, krlogind.c: Miscellaneous -Wall cleanups

        * krlogind.c (getpty): Removed dead code.


Tue Apr 16 11:33:33 1996  Sam Hartman  <hartmans@mit.edu>

        * krlogind.c kshd.c (main): Drop support for handling options in
                rlogind's name.

Sun Apr 14 03:41:49 1996  Sam Hartman  <hartmans@zygorthian-space-raiders.MIT.EDU>

        * krlogind.c (fatalperror): Only declar sys_errlist if needed.

        
Sat Apr 13 17:47:36 1996  Sam Hartman  <hartmans@mit.edu>

        * krshd.c (doit): Use setsid instead of setpgrp if you have it.
        Note this doesn't work for Ultrix.

        * krlogind.c (doit): Don't call setpgrp or setsid; let pty library do
        that for us.

Fri Apr 12 23:38:25 1996  Richard Basch  <basch@lehman.com>

        * krlogind.c (cleanup): Destroy any forwarded credentials at the
        end of the login session (they were placed in an unusual location
        anyway, so the chance that someone will be trying to reuse those
        credentials is minimal)

Thu Apr 11 00:22:51 1996  Richard Basch  <basch@lehman.com>

        * kcmd.c: Cleaned up whitespace and removed commented & unused cruft

        * krlogind.c, krshd.c: Allow the recvauth routine to find any key
        in the keytab for which the user is trying to login.  The host may
        be known as many names.  Additionally, for krlogind, clean up the
        error handling for bad authentication (potential null dereference
        and a misleading message because of the wrong authentication system
        being used)

Sun Apr  7 22:46:07 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krshd.c: Add an option -L to pass certain environment variables
                to the client.

Wed Apr  3 17:09:19 1996  Richard Basch  <basch@lehman.com>

        * krlogind.c: Under Solaris, when the connection pipe goes away,
                zero bytes are returned.  Since we are using blocking
                read calls, and the net_read function deals with
                interrupted/resumed reads, consider zero bytes to be
                be a terminated connection, so as not to spin.

Mon Apr  1 10:12:44 1996  Richard Basch  <basch@lehman.com>

        * loginpaths.h: Leading/trailing colons should not be there based
        on the variable usage in the code.  Also, the tests for Solaris
        were incorrect.

Fri Mar 29 16:22:18 1996  Richard Basch  <basch@lehman.com>

        * kcmd.c, krlogin.c, krsh.c, krcp.c:
                Allow for a proxy forwarder to be specified

Sat Mar 23 17:20:00 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krcp.c (des_write): Use krb5_net_write instead of write, because
        most parts of rcp that call this code ignore the return value and
        we want to reblock properly.

        * krshd.c (doit): Don't use non-blocking IO; it is unnecessary and
        may cause problems.

Fri Mar 22 13:27:40 1996  Richard Basch  <basch@lehman.com>

        * krshd.c: use the library routines to do v4 to v5
        principal translation, for a more accurate representation.

Wed Mar 20 19:36:21 1996  Richard Basch  <basch@lehman.com>

        * krlogind.c: use the library routines to do v4 to v5
        principal translation, for a more accurate representation.

Tue Mar 19 20:11:28 1996  Richard Basch  <basch@lehman.com>

        * kcmd.c (ruserok): declare the function as taking const char *
        instead of char * (Solaris 2.5 refuses to compile it, otherwise).

Tue Mar 12 23:42:50 1996  Ken Raeburn  <raeburn@cygnus.com>

        * configure.in: Use AC_HEADER_STDARG.

Tue Mar 12 17:52:08 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krshd.c (doit): For encrypted rcp, fix logic in determining
                executable to run. 

Mon Feb 26 03:28:44 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * configure.in: call USE_ANAME.

Sun Feb 25 18:50:45 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krlogind.c (v5_des_read): Fix server side of bug in detecing eof
        on the network connection.  Same as client change: v5_des_read
        needs to return 0 if read returns <= 0, notjust a strict
        inequality.

Mon Feb 12 22:41:06 1996  Theodore Y. Ts'o  <tytso@dcl>

        * kcmd.c (kcmd): Fix lint flame (added missing cast).

Fri Feb  9 21:43:50 1996  Sam Hartman  <hartmans@hartman.mit.edu>

        * krsh.c (main): Only print secure_message if encrypt_flag set.

Fri Feb  9 20:18:48 1996  <hartmans@mit.edu>

        * krlogind.c (recvauth): Fix v4 incompatability created by
        checksum code; if using v4, don't try to verify a v5 checksum.

Fri Feb  2 16:10:56 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * configure.in (save_path): Look for "ucb" varients in
        /usr/athena/bin if --enable-athena specified.

        * krsh.c krlogin.c krcp.c (try_normal): If --enable-athena, don't
        quit just because we are encrypted.

Thu Feb  1 00:09:13 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * rcp.M: Fix typo.

        * krcp.c (des_write): If rcp tries to write to stdin, redirect it
        to stdout.  That way it works with pipes; the right thing is for
        rcp to not try and do this, but introducing remread and remwrite
        as variables is significantly more work for only slightly better
        code.
        (main):  Use rsh encryption; not user-to-user. Note that we still
        support the answer_auth mechanism for incoming connections
        so older clients work, but this is depricated.
        (send_auth): expunged with pleasure; answer_auth should go in a
        a version or two.

Wed Jan 31 16:24:50 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krsh.c (main): Print SECURE_MESSAGE when appropriate.

        * krshd.c (doit): Fork and handle pipes either if stderr signal
        processing is enabled *or* encryption is enabled.  Rsh always
        enables stderr, but rcp won't.
        (SECURE_MESSAGE): Moving to client where it belongs, so the stderr
        channel doesn't get corrupted for rcp.  Besides, the client can
        determine if it is talking to a tty and only print this message to
        a tty.

        * krlogind.c (recvauth): Pas ccache to rd_and_store_for_creds

        * krshd.c (recvauth): Pass address of ccache to rd_and_store_for_creds
        (ccache): new global variable.
        (cleanup): Destroy ccache if we have one.
        (doit): Destroy cache on normal terination.

        * forward.c (rd_and_store_for_creds): Take a pointer to a ccache;
        we should provide the caller with a way of destroying forwarded
        credentials.

Tue Jan 30 17:56:49 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krshd.c (envinit): Expand to have space KRB5_CCNAME
        (doit): Put krb5_ccname at the end of envinit; this is
        handled differently that other variables, because TZ may or may not
        beset, so our position cannot be fixed.


Sat Jan 27 18:40:31 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * kcmd.c (kcmd): We no longer need F_SETOWN as nothing in appl/bsd
        handles oob data with signals any more.

Fri Jan 26 00:37:23 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krlogin.c (reader): Deal with exceptions even while writing.
        (reader): Fix bogus select bug; actually select on writing

Wed Jan 24 00:34:42 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krlogind.M krshd.M: Update to document new options.

        * Makefile.in (install): Install as kshd and klogind not krshd and
        krlogind.

        * krshd.c (main): Use krlogind-style options (-54kce)

        * krlogind.c (main): Change option parsing  to support new format.
        (do_krb_login): Use auth_ok and auth_sent masks instead of passed_*

Tue Jan 23 18:10:55 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krshd.c (recvauth): Use the correct username in strlen call for
        allocating chksumbuf.

        * krlogind.c (recvauth): Code to copy checksum verification code.


Mon Jan 22 15:14:11 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krshd.c (recvauth): Update to expect port in checksum.

        * kcmd.c (kcmd): Include port in string of checksumed data to
        distinguish between encrypted and unencrypted rlogin.


Mon Jan 22 18:14:05 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krcp.c: Use KRB5_STDARG_P.

        * configure.in: Add KRB5_CHECK_PROTOS for prototyps definitions.


Fri Jan 19 10:45:29 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krshd.c (recvauth): Verify checksum against command line and
        remote user.
        (recvauth): Fix accidental memory leak with authenticator and fix
        include correct username in checksum

        * kcmd.c: Send authenticator with checksum of command line and
        remote user.

        * krlogin.c (des_read): Return 0 or -1 on close/error respectively.

Wed Jan 17 15:14:33 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * krlogin.c (reader): Use select to find out-of-band data, not signals.
        (oob): No longer a signal handler; just a function.
        (writer): get rid of copytochild setup as sigurg no longer needed
        (main): Don't block SIGURG
        * configure.in :  Include sys/time.h check

Mon Jan 15 16:16:07 1996  Sam Hartman  <hartmans@tertius.mit.edu>

        * login.c (main): ttyslot usable here as well

        * krlogind.c (doit): update_utmp can use ttyslot.

Thu Jan 11 12:40:08 1996  Ezra Peisach  (epeisach@paris)

        * krsh.c, krlogin.c: (main): Ultrix cc does not support automatic
                aggregate initiailzation of structures. 

Thu Jan 11 11:27:04 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krcp.c (error): Convert to use varargs.

        * configure.in: Check for stdarg.h

Wed Jan 10 21:26:20 1996  Theodore Y. Ts'o  <tytso@dcl>

        * kcmd.c (getport): Clear the sin structure to be zero.  (From
                Doug Engert.)

        * krsh.c (main): Added code to default port to 544 if service not
                found.  (From Doug Engert.)

        * krlogin.c (main): Added code to default port to 543 or 2105 if
                service not found.  (From Doug Engert.)

        * login.c (main): Save KRB5CCNAME environment variable, which may
                have been set by forward.c.  Add code for SGI to set
                environment for its /etc/TIMEZONE (untested).  Don't print
                MOTD twice on Suns, added #ifdef NO_MOTD.  (Patches from
                Doug Engert).

        * kcmd.c: Removed extern global of krb5_kdc_req_sumtype, which
                wasn't being used anyway.

Tue Jan  9 22:51:16 1996  Theodore Y. Ts'o  <tytso@dcl>

        * forward.c (get_for_creds): Removed no longer used function.

        * kcmd.c (kcmd): Convert from using get_for_creds() from forward.c
                to using the official library routine, krb5_fwd_tgt_creds().

Fri Dec 22 17:42:11 1995  Theodore Y. Ts'o  <tytso@dcl>

        * login.c (main): If HAVE_SHADOW is defined, and no shadow
                password entry is availble, try using the password entry
                in the password file.

Tue Dec 19 17:11:37 1995  Theodore Y. Ts'o  <tytso@dcl>

        * kcmd.c: Also include unistd.h, if it's available.

Tue Dec  5 20:44:39 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * configure.in: Use krb5util library.

        * login.c (main): Change two-argument call to syslog to three
                arguments to handle screw cases in hostnames.

Fri Dec  1 17:25:02 1995  Theodore Y. Ts'o  <tytso@dcl>

        * login.c (main, dofork): Applied patch from Scott Schwartz
                <schwartz@galapagos.cse.psu.edu>

                Under SunOS, and maybe other systems, there is a a problem
                with krlogind.c and a similar problem with login.c as
                distributed with K5.5.

                The bug is that rlogind forks a child but retains a
                controlling tty.  If the child is in the same process
                group as the parent, which is will if you don't use a job
                control shell (chsh /bin/rc), keyboard signals will kill
                the daemon.  telnetd dissociates itself properly, but then
                login.krb5 waits for the shell to finish, but login.krb5
                has the same ctty as the shell and is in the same process
                group, so it has the same problem.

                In BSD you used to be able to give up your ctty at will,
                but SunOS seems to have setsid as the only mechanism to
                perform that action, and setsid can only succeed in
                limited circumstances.  Rlogind ought to be fixed to
                behave more like telnetd, but independent of that,
                login.krb5 needs to be patched if kerberos is to work
                properly under SunOS.

Sun Nov 12 12:39:23 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * krlogind.c (doit): Clear iextn for NetBSD and other 4.4-based
        systems so that ctrl-o isn't special.

Sat Oct 21 17:33:37 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * login.c (main): Don't set LOGNAME twice.

Sun Nov 12 04:44:50 1995  Mark W. Eichin  <eichin@cygnus.com>

        * krshd.c (doit): drag TZ= from parent environment into envinit to
        pass to child.
        (envinit, TZENV): add one more slot for optional TZ, and mark it.

Thu Nov  2 16:16:47 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krlogin.c, krcp.c, krsh.c (main): If invoked with -D port, do
                not die if entry is missing from /etc/services.

Mon Oct 16 17:27:43 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * login.c (main): Don't print warning about no tickets obtained if
        we didn't ask for a password.  Also, define LOGNAME for so sysvish
        systems are happy.  Patch from ramus@nersc.gov.

Wed Sep 06 14:20:57 1995   Chris Provenzano (proven@mit.edu)

        * krcp.c, krlogin.c, krlogind.c, krsh.c, krshd.c : 
                s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g

Sun Aug 27 15:35:04 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * rlogin.M: Document -f and -F options.

Mon Aug  7 17:32:29 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * krlogind.c: Close the write side of the syncpipe in the parent
        so we get SIGPIPE if child dies. 

        * login.c (main): Use new interface to pty_update_utmp

        * configure.in (LOGINLIBS): Check for utmp.h and utmpx.h.

        * krlogind.c (doit): Use new format for pty_update_utmp
        * Include utmp.h because libpty.h no longer does.

Fri Aug  4 00:50:41 1995  Tom Yu  <tlyu@dragons-lair.MIT.EDU>

        * krlogind.c: don't include utmp.h, since libty.h grabs it.

Wed Aug  2 13:06:02 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * krlogind.c (main): call pty_init()call pty_init()

Tue Aug  1 08:43:22 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * Makefile.in :  Remove references to logutil.c and logutil.o


        * krshd.c (doit): Replace logwtmp with pty_logwtmp

        * login.c (main): use pty_update_utmp not update_utmp

        * logutil.c: Removed because all its functionality is incorperated
        into libpty.

        * krlogind.c (doit): Pass length of line to pty_getpty

Mon Jul 31 17:07:59 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * login.c (main): Don't call TIOCSETD under Posix.
         * Include iexten in terminal flags.


        * krlogin.c:  Don't include termio.h here either.

        * login.c: Remove special casing of AIX to include termio.h; it
        breaks almost all terminal handling, because it's the
        compatibility file for applications written for the RT.  Instead,
        just define CNUL if not already defined by ttychars.h


Sat Jul 29 04:37:33 1995  Tom Yu  <tlyu@dragons-lair.MIT.EDU>

        * configure.in: Don't link with -lkadm


Fri Jul 28 16:49:02 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * Makefile.in (LOCAL_LIBRARIES): include -lpty; also included in
        DEPLOCAL_LIBRARIES.

        * krlogind.c (doit): Use pipe for synchronization so pty can be
        opened in slave.  Use libpty for pty handling.
        (cleanup):  Use pty_cleanup to do most work.

Thu Jul 27 15:02:03 EDT 1995    Paul Park       (pjpark@mit.edu)
        * krshd.c - Check for interrupted select.  Should fix bug #1555.


Thu Jul 13 17:49:54 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * configure.in : Short circuit the streams test for AIX to false
        because AIX strops.h trashes definition of _IO from sys/ioctl.h.
        I think this is fixed in AIX4, so the test is only bypassed for
        AIX3.

Tue Jul 11 12:50:16 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * krlogind.c (getpty): Use ptsname before ttyname; it has a higher
        chance of doing what we want.

Fri Jul 7 15:40:42 EDT 1995     Paul Park       (pjpark@mit.edu)
        * Makefile.in - Remove all explcitit library handling.
        * configure.in - Add USE_<mumble> and KRB5_LIBRARIES.

Wed Jul  5 20:03:37 1995  Theodore Y. Ts'o  (tytso@dcl)

        * krcp.c, krlogin.c, krlogind.c, krshd.c, login.c: Remove
                declaration of errno altoghether.  "extern int errno;" is
                always wrong.

        * login.c (main): Don't use the TIOCLSET ioctl unless we're not
                using POSIX_TERMIOS.  Don't just blindly set the file
                status flags to 0.  Instead, do a fcntl(0, F_GETFL), and
                then reset the nonblocking flags.

Sun Jul  2 19:48:27 1995  Sam Hartman  <hartmans@tertius.mit.edu>

        * krcp.c: make errno extern

        * krshd.c: errno should be extern so it doesn't mask the libc
        definition in AIX.

Tue Jun 27 23:50:56 1995  Tom Yu  (tlyu@dragons-lair)

        * krlogin.c: don't redeclare noltc, defltc if we happen to have
                TIOCGLTC in addition to POSIX_TERMIOS

Tue Jun 27 16:18:49 EDT 1995    Paul Park       (pjpark@mit.edu)
        * configure.in - When checking number/type of arguments to {get,set}pgrp
                attempt to set __STDC__ in a vain attempt to ensure that we
                get function prototype checking turned on.  OSF/1's native
                compiler didn't really care what's passed as arguments unless
                __STDC__'s set.
        * krcp.c - Change usage of BUFSIZ to RCP_BUFSIZ.  Remove & from in
                front of array.  It's redundant.
        * krlogin.c - Change usage of BUFSIZ to RLOGIN_BUFSIZ.  Add signal
                name parameter to signal handlers to conform to prototype.
        * krlogind.c - Change usage of BUFSIZ to RLOGIND_BUFSIZ.  Cast 4th
                argument to setsockopt(2) to be const char *.
        * krsh.c - Change usage of BUFSIZ to RSH_BUFSIZ.  Cast 4th argument
                to setsockopt(2) to be const char *.
        * krshd.c - Change usage of BUFSIZ to RSHD_BUFSIZ.

Thu Jun 22 14:36:46 1995  Theodore Y. Ts'o  <tytso@dcl>

        * configure.in: Change AC_HAVE_HEADERS with AC_CHECK_HEADERS, and
                check for string.h as well.

        * krsh.c: Don't include ext-proto.h; move the #include of the
                header files which we actually needed into krsh.c, using
                the autoconf standard define's.

Wed Jun 21 17:29:27 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * login.c: Change RETSIGTYPE to krb5_sigtype to be consistant.

        * configure.in (LOGINLIBS): Add KRB5_SIGTYPE to declare krb5_sigtype.

Tue Jun 20 13:00:25 1995  Tom Yu  (tlyu@dragons-lair)

        * krlogin.c: HAS_STDLIB_H -> HAVE_STDLIB_H

Mon Jun 19 13:34:23 EDT 1995    Paul Park       (pjpark@mit.edu)
        * login.c - Change setluid call to check for luid and then set it if
                it fails, also make this logic conditional under HAVE_SETLUID.
        * configure.in - For OSF/1 systems where libsecurity is present, set
                HAVE_SETLUID.  We'll need to determine similar tests for other
                extended security systems that we are to support in the future.


Thu Jun 15 17:32:20 EDT 1995    Paul Park       (pjpark@mit.edu)
        * Makefile.in - Change explicit library names to -l<lib> form, and
                change target link line to use $(LD) and associated flags.
                Also, remove DBMLIB, it was not used. Also, for K4, use
                KRB4_LIB and KRB4_CRYPTO_LIB, these were
                split out.
        * configure.in - Remove dbm library checks, these are no longer needed
                with the Berkeley database code.  Also, add shared library
                usage check.

Sat Jun 10 22:56:10 1995  Tom Yu  (tlyu@dragons-lair)

        * forward.c, kcmd.c, krcp.c, krlogind.c, krshd.c:
                krb5_auth_context redefinitions

Fri Jun  9 18:26:30 1995    <tytso@rsx-11.mit.edu>

        * configure.in: Remove standardized set of autoconf macros, which
                are now handled by CONFIG_RULES.

Wed May 31 17:16:44 1995  Tom Yu  (tlyu@dragons-lair)

        * loginpaths.h: #ifdef ultrix => #ifdef __ultrix

Sun May 21 16:36:39 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * loginpaths.h: Add NetBSD paths.

        * login.c: Define TAB3 to 0 if non existant

        * krlogin.c (mode): ifdef code based on TABDLY existing on
                machine. (netbsd lacks this).

        * krcp.c: Declare sys_errlist only if needed by the OS.

        * configure.in: Add DECLARE_SYS_ERRLIST
                Check for libcrypt defining the function crypt

Mon May 15 10:43:30 1995    <tytso@rsx-11.mit.edu>

        * login.c (main): Only try to use TIOCSETD if it is defined
                (instead of relying on _IBMR2 *not* being defined).

                Only try to use TIOCNXCL if it is defined.

        * krcp.c: If setreuid() is emulated using setresuid(),
                #define HAVE_SETREUID so it gets used.

Sat May 13 08:59:38 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krshd.c (recvauth): Use krb5_auth_con_genaddrs to set the port
                on the connection so that credential forwarding works.

Tue May  9 08:17:18 1995  Ezra Peisach  (epeisach@kangaroo.mit.edu)

        * krshd.c (main): Cast a sockaddr_in * to sockaddr * in call to
                accept. 

        * kcmd.c: Add <stdlib.h>

        * krcp.c: Add <stdlib.h>.

Sat May  6 18:12:37 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krcp.c (answer_auth): Added const declaration to filenames.

Fri May 05 09:16:16 1995  Chris Provenzano (proven@mit.edu)

        * krcp.c (answer_auth()): Requires two new args that are passed
                from the command line. The first -c is to pass the filename
                of the remote credential cache. The second -C is to pass
                the filename of the remote krb5.conf file.

Thu May 04 23:53:23 1995  Chris Provenzano (proven@mit.edu)

        * krcp.c (answer_auth()): Don't destroy the credential cache.

Wed May 03 20:10:39 1995  Chris Provenzano (proven@mit.edu)

        * krcp.c (answer_auth()): Set auth_context = NULL before using it.

Wed May 03 03:30:51 1995  Chris Provenzano (proven@mit.edu)

        * krlogind.c, krshd.c: (krb5_compat_recvauth()): 
                No longer needs the rc_type arg.

Tue May  2 22:12:39 1995  Theodore Y. Ts'o  (tytso@dcl)

        * krcp.c (main): Don't try to play uid swapping games if the
                effective uid is not zero.

        * kcmd.c (kcmd): Bug fix to jik's bug fix.  (Caused by our code
                drift since jik's changes went in, and not sufficiently
                careful checking of jik's patches before applying it.)

Mon May 01 15:56:32 1995  Chris Provenzano

        * kcmd.c (kcmd()): Bug fixes from jik.

        * krlogind.c (recvauth()): Changes to auth_context to better 
                support full addresses, for rd_cred() and friends.

Sat Apr 29 01:26:06 1995  Theodore Y. Ts'o  <tytso@dcl>

        * Makefile.in (login.krb5): Link the libraries twice due to
                circular dependency in the libraries.  (read_password in
                libdes425.a depends on krb5_read_password in libkrb5.a)

Fri Apr 28 20:33:06 1995  Theodore Y. Ts'o  <tytso@dcl>

        * login.c (main): Don't use setreuid() to play games with the real
                uid, since not all systems have setreuid().  This method
                of communicating to in_tkt what the correct owner of the
                ticket file is completely broken, anyway.  We skip the
                setreuid() entirely, and then chown the ticket file to the
                correct owner and group afterwards.

Fri Apr 28 17:59:19 1995  Mark Eichin  <eichin@cygnus.com>

        * Makefile.in (KLIB): include KRB4_LIB directly, to satisfy both
        versions of the dependencies.

Fri Apr 28 16:55:14 EDT 1995    Paul Park       (pjpark@mit.edu)
        * Makefile.in   - change position of KRB4_LIB for krshd and krlogind
                          so that it links correctly for both --with-krb4
                          and --with-krb4=/usr/athena.

Fri Apr 28 16:12:57 1995  Mark Eichin  <eichin@cygnus.com>

        * configure.in (PATH): use internal AC_PROG_ECHO_N because change
        in path might change behavior of echo (example: solaris, native
        shell, with GNU echo (-n) in user path, but only Solaris echo (\c)
        in path here.)

Fri Apr 28 07:52:45 1995  Theodore Y. Ts'o  <tytso@lurch.mit.edu>

        * login.c: Lots of lint cleanup; declare functions before they
                are used, add appropriate return types (int or void)
                to functions as necessary, etc.
        
Thu Apr 27 21:44:17 1995  Ezra Peisach  (epeisach@kangaroo.mit.edu)

        * login.c: Remove definition of krb_err_txt. krb.h defines it.

Thu Apr 27 17:41:06 1995  Mark Eichin  <eichin@cygnus.com>

        * Makefile.in (krshd, login.krb5, krlogind): KRB4_LIB needs to
        appear before KLIB since it uses des425.

Thu Apr 27 14:36:54 1995  Mark Eichin  <eichin@cygnus.com>

        * Makefile.in (LOCALINCLUDE): get kerberosIV headers for login.c
        (login.krb): link against krb4 libs.
        * configure.in: check AC_CONST so it works.

Thu Apr 27 13:54:21 1995  Mark Eichin  <eichin@cygnus.com>

        * configure.in: use WITH_KRB4 as-is.
        * Makefile.in (krshd, krlogind): use KRB4_LIB directly.

Thu Apr 27 01:09:19 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krcp.c (answer_auth): Should not call krb5_cc_close after
                krb5_cc_destroy. (encrypted rcp failed).

        * krlogind.c (main): -S option was not getting a keytab. (passing
                a char * to krb5_compat_recvauth).

        * krshd.c (recvauth): extract the client principal from ticket
                before calling krb5_kuserok on a NULL principal.
                (main): -S option was not getting a keytab (passing a char *).

        * krcp.c: (main): Missing htons on port number when specified on
                command line.

Wed Apr 26 21:09:34 1995  Chris Provenzano  (proven@mit.edu)

        * kcmd.c (kcmd()) : Don't use hp->h_name use host_save instead.

Wed Apr 26 17:43:08 1995  Mark Eichin  <eichin@cygnus.com>

        * logutil.c (EMPTY): linux has UT_UNKNOWN, not EMPTY.

Wed Apr 26 09:41:35 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

        * krlogind.c (main): LOG_AUTH in openlog arguments in wrong place.
                (recvauth): Do not copy principal on a V4 request. The
                ticket portion is not set by krb5_compat_recvauth for these.

        * configure.in: Check for libutil. Under OSF/1, logwtmp is stored
                there. 

Wed Apr 26 07:19:18 1995  Chris Provenzano  (proven@mit.edu)

        * krlogind.c (doit()) : If TIOCOTTY is defined unset the 
                controlling tty before setting it to another tty.

Tue Apr 25 21:23:28 1995  Chris Provenzano  (proven@mit.edu)

        * forward.c (rd_and_store_for_creds()) : Rewritten to use
                auth_context and the new krb5_rd_creds().
        * forward.c (get_for_creds()) : New function replacing
                krb5_get_for_creds() and uses auth_context and new
                krb5_mk_creds() routine.
        * kcmd.c (kcmd()): Use new get_for_creds() routine.
        * krlogind.c (recvauth()): Use new rd_and_store_for_creds() routine.

Sat Apr 22 00:42:22 1995  Theodore Y. Ts'o  (tytso@dcl)

        * rlogind (main, doit): The variable krb5_override_default_realm
                is obsolete.  Use the krb5_set_default_realm function instead.

        * krshd.c (main, doit): The variable krb5_override_default_realm
                is obsolete.  Use the krb5_set_default_realm function instead.

Fri Apr 21 21:11:17 1995  Theodore Y. Ts'o  (tytso@dcl)

        * krshd.c: Add #include for <sys/stat.h>, which is now needed.

Fri Apr 21 17:18:57 1995  Mark Eichin  <eichin@cygnus.com>

        rlogin testing changes from ian@cygnus.com.

Fri Apr 21 17:13:48 1995  Mark Eichin  <eichin@cygnus.com>

        More changes from ian@cygnus.com to support testing.

Fri Apr 21 14:07:15 1995  Mark Eichin  <eichin@cygnus.com>

        Added Ian's changes with minor tweaks. These are used by the testsuite.

Fri Apr 07 15:46:54 1995 Chris Provenzano (proven@mit.edu)

        * configure.in, krlogind.c, krsh.c, krshd.c, login.c, logutil.c.
                A bunch of patches from Ezra to get BSD to work on
                The Alpha that looked reasonable.

Mon Mar 27 07:56:26 1995 Chris Provenzano (proven@mit.edu)

        * krcp.c (send_auth()): Use new calling convention for krb5_rd_req().

        * krshd.c (recvauth()): Use new calling convention for 
                krb5_compat_recvauth().

        * krlogind.c (recvauth()): Use new calling convention for 
                krb5_compat_recvauth().

Fri Mar 24 15:04:25 1995  Ian Lance Taylor  <ian@cygnus.com>

        * krlogind.c (srvtab): New global variable.
        (krb5_override_default_realm): Declare.
        (ARGSTR): Add "S:M:L:" to Kerberos version.
        (login_program): New global variable.
        (main): Handle -S, -M, and -L arguments.  Call SO_REUSEADDR on
        socket if debug_port set.
        (doit): Use login_program instead of LOGIN_PROGRAM.
        (recvauth): Pass srvtab to krb5_compat_recvauth.
        * krlogind.M: Document -S, -M, and -L.

Fri Mar 24 15:04:25 1995  Ian Lance Taylor  <ian@cygnus.com>

        * krcp.c (forcenet): New global vraiable.
        (main): Accept -D and -N arguments.  Pass Kerberos realm to remote
        rcp execution.
        (hosteq): If -N specified, always return 0.
        * rcp.M: Document -D and -N.
        * krshd.c (ARGSTR): Add "P:" to KERBEROS version.
        (kprogdir): New global variable.
        (main): Handle -P.
        (path): Remove global variable.
        (path_rest): Remove explicit size.
        (envinit): Use 0 instead of path.
        (PATHENV): define.
        (doit): Use kprogdir variable instead of KPROGDIR macro when
        setting path.  Build path in allocated memory rather than using a
        fixed size array.  If the command starts with "rcp ", force use of
        kprogdir/rcp if it exists.
        * krshd.M: Document -P.

Thu Mar 23 18:18:31 1995  Ian Lance Taylor  <ian@cygnus.com>

        * krshd.c (ARGSTR): Add S:M:A to KERBEROS version.
        (srvtab): New global variable.
        (krb5_override_default_realm): Declare.
        (main): Handle -S, -M and -A arguments.  Call SO_REUSEADDR on
        socket if debug_port set.
        (doit): If -A used, allocate a random port for the stderr stream,
        rather than allocating a reserved port.  Don't call initgroups if
        not changing the uid.
        (recvauth): Pass srvtab to krb5_compat_recvauth.
        * krshd.M: Document -S, -M, and -A.
        * krsh.c (main): Accept -A, and pass it to kcmd.
        * rsh.M: Document -A.
        * kcmd.c (kcmd): Add new argument anyport.  If it is set, permit
        any port for the stderr stream, rather than requiring a reserved
        port.  Initialize ret_cred to NULL.
        * krcp.c (main): Pass 0 for anyport to kcmd.
        * krlogin.c (main): Pass 0 for anyport to kcmd.

Thu Mar 23 23:23:25 1995  Theodore Y. Ts'o  <tytso@dcl>

        * Makefile.in (krshd): Move $(K4LIB) after $(KLIB) so that if
                we're using des425, the V5 crypto library can be picked up.

        * configure.in: Use the correct path to find libdes425

Thu Mar 23 20:22:57 1995  Mark Eichin  <eichin@cygnus.com>

        * logutil.c (update_wtmp): initialize ut from ent the way the V4
        code did. Appears to handle SunOS case (when nearly all of the
        ifdef's are off) correctly now.

Tue Mar 14 16:08:08 1995    <tytso@rsx-11.mit.edu>

        * Makefile.in, configure.in: Use the libdes425 library so that the
                DES code doesn't get dragged in twice.

        * krlogind.c: Include <sys/time.h> so that Linux can get the
                FD_SET macros.

        * kcmd.c (kcmd): Close the credentials cache when you're done with
                it.

        * krlogind.c (doit): Always initialize the Krb5 error table.

        * krlogind.c (main, doit): Minor type fixes to gethostbyname(),
                accept().

Tue Mar 14 12:30:23 1995  Chris Provenzano (proven@mit.edu)

        * kcmd.c (kcmd()): Don't pass any data to sendauth() to be 
                checksummed. The remote side doesn't check it anyway.

Fri Mar 10 18:32:22 1995  Theodore Y. Ts'o  <tytso@dcl>

        * kcmd.c (kcmd): Initialize ret_cred to zero so that in case of an
                error, we don't try to free stack garbage.

Fri Mar 10 11:09:34 1995  Chris Provenzano (proven@mit.edu)

        * kcmd.c (kcmd()) Use new calling convention for krb5_sendauth().
        * krcp.c () Use new calling convention for krb5_mk_req_extended().

Thu Mar  2 12:26:29 1995  Theodore Y. Ts'o  <tytso@dcl>

        * Makefile.in (ISODELIB): Remove reference to $(ISODELIB).

Wed Mar  1 11:54:50 1995  Theodore Y. Ts'o  <tytso@dcl>

        * configure.in: Remove ISODE_INCLUDE and ISODE_DEFS, replace check
                for -lsocket and -lnsl with WITH_NETLIB check.

Tue Feb 28 01:41:04 1995  John Gilmore  (gnu at toad.com)

        * forward.c, kcmd.c, krcp.c, krlogin.c, krlogind.c, krsh.c,
        krshd.c:  Avoid <krb5/...> and <com_err.h> includes.

Tue Feb 14 15:30:55 1995 Chris Provenzano  (proven@mit.edu)

        * kcmd.c Call krb5_sendauth() and krb5_get_credentials() with 
                new calling convention.

        * krcp.c (answer_auth()) Call krb5_mk_req_extended90 with new 
                calling convention.

Fri Feb  3 11:51:55 1995  Theodore Y. Ts'o  (tytso@dcl)

        * krcp.c (tgt_keyproc): Add keytype parameter to field.

Mon Jan 30 07:58:16 1995  Chris Provenzano (proven@mit.edu)

        * Removed all #include <krb5/crc-32.h> 

        * Removed krb5_enctype argument passed to krb5_get_for_creds()

Wed Jan 25 16:54:40 1995  Chris Provenzano (proven@mit.edu)

        * Removed all narrow types and references to wide.h and narrow.h

Wed Jan 18 14:33:50 1995  Mark Eichin  <eichin@cygnus.com>

        * krlogind.c (v4_des_read, v5_des_read): When reading length,
        ignore everything before a leading zero (MSB first "reasonable"
        value) to compensate for rlogin (mis)use of BSD-OOB data.
        * krlogin.c (des_read): same code (in both versions of des_read.)

Wed Jan 18 01:07:56 1995  Mark Eichin  <eichin@cygnus.com>

        * configure.in: undo streams test. It turns out that we want sunos
        to *fail* that test, since it doesn't have a streams PTEM module
        anyhow.
        * krlogind.c: don't include sys/tty.h and sys/ptyvar.h if we don't
        HAVE_STREAMS already.
        * krlogin.c: do the same thing.

Fri Jan 13 15:23:47 1995  Chris Provenzano (proven@mit.edu)

    * Added krb5_context to all krb5_routines

        * krsh.c (main): Use htons(debug_port).

Wed Jan 11 01:25:09 1995  Mark Eichin  <eichin@cygnus.com>

        * logutil.c (update_wtmp): declare missing variables if
        HAVE_SETUTENT isn't set.
        (update_utmp): declare tty at top of function.

Tue Jan 10 19:43:18 1995  Mark Eichin  (eichin@cygnus.com)

        * krlogin.c (doit): use exit_handler for signal exits, don't use
        exit directly.
        (exit_handler): new function, avoids type collision from misusing
        exit directly as a signal handler.

Tue Jan 10 15:23:31 1995  Richard Basch  (probe@tardis)

        * configure.in: Streams test needs to include sys/types.h

        * krsh.c: Include sys/time.h (linux)

Mon Jan  9 21:48:54 1995  Theodore Y. Ts'o  (tytso@dcl)
    
        * kcmd.c, krlogin.c, krcp.c: Always include fcntl.h, and never
                sys/fcntl.h.

        * krshd.c: Always define the Kerberos V4 data structures.

Tue Jan  3 16:54:02 1995  Richard Basch  (probe@tardis)

        * krshd.c
                Cleaned up comments

        * krsh.c
                Removed debugging statement

        * kcmd.c
                Removed old sgi code (it has POSIX_SIGNALS).

Mon Jan  2 12:35:18 1995  Richard Basch  (probe@tardis)

        * krsh.c
        * krshd.c
                Added encrypted rsh support.
                It still isn't entirely secure; as the command-line could
                be spoofed by an active attack, but the data sharing is...

        * krlogind.c
                Ultrix doesn't have a fully functional POSIX termios.

        * krshd.c
                Cleaned up some of the #ifdef's and code duplication.
                Fixed decl. of return variable for getopt() [int not char]

Fri Dec 30 18:35:50 1994  Richard Basch  (probe@tardis)

        * krlogin.c
                Don't need: #ifdef _AIX, #undef _BSD, #endif

        * Makefile.in
                Fixed man page installation when build tree != source tree

        * configure.in
                No need to do the fcntl check
                Changed GETPGRP_ONEARG detection (and assign it when it
                        takes one argument, not void).

        * logutil.c
        * login.c
                Tidied up the code a bit.
                Do not rely on NO_UT_TYPE (it has problems with AIX headers)

        * krlogind.c
                Tidied up the code a bit.
                Set the controlling tty for Ultrix
                Do not rely on NO_UT_TYPE (it has problems with AIX headers)

Thu Dec 29 10:12:48 1994  Richard Basch  (probe@tardis)

        * krlogind.c
                Conditionalize grantpt/unlockpt on HAVE_GRANTPT (not just Sun)
                Conditionalized references to ut_type and ut_pid.
                Try all the methods for getting a pty...

        * logutil.c
                Conditionalized references to ut_type and ut_pid.

        * configure.in
                Conditionalize grantpt/unlockpt on HAVE_GRANTPT
                Corrected a minor syntactical error with extraneous "],"

Thu Dec 29 01:38:17 1994  Richard Basch  <probe@k9>

        * krlogind.c:
                Error checks for Solaris tty setup routines (grantpt/unlockpt)
                Commented out the OOB code, as it causes problems currently.
                Cleaned up some of the #ifdef's for logging incoming users
                Removed extraneous declaration of malloc()
                Pass a "" for the hostname rather than NULL to update_utmp.
                Some additional cosmetic changes.
                Included/excluded SYSV code (SYSV is not defined anywhere)

Wed Dec 28 14:59:58 1994  Richard Basch  (probe@tardis)

        * krlogin.c
        * krlogind.c
        * krsh.c
        * krshd.c
                Corrected the arguments to select, based on sizeof fd_set.
                Converted what remained to use FD_* macros, instead of bitshift

        * login.c
                Changed uid_type to uid_t, gid_type to gid_t
                Added shadow password support
                Always use cfset*speed when POSIX_TERMIOS is defined

        * configure.in
                Changed the PATH for looking for BSD r* commands
                Use AC_TRY_LINK instead of AC_TRY_COMPILE for the setenv test.
                Cache results of compile/link tests.
                Added shadow password support.
                Don't bother checking for sys/stream.h; done elsewhere
                Look for the function ptsname.

        * logutil.c
                Search to the proper position in the utmp/utmpx files.
                Corrected arguments for the utmpx routines.

        * krlogind.c
                Revamped the tty setup routines.

Tue Dec 27 14:42:15 1994  Richard Basch  (probe@tardis)

        * krlogin.c
                Cleaned up some of the includes

        * krlogind.c
        * krshd.c
        * logutil.c
        * login.c
                Revamped the utmp/wtmp handling routines

        * Makefile.in
                Fixed the "krlogin" program define for "krsh"

        * configure.in
                Changed the HAVE_STREAMS macro to not try <sys/tty.h>
                Corrected the text for the setpgrp arguments check

Tue Dec 27 06:15:42 1994  Richard Basch  (probe@tardis)

        * krlogind.c
                Use the file descriptor macros (eg. FD_SET) to handle fd arrays
                Change #ifdef STREAMS to #ifdef HAVE_STREAMS
                Started to add SYS-V utmp handling
                Ripped out the old termio code.
                Include <unistd.h> and <stdlib.h> where available.

        * configure.in
                Combined KRB5_UT* macros into CHECK_UTMP, with more checks.
                Changed obsolete AC_COMPILE_CHECK to use newer macros.

Mon Dec 26 13:51:20 1994  Richard Basch  (probe@tardis)

        * Makefile.in
        * configure.in
        * krcp.c
        * krsh.c
        * krlogin.c
        Removed the hard-coded paths for the BSD rlogin/rcp/rsh programs.
        Let "configure" find the programs for us...

Mon Dec 19 15:09:57 1994  Theodore Y. Ts'o  (tytso@dcl)

        * krcp.c (des_write):
        * krlogin.c (des_write):
        * krlogind.c (v5_des_write): Fix byte swapping code (Missing shift
                instructions).

        * krlogind.c (v4_des_read, v4_des_write): Fixed byte swapping code
                so that V4 des compatibility works on 64 bit
                architectures.

Fri Nov 18 01:19:13 1994  Mark Eichin  <eichin@cygnus.com>

        * Makefile.in (install): add install rules for krlogind.M,
        krshd.M, rlogin.M, rcp.M, rsh.M. (Section numbers are explicit,
        and this should probably be changed.)
        (from Ted Lemon <mellon@ipd.wellsfargo.com>

Fri Nov 18 01:10:34 1994  Mark Eichin  <eichin@cygnus.com>

        * configure.in: use new macros KRB5_UTPID, KRB5_UTTYPE, and
        KRB5_UTHOST (from epeisach).

Wed Nov 16 11:45:01 1994  Richard Basch  (probe@tardis)

        * krlogin.c:
        If the system includes a SA_RESTART signal flag, use it.
        We want to be able to resume the read() system call after
        a SIGURG comes.

Fri Nov 11 00:53:57 1994  Theodore Y. Ts'o  (tytso@dcl)

        * forward.c (mk_cred, rd_cred): Move mk_cred and rd_cred to
                libkrb.a.

Tue Nov  8 23:52:58 1994  Theodore Y. Ts'o  (tytso@dcl)

        * krshd.c (setpgrp): Defining setpgrp(a,b) to setpgrp() if
                SETPGRP_TWOARG is not set can cause infinite macro
                recursion on some C preprocessors.  Fix by putting the
                #ifdef for SETPGRP_TWOARG where setpgrp is actually
                called, instead of trying to redefine setpgrp().

Mon Nov  7 21:22:00 1994  Theodore Y. Ts'o  (tytso@dcl)

        * configure.in: Add check for stdlib.h

        * configure.in: Remove unused check for HAVE_GETDTABLESIZE
                (especially since we replace it with AC_REPLACE_FUNCS
                later!)

        * getdtablesize.c:  Use POSIX method of obtaining fd table size,
                if available. 

Wed Nov 02 22:21:00 1994  Richard Basch  (probe@tardis)

        * configure.in:
        Moved POSIX signal check to aclocal.m4, and calls it (CHECK_SIGNALS)
        Added POSIX setjmp check (CHECK_SETJMP).
        Added checks for waitpid and setsid functions.

        * kcmd.c:
        Include <signal.h> not <sys/signal.h>.
        Don't bother declaring sigmask when POSIX_SIGNALS is set.
        
        * krcp.c:
        Replaced the conditionalized BITS64 code with more portable code.
        Use mode_t instead of int, for file modes.
        Use waitpid, instead of wait, where available (HAVE_WAITPID).
        Added POSIX signal handling (POSIX_SIGNALS).

        * krlogin.c:
        Include <unistd.h> and <stdlib.h> if available
        Replaced the conditionalized BITS64 code with more portable code.
        Use cfgetospeed() if POSIX_TERMIOS is defined.  It was already being
                used, so there is no need to use two methods.
        Use waitpid, instead of wait, where available (HAVE_WAITPID).
        Added POSIX setjmp handling (POSIX_SETJMP)
        Added POSIX signal handling (POSIX_SIGNALS).

        * krlogind.c:
        Added POSIX signal handling (POSIX_SIGNALS).
        Corrected an error in the arguments to chmod().
        Call setsid() if HAVE_SETSID is defined.
        Try not conditionalizing on __alpha; use other #ifdef's.
        Replaced the conditionalized BITS64 code with more portable code.

        * krsh.c:
        Added POSIX signal handling (POSIX_SIGNALS)

        * krshd.c:
        Declare and manipulate the file descriptor arrays properly,
                rather than bit shifting and passing them to select as
                (long *).  Some systems (eg. AIX) declare them to be structs.
        Added POSIX signal handling (POSIX_SIGNALS)

        * login.c:
        Include <unistd.h> and <stdlib.h> if available
        Added POSIX setjmp handling (POSIX_SETJMP)
        Added POSIX signal handling (POSIX_SIGNALS)
        Use waitpid, instead of wait, where available (HAVE_WAITPID).

        * logutil.c:
        Don't redeclare time(); it may conflict with the system header files.
        Include <unistd.h> first.

Thu Oct 27 20:07:03 1994  Mark Eichin  (eichin@cygnus.com)

        * login.c (main): if CSTATUS is missing, don't set c_cc[VSTATUS]
        (for sunos.)

Thu Oct 27 16:12:19 1994  Mark Eichin  (eichin@cygnus.com)

        * krlogin.c (des_write): get rid of srandom, since seeding is done
        directly in krb5_random_confounder. get rid of unused variables.
        * krlogind.c (v4_des_write): use krb5_random_confounder
        directly. get rid of unused variables.

Thu Oct 27 14:50:40 1994  Mark Eichin  (eichin@cygnus.com)

        * login.c (main): if CDISCARD is missing, use CFLUSH instead.

Thu Oct 27 14:47:41 1994  Mark Eichin  (eichin@cygnus.com)

        * configure.in: fix typo in "use streams interface" test (ttold.h
        not ttyold.h)

Thu Oct 27 14:31:17 1994  Mark Eichin  (eichin@cygnus.com)

        * configure.in: check for srand48, srand, and srandom.
        * krlogind.c (v4_des_write): use the best available of the three
        random number systems for padding (based on code from
        lib/crypto/os/rnd_confoun.c.)

Wed Oct 26 00:04:02 1994  Theodore Y. Ts'o  (tytso@dcl)

        * krsh.c (main):
        * krlogind.c (protocol, v5_des_read): Check for both EAGAIN in
                addition to EWOULDBLOCK.

Mon Oct 24 14:46:07 1994    (tytso@rsx-11)

        * Makefile.in: The Kerberos V4 libraries must be linked in after
                the V5 libraries; compat_recvauth pulls in the V4 routines.

        * kcmd.c (kcmd): Don't free host_save; it's supposed to be
                returned by kcmd to the caller!

        * configure.in
        * krlogin.c (des_write): Don't check for srand48 and then try to
                define srandom to be srand48.  This breaks on machines
                which have both srandom and srand48.  Instead, use
                krb5_random_confounder; it will do the right thing.

Wed Oct 19 12:36:47 1994  Theodore Y. Ts'o  (tytso@dcl)

        * krlogind.c (protocol): Change yet another variable to be an
                unsigned char.

        * login.c (main): Add other termios c_cc initializations for the
                ALPHA. 

        * krlogind.c (protocol): Make protocol buffers be unsigned, since
                we're comparing against unsigned data.

Tue Oct 18 15:48:37 1994  Mark Eichin  (eichin@cygnus.com)

        * configure.in (HAVE_STREAMS): test for streams interface headers
        in a way that fails on sunos but works on solaris.
        * krlogin.c: use HAVE_STREAMS.
        * krlogind.c: use HAVE_STREAMS, fix TIOCPKT_* test.

Tue Oct  4 17:14:38 1994  Theodore Y. Ts'o  (tytso@dcl)

        * krcp.c (tgt_keyproc): Add widen.h and narrow.h around
                declaration so that argument types are widened.

Mon Oct  3 13:21:51 1994  Theodore Y. Ts'o  (tytso@dcl)

        * logutil.c (logwtmp): Remove declaration for strncpy().

Fri Sep 30 17:04:24 1994  Theodore Y. Ts'o  (tytso@dcl)

        * krshd.c: Use ifdef for SETPGRP_TWOARG and HAVE_KILLPG

        * krlogind.c: Use ifdef include of HAVE_SYS_TTY_H and
                HAVE_SYS_PTYVAR_H (suncc doesn't #define solaris).

Thu Sep 29 22:50:05 1994  Theodore Y. Ts'o  (tytso@dcl)

        * Makefile.in: "make clean" should remove the executables

        * Makefile.in: Relink executables if libraries change

Thu Sep 29 17:55:57 1994  Mark Eichin  (eichin@tweedledumber.cygnus.com)

        * krlogin.c (mode): ifdef VLNEXT instead of svr4 for ^V fixing.
        (doit): ditto.
        krlogin.c, configure.in: include sys/tty.h and sys/ttold.h only if
        they're both there. 


Wed Sep 28 20:57:24 1994  Mark Eichin  (eichin@tweedledumber.cygnus.com)

        * configure.in (srand48): check for srand48, and if it exists,
        substitute it for srandom (and lrand48 for random.)
        (K4LIB): add libdes.a, needed for des_pcbc_encrypt.

Wed Sep 28 14:36:29 1994  Mark Eichin  (eichin@rtl.cygnus.com)

        * Makefile.in: always put $(K4LIB) before $(KLIB) so that
        references to libcrypto.a get resolved.

Thu Aug 18 18:57:44 1994  Theodore Y. Ts'o  (tytso at tsx-11)

        * Makefile.in:
        * configure.in: Fix KRB4 handling; do it here in configure.in
        instead of in Makefile.in

Thu Aug 18 18:55:36 1994  Mark Eichin  (eichin@perdiem)

        * configure.in (LOGINLIBS): always substitute it, even if it isn't
        set.

Thu Aug 18 17:09:36 1994  Theodore Y. Ts'o  (tytso at tsx-11)

        * forward.c (get_for_creds): Fix bug to allow cross-realm
        forwarded credentials to work.

        * forward.c (rd_and_store_for_creds):  Store the forwarded
        credentials in a file which is PID dependent, to allow for
        different sessions in an rlogin session.

        * Makefile: Add $(SETENVOBJ) to all programs that use forward.c

Tue Aug 16 22:41:25 1994  Mark Eichin  (eichin@cygnus.com)

        * krlogind.c: add sys/ioctl.h.

Tue Aug 16 22:36:29 1994  Mark Eichin  (eichin@cygnus.com)

        * configure.in: set LOGINLIBS to -lodm -ls -lcfg if the system has
        all three (and is probably an AIX system.)
        * Makefile.in: use LOGINLIBS for login.krb5.
        * krshd.c: use HAVE_SYS_SELECT_H.

Tue Aug 16 17:58:09 1994  Mark Eichin  (eichin@cygnus.com)

        * krcp.c: check HAVE_VFORK_H
        * configure.in: use AC_VFORK (runtime test -- consider just using
        fork instead.)

Sat Aug 13 02:04:37 1994  Mark Eichin  (eichin@perdiem)

        * Makefile.in (DEFINES): set LOGIN_PROGRAM correctly.

Thu Aug 11 23:16:31 1994  Mark Eichin  (eichin@perdiem)

        * krsh.c: Don't (mis)declare getpwuid ever.

Sun Aug  7 04:43:24 1994  Mark Eichin  (eichin@cygnus.com)

        * krlogin.c (oob): FWRITE (and out) not needed w/POSIX_TERMIOS
        * logutil.c: if EMPTY is missing, use UT_UNKNOWN instead.
        * login.c (main): some systems just don't have TIOCLSET

Fri Aug  5 18:47:00 1994  Mark Eichin  (eichin@cygnus.com)

        * configure.in: test for sigprocmask and sigset_t to set POSIX_SIGNALS.
        * krlogin.c, kcmd.c: use POSIX_SIGNALS.

Fri Aug  5 15:35:54 1994  Mark Eichin  (eichin@cygnus.com)

        * configure.in, logutil.c: check for NO_UT_PID, use it.

Wed Jul 27 12:52:04 1994  Mark Eichin  (eichin@cygnus.com)

        * krlogind.c, krlogin.c, krcp.c: define roundup if needed.

        * Makefile.in: add LIBOBJS, dependency for getdtablesize.o.
        * getdtablesize.c: new file.
        * configure.in: build getdtablesize.c if needed.

        * login.c: HAVE_TTYENT_H.
        * configure.in: add ttyent.h to HEADERS test.

        * krshd.c: HAVE_SYS_LABEL_H, which seems to be SunOS 4 specific.
        * krlogind.c: ditto.
        * configure.in: test for add sys/label.h to HEADERS test.

        * krcp.c (rsource): USE_DIRENT_H.

        * configure.in: test for HAVE_UNISTD_H.
        * logutil.c: use HAVE_UNISTD_H.

Tue Jul 26 00:25:57 1994  Mark Eichin  (eichin@cygnus.com)

        * krlogin.c: include <fcntl.h>

        * configure.in: Added tests for NO_UT_HOST, NO_UT_EXIT.
        * logutil.c: use them.

        * configure.in: add CHECK_DIRENT, CHECK_FCNTL.

        * configure.in: Added tests for HAVE_SETOWN, HAVE_SYS_FILIO_H.
        * krlogin.c, krsh.c, krshd.c, krlogin.c, krlogind.c: use them.

Sat Jul 23 08:48:50 1994  Tom Yu  (tlyu@dragons-lair)

        * kcmd.c:
        * krshd.c: include ext-proto.h to avoid type warnings

Sat Jul 16 02:24:31 1994  Theodore Y. Ts'o  (tytso at tsx-11)

        * kcmd.c:
        * krsh.c: index->strchr, rindex->strrchr, add (char *) cast to
        malloc, have proper include for the string functions.

Fri Jul 15 15:03:11 1994  Theodore Y. Ts'o  (tytso at tsx-11)

        * krcp.c: add utimes() emulation for systems that only have the
                POSIX utime() call.

Mon Jun 27 22:03:48 1994  Theodore Y. Ts'o  (tytso at tsx-11)

        * krlogind.c: remove spurious debugging #undef of KRB5_KRB4_COMPAT