From: Sam Hartman Date: Sat, 2 Nov 1996 01:48:12 +0000 (+0000) Subject: * Remove rhosts support [138] X-Git-Tag: krb5-1.0-freeze1~140 X-Git-Url: http://git.tremily.us/gitweb.cgi?a=commitdiff_plain;h=7e9a5f55f9fff1bab5f745d41e47ca96486d5168;p=krb5.git * Remove rhosts support [138] * Remove tab3 from initial terminal settings. We don't really care about horizontal tab delays, do we? This was breaking on NetBSD. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9282 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index 4628fd601..494259188 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,20 @@ +Thu Oct 31 22:14:00 1996 Sam Hartman + + * krlogind.c (doit): Remove tab3 because it isn't very useful and + isn't always present. + +Thu Oct 31 19:19:54 1996 Sam Hartman + + * klogind.M kshd.M: document -r goes away [138] + + * krshd.c (doit): Do not support rhosts authentication. This was + never used by any clients and the cruft in kcmd.c was creating + problems. [138] + + * krlogind.c (do_krb_login): Remove broken rhosts support. [138] + + * kcmd.c: Remove ruserok and associated cruft along with killpg. [138] + Tue Oct 29 10:09:39 1996 Theodore Y. Ts'o * login.c: Make the defaults be to *not* to get Kerberos V4 diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c index 877020c15..4b66c3795 100644 --- a/src/appl/bsd/kcmd.c +++ b/src/appl/bsd/kcmd.c @@ -425,178 +425,6 @@ getport(alport) -#ifdef HAVE_SETREUID -#if defined(sun) -/* The IMP and ultrix do not like multiple defined routines - and since it does not have users with NFS filesystems - mounted, the ruserok on it's OS will work just fine. - However that is not the case with SUNS who's ruserok which - is provided with the OS has problems with it's seteuid - ( which will eventually be traced no doubt to using - setreuid(-1,pgid)). - Therefore we provide a version of ruserok with fixes - the seteuid problem....Drawback - it can only be used - by a root process.*/ - -#ifndef convex -ruserok(rhost, superuser, ruser, luser) - const char *rhost; - int superuser; - const char *ruser, *luser; -{ - FILE *hostf; - char fhost[MAXHOSTNAMELEN]; - int first = 1; - register char *sp, *p; - int baselen = -1; - int euid = -1; - - sp = rhost; - p = fhost; - while (*sp) { - if (*sp == '.') { - if (baselen == -1) - baselen = sp - rhost; - *p++ = *sp++; - } else { - *p++ = islower(*sp) ? toupper(*sp++) : *sp++; - } - } - *p = '\0'; - hostf = superuser ? (FILE *)0 : fopen("/etc/hosts.equiv", "r"); - again: - if (hostf) { - if (!_validuser(hostf, fhost, luser, ruser, baselen)) { - (void) fclose(hostf); - if (euid != -1) - (void) setreuid ( 0,euid); - return(0); - } - (void) fclose(hostf); - } - if (first == 1) { - struct stat sbuf; - struct passwd *pwd; - char pbuf[MAXPATHLEN]; - - first = 0; - if ((pwd = getpwnam(luser)) == NULL) - return(-1); - /* - * Read .rhosts as the local user to avoid NFS mapping the - * root uid to something that can't read .rhosts. - */ - euid = geteuid(); - if (euid != -1) - (void) setreuid ( 0,pwd->pw_uid); - (void)strcpy(pbuf, pwd->pw_dir); - (void)strcat(pbuf, "/.rhosts"); - if ((hostf = fopen(pbuf, "r")) == NULL){ - if (euid != -1) - (void) setreuid ( 0,euid); - return(-1); - } - (void)fstat(fileno(hostf), &sbuf); - if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) { - fclose(hostf); - if (euid != -1) - (void) setreuid ( 0,euid); - return(-1); - } - goto again; - } - if (euid != -1) - (void) setreuid ( 0,euid); - return (-1); -} - - - -_validuser(hostf, rhost, luser, ruser, baselen) - char *rhost, *luser, *ruser; - FILE *hostf; - int baselen; -{ - char *user; - char ahost[MAXHOSTNAMELEN]; - register char *p; - - while (fgets(ahost, sizeof (ahost), hostf)) { - p = ahost; - while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') { - *p = islower(*p) ? toupper(*p) : *p; - p++; - } - if (*p == ' ' || *p == '\t') { - *p++ = '\0'; - while (*p == ' ' || *p == '\t') - p++; - user = p; - while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') - p++; - } else - user = p; - *p = '\0'; - if (_checkhost(rhost, ahost, baselen) && - !strcmp(ruser, *user ? user : luser)) { - return (0); - } - } - return (-1); -} -#endif /* convex */ - - - -_checkhost(rhost, lhost, len) - char *rhost, *lhost; - int len; -{ - static char ldomain[MAXHOSTNAMELEN + 1]; - static char *domainp = NULL; - static int nodomain = 0; - register char *cp; - - if (len == -1) - return(!strcmp(rhost, lhost)); - if (strncmp(rhost, lhost, len)) - return(0); - if (!strcmp(rhost, lhost)) - return(1); - if (*(lhost + len) != '\0') - return(0); - if (nodomain) - return(0); - if (!domainp) { - if (gethostname(ldomain, sizeof(ldomain)) == -1) { - nodomain = 1; - return(0); - } - ldomain[MAXHOSTNAMELEN] = 0; - if ((domainp = strchr(ldomain, '.')) == (char *)NULL) { - nodomain = 1; - return(0); - } - for (cp = ++domainp; *cp; ++cp) - if (islower(*cp)) - *cp = toupper(*cp); - } - return(!strcmp(domainp, rhost + len +1)); - -} -#endif /* ! sun */ -#endif /* HAVE_SETREUID */ - - -#if defined (hpux) -int setreuid(real,eff) - int real,eff; -{ - int tmpint = -1; - return(setresuid(real,eff,tmpint)); -} -#endif - #ifndef HAVE_STRSAVE @@ -620,15 +448,3 @@ char *sp; #endif -#ifdef SYSV - -int killpg(pid,sig) - int pid,sig; -{ - - if ( pid >= 0) - pid *= -1; - return(kill(pid,sig)); -} - -#endif diff --git a/src/appl/bsd/klogind.M b/src/appl/bsd/klogind.M index fbd015b2f..3db26c8f3 100644 --- a/src/appl/bsd/klogind.M +++ b/src/appl/bsd/klogind.M @@ -59,10 +59,6 @@ in. Allow Kerberos V5 and Kerberos V4 as acceptable authentication mechanisms. This is the same as including \fB\-4\fP and \fB\-5\fP. -.IP \fB\-r\fP -Trust the remote hostname as an authentication system using the - \fI.rhosts\fP authorization list. This option may -be desupported in future version of klogind. .IP \fB\-p\fP If all other authorization checks fail, prompt the user diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c index d878e1eba..2df7c8070 100644 --- a/src/appl/bsd/krlogind.c +++ b/src/appl/bsd/krlogind.c @@ -41,7 +41,6 @@ char copyright[] = * 1) Check authentication. * 2) Check authorization via the access-control files: * ~/.k5login (using krb5_kuserok) and/or - * ~/.rhosts (using ruserok). * 3) Prompt for password if any checks fail, or if so configured. * Allow login if all goes well either by calling the accompanying * login.krb5 or /bin/login, according to the definition of @@ -53,7 +52,6 @@ char copyright[] = * -k means trust krb4 or krb5 * -5 means trust krb5 * -4 means trust krb4 - * -r means trust .rhosts (using ruserok). * -p and -P means prompt for password. * If the -P option is passed, then the password is verified in * addition to all other checks. If -p is not passed with -k or -r, @@ -72,9 +70,7 @@ char copyright[] = * KERBEROS - Define this if application is to be kerberised. * CRYPT - Define this if encryption is to be an option. * DO_NOT_USE_K_LOGIN - Define this if you want to use /bin/login - * instead of the accompanying login.krb5. In that case, - * the remote user's name must be present in the local - * .rhosts file, regardless of any options specified. + * instead of the accompanying login.krb5. * KRB5_KRB4_COMPAT - Define this if v4 rlogin clients are also to be served. * ALWAYS_V5_KUSEROK - Define this if you want .k5login to be * checked even for v4 clients (instead of .klogin). @@ -250,7 +246,7 @@ krb5_ccache ccache = NULL; krb5_keytab keytab = NULL; -#define ARGSTR "rk54ciepPD:S:M:L:?" +#define ARGSTR "k54ciepPD:S:M:L:?" #else /* !KERBEROS */ #define ARGSTR "rpPD:?" #define (*des_read) read @@ -314,7 +310,6 @@ krb5_error_code recvauth(); */ #define AUTH_KRB4 (0x1) #define AUTH_KRB5 (0x2) -#define AUTH_RHOSTS (0x4) int auth_ok = 0, auth_sent = 0; int do_encrypt = 0, passwd_if_fail = 0, passwd_req = 0; int checksum_required = 0, checksum_ignored = 0; @@ -357,9 +352,6 @@ int main(argc, argv) opterr = 0; while ((ch = getopt(argc, argv, ARGSTR)) != EOF) switch (ch) { - case 'r': - auth_ok |= AUTH_RHOSTS; - break; #ifdef KERBEROS case 'k': #ifdef KRB5_KRB4_COMPAT @@ -562,11 +554,6 @@ int syncpipe[2]; desinbuf.data = des_inbuf; desoutbuf.data = des_outpkt+4; /* Set up des buffers */ - /* Must come from privileged port when .rhosts is being looked into */ - if ((auth_ok&AUTH_RHOSTS) - && (fromp->sin_port >= IPPORT_RESERVED || - fromp->sin_port < IPPORT_RESERVED/2)) - non_privileged = 1; #else /* !KERBEROS */ if (fromp->sin_port >= IPPORT_RESERVED || fromp->sin_port < IPPORT_RESERVED/2) @@ -627,7 +614,7 @@ int syncpipe[2]; new_termio.c_iflag &= ~(IXON|IXANY|BRKINT|INLCR|ICRNL); #else new_termio.c_lflag |= (ICANON|ECHO|ISIG|IEXTEN); - new_termio.c_oflag |= (ONLCR|OPOST|TAB3); + new_termio.c_oflag |= (ONLCR|OPOST); new_termio.c_iflag|= (IXON|IXANY|BRKINT|INLCR|ICRNL); #endif /*Do we need binary stream?*/ new_termio.c_iflag &= ~(ISTRIP); @@ -1117,16 +1104,6 @@ do_krb_login(host) #endif -/* See if we pass .rhosts.*/ - if (auth_ok&AUTH_RHOSTS) { - /* Cannot check .rhosts unless connection from a privileged port. */ - if (!non_privileged) { - pwd = (struct passwd *) getpwnam(lusername); - if (pwd && - !ruserok(rhost_name, pwd->pw_uid == 0, rusername, lusername)) - auth_sent |= AUTH_RHOSTS; - } - } if (checksum_required && !valid_checksum) { if (auth_sent & AUTH_KRB5) { @@ -1348,7 +1325,7 @@ void usage() { #ifdef KERBEROS syslog(LOG_ERR, - "usage: klogind [-rke45pP] [-D port] or [r/R][k/K][x/e][p/P]logind"); + "usage: klogind [-ke45pP] [-D port] or [r/R][k/K][x/e][p/P]logind"); #else syslog(LOG_ERR, "usage: rlogind [-rpP] [-D port] or [r/R][p/P]logind"); diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c index 74e701db9..4f064e9ee 100644 --- a/src/appl/bsd/krshd.c +++ b/src/appl/bsd/krshd.c @@ -41,7 +41,6 @@ char copyright[] = * 1) Check authentication. * 2) Check authorization via the access-control files: * ~/.k5login (using krb5_kuserok) and/or - * ~/.rhosts (using ruserok). * Execute command if configured authoriztion checks pass, else deny * permission. * @@ -50,12 +49,8 @@ char copyright[] = * take priority. The options are: * -k means trust krb4 or krb5 * -5 means trust krb5 -* -4 means trust krb4 - * -r means trust .rhosts (using ruserok). +* -4 means trust krb4 (using .klogin) * - * If no command-line arguments are present, then the presence of the - * letters kKrR in the program-name before "shd" determine the - * behaviour of the program exactly as with the command-line arguments. */ /* DEFINES: @@ -155,7 +150,7 @@ char copyright[] = #include "com_err.h" #include "loginpaths.h" -#define ARGSTR "rek54ciD:S:M:AP:?L:" +#define ARGSTR "ek54ciD:S:M:AP:?L:" #define RSHD_BUFSIZ 5120 @@ -184,7 +179,7 @@ int netf; #else /* !KERBEROS */ -#define ARGSTR "rRD:?" +#define ARGSTR "RD:?" #define (*des_read) read #define (*des_write) write @@ -204,7 +199,6 @@ int netf; */ #define AUTH_KRB4 (0x1) #define AUTH_KRB5 (0x2) -#define AUTH_RHOSTS (0x4) int auth_ok = 0, auth_sent = 0; int checksum_required = 0, checksum_ignored = 0; char *progname; @@ -285,9 +279,6 @@ int main(argc, argv) opterr = 0; while ((ch = getopt(argc, argv, ARGSTR)) != EOF) switch (ch) { - case 'r': - auth_ok |= AUTH_RHOSTS; - break; #ifdef KERBEROS case 'k': #ifdef KRB5_KRB4_COMPAT @@ -1005,17 +996,6 @@ void doit(f, fromp) } - if (auth_ok&AUTH_RHOSTS) { - /* Cannot check .rhosts unless connection from privileged port */ - if (!non_privileged) { - if (ruserok(hostname, pwd->pw_uid == 0, - remuser, locuser) < 0) { - syslog(LOG_ERR , - "Principal %s (%s@%s) for local user %s failed ruserok.\n", - kremuser, remuser, hostname, locuser); - } else auth_sent |=AUTH_RHOSTS; - } - } #else if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' && ruserok(hostname, pwd->pw_uid == 0, remuser, locuser) < 0) { @@ -1614,7 +1594,7 @@ loglogin(host, flag, failures, ue) void usage() { #ifdef KERBEROS - syslog(LOG_ERR, "usage: kshd [-rRkK] or [r/R][k/K]shd"); + syslog(LOG_ERR, "usage: kshd [-54ecikK] "); #else syslog(LOG_ERR, "usage: rshd"); #endif diff --git a/src/appl/bsd/kshd.M b/src/appl/bsd/kshd.M index 5a10c5bc0..df95c4db9 100644 --- a/src/appl/bsd/kshd.M +++ b/src/appl/bsd/kshd.M @@ -60,11 +60,6 @@ authorization check is passed, then the user is allowed to log in. Allow Kerberos5 and Kerberos4 as acceptable authentication mechanisms. This is the same as including \fB\-4\fP and \fB\-5\fP. -.IP \fB\-r\fP -Trust the remote hostname as an authentication system using the - \fI.rhosts\fP authorization list. This option may be desupported in a future version. - - .IP \fB\-e\fP Require the client to encrypt the connection. Only Kerberos5 clients support encryption.