d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Vendor import of Heimdal 0.2n

Browse Source
This commit is contained in:
Mark Murray 2000-02-24 11:07:16 +00:00
parent b528cefc6b
commit 13e3f4d6d9
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor-crypto/heimdal/dist/; revision=57416
svn path=/vendor-crypto/heimdal/0.2n/; revision=57418; tag=vendor/heimdal/0.2n
130 changed files with 29616 additions and 831 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
crypto/heimdal/ChangeLog
View File

@ -1,10 +1,99 @@
2000-02-07 Assar Westerlund <assar@sics.se>
* Release 0.2n
2000-02-07 Assar Westerlund <assar@sics.se>
* lib/krb5/Makefile.am: set version to 8:0:0
* lib/krb5/keytab.c (krb5_kt_default_name): use strlcpy
(krb5_kt_add_entry): set timestamp
2000-02-06 Assar Westerlund <assar@sics.se>
* lib/krb5/krb5.h: add macros for accessing krb5_realm
* lib/krb5/time.c (krb5_timeofday): use `krb5_timestamp' instead
of `int32_t'
* lib/krb5/replay.c (checksum_authenticator): update to new API
for md5
* lib/krb5/krb5.h: remove des.h, it's not needed and applications
should not have to make sure to find it.
2000-02-03 Assar Westerlund <assar@sics.se>
* lib/krb5/rd_req.c (get_key_from_keytab): rename parameter to
`out_key' to avoid conflicting with label. reported by Sean Doran
<smd@ebone.net>
2000-02-02 Assar Westerlund <assar@sics.se>
* lib/krb5/expand_hostname.c: remember to lower-case host names.
bug reported by <amu@mit.edu>
* kdc/kerberos4.c (do_version4): look at check_ticket_addresses
and emulate that by setting krb_ignore_ip_address (not a great
interface but it doesn't seem like the time to go around fixing
libkrb stuff now)
2000-02-01 Johan Danielsson <joda@pdc.kth.se>
* kuser/kinit.c: change --noaddresses into --no-addresses
2000-01-28 Assar Westerlund <assar@sics.se>
* kpasswd/kpasswd.c (main): make sure the ticket is not
forwardable and not proxiable
2000-01-26 Assar Westerlund <assar@sics.se>
* lib/krb5/crypto.c: update to pseudo-standard APIs for
md4,md5,sha. some changes to libdes calls to make them more
portable.
2000-01-21 Assar Westerlund <assar@sics.se>
* lib/krb5/verify_init.c (krb5_verify_init_creds): make sure to
clean up the correct creds.
2000-01-16 Assar Westerlund <assar@sics.se>
* lib/krb5/principal.c (append_component): change parameter to
`const char *'. check malloc
* lib/krb5/principal.c (append_component, va_ext_princ, va_princ):
const-ize
* lib/krb5/mk_req.c (krb5_mk_req): make `service' and `hostname'
const
* lib/krb5/principal.c (replace_chars): also add space here
* lib/krb5/principal.c: (quotable_chars): add space
2000-01-12 Assar Westerlund <assar@sics.se>
* kdc/kerberos4.c (do_version4): check if preauth was required and
bail-out if so since there's no way that could be done in v4.
Return NULL_KEY as an error to the client (which is non-obvious,
but what can you do?)
2000-01-09 Assar Westerlund <assar@sics.se>
* lib/krb5/principal.c (krb5_sname_to_principal): use
krb5_expand_hostname_realms
* lib/krb5/mk_req.c (krb5_km_req): use krb5_expand_hostname_realms
* lib/krb5/expand_hostname.c (krb5_expand_hostname_realms): new
variant of krb5_expand_hostname that tries until it expands into
something that's digestable by krb5_get_host_realm, returning also
the result from that function.
2000-01-08 Assar Westerlund <assar@sics.se>
* Release 0.2m
2000-01-08 Assar Westerlund <assar@sics.se>
* configure.in: replace AC_C_BIGENDIAN with KRB_C_BIGENDIAN
* lib/krb5/Makefile.am: bump version to 7:1:0
* lib/krb5/principal.c (krb5_sname_to_principal): use
krb5_expand_hostname
* lib/krb5/expand_hostname.c (krb5_expand_hostname): handle
@ -191,6 +280,10 @@ Tue Dec 21 18:03:17 1999 Assar Westerlund <assar@sics.se>
getnameinfo, gai_strerror
(socklen_t): check for
1999-12-02 Johan Danielsson <joda@pdc.kth.se>
* lib/krb5/crypto.c: ARCFOUR_set_key -> RC4_set_key
1999-11-23 Assar Westerlund <assar@sics.se>
* lib/krb5/crypto.c (ARCFOUR_string_to_key): change order of bytes

10
crypto/heimdal/NEWS
View File

@ -1,3 +1,13 @@
Changes in release 0.2n:
* more robust parsing of dump files in kadmin
* changed default timestamp format for log messages to extended ISO
8601 format (Y-M-DTH:M:S)
* changed md4/md5/sha1 APIes to be de-facto `standard'
* always make hostname into lower-case before creating principal
* small bits of more MIT-compatability
* bug fixes
Changes in release 0.2m:
* handle glibc's getaddrinfo() that returns several ai_canonname

6
crypto/heimdal/TODO
View File

@ -1,6 +1,6 @@
-*- indented-text -*-
$Id: TODO,v 1.39 1999/12/05 01:08:19 assar Exp $
$Id: TODO,v 1.40 2000/01/28 04:10:56 assar Exp $
* configure
@ -82,6 +82,10 @@ fix to use rpc?
** lib/krb5
rewrite the lookup of KDCs to handle kerberos-<n> and not do any DNS
requests if the information can be found locally. this requires stop
using krb5_get_krbhst.
the replay cache is, in its current state, not very useful
the following encryption types have been implemented: DES-CBC-CRC,

66
crypto/heimdal/aclocal.m4 vendored
View File

@ -1007,6 +1007,39 @@ if test $ac_cv_type_$1 = no; then
fi
])
dnl $Id: have-type.m4,v 1.5 1999/12/31 03:10:22 assar Exp $
dnl
dnl check for existance of a type
dnl AC_HAVE_TYPE(TYPE,INCLUDES)
AC_DEFUN(AC_HAVE_TYPE, [
AC_REQUIRE([AC_HEADER_STDC])
cv=`echo "$1" | sed 'y%./+- %__p__%'`
AC_MSG_CHECKING(for $1)
AC_CACHE_VAL([ac_cv_type_$cv],
AC_TRY_COMPILE(
[#include <sys/types.h>
#if STDC_HEADERS
#include <stdlib.h>
#include <stddef.h>
#endif
$2],
[$1 foo;],
eval "ac_cv_type_$cv=yes",
eval "ac_cv_type_$cv=no"))dnl
AC_MSG_RESULT(`eval echo \\$ac_cv_type_$cv`)
if test `eval echo \\$ac_cv_type_$cv` = yes; then
ac_tr_hdr=HAVE_`echo $1 | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'`
dnl autoheader tricks *sigh*
define(foo,translit($1, [ ], [_]))
: << END
@@@funcs="$funcs foo"@@@
END
undefine([foo])
AC_DEFINE_UNQUOTED($ac_tr_hdr, 1)
fi
])
dnl
dnl $Id: check-netinet-ip-and-tcp.m4,v 1.2 1999/05/14 13:15:40 assar Exp $
dnl
@ -1462,39 +1495,6 @@ fi
undefine([cache_val])
])
dnl $Id: have-type.m4,v 1.5 1999/12/31 03:10:22 assar Exp $
dnl
dnl check for existance of a type
dnl AC_HAVE_TYPE(TYPE,INCLUDES)
AC_DEFUN(AC_HAVE_TYPE, [
AC_REQUIRE([AC_HEADER_STDC])
cv=`echo "$1" | sed 'y%./+- %__p__%'`
AC_MSG_CHECKING(for $1)
AC_CACHE_VAL([ac_cv_type_$cv],
AC_TRY_COMPILE(
[#include <sys/types.h>
#if STDC_HEADERS
#include <stdlib.h>
#include <stddef.h>
#endif
$2],
[$1 foo;],
eval "ac_cv_type_$cv=yes",
eval "ac_cv_type_$cv=no"))dnl
AC_MSG_RESULT(`eval echo \\$ac_cv_type_$cv`)
if test `eval echo \\$ac_cv_type_$cv` = yes; then
ac_tr_hdr=HAVE_`echo $1 | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'`
dnl autoheader tricks *sigh*
define(foo,translit($1, [ ], [_]))
: << END
@@@funcs="$funcs foo"@@@
END
undefine([foo])
AC_DEFINE_UNQUOTED($ac_tr_hdr, 1)
fi
])
dnl $Id: krb-struct-winsize.m4,v 1.2 1999/03/01 09:52:23 joda Exp $
dnl
dnl

6
crypto/heimdal/admin/ktutil.c
View File

@ -33,10 +33,10 @@
#include "ktutil_locl.h"
RCSID("$Id: ktutil.c,v 1.25 2000/01/02 05:07:34 assar Exp $");
RCSID("$Id: ktutil.c,v 1.26 2000/02/07 04:29:25 assar Exp $");
int help_flag;
int version_flag;
static int help_flag;
static int version_flag;
int verbose_flag;
char *keytab_string;

6
crypto/heimdal/admin/ktutil_locl.h
View File

@ -32,7 +32,7 @@
*/
/*
* $Id: ktutil_locl.h,v 1.9 2000/01/06 08:03:06 assar Exp $
* $Id: ktutil_locl.h,v 1.11 2000/02/07 04:26:37 assar Exp $
*/
#ifndef __KTUTIL_LOCL_H__
@ -53,6 +53,8 @@
#endif
#include <roken.h>
#include <des.h>
#include <krb5.h>
#include <kadm5/admin.h>
#include <kadm5/kadm5_err.h>
@ -63,8 +65,6 @@
extern krb5_context context;
extern krb5_keytab keytab;
extern int help_flag;
extern int version_flag;
extern int verbose_flag;
extern char *keytab_string;

5
crypto/heimdal/appl/ftp/ChangeLog
View File

@ -1,3 +1,8 @@
2000-02-07 Assar Westerlund <assar@sics.se>
* ftp/security.c (sec_read): more paranoia with return value from
sec_get_data
2000-01-08 Assar Westerlund <assar@sics.se>
* ftp/ftp.c (hookup): handle ai_canonname being set in any of the

11
crypto/heimdal/appl/ftp/ftp/security.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
* Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -37,7 +37,7 @@
#include "ftp_locl.h"
#endif
RCSID("$Id: security.c,v 1.15 1999/12/02 16:58:30 joda Exp $");
RCSID("$Id: security.c,v 1.16 2000/02/07 03:11:43 assar Exp $");
static enum protection_level command_prot;
static enum protection_level data_prot;
@ -232,9 +232,12 @@ sec_read(int fd, void *data, int length)
data = (char*)data + len;
while(length){
if(sec_get_data(fd, &in_buffer, data_prot) < 0)
int ret;
ret = sec_get_data(fd, &in_buffer, data_prot);
if (ret < 0)
return -1;
if(in_buffer.size == 0) {
if(ret == 0 || in_buffer.size == 0) {
if(rx)
in_buffer.eof_flag = 1;
return rx;

8
crypto/heimdal/appl/rsh/ChangeLog
View File

@ -1,3 +1,11 @@
2000-02-07 Assar Westerlund <assar@sics.se>
* Makefile.am (LDADD): make sure we use the heimdal libdes
2000-02-06 Assar Westerlund <assar@sics.se>
* *: conditionalize des stuff on KRB4
1999-12-16 Assar Westerlund <assar@sics.se>
* rsh.c (doit): addrinfo returned from getaddrinfo() is not usable

3
crypto/heimdal/appl/rsh/Makefile.am
View File

@ -1,4 +1,4 @@
# $Id: Makefile.am,v 1.13 1999/04/09 18:24:05 assar Exp $
# $Id: Makefile.am,v 1.14 2000/02/07 03:13:00 assar Exp $
include $(top_srcdir)/Makefile.am.common
@ -14,6 +14,7 @@ rshd_SOURCES = rshd.c common.c rsh_locl.h
LDADD = $(LIB_kafs) \
$(LIB_krb5) \
$(top_builddir)/lib/des/libdes.la \
$(LIB_krb4) \
$(top_builddir)/lib/des/libdes.la \
$(LIB_roken)

12
crypto/heimdal/appl/rsh/Makefile.in
View File

@ -10,7 +10,7 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
# $Id: Makefile.am,v 1.13 1999/04/09 18:24:05 assar Exp $
# $Id: Makefile.am,v 1.14 2000/02/07 03:13:00 assar Exp $
# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
@ -181,7 +181,7 @@ rsh_SOURCES = rsh.c common.c rsh_locl.h
rshd_SOURCES = rshd.c common.c rsh_locl.h
LDADD = $(LIB_kafs) $(LIB_krb5) $(LIB_krb4) $(top_builddir)/lib/des/libdes.la $(LIB_roken)
LDADD = $(LIB_kafs) $(LIB_krb5) $(top_builddir)/lib/des/libdes.la $(LIB_krb4) $(top_builddir)/lib/des/libdes.la $(LIB_roken)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
@ -203,34 +203,42 @@ rsh_OBJECTS = rsh.$(OBJEXT) common.$(OBJEXT)
rsh_LDADD = $(LDADD)
@KRB4_TRUE@@KRB5_FALSE@rsh_DEPENDENCIES = \
@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/kafs/libkafs.la \
@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la \
@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la
@KRB4_FALSE@@KRB5_TRUE@rsh_DEPENDENCIES = \
@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \
@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la \
@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la
@KRB4_FALSE@@KRB5_FALSE@rsh_DEPENDENCIES = \
@KRB4_FALSE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la \
@KRB4_FALSE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la
@KRB4_TRUE@@KRB5_TRUE@rsh_DEPENDENCIES = \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/kafs/libkafs.la \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la
rsh_LDFLAGS =
rshd_OBJECTS = rshd.$(OBJEXT) common.$(OBJEXT)
rshd_LDADD = $(LDADD)
@KRB4_TRUE@@KRB5_FALSE@rshd_DEPENDENCIES = \
@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/kafs/libkafs.la \
@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la \
@KRB4_TRUE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la
@KRB4_FALSE@@KRB5_TRUE@rshd_DEPENDENCIES = \
@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \
@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la \
@KRB4_FALSE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la
@KRB4_FALSE@@KRB5_FALSE@rshd_DEPENDENCIES = \
@KRB4_FALSE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la \
@KRB4_FALSE@@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la
@KRB4_TRUE@@KRB5_TRUE@rshd_DEPENDENCIES = \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/kafs/libkafs.la \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la \
@KRB4_TRUE@@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la
rshd_LDFLAGS =
CFLAGS = @CFLAGS@

4
crypto/heimdal/appl/rsh/rsh.c
View File

@ -32,7 +32,7 @@
*/
#include "rsh_locl.h"
RCSID("$Id: rsh.c,v 1.46 1999/12/16 11:53:50 assar Exp $");
RCSID("$Id: rsh.c,v 1.47 2000/02/06 05:58:55 assar Exp $");
enum auth_method auth_method;
int do_encrypt;
@ -44,8 +44,10 @@ char tkfile[MAXPATHLEN];
krb5_context context;
krb5_keyblock *keyblock;
krb5_crypto crypto;
#ifdef KRB4
des_key_schedule schedule;
des_cblock iv;
#endif
/*

6
crypto/heimdal/appl/rsh/rsh_locl.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
/* $Id: rsh_locl.h,v 1.22 1999/12/02 17:04:56 joda Exp $ */
/* $Id: rsh_locl.h,v 1.23 2000/02/06 05:58:55 assar Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
@ -123,8 +123,10 @@ extern int do_encrypt;
extern krb5_context context;
extern krb5_keyblock *keyblock;
extern krb5_crypto crypto;
#ifdef KRB4
extern des_key_schedule schedule;
extern des_cblock iv;
#endif
#define KCMD_VERSION "KCMDV0.1"

5
crypto/heimdal/appl/rsh/rshd.c
View File

@ -32,15 +32,18 @@
*/
#include "rsh_locl.h"
RCSID("$Id: rshd.c,v 1.29 1999/12/02 17:04:56 joda Exp $");
RCSID("$Id: rshd.c,v 1.30 2000/02/06 05:58:56 assar Exp $");
enum auth_method auth_method;
krb5_context context;
krb5_keyblock *keyblock;
krb5_crypto crypto;
#ifdef KRB4
des_key_schedule schedule;
des_cblock iv;
#endif
krb5_ccache ccache, ccache2;
int kerberos_status = 0;

328
crypto/heimdal/appl/telnet/ChangeLog Normal file
View File

@ -0,0 +1,328 @@
2000-02-07 Assar Westerlund <assar@sics.se>
* libtelnet/kerberos.c (kerberos4_is): send a reject back to the
client when we're not authorized
2000-02-06 Assar Westerlund <assar@sics.se>
* telnet/ring.h (ring_encrypt): better proto
* telnet/ring.c (ring_encrypt): better proto
2000-02-04 Assar Westerlund <assar@sics.se>
* telnet/telnet_locl.h: klduge-around KLUDGELINEMODE
2000-01-18 Assar Westerlund <assar@sics.se>
* libtelnet/misc.c (auth_encrypt_user): const-ify
* libtelnet/misc.h (RemoteHostName, LocalHostName): const-ify
* libtelnet/misc.c (auth_encrypt_init, RemoteHostName,
LocalHostName): const-ify
* libtelnet/misc-proto.h (auth_encrypt_init, auth_encrypt_user):
const-ify
* libtelnet/encrypt.c (encrypt_init, Name): const-ify
* libtelnet/enc-proto.h (encrypt_init): const-ify
* libtelnet/auth.c (auth_init, Name): const-ify
* libtelnet/auth-proto.h (auth_init): const-ify
2000-01-08 Assar Westerlund <assar@sics.se>
* telnet/commands.c (tn): handle ai_canonname being set in any of
the addresses returnedby getaddrinfo. glibc apparently returns
the reverse lookup of every address in ai_canonname. remove some
unused variables.
2000-01-01 Assar Westerlund <assar@sics.se>
* telnetd/sys_term.c (addarg): make void (return value isn't check
anyway). fatal error when malloc fails
1999-12-16 Assar Westerlund <assar@sics.se>
* telnet/commands.c (*): handle ai_canonname not being set
1999-12-04 Assar Westerlund <assar@sics.se>
* telnetd/telnetd.c (doit): use getnameinfo_verified
* telnetd/telnetd.c: use getnameinfo
* telnet/commands.c: re-write to using getaddrinfo. disable
source-routing for the moment, it doesn't seem to be used anyways.
1999-09-16 Assar Westerlund <assar@sics.se>
* telnet/commands.c: revert 1.54, get_default_username should DTRT
now
1999-09-05 Assar Westerlund <assar@sics.se>
* telnetd/utility.c (ttloop): make it return 1 if interrupted by a
signal, which must have been what was meant from the beginning
* telnetd/ext.h (ttloop): update prototype
* telnetd/authenc.c (telnet_spin): actually return the value from
ttloop (otherwise it's kind of bogus)
1999-08-05 Assar Westerlund <assar@sics.se>
* telnetd/sys_term.c (rmut): free utxp
1999-08-04 Assar Westerlund <assar@sics.se>
* telnet/main.c: add -G and config file support. From Miroslav
Ruda <ruda@ics.muni.cz>
* telnetd/sys_term.c (rmut): work around utmpx strangness. From
Miroslav Ruda <ruda@ics.muni.cz>
1999-08-02 Assar Westerlund <assar@sics.se>
* telnetd/telnetd.c (doit): only free hp if != NULL. From: Jonas
Oberg <jonas@coyote.org>
1999-07-29 Assar Westerlund <assar@sics.se>
* telnetd/telnetd.c (doit): remove unused variable mapped_sin
1999-07-26 Assar Westerlund <assar@sics.se>
* telnetd/ext.h: update prototypes
* telnetd/telnetd.c: make it handle v4 and v6 sockets. (it
doesn't handle being given a v6 socket that's really talking to an
v4 adress (mapped) because the rest of the code in telnetd is not
able to handle it anyway). please run two telnetd from your
inetd, one for v4 and one for v6.
1999-07-07 Assar Westerlund <assar@sics.se>
* telnet/commands.c (tn): extra bogus const-cast
1999-07-06 Assar Westerlund <assar@sics.se>
* telnetd/sys_term.c (start_login): print a different warning with
`-a otp'
1999-06-24 Assar Westerlund <assar@sics.se>
* libtelnet/kerberos5.c (kerberos5_send): set the addresses in the
auth_context
1999-06-23 Assar Westerlund <assar@sics.se>
* telnet/Makefile.am (INCLUDES): add $(INCLUDE_krb4)
* telnet/commands.c (togkrbdebug): conditionalize on
krb_disable_debug
1999-06-16 Johan Danielsson <joda@pdc.kth.se>
* telnet/commands.c: add kerberos debugging option
1999-06-15 Assar Westerlund <assar@sics.se>
* telnet/commands.c (tn): use get_default_username
1999-05-14 Assar Westerlund <assar@sics.se>
* telnetd/state.c (telrcv): magic patch to make it work against
DOS Clarkson Telnet. From Miroslav Ruda <ruda@ics.muni.cz>
1999-04-25 Assar Westerlund <assar@sics.se>
* libtelnet/kerberos5.c (kerberos5_send): use
`krb5_auth_setkeytype' instead of `krb5_auth_setenctype' to make
sure we get a DES session key.
Thu Apr 1 16:59:27 1999 Johan Danielsson <joda@hella.pdc.kth.se>
* telnetd/Makefile.am: don't run check-local
* telnet/Makefile.am: don't run check-local
Mon Mar 29 16:11:33 1999 Johan Danielsson <joda@hella.pdc.kth.se>
* telnetd/sys_term.c: _CRAY -> HAVE_STRUCT_UTMP_UT_ID
Sat Mar 20 00:12:54 1999 Assar Westerlund <assar@sics.se>
* telnet/authenc.c (telnet_gets): remove old extern declarations
Thu Mar 18 11:20:16 1999 Johan Danielsson <joda@hella.pdc.kth.se>
* telnetd/Makefile.am: include Makefile.am.common
* telnet/Makefile.am: include Makefile.am.common
* libtelnet/Makefile.am: include Makefile.am.common
* Makefile.am: include Makefile.am.common
Mon Mar 15 17:40:53 1999 Johan Danielsson <joda@hella.pdc.kth.se>
* telnetd/telnetd.c: replace perror/exit with fatalperror
Sat Mar 13 22:18:57 1999 Assar Westerlund <assar@sics.se>
* telnetd/telnetd.c (main): 0 -> STDIN_FILENO. remove abs
* libtelnet/kerberos.c (kerberos4_is): syslog root logins
Thu Mar 11 14:48:54 1999 Johan Danielsson <joda@hella.pdc.kth.se>
* telnetd/Makefile.in: add WFLAGS
* telnet/Makefile.in: add WFLAGS
* libtelnet/Makefile.in: add WFLAGS
* telnetd/sys_term.c: remove unused variables
* telnet/telnet.c: fix some warnings
* telnet/main.c: fix some warnings
* telnet/commands.c: fix types in format string
* libtelnet/auth.c: fix types in format string
Mon Mar 1 10:50:30 1999 Johan Danielsson <joda@hella.pdc.kth.se>
* telnetd/sys_term.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_*
Mon Feb 1 04:08:36 1999 Assar Westerlund <assar@sics.se>
* telnet/commands.c (tn): only call gethostbyname2 with AF_INET6
if we actually have IPv6. From "Brandon S. Allbery KF8NH"
<allbery@kf8nh.apk.net>
Sat Nov 21 16:51:00 1998 Johan Danielsson <joda@hella.pdc.kth.se>
* telnetd/sys_term.c (cleanup): don't call vhangup() on sgi:s
Fri Aug 14 16:29:18 1998 Johan Danielsson <joda@emma.pdc.kth.se>
* libtelnet/kerberos.c: krb_put_int -> KRB_PUT_INT
Thu Jul 23 20:29:05 1998 Johan Danielsson <joda@emma.pdc.kth.se>
* libtelnet/kerberos5.c: use krb5_verify_authenticator_checksum
Mon Jul 13 22:00:09 1998 Assar Westerlund <assar@sics.se>
* telnet/commands.c (tn): don't advance hostent->h_addr_list, use
a copy instead
Wed May 27 04:19:17 1998 Assar Westerlund <assar@sics.se>
* telnet/sys_bsd.c (process_rings): correct call to `stilloob'
Fri May 15 19:38:19 1998 Johan Danielsson <joda@blubb.pdc.kth.se>
* libtelnet/kerberos5.c: Always print errors from mk_req.
Fri May 1 07:16:59 1998 Assar Westerlund <assar@sics.se>
* telnet/commands.c: unifdef -DHAVE_H_ERRNO
Sat Apr 4 15:00:29 1998 Assar Westerlund <assar@sics.se>
* telnet/commands.c (tn): moved the printing of `trying...' to the
loop
Thu Mar 12 02:33:48 1998 Assar Westerlund <assar@sics.se>
* telnet/telnet_locl.h: include <term.h>. From Gregory S. Stark
<gsstark@mit.edu>
Sat Feb 21 15:12:38 1998 Assar Westerlund <assar@sics.se>
* telnetd/ext.h: add prototype for login_tty
* telnet/utilities.c (printsub): `direction' is now an int.
* libtelnet/misc-proto.h: add prototype for `printsub'
Tue Feb 17 02:45:01 1998 Assar Westerlund <assar@sics.se>
* libtelnet/kerberos.c (kerberos4_is): cred.pname should be
cred.pinst. From <art@stacken.kth.se>
Sun Feb 15 02:46:39 1998 Assar Westerlund <assar@sics.se>
* telnet/*/*.c: renamed `telnet' to `my_telnet' to avoid
conflicts with system header files on mklinux.
Tue Feb 10 02:09:03 1998 Assar Westerlund <assar@sics.se>
* telnetd/telnetd.c: new signature for `getterminaltype' and
`auth_wait'
* libtelnet: changed the signature of the authentication method
`status'
Sat Feb 7 07:21:29 1998 Assar Westerlund <assar@sics.se>
* */*.c: replace HAS_GETTOS by HAVE_PARSETOS and HAVE_GETTOSBYNAME
Fri Dec 26 16:17:10 1997 Assar Westerlund <assar@sics.se>
* telnet/commands.c (tn): repair support for numeric addresses
Sun Dec 21 09:40:31 1997 Assar Westerlund <assar@sics.se>
* libtelnet/kerberos.c: fix up lots of stuff related to the
forwarding of v4 tickets.
* libtelnet/kerberos5.c (kerberos5_forward): zero out `creds'.
Mon Dec 15 20:53:13 1997 Johan Danielsson <joda@emma.pdc.kth.se>
* telnet/sys_bsd.c: Don't turn off OPOST in 8bit-mode.
Tue Dec 9 19:26:50 1997 Assar Westerlund <assar@sics.se>
* telnet/main.c (main): add 'b' to getopt
Sat Nov 29 03:28:54 1997 Johan Danielsson <joda@emma.pdc.kth.se>
* telnet/telnet.c: Change binary mode to do just that, and add a
eight-bit mode for just passing all characters.
Sun Nov 16 04:37:02 1997 Assar Westerlund <assar@sics.se>
* libtelnet/kerberos5.c (kerberos5_send): always ask for a session
key of type DES
* libtelnet/kerberos5.c: remove old garbage and fix call to
krb5_auth_con_setaddrs_from_fd
Fri Nov 14 20:35:18 1997 Johan Danielsson <joda@emma.pdc.kth.se>
* telnetd/telnetd.c: Output contents of /etc/issue.
Mon Nov 3 07:09:16 1997 Assar Westerlund <assar@sics.se>
* telnet/telnet_locl.h: only include <sys/termio.h> iff
!defined(HAVE_TERMIOS_H)
* libtelnet/kerberos.c (kerberos4_is): send the peer address to
krb_rd_req
* telnetd/telnetd.c (terminaltypeok): always return OK. It used
to call `tgetent' to figure if it was a defined terminal type.
It's possible to overflow tgetent so that's a bad idea. The worst
that could happen by saying yes to all terminals is that the user
ends up with a terminal that has no definition on the local
system. And besides, most telnet client has no support for
falling back to a different terminal type.
Mon Oct 20 05:47:19 1997 Assar Westerlund <assar@sics.se>
* libtelnet/kerberos5.c: remove lots of old junk. clean-up.
better error checking and reporting. tell the user permission
denied much earlier.
* libtelnet/kerberos.c (kerberos4_is): only print
UserNameRequested if != NULL

11
crypto/heimdal/appl/telnet/Makefile.am Normal file
View File

@ -0,0 +1,11 @@
# $Id: Makefile.am,v 1.6 1999/03/20 13:58:15 joda Exp $
include $(top_srcdir)/Makefile.am.common
SUBDIRS = libtelnet telnet telnetd
dist-hook:
$(mkinstalldirs) $(distdir)/arpa
$(INSTALL_DATA) $(srcdir)/arpa/telnet.h $(distdir)/arpa
EXTRA_DIST = README.ORIG telnet.state

604
crypto/heimdal/appl/telnet/Makefile.in Normal file
View File

@ -0,0 +1,604 @@
# Makefile.in generated automatically by automake 1.4 from Makefile.am
# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
# $Id: Makefile.am,v 1.6 1999/03/20 13:58:15 joda Exp $
# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
SHELL = @SHELL@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = @bindir@
sbindir = @sbindir@
libexecdir = @libexecdir@
datadir = @datadir@
sysconfdir = @sysconfdir@
sharedstatedir = @sharedstatedir@
localstatedir = @localstatedir@
libdir = @libdir@
infodir = @infodir@
mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
DESTDIR =
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ../..
ACLOCAL = @ACLOCAL@
AUTOCONF = @AUTOCONF@
AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
transform = @program_transform_name@
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
host_alias = @host_alias@
host_triplet = @host@
AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
DBLIB = @DBLIB@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
INCLUDE_ = @INCLUDE_@
LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
NM = @NM@
NROFF = @NROFF@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
INCLUDES = -I$(top_builddir)/include
AM_CFLAGS = $(WFLAGS)
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
LIB_XauReadAuth = @LIB_XauReadAuth@
LIB_crypt = @LIB_crypt@
LIB_dbm_firstkey = @LIB_dbm_firstkey@
LIB_dbopen = @LIB_dbopen@
LIB_dlopen = @LIB_dlopen@
LIB_dn_expand = @LIB_dn_expand@
LIB_el_init = @LIB_el_init@
LIB_getattr = @LIB_getattr@
LIB_gethostbyname = @LIB_gethostbyname@
LIB_getpwent_r = @LIB_getpwent_r@
LIB_getpwnam_r = @LIB_getpwnam_r@
LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
LIB_setsockopt = @LIB_setsockopt@
LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
cat1dir = $(mandir)/cat1
cat3dir = $(mandir)/cat3
cat5dir = $(mandir)/cat5
cat8dir = $(mandir)/cat8
MANRX = \(.*\)\.\([0-9]\)
CATSUFFIX = @CATSUFFIX@
NROFF_MAN = groff -mandoc -Tascii
@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
SUBDIRS = libtelnet telnet telnetd
EXTRA_DIST = README.ORIG telnet.state
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
DIST_COMMON = ChangeLog Makefile.am Makefile.in
DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
TAR = tar
GZIP_ENV = --best
all: all-redirect
.SUFFIXES:
.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/telnet/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
cd $(top_builddir) \
&& CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
# This directory's subdirectories are mostly independent; you can cd
# into them and run `make' without going through this Makefile.
# To change the values of `make' variables: instead of editing Makefiles,
# (1) if the variable is set in `config.status', edit `config.status'
# (which will cause the Makefiles to be regenerated when you run `make');
# (2) otherwise, pass the desired values on the `make' command line.
@SET_MAKE@
all-recursive install-data-recursive install-exec-recursive \
installdirs-recursive install-recursive uninstall-recursive \
check-recursive installcheck-recursive info-recursive dvi-recursive:
@set fnord $(MAKEFLAGS); amf=$$2; \
dot_seen=no; \
target=`echo $@ | sed s/-recursive//`; \
list='$(SUBDIRS)'; for subdir in $$list; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
dot_seen=yes; \
local_target="$$target-am"; \
else \
local_target="$$target"; \
fi; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|| case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \
done; \
if test "$$dot_seen" = "no"; then \
$(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
fi; test -z "$$fail"
mostlyclean-recursive clean-recursive distclean-recursive \
maintainer-clean-recursive:
@set fnord $(MAKEFLAGS); amf=$$2; \
dot_seen=no; \
rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \
rev="$$subdir $$rev"; \
test "$$subdir" = "." && dot_seen=yes; \
done; \
test "$$dot_seen" = "no" && rev=". $$rev"; \
target=`echo $@ | sed s/-recursive//`; \
for subdir in $$rev; do \
echo "Making $$target in $$subdir"; \
if test "$$subdir" = "."; then \
local_target="$$target-am"; \
else \
local_target="$$target"; \
fi; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
|| case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \
done && test -z "$$fail"
tags-recursive:
list='$(SUBDIRS)'; for subdir in $$list; do \
test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
done
tags: TAGS
ID: $(HEADERS) $(SOURCES) $(LISP)
list='$(SOURCES) $(HEADERS)'; \
unique=`for i in $$list; do echo $$i; done | \
awk ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
here=`pwd` && cd $(srcdir) \
&& mkid -f$$here/ID $$unique $(LISP)
TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SUBDIRS)'; for subdir in $$list; do \
if test "$$subdir" = .; then :; else \
test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \
fi; \
done; \
list='$(SOURCES) $(HEADERS)'; \
unique=`for i in $$list; do echo $$i; done | \
awk ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
|| (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
mostlyclean-tags:
clean-tags:
distclean-tags:
-rm -f TAGS ID
maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
subdir = appl/telnet
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
cp -pr $$/$$file $(distdir)/$$file; \
else \
test -f $(distdir)/$$file \
|| ln $$d/$$file $(distdir)/$$file 2> /dev/null \
|| cp -p $$d/$$file $(distdir)/$$file || :; \
fi; \
done
for subdir in $(SUBDIRS); do \
if test "$$subdir" = .; then :; else \
test -d $(distdir)/$$subdir \
|| mkdir $(distdir)/$$subdir \
|| exit 1; \
chmod 777 $(distdir)/$$subdir; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(top_distdir) distdir=../$(distdir)/$$subdir distdir) \
|| exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
info-am:
info: info-recursive
dvi-am:
dvi: dvi-recursive
check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) check-local
check: check-recursive
installcheck-am:
installcheck: installcheck-recursive
install-exec-am:
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
install-exec: install-exec-recursive
install-data-am: install-data-local
install-data: install-data-recursive
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
install: install-recursive
uninstall-am:
uninstall: uninstall-recursive
all-am: Makefile all-local
all-redirect: all-recursive
install-strip:
$(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
installdirs: installdirs-recursive
installdirs-am:
mostlyclean-generic:
clean-generic:
distclean-generic:
-rm -f Makefile $(CONFIG_CLEAN_FILES)
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
mostlyclean-am: mostlyclean-tags mostlyclean-generic
mostlyclean: mostlyclean-recursive
clean-am: clean-tags clean-generic mostlyclean-am
clean: clean-recursive
distclean-am: distclean-tags distclean-generic clean-am
-rm -f libtool
distclean: distclean-recursive
maintainer-clean-am: maintainer-clean-tags maintainer-clean-generic \
distclean-am
@echo "This command is intended for maintainers to use;"
@echo "it deletes files that may require special tools to rebuild."
maintainer-clean: maintainer-clean-recursive
.PHONY: install-data-recursive uninstall-data-recursive \
install-exec-recursive uninstall-exec-recursive installdirs-recursive \
uninstalldirs-recursive all-recursive check-recursive \
installcheck-recursive info-recursive dvi-recursive \
mostlyclean-recursive distclean-recursive clean-recursive \
maintainer-clean-recursive tags tags-recursive mostlyclean-tags \
distclean-tags clean-tags maintainer-clean-tags distdir info-am info \
dvi-am dvi check-local check check-am installcheck-am installcheck \
install-exec-am install-exec install-data-local install-data-am \
install-data install-am install uninstall-am uninstall all-local \
all-redirect all-am all installdirs-am installdirs mostlyclean-generic \
distclean-generic clean-generic maintainer-clean-generic clean \
mostlyclean distclean maintainer-clean
install-suid-programs:
@foo='$(bin_SUIDS)'; \
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
chmod 0 $$x; fi; done
install-exec-hook: install-suid-programs
install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
@foo='$(include_HEADERS) $(build_HEADERZ)'; \
for f in $$foo; do \
f=`basename $$f`; \
if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
echo " cp $$file $(buildinclude)/$$f"; \
cp $$file $(buildinclude)/$$f; \
fi ; \
done
all-local: install-build-headers
#NROFF_MAN = nroff -man
.1.cat1:
$(NROFF_MAN) $< > $@
.3.cat3:
$(NROFF_MAN) $< > $@
.5.cat5:
$(NROFF_MAN) $< > $@
.8.cat8:
$(NROFF_MAN) $< > $@
dist-cat1-mans:
@foo='$(man1_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.1) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat3-mans:
@foo='$(man3_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.3) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat5-mans:
@foo='$(man5_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.5) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat8-mans:
@foo='$(man8_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.8) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
install-cat1-mans:
@ext=1;\
foo='$(man1_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.1) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat1dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat3-mans:
@ext=3;\
foo='$(man3_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.3) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat3dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat5-mans:
@ext=5;\
foo='$(man5_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.5) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat5dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat8-mans:
@ext=8;\
foo='$(man8_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.8) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat8dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
install-data-local: install-cat-mans
.et.h:
$(COMPILE_ET) $<
.et.c:
$(COMPILE_ET) $<
.x.c:
@cmp -s $< $@ 2> /dev/null || cp $< $@
check-local::
@foo='$(CHECK_LOCAL)'; \
if test "$$foo"; then \
failed=0; all=0; \
for i in $$foo; do \
all=`expr $$all + 1`; \
if ./$$i --version > /dev/null 2>&1; then \
echo "PASS: $$i"; \
else \
echo "FAIL: $$i"; \
failed=`expr $$failed + 1`; \
fi; \
done; \
if test "$$failed" -eq 0; then \
banner="All $$all tests passed"; \
else \
banner="$$failed of $$all tests failed"; \
fi; \
dashes=`echo "$$banner" | sed s/./=/g`; \
echo "$$dashes"; \
echo "$$banner"; \
echo "$$dashes"; \
test "$$failed" -eq 0; \
fi
dist-hook:
$(mkinstalldirs) $(distdir)/arpa
$(INSTALL_DATA) $(srcdir)/arpa/telnet.h $(distdir)/arpa
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

743
crypto/heimdal/appl/telnet/README.ORIG Normal file
View File

@ -0,0 +1,743 @@
This is a distribution of both client and server telnet. These programs
have been compiled on:
telnet telnetd
4.4 BSD-Lite x x
4.3 BSD Reno X X
UNICOS 9.1 X X
UNICOS 9.0 X X
UNICOS 8.0 X X
BSDI 2.0 X X
Solaris 2.4 x x (no linemode in server)
SunOs 4.1.4 X X (no linemode in server)
Ultrix 4.3 X X (no linemode in server)
Ultrix 4.1 X X (no linemode in server)
In addition, previous versions have been compiled on the following
machines, but were not available for testing this version.
telnet telnetd
Next1.0 X X
UNICOS 8.3 X X
UNICOS 7.C X X
UNICOS 7.0 X X
SunOs 4.0.3c X X (no linemode in server)
4.3 BSD X X (no linemode in server)
DYNIX V3.0.12 X X (no linemode in server)
Ultrix 3.1 X X (no linemode in server)
Ultrix 4.0 X X (no linemode in server)
SunOs 3.5 X X (no linemode in server)
SunOs 4.1.3 X X (no linemode in server)
Solaris 2.2 x x (no linemode in server)
Solaris 2.3 x x (no linemode in server)
BSDI 1.0 X X
BSDI 1.1 X X
DYNIX V3.0.17.9 X X (no linemode in server)
HP-UX 8.0 x x (no linemode in server)
This code should work, but there are no guarantees.
May 30, 1995
This release represents what is on the 4.4BSD-Lite2 release, which
should be the final BSD release. I will continue to support of
telnet, The code (without encryption) is available via anonymous ftp
from ftp.cray.com, in src/telnet/telnet.YY.MM.DD.NE.tar.Z, where
YY.MM.DD is replaced with the year, month and day of the release.
If you can't find it at one of these places, at some point in the
near future information about the latest releases should be available
from ftp.borman.com.
In addition, the version with the encryption code is available via
ftp from net-dist.mit.edu, in the directory /pub/telnet. There
is a README file there that gives further information on how
to get the distribution.
Questions, comments, bug reports and bug fixes can be sent to
one of these addresses:
dab@borman.com
dab@cray.com
dab@bsdi.com
This release is mainly bug fixes and code cleanup.
Replace all calls to bcopy()/bzero() with calls to
memmove()/memset() and all calls to index()/rindex()
with calls to strchr()/strrchr().
Add some missing diagnostics for option tracing
to telnetd.
Add support for BSDI 2.0 and Solaris 2.4.
Add support for UNICOS 8.0
Get rid of expanded tabs and trailing white spaces.
From Paul Vixie:
Fix for telnet going into an endless spin
when the session dies abnormally.
From Jef Poskanzer:
Changes to allow telnet to compile
under SunOS 3.5.
From Philip Guenther:
makeutx() doesn't expand utmpx,
use pututxline() instead.
From Chris Torek:
Add a sleep(1) before execing login
to avoid race condition that can eat
up the login prompt.
Use terminal speed directly if it is
not an encoded value.
From Steve Parker:
Fix to realloc() call. Fix for execing
login on solaris with no user name.
January 19, 1994
This is a list of some of the changes since the last tar release
of telnet/telnetd. There are probably other changes that aren't
listed here, but this should hit a lot of the main ones.
General:
Changed #define for AUTHENTICATE to AUTHENTICATION
Changed #define for ENCRYPT to ENCRYPTION
Changed #define for DES_ENCRYPT to DES_ENCRYPTION
Added support for SPX authentication: -DSPX
Added support for Kerberos Version 5 authentication: -DKRB5
Added support for ANSI C function prototypes
Added support for the NEW-ENVIRON option (RFC-1572)
including support for USERVAR.
Made support for the old Environment Option (RFC-1408)
conditional on -DOLD_ENVIRON
Added #define ENV_HACK - support for RFC 1571
The encryption code is removed from the public distributions.
Domestic 4.4 BSD distributions contain the encryption code.
ENV_HACK: Code to deal with systems that only implement
the old ENVIRON option, and have reversed definitions
of ENV_VAR and ENV_VAL. Also fixes ENV processing in
client to handle things besides just the default set...
NO_BSD_SETJMP: UNICOS configuration for
UNICOS 6.1/6.0/5.1/5.0 systems.
STREAMSPTY: Use /dev/ptmx to get a clean pty. This
is for SVr4 derivatives (Like Solaris)
UTMPX: For systems that have /etc/utmpx. This is for
SVr4 derivatives (Like Solaris)
Definitions for BSDI 1.0
Definitions for 4.3 Reno and 4.4 BSD.
Definitions for UNICOS 8.0 and UNICOS 7.C
Definitions for Solaris 2.0
Definitions for HP-UX 8.0
Latest Copyright notices from Berkeley.
FLOW-CONTROL: support for RFC-XXXx
Client Specific:
Fix the "send" command to not send garbage...
Fix status message for "skiprc"
Make sure to send NAWS after telnet has been suspended
or an external command has been run, if the window size
has changed.
sysV88 support.
Server Specific:
Support flowcontrol option in non-linemode servers.
-k Server supports Kludge Linemode, but will default to
either single character mode or real Linemode support.
The user will have to explicitly ask to switch into
kludge linemode. ("stty extproc", or escape back to
to telnet and say "mode line".)
-u Specify the length of the hostname field in the utmp
file. Hostname longer than this length will be put
into the utmp file in dotted decimal notation, rather
than putting in a truncated hostname.
-U Registered hosts only. If a reverse hostname lookup
fails, the connection will be refused.
-f/-F
Allows forwarding of credentials for KRB5.
Februrary 22, 1991:
Features:
This version of telnet/telnetd has support for both
the AUTHENTICATION and ENCRYPTION options. The
AUTHENTICATION option is fairly well defined, and
an option number has been assigned to it. The
ENCRYPTION option is still in a state of flux; an
option number has been assigned to, but it is still
subject to change. The code is provided in this release
for experimental and testing purposes.
The telnet "send" command can now be used to send
do/dont/will/wont commands, with any telnet option
name. The rules for when do/dont/will/wont are sent
are still followed, so just because the user requests
that one of these be sent doesn't mean that it will
be sent...
The telnet "getstatus" command no longer requires
that option printing be enabled to see the response
to the "DO STATUS" command.
A -n flag has been added to telnetd to disable
keepalives.
A new telnet command, "auth" has been added (if
AUTHENTICATE is defined). It has four sub-commands,
"status", "disable", "enable" and "help".
A new telnet command, "encrypt" has been added (if
ENCRYPT is defined). It has many sub-commands:
"enable", "type", "start", "stop", "input",
"-input", "output", "-output", "status", and "help".
The LOGOUT option is now supported by both telnet
and telnetd, a new command, "logout", was added
to support this.
Several new toggle options were added:
"autoencrypt", "autodecrypt", "autologin", "authdebug",
"encdebug", "skiprc", "verbose_encrypt"
An "rlogin" interface has been added. If the program
is named "rlogin", or the "-r" flag is given, then
an rlogin type of interface will be used.
~. Terminates the session
~<susp> Suspend the session
~^] Escape to telnet command mode
~~ Pass through the ~.
BUG: If you type the rlogin escape character
in the middle of a line while in rlogin
mode, you cannot erase it or any characters
before it. Hopefully this can be fixed
in a future release...
General changes:
A "libtelnet.a" has now been created. This libraray
contains code that is common to both telnet and
telnetd. This is also where library routines that
are needed, but are not in the standard C library,
are placed.
The makefiles have been re-done. All of the site
specific configuration information has now been put
into a single "Config.generic" file, in the top level
directory. Changing this one file will take care of
all three subdirectories. Also, to add a new/local
definition, a "Config.local" file may be created
at the top level; if that file exists, the subdirectories
will use that file instead of "Config.generic".
Many 1-2 line functions in commands.c have been
removed, and just inserted in-line, or replaced
with a macro.
Bug Fixes:
The non-termio code in both telnet and telnetd was
setting/clearing CTLECH in the sg_flags word. This
was incorrect, and has been changed to set/clear the
LCTLECH bit in the local mode word.
The SRCRT #define has been removed. If IP_OPTIONS
and IPPROTO_IP are defined on the system, then the
source route code is automatically enabled.
The NO_GETTYTAB #define has been removed; there
is a compatability routine that can be built into
libtelnet to achive the same results.
The server, telnetd, has been switched to use getopt()
for parsing the argument list.
The code for getting the input/output speeds via
cfgetispeed()/cfgetospeed() was still not quite
right in telnet. Posix says if the ispeed is 0,
then it is really equal to the ospeed.
The suboption processing code in telnet now has
explicit checks to make sure that we received
the entire suboption (telnetd was already doing this).
The telnet code for processing the terminal type
could cause a core dump if an existing connection
was closed, and a new connection opened without
exiting telnet.
Telnetd was doing a TCSADRAIN when setting the new
terminal settings; This is not good, because it means
that the tcsetattr() will hang waiting for output to
drain, and telnetd is the only one that will drain
the output... The fix is to use TCSANOW which does
not wait.
Telnetd was improperly setting/clearing the ISTRIP
flag in the c_lflag field, it should be using the
c_iflag field.
When the child process of telnetd was opening the
slave side of the pty, it was re-setting the EXTPROC
bit too early, and some of the other initialization
code was wiping it out. This would cause telnetd
to go out of linemode and into single character mode.
One instance of leaving linemode in telnetd forgot
to send a WILL ECHO to the client, the net result
would be that the user would see double character
echo.
If the MODE was being changed several times very
quickly, telnetd could get out of sync with the
state changes and the returning acks; and wind up
being left in the wrong state.
September 14, 1990:
Switch the client to use getopt() for parsing the
argument list. The 4.3Reno getopt.c is included for
systems that don't have getopt().
Use the posix _POSIX_VDISABLE value for what value
to use when disabling special characters. If this
is undefined, it defaults to 0x3ff.
For non-termio systems, TIOCSETP was being used to
change the state of the terminal. This causes the
input queue to be flushed, which we don't want. This
is now changed to TIOCSETN.
Take out the "#ifdef notdef" around the code in the
server that generates a "sync" when the pty oputput
is flushed. The potential problem is that some older
telnet clients may go into an infinate loop when they
receive a "sync", if so, the server can be compiled
with "NO_URGENT" defined.
Fix the client where it was setting/clearing the OPOST
bit in the c_lflag field, not the c_oflag field.
Fix the client where it was setting/clearing the ISTRIP
bit in the c_lflag field, not the c_iflag field. (On
4.3Reno, this is the ECHOPRT bit in the c_lflag field.)
The client also had its interpretation of WILL BINARY
and DO BINARY reversed.
Fix a bug in client that would cause a core dump when
attempting to remove the last environment variable.
In the client, there were a few places were switch()
was being passed a character, and if it was a negative
value, it could get sign extended, and not match
the 8 bit case statements. The fix is to and the
switch value with 0xff.
Add a couple more printoption() calls in the client, I
don't think there are any more places were a telnet
command can be received and not printed out when
"options" is on.
A new flag has been added to the client, "-a". Currently,
this just causes the USER name to be sent across, in
the future this may be used to signify that automatic
authentication is requested.
The USER variable is now only sent by the client if
the "-a" or "-l user" options are explicity used, or
if the user explicitly asks for the "USER" environment
variable to be exported. In the server, if it receives
the "USER" environment variable, it won't print out the
banner message, so that only "Password:" will be printed.
This makes the symantics more like rlogin, and should be
more familiar to the user. (People are not used to
getting a banner message, and then getting just a
"Password:" prompt.)
Re-vamp the code for starting up the child login
process. The code was getting ugly, and it was
hard to tell what was really going on. What we
do now is after the fork(), in the child:
1) make sure we have no controlling tty
2) open and initialize the tty
3) do a setsid()/setpgrp()
4) makes the tty our controlling tty.
On some systems, #2 makes the tty our controlling
tty, and #4 is a no-op. The parent process does
a gets rid of any controlling tty after the child
is fork()ed.
Use the strdup() library routine in telnet, instead
of the local savestr() routine. If you don't have
strdup(), you need to define NO_STRDUP.
Add support for ^T (SIGINFO/VSTATUS), found in the
4.3Reno distribution. This maps to the AYT character.
You need a 4-line bugfix in the kernel to get this
to work properly:
> *** tty_pty.c.ORG Tue Sep 11 09:41:53 1990
> --- tty_pty.c Tue Sep 11 17:48:03 1990
> ***************
> *** 609,613 ****
> if ((tp->t_lflag&NOFLSH) == 0)
> ttyflush(tp, FREAD|FWRITE);
> ! pgsignal(tp->t_pgrp, *(unsigned int *)data);
> return(0);
> }
> --- 609,616 ----
> if ((tp->t_lflag&NOFLSH) == 0)
> ttyflush(tp, FREAD|FWRITE);
> ! pgsignal(tp->t_pgrp, *(unsigned int *)data, 1);
> ! if ((*(unsigned int *)data == SIGINFO) &&
> ! ((tp->t_lflag&NOKERNINFO) == 0))
> ! ttyinfo(tp);
> return(0);
> }
The client is now smarter when setting the telnet escape
character; it only sets it to one of VEOL and VEOL2 if
one of them is undefined, and the other one is not already
defined to the telnet escape character.
Handle TERMIOS systems that have seperate input and output
line speed settings imbedded in the flags.
Many other minor bug fixes.
June 20, 1990:
Re-organize makefiles and source tree. The telnet/Source
directory is now gone, and all the source that was in
telnet/Source is now just in the telnet directory.
Seperate makefile for each system are now gone. There
are two makefiles, Makefile and Makefile.generic.
The "Makefile" has the definitions for the various
system, and "Makefile.generic" does all the work.
There is a variable called "WHAT" that is used to
specify what to make. For example, in the telnet
directory, you might say:
make 4.4bsd WHAT=clean
to clean out the directory.
Add support for the ENVIRON and XDISPLOC options.
In order for the server to work, login has to have
the "-p" option to preserve environment variables.
Add the SOFT_TAB and LIT_ECHO modes in the LINEMODE support.
Add the "-l user" option to command line and open command
(This is passed through the ENVIRON option).
Add the "-e" command line option, for setting the escape
character.
Add the "-D", diagnostic, option to the server. This allows
the server to print out debug information, which is very
useful when trying to debug a telnet that doesn't have any
debugging ability.
Turn off the literal next character when not in LINEMODE.
Don't recognize ^Y locally, just pass it through.
Make minor modifications for Sun4.0 and Sun4.1
Add support for both FORW1 and FORW2 characters. The
telnet escpape character is set to whichever of the
two is not being used. If both are in use, the escape
character is not set, so when in linemode the user will
have to follow the escape character with a <CR> or <EOF)
to get it passed through.
Commands can now be put in single and double quotes, and
a backslash is now an escape character. This is needed
for allowing arbitrary strings to be assigned to environment
variables.
Switch telnetd to use macros like telnet for keeping
track of the state of all the options.
Fix telnetd's processing of options so that we always do
the right processing of the LINEMODE option, regardless
of who initiates the request to turn it on. Also, make
sure that if the other side went "WILL ECHO" in response
to our "DO ECHO", that we send a "DONT ECHO" to get the
option turned back off!
Fix the TERMIOS setting of the terminal speed to handle both
BSD's seperate fields, and the SYSV method of CBAUD bits.
Change how we deal with the other side refusing to enable
an option. The sequence used to be: send DO option; receive
WONT option; send DONT option. Now, the sequence is: send
DO option; receive WONT option. Both should be valid
according to the spec, but there has been at least one
client implementation of telnet identified that can get
really confused by this. (The exact sequence, from a trace
on the server side, is (numbers are number of responses that
we expect to get after that line...):
send WILL ECHO 1 (initial request)
send WONT ECHO 2 (server is changing state)
recv DO ECHO 1 (first reply, ok. expect DONT ECHO next)
send WILL ECHO 2 (server changes state again)
recv DONT ECHO 1 (second reply, ok. expect DO ECHO next)
recv DONT ECHO 0 (third reply, wrong answer. got DONT!!!)
*** send WONT ECHO (send WONT to acknowledge the DONT)
send WILL ECHO 1 (ask again to enable option)
recv DO ECHO 0
recv DONT ECHO 0
send WONT ECHO 1
recv DONT ECHO 0
recv DO ECHO 1
send WILL ECHO 0
(and the last 5 lines loop forever)
The line with the "***" is last of the WILL/DONT/WONT sequence.
The change to the server to not generate that makes this same
example become:
send will ECHO 1
send wont ECHO 2
recv do ECHO 1
send will ECHO 2
recv dont ECHO 1
recv dont ECHO 0
recv do ECHO 1
send will ECHO 0
There is other option negotiation going on, and not sending
the third part changes some of the timings, but this specific
example no longer gets stuck in a loop. The "telnet.state"
file has been modified to reflect this change to the algorithm.
A bunch of miscellaneous bug fixes and changes to make
lint happier.
This version of telnet also has some KERBEROS stuff in
it. This has not been tested, it uses an un-authorized
telnet option number, and uses an out-of-date version
of the (still being defined) AUTHENTICATION option.
There is no support for this code, do not enable it.
March 1, 1990:
CHANGES/BUGFIXES SINCE LAST RELEASE:
Some support for IP TOS has been added. Requires that the
kernel support the IP_TOS socket option (currently this
is only in UNICOS 6.0).
Both telnet and telnetd now use the cc_t typedef. typedefs are
included for systems that don't have it (in termios.h).
SLC_SUSP was not supported properly before. It is now.
IAC EOF was not translated properly in telnetd for SYSV_TERMIO
when not in linemode. It now saves a copy of the VEOF character,
so that when ICANON is turned off and we can't trust it anymore
(because it is now the VMIN character) we use the saved value.
There were two missing "break" commands in the linemode
processing code in telnetd.
Telnetd wasn't setting the kernel window size information
properly. It was using the rows for both rows and columns...
Questions/comments go to
David Borman
Cray Research, Inc.
655F Lone Oak Drive
Eagan, MN 55123
dab@cray.com.
README: You are reading it.
Config.generic:
This file contains all the OS specific definitions. It
has pre-definitions for many common system types, and is
in standard makefile fromat. See the comments at the top
of the file for more information.
Config.local:
This is not part of the distribution, but if this file exists,
it is used instead of "Config.generic". This allows site
specific configuration without having to modify the distributed
"Config.generic" file.
kern.diff:
This file contains the diffs for the changes needed for the
kernel to support LINEMODE is the server. These changes are
for a 4.3BSD system. You may need to make some changes for
your particular system.
There is a new bit in the terminal state word, TS_EXTPROC.
When this bit is set, several aspects of the terminal driver
are disabled. Input line editing, character echo, and
mapping of signals are all disabled. This allows the telnetd
to turn of these functions when in linemode, but still keep
track of what state the user wants the terminal to be in.
New ioctl()s:
TIOCEXT Turn on/off the TS_EXTPROC bit
TIOCGSTATE Get t_state of tty to look at TS_EXTPROC bit
TIOCSIG Generate a signal to processes in the
current process group of the pty.
There is a new mode for packet driver, the TIOCPKT_IOCTL bit.
When packet mode is turned on in the pty, and the TS_EXTPROC
bit is set, then whenever the state of the pty is changed, the
next read on the master side of the pty will have the TIOCPKT_IOCTL
bit set, and the data will contain the following:
struct xx {
struct sgttyb a;
struct tchars b;
struct ltchars c;
int t_state;
int t_flags;
}
This allows the process on the server side of the pty to know
when the state of the terminal has changed, and what the new
state is.
However, if you define USE_TERMIO or SYSV_TERMIO, the code will
expect that the structure returned in the TIOCPKT_IOCTL is
the termio/termios structure.
stty.diff:
This file contains the changes needed for the stty(1) program
to report on the current status of the TS_EXTPROC bit. It also
allows the user to turn on/off the TS_EXTPROC bit. This is useful
because it allows the user to say "stty -extproc", and the
LINEMODE option will be automatically disabled, and saying "stty
extproc" will re-enable the LINEMODE option.
telnet.state:
Both the client and server have code in them to deal
with option negotiation loops. The algorithm that is
used is described in this file.
telnet:
This directory contains the client code. No kernel changes are
needed to use this code.
telnetd:
This directory contains the server code. If LINEMODE or KLUDGELINEMODE
are defined, then the kernel modifications listed above are needed.
libtelnet:
This directory contains code that is common to both the client
and the server.
arpa:
This directory has a new <arpa/telnet.h>
libtelnet/Makefile.4.4:
telnet/Makefile.4.4:
telnetd/Makefile.4.4:
These are the makefiles that can be used on a 4.3Reno
system when this software is installed in /usr/src/lib/libtelnet,
/usr/src/libexec/telnetd, and /usr/src/usr.bin/telnet.
The following TELNET options are supported:
LINEMODE:
The LINEMODE option is supported as per RFC1116. The
FORWARDMASK option is not currently supported.
BINARY: The client has the ability to turn on/off the BINARY
option in each direction. Turning on BINARY from
server to client causes the LITOUT bit to get set in
the terminal driver on both ends, turning on BINARY
from the client to the server causes the PASS8 bit
to get set in the terminal driver on both ends.
TERMINAL-TYPE:
This is supported as per RFC1091. On the server side,
when a terminal type is received, termcap/terminfo
is consulted to determine if it is a known terminal
type. It keeps requesting terminal types until it
gets one that it recongnizes, or hits the end of the
list. The server side looks up the entry in the
termcap/terminfo data base, and generates a list of
names which it then passes one at a time to each
request for a terminal type, duplicating the last
entry in the list before cycling back to the beginning.
NAWS: The Negotiate about Window Size, as per RFC 1073.
TERMINAL-SPEED:
Implemented as per RFC 1079
TOGGLE-FLOW-CONTROL:
Implemented as per RFC 1080
TIMING-MARK:
As per RFC 860
SGA: As per RFC 858
ECHO: As per RFC 857
LOGOUT: As per RFC 727
STATUS:
The server will send its current status upon
request. It does not ask for the clients status.
The client will request the servers current status
from the "send getstatus" command.
ENVIRON:
This option is currently being defined by the IETF
Telnet Working Group, and an RFC has not yet been
issued, but should be in the near future...
X-DISPLAY-LOCATION:
This functionality can be done through the ENVIRON
option, it is added here for completeness.
AUTHENTICATION:
This option is currently being defined by the IETF
Telnet Working Group, and an RFC has not yet been
issued. The basic framework is pretty much decided,
but the definitions for the specific authentication
schemes is still in a state of flux.
ENCRYPTION:
This option is currently being defined by the IETF
Telnet Working Group, and an RFC has not yet been
issued. The draft RFC is still in a state of flux,
so this code may change in the future.

323
crypto/heimdal/appl/telnet/arpa/telnet.h Normal file
View File

@ -0,0 +1,323 @@
/*
* Copyright (c) 1983, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)telnet.h 8.2 (Berkeley) 12/15/93
*/
#ifndef _TELNET_H_
#define _TELNET_H_
/*
* Definitions for the TELNET protocol.
*/
#define IAC 255 /* interpret as command: */
#define DONT 254 /* you are not to use option */
#define DO 253 /* please, you use option */
#define WONT 252 /* I won't use option */
#define WILL 251 /* I will use option */
#define SB 250 /* interpret as subnegotiation */
#define GA 249 /* you may reverse the line */
#define EL 248 /* erase the current line */
#define EC 247 /* erase the current character */
#define AYT 246 /* are you there */
#define AO 245 /* abort output--but let prog finish */
#define IP 244 /* interrupt process--permanently */
#define BREAK 243 /* break */
#define DM 242 /* data mark--for connect. cleaning */
#define NOP 241 /* nop */
#define SE 240 /* end sub negotiation */
#define EOR 239 /* end of record (transparent mode) */
#define ABORT 238 /* Abort process */
#define SUSP 237 /* Suspend process */
#define xEOF 236 /* End of file: EOF is already used... */
#define SYNCH 242 /* for telfunc calls */
#ifdef TELCMDS
char *telcmds[] = {
"EOF", "SUSP", "ABORT", "EOR",
"SE", "NOP", "DMARK", "BRK", "IP", "AO", "AYT", "EC",
"EL", "GA", "SB", "WILL", "WONT", "DO", "DONT", "IAC", 0,
};
#else
extern char *telcmds[];
#endif
#define TELCMD_FIRST xEOF
#define TELCMD_LAST IAC
#define TELCMD_OK(x) ((unsigned int)(x) <= TELCMD_LAST && \
(unsigned int)(x) >= TELCMD_FIRST)
#define TELCMD(x) telcmds[(x)-TELCMD_FIRST]
/* telnet options */
#define TELOPT_BINARY 0 /* 8-bit data path */
#define TELOPT_ECHO 1 /* echo */
#define TELOPT_RCP 2 /* prepare to reconnect */
#define TELOPT_SGA 3 /* suppress go ahead */
#define TELOPT_NAMS 4 /* approximate message size */
#define TELOPT_STATUS 5 /* give status */
#define TELOPT_TM 6 /* timing mark */
#define TELOPT_RCTE 7 /* remote controlled transmission and echo */
#define TELOPT_NAOL 8 /* negotiate about output line width */
#define TELOPT_NAOP 9 /* negotiate about output page size */
#define TELOPT_NAOCRD 10 /* negotiate about CR disposition */
#define TELOPT_NAOHTS 11 /* negotiate about horizontal tabstops */
#define TELOPT_NAOHTD 12 /* negotiate about horizontal tab disposition */
#define TELOPT_NAOFFD 13 /* negotiate about formfeed disposition */
#define TELOPT_NAOVTS 14 /* negotiate about vertical tab stops */
#define TELOPT_NAOVTD 15 /* negotiate about vertical tab disposition */
#define TELOPT_NAOLFD 16 /* negotiate about output LF disposition */
#define TELOPT_XASCII 17 /* extended ascic character set */
#define TELOPT_LOGOUT 18 /* force logout */
#define TELOPT_BM 19 /* byte macro */
#define TELOPT_DET 20 /* data entry terminal */
#define TELOPT_SUPDUP 21 /* supdup protocol */
#define TELOPT_SUPDUPOUTPUT 22 /* supdup output */
#define TELOPT_SNDLOC 23 /* send location */
#define TELOPT_TTYPE 24 /* terminal type */
#define TELOPT_EOR 25 /* end or record */
#define TELOPT_TUID 26 /* TACACS user identification */
#define TELOPT_OUTMRK 27 /* output marking */
#define TELOPT_TTYLOC 28 /* terminal location number */
#define TELOPT_3270REGIME 29 /* 3270 regime */
#define TELOPT_X3PAD 30 /* X.3 PAD */
#define TELOPT_NAWS 31 /* window size */
#define TELOPT_TSPEED 32 /* terminal speed */
#define TELOPT_LFLOW 33 /* remote flow control */
#define TELOPT_LINEMODE 34 /* Linemode option */
#define TELOPT_XDISPLOC 35 /* X Display Location */
#define TELOPT_OLD_ENVIRON 36 /* Old - Environment variables */
#define TELOPT_AUTHENTICATION 37/* Authenticate */
#define TELOPT_ENCRYPT 38 /* Encryption option */
#define TELOPT_NEW_ENVIRON 39 /* New - Environment variables */
#define TELOPT_EXOPL 255 /* extended-options-list */
#define NTELOPTS (1+TELOPT_NEW_ENVIRON)
#ifdef TELOPTS
char *telopts[NTELOPTS+1] = {
"BINARY", "ECHO", "RCP", "SUPPRESS GO AHEAD", "NAME",
"STATUS", "TIMING MARK", "RCTE", "NAOL", "NAOP",
"NAOCRD", "NAOHTS", "NAOHTD", "NAOFFD", "NAOVTS",
"NAOVTD", "NAOLFD", "EXTEND ASCII", "LOGOUT", "BYTE MACRO",
"DATA ENTRY TERMINAL", "SUPDUP", "SUPDUP OUTPUT",
"SEND LOCATION", "TERMINAL TYPE", "END OF RECORD",
"TACACS UID", "OUTPUT MARKING", "TTYLOC",
"3270 REGIME", "X.3 PAD", "NAWS", "TSPEED", "LFLOW",
"LINEMODE", "XDISPLOC", "OLD-ENVIRON", "AUTHENTICATION",
"ENCRYPT", "NEW-ENVIRON",
0,
};
#define TELOPT_FIRST TELOPT_BINARY
#define TELOPT_LAST TELOPT_NEW_ENVIRON
#define TELOPT_OK(x) ((unsigned int)(x) <= TELOPT_LAST)
#define TELOPT(x) telopts[(x)-TELOPT_FIRST]
#endif
/* sub-option qualifiers */
#define TELQUAL_IS 0 /* option is... */
#define TELQUAL_SEND 1 /* send option */
#define TELQUAL_INFO 2 /* ENVIRON: informational version of IS */
#define TELQUAL_REPLY 2 /* AUTHENTICATION: client version of IS */
#define TELQUAL_NAME 3 /* AUTHENTICATION: client version of IS */
#define LFLOW_OFF 0 /* Disable remote flow control */
#define LFLOW_ON 1 /* Enable remote flow control */
#define LFLOW_RESTART_ANY 2 /* Restart output on any char */
#define LFLOW_RESTART_XON 3 /* Restart output only on XON */
/*
* LINEMODE suboptions
*/
#define LM_MODE 1
#define LM_FORWARDMASK 2
#define LM_SLC 3
#define MODE_EDIT 0x01
#define MODE_TRAPSIG 0x02
#define MODE_ACK 0x04
#define MODE_SOFT_TAB 0x08
#define MODE_LIT_ECHO 0x10
#define MODE_MASK 0x1f
/* Not part of protocol, but needed to simplify things... */
#define MODE_FLOW 0x0100
#define MODE_ECHO 0x0200
#define MODE_INBIN 0x0400
#define MODE_OUTBIN 0x0800
#define MODE_FORCE 0x1000
#define SLC_SYNCH 1
#define SLC_BRK 2
#define SLC_IP 3
#define SLC_AO 4
#define SLC_AYT 5
#define SLC_EOR 6
#define SLC_ABORT 7
#define SLC_EOF 8
#define SLC_SUSP 9
#define SLC_EC 10
#define SLC_EL 11
#define SLC_EW 12
#define SLC_RP 13
#define SLC_LNEXT 14
#define SLC_XON 15
#define SLC_XOFF 16
#define SLC_FORW1 17
#define SLC_FORW2 18
#define NSLC 18
/*
* For backwards compatability, we define SLC_NAMES to be the
* list of names if SLC_NAMES is not defined.
*/
#define SLC_NAMELIST "0", "SYNCH", "BRK", "IP", "AO", "AYT", "EOR", \
"ABORT", "EOF", "SUSP", "EC", "EL", "EW", "RP", \
"LNEXT", "XON", "XOFF", "FORW1", "FORW2", 0,
#ifdef SLC_NAMES
char *slc_names[] = {
SLC_NAMELIST
};
#else
extern char *slc_names[];
#define SLC_NAMES SLC_NAMELIST
#endif
#define SLC_NAME_OK(x) ((unsigned int)(x) <= NSLC)
#define SLC_NAME(x) slc_names[x]
#define SLC_NOSUPPORT 0
#define SLC_CANTCHANGE 1
#define SLC_VARIABLE 2
#define SLC_DEFAULT 3
#define SLC_LEVELBITS 0x03
#define SLC_FUNC 0
#define SLC_FLAGS 1
#define SLC_VALUE 2
#define SLC_ACK 0x80
#define SLC_FLUSHIN 0x40
#define SLC_FLUSHOUT 0x20
#define OLD_ENV_VAR 1
#define OLD_ENV_VALUE 0
#define NEW_ENV_VAR 0
#define NEW_ENV_VALUE 1
#define ENV_ESC 2
#define ENV_USERVAR 3
/*
* AUTHENTICATION suboptions
*/
/*
* Who is authenticating who ...
*/
#define AUTH_WHO_CLIENT 0 /* Client authenticating server */
#define AUTH_WHO_SERVER 1 /* Server authenticating client */
#define AUTH_WHO_MASK 1
/*
* amount of authentication done
*/
#define AUTH_HOW_ONE_WAY 0
#define AUTH_HOW_MUTUAL 2
#define AUTH_HOW_MASK 2
#define AUTHTYPE_NULL 0
#define AUTHTYPE_KERBEROS_V4 1
#define AUTHTYPE_KERBEROS_V5 2
#define AUTHTYPE_SPX 3
#define AUTHTYPE_MINK 4
#define AUTHTYPE_SRA 5
#define AUTHTYPE_CNT 6
/* #define AUTHTYPE_UNSECURE 6 */
#define AUTHTYPE_TEST 99
#ifdef AUTH_NAMES
char *authtype_names[] = {
"NULL", "KERBEROS_V4", "KERBEROS_V5", "SPX", "MINK",
"SRA", 0,
};
#else
extern char *authtype_names[];
#endif
#define AUTHTYPE_NAME_OK(x) ((unsigned int)(x) < AUTHTYPE_CNT)
#define AUTHTYPE_NAME(x) authtype_names[x]
/*
* ENCRYPTion suboptions
*/
#define ENCRYPT_IS 0 /* I pick encryption type ... */
#define ENCRYPT_SUPPORT 1 /* I support encryption types ... */
#define ENCRYPT_REPLY 2 /* Initial setup response */
#define ENCRYPT_START 3 /* Am starting to send encrypted */
#define ENCRYPT_END 4 /* Am ending encrypted */
#define ENCRYPT_REQSTART 5 /* Request you start encrypting */
#define ENCRYPT_REQEND 6 /* Request you send encrypting */
#define ENCRYPT_ENC_KEYID 7
#define ENCRYPT_DEC_KEYID 8
#define ENCRYPT_CNT 9
#define ENCTYPE_ANY 0
#define ENCTYPE_DES_CFB64 1
#define ENCTYPE_DES_OFB64 2
#define ENCTYPE_CNT 3
#ifdef ENCRYPT_NAMES
char *encrypt_names[] = {
"IS", "SUPPORT", "REPLY", "START", "END",
"REQUEST-START", "REQUEST-END", "ENC-KEYID", "DEC-KEYID",
0,
};
char *enctype_names[] = {
"ANY", "DES_CFB64", "DES_OFB64", 0,
};
#else
extern char *encrypt_names[];
extern char *enctype_names[];
#endif
#define ENCRYPT_NAME_OK(x) ((unsigned int)(x) < ENCRYPT_CNT)
#define ENCRYPT_NAME(x) encrypt_names[x]
#define ENCTYPE_NAME_OK(x) ((unsigned int)(x) < ENCTYPE_CNT)
#define ENCTYPE_NAME(x) enctype_names[x]
#endif /* !_TELNET_H_ */

24
crypto/heimdal/appl/telnet/libtelnet/Makefile.am Normal file
View File

@ -0,0 +1,24 @@
# $Id: Makefile.am,v 1.8 1999/03/20 13:58:15 joda Exp $
include $(top_srcdir)/Makefile.am.common
INCLUDES += -I$(srcdir)/.. $(INCLUDE_krb4)
noinst_LIBRARIES = libtelnet.a
libtelnet_a_SOURCES = \
auth-proto.h \
auth.c \
auth.h \
enc-proto.h \
enc_des.c \
encrypt.c \
encrypt.h \
genget.c \
kerberos.c \
kerberos5.c \
misc-proto.h \
misc.c \
misc.h
EXTRA_DIST = krb4encpwd.c rsaencpwd.c spx.c

615
crypto/heimdal/appl/telnet/libtelnet/Makefile.in Normal file
View File

@ -0,0 +1,615 @@
# Makefile.in generated automatically by automake 1.4 from Makefile.am
# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
# $Id: Makefile.am,v 1.8 1999/03/20 13:58:15 joda Exp $
# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
SHELL = @SHELL@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = @bindir@
sbindir = @sbindir@
libexecdir = @libexecdir@
datadir = @datadir@
sysconfdir = @sysconfdir@
sharedstatedir = @sharedstatedir@
localstatedir = @localstatedir@
libdir = @libdir@
infodir = @infodir@
mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
DESTDIR =
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ../../..
ACLOCAL = @ACLOCAL@
AUTOCONF = @AUTOCONF@
AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
transform = @program_transform_name@
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
host_alias = @host_alias@
host_triplet = @host@
AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
DBLIB = @DBLIB@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
INCLUDE_ = @INCLUDE_@
LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
NM = @NM@
NROFF = @NROFF@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
INCLUDES = -I$(top_builddir)/include -I$(srcdir)/.. $(INCLUDE_krb4)
AM_CFLAGS = $(WFLAGS)
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
LIB_XauReadAuth = @LIB_XauReadAuth@
LIB_crypt = @LIB_crypt@
LIB_dbm_firstkey = @LIB_dbm_firstkey@
LIB_dbopen = @LIB_dbopen@
LIB_dlopen = @LIB_dlopen@
LIB_dn_expand = @LIB_dn_expand@
LIB_el_init = @LIB_el_init@
LIB_getattr = @LIB_getattr@
LIB_gethostbyname = @LIB_gethostbyname@
LIB_getpwent_r = @LIB_getpwent_r@
LIB_getpwnam_r = @LIB_getpwnam_r@
LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
LIB_setsockopt = @LIB_setsockopt@
LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
cat1dir = $(mandir)/cat1
cat3dir = $(mandir)/cat3
cat5dir = $(mandir)/cat5
cat8dir = $(mandir)/cat8
MANRX = \(.*\)\.\([0-9]\)
CATSUFFIX = @CATSUFFIX@
NROFF_MAN = groff -mandoc -Tascii
@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
noinst_LIBRARIES = libtelnet.a
libtelnet_a_SOURCES = auth-proto.h auth.c auth.h enc-proto.h enc_des.c encrypt.c encrypt.h genget.c kerberos.c kerberos5.c misc-proto.h misc.c misc.h
EXTRA_DIST = krb4encpwd.c rsaencpwd.c spx.c
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../../include/config.h
CONFIG_CLEAN_FILES =
LIBRARIES = $(noinst_LIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
libtelnet_a_LIBADD =
libtelnet_a_OBJECTS = auth.$(OBJEXT) enc_des.$(OBJEXT) \
encrypt.$(OBJEXT) genget.$(OBJEXT) kerberos.$(OBJEXT) \
kerberos5.$(OBJEXT) misc.$(OBJEXT)
AR = ar
CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
DIST_COMMON = Makefile.am Makefile.in
DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
TAR = tar
GZIP_ENV = --best
SOURCES = $(libtelnet_a_SOURCES)
OBJECTS = $(libtelnet_a_OBJECTS)
all: all-redirect
.SUFFIXES:
.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/telnet/libtelnet/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
cd $(top_builddir) \
&& CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
mostlyclean-noinstLIBRARIES:
clean-noinstLIBRARIES:
-test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES)
distclean-noinstLIBRARIES:
maintainer-clean-noinstLIBRARIES:
.c.o:
$(COMPILE) -c $<
# FIXME: We should only use cygpath when building on Windows,
# and only if it is available.
.c.obj:
$(COMPILE) -c `cygpath -w $<`
.s.o:
$(COMPILE) -c $<
.S.o:
$(COMPILE) -c $<
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
clean-compile:
distclean-compile:
-rm -f *.tab.c
maintainer-clean-compile:
.c.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
.s.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
.S.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
distclean-libtool:
maintainer-clean-libtool:
libtelnet.a: $(libtelnet_a_OBJECTS) $(libtelnet_a_DEPENDENCIES)
-rm -f libtelnet.a
$(AR) cru libtelnet.a $(libtelnet_a_OBJECTS) $(libtelnet_a_LIBADD)
$(RANLIB) libtelnet.a
tags: TAGS
ID: $(HEADERS) $(SOURCES) $(LISP)
list='$(SOURCES) $(HEADERS)'; \
unique=`for i in $$list; do echo $$i; done | \
awk ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
here=`pwd` && cd $(srcdir) \
&& mkid -f$$here/ID $$unique $(LISP)
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS)'; \
unique=`for i in $$list; do echo $$i; done | \
awk ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
|| (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
mostlyclean-tags:
clean-tags:
distclean-tags:
-rm -f TAGS ID
maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
subdir = appl/telnet/libtelnet
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
cp -pr $$/$$file $(distdir)/$$file; \
else \
test -f $(distdir)/$$file \
|| ln $$d/$$file $(distdir)/$$file 2> /dev/null \
|| cp -p $$d/$$file $(distdir)/$$file || :; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
info-am:
info: info-am
dvi-am:
dvi: dvi-am
check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) check-local
check: check-am
installcheck-am:
installcheck: installcheck-am
install-exec-am:
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
install-exec: install-exec-am
install-data-am: install-data-local
install-data: install-data-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
install: install-am
uninstall-am:
uninstall: uninstall-am
all-am: Makefile $(LIBRARIES) all-local
all-redirect: all-am
install-strip:
$(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
installdirs:
mostlyclean-generic:
clean-generic:
distclean-generic:
-rm -f Makefile $(CONFIG_CLEAN_FILES)
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
mostlyclean-am: mostlyclean-noinstLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-tags \
mostlyclean-generic
mostlyclean: mostlyclean-am
clean-am: clean-noinstLIBRARIES clean-compile clean-libtool clean-tags \
clean-generic mostlyclean-am
clean: clean-am
distclean-am: distclean-noinstLIBRARIES distclean-compile \
distclean-libtool distclean-tags distclean-generic \
clean-am
-rm -f libtool
distclean: distclean-am
maintainer-clean-am: maintainer-clean-noinstLIBRARIES \
maintainer-clean-compile maintainer-clean-libtool \
maintainer-clean-tags maintainer-clean-generic \
distclean-am
@echo "This command is intended for maintainers to use;"
@echo "it deletes files that may require special tools to rebuild."
maintainer-clean: maintainer-clean-am
.PHONY: mostlyclean-noinstLIBRARIES distclean-noinstLIBRARIES \
clean-noinstLIBRARIES maintainer-clean-noinstLIBRARIES \
mostlyclean-compile distclean-compile clean-compile \
maintainer-clean-compile mostlyclean-libtool distclean-libtool \
clean-libtool maintainer-clean-libtool tags mostlyclean-tags \
distclean-tags clean-tags maintainer-clean-tags distdir info-am info \
dvi-am dvi check-local check check-am installcheck-am installcheck \
install-exec-am install-exec install-data-local install-data-am \
install-data install-am install uninstall-am uninstall all-local \
all-redirect all-am all installdirs mostlyclean-generic \
distclean-generic clean-generic maintainer-clean-generic clean \
mostlyclean distclean maintainer-clean
install-suid-programs:
@foo='$(bin_SUIDS)'; \
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
chmod 0 $$x; fi; done
install-exec-hook: install-suid-programs
install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
@foo='$(include_HEADERS) $(build_HEADERZ)'; \
for f in $$foo; do \
f=`basename $$f`; \
if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
echo " cp $$file $(buildinclude)/$$f"; \
cp $$file $(buildinclude)/$$f; \
fi ; \
done
all-local: install-build-headers
#NROFF_MAN = nroff -man
.1.cat1:
$(NROFF_MAN) $< > $@
.3.cat3:
$(NROFF_MAN) $< > $@
.5.cat5:
$(NROFF_MAN) $< > $@
.8.cat8:
$(NROFF_MAN) $< > $@
dist-cat1-mans:
@foo='$(man1_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.1) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat3-mans:
@foo='$(man3_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.3) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat5-mans:
@foo='$(man5_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.5) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat8-mans:
@foo='$(man8_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.8) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
install-cat1-mans:
@ext=1;\
foo='$(man1_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.1) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat1dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat3-mans:
@ext=3;\
foo='$(man3_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.3) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat3dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat5-mans:
@ext=5;\
foo='$(man5_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.5) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat5dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat8-mans:
@ext=8;\
foo='$(man8_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.8) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat8dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
install-data-local: install-cat-mans
.et.h:
$(COMPILE_ET) $<
.et.c:
$(COMPILE_ET) $<
.x.c:
@cmp -s $< $@ 2> /dev/null || cp $< $@
check-local::
@foo='$(CHECK_LOCAL)'; \
if test "$$foo"; then \
failed=0; all=0; \
for i in $$foo; do \
all=`expr $$all + 1`; \
if ./$$i --version > /dev/null 2>&1; then \
echo "PASS: $$i"; \
else \
echo "FAIL: $$i"; \
failed=`expr $$failed + 1`; \
fi; \
done; \
if test "$$failed" -eq 0; then \
banner="All $$all tests passed"; \
else \
banner="$$failed of $$all tests failed"; \
fi; \
dashes=`echo "$$banner" | sed s/./=/g`; \
echo "$$dashes"; \
echo "$$banner"; \
echo "$$dashes"; \
test "$$failed" -eq 0; \
fi
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

122
crypto/heimdal/appl/telnet/libtelnet/auth-proto.h Normal file
View File

@ -0,0 +1,122 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)auth-proto.h 8.1 (Berkeley) 6/4/93
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
/* $Id: auth-proto.h,v 1.10 2000/01/18 03:08:55 assar Exp $ */
#ifdef AUTHENTICATION
Authenticator *findauthenticator (int, int);
int auth_wait (char *, size_t);
void auth_disable_name (char *);
void auth_finished (Authenticator *, int);
void auth_gen_printsub (unsigned char *, int, unsigned char *, int);
void auth_init (const char *, int);
void auth_is (unsigned char *, int);
void auth_name(unsigned char*, int);
void auth_reply (unsigned char *, int);
void auth_request (void);
void auth_send (unsigned char *, int);
void auth_send_retry (void);
void auth_printsub(unsigned char*, int, unsigned char*, int);
int getauthmask(char *type, int *maskp);
int auth_enable(char *type);
int auth_disable(char *type);
int auth_onoff(char *type, int on);
int auth_togdebug(int on);
int auth_status(void);
int auth_sendname(unsigned char *cp, int len);
void auth_debug(int mode);
void auth_gen_printsub(unsigned char *data, int cnt,
unsigned char *buf, int buflen);
#ifdef UNSAFE
int unsafe_init (Authenticator *, int);
int unsafe_send (Authenticator *);
void unsafe_is (Authenticator *, unsigned char *, int);
void unsafe_reply (Authenticator *, unsigned char *, int);
int unsafe_status (Authenticator *, char *, int);
void unsafe_printsub (unsigned char *, int, unsigned char *, int);
#endif
#ifdef SRA
int sra_init (Authenticator *, int);
int sra_send (Authenticator *);
void sra_is (Authenticator *, unsigned char *, int);
void sra_reply (Authenticator *, unsigned char *, int);
int sra_status (Authenticator *, char *, int);
void sra_printsub (unsigned char *, int, unsigned char *, int);
#endif
#ifdef KRB4
int kerberos4_init (Authenticator *, int);
int kerberos4_send_mutual (Authenticator *);
int kerberos4_send_oneway (Authenticator *);
void kerberos4_is (Authenticator *, unsigned char *, int);
void kerberos4_reply (Authenticator *, unsigned char *, int);
int kerberos4_status (Authenticator *, char *, size_t, int);
void kerberos4_printsub (unsigned char *, int, unsigned char *, int);
int kerberos4_forward(Authenticator *ap, void *);
#endif
#ifdef KRB5
int kerberos5_init (Authenticator *, int);
int kerberos5_send_mutual (Authenticator *);
int kerberos5_send_oneway (Authenticator *);
void kerberos5_is (Authenticator *, unsigned char *, int);
void kerberos5_reply (Authenticator *, unsigned char *, int);
int kerberos5_status (Authenticator *, char *, size_t, int);
void kerberos5_printsub (unsigned char *, int, unsigned char *, int);
#endif
#endif

657
crypto/heimdal/appl/telnet/libtelnet/auth.c Normal file
View File

@ -0,0 +1,657 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
#include <config.h>
RCSID("$Id: auth.c,v 1.23 2000/01/18 03:09:34 assar Exp $");
#if defined(AUTHENTICATION)
#include <stdio.h>
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#include <signal.h>
#define AUTH_NAMES
#ifdef HAVE_ARPA_TELNET_H
#include <arpa/telnet.h>
#endif
#include <stdlib.h>
#include <string.h>
#include <roken.h>
#ifdef SOCKS
#include <socks.h>
#endif
#include "encrypt.h"
#include "auth.h"
#include "misc-proto.h"
#include "auth-proto.h"
#define typemask(x) (1<<((x)-1))
#ifdef KRB4_ENCPWD
extern krb4encpwd_init();
extern krb4encpwd_send();
extern krb4encpwd_is();
extern krb4encpwd_reply();
extern krb4encpwd_status();
extern krb4encpwd_printsub();
#endif
#ifdef RSA_ENCPWD
extern rsaencpwd_init();
extern rsaencpwd_send();
extern rsaencpwd_is();
extern rsaencpwd_reply();
extern rsaencpwd_status();
extern rsaencpwd_printsub();
#endif
int auth_debug_mode = 0;
static const char *Name = "Noname";
static int Server = 0;
static Authenticator *authenticated = 0;
static int authenticating = 0;
static int validuser = 0;
static unsigned char _auth_send_data[256];
static unsigned char *auth_send_data;
static int auth_send_cnt = 0;
/*
* Authentication types supported. Plese note that these are stored
* in priority order, i.e. try the first one first.
*/
Authenticator authenticators[] = {
#ifdef UNSAFE
{ AUTHTYPE_UNSAFE, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
unsafe_init,
unsafe_send,
unsafe_is,
unsafe_reply,
unsafe_status,
unsafe_printsub },
#endif
#ifdef SRA
{ AUTHTYPE_SRA, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
sra_init,
sra_send,
sra_is,
sra_reply,
sra_status,
sra_printsub },
#endif
#ifdef SPX
{ AUTHTYPE_SPX, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL,
spx_init,
spx_send,
spx_is,
spx_reply,
spx_status,
spx_printsub },
{ AUTHTYPE_SPX, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
spx_init,
spx_send,
spx_is,
spx_reply,
spx_status,
spx_printsub },
#endif
#ifdef KRB5
{ AUTHTYPE_KERBEROS_V5, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL,
kerberos5_init,
kerberos5_send_mutual,
kerberos5_is,
kerberos5_reply,
kerberos5_status,
kerberos5_printsub },
{ AUTHTYPE_KERBEROS_V5, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
kerberos5_init,
kerberos5_send_oneway,
kerberos5_is,
kerberos5_reply,
kerberos5_status,
kerberos5_printsub },
#endif
#ifdef KRB4
{ AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL,
kerberos4_init,
kerberos4_send_mutual,
kerberos4_is,
kerberos4_reply,
kerberos4_status,
kerberos4_printsub },
{ AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
kerberos4_init,
kerberos4_send_oneway,
kerberos4_is,
kerberos4_reply,
kerberos4_status,
kerberos4_printsub },
#endif
#ifdef KRB4_ENCPWD
{ AUTHTYPE_KRB4_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL,
krb4encpwd_init,
krb4encpwd_send,
krb4encpwd_is,
krb4encpwd_reply,
krb4encpwd_status,
krb4encpwd_printsub },
#endif
#ifdef RSA_ENCPWD
{ AUTHTYPE_RSA_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY,
rsaencpwd_init,
rsaencpwd_send,
rsaencpwd_is,
rsaencpwd_reply,
rsaencpwd_status,
rsaencpwd_printsub },
#endif
{ 0, },
};
static Authenticator NoAuth = { 0 };
static int i_support = 0;
static int i_wont_support = 0;
Authenticator *
findauthenticator(int type, int way)
{
Authenticator *ap = authenticators;
while (ap->type && (ap->type != type || ap->way != way))
++ap;
return(ap->type ? ap : 0);
}
void
auth_init(const char *name, int server)
{
Authenticator *ap = authenticators;
Server = server;
Name = name;
i_support = 0;
authenticated = 0;
authenticating = 0;
while (ap->type) {
if (!ap->init || (*ap->init)(ap, server)) {
i_support |= typemask(ap->type);
if (auth_debug_mode)
printf(">>>%s: I support auth type %d %d\r\n",
Name,
ap->type, ap->way);
}
else if (auth_debug_mode)
printf(">>>%s: Init failed: auth type %d %d\r\n",
Name, ap->type, ap->way);
++ap;
}
}
void
auth_disable_name(char *name)
{
int x;
for (x = 0; x < AUTHTYPE_CNT; ++x) {
if (!strcasecmp(name, AUTHTYPE_NAME(x))) {
i_wont_support |= typemask(x);
break;
}
}
}
int
getauthmask(char *type, int *maskp)
{
int x;
if (!strcasecmp(type, AUTHTYPE_NAME(0))) {
*maskp = -1;
return(1);
}
for (x = 1; x < AUTHTYPE_CNT; ++x) {
if (!strcasecmp(type, AUTHTYPE_NAME(x))) {
*maskp = typemask(x);
return(1);
}
}
return(0);
}
int
auth_enable(char *type)
{
return(auth_onoff(type, 1));
}
int
auth_disable(char *type)
{
return(auth_onoff(type, 0));
}
int
auth_onoff(char *type, int on)
{
int i, mask = -1;
Authenticator *ap;
if (!strcasecmp(type, "?") || !strcasecmp(type, "help")) {
printf("auth %s 'type'\n", on ? "enable" : "disable");
printf("Where 'type' is one of:\n");
printf("\t%s\n", AUTHTYPE_NAME(0));
mask = 0;
for (ap = authenticators; ap->type; ap++) {
if ((mask & (i = typemask(ap->type))) != 0)
continue;
mask |= i;
printf("\t%s\n", AUTHTYPE_NAME(ap->type));
}
return(0);
}
if (!getauthmask(type, &mask)) {
printf("%s: invalid authentication type\n", type);
return(0);
}
if (on)
i_wont_support &= ~mask;
else
i_wont_support |= mask;
return(1);
}
int
auth_togdebug(int on)
{
if (on < 0)
auth_debug_mode ^= 1;
else
auth_debug_mode = on;
printf("auth debugging %s\n", auth_debug_mode ? "enabled" : "disabled");
return(1);
}
int
auth_status(void)
{
Authenticator *ap;
int i, mask;
if (i_wont_support == -1)
printf("Authentication disabled\n");
else
printf("Authentication enabled\n");
mask = 0;
for (ap = authenticators; ap->type; ap++) {
if ((mask & (i = typemask(ap->type))) != 0)
continue;
mask |= i;
printf("%s: %s\n", AUTHTYPE_NAME(ap->type),
(i_wont_support & typemask(ap->type)) ?
"disabled" : "enabled");
}
return(1);
}
/*
* This routine is called by the server to start authentication
* negotiation.
*/
void
auth_request(void)
{
static unsigned char str_request[64] = { IAC, SB,
TELOPT_AUTHENTICATION,
TELQUAL_SEND, };
Authenticator *ap = authenticators;
unsigned char *e = str_request + 4;
if (!authenticating) {
authenticating = 1;
while (ap->type) {
if (i_support & ~i_wont_support & typemask(ap->type)) {
if (auth_debug_mode) {
printf(">>>%s: Sending type %d %d\r\n",
Name, ap->type, ap->way);
}
*e++ = ap->type;
*e++ = ap->way;
}
++ap;
}
*e++ = IAC;
*e++ = SE;
telnet_net_write(str_request, e - str_request);
printsub('>', &str_request[2], e - str_request - 2);
}
}
/*
* This is called when an AUTH SEND is received.
* It should never arrive on the server side (as only the server can
* send an AUTH SEND).
* You should probably respond to it if you can...
*
* If you want to respond to the types out of order (i.e. even
* if he sends LOGIN KERBEROS and you support both, you respond
* with KERBEROS instead of LOGIN (which is against what the
* protocol says)) you will have to hack this code...
*/
void
auth_send(unsigned char *data, int cnt)
{
Authenticator *ap;
static unsigned char str_none[] = { IAC, SB, TELOPT_AUTHENTICATION,
TELQUAL_IS, AUTHTYPE_NULL, 0,
IAC, SE };
if (Server) {
if (auth_debug_mode) {
printf(">>>%s: auth_send called!\r\n", Name);
}
return;
}
if (auth_debug_mode) {
printf(">>>%s: auth_send got:", Name);
printd(data, cnt); printf("\r\n");
}
/*
* Save the data, if it is new, so that we can continue looking
* at it if the authorization we try doesn't work
*/
if (data < _auth_send_data ||
data > _auth_send_data + sizeof(_auth_send_data)) {
auth_send_cnt = cnt > sizeof(_auth_send_data)
? sizeof(_auth_send_data)
: cnt;
memmove(_auth_send_data, data, auth_send_cnt);
auth_send_data = _auth_send_data;
} else {
/*
* This is probably a no-op, but we just make sure
*/
auth_send_data = data;
auth_send_cnt = cnt;
}
while ((auth_send_cnt -= 2) >= 0) {
if (auth_debug_mode)
printf(">>>%s: He supports %d\r\n",
Name, *auth_send_data);
if ((i_support & ~i_wont_support) & typemask(*auth_send_data)) {
ap = findauthenticator(auth_send_data[0],
auth_send_data[1]);
if (ap && ap->send) {
if (auth_debug_mode)
printf(">>>%s: Trying %d %d\r\n",
Name, auth_send_data[0],
auth_send_data[1]);
if ((*ap->send)(ap)) {
/*
* Okay, we found one we like
* and did it.
* we can go home now.
*/
if (auth_debug_mode)
printf(">>>%s: Using type %d\r\n",
Name, *auth_send_data);
auth_send_data += 2;
return;
}
}
/* else
* just continue on and look for the
* next one if we didn't do anything.
*/
}
auth_send_data += 2;
}
telnet_net_write(str_none, sizeof(str_none));
printsub('>', &str_none[2], sizeof(str_none) - 2);
if (auth_debug_mode)
printf(">>>%s: Sent failure message\r\n", Name);
auth_finished(0, AUTH_REJECT);
#ifdef KANNAN
/*
* We requested strong authentication, however no mechanisms worked.
* Therefore, exit on client end.
*/
printf("Unable to securely authenticate user ... exit\n");
exit(0);
#endif /* KANNAN */
}
void
auth_send_retry(void)
{
/*
* if auth_send_cnt <= 0 then auth_send will end up rejecting
* the authentication and informing the other side of this.
*/
auth_send(auth_send_data, auth_send_cnt);
}
void
auth_is(unsigned char *data, int cnt)
{
Authenticator *ap;
if (cnt < 2)
return;
if (data[0] == AUTHTYPE_NULL) {
auth_finished(0, AUTH_REJECT);
return;
}
if ((ap = findauthenticator(data[0], data[1]))) {
if (ap->is)
(*ap->is)(ap, data+2, cnt-2);
} else if (auth_debug_mode)
printf(">>>%s: Invalid authentication in IS: %d\r\n",
Name, *data);
}
void
auth_reply(unsigned char *data, int cnt)
{
Authenticator *ap;
if (cnt < 2)
return;
if ((ap = findauthenticator(data[0], data[1]))) {
if (ap->reply)
(*ap->reply)(ap, data+2, cnt-2);
} else if (auth_debug_mode)
printf(">>>%s: Invalid authentication in SEND: %d\r\n",
Name, *data);
}
void
auth_name(unsigned char *data, int cnt)
{
char savename[256];
if (cnt < 1) {
if (auth_debug_mode)
printf(">>>%s: Empty name in NAME\r\n", Name);
return;
}
if (cnt > sizeof(savename) - 1) {
if (auth_debug_mode)
printf(">>>%s: Name in NAME (%d) exceeds %lu length\r\n",
Name, cnt, (unsigned long)(sizeof(savename)-1));
return;
}
memmove(savename, data, cnt);
savename[cnt] = '\0'; /* Null terminate */
if (auth_debug_mode)
printf(">>>%s: Got NAME [%s]\r\n", Name, savename);
auth_encrypt_user(savename);
}
int
auth_sendname(unsigned char *cp, int len)
{
static unsigned char str_request[256+6]
= { IAC, SB, TELOPT_AUTHENTICATION, TELQUAL_NAME, };
unsigned char *e = str_request + 4;
unsigned char *ee = &str_request[sizeof(str_request)-2];
while (--len >= 0) {
if ((*e++ = *cp++) == IAC)
*e++ = IAC;
if (e >= ee)
return(0);
}
*e++ = IAC;
*e++ = SE;
telnet_net_write(str_request, e - str_request);
printsub('>', &str_request[2], e - &str_request[2]);
return(1);
}
void
auth_finished(Authenticator *ap, int result)
{
if (!(authenticated = ap))
authenticated = &NoAuth;
validuser = result;
}
/* ARGSUSED */
static void
auth_intr(int sig)
{
auth_finished(0, AUTH_REJECT);
}
int
auth_wait(char *name, size_t name_sz)
{
if (auth_debug_mode)
printf(">>>%s: in auth_wait.\r\n", Name);
if (Server && !authenticating)
return(0);
signal(SIGALRM, auth_intr);
alarm(30);
while (!authenticated)
if (telnet_spin())
break;
alarm(0);
signal(SIGALRM, SIG_DFL);
/*
* Now check to see if the user is valid or not
*/
if (!authenticated || authenticated == &NoAuth)
return(AUTH_REJECT);
if (validuser == AUTH_VALID)
validuser = AUTH_USER;
if (authenticated->status)
validuser = (*authenticated->status)(authenticated,
name, name_sz,
validuser);
return(validuser);
}
void
auth_debug(int mode)
{
auth_debug_mode = mode;
}
void
auth_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen)
{
Authenticator *ap;
if ((ap = findauthenticator(data[1], data[2])) && ap->printsub)
(*ap->printsub)(data, cnt, buf, buflen);
else
auth_gen_printsub(data, cnt, buf, buflen);
}
void
auth_gen_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen)
{
unsigned char *cp;
unsigned char tbuf[16];
cnt -= 3;
data += 3;
buf[buflen-1] = '\0';
buf[buflen-2] = '*';
buflen -= 2;
for (; cnt > 0; cnt--, data++) {
snprintf(tbuf, sizeof(tbuf), " %d", *data);
for (cp = tbuf; *cp && buflen > 0; --buflen)
*buf++ = *cp++;
if (buflen <= 0)
return;
}
*buf = '\0';
}
#endif

81
crypto/heimdal/appl/telnet/libtelnet/auth.h Normal file
View File

@ -0,0 +1,81 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)auth.h 8.1 (Berkeley) 6/4/93
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
/* $Id: auth.h,v 1.4 1998/06/09 19:24:41 joda Exp $ */
#ifndef __AUTH__
#define __AUTH__
#define AUTH_REJECT 0 /* Rejected */
#define AUTH_UNKNOWN 1 /* We don't know who he is, but he's okay */
#define AUTH_OTHER 2 /* We know him, but not his name */
#define AUTH_USER 3 /* We know he name */
#define AUTH_VALID 4 /* We know him, and he needs no password */
typedef struct XauthP {
int type;
int way;
int (*init) (struct XauthP *, int);
int (*send) (struct XauthP *);
void (*is) (struct XauthP *, unsigned char *, int);
void (*reply) (struct XauthP *, unsigned char *, int);
int (*status) (struct XauthP *, char *, size_t, int);
void (*printsub) (unsigned char *, int, unsigned char *, int);
} Authenticator;
#include "auth-proto.h"
extern int auth_debug_mode;
#endif

132
crypto/heimdal/appl/telnet/libtelnet/enc-proto.h Normal file
View File

@ -0,0 +1,132 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)enc-proto.h 8.1 (Berkeley) 6/4/93
*
* @(#)enc-proto.h 5.2 (Berkeley) 3/22/91
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
/* $Id: enc-proto.h,v 1.10 2000/01/18 03:09:56 assar Exp $ */
#if defined(ENCRYPTION)
Encryptions *findencryption (int);
Encryptions *finddecryption(int);
int EncryptAutoDec(int);
int EncryptAutoEnc(int);
int EncryptDebug(int);
int EncryptDisable(char*, char*);
int EncryptEnable(char*, char*);
int EncryptStart(char*);
int EncryptStartInput(void);
int EncryptStartOutput(void);
int EncryptStatus(void);
int EncryptStop(char*);
int EncryptStopInput(void);
int EncryptStopOutput(void);
int EncryptType(char*, char*);
int EncryptVerbose(int);
void decrypt_auto(int);
void encrypt_auto(int);
void encrypt_debug(int);
void encrypt_dec_keyid(unsigned char*, int);
void encrypt_display(void);
void encrypt_enc_keyid(unsigned char*, int);
void encrypt_end(void);
void encrypt_gen_printsub(unsigned char*, int, unsigned char*, int);
void encrypt_init(const char*, int);
void encrypt_is(unsigned char*, int);
void encrypt_list_types(void);
void encrypt_not(void);
void encrypt_printsub(unsigned char*, int, unsigned char*, int);
void encrypt_reply(unsigned char*, int);
void encrypt_request_end(void);
void encrypt_request_start(unsigned char*, int);
void encrypt_send_end(void);
void encrypt_send_keyid(int, unsigned char*, int, int);
void encrypt_send_request_end(void);
void encrypt_send_request_start(void);
void encrypt_send_support(void);
void encrypt_session_key(Session_Key*, int);
void encrypt_start(unsigned char*, int);
void encrypt_start_output(int);
void encrypt_support(unsigned char*, int);
void encrypt_verbose_quiet(int);
void encrypt_wait(void);
int encrypt_delay(void);
#ifdef TELENTD
void encrypt_wait (void);
#else
void encrypt_display (void);
#endif
void cfb64_encrypt (unsigned char *, int);
int cfb64_decrypt (int);
void cfb64_init (int);
int cfb64_start (int, int);
int cfb64_is (unsigned char *, int);
int cfb64_reply (unsigned char *, int);
void cfb64_session (Session_Key *, int);
int cfb64_keyid (int, unsigned char *, int *);
void cfb64_printsub (unsigned char *, int, unsigned char *, int);
void ofb64_encrypt (unsigned char *, int);
int ofb64_decrypt (int);
void ofb64_init (int);
int ofb64_start (int, int);
int ofb64_is (unsigned char *, int);
int ofb64_reply (unsigned char *, int);
void ofb64_session (Session_Key *, int);
int ofb64_keyid (int, unsigned char *, int *);
void ofb64_printsub (unsigned char *, int, unsigned char *, int);
#endif

671
crypto/heimdal/appl/telnet/libtelnet/enc_des.c Normal file
View File

@ -0,0 +1,671 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
RCSID("$Id: enc_des.c,v 1.16 1998/07/09 23:16:23 assar Exp $");
#if defined(AUTHENTICATION) && defined(ENCRYPTION) && defined(DES_ENCRYPTION)
#include <arpa/telnet.h>
#include <stdio.h>
#ifdef __STDC__
#include <stdlib.h>
#include <string.h>
#endif
#include <roken.h>
#ifdef SOCKS
#include <socks.h>
#endif
#include "encrypt.h"
#include "misc-proto.h"
#include <des.h>
extern int encrypt_debug_mode;
#define CFB 0
#define OFB 1
#define NO_SEND_IV 1
#define NO_RECV_IV 2
#define NO_KEYID 4
#define IN_PROGRESS (NO_SEND_IV|NO_RECV_IV|NO_KEYID)
#define SUCCESS 0
#define FAILED -1
struct stinfo {
des_cblock str_output;
des_cblock str_feed;
des_cblock str_iv;
des_cblock str_ikey;
des_key_schedule str_sched;
int str_index;
int str_flagshift;
};
struct fb {
des_cblock krbdes_key;
des_key_schedule krbdes_sched;
des_cblock temp_feed;
unsigned char fb_feed[64];
int need_start;
int state[2];
int keyid[2];
int once;
struct stinfo streams[2];
};
static struct fb fb[2];
struct keyidlist {
char *keyid;
int keyidlen;
char *key;
int keylen;
int flags;
} keyidlist [] = {
{ "\0", 1, 0, 0, 0 }, /* default key of zero */
{ 0, 0, 0, 0, 0 }
};
#define KEYFLAG_MASK 03
#define KEYFLAG_NOINIT 00
#define KEYFLAG_INIT 01
#define KEYFLAG_OK 02
#define KEYFLAG_BAD 03
#define KEYFLAG_SHIFT 2
#define SHIFT_VAL(a,b) (KEYFLAG_SHIFT*((a)+((b)*2)))
#define FB64_IV 1
#define FB64_IV_OK 2
#define FB64_IV_BAD 3
void fb64_stream_iv (des_cblock, struct stinfo *);
void fb64_init (struct fb *);
static int fb64_start (struct fb *, int, int);
int fb64_is (unsigned char *, int, struct fb *);
int fb64_reply (unsigned char *, int, struct fb *);
static void fb64_session (Session_Key *, int, struct fb *);
void fb64_stream_key (des_cblock, struct stinfo *);
int fb64_keyid (int, unsigned char *, int *, struct fb *);
void cfb64_init(int server)
{
fb64_init(&fb[CFB]);
fb[CFB].fb_feed[4] = ENCTYPE_DES_CFB64;
fb[CFB].streams[0].str_flagshift = SHIFT_VAL(0, CFB);
fb[CFB].streams[1].str_flagshift = SHIFT_VAL(1, CFB);
}
void ofb64_init(int server)
{
fb64_init(&fb[OFB]);
fb[OFB].fb_feed[4] = ENCTYPE_DES_OFB64;
fb[CFB].streams[0].str_flagshift = SHIFT_VAL(0, OFB);
fb[CFB].streams[1].str_flagshift = SHIFT_VAL(1, OFB);
}
void fb64_init(struct fb *fbp)
{
memset(fbp,0, sizeof(*fbp));
fbp->state[0] = fbp->state[1] = FAILED;
fbp->fb_feed[0] = IAC;
fbp->fb_feed[1] = SB;
fbp->fb_feed[2] = TELOPT_ENCRYPT;
fbp->fb_feed[3] = ENCRYPT_IS;
}
/*
* Returns:
* -1: some error. Negotiation is done, encryption not ready.
* 0: Successful, initial negotiation all done.
* 1: successful, negotiation not done yet.
* 2: Not yet. Other things (like getting the key from
* Kerberos) have to happen before we can continue.
*/
int cfb64_start(int dir, int server)
{
return(fb64_start(&fb[CFB], dir, server));
}
int ofb64_start(int dir, int server)
{
return(fb64_start(&fb[OFB], dir, server));
}
static int fb64_start(struct fb *fbp, int dir, int server)
{
int x;
unsigned char *p;
int state;
switch (dir) {
case DIR_DECRYPT:
/*
* This is simply a request to have the other side
* start output (our input). He will negotiate an
* IV so we need not look for it.
*/
state = fbp->state[dir-1];
if (state == FAILED)
state = IN_PROGRESS;
break;
case DIR_ENCRYPT:
state = fbp->state[dir-1];
if (state == FAILED)
state = IN_PROGRESS;
else if ((state & NO_SEND_IV) == 0) {
break;
}
if (!VALIDKEY(fbp->krbdes_key)) {
fbp->need_start = 1;
break;
}
state &= ~NO_SEND_IV;
state |= NO_RECV_IV;
if (encrypt_debug_mode)
printf("Creating new feed\r\n");
/*
* Create a random feed and send it over.
*/
#ifndef OLD_DES_RANDOM_KEY
des_new_random_key(&fbp->temp_feed);
#else
/*
* From des_cryp.man "If the des_check_key flag is non-zero,
* des_set_key will check that the key passed is
* of odd parity and is not a week or semi-weak key."
*/
do {
des_random_key(fbp->temp_feed);
des_set_odd_parity(fbp->temp_feed);
} while (des_is_weak_key(fbp->temp_feed));
#endif
des_ecb_encrypt(&fbp->temp_feed,
&fbp->temp_feed,
fbp->krbdes_sched, 1);
p = fbp->fb_feed + 3;
*p++ = ENCRYPT_IS;
p++;
*p++ = FB64_IV;
for (x = 0; x < sizeof(des_cblock); ++x) {
if ((*p++ = fbp->temp_feed[x]) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]);
telnet_net_write(fbp->fb_feed, p - fbp->fb_feed);
break;
default:
return(FAILED);
}
return(fbp->state[dir-1] = state);
}
/*
* Returns:
* -1: some error. Negotiation is done, encryption not ready.
* 0: Successful, initial negotiation all done.
* 1: successful, negotiation not done yet.
*/
int cfb64_is(unsigned char *data, int cnt)
{
return(fb64_is(data, cnt, &fb[CFB]));
}
int ofb64_is(unsigned char *data, int cnt)
{
return(fb64_is(data, cnt, &fb[OFB]));
}
int fb64_is(unsigned char *data, int cnt, struct fb *fbp)
{
unsigned char *p;
int state = fbp->state[DIR_DECRYPT-1];
if (cnt-- < 1)
goto failure;
switch (*data++) {
case FB64_IV:
if (cnt != sizeof(des_cblock)) {
if (encrypt_debug_mode)
printf("CFB64: initial vector failed on size\r\n");
state = FAILED;
goto failure;
}
if (encrypt_debug_mode)
printf("CFB64: initial vector received\r\n");
if (encrypt_debug_mode)
printf("Initializing Decrypt stream\r\n");
fb64_stream_iv(data, &fbp->streams[DIR_DECRYPT-1]);
p = fbp->fb_feed + 3;
*p++ = ENCRYPT_REPLY;
p++;
*p++ = FB64_IV_OK;
*p++ = IAC;
*p++ = SE;
printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]);
telnet_net_write(fbp->fb_feed, p - fbp->fb_feed);
state = fbp->state[DIR_DECRYPT-1] = IN_PROGRESS;
break;
default:
if (encrypt_debug_mode) {
printf("Unknown option type: %d\r\n", *(data-1));
printd(data, cnt);
printf("\r\n");
}
/* FALL THROUGH */
failure:
/*
* We failed. Send an FB64_IV_BAD option
* to the other side so it will know that
* things failed.
*/
p = fbp->fb_feed + 3;
*p++ = ENCRYPT_REPLY;
p++;
*p++ = FB64_IV_BAD;
*p++ = IAC;
*p++ = SE;
printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]);
telnet_net_write(fbp->fb_feed, p - fbp->fb_feed);
break;
}
return(fbp->state[DIR_DECRYPT-1] = state);
}
/*
* Returns:
* -1: some error. Negotiation is done, encryption not ready.
* 0: Successful, initial negotiation all done.
* 1: successful, negotiation not done yet.
*/
int cfb64_reply(unsigned char *data, int cnt)
{
return(fb64_reply(data, cnt, &fb[CFB]));
}
int ofb64_reply(unsigned char *data, int cnt)
{
return(fb64_reply(data, cnt, &fb[OFB]));
}
int fb64_reply(unsigned char *data, int cnt, struct fb *fbp)
{
int state = fbp->state[DIR_ENCRYPT-1];
if (cnt-- < 1)
goto failure;
switch (*data++) {
case FB64_IV_OK:
fb64_stream_iv(fbp->temp_feed, &fbp->streams[DIR_ENCRYPT-1]);
if (state == FAILED)
state = IN_PROGRESS;
state &= ~NO_RECV_IV;
encrypt_send_keyid(DIR_ENCRYPT, (unsigned char *)"\0", 1, 1);
break;
case FB64_IV_BAD:
memset(fbp->temp_feed, 0, sizeof(des_cblock));
fb64_stream_iv(fbp->temp_feed, &fbp->streams[DIR_ENCRYPT-1]);
state = FAILED;
break;
default:
if (encrypt_debug_mode) {
printf("Unknown option type: %d\r\n", data[-1]);
printd(data, cnt);
printf("\r\n");
}
/* FALL THROUGH */
failure:
state = FAILED;
break;
}
return(fbp->state[DIR_ENCRYPT-1] = state);
}
void cfb64_session(Session_Key *key, int server)
{
fb64_session(key, server, &fb[CFB]);
}
void ofb64_session(Session_Key *key, int server)
{
fb64_session(key, server, &fb[OFB]);
}
static void fb64_session(Session_Key *key, int server, struct fb *fbp)
{
if (!key || key->type != SK_DES) {
if (encrypt_debug_mode)
printf("Can't set krbdes's session key (%d != %d)\r\n",
key ? key->type : -1, SK_DES);
return;
}
memcpy(fbp->krbdes_key, key->data, sizeof(des_cblock));
fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_ENCRYPT-1]);
fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]);
if (fbp->once == 0) {
#ifndef OLD_DES_RANDOM_KEY
des_init_random_number_generator(&fbp->krbdes_key);
#endif
fbp->once = 1;
}
des_key_sched(&fbp->krbdes_key, fbp->krbdes_sched);
/*
* Now look to see if krbdes_start() was was waiting for
* the key to show up. If so, go ahead an call it now
* that we have the key.
*/
if (fbp->need_start) {
fbp->need_start = 0;
fb64_start(fbp, DIR_ENCRYPT, server);
}
}
/*
* We only accept a keyid of 0. If we get a keyid of
* 0, then mark the state as SUCCESS.
*/
int cfb64_keyid(int dir, unsigned char *kp, int *lenp)
{
return(fb64_keyid(dir, kp, lenp, &fb[CFB]));
}
int ofb64_keyid(int dir, unsigned char *kp, int *lenp)
{
return(fb64_keyid(dir, kp, lenp, &fb[OFB]));
}
int fb64_keyid(int dir, unsigned char *kp, int *lenp, struct fb *fbp)
{
int state = fbp->state[dir-1];
if (*lenp != 1 || (*kp != '\0')) {
*lenp = 0;
return(state);
}
if (state == FAILED)
state = IN_PROGRESS;
state &= ~NO_KEYID;
return(fbp->state[dir-1] = state);
}
void fb64_printsub(unsigned char *data, int cnt,
unsigned char *buf, int buflen, char *type)
{
char lbuf[32];
int i;
char *cp;
buf[buflen-1] = '\0'; /* make sure it's NULL terminated */
buflen -= 1;
switch(data[2]) {
case FB64_IV:
snprintf(lbuf, sizeof(lbuf), "%s_IV", type);
cp = lbuf;
goto common;
case FB64_IV_OK:
snprintf(lbuf, sizeof(lbuf), "%s_IV_OK", type);
cp = lbuf;
goto common;
case FB64_IV_BAD:
snprintf(lbuf, sizeof(lbuf), "%s_IV_BAD", type);
cp = lbuf;
goto common;
default:
snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[2]);
cp = lbuf;
common:
for (; (buflen > 0) && (*buf = *cp++); buf++)
buflen--;
for (i = 3; i < cnt; i++) {
snprintf(lbuf, sizeof(lbuf), " %d", data[i]);
for (cp = lbuf; (buflen > 0) && (*buf = *cp++); buf++)
buflen--;
}
break;
}
}
void cfb64_printsub(unsigned char *data, int cnt,
unsigned char *buf, int buflen)
{
fb64_printsub(data, cnt, buf, buflen, "CFB64");
}
void ofb64_printsub(unsigned char *data, int cnt,
unsigned char *buf, int buflen)
{
fb64_printsub(data, cnt, buf, buflen, "OFB64");
}
void fb64_stream_iv(des_cblock seed, struct stinfo *stp)
{
memcpy(stp->str_iv, seed,sizeof(des_cblock));
memcpy(stp->str_output, seed, sizeof(des_cblock));
des_key_sched(&stp->str_ikey, stp->str_sched);
stp->str_index = sizeof(des_cblock);
}
void fb64_stream_key(des_cblock key, struct stinfo *stp)
{
memcpy(stp->str_ikey, key, sizeof(des_cblock));
des_key_sched((des_cblock*)key, stp->str_sched);
memcpy(stp->str_output, stp->str_iv, sizeof(des_cblock));
stp->str_index = sizeof(des_cblock);
}
/*
* DES 64 bit Cipher Feedback
*
* key --->+-----+
* +->| DES |--+
* | +-----+ |
* | v
* INPUT --(--------->(+)+---> DATA
* | |
* +-------------+
*
*
* Given:
* iV: Initial vector, 64 bits (8 bytes) long.
* Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt).
* On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output.
*
* V0 = DES(iV, key)
* On = Dn ^ Vn
* V(n+1) = DES(On, key)
*/
void cfb64_encrypt(unsigned char *s, int c)
{
struct stinfo *stp = &fb[CFB].streams[DIR_ENCRYPT-1];
int index;
index = stp->str_index;
while (c-- > 0) {
if (index == sizeof(des_cblock)) {
des_cblock b;
des_ecb_encrypt(&stp->str_output, &b,stp->str_sched, 1);
memcpy(stp->str_feed, b, sizeof(des_cblock));
index = 0;
}
/* On encryption, we store (feed ^ data) which is cypher */
*s = stp->str_output[index] = (stp->str_feed[index] ^ *s);
s++;
index++;
}
stp->str_index = index;
}
int cfb64_decrypt(int data)
{
struct stinfo *stp = &fb[CFB].streams[DIR_DECRYPT-1];
int index;
if (data == -1) {
/*
* Back up one byte. It is assumed that we will
* never back up more than one byte. If we do, this
* may or may not work.
*/
if (stp->str_index)
--stp->str_index;
return(0);
}
index = stp->str_index++;
if (index == sizeof(des_cblock)) {
des_cblock b;
des_ecb_encrypt(&stp->str_output,&b, stp->str_sched, 1);
memcpy(stp->str_feed, b, sizeof(des_cblock));
stp->str_index = 1; /* Next time will be 1 */
index = 0; /* But now use 0 */
}
/* On decryption we store (data) which is cypher. */
stp->str_output[index] = data;
return(data ^ stp->str_feed[index]);
}
/*
* DES 64 bit Output Feedback
*
* key --->+-----+
* +->| DES |--+
* | +-----+ |
* +-----------+
* v
* INPUT -------->(+) ----> DATA
*
* Given:
* iV: Initial vector, 64 bits (8 bytes) long.
* Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt).
* On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output.
*
* V0 = DES(iV, key)
* V(n+1) = DES(Vn, key)
* On = Dn ^ Vn
*/
void ofb64_encrypt(unsigned char *s, int c)
{
struct stinfo *stp = &fb[OFB].streams[DIR_ENCRYPT-1];
int index;
index = stp->str_index;
while (c-- > 0) {
if (index == sizeof(des_cblock)) {
des_cblock b;
des_ecb_encrypt(&stp->str_feed,&b, stp->str_sched, 1);
memcpy(stp->str_feed, b, sizeof(des_cblock));
index = 0;
}
*s++ ^= stp->str_feed[index];
index++;
}
stp->str_index = index;
}
int ofb64_decrypt(int data)
{
struct stinfo *stp = &fb[OFB].streams[DIR_DECRYPT-1];
int index;
if (data == -1) {
/*
* Back up one byte. It is assumed that we will
* never back up more than one byte. If we do, this
* may or may not work.
*/
if (stp->str_index)
--stp->str_index;
return(0);
}
index = stp->str_index++;
if (index == sizeof(des_cblock)) {
des_cblock b;
des_ecb_encrypt(&stp->str_feed,&b,stp->str_sched, 1);
memcpy(stp->str_feed, b, sizeof(des_cblock));
stp->str_index = 1; /* Next time will be 1 */
index = 0; /* But now use 0 */
}
return(data ^ stp->str_feed[index]);
}
#endif

995
crypto/heimdal/appl/telnet/libtelnet/encrypt.c Normal file
View File

@ -0,0 +1,995 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
#include <config.h>
RCSID("$Id: encrypt.c,v 1.22 2000/01/18 03:10:35 assar Exp $");
#if defined(ENCRYPTION)
#define ENCRYPT_NAMES
#include <arpa/telnet.h>
#include "encrypt.h"
#include "misc.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <roken.h>
#ifdef SOCKS
#include <socks.h>
#endif
/*
* These functions pointers point to the current routines
* for encrypting and decrypting data.
*/
void (*encrypt_output) (unsigned char *, int);
int (*decrypt_input) (int);
char *nclearto;
int encrypt_debug_mode = 0;
static int decrypt_mode = 0;
static int encrypt_mode = 0;
static int encrypt_verbose = 0;
static int autoencrypt = 0;
static int autodecrypt = 0;
static int havesessionkey = 0;
static int Server = 0;
static const char *Name = "Noname";
#define typemask(x) ((x) > 0 ? 1 << ((x)-1) : 0)
static long i_support_encrypt = typemask(ENCTYPE_DES_CFB64)
| typemask(ENCTYPE_DES_OFB64);
static long i_support_decrypt = typemask(ENCTYPE_DES_CFB64)
| typemask(ENCTYPE_DES_OFB64);
static long i_wont_support_encrypt = 0;
static long i_wont_support_decrypt = 0;
#define I_SUPPORT_ENCRYPT (i_support_encrypt & ~i_wont_support_encrypt)
#define I_SUPPORT_DECRYPT (i_support_decrypt & ~i_wont_support_decrypt)
static long remote_supports_encrypt = 0;
static long remote_supports_decrypt = 0;
static Encryptions encryptions[] = {
#if defined(DES_ENCRYPTION)
{ "DES_CFB64", ENCTYPE_DES_CFB64,
cfb64_encrypt,
cfb64_decrypt,
cfb64_init,
cfb64_start,
cfb64_is,
cfb64_reply,
cfb64_session,
cfb64_keyid,
cfb64_printsub },
{ "DES_OFB64", ENCTYPE_DES_OFB64,
ofb64_encrypt,
ofb64_decrypt,
ofb64_init,
ofb64_start,
ofb64_is,
ofb64_reply,
ofb64_session,
ofb64_keyid,
ofb64_printsub },
#endif
{ 0, },
};
static unsigned char str_send[64] = { IAC, SB, TELOPT_ENCRYPT,
ENCRYPT_SUPPORT };
static unsigned char str_suplen = 0;
static unsigned char str_start[72] = { IAC, SB, TELOPT_ENCRYPT };
static unsigned char str_end[] = { IAC, SB, TELOPT_ENCRYPT, 0, IAC, SE };
Encryptions *
findencryption(int type)
{
Encryptions *ep = encryptions;
if (!(I_SUPPORT_ENCRYPT & remote_supports_decrypt & typemask(type)))
return(0);
while (ep->type && ep->type != type)
++ep;
return(ep->type ? ep : 0);
}
Encryptions *
finddecryption(int type)
{
Encryptions *ep = encryptions;
if (!(I_SUPPORT_DECRYPT & remote_supports_encrypt & typemask(type)))
return(0);
while (ep->type && ep->type != type)
++ep;
return(ep->type ? ep : 0);
}
#define MAXKEYLEN 64
static struct key_info {
unsigned char keyid[MAXKEYLEN];
int keylen;
int dir;
int *modep;
Encryptions *(*getcrypt)();
} ki[2] = {
{ { 0 }, 0, DIR_ENCRYPT, &encrypt_mode, findencryption },
{ { 0 }, 0, DIR_DECRYPT, &decrypt_mode, finddecryption },
};
void
encrypt_init(const char *name, int server)
{
Encryptions *ep = encryptions;
Name = name;
Server = server;
i_support_encrypt = i_support_decrypt = 0;
remote_supports_encrypt = remote_supports_decrypt = 0;
encrypt_mode = 0;
decrypt_mode = 0;
encrypt_output = 0;
decrypt_input = 0;
#ifdef notdef
encrypt_verbose = !server;
#endif
str_suplen = 4;
while (ep->type) {
if (encrypt_debug_mode)
printf(">>>%s: I will support %s\r\n",
Name, ENCTYPE_NAME(ep->type));
i_support_encrypt |= typemask(ep->type);
i_support_decrypt |= typemask(ep->type);
if ((i_wont_support_decrypt & typemask(ep->type)) == 0)
if ((str_send[str_suplen++] = ep->type) == IAC)
str_send[str_suplen++] = IAC;
if (ep->init)
(*ep->init)(Server);
++ep;
}
str_send[str_suplen++] = IAC;
str_send[str_suplen++] = SE;
}
void
encrypt_list_types(void)
{
Encryptions *ep = encryptions;
printf("Valid encryption types:\n");
while (ep->type) {
printf("\t%s (%d)\r\n", ENCTYPE_NAME(ep->type), ep->type);
++ep;
}
}
int
EncryptEnable(char *type, char *mode)
{
if (isprefix(type, "help") || isprefix(type, "?")) {
printf("Usage: encrypt enable <type> [input|output]\n");
encrypt_list_types();
return(0);
}
if (EncryptType(type, mode))
return(EncryptStart(mode));
return(0);
}
int
EncryptDisable(char *type, char *mode)
{
Encryptions *ep;
int ret = 0;
if (isprefix(type, "help") || isprefix(type, "?")) {
printf("Usage: encrypt disable <type> [input|output]\n");
encrypt_list_types();
} else if ((ep = (Encryptions *)genget(type, (char**)encryptions,
sizeof(Encryptions))) == 0) {
printf("%s: invalid encryption type\n", type);
} else if (Ambiguous(ep)) {
printf("Ambiguous type '%s'\n", type);
} else {
if ((mode == 0) || (isprefix(mode, "input") ? 1 : 0)) {
if (decrypt_mode == ep->type)
EncryptStopInput();
i_wont_support_decrypt |= typemask(ep->type);
ret = 1;
}
if ((mode == 0) || (isprefix(mode, "output"))) {
if (encrypt_mode == ep->type)
EncryptStopOutput();
i_wont_support_encrypt |= typemask(ep->type);
ret = 1;
}
if (ret == 0)
printf("%s: invalid encryption mode\n", mode);
}
return(ret);
}
int
EncryptType(char *type, char *mode)
{
Encryptions *ep;
int ret = 0;
if (isprefix(type, "help") || isprefix(type, "?")) {
printf("Usage: encrypt type <type> [input|output]\n");
encrypt_list_types();
} else if ((ep = (Encryptions *)genget(type, (char**)encryptions,
sizeof(Encryptions))) == 0) {
printf("%s: invalid encryption type\n", type);
} else if (Ambiguous(ep)) {
printf("Ambiguous type '%s'\n", type);
} else {
if ((mode == 0) || isprefix(mode, "input")) {
decrypt_mode = ep->type;
i_wont_support_decrypt &= ~typemask(ep->type);
ret = 1;
}
if ((mode == 0) || isprefix(mode, "output")) {
encrypt_mode = ep->type;
i_wont_support_encrypt &= ~typemask(ep->type);
ret = 1;
}
if (ret == 0)
printf("%s: invalid encryption mode\n", mode);
}
return(ret);
}
int
EncryptStart(char *mode)
{
int ret = 0;
if (mode) {
if (isprefix(mode, "input"))
return(EncryptStartInput());
if (isprefix(mode, "output"))
return(EncryptStartOutput());
if (isprefix(mode, "help") || isprefix(mode, "?")) {
printf("Usage: encrypt start [input|output]\n");
return(0);
}
printf("%s: invalid encryption mode 'encrypt start ?' for help\n", mode);
return(0);
}
ret += EncryptStartInput();
ret += EncryptStartOutput();
return(ret);
}
int
EncryptStartInput(void)
{
if (decrypt_mode) {
encrypt_send_request_start();
return(1);
}
printf("No previous decryption mode, decryption not enabled\r\n");
return(0);
}
int
EncryptStartOutput(void)
{
if (encrypt_mode) {
encrypt_start_output(encrypt_mode);
return(1);
}
printf("No previous encryption mode, encryption not enabled\r\n");
return(0);
}
int
EncryptStop(char *mode)
{
int ret = 0;
if (mode) {
if (isprefix(mode, "input"))
return(EncryptStopInput());
if (isprefix(mode, "output"))
return(EncryptStopOutput());
if (isprefix(mode, "help") || isprefix(mode, "?")) {
printf("Usage: encrypt stop [input|output]\n");
return(0);
}
printf("%s: invalid encryption mode 'encrypt stop ?' for help\n", mode);
return(0);
}
ret += EncryptStopInput();
ret += EncryptStopOutput();
return(ret);
}
int
EncryptStopInput(void)
{
encrypt_send_request_end();
return(1);
}
int
EncryptStopOutput(void)
{
encrypt_send_end();
return(1);
}
void
encrypt_display(void)
{
printf("Autoencrypt for output is %s. Autodecrypt for input is %s.\r\n",
autoencrypt?"on":"off", autodecrypt?"on":"off");
if (encrypt_output)
printf("Currently encrypting output with %s\r\n",
ENCTYPE_NAME(encrypt_mode));
else
printf("Currently not encrypting output\r\n");
if (decrypt_input)
printf("Currently decrypting input with %s\r\n",
ENCTYPE_NAME(decrypt_mode));
else
printf("Currently not decrypting input\r\n");
}
int
EncryptStatus(void)
{
printf("Autoencrypt for output is %s. Autodecrypt for input is %s.\r\n",
autoencrypt?"on":"off", autodecrypt?"on":"off");
if (encrypt_output)
printf("Currently encrypting output with %s\r\n",
ENCTYPE_NAME(encrypt_mode));
else if (encrypt_mode) {
printf("Currently output is clear text.\r\n");
printf("Last encryption mode was %s\r\n",
ENCTYPE_NAME(encrypt_mode));
} else
printf("Currently not encrypting output\r\n");
if (decrypt_input) {
printf("Currently decrypting input with %s\r\n",
ENCTYPE_NAME(decrypt_mode));
} else if (decrypt_mode) {
printf("Currently input is clear text.\r\n");
printf("Last decryption mode was %s\r\n",
ENCTYPE_NAME(decrypt_mode));
} else
printf("Currently not decrypting input\r\n");
return 1;
}
void
encrypt_send_support(void)
{
if (str_suplen) {
/*
* If the user has requested that decryption start
* immediatly, then send a "REQUEST START" before
* we negotiate the type.
*/
if (!Server && autodecrypt)
encrypt_send_request_start();
telnet_net_write(str_send, str_suplen);
printsub('>', &str_send[2], str_suplen - 2);
str_suplen = 0;
}
}
int
EncryptDebug(int on)
{
if (on < 0)
encrypt_debug_mode ^= 1;
else
encrypt_debug_mode = on;
printf("Encryption debugging %s\r\n",
encrypt_debug_mode ? "enabled" : "disabled");
return(1);
}
/* turn on verbose encryption, but dont keep telling the whole world
*/
void encrypt_verbose_quiet(int on)
{
if(on < 0)
encrypt_verbose ^= 1;
else
encrypt_verbose = on ? 1 : 0;
}
int
EncryptVerbose(int on)
{
encrypt_verbose_quiet(on);
printf("Encryption %s verbose\r\n",
encrypt_verbose ? "is" : "is not");
return(1);
}
int
EncryptAutoEnc(int on)
{
encrypt_auto(on);
printf("Automatic encryption of output is %s\r\n",
autoencrypt ? "enabled" : "disabled");
return(1);
}
int
EncryptAutoDec(int on)
{
decrypt_auto(on);
printf("Automatic decryption of input is %s\r\n",
autodecrypt ? "enabled" : "disabled");
return(1);
}
/* Called when we receive a WONT or a DONT ENCRYPT after we sent a DO
encrypt */
void
encrypt_not(void)
{
if (encrypt_verbose)
printf("[ Connection is NOT encrypted ]\r\n");
else
printf("\r\n*** Connection not encrypted! "
"Communication may be eavesdropped. ***\r\n");
}
/*
* Called when ENCRYPT SUPPORT is received.
*/
void
encrypt_support(unsigned char *typelist, int cnt)
{
int type, use_type = 0;
Encryptions *ep;
/*
* Forget anything the other side has previously told us.
*/
remote_supports_decrypt = 0;
while (cnt-- > 0) {
type = *typelist++;
if (encrypt_debug_mode)
printf(">>>%s: He is supporting %s (%d)\r\n",
Name,
ENCTYPE_NAME(type), type);
if ((type < ENCTYPE_CNT) &&
(I_SUPPORT_ENCRYPT & typemask(type))) {
remote_supports_decrypt |= typemask(type);
if (use_type == 0)
use_type = type;
}
}
if (use_type) {
ep = findencryption(use_type);
if (!ep)
return;
type = ep->start ? (*ep->start)(DIR_ENCRYPT, Server) : 0;
if (encrypt_debug_mode)
printf(">>>%s: (*ep->start)() returned %d\r\n",
Name, type);
if (type < 0)
return;
encrypt_mode = use_type;
if (type == 0)
encrypt_start_output(use_type);
}
}
void
encrypt_is(unsigned char *data, int cnt)
{
Encryptions *ep;
int type, ret;
if (--cnt < 0)
return;
type = *data++;
if (type < ENCTYPE_CNT)
remote_supports_encrypt |= typemask(type);
if (!(ep = finddecryption(type))) {
if (encrypt_debug_mode)
printf(">>>%s: Can't find type %s (%d) for initial negotiation\r\n",
Name,
ENCTYPE_NAME_OK(type)
? ENCTYPE_NAME(type) : "(unknown)",
type);
return;
}
if (!ep->is) {
if (encrypt_debug_mode)
printf(">>>%s: No initial negotiation needed for type %s (%d)\r\n",
Name,
ENCTYPE_NAME_OK(type)
? ENCTYPE_NAME(type) : "(unknown)",
type);
ret = 0;
} else {
ret = (*ep->is)(data, cnt);
if (encrypt_debug_mode)
printf("(*ep->is)(%p, %d) returned %s(%d)\n", data, cnt,
(ret < 0) ? "FAIL " :
(ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret);
}
if (ret < 0) {
autodecrypt = 0;
} else {
decrypt_mode = type;
if (ret == 0 && autodecrypt)
encrypt_send_request_start();
}
}
void
encrypt_reply(unsigned char *data, int cnt)
{
Encryptions *ep;
int ret, type;
if (--cnt < 0)
return;
type = *data++;
if (!(ep = findencryption(type))) {
if (encrypt_debug_mode)
printf(">>>%s: Can't find type %s (%d) for initial negotiation\r\n",
Name,
ENCTYPE_NAME_OK(type)
? ENCTYPE_NAME(type) : "(unknown)",
type);
return;
}
if (!ep->reply) {
if (encrypt_debug_mode)
printf(">>>%s: No initial negotiation needed for type %s (%d)\r\n",
Name,
ENCTYPE_NAME_OK(type)
? ENCTYPE_NAME(type) : "(unknown)",
type);
ret = 0;
} else {
ret = (*ep->reply)(data, cnt);
if (encrypt_debug_mode)
printf("(*ep->reply)(%p, %d) returned %s(%d)\n",
data, cnt,
(ret < 0) ? "FAIL " :
(ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret);
}
if (encrypt_debug_mode)
printf(">>>%s: encrypt_reply returned %d\n", Name, ret);
if (ret < 0) {
autoencrypt = 0;
} else {
encrypt_mode = type;
if (ret == 0 && autoencrypt)
encrypt_start_output(type);
}
}
/*
* Called when a ENCRYPT START command is received.
*/
void
encrypt_start(unsigned char *data, int cnt)
{
Encryptions *ep;
if (!decrypt_mode) {
/*
* Something is wrong. We should not get a START
* command without having already picked our
* decryption scheme. Send a REQUEST-END to
* attempt to clear the channel...
*/
printf("%s: Warning, Cannot decrypt input stream!!!\r\n", Name);
encrypt_send_request_end();
return;
}
if ((ep = finddecryption(decrypt_mode))) {
decrypt_input = ep->input;
if (encrypt_verbose)
printf("[ Input is now decrypted with type %s ]\r\n",
ENCTYPE_NAME(decrypt_mode));
if (encrypt_debug_mode)
printf(">>>%s: Start to decrypt input with type %s\r\n",
Name, ENCTYPE_NAME(decrypt_mode));
} else {
printf("%s: Warning, Cannot decrypt type %s (%d)!!!\r\n",
Name,
ENCTYPE_NAME_OK(decrypt_mode)
? ENCTYPE_NAME(decrypt_mode)
: "(unknown)",
decrypt_mode);
encrypt_send_request_end();
}
}
void
encrypt_session_key(Session_Key *key, int server)
{
Encryptions *ep = encryptions;
havesessionkey = 1;
while (ep->type) {
if (ep->session)
(*ep->session)(key, server);
++ep;
}
}
/*
* Called when ENCRYPT END is received.
*/
void
encrypt_end(void)
{
decrypt_input = 0;
if (encrypt_debug_mode)
printf(">>>%s: Input is back to clear text\r\n", Name);
if (encrypt_verbose)
printf("[ Input is now clear text ]\r\n");
}
/*
* Called when ENCRYPT REQUEST-END is received.
*/
void
encrypt_request_end(void)
{
encrypt_send_end();
}
/*
* Called when ENCRYPT REQUEST-START is received. If we receive
* this before a type is picked, then that indicates that the
* other side wants us to start encrypting data as soon as we
* can.
*/
void
encrypt_request_start(unsigned char *data, int cnt)
{
if (encrypt_mode == 0) {
if (Server)
autoencrypt = 1;
return;
}
encrypt_start_output(encrypt_mode);
}
static unsigned char str_keyid[(MAXKEYLEN*2)+5] = { IAC, SB, TELOPT_ENCRYPT };
static void
encrypt_keyid(struct key_info *kp, unsigned char *keyid, int len)
{
Encryptions *ep;
int dir = kp->dir;
int ret = 0;
if (!(ep = (*kp->getcrypt)(*kp->modep))) {
if (len == 0)
return;
kp->keylen = 0;
} else if (len == 0) {
/*
* Empty option, indicates a failure.
*/
if (kp->keylen == 0)
return;
kp->keylen = 0;
if (ep->keyid)
(void)(*ep->keyid)(dir, kp->keyid, &kp->keylen);
} else if ((len != kp->keylen) || (memcmp(keyid,kp->keyid,len) != 0)) {
/*
* Length or contents are different
*/
kp->keylen = len;
memcpy(kp->keyid,keyid, len);
if (ep->keyid)
(void)(*ep->keyid)(dir, kp->keyid, &kp->keylen);
} else {
if (ep->keyid)
ret = (*ep->keyid)(dir, kp->keyid, &kp->keylen);
if ((ret == 0) && (dir == DIR_ENCRYPT) && autoencrypt)
encrypt_start_output(*kp->modep);
return;
}
encrypt_send_keyid(dir, kp->keyid, kp->keylen, 0);
}
void encrypt_enc_keyid(unsigned char *keyid, int len)
{
encrypt_keyid(&ki[1], keyid, len);
}
void encrypt_dec_keyid(unsigned char *keyid, int len)
{
encrypt_keyid(&ki[0], keyid, len);
}
void encrypt_send_keyid(int dir, unsigned char *keyid, int keylen, int saveit)
{
unsigned char *strp;
str_keyid[3] = (dir == DIR_ENCRYPT)
? ENCRYPT_ENC_KEYID : ENCRYPT_DEC_KEYID;
if (saveit) {
struct key_info *kp = &ki[(dir == DIR_ENCRYPT) ? 0 : 1];
memcpy(kp->keyid,keyid, keylen);
kp->keylen = keylen;
}
for (strp = &str_keyid[4]; keylen > 0; --keylen) {
if ((*strp++ = *keyid++) == IAC)
*strp++ = IAC;
}
*strp++ = IAC;
*strp++ = SE;
telnet_net_write(str_keyid, strp - str_keyid);
printsub('>', &str_keyid[2], strp - str_keyid - 2);
}
void
encrypt_auto(int on)
{
if (on < 0)
autoencrypt ^= 1;
else
autoencrypt = on ? 1 : 0;
}
void
decrypt_auto(int on)
{
if (on < 0)
autodecrypt ^= 1;
else
autodecrypt = on ? 1 : 0;
}
void
encrypt_start_output(int type)
{
Encryptions *ep;
unsigned char *p;
int i;
if (!(ep = findencryption(type))) {
if (encrypt_debug_mode) {
printf(">>>%s: Can't encrypt with type %s (%d)\r\n",
Name,
ENCTYPE_NAME_OK(type)
? ENCTYPE_NAME(type) : "(unknown)",
type);
}
return;
}
if (ep->start) {
i = (*ep->start)(DIR_ENCRYPT, Server);
if (encrypt_debug_mode) {
printf(">>>%s: Encrypt start: %s (%d) %s\r\n",
Name,
(i < 0) ? "failed" :
"initial negotiation in progress",
i, ENCTYPE_NAME(type));
}
if (i)
return;
}
p = str_start + 3;
*p++ = ENCRYPT_START;
for (i = 0; i < ki[0].keylen; ++i) {
if ((*p++ = ki[0].keyid[i]) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
telnet_net_write(str_start, p - str_start);
net_encrypt();
printsub('>', &str_start[2], p - &str_start[2]);
/*
* If we are already encrypting in some mode, then
* encrypt the ring (which includes our request) in
* the old mode, mark it all as "clear text" and then
* switch to the new mode.
*/
encrypt_output = ep->output;
encrypt_mode = type;
if (encrypt_debug_mode)
printf(">>>%s: Started to encrypt output with type %s\r\n",
Name, ENCTYPE_NAME(type));
if (encrypt_verbose)
printf("[ Output is now encrypted with type %s ]\r\n",
ENCTYPE_NAME(type));
}
void
encrypt_send_end(void)
{
if (!encrypt_output)
return;
str_end[3] = ENCRYPT_END;
telnet_net_write(str_end, sizeof(str_end));
net_encrypt();
printsub('>', &str_end[2], sizeof(str_end) - 2);
/*
* Encrypt the output buffer now because it will not be done by
* netflush...
*/
encrypt_output = 0;
if (encrypt_debug_mode)
printf(">>>%s: Output is back to clear text\r\n", Name);
if (encrypt_verbose)
printf("[ Output is now clear text ]\r\n");
}
void
encrypt_send_request_start(void)
{
unsigned char *p;
int i;
p = &str_start[3];
*p++ = ENCRYPT_REQSTART;
for (i = 0; i < ki[1].keylen; ++i) {
if ((*p++ = ki[1].keyid[i]) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
telnet_net_write(str_start, p - str_start);
printsub('>', &str_start[2], p - &str_start[2]);
if (encrypt_debug_mode)
printf(">>>%s: Request input to be encrypted\r\n", Name);
}
void
encrypt_send_request_end(void)
{
str_end[3] = ENCRYPT_REQEND;
telnet_net_write(str_end, sizeof(str_end));
printsub('>', &str_end[2], sizeof(str_end) - 2);
if (encrypt_debug_mode)
printf(">>>%s: Request input to be clear text\r\n", Name);
}
void encrypt_wait(void)
{
if (encrypt_debug_mode)
printf(">>>%s: in encrypt_wait\r\n", Name);
if (!havesessionkey || !(I_SUPPORT_ENCRYPT & remote_supports_decrypt))
return;
while (autoencrypt && !encrypt_output)
if (telnet_spin())
return;
}
int
encrypt_delay(void)
{
if(!havesessionkey ||
(I_SUPPORT_ENCRYPT & remote_supports_decrypt) == 0 ||
(I_SUPPORT_DECRYPT & remote_supports_encrypt) == 0)
return 0;
if(!(encrypt_output && decrypt_input))
return 1;
return 0;
}
void
encrypt_debug(int mode)
{
encrypt_debug_mode = mode;
}
void encrypt_gen_printsub(unsigned char *data, int cnt,
unsigned char *buf, int buflen)
{
char tbuf[16], *cp;
cnt -= 2;
data += 2;
buf[buflen-1] = '\0';
buf[buflen-2] = '*';
buflen -= 2;;
for (; cnt > 0; cnt--, data++) {
snprintf(tbuf, sizeof(tbuf), " %d", *data);
for (cp = tbuf; *cp && buflen > 0; --buflen)
*buf++ = *cp++;
if (buflen <= 0)
return;
}
*buf = '\0';
}
void
encrypt_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen)
{
Encryptions *ep;
int type = data[1];
for (ep = encryptions; ep->type && ep->type != type; ep++)
;
if (ep->printsub)
(*ep->printsub)(data, cnt, buf, buflen);
else
encrypt_gen_printsub(data, cnt, buf, buflen);
}
#endif

98
crypto/heimdal/appl/telnet/libtelnet/encrypt.h Normal file
View File

@ -0,0 +1,98 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)encrypt.h 8.1 (Berkeley) 6/4/93
*
* @(#)encrypt.h 5.2 (Berkeley) 3/22/91
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
/* $Id: encrypt.h,v 1.4 1997/01/24 23:10:56 assar Exp $ */
#ifndef __ENCRYPT__
#define __ENCRYPT__
#define DIR_DECRYPT 1
#define DIR_ENCRYPT 2
#define VALIDKEY(key) ( key[0] | key[1] | key[2] | key[3] | \
key[4] | key[5] | key[6] | key[7])
#define SAMEKEY(k1, k2) (!memcmp(k1, k2, sizeof(des_cblock)))
typedef struct {
short type;
int length;
unsigned char *data;
} Session_Key;
typedef struct {
char *name;
int type;
void (*output) (unsigned char *, int);
int (*input) (int);
void (*init) (int);
int (*start) (int, int);
int (*is) (unsigned char *, int);
int (*reply) (unsigned char *, int);
void (*session) (Session_Key *, int);
int (*keyid) (int, unsigned char *, int *);
void (*printsub) (unsigned char *, int, unsigned char *, int);
} Encryptions;
#define SK_DES 1 /* Matched Kerberos v5 KEYTYPE_DES */
#include "enc-proto.h"
extern int encrypt_debug_mode;
extern int (*decrypt_input) (int);
extern void (*encrypt_output) (unsigned char *, int);
#endif

103
crypto/heimdal/appl/telnet/libtelnet/genget.c Normal file
View File

@ -0,0 +1,103 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
#include "misc-proto.h"
RCSID("$Id: genget.c,v 1.6 1997/05/04 09:01:34 assar Exp $");
#include <ctype.h>
#define LOWER(x) (isupper(x) ? tolower(x) : (x))
/*
* The prefix function returns 0 if *s1 is not a prefix
* of *s2. If *s1 exactly matches *s2, the negative of
* the length is returned. If *s1 is a prefix of *s2,
* the length of *s1 is returned.
*/
int
isprefix(char *s1, char *s2)
{
char *os1;
char c1, c2;
if (*s1 == '\0')
return(-1);
os1 = s1;
c1 = *s1;
c2 = *s2;
while (LOWER(c1) == LOWER(c2)) {
if (c1 == '\0')
break;
c1 = *++s1;
c2 = *++s2;
}
return(*s1 ? 0 : (*s2 ? (s1 - os1) : (os1 - s1)));
}
static char *ambiguous; /* special return value for command routines */
char **
genget(char *name, char **table, int stlen)
/* name to match */
/* name entry in table */
{
char **c, **found;
int n;
if (name == 0)
return 0;
found = 0;
for (c = table; *c != 0; c = (char **)((char *)c + stlen)) {
if ((n = isprefix(name, *c)) == 0)
continue;
if (n < 0) /* exact match */
return(c);
if (found)
return(&ambiguous);
found = c;
}
return(found);
}
/*
* Function call version of Ambiguous()
*/
int
Ambiguous(void *s)
{
return((char **)s == &ambiguous);
}

719
crypto/heimdal/appl/telnet/libtelnet/kerberos.c Normal file
View File

@ -0,0 +1,719 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
RCSID("$Id: kerberos.c,v 1.47 2000/02/07 03:14:19 assar Exp $");
#ifdef KRB4
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_ARPA_TELNET_H
#include <arpa/telnet.h>
#endif
#include <stdio.h>
#include <des.h> /* BSD wont include this in krb.h, so we do it here */
#include <krb.h>
#include <pwd.h>
#include <stdlib.h>
#include <string.h>
#include <roken.h>
#ifdef SOCKS
#include <socks.h>
#endif
#include "encrypt.h"
#include "auth.h"
#include "misc.h"
int kerberos4_cksum (unsigned char *, int);
extern int auth_debug_mode;
static unsigned char str_data[2048] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
AUTHTYPE_KERBEROS_V4, };
#define KRB_AUTH 0 /* Authentication data follows */
#define KRB_REJECT 1 /* Rejected (reason might follow) */
#define KRB_ACCEPT 2 /* Accepted */
#define KRB_CHALLENGE 3 /* Challenge for mutual auth. */
#define KRB_RESPONSE 4 /* Response for mutual auth. */
#define KRB_FORWARD 5 /* */
#define KRB_FORWARD_ACCEPT 6 /* */
#define KRB_FORWARD_REJECT 7 /* */
#define KRB_SERVICE_NAME "rcmd"
static KTEXT_ST auth;
static char name[ANAME_SZ];
static AUTH_DAT adat;
static des_cblock session_key;
static des_cblock cred_session;
static des_key_schedule sched;
static des_cblock challenge;
static int auth_done; /* XXX */
static int pack_cred(CREDENTIALS *cred, unsigned char *buf);
static int unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred);
static int
Data(Authenticator *ap, int type, const void *d, int c)
{
unsigned char *p = str_data + 4;
const unsigned char *cd = (const unsigned char *)d;
if (c == -1)
c = strlen((const char *)cd);
if (auth_debug_mode) {
printf("%s:%d: [%d] (%d)",
str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
str_data[3],
type, c);
printd(d, c);
printf("\r\n");
}
*p++ = ap->type;
*p++ = ap->way;
*p++ = type;
while (c-- > 0) {
if ((*p++ = *cd++) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
if (str_data[3] == TELQUAL_IS)
printsub('>', &str_data[2], p - (&str_data[2]));
return(telnet_net_write(str_data, p - str_data));
}
int
kerberos4_init(Authenticator *ap, int server)
{
FILE *fp;
if (server) {
str_data[3] = TELQUAL_REPLY;
if ((fp = fopen(KEYFILE, "r")) == NULL)
return(0);
fclose(fp);
} else {
str_data[3] = TELQUAL_IS;
}
return(1);
}
char dst_realm_buf[REALM_SZ], *dest_realm = NULL;
int dst_realm_sz = REALM_SZ;
static int
kerberos4_send(char *name, Authenticator *ap)
{
KTEXT_ST auth;
char instance[INST_SZ];
char *realm;
CREDENTIALS cred;
int r;
printf("[ Trying %s ... ]\r\n", name);
if (!UserNameRequested) {
if (auth_debug_mode) {
printf("Kerberos V4: no user name supplied\r\n");
}
return(0);
}
memset(instance, 0, sizeof(instance));
strlcpy (instance,
krb_get_phost(RemoteHostName),
INST_SZ);
realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName);
if (!realm) {
printf("Kerberos V4: no realm for %s\r\n", RemoteHostName);
return(0);
}
r = krb_mk_req(&auth, KRB_SERVICE_NAME, instance, realm, 0L);
if (r) {
printf("mk_req failed: %s\r\n", krb_get_err_text(r));
return(0);
}
r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred);
if (r) {
printf("get_cred failed: %s\r\n", krb_get_err_text(r));
return(0);
}
if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
if (auth_debug_mode)
printf("Not enough room for user name\r\n");
return(0);
}
if (auth_debug_mode)
printf("Sent %d bytes of authentication data\r\n", auth.length);
if (!Data(ap, KRB_AUTH, (void *)auth.dat, auth.length)) {
if (auth_debug_mode)
printf("Not enough room for authentication data\r\n");
return(0);
}
#ifdef ENCRYPTION
/* create challenge */
if ((ap->way & AUTH_HOW_MASK)==AUTH_HOW_MUTUAL) {
int i;
des_key_sched(&cred.session, sched);
memcpy (&cred_session, &cred.session, sizeof(cred_session));
des_init_random_number_generator(&cred.session);
des_new_random_key(&session_key);
des_ecb_encrypt(&session_key, &session_key, sched, 0);
des_ecb_encrypt(&session_key, &challenge, sched, 0);
/*
old code
Some CERT Advisory thinks this is a bad thing...
des_init_random_number_generator(&cred.session);
des_new_random_key(&challenge);
des_ecb_encrypt(&challenge, &session_key, sched, 1);
*/
/*
* Increment the challenge by 1, and encrypt it for
* later comparison.
*/
for (i = 7; i >= 0; --i)
if(++challenge[i] != 0) /* No carry! */
break;
des_ecb_encrypt(&challenge, &challenge, sched, 1);
}
#endif
if (auth_debug_mode) {
printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length));
printd(auth.dat, auth.length);
printf("\r\n");
printf("Sent Kerberos V4 credentials to server\r\n");
}
return(1);
}
int
kerberos4_send_mutual(Authenticator *ap)
{
return kerberos4_send("mutual KERBEROS4", ap);
}
int
kerberos4_send_oneway(Authenticator *ap)
{
return kerberos4_send("KERBEROS4", ap);
}
void
kerberos4_is(Authenticator *ap, unsigned char *data, int cnt)
{
struct sockaddr_in addr;
char realm[REALM_SZ];
char instance[INST_SZ];
int r;
int addr_len;
if (cnt-- < 1)
return;
switch (*data++) {
case KRB_AUTH:
if (krb_get_lrealm(realm, 1) != KSUCCESS) {
Data(ap, KRB_REJECT, (void *)"No local V4 Realm.", -1);
auth_finished(ap, AUTH_REJECT);
if (auth_debug_mode)
printf("No local realm\r\n");
return;
}
memmove(auth.dat, data, auth.length = cnt);
if (auth_debug_mode) {
printf("Got %d bytes of authentication data\r\n", cnt);
printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length));
printd(auth.dat, auth.length);
printf("\r\n");
}
k_getsockinst(0, instance, sizeof(instance));
addr_len = sizeof(addr);
if(getpeername(0, (struct sockaddr *)&addr, &addr_len) < 0) {
if(auth_debug_mode)
printf("getpeername failed\r\n");
Data(ap, KRB_REJECT, "getpeername failed", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
if (addr.sin_family != AF_INET) {
if (auth_debug_mode)
printf("unknown address family: %d\r\n", addr.sin_family);
Data(ap, KRB_REJECT, "bad address family", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
r = krb_rd_req(&auth, KRB_SERVICE_NAME,
instance, addr.sin_addr.s_addr, &adat, "");
if (r) {
if (auth_debug_mode)
printf("Kerberos failed him as %s\r\n", name);
Data(ap, KRB_REJECT, (void *)krb_get_err_text(r), -1);
auth_finished(ap, AUTH_REJECT);
return;
}
/* save the session key */
memmove(session_key, adat.session, sizeof(adat.session));
krb_kntoln(&adat, name);
if (UserNameRequested && !kuserok(&adat, UserNameRequested)){
char ts[MaxPathLen];
struct passwd *pw = getpwnam(UserNameRequested);
if(pw){
snprintf(ts, sizeof(ts),
"%s%u",
TKT_ROOT,
(unsigned)pw->pw_uid);
setenv("KRBTKFILE", ts, 1);
if (pw->pw_uid == 0)
syslog(LOG_INFO|LOG_AUTH,
"ROOT Kerberos login from %s on %s\n",
krb_unparse_name_long(adat.pname,
adat.pinst,
adat.prealm),
RemoteHostName);
}
Data(ap, KRB_ACCEPT, NULL, 0);
} else {
char *msg;
asprintf (&msg, "user `%s' is not authorized to "
"login as `%s'",
krb_unparse_name_long(adat.pname,
adat.pinst,
adat.prealm),
UserNameRequested ? UserNameRequested : "<nobody>");
if (msg == NULL)
Data(ap, KRB_REJECT, NULL, 0);
else {
Data(ap, KRB_REJECT, (void *)msg, -1);
free(msg);
}
auth_finished(ap, AUTH_REJECT);
break;
}
auth_finished(ap, AUTH_USER);
break;
case KRB_CHALLENGE:
#ifndef ENCRYPTION
Data(ap, KRB_RESPONSE, NULL, 0);
#else
if(!VALIDKEY(session_key)){
Data(ap, KRB_RESPONSE, NULL, 0);
break;
}
des_key_sched(&session_key, sched);
{
des_cblock d_block;
int i;
Session_Key skey;
memmove(d_block, data, sizeof(d_block));
/* make a session key for encryption */
des_ecb_encrypt(&d_block, &session_key, sched, 1);
skey.type=SK_DES;
skey.length=8;
skey.data=session_key;
encrypt_session_key(&skey, 1);
/* decrypt challenge, add one and encrypt it */
des_ecb_encrypt(&d_block, &challenge, sched, 0);
for (i = 7; i >= 0; i--)
if(++challenge[i] != 0)
break;
des_ecb_encrypt(&challenge, &challenge, sched, 1);
Data(ap, KRB_RESPONSE, (void *)challenge, sizeof(challenge));
}
#endif
break;
case KRB_FORWARD:
{
des_key_schedule ks;
unsigned char netcred[sizeof(CREDENTIALS)];
CREDENTIALS cred;
int ret;
if(cnt > sizeof(cred))
abort();
memcpy (session_key, adat.session, sizeof(session_key));
des_set_key(&session_key, ks);
des_pcbc_encrypt((void*)data, (void*)netcred, cnt,
ks, &session_key, DES_DECRYPT);
unpack_cred(netcred, cnt, &cred);
{
if(strcmp(cred.service, KRB_TICKET_GRANTING_TICKET) ||
strncmp(cred.instance, cred.realm, sizeof(cred.instance)) ||
cred.lifetime < 0 || cred.lifetime > 255 ||
cred.kvno < 0 || cred.kvno > 255 ||
cred.issue_date < 0 ||
cred.issue_date > time(0) + CLOCK_SKEW ||
strncmp(cred.pname, adat.pname, sizeof(cred.pname)) ||
strncmp(cred.pinst, adat.pinst, sizeof(cred.pinst))){
Data(ap, KRB_FORWARD_REJECT, "Bad credentials", -1);
}else{
if((ret = tf_setup(&cred,
cred.pname,
cred.pinst)) == KSUCCESS){
struct passwd *pw = getpwnam(UserNameRequested);
if (pw)
chown(tkt_string(), pw->pw_uid, pw->pw_gid);
Data(ap, KRB_FORWARD_ACCEPT, 0, 0);
} else{
Data(ap, KRB_FORWARD_REJECT,
krb_get_err_text(ret), -1);
}
}
}
memset(data, 0, cnt);
memset(ks, 0, sizeof(ks));
memset(&cred, 0, sizeof(cred));
}
break;
default:
if (auth_debug_mode)
printf("Unknown Kerberos option %d\r\n", data[-1]);
Data(ap, KRB_REJECT, 0, 0);
break;
}
}
void
kerberos4_reply(Authenticator *ap, unsigned char *data, int cnt)
{
Session_Key skey;
if (cnt-- < 1)
return;
switch (*data++) {
case KRB_REJECT:
if(auth_done){ /* XXX Ick! */
printf("[ Kerberos V4 received unknown opcode ]\r\n");
}else{
printf("[ Kerberos V4 refuses authentication ");
if (cnt > 0)
printf("because %.*s ", cnt, data);
printf("]\r\n");
auth_send_retry();
}
return;
case KRB_ACCEPT:
printf("[ Kerberos V4 accepts you ]\r\n");
auth_done = 1;
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
/*
* Send over the encrypted challenge.
*/
Data(ap, KRB_CHALLENGE, session_key,
sizeof(session_key));
des_ecb_encrypt(&session_key, &session_key, sched, 1);
skey.type = SK_DES;
skey.length = 8;
skey.data = session_key;
encrypt_session_key(&skey, 0);
#if 0
kerberos4_forward(ap, &cred_session);
#endif
return;
}
auth_finished(ap, AUTH_USER);
return;
case KRB_RESPONSE:
/* make sure the response is correct */
if ((cnt != sizeof(des_cblock)) ||
(memcmp(data, challenge, sizeof(challenge)))){
printf("[ Kerberos V4 challenge failed!!! ]\r\n");
auth_send_retry();
return;
}
printf("[ Kerberos V4 challenge successful ]\r\n");
auth_finished(ap, AUTH_USER);
break;
case KRB_FORWARD_ACCEPT:
printf("[ Kerberos V4 accepted forwarded credentials ]\r\n");
break;
case KRB_FORWARD_REJECT:
printf("[ Kerberos V4 rejected forwarded credentials: `%.*s']\r\n",
cnt, data);
break;
default:
if (auth_debug_mode)
printf("Unknown Kerberos option %d\r\n", data[-1]);
return;
}
}
int
kerberos4_status(Authenticator *ap, char *name, size_t name_sz, int level)
{
if (level < AUTH_USER)
return(level);
if (UserNameRequested && !kuserok(&adat, UserNameRequested)) {
strlcpy(name, UserNameRequested, name_sz);
return(AUTH_VALID);
} else
return(AUTH_USER);
}
#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
void
kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen)
{
int i;
buf[buflen-1] = '\0'; /* make sure its NULL terminated */
buflen -= 1;
switch(data[3]) {
case KRB_REJECT: /* Rejected (reason might follow) */
strlcpy((char *)buf, " REJECT ", buflen);
goto common;
case KRB_ACCEPT: /* Accepted (name might follow) */
strlcpy((char *)buf, " ACCEPT ", buflen);
common:
BUMP(buf, buflen);
if (cnt <= 4)
break;
ADDC(buf, buflen, '"');
for (i = 4; i < cnt; i++)
ADDC(buf, buflen, data[i]);
ADDC(buf, buflen, '"');
ADDC(buf, buflen, '\0');
break;
case KRB_AUTH: /* Authentication data follows */
strlcpy((char *)buf, " AUTH", buflen);
goto common2;
case KRB_CHALLENGE:
strlcpy((char *)buf, " CHALLENGE", buflen);
goto common2;
case KRB_RESPONSE:
strlcpy((char *)buf, " RESPONSE", buflen);
goto common2;
default:
snprintf(buf, buflen, " %d (unknown)", data[3]);
common2:
BUMP(buf, buflen);
for (i = 4; i < cnt; i++) {
snprintf(buf, buflen, " %d", data[i]);
BUMP(buf, buflen);
}
break;
}
}
int
kerberos4_cksum(unsigned char *d, int n)
{
int ck = 0;
/*
* A comment is probably needed here for those not
* well versed in the "C" language. Yes, this is
* supposed to be a "switch" with the body of the
* "switch" being a "while" statement. The whole
* purpose of the switch is to allow us to jump into
* the middle of the while() loop, and then not have
* to do any more switch()s.
*
* Some compilers will spit out a warning message
* about the loop not being entered at the top.
*/
switch (n&03)
while (n > 0) {
case 0:
ck ^= (int)*d++ << 24;
--n;
case 3:
ck ^= (int)*d++ << 16;
--n;
case 2:
ck ^= (int)*d++ << 8;
--n;
case 1:
ck ^= (int)*d++;
--n;
}
return(ck);
}
static int
pack_cred(CREDENTIALS *cred, unsigned char *buf)
{
unsigned char *p = buf;
memcpy (p, cred->service, ANAME_SZ);
p += ANAME_SZ;
memcpy (p, cred->instance, INST_SZ);
p += INST_SZ;
memcpy (p, cred->realm, REALM_SZ);
p += REALM_SZ;
memcpy(p, cred->session, 8);
p += 8;
p += KRB_PUT_INT(cred->lifetime, p, 4, 4);
p += KRB_PUT_INT(cred->kvno, p, 4, 4);
p += KRB_PUT_INT(cred->ticket_st.length, p, 4, 4);
memcpy(p, cred->ticket_st.dat, cred->ticket_st.length);
p += cred->ticket_st.length;
p += KRB_PUT_INT(0, p, 4, 4);
p += KRB_PUT_INT(cred->issue_date, p, 4, 4);
memcpy (p, cred->pname, ANAME_SZ);
p += ANAME_SZ;
memcpy (p, cred->pinst, INST_SZ);
p += INST_SZ;
return p - buf;
}
static int
unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred)
{
unsigned char *p = buf;
u_int32_t tmp;
strncpy (cred->service, p, ANAME_SZ);
cred->service[ANAME_SZ - 1] = '\0';
p += ANAME_SZ;
strncpy (cred->instance, p, INST_SZ);
cred->instance[INST_SZ - 1] = '\0';
p += INST_SZ;
strncpy (cred->realm, p, REALM_SZ);
cred->realm[REALM_SZ - 1] = '\0';
p += REALM_SZ;
memcpy(cred->session, p, 8);
p += 8;
p += krb_get_int(p, &tmp, 4, 0);
cred->lifetime = tmp;
p += krb_get_int(p, &tmp, 4, 0);
cred->kvno = tmp;
p += krb_get_int(p, &cred->ticket_st.length, 4, 0);
memcpy(cred->ticket_st.dat, p, cred->ticket_st.length);
p += cred->ticket_st.length;
p += krb_get_int(p, &tmp, 4, 0);
cred->ticket_st.mbz = 0;
p += krb_get_int(p, (u_int32_t *)&cred->issue_date, 4, 0);
strncpy (cred->pname, p, ANAME_SZ);
cred->pname[ANAME_SZ - 1] = '\0';
p += ANAME_SZ;
strncpy (cred->pinst, p, INST_SZ);
cred->pinst[INST_SZ - 1] = '\0';
p += INST_SZ;
return 0;
}
int
kerberos4_forward(Authenticator *ap, void *v)
{
des_cblock *key = (des_cblock *)v;
CREDENTIALS cred;
char *realm;
des_key_schedule ks;
int len;
unsigned char netcred[sizeof(CREDENTIALS)];
int ret;
realm = krb_realmofhost(RemoteHostName);
if(realm == NULL)
return -1;
memset(&cred, 0, sizeof(cred));
ret = krb_get_cred(KRB_TICKET_GRANTING_TICKET,
realm,
realm,
&cred);
if(ret)
return ret;
des_set_key(key, ks);
len = pack_cred(&cred, netcred);
des_pcbc_encrypt((void*)netcred, (void*)netcred, len,
ks, key, DES_ENCRYPT);
memset(ks, 0, sizeof(ks));
Data(ap, KRB_FORWARD, netcred, len);
memset(netcred, 0, sizeof(netcred));
return 0;
}
#endif /* KRB4 */

736
crypto/heimdal/appl/telnet/libtelnet/kerberos5.c Normal file
View File

@ -0,0 +1,736 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
#include <config.h>
RCSID("$Id: kerberos5.c,v 1.39 2000/02/01 00:32:05 assar Exp $");
#ifdef KRB5
#include <arpa/telnet.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <netdb.h>
#include <ctype.h>
#include <pwd.h>
#define Authenticator k5_Authenticator
#include <krb5.h>
#undef Authenticator
#include <roken.h>
#ifdef SOCKS
#include <socks.h>
#endif
#include "encrypt.h"
#include "auth.h"
#include "misc.h"
int forward_flags = 0; /* Flags get set in telnet/main.c on -f and -F */
/* These values need to be the same as those defined in telnet/main.c. */
/* Either define them in both places, or put in some common header file. */
#define OPTS_FORWARD_CREDS 0x00000002
#define OPTS_FORWARDABLE_CREDS 0x00000001
void kerberos5_forward (Authenticator *);
static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
AUTHTYPE_KERBEROS_V5, };
#define KRB_AUTH 0 /* Authentication data follows */
#define KRB_REJECT 1 /* Rejected (reason might follow) */
#define KRB_ACCEPT 2 /* Accepted */
#define KRB_RESPONSE 3 /* Response for mutual auth. */
#define KRB_FORWARD 4 /* Forwarded credentials follow */
#define KRB_FORWARD_ACCEPT 5 /* Forwarded credentials accepted */
#define KRB_FORWARD_REJECT 6 /* Forwarded credentials rejected */
static krb5_data auth;
static krb5_ticket *ticket;
static krb5_context context;
static krb5_auth_context auth_context;
static int
Data(Authenticator *ap, int type, void *d, int c)
{
unsigned char *p = str_data + 4;
unsigned char *cd = (unsigned char *)d;
if (c == -1)
c = strlen(cd);
if (auth_debug_mode) {
printf("%s:%d: [%d] (%d)",
str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
str_data[3],
type, c);
printd(d, c);
printf("\r\n");
}
*p++ = ap->type;
*p++ = ap->way;
*p++ = type;
while (c-- > 0) {
if ((*p++ = *cd++) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
if (str_data[3] == TELQUAL_IS)
printsub('>', &str_data[2], p - &str_data[2]);
return(telnet_net_write(str_data, p - str_data));
}
int
kerberos5_init(Authenticator *ap, int server)
{
if (server)
str_data[3] = TELQUAL_REPLY;
else
str_data[3] = TELQUAL_IS;
krb5_init_context(&context);
return(1);
}
static int
kerberos5_send(char *name, Authenticator *ap)
{
krb5_error_code ret;
krb5_ccache ccache;
int ap_opts;
krb5_data cksum_data;
char foo[2];
extern int net;
printf("[ Trying %s ... ]\r\n", name);
if (!UserNameRequested) {
if (auth_debug_mode) {
printf("Kerberos V5: no user name supplied\r\n");
}
return(0);
}
ret = krb5_cc_default(context, &ccache);
if (ret) {
if (auth_debug_mode) {
printf("Kerberos V5: could not get default ccache: %s\r\n",
krb5_get_err_text (context, ret));
}
return 0;
}
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL)
ap_opts = AP_OPTS_MUTUAL_REQUIRED;
else
ap_opts = 0;
ret = krb5_auth_con_init (context, &auth_context);
if (ret) {
if (auth_debug_mode) {
printf("Kerberos V5: krb5_auth_con_init failed (%s)\r\n",
krb5_get_err_text(context, ret));
}
return(0);
}
ret = krb5_auth_con_setaddrs_from_fd (context,
auth_context,
&net);
if (ret) {
if (auth_debug_mode) {
printf ("Kerberos V5:"
" krb5_auth_con_setaddrs_from_fd failed (%s)\r\n",
krb5_get_err_text(context, ret));
}
return(0);
}
krb5_auth_setkeytype (context, auth_context, KEYTYPE_DES);
foo[0] = ap->type;
foo[1] = ap->way;
cksum_data.length = sizeof(foo);
cksum_data.data = foo;
ret = krb5_mk_req(context, &auth_context, ap_opts,
"host", RemoteHostName,
&cksum_data, ccache, &auth);
if (ret) {
if (1 || auth_debug_mode) {
printf("Kerberos V5: mk_req failed (%s)\r\n",
krb5_get_err_text(context, ret));
}
return(0);
}
if (!auth_sendname((unsigned char *)UserNameRequested,
strlen(UserNameRequested))) {
if (auth_debug_mode)
printf("Not enough room for user name\r\n");
return(0);
}
if (!Data(ap, KRB_AUTH, auth.data, auth.length)) {
if (auth_debug_mode)
printf("Not enough room for authentication data\r\n");
return(0);
}
if (auth_debug_mode) {
printf("Sent Kerberos V5 credentials to server\r\n");
}
return(1);
}
int
kerberos5_send_mutual(Authenticator *ap)
{
return kerberos5_send("mutual KERBEROS5", ap);
}
int
kerberos5_send_oneway(Authenticator *ap)
{
return kerberos5_send("KERBEROS5", ap);
}
void
kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
{
krb5_error_code ret;
krb5_data outbuf;
krb5_keyblock *key_block;
char *name;
krb5_principal server;
int zero = 0;
if (cnt-- < 1)
return;
switch (*data++) {
case KRB_AUTH:
auth.data = (char *)data;
auth.length = cnt;
auth_context = NULL;
ret = krb5_auth_con_init (context, &auth_context);
if (ret) {
Data(ap, KRB_REJECT, "krb5_auth_con_init failed", -1);
auth_finished(ap, AUTH_REJECT);
if (auth_debug_mode)
printf("Kerberos V5: krb5_auth_con_init failed (%s)\r\n",
krb5_get_err_text(context, ret));
return;
}
ret = krb5_auth_con_setaddrs_from_fd (context,
auth_context,
&zero);
if (ret) {
Data(ap, KRB_REJECT, "krb5_auth_con_setaddrs_from_fd failed", -1);
auth_finished(ap, AUTH_REJECT);
if (auth_debug_mode)
printf("Kerberos V5: "
"krb5_auth_con_setaddrs_from_fd failed (%s)\r\n",
krb5_get_err_text(context, ret));
return;
}
ret = krb5_sock_to_principal (context,
0,
"host",
KRB5_NT_SRV_HST,
&server);
if (ret) {
Data(ap, KRB_REJECT, "krb5_sock_to_principal failed", -1);
auth_finished(ap, AUTH_REJECT);
if (auth_debug_mode)
printf("Kerberos V5: "
"krb5_sock_to_principal failed (%s)\r\n",
krb5_get_err_text(context, ret));
return;
}
ret = krb5_rd_req(context,
&auth_context,
&auth,
server,
NULL,
NULL,
&ticket);
krb5_free_principal (context, server);
if (ret) {
char *errbuf;
asprintf(&errbuf,
"Read req failed: %s",
krb5_get_err_text(context, ret));
Data(ap, KRB_REJECT, errbuf, -1);
if (auth_debug_mode)
printf("%s\r\n", errbuf);
free (errbuf);
return;
}
{
char foo[2];
foo[0] = ap->type;
foo[1] = ap->way;
ret = krb5_verify_authenticator_checksum(context,
auth_context,
foo,
sizeof(foo));
if (ret) {
char *errbuf;
asprintf(&errbuf, "Bad checksum: %s",
krb5_get_err_text(context, ret));
Data(ap, KRB_REJECT, errbuf, -1);
if (auth_debug_mode)
printf ("%s\r\n", errbuf);
free(errbuf);
return;
}
}
ret = krb5_auth_con_getremotesubkey (context,
auth_context,
&key_block);
if (ret) {
Data(ap, KRB_REJECT, "krb5_auth_con_getremotesubkey failed", -1);
auth_finished(ap, AUTH_REJECT);
if (auth_debug_mode)
printf("Kerberos V5: "
"krb5_auth_con_getremotesubkey failed (%s)\r\n",
krb5_get_err_text(context, ret));
return;
}
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
ret = krb5_mk_rep(context, &auth_context, &outbuf);
if (ret) {
Data(ap, KRB_REJECT,
"krb5_mk_rep failed", -1);
auth_finished(ap, AUTH_REJECT);
if (auth_debug_mode)
printf("Kerberos V5: "
"krb5_mk_rep failed (%s)\r\n",
krb5_get_err_text(context, ret));
return;
}
Data(ap, KRB_RESPONSE, outbuf.data, outbuf.length);
}
if (krb5_unparse_name(context, ticket->client, &name))
name = 0;
if(UserNameRequested && krb5_kuserok(context,
ticket->client,
UserNameRequested)) {
Data(ap, KRB_ACCEPT, name, name ? -1 : 0);
if (auth_debug_mode) {
printf("Kerberos5 identifies him as ``%s''\r\n",
name ? name : "");
}
if(key_block->keytype == ETYPE_DES_CBC_MD5 ||
key_block->keytype == ETYPE_DES_CBC_MD4 ||
key_block->keytype == ETYPE_DES_CBC_CRC) {
Session_Key skey;
skey.type = SK_DES;
skey.length = 8;
skey.data = key_block->keyvalue.data;
encrypt_session_key(&skey, 0);
}
} else {
char *msg;
asprintf (&msg, "user `%s' is not authorized to "
"login as `%s'",
name ? name : "<unknown>",
UserNameRequested ? UserNameRequested : "<nobody>");
if (msg == NULL)
Data(ap, KRB_REJECT, NULL, 0);
else {
Data(ap, KRB_REJECT, (void *)msg, -1);
free(msg);
}
auth_finished (ap, AUTH_REJECT);
krb5_free_keyblock_contents(context, key_block);
break;
}
auth_finished(ap, AUTH_USER);
krb5_free_keyblock_contents(context, key_block);
break;
case KRB_FORWARD: {
struct passwd *pwd;
char ccname[1024]; /* XXX */
krb5_data inbuf;
krb5_ccache ccache;
inbuf.data = (char *)data;
inbuf.length = cnt;
pwd = getpwnam (UserNameRequested);
if (pwd == NULL)
break;
snprintf (ccname, sizeof(ccname),
"FILE:/tmp/krb5cc_%u", pwd->pw_uid);
ret = krb5_cc_resolve (context, ccname, &ccache);
if (ret) {
if (auth_debug_mode)
printf ("Kerberos V5: could not get ccache: %s\r\n",
krb5_get_err_text(context, ret));
break;
}
ret = krb5_cc_initialize (context,
ccache,
ticket->client);
if (ret) {
if (auth_debug_mode)
printf ("Kerberos V5: could not init ccache: %s\r\n",
krb5_get_err_text(context, ret));
break;
}
ret = krb5_rd_cred (context,
auth_context,
ccache,
&inbuf);
if(ret) {
char *errbuf;
asprintf (&errbuf,
"Read forwarded creds failed: %s",
krb5_get_err_text (context, ret));
if(errbuf == NULL)
Data(ap, KRB_FORWARD_REJECT, NULL, 0);
else
Data(ap, KRB_FORWARD_REJECT, errbuf, -1);
if (auth_debug_mode)
printf("Could not read forwarded credentials: %s\r\n",
errbuf);
free (errbuf);
} else
Data(ap, KRB_FORWARD_ACCEPT, 0, 0);
chown (ccname + 5, pwd->pw_uid, -1);
if (auth_debug_mode)
printf("Forwarded credentials obtained\r\n");
break;
}
default:
if (auth_debug_mode)
printf("Unknown Kerberos option %d\r\n", data[-1]);
Data(ap, KRB_REJECT, 0, 0);
break;
}
}
void
kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt)
{
static int mutual_complete = 0;
if (cnt-- < 1)
return;
switch (*data++) {
case KRB_REJECT:
if (cnt > 0) {
printf("[ Kerberos V5 refuses authentication because %.*s ]\r\n",
cnt, data);
} else
printf("[ Kerberos V5 refuses authentication ]\r\n");
auth_send_retry();
return;
case KRB_ACCEPT: {
krb5_error_code ret;
Session_Key skey;
krb5_keyblock *keyblock;
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL &&
!mutual_complete) {
printf("[ Kerberos V5 accepted you, but didn't provide mutual authentication! ]\r\n");
auth_send_retry();
return;
}
if (cnt)
printf("[ Kerberos V5 accepts you as ``%.*s'' ]\r\n", cnt, data);
else
printf("[ Kerberos V5 accepts you ]\r\n");
ret = krb5_auth_con_getlocalsubkey (context,
auth_context,
&keyblock);
if (ret)
ret = krb5_auth_con_getkey (context,
auth_context,
&keyblock);
if(ret) {
printf("[ krb5_auth_con_getkey: %s ]\r\n",
krb5_get_err_text(context, ret));
auth_send_retry();
return;
}
skey.type = SK_DES;
skey.length = 8;
skey.data = keyblock->keyvalue.data;
encrypt_session_key(&skey, 0);
krb5_free_keyblock_contents (context, keyblock);
auth_finished(ap, AUTH_USER);
if (forward_flags & OPTS_FORWARD_CREDS)
kerberos5_forward(ap);
break;
}
case KRB_RESPONSE:
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
/* the rest of the reply should contain a krb_ap_rep */
krb5_ap_rep_enc_part *reply;
krb5_data inbuf;
krb5_error_code ret;
inbuf.length = cnt;
inbuf.data = (char *)data;
ret = krb5_rd_rep(context, auth_context, &inbuf, &reply);
if (ret) {
printf("[ Mutual authentication failed: %s ]\r\n",
krb5_get_err_text (context, ret));
auth_send_retry();
return;
}
krb5_free_ap_rep_enc_part(context, reply);
mutual_complete = 1;
}
return;
case KRB_FORWARD_ACCEPT:
printf("[ Kerberos V5 accepted forwarded credentials ]\r\n");
return;
case KRB_FORWARD_REJECT:
printf("[ Kerberos V5 refuses forwarded credentials because %.*s ]\r\n",
cnt, data);
return;
default:
if (auth_debug_mode)
printf("Unknown Kerberos option %d\r\n", data[-1]);
return;
}
}
int
kerberos5_status(Authenticator *ap, char *name, size_t name_sz, int level)
{
if (level < AUTH_USER)
return(level);
if (UserNameRequested &&
krb5_kuserok(context,
ticket->client,
UserNameRequested))
{
strlcpy(name, UserNameRequested, name_sz);
return(AUTH_VALID);
} else
return(AUTH_USER);
}
#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
void
kerberos5_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen)
{
int i;
buf[buflen-1] = '\0'; /* make sure its NULL terminated */
buflen -= 1;
switch(data[3]) {
case KRB_REJECT: /* Rejected (reason might follow) */
strlcpy((char *)buf, " REJECT ", buflen);
goto common;
case KRB_ACCEPT: /* Accepted (name might follow) */
strlcpy((char *)buf, " ACCEPT ", buflen);
common:
BUMP(buf, buflen);
if (cnt <= 4)
break;
ADDC(buf, buflen, '"');
for (i = 4; i < cnt; i++)
ADDC(buf, buflen, data[i]);
ADDC(buf, buflen, '"');
ADDC(buf, buflen, '\0');
break;
case KRB_AUTH: /* Authentication data follows */
strlcpy((char *)buf, " AUTH", buflen);
goto common2;
case KRB_RESPONSE:
strlcpy((char *)buf, " RESPONSE", buflen);
goto common2;
case KRB_FORWARD: /* Forwarded credentials follow */
strlcpy((char *)buf, " FORWARD", buflen);
goto common2;
case KRB_FORWARD_ACCEPT: /* Forwarded credentials accepted */
strlcpy((char *)buf, " FORWARD_ACCEPT", buflen);
goto common2;
case KRB_FORWARD_REJECT: /* Forwarded credentials rejected */
/* (reason might follow) */
strlcpy((char *)buf, " FORWARD_REJECT", buflen);
goto common2;
default:
snprintf(buf, buflen, " %d (unknown)", data[3]);
common2:
BUMP(buf, buflen);
for (i = 4; i < cnt; i++) {
snprintf(buf, buflen, " %d", data[i]);
BUMP(buf, buflen);
}
break;
}
}
void
kerberos5_forward(Authenticator *ap)
{
krb5_error_code ret;
krb5_ccache ccache;
krb5_creds creds;
krb5_kdc_flags flags;
krb5_data out_data;
krb5_principal principal;
ret = krb5_cc_default (context, &ccache);
if (ret) {
if (auth_debug_mode)
printf ("KerberosV5: could not get default ccache: %s\r\n",
krb5_get_err_text (context, ret));
return;
}
ret = krb5_cc_get_principal (context, ccache, &principal);
if (ret) {
if (auth_debug_mode)
printf ("KerberosV5: could not get principal: %s\r\n",
krb5_get_err_text (context, ret));
return;
}
memset (&creds, 0, sizeof(creds));
creds.client = principal;
ret = krb5_build_principal (context,
&creds.server,
strlen(principal->realm),
principal->realm,
"krbtgt",
principal->realm,
NULL);
if (ret) {
if (auth_debug_mode)
printf ("KerberosV5: could not get principal: %s\r\n",
krb5_get_err_text (context, ret));
return;
}
creds.times.endtime = 0;
flags.i = 0;
flags.b.forwarded = 1;
if (forward_flags & OPTS_FORWARDABLE_CREDS)
flags.b.forwardable = 1;
ret = krb5_get_forwarded_creds (context,
auth_context,
ccache,
flags.i,
RemoteHostName,
&creds,
&out_data);
if (ret) {
if (auth_debug_mode)
printf ("Kerberos V5: error getting forwarded creds: %s\r\n",
krb5_get_err_text (context, ret));
return;
}
if(!Data(ap, KRB_FORWARD, out_data.data, out_data.length)) {
if (auth_debug_mode)
printf("Not enough room for authentication data\r\n");
} else {
if (auth_debug_mode)
printf("Forwarded local Kerberos V5 credentials to server\r\n");
}
}
#endif /* KRB5 */

437
crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c Normal file
View File

@ -0,0 +1,437 @@
/*-
* Copyright (c) 1992, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
RCSID("$Id: krb4encpwd.c,v 1.18 1999/09/16 20:41:34 assar Exp $");
#ifdef KRB4_ENCPWD
/*
* COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
* ALL RIGHTS RESERVED
*
* "Digital Equipment Corporation authorizes the reproduction,
* distribution and modification of this software subject to the following
* restrictions:
*
* 1. Any partial or whole copy of this software, or any modification
* thereof, must include this copyright notice in its entirety.
*
* 2. This software is supplied "as is" with no warranty of any kind,
* expressed or implied, for any purpose, including any warranty of fitness
* or merchantibility. DIGITAL assumes no responsibility for the use or
* reliability of this software, nor promises to provide any form of
* support for it on any basis.
*
* 3. Distribution of this software is authorized only if no profit or
* remuneration of any kind is received in exchange for such distribution.
*
* 4. This software produces public key authentication certificates
* bearing an expiration date established by DIGITAL and RSA Data
* Security, Inc. It may cease to generate certificates after the expiration
* date. Any modification of this software that changes or defeats
* the expiration date or its effect is unauthorized.
*
* 5. Software that will renew or extend the expiration date of
* authentication certificates produced by this software may be obtained
* from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
* 94065, (415)595-8782, or from DIGITAL"
*
*/
#include <sys/types.h>
#include <arpa/telnet.h>
#include <pwd.h>
#include <stdio.h>
#include <des.h>
#include <krb.h>
#include <stdlib.h>
#include <string.h>
#ifdef SOCKS
#include <socks.h>
#endif
#include "encrypt.h"
#include "auth.h"
#include "misc.h"
int krb_mk_encpwd_req (KTEXT, char *, char *, char *, char *, char *, char *);
int krb_rd_encpwd_req (KTEXT, char *, char *, u_long, AUTH_DAT *, char *, char *, char *, char *);
extern auth_debug_mode;
static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
AUTHTYPE_KRB4_ENCPWD, };
static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
TELQUAL_NAME, };
#define KRB4_ENCPWD_AUTH 0 /* Authentication data follows */
#define KRB4_ENCPWD_REJECT 1 /* Rejected (reason might follow) */
#define KRB4_ENCPWD_ACCEPT 2 /* Accepted */
#define KRB4_ENCPWD_CHALLENGE 3 /* Challenge for mutual auth. */
#define KRB4_ENCPWD_ACK 4 /* Acknowledge */
#define KRB_SERVICE_NAME "rcmd"
static KTEXT_ST auth;
static char name[ANAME_SZ];
static char user_passwd[ANAME_SZ];
static AUTH_DAT adat = { 0 };
static des_key_schedule sched;
static char challenge[REALM_SZ];
static int
Data(ap, type, d, c)
Authenticator *ap;
int type;
void *d;
int c;
{
unsigned char *p = str_data + 4;
unsigned char *cd = (unsigned char *)d;
if (c == -1)
c = strlen(cd);
if (0) {
printf("%s:%d: [%d] (%d)",
str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
str_data[3],
type, c);
printd(d, c);
printf("\r\n");
}
*p++ = ap->type;
*p++ = ap->way;
*p++ = type;
while (c-- > 0) {
if ((*p++ = *cd++) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
if (str_data[3] == TELQUAL_IS)
printsub('>', &str_data[2], p - (&str_data[2]));
return(telnet_net_write(str_data, p - str_data));
}
int
krb4encpwd_init(ap, server)
Authenticator *ap;
int server;
{
char hostname[80], *cp, *realm;
des_clock skey;
if (server) {
str_data[3] = TELQUAL_REPLY;
} else {
str_data[3] = TELQUAL_IS;
gethostname(hostname, sizeof(hostname));
realm = krb_realmofhost(hostname);
cp = strchr(hostname, '.');
if (*cp != NULL) *cp = NULL;
if (read_service_key(KRB_SERVICE_NAME, hostname, realm, 0,
KEYFILE, (char *)skey)) {
return(0);
}
}
return(1);
}
int
krb4encpwd_send(ap)
Authenticator *ap;
{
printf("[ Trying KRB4ENCPWD ... ]\r\n");
if (!UserNameRequested) {
return(0);
}
if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
return(0);
}
if (!Data(ap, KRB4_ENCPWD_ACK, NULL, 0)) {
return(0);
}
return(1);
}
void
krb4encpwd_is(ap, data, cnt)
Authenticator *ap;
unsigned char *data;
int cnt;
{
Session_Key skey;
des_cblock datablock;
char r_passwd[ANAME_SZ], r_user[ANAME_SZ];
char lhostname[ANAME_SZ], *cp;
int r;
time_t now;
if (cnt-- < 1)
return;
switch (*data++) {
case KRB4_ENCPWD_AUTH:
memmove(auth.dat, data, auth.length = cnt);
gethostname(lhostname, sizeof(lhostname));
if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0';
if (r = krb_rd_encpwd_req(&auth, KRB_SERVICE_NAME, lhostname, 0, &adat, NULL, challenge, r_user, r_passwd)) {
Data(ap, KRB4_ENCPWD_REJECT, "Auth failed", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
auth_encrypt_userpwd(r_passwd);
if (passwdok(UserNameRequested, UserPassword) == 0) {
/*
* illegal username and password
*/
Data(ap, KRB4_ENCPWD_REJECT, "Illegal password", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
memmove(session_key, adat.session, sizeof(des_cblock));
Data(ap, KRB4_ENCPWD_ACCEPT, 0, 0);
auth_finished(ap, AUTH_USER);
break;
case KRB4_ENCPWD_CHALLENGE:
/*
* Take the received random challenge text and save
* for future authentication.
*/
memmove(challenge, data, sizeof(des_cblock));
break;
case KRB4_ENCPWD_ACK:
/*
* Receive ack, if mutual then send random challenge
*/
/*
* If we are doing mutual authentication, get set up to send
* the challenge, and verify it when the response comes back.
*/
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
int i;
time(&now);
snprintf(challenge, sizeof(challenge), "%x", now);
Data(ap, KRB4_ENCPWD_CHALLENGE, challenge, strlen(challenge));
}
break;
default:
Data(ap, KRB4_ENCPWD_REJECT, 0, 0);
break;
}
}
void
krb4encpwd_reply(ap, data, cnt)
Authenticator *ap;
unsigned char *data;
int cnt;
{
Session_Key skey;
KTEXT_ST krb_token;
des_cblock enckey;
CREDENTIALS cred;
int r;
char randchal[REALM_SZ], instance[ANAME_SZ], *cp;
char hostname[80], *realm;
if (cnt-- < 1)
return;
switch (*data++) {
case KRB4_ENCPWD_REJECT:
if (cnt > 0) {
printf("[ KRB4_ENCPWD refuses authentication because %.*s ]\r\n",
cnt, data);
} else
printf("[ KRB4_ENCPWD refuses authentication ]\r\n");
auth_send_retry();
return;
case KRB4_ENCPWD_ACCEPT:
printf("[ KRB4_ENCPWD accepts you ]\r\n");
auth_finished(ap, AUTH_USER);
return;
case KRB4_ENCPWD_CHALLENGE:
/*
* Verify that the response to the challenge is correct.
*/
gethostname(hostname, sizeof(hostname));
realm = krb_realmofhost(hostname);
memmove(challenge, data, cnt);
memset(user_passwd, 0, sizeof(user_passwd));
des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0);
UserPassword = user_passwd;
Challenge = challenge;
strlcpy(instance, RemoteHostName, sizeof(instance));
if ((cp = strchr(instance, '.')) != 0) *cp = '\0';
if (r = krb_mk_encpwd_req(&krb_token, KRB_SERVICE_NAME, instance, realm, Challenge, UserNameRequested, user_passwd)) {
krb_token.length = 0;
}
if (!Data(ap, KRB4_ENCPWD_AUTH, krb_token.dat, krb_token.length)) {
return;
}
break;
default:
return;
}
}
int
krb4encpwd_status(ap, name, name_sz, level)
Authenticator *ap;
char *name;
size_t name_sz;
int level;
{
if (level < AUTH_USER)
return(level);
if (UserNameRequested && passwdok(UserNameRequested, UserPassword)) {
strlcpy(name, UserNameRequested, name_sz);
return(AUTH_VALID);
} else {
return(AUTH_USER);
}
}
#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
void
krb4encpwd_printsub(data, cnt, buf, buflen)
unsigned char *data, *buf;
int cnt, buflen;
{
int i;
buf[buflen-1] = '\0'; /* make sure its NULL terminated */
buflen -= 1;
switch(data[3]) {
case KRB4_ENCPWD_REJECT: /* Rejected (reason might follow) */
strlcpy((char *)buf, " REJECT ", buflen);
goto common;
case KRB4_ENCPWD_ACCEPT: /* Accepted (name might follow) */
strlcpy((char *)buf, " ACCEPT ", buflen);
common:
BUMP(buf, buflen);
if (cnt <= 4)
break;
ADDC(buf, buflen, '"');
for (i = 4; i < cnt; i++)
ADDC(buf, buflen, data[i]);
ADDC(buf, buflen, '"');
ADDC(buf, buflen, '\0');
break;
case KRB4_ENCPWD_AUTH: /* Authentication data follows */
strlcpy((char *)buf, " AUTH", buflen);
goto common2;
case KRB4_ENCPWD_CHALLENGE:
strlcpy((char *)buf, " CHALLENGE", buflen);
goto common2;
case KRB4_ENCPWD_ACK:
strlcpy((char *)buf, " ACK", buflen);
goto common2;
default:
snprintf(buf, buflen, " %d (unknown)", data[3]);
common2:
BUMP(buf, buflen);
for (i = 4; i < cnt; i++) {
snprintf(buf, buflen, " %d", data[i]);
BUMP(buf, buflen);
}
break;
}
}
int passwdok(name, passwd)
char *name, *passwd;
{
char *crypt();
char *salt, *p;
struct passwd *pwd;
int passwdok_status = 0;
if (pwd = k_getpwnam(name))
salt = pwd->pw_passwd;
else salt = "xx";
p = crypt(passwd, salt);
if (pwd && !strcmp(p, pwd->pw_passwd)) {
passwdok_status = 1;
} else passwdok_status = 0;
return(passwdok_status);
}
#endif
#ifdef notdef
prkey(msg, key)
char *msg;
unsigned char *key;
{
int i;
printf("%s:", msg);
for (i = 0; i < 8; i++)
printf(" %3d", key[i]);
printf("\r\n");
}
#endif

79
crypto/heimdal/appl/telnet/libtelnet/misc-proto.h Normal file
View File

@ -0,0 +1,79 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)misc-proto.h 8.1 (Berkeley) 6/4/93
*/
/*
* Copyright (C) 1990 by the Massachusetts Institute of Technology
*
* Export of this software from the United States of America is assumed
* to require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
/* $Id: misc-proto.h,v 1.8 2000/01/18 03:11:07 assar Exp $ */
#ifndef __MISC_PROTO__
#define __MISC_PROTO__
void auth_encrypt_init (const char *, const char *, const char *, int);
void auth_encrypt_user(const char *name);
void auth_encrypt_connect (int);
void printd (const unsigned char *, int);
char** genget (char *name, char **table, int stlen);
int isprefix(char *s1, char *s2);
int Ambiguous(void *s);
/*
* These functions are imported from the application
*/
int telnet_net_write (unsigned char *, int);
void net_encrypt (void);
int telnet_spin (void);
char *telnet_getenv (char *);
char *telnet_gets (char *, char *, int, int);
void printsub(int direction, unsigned char *pointer, int length);
#endif

95
crypto/heimdal/appl/telnet/libtelnet/misc.c Normal file
View File

@ -0,0 +1,95 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
RCSID("$Id: misc.c,v 1.15 2000/01/25 23:24:58 assar Exp $");
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <roken.h>
#ifdef SOCKS
#include <socks.h>
#endif
#include "misc.h"
#include "auth.h"
#include "encrypt.h"
const char *RemoteHostName;
const char *LocalHostName;
char *UserNameRequested = 0;
int ConnectedCount = 0;
void
auth_encrypt_init(const char *local, const char *remote, const char *name,
int server)
{
RemoteHostName = remote;
LocalHostName = local;
#ifdef AUTHENTICATION
auth_init(name, server);
#endif
#ifdef ENCRYPTION
encrypt_init(name, server);
#endif
if (UserNameRequested) {
free(UserNameRequested);
UserNameRequested = 0;
}
}
void
auth_encrypt_user(const char *name)
{
if (UserNameRequested)
free(UserNameRequested);
UserNameRequested = name ? strdup(name) : 0;
}
void
auth_encrypt_connect(int cnt)
{
}
void
printd(const unsigned char *data, int cnt)
{
if (cnt > 16)
cnt = 16;
while (cnt-- > 0) {
printf(" %02x", *data);
++data;
}
}

42
crypto/heimdal/appl/telnet/libtelnet/misc.h Normal file
View File

@ -0,0 +1,42 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)misc.h 8.1 (Berkeley) 6/4/93
*/
extern char *UserNameRequested;
extern const char *LocalHostName;
extern const char *RemoteHostName;
extern int ConnectedCount;
extern int ReservedPort;
#include "misc-proto.h"

487
crypto/heimdal/appl/telnet/libtelnet/rsaencpwd.c Normal file
View File

@ -0,0 +1,487 @@
/*-
* Copyright (c) 1992, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
RCSID("$Id: rsaencpwd.c,v 1.18 1999/09/16 20:41:34 assar Exp $");
#ifdef RSA_ENCPWD
/*
* COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
* ALL RIGHTS RESERVED
*
* "Digital Equipment Corporation authorizes the reproduction,
* distribution and modification of this software subject to the following
* restrictions:
*
* 1. Any partial or whole copy of this software, or any modification
* thereof, must include this copyright notice in its entirety.
*
* 2. This software is supplied "as is" with no warranty of any kind,
* expressed or implied, for any purpose, including any warranty of fitness
* or merchantibility. DIGITAL assumes no responsibility for the use or
* reliability of this software, nor promises to provide any form of
* support for it on any basis.
*
* 3. Distribution of this software is authorized only if no profit or
* remuneration of any kind is received in exchange for such distribution.
*
* 4. This software produces public key authentication certificates
* bearing an expiration date established by DIGITAL and RSA Data
* Security, Inc. It may cease to generate certificates after the expiration
* date. Any modification of this software that changes or defeats
* the expiration date or its effect is unauthorized.
*
* 5. Software that will renew or extend the expiration date of
* authentication certificates produced by this software may be obtained
* from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
* 94065, (415)595-8782, or from DIGITAL"
*
*/
#include <sys/types.h>
#ifdef HAVE_ARPA_TELNET_H
#include <arpa/telnet.h>
#endif
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifdef SOCKS
#include <socks.h>
#endif
#include "encrypt.h"
#include "auth.h"
#include "misc.h"
#include "cdc.h"
extern auth_debug_mode;
static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
AUTHTYPE_RSA_ENCPWD, };
static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
TELQUAL_NAME, };
#define RSA_ENCPWD_AUTH 0 /* Authentication data follows */
#define RSA_ENCPWD_REJECT 1 /* Rejected (reason might follow) */
#define RSA_ENCPWD_ACCEPT 2 /* Accepted */
#define RSA_ENCPWD_CHALLENGEKEY 3 /* Challenge and public key */
#define NAME_SZ 40
#define CHAL_SZ 20
#define PWD_SZ 40
static KTEXT_ST auth;
static char name[NAME_SZ];
static char user_passwd[PWD_SZ];
static char key_file[2*NAME_SZ];
static char lhostname[NAME_SZ];
static char challenge[CHAL_SZ];
static int challenge_len;
static int
Data(ap, type, d, c)
Authenticator *ap;
int type;
void *d;
int c;
{
unsigned char *p = str_data + 4;
unsigned char *cd = (unsigned char *)d;
if (c == -1)
c = strlen((char *)cd);
if (0) {
printf("%s:%d: [%d] (%d)",
str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
str_data[3],
type, c);
printd(d, c);
printf("\r\n");
}
*p++ = ap->type;
*p++ = ap->way;
if (type != NULL) *p++ = type;
while (c-- > 0) {
if ((*p++ = *cd++) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
if (str_data[3] == TELQUAL_IS)
printsub('>', &str_data[2], p - (&str_data[2]));
return(telnet_net_write(str_data, p - str_data));
}
int
rsaencpwd_init(ap, server)
Authenticator *ap;
int server;
{
char *cp;
FILE *fp;
if (server) {
str_data[3] = TELQUAL_REPLY;
memset(key_file, 0, sizeof(key_file));
gethostname(lhostname, sizeof(lhostname));
if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0';
snprintf(key_file, sizeof(key_file),
"/etc/.%s_privkey", lhostname);
if ((fp=fopen(key_file, "r"))==NULL) return(0);
fclose(fp);
} else {
str_data[3] = TELQUAL_IS;
}
return(1);
}
int
rsaencpwd_send(ap)
Authenticator *ap;
{
printf("[ Trying RSAENCPWD ... ]\r\n");
if (!UserNameRequested) {
return(0);
}
if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
return(0);
}
if (!Data(ap, NULL, NULL, 0)) {
return(0);
}
return(1);
}
void
rsaencpwd_is(ap, data, cnt)
Authenticator *ap;
unsigned char *data;
int cnt;
{
Session_Key skey;
des_cblock datablock;
char r_passwd[PWD_SZ], r_user[NAME_SZ];
char *cp, key[160];
char chalkey[160], *ptr;
FILE *fp;
int r, i, j, chalkey_len, len;
time_t now;
cnt--;
switch (*data++) {
case RSA_ENCPWD_AUTH:
memmove(auth.dat, data, auth.length = cnt);
if ((fp=fopen(key_file, "r"))==NULL) {
Data(ap, RSA_ENCPWD_REJECT, "Auth failed", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
/*
* get privkey
*/
fscanf(fp, "%x;", &len);
for (i=0;i<len;i++) {
j = getc(fp); key[i]=j;
}
fclose(fp);
r = accept_rsa_encpwd(&auth, key, challenge,
challenge_len, r_passwd);
if (r < 0) {
Data(ap, RSA_ENCPWD_REJECT, "Auth failed", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
auth_encrypt_userpwd(r_passwd);
if (rsaencpwd_passwdok(UserNameRequested, UserPassword) == 0) {
/*
* illegal username and password
*/
Data(ap, RSA_ENCPWD_REJECT, "Illegal password", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
Data(ap, RSA_ENCPWD_ACCEPT, 0, 0);
auth_finished(ap, AUTH_USER);
break;
case IAC:
/*
* If we are doing mutual authentication, get set up to send
* the challenge, and verify it when the response comes back.
*/
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_ONE_WAY) {
int i;
time(&now);
if ((now % 2) == 0) {
snprintf(challenge, sizeof(challenge), "%x", now);
challenge_len = strlen(challenge);
} else {
strlcpy(challenge, "randchal", sizeof(challenge));
challenge_len = 8;
}
if ((fp=fopen(key_file, "r"))==NULL) {
Data(ap, RSA_ENCPWD_REJECT, "Auth failed", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
/*
* skip privkey
*/
fscanf(fp, "%x;", &len);
for (i=0;i<len;i++) {
j = getc(fp);
}
/*
* get pubkey
*/
fscanf(fp, "%x;", &len);
for (i=0;i<len;i++) {
j = getc(fp); key[i]=j;
}
fclose(fp);
chalkey[0] = 0x30;
ptr = (char *) &chalkey[1];
chalkey_len = 1+NumEncodeLengthOctets(i)+i+1+NumEncodeLengthOctets(challenge_len)+challenge_len;
EncodeLength(ptr, chalkey_len);
ptr +=NumEncodeLengthOctets(chalkey_len);
*ptr++ = 0x04; /* OCTET STRING */
*ptr++ = challenge_len;
memmove(ptr, challenge, challenge_len);
ptr += challenge_len;
*ptr++ = 0x04; /* OCTET STRING */
EncodeLength(ptr, i);
ptr += NumEncodeLengthOctets(i);
memmove(ptr, key, i);
chalkey_len = 1+NumEncodeLengthOctets(chalkey_len)+chalkey_len;
Data(ap, RSA_ENCPWD_CHALLENGEKEY, chalkey, chalkey_len);
}
break;
default:
Data(ap, RSA_ENCPWD_REJECT, 0, 0);
break;
}
}
void
rsaencpwd_reply(ap, data, cnt)
Authenticator *ap;
unsigned char *data;
int cnt;
{
Session_Key skey;
KTEXT_ST token;
des_cblock enckey;
int r, pubkey_len;
char randchal[CHAL_SZ], *cp;
char chalkey[160], pubkey[128], *ptr;
if (cnt-- < 1)
return;
switch (*data++) {
case RSA_ENCPWD_REJECT:
if (cnt > 0) {
printf("[ RSA_ENCPWD refuses authentication because %.*s ]\r\n",
cnt, data);
} else
printf("[ RSA_ENCPWD refuses authentication ]\r\n");
auth_send_retry();
return;
case RSA_ENCPWD_ACCEPT:
printf("[ RSA_ENCPWD accepts you ]\r\n");
auth_finished(ap, AUTH_USER);
return;
case RSA_ENCPWD_CHALLENGEKEY:
/*
* Verify that the response to the challenge is correct.
*/
memmove(chalkey, data, cnt);
ptr = (char *) &chalkey[0];
ptr += DecodeHeaderLength(chalkey);
if (*ptr != 0x04) {
return;
}
*ptr++;
challenge_len = DecodeValueLength(ptr);
ptr += NumEncodeLengthOctets(challenge_len);
memmove(challenge, ptr, challenge_len);
ptr += challenge_len;
if (*ptr != 0x04) {
return;
}
*ptr++;
pubkey_len = DecodeValueLength(ptr);
ptr += NumEncodeLengthOctets(pubkey_len);
memmove(pubkey, ptr, pubkey_len);
memset(user_passwd, 0, sizeof(user_passwd));
des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0);
UserPassword = user_passwd;
Challenge = challenge;
r = init_rsa_encpwd(&token, user_passwd, challenge, challenge_len, pubkey);
if (r < 0) {
token.length = 1;
}
if (!Data(ap, RSA_ENCPWD_AUTH, token.dat, token.length)) {
return;
}
break;
default:
return;
}
}
int
rsaencpwd_status(ap, name, name_sz, level)
Authenticator *ap;
char *name;
size_t name_sz;
int level;
{
if (level < AUTH_USER)
return(level);
if (UserNameRequested && rsaencpwd_passwdok(UserNameRequested, UserPassword)) {
strlcpy(name, UserNameRequested, name_sz);
return(AUTH_VALID);
} else {
return(AUTH_USER);
}
}
#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
void
rsaencpwd_printsub(data, cnt, buf, buflen)
unsigned char *data, *buf;
int cnt, buflen;
{
int i;
buf[buflen-1] = '\0'; /* make sure its NULL terminated */
buflen -= 1;
switch(data[3]) {
case RSA_ENCPWD_REJECT: /* Rejected (reason might follow) */
strlcpy((char *)buf, " REJECT ", buflen);
goto common;
case RSA_ENCPWD_ACCEPT: /* Accepted (name might follow) */
strlcpy((char *)buf, " ACCEPT ", buflen);
common:
BUMP(buf, buflen);
if (cnt <= 4)
break;
ADDC(buf, buflen, '"');
for (i = 4; i < cnt; i++)
ADDC(buf, buflen, data[i]);
ADDC(buf, buflen, '"');
ADDC(buf, buflen, '\0');
break;
case RSA_ENCPWD_AUTH: /* Authentication data follows */
strlcpy((char *)buf, " AUTH", buflen);
goto common2;
case RSA_ENCPWD_CHALLENGEKEY:
strlcpy((char *)buf, " CHALLENGEKEY", buflen);
goto common2;
default:
snprintf(buf, buflen, " %d (unknown)", data[3]);
common2:
BUMP(buf, buflen);
for (i = 4; i < cnt; i++) {
snprintf(buf, buflen, " %d", data[i]);
BUMP(buf, buflen);
}
break;
}
}
int rsaencpwd_passwdok(name, passwd)
char *name, *passwd;
{
char *crypt();
char *salt, *p;
struct passwd *pwd;
int passwdok_status = 0;
if (pwd = k_getpwnam(name))
salt = pwd->pw_passwd;
else salt = "xx";
p = crypt(passwd, salt);
if (pwd && !strcmp(p, pwd->pw_passwd)) {
passwdok_status = 1;
} else passwdok_status = 0;
return(passwdok_status);
}
#endif
#ifdef notdef
prkey(msg, key)
char *msg;
unsigned char *key;
{
int i;
printf("%s:", msg);
for (i = 0; i < 8; i++)
printf(" %3d", key[i]);
printf("\r\n");
}
#endif

586
crypto/heimdal/appl/telnet/libtelnet/spx.c Normal file
View File

@ -0,0 +1,586 @@
/*-
* Copyright (c) 1992, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
RCSID("$Id: spx.c,v 1.17 1999/09/16 20:41:34 assar Exp $");
#ifdef SPX
/*
* COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
* ALL RIGHTS RESERVED
*
* "Digital Equipment Corporation authorizes the reproduction,
* distribution and modification of this software subject to the following
* restrictions:
*
* 1. Any partial or whole copy of this software, or any modification
* thereof, must include this copyright notice in its entirety.
*
* 2. This software is supplied "as is" with no warranty of any kind,
* expressed or implied, for any purpose, including any warranty of fitness
* or merchantibility. DIGITAL assumes no responsibility for the use or
* reliability of this software, nor promises to provide any form of
* support for it on any basis.
*
* 3. Distribution of this software is authorized only if no profit or
* remuneration of any kind is received in exchange for such distribution.
*
* 4. This software produces public key authentication certificates
* bearing an expiration date established by DIGITAL and RSA Data
* Security, Inc. It may cease to generate certificates after the expiration
* date. Any modification of this software that changes or defeats
* the expiration date or its effect is unauthorized.
*
* 5. Software that will renew or extend the expiration date of
* authentication certificates produced by this software may be obtained
* from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
* 94065, (415)595-8782, or from DIGITAL"
*
*/
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_ARPA_TELNET_H
#include <arpa/telnet.h>
#endif
#include <stdio.h>
#include "gssapi_defs.h"
#include <stdlib.h>
#include <string.h>
#include <pwd.h>
#ifdef SOCKS
#include <socks.h>
#endif
#include "encrypt.h"
#include "auth.h"
#include "misc.h"
extern auth_debug_mode;
static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
AUTHTYPE_SPX, };
static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
TELQUAL_NAME, };
#define SPX_AUTH 0 /* Authentication data follows */
#define SPX_REJECT 1 /* Rejected (reason might follow) */
#define SPX_ACCEPT 2 /* Accepted */
static des_key_schedule sched;
static des_cblock challenge = { 0 };
/*******************************************************************/
gss_OID_set actual_mechs;
gss_OID actual_mech_type, output_name_type;
int major_status, status, msg_ctx = 0, new_status;
int req_flags = 0, ret_flags, lifetime_rec;
gss_cred_id_t gss_cred_handle;
gss_ctx_id_t actual_ctxhandle, context_handle;
gss_buffer_desc output_token, input_token, input_name_buffer;
gss_buffer_desc status_string;
gss_name_t desired_targname, src_name;
gss_channel_bindings input_chan_bindings;
char lhostname[GSS_C_MAX_PRINTABLE_NAME];
char targ_printable[GSS_C_MAX_PRINTABLE_NAME];
int to_addr=0, from_addr=0;
char *address;
gss_buffer_desc fullname_buffer;
gss_OID fullname_type;
gss_cred_id_t gss_delegated_cred_handle;
/*******************************************************************/
static int
Data(ap, type, d, c)
Authenticator *ap;
int type;
void *d;
int c;
{
unsigned char *p = str_data + 4;
unsigned char *cd = (unsigned char *)d;
if (c == -1)
c = strlen((char *)cd);
if (0) {
printf("%s:%d: [%d] (%d)",
str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
str_data[3],
type, c);
printd(d, c);
printf("\r\n");
}
*p++ = ap->type;
*p++ = ap->way;
*p++ = type;
while (c-- > 0) {
if ((*p++ = *cd++) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
if (str_data[3] == TELQUAL_IS)
printsub('>', &str_data[2], p - (&str_data[2]));
return(telnet_net_write(str_data, p - str_data));
}
int
spx_init(ap, server)
Authenticator *ap;
int server;
{
gss_cred_id_t tmp_cred_handle;
if (server) {
str_data[3] = TELQUAL_REPLY;
gethostname(lhostname, sizeof(lhostname));
snprintf (targ_printable, sizeof(targ_printable),
"SERVICE:rcmd@%s", lhostname);
input_name_buffer.length = strlen(targ_printable);
input_name_buffer.value = targ_printable;
major_status = gss_import_name(&status,
&input_name_buffer,
GSS_C_NULL_OID,
&desired_targname);
major_status = gss_acquire_cred(&status,
desired_targname,
0,
GSS_C_NULL_OID_SET,
GSS_C_ACCEPT,
&tmp_cred_handle,
&actual_mechs,
&lifetime_rec);
if (major_status != GSS_S_COMPLETE) return(0);
} else {
str_data[3] = TELQUAL_IS;
}
return(1);
}
int
spx_send(ap)
Authenticator *ap;
{
des_cblock enckey;
int r;
gss_OID actual_mech_type, output_name_type;
int msg_ctx = 0, new_status, status;
int req_flags = 0, ret_flags, lifetime_rec, major_status;
gss_buffer_desc output_token, input_token, input_name_buffer;
gss_buffer_desc output_name_buffer, status_string;
gss_name_t desired_targname;
gss_channel_bindings input_chan_bindings;
char targ_printable[GSS_C_MAX_PRINTABLE_NAME];
int from_addr=0, to_addr=0, myhostlen, j;
int deleg_flag=1, mutual_flag=0, replay_flag=0, seq_flag=0;
char *address;
printf("[ Trying SPX ... ]\r\n");
snprintf (targ_printable, sizeof(targ_printable),
"SERVICE:rcmd@%s", RemoteHostName);
input_name_buffer.length = strlen(targ_printable);
input_name_buffer.value = targ_printable;
if (!UserNameRequested) {
return(0);
}
major_status = gss_import_name(&status,
&input_name_buffer,
GSS_C_NULL_OID,
&desired_targname);
major_status = gss_display_name(&status,
desired_targname,
&output_name_buffer,
&output_name_type);
printf("target is '%s'\n", output_name_buffer.value); fflush(stdout);
major_status = gss_release_buffer(&status, &output_name_buffer);
input_chan_bindings = (gss_channel_bindings)
malloc(sizeof(gss_channel_bindings_desc));
input_chan_bindings->initiator_addrtype = GSS_C_AF_INET;
input_chan_bindings->initiator_address.length = 4;
address = (char *) malloc(4);
input_chan_bindings->initiator_address.value = (char *) address;
address[0] = ((from_addr & 0xff000000) >> 24);
address[1] = ((from_addr & 0xff0000) >> 16);
address[2] = ((from_addr & 0xff00) >> 8);
address[3] = (from_addr & 0xff);
input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET;
input_chan_bindings->acceptor_address.length = 4;
address = (char *) malloc(4);
input_chan_bindings->acceptor_address.value = (char *) address;
address[0] = ((to_addr & 0xff000000) >> 24);
address[1] = ((to_addr & 0xff0000) >> 16);
address[2] = ((to_addr & 0xff00) >> 8);
address[3] = (to_addr & 0xff);
input_chan_bindings->application_data.length = 0;
req_flags = 0;
if (deleg_flag) req_flags = req_flags | 1;
if (mutual_flag) req_flags = req_flags | 2;
if (replay_flag) req_flags = req_flags | 4;
if (seq_flag) req_flags = req_flags | 8;
major_status = gss_init_sec_context(&status, /* minor status */
GSS_C_NO_CREDENTIAL, /* cred handle */
&actual_ctxhandle, /* ctx handle */
desired_targname, /* target name */
GSS_C_NULL_OID, /* mech type */
req_flags, /* req flags */
0, /* time req */
input_chan_bindings, /* chan binding */
GSS_C_NO_BUFFER, /* input token */
&actual_mech_type, /* actual mech */
&output_token, /* output token */
&ret_flags, /* ret flags */
&lifetime_rec); /* time rec */
if ((major_status != GSS_S_COMPLETE) &&
(major_status != GSS_S_CONTINUE_NEEDED)) {
gss_display_status(&new_status,
status,
GSS_C_MECH_CODE,
GSS_C_NULL_OID,
&msg_ctx,
&status_string);
printf("%s\n", status_string.value);
return(0);
}
if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
return(0);
}
if (!Data(ap, SPX_AUTH, output_token.value, output_token.length)) {
return(0);
}
return(1);
}
void
spx_is(ap, data, cnt)
Authenticator *ap;
unsigned char *data;
int cnt;
{
Session_Key skey;
des_cblock datablock;
int r;
if (cnt-- < 1)
return;
switch (*data++) {
case SPX_AUTH:
input_token.length = cnt;
input_token.value = (char *) data;
gethostname(lhostname, sizeof(lhostname));
snprintf(targ_printable, sizeof(targ_printable),
"SERVICE:rcmd@%s", lhostname);
input_name_buffer.length = strlen(targ_printable);
input_name_buffer.value = targ_printable;
major_status = gss_import_name(&status,
&input_name_buffer,
GSS_C_NULL_OID,
&desired_targname);
major_status = gss_acquire_cred(&status,
desired_targname,
0,
GSS_C_NULL_OID_SET,
GSS_C_ACCEPT,
&gss_cred_handle,
&actual_mechs,
&lifetime_rec);
major_status = gss_release_name(&status, desired_targname);
input_chan_bindings = (gss_channel_bindings)
malloc(sizeof(gss_channel_bindings_desc));
input_chan_bindings->initiator_addrtype = GSS_C_AF_INET;
input_chan_bindings->initiator_address.length = 4;
address = (char *) malloc(4);
input_chan_bindings->initiator_address.value = (char *) address;
address[0] = ((from_addr & 0xff000000) >> 24);
address[1] = ((from_addr & 0xff0000) >> 16);
address[2] = ((from_addr & 0xff00) >> 8);
address[3] = (from_addr & 0xff);
input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET;
input_chan_bindings->acceptor_address.length = 4;
address = (char *) malloc(4);
input_chan_bindings->acceptor_address.value = (char *) address;
address[0] = ((to_addr & 0xff000000) >> 24);
address[1] = ((to_addr & 0xff0000) >> 16);
address[2] = ((to_addr & 0xff00) >> 8);
address[3] = (to_addr & 0xff);
input_chan_bindings->application_data.length = 0;
major_status = gss_accept_sec_context(&status,
&context_handle,
gss_cred_handle,
&input_token,
input_chan_bindings,
&src_name,
&actual_mech_type,
&output_token,
&ret_flags,
&lifetime_rec,
&gss_delegated_cred_handle);
if (major_status != GSS_S_COMPLETE) {
major_status = gss_display_name(&status,
src_name,
&fullname_buffer,
&fullname_type);
Data(ap, SPX_REJECT, "auth failed", -1);
auth_finished(ap, AUTH_REJECT);
return;
}
major_status = gss_display_name(&status,
src_name,
&fullname_buffer,
&fullname_type);
Data(ap, SPX_ACCEPT, output_token.value, output_token.length);
auth_finished(ap, AUTH_USER);
break;
default:
Data(ap, SPX_REJECT, 0, 0);
break;
}
}
void
spx_reply(ap, data, cnt)
Authenticator *ap;
unsigned char *data;
int cnt;
{
Session_Key skey;
if (cnt-- < 1)
return;
switch (*data++) {
case SPX_REJECT:
if (cnt > 0) {
printf("[ SPX refuses authentication because %.*s ]\r\n",
cnt, data);
} else
printf("[ SPX refuses authentication ]\r\n");
auth_send_retry();
return;
case SPX_ACCEPT:
printf("[ SPX accepts you ]\r\n");
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
/*
* Send over the encrypted challenge.
*/
input_token.value = (char *) data;
input_token.length = cnt;
major_status = gss_init_sec_context(&status, /* minor stat */
GSS_C_NO_CREDENTIAL, /* cred handle */
&actual_ctxhandle, /* ctx handle */
desired_targname, /* target name */
GSS_C_NULL_OID, /* mech type */
req_flags, /* req flags */
0, /* time req */
input_chan_bindings, /* chan binding */
&input_token, /* input token */
&actual_mech_type, /* actual mech */
&output_token, /* output token */
&ret_flags, /* ret flags */
&lifetime_rec); /* time rec */
if (major_status != GSS_S_COMPLETE) {
gss_display_status(&new_status,
status,
GSS_C_MECH_CODE,
GSS_C_NULL_OID,
&msg_ctx,
&status_string);
printf("[ SPX mutual response fails ... '%s' ]\r\n",
status_string.value);
auth_send_retry();
return;
}
}
auth_finished(ap, AUTH_USER);
return;
default:
return;
}
}
int
spx_status(ap, name, name_sz, level)
Authenticator *ap;
char *name;
size_t name_sz;
int level;
{
gss_buffer_desc fullname_buffer, acl_file_buffer;
gss_OID fullname_type;
char acl_file[160], fullname[160];
int major_status, status = 0;
struct passwd *pwd;
/*
* hard code fullname to
* "SPX:/C=US/O=Digital/OU=LKG/OU=Sphinx/OU=Users/CN=Kannan Alagappan"
* and acl_file to "~kannan/.sphinx"
*/
pwd = k_getpwnam(UserNameRequested);
if (pwd == NULL) {
return(AUTH_USER); /* not authenticated */
}
snprintf (acl_file, sizeof(acl_file),
"%s/.sphinx", pwd->pw_dir);
acl_file_buffer.value = acl_file;
acl_file_buffer.length = strlen(acl_file);
major_status = gss_display_name(&status,
src_name,
&fullname_buffer,
&fullname_type);
if (level < AUTH_USER)
return(level);
major_status = gss__check_acl(&status, &fullname_buffer,
&acl_file_buffer);
if (major_status == GSS_S_COMPLETE) {
strlcpy(name, UserNameRequested, name_sz);
return(AUTH_VALID);
} else {
return(AUTH_USER);
}
}
#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
void
spx_printsub(data, cnt, buf, buflen)
unsigned char *data, *buf;
int cnt, buflen;
{
int i;
buf[buflen-1] = '\0'; /* make sure its NULL terminated */
buflen -= 1;
switch(data[3]) {
case SPX_REJECT: /* Rejected (reason might follow) */
strlcpy((char *)buf, " REJECT ", buflen);
goto common;
case SPX_ACCEPT: /* Accepted (name might follow) */
strlcpy((char *)buf, " ACCEPT ", buflen);
common:
BUMP(buf, buflen);
if (cnt <= 4)
break;
ADDC(buf, buflen, '"');
for (i = 4; i < cnt; i++)
ADDC(buf, buflen, data[i]);
ADDC(buf, buflen, '"');
ADDC(buf, buflen, '\0');
break;
case SPX_AUTH: /* Authentication data follows */
strlcpy((char *)buf, " AUTH", buflen);
goto common2;
default:
snprintf(buf, buflen, " %d (unknown)", data[3]);
common2:
BUMP(buf, buflen);
for (i = 4; i < cnt; i++) {
snprintf(buf, buflen, " %d", data[i]);
BUMP(buf, buflen);
}
break;
}
}
#endif
#ifdef notdef
prkey(msg, key)
char *msg;
unsigned char *key;
{
int i;
printf("%s:", msg);
for (i = 0; i < 8; i++)
printf(" %3d", key[i]);
printf("\r\n");
}
#endif

80
crypto/heimdal/appl/telnet/telnet.state Normal file
View File

@ -0,0 +1,80 @@
Three pieces of state need to be kept for each side of each option.
(You need the localside, sending WILL/WONT & receiving DO/DONT, and
the remoteside, sending DO/DONT and receiving WILL/WONT)
MY_STATE: What state am I in?
WANT_STATE: What state do I want?
WANT_RESP: How many requests have I initiated?
Default values:
MY_STATE = WANT_STATE = DONT
WANT_RESP = 0
The local setup will change based on the state of the Telnet
variables. When we are the originator, we can either make the
local setup changes at option request time (in which case if
the option is denied we need to change things back) or when
the option is acknowledged.
To initiate a switch to NEW_STATE:
if ((WANT_RESP == 0 && NEW_STATE == MY_STATE) ||
WANT_STATE == NEW_STATE) {
do nothing;
} else {
/*
* This is where the logic goes to change the local setup
* if we are doing so at request initiation
*/
WANT_STATE = NEW_STATE;
send NEW_STATE;
WANT_RESP += 1;
}
When receiving NEW_STATE:
if (WANT_RESP) {
--WANT_RESP;
if (WANT_RESP && (NEW_STATE == MY_STATE))
--WANT_RESP;
}
if (WANT_RESP == 0) {
if (NEW_STATE != WANT_STATE) {
/*
* This is where the logic goes to decide if it is ok
* to switch to NEW_STATE, and if so, do any necessary
* local setup changes.
*/
if (ok_to_switch_to NEW_STATE)
WANT_STATE = NEW_STATE;
else
WANT_RESP++;
* if (MY_STATE != WANT_STATE)
reply with WANT_STATE;
} else {
/*
* This is where the logic goes to change the local setup
* if we are doing so at request acknowledgment
*/
}
}
MY_STATE = NEW_STATE;
* This if() line is not needed, it should be ok to always do the
"reply with WANT_STATE". With the if() line, asking to turn on
an option that the other side doesn't understand is:
Send DO option
Recv WONT option
Without the if() line, it is:
Send DO option
Recv WONT option
Send DONT option
If the other side does not expect to receive the latter case,
but generates the latter case, then there is a potential for
option negotiation loops. An implementation that does not expect
to get the second case should not generate it, an implementation
that does expect to get it may or may not generate it, and things
will still work. Being conservative in what we send, we have the
if() statement in, but we expect the other side to generate the
last response.

22
crypto/heimdal/appl/telnet/telnet/Makefile.am Normal file
View File

@ -0,0 +1,22 @@
# $Id: Makefile.am,v 1.13 2000/01/06 15:12:11 assar Exp $
include $(top_srcdir)/Makefile.am.common
INCLUDES += -I$(srcdir)/.. $(INCLUDE_krb4)
bin_PROGRAMS = telnet
CHECK_LOCAL =
telnet_SOURCES = authenc.c commands.c main.c network.c ring.c \
sys_bsd.c telnet.c terminal.c \
utilities.c defines.h externs.h ring.h telnet_locl.h types.h
man_MANS = telnet.1
LDADD = ../libtelnet/libtelnet.a \
$(LIB_krb5) \
$(LIB_krb4) \
$(top_builddir)/lib/des/libdes.la \
$(LIB_tgetent) \
$(LIB_roken)

681
crypto/heimdal/appl/telnet/telnet/Makefile.in Normal file
View File

@ -0,0 +1,681 @@
# Makefile.in generated automatically by automake 1.4 from Makefile.am
# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
# $Id: Makefile.am,v 1.13 2000/01/06 15:12:11 assar Exp $
# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
SHELL = @SHELL@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = @bindir@
sbindir = @sbindir@
libexecdir = @libexecdir@
datadir = @datadir@
sysconfdir = @sysconfdir@
sharedstatedir = @sharedstatedir@
localstatedir = @localstatedir@
libdir = @libdir@
infodir = @infodir@
mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
DESTDIR =
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ../../..
ACLOCAL = @ACLOCAL@
AUTOCONF = @AUTOCONF@
AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
transform = @program_transform_name@
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
host_alias = @host_alias@
host_triplet = @host@
AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
DBLIB = @DBLIB@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
INCLUDE_ = @INCLUDE_@
LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
NM = @NM@
NROFF = @NROFF@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
INCLUDES = -I$(top_builddir)/include -I$(srcdir)/.. $(INCLUDE_krb4)
AM_CFLAGS = $(WFLAGS)
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
LIB_XauReadAuth = @LIB_XauReadAuth@
LIB_crypt = @LIB_crypt@
LIB_dbm_firstkey = @LIB_dbm_firstkey@
LIB_dbopen = @LIB_dbopen@
LIB_dlopen = @LIB_dlopen@
LIB_dn_expand = @LIB_dn_expand@
LIB_el_init = @LIB_el_init@
LIB_getattr = @LIB_getattr@
LIB_gethostbyname = @LIB_gethostbyname@
LIB_getpwent_r = @LIB_getpwent_r@
LIB_getpwnam_r = @LIB_getpwnam_r@
LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
LIB_setsockopt = @LIB_setsockopt@
LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
cat1dir = $(mandir)/cat1
cat3dir = $(mandir)/cat3
cat5dir = $(mandir)/cat5
cat8dir = $(mandir)/cat8
MANRX = \(.*\)\.\([0-9]\)
CATSUFFIX = @CATSUFFIX@
NROFF_MAN = groff -mandoc -Tascii
@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL =
bin_PROGRAMS = telnet
telnet_SOURCES = authenc.c commands.c main.c network.c ring.c sys_bsd.c telnet.c terminal.c utilities.c defines.h externs.h ring.h telnet_locl.h types.h
man_MANS = telnet.1
LDADD = ../libtelnet/libtelnet.a $(LIB_krb5) $(LIB_krb4) $(top_builddir)/lib/des/libdes.la $(LIB_tgetent) $(LIB_roken)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../../include/config.h
CONFIG_CLEAN_FILES =
bin_PROGRAMS = telnet$(EXEEXT)
PROGRAMS = $(bin_PROGRAMS)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
telnet_OBJECTS = authenc.$(OBJEXT) commands.$(OBJEXT) main.$(OBJEXT) \
network.$(OBJEXT) ring.$(OBJEXT) sys_bsd.$(OBJEXT) telnet.$(OBJEXT) \
terminal.$(OBJEXT) utilities.$(OBJEXT)
telnet_LDADD = $(LDADD)
@KRB5_TRUE@telnet_DEPENDENCIES = ../libtelnet/libtelnet.a \
@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \
@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la
@KRB5_FALSE@telnet_DEPENDENCIES = ../libtelnet/libtelnet.a \
@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la
telnet_LDFLAGS =
CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
man1dir = $(mandir)/man1
MANS = $(man_MANS)
DIST_COMMON = Makefile.am Makefile.in
DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
TAR = tar
GZIP_ENV = --best
SOURCES = $(telnet_SOURCES)
OBJECTS = $(telnet_OBJECTS)
all: all-redirect
.SUFFIXES:
.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/telnet/telnet/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
cd $(top_builddir) \
&& CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
mostlyclean-binPROGRAMS:
clean-binPROGRAMS:
-test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS)
distclean-binPROGRAMS:
maintainer-clean-binPROGRAMS:
install-binPROGRAMS: $(bin_PROGRAMS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(bindir)
@list='$(bin_PROGRAMS)'; for p in $$list; do \
if test -f $$p; then \
echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \
$(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
else :; fi; \
done
uninstall-binPROGRAMS:
@$(NORMAL_UNINSTALL)
list='$(bin_PROGRAMS)'; for p in $$list; do \
rm -f $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
done
.c.o:
$(COMPILE) -c $<
# FIXME: We should only use cygpath when building on Windows,
# and only if it is available.
.c.obj:
$(COMPILE) -c `cygpath -w $<`
.s.o:
$(COMPILE) -c $<
.S.o:
$(COMPILE) -c $<
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
clean-compile:
distclean-compile:
-rm -f *.tab.c
maintainer-clean-compile:
.c.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
.s.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
.S.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
distclean-libtool:
maintainer-clean-libtool:
telnet$(EXEEXT): $(telnet_OBJECTS) $(telnet_DEPENDENCIES)
@rm -f telnet$(EXEEXT)
$(LINK) $(telnet_LDFLAGS) $(telnet_OBJECTS) $(telnet_LDADD) $(LIBS)
install-man1:
$(mkinstalldirs) $(DESTDIR)$(man1dir)
@list='$(man1_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.1*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst; \
done
uninstall-man1:
@list='$(man1_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.1*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man1dir)/$$inst"; \
rm -f $(DESTDIR)$(man1dir)/$$inst; \
done
install-man: $(MANS)
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) install-man1
uninstall-man:
@$(NORMAL_UNINSTALL)
$(MAKE) $(AM_MAKEFLAGS) uninstall-man1
tags: TAGS
ID: $(HEADERS) $(SOURCES) $(LISP)
list='$(SOURCES) $(HEADERS)'; \
unique=`for i in $$list; do echo $$i; done | \
awk ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
here=`pwd` && cd $(srcdir) \
&& mkid -f$$here/ID $$unique $(LISP)
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS)'; \
unique=`for i in $$list; do echo $$i; done | \
awk ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
|| (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
mostlyclean-tags:
clean-tags:
distclean-tags:
-rm -f TAGS ID
maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
subdir = appl/telnet/telnet
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
cp -pr $$/$$file $(distdir)/$$file; \
else \
test -f $(distdir)/$$file \
|| ln $$d/$$file $(distdir)/$$file 2> /dev/null \
|| cp -p $$d/$$file $(distdir)/$$file || :; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
info-am:
info: info-am
dvi-am:
dvi: dvi-am
check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) check-local
check: check-am
installcheck-am:
installcheck: installcheck-am
install-exec-am: install-binPROGRAMS
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
install-exec: install-exec-am
install-data-am: install-man install-data-local
install-data: install-data-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
install: install-am
uninstall-am: uninstall-binPROGRAMS uninstall-man
uninstall: uninstall-am
all-am: Makefile $(PROGRAMS) $(MANS) all-local
all-redirect: all-am
install-strip:
$(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1
mostlyclean-generic:
clean-generic:
distclean-generic:
-rm -f Makefile $(CONFIG_CLEAN_FILES)
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
mostlyclean-am: mostlyclean-binPROGRAMS mostlyclean-compile \
mostlyclean-libtool mostlyclean-tags \
mostlyclean-generic
mostlyclean: mostlyclean-am
clean-am: clean-binPROGRAMS clean-compile clean-libtool clean-tags \
clean-generic mostlyclean-am
clean: clean-am
distclean-am: distclean-binPROGRAMS distclean-compile distclean-libtool \
distclean-tags distclean-generic clean-am
-rm -f libtool
distclean: distclean-am
maintainer-clean-am: maintainer-clean-binPROGRAMS \
maintainer-clean-compile maintainer-clean-libtool \
maintainer-clean-tags maintainer-clean-generic \
distclean-am
@echo "This command is intended for maintainers to use;"
@echo "it deletes files that may require special tools to rebuild."
maintainer-clean: maintainer-clean-am
.PHONY: mostlyclean-binPROGRAMS distclean-binPROGRAMS clean-binPROGRAMS \
maintainer-clean-binPROGRAMS uninstall-binPROGRAMS install-binPROGRAMS \
mostlyclean-compile distclean-compile clean-compile \
maintainer-clean-compile mostlyclean-libtool distclean-libtool \
clean-libtool maintainer-clean-libtool install-man1 uninstall-man1 \
install-man uninstall-man tags mostlyclean-tags distclean-tags \
clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \
check-local check check-am installcheck-am installcheck install-exec-am \
install-exec install-data-local install-data-am install-data install-am \
install uninstall-am uninstall all-local all-redirect all-am all \
installdirs mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
install-suid-programs:
@foo='$(bin_SUIDS)'; \
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
chmod 0 $$x; fi; done
install-exec-hook: install-suid-programs
install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
@foo='$(include_HEADERS) $(build_HEADERZ)'; \
for f in $$foo; do \
f=`basename $$f`; \
if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
echo " cp $$file $(buildinclude)/$$f"; \
cp $$file $(buildinclude)/$$f; \
fi ; \
done
all-local: install-build-headers
#NROFF_MAN = nroff -man
.1.cat1:
$(NROFF_MAN) $< > $@
.3.cat3:
$(NROFF_MAN) $< > $@
.5.cat5:
$(NROFF_MAN) $< > $@
.8.cat8:
$(NROFF_MAN) $< > $@
dist-cat1-mans:
@foo='$(man1_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.1) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat3-mans:
@foo='$(man3_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.3) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat5-mans:
@foo='$(man5_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.5) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat8-mans:
@foo='$(man8_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.8) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
install-cat1-mans:
@ext=1;\
foo='$(man1_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.1) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat1dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat3-mans:
@ext=3;\
foo='$(man3_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.3) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat3dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat5-mans:
@ext=5;\
foo='$(man5_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.5) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat5dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat8-mans:
@ext=8;\
foo='$(man8_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.8) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat8dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
install-data-local: install-cat-mans
.et.h:
$(COMPILE_ET) $<
.et.c:
$(COMPILE_ET) $<
.x.c:
@cmp -s $< $@ 2> /dev/null || cp $< $@
check-local::
@foo='$(CHECK_LOCAL)'; \
if test "$$foo"; then \
failed=0; all=0; \
for i in $$foo; do \
all=`expr $$all + 1`; \
if ./$$i --version > /dev/null 2>&1; then \
echo "PASS: $$i"; \
else \
echo "FAIL: $$i"; \
failed=`expr $$failed + 1`; \
fi; \
done; \
if test "$$failed" -eq 0; then \
banner="All $$all tests passed"; \
else \
banner="$$failed of $$all tests failed"; \
fi; \
dashes=`echo "$$banner" | sed s/./=/g`; \
echo "$$dashes"; \
echo "$$banner"; \
echo "$$dashes"; \
test "$$failed" -eq 0; \
fi
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

91
crypto/heimdal/appl/telnet/telnet/authenc.c Normal file
View File

@ -0,0 +1,91 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnet_locl.h"
RCSID("$Id: authenc.c,v 1.10 1999/09/16 20:41:35 assar Exp $");
#if defined(AUTHENTICATION) || defined(ENCRYPTION)
int
telnet_net_write(unsigned char *str, int len)
{
if (NETROOM() > len) {
ring_supply_data(&netoring, str, len);
if (str[0] == IAC && str[1] == SE)
printsub('>', &str[2], len-2);
return(len);
}
return(0);
}
void
net_encrypt(void)
{
#if defined(ENCRYPTION)
if (encrypt_output)
ring_encrypt(&netoring, encrypt_output);
else
ring_clearto(&netoring);
#endif
}
int
telnet_spin(void)
{
return(-1);
}
char *
telnet_getenv(char *val)
{
return((char *)env_getvalue((unsigned char *)val));
}
char *
telnet_gets(char *prompt, char *result, int length, int echo)
{
int om = globalmode;
char *res;
TerminalNewMode(-1);
if (echo) {
printf("%s", prompt);
res = fgets(result, length, stdin);
} else if ((res = getpass(prompt))) {
strlcpy(result, res, length);
res = result;
}
TerminalNewMode(om);
return(res);
}
#endif

2598
crypto/heimdal/appl/telnet/telnet/commands.c Normal file
View File

File diff suppressed because it is too large Load Diff

60
crypto/heimdal/appl/telnet/telnet/defines.h Normal file
View File

@ -0,0 +1,60 @@
/*
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)defines.h 8.1 (Berkeley) 6/6/93
*/
#define settimer(x) clocks.x = clocks.system++
#define NETADD(c) { *netoring.supply = c; ring_supplied(&netoring, 1); }
#define NET2ADD(c1,c2) { NETADD(c1); NETADD(c2); }
#define NETBYTES() (ring_full_count(&netoring))
#define NETROOM() (ring_empty_count(&netoring))
#define TTYADD(c) if (!(SYNCHing||flushout)) { \
*ttyoring.supply = c; \
ring_supplied(&ttyoring, 1); \
}
#define TTYBYTES() (ring_full_count(&ttyoring))
#define TTYROOM() (ring_empty_count(&ttyoring))
/* Various modes */
#define MODE_LOCAL_CHARS(m) ((m)&(MODE_EDIT|MODE_TRAPSIG))
#define MODE_LOCAL_ECHO(m) ((m)&MODE_ECHO)
#define MODE_COMMAND_LINE(m) ((m)==-1)
#define CONTROL(x) ((x)&0x1f) /* CTRL(x) is not portable */
/* XXX extra mode bits, these should be synced with <arpa/telnet.h> */
#define MODE_OUT8 0x8000 /* binary mode sans -opost */

429
crypto/heimdal/appl/telnet/telnet/externs.h Normal file
View File

@ -0,0 +1,429 @@
/*
* Copyright (c) 1988, 1990, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)externs.h 8.3 (Berkeley) 5/30/95
*/
/* $Id: externs.h,v 1.18 1998/07/09 23:16:36 assar Exp $ */
#ifndef BSD
# define BSD 43
#endif
#ifndef _POSIX_VDISABLE
# ifdef sun
# include <sys/param.h> /* pick up VDISABLE definition, mayby */
# endif
# ifdef VDISABLE
# define _POSIX_VDISABLE VDISABLE
# else
# define _POSIX_VDISABLE ((cc_t)'\377')
# endif
#endif
#define SUBBUFSIZE 256
extern int
autologin, /* Autologin enabled */
skiprc, /* Don't process the ~/.telnetrc file */
eight, /* use eight bit mode (binary in and/or out */
binary,
flushout, /* flush output */
connected, /* Are we connected to the other side? */
globalmode, /* Mode tty should be in */
telnetport, /* Are we connected to the telnet port? */
localflow, /* Flow control handled locally */
restartany, /* If flow control, restart output on any character */
localchars, /* we recognize interrupt/quit */
donelclchars, /* the user has set "localchars" */
showoptions,
net, /* Network file descriptor */
tin, /* Terminal input file descriptor */
tout, /* Terminal output file descriptor */
crlf, /* Should '\r' be mapped to <CR><LF> (or <CR><NUL>)? */
autoflush, /* flush output when interrupting? */
autosynch, /* send interrupt characters with SYNCH? */
SYNCHing, /* Is the stream in telnet SYNCH mode? */
donebinarytoggle, /* the user has put us in binary */
dontlecho, /* do we suppress local echoing right now? */
crmod,
netdata, /* Print out network data flow */
prettydump, /* Print "netdata" output in user readable format */
termdata, /* Print out terminal data flow */
debug; /* Debug level */
extern cc_t escape; /* Escape to command mode */
extern cc_t rlogin; /* Rlogin mode escape character */
#ifdef KLUDGELINEMODE
extern cc_t echoc; /* Toggle local echoing */
#endif
extern char
*prompt; /* Prompt for command. */
extern char
doopt[],
dont[],
will[],
wont[],
options[], /* All the little options */
*hostname; /* Who are we connected to? */
#if defined(ENCRYPTION)
extern void (*encrypt_output) (unsigned char *, int);
extern int (*decrypt_input) (int);
#endif
/*
* We keep track of each side of the option negotiation.
*/
#define MY_STATE_WILL 0x01
#define MY_WANT_STATE_WILL 0x02
#define MY_STATE_DO 0x04
#define MY_WANT_STATE_DO 0x08
/*
* Macros to check the current state of things
*/
#define my_state_is_do(opt) (options[opt]&MY_STATE_DO)
#define my_state_is_will(opt) (options[opt]&MY_STATE_WILL)
#define my_want_state_is_do(opt) (options[opt]&MY_WANT_STATE_DO)
#define my_want_state_is_will(opt) (options[opt]&MY_WANT_STATE_WILL)
#define my_state_is_dont(opt) (!my_state_is_do(opt))
#define my_state_is_wont(opt) (!my_state_is_will(opt))
#define my_want_state_is_dont(opt) (!my_want_state_is_do(opt))
#define my_want_state_is_wont(opt) (!my_want_state_is_will(opt))
#define set_my_state_do(opt) {options[opt] |= MY_STATE_DO;}
#define set_my_state_will(opt) {options[opt] |= MY_STATE_WILL;}
#define set_my_want_state_do(opt) {options[opt] |= MY_WANT_STATE_DO;}
#define set_my_want_state_will(opt) {options[opt] |= MY_WANT_STATE_WILL;}
#define set_my_state_dont(opt) {options[opt] &= ~MY_STATE_DO;}
#define set_my_state_wont(opt) {options[opt] &= ~MY_STATE_WILL;}
#define set_my_want_state_dont(opt) {options[opt] &= ~MY_WANT_STATE_DO;}
#define set_my_want_state_wont(opt) {options[opt] &= ~MY_WANT_STATE_WILL;}
/*
* Make everything symetrical
*/
#define HIS_STATE_WILL MY_STATE_DO
#define HIS_WANT_STATE_WILL MY_WANT_STATE_DO
#define HIS_STATE_DO MY_STATE_WILL
#define HIS_WANT_STATE_DO MY_WANT_STATE_WILL
#define his_state_is_do my_state_is_will
#define his_state_is_will my_state_is_do
#define his_want_state_is_do my_want_state_is_will
#define his_want_state_is_will my_want_state_is_do
#define his_state_is_dont my_state_is_wont
#define his_state_is_wont my_state_is_dont
#define his_want_state_is_dont my_want_state_is_wont
#define his_want_state_is_wont my_want_state_is_dont
#define set_his_state_do set_my_state_will
#define set_his_state_will set_my_state_do
#define set_his_want_state_do set_my_want_state_will
#define set_his_want_state_will set_my_want_state_do
#define set_his_state_dont set_my_state_wont
#define set_his_state_wont set_my_state_dont
#define set_his_want_state_dont set_my_want_state_wont
#define set_his_want_state_wont set_my_want_state_dont
extern FILE
*NetTrace; /* Where debugging output goes */
extern char
NetTraceFile[]; /* Name of file where debugging output goes */
extern void
SetNetTrace (char *); /* Function to change where debugging goes */
extern jmp_buf
peerdied,
toplevel; /* For error conditions. */
/* authenc.c */
#if defined(AUTHENTICATION) || defined(ENCRYPTION)
int telnet_net_write(unsigned char *str, int len);
void net_encrypt(void);
int telnet_spin(void);
char *telnet_getenv(char *val);
char *telnet_gets(char *prompt, char *result, int length, int echo);
#endif
/* commands.c */
struct env_lst *env_define (unsigned char *, unsigned char *);
struct env_lst *env_find(unsigned char *var);
void env_init (void);
void env_undefine (unsigned char *);
void env_export (unsigned char *);
void env_unexport (unsigned char *);
void env_send (unsigned char *);
void env_list (void);
unsigned char * env_default(int init, int welldefined);
unsigned char * env_getvalue(unsigned char *var);
void set_escape_char(char *s);
unsigned long sourceroute(char *arg, char **cpp, int *lenp);
#if defined(AUTHENTICATION)
int auth_enable (char *);
int auth_disable (char *);
int auth_status (void);
#endif
#if defined(ENCRYPTION)
int EncryptEnable (char *, char *);
int EncryptDisable (char *, char *);
int EncryptType (char *, char *);
int EncryptStart (char *);
int EncryptStartInput (void);
int EncryptStartOutput (void);
int EncryptStop (char *);
int EncryptStopInput (void);
int EncryptStopOutput (void);
int EncryptStatus (void);
#endif
#ifdef SIGINFO
void ayt_status(int);
#endif
int tn(int argc, char **argv);
void command(int top, char *tbuf, int cnt);
/* main.c */
void tninit(void);
void usage(void);
/* network.c */
void init_network(void);
int stilloob(void);
void setneturg(void);
int netflush(void);
/* sys_bsd.c */
void init_sys(void);
int TerminalWrite(char *buf, int n);
int TerminalRead(unsigned char *buf, int n);
int TerminalAutoFlush(void);
int TerminalSpecialChars(int c);
void TerminalFlushOutput(void);
void TerminalSaveState(void);
void TerminalDefaultChars(void);
void TerminalNewMode(int f);
cc_t *tcval(int func);
void TerminalSpeeds(long *input_speed, long *output_speed);
int TerminalWindowSize(long *rows, long *cols);
int NetClose(int fd);
void NetNonblockingIO(int fd, int onoff);
int process_rings(int netin, int netout, int netex, int ttyin, int ttyout,
int poll);
/* telnet.c */
void init_telnet(void);
void tel_leave_binary(int rw);
void tel_enter_binary(int rw);
int opt_welldefined(char *ep);
int telrcv(void);
int rlogin_susp(void);
void intp(void);
void sendbrk(void);
void sendabort(void);
void sendsusp(void);
void sendeof(void);
void sendayt(void);
void xmitAO(void);
void xmitEL(void);
void xmitEC(void);
void Dump (char, unsigned char *, int);
void printoption (char *, int, int);
void printsub (int, unsigned char *, int);
void sendnaws (void);
void setconnmode (int);
void setcommandmode (void);
void setneturg (void);
void sys_telnet_init (void);
void my_telnet (char *);
void tel_enter_binary (int);
void TerminalFlushOutput (void);
void TerminalNewMode (int);
void TerminalRestoreState (void);
void TerminalSaveState (void);
void tninit (void);
void willoption (int);
void wontoption (int);
void send_do (int, int);
void send_dont (int, int);
void send_will (int, int);
void send_wont (int, int);
void lm_will (unsigned char *, int);
void lm_wont (unsigned char *, int);
void lm_do (unsigned char *, int);
void lm_dont (unsigned char *, int);
void lm_mode (unsigned char *, int, int);
void slc_init (void);
void slcstate (void);
void slc_mode_export (void);
void slc_mode_import (int);
void slc_import (int);
void slc_export (void);
void slc (unsigned char *, int);
void slc_check (void);
void slc_start_reply (void);
void slc_add_reply (unsigned char, unsigned char, cc_t);
void slc_end_reply (void);
int slc_update (void);
void env_opt (unsigned char *, int);
void env_opt_start (void);
void env_opt_start_info (void);
void env_opt_add (unsigned char *);
void env_opt_end (int);
unsigned char *env_default (int, int);
unsigned char *env_getvalue (unsigned char *);
int get_status (void);
int dosynch (void);
cc_t *tcval (int);
int quit (void);
/* terminal.c */
void init_terminal(void);
int ttyflush(int drop);
int getconnmode(void);
/* utilities.c */
int SetSockOpt(int fd, int level, int option, int yesno);
void SetNetTrace(char *file);
void Dump(char direction, unsigned char *buffer, int length);
void printoption(char *direction, int cmd, int option);
void optionstatus(void);
void printsub(int direction, unsigned char *pointer, int length);
void EmptyTerminal(void);
void SetForExit(void);
void Exit(int returnCode);
void ExitString(char *string, int returnCode);
extern struct termios new_tc;
# define termEofChar new_tc.c_cc[VEOF]
# define termEraseChar new_tc.c_cc[VERASE]
# define termIntChar new_tc.c_cc[VINTR]
# define termKillChar new_tc.c_cc[VKILL]
# define termQuitChar new_tc.c_cc[VQUIT]
# ifndef VSUSP
extern cc_t termSuspChar;
# else
# define termSuspChar new_tc.c_cc[VSUSP]
# endif
# if defined(VFLUSHO) && !defined(VDISCARD)
# define VDISCARD VFLUSHO
# endif
# ifndef VDISCARD
extern cc_t termFlushChar;
# else
# define termFlushChar new_tc.c_cc[VDISCARD]
# endif
# ifndef VWERASE
extern cc_t termWerasChar;
# else
# define termWerasChar new_tc.c_cc[VWERASE]
# endif
# ifndef VREPRINT
extern cc_t termRprntChar;
# else
# define termRprntChar new_tc.c_cc[VREPRINT]
# endif
# ifndef VLNEXT
extern cc_t termLiteralNextChar;
# else
# define termLiteralNextChar new_tc.c_cc[VLNEXT]
# endif
# ifndef VSTART
extern cc_t termStartChar;
# else
# define termStartChar new_tc.c_cc[VSTART]
# endif
# ifndef VSTOP
extern cc_t termStopChar;
# else
# define termStopChar new_tc.c_cc[VSTOP]
# endif
# ifndef VEOL
extern cc_t termForw1Char;
# else
# define termForw1Char new_tc.c_cc[VEOL]
# endif
# ifndef VEOL2
extern cc_t termForw2Char;
# else
# define termForw2Char new_tc.c_cc[VEOL]
# endif
# ifndef VSTATUS
extern cc_t termAytChar;
#else
# define termAytChar new_tc.c_cc[VSTATUS]
#endif
/* Ring buffer structures which are shared */
extern Ring
netoring,
netiring,
ttyoring,
ttyiring;

358
crypto/heimdal/appl/telnet/telnet/main.c Normal file
View File

@ -0,0 +1,358 @@
/*
* Copyright (c) 1988, 1990, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
static char *copyright[] = {
"@(#) Copyright (c) 1988, 1990, 1993\n"
"\tThe Regents of the University of California. All rights reserved.\n",
(char*)copyright
};
#include "telnet_locl.h"
RCSID("$Id: main.c,v 1.30 1999/11/13 06:30:11 assar Exp $");
/* These values need to be the same as defined in libtelnet/kerberos5.c */
/* Either define them in both places, or put in some common header file. */
#define OPTS_FORWARD_CREDS 0x00000002
#define OPTS_FORWARDABLE_CREDS 0x00000001
#if KRB5
#define FORWARD
#endif
/*
* Initialize variables.
*/
void
tninit(void)
{
init_terminal();
init_network();
init_telnet();
init_sys();
}
void
usage(void)
{
fprintf(stderr, "Usage: %s %s%s%s%s\n", prompt,
#ifdef AUTHENTICATION
"[-8] [-E] [-K] [-L] [-G] [-S tos] [-X atype] [-a] [-c] [-d] [-e char]",
"\n\t[-k realm] [-l user] [-f/-F] [-n tracefile] ",
#else
"[-8] [-E] [-L] [-S tos] [-a] [-c] [-d] [-e char] [-l user]",
"\n\t[-n tracefile]",
#endif
"[-r] ",
#ifdef ENCRYPTION
"[-x] [host-name [port]]"
#else
"[host-name [port]]"
#endif
);
exit(1);
}
/*
* main. Parse arguments, invoke the protocol or command parser.
*/
#ifdef FORWARD
extern int forward_flags;
static int default_forward=0;
#endif /* FORWARD */
#ifdef KRB5
/* XXX ugly hack to setup dns-proxy stuff */
#define Authenticator asn1_Authenticator
#include <krb5.h>
static void
krb5_init(void)
{
krb5_context context;
krb5_init_context(&context);
#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD)
if (krb5_config_get_bool (context, NULL,
"libdefaults", "forward", NULL)) {
forward_flags |= OPTS_FORWARD_CREDS;
default_forward=1;
}
if (krb5_config_get_bool (context, NULL,
"libdefaults", "forwardable", NULL)) {
forward_flags |= OPTS_FORWARDABLE_CREDS;
default_forward=1;
}
#endif
#ifdef ENCRYPTION
if (krb5_config_get_bool (context, NULL,
"libdefaults", "encrypt", NULL)) {
encrypt_auto(1);
decrypt_auto(1);
EncryptVerbose(1);
}
#endif
krb5_free_context(context);
}
#endif
int
main(int argc, char **argv)
{
int ch;
char *user;
#ifdef KRB5
krb5_init();
#endif
tninit(); /* Clear out things */
TerminalSaveState();
if ((prompt = strrchr(argv[0], '/')))
++prompt;
else
prompt = argv[0];
user = NULL;
rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE;
/*
* if AUTHENTICATION and ENCRYPTION is set autologin will be
* se to true after the getopt switch; unless the -K option is
* passed
*/
autologin = -1;
while((ch = getopt(argc, argv,
"78DEKLS:X:abcde:fFk:l:n:rxG")) != -1) {
switch(ch) {
case '8':
eight = 3; /* binary output and input */
break;
case '7':
eight = 0;
break;
case 'b':
binary = 3;
break;
case 'D': {
/* sometimes we don't want a mangled display */
char *p;
if((p = getenv("DISPLAY")))
env_define("DISPLAY", (unsigned char*)p);
break;
}
case 'E':
rlogin = escape = _POSIX_VDISABLE;
break;
case 'K':
#ifdef AUTHENTICATION
autologin = 0;
#endif
break;
case 'L':
eight |= 2; /* binary output only */
break;
case 'S':
{
#ifdef HAVE_PARSETOS
extern int tos;
if ((tos = parsetos(optarg, "tcp")) < 0)
fprintf(stderr, "%s%s%s%s\n",
prompt, ": Bad TOS argument '",
optarg,
"; will try to use default TOS");
#else
fprintf(stderr,
"%s: Warning: -S ignored, no parsetos() support.\n",
prompt);
#endif
}
break;
case 'X':
#ifdef AUTHENTICATION
auth_disable_name(optarg);
#endif
break;
case 'a':
autologin = 1;
break;
case 'c':
skiprc = 1;
break;
case 'd':
debug = 1;
break;
case 'e':
set_escape_char(optarg);
break;
case 'f':
#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD)
if ((forward_flags & OPTS_FORWARD_CREDS) &&
!default_forward) {
fprintf(stderr,
"%s: Only one of -f and -F allowed.\n",
prompt);
usage();
}
forward_flags |= OPTS_FORWARD_CREDS;
#else
fprintf(stderr,
"%s: Warning: -f ignored, no Kerberos V5 support.\n",
prompt);
#endif
break;
case 'F':
#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD)
if ((forward_flags & OPTS_FORWARD_CREDS) &&
!default_forward) {
fprintf(stderr,
"%s: Only one of -f and -F allowed.\n",
prompt);
usage();
}
forward_flags |= OPTS_FORWARD_CREDS;
forward_flags |= OPTS_FORWARDABLE_CREDS;
#else
fprintf(stderr,
"%s: Warning: -F ignored, no Kerberos V5 support.\n",
prompt);
#endif
break;
case 'k':
#if defined(AUTHENTICATION) && defined(KRB4)
{
extern char *dest_realm, dst_realm_buf[];
extern int dst_realm_sz;
dest_realm = dst_realm_buf;
strlcpy(dest_realm, optarg, dst_realm_sz);
}
#else
fprintf(stderr,
"%s: Warning: -k ignored, no Kerberos V4 support.\n",
prompt);
#endif
break;
case 'l':
if(autologin == 0){
fprintf(stderr, "%s: Warning: -K ignored\n", prompt);
autologin = -1;
}
user = optarg;
break;
case 'n':
SetNetTrace(optarg);
break;
case 'r':
rlogin = '~';
break;
case 'x':
#ifdef ENCRYPTION
encrypt_auto(1);
decrypt_auto(1);
EncryptVerbose(1);
#else
fprintf(stderr,
"%s: Warning: -x ignored, no ENCRYPT support.\n",
prompt);
#endif
break;
case 'G':
#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD)
forward_flags ^= OPTS_FORWARD_CREDS;
forward_flags ^= OPTS_FORWARDABLE_CREDS;
#else
fprintf(stderr,
"%s: Warning: -G ignored, no Kerberos V5 support.\n",
prompt);
#endif
break;
case '?':
default:
usage();
/* NOTREACHED */
}
}
if (autologin == -1) { /* esc@magic.fi; force */
#if defined(AUTHENTICATION)
autologin = 1;
#endif
#if defined(ENCRYPTION)
encrypt_auto(1);
decrypt_auto(1);
#endif
}
if (autologin == -1)
autologin = (rlogin == _POSIX_VDISABLE) ? 0 : 1;
argc -= optind;
argv += optind;
if (argc) {
char *args[7], **argp = args;
if (argc > 2)
usage();
*argp++ = prompt;
if (user) {
*argp++ = "-l";
*argp++ = user;
}
*argp++ = argv[0]; /* host */
if (argc > 1)
*argp++ = argv[1]; /* port */
*argp = 0;
if (setjmp(toplevel) != 0)
Exit(0);
if (tn(argp - args, args) == 1)
return (0);
else
return (1);
}
setjmp(toplevel);
for (;;) {
command(1, 0, 0);
}
}

163
crypto/heimdal/appl/telnet/telnet/network.c Normal file
View File

@ -0,0 +1,163 @@
/*
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnet_locl.h"
RCSID("$Id: network.c,v 1.10 1997/05/04 04:01:08 assar Exp $");
Ring netoring, netiring;
unsigned char netobuf[2*BUFSIZ], netibuf[BUFSIZ];
/*
* Initialize internal network data structures.
*/
void
init_network(void)
{
if (ring_init(&netoring, netobuf, sizeof netobuf) != 1) {
exit(1);
}
if (ring_init(&netiring, netibuf, sizeof netibuf) != 1) {
exit(1);
}
NetTrace = stdout;
}
/*
* Check to see if any out-of-band data exists on a socket (for
* Telnet "synch" processing).
*/
int
stilloob(void)
{
static struct timeval timeout = { 0 };
fd_set excepts;
int value;
do {
FD_ZERO(&excepts);
FD_SET(net, &excepts);
value = select(net+1, 0, 0, &excepts, &timeout);
} while ((value == -1) && (errno == EINTR));
if (value < 0) {
perror("select");
quit();
/* NOTREACHED */
}
if (FD_ISSET(net, &excepts)) {
return 1;
} else {
return 0;
}
}
/*
* setneturg()
*
* Sets "neturg" to the current location.
*/
void
setneturg(void)
{
ring_mark(&netoring);
}
/*
* netflush
* Send as much data as possible to the network,
* handling requests for urgent data.
*
* The return value indicates whether we did any
* useful work.
*/
int
netflush(void)
{
int n, n1;
#if defined(ENCRYPTION)
if (encrypt_output)
ring_encrypt(&netoring, encrypt_output);
#endif
if ((n1 = n = ring_full_consecutive(&netoring)) > 0) {
if (!ring_at_mark(&netoring)) {
n = send(net, (char *)netoring.consume, n, 0); /* normal write */
} else {
/*
* In 4.2 (and 4.3) systems, there is some question about
* what byte in a sendOOB operation is the "OOB" data.
* To make ourselves compatible, we only send ONE byte
* out of band, the one WE THINK should be OOB (though
* we really have more the TCP philosophy of urgent data
* rather than the Unix philosophy of OOB data).
*/
n = send(net, (char *)netoring.consume, 1, MSG_OOB);/* URGENT data */
}
}
if (n < 0) {
if (errno != ENOBUFS && errno != EWOULDBLOCK) {
setcommandmode();
perror(hostname);
NetClose(net);
ring_clear_mark(&netoring);
longjmp(peerdied, -1);
/*NOTREACHED*/
}
n = 0;
}
if (netdata && n) {
Dump('>', netoring.consume, n);
}
if (n) {
ring_consumed(&netoring, n);
/*
* If we sent all, and more to send, then recurse to pick
* up the other half.
*/
if ((n1 == n) && ring_full_consecutive(&netoring)) {
netflush();
}
return 1;
} else {
return 0;
}
}

321
crypto/heimdal/appl/telnet/telnet/ring.c Normal file
View File

@ -0,0 +1,321 @@
/*
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnet_locl.h"
RCSID("$Id: ring.c,v 1.11 2000/02/06 05:15:21 assar Exp $");
/*
* This defines a structure for a ring buffer.
*
* The circular buffer has two parts:
*(((
* full: [consume, supply)
* empty: [supply, consume)
*]]]
*
*/
/* Internal macros */
#define ring_subtract(d,a,b) (((a)-(b) >= 0)? \
(a)-(b): (((a)-(b))+(d)->size))
#define ring_increment(d,a,c) (((a)+(c) < (d)->top)? \
(a)+(c) : (((a)+(c))-(d)->size))
#define ring_decrement(d,a,c) (((a)-(c) >= (d)->bottom)? \
(a)-(c) : (((a)-(c))-(d)->size))
/*
* The following is a clock, used to determine full, empty, etc.
*
* There is some trickiness here. Since the ring buffers are initialized
* to ZERO on allocation, we need to make sure, when interpreting the
* clock, that when the times are EQUAL, then the buffer is FULL.
*/
static u_long ring_clock = 0;
#define ring_empty(d) (((d)->consume == (d)->supply) && \
((d)->consumetime >= (d)->supplytime))
#define ring_full(d) (((d)->supply == (d)->consume) && \
((d)->supplytime > (d)->consumetime))
/* Buffer state transition routines */
int
ring_init(Ring *ring, unsigned char *buffer, int count)
{
memset(ring, 0, sizeof *ring);
ring->size = count;
ring->supply = ring->consume = ring->bottom = buffer;
ring->top = ring->bottom+ring->size;
#if defined(ENCRYPTION)
ring->clearto = 0;
#endif
return 1;
}
/* Mark routines */
/*
* Mark the most recently supplied byte.
*/
void
ring_mark(Ring *ring)
{
ring->mark = ring_decrement(ring, ring->supply, 1);
}
/*
* Is the ring pointing to the mark?
*/
int
ring_at_mark(Ring *ring)
{
if (ring->mark == ring->consume) {
return 1;
} else {
return 0;
}
}
/*
* Clear any mark set on the ring.
*/
void
ring_clear_mark(Ring *ring)
{
ring->mark = 0;
}
/*
* Add characters from current segment to ring buffer.
*/
void
ring_supplied(Ring *ring, int count)
{
ring->supply = ring_increment(ring, ring->supply, count);
ring->supplytime = ++ring_clock;
}
/*
* We have just consumed "c" bytes.
*/
void
ring_consumed(Ring *ring, int count)
{
if (count == 0) /* don't update anything */
return;
if (ring->mark &&
(ring_subtract(ring, ring->mark, ring->consume) < count)) {
ring->mark = 0;
}
#if defined(ENCRYPTION)
if (ring->consume < ring->clearto &&
ring->clearto <= ring->consume + count)
ring->clearto = 0;
else if (ring->consume + count > ring->top &&
ring->bottom <= ring->clearto &&
ring->bottom + ((ring->consume + count) - ring->top))
ring->clearto = 0;
#endif
ring->consume = ring_increment(ring, ring->consume, count);
ring->consumetime = ++ring_clock;
/*
* Try to encourage "ring_empty_consecutive()" to be large.
*/
if (ring_empty(ring)) {
ring->consume = ring->supply = ring->bottom;
}
}
/* Buffer state query routines */
/* Number of bytes that may be supplied */
int
ring_empty_count(Ring *ring)
{
if (ring_empty(ring)) { /* if empty */
return ring->size;
} else {
return ring_subtract(ring, ring->consume, ring->supply);
}
}
/* number of CONSECUTIVE bytes that may be supplied */
int
ring_empty_consecutive(Ring *ring)
{
if ((ring->consume < ring->supply) || ring_empty(ring)) {
/*
* if consume is "below" supply, or empty, then
* return distance to the top
*/
return ring_subtract(ring, ring->top, ring->supply);
} else {
/*
* else, return what we may.
*/
return ring_subtract(ring, ring->consume, ring->supply);
}
}
/* Return the number of bytes that are available for consuming
* (but don't give more than enough to get to cross over set mark)
*/
int
ring_full_count(Ring *ring)
{
if ((ring->mark == 0) || (ring->mark == ring->consume)) {
if (ring_full(ring)) {
return ring->size; /* nothing consumed, but full */
} else {
return ring_subtract(ring, ring->supply, ring->consume);
}
} else {
return ring_subtract(ring, ring->mark, ring->consume);
}
}
/*
* Return the number of CONSECUTIVE bytes available for consuming.
* However, don't return more than enough to cross over set mark.
*/
int
ring_full_consecutive(Ring *ring)
{
if ((ring->mark == 0) || (ring->mark == ring->consume)) {
if ((ring->supply < ring->consume) || ring_full(ring)) {
return ring_subtract(ring, ring->top, ring->consume);
} else {
return ring_subtract(ring, ring->supply, ring->consume);
}
} else {
if (ring->mark < ring->consume) {
return ring_subtract(ring, ring->top, ring->consume);
} else { /* Else, distance to mark */
return ring_subtract(ring, ring->mark, ring->consume);
}
}
}
/*
* Move data into the "supply" portion of of the ring buffer.
*/
void
ring_supply_data(Ring *ring, unsigned char *buffer, int count)
{
int i;
while (count) {
i = min(count, ring_empty_consecutive(ring));
memmove(ring->supply, buffer, i);
ring_supplied(ring, i);
count -= i;
buffer += i;
}
}
#ifdef notdef
/*
* Move data from the "consume" portion of the ring buffer
*/
void
ring_consume_data(Ring *ring, unsigned char *buffer, int count)
{
int i;
while (count) {
i = min(count, ring_full_consecutive(ring));
memmove(buffer, ring->consume, i);
ring_consumed(ring, i);
count -= i;
buffer += i;
}
}
#endif
#if defined(ENCRYPTION)
void
ring_encrypt(Ring *ring, void (*encryptor)(unsigned char *, int))
{
unsigned char *s, *c;
if (ring_empty(ring) || ring->clearto == ring->supply)
return;
if (!(c = ring->clearto))
c = ring->consume;
s = ring->supply;
if (s <= c) {
(*encryptor)(c, ring->top - c);
(*encryptor)(ring->bottom, s - ring->bottom);
} else
(*encryptor)(c, s - c);
ring->clearto = ring->supply;
}
void
ring_clearto(Ring *ring)
{
if (!ring_empty(ring))
ring->clearto = ring->supply;
else
ring->clearto = 0;
}
#endif

99
crypto/heimdal/appl/telnet/telnet/ring.h Normal file
View File

@ -0,0 +1,99 @@
/*
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)ring.h 8.1 (Berkeley) 6/6/93
*/
/* $Id: ring.h,v 1.4 2000/02/06 05:15:47 assar Exp $ */
/*
* This defines a structure for a ring buffer.
*
* The circular buffer has two parts:
*(((
* full: [consume, supply)
* empty: [supply, consume)
*]]]
*
*/
typedef struct {
unsigned char *consume, /* where data comes out of */
*supply, /* where data comes in to */
*bottom, /* lowest address in buffer */
*top, /* highest address+1 in buffer */
*mark; /* marker (user defined) */
#if defined(ENCRYPTION)
unsigned char *clearto; /* Data to this point is clear text */
unsigned char *encryyptedto; /* Data is encrypted to here */
#endif
int size; /* size in bytes of buffer */
u_long consumetime, /* help us keep straight full, empty, etc. */
supplytime;
} Ring;
/* Here are some functions and macros to deal with the ring buffer */
/* Initialization routine */
extern int
ring_init (Ring *ring, unsigned char *buffer, int count);
/* Data movement routines */
extern void
ring_supply_data (Ring *ring, unsigned char *buffer, int count);
#ifdef notdef
extern void
ring_consume_data (Ring *ring, unsigned char *buffer, int count);
#endif
/* Buffer state transition routines */
extern void
ring_supplied (Ring *ring, int count),
ring_consumed (Ring *ring, int count);
/* Buffer state query routines */
extern int
ring_empty_count (Ring *ring),
ring_empty_consecutive (Ring *ring),
ring_full_count (Ring *ring),
ring_full_consecutive (Ring *ring);
#if defined(ENCRYPTION)
extern void
ring_encrypt (Ring *ring, void (*func)(unsigned char *, int)),
ring_clearto (Ring *ring);
#endif
extern int ring_at_mark(Ring *ring);
extern void
ring_clear_mark(Ring *ring),
ring_mark(Ring *ring);

972
crypto/heimdal/appl/telnet/telnet/sys_bsd.c Normal file
View File

@ -0,0 +1,972 @@
/*
* Copyright (c) 1988, 1990, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnet_locl.h"
RCSID("$Id: sys_bsd.c,v 1.23 1998/06/09 19:24:46 joda Exp $");
/*
* The following routines try to encapsulate what is system dependent
* (at least between 4.x and dos) which is used in telnet.c.
*/
int
tout, /* Output file descriptor */
tin, /* Input file descriptor */
net;
struct termios old_tc = { 0 };
extern struct termios new_tc;
# ifndef TCSANOW
# ifdef TCSETS
# define TCSANOW TCSETS
# define TCSADRAIN TCSETSW
# define tcgetattr(f, t) ioctl(f, TCGETS, (char *)t)
# else
# ifdef TCSETA
# define TCSANOW TCSETA
# define TCSADRAIN TCSETAW
# define tcgetattr(f, t) ioctl(f, TCGETA, (char *)t)
# else
# define TCSANOW TIOCSETA
# define TCSADRAIN TIOCSETAW
# define tcgetattr(f, t) ioctl(f, TIOCGETA, (char *)t)
# endif
# endif
# define tcsetattr(f, a, t) ioctl(f, a, (char *)t)
# define cfgetospeed(ptr) ((ptr)->c_cflag&CBAUD)
# ifdef CIBAUD
# define cfgetispeed(ptr) (((ptr)->c_cflag&CIBAUD) >> IBSHIFT)
# else
# define cfgetispeed(ptr) cfgetospeed(ptr)
# endif
# endif /* TCSANOW */
static fd_set ibits, obits, xbits;
void
init_sys(void)
{
tout = fileno(stdout);
tin = fileno(stdin);
FD_ZERO(&ibits);
FD_ZERO(&obits);
FD_ZERO(&xbits);
errno = 0;
}
int
TerminalWrite(char *buf, int n)
{
return write(tout, buf, n);
}
int
TerminalRead(unsigned char *buf, int n)
{
return read(tin, buf, n);
}
/*
*
*/
int
TerminalAutoFlush(void)
{
#if defined(LNOFLSH)
int flush;
ioctl(0, TIOCLGET, (char *)&flush);
return !(flush&LNOFLSH); /* if LNOFLSH, no autoflush */
#else /* LNOFLSH */
return 1;
#endif /* LNOFLSH */
}
#ifdef KLUDGELINEMODE
extern int kludgelinemode;
#endif
/*
* TerminalSpecialChars()
*
* Look at an input character to see if it is a special character
* and decide what to do.
*
* Output:
*
* 0 Don't add this character.
* 1 Do add this character
*/
int
TerminalSpecialChars(int c)
{
if (c == termIntChar) {
intp();
return 0;
} else if (c == termQuitChar) {
#ifdef KLUDGELINEMODE
if (kludgelinemode)
sendbrk();
else
#endif
sendabort();
return 0;
} else if (c == termEofChar) {
if (my_want_state_is_will(TELOPT_LINEMODE)) {
sendeof();
return 0;
}
return 1;
} else if (c == termSuspChar) {
sendsusp();
return(0);
} else if (c == termFlushChar) {
xmitAO(); /* Transmit Abort Output */
return 0;
} else if (!MODE_LOCAL_CHARS(globalmode)) {
if (c == termKillChar) {
xmitEL();
return 0;
} else if (c == termEraseChar) {
xmitEC(); /* Transmit Erase Character */
return 0;
}
}
return 1;
}
/*
* Flush output to the terminal
*/
void
TerminalFlushOutput(void)
{
#ifdef TIOCFLUSH
ioctl(fileno(stdout), TIOCFLUSH, (char *) 0);
#else
ioctl(fileno(stdout), TCFLSH, (char *) 0);
#endif
}
void
TerminalSaveState(void)
{
tcgetattr(0, &old_tc);
new_tc = old_tc;
#ifndef VDISCARD
termFlushChar = CONTROL('O');
#endif
#ifndef VWERASE
termWerasChar = CONTROL('W');
#endif
#ifndef VREPRINT
termRprntChar = CONTROL('R');
#endif
#ifndef VLNEXT
termLiteralNextChar = CONTROL('V');
#endif
#ifndef VSTART
termStartChar = CONTROL('Q');
#endif
#ifndef VSTOP
termStopChar = CONTROL('S');
#endif
#ifndef VSTATUS
termAytChar = CONTROL('T');
#endif
}
cc_t*
tcval(int func)
{
switch(func) {
case SLC_IP: return(&termIntChar);
case SLC_ABORT: return(&termQuitChar);
case SLC_EOF: return(&termEofChar);
case SLC_EC: return(&termEraseChar);
case SLC_EL: return(&termKillChar);
case SLC_XON: return(&termStartChar);
case SLC_XOFF: return(&termStopChar);
case SLC_FORW1: return(&termForw1Char);
case SLC_FORW2: return(&termForw2Char);
# ifdef VDISCARD
case SLC_AO: return(&termFlushChar);
# endif
# ifdef VSUSP
case SLC_SUSP: return(&termSuspChar);
# endif
# ifdef VWERASE
case SLC_EW: return(&termWerasChar);
# endif
# ifdef VREPRINT
case SLC_RP: return(&termRprntChar);
# endif
# ifdef VLNEXT
case SLC_LNEXT: return(&termLiteralNextChar);
# endif
# ifdef VSTATUS
case SLC_AYT: return(&termAytChar);
# endif
case SLC_SYNCH:
case SLC_BRK:
case SLC_EOR:
default:
return((cc_t *)0);
}
}
void
TerminalDefaultChars(void)
{
memmove(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc));
# ifndef VDISCARD
termFlushChar = CONTROL('O');
# endif
# ifndef VWERASE
termWerasChar = CONTROL('W');
# endif
# ifndef VREPRINT
termRprntChar = CONTROL('R');
# endif
# ifndef VLNEXT
termLiteralNextChar = CONTROL('V');
# endif
# ifndef VSTART
termStartChar = CONTROL('Q');
# endif
# ifndef VSTOP
termStopChar = CONTROL('S');
# endif
# ifndef VSTATUS
termAytChar = CONTROL('T');
# endif
}
#ifdef notdef
void
TerminalRestoreState()
{
}
#endif
/*
* TerminalNewMode - set up terminal to a specific mode.
* MODE_ECHO: do local terminal echo
* MODE_FLOW: do local flow control
* MODE_TRAPSIG: do local mapping to TELNET IAC sequences
* MODE_EDIT: do local line editing
*
* Command mode:
* MODE_ECHO|MODE_EDIT|MODE_FLOW|MODE_TRAPSIG
* local echo
* local editing
* local xon/xoff
* local signal mapping
*
* Linemode:
* local/no editing
* Both Linemode and Single Character mode:
* local/remote echo
* local/no xon/xoff
* local/no signal mapping
*/
#ifdef SIGTSTP
static RETSIGTYPE susp();
#endif /* SIGTSTP */
#ifdef SIGINFO
static RETSIGTYPE ayt();
#endif
void
TerminalNewMode(int f)
{
static int prevmode = 0;
struct termios tmp_tc;
int onoff;
int old;
cc_t esc;
globalmode = f&~MODE_FORCE;
if (prevmode == f)
return;
/*
* Write any outstanding data before switching modes
* ttyflush() returns 0 only when there is no more data
* left to write out, it returns -1 if it couldn't do
* anything at all, otherwise it returns 1 + the number
* of characters left to write.
*/
old = ttyflush(SYNCHing|flushout);
if (old < 0 || old > 1) {
tcgetattr(tin, &tmp_tc);
do {
/*
* Wait for data to drain, then flush again.
*/
tcsetattr(tin, TCSADRAIN, &tmp_tc);
old = ttyflush(SYNCHing|flushout);
} while (old < 0 || old > 1);
}
old = prevmode;
prevmode = f&~MODE_FORCE;
tmp_tc = new_tc;
if (f&MODE_ECHO) {
tmp_tc.c_lflag |= ECHO;
tmp_tc.c_oflag |= ONLCR;
if (crlf)
tmp_tc.c_iflag |= ICRNL;
} else {
tmp_tc.c_lflag &= ~ECHO;
tmp_tc.c_oflag &= ~ONLCR;
# ifdef notdef
if (crlf)
tmp_tc.c_iflag &= ~ICRNL;
# endif
}
if ((f&MODE_FLOW) == 0) {
tmp_tc.c_iflag &= ~(IXOFF|IXON); /* Leave the IXANY bit alone */
} else {
if (restartany < 0) {
tmp_tc.c_iflag |= IXOFF|IXON; /* Leave the IXANY bit alone */
} else if (restartany > 0) {
tmp_tc.c_iflag |= IXOFF|IXON|IXANY;
} else {
tmp_tc.c_iflag |= IXOFF|IXON;
tmp_tc.c_iflag &= ~IXANY;
}
}
if ((f&MODE_TRAPSIG) == 0) {
tmp_tc.c_lflag &= ~ISIG;
localchars = 0;
} else {
tmp_tc.c_lflag |= ISIG;
localchars = 1;
}
if (f&MODE_EDIT) {
tmp_tc.c_lflag |= ICANON;
} else {
tmp_tc.c_lflag &= ~ICANON;
tmp_tc.c_iflag &= ~ICRNL;
tmp_tc.c_cc[VMIN] = 1;
tmp_tc.c_cc[VTIME] = 0;
}
if ((f&(MODE_EDIT|MODE_TRAPSIG)) == 0) {
# ifdef VLNEXT
tmp_tc.c_cc[VLNEXT] = (cc_t)(_POSIX_VDISABLE);
# endif
}
if (f&MODE_SOFT_TAB) {
# ifdef OXTABS
tmp_tc.c_oflag |= OXTABS;
# endif
# ifdef TABDLY
tmp_tc.c_oflag &= ~TABDLY;
tmp_tc.c_oflag |= TAB3;
# endif
} else {
# ifdef OXTABS
tmp_tc.c_oflag &= ~OXTABS;
# endif
# ifdef TABDLY
tmp_tc.c_oflag &= ~TABDLY;
# endif
}
if (f&MODE_LIT_ECHO) {
# ifdef ECHOCTL
tmp_tc.c_lflag &= ~ECHOCTL;
# endif
} else {
# ifdef ECHOCTL
tmp_tc.c_lflag |= ECHOCTL;
# endif
}
if (f == -1) {
onoff = 0;
} else {
if (f & MODE_INBIN)
tmp_tc.c_iflag &= ~ISTRIP;
else
tmp_tc.c_iflag |= ISTRIP;
if ((f & MODE_OUTBIN) || (f & MODE_OUT8)) {
tmp_tc.c_cflag &= ~(CSIZE|PARENB);
tmp_tc.c_cflag |= CS8;
if(f & MODE_OUTBIN)
tmp_tc.c_oflag &= ~OPOST;
else
tmp_tc.c_oflag |= OPOST;
} else {
tmp_tc.c_cflag &= ~(CSIZE|PARENB);
tmp_tc.c_cflag |= old_tc.c_cflag & (CSIZE|PARENB);
tmp_tc.c_oflag |= OPOST;
}
onoff = 1;
}
if (f != -1) {
#ifdef SIGTSTP
signal(SIGTSTP, susp);
#endif /* SIGTSTP */
#ifdef SIGINFO
signal(SIGINFO, ayt);
#endif
#ifdef NOKERNINFO
tmp_tc.c_lflag |= NOKERNINFO;
#endif
/*
* We don't want to process ^Y here. It's just another
* character that we'll pass on to the back end. It has
* to process it because it will be processed when the
* user attempts to read it, not when we send it.
*/
# ifdef VDSUSP
tmp_tc.c_cc[VDSUSP] = (cc_t)(_POSIX_VDISABLE);
# endif
/*
* If the VEOL character is already set, then use VEOL2,
* otherwise use VEOL.
*/
esc = (rlogin != _POSIX_VDISABLE) ? rlogin : escape;
if ((tmp_tc.c_cc[VEOL] != esc)
# ifdef VEOL2
&& (tmp_tc.c_cc[VEOL2] != esc)
# endif
) {
if (tmp_tc.c_cc[VEOL] == (cc_t)(_POSIX_VDISABLE))
tmp_tc.c_cc[VEOL] = esc;
# ifdef VEOL2
else if (tmp_tc.c_cc[VEOL2] == (cc_t)(_POSIX_VDISABLE))
tmp_tc.c_cc[VEOL2] = esc;
# endif
}
} else {
sigset_t sm;
#ifdef SIGINFO
RETSIGTYPE ayt_status();
signal(SIGINFO, ayt_status);
#endif
#ifdef SIGTSTP
signal(SIGTSTP, SIG_DFL);
sigemptyset(&sm);
sigaddset(&sm, SIGTSTP);
sigprocmask(SIG_UNBLOCK, &sm, NULL);
#endif /* SIGTSTP */
tmp_tc = old_tc;
}
if (tcsetattr(tin, TCSADRAIN, &tmp_tc) < 0)
tcsetattr(tin, TCSANOW, &tmp_tc);
ioctl(tin, FIONBIO, (char *)&onoff);
ioctl(tout, FIONBIO, (char *)&onoff);
}
/*
* Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD).
*/
#if B4800 != 4800
#define DECODE_BAUD
#endif
#ifdef DECODE_BAUD
#ifndef B7200
#define B7200 B4800
#endif
#ifndef B14400
#define B14400 B9600
#endif
#ifndef B19200
# define B19200 B14400
#endif
#ifndef B28800
#define B28800 B19200
#endif
#ifndef B38400
# define B38400 B28800
#endif
#ifndef B57600
#define B57600 B38400
#endif
#ifndef B76800
#define B76800 B57600
#endif
#ifndef B115200
#define B115200 B76800
#endif
#ifndef B230400
#define B230400 B115200
#endif
/*
* This code assumes that the values B0, B50, B75...
* are in ascending order. They do not have to be
* contiguous.
*/
struct termspeeds {
long speed;
long value;
} termspeeds[] = {
{ 0, B0 }, { 50, B50 }, { 75, B75 },
{ 110, B110 }, { 134, B134 }, { 150, B150 },
{ 200, B200 }, { 300, B300 }, { 600, B600 },
{ 1200, B1200 }, { 1800, B1800 }, { 2400, B2400 },
{ 4800, B4800 }, { 7200, B7200 }, { 9600, B9600 },
{ 14400, B14400 }, { 19200, B19200 }, { 28800, B28800 },
{ 38400, B38400 }, { 57600, B57600 }, { 115200, B115200 },
{ 230400, B230400 }, { -1, B230400 }
};
#endif /* DECODE_BAUD */
void
TerminalSpeeds(long *input_speed, long *output_speed)
{
#ifdef DECODE_BAUD
struct termspeeds *tp;
#endif /* DECODE_BAUD */
long in, out;
out = cfgetospeed(&old_tc);
in = cfgetispeed(&old_tc);
if (in == 0)
in = out;
#ifdef DECODE_BAUD
tp = termspeeds;
while ((tp->speed != -1) && (tp->value < in))
tp++;
*input_speed = tp->speed;
tp = termspeeds;
while ((tp->speed != -1) && (tp->value < out))
tp++;
*output_speed = tp->speed;
#else /* DECODE_BAUD */
*input_speed = in;
*output_speed = out;
#endif /* DECODE_BAUD */
}
int
TerminalWindowSize(long *rows, long *cols)
{
struct winsize ws;
if (get_window_size (STDIN_FILENO, &ws) == 0) {
*rows = ws.ws_row;
*cols = ws.ws_col;
return 1;
} else
return 0;
}
int
NetClose(int fd)
{
return close(fd);
}
void
NetNonblockingIO(int fd, int onoff)
{
ioctl(fd, FIONBIO, (char *)&onoff);
}
/*
* Various signal handling routines.
*/
static RETSIGTYPE deadpeer(int),
intr(int), intr2(int), susp(int), sendwin(int);
#ifdef SIGINFO
static RETSIGTYPE ayt(int);
#endif
/* ARGSUSED */
static RETSIGTYPE
deadpeer(int sig)
{
setcommandmode();
longjmp(peerdied, -1);
}
/* ARGSUSED */
static RETSIGTYPE
intr(int sig)
{
if (localchars) {
intp();
return;
}
setcommandmode();
longjmp(toplevel, -1);
}
/* ARGSUSED */
static RETSIGTYPE
intr2(int sig)
{
if (localchars) {
#ifdef KLUDGELINEMODE
if (kludgelinemode)
sendbrk();
else
#endif
sendabort();
return;
}
}
#ifdef SIGTSTP
/* ARGSUSED */
static RETSIGTYPE
susp(int sig)
{
if ((rlogin != _POSIX_VDISABLE) && rlogin_susp())
return;
if (localchars)
sendsusp();
}
#endif
#ifdef SIGWINCH
/* ARGSUSED */
static RETSIGTYPE
sendwin(int sig)
{
if (connected) {
sendnaws();
}
}
#endif
#ifdef SIGINFO
/* ARGSUSED */
static RETSIGTYPE
ayt(int sig)
{
if (connected)
sendayt();
else
ayt_status(sig);
}
#endif
void
sys_telnet_init(void)
{
signal(SIGINT, intr);
signal(SIGQUIT, intr2);
signal(SIGPIPE, deadpeer);
#ifdef SIGWINCH
signal(SIGWINCH, sendwin);
#endif
#ifdef SIGTSTP
signal(SIGTSTP, susp);
#endif
#ifdef SIGINFO
signal(SIGINFO, ayt);
#endif
setconnmode(0);
NetNonblockingIO(net, 1);
#if defined(SO_OOBINLINE)
if (SetSockOpt(net, SOL_SOCKET, SO_OOBINLINE, 1) == -1) {
perror("SetSockOpt");
}
#endif /* defined(SO_OOBINLINE) */
}
/*
* Process rings -
*
* This routine tries to fill up/empty our various rings.
*
* The parameter specifies whether this is a poll operation,
* or a block-until-something-happens operation.
*
* The return value is 1 if something happened, 0 if not.
*/
int
process_rings(int netin,
int netout,
int netex,
int ttyin,
int ttyout,
int poll) /* If 0, then block until something to do */
{
int c;
/* One wants to be a bit careful about setting returnValue
* to one, since a one implies we did some useful work,
* and therefore probably won't be called to block next
* time (TN3270 mode only).
*/
int returnValue = 0;
static struct timeval TimeValue = { 0 };
if (netout) {
FD_SET(net, &obits);
}
if (ttyout) {
FD_SET(tout, &obits);
}
if (ttyin) {
FD_SET(tin, &ibits);
}
if (netin) {
FD_SET(net, &ibits);
}
#if !defined(SO_OOBINLINE)
if (netex) {
FD_SET(net, &xbits);
}
#endif
if ((c = select(16, &ibits, &obits, &xbits,
(poll == 0)? (struct timeval *)0 : &TimeValue)) < 0) {
if (c == -1) {
/*
* we can get EINTR if we are in line mode,
* and the user does an escape (TSTP), or
* some other signal generator.
*/
if (errno == EINTR) {
return 0;
}
/* I don't like this, does it ever happen? */
printf("sleep(5) from telnet, after select\r\n");
sleep(5);
}
return 0;
}
/*
* Any urgent data?
*/
if (FD_ISSET(net, &xbits)) {
FD_CLR(net, &xbits);
SYNCHing = 1;
ttyflush(1); /* flush already enqueued data */
}
/*
* Something to read from the network...
*/
if (FD_ISSET(net, &ibits)) {
int canread;
FD_CLR(net, &ibits);
canread = ring_empty_consecutive(&netiring);
#if !defined(SO_OOBINLINE)
/*
* In 4.2 (and some early 4.3) systems, the
* OOB indication and data handling in the kernel
* is such that if two separate TCP Urgent requests
* come in, one byte of TCP data will be overlaid.
* This is fatal for Telnet, but we try to live
* with it.
*
* In addition, in 4.2 (and...), a special protocol
* is needed to pick up the TCP Urgent data in
* the correct sequence.
*
* What we do is: if we think we are in urgent
* mode, we look to see if we are "at the mark".
* If we are, we do an OOB receive. If we run
* this twice, we will do the OOB receive twice,
* but the second will fail, since the second
* time we were "at the mark", but there wasn't
* any data there (the kernel doesn't reset
* "at the mark" until we do a normal read).
* Once we've read the OOB data, we go ahead
* and do normal reads.
*
* There is also another problem, which is that
* since the OOB byte we read doesn't put us
* out of OOB state, and since that byte is most
* likely the TELNET DM (data mark), we would
* stay in the TELNET SYNCH (SYNCHing) state.
* So, clocks to the rescue. If we've "just"
* received a DM, then we test for the
* presence of OOB data when the receive OOB
* fails (and AFTER we did the normal mode read
* to clear "at the mark").
*/
if (SYNCHing) {
int atmark;
static int bogus_oob = 0, first = 1;
ioctl(net, SIOCATMARK, (char *)&atmark);
if (atmark) {
c = recv(net, netiring.supply, canread, MSG_OOB);
if ((c == -1) && (errno == EINVAL)) {
c = recv(net, netiring.supply, canread, 0);
if (clocks.didnetreceive < clocks.gotDM) {
SYNCHing = stilloob();
}
} else if (first && c > 0) {
/*
* Bogosity check. Systems based on 4.2BSD
* do not return an error if you do a second
* recv(MSG_OOB). So, we do one. If it
* succeeds and returns exactly the same
* data, then assume that we are running
* on a broken system and set the bogus_oob
* flag. (If the data was different, then
* we probably got some valid new data, so
* increment the count...)
*/
int i;
i = recv(net, netiring.supply + c, canread - c, MSG_OOB);
if (i == c &&
memcmp(netiring.supply, netiring.supply + c, i) == 0) {
bogus_oob = 1;
first = 0;
} else if (i < 0) {
bogus_oob = 0;
first = 0;
} else
c += i;
}
if (bogus_oob && c > 0) {
int i;
/*
* Bogosity. We have to do the read
* to clear the atmark to get out of
* an infinate loop.
*/
i = read(net, netiring.supply + c, canread - c);
if (i > 0)
c += i;
}
} else {
c = recv(net, netiring.supply, canread, 0);
}
} else {
c = recv(net, netiring.supply, canread, 0);
}
settimer(didnetreceive);
#else /* !defined(SO_OOBINLINE) */
c = recv(net, (char *)netiring.supply, canread, 0);
#endif /* !defined(SO_OOBINLINE) */
if (c < 0 && errno == EWOULDBLOCK) {
c = 0;
} else if (c <= 0) {
return -1;
}
if (netdata) {
Dump('<', netiring.supply, c);
}
if (c)
ring_supplied(&netiring, c);
returnValue = 1;
}
/*
* Something to read from the tty...
*/
if (FD_ISSET(tin, &ibits)) {
FD_CLR(tin, &ibits);
c = TerminalRead(ttyiring.supply, ring_empty_consecutive(&ttyiring));
if (c < 0 && errno == EIO)
c = 0;
if (c < 0 && errno == EWOULDBLOCK) {
c = 0;
} else {
/* EOF detection for line mode!!!! */
if ((c == 0) && MODE_LOCAL_CHARS(globalmode) && isatty(tin)) {
/* must be an EOF... */
*ttyiring.supply = termEofChar;
c = 1;
}
if (c <= 0) {
return -1;
}
if (termdata) {
Dump('<', ttyiring.supply, c);
}
ring_supplied(&ttyiring, c);
}
returnValue = 1; /* did something useful */
}
if (FD_ISSET(net, &obits)) {
FD_CLR(net, &obits);
returnValue |= netflush();
}
if (FD_ISSET(tout, &obits)) {
FD_CLR(tout, &obits);
returnValue |= (ttyflush(SYNCHing|flushout) > 0);
}
return returnValue;
}

1369
crypto/heimdal/appl/telnet/telnet/telnet.1 Normal file
View File

File diff suppressed because it is too large Load Diff

2321
crypto/heimdal/appl/telnet/telnet/telnet.c Normal file
View File

File diff suppressed because it is too large Load Diff

173
crypto/heimdal/appl/telnet/telnet/telnet_locl.h Normal file
View File

@ -0,0 +1,173 @@
/*
* Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: telnet_locl.h,v 1.19 2000/02/04 09:49:28 assar Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
#include <ctype.h>
#ifdef HAVE_SIGNAL_H
#include <signal.h>
#endif
#include <errno.h>
#include <setjmp.h>
#ifdef HAVE_BSDSETJMP_H
#include <bsdsetjmp.h>
#endif
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
/* termios.h *must* be included before curses.h */
#ifdef HAVE_TERMIOS_H
#include <termios.h>
#endif
#if defined(SOCKS) && defined(HAVE_CURSES_H)
#include <curses.h>
#endif
#if defined(HAVE_SYS_TERMIO_H) && !defined(HAVE_TERMIOS_H)
#include <sys/termio.h>
#endif
#if defined(HAVE_TERMCAP_H)
#include <termcap.h>
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
#ifdef HAVE_SYS_SELECT_H
#include <sys/select.h>
#endif
#ifdef TIME_WITH_SYS_TIME
#include <sys/time.h>
#include <time.h>
#elif defined(HAVE_SYS_TIME_H)
#include <sys/time.h>
#else
#include <time.h>
#endif
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
/* not with SunOS 4 */
#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40
#include <sys/ioctl.h>
#endif
#ifdef HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#endif /* HAVE_SYS_RESOURCE_H */
#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
#ifdef HAVE_SYS_FILIO_H
#include <sys/filio.h>
#endif
#ifdef HAVE_SYS_FILE_H
#include <sys/file.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
#ifdef HAVE_NETINET6_IN6_H
#include <netinet6/in6.h>
#endif
#ifdef HAVE_NETINET_IN_SYSTM_H
#include <netinet/in_systm.h>
#endif
#ifdef HAVE_NETINET_IP_H
#include <netinet/ip.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_ARPA_TELNET_H
#include <arpa/telnet.h>
#endif
#ifdef SOCKS
#include <socks.h>
#endif
#include <roken.h>
/* krb.h? */
#if defined(AUTHENTICATION) || defined(ENCRYPTION)
#include <libtelnet/auth.h>
#include <libtelnet/encrypt.h>
#endif
#include <libtelnet/misc.h>
#include <libtelnet/misc-proto.h>
#define LINEMODE
#ifndef KLUDGELINEMODE
#define KLUDGELINEMODE
#endif
#include "ring.h"
#include "externs.h"
#include "defines.h"
#include "types.h"
/* prototypes */

225
crypto/heimdal/appl/telnet/telnet/terminal.c Normal file
View File

@ -0,0 +1,225 @@
/*
* Copyright (c) 1988, 1990, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnet_locl.h"
RCSID("$Id: terminal.c,v 1.10 1997/12/15 19:53:06 joda Exp $");
Ring ttyoring, ttyiring;
unsigned char ttyobuf[2*BUFSIZ], ttyibuf[BUFSIZ];
int termdata; /* Debugging flag */
# ifndef VDISCARD
cc_t termFlushChar;
# endif
# ifndef VLNEXT
cc_t termLiteralNextChar;
# endif
# ifndef VSUSP
cc_t termSuspChar;
# endif
# ifndef VWERASE
cc_t termWerasChar;
# endif
# ifndef VREPRINT
cc_t termRprntChar;
# endif
# ifndef VSTART
cc_t termStartChar;
# endif
# ifndef VSTOP
cc_t termStopChar;
# endif
# ifndef VEOL
cc_t termForw1Char;
# endif
# ifndef VEOL2
cc_t termForw2Char;
# endif
# ifndef VSTATUS
cc_t termAytChar;
# endif
/*
* initialize the terminal data structures.
*/
void
init_terminal(void)
{
if (ring_init(&ttyoring, ttyobuf, sizeof ttyobuf) != 1) {
exit(1);
}
if (ring_init(&ttyiring, ttyibuf, sizeof ttyibuf) != 1) {
exit(1);
}
autoflush = TerminalAutoFlush();
}
/*
* Send as much data as possible to the terminal.
*
* Return value:
* -1: No useful work done, data waiting to go out.
* 0: No data was waiting, so nothing was done.
* 1: All waiting data was written out.
* n: All data - n was written out.
*/
int
ttyflush(int drop)
{
int n, n0, n1;
n0 = ring_full_count(&ttyoring);
if ((n1 = n = ring_full_consecutive(&ttyoring)) > 0) {
if (drop) {
TerminalFlushOutput();
/* we leave 'n' alone! */
} else {
n = TerminalWrite((char *)ttyoring.consume, n);
}
}
if (n > 0) {
if (termdata && n) {
Dump('>', ttyoring.consume, n);
}
/*
* If we wrote everything, and the full count is
* larger than what we wrote, then write the
* rest of the buffer.
*/
if (n1 == n && n0 > n) {
n1 = n0 - n;
if (!drop)
n1 = TerminalWrite((char *)ttyoring.bottom, n1);
if (n1 > 0)
n += n1;
}
ring_consumed(&ttyoring, n);
}
if (n < 0)
return -1;
if (n == n0) {
if (n0)
return -1;
return 0;
}
return n0 - n + 1;
}
/*
* These routines decides on what the mode should be (based on the values
* of various global variables).
*/
int
getconnmode(void)
{
extern int linemode;
int mode = 0;
#ifdef KLUDGELINEMODE
extern int kludgelinemode;
#endif
if (my_want_state_is_dont(TELOPT_ECHO))
mode |= MODE_ECHO;
if (localflow)
mode |= MODE_FLOW;
if ((eight & 1) || my_want_state_is_will(TELOPT_BINARY))
mode |= MODE_INBIN;
if (eight & 2)
mode |= MODE_OUT8;
if (his_want_state_is_will(TELOPT_BINARY))
mode |= MODE_OUTBIN;
#ifdef KLUDGELINEMODE
if (kludgelinemode) {
if (my_want_state_is_dont(TELOPT_SGA)) {
mode |= (MODE_TRAPSIG|MODE_EDIT);
if (dontlecho && (clocks.echotoggle > clocks.modenegotiated)) {
mode &= ~MODE_ECHO;
}
}
return(mode);
}
#endif
if (my_want_state_is_will(TELOPT_LINEMODE))
mode |= linemode;
return(mode);
}
void
setconnmode(force)
int force;
{
#ifdef ENCRYPTION
static int enc_passwd = 0;
#endif
int newmode;
newmode = getconnmode()|(force?MODE_FORCE:0);
TerminalNewMode(newmode);
#ifdef ENCRYPTION
if ((newmode & (MODE_ECHO|MODE_EDIT)) == MODE_EDIT) {
if (my_want_state_is_will(TELOPT_ENCRYPT)
&& (enc_passwd == 0) && !encrypt_output) {
encrypt_request_start(0, 0);
enc_passwd = 1;
}
} else {
if (enc_passwd) {
encrypt_request_end();
enc_passwd = 0;
}
}
#endif
}
void
setcommandmode()
{
TerminalNewMode(-1);
}

52
crypto/heimdal/appl/telnet/telnet/types.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)types.h 8.1 (Berkeley) 6/6/93
*/
typedef struct {
char *modedescriptions;
char modetype;
} Modelist;
extern Modelist modelist[];
typedef struct {
int
system, /* what the current time is */
echotoggle, /* last time user entered echo character */
modenegotiated, /* last time operating mode negotiated */
didnetreceive, /* last time we read data from network */
gotDM; /* when did we last see a data mark */
} Clocks;
extern Clocks clocks;

863
crypto/heimdal/appl/telnet/telnet/utilities.c Normal file
View File

@ -0,0 +1,863 @@
/*
* Copyright (c) 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#define TELOPTS
#define TELCMDS
#define SLC_NAMES
#include "telnet_locl.h"
RCSID("$Id: utilities.c,v 1.22 1999/09/16 20:41:36 assar Exp $");
FILE *NetTrace = 0; /* Not in bss, since needs to stay */
int prettydump;
/*
* SetSockOpt()
*
* Compensate for differences in 4.2 and 4.3 systems.
*/
int
SetSockOpt(int fd, int level, int option, int yesno)
{
#ifdef HAVE_SETSOCKOPT
#ifndef NOT43
return setsockopt(fd, level, option,
(void *)&yesno, sizeof yesno);
#else /* NOT43 */
if (yesno == 0) { /* Can't do that in 4.2! */
fprintf(stderr, "Error: attempt to turn off an option 0x%x.\n",
option);
return -1;
}
return setsockopt(fd, level, option, 0, 0);
#endif /* NOT43 */
#else
return -1;
#endif
}
/*
* The following are routines used to print out debugging information.
*/
char NetTraceFile[256] = "(standard output)";
void
SetNetTrace(char *file)
{
if (NetTrace && NetTrace != stdout)
fclose(NetTrace);
if (file && (strcmp(file, "-") != 0)) {
NetTrace = fopen(file, "w");
if (NetTrace) {
strlcpy(NetTraceFile, file, sizeof(NetTraceFile));
return;
}
fprintf(stderr, "Cannot open %s.\n", file);
}
NetTrace = stdout;
strlcpy(NetTraceFile, "(standard output)", sizeof(NetTraceFile));
}
void
Dump(char direction, unsigned char *buffer, int length)
{
# define BYTES_PER_LINE 32
unsigned char *pThis;
int offset;
offset = 0;
while (length) {
/* print one line */
fprintf(NetTrace, "%c 0x%x\t", direction, offset);
pThis = buffer;
if (prettydump) {
buffer = buffer + min(length, BYTES_PER_LINE/2);
while (pThis < buffer) {
fprintf(NetTrace, "%c%.2x",
(((*pThis)&0xff) == 0xff) ? '*' : ' ',
(*pThis)&0xff);
pThis++;
}
length -= BYTES_PER_LINE/2;
offset += BYTES_PER_LINE/2;
} else {
buffer = buffer + min(length, BYTES_PER_LINE);
while (pThis < buffer) {
fprintf(NetTrace, "%.2x", (*pThis)&0xff);
pThis++;
}
length -= BYTES_PER_LINE;
offset += BYTES_PER_LINE;
}
if (NetTrace == stdout) {
fprintf(NetTrace, "\r\n");
} else {
fprintf(NetTrace, "\n");
}
if (length < 0) {
fflush(NetTrace);
return;
}
/* find next unique line */
}
fflush(NetTrace);
}
void
printoption(char *direction, int cmd, int option)
{
if (!showoptions)
return;
if (cmd == IAC) {
if (TELCMD_OK(option))
fprintf(NetTrace, "%s IAC %s", direction, TELCMD(option));
else
fprintf(NetTrace, "%s IAC %d", direction, option);
} else {
char *fmt;
fmt = (cmd == WILL) ? "WILL" : (cmd == WONT) ? "WONT" :
(cmd == DO) ? "DO" : (cmd == DONT) ? "DONT" : 0;
if (fmt) {
fprintf(NetTrace, "%s %s ", direction, fmt);
if (TELOPT_OK(option))
fprintf(NetTrace, "%s", TELOPT(option));
else if (option == TELOPT_EXOPL)
fprintf(NetTrace, "EXOPL");
else
fprintf(NetTrace, "%d", option);
} else
fprintf(NetTrace, "%s %d %d", direction, cmd, option);
}
if (NetTrace == stdout) {
fprintf(NetTrace, "\r\n");
fflush(NetTrace);
} else {
fprintf(NetTrace, "\n");
}
return;
}
void
optionstatus(void)
{
int i;
extern char will_wont_resp[], do_dont_resp[];
for (i = 0; i < 256; i++) {
if (do_dont_resp[i]) {
if (TELOPT_OK(i))
printf("resp DO_DONT %s: %d\n", TELOPT(i), do_dont_resp[i]);
else if (TELCMD_OK(i))
printf("resp DO_DONT %s: %d\n", TELCMD(i), do_dont_resp[i]);
else
printf("resp DO_DONT %d: %d\n", i,
do_dont_resp[i]);
if (my_want_state_is_do(i)) {
if (TELOPT_OK(i))
printf("want DO %s\n", TELOPT(i));
else if (TELCMD_OK(i))
printf("want DO %s\n", TELCMD(i));
else
printf("want DO %d\n", i);
} else {
if (TELOPT_OK(i))
printf("want DONT %s\n", TELOPT(i));
else if (TELCMD_OK(i))
printf("want DONT %s\n", TELCMD(i));
else
printf("want DONT %d\n", i);
}
} else {
if (my_state_is_do(i)) {
if (TELOPT_OK(i))
printf(" DO %s\n", TELOPT(i));
else if (TELCMD_OK(i))
printf(" DO %s\n", TELCMD(i));
else
printf(" DO %d\n", i);
}
}
if (will_wont_resp[i]) {
if (TELOPT_OK(i))
printf("resp WILL_WONT %s: %d\n", TELOPT(i), will_wont_resp[i]);
else if (TELCMD_OK(i))
printf("resp WILL_WONT %s: %d\n", TELCMD(i), will_wont_resp[i]);
else
printf("resp WILL_WONT %d: %d\n",
i, will_wont_resp[i]);
if (my_want_state_is_will(i)) {
if (TELOPT_OK(i))
printf("want WILL %s\n", TELOPT(i));
else if (TELCMD_OK(i))
printf("want WILL %s\n", TELCMD(i));
else
printf("want WILL %d\n", i);
} else {
if (TELOPT_OK(i))
printf("want WONT %s\n", TELOPT(i));
else if (TELCMD_OK(i))
printf("want WONT %s\n", TELCMD(i));
else
printf("want WONT %d\n", i);
}
} else {
if (my_state_is_will(i)) {
if (TELOPT_OK(i))
printf(" WILL %s\n", TELOPT(i));
else if (TELCMD_OK(i))
printf(" WILL %s\n", TELCMD(i));
else
printf(" WILL %d\n", i);
}
}
}
}
void
printsub(int direction, unsigned char *pointer, int length)
{
int i;
unsigned char buf[512];
extern int want_status_response;
if (showoptions || direction == 0 ||
(want_status_response && (pointer[0] == TELOPT_STATUS))) {
if (direction) {
fprintf(NetTrace, "%s IAC SB ",
(direction == '<')? "RCVD":"SENT");
if (length >= 3) {
int j;
i = pointer[length-2];
j = pointer[length-1];
if (i != IAC || j != SE) {
fprintf(NetTrace, "(terminated by ");
if (TELOPT_OK(i))
fprintf(NetTrace, "%s ", TELOPT(i));
else if (TELCMD_OK(i))
fprintf(NetTrace, "%s ", TELCMD(i));
else
fprintf(NetTrace, "%d ", i);
if (TELOPT_OK(j))
fprintf(NetTrace, "%s", TELOPT(j));
else if (TELCMD_OK(j))
fprintf(NetTrace, "%s", TELCMD(j));
else
fprintf(NetTrace, "%d", j);
fprintf(NetTrace, ", not IAC SE!) ");
}
}
length -= 2;
}
if (length < 1) {
fprintf(NetTrace, "(Empty suboption??\?)");
if (NetTrace == stdout)
fflush(NetTrace);
return;
}
switch (pointer[0]) {
case TELOPT_TTYPE:
fprintf(NetTrace, "TERMINAL-TYPE ");
switch (pointer[1]) {
case TELQUAL_IS:
fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2);
break;
case TELQUAL_SEND:
fprintf(NetTrace, "SEND");
break;
default:
fprintf(NetTrace,
"- unknown qualifier %d (0x%x).",
pointer[1], pointer[1]);
}
break;
case TELOPT_TSPEED:
fprintf(NetTrace, "TERMINAL-SPEED");
if (length < 2) {
fprintf(NetTrace, " (empty suboption??\?)");
break;
}
switch (pointer[1]) {
case TELQUAL_IS:
fprintf(NetTrace, " IS ");
fprintf(NetTrace, "%.*s", length-2, (char *)pointer+2);
break;
default:
if (pointer[1] == 1)
fprintf(NetTrace, " SEND");
else
fprintf(NetTrace, " %d (unknown)", pointer[1]);
for (i = 2; i < length; i++)
fprintf(NetTrace, " ?%d?", pointer[i]);
break;
}
break;
case TELOPT_LFLOW:
fprintf(NetTrace, "TOGGLE-FLOW-CONTROL");
if (length < 2) {
fprintf(NetTrace, " (empty suboption??\?)");
break;
}
switch (pointer[1]) {
case LFLOW_OFF:
fprintf(NetTrace, " OFF"); break;
case LFLOW_ON:
fprintf(NetTrace, " ON"); break;
case LFLOW_RESTART_ANY:
fprintf(NetTrace, " RESTART-ANY"); break;
case LFLOW_RESTART_XON:
fprintf(NetTrace, " RESTART-XON"); break;
default:
fprintf(NetTrace, " %d (unknown)", pointer[1]);
}
for (i = 2; i < length; i++)
fprintf(NetTrace, " ?%d?", pointer[i]);
break;
case TELOPT_NAWS:
fprintf(NetTrace, "NAWS");
if (length < 2) {
fprintf(NetTrace, " (empty suboption??\?)");
break;
}
if (length == 2) {
fprintf(NetTrace, " ?%d?", pointer[1]);
break;
}
fprintf(NetTrace, " %d %d (%d)",
pointer[1], pointer[2],
(int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2])));
if (length == 4) {
fprintf(NetTrace, " ?%d?", pointer[3]);
break;
}
fprintf(NetTrace, " %d %d (%d)",
pointer[3], pointer[4],
(int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4])));
for (i = 5; i < length; i++)
fprintf(NetTrace, " ?%d?", pointer[i]);
break;
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
fprintf(NetTrace, "AUTHENTICATION");
if (length < 2) {
fprintf(NetTrace, " (empty suboption??\?)");
break;
}
switch (pointer[1]) {
case TELQUAL_REPLY:
case TELQUAL_IS:
fprintf(NetTrace, " %s ", (pointer[1] == TELQUAL_IS) ?
"IS" : "REPLY");
if (AUTHTYPE_NAME_OK(pointer[2]))
fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[2]));
else
fprintf(NetTrace, "%d ", pointer[2]);
if (length < 3) {
fprintf(NetTrace, "(partial suboption??\?)");
break;
}
fprintf(NetTrace, "%s|%s",
((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
"CLIENT" : "SERVER",
((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
"MUTUAL" : "ONE-WAY");
auth_printsub(&pointer[1], length - 1, buf, sizeof(buf));
fprintf(NetTrace, "%s", buf);
break;
case TELQUAL_SEND:
i = 2;
fprintf(NetTrace, " SEND ");
while (i < length) {
if (AUTHTYPE_NAME_OK(pointer[i]))
fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[i]));
else
fprintf(NetTrace, "%d ", pointer[i]);
if (++i >= length) {
fprintf(NetTrace, "(partial suboption??\?)");
break;
}
fprintf(NetTrace, "%s|%s ",
((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ?
"CLIENT" : "SERVER",
((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ?
"MUTUAL" : "ONE-WAY");
++i;
}
break;
case TELQUAL_NAME:
i = 2;
fprintf(NetTrace, " NAME \"");
while (i < length)
putc(pointer[i++], NetTrace);
putc('"', NetTrace);
break;
default:
for (i = 2; i < length; i++)
fprintf(NetTrace, " ?%d?", pointer[i]);
break;
}
break;
#endif
#if defined(ENCRYPTION)
case TELOPT_ENCRYPT:
fprintf(NetTrace, "ENCRYPT");
if (length < 2) {
fprintf(NetTrace, " (empty suboption?)");
break;
}
switch (pointer[1]) {
case ENCRYPT_START:
fprintf(NetTrace, " START");
break;
case ENCRYPT_END:
fprintf(NetTrace, " END");
break;
case ENCRYPT_REQSTART:
fprintf(NetTrace, " REQUEST-START");
break;
case ENCRYPT_REQEND:
fprintf(NetTrace, " REQUEST-END");
break;
case ENCRYPT_IS:
case ENCRYPT_REPLY:
fprintf(NetTrace, " %s ", (pointer[1] == ENCRYPT_IS) ?
"IS" : "REPLY");
if (length < 3) {
fprintf(NetTrace, " (partial suboption?)");
break;
}
if (ENCTYPE_NAME_OK(pointer[2]))
fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[2]));
else
fprintf(NetTrace, " %d (unknown)", pointer[2]);
encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf));
fprintf(NetTrace, "%s", buf);
break;
case ENCRYPT_SUPPORT:
i = 2;
fprintf(NetTrace, " SUPPORT ");
while (i < length) {
if (ENCTYPE_NAME_OK(pointer[i]))
fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[i]));
else
fprintf(NetTrace, "%d ", pointer[i]);
i++;
}
break;
case ENCRYPT_ENC_KEYID:
fprintf(NetTrace, " ENC_KEYID ");
goto encommon;
case ENCRYPT_DEC_KEYID:
fprintf(NetTrace, " DEC_KEYID ");
goto encommon;
default:
fprintf(NetTrace, " %d (unknown)", pointer[1]);
encommon:
for (i = 2; i < length; i++)
fprintf(NetTrace, " %d", pointer[i]);
break;
}
break;
#endif
case TELOPT_LINEMODE:
fprintf(NetTrace, "LINEMODE ");
if (length < 2) {
fprintf(NetTrace, " (empty suboption??\?)");
break;
}
switch (pointer[1]) {
case WILL:
fprintf(NetTrace, "WILL ");
goto common;
case WONT:
fprintf(NetTrace, "WONT ");
goto common;
case DO:
fprintf(NetTrace, "DO ");
goto common;
case DONT:
fprintf(NetTrace, "DONT ");
common:
if (length < 3) {
fprintf(NetTrace, "(no option??\?)");
break;
}
switch (pointer[2]) {
case LM_FORWARDMASK:
fprintf(NetTrace, "Forward Mask");
for (i = 3; i < length; i++)
fprintf(NetTrace, " %x", pointer[i]);
break;
default:
fprintf(NetTrace, "%d (unknown)", pointer[2]);
for (i = 3; i < length; i++)
fprintf(NetTrace, " %d", pointer[i]);
break;
}
break;
case LM_SLC:
fprintf(NetTrace, "SLC");
for (i = 2; i < length - 2; i += 3) {
if (SLC_NAME_OK(pointer[i+SLC_FUNC]))
fprintf(NetTrace, " %s", SLC_NAME(pointer[i+SLC_FUNC]));
else
fprintf(NetTrace, " %d", pointer[i+SLC_FUNC]);
switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) {
case SLC_NOSUPPORT:
fprintf(NetTrace, " NOSUPPORT"); break;
case SLC_CANTCHANGE:
fprintf(NetTrace, " CANTCHANGE"); break;
case SLC_VARIABLE:
fprintf(NetTrace, " VARIABLE"); break;
case SLC_DEFAULT:
fprintf(NetTrace, " DEFAULT"); break;
}
fprintf(NetTrace, "%s%s%s",
pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "",
pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "",
pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : "");
if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN|
SLC_FLUSHOUT| SLC_LEVELBITS))
fprintf(NetTrace, "(0x%x)", pointer[i+SLC_FLAGS]);
fprintf(NetTrace, " %d;", pointer[i+SLC_VALUE]);
if ((pointer[i+SLC_VALUE] == IAC) &&
(pointer[i+SLC_VALUE+1] == IAC))
i++;
}
for (; i < length; i++)
fprintf(NetTrace, " ?%d?", pointer[i]);
break;
case LM_MODE:
fprintf(NetTrace, "MODE ");
if (length < 3) {
fprintf(NetTrace, "(no mode??\?)");
break;
}
{
char tbuf[64];
snprintf(tbuf, sizeof(tbuf),
"%s%s%s%s%s",
pointer[2]&MODE_EDIT ? "|EDIT" : "",
pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "",
pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "",
pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "",
pointer[2]&MODE_ACK ? "|ACK" : "");
fprintf(NetTrace, "%s", tbuf[1] ? &tbuf[1] : "0");
}
if (pointer[2]&~(MODE_MASK))
fprintf(NetTrace, " (0x%x)", pointer[2]);
for (i = 3; i < length; i++)
fprintf(NetTrace, " ?0x%x?", pointer[i]);
break;
default:
fprintf(NetTrace, "%d (unknown)", pointer[1]);
for (i = 2; i < length; i++)
fprintf(NetTrace, " %d", pointer[i]);
}
break;
case TELOPT_STATUS: {
char *cp;
int j, k;
fprintf(NetTrace, "STATUS");
switch (pointer[1]) {
default:
if (pointer[1] == TELQUAL_SEND)
fprintf(NetTrace, " SEND");
else
fprintf(NetTrace, " %d (unknown)", pointer[1]);
for (i = 2; i < length; i++)
fprintf(NetTrace, " ?%d?", pointer[i]);
break;
case TELQUAL_IS:
if (--want_status_response < 0)
want_status_response = 0;
if (NetTrace == stdout)
fprintf(NetTrace, " IS\r\n");
else
fprintf(NetTrace, " IS\n");
for (i = 2; i < length; i++) {
switch(pointer[i]) {
case DO: cp = "DO"; goto common2;
case DONT: cp = "DONT"; goto common2;
case WILL: cp = "WILL"; goto common2;
case WONT: cp = "WONT"; goto common2;
common2:
i++;
if (TELOPT_OK((int)pointer[i]))
fprintf(NetTrace, " %s %s", cp, TELOPT(pointer[i]));
else
fprintf(NetTrace, " %s %d", cp, pointer[i]);
if (NetTrace == stdout)
fprintf(NetTrace, "\r\n");
else
fprintf(NetTrace, "\n");
break;
case SB:
fprintf(NetTrace, " SB ");
i++;
j = k = i;
while (j < length) {
if (pointer[j] == SE) {
if (j+1 == length)
break;
if (pointer[j+1] == SE)
j++;
else
break;
}
pointer[k++] = pointer[j++];
}
printsub(0, &pointer[i], k - i);
if (i < length) {
fprintf(NetTrace, " SE");
i = j;
} else
i = j - 1;
if (NetTrace == stdout)
fprintf(NetTrace, "\r\n");
else
fprintf(NetTrace, "\n");
break;
default:
fprintf(NetTrace, " %d", pointer[i]);
break;
}
}
break;
}
break;
}
case TELOPT_XDISPLOC:
fprintf(NetTrace, "X-DISPLAY-LOCATION ");
switch (pointer[1]) {
case TELQUAL_IS:
fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2);
break;
case TELQUAL_SEND:
fprintf(NetTrace, "SEND");
break;
default:
fprintf(NetTrace, "- unknown qualifier %d (0x%x).",
pointer[1], pointer[1]);
}
break;
case TELOPT_NEW_ENVIRON:
fprintf(NetTrace, "NEW-ENVIRON ");
#ifdef OLD_ENVIRON
goto env_common1;
case TELOPT_OLD_ENVIRON:
fprintf(NetTrace, "OLD-ENVIRON");
env_common1:
#endif
switch (pointer[1]) {
case TELQUAL_IS:
fprintf(NetTrace, "IS ");
goto env_common;
case TELQUAL_SEND:
fprintf(NetTrace, "SEND ");
goto env_common;
case TELQUAL_INFO:
fprintf(NetTrace, "INFO ");
env_common:
{
int noquote = 2;
for (i = 2; i < length; i++ ) {
switch (pointer[i]) {
case NEW_ENV_VALUE:
#ifdef OLD_ENVIRON
/* case NEW_ENV_OVAR: */
if (pointer[0] == TELOPT_OLD_ENVIRON) {
fprintf(NetTrace, "\" VAR " + noquote);
} else
#endif /* OLD_ENVIRON */
fprintf(NetTrace, "\" VALUE " + noquote);
noquote = 2;
break;
case NEW_ENV_VAR:
#ifdef OLD_ENVIRON
/* case OLD_ENV_VALUE: */
if (pointer[0] == TELOPT_OLD_ENVIRON) {
fprintf(NetTrace, "\" VALUE " + noquote);
} else
#endif /* OLD_ENVIRON */
fprintf(NetTrace, "\" VAR " + noquote);
noquote = 2;
break;
case ENV_ESC:
fprintf(NetTrace, "\" ESC " + noquote);
noquote = 2;
break;
case ENV_USERVAR:
fprintf(NetTrace, "\" USERVAR " + noquote);
noquote = 2;
break;
default:
if (isprint(pointer[i]) && pointer[i] != '"') {
if (noquote) {
putc('"', NetTrace);
noquote = 0;
}
putc(pointer[i], NetTrace);
} else {
fprintf(NetTrace, "\" %03o " + noquote,
pointer[i]);
noquote = 2;
}
break;
}
}
if (!noquote)
putc('"', NetTrace);
break;
}
}
break;
default:
if (TELOPT_OK(pointer[0]))
fprintf(NetTrace, "%s (unknown)", TELOPT(pointer[0]));
else
fprintf(NetTrace, "%d (unknown)", pointer[0]);
for (i = 1; i < length; i++)
fprintf(NetTrace, " %d", pointer[i]);
break;
}
if (direction) {
if (NetTrace == stdout)
fprintf(NetTrace, "\r\n");
else
fprintf(NetTrace, "\n");
}
if (NetTrace == stdout)
fflush(NetTrace);
}
}
/* EmptyTerminal - called to make sure that the terminal buffer is empty.
* Note that we consider the buffer to run all the
* way to the kernel (thus the select).
*/
void
EmptyTerminal(void)
{
fd_set outs;
FD_ZERO(&outs);
if (TTYBYTES() == 0) {
FD_SET(tout, &outs);
select(tout+1, 0, &outs, 0,
(struct timeval *) 0); /* wait for TTLOWAT */
} else {
while (TTYBYTES()) {
ttyflush(0);
FD_SET(tout, &outs);
select(tout+1, 0, &outs, 0,
(struct timeval *) 0); /* wait for TTLOWAT */
}
}
}
void
SetForExit(void)
{
setconnmode(0);
do {
telrcv(); /* Process any incoming data */
EmptyTerminal();
} while (ring_full_count(&netiring)); /* While there is any */
setcommandmode();
fflush(stdout);
fflush(stderr);
setconnmode(0);
EmptyTerminal(); /* Flush the path to the tty */
setcommandmode();
}
void
Exit(int returnCode)
{
SetForExit();
exit(returnCode);
}
void
ExitString(char *string, int returnCode)
{
SetForExit();
fwrite(string, 1, strlen(string), stderr);
exit(returnCode);
}

23
crypto/heimdal/appl/telnet/telnetd/Makefile.am Normal file
View File

@ -0,0 +1,23 @@
# $Id: Makefile.am,v 1.13 2000/01/06 15:12:46 assar Exp $
include $(top_srcdir)/Makefile.am.common
INCLUDES += -I$(srcdir)/.. $(INCLUDE_krb4)
libexec_PROGRAMS = telnetd
CHECK_LOCAL =
telnetd_SOURCES = telnetd.c state.c termstat.c slc.c sys_term.c \
utility.c global.c authenc.c defs.h ext.h telnetd.h
man_MANS = telnetd.8
LDADD = \
../libtelnet/libtelnet.a \
$(LIB_krb5) \
$(LIB_krb4) \
$(top_builddir)/lib/des/libdes.la \
$(LIB_tgetent) \
$(LIB_logwtmp) \
$(LIB_roken)

683
crypto/heimdal/appl/telnet/telnetd/Makefile.in Normal file
View File

@ -0,0 +1,683 @@
# Makefile.in generated automatically by automake 1.4 from Makefile.am
# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
# $Id: Makefile.am,v 1.13 2000/01/06 15:12:46 assar Exp $
# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
SHELL = @SHELL@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = @bindir@
sbindir = @sbindir@
libexecdir = @libexecdir@
datadir = @datadir@
sysconfdir = @sysconfdir@
sharedstatedir = @sharedstatedir@
localstatedir = @localstatedir@
libdir = @libdir@
infodir = @infodir@
mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
DESTDIR =
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ../../..
ACLOCAL = @ACLOCAL@
AUTOCONF = @AUTOCONF@
AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
transform = @program_transform_name@
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
host_alias = @host_alias@
host_triplet = @host@
AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
DBLIB = @DBLIB@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
INCLUDE_ = @INCLUDE_@
LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
NM = @NM@
NROFF = @NROFF@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
INCLUDES = -I$(top_builddir)/include -I$(srcdir)/.. $(INCLUDE_krb4)
AM_CFLAGS = $(WFLAGS)
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
LIB_XauReadAuth = @LIB_XauReadAuth@
LIB_crypt = @LIB_crypt@
LIB_dbm_firstkey = @LIB_dbm_firstkey@
LIB_dbopen = @LIB_dbopen@
LIB_dlopen = @LIB_dlopen@
LIB_dn_expand = @LIB_dn_expand@
LIB_el_init = @LIB_el_init@
LIB_getattr = @LIB_getattr@
LIB_gethostbyname = @LIB_gethostbyname@
LIB_getpwent_r = @LIB_getpwent_r@
LIB_getpwnam_r = @LIB_getpwnam_r@
LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
LIB_setsockopt = @LIB_setsockopt@
LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
cat1dir = $(mandir)/cat1
cat3dir = $(mandir)/cat3
cat5dir = $(mandir)/cat5
cat8dir = $(mandir)/cat8
MANRX = \(.*\)\.\([0-9]\)
CATSUFFIX = @CATSUFFIX@
NROFF_MAN = groff -mandoc -Tascii
@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL =
libexec_PROGRAMS = telnetd
telnetd_SOURCES = telnetd.c state.c termstat.c slc.c sys_term.c utility.c global.c authenc.c defs.h ext.h telnetd.h
man_MANS = telnetd.8
LDADD = ../libtelnet/libtelnet.a $(LIB_krb5) $(LIB_krb4) $(top_builddir)/lib/des/libdes.la $(LIB_tgetent) $(LIB_logwtmp) $(LIB_roken)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../../include/config.h
CONFIG_CLEAN_FILES =
libexec_PROGRAMS = telnetd$(EXEEXT)
PROGRAMS = $(libexec_PROGRAMS)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
telnetd_OBJECTS = telnetd.$(OBJEXT) state.$(OBJEXT) termstat.$(OBJEXT) \
slc.$(OBJEXT) sys_term.$(OBJEXT) utility.$(OBJEXT) global.$(OBJEXT) \
authenc.$(OBJEXT)
telnetd_LDADD = $(LDADD)
@KRB5_TRUE@telnetd_DEPENDENCIES = ../libtelnet/libtelnet.a \
@KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
@KRB5_TRUE@$(top_builddir)/lib/asn1/libasn1.la \
@KRB5_TRUE@$(top_builddir)/lib/des/libdes.la
@KRB5_FALSE@telnetd_DEPENDENCIES = ../libtelnet/libtelnet.a \
@KRB5_FALSE@$(top_builddir)/lib/des/libdes.la
telnetd_LDFLAGS =
CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
man8dir = $(mandir)/man8
MANS = $(man_MANS)
DIST_COMMON = Makefile.am Makefile.in
DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
TAR = tar
GZIP_ENV = --best
SOURCES = $(telnetd_SOURCES)
OBJECTS = $(telnetd_OBJECTS)
all: all-redirect
.SUFFIXES:
.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign appl/telnet/telnetd/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
cd $(top_builddir) \
&& CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
mostlyclean-libexecPROGRAMS:
clean-libexecPROGRAMS:
-test -z "$(libexec_PROGRAMS)" || rm -f $(libexec_PROGRAMS)
distclean-libexecPROGRAMS:
maintainer-clean-libexecPROGRAMS:
install-libexecPROGRAMS: $(libexec_PROGRAMS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(libexecdir)
@list='$(libexec_PROGRAMS)'; for p in $$list; do \
if test -f $$p; then \
echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \
$(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
else :; fi; \
done
uninstall-libexecPROGRAMS:
@$(NORMAL_UNINSTALL)
list='$(libexec_PROGRAMS)'; for p in $$list; do \
rm -f $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
done
.c.o:
$(COMPILE) -c $<
# FIXME: We should only use cygpath when building on Windows,
# and only if it is available.
.c.obj:
$(COMPILE) -c `cygpath -w $<`
.s.o:
$(COMPILE) -c $<
.S.o:
$(COMPILE) -c $<
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
clean-compile:
distclean-compile:
-rm -f *.tab.c
maintainer-clean-compile:
.c.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
.s.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
.S.lo:
$(LIBTOOL) --mode=compile $(COMPILE) -c $<
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
distclean-libtool:
maintainer-clean-libtool:
telnetd$(EXEEXT): $(telnetd_OBJECTS) $(telnetd_DEPENDENCIES)
@rm -f telnetd$(EXEEXT)
$(LINK) $(telnetd_LDFLAGS) $(telnetd_OBJECTS) $(telnetd_LDADD) $(LIBS)
install-man8:
$(mkinstalldirs) $(DESTDIR)$(man8dir)
@list='$(man8_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.8*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst; \
done
uninstall-man8:
@list='$(man8_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.8*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man8dir)/$$inst"; \
rm -f $(DESTDIR)$(man8dir)/$$inst; \
done
install-man: $(MANS)
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) install-man8
uninstall-man:
@$(NORMAL_UNINSTALL)
$(MAKE) $(AM_MAKEFLAGS) uninstall-man8
tags: TAGS
ID: $(HEADERS) $(SOURCES) $(LISP)
list='$(SOURCES) $(HEADERS)'; \
unique=`for i in $$list; do echo $$i; done | \
awk ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
here=`pwd` && cd $(srcdir) \
&& mkid -f$$here/ID $$unique $(LISP)
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SOURCES) $(HEADERS)'; \
unique=`for i in $$list; do echo $$i; done | \
awk ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
|| (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
mostlyclean-tags:
clean-tags:
distclean-tags:
-rm -f TAGS ID
maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
subdir = appl/telnet/telnetd
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
cp -pr $$/$$file $(distdir)/$$file; \
else \
test -f $(distdir)/$$file \
|| ln $$d/$$file $(distdir)/$$file 2> /dev/null \
|| cp -p $$d/$$file $(distdir)/$$file || :; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
info-am:
info: info-am
dvi-am:
dvi: dvi-am
check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) check-local
check: check-am
installcheck-am:
installcheck: installcheck-am
install-exec-am: install-libexecPROGRAMS
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
install-exec: install-exec-am
install-data-am: install-man install-data-local
install-data: install-data-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
install: install-am
uninstall-am: uninstall-libexecPROGRAMS uninstall-man
uninstall: uninstall-am
all-am: Makefile $(PROGRAMS) $(MANS) all-local
all-redirect: all-am
install-strip:
$(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(libexecdir) $(DESTDIR)$(mandir)/man8
mostlyclean-generic:
clean-generic:
distclean-generic:
-rm -f Makefile $(CONFIG_CLEAN_FILES)
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
mostlyclean-am: mostlyclean-libexecPROGRAMS mostlyclean-compile \
mostlyclean-libtool mostlyclean-tags \
mostlyclean-generic
mostlyclean: mostlyclean-am
clean-am: clean-libexecPROGRAMS clean-compile clean-libtool clean-tags \
clean-generic mostlyclean-am
clean: clean-am
distclean-am: distclean-libexecPROGRAMS distclean-compile \
distclean-libtool distclean-tags distclean-generic \
clean-am
-rm -f libtool
distclean: distclean-am
maintainer-clean-am: maintainer-clean-libexecPROGRAMS \
maintainer-clean-compile maintainer-clean-libtool \
maintainer-clean-tags maintainer-clean-generic \
distclean-am
@echo "This command is intended for maintainers to use;"
@echo "it deletes files that may require special tools to rebuild."
maintainer-clean: maintainer-clean-am
.PHONY: mostlyclean-libexecPROGRAMS distclean-libexecPROGRAMS \
clean-libexecPROGRAMS maintainer-clean-libexecPROGRAMS \
uninstall-libexecPROGRAMS install-libexecPROGRAMS mostlyclean-compile \
distclean-compile clean-compile maintainer-clean-compile \
mostlyclean-libtool distclean-libtool clean-libtool \
maintainer-clean-libtool install-man8 uninstall-man8 install-man \
uninstall-man tags mostlyclean-tags distclean-tags clean-tags \
maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \
check-am installcheck-am installcheck install-exec-am install-exec \
install-data-local install-data-am install-data install-am install \
uninstall-am uninstall all-local all-redirect all-am all installdirs \
mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
install-suid-programs:
@foo='$(bin_SUIDS)'; \
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
chmod 0 $$x; fi; done
install-exec-hook: install-suid-programs
install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
@foo='$(include_HEADERS) $(build_HEADERZ)'; \
for f in $$foo; do \
f=`basename $$f`; \
if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
echo " cp $$file $(buildinclude)/$$f"; \
cp $$file $(buildinclude)/$$f; \
fi ; \
done
all-local: install-build-headers
#NROFF_MAN = nroff -man
.1.cat1:
$(NROFF_MAN) $< > $@
.3.cat3:
$(NROFF_MAN) $< > $@
.5.cat5:
$(NROFF_MAN) $< > $@
.8.cat8:
$(NROFF_MAN) $< > $@
dist-cat1-mans:
@foo='$(man1_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.1) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat3-mans:
@foo='$(man3_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.3) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat5-mans:
@foo='$(man5_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.5) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-cat8-mans:
@foo='$(man8_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.8) foo="$$foo $$i";; \
esac; done ;\
for i in $$foo; do \
x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
done
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
install-cat1-mans:
@ext=1;\
foo='$(man1_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.1) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat1dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat3-mans:
@ext=3;\
foo='$(man3_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.3) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat3dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat5-mans:
@ext=5;\
foo='$(man5_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.5) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat5dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat8-mans:
@ext=8;\
foo='$(man8_MANS)'; \
bar='$(man_MANS)'; \
for i in $$bar; do \
case $$i in \
*.8) foo="$$foo $$i";; \
esac; done; \
if test "$$foo"; then \
$(mkinstalldirs) $(DESTDIR)$(cat8dir); \
for x in $$foo; do \
f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
if test -f "$(srcdir)/$$f"; then \
b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
$(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
fi; \
done ;\
fi
install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
install-data-local: install-cat-mans
.et.h:
$(COMPILE_ET) $<
.et.c:
$(COMPILE_ET) $<
.x.c:
@cmp -s $< $@ 2> /dev/null || cp $< $@
check-local::
@foo='$(CHECK_LOCAL)'; \
if test "$$foo"; then \
failed=0; all=0; \
for i in $$foo; do \
all=`expr $$all + 1`; \
if ./$$i --version > /dev/null 2>&1; then \
echo "PASS: $$i"; \
else \
echo "FAIL: $$i"; \
failed=`expr $$failed + 1`; \
fi; \
done; \
if test "$$failed" -eq 0; then \
banner="All $$all tests passed"; \
else \
banner="$$failed of $$all tests failed"; \
fi; \
dashes=`echo "$$banner" | sed s/./=/g`; \
echo "$$dashes"; \
echo "$$banner"; \
echo "$$dashes"; \
test "$$failed" -eq 0; \
fi
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

81
crypto/heimdal/appl/telnet/telnetd/authenc.c Normal file
View File

@ -0,0 +1,81 @@
/*-
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnetd.h"
RCSID("$Id: authenc.c,v 1.9 1999/09/05 19:14:50 assar Exp $");
#ifdef AUTHENTICATION
int
telnet_net_write(unsigned char *str, int len)
{
if (nfrontp + len < netobuf + BUFSIZ) {
memmove(nfrontp, str, len);
nfrontp += len;
return(len);
}
return(0);
}
void
net_encrypt(void)
{
#ifdef ENCRYPTION
char *s = (nclearto > nbackp) ? nclearto : nbackp;
if (s < nfrontp && encrypt_output) {
(*encrypt_output)((unsigned char *)s, nfrontp - s);
}
nclearto = nfrontp;
#endif
}
int
telnet_spin(void)
{
return ttloop();
}
char *
telnet_getenv(char *val)
{
extern char *getenv(const char *);
return(getenv(val));
}
char *
telnet_gets(char *prompt, char *result, int length, int echo)
{
return NULL;
}
#endif

190
crypto/heimdal/appl/telnet/telnetd/defs.h Normal file
View File

@ -0,0 +1,190 @@
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)defs.h 8.1 (Berkeley) 6/4/93
*/
/*
* Telnet server defines
*/
#ifndef __DEFS_H__
#define __DEFS_H__
#ifndef BSD
# define BSD 43
#endif
#if defined(PRINTOPTIONS) && defined(DIAGNOSTICS)
#define TELOPTS
#define TELCMDS
#define SLC_NAMES
#endif
#if !defined(TIOCSCTTY) && defined(TCSETCTTY)
# define TIOCSCTTY TCSETCTTY
#endif
#ifndef TIOCPKT_FLUSHWRITE
#define TIOCPKT_FLUSHWRITE 0x02
#endif
#ifndef TIOCPKT_NOSTOP
#define TIOCPKT_NOSTOP 0x10
#endif
#ifndef TIOCPKT_DOSTOP
#define TIOCPKT_DOSTOP 0x20
#endif
/*
* I/O data buffers defines
*/
#define NETSLOP 64
#ifdef _CRAY
#undef BUFSIZ
#define BUFSIZ 2048
#endif
#define NIACCUM(c) { *netip++ = c; \
ncc++; \
}
/* clock manipulations */
#define settimer(x) (clocks.x = ++clocks.system)
#define sequenceIs(x,y) (clocks.x < clocks.y)
/*
* Structures of information for each special character function.
*/
typedef struct {
unsigned char flag; /* the flags for this function */
cc_t val; /* the value of the special character */
} slcent, *Slcent;
typedef struct {
slcent defset; /* the default settings */
slcent current; /* the current settings */
cc_t *sptr; /* a pointer to the char in */
/* system data structures */
} slcfun, *Slcfun;
#ifdef DIAGNOSTICS
/*
* Diagnostics capabilities
*/
#define TD_REPORT 0x01 /* Report operations to client */
#define TD_EXERCISE 0x02 /* Exercise client's implementation */
#define TD_NETDATA 0x04 /* Display received data stream */
#define TD_PTYDATA 0x08 /* Display data passed to pty */
#define TD_OPTIONS 0x10 /* Report just telnet options */
#endif /* DIAGNOSTICS */
/*
* We keep track of each side of the option negotiation.
*/
#define MY_STATE_WILL 0x01
#define MY_WANT_STATE_WILL 0x02
#define MY_STATE_DO 0x04
#define MY_WANT_STATE_DO 0x08
/*
* Macros to check the current state of things
*/
#define my_state_is_do(opt) (options[opt]&MY_STATE_DO)
#define my_state_is_will(opt) (options[opt]&MY_STATE_WILL)
#define my_want_state_is_do(opt) (options[opt]&MY_WANT_STATE_DO)
#define my_want_state_is_will(opt) (options[opt]&MY_WANT_STATE_WILL)
#define my_state_is_dont(opt) (!my_state_is_do(opt))
#define my_state_is_wont(opt) (!my_state_is_will(opt))
#define my_want_state_is_dont(opt) (!my_want_state_is_do(opt))
#define my_want_state_is_wont(opt) (!my_want_state_is_will(opt))
#define set_my_state_do(opt) (options[opt] |= MY_STATE_DO)
#define set_my_state_will(opt) (options[opt] |= MY_STATE_WILL)
#define set_my_want_state_do(opt) (options[opt] |= MY_WANT_STATE_DO)
#define set_my_want_state_will(opt) (options[opt] |= MY_WANT_STATE_WILL)
#define set_my_state_dont(opt) (options[opt] &= ~MY_STATE_DO)
#define set_my_state_wont(opt) (options[opt] &= ~MY_STATE_WILL)
#define set_my_want_state_dont(opt) (options[opt] &= ~MY_WANT_STATE_DO)
#define set_my_want_state_wont(opt) (options[opt] &= ~MY_WANT_STATE_WILL)
/*
* Tricky code here. What we want to know is if the MY_STATE_WILL
* and MY_WANT_STATE_WILL bits have the same value. Since the two
* bits are adjacent, a little arithmatic will show that by adding
* in the lower bit, the upper bit will be set if the two bits were
* different, and clear if they were the same.
*/
#define my_will_wont_is_changing(opt) \
((options[opt]+MY_STATE_WILL) & MY_WANT_STATE_WILL)
#define my_do_dont_is_changing(opt) \
((options[opt]+MY_STATE_DO) & MY_WANT_STATE_DO)
/*
* Make everything symetrical
*/
#define HIS_STATE_WILL MY_STATE_DO
#define HIS_WANT_STATE_WILL MY_WANT_STATE_DO
#define HIS_STATE_DO MY_STATE_WILL
#define HIS_WANT_STATE_DO MY_WANT_STATE_WILL
#define his_state_is_do my_state_is_will
#define his_state_is_will my_state_is_do
#define his_want_state_is_do my_want_state_is_will
#define his_want_state_is_will my_want_state_is_do
#define his_state_is_dont my_state_is_wont
#define his_state_is_wont my_state_is_dont
#define his_want_state_is_dont my_want_state_is_wont
#define his_want_state_is_wont my_want_state_is_dont
#define set_his_state_do set_my_state_will
#define set_his_state_will set_my_state_do
#define set_his_want_state_do set_my_want_state_will
#define set_his_want_state_will set_my_want_state_do
#define set_his_state_dont set_my_state_wont
#define set_his_state_wont set_my_state_dont
#define set_his_want_state_dont set_my_want_state_wont
#define set_his_want_state_wont set_my_want_state_dont
#define his_will_wont_is_changing my_do_dont_is_changing
#define his_do_dont_is_changing my_will_wont_is_changing
#endif /* __DEFS_H__ */

202
crypto/heimdal/appl/telnet/telnetd/ext.h Normal file
View File

@ -0,0 +1,202 @@
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)ext.h 8.2 (Berkeley) 12/15/93
*/
/* $Id: ext.h,v 1.19 1999/09/05 19:15:21 assar Exp $ */
#ifndef __EXT_H__
#define __EXT_H__
/*
* Telnet server variable declarations
*/
extern char options[256];
extern char do_dont_resp[256];
extern char will_wont_resp[256];
extern int flowmode; /* current flow control state */
extern int restartany; /* restart output on any character state */
#ifdef DIAGNOSTICS
extern int diagnostic; /* telnet diagnostic capabilities */
#endif /* DIAGNOSTICS */
extern int require_otp;
#ifdef AUTHENTICATION
extern int auth_level;
#endif
extern const char *new_login;
extern slcfun slctab[NSLC + 1]; /* slc mapping table */
extern char *terminaltype;
/*
* I/O data buffers, pointers, and counters.
*/
extern char ptyobuf[BUFSIZ+NETSLOP], *pfrontp, *pbackp;
extern char netibuf[BUFSIZ], *netip;
extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp;
extern char *neturg; /* one past last bye of urgent data */
extern int pcc, ncc;
extern int ourpty, net;
extern char *line;
extern int SYNCHing; /* we are in TELNET SYNCH mode */
int telnet_net_write (unsigned char *str, int len);
void net_encrypt (void);
int telnet_spin (void);
char *telnet_getenv (char *val);
char *telnet_gets (char *prompt, char *result, int length, int echo);
void get_slc_defaults (void);
void telrcv (void);
void send_do (int option, int init);
void willoption (int option);
void send_dont (int option, int init);
void wontoption (int option);
void send_will (int option, int init);
void dooption (int option);
void send_wont (int option, int init);
void dontoption (int option);
void suboption (void);
void doclientstat (void);
void send_status (void);
void init_termbuf (void);
void set_termbuf (void);
int spcset (int func, cc_t *valp, cc_t **valpp);
void set_utid (void);
int getpty (int *ptynum);
int tty_isecho (void);
int tty_flowmode (void);
int tty_restartany (void);
void tty_setecho (int on);
int tty_israw (void);
void tty_binaryin (int on);
void tty_binaryout (int on);
int tty_isbinaryin (void);
int tty_isbinaryout (void);
int tty_issofttab (void);
void tty_setsofttab (int on);
int tty_islitecho (void);
void tty_setlitecho (int on);
int tty_iscrnl (void);
void tty_tspeed (int val);
void tty_rspeed (int val);
void getptyslave (void);
int cleanopen (char *line);
void startslave (char *host, int autologin, char *autoname);
void init_env (void);
void start_login (char *host, int autologin, char *name);
void cleanup (int sig);
int main (int argc, char **argv);
int getterminaltype (char *name, size_t);
void _gettermname (void);
int terminaltypeok (char *s);
void my_telnet (int f, int p, char*, int, char*);
void interrupt (void);
void sendbrk (void);
void sendsusp (void);
void recv_ayt (void);
void doeof (void);
void flowstat (void);
void clientstat (int code, int parm1, int parm2);
int ttloop (void);
int stilloob (int s);
void ptyflush (void);
char *nextitem (char *current);
void netclear (void);
void netflush (void);
void writenet (unsigned char *ptr, int len);
void fatal (int f, char *msg);
void fatalperror (int f, const char *msg);
void edithost (char *pat, char *host);
void putstr (char *s);
void putchr (int cc);
void putf (char *cp, char *where);
void printoption (char *fmt, int option);
void printsub (int direction, unsigned char *pointer, int length);
void printdata (char *tag, char *ptr, int cnt);
int login_tty(int t);
#ifdef ENCRYPTION
extern void (*encrypt_output) (unsigned char *, int);
extern int (*decrypt_input) (int);
extern char *nclearto;
#endif
/*
* The following are some clocks used to decide how to interpret
* the relationship between various variables.
*/
struct clocks_t{
int
system, /* what the current time is */
echotoggle, /* last time user entered echo character */
modenegotiated, /* last time operating mode negotiated */
didnetreceive, /* last time we read data from network */
ttypesubopt, /* ttype subopt is received */
tspeedsubopt, /* tspeed subopt is received */
environsubopt, /* environ subopt is received */
oenvironsubopt, /* old environ subopt is received */
xdisplocsubopt, /* xdisploc subopt is received */
baseline, /* time started to do timed action */
gotDM; /* when did we last see a data mark */
};
extern struct clocks_t clocks;
extern int log_unauth;
extern int no_warn;
#ifdef STREAMSPTY
extern int really_stream;
#endif
#ifndef USE_IM
# ifdef CRAY
# define USE_IM "Cray UNICOS (%h) (%t)"
# endif
# ifdef _AIX
# define USE_IM "%s %v.%r (%h) (%t)"
# endif
# ifndef USE_IM
# define USE_IM "%s %r (%h) (%t)"
# endif
#endif
#define DEFAULT_IM "\r\n\r\n" USE_IM "\r\n\r\n\r\n"
#endif /* __EXT_H__ */

107
crypto/heimdal/appl/telnet/telnetd/global.c Normal file
View File

@ -0,0 +1,107 @@
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* a *lot* of ugly global definitions that really should be removed...
*/
#include "telnetd.h"
RCSID("$Id: global.c,v 1.12 1997/05/11 06:29:59 assar Exp $");
/*
* Telnet server variable declarations
*/
char options[256];
char do_dont_resp[256];
char will_wont_resp[256];
int linemode; /* linemode on/off */
int flowmode; /* current flow control state */
int restartany; /* restart output on any character state */
#ifdef DIAGNOSTICS
int diagnostic; /* telnet diagnostic capabilities */
#endif /* DIAGNOSTICS */
int require_otp;
slcfun slctab[NSLC + 1]; /* slc mapping table */
char *terminaltype;
/*
* I/O data buffers, pointers, and counters.
*/
char ptyobuf[BUFSIZ+NETSLOP], *pfrontp, *pbackp;
char netibuf[BUFSIZ], *netip;
char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp;
char *neturg; /* one past last bye of urgent data */
int pcc, ncc;
int ourpty, net;
int SYNCHing; /* we are in TELNET SYNCH mode */
/*
* The following are some clocks used to decide how to interpret
* the relationship between various variables.
*/
struct clocks_t clocks;
/* whether to log unauthenticated login attempts */
int log_unauth;
/* do not print warning if connection is not encrypted */
int no_warn;
/*
* This function appends data to nfrontp and advances nfrontp.
*/
int
output_data (const char *format, ...)
{
va_list args;
size_t remaining, ret;
va_start(args, format);
remaining = BUFSIZ - (nfrontp - netobuf);
ret = vsnprintf (nfrontp,
remaining,
format,
args);
nfrontp += ret;
va_end(args);
return ret;
}

57
crypto/heimdal/appl/telnet/telnetd/slc.c Normal file
View File

@ -0,0 +1,57 @@
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnetd.h"
RCSID("$Id: slc.c,v 1.10 1997/05/11 06:30:00 assar Exp $");
/*
* get_slc_defaults
*
* Initialize the slc mapping table.
*/
void
get_slc_defaults(void)
{
int i;
init_termbuf();
for (i = 1; i <= NSLC; i++) {
slctab[i].defset.flag =
spcset(i, &slctab[i].defset.val, &slctab[i].sptr);
slctab[i].current.flag = SLC_NOSUPPORT;
slctab[i].current.val = 0;
}
}

1356
crypto/heimdal/appl/telnet/telnetd/state.c Normal file
View File

File diff suppressed because it is too large Load Diff

1867
crypto/heimdal/appl/telnet/telnetd/sys_term.c Normal file
View File

File diff suppressed because it is too large Load Diff

529
crypto/heimdal/appl/telnet/telnetd/telnetd.8 Normal file
View File

@ -0,0 +1,529 @@
.\" Copyright (c) 1983, 1993
.\" The Regents of the University of California. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by the University of
.\" California, Berkeley and its contributors.
.\" 4. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)telnetd.8 8.4 (Berkeley) 6/1/94
.\"
.Dd June 1, 1994
.Dt TELNETD 8
.Os BSD 4.2
.Sh NAME
.Nm telnetd
.Nd DARPA
.Tn TELNET
protocol server
.Sh SYNOPSIS
.Nm telnetd
.Op Fl BUhkln
.Op Fl D Ar debugmode
.Op Fl S Ar tos
.Op Fl X Ar authtype
.Op Fl a Ar authmode
.Op Fl r Ns Ar lowpty-highpty
.Op Fl u Ar len
.Op Fl debug
.Op Fl L Ar /bin/login
.Op Ar port
.Sh DESCRIPTION
The
.Nm telnetd
command is a server which supports the
.Tn DARPA
standard
.Tn TELNET
virtual terminal protocol.
.Nm Telnetd
is normally invoked by the internet server (see
.Xr inetd 8 )
for requests to connect to the
.Tn TELNET
port as indicated by the
.Pa /etc/services
file (see
.Xr services 5 ) .
The
.Fl debug
option may be used to start up
.Nm telnetd
manually, instead of through
.Xr inetd 8 .
If started up this way,
.Ar port
may be specified to run
.Nm telnetd
on an alternate
.Tn TCP
port number.
.Pp
The
.Nm telnetd
command accepts the following options:
.Bl -tag -width "-a authmode"
.It Fl a Ar authmode
This option may be used for specifying what mode should
be used for authentication.
Note that this option is only useful if
.Nm telnetd
has been compiled with support for the
.Dv AUTHENTICATION
option.
There are several valid values for
.Ar authmode:
.Bl -tag -width debug
.It debug
Turns on authentication debugging code.
.It user
Only allow connections when the remote user
can provide valid authentication information
to identify the remote user,
and is allowed access to the specified account
without providing a password.
.It valid
Only allow connections when the remote user
can provide valid authentication information
to identify the remote user.
The
.Xr login 1
command will provide any additional user verification
needed if the remote user is not allowed automatic
access to the specified account.
.It other
Only allow connections that supply some authentication information.
This option is currently not supported
by any of the existing authentication mechanisms,
and is thus the same as specifying
.Fl a
.Cm valid .
.It otp
Only allow authenticated connections (as with
.Fl a
.Cm user )
and also logins with one-time passwords (OTPs). This option will call
login with an option so that only OTPs are accepted. The user can of
course still type secret information at the prompt.
.It none
This is the default state.
Authentication information is not required.
If no or insufficient authentication information
is provided, then the
.Xr login 1
program will provide the necessary user
verification.
.It off
This disables the authentication code.
All user verification will happen through the
.Xr login 1
program.
.El
.It Fl B
Ignored.
.It Fl D Ar debugmode
This option may be used for debugging purposes.
This allows
.Nm telnetd
to print out debugging information
to the connection, allowing the user to see what
.Nm telnetd
is doing.
There are several possible values for
.Ar debugmode:
.Bl -tag -width exercise
.It Cm options
Prints information about the negotiation of
.Tn TELNET
options.
.It Cm report
Prints the
.Cm options
information, plus some additional information
about what processing is going on.
.It Cm netdata
Displays the data stream received by
.Nm telnetd.
.It Cm ptydata
Displays data written to the pty.
.It Cm exercise
Has not been implemented yet.
.El
.It Fl h
Disables the printing of host-specific information before
login has been completed.
.It Fl k
.It Fl l
Ignored.
.It Fl n
Disable
.Dv TCP
keep-alives. Normally
.Nm telnetd
enables the
.Tn TCP
keep-alive mechanism to probe connections that
have been idle for some period of time to determine
if the client is still there, so that idle connections
from machines that have crashed or can no longer
be reached may be cleaned up.
.It Fl r Ar lowpty-highpty
This option is only enabled when
.Nm telnetd
is compiled for
.Dv UNICOS.
It specifies an inclusive range of pseudo-terminal devices to
use. If the system has sysconf variable
.Dv _SC_CRAY_NPTY
configured, the default pty search range is 0 to
.Dv _SC_CRAY_NPTY;
otherwise, the default range is 0 to 128. Either
.Ar lowpty
or
.Ar highpty
may be omitted to allow changing
either end of the search range. If
.Ar lowpty
is omitted, the - character is still required so that
.Nm telnetd
can differentiate
.Ar highpty
from
.Ar lowpty .
.It Fl S Ar tos
.It Fl u Ar len
This option is used to specify the size of the field
in the
.Dv utmp
structure that holds the remote host name.
If the resolved host name is longer than
.Ar len ,
the dotted decimal value will be used instead.
This allows hosts with very long host names that
overflow this field to still be uniquely identified.
Specifying
.Fl u0
indicates that only dotted decimal addresses
should be put into the
.Pa utmp
file.
.ne 1i
.It Fl U
This option causes
.Nm telnetd
to refuse connections from addresses that
cannot be mapped back into a symbolic name
via the
.Xr gethostbyaddr 3
routine.
.It Fl X Ar authtype
This option is only valid if
.Nm telnetd
has been built with support for the authentication option.
It disables the use of
.Ar authtype
authentication, and
can be used to temporarily disable
a specific authentication type without having to recompile
.Nm telnetd .
.It Fl L pathname
Specify pathname to an alternative login program.
.El
.Pp
.Nm Telnetd
operates by allocating a pseudo-terminal device (see
.Xr pty 4 )
for a client, then creating a login process which has
the slave side of the pseudo-terminal as
.Dv stdin ,
.Dv stdout
and
.Dv stderr .
.Nm Telnetd
manipulates the master side of the pseudo-terminal,
implementing the
.Tn TELNET
protocol and passing characters
between the remote client and the login process.
.Pp
When a
.Tn TELNET
session is started up,
.Nm telnetd
sends
.Tn TELNET
options to the client side indicating
a willingness to do the
following
.Tn TELNET
options, which are described in more detail below:
.Bd -literal -offset indent
DO AUTHENTICATION
WILL ENCRYPT
DO TERMINAL TYPE
DO TSPEED
DO XDISPLOC
DO NEW-ENVIRON
DO ENVIRON
WILL SUPPRESS GO AHEAD
DO ECHO
DO LINEMODE
DO NAWS
WILL STATUS
DO LFLOW
DO TIMING-MARK
.Ed
.Pp
The pseudo-terminal allocated to the client is configured
to operate in \*(lqcooked\*(rq mode, and with
.Dv XTABS and
.Dv CRMOD
enabled (see
.Xr tty 4 ) .
.Pp
.Nm Telnetd
has support for enabling locally the following
.Tn TELNET
options:
.Bl -tag -width "DO AUTHENTICATION"
.It "WILL ECHO"
When the
.Dv LINEMODE
option is enabled, a
.Dv WILL ECHO
or
.Dv WONT ECHO
will be sent to the client to indicate the
current state of terminal echoing.
When terminal echo is not desired, a
.Dv WILL ECHO
is sent to indicate that
.Tn telnetd
will take care of echoing any data that needs to be
echoed to the terminal, and then nothing is echoed.
When terminal echo is desired, a
.Dv WONT ECHO
is sent to indicate that
.Tn telnetd
will not be doing any terminal echoing, so the
client should do any terminal echoing that is needed.
.It "WILL BINARY"
Indicates that the client is willing to send a
8 bits of data, rather than the normal 7 bits
of the Network Virtual Terminal.
.It "WILL SGA"
Indicates that it will not be sending
.Dv IAC GA,
go ahead, commands.
.It "WILL STATUS"
Indicates a willingness to send the client, upon
request, of the current status of all
.Tn TELNET
options.
.It "WILL TIMING-MARK"
Whenever a
.Dv DO TIMING-MARK
command is received, it is always responded
to with a
.Dv WILL TIMING-MARK
.ne 1i
.It "WILL LOGOUT"
When a
.Dv DO LOGOUT
is received, a
.Dv WILL LOGOUT
is sent in response, and the
.Tn TELNET
session is shut down.
.It "WILL ENCRYPT"
Only sent if
.Nm telnetd
is compiled with support for data encryption, and
indicates a willingness to decrypt
the data stream.
.El
.Pp
.Nm Telnetd
has support for enabling remotely the following
.Tn TELNET
options:
.Bl -tag -width "DO AUTHENTICATION"
.It "DO BINARY"
Sent to indicate that
.Tn telnetd
is willing to receive an 8 bit data stream.
.It "DO LFLOW"
Requests that the client handle flow control
characters remotely.
.It "DO ECHO"
This is not really supported, but is sent to identify a 4.2BSD
.Xr telnet 1
client, which will improperly respond with
.Dv WILL ECHO.
If a
.Dv WILL ECHO
is received, a
.Dv DONT ECHO
will be sent in response.
.It "DO TERMINAL-TYPE"
Indicates a desire to be able to request the
name of the type of terminal that is attached
to the client side of the connection.
.It "DO SGA"
Indicates that it does not need to receive
.Dv IAC GA,
the go ahead command.
.It "DO NAWS"
Requests that the client inform the server when
the window (display) size changes.
.It "DO TERMINAL-SPEED"
Indicates a desire to be able to request information
about the speed of the serial line to which
the client is attached.
.It "DO XDISPLOC"
Indicates a desire to be able to request the name
of the X windows display that is associated with
the telnet client.
.It "DO NEW-ENVIRON"
Indicates a desire to be able to request environment
variable information, as described in RFC 1572.
.It "DO ENVIRON"
Indicates a desire to be able to request environment
variable information, as described in RFC 1408.
.It "DO LINEMODE"
Only sent if
.Nm telnetd
is compiled with support for linemode, and
requests that the client do line by line processing.
.It "DO TIMING-MARK"
Only sent if
.Nm telnetd
is compiled with support for both linemode and
kludge linemode, and the client responded with
.Dv WONT LINEMODE.
If the client responds with
.Dv WILL TM,
the it is assumed that the client supports
kludge linemode.
Note that the
.Op Fl k
option can be used to disable this.
.It "DO AUTHENTICATION"
Only sent if
.Nm telnetd
is compiled with support for authentication, and
indicates a willingness to receive authentication
information for automatic login.
.It "DO ENCRYPT"
Only sent if
.Nm telnetd
is compiled with support for data encryption, and
indicates a willingness to decrypt
the data stream.
.El
.Sh ENVIRONMENT
.Sh FILES
.Pa /etc/services
.br
.Pa /etc/inittab
(UNICOS systems only)
.br
.Pa /etc/iptos
(if supported)
.br
.Sh "SEE ALSO"
.Xr telnet 1 ,
.Xr login 1
.Sh STANDARDS
.Bl -tag -compact -width RFC-1572
.It Cm RFC-854
.Tn TELNET
PROTOCOL SPECIFICATION
.It Cm RFC-855
TELNET OPTION SPECIFICATIONS
.It Cm RFC-856
TELNET BINARY TRANSMISSION
.It Cm RFC-857
TELNET ECHO OPTION
.It Cm RFC-858
TELNET SUPPRESS GO AHEAD OPTION
.It Cm RFC-859
TELNET STATUS OPTION
.It Cm RFC-860
TELNET TIMING MARK OPTION
.It Cm RFC-861
TELNET EXTENDED OPTIONS - LIST OPTION
.It Cm RFC-885
TELNET END OF RECORD OPTION
.It Cm RFC-1073
Telnet Window Size Option
.It Cm RFC-1079
Telnet Terminal Speed Option
.It Cm RFC-1091
Telnet Terminal-Type Option
.It Cm RFC-1096
Telnet X Display Location Option
.It Cm RFC-1123
Requirements for Internet Hosts -- Application and Support
.It Cm RFC-1184
Telnet Linemode Option
.It Cm RFC-1372
Telnet Remote Flow Control Option
.It Cm RFC-1416
Telnet Authentication Option
.It Cm RFC-1411
Telnet Authentication: Kerberos Version 4
.It Cm RFC-1412
Telnet Authentication: SPX
.It Cm RFC-1571
Telnet Environment Option Interoperability Issues
.It Cm RFC-1572
Telnet Environment Option
.El
.Sh BUGS
Some
.Tn TELNET
commands are only partially implemented.
.Pp
Because of bugs in the original 4.2 BSD
.Xr telnet 1 ,
.Nm telnetd
performs some dubious protocol exchanges to try to discover if the remote
client is, in fact, a 4.2 BSD
.Xr telnet 1 .
.Pp
Binary mode
has no common interpretation except between similar operating systems
(Unix in this case).
.Pp
The terminal type name received from the remote client is converted to
lower case.
.Pp
.Nm Telnetd
never sends
.Tn TELNET
.Dv IAC GA
(go ahead) commands.

1355
crypto/heimdal/appl/telnet/telnetd/telnetd.c Normal file
View File

File diff suppressed because it is too large Load Diff

224
crypto/heimdal/appl/telnet/telnetd/telnetd.h Normal file
View File

@ -0,0 +1,224 @@
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)telnetd.h 8.1 (Berkeley) 6/4/93
*/
#include <config.h>
#include <stdio.h>
#include <stdarg.h>
#include <stdlib.h>
#include <string.h>
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef TIME_WITH_SYS_TIME
#include <sys/time.h>
#include <time.h>
#elif defined(HAVE_SYS_TIME_H)
#include <sys/time.h>
#else
#include <time.h>
#endif
#ifdef HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#endif /* HAVE_SYS_RESOURCE_H */
#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_SYS_FILE_H
#include <sys/file.h>
#endif
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
/* including both <sys/ioctl.h> and <termios.h> in SunOS 4 generates a
lot of warnings */
#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40
#include <sys/ioctl.h>
#endif
#ifdef HAVE_SYS_FILIO_H
#include <sys/filio.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
#ifdef HAVE_NETINET6_IN6_H
#include <netinet6/in6.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <signal.h>
#include <errno.h>
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif
#ifdef HAVE_SYSLOG_H
#include <syslog.h>
#endif
#include <ctype.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <termios.h>
#ifdef HAVE_PTY_H
#include <pty.h>
#endif
#include "defs.h"
#ifdef HAVE_ARPA_TELNET_H
#include <arpa/telnet.h>
#endif
#ifndef _POSIX_VDISABLE
# ifdef VDISABLE
# define _POSIX_VDISABLE VDISABLE
# else
# define _POSIX_VDISABLE ((unsigned char)'\377')
# endif
#endif
#ifdef HAVE_SYS_PTY_H
#include <sys/pty.h>
#endif
#ifdef HAVE_SYS_SELECT_H
#include <sys/select.h>
#endif
#ifdef HAVE_SYS_PTYIO_H
#include <sys/ptyio.h>
#endif
#ifdef HAVE_SYS_UTSNAME_H
#include <sys/utsname.h>
#endif
#include "ext.h"
#ifdef HAVE_PATHS_H
#include <paths.h>
#endif
#ifdef SOCKS
#include <socks.h>
/* This doesn't belong here. */
struct tm *localtime(const time_t *);
struct hostent *gethostbyname(const char *);
#endif
#ifdef KRB4
#include <des.h>
#include <krb.h>
#endif
#ifdef AUTHENTICATION
#include <libtelnet/auth.h>
#include <libtelnet/misc.h>
#ifdef ENCRYPTION
#include <libtelnet/encrypt.h>
#endif
#endif
#ifdef HAVE_LIBUTIL_H
#include <libutil.h>
#endif
#include <roken.h>
/* Don't use the system login, use our version instead */
/* BINDIR should be defined somewhere else... */
#ifndef BINDIR
#define BINDIR "/usr/athena/bin"
#endif
#undef _PATH_LOGIN
#define _PATH_LOGIN BINDIR "/login"
/* fallbacks */
#ifndef _PATH_DEV
#define _PATH_DEV "/dev/"
#endif
#ifndef _PATH_TTY
#define _PATH_TTY "/dev/tty"
#endif /* _PATH_TTY */
#ifdef DIAGNOSTICS
#define DIAG(a,b) if (diagnostic & (a)) b
#else
#define DIAG(a,b)
#endif
/* other external variables */
extern char **environ;
/* prototypes */
/* appends data to nfrontp and advances */
int output_data (const char *format, ...)
#ifdef __GNUC__
__attribute__ ((format (printf, 1, 2)))
#endif
;

140
crypto/heimdal/appl/telnet/telnetd/termstat.c Normal file
View File

@ -0,0 +1,140 @@
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "telnetd.h"
RCSID("$Id: termstat.c,v 1.11 1997/05/11 06:30:04 assar Exp $");
/*
* local variables
*/
int def_tspeed = -1, def_rspeed = -1;
#ifdef TIOCSWINSZ
int def_row = 0, def_col = 0;
#endif
/*
* flowstat
*
* Check for changes to flow control
*/
void
flowstat()
{
if (his_state_is_will(TELOPT_LFLOW)) {
if (tty_flowmode() != flowmode) {
flowmode = tty_flowmode();
output_data("%c%c%c%c%c%c",
IAC, SB, TELOPT_LFLOW,
flowmode ? LFLOW_ON : LFLOW_OFF,
IAC, SE);
}
if (tty_restartany() != restartany) {
restartany = tty_restartany();
output_data("%c%c%c%c%c%c",
IAC, SB, TELOPT_LFLOW,
restartany ? LFLOW_RESTART_ANY
: LFLOW_RESTART_XON,
IAC, SE);
}
}
}
/*
* clientstat
*
* Process linemode related requests from the client.
* Client can request a change to only one of linemode, editmode or slc's
* at a time, and if using kludge linemode, then only linemode may be
* affected.
*/
void
clientstat(int code, int parm1, int parm2)
{
void netflush();
/*
* Get a copy of terminal characteristics.
*/
init_termbuf();
/*
* Process request from client. code tells what it is.
*/
switch (code) {
case TELOPT_NAWS:
#ifdef TIOCSWINSZ
{
struct winsize ws;
def_col = parm1;
def_row = parm2;
/*
* Change window size as requested by client.
*/
ws.ws_col = parm1;
ws.ws_row = parm2;
ioctl(ourpty, TIOCSWINSZ, (char *)&ws);
}
#endif /* TIOCSWINSZ */
break;
case TELOPT_TSPEED:
{
def_tspeed = parm1;
def_rspeed = parm2;
/*
* Change terminal speed as requested by client.
* We set the receive speed first, so that if we can't
* store seperate receive and transmit speeds, the transmit
* speed will take precedence.
*/
tty_rspeed(parm2);
tty_tspeed(parm1);
set_termbuf();
break;
} /* end of case TELOPT_TSPEED */
default:
/* What? */
break;
} /* end of switch */
netflush();
}

1162
crypto/heimdal/appl/telnet/telnetd/utility.c Normal file
View File

File diff suppressed because it is too large Load Diff

1360
crypto/heimdal/configure vendored
View File

File diff suppressed because it is too large Load Diff

17
crypto/heimdal/configure.in
View File

@ -1,9 +1,9 @@
dnl Process this file with autoconf to produce a configure script.
AC_REVISION($Revision: 1.215 $)
AC_REVISION($Revision: 1.216 $)
AC_INIT(lib/krb5/send_to_kdc.c)
AM_CONFIG_HEADER(include/config.h)
AM_INIT_AUTOMAKE(heimdal,0.2m)
AM_INIT_AUTOMAKE(heimdal,0.2n)
AC_PREFIX_DEFAULT(/usr/heimdal)
@ -235,6 +235,7 @@ AC_TYPE_PID_T
AC_TYPE_UID_T
AC_CHECK_TYPE_EXTRA(mode_t, unsigned short, [])
AC_CHECK_TYPE_EXTRA(sig_atomic_t, int, [#include <signal.h>])
AC_HAVE_TYPE([long long])
AC_HEADER_TIME
AC_STRUCT_TM
@ -759,6 +760,18 @@ AC_HAVE_STRUCT_FIELD(struct sockaddr, sa_len, [#include <sys/types.h>
AC_GROK_TYPES(int8_t int16_t int32_t int64_t)
AC_GROK_TYPES(u_int8_t u_int16_t u_int32_t u_int64_t)
dnl
dnl crypto functions tests
dnl
AC_FIND_FUNC_NO_LIBS(MD4Init, crypto)
AC_FIND_FUNC_NO_LIBS(MD4_Init, crypto)
AC_FIND_FUNC_NO_LIBS(MD5Init, crypto)
AC_FIND_FUNC_NO_LIBS(MD5_Init, crypto)
AC_FIND_FUNC_NO_LIBS(SHA1Init, crypto)
AC_FIND_FUNC_NO_LIBS(SHA1_Init, crypto)
AC_FIND_FUNC_NO_LIBS(des_cbc_encrypt, crypto des)
dnl
dnl Tests for editline
dnl

8
crypto/heimdal/doc/kerberos4.texi
View File

@ -172,12 +172,8 @@ clients do send the password, so it's possible to to password quality
checks). Because of this you can only create principals with des keys,
and you can't set any flags or do any other fancy stuff.
To get this to work, you have to create a @samp{changepw/kerberos}
principal (if you are converting a version 4 data you should have this
principal), and add it to the keytab the @samp{kadmind} is using. You
then have to add another entry to inetd (since version 4 uses port 751,
not 749).
To get this to work, you have to add another entry to inetd (since
version 4 uses port 751, not 749).
@emph{And then there are a many more things you can do; more on this in
a later version of this manual. Until then, UTSL.}

9
crypto/heimdal/doc/win2k.texi
View File

@ -24,10 +24,11 @@ our not so inspired guesses. Hopefully it's still somewhat useful.
Windows 2000 supports both the standard DES encryptions (des-cbc-crc and
des-cbc-md5) and its own proprietary encryption that is based on md4 and
rc4 and which you cannot get hold of how it works with a NDA. To enable
a given principal to use DES, it needs to have DES keys in the database.
To do this, you need to enable DES keys for the particular principal
with the user administration tool and then change the password.
rc4 and which is supposed to be described in
draft-brezak-win2k-krb-rc4-hmac-01.txt. To enable a given principal to
use DES, it needs to have DES keys in the database. To do this, you
need to enable DES keys for the particular principal with the user
administration tool and then change the password.
@node Authorization data, , Encryption types, Windows 2000 compatability
@comment node-name, next, previous, up

30
crypto/heimdal/include/config.h.in
View File

@ -39,6 +39,24 @@
/* Define if lex declares yytext as a char * by default, not a char[]. */
#undef YYTEXT_POINTER
/* Define if you have the MD4Init function. */
#undef HAVE_MD4INIT
/* Define if you have the MD4_Init function. */
#undef HAVE_MD4_INIT
/* Define if you have the MD5Init function. */
#undef HAVE_MD5INIT
/* Define if you have the MD5_Init function. */
#undef HAVE_MD5_INIT
/* Define if you have the SHA1Init function. */
#undef HAVE_SHA1INIT
/* Define if you have the SHA1_Init function. */
#undef HAVE_SHA1_INIT
/* Define if you have the XauFileName function. */
#undef HAVE_XAUFILENAME
@ -84,6 +102,9 @@
/* Define if you have the dbopen function. */
#undef HAVE_DBOPEN
/* Define if you have the des_cbc_encrypt function. */
#undef HAVE_DES_CBC_ENCRYPT
/* Define if you have the dlopen function. */
#undef HAVE_DLOPEN
@ -225,6 +246,9 @@
/* Define if you have the logwtmp function. */
#undef HAVE_LOGWTMP
/* Define if you have the long_long function. */
#undef HAVE_LONG_LONG
/* Define if you have the lstat function. */
#undef HAVE_LSTAT
@ -750,9 +774,15 @@
/* Define if you have the crypt library (-lcrypt). */
#undef HAVE_LIBCRYPT
/* Define if you have the crypto library (-lcrypto). */
#undef HAVE_LIBCRYPTO
/* Define if you have the curses library (-lcurses). */
#undef HAVE_LIBCURSES
/* Define if you have the des library (-ldes). */
#undef HAVE_LIBDES
/* Define if you have the dl library (-ldl). */
#undef HAVE_LIBDL

5
crypto/heimdal/kadmin/ChangeLog
View File

@ -1,3 +1,8 @@
2000-01-25 Assar Westerlund <assar@sics.se>
* load.c: checking all parsing for errors and all memory
allocations also
2000-01-02 Assar Westerlund <assar@sics.se>
* server.c: check initial flag in ticket and allow users to change

6
crypto/heimdal/kadmin/kadmin.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -34,7 +34,7 @@
#include "kadmin_locl.h"
#include <sl.h>
RCSID("$Id: kadmin.c,v 1.26 1999/12/02 17:04:58 joda Exp $");
RCSID("$Id: kadmin.c,v 1.27 2000/01/31 23:51:52 assar Exp $");
static char *config_file;
static char *keyfile;
@ -67,7 +67,7 @@ static struct getargs args[] = {
},
{
"server-port", 's', arg_integer, &server_port,
"server to contact", "port number"
"port to use", "port number"
},
{ "local", 'l', arg_flag, &local_flag, "local admin mode" },
{ "help", 'h', arg_flag, &help_flag },

5
crypto/heimdal/kadmin/kadmin_locl.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -32,7 +32,7 @@
*/
/*
* $Id: kadmin_locl.h,v 1.24 1999/12/02 17:04:58 joda Exp $
* $Id: kadmin_locl.h,v 1.25 2000/02/06 05:16:35 assar Exp $
*/
#ifndef __ADMIN_LOCL_H__
@ -73,6 +73,7 @@
#endif
#include <err.h>
#include <roken.h>
#include <des.h>
#include <krb5.h>
#include <hdb.h>
#include <hdb_err.h>

292
crypto/heimdal/kadmin/load.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -34,9 +34,9 @@
#include "kadmin_locl.h"
#include <kadm5/private.h>
RCSID("$Id: load.c,v 1.34 1999/12/02 17:04:58 joda Exp $");
RCSID("$Id: load.c,v 1.35 2000/01/25 22:59:27 assar Exp $");
struct entry{
struct entry {
char *principal;
char *key;
char *max_life;
@ -56,52 +56,108 @@ skip_next(char *p)
while(*p && !isspace((unsigned char)*p))
p++;
*p++ = 0;
while(*p && isspace((unsigned char)*p)) p++;
while(*p && isspace((unsigned char)*p))
p++;
return p;
}
static time_t*
parse_time_string(time_t *t, char *s)
/*
* Parse the time in `s', returning:
* -1 if error parsing
* 0 if none present
* 1 if parsed ok
*/
static int
parse_time_string(time_t *t, const char *s)
{
int year, month, date, hour, minute, second;
struct tm tm;
if(strcmp(s, "-") == 0)
return NULL;
if(t == NULL)
t = malloc(sizeof(*t));
sscanf(s, "%04d%02d%02d%02d%02d%02d",
&year, &month, &date, &hour, &minute, &second);
tm.tm_year = year - 1900;
tm.tm_mon = month - 1;
tm.tm_mday = date;
tm.tm_hour = hour;
tm.tm_min = minute;
tm.tm_sec = second;
return 0;
if(sscanf(s, "%04d%02d%02d%02d%02d%02d",
&year, &month, &date, &hour, &minute, &second) != 6)
return -1;
tm.tm_year = year - 1900;
tm.tm_mon = month - 1;
tm.tm_mday = date;
tm.tm_hour = hour;
tm.tm_min = minute;
tm.tm_sec = second;
tm.tm_isdst = 0;
*t = timegm(&tm);
return t;
return 1;
}
static unsigned*
parse_integer(unsigned *u, char *s)
/*
* parse time, allocating space in *t if it's there
*/
static int
parse_time_string_alloc (time_t **t, const char *s)
{
time_t tmp;
int ret;
*t = NULL;
ret = parse_time_string (&tmp, s);
if (ret == 1) {
*t = malloc (sizeof (**t));
if (*t == NULL)
krb5_errx (context, 1, "malloc: out of memory");
**t = tmp;
}
return ret;
}
/*
* see parse_time_string for calling convention
*/
static int
parse_integer(unsigned *u, const char *s)
{
if(strcmp(s, "-") == 0)
return NULL;
if(u == NULL)
u = malloc(sizeof(*u));
sscanf(s, "%u", u);
return u;
return 0;
if (sscanf(s, "%u", u) != 1)
return -1;
return 1;
}
static void
static int
parse_integer_alloc (int **u, const char *s)
{
unsigned tmp;
int ret;
*u = NULL;
ret = parse_integer (&tmp, s);
if (ret == 1) {
*u = malloc (sizeof (**u));
if (*u == NULL)
krb5_errx (context, 1, "malloc: out of memory");
**u = tmp;
}
return ret;
}
/*
* Parse dumped keys in `str' and store them in `ent'
* return -1 if parsing failed
*/
static int
parse_keys(hdb_entry *ent, char *str)
{
krb5_error_code ret;
int tmp;
char *p;
int i;
p = strsep(&str, ":");
sscanf(p, "%d", &tmp);
if (sscanf(p, "%d", &tmp) != 1)
return 1;
ent->kvno = tmp;
p = strsep(&str, ":");
while(p){
@ -109,7 +165,7 @@ parse_keys(hdb_entry *ent, char *str)
key = realloc(ent->keys.val,
(ent->keys.len + 1) * sizeof(*ent->keys.val));
if(key == NULL)
abort();
krb5_errx (context, 1, "realloc: out of memory");
ent->keys.val = key;
key = ent->keys.val + ent->keys.len;
ent->keys.len++;
@ -120,37 +176,49 @@ parse_keys(hdb_entry *ent, char *str)
} else
key->mkvno = NULL;
p = strsep(&str, ":");
sscanf(p, "%d", &tmp);
if (sscanf(p, "%d", &tmp) != 1)
return 1;
key->key.keytype = tmp;
p = strsep(&str, ":");
krb5_data_alloc(&key->key.keyvalue, (strlen(p) - 1) / 2 + 1);
for(i = 0; i < strlen(p); i += 2){
sscanf(p + i, "%02x", &tmp);
ret = krb5_data_alloc(&key->key.keyvalue, (strlen(p) - 1) / 2 + 1);
if (ret)
krb5_err (context, 1, ret, "krb5_data_alloc");
for(i = 0; i < strlen(p); i += 2) {
if(sscanf(p + i, "%02x", &tmp) != 1)
return 1;
((u_char*)key->key.keyvalue.data)[i / 2] = tmp;
}
p = strsep(&str, ":");
if(strcmp(p, "-") != 0){
unsigned type;
size_t p_len;
if(sscanf(p, "%u/", &type) != 1){
abort ();
}
if(sscanf(p, "%u/", &type) != 1)
return 1;
p = strchr(p, '/');
if(p == NULL)
abort ();
return 1;
p++;
p_len = strlen(p);
key->salt = malloc(sizeof(*key->salt));
if (key->salt == NULL)
krb5_errx (context, 1, "malloc: out of memory");
key->salt->type = type;
if (p_len) {
if(*p == '\"'){
krb5_data_copy(&key->salt->salt, p + 1, p_len - 2);
}else{
krb5_data_alloc(&key->salt->salt, (p_len - 1) / 2 + 1);
if(*p == '\"') {
ret = krb5_data_copy(&key->salt->salt, p + 1, p_len - 2);
if (ret)
krb5_err (context, 1, ret, "krb5_data_copy");
} else {
ret = krb5_data_alloc(&key->salt->salt,
(p_len - 1) / 2 + 1);
if (ret)
krb5_err (context, 1, ret, "krb5_data_alloc");
for(i = 0; i < p_len; i += 2){
sscanf(p + i, "%02x", &tmp);
if (sscanf(p + i, "%02x", &tmp) != 1)
return 1;
((u_char*)key->salt->salt.data)[i / 2] = tmp;
}
}
@ -159,31 +227,59 @@ parse_keys(hdb_entry *ent, char *str)
}
p = strsep(&str, ":");
}
return 0;
}
static Event*
parse_event(Event *ev, char *str)
/*
* see parse_time_string for calling convention
*/
static int
parse_event(Event *ev, char *s)
{
krb5_error_code ret;
char *p;
if(strcmp(str, "-") == 0)
return NULL;
if(ev == NULL)
ev = malloc(sizeof(*ev));
if(strcmp(s, "-") == 0)
return 0;
memset(ev, 0, sizeof(*ev));
p = strsep(&str, ":");
parse_time_string(&ev->time, p);
p = strsep(&str, ":");
krb5_parse_name(context, p, &ev->principal);
return ev;
p = strsep(&s, ":");
if(parse_time_string(&ev->time, p) != 1)
return -1;
p = strsep(&s, ":");
ret = krb5_parse_name(context, p, &ev->principal);
if (ret)
return -1;
return 1;
}
static HDBFlags
parse_hdbflags2int(char *str)
static int
parse_event_alloc (Event **ev, char *s)
{
unsigned i;
parse_integer(&i, str);
Event tmp;
int ret;
return int2HDBFlags(i);
*ev = NULL;
ret = parse_event (&tmp, s);
if (ret == 1) {
*ev = malloc (sizeof (**ev));
if (*ev == NULL)
krb5_errx (context, 1, "malloc: out of memory");
**ev = tmp;
}
return ret;
}
static int
parse_hdbflags2int(HDBFlags *f, const char *s)
{
int ret;
unsigned tmp;
ret = parse_integer (&tmp, s);
if (ret == 1)
*f = int2HDBFlags (tmp);
return ret;
}
#if 0
@ -205,8 +301,13 @@ parse_etypes(char *str, unsigned **val, unsigned *len)
}
#endif
static void
doit(char *filename, int merge)
/*
* Parse the dump file in `filename' and create the database (merging
* iff merge)
*/
static int
doit(const char *filename, int merge)
{
krb5_error_code ret;
FILE *f;
@ -221,7 +322,7 @@ doit(char *filename, int merge)
f = fopen(filename, "r");
if(f == NULL){
krb5_warn(context, errno, "fopen(%s)", filename);
return;
return 1;
}
if(!merge)
flags |= O_CREAT | O_TRUNC;
@ -229,7 +330,7 @@ doit(char *filename, int merge)
if(ret){
krb5_warn(context, ret, "hdb_open");
fclose(f);
return;
return 1;
}
line = 0;
while(fgets(s, sizeof(s), f)){
@ -277,7 +378,7 @@ doit(char *filename, int merge)
memset(&ent, 0, sizeof(ent));
ret = krb5_parse_name(context, e.principal, &ent.principal);
if(ret){
if(ret) {
fprintf(stderr, "%s:%d:%s (%s)\n",
filename,
line,
@ -286,16 +387,64 @@ doit(char *filename, int merge)
continue;
}
parse_keys(&ent, e.key);
if (parse_keys(&ent, e.key)) {
fprintf (stderr, "%s:%d:error parsing keys (%s)\n",
filename, line, e.key);
hdb_free_entry (context, &ent);
continue;
}
parse_event(&ent.created_by, e.created);
ent.modified_by = parse_event(NULL, e.modified);
ent.valid_start = parse_time_string(NULL, e.valid_start);
ent.valid_end = parse_time_string(NULL, e.valid_end);
ent.pw_end = parse_time_string(NULL, e.pw_end);
ent.max_life = parse_integer(NULL, e.max_life);
ent.max_renew = parse_integer(NULL, e.max_renew);
ent.flags = parse_hdbflags2int(e.flags);
if (parse_event(&ent.created_by, e.created) == -1) {
fprintf (stderr, "%s:%d:error parsing created event (%s)\n",
filename, line, e.created);
hdb_free_entry (context, &ent);
continue;
}
if (parse_event_alloc (&ent.modified_by, e.modified) == -1) {
fprintf (stderr, "%s:%d:error parsing event (%s)\n",
filename, line, e.modified);
hdb_free_entry (context, &ent);
continue;
}
if (parse_time_string_alloc (&ent.valid_start, e.valid_start) == -1) {
fprintf (stderr, "%s:%d:error parsing time (%s)\n",
filename, line, e.valid_start);
hdb_free_entry (context, &ent);
continue;
}
if (parse_time_string_alloc (&ent.valid_end, e.valid_end) == -1) {
fprintf (stderr, "%s:%d:error parsing time (%s)\n",
filename, line, e.valid_end);
hdb_free_entry (context, &ent);
continue;
}
if (parse_time_string_alloc (&ent.pw_end, e.pw_end) == -1) {
fprintf (stderr, "%s:%d:error parsing time (%s)\n",
filename, line, e.pw_end);
hdb_free_entry (context, &ent);
continue;
}
if (parse_integer_alloc (&ent.max_life, e.max_life) == -1) {
fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n",
filename, line, e.max_life);
hdb_free_entry (context, &ent);
continue;
}
if (parse_integer_alloc (&ent.max_renew, e.max_renew) == -1) {
fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n",
filename, line, e.max_renew);
hdb_free_entry (context, &ent);
continue;
}
if (parse_hdbflags2int (&ent.flags, e.flags) != 0) {
fprintf (stderr, "%s:%d:error parsing flags (%s)\n",
filename, line, e.flags);
hdb_free_entry (context, &ent);
continue;
}
#if 0
ALLOC(ent.etypes);
parse_etypes(e.etypes, &ent.etypes->val, &ent.etypes->len);
@ -310,6 +459,7 @@ doit(char *filename, int merge)
}
db->close(context, db);
fclose(f);
return 0;
}
int

5
crypto/heimdal/kdc/headers.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -32,7 +32,7 @@
*/
/*
* $Id: headers.h,v 1.5 1999/12/02 17:04:59 joda Exp $
* $Id: headers.h,v 1.6 2000/02/06 06:04:36 assar Exp $
*/
#ifndef __HEADERS_H__
@ -79,6 +79,7 @@
#include <getarg.h>
#include <base64.h>
#include <parse_units.h>
#include <des.h>
#include <krb5.h>
#include <hdb.h>
#include <hdb_err.h>

30
crypto/heimdal/kdc/kerberos4.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "kdc_locl.h"
RCSID("$Id: kerberos4.c,v 1.24 1999/12/02 17:04:59 joda Exp $");
RCSID("$Id: kerberos4.c,v 1.26 2000/02/02 01:26:41 assar Exp $");
#ifdef KRB4
@ -125,6 +125,12 @@ get_des_key(hdb_entry *principal, Key **key)
#define RCHECK(X, L) if(X){make_err_reply(reply, KFAILURE, "Packet too short"); goto L;}
/*
* Process the v4 request in `buf, len' (received from `addr'
* (with string `from').
* Return an error code and a reply in `reply'.
*/
krb5_error_code
do_version4(unsigned char *buf,
size_t len,
@ -184,6 +190,23 @@ do_version4(unsigned char *buf,
goto out1;
}
/*
* There's no way to do pre-authentication in v4 and thus no
* good error code to return if preauthentication is required.
*/
if (require_preauth
|| client->flags.require_preauth
|| server->flags.require_preauth) {
kdc_log(0,
"Pre-authentication required for v4-request: "
"%s.%s@%s for %s.%s@%s",
name, inst, realm,
sname, sinst, v4_realm);
make_err_reply(reply, KERB_ERR_NULL_KEY, NULL);
goto out1;
}
ret = get_des_key(client, &ckey);
if(ret){
kdc_log(0, "%s", krb5_get_err_text(context, ret));
@ -305,6 +328,9 @@ do_version4(unsigned char *buf,
memcpy(&auth.dat, buf, pos);
auth.length = pos;
krb_set_key(tkey->key.keyvalue.data, 0);
krb_ignore_ip_address = !check_ticket_addresses;
ret = krb_rd_req(&auth, "krbtgt", realm,
addr->sin_addr.s_addr, &ad, 0);
if(ret){

6
crypto/heimdal/kdc/kerberos5.c
View File

@ -33,7 +33,7 @@
#include "kdc_locl.h"
RCSID("$Id: kerberos5.c,v 1.108 1999/12/02 17:04:59 joda Exp $");
RCSID("$Id: kerberos5.c,v 1.109 2000/01/18 03:13:00 assar Exp $");
#define MAX_TIME ((time_t)((1U << 31) - 1))
@ -571,7 +571,9 @@ as_rep(KDC_REQ *req,
e_text = NULL;
goto out;
}
}else if (require_preauth || client->flags.require_preauth || server->flags.require_preauth) {
}else if (require_preauth
|| client->flags.require_preauth
|| server->flags.require_preauth) {
METHOD_DATA method_data;
PA_DATA *pa;
unsigned char *buf;

6
crypto/heimdal/kpasswd/kpasswd.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -32,7 +32,7 @@
*/
#include "kpasswd_locl.h"
RCSID("$Id: kpasswd.c,v 1.20 1999/12/02 17:05:00 joda Exp $");
RCSID("$Id: kpasswd.c,v 1.21 2000/01/28 03:19:32 assar Exp $");
static int version_flag;
static int help_flag;
@ -79,6 +79,8 @@ main (int argc, char **argv)
krb5_get_init_creds_opt_init (&opt);
krb5_get_init_creds_opt_set_tkt_life (&opt, 300);
krb5_get_init_creds_opt_set_forwardable (&opt, FALSE);
krb5_get_init_creds_opt_set_proxiable (&opt, FALSE);
argc -= optind;
argv += optind;

18
crypto/heimdal/kuser/kinit.1
View File

@ -1,14 +1,15 @@
.\" $Id: kinit.1,v 1.3 1999/05/14 14:02:49 assar Exp $
.\" $Id: kinit.1,v 1.4 2000/02/01 14:12:13 joda Exp $
.\"
.Dd May 29, 1998
.Dt KAUTH 1
.Dt KINIT 1
.Os HEIMDAL
.Sh NAME
.Nm kinit ,
.Nm kauth
.Nd
acquire initial tickets
.Sh SYNOPSIS
.Nm
.Nm kinit
.Op Fl 4
.Op Fl -524init
.Op Fl -afslog
@ -40,7 +41,7 @@ acquire initial tickets
.Op Fl e
.Op Fl -enctypes= Ns Ar enctypes
.Op Fl -fcache-version= Ns Ar version
.Op Fl -noaddresses
.Op Fl -no-addresses
.Op Fl -version
.Op Fl -help
.Op Ar principal
@ -130,14 +131,19 @@ Request tickets with this particular enctype.
Create a credentials cache of version
.Nm version .
.It Xo
.Fl -noaddresses
.Fl -no-addresses
.Xc
Request a ticket with no addresses.
.El
The following options are only available if
.Nm
has been compiled with support for Kerberos 4.
has been compiled with support for Kerberos 4. The
.Nm kauth
program is identical to
.Nm kinit ,
but has these options enabled by
default.
.Bl -tag -width Ds
.It Xo
.Fl 4 Ns ,

10
crypto/heimdal/kuser/kinit.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -32,7 +32,7 @@
*/
#include "kuser_locl.h"
RCSID("$Id: kinit.c,v 1.59 1999/12/02 17:05:01 joda Exp $");
RCSID("$Id: kinit.c,v 1.60 2000/02/01 14:06:33 joda Exp $");
int forwardable = 0;
int proxiable = 0;
@ -41,7 +41,7 @@ int renew_flag = 0;
int validate_flag = 0;
int version_flag = 0;
int help_flag = 0;
int no_addrs_flag = 0;
int addrs_flag = 1;
char *lifetime = NULL;
char *renew_life = NULL;
char *server = NULL;
@ -106,7 +106,7 @@ struct getargs args[] = {
{ "fcache-version", 0, arg_integer, &fcache_version,
"file cache version to create" },
{ "noaddresses", 0, arg_flag, &no_addrs_flag,
{ "addresses", 0, arg_negative_flag, &addrs_flag,
"request a ticket with no addresses" },
{ "version", 0, arg_flag, &version_flag },
@ -267,7 +267,7 @@ main (int argc, char **argv)
krb5_get_init_creds_opt_set_forwardable (&opt, forwardable);
krb5_get_init_creds_opt_set_proxiable (&opt, proxiable);
if (no_addrs_flag) {
if (!addrs_flag) {
no_addrs.len = 0;
no_addrs.val = NULL;

6
crypto/heimdal/kuser/klist.c
View File

@ -33,7 +33,7 @@
#include "kuser_locl.h"
RCSID("$Id: klist.c,v 1.52 1999/12/02 17:05:01 joda Exp $");
RCSID("$Id: klist.c,v 1.53 2000/02/06 08:15:40 assar Exp $");
static char*
printable_time(time_t t)
@ -58,7 +58,7 @@ print_cred(krb5_context context, krb5_creds *cred)
{
char *str;
krb5_error_code ret;
int32_t sec;
krb5_timestamp sec;
krb5_timeofday (context, &sec);
@ -85,7 +85,7 @@ print_cred_verbose(krb5_context context, krb5_creds *cred)
char *str;
krb5_error_code ret;
int first_flag;
int32_t sec;
krb5_timestamp sec;
krb5_timeofday (context, &sec);

26
crypto/heimdal/lib/gssapi/8003.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: 8003.c,v 1.5 1999/12/02 17:05:03 joda Exp $");
RCSID("$Id: 8003.c,v 1.6 2000/01/25 23:10:13 assar Exp $");
static krb5_error_code
encode_om_uint32(OM_uint32 n, u_char *p)
@ -57,32 +57,32 @@ hash_input_chan_bindings (const gss_channel_bindings_t b,
u_char *p)
{
u_char num[4];
struct md5 md5;
MD5_CTX md5;
md5_init(&md5);
MD5Init(&md5);
encode_om_uint32 (b->initiator_addrtype, num);
md5_update (&md5, num, sizeof(num));
MD5Update (&md5, num, sizeof(num));
encode_om_uint32 (b->initiator_address.length, num);
md5_update (&md5, num, sizeof(num));
MD5Update (&md5, num, sizeof(num));
if (b->initiator_address.length)
md5_update (&md5,
MD5Update (&md5,
b->initiator_address.value,
b->initiator_address.length);
encode_om_uint32 (b->acceptor_addrtype, num);
md5_update (&md5, num, sizeof(num));
MD5Update (&md5, num, sizeof(num));
encode_om_uint32 (b->acceptor_address.length, num);
md5_update (&md5, num, sizeof(num));
MD5Update (&md5, num, sizeof(num));
if (b->acceptor_address.length)
md5_update (&md5,
MD5Update (&md5,
b->acceptor_address.value,
b->acceptor_address.length);
encode_om_uint32 (b->application_data.length, num);
md5_update (&md5, num, sizeof(num));
MD5Update (&md5, num, sizeof(num));
if (b->application_data.length)
md5_update (&md5,
MD5Update (&md5,
b->application_data.value,
b->application_data.length);
md5_finito (&md5, p);
MD5Final (p, &md5);
return 0;
}

19
crypto/heimdal/lib/gssapi/ChangeLog
View File

@ -1,3 +1,22 @@
2000-02-07 Assar Westerlund <assar@sics.se>
* Makefile.am: set version to 0:5:0
2000-01-26 Assar Westerlund <assar@sics.se>
* delete_sec_context.c (gss_delete_sec_context): handle a NULL
output_token
* wrap.c: update to pseudo-standard APIs for md4,md5,sha. some
changes to libdes calls to make them more portable.
* verify_mic.c: update to pseudo-standard APIs for md4,md5,sha.
some changes to libdes calls to make them more portable.
* unwrap.c: update to pseudo-standard APIs for md4,md5,sha. some
changes to libdes calls to make them more portable.
* get_mic.c: update to pseudo-standard APIs for md4,md5,sha. some
changes to libdes calls to make them more portable.
* 8003.c: update to pseudo-standard APIs for md4,md5,sha.
2000-01-06 Assar Westerlund <assar@sics.se>
* Makefile.am: set version to 0:4:0

4
crypto/heimdal/lib/gssapi/Makefile.am
View File

@ -1,11 +1,11 @@
# $Id: Makefile.am,v 1.17 2000/01/06 21:47:40 assar Exp $
# $Id: Makefile.am,v 1.19 2000/02/07 04:00:51 assar Exp $
include $(top_srcdir)/Makefile.am.common
INCLUDES += -I$(srcdir)/../krb5
lib_LTLIBRARIES = libgssapi.la
libgssapi_la_LDFLAGS = -version-info 0:4:0
libgssapi_la_LDFLAGS = -version-info 0:5:0
include_HEADERS = gssapi.h

4
crypto/heimdal/lib/gssapi/Makefile.in
View File

@ -10,7 +10,7 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
# $Id: Makefile.am,v 1.17 2000/01/06 21:47:40 assar Exp $
# $Id: Makefile.am,v 1.19 2000/02/07 04:00:51 assar Exp $
# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
@ -174,7 +174,7 @@ NROFF_MAN = groff -mandoc -Tascii
CHECK_LOCAL = $(PROGRAMS)
lib_LTLIBRARIES = libgssapi.la
libgssapi_la_LDFLAGS = -version-info 0:4:0
libgssapi_la_LDFLAGS = -version-info 0:5:0
include_HEADERS = gssapi.h

6
crypto/heimdal/lib/gssapi/context_time.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: context_time.c,v 1.2 1999/12/02 17:05:03 joda Exp $");
RCSID("$Id: context_time.c,v 1.3 2000/02/06 08:14:16 assar Exp $");
OM_uint32 gss_context_time
(OM_uint32 * minor_status,
@ -44,7 +44,7 @@ OM_uint32 gss_context_time
OM_uint32 lifetime;
OM_uint32 ret;
krb5_error_code kret;
int32_t timeret;
krb5_timestamp timeret;
gssapi_krb5_init();

12
crypto/heimdal/lib/gssapi/delete_sec_context.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: delete_sec_context.c,v 1.5 1999/12/26 18:31:06 assar Exp $");
RCSID("$Id: delete_sec_context.c,v 1.6 2000/01/26 00:45:46 assar Exp $");
OM_uint32 gss_delete_sec_context
(OM_uint32 * minor_status,
@ -43,8 +43,10 @@ OM_uint32 gss_delete_sec_context
{
gssapi_krb5_init ();
output_token->length = 0;
output_token->value = NULL;
if (output_token) {
output_token->length = 0;
output_token->value = NULL;
}
krb5_auth_con_free (gssapi_krb5_context,
(*context_handle)->auth_context);
@ -58,7 +60,5 @@ OM_uint32 gss_delete_sec_context
krb5_free_ticket (gssapi_krb5_context,
(*context_handle)->ticket);
free (*context_handle);
if (output_token)
output_token->length = 0;
return GSS_S_COMPLETE;
}

22
crypto/heimdal/lib/gssapi/get_mic.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: get_mic.c,v 1.9 1999/12/02 17:05:03 joda Exp $");
RCSID("$Id: get_mic.c,v 1.11 2000/01/25 23:19:22 assar Exp $");
OM_uint32 gss_get_mic
(OM_uint32 * minor_status,
@ -44,7 +44,7 @@ OM_uint32 gss_get_mic
)
{
u_char *p;
struct md5 md5;
MD5_CTX md5;
u_char hash[16];
des_key_schedule schedule;
des_cblock key;
@ -73,17 +73,17 @@ OM_uint32 gss_get_mic
p += 16;
/* checksum */
md5_init (&md5);
md5_update (&md5, p - 24, 8);
md5_update (&md5, message_buffer->value,
message_buffer->length);
md5_finito (&md5, hash);
MD5Init (&md5);
MD5Update (&md5, p - 24, 8);
MD5Update (&md5, message_buffer->value,
message_buffer->length);
MD5Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
gss_krb5_getsomekey(context_handle, &key);
des_set_key (&key, schedule);
des_cbc_cksum ((des_cblock *)hash,
(des_cblock *)hash, sizeof(hash), schedule, &zero);
des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash),
schedule, &zero);
memcpy (p - 8, hash, 8);
/* sequence number */
@ -101,7 +101,7 @@ OM_uint32 gss_get_mic
4);
des_set_key (&key, schedule);
des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
des_cbc_encrypt ((const void *)p, (void *)p, 8,
schedule, (des_cblock *)(p + 8), DES_ENCRYPT);
krb5_auth_setlocalseqnumber (gssapi_krb5_context,

24
crypto/heimdal/lib/gssapi/unwrap.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: unwrap.c,v 1.10 1999/12/02 17:05:04 joda Exp $");
RCSID("$Id: unwrap.c,v 1.11 2000/01/25 23:13:38 assar Exp $");
OM_uint32
gss_krb5_getsomekey(const gss_ctx_id_t context_handle,
@ -70,7 +70,7 @@ OM_uint32 gss_unwrap
{
u_char *p, *pad;
size_t len;
struct md5 md5;
MD5_CTX md5;
u_char hash[16], seq_data[8];
des_key_schedule schedule;
des_cblock key;
@ -114,8 +114,8 @@ OM_uint32 gss_unwrap
key[i] ^= 0xf0;
des_set_key (&key, schedule);
memset (&zero, 0, sizeof(zero));
des_cbc_encrypt ((des_cblock *)p,
(des_cblock *)p,
des_cbc_encrypt ((const void *)p,
(void *)p,
input_message_buffer->length - len,
schedule,
&zero,
@ -134,16 +134,16 @@ OM_uint32 gss_unwrap
if (i != 0)
return GSS_S_BAD_MIC;
md5_init (&md5);
md5_update (&md5, p - 24, 8);
md5_update (&md5, p, input_message_buffer->length - len);
md5_finito (&md5, hash);
MD5Init (&md5);
MD5Update (&md5, p - 24, 8);
MD5Update (&md5, p, input_message_buffer->length - len);
MD5Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
gss_krb5_getsomekey(context_handle, &key);
des_set_key (&key, schedule);
des_cbc_cksum ((des_cblock *)hash,
(des_cblock *)hash, sizeof(hash), schedule, &zero);
des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash),
schedule, &zero);
if (memcmp (p - 8, hash, 8) != 0)
return GSS_S_BAD_MIC;
@ -162,7 +162,7 @@ OM_uint32 gss_unwrap
p -= 16;
des_set_key (&key, schedule);
des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
des_cbc_encrypt ((const void *)p, (void *)p, 8,
schedule, (des_cblock *)hash, DES_DECRYPT);
memset (key, 0, sizeof(key));

22
crypto/heimdal/lib/gssapi/verify_mic.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: verify_mic.c,v 1.8 1999/12/02 17:05:04 joda Exp $");
RCSID("$Id: verify_mic.c,v 1.9 2000/01/25 23:14:47 assar Exp $");
OM_uint32 gss_verify_mic
(OM_uint32 * minor_status,
@ -44,7 +44,7 @@ OM_uint32 gss_verify_mic
)
{
u_char *p;
struct md5 md5;
MD5_CTX md5;
u_char hash[16], seq_data[8];
des_key_schedule schedule;
des_cblock key;
@ -68,11 +68,11 @@ OM_uint32 gss_verify_mic
p += 16;
/* verify checksum */
md5_init (&md5);
md5_update (&md5, p - 24, 8);
md5_update (&md5, message_buffer->value,
message_buffer->length);
md5_finito (&md5, hash);
MD5Init (&md5);
MD5Update (&md5, p - 24, 8);
MD5Update (&md5, message_buffer->value,
message_buffer->length);
MD5Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
#if 0
@ -83,8 +83,8 @@ OM_uint32 gss_verify_mic
sizeof(key));
des_set_key (&key, schedule);
des_cbc_cksum ((des_cblock *)hash,
(des_cblock *)hash, sizeof(hash), schedule, &zero);
des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash),
schedule, &zero);
if (memcmp (p - 8, hash, 8) != 0) {
memset (key, 0, sizeof(key));
memset (schedule, 0, sizeof(schedule));
@ -106,7 +106,7 @@ OM_uint32 gss_verify_mic
p -= 16;
des_set_key (&key, schedule);
des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
des_cbc_encrypt ((const void *)p, (void *)p, 8,
schedule, (des_cblock *)hash, DES_DECRYPT);
memset (key, 0, sizeof(key));

24
crypto/heimdal/lib/gssapi/wrap.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -33,7 +33,7 @@
#include "gssapi_locl.h"
RCSID("$Id: wrap.c,v 1.10 1999/12/02 17:05:04 joda Exp $");
RCSID("$Id: wrap.c,v 1.11 2000/01/25 23:15:44 assar Exp $");
OM_uint32 gss_wrap_size_limit (
OM_uint32 * minor_status,
@ -63,7 +63,7 @@ OM_uint32 gss_wrap
)
{
u_char *p;
struct md5 md5;
MD5_CTX md5;
u_char hash[16];
des_key_schedule schedule;
des_cblock key;
@ -110,16 +110,16 @@ OM_uint32 gss_wrap
memset (p + 8 + input_message_buffer->length, padlength, padlength);
/* checksum */
md5_init (&md5);
md5_update (&md5, p - 24, 8);
md5_update (&md5, p, input_message_buffer->length + padlength + 8);
md5_finito (&md5, hash);
MD5Init (&md5);
MD5Update (&md5, p - 24, 8);
MD5Update (&md5, p, input_message_buffer->length + padlength + 8);
MD5Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
gss_krb5_getsomekey(context_handle, &key);
des_set_key (&key, schedule);
des_cbc_cksum ((des_cblock *)hash,
(des_cblock *)hash, sizeof(hash), schedule, &zero);
des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash),
schedule, &zero);
memcpy (p - 8, hash, 8);
/* sequence number */
@ -137,7 +137,7 @@ OM_uint32 gss_wrap
4);
des_set_key (&key, schedule);
des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
des_cbc_encrypt ((const void *)p, (void *)p, 8,
schedule, (des_cblock *)(p + 8), DES_ENCRYPT);
krb5_auth_setlocalseqnumber (gssapi_krb5_context,
@ -153,8 +153,8 @@ OM_uint32 gss_wrap
key[i] ^= 0xf0;
des_set_key (&key, schedule);
memset (&zero, 0, sizeof(zero));
des_cbc_encrypt ((des_cblock *)p,
(des_cblock *)p,
des_cbc_encrypt ((const void *)p,
(void *)p,
8 + input_message_buffer->length + padlength,
schedule,
&zero,

5
crypto/heimdal/lib/hdb/hdb_locl.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
/* $Id: hdb_locl.h,v 1.12 1999/12/02 17:05:05 joda Exp $ */
/* $Id: hdb_locl.h,v 1.13 2000/02/06 05:17:05 assar Exp $ */
#ifndef __HDB_LOCL_H__
#define __HDB_LOCL_H__
@ -56,6 +56,7 @@
#endif
#include <roken.h>
#include <des.h>
#include <krb5.h>
#include <hdb.h>
#include <hdb-private.h>

9
crypto/heimdal/lib/kadm5/ChangeLog
View File

@ -1,3 +1,12 @@
2000-02-07 Assar Westerlund <assar@sics.se>
* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0
2000-01-28 Assar Westerlund <assar@sics.se>
* init_c.c (get_new_cache): make sure to request non-forwardable,
non-proxiable
2000-01-06 Assar Westerlund <assar@sics.se>
* Makefile.am (libkadm5srv.la): bump version to 5:1:0

4
crypto/heimdal/lib/kadm5/Makefile.am
View File

@ -1,10 +1,10 @@
# $Id: Makefile.am,v 1.32 2000/01/06 21:53:30 assar Exp $
# $Id: Makefile.am,v 1.33 2000/02/07 03:37:27 assar Exp $
include $(top_srcdir)/Makefile.am.common
lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la
libkadm5srv_la_LDFLAGS = -version-info 5:1:0
libkadm5clnt_la_LDFLAGS = -version-info 4:1:0
libkadm5clnt_la_LDFLAGS = -version-info 4:2:0
sbin_PROGRAMS = dump_log replay_log
libexec_PROGRAMS = ipropd-master ipropd-slave

4
crypto/heimdal/lib/kadm5/Makefile.in
View File

@ -10,7 +10,7 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
# $Id: Makefile.am,v 1.32 2000/01/06 21:53:30 assar Exp $
# $Id: Makefile.am,v 1.33 2000/02/07 03:37:27 assar Exp $
# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
@ -175,7 +175,7 @@ CHECK_LOCAL = $(PROGRAMS)
lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la
libkadm5srv_la_LDFLAGS = -version-info 5:1:0
libkadm5clnt_la_LDFLAGS = -version-info 4:1:0
libkadm5clnt_la_LDFLAGS = -version-info 4:2:0
sbin_PROGRAMS = dump_log replay_log
libexec_PROGRAMS = ipropd-master ipropd-slave

7
crypto/heimdal/lib/kadm5/init_c.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
* Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -37,7 +37,7 @@
#include <netinet/in.h>
#include <netdb.h>
RCSID("$Id: init_c.c,v 1.34 1999/12/20 14:05:49 assar Exp $");
RCSID("$Id: init_c.c,v 1.35 2000/01/28 03:20:18 assar Exp $");
static void
set_funcs(kadm5_client_context *c)
@ -145,6 +145,9 @@ get_new_cache(krb5_context context,
krb5_ccache id;
krb5_get_init_creds_opt_init (&opt);
krb5_get_init_creds_opt_set_forwardable (&opt, FALSE);
krb5_get_init_creds_opt_set_proxiable (&opt, FALSE);
if(password == NULL && prompter == NULL) {
krb5_keytab kt;
if(keytab == NULL)

Some files were not shown because too many files have changed in this diff Show More