Implement Kerberized rcmd for rdump/rrestore. This is lacking the

options one would normally expect to set the realm, enable encryption, and whatnot, but this actually is able to contact the remote server, so at least it's a start. (As a bonus, the stripped static binary is unquestionably exportable.)
svn path=/head/; revision=25288
1997-04-29 17:46:27 +00:00 · 1997-04-29 17:46:27 +00:00 · 1982ee69fd · 2020-12-20 02:59:44 +00:00
commit 1982ee69fd
parent 7d322c735e
6 changed files with 74 additions and 17 deletions
--- a/sbin/dump/Makefile
+++ b/sbin/dump/Makefile
@ -22,4 +22,11 @@ BINMODE=2555
 MAN8=	dump.8
 MLINKS+=dump.8 rdump.8

+.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_EBONES)
+.PATH:	${.CURDIR}/../../usr.bin/rlogin
+SRCS+=	krcmd.c kcmd.c
+LDADD+=	-lkrb -ldes
+CFLAGS+=-DKERBEROS
+.endif
+
 .include <bsd.prog.mk>
--- a/sbin/dump/dump.8
+++ b/sbin/dump/dump.8
@ -31,7 +31,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     @(#)dump.8	8.3 (Berkeley) 5/1/95
-.\"	$Id: dump.8,v 1.13 1997/03/11 12:09:31 peter Exp $
+.\"	$Id: dump.8,v 1.14 1997/03/15 06:23:57 peter Exp $
 .\"
 .Dd May 1, 1995
 .Dt DUMP 8
@ -41,7 +41,7 @@
 .Nd filesystem backup
 .Sh SYNOPSIS
 .Nm dump
-.Op Fl 0123456789acnu
+.Op Fl 0123456789acknu
 .Op Fl B Ar records
 .Op Fl b Ar blocksize
 .Op Fl d Ar density
@ -164,6 +164,11 @@ program is
 .Pa /etc/rmt ;
 this can be overridden by the environment variable
 .Ev RMT .
+.It Fl k
+Use Kerberos authentication to talk to remote tape servers.  (Only
+available if this option was enabled when
+.Nm dump
+was compiled.)
 .It Fl n
 Whenever
 .Nm dump
--- a/sbin/dump/dumprmt.c
+++ b/sbin/dump/dumprmt.c
@ -83,9 +83,12 @@ static	int rmtgetb __P((void));
 static	void rmtgetconn __P((void));
 static	void rmtgets __P((char *, int));
 static	int rmtreply __P((char *));
+#ifdef KERBEROS
+int	krcmd __P((char **, int /*u_short*/, char *, char *, int *, char *));
+#endif

 static	int errfd = -1;
-
+extern	int dokerberos;
 extern	int ntrec;		/* blocking factor on tape */

 int
@ -147,9 +150,10 @@ rmtgetconn()
 	int throughput;

 	if (sp == NULL) {
-		sp = getservbyname("shell", "tcp");
+		sp = getservbyname(dokerberos ? "kshell" : "shell", "tcp");
 		if (sp == NULL) {
-			msg("shell/tcp: unknown service\n");
+			msg("%s/tcp: unknown service\n",
+			    dokerberos ? "kshell" : "shell");
 			exit(X_ABORT);
 		}
 		pwd = getpwuid(getuid());
@ -169,8 +173,14 @@ rmtgetconn()
 	if ((rmt = getenv("RMT")) == NULL)
 		rmt = _PATH_RMT;
 	msg("");
-	rmtape = rcmd(&rmtpeer, (u_short)sp->s_port, pwd->pw_name, tuser,
-	    rmt, &errfd);
+#ifdef KERBEROS
+	if (dokerberos)
+		rmtape = krcmd(&rmtpeer, sp->s_port, tuser, rmt, &errfd,
+			       (char *)0);
+	else
+#endif
+		rmtape = rcmd(&rmtpeer, (u_short)sp->s_port, pwd->pw_name,
+			      tuser, rmt, &errfd);
 	if (rmtape < 0) {
 		msg("login to %s as %s failed.\n", rmtpeer, tuser);
 		return;
--- a/sbin/dump/main.c
+++ b/sbin/dump/main.c
@ -79,6 +79,7 @@ int	tapeno = 0;	/* current tape number */
 int	density = 0;	/* density in bytes/0.1" " <- this is for hilit19 */
 int	ntrec = NTREC;	/* # tape blocks in each tape record */
 int	cartridge = 0;	/* Assume non-cartridge tape */
+int	dokerberos = 0;	/* Use Kerberos authentication */
 long	dev_bsize = 1;	/* recalculated below */
 long	blocksperfile;	/* output blocks per file */
 char	*host = NULL;	/* remote host (if any) */
@ -117,7 +118,13 @@ main(argc, argv)
 		usage();

 	obsolete(&argc, &argv);
-	while ((ch = getopt(argc, argv, "0123456789aB:b:cd:f:h:ns:T:uWw")) != -1)
+#ifdef KERBEROS
+#define optstring "0123456789aB:b:cd:f:h:kns:T:uWw"
+#else
+#define optstring "0123456789aB:b:cd:f:h:ns:T:uWw"
+#endif
+	while ((ch = getopt(argc, argv, optstring)) != -1)
+#undef optstring
 		switch (ch) {
 		/* dump level */
 		case '0': case '1': case '2': case '3': case '4':
@ -171,6 +178,12 @@ main(argc, argv)
 			honorlevel = numarg("honor level", 0L, 10L);
 			break;

+#ifdef KERBEROS
+		case 'k':
+			dokerberos = 1;
+			break;
+#endif
+
 		case 'n':		/* notify operators */
 			notify = 1;
 			break;
@ -481,9 +494,13 @@ main(argc, argv)
 static void
 usage()
 {
-
-	(void)fprintf(stderr, "usage: dump [-0123456789acnu] [-B records] [-b blocksize] [-d density] [-f file]\n            [-h level] [-s feet] [-T date] filesystem\n");
-	(void)fprintf(stderr, "       dump [-W | -w]\n");
+	fprintf(stderr, "usage: dump [-0123456789ac"
+#ifdef KERBEROS
+		"k"
+#endif
+		"nu] [-B records] [-b blocksize] [-d density] [-f file]\n"
+		"		[-h level] [-s feet] [-T date] filesystem\n"
+		"	dump [-W | -w]\n");
 	exit(1);
 }

--- a/sbin/restore/Makefile
+++ b/sbin/restore/Makefile
@ -12,4 +12,11 @@ MAN8=	restore.8
 MLINKS+=restore.8 rrestore.8
 .PATH:	${.CURDIR}/../dump

+.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_EBONES)
+.PATH:	${.CURDIR}/../../usr.bin/rlogin
+SRCS+=	krcmd.c kcmd.c
+LDADD+=	-lkrb -ldes
+CFLAGS+=-DKERBEROS
+.endif
+
 .include <bsd.prog.mk>
--- a/sbin/restore/main.c
+++ b/sbin/restore/main.c
@ -62,6 +62,7 @@ static char sccsid[] = "@(#)main.c	8.6 (Berkeley) 5/4/95";

 int	bflag = 0, cvtflag = 0, dflag = 0, vflag = 0, yflag = 0;
 int	hflag = 1, mflag = 1, Nflag = 0;
+int	dokerberos = 0;
 char	command = '\0';
 long	dumpnum = 1;
 long	volno = 0;
@ -96,7 +97,12 @@ main(argc, argv)
 	if ((inputdev = getenv("TAPE")) == NULL)
 		inputdev = _PATH_DEFTAPE;
 	obsolete(&argc, &argv);
-	while ((ch = getopt(argc, argv, "b:cdf:himNRrs:tvxy")) != -1)
+#ifdef KERBEROS
+#define	optlist "b:cdf:hikmNRrs:tvxy"
+#else
+#define	optlist "b:cdf:himNRrs:tvxy"
+#endif
+	while ((ch = getopt(argc, argv, optlist)) != -1)
 		switch(ch) {
 		case 'b':
 			/* Change default tape blocksize. */
@ -119,6 +125,11 @@ main(argc, argv)
 		case 'h':
 			hflag = 0;
 			break;
+#ifdef KERBEROS
+		case 'k':
+			dokerberos = 1;
+			break;
+#endif
 		case 'i':
 		case 'R':
 		case 'r':
@ -278,11 +289,11 @@ static void
 usage()
 {
 	(void)fprintf(stderr, "usage:\t%s\n\t%s\n\t%s\n\t%s\n\t%s\n",
-	  "restore -i [-chmvy] [-b blocksize] [-f file] [-s fileno]",
-	  "restore -r [-cvy] [-b blocksize] [-f file] [-s fileno]",
-	  "restore -R [-cvy] [-b blocksize] [-f file] [-s fileno]",
-	  "restore -x [-chmvy] [-b blocksize] [-f file] [-s fileno] [file ...]",
-	  "restore -t [-chvy] [-b blocksize] [-f file] [-s fileno] [file ...]");
+	  "restore -i [-chkmvy] [-b blocksize] [-f file] [-s fileno]",
+	  "restore -r [-ckvy] [-b blocksize] [-f file] [-s fileno]",
+	  "restore -R [-ckvy] [-b blocksize] [-f file] [-s fileno]",
+	  "restore -x [-chkmvy] [-b blocksize] [-f file] [-s fileno] [file ...]",
+	  "restore -t [-chkvy] [-b blocksize] [-f file] [-s fileno] [file ...]");
 	done(1);
 }