d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changes for KTH KerberosIV.

Browse Source 
Also quieten -Wall a bit.
This commit is contained in:
Mark Murray 1997-09-28 08:57:24 +00:00
parent f714a88adc
commit 7f80a02080
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=29922
16 changed files with 74 additions and 609 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/libpam/modules/pam_kerberosIV/klogin.c
View File

@ -32,14 +32,14 @@
*/
#ifndef lint
static char sccsid[] = "@(#)klogin.c 8.3 (Berkeley) 4/2/94";
static const char sccsid[] = "@(#)klogin.c 8.3 (Berkeley) 4/2/94";
#endif /* not lint */
#ifdef KERBEROS
#include <sys/param.h>
#include <sys/syslog.h>
#include <des.h>
#include <kerberosIV/krb.h>
#include <krb.h>
#include <err.h>
#include <netdb.h>

2
lib/libpam/modules/pam_login_access/login_access.c
View File

@ -9,7 +9,7 @@
#ifdef LOGIN_ACCESS
#ifndef lint
static char sccsid[] = "%Z% %M% %I% %E% %U%";
static const char sccsid[] = "%Z% %M% %I% %E% %U%";
#endif
#include <stdio.h>

16
usr.bin/login/Makefile
View File

@ -1,5 +1,5 @@
# From: @(#)Makefile 8.1 (Berkeley) 7/19/93
# $Id: Makefile,v 1.17 1997/09/05 12:00:01 peter Exp $
# $Id$
PROG= login
MAN1= login.1
@ -9,22 +9,16 @@ SRCS= login.c login_access.c login_fbtab.c
#Uncomment to activate login_auth
#Warning: requires src/libexec/login_* auth modules
#LC_AUTH=-DLOGIN_CAP_AUTH
CFLAGS+=-DSKEY -DLOGIN_ACCESS -DLOGALL -DLOGIN_CAP $(LC_AUTH)
CFLAGS+=-Wall -DSKEY -DLOGIN_ACCESS -DLOGALL -DLOGIN_CAP $(LC_AUTH)
.if defined(KLOGIN_PARANOID)
CFLAGS+=-DKLOGIN_PARANOID
.endif
DPADD= ${LIBUTIL} ${LIBSKEY} ${LIBCRYPT}
LDADD= -lutil -lskey -lcrypt
DPADD= ${LIBUTIL} ${LIBSKEY} ${LIBMD} ${LIBCRYPT}
LDADD= -lutil -lskey -lmd -lcrypt
# have to provide libmd.a for libskey.so to use.
.if ${BINFORMAT} != elf
DPADD+= ${LIBMD}
LDADD+= -lmd
.endif
.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_EBONES) && !defined(LC_AUTH)
.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4) && !defined(LC_AUTH)
CFLAGS+=-DKERBEROS
SRCS+= klogin.c
DPADD+= ${LIBKRB} ${LIBDES}

4
usr.bin/login/klogin.c
View File

@ -32,14 +32,14 @@
*/
#ifndef lint
static char sccsid[] = "@(#)klogin.c 8.3 (Berkeley) 4/2/94";
static const char sccsid[] = "@(#)klogin.c 8.3 (Berkeley) 4/2/94";
#endif /* not lint */
#ifdef KERBEROS
#include <sys/param.h>
#include <sys/syslog.h>
#include <des.h>
#include <kerberosIV/krb.h>
#include <krb.h>
#include <err.h>
#include <netdb.h>

3
usr.bin/login/login.c
View File

@ -42,7 +42,7 @@ static char copyright[] =
static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94";
#endif
static const char rcsid[] =
"$Id$";
"$Id: login.c,v 1.28 1997/07/22 07:39:43 charnier Exp $";
#endif /* not lint */
/*
@ -111,6 +111,7 @@ void sleepexit __P((int));
void refused __P((char *,char *,int));
char *stypeof __P((char *));
void timedout __P((int));
int login_access __P((char *, char *));
void login_fbtab __P((char *, uid_t, gid_t));
#ifdef KERBEROS
int klogin __P((struct passwd *, char *, char *, char *));

2
usr.bin/login/login_access.c
View File

@ -9,7 +9,7 @@
#ifdef LOGIN_ACCESS
#ifndef lint
static char sccsid[] = "%Z% %M% %I% %E% %U%";
static const char sccsid[] = "%Z% %M% %I% %E% %U%";
#endif
#include <stdio.h>

4
usr.bin/login/login_fbtab.c
View File

@ -59,11 +59,13 @@
*/
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
#include <syslog.h>
#include <string.h>
#include <errno.h>
#include <dirent.h>
#include <unistd.h>
#include "pathnames.h"
void login_protect __P((char *, char *, int, uid_t, gid_t));
@ -91,7 +93,7 @@ gid_t gid;
return;
while (fgets(buf, sizeof(buf), fp)) {
if (cp = strchr(buf, '#'))
if ((cp = strchr(buf, '#')))
*cp = 0; /* strip comment */
if ((cp = devname = strtok(buf, WSPACE)) == 0)
continue; /* empty or comment */

13
usr.bin/passwd/Makefile
View File

@ -1,9 +1,10 @@
# From: @(#)Makefile 8.3 (Berkeley) 4/2/94
# $Id: Makefile,v 1.2 1997/07/28 18:31:45 wpaul Exp $
# $Id: Makefile,v 1.25 1997/07/29 15:45:04 wpaul Exp $
PROG= passwd
SRCS= local_passwd.c yppasswd_private_xdr.c yp_passwd.c \
passwd.c pw_copy.c pw_util.c pw_yp.c
CFLAGS+=-Wall
DPADD= ${LIBCRYPT} ${LIBRPCSVC} ${LIBUTIL}
LDADD= -lcrypt -lrpcsvc -lutil
@ -55,15 +56,13 @@ MAN1=passwd.1
LINKS=${BINDIR}/passwd ${BINDIR}/yppasswd
MLINKS=passwd.1 yppasswd.1
.if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_EBONES))
SRCS+= kpasswd.c
.if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_KERBEROS4))
SRCS+= kpasswd_standalone.c
.PATH: ${.CURDIR}/../../usr.bin/chpass ${.CURDIR}/../../usr.sbin/vipw \
${.CURDIR}/../../usr.bin/rlogin ${.CURDIR}/../../usr.bin/passwd \
${.CURDIR}/../../eBones/usr.bin/passwd
${.CURDIR}/../../crypto/kerberosIV/kadmin
CFLAGS+= -DKERBEROS \
-I${.CURDIR}/../../eBones/include \
-I${.CURDIR}/../../eBones/lib/libkadm
CFLAGS+= -DKERBEROS
# XXX not defined: ${LIBKADM}, ${LIBCOM_ERR}
DPADD= ${LIBKADM} ${LIBKRB} ${LIBDES} ${LIBCRYPT} ${LIBRPCSVC} ${LIBCOM_ERR} ${LIBUTIL}
LDADD= -lkadm -lkrb -ldes -lcrypt -lrpcsvc -lcom_err -lutil

2
usr.bin/passwd/yp_passwd.c
View File

@ -45,6 +45,7 @@
#include <rpcsvc/ypclnt.h>
#include <rpcsvc/yppasswd.h>
#include <pw_yp.h>
#include <err.h>
#include "yppasswd_private.h"
extern char *getnewpasswd __P(( struct passwd * , int ));
@ -52,7 +53,6 @@ extern char *getnewpasswd __P(( struct passwd * , int ));
int
yp_passwd(char *user)
{
struct timeval timeout;
struct yppasswd yppasswd;
struct master_yppasswd master_yppasswd;
struct passwd *pw;

23
usr.bin/rlogin/Makefile
View File

@ -2,18 +2,23 @@
PROG= rlogin
SRCS= rlogin.c
.if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_KERBEROS) \
|| defined(MAKE_EBONES))
SRCS+= krcmd.c kcmd.c
DPADD= ${LIBKRB} ${LIBDES}
CFLAGS+=-DKERBEROS -DCRYPT
LDADD= -lkrb -ldes
DISTRIBUTION= krb
.endif
CFLAGS+=-Wall
BINOWN= root
BINMODE=4555
INSTALLFLAGS=-fschg
.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4)
SRCS+= krcmd.c kcmd.c rcmd_util.c encrypt.c
DPADD= ${LIBKRB} ${LIBDES}
CFLAGS+=-DKERBEROS -DCRYPT -DHAVE_CONFIG_H \
-I${.CURDIR}/../../kerberosIV/include \
-I${.CURDIR}/../../crypto/kerberosIV/include \
-I${.CURDIR}/../../crypto/kerberosIV/lib/roken \
-I${.CURDIR}/../../crypto/kerberosIV/appl/bsd
LDADD= -lkrb -ldes
DISTRIBUTION= krb
.PATH: ${.CURDIR}/../../crypto/kerberosIV/appl/bsd
.endif
.include <bsd.prog.mk>

314
usr.bin/rlogin/kcmd.c
View File

@ -1,314 +0,0 @@
/*
* Copyright (c) 1983, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef lint
static char Xsccsid[] = "derived from @(#)rcmd.c 5.17 (Berkeley) 6/27/88";
static char sccsid[] = "@(#)kcmd.c 8.2 (Berkeley) 8/19/93";
#endif /* not lint */
#include <sys/param.h>
#include <sys/file.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <des.h>
#include <kerberosIV/krb.h>
#include <kerberosIV/kparse.h>
#include <ctype.h>
#include <errno.h>
#include <netdb.h>
#include <pwd.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "krb.h"
#ifndef MAXHOSTNAMELEN
#define MAXHOSTNAMELEN 64
#endif
#define START_PORT 5120 /* arbitrary */
int getport __P((int *));
int
kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, ticket, service, realm,
cred, schedule, msg_data, laddr, faddr, authopts)
int *sock;
char **ahost;
u_short rport;
char *locuser, *remuser, *cmd;
int *fd2p;
KTEXT ticket;
char *service;
char *realm;
CREDENTIALS *cred;
Key_schedule schedule;
MSG_DAT *msg_data;
struct sockaddr_in *laddr, *faddr;
long authopts;
{
int s, timo = 1, pid;
long oldmask;
struct sockaddr_in sin, from;
char c;
#ifdef ATHENA_COMPAT
int lport = IPPORT_RESERVED - 1;
#else
int lport = START_PORT;
#endif
struct hostent *hp;
int rc;
char *host_save;
int status;
pid = getpid();
hp = gethostbyname(*ahost);
if (hp == NULL) {
/* fprintf(stderr, "%s: unknown host\n", *ahost); */
return (-1);
}
if (!(host_save = malloc(strlen(hp->h_name) + 1))) {
perror("malloc");
return -1;
}
strcpy(host_save, hp->h_name);
*ahost = host_save;
#ifdef KERBEROS
/* If realm is null, look up from table */
if (realm == NULL || realm[0] == '\0')
realm = krb_realmofhost(host_save);
#endif /* KERBEROS */
oldmask = sigblock(sigmask(SIGURG));
for (;;) {
s = getport(&lport);
if (s < 0) {
if (errno == EAGAIN)
fprintf(stderr,
"kcmd(socket): All ports in use\n");
else
perror("kcmd: socket");
sigsetmask(oldmask);
return (-1);
}
fcntl(s, F_SETOWN, pid);
sin.sin_family = hp->h_addrtype;
#if defined(ultrix) || defined(sun)
bcopy(hp->h_addr, (caddr_t)&sin.sin_addr, sizeof sin.sin_addr);
#else
bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr, sizeof sin.sin_addr);
#endif
sin.sin_port = rport;
if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
break;
(void) close(s);
if (errno == EADDRINUSE) {
lport--;
continue;
}
/*
* don't wait very long for Kerberos rcmd.
*/
if (errno == ECONNREFUSED && timo <= 4) {
/* sleep(timo); don't wait at all here */
timo *= 2;
continue;
}
#if !(defined(ultrix) || defined(sun))
if (hp->h_addr_list[1] != NULL) {
int oerrno = errno;
fprintf(stderr,
"kcmd: connect to address %s: ",
inet_ntoa(sin.sin_addr));
errno = oerrno;
perror(NULL);
hp->h_addr_list++;
bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr,
sizeof sin.sin_addr);
fprintf(stderr, "Trying %s...\n",
inet_ntoa(sin.sin_addr));
continue;
}
#endif /* !(defined(ultrix) || defined(sun)) */
if (errno != ECONNREFUSED)
perror(hp->h_name);
sigsetmask(oldmask);
return (-1);
}
lport--;
if (fd2p == 0) {
write(s, "", 1);
lport = 0;
} else {
char num[8];
int s2 = getport(&lport), s3;
int len = sizeof(from);
if (s2 < 0) {
status = -1;
goto bad;
}
listen(s2, 1);
(void) sprintf(num, "%d", lport);
if (write(s, num, strlen(num) + 1) != strlen(num) + 1) {
perror("kcmd(write): setting up stderr");
(void) close(s2);
status = -1;
goto bad;
}
s3 = accept(s2, (struct sockaddr *)&from, &len);
(void) close(s2);
if (s3 < 0) {
perror("kcmd:accept");
lport = 0;
status = -1;
goto bad;
}
*fd2p = s3;
from.sin_port = ntohs((u_short)from.sin_port);
if (from.sin_family != AF_INET ||
from.sin_port >= IPPORT_RESERVED) {
fprintf(stderr,
"kcmd(socket): protocol failure in circuit setup.\n");
status = -1;
goto bad2;
}
}
/*
* Kerberos-authenticated service. Don't have to send locuser,
* since its already in the ticket, and we'll extract it on
* the other side.
*/
/* (void) write(s, locuser, strlen(locuser)+1); */
/* set up the needed stuff for mutual auth, but only if necessary */
if (authopts & KOPT_DO_MUTUAL) {
int sin_len;
*faddr = sin;
sin_len = sizeof(struct sockaddr_in);
if (getsockname(s, (struct sockaddr *)laddr, &sin_len) < 0) {
perror("kcmd(getsockname)");
status = -1;
goto bad2;
}
}
#ifdef KERBEROS
if ((status = krb_sendauth(authopts, s, ticket, service, *ahost,
realm, (unsigned long) getpid(), msg_data,
cred, schedule,
laddr,
faddr,
"KCMDV0.1")) != KSUCCESS)
goto bad2;
#endif /* KERBEROS */
(void) write(s, remuser, strlen(remuser)+1);
(void) write(s, cmd, strlen(cmd)+1);
if ((rc = read(s, &c, 1)) != 1) {
if (rc == -1)
perror(*ahost);
else
fprintf(stderr,"kcmd: bad connection with remote host\n");
status = -1;
goto bad2;
}
if (c != '\0') {
while (read(s, &c, 1) == 1) {
(void) write(2, &c, 1);
if (c == '\n')
break;
}
status = -1;
goto bad2;
}
sigsetmask(oldmask);
*sock = s;
return (KSUCCESS);
bad2:
if (lport)
(void) close(*fd2p);
bad:
(void) close(s);
sigsetmask(oldmask);
return (status);
}
int
getport(alport)
int *alport;
{
struct sockaddr_in sin;
int s, retval;
s = socket(AF_INET, SOCK_STREAM, 0);
if ((retval = krb_get_local_addr(&sin)) != KSUCCESS) {
fprintf(stderr, "krb_get_local_addr: %s\n",krb_err_txt[retval]);
close(s);
return (-1);
}
if (s < 0)
return (-1);
for (;;) {
sin.sin_port = htons((u_short)*alport);
if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
return (s);
if (errno != EADDRINUSE) {
(void) close(s);
return (-1);
}
(*alport)--;
#ifdef ATHENA_COMPAT
if (*alport == IPPORT_RESERVED/2) {
#else
if (*alport == IPPORT_RESERVED) {
#endif
(void) close(s);
errno = EAGAIN; /* close */
return (-1);
}
}
}

38
usr.bin/rlogin/krb.h
View File

@ -1,38 +0,0 @@
/*-
* Copyright (c) 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)krb.h 8.1 (Berkeley) 6/6/93
*/
int krcmd __P((char **, u_short, char *, char *, int *, char *));
int krcmd_mutual __P((char **, u_short, char *, char *, int *,
char *, CREDENTIALS *, Key_schedule));

158
usr.bin/rlogin/krcmd.c
View File

@ -1,158 +0,0 @@
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef lint
static char sccsid[] = "@(#)krcmd.c 8.1 (Berkeley) 6/6/93";
#endif /* not lint */
/*
* $Source: /home/ncvs/src/usr.bin/rlogin/krcmd.c,v $
* $Header: /mit/kerberos/ucb/mit/kcmd/RCS/krcmd.c,v 5.1
* 89/07/25 15:38:44 kfall Exp Locker: kfall $
* static char *rcsid_kcmd_c =
* "$Header: /mit/kerberos/ucb/mit/kcmd/RCS/krcmd.c,v 5.1 89/07/25 15:38:44
* kfall Exp Locker: kfall $";
*/
#ifdef KERBEROS
#include <sys/types.h>
#ifdef CRYPT
#include <sys/socket.h>
#endif
#include <netinet/in.h>
#include <des.h>
#include <kerberosIV/krb.h>
#include <stdio.h>
#define SERVICE_NAME "rcmd"
int kcmd __P((int *, char **, u_short, char *, char *, char *, int *,
KTEXT, char *, char *, CREDENTIALS *, Key_schedule, MSG_DAT *,
struct sockaddr_in *, struct sockaddr_in *, long));
/*
* krcmd: simplified version of Athena's "kcmd"
* returns a socket attached to the destination, -1 or krb error on error
* if fd2p is non-NULL, another socket is filled in for it
*/
int
krcmd(ahost, rport, remuser, cmd, fd2p, realm)
char **ahost;
u_short rport;
char *remuser, *cmd;
int *fd2p;
char *realm;
{
int sock = -1, err = 0;
KTEXT_ST ticket;
long authopts = 0L;
err = kcmd(
&sock,
ahost,
rport,
NULL, /* locuser not used */
remuser,
cmd,
fd2p,
&ticket,
SERVICE_NAME,
realm,
(CREDENTIALS *) NULL, /* credentials not used */
0, /* key schedule not used */
(MSG_DAT *) NULL, /* MSG_DAT not used */
(struct sockaddr_in *) NULL, /* local addr not used */
(struct sockaddr_in *) NULL, /* foreign addr not used */
authopts
);
if (err > KSUCCESS && err < MAX_KRB_ERRORS) {
fprintf(stderr, "krcmd: %s\n", krb_err_txt[err]);
return(-1);
}
if (err < 0)
return(-1);
return(sock);
}
#ifdef CRYPT
int
krcmd_mutual(ahost, rport, remuser, cmd, fd2p, realm, cred, sched)
char **ahost;
u_short rport;
char *remuser, *cmd;
int *fd2p;
char *realm;
CREDENTIALS *cred;
Key_schedule sched;
{
int sock, err;
KTEXT_ST ticket;
MSG_DAT msg_dat;
struct sockaddr_in laddr, faddr;
long authopts = KOPT_DO_MUTUAL;
err = kcmd(
&sock,
ahost,
rport,
NULL, /* locuser not used */
remuser,
cmd,
fd2p,
&ticket,
SERVICE_NAME,
realm,
cred, /* filled in */
sched, /* filled in */
&msg_dat, /* filled in */
&laddr, /* filled in */
&faddr, /* filled in */
authopts
);
if (err > KSUCCESS && err < MAX_KRB_ERRORS) {
fprintf(stderr, "krcmd_mutual: %s\n", krb_err_txt[err]);
return(-1);
}
if (err < 0)
return (-1);
return(sock);
}
#endif /* CRYPT */
#endif /* KERBEROS */

66
usr.bin/rlogin/rlogin.c
View File

@ -38,11 +38,9 @@ static const char copyright[] =
#endif /* not lint */
#ifndef lint
#if 0
static char sccsid[] = "@(#)rlogin.c 8.1 (Berkeley) 6/6/93";
#endif
static const char sccsid[] = "@(#)rlogin.c 8.1 (Berkeley) 6/6/93";
static const char rcsid[] =
"$Id$";
"$Id: rlogin.c,v 1.15 1997/08/05 06:46:46 charnier Exp $";
#endif /* not lint */
/*
@ -71,16 +69,11 @@ static const char rcsid[] =
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#ifdef __STDC__
#include <stdarg.h>
#else
#include <varargs.h>
#endif
#include <err.h>
#ifdef KERBEROS
#include <des.h>
#include <kerberosIV/krb.h>
#include <krb.h>
#include "krb.h"
@ -139,9 +132,6 @@ void usage __P((void)) __dead2;
void writer __P((void));
void writeroob __P((int));
#ifdef KERBEROS
void warning __P((const char *, ...));
#endif
#ifdef OLDSUN
int get_window_size __P((int, struct winsize *));
#endif
@ -164,7 +154,7 @@ main(argc, argv)
one = 1;
host = user = NULL;
if (p = rindex(argv[0], '/'))
if ((p = rindex(argv[0], '/')))
++p;
else
p = argv[0];
@ -251,7 +241,7 @@ main(argc, argv)
sp = getservbyname((doencrypt ? "eklogin" : "klogin"), "tcp");
if (sp == NULL) {
use_kerberos = 0;
warning("can't get entry for %s/tcp service",
warn("can't get entry for %s/tcp service",
doencrypt ? "eklogin" : "klogin");
}
}
@ -304,7 +294,7 @@ main(argc, argv)
if (doencrypt) {
rem = krcmd_mutual(&host, sp->s_port, user, term, 0,
dest_realm, &cred, schedule);
des_set_key_krb(&cred.session, schedule);
des_set_key(&cred.session, schedule);
} else
#endif /* CRYPT */
rem = krcmd(&host, sp->s_port, user, term, 0,
@ -315,9 +305,9 @@ main(argc, argv)
if (sp == NULL)
errx(1, "unknown service login/tcp");
if (errno == ECONNREFUSED)
warning("remote host doesn't support Kerberos");
warn("remote host doesn't support Kerberos");
if (errno == ENOENT)
warning("can't provide Kerberos auth data");
warn("can't provide Kerberos auth data");
goto try_connect;
}
} else {
@ -520,8 +510,9 @@ writer()
#ifdef CRYPT
#ifdef KERBEROS
if (doencrypt)
(void)des_write(rem,
(char *)&escapechar, 1);
(void)des_enc_write(rem,
(char *)&escapechar, 1,
schedule, &cred.session);
else
#endif
#endif
@ -531,7 +522,7 @@ writer()
#ifdef CRYPT
#ifdef KERBEROS
if (doencrypt) {
if (des_write(rem, &c, 1) == 0) {
if (des_enc_write(rem, &c, 1, schedule, &cred.session) == 0) {
msg("line gone");
break;
}
@ -626,7 +617,8 @@ sendwindow()
#ifdef CRYPT
#ifdef KERBEROS
if(doencrypt)
(void)des_write(rem, obuf, sizeof(obuf));
(void)des_enc_write(rem, obuf, sizeof(obuf),
schedule, &cred.session);
else
#endif
#endif
@ -771,7 +763,8 @@ reader(omask)
#ifdef CRYPT
#ifdef KERBEROS
if (doencrypt)
rcvcnt = des_read(rem, rcvbuf, sizeof(rcvbuf));
rcvcnt = des_enc_read(rem, rcvbuf, sizeof(rcvbuf),
schedule, &cred.session);
else
#endif
#endif
@ -853,31 +846,6 @@ msg(str)
(void)fprintf(stderr, "rlogin: %s\r\n", str);
}
#ifdef KERBEROS
/* VARARGS */
void
#if __STDC__
warning(const char *fmt, ...)
#else
warning(fmt, va_alist)
char *fmt;
va_dcl
#endif
{
va_list ap;
(void)fprintf(stderr, "rlogin: warning, using standard rlogin: ");
#ifdef __STDC__
va_start(ap, fmt);
#else
va_start(ap);
#endif
vfprintf(stderr, fmt, ap);
va_end(ap);
(void)fprintf(stderr, ".\n");
}
#endif
void
usage()
{

15
usr.bin/rsh/Makefile
View File

@ -2,19 +2,24 @@
PROG= rsh
SRCS= rsh.c
CFLAGS+=-Wall
.if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_KERBEROS) \
|| defined(MAKE_EBONES))
CFLAGS+=-DKERBEROS -DCRYPT
SRCS+= krcmd.c kcmd.c
.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4)
SRCS+= krcmd.c kcmd.c rcmd_util.c encrypt.c
CFLAGS+=-DKERBEROS -DCRYPT -DHAVE_CONFIG_H \
-I${.CURDIR}/../rlogin -I${.CURDIR} -I- \
-I${.CURDIR}/../../kerberosIV/include \
-I${.CURDIR}/../../crypto/kerberosIV/include \
-I${.CURDIR}/../../crypto/kerberosIV/lib/roken \
-I${.CURDIR}/../../crypto/kerberosIV/appl/bsd
DPADD= ${LIBKRB} ${LIBDES}
LDADD= -lkrb -ldes
DISTRIBUTION= krb
.PATH: ${.CURDIR}/../../crypto/kerberosIV/appl/bsd
.endif
BINOWN= root
BINMODE=4555
INSTALLFLAGS=-fschg
.PATH: ${.CURDIR}/../rlogin
.include <bsd.prog.mk>

19
usr.bin/rsh/rsh.c
View File

@ -42,7 +42,7 @@ static const char copyright[] =
static char sccsid[] = "From: @(#)rsh.c 8.3 (Berkeley) 4/6/94";
#endif
static char rcsid[] =
"$Id: rsh.c,v 1.11 1997/03/29 04:31:59 imp Exp $";
"$Id$";
#endif /* not lint */
#include <sys/types.h>
@ -63,13 +63,14 @@ static char rcsid[] =
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <varargs.h>
#include <err.h>
#include "pathnames.h"
#ifdef KERBEROS
#include <des.h>
#include <kerberosIV/krb.h>
#include <krb.h>
#include "krb.h"
CREDENTIALS cred;
Key_schedule schedule;
@ -107,7 +108,7 @@ main(argc, argv)
host = user = NULL;
/* if called as something other than "rsh", use it as the host name */
if (p = strrchr(argv[0], '/'))
if ((p = strrchr(argv[0], '/')))
++p;
else
p = argv[0];
@ -240,7 +241,7 @@ main(argc, argv)
if (doencrypt) {
rem = krcmd_mutual(&host, sp->s_port, user, args,
&rfd2, dest_realm, &cred, schedule);
des_set_key_krb(&cred.session, schedule);
des_set_key(&cred.session, schedule);
} else
#endif
rem = krcmd(&host, sp->s_port, user, args, &rfd2,
@ -347,7 +348,7 @@ reread: errno = 0;
#ifdef KERBEROS
#ifdef CRYPT
if (doencrypt)
wc = des_write(rem, bp, cc);
wc = des_enc_write(rem, bp, cc, schedule, &cred.session);
else
#endif
#endif
@ -394,7 +395,7 @@ reread: errno = 0;
#ifdef KERBEROS
#ifdef CRYPT
if (doencrypt)
cc = des_read(rfd2, buf, sizeof buf);
cc = des_enc_read(rfd2, buf, sizeof buf, schedule, &cred.session);
else
#endif
#endif
@ -410,7 +411,7 @@ reread: errno = 0;
#ifdef KERBEROS
#ifdef CRYPT
if (doencrypt)
cc = des_read(rem, buf, sizeof buf);
cc = des_enc_read(rem, buf, sizeof buf, schedule, &cred.session);
else
#endif
#endif
@ -434,7 +435,7 @@ sendsig(sig)
#ifdef KERBEROS
#ifdef CRYPT
if (doencrypt)
(void)des_write(rfd2, &signo, 1);
(void)des_enc_write(rfd2, &signo, 1, schedule, &cred.session);
else
#endif
#endif