Changes for KTH KerberosIV.
Quieten -Wall a bit. From Joe Traister: The previous patch did not propogate the KRBTKFILE environment variable into the new environment when -l is given to su, making it impossible for kdestroy to find the ticket file. This patch corrects that problem as well as the original segfault problem. (Fixes PR 3903)
This commit is contained in:
markm
parent
991f2e7747
commit
2f9637f84c
@ -19,8 +19,8 @@ COPTS+= -DWHEELSU
|
|||||||
.endif
|
.endif
|
||||||
CFLAGS+= -Wall
|
CFLAGS+= -Wall
|
||||||
|
|
||||||
.if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_KERBEROS) \
|
.if exists(${DESTDIR}/usr/lib/libkrb.a) && defined(MAKE_KERBEROS4) \
|
||||||
|| defined(MAKE_EBONES)) && !defined(LC_AUTH)
|
&& !defined(LC_AUTH)
|
||||||
CFLAGS+=-DKERBEROS
|
CFLAGS+=-DKERBEROS
|
||||||
DPADD+= ${LIBKRB} ${LIBDES}
|
DPADD+= ${LIBKRB} ${LIBDES}
|
||||||
LDADD+= -lkrb -ldes
|
LDADD+= -lkrb -ldes
|
||||||
|
|||||||
@ -42,7 +42,7 @@ static const char copyright[] =
|
|||||||
static char sccsid[] = "@(#)su.c 8.3 (Berkeley) 4/2/94";
|
static char sccsid[] = "@(#)su.c 8.3 (Berkeley) 4/2/94";
|
||||||
#endif
|
#endif
|
||||||
static const char rcsid[] =
|
static const char rcsid[] =
|
||||||
"$Id: su.c,v 1.21 1997/08/12 06:45:43 charnier Exp $";
|
"$Id$";
|
||||||
#endif /* not lint */
|
#endif /* not lint */
|
||||||
|
|
||||||
#include <sys/param.h>
|
#include <sys/param.h>
|
||||||
@ -74,7 +74,7 @@ static const char rcsid[] =
|
|||||||
|
|
||||||
#ifdef KERBEROS
|
#ifdef KERBEROS
|
||||||
#include <des.h>
|
#include <des.h>
|
||||||
#include <kerberosIV/krb.h>
|
#include <krb.h>
|
||||||
#include <netdb.h>
|
#include <netdb.h>
|
||||||
|
|
||||||
#define ARGSTR "-Kflm"
|
#define ARGSTR "-Kflm"
|
||||||
@ -102,7 +102,7 @@ main(argc, argv)
|
|||||||
char *targetpass;
|
char *targetpass;
|
||||||
int iswheelsu;
|
int iswheelsu;
|
||||||
#endif /* WHEELSU */
|
#endif /* WHEELSU */
|
||||||
char *p, **g, *user, *shell=NULL, *username, *cleanenv[20], **nargv, **np;
|
char *p, **g, *user, *shell=NULL, *username, **cleanenv, **nargv, **np;
|
||||||
struct group *gr;
|
struct group *gr;
|
||||||
uid_t ruid;
|
uid_t ruid;
|
||||||
int asme, ch, asthem, fastlogin, prio, i;
|
int asme, ch, asthem, fastlogin, prio, i;
|
||||||
@ -113,6 +113,9 @@ main(argc, argv)
|
|||||||
#ifdef LOGIN_CAP_AUTH
|
#ifdef LOGIN_CAP_AUTH
|
||||||
char *style, *approvep, *auth_method = NULL;
|
char *style, *approvep, *auth_method = NULL;
|
||||||
#endif
|
#endif
|
||||||
|
#endif
|
||||||
|
#ifdef KERBEROS
|
||||||
|
char *k;
|
||||||
#endif
|
#endif
|
||||||
char shellbuf[MAXPATHLEN];
|
char shellbuf[MAXPATHLEN];
|
||||||
|
|
||||||
@ -366,6 +369,11 @@ main(argc, argv)
|
|||||||
if (!asme) {
|
if (!asme) {
|
||||||
if (asthem) {
|
if (asthem) {
|
||||||
p = getenv("TERM");
|
p = getenv("TERM");
|
||||||
|
#ifdef KERBEROS
|
||||||
|
k = getenv("KRBTKFILE");
|
||||||
|
#endif
|
||||||
|
if ((cleanenv = calloc(20, sizeof(char*))) == NULL)
|
||||||
|
errx(1, "calloc");
|
||||||
cleanenv[0] = NULL;
|
cleanenv[0] = NULL;
|
||||||
environ = cleanenv;
|
environ = cleanenv;
|
||||||
#ifdef LOGIN_CAP
|
#ifdef LOGIN_CAP
|
||||||
@ -376,6 +384,10 @@ main(argc, argv)
|
|||||||
#endif
|
#endif
|
||||||
if (p)
|
if (p)
|
||||||
(void)setenv("TERM", p, 1);
|
(void)setenv("TERM", p, 1);
|
||||||
|
#ifdef KERBEROS
|
||||||
|
if (k)
|
||||||
|
(void)setenv("KRBTKFILE", k, 1);
|
||||||
|
#endif
|
||||||
if (chdir(pwd->pw_dir) < 0)
|
if (chdir(pwd->pw_dir) < 0)
|
||||||
errx(1, "no directory");
|
errx(1, "no directory");
|
||||||
}
|
}
|
||||||
@ -445,15 +457,14 @@ kerberos(username, user, uid, pword)
|
|||||||
int uid;
|
int uid;
|
||||||
char *pword;
|
char *pword;
|
||||||
{
|
{
|
||||||
extern char *krb_err_txt[];
|
|
||||||
KTEXT_ST ticket;
|
KTEXT_ST ticket;
|
||||||
AUTH_DAT authdata;
|
AUTH_DAT authdata;
|
||||||
int kerno;
|
int kerno;
|
||||||
u_long faddr;
|
u_long faddr;
|
||||||
struct sockaddr_in local_addr;
|
|
||||||
char lrealm[REALM_SZ], krbtkfile[MAXPATHLEN];
|
char lrealm[REALM_SZ], krbtkfile[MAXPATHLEN];
|
||||||
char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN];
|
char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN];
|
||||||
char *krb_get_phost();
|
char *krb_get_phost();
|
||||||
|
struct hostent *hp;
|
||||||
|
|
||||||
if (krb_get_lrealm(lrealm, 1) != KSUCCESS)
|
if (krb_get_lrealm(lrealm, 1) != KSUCCESS)
|
||||||
return (1);
|
return (1);
|
||||||
@ -531,13 +542,13 @@ kerberos(username, user, uid, pword)
|
|||||||
dest_tkt();
|
dest_tkt();
|
||||||
return (1);
|
return (1);
|
||||||
} else {
|
} else {
|
||||||
if ((kerno = krb_get_local_addr(&local_addr)) != KSUCCESS) {
|
if (!(hp = gethostbyname(hostname))) {
|
||||||
warnx("Unable to get our local address: %s",
|
warnx("can't get addr of %s", hostname);
|
||||||
krb_err_txt[kerno]);
|
|
||||||
dest_tkt();
|
dest_tkt();
|
||||||
return (1);
|
return (1);
|
||||||
}
|
}
|
||||||
faddr = local_addr.sin_addr.s_addr;
|
memmove((char *)&faddr, (char *)hp->h_addr, sizeof(faddr));
|
||||||
|
|
||||||
if ((kerno = krb_rd_req(&ticket, "rcmd", savehost, faddr,
|
if ((kerno = krb_rd_req(&ticket, "rcmd", savehost, faddr,
|
||||||
&authdata, "")) != KSUCCESS) {
|
&authdata, "")) != KSUCCESS) {
|
||||||
warnx("kerberos: unable to verify rcmd ticket: %s\n",
|
warnx("kerberos: unable to verify rcmd ticket: %s\n",
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user