Commit Graph

84 Commits

Author SHA1 Message Date
jhb
1c9daba05c Fix world by trimming an extra comment terminator. 2001-10-29 19:22:38 +00:00
nsayer
267f5448c8 Add Berkeley copyright to SRA.
This is by the kind permission of Dave Safford, formerly of TAMU who wrote the
original code. Here is an excerpt of the e-mail exchange concerning this
issue:

Dave Safford wrote:
>Nick Sayer wrote:
>> Some time ago we spoke about SRA and importing it into FreeBSD. I forgot to
>> ask if you had a prefered license boilerplate for the top of the files. It
>> has come up recently, and the SRA code in FreeBSD doesn't have one.

>I really have no preference - use whatever is most convenient in the
>FreeBSD environment.

>dave safford

This is the standard BSD license with clause 3 removed and clause 4
suitably renumbered.

MFC after:	1 day
2001-10-29 16:12:16 +00:00
markm
4c52c72d92 Diff-reduce these two.
Really, one of them needs to disappear. I'll figure out which
later.

Reported by:	bde
2001-10-27 12:49:19 +00:00
markm
0163eae972 Add __FBSDID() to diff-reduce with "base" telnet. 2001-10-01 16:04:55 +00:00
markm
5987cca2b8 Manually unifdef(1) CRAY, UNICOS, hpux and sun uselsess code. 2001-08-29 14:16:17 +00:00
dd
2c3a92a16f Remove description of an option that only applies to UNICOS < 7.0.
That define may still be present in the source, but I don't think
anyone has plans to try to use it.

Obtained from:	NetBSD
2001-08-25 21:29:12 +00:00
markm
62fa01a04b Code merge and diff reduce with "base" telnet. This is the "later"
telnet, so it was treated as the reference code, except where later
commits were made to "base" telnet.
2001-08-20 12:28:40 +00:00
horikawa
679dd2c9f8 Removal of following export controll related sentences:
o Because of export controls, TELNET ENCRYPT option is not supported outside
  of the United States and Canada.
o Because of export controls, data encryption
  is not supported outside of the United States and Canada.

src/crypto/README revision 1.5 commit log says:
> Crypto sources are no longer export controlled:
> Explain, why crypto sources are still in crypto/.
and actually telnet encryption is used outside of US and Canada now.

Pointed out by: OHSAWA Chitoshi <ohsawa@catv1.ccn-net.ne.jp>
Reviewed by: no objection on doc
2001-08-15 01:30:25 +00:00
ru
24c7b0a61d mdoc(7) police: s/BSD/.Bx/ where appropriate. 2001-08-14 10:01:54 +00:00
kris
d051133293 output_data(), output_datalen() and netflush() didn't actually guarantee
to do what they are supposed to: under some circumstances output data would
be truncated, or the buffer would not actually be flushed (possibly leading
to overflows when the caller assumes the operation succeeded).  Change the
semantics so that these functions ensure they complete the operation before
returning.

Comment out diagnostic code enabled by '-D reports' which causes an
infinite recursion and an eventual crash.

Patch developed with assistance from ru and assar.
2001-07-23 21:52:26 +00:00
ru
4b023c5a9f More potential buffer overflow fixes.
o Fixed `nfrontp' calculations in output_data().  If `remaining' is
  initially zero, it was possible for `nfrontp' to be decremented.

Noticed by:	dillon

o Replaced leaking writenet() with output_datalen():

:  * writenet
:  *
:  * Just a handy little function to write a bit of raw data to the net.
:  * It will force a transmit of the buffer if necessary
:  *
:  * arguments
:  *    ptr - A pointer to a character string to write
:  *    len - How many bytes to write
:  */
: 	void
: writenet(ptr, len)
: 	register unsigned char *ptr;
: 	register int len;
: {
: 	/* flush buffer if no room for new data) */
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: 	if ((&netobuf[BUFSIZ] - nfrontp) < len) {
: 		/* if this fails, don't worry, buffer is a little big */
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: 		netflush();
: 	}
:
: 	memmove(nfrontp, ptr, len);
: 	nfrontp += len;
:
: }  /* end of writenet */

What an irony!  :-)

o Optimized output_datalen() a bit.
2001-07-20 12:02:30 +00:00
ru
5bfe15ad2f vsnprintf() can return a value larger than the buffer size.
Submitted by:	assar
Obtained from:	OpenBSD
2001-07-19 18:58:31 +00:00
ru
9cac33d71f Fixed the exploitable remote buffer overflow.
Reported on:	bugtraq
Obtained from:	Heimdal, NetBSD
Reviewed by:	obrien, imp
2001-07-19 17:48:57 +00:00
ru
d19961ab7f mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 10:42:19 +00:00
ru
9fe5b34c60 mdoc(7) police: merge all fixes from non-crypto version. 2001-07-05 14:08:12 +00:00
ru
30aad2eb2c MF non-crypto: 1.13: document -u in usage. 2001-07-05 14:06:27 +00:00
dillon
0c1af1bd68 Oops, forgot the 'u' in the getopt for the previous commit. 2001-05-24 00:14:19 +00:00
dillon
9ff666d52d A feature to allow one to telnet to a unix domain socket. (MFC from
non-crypto version)

Also update the crypto telnet's man page to reflect other options
ported from the non-crypto version.

Obtained from:   Lyndon Nerenberg <lyndon@orthanc.ab.ca>
2001-05-23 22:54:07 +00:00
nsayer
e25576d211 Make the PAM user-override actually override the correect thing. 2001-05-17 16:28:11 +00:00
peter
859d222e45 Back out last commit. This was already fixed. This should never have
happened, this is why we have commit mail expressly delivered to
committers.
2001-05-17 03:14:42 +00:00
peter
fdd845cf6b Fix the latest telnet breakage. Obviously this was never compiled. 2001-05-17 03:13:00 +00:00
nsayer
295844e3ff Since the root-on-insecure-tty code was added to telnetd, a dependency
on char *line was added to libtelnet. Put a dummy one in to keep the
linker happy.
2001-05-16 20:34:42 +00:00
nsayer
02a47b1303 Make sure the protocol actively rejects bad data rather than
(potentially) not responding to an invalid SRA 'auth is' message.
2001-05-16 20:24:58 +00:00
nsayer
280add2b35 srandomdev() affords us the opportunity to radically improve, and at the
same time simplify, the random number selection code.
2001-05-16 18:32:46 +00:00
nsayer
ca01fb27dc Catch any attempted buffer overflows. The magic numbers in this code
(512) are a little distressing, but the method really needs to be
extended to allow server-supplied DH parameters anyway.

Submitted by:	kris
2001-05-16 18:27:09 +00:00
nsayer
ce94eedfd7 Catch malloc return failures. This should help avoid dereferencing NULL on
low-memory situations.

Submitted by:	kris
2001-05-16 18:17:55 +00:00
peter
6125cb47e3 Hack to work around braindeath in libtelnet:sra.c. The sra.o file
references global variables from telnetd, but is also linked into
telnet as well. I was tempted to back out the last sra.c change
as it is 100% bogus and should be taken out and shot, but for now
this bandaid should get world working again. :-(
2001-05-15 09:52:03 +00:00
nsayer
2bdf180df8 If the uid of the attempted authentication is 0 and if the pty is
insecure, do not succeed. Copied from login.c. This functionality really
should be a PAM module.
2001-05-15 04:47:14 +00:00
nsayer
b47830be3e Pointy hat fix -- reapply the SRA PAM patch. To -current this time. 2001-05-07 20:42:02 +00:00
ru
8e59fdc98e mdoc(7) police: removed hard sentence breaks introduced in rev.1.10. 2001-04-13 08:49:52 +00:00
nsayer
311a1c9e61 Clean up telnet's argument processing a bit. autologin and encryption is
now the default, so ignore the arguments that turn it on. Add a new -y
argument to turn off encryption in case someone wants to do that. Sync
these changes with the man page (including removing the now obsolete
statement about availability only in the US and Canada).
2001-04-06 15:56:10 +00:00
nsayer
66051d03dc Reactivate SRA.
Make handling of SIGINT and SIGQUIT follow SIGTSTP in TerminalNewMode().
This allows people to break out of SRA authentication if they wish to.
2001-04-05 14:09:15 +00:00
nsayer
392858ffd3 Fix core noted in -stable with 'auth disable SRA'.
I just mistakenly commited this to RELENG_4. I have contacted Jordan to see
about how to fix this. Pass the pointy hat.
2001-03-18 09:44:25 +00:00
assar
c63261057a enable auto-negotiation of encrypt and decrypt 2001-03-12 03:54:48 +00:00
asmodai
bf7345c3e8 Synch: Add $FreeBSD$. 2001-02-07 21:58:16 +00:00
asmodai
7d76aced28 Fix typo: compatability -> compatibility.
Compatability is not an existing english word.
2001-02-06 12:05:58 +00:00
asmodai
47a2266000 Fix typo: seperate -> separate.
Seperate does not exist in the english language.

Submitted to look at by:	kris
2001-02-06 10:39:38 +00:00
asmodai
43450ced68 Fix typo: wierd -> weird.
There is no such thing as wierd in the english language.
2001-02-06 09:32:26 +00:00
ru
8c9e49b445 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 17:12:45 +00:00
ru
a45dd3f68d Prepare for mdoc(7)NG. 2001-01-10 16:51:28 +00:00
assar
b022d1d27e (scrub_env): change to only accept a listed set of variables,
including only non-filename contents for TERMCAP
2000-12-10 20:50:20 +00:00
asmodai
56b0ddae6c Add more environment variables to be filtered through scrub_env().
Synched from normal telnet.
2000-11-30 13:14:54 +00:00
asmodai
5c47bfad32 String paranoia fix. Synched from normal telnet. 2000-11-30 13:10:01 +00:00
asmodai
617a96fd6d String paranoia. Merged from regular telnet. 2000-11-30 10:55:25 +00:00
kris
35eec2074d Correct definition of MAXHOSTNAMELEN in ifdef'ed code.
Submitted by:	Edwin Groothuis <mavetju@chello.nl>
PR:		bin/22787
2000-11-26 21:37:51 +00:00
ru
71e2293ad4 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00
kris
1a1517afe4 Fix a buffer overflow from a long local hostname.
Obtained from:	OpenBSD
2000-11-19 10:08:26 +00:00
ru
a6f5d950d8 Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
kris
d2f83e4ec4 Sync with usr.bin/telnet/telnet.c r1.9 - fix buffer overflow in DISPLAY 2000-10-29 00:10:14 +00:00
ume
0abc0cfcd6 Fix buffer size of ALIGNed buffer.
PR:		bin/20053
Submitted by:	Alex Kapranoff <alex@kapran.bitmcnit.bryansk.su>
2000-07-20 14:54:04 +00:00