diff options
| author | Hans Insulander <hin@cvs.openbsd.org> | 2001-05-25 10:25:23 +0000 |
|---|---|---|
| committer | Hans Insulander <hin@cvs.openbsd.org> | 2001-05-25 10:25:23 +0000 |
| commit | 995a74a40d763acfcdf7d35c2451b7668840e6ab (patch) | |
| tree | 61b8ac008db4451b55de099070183f9245d1c368 | |
| parent | dd9e896da481d498f32b58d839efdf947b25a2ff (diff) | |
KerberosV support from Heimdal.
| -rw-r--r-- | libexec/telnetd/Makefile | 6 | ||||
| -rw-r--r-- | libexec/telnetd/authenc.c | 8 | ||||
| -rw-r--r-- | libexec/telnetd/ext.h | 4 | ||||
| -rw-r--r-- | libexec/telnetd/telnetd.c | 11 | ||||
| -rw-r--r-- | usr.bin/telnet/Makefile | 8 | ||||
| -rw-r--r-- | usr.bin/telnet/authenc.c | 6 | ||||
| -rw-r--r-- | usr.bin/telnet/externs.h | 8 | ||||
| -rw-r--r-- | usr.bin/telnet/main.c | 79 |
8 files changed, 91 insertions, 39 deletions
diff --git a/libexec/telnetd/Makefile b/libexec/telnetd/Makefile index c9eb0505568..bea4d2776fa 100644 --- a/libexec/telnetd/Makefile +++ b/libexec/telnetd/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.9 2000/10/10 15:14:54 millert Exp $ +# $OpenBSD: Makefile,v 1.10 2001/05/25 10:25:22 hin Exp $ # from: @(#)Makefile 8.2 (Berkeley) 12/15/93 # $NetBSD: Makefile,v 1.6 1996/02/24 01:22:12 jtk Exp $ @@ -20,4 +20,8 @@ LDADD+= -lkrb -ldes DPADD+= ${LIBDES} ${LIBKRB} .endif +.if (${KERBEROS5:L} == "yes") +LDADD+= -lkrb5 +.endif + .include <bsd.prog.mk> diff --git a/libexec/telnetd/authenc.c b/libexec/telnetd/authenc.c index f8e0b2d9ef2..c75844318f3 100644 --- a/libexec/telnetd/authenc.c +++ b/libexec/telnetd/authenc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authenc.c,v 1.3 1998/03/12 04:53:07 art Exp $ */ +/* $OpenBSD: authenc.c,v 1.4 2001/05/25 10:25:22 hin Exp $ */ /* $NetBSD: authenc.c,v 1.3 1996/02/28 20:38:08 thorpej Exp $ */ /*- @@ -39,7 +39,7 @@ static char sccsid[] = "@(#)authenc.c 8.2 (Berkeley) 5/30/95"; static char rcsid[] = "$NetBSD: authenc.c,v 1.3 1996/02/28 20:38:08 thorpej Exp $"; #else -static char rcsid[] = "$OpenBSD: authenc.c,v 1.3 1998/03/12 04:53:07 art Exp $"; +static char rcsid[] = "$OpenBSD: authenc.c,v 1.4 2001/05/25 10:25:22 hin Exp $"; #endif #endif /* not lint */ @@ -48,7 +48,7 @@ static char rcsid[] = "$OpenBSD: authenc.c,v 1.3 1998/03/12 04:53:07 art Exp $"; #include <libtelnet/misc.h> int -net_write(str, len) +telnet_net_write(str, len) unsigned char *str; int len; { @@ -81,7 +81,7 @@ telnet_spin() char * telnet_getenv(val) - char *val; + const char *val; { extern char *getenv(const char *); return(getenv(val)); diff --git a/libexec/telnetd/ext.h b/libexec/telnetd/ext.h index 774902fc8c8..f44b69fa427 100644 --- a/libexec/telnetd/ext.h +++ b/libexec/telnetd/ext.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ext.h,v 1.9 2000/11/16 19:00:19 millert Exp $ */ +/* $OpenBSD: ext.h,v 1.10 2001/05/25 10:25:22 hin Exp $ */ /* $NetBSD: ext.h,v 1.6 1996/02/28 20:38:13 thorpej Exp $ */ /* @@ -120,7 +120,7 @@ extern void #ifdef DIAGNOSTICS printoption P((char *, int)), printdata P((char *, char *, int)), - printsub P((char, unsigned char *, int)), + printsub P((int, unsigned char *, int)), #endif ptyflush P((void)), putchr P((int)), diff --git a/libexec/telnetd/telnetd.c b/libexec/telnetd/telnetd.c index bf551d92bca..c7ce8900470 100644 --- a/libexec/telnetd/telnetd.c +++ b/libexec/telnetd/telnetd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: telnetd.c,v 1.27 2000/11/16 19:00:19 millert Exp $ */ +/* $OpenBSD: telnetd.c,v 1.28 2001/05/25 10:25:22 hin Exp $ */ /* $NetBSD: telnetd.c,v 1.6 1996/03/20 04:25:57 tls Exp $ */ /* @@ -45,7 +45,7 @@ static char copyright[] = static char sccsid[] = "@(#)telnetd.c 8.4 (Berkeley) 5/30/95"; static char rcsid[] = "$NetBSD: telnetd.c,v 1.5 1996/02/28 20:38:23 thorpej Exp $"; #else -static char rcsid[] = "$OpenBSD: telnetd.c,v 1.27 2000/11/16 19:00:19 millert Exp $"; +static char rcsid[] = "$OpenBSD: telnetd.c,v 1.28 2001/05/25 10:25:22 hin Exp $"; #endif #endif /* not lint */ @@ -590,8 +590,9 @@ static unsigned char ttytype_sbbuf[] = { }; int -getterminaltype(name) +getterminaltype(name, name_sz) char *name; + size_t name_sz; { int retval = -1; void _gettermname(); @@ -605,7 +606,7 @@ getterminaltype(name) while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) ttloop(); if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); + retval = auth_wait(name, name_sz); } #endif @@ -899,7 +900,7 @@ doit(who) * get terminal type. */ *user_name = 0; - level = getterminaltype(user_name); + level = getterminaltype(user_name, sizeof(user_name)); setenv("TERM", terminaltype ? terminaltype : "network", 1); /* XXX mem */ /* diff --git a/usr.bin/telnet/Makefile b/usr.bin/telnet/Makefile index 4e2da93249b..4012819879d 100644 --- a/usr.bin/telnet/Makefile +++ b/usr.bin/telnet/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.10 2000/10/10 15:41:09 millert Exp $ +# $OpenBSD: Makefile,v 1.11 2001/05/25 10:24:25 hin Exp $ # # Copyright (c) 1990 The Regents of the University of California. # All rights reserved. @@ -52,4 +52,10 @@ LDADD+= -lkrb -ldes DPADD+= ${LIBDES} ${LIBKRB} .endif +.if (${KERBEROS5:L} == "yes") +CFLAGS+=-DENCRYPTION -DAUTHENTICATION -DKRB5 +LDADD+= -lkrb5 +DPADD+= ${LIBKRB5} +.endif + .include <bsd.prog.mk> diff --git a/usr.bin/telnet/authenc.c b/usr.bin/telnet/authenc.c index 26100e47ff8..ba86eea4416 100644 --- a/usr.bin/telnet/authenc.c +++ b/usr.bin/telnet/authenc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authenc.c,v 1.3 1998/03/12 04:57:27 art Exp $ */ +/* $OpenBSD: authenc.c,v 1.4 2001/05/25 10:24:25 hin Exp $ */ /* $NetBSD: authenc.c,v 1.5 1996/02/28 21:03:52 thorpej Exp $ */ /*- @@ -39,7 +39,7 @@ #if defined(AUTHENTICATION) || defined(ENCRYPTION) int -net_write(str, len) +telnet_net_write(str, len) unsigned char *str; int len; { @@ -71,7 +71,7 @@ telnet_spin() char * telnet_getenv(val) - char *val; + const char *val; { return((char *)env_getvalue((unsigned char *)val)); } diff --git a/usr.bin/telnet/externs.h b/usr.bin/telnet/externs.h index d635a879b48..7fa38ce9b36 100644 --- a/usr.bin/telnet/externs.h +++ b/usr.bin/telnet/externs.h @@ -1,4 +1,4 @@ -/* $OpenBSD: externs.h,v 1.5 2001/01/22 11:03:38 fgsch Exp $ */ +/* $OpenBSD: externs.h,v 1.6 2001/05/25 10:24:25 hin Exp $ */ /* $KTH: externs.h,v 1.16 1997/11/29 02:28:35 joda Exp $ */ /* @@ -188,7 +188,7 @@ extern jmp_buf int net_write(unsigned char *str, int len); void net_encrypt(void); int telnet_spin(void); -char *telnet_getenv(char *val); +char *telnet_getenv(const char *val); char *telnet_gets(char *prompt, char *result, int length, int echo); #endif @@ -287,7 +287,7 @@ void xmitEC(void); void Dump (char, unsigned char *, int); void printoption (char *, int, int); -void printsub (char, unsigned char *, int); +void printsub (int, unsigned char *, int); void sendnaws (void); void setconnmode (int); void setcommandmode (void); @@ -357,7 +357,7 @@ void SetNetTrace(char *file); void Dump(char direction, unsigned char *buffer, int length); void printoption(char *direction, int cmd, int option); void optionstatus(void); -void printsub(char direction, unsigned char *pointer, int length); +void printsub(int direction, unsigned char *pointer, int length); void EmptyTerminal(void); void SetForExit(void); void Exit(int returnCode); diff --git a/usr.bin/telnet/main.c b/usr.bin/telnet/main.c index 9d43904cdde..d85101e03a8 100644 --- a/usr.bin/telnet/main.c +++ b/usr.bin/telnet/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.10 2001/01/21 22:46:37 aaron Exp $ */ +/* $OpenBSD: main.c,v 1.11 2001/05/25 10:24:25 hin Exp $ */ /* $NetBSD: main.c,v 1.5 1996/02/28 21:04:05 thorpej Exp $ */ /* @@ -47,14 +47,22 @@ static char copyright[] = #define OPTS_FORWARD_CREDS 0x00000002 #define OPTS_FORWARDABLE_CREDS 0x00000001 -#if KRB5 +#ifdef KRB5 #define FORWARD +/* XXX ugly hack to setup dns-proxy stuff */ +#define Authenticator asn1_Authenticator +#include <kerberosV/krb5.h> #endif #ifdef KRB4 #include <kerberosIV/krb.h> #endif +#ifdef FORWARD +int forward_flags; +static int default_forward=0; +#endif + /* * Initialize variables. */ @@ -103,6 +111,43 @@ usage() exit(1); } + +#ifdef KRB5 +static void +krb5_init(void) +{ + krb5_context context; + krb5_error_code ret; + + ret = krb5_init_context(&context); + if (ret) + return; + +#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD) + if (krb5_config_get_bool (context, NULL, + "libdefaults", "forward", NULL)) { + forward_flags |= OPTS_FORWARD_CREDS; + default_forward=1; + } + if (krb5_config_get_bool (context, NULL, + "libdefaults", "forwardable", NULL)) { + forward_flags |= OPTS_FORWARDABLE_CREDS; + default_forward=1; + } +#endif +#ifdef ENCRYPTION + if (krb5_config_get_bool (context, NULL, + "libdefaults", "encrypt", NULL)) { + encrypt_auto(1); + decrypt_auto(1); + EncryptVerbose(1); + } +#endif + + krb5_free_context(context); +} +#endif + /* * main. Parse arguments, invoke the protocol or command parser. */ @@ -120,6 +165,10 @@ main(argc, argv) extern int forward_flags; #endif /* FORWARD */ +#ifdef KRB5 + krb5_init(); +#endif + tninit(); /* Clear out things */ TerminalSaveState(); @@ -203,7 +252,8 @@ main(argc, argv) break; case 'f': #if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD) - if (forward_flags & OPTS_FORWARD_CREDS) { + if ((forward_flags & OPTS_FORWARD_CREDS) && + !default_forward) { fprintf(stderr, "%s: Only one of -f and -F allowed.\n", prompt); @@ -218,7 +268,8 @@ main(argc, argv) break; case 'F': #if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD) - if (forward_flags & OPTS_FORWARD_CREDS) { + if ((forward_flags & OPTS_FORWARD_CREDS) && + !default_forward) { fprintf(stderr, "%s: Only one of -f and -F allowed.\n", prompt); @@ -300,26 +351,16 @@ main(argc, argv) } } -#ifdef KRB4 - { - char realm[REALM_SZ]; - - if (krb_get_lrealm(realm, 0) != KSUCCESS) { -#if defined(AUTHENTICATION) - auth_disable_name("KERBEROS_V4"); -#endif - } else if (autologin == -1) { + if (autologin == -1) { #if defined(AUTHENTICATION) - autologin = 1; + autologin = 1; #endif #if defined(ENCRYPTION) - encrypt_auto(1); - decrypt_auto(1); + encrypt_auto(1); + decrypt_auto(1); #endif - } } -#endif /* KRB4 */ - + if (autologin == -1) autologin = (rlogin == _POSIX_VDISABLE) ? 0 : 1; |