drop krbv4 support
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24507 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
103
appl/rsh/rsh.c
103
appl/rsh/rsh.c
@@ -35,7 +35,7 @@
|
||||
RCSID("$Id$");
|
||||
|
||||
enum auth_method auth_method;
|
||||
#if defined(KRB4) || defined(KRB5)
|
||||
#if defined(KRB5)
|
||||
int do_encrypt = -1;
|
||||
#endif
|
||||
#ifdef KRB5
|
||||
@@ -48,19 +48,12 @@ krb5_context context;
|
||||
krb5_keyblock *keyblock;
|
||||
krb5_crypto crypto;
|
||||
#endif
|
||||
#ifdef KRB4
|
||||
des_key_schedule schedule;
|
||||
des_cblock iv;
|
||||
#endif
|
||||
int sock_debug = 0;
|
||||
|
||||
#ifdef KRB4
|
||||
static int use_v4 = -1;
|
||||
#endif
|
||||
#ifdef KRB5
|
||||
static int use_v5 = -1;
|
||||
#endif
|
||||
#if defined(KRB4) || defined(KRB5)
|
||||
#if defined(KRB5)
|
||||
static int use_only_broken = 0;
|
||||
#else
|
||||
static int use_only_broken = 1;
|
||||
@@ -156,50 +149,6 @@ rsh_loop (int s, int errsock)
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef KRB4
|
||||
static int
|
||||
send_krb4_auth(int s,
|
||||
struct sockaddr *thisaddr,
|
||||
struct sockaddr *thataddr,
|
||||
const char *hostname,
|
||||
const char *remote_user,
|
||||
const char *local_user,
|
||||
size_t cmd_len,
|
||||
const char *cmd)
|
||||
{
|
||||
KTEXT_ST text;
|
||||
CREDENTIALS cred;
|
||||
MSG_DAT msg;
|
||||
int status;
|
||||
size_t len;
|
||||
|
||||
/* the normal default for krb4 should be to disable encryption */
|
||||
status = krb_sendauth ((do_encrypt == 1) ? KOPT_DO_MUTUAL : 0,
|
||||
s, &text, "rcmd",
|
||||
(char *)hostname, krb_realmofhost (hostname),
|
||||
getpid(), &msg, &cred, schedule,
|
||||
(struct sockaddr_in *)thisaddr,
|
||||
(struct sockaddr_in *)thataddr,
|
||||
KCMD_OLD_VERSION);
|
||||
if (status != KSUCCESS) {
|
||||
warnx("%s: %s", hostname, krb_get_err_text(status));
|
||||
return 1;
|
||||
}
|
||||
memcpy (iv, cred.session, sizeof(iv));
|
||||
|
||||
len = strlen(remote_user) + 1;
|
||||
if (net_write (s, remote_user, len) != len) {
|
||||
warn("write");
|
||||
return 1;
|
||||
}
|
||||
if (net_write (s, cmd, cmd_len) != cmd_len) {
|
||||
warn("write");
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
#endif /* KRB4 */
|
||||
|
||||
#ifdef KRB5
|
||||
/*
|
||||
* Send forward information on `s' for host `hostname', them being
|
||||
@@ -754,7 +703,7 @@ doit_broken (int argc,
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(KRB4) || defined(KRB5)
|
||||
#if defined(KRB5)
|
||||
static int
|
||||
doit (const char *hostname,
|
||||
struct addrinfo *ai,
|
||||
@@ -832,12 +781,9 @@ doit (const char *hostname,
|
||||
warnx ("failed to contact %s", hostname);
|
||||
return -1;
|
||||
}
|
||||
#endif /* KRB4 || KRB5 */
|
||||
#endif /* KRB5 */
|
||||
|
||||
struct getargs args[] = {
|
||||
#ifdef KRB4
|
||||
{ "krb4", '4', arg_flag, &use_v4, "Use Kerberos V4" },
|
||||
#endif
|
||||
#ifdef KRB5
|
||||
{ "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5" },
|
||||
{ "forward", 'f', arg_flag, &do_forward, "Forward credentials [krb5]"},
|
||||
@@ -852,7 +798,7 @@ struct getargs args[] = {
|
||||
"Protocol version [krb5]", "protocol" },
|
||||
#endif
|
||||
{ "broken", 'K', arg_flag, &use_only_broken, "Use only priv port" },
|
||||
#if defined(KRB4) || defined(KRB5)
|
||||
#if defined(KRB5)
|
||||
{ "encrypt", 'x', arg_flag, &do_encrypt, "Encrypt connection" },
|
||||
{ NULL, 'z', arg_negative_flag, &do_encrypt,
|
||||
"Don't encrypt connection", NULL },
|
||||
@@ -962,17 +908,7 @@ main(int argc, char **argv)
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(KRB4) && defined(KRB5)
|
||||
if(use_v4 == -1 && use_v5 == 1)
|
||||
use_v4 = 0;
|
||||
if(use_v5 == -1 && use_v4 == 1)
|
||||
use_v5 = 0;
|
||||
#endif
|
||||
|
||||
if (use_only_broken) {
|
||||
#ifdef KRB4
|
||||
use_v4 = 0;
|
||||
#endif
|
||||
#ifdef KRB5
|
||||
use_v5 = 0;
|
||||
#endif
|
||||
@@ -984,7 +920,7 @@ main(int argc, char **argv)
|
||||
use_broken = 0;
|
||||
}
|
||||
|
||||
#if defined(KRB4) || defined(KRB5)
|
||||
#if defined(KRB5)
|
||||
if (do_encrypt == 1 && use_only_broken)
|
||||
errx (1, "encryption not supported with old style authentication");
|
||||
#endif
|
||||
@@ -1068,33 +1004,6 @@ main(int argc, char **argv)
|
||||
}
|
||||
freeaddrinfo(ai);
|
||||
}
|
||||
#endif
|
||||
#ifdef KRB4
|
||||
if (ret && use_v4) {
|
||||
memset (&hints, 0, sizeof(hints));
|
||||
hints.ai_socktype = SOCK_STREAM;
|
||||
hints.ai_protocol = IPPROTO_TCP;
|
||||
|
||||
if(port_str == NULL) {
|
||||
if(do_encrypt) {
|
||||
error = getaddrinfo(host, "ekshell", &hints, &ai);
|
||||
if(error == EAI_NONAME)
|
||||
error = getaddrinfo(host, "545", &hints, &ai);
|
||||
} else {
|
||||
error = getaddrinfo(host, "kshell", &hints, &ai);
|
||||
if(error == EAI_NONAME)
|
||||
error = getaddrinfo(host, "544", &hints, &ai);
|
||||
}
|
||||
} else
|
||||
error = getaddrinfo(host, port_str, &hints, &ai);
|
||||
|
||||
if(error)
|
||||
errx (1, "getaddrinfo: %s", gai_strerror(error));
|
||||
auth_method = AUTH_KRB4;
|
||||
ret = doit (host, ai, user, local_user, cmd, cmd_len,
|
||||
send_krb4_auth);
|
||||
freeaddrinfo(ai);
|
||||
}
|
||||
#endif
|
||||
if (ret && use_broken) {
|
||||
memset (&hints, 0, sizeof(hints));
|
||||
|
||||
Reference in New Issue
Block a user