oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

handle protocol version 2

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11349 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2002-09-03 20:03:46 +00:00
parent d9a1ec3c10
commit 76f0ff261e
4 changed files with 182 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
appl/rsh/rsh.c
View File

@@ -67,6 +67,8 @@ static const char *user;
static int do_version;
static int do_help;
static int do_errsock = 1;
static char *protocol_version_str;
static int protocol_version = 2;
/*
*
@@ -80,6 +82,11 @@ loop (int s, int errsock)
fd_set real_readset;
int count = 1;
#ifdef KRB5
if(auth_method == AUTH_KRB5 && protocol_version == 2)
init_ivecs(1);
#endif
if (s >= FD_SETSIZE || errsock >= FD_SETSIZE)
errx (1, "fd too large");
@@ -106,7 +113,7 @@ loop (int s, int errsock)
err (1, "select");
}
if (FD_ISSET(s, &readset)) {
ret = do_read (s, buf, sizeof(buf));
ret = do_read (s, buf, sizeof(buf), ivec_in[0]);
if (ret < 0)
err (1, "read");
else if (ret == 0) {
@@ -118,7 +125,7 @@ loop (int s, int errsock)
net_write (STDOUT_FILENO, buf, ret);
}
if (errsock != -1 && FD_ISSET(errsock, &readset)) {
ret = do_read (errsock, buf, sizeof(buf));
ret = do_read (errsock, buf, sizeof(buf), ivec_in[1]);
if (ret < 0)
err (1, "read");
else if (ret == 0) {
@@ -138,7 +145,7 @@ loop (int s, int errsock)
FD_CLR(STDIN_FILENO, &real_readset);
shutdown (s, SHUT_WR);
} else
do_write (s, buf, ret);
do_write (s, buf, ret, ivec_out[0]);
}
}
}
@@ -166,7 +173,7 @@ send_krb4_auth(int s,
getpid(), &msg, &cred, schedule,
(struct sockaddr_in *)thisaddr,
(struct sockaddr_in *)thataddr,
KCMD_VERSION);
KCMD_OLD_VERSION);
if (status != KSUCCESS) {
warnx("%s: %s", hostname, krb_get_err_text(status));
return 1;
@@ -282,6 +289,8 @@ send_krb5_auth(int s,
int status;
size_t len;
krb5_auth_context auth_context = NULL;
const char *protocol_string = NULL;
krb5_flags ap_opts;
status = krb5_sname_to_principal(context,
hostname,
@@ -300,13 +309,31 @@ send_krb5_auth(int s,
cmd,
remote_user);
ap_opts = 0;
if(do_encrypt)
ap_opts |= AP_OPTS_MUTUAL_REQUIRED;
switch(protocol_version) {
case 2:
ap_opts |= AP_OPTS_USE_SUBKEY;
protocol_string = KCMD_NEW_VERSION;
break;
case 1:
protocol_string = KCMD_OLD_VERSION;
key_usage = KRB5_KU_OTHER_ENCRYPTED;
break;
default:
abort();
}
status = krb5_sendauth (context,
&auth_context,
&s,
KCMD_VERSION,
protocol_string,
NULL,
server,
do_encrypt ? AP_OPTS_MUTUAL_REQUIRED : 0,
ap_opts,
&cksum_data,
NULL,
NULL,
@@ -318,7 +345,9 @@ send_krb5_auth(int s,
return 1;
}
status = krb5_auth_con_getkey (context, auth_context, &keyblock);
status = krb5_auth_con_getlocalsubkey (context, auth_context, &keyblock);
if(keyblock == NULL)
status = krb5_auth_con_getkey (context, auth_context, &keyblock);
if (status) {
warnx ("krb5_auth_con_getkey: %s", krb5_get_err_text(context, status));
return 1;
@@ -552,7 +581,7 @@ proto (int s, int errsock,
(void *)&one, sizeof(one)) < 0)
warn("setsockopt stderr");
}
return loop (s, errsock2);
}
@@ -777,6 +806,8 @@ struct getargs args[] = {
"port" },
{ "user", 'l', arg_string, &user, "Run as this user", "login" },
{ "stderr", 'e', arg_negative_flag, &do_errsock, "Don't open stderr"},
{ "protocol", 'P', arg_string, &protocol_version_str,
"Protocol version", "protocol" },
{ "version", 0, arg_flag, &do_version, NULL },
{ "help", 0, arg_flag, &do_help, NULL }
};
@@ -840,7 +871,24 @@ main(int argc, char **argv)
print_version (NULL);
return 0;
}
if(protocol_version_str != NULL) {
if(strcasecmp(protocol_version_str, "N") == 0)
protocol_version = 2;
else if(strcasecmp(protocol_version_str, "O") == 0)
protocol_version = 1;
else {
char *end;
int v;
v = strtol(protocol_version_str, &end, 0);
if(*end != '\0' || (v != 1 && v != 2)) {
errx(1, "unknown protocol version \"%s\"",
protocol_version_str);
}
protocol_version = v;
}
}
#ifdef KRB5
status = krb5_init_context (&context);
if (status) {