oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

DCE stuff from Ake Sandgren <ake@cs.umu.se>

Browse Source 
do not call syslog with a variable as format string


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8531 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2000-07-02 15:50:21 +00:00
parent 4ad0797ee4
commit 81178d12fe
1 changed files with 81 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

111
appl/rsh/rshd.c
View File

@@ -63,6 +63,13 @@ static int do_newpag = 1;
static int do_version; static int do_version;
static int do_help = 0; static int do_help = 0;
#if defined(DCE)
int dfsk5ok = 0;
int dfspag = 0;
int dfsfwd = 0;
krb5_ticket *user_ticket;
#endif
static void static void
syslog_and_die (const char *m, ...) syslog_and_die (const char *m, ...)
{ {
@@ -85,7 +92,7 @@ fatal (int sock, const char *m, ...)
va_start(args, m); va_start(args, m);
len = vsnprintf (buf + 1, sizeof(buf) - 1, m, args); len = vsnprintf (buf + 1, sizeof(buf) - 1, m, args);
va_end(args); va_end(args);
syslog (LOG_ERR, buf + 1); syslog (LOG_ERR, "%s", buf + 1);
net_write (sock, buf, len + 1); net_write (sock, buf, len + 1);
exit (1); exit (1);
} }
@@ -381,6 +388,10 @@ recv_krb5_auth (int s, u_char *buf,
} }
} }
#if defined(DCE)
user_ticket = ticket;
#endif
return 0; return 0;
} }
@@ -521,17 +532,42 @@ is_reserved(u_short port)
*/ */
static void static void
setup_environment (char *env[7], struct passwd *pwd) setup_environment (char ***env, const struct passwd *pwd)
{ {
asprintf (&env[0], "USER=%s", pwd->pw_name); int i, j, path;
asprintf (&env[1], "HOME=%s", pwd->pw_dir); char **e;
asprintf (&env[2], "SHELL=%s", pwd->pw_shell);
asprintf (&env[3], "PATH=%s", _PATH_DEFPATH); i = 0;
asprintf (&env[4], "SSH_CLIENT=only_to_make_bash_happy"); path = 0;
*env = NULL;
i = read_environment(_PATH_ETC_ENVIRONMENT, env);
e = *env;
for (j = 0; j < i; j++) {
if (!strncmp(e[j], "PATH=", 5)) {
path = 1;
}
}
e = *env;
e = realloc(e, (i + 7) * sizeof(char *));
asprintf (&e[i++], "USER=%s", pwd->pw_name);
asprintf (&e[i++], "HOME=%s", pwd->pw_dir);
asprintf (&e[i++], "SHELL=%s", pwd->pw_shell);
if (! path) {
asprintf (&e[i++], "PATH=%s", _PATH_DEFPATH);
}
asprintf (&e[i++], "SSH_CLIENT=only_to_make_bash_happy");
#if defined(DCE)
if (getenv("KRB5CCNAME"))
asprintf (&e[i++], "KRB5CCNAME=%s", getenv("KRB5CCNAME"));
#else
if (do_unique_tkfile) if (do_unique_tkfile)
asprintf (&env[5], "KRB5CCNAME=%s", tkfile); asprintf (&e[i++], "KRB5CCNAME=%s", tkfile);
else env[5] = NULL; #endif
env[6] = NULL; e[i++] = NULL;
*env = e;
} }
static void static void
@@ -552,7 +588,7 @@ doit (int do_kerberos, int check_rhosts)
char cmd[COMMAND_SZ]; char cmd[COMMAND_SZ];
struct passwd *pwd; struct passwd *pwd;
int s = STDIN_FILENO; int s = STDIN_FILENO;
char *env[7]; char **env;
addrlen = sizeof(thisaddr_ss); addrlen = sizeof(thisaddr_ss);
if (getsockname (s, thisaddr, &addrlen) < 0) if (getsockname (s, thisaddr, &addrlen) < 0)
@@ -648,6 +684,10 @@ doit (int do_kerberos, int check_rhosts)
syslog_and_die("recv_bsd_auth failed"); syslog_and_die("recv_bsd_auth failed");
} }
#if defined(DCE) && defined(AIX)
setenv("AUTHSTATE", "DCE", 1);
#endif
pwd = getpwnam (server_user); pwd = getpwnam (server_user);
if (pwd == NULL) if (pwd == NULL)
fatal (s, "Login incorrect."); fatal (s, "Login incorrect.");
@@ -673,23 +713,6 @@ doit (int do_kerberos, int check_rhosts)
} }
#endif #endif
#ifdef HAVE_SETLOGIN
if (setlogin(pwd->pw_name) < 0)
syslog(LOG_ERR, "setlogin() failed: %m");
#endif
#ifdef HAVE_SETPCRED
if (setpcred (pwd->pw_name, NULL) == -1)
syslog(LOG_ERR, "setpcred() failure: %m");
#endif /* HAVE_SETPCRED */
if (initgroups (pwd->pw_name, pwd->pw_gid) < 0)
fatal (s, "Login incorrect.");
if (setgid(pwd->pw_gid) < 0)
fatal (s, "Login incorrect.");
if (setuid (pwd->pw_uid) < 0)
fatal (s, "Login incorrect.");
#ifdef KRB5 #ifdef KRB5
{ {
@@ -707,8 +730,36 @@ doit (int do_kerberos, int check_rhosts)
if (kerberos_status) if (kerberos_status)
krb5_start_session(); krb5_start_session();
} }
chown(tkfile + 5, pwd->pw_uid, -1);
#if defined(DCE)
if (kerberos_status) {
setenv("KRB5CCNAME", tkfile, 1);
dfspag = krb5_dfs_pag(context, kerberos_status, user_ticket->client, server_user);
}
#endif #endif
#endif
#ifdef HAVE_SETLOGIN
if (setlogin(pwd->pw_name) < 0)
syslog(LOG_ERR, "setlogin() failed: %m");
#endif
#ifdef HAVE_SETPCRED
if (setpcred (pwd->pw_name, NULL) == -1)
syslog(LOG_ERR, "setpcred() failure: %m");
#endif /* HAVE_SETPCRED */
if (initgroups (pwd->pw_name, pwd->pw_gid) < 0)
fatal (s, "Login incorrect.");
if (setgid(pwd->pw_gid) < 0)
fatal (s, "Login incorrect.");
if (setuid (pwd->pw_uid) < 0)
fatal (s, "Login incorrect.");
if (chdir (pwd->pw_dir) < 0) if (chdir (pwd->pw_dir) < 0)
fatal (s, "Remote directory."); fatal (s, "Remote directory.");
@@ -718,7 +769,7 @@ doit (int do_kerberos, int check_rhosts)
close (errsock); close (errsock);
} }
setup_environment (env, pwd); setup_environment (&env, pwd);
if (do_encrypt) { if (do_encrypt) {
setup_copier (); setup_copier ();
@@ -740,7 +791,7 @@ doit (int do_kerberos, int check_rhosts)
#ifdef KRB5 #ifdef KRB5
/* XXX */ /* XXX */
{ if (kerberos_status) {
krb5_ccache ccache; krb5_ccache ccache;
krb5_error_code status; krb5_error_code status;