don't show options that doesn't apply

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10847 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2002-02-18 20:02:14 +00:00
parent 17b4138e2e
commit 9ea473de34
2 changed files with 60 additions and 28 deletions

View File

@@ -35,13 +35,15 @@
RCSID("$Id$");
enum auth_method auth_method;
#if defined(KRB4) || defined(KRB5)
int do_encrypt = -1;
int do_forward = -1;
int do_forwardable = -1;
#endif
#ifdef KRB5
int do_unique_tkfile = 0;
char *unique_tkfile = NULL;
char tkfile[MAXPATHLEN];
#ifdef KRB5
int do_forward = -1;
int do_forwardable = -1;
krb5_context context;
krb5_keyblock *keyblock;
krb5_crypto crypto;
@@ -55,7 +57,9 @@ int sock_debug = 0;
#ifdef KRB4
static int use_v4 = -1;
#endif
#ifdef KRB5
static int use_v5 = -1;
#endif
static int use_only_broken = 0;
static int use_broken = 1;
static char *port_str;
@@ -748,24 +752,30 @@ struct getargs args[] = {
#ifdef KRB4
{ "krb4", '4', arg_flag, &use_v4, "Use Kerberos V4" },
#endif
#ifdef KRB5
{ "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5" },
{ "broken", 'K', arg_flag, &use_only_broken, "Use only priv port" },
{ NULL, 'd', arg_flag, &sock_debug, "Enable socket debugging" },
{ "input", 'n', arg_negative_flag, &input, "Close stdin" },
{ "encrypt", 'x', arg_flag, &do_encrypt, "Encrypt connection" },
{ NULL, 'z', arg_negative_flag, &do_encrypt,
"Don't encrypt connection", NULL },
{ "forward", 'f', arg_flag, &do_forward, "Forward credentials"},
{ "forward", 'f', arg_flag, &do_forward, "Forward credentials (krb5)"},
{ NULL, 'G', arg_negative_flag,&do_forward, "Don't forward credentials" },
{ "forwardable", 'F', arg_flag, &do_forwardable,
"Forward forwardable credentials" },
#endif
#if defined(KRB4) || defined(KRB5)
{ "broken", 'K', arg_flag, &use_only_broken, "Use only priv port" },
{ "encrypt", 'x', arg_flag, &do_encrypt, "Encrypt connection" },
{ NULL, 'z', arg_negative_flag, &do_encrypt,
"Don't encrypt connection", NULL },
#endif
#ifdef KRB5
{ "unique", 'u', arg_flag, &do_unique_tkfile,
"Use unique remote tkfile" },
"Use unique remote tkfile (krb5)" },
{ "tkfile", 'U', arg_string, &unique_tkfile,
"Use that remote tkfile" },
"Use that remote tkfile (krb5)" },
#endif
{ NULL, 'd', arg_flag, &sock_debug, "Enable socket debugging" },
{ "input", 'n', arg_negative_flag, &input, "Close stdin" },
{ "port", 'p', arg_string, &port_str, "Use this port",
"number-or-service" },
{ "user", 'l', arg_string, &user, "Run as this user" },
"port" },
{ "user", 'l', arg_string, &user, "Run as this user", "login" },
{ "stderr", 'e', arg_negative_flag, &do_errsock, "Don't open stderr"},
{ "version", 0, arg_flag, &do_version, NULL },
{ "help", 0, arg_flag, &do_help, NULL }
@@ -777,7 +787,7 @@ usage (int ret)
arg_printusage (args,
sizeof(args) / sizeof(args[0]),
NULL,
"host [command]");
"[login@]host [command]");
exit (ret);
}
@@ -854,20 +864,24 @@ main(int argc, char **argv)
else if (do_forward == 0)
do_forwardable = 0;
if (do_forwardable)
do_forward = 1;
#endif
#if defined(KRB4) || defined(KRB5)
if (do_encrypt == -1) {
/* we want to tell the -x flag from the default encryption
option */
#ifdef KRB5
/* the normal default for krb4 should be to disable encryption */
if(!krb5_config_get_bool (context, NULL,
"libdefaults",
"encrypt",
NULL))
#endif
do_encrypt = 0;
}
#endif
if (do_forwardable)
do_forward = 1;
#if defined(KRB4) && defined(KRB5)
if(use_v4 == -1 && use_v5 == 1)
use_v4 = 0;
@@ -879,7 +893,9 @@ main(int argc, char **argv)
#ifdef KRB4
use_v4 = 0;
#endif
#ifdef KRB5
use_v5 = 0;
#endif
}
if(priv_socket1 < 0) {
@@ -888,10 +904,14 @@ main(int argc, char **argv)
use_broken = 0;
}
#if defined(KRB4) || defined(KRB5)
if (do_encrypt == 1 && use_only_broken)
errx (1, "encryption not supported with old style authentication");
#endif
#ifdef KRB5
if (do_unique_tkfile && unique_tkfile != NULL)
errx (1, "Only one of -u and -U allowed.");
@@ -905,6 +925,7 @@ main(int argc, char **argv)
do_unique_tkfile = 1;
snprintf (tkfile, sizeof(tkfile), "-U %s ", unique_tkfile);
}
#endif
if (host == NULL) {
if (argc - optind < 1)

View File

@@ -68,7 +68,9 @@ static int do_kerberos = 0;
#define DO_KRB5 4
static int do_vacuous = 0;
static int do_log = 1;
#ifdef KRB4
static int do_newpag = 1;
#endif
static int do_addr_verify = 0;
static int do_keepalive = 1;
static int do_version;
@@ -601,7 +603,7 @@ setup_environment (char ***env, const struct passwd *pwd)
}
static void
doit (int do_kerberos, int check_rhosts)
doit (void)
{
u_char buf[BUFSIZ];
u_char *p;
@@ -865,18 +867,22 @@ struct getargs args[] = {
{ "keepalive", 'n', arg_negative_flag, &do_keepalive },
{ "inetd", 'i', arg_negative_flag, &do_inetd,
"Not started from inetd" },
#if defined(KRB4) || defined(KRB5)
{ "kerberos", 'k', arg_flag, &do_kerberos,
"Implement kerberised services" },
{ "encrypt", 'x', arg_flag, &do_encrypt,
"Implement encrypted service" },
#endif
{ "rhosts", 'l', arg_negative_flag, &do_rhosts,
"Don't check users .rhosts" },
{ "port", 'p', arg_string, &port_str, "Use this port",
"port" },
{ "vacuous", 'v', arg_flag, &do_vacuous,
"Don't accept non-kerberised connections" },
#ifdef KRB4
{ NULL, 'P', arg_negative_flag, &do_newpag,
"Don't put process in new PAG" },
#endif
/* compatibility flag: */
{ NULL, 'L', arg_flag, &do_log },
{ "version", 0, arg_flag, &do_version },
@@ -918,11 +924,13 @@ main(int argc, char **argv)
exit(0);
}
#if defined(KRB4) || defined(KRB5)
if (do_encrypt)
do_kerberos = 1;
if(do_kerberos)
do_kerberos = DO_KRB4 | DO_KRB5;
#endif
if (do_keepalive &&
setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (char *)&on,
@@ -952,6 +960,7 @@ main(int argc, char **argv)
errx (1, "getaddrinfo: %s", gai_strerror (error));
}
if (ai == NULL) {
#if defined(KRB4) || defined(KRB5)
if (do_kerberos) {
if (do_encrypt) {
error = getaddrinfo(NULL, "ekshell", &hints, &ai);
@@ -970,15 +979,17 @@ main(int argc, char **argv)
if(error)
errx (1, "getaddrinfo: %s", gai_strerror (error));
}
} else {
error = getaddrinfo(NULL, "shell", &hints, &ai);
if(error == EAI_NONAME) {
snprintf(portstr, sizeof(portstr), "%d", 514);
error = getaddrinfo(NULL, portstr, &hints, &ai);
} else
#endif
{
error = getaddrinfo(NULL, "shell", &hints, &ai);
if(error == EAI_NONAME) {
snprintf(portstr, sizeof(portstr), "%d", 514);
error = getaddrinfo(NULL, portstr, &hints, &ai);
}
if(error)
errx (1, "getaddrinfo: %s", gai_strerror (error));
}
if(error)
errx (1, "getaddrinfo: %s", gai_strerror (error));
}
}
mini_inetd_addrinfo (ai);
freeaddrinfo(ai);
@@ -986,6 +997,6 @@ main(int argc, char **argv)
signal (SIGPIPE, SIG_IGN);
doit (do_kerberos, do_rhosts);
doit ();
return 0;
}