oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

support conditional KRB4

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2219 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1997-07-12 22:33:32 +00:00
parent a97705342e
commit e686a72a20
8 changed files with 102 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
appl/rsh/Makefile.am
View File

@@ -2,8 +2,7 @@
AUTOHEADER_FLAGS = no-dependencies foreign
#INCLUDES = -I$(top_builddir)/include -I/usr/athena/include
INCLUDES = -I$(top_builddir)/include -I$(top_builddir)/../k/include
INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4)
bin_PROGRAMS = rsh
@@ -13,5 +12,4 @@ rsh_SOURCES = rsh.c common.c
rshd_SOURCES = rshd.c common.c
#LDADD = -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes -L/usr/athena/lib -lkrb -ldes -L$(top_builddir)/lib/asn1 -lasn1 -L$(top_builddir)/lib/roken -lroken
LDADD = -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes -L$(top_builddir)/../k/lib/krb -lkrb -ldes -L$(top_builddir)/lib/asn1 -lasn1 -L$(top_builddir)/lib/roken -lroken
LDADD = -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes $(LIB_krb4) -L$(top_builddir)/lib/asn1 -lasn1 -L$(top_builddir)/lib/roken -lroken

51
appl/rsh/common.c
View File

@@ -9,9 +9,12 @@ do_read (int fd,
int ret;
if (do_encrypt) {
#ifdef KRB4
if (auth_method == AUTH_KRB4) {
return des_enc_read (fd, buf, sz, schedule, &iv);
} else if(auth_method == AUTH_KRB5) {
} else
#endif /* KRB4 */
if(auth_method == AUTH_KRB5) {
u_int32_t len, outer_len;
int status;
krb5_data data;
@@ -30,7 +33,7 @@ do_read (int fd,
status = krb5_decrypt(context, buf, outer_len,
ETYPE_DES_CBC_CRC, /* XXX */
keyblock, &data);
if (status != KSUCCESS)
if (status)
errx (1, "%s", krb5_get_err_text (context, status));
memcpy (buf, data.data, len);
free (data.data);
@@ -48,9 +51,12 @@ do_write (int fd, void *buf, size_t sz)
int ret;
if (do_encrypt) {
#ifdef KRB4
if(auth_method == AUTH_KRB4) {
return des_enc_write (fd, buf, sz, schedule, &iv);
} else if(auth_method == AUTH_KRB5) {
} else
#endif /* KRB4 */
if(auth_method == AUTH_KRB5) {
krb5_error_code status;
krb5_data data;
u_int32_t len;
@@ -62,7 +68,7 @@ do_write (int fd, void *buf, size_t sz)
ETYPE_DES_CBC_CRC, /* XXX */
keyblock,
&data);
if (status != KSUCCESS)
if (status)
errx (1, "%s", krb5_get_err_text(context, status));
len = htonl(sz);
ret = krb5_net_write (context, fd, &len, 4);
@@ -80,3 +86,40 @@ do_write (int fd, void *buf, size_t sz)
return write (fd, buf, sz);
}
ssize_t
net_write (int fd,
const void *buf,
size_t len)
{
char *cbuf = (char *)buf;
ssize_t count;
size_t rem = len;
while (rem > 0) {
count = write (fd, cbuf, rem);
if (count < 0)
return count;
cbuf += count;
rem -= count;
}
return len;
}
ssize_t
net_read (int fd,
void *buf,
size_t len)
{
char *cbuf = (char *)buf;
ssize_t count;
size_t rem = len;
while (rem > 0) {
count = read (fd, cbuf, rem);
if (count <= 0)
return count;
cbuf += count;
rem -= count;
}
return len;
}

39
appl/rsh/rsh.c
View File

@@ -18,7 +18,11 @@ static int no_input;
static void
usage (void)
{
errx (1, "Usage: %s [-45nx] [-p port] [-l user] host command", __progname);
errx (1, "Usage: %s [-"
#ifdef KRB4
"4"
#endif
"5nx] [-p port] [-l user] host command", __progname);
}
static int
@@ -56,7 +60,7 @@ loop (int s, int errsock)
if (--count == 0)
return 0;
} else
krb_net_write (STDOUT_FILENO, buf, ret);
net_write (STDOUT_FILENO, buf, ret);
}
if (FD_ISSET(errsock, &readset)) {
ret = do_read (errsock, buf, sizeof(buf));
@@ -68,7 +72,7 @@ loop (int s, int errsock)
if (--count == 0)
return 0;
} else
krb_net_write (STDERR_FILENO, buf, ret);
net_write (STDERR_FILENO, buf, ret);
}
if (FD_ISSET(STDIN_FILENO, &readset)) {
ret = read (STDIN_FILENO, buf, sizeof(buf));
@@ -83,6 +87,7 @@ loop (int s, int errsock)
}
}
#ifdef KRB4
static void
send_krb4_auth(int s, struct sockaddr_in thisaddr,
struct sockaddr_in thataddr,
@@ -108,11 +113,12 @@ send_krb4_auth(int s, struct sockaddr_in thisaddr,
memcpy (iv, cred.session, sizeof(iv));
len = strlen(remote_user) + 1;
if (krb_net_write (s, remote_user, len) != len)
if (net_write (s, remote_user, len) != len)
err (1, "write");
if (krb_net_write (s, cmd, cmd_len) != cmd_len)
if (net_write (s, cmd, cmd_len) != cmd_len)
err (1, "write");
}
#endif /* KRB4 */
static void
send_krb5_auth(int s, struct sockaddr_in thisaddr,
@@ -172,14 +178,14 @@ send_krb5_auth(int s, struct sockaddr_in thisaddr,
krb5_get_err_text(context, status));
len = strlen(local_user) + 1;
if (krb_net_write (s, local_user, len) != len)
if (net_write (s, local_user, len) != len)
err (1, "write");
if (do_encrypt && krb_net_write (s, "-x ", 3) != 3)
if (do_encrypt && net_write (s, "-x ", 3) != 3)
err (1, "write");
if (krb_net_write (s, cmd, cmd_len) != cmd_len)
if (net_write (s, cmd, cmd_len) != cmd_len)
err (1, "write");
len = strlen(remote_user) + 1;
if (krb_net_write (s, remote_user, len) != len)
if (net_write (s, remote_user, len) != len)
err (1, "write");
{
@@ -235,7 +241,7 @@ proto (int s, char *hostname, char *local_user, char *remote_user,
p = buf;
snprintf (p, sizeof(buf), "%u", ntohs(erraddr.sin_port));
len = strlen(buf) + 1;
if(krb_net_write (s, buf, len) != len)
if(net_write (s, buf, len) != len)
err (1, "write");
errsock2 = accept (errsock, NULL, NULL);
@@ -243,11 +249,14 @@ proto (int s, char *hostname, char *local_user, char *remote_user,
err (1, "accept");
close (errsock);
#ifdef KRB4
if (auth_method == AUTH_KRB4)
send_krb4_auth (s, thisaddr, thataddr,
hostname, remote_user, local_user,
cmd_len, cmd);
else if(auth_method == AUTH_KRB5)
else
#endif /* KRB4 */
if(auth_method == AUTH_KRB5)
send_krb5_auth (s, thisaddr, thataddr,
hostname, remote_user, local_user,
cmd_len, cmd);
@@ -256,7 +265,7 @@ proto (int s, char *hostname, char *local_user, char *remote_user,
free (cmd);
if (krb_net_read (s, &reply, 1) != 1)
if (net_read (s, &reply, 1) != 1)
err (1, "read");
if (reply != 0) {
@@ -355,9 +364,11 @@ main(int argc, char **argv)
auth_method = AUTH_KRB5;
while ((c = getopt(argc, argv, "45l:nxp:")) != EOF) {
switch (c) {
#ifdef KRB4
case '4':
auth_method = AUTH_KRB4;
break;
#endif
case '5':
auth_method = AUTH_KRB5;
break;
@@ -397,10 +408,12 @@ main(int argc, char **argv)
usage ();
if (port == 0)
#ifdef KRB4
if (do_encrypt && auth_method == AUTH_KRB4)
port = k_getportbyname ("ekshell", "tcp", htons(545));
else
port = k_getportbyname ("kshell", "tcp", htons(544));
#endif /* KRB4 */
port = krb5_getportbyname ("kshell", "tcp", htons(544));
return doit (*argv, remote_user, port,
argc - 1, argv + 1);

4
appl/rsh/rsh_locl.h
View File

@@ -34,8 +34,10 @@
#include <paths.h>
#endif
#include <roken.h>
#ifdef KRB4
#include <krb.h>
#include <prot.h>
#endif
#include <krb5.h>
#ifndef _PATH_NOLOGIN
@@ -72,3 +74,5 @@ extern des_cblock iv;
ssize_t do_read (int fd, void *buf, size_t sz);
ssize_t do_write (int fd, void *buf, size_t sz);
ssize_t net_read (int fd, void *buf, size_t len);
ssize_t net_write (int fd, const void *buf, size_t len);

32
appl/rsh/rshd.c
View File

@@ -33,7 +33,7 @@ fatal (int sock, const char *m, ...)
len = vsnprintf (buf + 1, sizeof(buf) - 1, m, args);
va_end(args);
syslog (LOG_ERR, buf + 1);
krb_net_write (sock, buf, len + 1);
net_write (sock, buf, len + 1);
exit (1);
}
@@ -41,7 +41,7 @@ static void
read_str (int s, char *str, size_t sz, char *expl)
{
while (sz > 0) {
if (krb_net_read (s, str, 1) != 1)
if (net_read (s, str, 1) != 1)
syslog_and_die ("read: %m");
if (*str == '\0')
return;
@@ -51,6 +51,7 @@ read_str (int s, char *str, size_t sz, char *expl)
fatal (s, "%s too long", expl);
}
#ifdef KRB4
static int
recv_krb4_auth (int s, u_char *buf,
struct sockaddr_in thisaddr,
@@ -68,7 +69,7 @@ recv_krb4_auth (int s, u_char *buf,
if (memcmp (buf, KRB_SENDAUTH_VERS, 4) != 0)
return -1;
if (krb_net_read (s, buf + 4, KRB_SENDAUTH_VLEN - 4) !=
if (net_read (s, buf + 4, KRB_SENDAUTH_VLEN - 4) !=
KRB_SENDAUTH_VLEN - 4)
syslog_and_die ("reading auth info: %m");
if (memcmp (buf, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN) != 0)
@@ -100,6 +101,7 @@ recv_krb4_auth (int s, u_char *buf,
read_str (s, cmd, COMMAND_SZ, "command");
return 0;
}
#endif /* KRB4 */
static int
recv_krb5_auth (int s, u_char *buf,
@@ -120,7 +122,7 @@ recv_krb5_auth (int s, u_char *buf,
return -1;
len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | (buf[3]);
if (krb_net_read(s, buf, len) != len)
if (net_read(s, buf, len) != len)
syslog_and_die ("reading auth info: %m");
if (len != sizeof(KRB5_SENDAUTH_VERSION)
|| memcmp (buf, KRB5_SENDAUTH_VERSION, len) != 0)
@@ -174,7 +176,7 @@ recv_krb5_auth (int s, u_char *buf,
krb5_get_err_text(context, status));
/* discard forwarding information */
krb_net_read (s, buf, 4);
net_read (s, buf, 4);
if(!krb5_kuserok (context,
ticket->enc_part2.client,
@@ -221,7 +223,7 @@ loop (int from0, int to0,
close (from0);
FD_CLR(from0, &real_readset);
} else
krb_net_write (to0, buf, ret);
net_write (to0, buf, ret);
}
if (FD_ISSET(from1, &readset)) {
ret = read (from1, buf, sizeof(buf));
@@ -280,7 +282,7 @@ setup_copier (void)
close (p1[1]);
close (p2[1]);
if (krb_net_write (STDOUT_FILENO, "", 1) != 1)
if (net_write (STDOUT_FILENO, "", 1) != 1)
fatal (STDOUT_FILENO, "write failed");
loop (STDIN_FILENO, p0[1],
@@ -318,7 +320,7 @@ doit (void)
p = buf;
port = 0;
for(;;) {
if (krb_net_read (s, p, 1) != 1)
if (net_read (s, p, 1) != 1)
syslog_and_die ("reading port number: %m");
if (*p == '\0')
break;
@@ -347,15 +349,18 @@ doit (void)
syslog_and_die ("connect: %m");
}
if (krb_net_read (s, buf, 4) != 4)
if (net_read (s, buf, 4) != 4)
syslog_and_die ("reading auth info: %m");
#ifdef KRB4
if (recv_krb4_auth (s, buf, thisaddr, thataddr,
client_user,
server_user,
cmd) == 0)
auth_method = AUTH_KRB4;
else if(recv_krb5_auth (s, buf, thisaddr, thataddr,
else
#endif /* KRB4 */
if(recv_krb5_auth (s, buf, thisaddr, thataddr,
client_user,
server_user,
cmd) == 0)
@@ -407,7 +412,7 @@ doit (void)
if (do_encrypt) {
setup_copier ();
} else {
if (krb_net_write (s, "", 1) != 1)
if (net_write (s, "", 1) != 1)
fatal (s, "write failed");
}
@@ -462,11 +467,12 @@ main(int argc, char **argv)
if (inetd) {
if (port == 0)
if (do_encrypt)
port = k_getportbyname ("ekshell", "tcp", htons(545));
port = krb5_getportbyname ("ekshell", "tcp", htons(545));
else
port = k_getportbyname ("kshell", "tcp", htons(544));
port = krb5_getportbyname ("kshell", "tcp", htons(544));
mini_inetd (port);
}
doit ();
return 0;
}

2
appl/telnet/libtelnet/Makefile.am
View File

@@ -2,7 +2,7 @@
AUTOHEADER_FLAGS = no-dependencies foreign
INCLUDES = -I$(top_builddir)/include -I$(srcdir)/..
INCLUDES = -I$(top_builddir)/include -I$(srcdir)/.. $(INCLUDE_krb4)
noinst_LIBRARIES = libtelnet.a

2
appl/telnet/telnet/Makefile.am
View File

@@ -10,4 +10,4 @@ telnet_SOURCES = authenc.c commands.c main.c network.c ring.c \
sys_bsd.c telnet.c terminal.c \
utilities.c
LDADD = -L../libtelnet -ltelnet -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes -L$(top_builddir)/lib/asn1 -lasn1 @LIB_tgetent@ -L$(top_builddir)/lib/roken -lroken
LDADD = -L../libtelnet -ltelnet -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes $(LIB_krb4) -L$(top_builddir)/lib/asn1 -lasn1 @LIB_tgetent@ -L$(top_builddir)/lib/roken -lroken

4
appl/telnet/telnetd/Makefile.am
View File

@@ -2,11 +2,11 @@
AUTOHEADER_FLAGS = no-dependencies foreign
INCLUDES = -I$(top_builddir)/include -I$(srcdir)/..
INCLUDES = -I$(top_builddir)/include -I$(srcdir)/.. $(INCLUDE_krb4)
libexec_PROGRAMS = telnetd
telnetd_SOURCES = telnetd.c state.c termstat.c slc.c sys_term.c \
utility.c global.c authenc.c
LDADD = -L../libtelnet -ltelnet -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes -L$(top_builddir)/lib/asn1 -lasn1 @LIB_tgetent@ -L$(top_builddir)/lib/roken -lroken
LDADD = -L../libtelnet -ltelnet -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes $(LIB_krb4) -L$(top_builddir)/lib/asn1 -lasn1 @LIB_tgetent@ -L$(top_builddir)/lib/roken -lroken