ChangeLog revision 102644
12002-02-18 Johan Danielsson <joda@pdc.kth.se> 2 3 * rshd.c: don't show options that doesn't apply 4 5 * rsh.c: don't show options that doesn't apply 6 7 * rsh_locl.h: if we're not building with any kerberos support, 8 just call read/write directly 9 10 * common.c: if we're not building with any kerberos support, just 11 call read/write directly 12 13 * rshd.c: make this build without krb5; also use the addrinfo 14 interface to mini_inetd, and set the keepalive option if requested 15 16 * rsh.c: make this build without krb5 17 18 * rsh_locl.h: make this build without krb5 19 20 * common.c: make this build without krb5 21 222001-11-30 Johan Danielsson <joda@pdc.kth.se> 23 24 * rshd.c: make the syslog messages somewhat more informative 25 262001-08-15 Johan Danielsson <joda@pdc.kth.se> 27 28 * rsh.c: only complain about encryption flag when old 29 authentication is requested 30 312001-08-07 Johan Danielsson <joda@pdc.kth.se> 32 33 * rsh.c: don't try broken auth if rresvport failed; try to give 34 some more informative error messages 35 362001-07-31 Johan Danielsson <joda@pdc.kth.se> 37 38 * rshd.8: add an EXAMPLE 39 * rshd.8: manual page 40 * rshd.c: add some compat flags 41 * rsh.1: manual page 42 * rsh.c: iff -d, set the SO_DEBUG flags of the stdout and stderr 43 socket; implement parsing user@host 44 452001-07-19 Assar Westerlund <assar@sics.se> 46 47 * rshd.c (fatal): use vsnprintf correctly 48 492001-02-07 Assar Westerlund <assar@sics.se> 50 51 * Makefile.am: add login_access 52 * rshd.c (login_access): add prototype 53 (syslog_and_die, fatal): add printf attributes 54 (*): AIX -> _AIX 55 (doit): use login_access 56 based on patches from Ake Sandgren <ake@cs.umu.se> 57 582001-01-09 Assar Westerlund <assar@sics.se> 59 60 * rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of 61 krb5_rd_cred 62 632000-12-31 Assar Westerlund <assar@sics.se> 64 65 * rshd.c (main): handle krb5_init_context failure consistently 66 * rsh.c (main): handle krb5_init_context failure consistently 67 682000-12-05 Johan Danielsson <joda@pdc.kth.se> 69 70 * rshd.c: require encryption if passed -x 71 722000-11-15 Assar Westerlund <assar@sics.se> 73 74 * rshd.c (loop): check that the fd's aren't too large to select on 75 * rsh.c (loop, proto): check that the fd's aren't too large to 76 select on 77 782000-08-10 Assar Westerlund <assar@sics.se> 79 80 * rsh.c: move code to do config/command parsing correctly. 81 822000-08-09 Assar Westerlund <assar@sics.se> 83 84 * rsh.c (main): only fetch stuff from krb5.conf when no option has 85 been given 86 872000-08-01 Assar Westerlund <assar@sics.se> 88 89 * rsh.c (doit): loop until we create an error socket of an 90 supported socket family 91 922000-07-02 Assar Westerlund <assar@sics.se> 93 94 * rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se> 95 do not call syslog with a variable as format string 96 97 * rsh_locl.h (_PATH_ETC_ENVIRONMENT): add 98 992000-06-09 Assar Westerlund <assar@sics.se> 100 101 * rsh.c (main): work-around for setuid and capabilities bug fixed 102 in Linux 2.2.16 103 1042000-06-06 Johan Danielsson <joda@pdc.kth.se> 105 106 * rsh.c: nuke long option from -z 107 108 * rsh.c: don't try to encrypt if auth is broken (Daniel Kouril) 109 1102000-06-03 Assar Westerlund <assar@sics.se> 111 112 * rshd.c (doit): check return value of getspnam. From 113 <haba@pdc.kth.se> 114 1152000-05-23 Assar Westerlund <assar@sics.se> 116 117 * rsh.c (proto): select on the normal socket when waiting for the 118 daemon to connect back to the stderr port, so that we discover 119 when data arrives there before. when that happens, we assume that 120 the daemon did not manage to connect (because of NAT/whatever) and 121 continue as if `-e' was given 122 * rshd.c (doit): if we fail to connect back to the stderr port, 123 act as if `-e' was given on the client side, i.e. without the 124 special TCP-connection. This tries to make things better when 125 running the head against a NAT wall, for example. 126 1272000-02-07 Assar Westerlund <assar@sics.se> 128 129 * Makefile.am (LDADD): make sure we use the heimdal libdes 130 1312000-02-06 Assar Westerlund <assar@sics.se> 132 133 * *: conditionalize des stuff on KRB4 134 1351999-12-16 Assar Westerlund <assar@sics.se> 136 137 * rsh.c (doit): addrinfo returned from getaddrinfo() is not usable 138 directly as hints. copy it and set AI_PASSIVE. 139 1401999-11-20 Assar Westerlund <assar@sics.se> 141 142 * rsh.c (main): remember to close the priviledged sockets before 143 calling rlogin 144 1451999-11-02 Assar Westerlund <assar@sics.se> 146 147 * rsh.c (main): redo the v4/v5 selection for consistency. -4 -> 148 try only v4 -5 -> try only v5 none, -45 -> try v5, v4 149 1501999-10-26 Assar Westerlund <assar@sics.se> 151 152 * rshd.c (main): ignore SIGPIPE 153 154 * common.c (do_read): the encoded length can be longer than the 155 buffer being used, allocate memory for it dynamically. From Brian 156 A May <bmay@dgs.monash.edu.au> 157 1581999-10-14 Assar Westerlund <assar@sics.se> 159 160 * rsh.c (proto): be more careful and don't print errno when read() 161 returns 0 162 1631999-09-20 Assar Westerlund <assar@sics.se> 164 165 * rshd.c (recv_krb4_auth): set `iv' 166 1671999-08-16 Assar Westerlund <assar@sics.se> 168 169 * common.c (do_read): be careful with the return value from 170 krb5_net_read 171 1721999-08-05 Assar Westerlund <assar@sics.se> 173 174 * rsh.c: call freehostent 175 176 * rsh.c: remove some dead code 177 1781999-08-04 Assar Westerlund <assar@sics.se> 179 180 * rshd.c: re-write the handling of forwarded credentials and 181 stuff. From Miroslav Ruda <ruda@ics.muni.cz> 182 183 * rsh_locl.h: always include kafs.h 184 185 * rsh.c: add `-z' and `-G' options 186 187 * rsh.c (loop): shutdown one side of the TCP connection on EOF. 188 From Brian A May <bmay@dgs.monash.edu.au> 189 190 * common.c (do_read): handle EOF. From Brian A May 191 <bmay@dgs.monash.edu.au> 192 1931999-08-01 Assar Westerlund <assar@sics.se> 194 195 * rsh.c: const fixes 196 1971999-07-29 Assar Westerlund <assar@sics.se> 198 199 * rshd.c: v6-ify 200 201 * rsh.c: v6-ify 202 2031999-07-28 Assar Westerlund <assar@sics.se> 204 205 * rsh_locl.h: move around kafs.h 206 2071999-07-24 Assar Westerlund <assar@sics.se> 208 209 * rsh_locl.h: <shadow.h> 210 211 * rsh.c, rshd.c: improve forwarding and implement unique ccache on 212 server. From Miroslav Ruda <ruda@ics.muni.cz> 213 2141999-07-03 Assar Westerlund <assar@sics.se> 215 216 * rsh.c (construct_command): handle argc == 0 for generality 217 2181999-06-23 Assar Westerlund <assar@sics.se> 219 220 * rsh.c: new option `-e' for not trying to open an stderr socket 221 2221999-06-17 Assar Westerlund <assar@sics.se> 223 224 * rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we 225 don't leave any data inside des_enc_read. (that constant should 226 really be exported in some way...) 227 2281999-06-15 Assar Westerlund <assar@sics.se> 229 230 * rsh.c: use get_default_username and resulting const pollution 231 2321999-05-21 Assar Westerlund <assar@sics.se> 233 234 * rsh.c (main): try $USERNAME 235 2361999-05-14 Assar Westerlund <assar@sics.se> 237 238 * rshd.c (doit): afslog correctly 239 2401999-05-11 Assar Westerlund <assar@sics.se> 241 242 * rsh.c (main): add fallback to rlogin 243 2441999-05-10 Assar Westerlund <assar@sics.se> 245 246 * rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL. 247 check return value from krb5_crypto_init 248 249 * common.c (do_write, do_read): always return -1 for failure 250 (net_write, net_read): remove. they already exist in libroken 251 2521999-05-09 Assar Westerlund <assar@sics.se> 253 254 * rsh.c: make sure it tries with all other authentication methods 255 after one has failed 256 * rsh.c (main): detect the case of no command given. 257 2581999-04-11 Assar Westerlund <assar@sics.se> 259 260 * rsh.c: new option --forwardable. use print_version 261 262Sat Apr 10 17:10:55 1999 Assar Westerlund <assar@sics.se> 263 264 * rshd.c (setup_copier): use `socketpair' instead of `pipe'. Some 265 shells don't think it's a rsh session if they find a pipe at the 266 other end. 267 (setup_environment): add SSH_CLIENT just to make bash happy 268 269 * common.c (do_read): use krb5_get_wrapped_length 270 271Wed Mar 24 03:59:42 1999 Assar Westerlund <assar@sics.se> 272 273 * rsh.c (loop): more braces to make gcc happy 274 275Tue Mar 23 17:08:32 1999 Johan Danielsson <joda@hella.pdc.kth.se> 276 277 * rsh_locl.h: kafs.h 278 279 * rshd.c: add `-P', `-v', and `-L' flags 280 281Thu Mar 18 11:37:24 1999 Johan Danielsson <joda@hella.pdc.kth.se> 282 283 * Makefile.am: include Makefile.am.common 284 285Tue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se> 286 287 * appl/rsh/rshd.c: update to new crypto framework 288 289 * appl/rsh/rsh_locl.h: update to new crypto framework 290 291 * appl/rsh/rsh.c: update to new crypto framework 292 293 * appl/rsh/common.c: update to new crypto framework 294 295Mon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 296 297 * appl/rsh/rsh.c (main): initialize host 298 299 * appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not 300 encrypting. 301 302Thu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se> 303 304 * appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user' 305 306Thu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se> 307 308 * appl/rsh/rshd.c: use krb5_verify_authenticator_checksum 309 310Sat Apr 18 21:13:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> 311 312 * appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified. 313 314Sun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se> 315 316 * appl/rsh/rshd.c (recv_krb5_auth): swap the order of the 317 `local_user' and the `remote_user' 318 319 * appl/rsh/rsh.c (send_krb5_auth): swap the order of the 320 `local_user' and the `remote_user' 321 322Sat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se> 323 324 * appl/rsh/rshd.c: updated to use getarg. 325 changed `struct fd_set' to `fd_set'. 326 implemented broken/BSD authentication (requires iruserok) 327 328Wed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se> 329 330 * appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH 331 332 * appl/rsh/Makefile.am: set BINDIR 333 334 * appl/rsh/rsh.c: implemented BSD-style reserved port 335 `authentication' 336 337Sun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se> 338 339 * appl/rsh/rshd.c: syslog remote shells 340 341Tue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se> 342 343 * appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server 344 parameter to krb5_rd_req/krb5_recvauth. Set addresses in 345 auth_context. 346 347Fri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se> 348 349 * appl/rsh/rshd.c: implement forwarding 350 351 * appl/rsh/rsh.c: Use getarg. Implement forwarding. 352 353Sun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se> 354 355 * appl/rsh: Conditionalize the krb4-support. 356 357Wed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se> 358 359 * appl/rsh/rsh.c: use the correct user for the checksum 360 361Mon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se> 362 363 * appl/rsh/rshd.c: Now works. Also implementd encryption and 364 `-p'. 365 366 * appl/rsh/common.c: new file 367 368Mon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se> 369 370 * appl/rsh: New program. 371 372