ChangeLog revision 103423
1103423Snectar2002-09-04 Johan Danielsson <joda@pdc.kth.se> 2103423Snectar 3103423Snectar * rsh.c: free some memory 4103423Snectar 5103423Snectar2002-09-04 Assar Westerlund <assar@kth.se> 6103423Snectar 7103423Snectar * common.c: krb5_crypto_block_size -> krb5_crypto_getblocksize 8103423Snectar 9103423Snectar2002-09-04 Johan Danielsson <joda@pdc.kth.se> 10103423Snectar 11103423Snectar * rsh.1: document -P 12103423Snectar 13103423Snectar2002-09-03 Johan Danielsson <joda@pdc.kth.se> 14103423Snectar 15103423Snectar * rsh.c: revert to protocol v1 if not asked for specific protocol 16103423Snectar 17103423Snectar * rshd.c: handle protocol version 2 18103423Snectar 19103423Snectar * rsh.c: handle protocol version 2 20103423Snectar 21103423Snectar * common.c: handle protocol version 2 22103423Snectar 23103423Snectar * rsh_locl.h: handle protocol version 2 24103423Snectar 25102644Snectar2002-02-18 Johan Danielsson <joda@pdc.kth.se> 26102644Snectar 27102644Snectar * rshd.c: don't show options that doesn't apply 28102644Snectar 29102644Snectar * rsh.c: don't show options that doesn't apply 30102644Snectar 31102644Snectar * rsh_locl.h: if we're not building with any kerberos support, 32102644Snectar just call read/write directly 33102644Snectar 34102644Snectar * common.c: if we're not building with any kerberos support, just 35102644Snectar call read/write directly 36102644Snectar 37102644Snectar * rshd.c: make this build without krb5; also use the addrinfo 38102644Snectar interface to mini_inetd, and set the keepalive option if requested 39102644Snectar 40102644Snectar * rsh.c: make this build without krb5 41102644Snectar 42102644Snectar * rsh_locl.h: make this build without krb5 43102644Snectar 44102644Snectar * common.c: make this build without krb5 45102644Snectar 4690926Snectar2001-11-30 Johan Danielsson <joda@pdc.kth.se> 4790926Snectar 4890926Snectar * rshd.c: make the syslog messages somewhat more informative 4990926Snectar 5090926Snectar2001-08-15 Johan Danielsson <joda@pdc.kth.se> 5190926Snectar 5290926Snectar * rsh.c: only complain about encryption flag when old 5390926Snectar authentication is requested 5490926Snectar 5590926Snectar2001-08-07 Johan Danielsson <joda@pdc.kth.se> 5690926Snectar 5790926Snectar * rsh.c: don't try broken auth if rresvport failed; try to give 5890926Snectar some more informative error messages 5990926Snectar 6090926Snectar2001-07-31 Johan Danielsson <joda@pdc.kth.se> 6190926Snectar 6290926Snectar * rshd.8: add an EXAMPLE 6390926Snectar * rshd.8: manual page 6490926Snectar * rshd.c: add some compat flags 6590926Snectar * rsh.1: manual page 6690926Snectar * rsh.c: iff -d, set the SO_DEBUG flags of the stdout and stderr 6790926Snectar socket; implement parsing user@host 6890926Snectar 6990926Snectar2001-07-19 Assar Westerlund <assar@sics.se> 7090926Snectar 7190926Snectar * rshd.c (fatal): use vsnprintf correctly 7290926Snectar 7378527Sassar2001-02-07 Assar Westerlund <assar@sics.se> 7478527Sassar 7578527Sassar * Makefile.am: add login_access 7678527Sassar * rshd.c (login_access): add prototype 7778527Sassar (syslog_and_die, fatal): add printf attributes 7878527Sassar (*): AIX -> _AIX 7978527Sassar (doit): use login_access 8078527Sassar based on patches from Ake Sandgren <ake@cs.umu.se> 8178527Sassar 8272445Sassar2001-01-09 Assar Westerlund <assar@sics.se> 8372445Sassar 8472445Sassar * rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of 8572445Sassar krb5_rd_cred 8672445Sassar 8772445Sassar2000-12-31 Assar Westerlund <assar@sics.se> 8872445Sassar 8972445Sassar * rshd.c (main): handle krb5_init_context failure consistently 9072445Sassar * rsh.c (main): handle krb5_init_context failure consistently 9172445Sassar 9272445Sassar2000-12-05 Johan Danielsson <joda@pdc.kth.se> 9372445Sassar 9472445Sassar * rshd.c: require encryption if passed -x 9572445Sassar 9672445Sassar2000-11-15 Assar Westerlund <assar@sics.se> 9772445Sassar 9872445Sassar * rshd.c (loop): check that the fd's aren't too large to select on 9972445Sassar * rsh.c (loop, proto): check that the fd's aren't too large to 10072445Sassar select on 10172445Sassar 10272445Sassar2000-08-10 Assar Westerlund <assar@sics.se> 10372445Sassar 10472445Sassar * rsh.c: move code to do config/command parsing correctly. 10572445Sassar 10672445Sassar2000-08-09 Assar Westerlund <assar@sics.se> 10772445Sassar 10872445Sassar * rsh.c (main): only fetch stuff from krb5.conf when no option has 10972445Sassar been given 11072445Sassar 11172445Sassar2000-08-01 Assar Westerlund <assar@sics.se> 11272445Sassar 11372445Sassar * rsh.c (doit): loop until we create an error socket of an 11472445Sassar supported socket family 11572445Sassar 11672445Sassar2000-07-02 Assar Westerlund <assar@sics.se> 11772445Sassar 11872445Sassar * rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se> 11972445Sassar do not call syslog with a variable as format string 12072445Sassar 12172445Sassar * rsh_locl.h (_PATH_ETC_ENVIRONMENT): add 12272445Sassar 12372445Sassar2000-06-09 Assar Westerlund <assar@sics.se> 12472445Sassar 12572445Sassar * rsh.c (main): work-around for setuid and capabilities bug fixed 12672445Sassar in Linux 2.2.16 12772445Sassar 12872445Sassar2000-06-06 Johan Danielsson <joda@pdc.kth.se> 12972445Sassar 13072445Sassar * rsh.c: nuke long option from -z 13172445Sassar 13272445Sassar * rsh.c: don't try to encrypt if auth is broken (Daniel Kouril) 13372445Sassar 13472445Sassar2000-06-03 Assar Westerlund <assar@sics.se> 13572445Sassar 13672445Sassar * rshd.c (doit): check return value of getspnam. From 13772445Sassar <haba@pdc.kth.se> 13872445Sassar 13972445Sassar2000-05-23 Assar Westerlund <assar@sics.se> 14072445Sassar 14172445Sassar * rsh.c (proto): select on the normal socket when waiting for the 14272445Sassar daemon to connect back to the stderr port, so that we discover 14372445Sassar when data arrives there before. when that happens, we assume that 14472445Sassar the daemon did not manage to connect (because of NAT/whatever) and 14572445Sassar continue as if `-e' was given 14672445Sassar * rshd.c (doit): if we fail to connect back to the stderr port, 14772445Sassar act as if `-e' was given on the client side, i.e. without the 14872445Sassar special TCP-connection. This tries to make things better when 14972445Sassar running the head against a NAT wall, for example. 15072445Sassar 15157416Smarkm2000-02-07 Assar Westerlund <assar@sics.se> 15257416Smarkm 15357416Smarkm * Makefile.am (LDADD): make sure we use the heimdal libdes 15457416Smarkm 15557416Smarkm2000-02-06 Assar Westerlund <assar@sics.se> 15657416Smarkm 15757416Smarkm * *: conditionalize des stuff on KRB4 15857416Smarkm 15955682Smarkm1999-12-16 Assar Westerlund <assar@sics.se> 16055682Smarkm 16155682Smarkm * rsh.c (doit): addrinfo returned from getaddrinfo() is not usable 16255682Smarkm directly as hints. copy it and set AI_PASSIVE. 16355682Smarkm 16455682Smarkm1999-11-20 Assar Westerlund <assar@sics.se> 16555682Smarkm 16655682Smarkm * rsh.c (main): remember to close the priviledged sockets before 16755682Smarkm calling rlogin 16855682Smarkm 16955682Smarkm1999-11-02 Assar Westerlund <assar@sics.se> 17055682Smarkm 17155682Smarkm * rsh.c (main): redo the v4/v5 selection for consistency. -4 -> 17255682Smarkm try only v4 -5 -> try only v5 none, -45 -> try v5, v4 17355682Smarkm 17455682Smarkm1999-10-26 Assar Westerlund <assar@sics.se> 17555682Smarkm 17655682Smarkm * rshd.c (main): ignore SIGPIPE 17755682Smarkm 17855682Smarkm * common.c (do_read): the encoded length can be longer than the 17955682Smarkm buffer being used, allocate memory for it dynamically. From Brian 18055682Smarkm A May <bmay@dgs.monash.edu.au> 18155682Smarkm 18255682Smarkm1999-10-14 Assar Westerlund <assar@sics.se> 18355682Smarkm 18455682Smarkm * rsh.c (proto): be more careful and don't print errno when read() 18555682Smarkm returns 0 18655682Smarkm 18755682Smarkm1999-09-20 Assar Westerlund <assar@sics.se> 18855682Smarkm 18955682Smarkm * rshd.c (recv_krb4_auth): set `iv' 19055682Smarkm 19155682Smarkm1999-08-16 Assar Westerlund <assar@sics.se> 19255682Smarkm 19355682Smarkm * common.c (do_read): be careful with the return value from 19455682Smarkm krb5_net_read 19555682Smarkm 19655682Smarkm1999-08-05 Assar Westerlund <assar@sics.se> 19755682Smarkm 19855682Smarkm * rsh.c: call freehostent 19955682Smarkm 20055682Smarkm * rsh.c: remove some dead code 20155682Smarkm 20255682Smarkm1999-08-04 Assar Westerlund <assar@sics.se> 20355682Smarkm 20455682Smarkm * rshd.c: re-write the handling of forwarded credentials and 20555682Smarkm stuff. From Miroslav Ruda <ruda@ics.muni.cz> 20655682Smarkm 20755682Smarkm * rsh_locl.h: always include kafs.h 20855682Smarkm 20955682Smarkm * rsh.c: add `-z' and `-G' options 21055682Smarkm 21155682Smarkm * rsh.c (loop): shutdown one side of the TCP connection on EOF. 21255682Smarkm From Brian A May <bmay@dgs.monash.edu.au> 21355682Smarkm 21455682Smarkm * common.c (do_read): handle EOF. From Brian A May 21555682Smarkm <bmay@dgs.monash.edu.au> 21655682Smarkm 21755682Smarkm1999-08-01 Assar Westerlund <assar@sics.se> 21855682Smarkm 21955682Smarkm * rsh.c: const fixes 22055682Smarkm 22155682Smarkm1999-07-29 Assar Westerlund <assar@sics.se> 22255682Smarkm 22355682Smarkm * rshd.c: v6-ify 22455682Smarkm 22555682Smarkm * rsh.c: v6-ify 22655682Smarkm 22755682Smarkm1999-07-28 Assar Westerlund <assar@sics.se> 22855682Smarkm 22955682Smarkm * rsh_locl.h: move around kafs.h 23055682Smarkm 23155682Smarkm1999-07-24 Assar Westerlund <assar@sics.se> 23255682Smarkm 23355682Smarkm * rsh_locl.h: <shadow.h> 23455682Smarkm 23555682Smarkm * rsh.c, rshd.c: improve forwarding and implement unique ccache on 23655682Smarkm server. From Miroslav Ruda <ruda@ics.muni.cz> 23755682Smarkm 23855682Smarkm1999-07-03 Assar Westerlund <assar@sics.se> 23955682Smarkm 24055682Smarkm * rsh.c (construct_command): handle argc == 0 for generality 24155682Smarkm 24255682Smarkm1999-06-23 Assar Westerlund <assar@sics.se> 24355682Smarkm 24455682Smarkm * rsh.c: new option `-e' for not trying to open an stderr socket 24555682Smarkm 24655682Smarkm1999-06-17 Assar Westerlund <assar@sics.se> 24755682Smarkm 24855682Smarkm * rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we 24955682Smarkm don't leave any data inside des_enc_read. (that constant should 25055682Smarkm really be exported in some way...) 25155682Smarkm 25255682Smarkm1999-06-15 Assar Westerlund <assar@sics.se> 25355682Smarkm 25455682Smarkm * rsh.c: use get_default_username and resulting const pollution 25555682Smarkm 25655682Smarkm1999-05-21 Assar Westerlund <assar@sics.se> 25755682Smarkm 25855682Smarkm * rsh.c (main): try $USERNAME 25955682Smarkm 26055682Smarkm1999-05-14 Assar Westerlund <assar@sics.se> 26155682Smarkm 26255682Smarkm * rshd.c (doit): afslog correctly 26355682Smarkm 26455682Smarkm1999-05-11 Assar Westerlund <assar@sics.se> 26555682Smarkm 26655682Smarkm * rsh.c (main): add fallback to rlogin 26755682Smarkm 26855682Smarkm1999-05-10 Assar Westerlund <assar@sics.se> 26955682Smarkm 27055682Smarkm * rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL. 27155682Smarkm check return value from krb5_crypto_init 27255682Smarkm 27355682Smarkm * common.c (do_write, do_read): always return -1 for failure 27455682Smarkm (net_write, net_read): remove. they already exist in libroken 27555682Smarkm 27655682Smarkm1999-05-09 Assar Westerlund <assar@sics.se> 27755682Smarkm 27855682Smarkm * rsh.c: make sure it tries with all other authentication methods 27955682Smarkm after one has failed 28055682Smarkm * rsh.c (main): detect the case of no command given. 28155682Smarkm 28255682Smarkm1999-04-11 Assar Westerlund <assar@sics.se> 28355682Smarkm 28455682Smarkm * rsh.c: new option --forwardable. use print_version 28555682Smarkm 28655682SmarkmSat Apr 10 17:10:55 1999 Assar Westerlund <assar@sics.se> 28755682Smarkm 28855682Smarkm * rshd.c (setup_copier): use `socketpair' instead of `pipe'. Some 28955682Smarkm shells don't think it's a rsh session if they find a pipe at the 29055682Smarkm other end. 29155682Smarkm (setup_environment): add SSH_CLIENT just to make bash happy 29255682Smarkm 29355682Smarkm * common.c (do_read): use krb5_get_wrapped_length 29455682Smarkm 29555682SmarkmWed Mar 24 03:59:42 1999 Assar Westerlund <assar@sics.se> 29655682Smarkm 29755682Smarkm * rsh.c (loop): more braces to make gcc happy 29855682Smarkm 29955682SmarkmTue Mar 23 17:08:32 1999 Johan Danielsson <joda@hella.pdc.kth.se> 30055682Smarkm 30155682Smarkm * rsh_locl.h: kafs.h 30255682Smarkm 30355682Smarkm * rshd.c: add `-P', `-v', and `-L' flags 30455682Smarkm 30555682SmarkmThu Mar 18 11:37:24 1999 Johan Danielsson <joda@hella.pdc.kth.se> 30655682Smarkm 30755682Smarkm * Makefile.am: include Makefile.am.common 30855682Smarkm 30955682SmarkmTue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se> 31055682Smarkm 31155682Smarkm * appl/rsh/rshd.c: update to new crypto framework 31255682Smarkm 31355682Smarkm * appl/rsh/rsh_locl.h: update to new crypto framework 31455682Smarkm 31555682Smarkm * appl/rsh/rsh.c: update to new crypto framework 31655682Smarkm 31755682Smarkm * appl/rsh/common.c: update to new crypto framework 31855682Smarkm 31955682SmarkmMon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 32055682Smarkm 32155682Smarkm * appl/rsh/rsh.c (main): initialize host 32255682Smarkm 32355682Smarkm * appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not 32455682Smarkm encrypting. 32555682Smarkm 32655682SmarkmThu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se> 32755682Smarkm 32855682Smarkm * appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user' 32955682Smarkm 33055682SmarkmThu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se> 33155682Smarkm 33255682Smarkm * appl/rsh/rshd.c: use krb5_verify_authenticator_checksum 33355682Smarkm 33455682SmarkmSat Apr 18 21:13:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> 33555682Smarkm 33655682Smarkm * appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified. 33755682Smarkm 33855682SmarkmSun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se> 33955682Smarkm 34055682Smarkm * appl/rsh/rshd.c (recv_krb5_auth): swap the order of the 34155682Smarkm `local_user' and the `remote_user' 34255682Smarkm 34355682Smarkm * appl/rsh/rsh.c (send_krb5_auth): swap the order of the 34455682Smarkm `local_user' and the `remote_user' 34555682Smarkm 34655682SmarkmSat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se> 34755682Smarkm 34855682Smarkm * appl/rsh/rshd.c: updated to use getarg. 34955682Smarkm changed `struct fd_set' to `fd_set'. 35055682Smarkm implemented broken/BSD authentication (requires iruserok) 35155682Smarkm 35255682SmarkmWed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se> 35355682Smarkm 35455682Smarkm * appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH 35555682Smarkm 35655682Smarkm * appl/rsh/Makefile.am: set BINDIR 35755682Smarkm 35855682Smarkm * appl/rsh/rsh.c: implemented BSD-style reserved port 35955682Smarkm `authentication' 36055682Smarkm 36155682SmarkmSun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se> 36255682Smarkm 36355682Smarkm * appl/rsh/rshd.c: syslog remote shells 36455682Smarkm 36555682SmarkmTue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se> 36655682Smarkm 36755682Smarkm * appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server 36855682Smarkm parameter to krb5_rd_req/krb5_recvauth. Set addresses in 36955682Smarkm auth_context. 37055682Smarkm 37155682SmarkmFri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se> 37255682Smarkm 37355682Smarkm * appl/rsh/rshd.c: implement forwarding 37455682Smarkm 37555682Smarkm * appl/rsh/rsh.c: Use getarg. Implement forwarding. 37655682Smarkm 37755682SmarkmSun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se> 37855682Smarkm 37955682Smarkm * appl/rsh: Conditionalize the krb4-support. 38055682Smarkm 38155682SmarkmWed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se> 38255682Smarkm 38355682Smarkm * appl/rsh/rsh.c: use the correct user for the checksum 38455682Smarkm 38555682SmarkmMon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se> 38655682Smarkm 38755682Smarkm * appl/rsh/rshd.c: Now works. Also implementd encryption and 38855682Smarkm `-p'. 38955682Smarkm 39055682Smarkm * appl/rsh/common.c: new file 39155682Smarkm 39255682SmarkmMon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se> 39355682Smarkm 39455682Smarkm * appl/rsh: New program. 39555682Smarkm 396