ChangeLog revision 103423
12002-09-04 Johan Danielsson <joda@pdc.kth.se> 2 3 * rsh.c: free some memory 4 52002-09-04 Assar Westerlund <assar@kth.se> 6 7 * common.c: krb5_crypto_block_size -> krb5_crypto_getblocksize 8 92002-09-04 Johan Danielsson <joda@pdc.kth.se> 10 11 * rsh.1: document -P 12 132002-09-03 Johan Danielsson <joda@pdc.kth.se> 14 15 * rsh.c: revert to protocol v1 if not asked for specific protocol 16 17 * rshd.c: handle protocol version 2 18 19 * rsh.c: handle protocol version 2 20 21 * common.c: handle protocol version 2 22 23 * rsh_locl.h: handle protocol version 2 24 252002-02-18 Johan Danielsson <joda@pdc.kth.se> 26 27 * rshd.c: don't show options that doesn't apply 28 29 * rsh.c: don't show options that doesn't apply 30 31 * rsh_locl.h: if we're not building with any kerberos support, 32 just call read/write directly 33 34 * common.c: if we're not building with any kerberos support, just 35 call read/write directly 36 37 * rshd.c: make this build without krb5; also use the addrinfo 38 interface to mini_inetd, and set the keepalive option if requested 39 40 * rsh.c: make this build without krb5 41 42 * rsh_locl.h: make this build without krb5 43 44 * common.c: make this build without krb5 45 462001-11-30 Johan Danielsson <joda@pdc.kth.se> 47 48 * rshd.c: make the syslog messages somewhat more informative 49 502001-08-15 Johan Danielsson <joda@pdc.kth.se> 51 52 * rsh.c: only complain about encryption flag when old 53 authentication is requested 54 552001-08-07 Johan Danielsson <joda@pdc.kth.se> 56 57 * rsh.c: don't try broken auth if rresvport failed; try to give 58 some more informative error messages 59 602001-07-31 Johan Danielsson <joda@pdc.kth.se> 61 62 * rshd.8: add an EXAMPLE 63 * rshd.8: manual page 64 * rshd.c: add some compat flags 65 * rsh.1: manual page 66 * rsh.c: iff -d, set the SO_DEBUG flags of the stdout and stderr 67 socket; implement parsing user@host 68 692001-07-19 Assar Westerlund <assar@sics.se> 70 71 * rshd.c (fatal): use vsnprintf correctly 72 732001-02-07 Assar Westerlund <assar@sics.se> 74 75 * Makefile.am: add login_access 76 * rshd.c (login_access): add prototype 77 (syslog_and_die, fatal): add printf attributes 78 (*): AIX -> _AIX 79 (doit): use login_access 80 based on patches from Ake Sandgren <ake@cs.umu.se> 81 822001-01-09 Assar Westerlund <assar@sics.se> 83 84 * rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of 85 krb5_rd_cred 86 872000-12-31 Assar Westerlund <assar@sics.se> 88 89 * rshd.c (main): handle krb5_init_context failure consistently 90 * rsh.c (main): handle krb5_init_context failure consistently 91 922000-12-05 Johan Danielsson <joda@pdc.kth.se> 93 94 * rshd.c: require encryption if passed -x 95 962000-11-15 Assar Westerlund <assar@sics.se> 97 98 * rshd.c (loop): check that the fd's aren't too large to select on 99 * rsh.c (loop, proto): check that the fd's aren't too large to 100 select on 101 1022000-08-10 Assar Westerlund <assar@sics.se> 103 104 * rsh.c: move code to do config/command parsing correctly. 105 1062000-08-09 Assar Westerlund <assar@sics.se> 107 108 * rsh.c (main): only fetch stuff from krb5.conf when no option has 109 been given 110 1112000-08-01 Assar Westerlund <assar@sics.se> 112 113 * rsh.c (doit): loop until we create an error socket of an 114 supported socket family 115 1162000-07-02 Assar Westerlund <assar@sics.se> 117 118 * rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se> 119 do not call syslog with a variable as format string 120 121 * rsh_locl.h (_PATH_ETC_ENVIRONMENT): add 122 1232000-06-09 Assar Westerlund <assar@sics.se> 124 125 * rsh.c (main): work-around for setuid and capabilities bug fixed 126 in Linux 2.2.16 127 1282000-06-06 Johan Danielsson <joda@pdc.kth.se> 129 130 * rsh.c: nuke long option from -z 131 132 * rsh.c: don't try to encrypt if auth is broken (Daniel Kouril) 133 1342000-06-03 Assar Westerlund <assar@sics.se> 135 136 * rshd.c (doit): check return value of getspnam. From 137 <haba@pdc.kth.se> 138 1392000-05-23 Assar Westerlund <assar@sics.se> 140 141 * rsh.c (proto): select on the normal socket when waiting for the 142 daemon to connect back to the stderr port, so that we discover 143 when data arrives there before. when that happens, we assume that 144 the daemon did not manage to connect (because of NAT/whatever) and 145 continue as if `-e' was given 146 * rshd.c (doit): if we fail to connect back to the stderr port, 147 act as if `-e' was given on the client side, i.e. without the 148 special TCP-connection. This tries to make things better when 149 running the head against a NAT wall, for example. 150 1512000-02-07 Assar Westerlund <assar@sics.se> 152 153 * Makefile.am (LDADD): make sure we use the heimdal libdes 154 1552000-02-06 Assar Westerlund <assar@sics.se> 156 157 * *: conditionalize des stuff on KRB4 158 1591999-12-16 Assar Westerlund <assar@sics.se> 160 161 * rsh.c (doit): addrinfo returned from getaddrinfo() is not usable 162 directly as hints. copy it and set AI_PASSIVE. 163 1641999-11-20 Assar Westerlund <assar@sics.se> 165 166 * rsh.c (main): remember to close the priviledged sockets before 167 calling rlogin 168 1691999-11-02 Assar Westerlund <assar@sics.se> 170 171 * rsh.c (main): redo the v4/v5 selection for consistency. -4 -> 172 try only v4 -5 -> try only v5 none, -45 -> try v5, v4 173 1741999-10-26 Assar Westerlund <assar@sics.se> 175 176 * rshd.c (main): ignore SIGPIPE 177 178 * common.c (do_read): the encoded length can be longer than the 179 buffer being used, allocate memory for it dynamically. From Brian 180 A May <bmay@dgs.monash.edu.au> 181 1821999-10-14 Assar Westerlund <assar@sics.se> 183 184 * rsh.c (proto): be more careful and don't print errno when read() 185 returns 0 186 1871999-09-20 Assar Westerlund <assar@sics.se> 188 189 * rshd.c (recv_krb4_auth): set `iv' 190 1911999-08-16 Assar Westerlund <assar@sics.se> 192 193 * common.c (do_read): be careful with the return value from 194 krb5_net_read 195 1961999-08-05 Assar Westerlund <assar@sics.se> 197 198 * rsh.c: call freehostent 199 200 * rsh.c: remove some dead code 201 2021999-08-04 Assar Westerlund <assar@sics.se> 203 204 * rshd.c: re-write the handling of forwarded credentials and 205 stuff. From Miroslav Ruda <ruda@ics.muni.cz> 206 207 * rsh_locl.h: always include kafs.h 208 209 * rsh.c: add `-z' and `-G' options 210 211 * rsh.c (loop): shutdown one side of the TCP connection on EOF. 212 From Brian A May <bmay@dgs.monash.edu.au> 213 214 * common.c (do_read): handle EOF. From Brian A May 215 <bmay@dgs.monash.edu.au> 216 2171999-08-01 Assar Westerlund <assar@sics.se> 218 219 * rsh.c: const fixes 220 2211999-07-29 Assar Westerlund <assar@sics.se> 222 223 * rshd.c: v6-ify 224 225 * rsh.c: v6-ify 226 2271999-07-28 Assar Westerlund <assar@sics.se> 228 229 * rsh_locl.h: move around kafs.h 230 2311999-07-24 Assar Westerlund <assar@sics.se> 232 233 * rsh_locl.h: <shadow.h> 234 235 * rsh.c, rshd.c: improve forwarding and implement unique ccache on 236 server. From Miroslav Ruda <ruda@ics.muni.cz> 237 2381999-07-03 Assar Westerlund <assar@sics.se> 239 240 * rsh.c (construct_command): handle argc == 0 for generality 241 2421999-06-23 Assar Westerlund <assar@sics.se> 243 244 * rsh.c: new option `-e' for not trying to open an stderr socket 245 2461999-06-17 Assar Westerlund <assar@sics.se> 247 248 * rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we 249 don't leave any data inside des_enc_read. (that constant should 250 really be exported in some way...) 251 2521999-06-15 Assar Westerlund <assar@sics.se> 253 254 * rsh.c: use get_default_username and resulting const pollution 255 2561999-05-21 Assar Westerlund <assar@sics.se> 257 258 * rsh.c (main): try $USERNAME 259 2601999-05-14 Assar Westerlund <assar@sics.se> 261 262 * rshd.c (doit): afslog correctly 263 2641999-05-11 Assar Westerlund <assar@sics.se> 265 266 * rsh.c (main): add fallback to rlogin 267 2681999-05-10 Assar Westerlund <assar@sics.se> 269 270 * rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL. 271 check return value from krb5_crypto_init 272 273 * common.c (do_write, do_read): always return -1 for failure 274 (net_write, net_read): remove. they already exist in libroken 275 2761999-05-09 Assar Westerlund <assar@sics.se> 277 278 * rsh.c: make sure it tries with all other authentication methods 279 after one has failed 280 * rsh.c (main): detect the case of no command given. 281 2821999-04-11 Assar Westerlund <assar@sics.se> 283 284 * rsh.c: new option --forwardable. use print_version 285 286Sat Apr 10 17:10:55 1999 Assar Westerlund <assar@sics.se> 287 288 * rshd.c (setup_copier): use `socketpair' instead of `pipe'. Some 289 shells don't think it's a rsh session if they find a pipe at the 290 other end. 291 (setup_environment): add SSH_CLIENT just to make bash happy 292 293 * common.c (do_read): use krb5_get_wrapped_length 294 295Wed Mar 24 03:59:42 1999 Assar Westerlund <assar@sics.se> 296 297 * rsh.c (loop): more braces to make gcc happy 298 299Tue Mar 23 17:08:32 1999 Johan Danielsson <joda@hella.pdc.kth.se> 300 301 * rsh_locl.h: kafs.h 302 303 * rshd.c: add `-P', `-v', and `-L' flags 304 305Thu Mar 18 11:37:24 1999 Johan Danielsson <joda@hella.pdc.kth.se> 306 307 * Makefile.am: include Makefile.am.common 308 309Tue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se> 310 311 * appl/rsh/rshd.c: update to new crypto framework 312 313 * appl/rsh/rsh_locl.h: update to new crypto framework 314 315 * appl/rsh/rsh.c: update to new crypto framework 316 317 * appl/rsh/common.c: update to new crypto framework 318 319Mon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 320 321 * appl/rsh/rsh.c (main): initialize host 322 323 * appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not 324 encrypting. 325 326Thu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se> 327 328 * appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user' 329 330Thu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se> 331 332 * appl/rsh/rshd.c: use krb5_verify_authenticator_checksum 333 334Sat Apr 18 21:13:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> 335 336 * appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified. 337 338Sun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se> 339 340 * appl/rsh/rshd.c (recv_krb5_auth): swap the order of the 341 `local_user' and the `remote_user' 342 343 * appl/rsh/rsh.c (send_krb5_auth): swap the order of the 344 `local_user' and the `remote_user' 345 346Sat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se> 347 348 * appl/rsh/rshd.c: updated to use getarg. 349 changed `struct fd_set' to `fd_set'. 350 implemented broken/BSD authentication (requires iruserok) 351 352Wed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se> 353 354 * appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH 355 356 * appl/rsh/Makefile.am: set BINDIR 357 358 * appl/rsh/rsh.c: implemented BSD-style reserved port 359 `authentication' 360 361Sun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se> 362 363 * appl/rsh/rshd.c: syslog remote shells 364 365Tue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se> 366 367 * appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server 368 parameter to krb5_rd_req/krb5_recvauth. Set addresses in 369 auth_context. 370 371Fri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se> 372 373 * appl/rsh/rshd.c: implement forwarding 374 375 * appl/rsh/rsh.c: Use getarg. Implement forwarding. 376 377Sun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se> 378 379 * appl/rsh: Conditionalize the krb4-support. 380 381Wed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se> 382 383 * appl/rsh/rsh.c: use the correct user for the checksum 384 385Mon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se> 386 387 * appl/rsh/rshd.c: Now works. Also implementd encryption and 388 `-p'. 389 390 * appl/rsh/common.c: new file 391 392Mon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se> 393 394 * appl/rsh: New program. 395 396