ChangeLog revision 120945
12003-04-16  Johan Danielsson  <joda@pdc.kth.se>
2
3	* rsh.c: use krb5_appdefault to get defaults for forward and
4	encrypt
5
6	* rshd.c: use ARG_MAX + 1
7
8	* rshd.c (read_str): return allocated string
9
10	* rsh_locl.h: set NCARGS to 8k if undefined
11
122003-03-23  Assar Westerlund  <assar@kth.se>
13
14	* rsh.c (loop): only check errsock if it's valid
15
162003-03-18  Love  Love H�rnquist �strand <lha@it.su.se>
17
18	* rshd.c: do krb5_afslog when compling with afs support
19
20	* rsh_locl.h: always include kafs.h
21	
222002-11-22  Johan Danielsson  <joda@pdc.kth.se>
23
24	* rshd.8: clarify -x and kerberos 5
25
262002-11-01  Johan Danielsson  <joda@pdc.kth.se>
27
28	* rsh_locl.h: bump COMMAND_SZ to NCARGS+1
29
302002-09-04  Johan Danielsson  <joda@pdc.kth.se>
31
32	* rsh.c: free some memory
33
342002-09-04  Assar Westerlund  <assar@kth.se>
35
36	* common.c: krb5_crypto_block_size -> krb5_crypto_getblocksize
37
382002-09-04  Johan Danielsson  <joda@pdc.kth.se>
39
40	* rsh.1: document -P
41
422002-09-03  Johan Danielsson  <joda@pdc.kth.se>
43
44	* rsh.c: revert to protocol v1 if not asked for specific protocol
45
46	* rshd.c: handle protocol version 2
47
48	* rsh.c: handle protocol version 2
49
50	* common.c: handle protocol version 2
51
52	* rsh_locl.h: handle protocol version 2
53
542002-02-18  Johan Danielsson  <joda@pdc.kth.se>
55
56	* rshd.c: don't show options that doesn't apply
57
58	* rsh.c: don't show options that doesn't apply
59
60	* rsh_locl.h: if we're not building with any kerberos support,
61	just call read/write directly
62
63	* common.c: if we're not building with any kerberos support, just
64	call read/write directly
65
66	* rshd.c: make this build without krb5; also use the addrinfo
67	interface to mini_inetd, and set the keepalive option if requested
68
69	* rsh.c: make this build without krb5
70
71	* rsh_locl.h: make this build without krb5
72
73	* common.c: make this build without krb5
74
752001-11-30  Johan Danielsson  <joda@pdc.kth.se>
76
77	* rshd.c: make the syslog messages somewhat more informative
78
792001-08-15  Johan Danielsson  <joda@pdc.kth.se>
80
81	* rsh.c: only complain about encryption flag when old
82	authentication is requested
83
842001-08-07  Johan Danielsson  <joda@pdc.kth.se>
85
86	* rsh.c: don't try broken auth if rresvport failed; try to give
87	some more informative error messages
88
892001-07-31  Johan Danielsson  <joda@pdc.kth.se>
90
91	* rshd.8: add an EXAMPLE
92	* rshd.8: manual page
93	* rshd.c: add some compat flags
94	* rsh.1: manual page
95	* rsh.c: iff -d, set the SO_DEBUG flags of the stdout and stderr
96	socket; implement parsing user@host
97
982001-07-19  Assar Westerlund  <assar@sics.se>
99
100	* rshd.c (fatal): use vsnprintf correctly
101
1022001-02-07  Assar Westerlund  <assar@sics.se>
103
104	* Makefile.am: add login_access
105	* rshd.c (login_access): add prototype
106	(syslog_and_die, fatal): add printf attributes
107	(*): AIX -> _AIX
108	(doit): use login_access
109	based on patches from Ake Sandgren <ake@cs.umu.se>
110
1112001-01-09  Assar Westerlund  <assar@sics.se>
112
113	* rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of
114	krb5_rd_cred
115
1162000-12-31  Assar Westerlund  <assar@sics.se>
117
118	* rshd.c (main): handle krb5_init_context failure consistently
119	* rsh.c (main): handle krb5_init_context failure consistently
120
1212000-12-05  Johan Danielsson  <joda@pdc.kth.se>
122
123	* rshd.c: require encryption if passed -x
124
1252000-11-15  Assar Westerlund  <assar@sics.se>
126
127	* rshd.c (loop): check that the fd's aren't too large to select on
128	* rsh.c (loop, proto): check that the fd's aren't too large to
129	select on
130
1312000-08-10  Assar Westerlund  <assar@sics.se>
132
133	* rsh.c: move code to do config/command parsing correctly.
134
1352000-08-09  Assar Westerlund  <assar@sics.se>
136
137	* rsh.c (main): only fetch stuff from krb5.conf when no option has
138	been given
139
1402000-08-01  Assar Westerlund  <assar@sics.se>
141
142	* rsh.c (doit): loop until we create an error socket of an
143	supported socket family
144
1452000-07-02  Assar Westerlund  <assar@sics.se>
146
147	* rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se>
148	do not call syslog with a variable as format string
149
150	* rsh_locl.h (_PATH_ETC_ENVIRONMENT): add
151
1522000-06-09  Assar Westerlund  <assar@sics.se>
153
154	* rsh.c (main): work-around for setuid and capabilities bug fixed
155	in Linux 2.2.16
156
1572000-06-06  Johan Danielsson  <joda@pdc.kth.se>
158
159	* rsh.c: nuke long option from -z
160	
161	* rsh.c: don't try to encrypt if auth is broken (Daniel Kouril)
162	
1632000-06-03  Assar Westerlund  <assar@sics.se>
164
165	* rshd.c (doit): check return value of getspnam.  From
166	<haba@pdc.kth.se>
167
1682000-05-23  Assar Westerlund  <assar@sics.se>
169
170	* rsh.c (proto): select on the normal socket when waiting for the
171	daemon to connect back to the stderr port, so that we discover
172	when data arrives there before.  when that happens, we assume that
173	the daemon did not manage to connect (because of NAT/whatever) and
174	continue as if `-e' was given
175	* rshd.c (doit): if we fail to connect back to the stderr port,
176	act as if `-e' was given on the client side, i.e. without the
177	special TCP-connection.  This tries to make things better when
178	running the head against a NAT wall, for example.
179
1802000-02-07  Assar Westerlund  <assar@sics.se>
181
182	* Makefile.am (LDADD): make sure we use the heimdal libdes
183
1842000-02-06  Assar Westerlund  <assar@sics.se>
185
186	* *: conditionalize des stuff on KRB4
187
1881999-12-16  Assar Westerlund  <assar@sics.se>
189
190	* rsh.c (doit): addrinfo returned from getaddrinfo() is not usable
191	directly as hints.  copy it and set AI_PASSIVE.
192
1931999-11-20  Assar Westerlund  <assar@sics.se>
194
195	* rsh.c (main): remember to close the priviledged sockets before
196 	calling rlogin
197
1981999-11-02  Assar Westerlund  <assar@sics.se>
199
200	* rsh.c (main): redo the v4/v5 selection for consistency.  -4 ->
201 	try only v4 -5 -> try only v5 none, -45 -> try v5, v4
202
2031999-10-26  Assar Westerlund  <assar@sics.se>
204
205	* rshd.c (main): ignore SIGPIPE
206
207	* common.c (do_read): the encoded length can be longer than the
208 	buffer being used, allocate memory for it dynamically.  From Brian
209 	A May <bmay@dgs.monash.edu.au>
210
2111999-10-14  Assar Westerlund  <assar@sics.se>
212
213	* rsh.c (proto): be more careful and don't print errno when read()
214 	returns 0
215
2161999-09-20  Assar Westerlund  <assar@sics.se>
217
218	* rshd.c (recv_krb4_auth): set `iv'
219
2201999-08-16  Assar Westerlund  <assar@sics.se>
221
222	* common.c (do_read): be careful with the return value from
223 	krb5_net_read
224
2251999-08-05  Assar Westerlund  <assar@sics.se>
226
227	* rsh.c: call freehostent
228
229	* rsh.c: remove some dead code
230
2311999-08-04  Assar Westerlund  <assar@sics.se>
232
233	* rshd.c: re-write the handling of forwarded credentials and
234 	stuff.  From Miroslav Ruda <ruda@ics.muni.cz>
235
236	* rsh_locl.h: always include kafs.h
237
238	* rsh.c: add `-z' and `-G' options
239
240	* rsh.c (loop): shutdown one side of the TCP connection on EOF.
241  	From Brian A May <bmay@dgs.monash.edu.au>
242
243	* common.c (do_read): handle EOF.  From Brian A May
244 	<bmay@dgs.monash.edu.au>
245
2461999-08-01  Assar Westerlund  <assar@sics.se>
247
248	* rsh.c: const fixes
249
2501999-07-29  Assar Westerlund  <assar@sics.se>
251
252	* rshd.c: v6-ify
253
254	* rsh.c: v6-ify
255
2561999-07-28  Assar Westerlund  <assar@sics.se>
257
258	* rsh_locl.h: move around kafs.h
259
2601999-07-24  Assar Westerlund  <assar@sics.se>
261
262	* rsh_locl.h: <shadow.h>
263
264	* rsh.c, rshd.c: improve forwarding and implement unique ccache on
265 	server.  From Miroslav Ruda <ruda@ics.muni.cz>
266
2671999-07-03  Assar Westerlund  <assar@sics.se>
268
269	* rsh.c (construct_command): handle argc == 0 for generality
270
2711999-06-23  Assar Westerlund  <assar@sics.se>
272
273	* rsh.c: new option `-e' for not trying to open an stderr socket
274
2751999-06-17  Assar Westerlund  <assar@sics.se>
276
277	* rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we
278 	don't leave any data inside des_enc_read.  (that constant should
279 	really be exported in some way...)
280
2811999-06-15  Assar Westerlund  <assar@sics.se>
282
283	* rsh.c: use get_default_username and resulting const pollution
284
2851999-05-21  Assar Westerlund  <assar@sics.se>
286
287	* rsh.c (main): try $USERNAME
288
2891999-05-14  Assar Westerlund  <assar@sics.se>
290
291	* rshd.c (doit): afslog correctly
292
2931999-05-11  Assar Westerlund  <assar@sics.se>
294
295	* rsh.c (main): add fallback to rlogin
296
2971999-05-10  Assar Westerlund  <assar@sics.se>
298
299	* rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL.
300	check return value from krb5_crypto_init
301	
302	* common.c (do_write, do_read): always return -1 for failure
303	(net_write, net_read): remove.  they already exist in libroken
304
3051999-05-09  Assar Westerlund  <assar@sics.se>
306
307	* rsh.c: make sure it tries with all other authentication methods
308	after one has failed
309	* rsh.c (main): detect the case of no command given.
310	
3111999-04-11  Assar Westerlund  <assar@sics.se>
312
313	* rsh.c: new option --forwardable. use print_version
314	
315Sat Apr 10 17:10:55 1999  Assar Westerlund  <assar@sics.se>
316
317	* rshd.c (setup_copier): use `socketpair' instead of `pipe'.  Some
318 	shells don't think it's a rsh session if they find a pipe at the
319 	other end.
320	(setup_environment): add SSH_CLIENT just to make bash happy
321
322	* common.c (do_read): use krb5_get_wrapped_length
323
324Wed Mar 24 03:59:42 1999  Assar Westerlund  <assar@sics.se>
325
326	* rsh.c (loop): more braces to make gcc happy
327
328Tue Mar 23 17:08:32 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
329
330	* rsh_locl.h: kafs.h
331
332	* rshd.c: add `-P', `-v', and `-L' flags
333
334Thu Mar 18 11:37:24 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
335
336	* Makefile.am: include Makefile.am.common
337
338Tue Dec  1 14:44:44 1998  Johan Danielsson  <joda@hella.pdc.kth.se>
339
340	* appl/rsh/rshd.c: update to new crypto framework
341
342	* appl/rsh/rsh_locl.h: update to new crypto framework
343
344	* appl/rsh/rsh.c: update to new crypto framework
345
346	* appl/rsh/common.c: update to new crypto framework
347
348Mon Nov  2 01:15:06 1998  Assar Westerlund  <assar@sics.se>
349
350	* appl/rsh/rsh.c (main): initialize host
351
352	* appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not
353 	encrypting.
354
355Thu Jul 30 23:12:17 1998  Assar Westerlund  <assar@sics.se>
356
357	* appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user'
358
359Thu Jul 23 19:49:03 1998  Johan Danielsson  <joda@emma.pdc.kth.se>
360
361	* appl/rsh/rshd.c: use krb5_verify_authenticator_checksum
362
363Sat Apr 18 21:13:06 1998  Johan Danielsson  <joda@emma.pdc.kth.se>
364
365	* appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified.
366
367Sun Dec 21 09:44:05 1997  Assar Westerlund  <assar@sics.se>
368
369	* appl/rsh/rshd.c (recv_krb5_auth): swap the order of the
370 	`local_user' and the `remote_user'
371
372	* appl/rsh/rsh.c (send_krb5_auth): swap the order of the
373 	`local_user' and the `remote_user'
374
375Sat Nov 29 07:10:11 1997  Assar Westerlund  <assar@sics.se>
376
377	* appl/rsh/rshd.c: updated to use getarg.
378	changed `struct fd_set' to `fd_set'.
379	implemented broken/BSD authentication (requires iruserok)
380
381Wed Nov 12 02:35:57 1997  Assar Westerlund  <assar@sics.se>
382
383	* appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH
384
385	* appl/rsh/Makefile.am: set BINDIR
386
387	* appl/rsh/rsh.c: implemented BSD-style reserved port
388 	`authentication'
389
390Sun Aug 24 08:06:54 1997  Assar Westerlund  <assar@sics.se>
391
392	* appl/rsh/rshd.c: syslog remote shells
393
394Tue Aug 12 01:29:46 1997  Assar Westerlund  <assar@sics.se>
395
396	* appl/rshd/rshd.c: Use `krb5_sock_to_principal'.  Send server
397 	parameter to krb5_rd_req/krb5_recvauth.  Set addresses in
398 	auth_context.
399
400Fri Jul 25 17:32:12 1997  Assar Westerlund  <assar@sics.se>
401
402	* appl/rsh/rshd.c: implement forwarding
403
404	* appl/rsh/rsh.c: Use getarg.  Implement forwarding.
405
406Sun Jul 13 00:32:16 1997  Assar Westerlund  <assar@sics.se>
407
408	* appl/rsh: Conditionalize the krb4-support.
409
410Wed Jul  9 06:58:00 1997  Assar Westerlund  <assar@sics.se>
411
412	* appl/rsh/rsh.c: use the correct user for the checksum
413
414Mon Jul  7 11:15:51 1997  Assar Westerlund  <assar@sics.se>
415
416	* appl/rsh/rshd.c: Now works.  Also implementd encryption and
417 	`-p'.
418	
419	* appl/rsh/common.c: new file
420
421Mon Jun 30 06:08:14 1997  Assar Westerlund  <assar@sics.se>
422
423	* appl/rsh: New program.
424
425