ChangeLog revision 72445
12001-01-09 Assar Westerlund <assar@sics.se> 2 3 * rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of 4 krb5_rd_cred 5 62000-12-31 Assar Westerlund <assar@sics.se> 7 8 * rshd.c (main): handle krb5_init_context failure consistently 9 * rsh.c (main): handle krb5_init_context failure consistently 10 112000-12-05 Johan Danielsson <joda@pdc.kth.se> 12 13 * rshd.c: require encryption if passed -x 14 152000-11-15 Assar Westerlund <assar@sics.se> 16 17 * rshd.c (loop): check that the fd's aren't too large to select on 18 * rsh.c (loop, proto): check that the fd's aren't too large to 19 select on 20 212000-08-10 Assar Westerlund <assar@sics.se> 22 23 * rsh.c: move code to do config/command parsing correctly. 24 252000-08-09 Assar Westerlund <assar@sics.se> 26 27 * rsh.c (main): only fetch stuff from krb5.conf when no option has 28 been given 29 302000-08-01 Assar Westerlund <assar@sics.se> 31 32 * rsh.c (doit): loop until we create an error socket of an 33 supported socket family 34 352000-07-02 Assar Westerlund <assar@sics.se> 36 37 * rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se> 38 do not call syslog with a variable as format string 39 40 * rsh_locl.h (_PATH_ETC_ENVIRONMENT): add 41 422000-06-09 Assar Westerlund <assar@sics.se> 43 44 * rsh.c (main): work-around for setuid and capabilities bug fixed 45 in Linux 2.2.16 46 472000-06-06 Johan Danielsson <joda@pdc.kth.se> 48 49 * rsh.c: nuke long option from -z 50 51 * rsh.c: don't try to encrypt if auth is broken (Daniel Kouril) 52 532000-06-03 Assar Westerlund <assar@sics.se> 54 55 * rshd.c (doit): check return value of getspnam. From 56 <haba@pdc.kth.se> 57 582000-05-23 Assar Westerlund <assar@sics.se> 59 60 * rsh.c (proto): select on the normal socket when waiting for the 61 daemon to connect back to the stderr port, so that we discover 62 when data arrives there before. when that happens, we assume that 63 the daemon did not manage to connect (because of NAT/whatever) and 64 continue as if `-e' was given 65 * rshd.c (doit): if we fail to connect back to the stderr port, 66 act as if `-e' was given on the client side, i.e. without the 67 special TCP-connection. This tries to make things better when 68 running the head against a NAT wall, for example. 69 702000-02-07 Assar Westerlund <assar@sics.se> 71 72 * Makefile.am (LDADD): make sure we use the heimdal libdes 73 742000-02-06 Assar Westerlund <assar@sics.se> 75 76 * *: conditionalize des stuff on KRB4 77 781999-12-16 Assar Westerlund <assar@sics.se> 79 80 * rsh.c (doit): addrinfo returned from getaddrinfo() is not usable 81 directly as hints. copy it and set AI_PASSIVE. 82 831999-11-20 Assar Westerlund <assar@sics.se> 84 85 * rsh.c (main): remember to close the priviledged sockets before 86 calling rlogin 87 881999-11-02 Assar Westerlund <assar@sics.se> 89 90 * rsh.c (main): redo the v4/v5 selection for consistency. -4 -> 91 try only v4 -5 -> try only v5 none, -45 -> try v5, v4 92 931999-10-26 Assar Westerlund <assar@sics.se> 94 95 * rshd.c (main): ignore SIGPIPE 96 97 * common.c (do_read): the encoded length can be longer than the 98 buffer being used, allocate memory for it dynamically. From Brian 99 A May <bmay@dgs.monash.edu.au> 100 1011999-10-14 Assar Westerlund <assar@sics.se> 102 103 * rsh.c (proto): be more careful and don't print errno when read() 104 returns 0 105 1061999-09-20 Assar Westerlund <assar@sics.se> 107 108 * rshd.c (recv_krb4_auth): set `iv' 109 1101999-08-16 Assar Westerlund <assar@sics.se> 111 112 * common.c (do_read): be careful with the return value from 113 krb5_net_read 114 1151999-08-05 Assar Westerlund <assar@sics.se> 116 117 * rsh.c: call freehostent 118 119 * rsh.c: remove some dead code 120 1211999-08-04 Assar Westerlund <assar@sics.se> 122 123 * rshd.c: re-write the handling of forwarded credentials and 124 stuff. From Miroslav Ruda <ruda@ics.muni.cz> 125 126 * rsh_locl.h: always include kafs.h 127 128 * rsh.c: add `-z' and `-G' options 129 130 * rsh.c (loop): shutdown one side of the TCP connection on EOF. 131 From Brian A May <bmay@dgs.monash.edu.au> 132 133 * common.c (do_read): handle EOF. From Brian A May 134 <bmay@dgs.monash.edu.au> 135 1361999-08-01 Assar Westerlund <assar@sics.se> 137 138 * rsh.c: const fixes 139 1401999-07-29 Assar Westerlund <assar@sics.se> 141 142 * rshd.c: v6-ify 143 144 * rsh.c: v6-ify 145 1461999-07-28 Assar Westerlund <assar@sics.se> 147 148 * rsh_locl.h: move around kafs.h 149 1501999-07-24 Assar Westerlund <assar@sics.se> 151 152 * rsh_locl.h: <shadow.h> 153 154 * rsh.c, rshd.c: improve forwarding and implement unique ccache on 155 server. From Miroslav Ruda <ruda@ics.muni.cz> 156 1571999-07-03 Assar Westerlund <assar@sics.se> 158 159 * rsh.c (construct_command): handle argc == 0 for generality 160 1611999-06-23 Assar Westerlund <assar@sics.se> 162 163 * rsh.c: new option `-e' for not trying to open an stderr socket 164 1651999-06-17 Assar Westerlund <assar@sics.se> 166 167 * rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we 168 don't leave any data inside des_enc_read. (that constant should 169 really be exported in some way...) 170 1711999-06-15 Assar Westerlund <assar@sics.se> 172 173 * rsh.c: use get_default_username and resulting const pollution 174 1751999-05-21 Assar Westerlund <assar@sics.se> 176 177 * rsh.c (main): try $USERNAME 178 1791999-05-14 Assar Westerlund <assar@sics.se> 180 181 * rshd.c (doit): afslog correctly 182 1831999-05-11 Assar Westerlund <assar@sics.se> 184 185 * rsh.c (main): add fallback to rlogin 186 1871999-05-10 Assar Westerlund <assar@sics.se> 188 189 * rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL. 190 check return value from krb5_crypto_init 191 192 * common.c (do_write, do_read): always return -1 for failure 193 (net_write, net_read): remove. they already exist in libroken 194 1951999-05-09 Assar Westerlund <assar@sics.se> 196 197 * rsh.c: make sure it tries with all other authentication methods 198 after one has failed 199 * rsh.c (main): detect the case of no command given. 200 2011999-04-11 Assar Westerlund <assar@sics.se> 202 203 * rsh.c: new option --forwardable. use print_version 204 205Sat Apr 10 17:10:55 1999 Assar Westerlund <assar@sics.se> 206 207 * rshd.c (setup_copier): use `socketpair' instead of `pipe'. Some 208 shells don't think it's a rsh session if they find a pipe at the 209 other end. 210 (setup_environment): add SSH_CLIENT just to make bash happy 211 212 * common.c (do_read): use krb5_get_wrapped_length 213 214Wed Mar 24 03:59:42 1999 Assar Westerlund <assar@sics.se> 215 216 * rsh.c (loop): more braces to make gcc happy 217 218Tue Mar 23 17:08:32 1999 Johan Danielsson <joda@hella.pdc.kth.se> 219 220 * rsh_locl.h: kafs.h 221 222 * rshd.c: add `-P', `-v', and `-L' flags 223 224Thu Mar 18 11:37:24 1999 Johan Danielsson <joda@hella.pdc.kth.se> 225 226 * Makefile.am: include Makefile.am.common 227 228Tue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se> 229 230 * appl/rsh/rshd.c: update to new crypto framework 231 232 * appl/rsh/rsh_locl.h: update to new crypto framework 233 234 * appl/rsh/rsh.c: update to new crypto framework 235 236 * appl/rsh/common.c: update to new crypto framework 237 238Mon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 239 240 * appl/rsh/rsh.c (main): initialize host 241 242 * appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not 243 encrypting. 244 245Thu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se> 246 247 * appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user' 248 249Thu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se> 250 251 * appl/rsh/rshd.c: use krb5_verify_authenticator_checksum 252 253Sat Apr 18 21:13:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> 254 255 * appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified. 256 257Sun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se> 258 259 * appl/rsh/rshd.c (recv_krb5_auth): swap the order of the 260 `local_user' and the `remote_user' 261 262 * appl/rsh/rsh.c (send_krb5_auth): swap the order of the 263 `local_user' and the `remote_user' 264 265Sat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se> 266 267 * appl/rsh/rshd.c: updated to use getarg. 268 changed `struct fd_set' to `fd_set'. 269 implemented broken/BSD authentication (requires iruserok) 270 271Wed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se> 272 273 * appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH 274 275 * appl/rsh/Makefile.am: set BINDIR 276 277 * appl/rsh/rsh.c: implemented BSD-style reserved port 278 `authentication' 279 280Sun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se> 281 282 * appl/rsh/rshd.c: syslog remote shells 283 284Tue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se> 285 286 * appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server 287 parameter to krb5_rd_req/krb5_recvauth. Set addresses in 288 auth_context. 289 290Fri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se> 291 292 * appl/rsh/rshd.c: implement forwarding 293 294 * appl/rsh/rsh.c: Use getarg. Implement forwarding. 295 296Sun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se> 297 298 * appl/rsh: Conditionalize the krb4-support. 299 300Wed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se> 301 302 * appl/rsh/rsh.c: use the correct user for the checksum 303 304Mon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se> 305 306 * appl/rsh/rshd.c: Now works. Also implementd encryption and 307 `-p'. 308 309 * appl/rsh/common.c: new file 310 311Mon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se> 312 313 * appl/rsh: New program. 314 315