ChangeLog revision 78527
12001-02-07 Assar Westerlund <assar@sics.se> 2 3 * Makefile.am: add login_access 4 * rshd.c (login_access): add prototype 5 (syslog_and_die, fatal): add printf attributes 6 (*): AIX -> _AIX 7 (doit): use login_access 8 based on patches from Ake Sandgren <ake@cs.umu.se> 9 102001-01-09 Assar Westerlund <assar@sics.se> 11 12 * rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of 13 krb5_rd_cred 14 152000-12-31 Assar Westerlund <assar@sics.se> 16 17 * rshd.c (main): handle krb5_init_context failure consistently 18 * rsh.c (main): handle krb5_init_context failure consistently 19 202000-12-05 Johan Danielsson <joda@pdc.kth.se> 21 22 * rshd.c: require encryption if passed -x 23 242000-11-15 Assar Westerlund <assar@sics.se> 25 26 * rshd.c (loop): check that the fd's aren't too large to select on 27 * rsh.c (loop, proto): check that the fd's aren't too large to 28 select on 29 302000-08-10 Assar Westerlund <assar@sics.se> 31 32 * rsh.c: move code to do config/command parsing correctly. 33 342000-08-09 Assar Westerlund <assar@sics.se> 35 36 * rsh.c (main): only fetch stuff from krb5.conf when no option has 37 been given 38 392000-08-01 Assar Westerlund <assar@sics.se> 40 41 * rsh.c (doit): loop until we create an error socket of an 42 supported socket family 43 442000-07-02 Assar Westerlund <assar@sics.se> 45 46 * rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se> 47 do not call syslog with a variable as format string 48 49 * rsh_locl.h (_PATH_ETC_ENVIRONMENT): add 50 512000-06-09 Assar Westerlund <assar@sics.se> 52 53 * rsh.c (main): work-around for setuid and capabilities bug fixed 54 in Linux 2.2.16 55 562000-06-06 Johan Danielsson <joda@pdc.kth.se> 57 58 * rsh.c: nuke long option from -z 59 60 * rsh.c: don't try to encrypt if auth is broken (Daniel Kouril) 61 622000-06-03 Assar Westerlund <assar@sics.se> 63 64 * rshd.c (doit): check return value of getspnam. From 65 <haba@pdc.kth.se> 66 672000-05-23 Assar Westerlund <assar@sics.se> 68 69 * rsh.c (proto): select on the normal socket when waiting for the 70 daemon to connect back to the stderr port, so that we discover 71 when data arrives there before. when that happens, we assume that 72 the daemon did not manage to connect (because of NAT/whatever) and 73 continue as if `-e' was given 74 * rshd.c (doit): if we fail to connect back to the stderr port, 75 act as if `-e' was given on the client side, i.e. without the 76 special TCP-connection. This tries to make things better when 77 running the head against a NAT wall, for example. 78 792000-02-07 Assar Westerlund <assar@sics.se> 80 81 * Makefile.am (LDADD): make sure we use the heimdal libdes 82 832000-02-06 Assar Westerlund <assar@sics.se> 84 85 * *: conditionalize des stuff on KRB4 86 871999-12-16 Assar Westerlund <assar@sics.se> 88 89 * rsh.c (doit): addrinfo returned from getaddrinfo() is not usable 90 directly as hints. copy it and set AI_PASSIVE. 91 921999-11-20 Assar Westerlund <assar@sics.se> 93 94 * rsh.c (main): remember to close the priviledged sockets before 95 calling rlogin 96 971999-11-02 Assar Westerlund <assar@sics.se> 98 99 * rsh.c (main): redo the v4/v5 selection for consistency. -4 -> 100 try only v4 -5 -> try only v5 none, -45 -> try v5, v4 101 1021999-10-26 Assar Westerlund <assar@sics.se> 103 104 * rshd.c (main): ignore SIGPIPE 105 106 * common.c (do_read): the encoded length can be longer than the 107 buffer being used, allocate memory for it dynamically. From Brian 108 A May <bmay@dgs.monash.edu.au> 109 1101999-10-14 Assar Westerlund <assar@sics.se> 111 112 * rsh.c (proto): be more careful and don't print errno when read() 113 returns 0 114 1151999-09-20 Assar Westerlund <assar@sics.se> 116 117 * rshd.c (recv_krb4_auth): set `iv' 118 1191999-08-16 Assar Westerlund <assar@sics.se> 120 121 * common.c (do_read): be careful with the return value from 122 krb5_net_read 123 1241999-08-05 Assar Westerlund <assar@sics.se> 125 126 * rsh.c: call freehostent 127 128 * rsh.c: remove some dead code 129 1301999-08-04 Assar Westerlund <assar@sics.se> 131 132 * rshd.c: re-write the handling of forwarded credentials and 133 stuff. From Miroslav Ruda <ruda@ics.muni.cz> 134 135 * rsh_locl.h: always include kafs.h 136 137 * rsh.c: add `-z' and `-G' options 138 139 * rsh.c (loop): shutdown one side of the TCP connection on EOF. 140 From Brian A May <bmay@dgs.monash.edu.au> 141 142 * common.c (do_read): handle EOF. From Brian A May 143 <bmay@dgs.monash.edu.au> 144 1451999-08-01 Assar Westerlund <assar@sics.se> 146 147 * rsh.c: const fixes 148 1491999-07-29 Assar Westerlund <assar@sics.se> 150 151 * rshd.c: v6-ify 152 153 * rsh.c: v6-ify 154 1551999-07-28 Assar Westerlund <assar@sics.se> 156 157 * rsh_locl.h: move around kafs.h 158 1591999-07-24 Assar Westerlund <assar@sics.se> 160 161 * rsh_locl.h: <shadow.h> 162 163 * rsh.c, rshd.c: improve forwarding and implement unique ccache on 164 server. From Miroslav Ruda <ruda@ics.muni.cz> 165 1661999-07-03 Assar Westerlund <assar@sics.se> 167 168 * rsh.c (construct_command): handle argc == 0 for generality 169 1701999-06-23 Assar Westerlund <assar@sics.se> 171 172 * rsh.c: new option `-e' for not trying to open an stderr socket 173 1741999-06-17 Assar Westerlund <assar@sics.se> 175 176 * rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we 177 don't leave any data inside des_enc_read. (that constant should 178 really be exported in some way...) 179 1801999-06-15 Assar Westerlund <assar@sics.se> 181 182 * rsh.c: use get_default_username and resulting const pollution 183 1841999-05-21 Assar Westerlund <assar@sics.se> 185 186 * rsh.c (main): try $USERNAME 187 1881999-05-14 Assar Westerlund <assar@sics.se> 189 190 * rshd.c (doit): afslog correctly 191 1921999-05-11 Assar Westerlund <assar@sics.se> 193 194 * rsh.c (main): add fallback to rlogin 195 1961999-05-10 Assar Westerlund <assar@sics.se> 197 198 * rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL. 199 check return value from krb5_crypto_init 200 201 * common.c (do_write, do_read): always return -1 for failure 202 (net_write, net_read): remove. they already exist in libroken 203 2041999-05-09 Assar Westerlund <assar@sics.se> 205 206 * rsh.c: make sure it tries with all other authentication methods 207 after one has failed 208 * rsh.c (main): detect the case of no command given. 209 2101999-04-11 Assar Westerlund <assar@sics.se> 211 212 * rsh.c: new option --forwardable. use print_version 213 214Sat Apr 10 17:10:55 1999 Assar Westerlund <assar@sics.se> 215 216 * rshd.c (setup_copier): use `socketpair' instead of `pipe'. Some 217 shells don't think it's a rsh session if they find a pipe at the 218 other end. 219 (setup_environment): add SSH_CLIENT just to make bash happy 220 221 * common.c (do_read): use krb5_get_wrapped_length 222 223Wed Mar 24 03:59:42 1999 Assar Westerlund <assar@sics.se> 224 225 * rsh.c (loop): more braces to make gcc happy 226 227Tue Mar 23 17:08:32 1999 Johan Danielsson <joda@hella.pdc.kth.se> 228 229 * rsh_locl.h: kafs.h 230 231 * rshd.c: add `-P', `-v', and `-L' flags 232 233Thu Mar 18 11:37:24 1999 Johan Danielsson <joda@hella.pdc.kth.se> 234 235 * Makefile.am: include Makefile.am.common 236 237Tue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se> 238 239 * appl/rsh/rshd.c: update to new crypto framework 240 241 * appl/rsh/rsh_locl.h: update to new crypto framework 242 243 * appl/rsh/rsh.c: update to new crypto framework 244 245 * appl/rsh/common.c: update to new crypto framework 246 247Mon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 248 249 * appl/rsh/rsh.c (main): initialize host 250 251 * appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not 252 encrypting. 253 254Thu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se> 255 256 * appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user' 257 258Thu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se> 259 260 * appl/rsh/rshd.c: use krb5_verify_authenticator_checksum 261 262Sat Apr 18 21:13:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> 263 264 * appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified. 265 266Sun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se> 267 268 * appl/rsh/rshd.c (recv_krb5_auth): swap the order of the 269 `local_user' and the `remote_user' 270 271 * appl/rsh/rsh.c (send_krb5_auth): swap the order of the 272 `local_user' and the `remote_user' 273 274Sat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se> 275 276 * appl/rsh/rshd.c: updated to use getarg. 277 changed `struct fd_set' to `fd_set'. 278 implemented broken/BSD authentication (requires iruserok) 279 280Wed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se> 281 282 * appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH 283 284 * appl/rsh/Makefile.am: set BINDIR 285 286 * appl/rsh/rsh.c: implemented BSD-style reserved port 287 `authentication' 288 289Sun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se> 290 291 * appl/rsh/rshd.c: syslog remote shells 292 293Tue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se> 294 295 * appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server 296 parameter to krb5_rd_req/krb5_recvauth. Set addresses in 297 auth_context. 298 299Fri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se> 300 301 * appl/rsh/rshd.c: implement forwarding 302 303 * appl/rsh/rsh.c: Use getarg. Implement forwarding. 304 305Sun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se> 306 307 * appl/rsh: Conditionalize the krb4-support. 308 309Wed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se> 310 311 * appl/rsh/rsh.c: use the correct user for the checksum 312 313Mon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se> 314 315 * appl/rsh/rshd.c: Now works. Also implementd encryption and 316 `-p'. 317 318 * appl/rsh/common.c: new file 319 320Mon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se> 321 322 * appl/rsh: New program. 323 324