ChangeLog revision 90926
1214571Sdim2001-11-30 Johan Danielsson <joda@pdc.kth.se> 2214571Sdim 3214571Sdim * rshd.c: make the syslog messages somewhat more informative 4214571Sdim 5214571Sdim2001-08-15 Johan Danielsson <joda@pdc.kth.se> 6214571Sdim 7214571Sdim * rsh.c: only complain about encryption flag when old 8214571Sdim authentication is requested 9214571Sdim 10214571Sdim2001-08-07 Johan Danielsson <joda@pdc.kth.se> 11214571Sdim 12214571Sdim * rsh.c: don't try broken auth if rresvport failed; try to give 13214571Sdim some more informative error messages 14214571Sdim 15214571Sdim2001-07-31 Johan Danielsson <joda@pdc.kth.se> 16214571Sdim 17214571Sdim * rshd.8: add an EXAMPLE 18214571Sdim * rshd.8: manual page 19214571Sdim * rshd.c: add some compat flags 20214571Sdim * rsh.1: manual page 21214571Sdim * rsh.c: iff -d, set the SO_DEBUG flags of the stdout and stderr 22214571Sdim socket; implement parsing user@host 23214571Sdim 24214571Sdim2001-07-19 Assar Westerlund <assar@sics.se> 25214571Sdim 26214571Sdim * rshd.c (fatal): use vsnprintf correctly 27214571Sdim 28214571Sdim2001-02-07 Assar Westerlund <assar@sics.se> 29214571Sdim 30214571Sdim * Makefile.am: add login_access 31214571Sdim * rshd.c (login_access): add prototype 32214571Sdim (syslog_and_die, fatal): add printf attributes 33214571Sdim (*): AIX -> _AIX 34214571Sdim (doit): use login_access 35214571Sdim based on patches from Ake Sandgren <ake@cs.umu.se> 36214571Sdim 37214571Sdim2001-01-09 Assar Westerlund <assar@sics.se> 38214571Sdim 39214571Sdim * rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of 40214571Sdim krb5_rd_cred 41214571Sdim 42214571Sdim2000-12-31 Assar Westerlund <assar@sics.se> 43214571Sdim 44214571Sdim * rshd.c (main): handle krb5_init_context failure consistently 45214571Sdim * rsh.c (main): handle krb5_init_context failure consistently 46214571Sdim 47214571Sdim2000-12-05 Johan Danielsson <joda@pdc.kth.se> 48214571Sdim 49214571Sdim * rshd.c: require encryption if passed -x 50214571Sdim 51214571Sdim2000-11-15 Assar Westerlund <assar@sics.se> 52214571Sdim 53214571Sdim * rshd.c (loop): check that the fd's aren't too large to select on 54214571Sdim * rsh.c (loop, proto): check that the fd's aren't too large to 55214571Sdim select on 56214571Sdim 57214571Sdim2000-08-10 Assar Westerlund <assar@sics.se> 58214571Sdim 59214571Sdim * rsh.c: move code to do config/command parsing correctly. 60214571Sdim 61214571Sdim2000-08-09 Assar Westerlund <assar@sics.se> 62214571Sdim 63214571Sdim * rsh.c (main): only fetch stuff from krb5.conf when no option has 64214571Sdim been given 65214571Sdim 66214571Sdim2000-08-01 Assar Westerlund <assar@sics.se> 67214571Sdim 68214571Sdim * rsh.c (doit): loop until we create an error socket of an 69214571Sdim supported socket family 70214571Sdim 71214571Sdim2000-07-02 Assar Westerlund <assar@sics.se> 72214571Sdim 73214571Sdim * rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se> 74214571Sdim do not call syslog with a variable as format string 75214571Sdim 76214571Sdim * rsh_locl.h (_PATH_ETC_ENVIRONMENT): add 77214571Sdim 78214571Sdim2000-06-09 Assar Westerlund <assar@sics.se> 79214571Sdim 80214571Sdim * rsh.c (main): work-around for setuid and capabilities bug fixed 81214571Sdim in Linux 2.2.16 82214571Sdim 83214571Sdim2000-06-06 Johan Danielsson <joda@pdc.kth.se> 84214571Sdim 85214571Sdim * rsh.c: nuke long option from -z 86214571Sdim 87214571Sdim * rsh.c: don't try to encrypt if auth is broken (Daniel Kouril) 88214571Sdim 89214571Sdim2000-06-03 Assar Westerlund <assar@sics.se> 90214571Sdim 91214571Sdim * rshd.c (doit): check return value of getspnam. From 92214571Sdim <haba@pdc.kth.se> 93214571Sdim 94214571Sdim2000-05-23 Assar Westerlund <assar@sics.se> 95214571Sdim 96214571Sdim * rsh.c (proto): select on the normal socket when waiting for the 97214571Sdim daemon to connect back to the stderr port, so that we discover 98214571Sdim when data arrives there before. when that happens, we assume that 99214571Sdim the daemon did not manage to connect (because of NAT/whatever) and 100214571Sdim continue as if `-e' was given 101214571Sdim * rshd.c (doit): if we fail to connect back to the stderr port, 102214571Sdim act as if `-e' was given on the client side, i.e. without the 103214571Sdim special TCP-connection. This tries to make things better when 104214571Sdim running the head against a NAT wall, for example. 105214571Sdim 106214571Sdim2000-02-07 Assar Westerlund <assar@sics.se> 107214571Sdim 108214571Sdim * Makefile.am (LDADD): make sure we use the heimdal libdes 109214571Sdim 110214571Sdim2000-02-06 Assar Westerlund <assar@sics.se> 111214571Sdim 112214571Sdim * *: conditionalize des stuff on KRB4 113214571Sdim 114214571Sdim1999-12-16 Assar Westerlund <assar@sics.se> 115214571Sdim 116214571Sdim * rsh.c (doit): addrinfo returned from getaddrinfo() is not usable 117214571Sdim directly as hints. copy it and set AI_PASSIVE. 118214571Sdim 119214571Sdim1999-11-20 Assar Westerlund <assar@sics.se> 120214571Sdim 121214571Sdim * rsh.c (main): remember to close the priviledged sockets before 122214571Sdim calling rlogin 123214571Sdim 124214571Sdim1999-11-02 Assar Westerlund <assar@sics.se> 125214571Sdim 126214571Sdim * rsh.c (main): redo the v4/v5 selection for consistency. -4 -> 127214571Sdim try only v4 -5 -> try only v5 none, -45 -> try v5, v4 128214571Sdim 129214571Sdim1999-10-26 Assar Westerlund <assar@sics.se> 130214571Sdim 131214571Sdim * rshd.c (main): ignore SIGPIPE 132214571Sdim 133214571Sdim * common.c (do_read): the encoded length can be longer than the 134214571Sdim buffer being used, allocate memory for it dynamically. From Brian 135214571Sdim A May <bmay@dgs.monash.edu.au> 136214571Sdim 137214571Sdim1999-10-14 Assar Westerlund <assar@sics.se> 138214571Sdim 139214571Sdim * rsh.c (proto): be more careful and don't print errno when read() 140214571Sdim returns 0 141214571Sdim 142214571Sdim1999-09-20 Assar Westerlund <assar@sics.se> 143214571Sdim 144214571Sdim * rshd.c (recv_krb4_auth): set `iv' 145214571Sdim 146214571Sdim1999-08-16 Assar Westerlund <assar@sics.se> 147214571Sdim 148214571Sdim * common.c (do_read): be careful with the return value from 149214571Sdim krb5_net_read 150214571Sdim 151214571Sdim1999-08-05 Assar Westerlund <assar@sics.se> 152214571Sdim 153214571Sdim * rsh.c: call freehostent 154214571Sdim 155214571Sdim * rsh.c: remove some dead code 156214571Sdim 157214571Sdim1999-08-04 Assar Westerlund <assar@sics.se> 158214571Sdim 159214571Sdim * rshd.c: re-write the handling of forwarded credentials and 160214571Sdim stuff. From Miroslav Ruda <ruda@ics.muni.cz> 161214571Sdim 162214571Sdim * rsh_locl.h: always include kafs.h 163214571Sdim 164214571Sdim * rsh.c: add `-z' and `-G' options 165214571Sdim 166214571Sdim * rsh.c (loop): shutdown one side of the TCP connection on EOF. 167214571Sdim From Brian A May <bmay@dgs.monash.edu.au> 168214571Sdim 169214571Sdim * common.c (do_read): handle EOF. From Brian A May 170214571Sdim <bmay@dgs.monash.edu.au> 171214571Sdim 172214571Sdim1999-08-01 Assar Westerlund <assar@sics.se> 173214571Sdim 174214571Sdim * rsh.c: const fixes 175214571Sdim 176214571Sdim1999-07-29 Assar Westerlund <assar@sics.se> 177214571Sdim 178214571Sdim * rshd.c: v6-ify 179214571Sdim 180214571Sdim * rsh.c: v6-ify 181214571Sdim 182214571Sdim1999-07-28 Assar Westerlund <assar@sics.se> 183214571Sdim 184214571Sdim * rsh_locl.h: move around kafs.h 185214571Sdim 186214571Sdim1999-07-24 Assar Westerlund <assar@sics.se> 187214571Sdim 188214571Sdim * rsh_locl.h: <shadow.h> 189214571Sdim 190214571Sdim * rsh.c, rshd.c: improve forwarding and implement unique ccache on 191214571Sdim server. From Miroslav Ruda <ruda@ics.muni.cz> 192214571Sdim 193214571Sdim1999-07-03 Assar Westerlund <assar@sics.se> 194214571Sdim 195214571Sdim * rsh.c (construct_command): handle argc == 0 for generality 196214571Sdim 197214571Sdim1999-06-23 Assar Westerlund <assar@sics.se> 198214571Sdim 199214571Sdim * rsh.c: new option `-e' for not trying to open an stderr socket 200214571Sdim 201214571Sdim1999-06-17 Assar Westerlund <assar@sics.se> 202214571Sdim 203214571Sdim * rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we 204214571Sdim don't leave any data inside des_enc_read. (that constant should 205214571Sdim really be exported in some way...) 206214571Sdim 207214571Sdim1999-06-15 Assar Westerlund <assar@sics.se> 208214571Sdim 209214571Sdim * rsh.c: use get_default_username and resulting const pollution 210214571Sdim 211214571Sdim1999-05-21 Assar Westerlund <assar@sics.se> 212214571Sdim 213214571Sdim * rsh.c (main): try $USERNAME 214214571Sdim 215214571Sdim1999-05-14 Assar Westerlund <assar@sics.se> 216214571Sdim 217214571Sdim * rshd.c (doit): afslog correctly 218214571Sdim 219214571Sdim1999-05-11 Assar Westerlund <assar@sics.se> 220214571Sdim 221214571Sdim * rsh.c (main): add fallback to rlogin 222214571Sdim 223214571Sdim1999-05-10 Assar Westerlund <assar@sics.se> 224214571Sdim 225214571Sdim * rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL. 226214571Sdim check return value from krb5_crypto_init 227214571Sdim 228214571Sdim * common.c (do_write, do_read): always return -1 for failure 229214571Sdim (net_write, net_read): remove. they already exist in libroken 230214571Sdim 231214571Sdim1999-05-09 Assar Westerlund <assar@sics.se> 232214571Sdim 233214571Sdim * rsh.c: make sure it tries with all other authentication methods 234214571Sdim after one has failed 235214571Sdim * rsh.c (main): detect the case of no command given. 236214571Sdim 237214571Sdim1999-04-11 Assar Westerlund <assar@sics.se> 238214571Sdim 239214571Sdim * rsh.c: new option --forwardable. use print_version 240214571Sdim 241214571SdimSat Apr 10 17:10:55 1999 Assar Westerlund <assar@sics.se> 242214571Sdim 243214571Sdim * rshd.c (setup_copier): use `socketpair' instead of `pipe'. Some 244214571Sdim shells don't think it's a rsh session if they find a pipe at the 245214571Sdim other end. 246214571Sdim (setup_environment): add SSH_CLIENT just to make bash happy 247214571Sdim 248214571Sdim * common.c (do_read): use krb5_get_wrapped_length 249214571Sdim 250214571SdimWed Mar 24 03:59:42 1999 Assar Westerlund <assar@sics.se> 251214571Sdim 252214571Sdim * rsh.c (loop): more braces to make gcc happy 253214571Sdim 254214571SdimTue Mar 23 17:08:32 1999 Johan Danielsson <joda@hella.pdc.kth.se> 255214571Sdim 256214571Sdim * rsh_locl.h: kafs.h 257214571Sdim 258214571Sdim * rshd.c: add `-P', `-v', and `-L' flags 259214571Sdim 260214571SdimThu Mar 18 11:37:24 1999 Johan Danielsson <joda@hella.pdc.kth.se> 261214571Sdim 262214571Sdim * Makefile.am: include Makefile.am.common 263214571Sdim 264214571SdimTue Dec 1 14:44:44 1998 Johan Danielsson <joda@hella.pdc.kth.se> 265214571Sdim 266214571Sdim * appl/rsh/rshd.c: update to new crypto framework 267214571Sdim 268214571Sdim * appl/rsh/rsh_locl.h: update to new crypto framework 269214571Sdim 270214571Sdim * appl/rsh/rsh.c: update to new crypto framework 271214571Sdim 272214571Sdim * appl/rsh/common.c: update to new crypto framework 273214571Sdim 274214571SdimMon Nov 2 01:15:06 1998 Assar Westerlund <assar@sics.se> 275214571Sdim 276214571Sdim * appl/rsh/rsh.c (main): initialize host 277214571Sdim 278214571Sdim * appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not 279214571Sdim encrypting. 280214571Sdim 281214571SdimThu Jul 30 23:12:17 1998 Assar Westerlund <assar@sics.se> 282214571Sdim 283214571Sdim * appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user' 284214571Sdim 285214571SdimThu Jul 23 19:49:03 1998 Johan Danielsson <joda@emma.pdc.kth.se> 286214571Sdim 287214571Sdim * appl/rsh/rshd.c: use krb5_verify_authenticator_checksum 288214571Sdim 289214571SdimSat Apr 18 21:13:06 1998 Johan Danielsson <joda@emma.pdc.kth.se> 290214571Sdim 291214571Sdim * appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified. 292214571Sdim 293214571SdimSun Dec 21 09:44:05 1997 Assar Westerlund <assar@sics.se> 294214571Sdim 295214571Sdim * appl/rsh/rshd.c (recv_krb5_auth): swap the order of the 296214571Sdim `local_user' and the `remote_user' 297214571Sdim 298214571Sdim * appl/rsh/rsh.c (send_krb5_auth): swap the order of the 299214571Sdim `local_user' and the `remote_user' 300214571Sdim 301214571SdimSat Nov 29 07:10:11 1997 Assar Westerlund <assar@sics.se> 302214571Sdim 303214571Sdim * appl/rsh/rshd.c: updated to use getarg. 304214571Sdim changed `struct fd_set' to `fd_set'. 305214571Sdim implemented broken/BSD authentication (requires iruserok) 306214571Sdim 307214571SdimWed Nov 12 02:35:57 1997 Assar Westerlund <assar@sics.se> 308214571Sdim 309214571Sdim * appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH 310214571Sdim 311214571Sdim * appl/rsh/Makefile.am: set BINDIR 312214571Sdim 313214571Sdim * appl/rsh/rsh.c: implemented BSD-style reserved port 314214571Sdim `authentication' 315214571Sdim 316214571SdimSun Aug 24 08:06:54 1997 Assar Westerlund <assar@sics.se> 317214571Sdim 318214571Sdim * appl/rsh/rshd.c: syslog remote shells 319214571Sdim 320214571SdimTue Aug 12 01:29:46 1997 Assar Westerlund <assar@sics.se> 321214571Sdim 322214571Sdim * appl/rshd/rshd.c: Use `krb5_sock_to_principal'. Send server 323214571Sdim parameter to krb5_rd_req/krb5_recvauth. Set addresses in 324214571Sdim auth_context. 325214571Sdim 326214571SdimFri Jul 25 17:32:12 1997 Assar Westerlund <assar@sics.se> 327214571Sdim 328214571Sdim * appl/rsh/rshd.c: implement forwarding 329214571Sdim 330214571Sdim * appl/rsh/rsh.c: Use getarg. Implement forwarding. 331214571Sdim 332214571SdimSun Jul 13 00:32:16 1997 Assar Westerlund <assar@sics.se> 333214571Sdim 334214571Sdim * appl/rsh: Conditionalize the krb4-support. 335214571Sdim 336214571SdimWed Jul 9 06:58:00 1997 Assar Westerlund <assar@sics.se> 337214571Sdim 338214571Sdim * appl/rsh/rsh.c: use the correct user for the checksum 339214571Sdim 340214571SdimMon Jul 7 11:15:51 1997 Assar Westerlund <assar@sics.se> 341214571Sdim 342214571Sdim * appl/rsh/rshd.c: Now works. Also implementd encryption and 343214571Sdim `-p'. 344214571Sdim 345214571Sdim * appl/rsh/common.c: new file 346214571Sdim 347214571SdimMon Jun 30 06:08:14 1997 Assar Westerlund <assar@sics.se> 348214571Sdim 349214571Sdim * appl/rsh: New program. 350214571Sdim 351214571Sdim