[1157] in Kerberos-V5-bugs
krb5b4pl3: krlogin, krsh, krcp: NO_UCB_FALLBACK support
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Tue Mar 14 11:05:13 1995
From: "Jonathan I. Kamens" <jik@cam.ov.com>
Date: Tue, 14 Mar 1995 10:33:58 -0500
To: krb5-bugs@MIT.EDU
Some sites won't want the Kerberos kr* clients to fall back to their
stock UCB variants when Kerberos authentication fails.
In fact, we believe that this should be the default, although that's
debatable (and so you can take or leave the appl/bsd/Makefile.in patch
below :-).
The patches below modify try_normal() in krlogin.c, krcp.c and krsh.c,
so that if NO_UCB_FALLBACK is defined, they exit rather than
attempting to fall back to stock UCB.
--- appl/bsd/Makefile.in 1995/03/09 19:04:06 1.5
+++ appl/bsd/Makefile.in 1995/03/13 00:05:41 1.7
@@ -15,7 +15,7 @@
OBJS= krcp.o krlogin.o krsh.o kcmd.o forward.o logutil.o $(SETENVOBJ) \
login.o krshd.o krlogind.o $(LIBOBJS)
-DEFINES= $(RPROGS) \
+DEFINES= $(RPROGS) -DNO_UCB_FALLBACK \
-DLOGIN_PROGRAM=\"/bin/login\" -DKPROGDIR=\"$(CLIENT_BINDIR)\"
all:: ovrsh ovrcp ovrlogin ovrshd ovrlogind
--- appl/bsd/krlogin.c 1995/03/09 20:10:44 1.2
+++ appl/bsd/krlogin.c 1995/03/13 00:04:37 1.3.1.1
@@ -1501,7 +1501,11 @@
char **argv;
{
register char *host;
-
+
+#ifdef NO_UCB_FALLBACK
+ exit(1);
+#endif
+
if (encrypt_flag)
exit(1);
fprintf(stderr,"trying normal rlogin (%s)\n",
--- appl/bsd/krcp.c 1995/03/13 00:07:14 1.1
+++ appl/bsd/krcp.c 1995/03/13 00:07:39 1.2
@@ -1074,7 +1074,11 @@
char **argv;
{
register int i;
-
+
+#ifdef NO_UCB_FALLBACK
+ exit(1);
+#endif
+
if (!encryptflag) {
fprintf(stderr,"trying normal rcp (%s)\n", UCB_RCP);
fflush(stderr);
--- appl/bsd/krsh.c 1995/03/13 00:18:31 1.3
+++ appl/bsd/krsh.c 1995/03/13 00:19:32 1.4
@@ -470,7 +470,11 @@
char **argv;
{
char *host;
-
+
+#ifdef NO_UCB_FALLBACK
+ exit(1);
+#endif
+
/*
* if we were invoked as 'rsh host mumble', strip off the rsh
* from arglist.
