[1609] in Kerberos-V5-bugs
KerbV/rdist v6 production patches NEW
daemon@ATHENA.MIT.EDU (John Stewart)
Fri Aug 25 18:16:22 1995
To: krb5-bugs@MIT.EDU, rdist-bugs@usc.edu
Cc: netsec@cisco.com, acs-sysadmin@cisco.com, cio-trolls@cisco.com
Date: Fri, 25 Aug 1995 15:15:51 -0700
From: John Stewart <jns@cisco.com>
Goal: allow rdist v6 to use KerbV rsh/krshd unencrypted, and encrypted
with KerbV rsh/krshd.
This is a new series of patches designed to add functionality. It
makes starting up encryption with a command line argument instead of
an integer flag in the source.
--J
------=------=------=------=------=------=------=------=------=------
*** src/common.c 1995/07/24 17:31:28 1.6
--- src/common.c 1995/08/25 22:07:35
***************
*** 33,39 ****
#ifndef lint
static char RCSid[] =
! "$Id: common.c,v 1.6 1995/07/24 17:31:28 jns Exp $";
static char sccsid[] = "@(#)common.c";
--- 33,39 ----
#ifndef lint
static char RCSid[] =
! "$Id: common.c,v 1.7 1995/08/25 22:07:29 jns Exp $";
static char sccsid[] = "@(#)common.c";
***************
*** 254,260 ****
int len;
#ifdef KERBEROS
! if (isserver) {
if (remout < 0)
return(-1);
}
--- 254,260 ----
int len;
#ifdef KERBEROS
! if (do_encrypt && isserver) {
if (remout < 0)
return(-1);
}
***************
*** 282,288 ****
(cmd == C_NONE) ? msg : msg + 1);
#ifdef KERBEROS
! if (isserver)
return(!(write(remout, msg, len) == len));
else
#endif
--- 282,288 ----
(cmd == C_NONE) ? msg : msg + 1);
#ifdef KERBEROS
! if (do_encrypt && isserver)
return(!(write(remout, msg, len) == len));
else
#endif
***************
*** 827,836 ****
}
if (isserver)
#ifdef KERBEROS
(void) write(remout, sbuf, s - sbuf);
! #else
! (void) write(rem, sbuf, s - sbuf);
#endif
else {
*s = CNULL;
message(MT_INFO, "%s", sbuf+1);
--- 827,837 ----
}
if (isserver)
#ifdef KERBEROS
+ if (do_encrypt)
(void) write(remout, sbuf, s - sbuf);
! else
#endif
+ (void) write(rem, sbuf, s - sbuf);
else {
*s = CNULL;
message(MT_INFO, "%s", sbuf+1);
***************
*** 842,851 ****
*s++ = '\n';
if (isserver)
#ifdef KERBEROS
(void) write(remout, sbuf, s - sbuf);
! #else
! (void) write(rem, sbuf, s - sbuf);
#endif
else {
*s = CNULL;
message(MT_INFO, "%s", sbuf+1);
--- 843,853 ----
*s++ = '\n';
if (isserver)
#ifdef KERBEROS
+ if (do_encrypt)
(void) write(remout, sbuf, s - sbuf);
! else
#endif
+ (void) write(rem, sbuf, s - sbuf);
else {
*s = CNULL;
message(MT_INFO, "%s", sbuf+1);
------=------=------=------=------=------=------=------=------=------
*** src/docmd.c 1995/07/24 16:09:03 1.3
--- src/docmd.c 1995/08/25 22:07:21
***************
*** 33,39 ****
#ifndef lint
static char RCSid[] =
! "$Id: docmd.c,v 1.3 1995/07/24 16:09:03 jns Exp $";
static char sccsid[] = "@(#)docmd.c 5.1 (Berkeley) 6/6/85";
--- 33,39 ----
#ifndef lint
static char RCSid[] =
! "$Id: docmd.c,v 1.4 1995/08/25 22:07:15 jns Exp $";
static char sccsid[] = "@(#)docmd.c 5.1 (Berkeley) 6/6/85";
***************
*** 73,79 ****
debugmsg(DM_CALL, "closeconn() called\n");
#ifdef KERBEROS
! if (isserver) {
if (remout >= 0) {
signal(SIGPIPE, SIG_IGN);
--- 73,79 ----
debugmsg(DM_CALL, "closeconn() called\n");
#ifdef KERBEROS
! if (isserver && do_encrypt) {
if (remout >= 0) {
signal(SIGPIPE, SIG_IGN);
***************
*** 355,361 ****
if (!IS_ON(options, DO_QUIET))
message(MT_VERBOSE, "updating host %s", rhost);
! (void) sprintf(buf, "%.*s -S", sizeof(buf)-5, path_rdistd);
if ((rem = remotecmd(rhost, locuser, ruser, buf)) < 0)
return(0);
--- 355,366 ----
if (!IS_ON(options, DO_QUIET))
message(MT_VERBOSE, "updating host %s", rhost);
! if (do_encrypt) {
! (void) sprintf(buf, "%.*s -S -e", sizeof(buf)-5, path_rdistd);
! }
! else {
! (void) sprintf(buf, "%.*s -S", sizeof(buf)-5, path_rdistd);
! }
if ((rem = remotecmd(rhost, locuser, ruser, buf)) < 0)
return(0);
------=------=------=------=------=------=------=------=------=------
*** src/rdistd.c 1995/07/24 16:49:28 1.2
--- src/rdistd.c 1995/08/25 22:06:54
***************
*** 33,39 ****
#ifndef lint
static char RCSid[] =
! "$Id: rdistd.c,v 1.2 1995/07/24 16:49:28 jns Exp $";
static char sccsid[] = "@(#)rdistd.c";
--- 33,39 ----
#ifndef lint
static char RCSid[] =
! "$Id: rdistd.c,v 1.3 1995/08/25 22:06:49 jns Exp $";
static char sccsid[] = "@(#)rdistd.c";
***************
*** 70,76 ****
if (init(argc, argv, envp) < 0)
exit(1);
! while ((c = getopt(argc, argv, "SDV")) != -1)
switch (c) {
case 'S':
isserver++;
--- 70,76 ----
if (init(argc, argv, envp) < 0)
exit(1);
! while ((c = getopt(argc, argv, "SDVe")) != -1)
switch (c) {
case 'S':
isserver++;
***************
*** 83,88 ****
--- 83,92 ----
case 'V':
printf("%s\n", getversion());
exit(0);
+
+ case 'e':
+ do_encrypt = 1;
+ break;
case '?':
default:
------=------=------=------=------=------=------=------=------=------
*** src/rshrcmd.c 1995/07/24 16:22:45 1.1
--- src/rshrcmd.c 1995/08/15 21:25:25
***************
*** 6,12 ****
#ifndef lint
static char RCSid[] =
! "$Id: rshrcmd.c,v 1.1 1995/07/24 16:22:45 jns Exp $";
#endif
#include "defs.h"
--- 6,12 ----
#ifndef lint
static char RCSid[] =
! "$Id: rshrcmd.c,v 1.2 1995/07/24 16:22:52 jns Exp $";
#endif
#include "defs.h"
***************
*** 87,92 ****
--- 87,100 ----
cmd, (char *) NULL);
error("execlp %s failed: %s.", _PATH_BSHELL, SYSERR);
} else {
+ #ifdef KERBEROS
+ if (do_encrypt) {
+ execlp(path_remsh, basename(path_remsh),
+ *ahost, ENCRYPT_FLAG, "-l", ruser, cmd,
+ (char *) NULL);
+ }
+ else
+ #endif
execlp(path_remsh, basename(path_remsh),
*ahost, "-l", ruser, cmd, (char *) NULL);
error("execlp %s failed: %s.", path_remsh, SYSERR);
