[1864] in Kerberos-V5-bugs
krb5b5 buglet
daemon@ATHENA.MIT.EDU (Jim Garlick)
Mon Apr 8 18:30:32 1996
Date: Mon, 8 Apr 1996 15:30:19 -0700 (PDT)
From: Jim Garlick <garlick@ecst.csuchico.edu>
To: krb5-bugs@MIT.EDU
Cc: tytso@MIT.EDU
Hello,
I have attached two sets of diffs and configure instructions for building
Kerberos on hpux 9.05. They are relative to the Beta 5 distribution plus
Doug Engert's k55.cdiff.951031 changes.
The first set of diffs covers minor portability changes to krlogind and
telnetd needed for hpux9.
The second set fixes a bug in krb5_aname_to_localname(). Currently, it
tests for a /krb5/aname file before falling back to the default principal-
to-username mapping. Since this is a dbm database, it really should be
checking for the .dir and .pag files. My diffs have it attempt a dbm_open()
and fall back on failure.
Finally, I have attached instructions for building on hpux9. I didn't know
enough about autoconf to make this a part of my hpux fixes diffs (sorry!)
Problems that remain on hpux9:
1. rcp -x fails with ``rcp: send_auth failed krb5_read_message:
Software caused connection abort''
2. have not tested kpasswd/kadmind
3. telnet does not support encryption on hpux
Would it be possible to get access to the current development snapshot so
I don't reinvent the wheel too much here? Thanks!
Jim Garlick
College of Engineering
CSU Chico
---1-------------------------------------------------------------------------
*** appl/telnet/telnetd/sys_term.c.orig.chico Fri Apr 5 10:52:22 1996
--- appl/telnet/telnetd/sys_term.c Fri Apr 5 10:52:38 1996
***************
*** 1304,1310 ****
#endif
fatalperror(net, "setsid()");
}
! # ifdef TIOCSCTTY
if (ioctl(t, TIOCSCTTY, (char *)0) < 0)
fatalperror(net, "ioctl(sctty)");
# if defined(CRAY)
--- 1304,1310 ----
#endif
fatalperror(net, "setsid()");
}
! # if defined(TIOCSCTTY) && !defined(HPUX9)
if (ioctl(t, TIOCSCTTY, (char *)0) < 0)
fatalperror(net, "ioctl(sctty)");
# if defined(CRAY)
*** appl/telnet/telnetd/ext.h.orig.chico Fri Apr 5 10:53:13 1996
--- appl/telnet/telnetd/ext.h Fri Apr 5 11:22:16 1996
***************
*** 233,239 ****
# ifdef ultrix
# define DEFAULT_IM "\r\n\r\nULTRIX (%h) (%t)\r\n\r\r\n\r"
# else
! # define DEFAULT_IM "\r\n\r\n4.4 BSD UNIX (%h) (%t)\r\n\r\r\n\r"
# endif
# endif
# endif
--- 233,243 ----
# ifdef ultrix
# define DEFAULT_IM "\r\n\r\nULTRIX (%h) (%t)\r\n\r\r\n\r"
# else
! # ifdef __hpux
! # define DEFAULT_IM "\r\nHP-UX (%h) (%t)\r\n\r\r\n\r"
! # else
! # define DEFAULT_IM "\r\n\r\n4.4 BSD UNIX (%h) (%t)\r\n\r\r\n\r"
! # endif
# endif
# endif
# endif
*** appl/bsd/krlogind.c.orig.chico Thu Apr 4 10:42:18 1996
--- appl/bsd/krlogind.c Fri Apr 5 10:47:16 1996
***************
*** 635,641 ****
--- 635,648 ----
#endif
#endif
+ #ifndef HPUX9
t = open(line, O_RDWR|O_NOCTTY);
+ #else
+ /* Get the controlling tty here. TIOCSCTTY is defined in hpux9, but
+ * says "Used only with streams" (and the ioctl fails). --jg
+ */
+ t = open(line, O_RDWR);
+ #endif
if (t < 0)
fatalperror(f, line);
***************
*** 647,653 ****
(void) close(vfd);
#endif
! #ifdef TIOCSCTTY
if(ioctl(t, TIOCSCTTY, 0) < 0) /* set controlling tty */
fatalperror(f, "setting controlling tty");
#endif
--- 654,660 ----
(void) close(vfd);
#endif
! #if defined(TIOCSCTTY) && !defined(HPUX9)
if(ioctl(t, TIOCSCTTY, 0) < 0) /* set controlling tty */
fatalperror(f, "setting controlling tty");
#endif
---2-------------------------------------------------------------------------
*** lib/krb5/os/an_to_ln.c.orig.chico Fri Apr 5 16:26:21 1996
--- lib/krb5/os/an_to_ln.c Fri Apr 5 16:07:54 1996
***************
*** 57,67 ****
const int lnsize;
char *lname;
{
! struct stat statbuf;
#ifdef USE_DBM_LNAME
! if (!stat(krb5_lname_file,&statbuf))
! return dbm_an_to_ln(context, aname, lnsize, lname);
#endif
if (krb5_lname_username_fallback)
return username_an_to_ln(context, aname, lnsize, lname);
--- 57,68 ----
const int lnsize;
char *lname;
{
! krb5_error_code retval;
#ifdef USE_DBM_LNAME
! retval = dbm_an_to_ln(context, aname, lnsize, lname);
! if (retval != KRB5_LNAME_CANTOPEN)
! return retval;
#endif
if (krb5_lname_username_fallback)
return username_an_to_ln(context, aname, lnsize, lname);
***************
*** 88,104 ****
datum key, contents;
char *princ_name;
if (retval = krb5_unparse_name(context, aname, &princ_name))
return(retval);
key.dptr = princ_name;
key.dsize = strlen(princ_name)+1; /* need to store the NULL for
decoding */
-
- db = dbm_open(krb5_lname_file, O_RDONLY, 0600);
- if (!db) {
- krb5_xfree(princ_name);
- return KRB5_LNAME_CANTOPEN;
- }
contents = dbm_fetch(db, key);
--- 89,103 ----
datum key, contents;
char *princ_name;
+ db = dbm_open(krb5_lname_file, O_RDONLY, 0600);
+ if (!db)
+ return KRB5_LNAME_CANTOPEN;
+
if (retval = krb5_unparse_name(context, aname, &princ_name))
return(retval);
key.dptr = princ_name;
key.dsize = strlen(princ_name)+1; /* need to store the NULL for
decoding */
contents = dbm_fetch(db, key);
---3-------------------------------------------------------------------------
To build 5B5 + k55.cdiff.951031 + the above diffs on hpux9:
1) Set CONFIG_SITE env. variable to full path of config.site file, containing:
ac_cv_c_const=yes
krb5_cv_struct_wait=no
ac_cv_prog_YACC=yacc
ac_cv_prog_LEX=lex
2) Run ``configure --with-ccopts="-Ae -Dhpux -DHPUX9" --with-krb4''.
3) Follow instructions for setting up KDC, /etc/krb5.conf, and /etc/v5srvtab
files.
4) Add services to /etc/services and configure services in inetd:
klogin stream tcp nowait root /krb5/sbin/krlogind krlogind -K
eklogin stream tcp nowait root /krb5/sbin/krlogind krlogind -x -K
kshell stream tcp nowait root /krb5/sbin/krshd krshd -K
telnet stream tcp nowait root /krb5/sbin/telnetd telnetd
If you use -k instead of -K, if Kerberos fails to authenticate, you will get
``bad port'' errors because 5B5 client does not try to ge a privileged port
and server doesn't trust non-priv ports for .rhosts authentication.
5) Make /usr/bin/rsh a sym link to /usr/bin/remsh (for fallback from krlogin)
There may be a way to configure this directly, but we already had the link.
