[1884] in Kerberos-V5-bugs
ss-960411 Krlogind and AIX 4.1.4
daemon@ATHENA.MIT.EDU (Doug Engert)
Wed Apr 17 16:06:52 1996
Date: Wed, 17 Apr 1996 15:06:24 -0500
From: Doug Engert <DEEngert@anl.gov>
To: krb5-bugs@MIT.EDU
On April 15, I sent in a note with updates to ss-960411 for krlogind.c
to have it use a vendor's login. I had some of the ifdefs wrong,
double negatives. Attached is a new version of that same code.
There are are three seperate changes:
The DO_NOT_USE_K_LOGIN will not use the login.krb5, but if the
USE_LOGIN_F is also set, it will use the -f and -p options.
The change to test if the ioctl(p, TIOCPKT, &on); really worked inside
of the protocol routine. Some drivers may not support it. even when
defined in the header files. (I saw this on the HP.)
The checksum_required problem with earlier versions of Kerberos.
The krlogind now appears to function well on a AIX 4.1.4 system,
without mods to the util/pty routines!
Douglas E. Engert
Systems Programming
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(708) 252-5444
Internet: DEEngert@anl.gov
*** ,krlogind.c Thu Apr 11 19:13:46 1996
--- krlogind.c Wed Apr 17 14:47:41 1996
***************
*** 431,439 ****
debug_port = atoi(optarg);
break;
case 'L':
- #ifndef DO_NOT_USE_K_LOGIN
login_program = optarg;
- #endif
break;
case '?':
default:
--- 431,437 ----
***************
*** 639,644 ****
--- 637,644 ----
#if defined(POSIX_TERMIOS) && !defined(ultrix)
+
+ #ifndef DO_NOT_USE_K_LOGIN
tcgetattr(t,&new_termio);
new_termio.c_lflag &= ~(ICANON|ECHO|ISIG|IEXTEN);
/* so that login can read the authenticator */
***************
*** 648,653 ****
--- 648,654 ----
new_termio.c_cc[VMIN] = 1;
new_termio.c_cc[VTIME] = 0;
tcsetattr(t,TCSANOW,&new_termio);
+ #endif /* DO_NOT_USE_K_LOGIN */
#else
(void)ioctl(t, TIOCGETP, &b);
b.sg_flags = RAW|ANYP;
***************
*** 728,734 ****
--- 729,754 ----
#endif
#ifdef DO_NOT_USE_K_LOGIN
+ #ifdef USE_LOGIN_F
+ /* use the vendors login, which has -p and -f. Tested on
+ * AIX 4.1.4 and HPUX 10
+ */
+ {
+ char *cp;
+ if ((cp = strchr(term,'/')))
+ *cp = '\0';
+ setenv("TERM",term, 1);
+ }
+
+ if (passwd_req)
+ execl(login_program, "login", "-p", "-h", rhost_name,
+ lusername, 0);
+ else
+ execl(login_program, "login", "-p", "-h", rhost_name,
+ "-f", lusername, 0);
+ #else /* USE_LOGIN_F */
execl(login_program, "login", "-r", rhost_name, 0);
+ #endif /* USE_LOGIN_F */
#else
if (passwd_req)
execl(login_program, "login","-h", rhost_name, lusername, 0);
***************
*** 777,787 ****
/* FIONBIO doesn't always work on ptys, use fcntl to set O_NDELAY? */
(void) fcntl(p,F_SETFL,fcntl(p,F_GETFL,0) | O_NDELAY);
- /*** XXX -- make this portable ***/
- #if defined(TIOCPKT) && !defined(__svr4__) || defined(solaris20)
- ioctl(p, TIOCPKT, &on);
- #endif
-
#ifdef POSIX_SIGNALS
sa.sa_handler = SIG_IGN;
(void) sigaction(SIGTSTP, &sa, (struct sigaction *)0);
--- 797,802 ----
***************
*** 795,805 ****
setpgrp(0, 0);
#endif
! #ifdef DO_NOT_USE_K_LOGIN
/* Pass down rusername and lusername to login. */
(void) write(p, rusername, strlen(rusername) +1);
(void) write(p, lusername, strlen(lusername) +1);
#endif
/* stuff term info down to login */
if( write(p, term, strlen(term)+1) != strlen(term)+1 ){
/*
--- 810,821 ----
setpgrp(0, 0);
#endif
! #ifndef DO_NOT_USE_K_LOGIN
/* Pass down rusername and lusername to login. */
(void) write(p, rusername, strlen(rusername) +1);
(void) write(p, lusername, strlen(lusername) +1);
#endif
+ #if !defined(DO_NOT_USE_K_LOGIN) || !defined(USE_LOGIN_F)
/* stuff term info down to login */
if( write(p, term, strlen(term)+1) != strlen(term)+1 ){
/*
***************
*** 808,813 ****
--- 824,830 ----
sprintf(buferror,"Cannot write slave pty %s ",line);
fatalperror(f,buferror);
}
+ #endif /* DO_NOT_USE_K_LOGIN && USE_LOGIN_F */
protocol(f, p);
signal(SIGCHLD, SIG_IGN);
cleanup();
***************
*** 867,873 ****
--- 884,902 ----
#ifdef POSIX_SIGNALS
struct sigaction sa;
#endif
+ #ifdef TIOCPKT
+ register tiocpkt_on = 1;
+ int on = 1;
+ #endif
+ #ifdef TIOCPKT
+ /* if system has TIOCPKT, try to turn it on. Some drivers
+ * may not support it. Save flag for later.
+ */
+ if ( ioctl(p, TIOCPKT, &on) < 0)
+ tiocpkt_on = 0;
+ #endif
+
/*
* Must ignore SIGTTOU, otherwise we'll stop
* when we try and set slave pty's window shape
***************
*** 963,978 ****
pcc = 0;
else if (pcc <= 0)
break;
! else if (pibuf[0] == 0)
! pbp++, pcc--;
! #ifndef sun
! else {
! if (pkcontrol(pibuf[0])) {
! pibuf[0] |= oobdata[0];
! send(f, &pibuf[0], 1, MSG_OOB);
}
- pcc = 0;
- }
#endif
}
if (FD_ISSET(f, &obits) && pcc > 0) {
--- 992,1009 ----
pcc = 0;
else if (pcc <= 0)
break;
! #ifdef TIOCPKT
! else if (tiocpkt_on) {
! if (pibuf[0] == 0)
! pbp++, pcc--;
! else {
! if (pkcontrol(pibuf[0])) {
! pibuf[0] |= oobdata[0];
! send(f, &pibuf[0], 1, MSG_OOB);
! }
! pcc = 0;
! }
}
#endif
}
if (FD_ISSET(f, &obits) && pcc > 0) {
***************
*** 1533,1539 ****
getstr(netf, lusername, sizeof (lusername), "locuser");
getstr(netf, term, sizeof(term), "Terminal type");
! if (auth_sys == KRB5_RECVAUTH_V5) {
if(status = krb5_auth_con_getauthenticator(bsd_context, auth_context, &authenticator))
return status;
--- 1564,1570 ----
getstr(netf, lusername, sizeof (lusername), "locuser");
getstr(netf, term, sizeof(term), "Terminal type");
! if ((auth_sys == KRB5_RECVAUTH_V5) && checksum_required) {
if(status = krb5_auth_con_getauthenticator(bsd_context, auth_context, &authenticator))
return status;
