[2660] in Kerberos-V5-bugs
telnet/368: The V4 telnetd code doesn't need to check for etc/srvtab
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Mon Feb 10 20:15:08 1997
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: hartmans@MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, kenh@cmf.nrl.navy.mil
Date: Mon, 10 Feb 1997 18:39:38 -0500 (EST)
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Reply-To: kenh@cmf.nrl.navy.mil
To: krb5-bugs@MIT.EDU
>Number: 368
>Category: telnet
>Synopsis: The V4 telnetd code checks for /etc/srvtab - it doesn't need to
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: hartmans
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Mon Feb 10 20:09:00 EST 1997
>Last-Modified:
>Originator: Ken Hornstein
>Organization:
Naval Research Lab
>Release: 1.0
>Environment:
System: SunOS nexus 4.1.4 2 sun4m
Architecture: sun4
>Description:
In the V4 authentication code for telnetd, it checks to see if /etc/srvtab
exists. If it doesn't, then it doesn't offer V4 as a possible authentication
type.
However, the builtin V4 compat code doesn't _need_ a /etc/srvtab -- it can
read stuff out of a V5 keytab. So this check makes the V4 telnetd not work
when it could.
>How-To-Repeat:
Try to use a V4 telnet client to a V5 telnetd.
>Fix:
<how to correct or work around the pro blem, if known (multiple lines)>
This patch removes the check. Note that to actually get users to successfully
use a V4 telnet client with a V5 telnetd, they either need a .klogin file
or /etc/krb.conf needs to be in place (since the V4 compat code doesn't know
about the V5 config files).
--- appl/telnet/libtelnet/kerberos.c.orig Sun Feb 9 23:59:27 1997
+++ appl/telnet/libtelnet/kerberos.c Mon Feb 10 18:33:29 1997
@@ -136,13 +136,8 @@
Authenticator *ap;
int server;
{
- FILE *fp;
-
if (server) {
str_data[3] = TELQUAL_REPLY;
- if ((fp = fopen(KEYFILE, "r")) == NULL)
- return(0);
- fclose(fp);
} else {
str_data[3] = TELQUAL_IS;
}
>Audit-Trail:
>Unformatted: