[2864] in Kerberos-V5-bugs
pending/535: PATCH: krb5-1.0.4 appl/telnet/telnetd
daemon@ATHENA.MIT.EDU (Larry Schwimmer)
Fri Jan 23 20:53:12 1998
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: gnats-admin@rt-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU,
Larry Schwimmer <opusl@whatmore.Stanford.EDU>
Date: Fri, 23 Jan 1998 17:52:39 -0800 (PST)
From: Larry Schwimmer <opusl@whatmore.Stanford.EDU>
To: krb5-bugs@MIT.EDU
Cc: schwim@leland.stanford.edu
>Number: 535
>Category: pending
>Synopsis: PATCH: krb5-1.0.4 appl/telnet/telnetd
>Confidential: yes
>Severity: serious
>Priority: medium
>Responsible: gnats-admin
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Jan 23 20:53:01 EST 1998
>Last-Modified:
>Originator:
>Organization:
>Release:
>Environment:
>Description:
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
Submitter-Id: net
Originator: Larry Schwimmer
Confidential: no
Synopsis:
Severity: non-critical
Priority: low
Category: krb5-appl
Class: sw-bug, change-request
Release: krb5-1.0.4
Environment:
Solaris, HP-UX, Linux, AIX, IRIX, DUNIX
Description:
The banner defaults in appl/telnet/telnetd/ext.h do not
handle most systems.
telnetd provides no mechanism for customizing the banner.
This is considered a security problem by some administrators who
prefer not to advertise their OS or wish to add an additional banner
message.
Fix:
This patch to ext.h and utility.c makes two changes:
1) Add more systems to the ext.h database.
2) Add support for the %i directive (/etc/issue.net); the bulk
of the %i code comes from Linux telnet-netkit-0.10. If
/etc/issue.net exists, it is printed (with % expansion)
instead of the default banner.
--- appl/telnet/telnetd/ext.h.orig Thu Dec 4 19:42:24 1997
+++ appl/telnet/telnetd/ext.h Sat Jan 17 06:53:07 1998
***************
*** 220,241 ****
extern int needtermstat;
#endif
#ifndef DEFAULT_IM
# ifdef CRAY
- # define DEFAULT_IM "\r\n\r\nCray UNICOS (%h) (%t)\r\n\r\r\n\r"
- # else
- # ifdef sun
# ifdef __SVR4
- # define DEFAULT_IM "\r\n\r\nUNIX(r) System V Release 4.0 (%h) (%t)\r\n\r\r\n\r"
- # else
- # define DEFAULT_IM "\r\n\r\nSunOS UNIX (%h) (%t)\r\n\r\r\n\r"
- # endif
- # else
- # ifdef ultrix
- # define DEFAULT_IM "\r\n\r\nULTRIX (%h) (%t)\r\n\r\r\n\r"
# else
- # define DEFAULT_IM "\r\n\r\n4.4 BSD UNIX (%h) (%t)\r\n\r\r\n\r"
# endif
- # endif
# endif
#endif
--- 220,251 ----
extern int needtermstat;
#endif
+ #ifndef ISSUE_FILE
+ #define ISSUE_FILE "/etc/issue.net"
+ #endif
+
#ifndef DEFAULT_IM
# ifdef CRAY
+ # define DEFAULT_IM "%i\r\n\r\nCray UNICOS (%h) (%t)\r\n\r\r\n\r"
+ # elif defined(sun)
# ifdef __SVR4
+ # define DEFAULT_IM "%i\r\n\r\nUNIX(r) System V Release 4.0 (%h) (%t)\r\n\r\r\n\r"
# else
+ # define DEFAULT_IM "%i\r\n\r\nSunOS UNIX (%h) (%t)\r\n\r\r\n\r"
# endif
+ # elif defined(ultrix)
+ # define DEFAULT_IM "%i\r\n\r\nULTRIX (%h) (%t)\r\n\r\r\n\r"
+ # elif defined(sgi)
+ # define DEFAULT_IM "%i\r\n\r\nIRIX (%h) (%t)\r\n\r\r\n\r"
+ # elif defined(_AIX)
+ # define DEFAULT_IM "%i\r\n\r\nAIX (%h) (%t)\r\n\r\r\n\r"
+ # elif defined(__hpux__)
+ # define DEFAULT_IM "%i\r\n\r\nHP-UX (%h) (%t)\r\n\r\r\n\r"
+ # elif defined(__osf__)
+ # define DEFAULT_IM "%i\r\n\r\nDigital UNIX (%h) (%t)\r\n\r\r\n\r"
+ # elif defined(linux)
+ # define DEFAULT_IM "%i\r\n\r\nLinux (%h) (%t)\r\n\r\r\n\r"
+ # else
+ # define DEFAULT_IM "%i\r\n\r\n4.4 BSD UNIX (%h) (%t)\r\n\r\r\n\r"
# endif
#endif
--- appl/telnet/telnetd/utility.c.orig Thu Dec 4 19:42:25 1997
+++ appl/telnet/telnetd/utility.c Sat Jan 17 07:01:08 1998
***************
*** 35,40 ****
#define PRINTOPTIONS
#include "telnetd.h"
/*
* utility functions performing io related tasks
--- 35,41 ----
#define PRINTOPTIONS
#include "telnetd.h"
+ #include <sys/utsname.h>
/*
* utility functions performing io related tasks
***************
*** 374,379 ****
}
char editedhost[32];
void
edithost(pat, host)
--- 375,381 ----
}
char editedhost[32];
+ struct utsname kerninfo;
void
edithost(pat, host)
***************
*** 382,387 ****
{
register char *res = editedhost;
if (!pat)
pat = "";
while (*pat) {
--- 384,391 ----
{
register char *res = editedhost;
+ uname(&kerninfo);
+
if (!pat)
pat = "";
while (*pat) {
***************
*** 449,455 ****
time_t t;
char db[100];
- putlocation = where;
while (*cp) {
if (*cp != '%') {
--- 453,460 ----
time_t t;
char db[100];
+ if (where)
+ putlocation = where;
while (*cp) {
if (*cp != '%') {
***************
*** 483,488 ****
case '%':
putchr('%');
break;
}
cp++;
--- 488,542 ----
case '%':
putchr('%');
+ break;
+
+ case 'i':
+ {
+ char buff[3];
+ FILE *fp;
+ int p, c;
+
+ if ((fp = fopen(ISSUE_FILE, "r")) == NULL)
+ break;
+ p = '\n';
+ while ((c = fgetc(fp)) != EOF) {
+ if (p == '\n' && c == '#') {
+ do {
+ c = fgetc(fp);
+ } while (c != EOF && c != '\n');
+ continue;
+ } else if (c == '%') {
+ buff[0] = c;
+ c = fgetc(fp);
+ if (c == EOF) break;
+ buff[1] = c;
+ buff[2] = '\0';
+ putf(buff, NULL);
+ } else {
+ if (c == '\n') putchr('\r');
+ putchr(c);
+ p = c;
+ }
+ };
+ (void) fclose(fp);
+ }
+ return; /* ignore remainder of the banner string */
+ /*NOTREACHED*/
+
+ case 's':
+ putstr(kerninfo.sysname);
+ break;
+
+ case 'm':
+ putstr(kerninfo.machine);
+ break;
+
+ case 'r':
+ putstr(kerninfo.release);
+ break;
+
+ case 'v':
+ putstr(kerninfo.version);
break;
}
cp++;
