[1031] in Kerberos_V5_Development
SGIs: ptys, telnetd and other cruft
daemon@ATHENA.MIT.EDU (Sam Hartman)
Sat Mar 23 17:51:27 1996
Date: Sat, 23 Mar 1996 17:51:16 -0500
From: Sam Hartman <hartmans@MIT.EDU>
To: raeburn@cygnus.com, eichin@cygnus.com
Cc: krbdev@MIT.EDU
I may have fixed several of the SGI bugs. Basically, as I
mentioned this morning, I ended up using _getpty. Once this was done,
things worked after I fixed some utmp things.
The utmp is probably not working exactly the way the native
code works, but at least under Irix 5.2, it works passibly. In
particular, I believe my utmp code tends to log the existance of login
processes to wtmp, but most native telnetds do not do this. I'm not
sure I really want to fix the problem, as it is nice to know when
people are trying to log in.
The following patch already includes several hunks you sent
me; sorry about that. Also, a few fixes for krshd and krcp are
included. This isn't quite enough to get it to work (these are fixes
to side problems Chris and I found while tracking the SunOS bugs he
was seeing. He will be applying a patch to your tree to fix the
copying of large files with SunOS and sending that to me.)
Index: src/appl/telnet/telnetd/ChangeLog
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/telnet/telnetd/ChangeLog,v
retrieving revision 5.46
diff -c -r5.46 ChangeLog
*** ChangeLog 1996/03/19 02:39:41 5.46
--- ChangeLog 1996/03/23 22:19:31
***************
*** 1,3 ****
--- 1,25 ----
+ Sat Mar 23 01:33:09 1996 Sam Hartman <hartmans@tertius.mit.edu>
+
+ * sys_term.c: Remove utmpx stuff so libpty can do it.
+ (start_login): Remove utmpx handling here as well.
+ (rmut): expunged; libpty should deal.
+
+ * configure.in : Do not use streamspty on SGIs; it really doesn't
+ work, even though all the interfaces are prsent.
+
+ * telnetd.c: Move prototype for doit to be global instead of
+ streams-specific.
+
+ Tue Mar 19 18:43:46 1996 Ken Raeburn <raeburn@cygnus.com>
+
+ For environments not supporting common storage:
+ * defs.h (P): Add definition here.
+ (line, encrypt_output, decrypt_input): Declare here.
+ * ext.h (line, encrypt_output, decrypt_input): Not here.
+ (terminaltype): Declare explicitly "extern".
+ * telnetd.c (auth_level, require_SecurID): Don't initialize here.
+
+
Mon Mar 18 20:29:05 1996 Theodore Y. Ts'o <tytso@dcl>
* Makefile.in: Added flags which turn on the encryption option.
Index: src/appl/telnet/telnetd/configure.in
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/telnet/telnetd/configure.in,v
retrieving revision 5.27
diff -c -r5.27 configure.in
*** configure.in 1996/03/14 00:38:11 5.27
--- configure.in 1996/03/23 21:12:44
***************
*** 25,31 ****
AC_CHECK_HEADERS(string.h arpa/nameser.h)
AC_CHECK_HEADERS(sys/time.h sys/tty.h)
AC_HAVE_FUNCS(vhangup)
! AC_FUNC_CHECK(grantpt,AC_DEFINE(STREAMSPTY))
AC_HEADER_CHECK(sac.h,AC_DEFINE(HAS_SAC))
AC_HEADER_CHECK(sys/ptyvar.h,AC_DEFINE(HAS_PTYVAR))
AC_FUNC_CHECK(gettosbyname,AC_DEFINE(HAS_GETTOS))
--- 25,44 ----
AC_CHECK_HEADERS(string.h arpa/nameser.h)
AC_CHECK_HEADERS(sys/time.h sys/tty.h)
AC_HAVE_FUNCS(vhangup)
! dnl Make our operating system-specific security checks and definitions for
! dnl login.
! dnl
! case $krb5_cv_host in
! *-*-irix*)
! # Irix doesn't have a working granpt, and more over
! # you can't push anything onto a pty, so telnetd really
! # Really wants to treat it as if it doesn't have streams
! broken_streams = yes
! ;;
! esac
! if test -z "$broken_streams" ; then
! AC_FUNC_CHECK(grantpt,AC_DEFINE(STREAMSPTY))
! fi
AC_HEADER_CHECK(sac.h,AC_DEFINE(HAS_SAC))
AC_HEADER_CHECK(sys/ptyvar.h,AC_DEFINE(HAS_PTYVAR))
AC_FUNC_CHECK(gettosbyname,AC_DEFINE(HAS_GETTOS))
Index: src/appl/telnet/telnetd/defs.h
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/telnet/telnetd/defs.h,v
retrieving revision 5.4
diff -c -r5.4 defs.h
*** defs.h 1995/06/20 19:08:04 5.4
--- defs.h 1996/03/23 02:58:05
***************
*** 309,311 ****
--- 309,326 ----
#define his_will_wont_is_changing my_do_dont_is_changing
#define his_do_dont_is_changing my_will_wont_is_changing
+
+ extern char *line;
+
+ #ifndef P
+ # ifdef __STDC__
+ # define P(x) x
+ # else
+ # define P(x) ()
+ # endif
+ #endif
+
+ #ifdef ENCRYPTION
+ extern void (*encrypt_output) P((unsigned char *, int));
+ extern int (*decrypt_input) P((int));
+ #endif /* ENCRYPTION */
Index: src/appl/telnet/telnetd/ext.h
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/telnet/telnetd/ext.h,v
retrieving revision 5.2
diff -c -r5.2 ext.h
*** ext.h 1996/02/24 14:32:02 5.2
--- ext.h 1996/03/23 02:58:06
***************
*** 66,72 ****
extern slcfun slctab[NSLC + 1]; /* slc mapping table */
! char *terminaltype;
/*
* I/O data buffers, pointers, and counters.
--- 66,72 ----
extern slcfun slctab[NSLC + 1]; /* slc mapping table */
! extern char *terminaltype;
/*
* I/O data buffers, pointers, and counters.
***************
*** 86,92 ****
#endif
extern int pty, net;
- extern char *line;
extern int SYNCHing; /* we are in TELNET SYNCH mode */
#ifndef P
--- 86,91 ----
***************
*** 192,199 ****
writenet P((unsigned char *, int));
#ifdef ENCRYPTION
- extern void (*encrypt_output) P((unsigned char *, int));
- extern int (*decrypt_input) P((int));
extern char *nclearto;
#endif /* ENCRYPTION */
--- 191,196 ----
Index: src/appl/telnet/telnetd/sys_term.c
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/telnet/telnetd/sys_term.c,v
retrieving revision 5.24
diff -c -r5.24 sys_term.c
*** sys_term.c 1996/01/19 01:32:14 5.24
--- sys_term.c 1996/03/23 21:42:37
***************
*** 64,72 ****
# include <utmpx.h>
struct utmpx wtmp;
# else
! # include <utmp.h>
struct utmp wtmp;
! # endif /* UTMPX */
int utmp_len = sizeof(wtmp.ut_host);
# ifndef PARENT_DOES_UTMP
--- 64,72 ----
# include <utmpx.h>
struct utmpx wtmp;
# else
! #include<utmp.h>
struct utmp wtmp;
! #endif /*UTMPX*/
int utmp_len = sizeof(wtmp.ut_host);
# ifndef PARENT_DOES_UTMP
***************
*** 1244,1276 ****
register char **argv;
char **addarg();
extern char *getenv();
- #ifdef UTMPX
register int pid = getpid();
! struct utmpx utmpx;
! #endif
#ifdef SOLARIS
char *term;
char termbuf[64];
#endif
- #ifdef UTMPX
- /*
- * Create utmp entry for child
- */
-
- memset(&utmpx, 0, sizeof(utmpx));
- SCPYN(utmpx.ut_user, ".telnet");
- SCPYN(utmpx.ut_line, line + sizeof("/dev/") - 1);
- utmpx.ut_pid = pid;
- utmpx.ut_id[0] = 't';
- utmpx.ut_id[1] = 'n';
- utmpx.ut_id[2] = SC_WILDC;
- utmpx.ut_id[3] = SC_WILDC;
- utmpx.ut_type = LOGIN_PROCESS;
- (void) time(&utmpx.ut_tv.tv_sec);
- if (makeutx(&utmpx) == NULL)
- fatal(net, "makeutx failed");
- #endif
/*
* -h : pass on name of host.
--- 1244,1256 ----
register char **argv;
char **addarg();
extern char *getenv();
register int pid = getpid();
!
#ifdef SOLARIS
char *term;
char termbuf[64];
#endif
/*
* -h : pass on name of host.
***************
*** 1685,1815 ****
# endif /* CRAY */
#endif /* defined(PARENT_DOES_UTMP) && !defined(NEWINIT) */
- /*
- * rmut()
- *
- * This is the function called by cleanup() to
- * remove the utmp entry for this person.
- */
-
- #ifdef UTMPX
- void
- rmut()
- {
- register f;
- int found = 0;
- struct utmp *u, *utmp;
- int nutmp;
- struct stat statbf;
-
- struct utmpx *utxp, utmpx;
-
- /*
- * This updates the utmpx and utmp entries and make a wtmp/x entry
- */
- SCPYN(utmpx.ut_line, line + sizeof("/dev/") - 1);
- utxp = getutxline(&utmpx);
- if (utxp) {
- utxp->ut_type = DEAD_PROCESS;
- utxp->ut_exit.e_termination = 0;
- utxp->ut_exit.e_exit = 0;
- (void) time(&utmpx.ut_tv.tv_sec);
- utmpx.ut_tv.tv_usec = 0;
- modutx(utxp);
- }
- endutxent();
- } /* end of rmut */
- #endif
-
- #if !defined(UTMPX) && !(defined(CRAY) || defined(__hpux)) && BSD <= 43
- void
- rmut()
- {
- register f;
- int found = 0;
- struct utmp *u, *utmp;
- int nutmp;
- struct stat statbf;
-
- f = open(utmpf, O_RDWR);
- if (f >= 0) {
- (void) fstat(f, &statbf);
- utmp = (struct utmp *)malloc((unsigned)statbf.st_size);
- if (!utmp)
- syslog(LOG_ERR, "utmp malloc failed");
- if (statbf.st_size && utmp) {
- nutmp = read(f, (char *)utmp, (int)statbf.st_size);
- nutmp /= sizeof(struct utmp);
-
- for (u = utmp ; u < &utmp[nutmp] ; u++) {
- if (SCMPN(u->ut_line, line+5) ||
- u->ut_name[0]==0)
- continue;
- (void) lseek(f, ((long)u)-((long)utmp), L_SET);
- SCPYN(u->ut_name, "");
- SCPYN(u->ut_host, "");
- (void) time(&u->ut_time);
- (void) write(f, (char *)u, sizeof(wtmp));
- found++;
- }
- }
- (void) close(f);
- }
- if (found) {
- f = open(wtmpf, O_WRONLY|O_APPEND);
- if (f >= 0) {
- SCPYN(wtmp.ut_line, line+5);
- SCPYN(wtmp.ut_name, "");
- SCPYN(wtmp.ut_host, "");
- (void) time(&wtmp.ut_time);
- (void) write(f, (char *)&wtmp, sizeof(wtmp));
- (void) close(f);
- }
- }
- (void) chmod(line, 0666);
- (void) chown(line, 0, 0);
- line[strlen("/dev/")] = 'p';
- (void) chmod(line, 0666);
- (void) chown(line, 0, 0);
- } /* end of rmut */
- #endif /* CRAY */
-
- #ifdef __hpux
- rmut (line)
- char *line;
- {
- struct utmp utmp;
- struct utmp *utptr;
- int fd; /* for /etc/wtmp */
-
- utmp.ut_type = USER_PROCESS;
- (void) strncpy(utmp.ut_id, line+12, sizeof(utmp.ut_id));
- (void) setutent();
- utptr = getutid(&utmp);
- /* write it out only if it exists */
- if (utptr) {
- utptr->ut_type = DEAD_PROCESS;
- utptr->ut_time = time((long *) 0);
- (void) pututline(utptr);
- /* set wtmp entry if wtmp file exists */
- if ((fd = open(wtmpf, O_WRONLY | O_APPEND)) >= 0) {
- (void) write(fd, utptr, sizeof(utmp));
- (void) close(fd);
- }
- }
- (void) endutent();
-
- (void) chmod(line, 0666);
- (void) chown(line, 0, 0);
- line[14] = line[13];
- line[13] = line[12];
- line[8] = 'm';
- line[9] = '/';
- line[10] = 'p';
- line[11] = 't';
- line[12] = 'y';
- (void) chmod(line, 0666);
- (void) chown(line, 0, 0);
- }
- #endif
--- 1665,1668 ----
Index: src/appl/telnet/telnetd/telnetd.c
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/telnet/telnetd/telnetd.c,v
retrieving revision 5.15
diff -c -r5.15 telnetd.c
*** telnetd.c 1996/03/19 02:39:45 5.15
--- telnetd.c 1996/03/23 06:48:58
***************
*** 82,91 ****
#if defined(AUTHENTICATION)
#include <libtelnet/auth.h>
#include <libtelnet/auth-proto.h>
- int auth_level = 0;
- #endif
- #if defined(SecurID)
- int require_SecurID = 0;
#endif
#ifdef ENCRYPTION
#include <libtelnet/encrypt.h>
--- 82,87 ----
***************
*** 107,113 ****
# include <sys/ptyvar.h>
#endif
- void doit P((struct sockaddr_in *));
/*
* Because of the way ptyibuf is used with streams messages, we need
--- 103,108 ----
***************
*** 133,138 ****
--- 128,135 ----
char ptyibuf2[BUFSIZ];
#endif /* ! STREAMPTY */
+
+ void doit P((struct sockaddr_in *));
int hostinfo = 1; /* do we print login banner? */
Index: src/appl/src/appl/bsd/ChangeLog
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/ChangeLog,v
retrieving revision 5.185
diff -c -r5.185 ChangeLog
*** ChangeLog 1996/03/22 04:49:55 5.185
--- ChangeLog 1996/03/23 22:22:18
***************
*** 1,3 ****
--- 1,12 ----
+ Sat Mar 23 17:20:00 1996 Sam Hartman <hartmans@tertius.mit.edu>
+
+ * krcp.c (des_write): Use krb5_net_write instead of write, because
+ most parts of rcp that call this code ignore the return value and
+ we want to reblock properly.
+
+ * krshd.c (doit): Don't use non-blocking IO; it is unnecessary and
+ may cause problems.
+
Wed Mar 20 19:36:21 1996 Richard Basch <basch@lehman.com>
* krlogind.c (recvauth): use the library routines to do v4 to v5
Index: src/appl/src/appl/bsd/krcp.c
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/krcp.c,v
retrieving revision 5.46
diff -c -r5.46 krcp.c
*** krcp.c 1996/02/26 02:31:03 5.46
--- krcp.c 1996/03/23 03:31:37
***************
*** 1130,1136 ****
#else
size = roundup(stb.st_blksize, blksize);
#endif
! if (size == 0)
size = blksize;
if (bp->cnt < size) {
if (bp->buf != 0)
--- 1130,1136 ----
#else
size = roundup(stb.st_blksize, blksize);
#endif
!
size = blksize;
if (bp->cnt < size) {
if (bp->buf != 0)
***************
*** 1433,1439 ****
if (fd == 0)
fd = 1;
if (!encryptflag)
! return(write(fd, buf, len));
desoutbuf.length = krb5_encrypt_size(len,eblock.crypto_entry);
if (desoutbuf.length > sizeof(des_outbuf)){
--- 1433,1439 ----
if (fd == 0)
fd = 1;
if (!encryptflag)
! return(krb5_net_write(bsd_context, fd, buf, len));
desoutbuf.length = krb5_encrypt_size(len,eblock.crypto_entry);
if (desoutbuf.length > sizeof(des_outbuf)){
Index: src/appl/src/appl/bsd/krshd.c
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/appl/bsd/krshd.c,v
retrieving revision 5.48
diff -c -r5.48 krshd.c
*** krshd.c 1996/03/12 23:03:58 5.48
--- krshd.c 1996/03/23 22:44:57
***************
*** 1134,1144 ****
(void) close(pw[1]);
(void) close(px[0]);
! if(port)
! ioctl(pv[0], FIONBIO, (char *)&one);
! ioctl(pw[0], FIONBIO, (char *)&one);
! /* should set s nbio! */
!
FD_ZERO(&readfrom);
FD_SET(f, &readfrom);
--- 1134,1140 ----
(void) close(pw[1]);
(void) close(px[0]);
!
FD_ZERO(&readfrom);
FD_SET(f, &readfrom);
Index: src/appl/src/appl/src/util/pty/ChangeLog
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/util/pty/ChangeLog,v
retrieving revision 1.34
diff -c -r1.34 ChangeLog
*** ChangeLog 1996/03/11 21:59:39 1.34
--- ChangeLog 1996/03/23 20:47:28
***************
*** 1,3 ****
--- 1,15 ----
+ Sat Mar 23 15:24:38 1996 Sam Hartman <hartmans@tertius.mit.edu>
+
+ * configure.in : Remove shadow passwords check because nothing in
+ libpty cares about the result; remove use of libkrb5, libkrb4,
+ libkadm; Check for _getpty
+
+ * getpty.c (pty_getpty): Support _getpty for Irix; Irix has
+ /dev/ptmx, but it doesn't work correctly at all. Also, Irix,
+ tends to create device nodes on the fly.
+
+ * pty-int.h: No need to include sys/socket.h
+
Sat Feb 24 21:34:58 1996 Theodore Y. Ts'o <tytso@dcl>
* vhangup.c (ptyint_vhangup): Don't do call vhangup() if system
Index: src/appl/src/appl/src/util/pty/configure.in
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/util/pty/configure.in,v
retrieving revision 1.6
diff -c -r1.6 configure.in
*** configure.in 1995/09/29 18:22:40 1.6
--- configure.in 1996/03/23 20:47:30
***************
*** 6,13 ****
AC_PROG_INSTALL
AC_PROG_ARCHIVE
AC_PROG_RANLIB
! AC_CHECK_FUNCS(fchmod fchown revoke vhangup killpg)
! dnl dbm libs for use of an_to_ln
LOGINLIBS=
dnl
dnl Make our operating system-specific security checks and definitions for
--- 6,13 ----
AC_PROG_INSTALL
AC_PROG_ARCHIVE
AC_PROG_RANLIB
! AC_CHECK_FUNCS(fchmod fchown revoke vhangup killpg _getpty)
! dnl
LOGINLIBS=
dnl
dnl Make our operating system-specific security checks and definitions for
***************
*** 125,149 ****
fi
dnl
dnl
- AC_MSG_CHECKING([shadow password support])
- AC_CACHE_VAL(krb5_cv_shadow_pwd,
- [AC_TRY_LINK(
- [#include <sys/types.h>
- #include <pwd.h>
- #include <shadow.h>],
- [struct spwd *sp = getspnam("root")],
- krb5_cv_shadow_pwd=yes, krb5_cv_shadow_pwd=no)])
- AC_MSG_RESULT($krb5_cv_shadow_pwd)
- if test $krb5_cv_shadow_pwd = yes; then
- AC_DEFINE(HAVE_SHADOW)
- fi
- dnl
dnl
ADD_DEF(-DKERBEROS)
AC_CONST
- USE_KADM_LIBRARY
- USE_KRB4_LIBRARY
- KRB5_LIBRARIES
V5_USE_SHARED_LIB
SubdirLibraryRule([$(LIBOBJS)])
V5_AC_OUTPUT_MAKEFILE
--- 125,133 ----
Index: src/appl/src/appl/src/util/pty/getpty.c
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/util/pty/getpty.c,v
retrieving revision 1.5
diff -c -r1.5 getpty.c
*** getpty.c 1995/08/09 04:20:41 1.5
--- getpty.c 1996/03/23 20:54:00
***************
*** 1,7 ****
/*
* pty_getpty: open a PTY master.
*
! * Copyright 1995 by the Massachusetts Institute of Technology.
*
*
* Permission to use, copy, modify, and distribute this software and
--- 1,7 ----
/*
* pty_getpty: open a PTY master.
*
! * Copyright 1995, 1996 by the Massachusetts Institute of Technology.
*
*
* Permission to use, copy, modify, and distribute this software and
***************
*** 30,36 ****
int i,ptynum;
struct stat stb;
char slavebuf[1024];
!
#ifdef HAVE_OPENPTY
int slavefd;
--- 30,38 ----
int i,ptynum;
struct stat stb;
char slavebuf[1024];
! #ifdef HAVE__GETPTY
! char *slaveret; /*Temporary to hold pointer to slave*/
! #endif /*HAVE__GETPTY*/
#ifdef HAVE_OPENPTY
int slavefd;
***************
*** 39,47 ****
(struct winsize *) 0)) return 1;
close(slavefd);
return 0;
! #else
!
! *fd = open("/dev/ptmx", O_RDWR|O_NDELAY); /* Solaris, IRIX */
if (*fd < 0) *fd = open("/dev/ptc", O_RDWR|O_NDELAY); /* AIX */
if (*fd < 0) *fd = open("/dev/pty", O_RDWR|O_NDELAY); /* sysvimp */
--- 41,69 ----
(struct winsize *) 0)) return 1;
close(slavefd);
return 0;
! #else /*HAVE_OPENPTY*/
! #ifdef HAVE__GETPTY
! /* This code is included for Irix; as of version 5.3, Irix has /dev/ptmx,
! * but it fails to work properly; even cafter calling unlockpt,
! * root gets permission denied opening the pty.
! * The code to support _getpty should be removed if Irix gets working
! * streams ptys in favor of maintaining the least needed code
! * paths.
! */
! if ((slaveret = _getpty(fd, O_RDWR|O_NDELAY, 0600, 0)) == 0) {
! *fd = -1;
! return PTY_GETPTY_NOPTY;
! }
! if (strlen(slaveret) > slavelength) {
! close(*fd);
! *fd = -1;
! return PTY_GETPTY_SLAVE_TOOLONG;
! }
! else strcpy(slave, slaveret);
! return 0;
! #else /*HAVE__GETPTY*/
!
! *fd = open("/dev/ptmx", O_RDWR|O_NDELAY); /* Solaris*/
if (*fd < 0) *fd = open("/dev/ptc", O_RDWR|O_NDELAY); /* AIX */
if (*fd < 0) *fd = open("/dev/pty", O_RDWR|O_NDELAY); /* sysvimp */
***************
*** 113,118 ****
--- 135,141 ----
}
return PTY_GETPTY_NOPTY;
}
+ #endif /*HAVE__GETPTY*/
#endif /* HAVE_OPENPTY */
}
Index: src/appl/src/appl/src/util/pty/pty-int.h
===================================================================
RCS file: /mit/krbdev/.cvsroot/src/util/pty/pty-int.h,v
retrieving revision 1.7
diff -c -r1.7 pty-int.h
*** pty-int.h 1996/01/16 19:40:55 1.7
--- pty-int.h 1996/03/23 20:47:30
***************
*** 22,28 ****
#include <stdio.h>
#include <sys/stat.h>
- #include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
#include <sys/file.h>
--- 22,27 ----
