[2414] in Kerberos_V5_Development
different -a flags for telnetd
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Fri Jul 4 01:31:43 1997
To: krbdev@MIT.EDU
Date: Fri, 04 Jul 1997 01:29:34 -0400
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Is it just me, or is there currently no (real) difference between "-a valid"
and "-a user" for telnetd?
In the code, there is a difference (but the man page seems to get it
backwards). However, if you do:
% telnet -a -l someotheruser host
It craps out (Authorization failed), no matter if you have -a valid or
-a user set (but it works if you don't have either set).
The reason for this seems to be this code in sys_term.c:startslave() :
if (!autoname || !autoname[0])
autologin = 0;
None of the Authenticator status functions copy in the username if
the login isn't valid, so even though autologin is set to AUTH_USER,
it ends up getting blown away.
It would seem to me that the right thing to do (from my spotty
understanding of the telnet code) is to always copy in the requested
username, even if the login isn't valid. Maybe this shouldn't happen
in each Authenticator status function, though.
Comments?
--Ken
