[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_8-211-gf548b94
|
From: |
Mats Erik Andersson |
|
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_8-211-gf548b94 |
|
Date: |
Fri, 30 Dec 2011 17:20:52 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via f548b94ec57a637045c412a01679da3427d50414 (commit)
from 7715cda342f7c93cd21ef7627428de39fbf44e59 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=f548b94ec57a637045c412a01679da3427d50414
commit f548b94ec57a637045c412a01679da3427d50414
Author: Mats Erik Andersson <address@hidden>
Date: Fri Dec 30 18:18:38 2011 +0100
rlogind,rshd: Fall back to ruserok.
Test and express dependency of __check_rhosts_file.
diff --git a/ChangeLog b/ChangeLog
index b294c71..e316fa7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,31 @@
+2011-12-30 Mats Erik Andersson <address@hidden>
+
+ * configure.ac: Check for ruserok. If iruserok exists, then define
+ WITH_IRUSEROK, else if ruserok exists, then define WITH_RUSEROK.
+ Disable rlogind and rshd otherwise. Check for __check_rhosts_file.
+ * src/rlogind.c [HAVE___CHECK_RHOSTS_FILE] (__check_rhosts_file):
+ Protect declaration as extern variable.
+ [__GLIBC__ && WITH_IRUSEROK] (iruserok): Protect declaration
+ as extern.
+ (options) [HAVE___CHECK_RHOSTS_FILE]: Conditionally include the
+ option `-l/--no-rhosts'.
+ (parse_opt) [HAVE___CHECK_RHOSTS_FILE]: Likewise.
+ (exec_login) [SOLARIS]: Contemporary arguments for execle.
+ (do_rlogin) [WITH_IRUSEROK]: Protect usage of iruserok.
+ [!WITH_IRUSEROK && WITH_RUSEROK]: Do authorization with ruserok
+ composed with inet_ntoa.
+ * src/rshd.c (options) [HAVE___CHECK_RHOSTS_FILE]: Conditionally
+ include the option `-l/--no-rhosts'.
+ [HAVE___CHECK_RHOSTS_FILE] (__check_rhosts_file): Protect declaration
+ as extern variable.
+ [__GLIBC__ && WITH_IRUSEROK] (iruserok): Protect declaration
+ as extern.
+ (parse_opt) [HAVE___CHECK_RHOSTS_FILE]: Conditional detection of
+ `-l/--no-rhosts'.
+ (doit) [WITH_IRUSEROK]: Protect call to iruserok.
+ [!WITH_IRUSEROK && WITH_RUSEROK]: Do authorization with ruserok
+ composed with inet_ntoa.
+
2011-12-30 Alfred M. Szmidt <address@hidden>
* bootstrap: Updated from gnulib.
diff --git a/configure.ac b/configure.ac
index f418175..8ff47e2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -219,14 +219,24 @@ else
talk_BUILD=''
fi
-dnl FIXME: Presently rshd and rlogind need iruserok(3),
-dnl which is not univerally available. Replacement code?
+dnl FIXME: Presently rshd and rlogind prefer iruserok(3),
+dnl which is not universally available. Replacement code?
+dnl A fallback is being built from ruserok(3) and inet_ntoa(3).
AC_CHECK_FUNC(iruserok, , , [#include <netdb.h>])
-if test "$ac_cv_func_iruserok" = no; then
- enable_rlogind=no
- rlogind_BUILD=''
- enable_rshd=no
- rshd_BUILD=''
+AC_CHECK_FUNC(ruserok, , , [#include <netdb.h>])
+if test "$ac_cv_func_iruserok" = yes; then
+ AC_DEFINE([WITH_IRUSEROK], 1, [Define to one if you can use iruserok.])
+else
+ if test "$ac_cv_func_ruserok" = yes; then
+ AC_DEFINE([WITH_RUSEROK], 1, [Define to one if you can use ruserok.])
+ AC_MSG_WARN([iruserok is not available, falling back to ruserok.])
+ else
+ AC_MSG_WARN([Disabling rlogind and rshd, since no iruserok and no
ruserok.])
+ enable_rlogind=no
+ rlogind_BUILD=''
+ enable_rshd=no
+ rshd_BUILD=''
+ fi
fi
@@ -616,7 +626,8 @@ AC_CHECK_FUNCS(cfsetspeed cgetent dirfd fchdir flock \
setsid setregid setreuid setresgid setresuid setutent_r \
sigaction sigvec strchr setproctitle tcgetattr tzset utimes \
utime uname \
- updwtmp updwtmpx vhangup wait3 wait4 opendir2 __rcmd_errstr)
+ updwtmp updwtmpx vhangup wait3 wait4 opendir2 \
+ __rcmd_errstr __check_rhosts_file )
dnl Functions that we will define if necessary.
AC_REPLACE_FUNCS(getpass getusershell memcmp memcpy memmove memset \
diff --git a/src/rlogind.c b/src/rlogind.c
index 63cbe8f..0a78cb5 100644
--- a/src/rlogind.c
+++ b/src/rlogind.c
@@ -127,7 +127,10 @@
#ifndef DEFPORT
# define DEFPORT 513
#endif
+
+#ifdef HAVE___CHECK_RHOSTS_FILE
extern int __check_rhosts_file;
+#endif
#ifndef SHISHI
struct auth_data
@@ -180,7 +183,7 @@ int local_dot_count;
struct winsize win = { 0, 0, 0, 0 };
-#ifdef __GLIBC__
+#if defined __GLIBC__ && defined WITH_IRUSEROK
extern int iruserok (uint32_t raddr, int superuser,
const char *ruser, const char *luser);
#endif
@@ -262,8 +265,10 @@ static struct argp_option options[] = {
"ask hostname for verification" },
{ "daemon", 'd', NULL, 0,
"daemon mode" },
+#ifdef HAVE___CHECK_RHOSTS_FILE
{ "no-rhosts", 'l', NULL, 0,
"ignore .rhosts file" },
+#endif
{ "no-keepalive", 'n', NULL, 0,
"do not set SO_KEEPALIVE" },
{ "local-domain", 'L', "NAME", 0,
@@ -307,9 +312,11 @@ parse_opt (int key, char *arg, struct argp_state *state)
maxchildren = DEFMAXCHILDREN;
break;
+#ifdef HAVE___CHECK_RHOSTS_FILE
case 'l':
__check_rhosts_file = 0; /* FIXME: extern var? */
break;
+#endif
case 'L':
local_domain_name = arg;
@@ -706,8 +713,8 @@ exec_login (int authenticated, struct auth_data *ap)
if (authenticated)
{
#ifdef SOLARIS
- execle (path_login, "login", "-p",
- "-h", ap->hostname, ap->term, "-f", "--",
+ execle (path_login, "login", "-p", "-s", "rlogin",
+ "-r", ap->hostname, "-U", ap->rusername,
ap->lusername, NULL, ap->env);
#else
execle (path_login, "login", "-p",
@@ -717,8 +724,8 @@ exec_login (int authenticated, struct auth_data *ap)
else
{
#ifdef SOLARIS
- execle (path_login, "login", "-p",
- "-h", ap->hostname, ap->term, "--",
+ execle (path_login, "login", "-p", "-s", "rlogin",
+ "-r", ap->hostname, "-U", ap->rusername,
ap->lusername, NULL, ap->env);
#else
execle (path_login, "login", "-p",
@@ -861,10 +868,20 @@ do_rlogin (int infd, struct auth_data *ap)
fatal (infd, "Permission denied", 0);
}
+#ifdef WITH_IRUSEROK
rc = iruserok (ap->from.sin_addr.s_addr, 0, ap->rusername, ap->lusername);
if (rc)
syslog (LOG_ERR, "iruserok failed: rusername=%s, lusername=%s",
ap->rusername, ap->lusername);
+#elif defined WITH_RUSEROK
+ rc = ruserok (inet_ntoa (ap->from.sin_addr), 0, ap->rusername,
ap->lusername);
+ if (rc)
+ syslog (LOG_ERR, "ruserok failed: rusername=%s, lusername=%s",
+ ap->rusername, ap->lusername);
+#else /* !WITH_IRUSEROK && !WITH_RUSEROK */
+#error Unable to use mandatory iruserok/ruserok. This should not happen.
+#endif /* !WITH_IRUSEROK && !WITH_RUSEROK */
+
return rc;
}
diff --git a/src/rshd.c b/src/rshd.c
index c1a572a..e27cc4f 100644
--- a/src/rshd.c
+++ b/src/rshd.c
@@ -134,8 +134,10 @@ int doencrypt, use_kerberos, vacuous;
static struct argp_option options[] = {
{ "verify-hostname", 'a', NULL, 0,
"ask hostname for verification" },
+#ifdef HAVE___CHECK_RHOSTS_FILE
{ "no-rhosts", 'l', NULL, 0,
"ignore .rhosts file" },
+#endif
{ "no-keepalive", 'n', NULL, 0,
"do not set SO_KEEPALIVE" },
{ "log-sessions", 'L', NULL, 0,
@@ -151,9 +153,11 @@ static struct argp_option options[] = {
{ NULL }
};
+#ifdef HAVE___CHECK_RHOSTS_FILE
extern int __check_rhosts_file; /* hook in rcmd(3) */
+#endif
-#ifdef __GLIBC__
+#if defined __GLIBC__ && defined WITH_IRUSEROK
extern int iruserok (uint32_t raddr, int superuser,
const char *ruser, const char *luser);
#endif
@@ -167,9 +171,11 @@ parse_opt (int key, char *arg, struct argp_state *state)
check_all = 1;
break;
+#ifdef HAVE___CHECK_RHOSTS_FILE
case 'l':
__check_rhosts_file = 0; /* don't check .rhosts file */
break;
+#endif
case 'n':
keepalive = 0; /* don't enable SO_KEEPALIVE */
@@ -789,9 +795,17 @@ doit (int sockfd, struct sockaddr_in *fromp)
}
else
#endif
+#ifdef WITH_IRUSEROK
if (errorstr || (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0'
&& (iruserok (fromp->sin_addr.s_addr, pwd->pw_uid == 0,
remuser, locuser)) < 0))
+#elif defined WITH_RUSEROK
+ if (errorstr || (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0'
+ && (ruserok (inet_ntoa (fromp->sin_addr),
+ pwd->pw_uid == 0, remuser, locuser)) < 0))
+#else /* !WITH_IRUSEROK && !WITH_RUSEROK */
+#error Unable to use mandatory iruserok/ruserok. This should not happen.
+#endif /* !WITH_IRUSEROK && !WITH_RUSEROK */
{
#ifdef HAVE___RCMD_ERRSTR
if (__rcmd_errstr)
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 28 ++++++++++++++++++++++++++++
configure.ac | 27 +++++++++++++++++++--------
src/rlogind.c | 27 ++++++++++++++++++++++-----
src/rshd.c | 16 +++++++++++++++-
4 files changed, 84 insertions(+), 14 deletions(-)
hooks/post-receive
--
GNU Inetutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_8-211-gf548b94,
Mats Erik Andersson <=