kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Additional patches (already committed to krb5-current):

Browse source 
* Paths corrected in applications
* ftpd now logs to facility LOG_FTP
* use openpty to obtain pseudo-terminal
* corrected detection of TCL libraries
* fix a forwarding bug
* add -m flag to ksu (preserve USER, HOME, SHELL)
* cosmetic bug fix to telnet.c
Submitted by:	Dima Ruban <dima@best.net>
This commit is contained in:
Jacques Vidrine 1998-07-06 18:59:06 +00:00
parent 19bd66f983
commit 6b7ea58f15
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=11768
20 changed files with 1192 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
security/krb5-16/files/patch-ai Normal file
View file

@ -0,0 +1,25 @@
*** appl/gssftp/ftpd/ftpd.c.ORIG Fri Feb 6 19:41:25 1998
--- appl/gssftp/ftpd/ftpd.c Tue Jun 30 19:46:01 1998
***************
*** 374,380 ****
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
! openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON);
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
--- 374,386 ----
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
!
! #ifndef LOG_FTP
! #define FACILITY LOG_DAEMON
! #else
! #define FACILITY LOG_FTP
! #endif
! openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY);
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);

46
security/krb5-16/files/patch-aj Normal file
View file

@ -0,0 +1,46 @@
*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998
--- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998
***************
*** 44,55 ****
#include <unistd.h>
#include <string.h>
! #ifdef WTMP_FILE
! #define WTMPFILE WTMP_FILE
#endif
! #ifndef WTMPFILE
! #define WTMPFILE "/usr/adm/wtmp"
#endif
static int fd = -1;
--- 44,55 ----
#include <unistd.h>
#include <string.h>
! #if !defined(WTMP_FILE) && defined(_PATH_WTMP)
! #define WTMP_FILE _PATH_WTMP
#endif
! #ifndef WTMP_FILE
! #define WTMP_FILE "/usr/adm/wtmp"
#endif
static int fd = -1;
***************
*** 66,72 ****
struct stat buf;
time_t time();
! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0)
return;
if (fstat(fd, &buf) == 0) {
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
--- 66,72 ----
struct stat buf;
time_t time();
! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0)
return;
if (fstat(fd, &buf) == 0) {
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));

194
security/krb5-16/files/patch-as Normal file
View file

@ -0,0 +1,194 @@
*** clients/ksu/main.c.ORIG Fri Feb 6 19:41:57 1998
--- clients/ksu/main.c Tue Jun 30 19:46:02 1998
***************
*** 56,62 ****
ill specified arguments to commands */
void usage (){
! fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
--- 56,62 ----
ill specified arguments to commands */
void usage (){
! fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
***************
*** 75,80 ****
--- 75,81 ----
int argc;
char ** argv;
{
+ int asme = 0;
int hp =0;
int some_rest_copy = 0;
int all_rest_copy = 0;
***************
*** 90,95 ****
--- 91,97 ----
char * cc_target_tag = NULL;
char * target_user = NULL;
char * source_user;
+ char * source_shell;
krb5_ccache cc_source = NULL;
char * cc_source_tag = NULL;
***************
*** 174,180 ****
}
! while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkql:e:")) != EOF)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
--- 176,182 ----
}
! while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkmql:e:")) != EOF)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
***************
*** 216,221 ****
--- 218,226 ----
errflg++;
}
break;
+ case 'm':
+ asme = 1;
+ break;
case 'n':
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
com_err(prog_name, retval, "when parsing name %s", optarg);
***************
*** 355,362 ****
exit(1);
}
! /* allocate space and copy the usernamane there */
source_user = strdup(pwd->pw_name);
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
--- 360,368 ----
exit(1);
}
! /* allocate space and copy the username there */
source_user = strdup(pwd->pw_name);
+ source_shell = strdup(pwd->pw_shell);
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
***************
*** 727,769 ****
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
! if (target_pwd->pw_shell)
! shell = strdup(target_pwd->pw_shell);
! else {
! shell = _DEF_CSH; /* default is cshell */
! }
#ifdef HAVE_GETUSERSHELL
/* insist that the target login uses a standard shell (root is omited) */
! if (!standard_shell(target_pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
}
#endif /* HAVE_GETUSERSHELL */
! if (target_pwd->pw_uid){
!
! if(set_env_var("USER", target_pwd->pw_name)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
!
! if(set_env_var( "HOME", target_pwd->pw_dir)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
!
! if(set_env_var( "SHELL", shell)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
/* set the cc env name to target */
--- 733,792 ----
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
! if (asme) {
! if (source_shell && *source_shell) {
! shell = strdup(source_shell);
! } else {
! shell = _DEF_CSH;
! }
! } else {
! if (target_pwd->pw_shell)
! shell = strdup(target_pwd->pw_shell);
! else {
! shell = _DEF_CSH; /* default is cshell */
! }
! }
#ifdef HAVE_GETUSERSHELL
/* insist that the target login uses a standard shell (root is omited) */
! if (asme) {
! if (!standard_shell(pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! } else {
! if (!standard_shell(target_pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
}
#endif /* HAVE_GETUSERSHELL */
! if (!asme) {
! if (target_pwd->pw_uid){
! if (set_env_var("USER", target_pwd->pw_name)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
!
! if (set_env_var( "HOME", target_pwd->pw_dir)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
!
! if (set_env_var( "SHELL", shell)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
/* set the cc env name to target */

14
security/krb5-16/files/patch-at Normal file
View file

@ -0,0 +1,14 @@
*** include/sys/syslog.h.ORIG Fri Feb 6 19:42:12 1998
--- include/sys/syslog.h Tue Jun 30 19:46:02 1998
***************
*** 34,39 ****
--- 34,42 ----
#define LOG_LPR (6<<3) /* line printer subsystem */
#define LOG_NEWS (7<<3) /* network news subsystem */
#define LOG_UUCP (8<<3) /* UUCP subsystem */
+ #if (defined(BSD) && (BSD >= 199306))
+ #define LOG_FTP (11<<3) /* ftp daemon */
+ #endif
/* other codes through 15 reserved for system use */
#define LOG_LOCAL0 (16<<3) /* reserved for local use */
#define LOG_LOCAL1 (17<<3) /* reserved for local use */

19
security/krb5-16/files/patch-au Normal file
View file

@ -0,0 +1,19 @@
*** appl/bsd/forward.c.ORIG Fri Feb 6 19:41:16 1998
--- appl/bsd/forward.c Tue Jun 30 19:46:01 1998
***************
*** 51,57 ****
*/
sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
! setenv("KRB5CCNAME", ccname, 0);
if (retval = krb5_cc_resolve(context, ccname, ccache))
goto cleanup;
--- 51,57 ----
*/
sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
! setenv("KRB5CCNAME", ccname, 1);
if (retval = krb5_cc_resolve(context, ccname, ccache))
goto cleanup;

25
security/krb5-17/files/patch-ai Normal file
View file

@ -0,0 +1,25 @@
*** appl/gssftp/ftpd/ftpd.c.ORIG Fri Feb 6 19:41:25 1998
--- appl/gssftp/ftpd/ftpd.c Tue Jun 30 19:46:01 1998
***************
*** 374,380 ****
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
! openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON);
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
--- 374,386 ----
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
!
! #ifndef LOG_FTP
! #define FACILITY LOG_DAEMON
! #else
! #define FACILITY LOG_FTP
! #endif
! openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY);
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);

46
security/krb5-17/files/patch-aj Normal file
View file

@ -0,0 +1,46 @@
*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998
--- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998
***************
*** 44,55 ****
#include <unistd.h>
#include <string.h>
! #ifdef WTMP_FILE
! #define WTMPFILE WTMP_FILE
#endif
! #ifndef WTMPFILE
! #define WTMPFILE "/usr/adm/wtmp"
#endif
static int fd = -1;
--- 44,55 ----
#include <unistd.h>
#include <string.h>
! #if !defined(WTMP_FILE) && defined(_PATH_WTMP)
! #define WTMP_FILE _PATH_WTMP
#endif
! #ifndef WTMP_FILE
! #define WTMP_FILE "/usr/adm/wtmp"
#endif
static int fd = -1;
***************
*** 66,72 ****
struct stat buf;
time_t time();
! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0)
return;
if (fstat(fd, &buf) == 0) {
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
--- 66,72 ----
struct stat buf;
time_t time();
! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0)
return;
if (fstat(fd, &buf) == 0) {
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));

194
security/krb5-17/files/patch-as Normal file
View file

@ -0,0 +1,194 @@
*** clients/ksu/main.c.ORIG Fri Feb 6 19:41:57 1998
--- clients/ksu/main.c Tue Jun 30 19:46:02 1998
***************
*** 56,62 ****
ill specified arguments to commands */
void usage (){
! fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
--- 56,62 ----
ill specified arguments to commands */
void usage (){
! fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
***************
*** 75,80 ****
--- 75,81 ----
int argc;
char ** argv;
{
+ int asme = 0;
int hp =0;
int some_rest_copy = 0;
int all_rest_copy = 0;
***************
*** 90,95 ****
--- 91,97 ----
char * cc_target_tag = NULL;
char * target_user = NULL;
char * source_user;
+ char * source_shell;
krb5_ccache cc_source = NULL;
char * cc_source_tag = NULL;
***************
*** 174,180 ****
}
! while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkql:e:")) != EOF)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
--- 176,182 ----
}
! while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkmql:e:")) != EOF)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
***************
*** 216,221 ****
--- 218,226 ----
errflg++;
}
break;
+ case 'm':
+ asme = 1;
+ break;
case 'n':
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
com_err(prog_name, retval, "when parsing name %s", optarg);
***************
*** 355,362 ****
exit(1);
}
! /* allocate space and copy the usernamane there */
source_user = strdup(pwd->pw_name);
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
--- 360,368 ----
exit(1);
}
! /* allocate space and copy the username there */
source_user = strdup(pwd->pw_name);
+ source_shell = strdup(pwd->pw_shell);
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
***************
*** 727,769 ****
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
! if (target_pwd->pw_shell)
! shell = strdup(target_pwd->pw_shell);
! else {
! shell = _DEF_CSH; /* default is cshell */
! }
#ifdef HAVE_GETUSERSHELL
/* insist that the target login uses a standard shell (root is omited) */
! if (!standard_shell(target_pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
}
#endif /* HAVE_GETUSERSHELL */
! if (target_pwd->pw_uid){
!
! if(set_env_var("USER", target_pwd->pw_name)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
!
! if(set_env_var( "HOME", target_pwd->pw_dir)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
!
! if(set_env_var( "SHELL", shell)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
/* set the cc env name to target */
--- 733,792 ----
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
! if (asme) {
! if (source_shell && *source_shell) {
! shell = strdup(source_shell);
! } else {
! shell = _DEF_CSH;
! }
! } else {
! if (target_pwd->pw_shell)
! shell = strdup(target_pwd->pw_shell);
! else {
! shell = _DEF_CSH; /* default is cshell */
! }
! }
#ifdef HAVE_GETUSERSHELL
/* insist that the target login uses a standard shell (root is omited) */
! if (asme) {
! if (!standard_shell(pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! } else {
! if (!standard_shell(target_pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
}
#endif /* HAVE_GETUSERSHELL */
! if (!asme) {
! if (target_pwd->pw_uid){
! if (set_env_var("USER", target_pwd->pw_name)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
!
! if (set_env_var( "HOME", target_pwd->pw_dir)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
!
! if (set_env_var( "SHELL", shell)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
/* set the cc env name to target */

14
security/krb5-17/files/patch-at Normal file
View file

@ -0,0 +1,14 @@
*** include/sys/syslog.h.ORIG Fri Feb 6 19:42:12 1998
--- include/sys/syslog.h Tue Jun 30 19:46:02 1998
***************
*** 34,39 ****
--- 34,42 ----
#define LOG_LPR (6<<3) /* line printer subsystem */
#define LOG_NEWS (7<<3) /* network news subsystem */
#define LOG_UUCP (8<<3) /* UUCP subsystem */
+ #if (defined(BSD) && (BSD >= 199306))
+ #define LOG_FTP (11<<3) /* ftp daemon */
+ #endif
/* other codes through 15 reserved for system use */
#define LOG_LOCAL0 (16<<3) /* reserved for local use */
#define LOG_LOCAL1 (17<<3) /* reserved for local use */

19
security/krb5-17/files/patch-au Normal file
View file

@ -0,0 +1,19 @@
*** appl/bsd/forward.c.ORIG Fri Feb 6 19:41:16 1998
--- appl/bsd/forward.c Tue Jun 30 19:46:01 1998
***************
*** 51,57 ****
*/
sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
! setenv("KRB5CCNAME", ccname, 0);
if (retval = krb5_cc_resolve(context, ccname, ccache))
goto cleanup;
--- 51,57 ----
*/
sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
! setenv("KRB5CCNAME", ccname, 1);
if (retval = krb5_cc_resolve(context, ccname, ccache))
goto cleanup;

25
security/krb5-appl/files/patch-ai Normal file
View file

@ -0,0 +1,25 @@
*** appl/gssftp/ftpd/ftpd.c.ORIG Fri Feb 6 19:41:25 1998
--- appl/gssftp/ftpd/ftpd.c Tue Jun 30 19:46:01 1998
***************
*** 374,380 ****
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
! openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON);
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
--- 374,386 ----
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
!
! #ifndef LOG_FTP
! #define FACILITY LOG_DAEMON
! #else
! #define FACILITY LOG_FTP
! #endif
! openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY);
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);

46
security/krb5-appl/files/patch-aj Normal file
View file

@ -0,0 +1,46 @@
*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998
--- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998
***************
*** 44,55 ****
#include <unistd.h>
#include <string.h>
! #ifdef WTMP_FILE
! #define WTMPFILE WTMP_FILE
#endif
! #ifndef WTMPFILE
! #define WTMPFILE "/usr/adm/wtmp"
#endif
static int fd = -1;
--- 44,55 ----
#include <unistd.h>
#include <string.h>
! #if !defined(WTMP_FILE) && defined(_PATH_WTMP)
! #define WTMP_FILE _PATH_WTMP
#endif
! #ifndef WTMP_FILE
! #define WTMP_FILE "/usr/adm/wtmp"
#endif
static int fd = -1;
***************
*** 66,72 ****
struct stat buf;
time_t time();
! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0)
return;
if (fstat(fd, &buf) == 0) {
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
--- 66,72 ----
struct stat buf;
time_t time();
! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0)
return;
if (fstat(fd, &buf) == 0) {
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));

194
security/krb5-appl/files/patch-as Normal file
View file

@ -0,0 +1,194 @@
*** clients/ksu/main.c.ORIG Fri Feb 6 19:41:57 1998
--- clients/ksu/main.c Tue Jun 30 19:46:02 1998
***************
*** 56,62 ****
ill specified arguments to commands */
void usage (){
! fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
--- 56,62 ----
ill specified arguments to commands */
void usage (){
! fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
***************
*** 75,80 ****
--- 75,81 ----
int argc;
char ** argv;
{
+ int asme = 0;
int hp =0;
int some_rest_copy = 0;
int all_rest_copy = 0;
***************
*** 90,95 ****
--- 91,97 ----
char * cc_target_tag = NULL;
char * target_user = NULL;
char * source_user;
+ char * source_shell;
krb5_ccache cc_source = NULL;
char * cc_source_tag = NULL;
***************
*** 174,180 ****
}
! while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkql:e:")) != EOF)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
--- 176,182 ----
}
! while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkmql:e:")) != EOF)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
***************
*** 216,221 ****
--- 218,226 ----
errflg++;
}
break;
+ case 'm':
+ asme = 1;
+ break;
case 'n':
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
com_err(prog_name, retval, "when parsing name %s", optarg);
***************
*** 355,362 ****
exit(1);
}
! /* allocate space and copy the usernamane there */
source_user = strdup(pwd->pw_name);
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
--- 360,368 ----
exit(1);
}
! /* allocate space and copy the username there */
source_user = strdup(pwd->pw_name);
+ source_shell = strdup(pwd->pw_shell);
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
***************
*** 727,769 ****
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
! if (target_pwd->pw_shell)
! shell = strdup(target_pwd->pw_shell);
! else {
! shell = _DEF_CSH; /* default is cshell */
! }
#ifdef HAVE_GETUSERSHELL
/* insist that the target login uses a standard shell (root is omited) */
! if (!standard_shell(target_pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
}
#endif /* HAVE_GETUSERSHELL */
! if (target_pwd->pw_uid){
!
! if(set_env_var("USER", target_pwd->pw_name)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
!
! if(set_env_var( "HOME", target_pwd->pw_dir)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
!
! if(set_env_var( "SHELL", shell)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
/* set the cc env name to target */
--- 733,792 ----
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
! if (asme) {
! if (source_shell && *source_shell) {
! shell = strdup(source_shell);
! } else {
! shell = _DEF_CSH;
! }
! } else {
! if (target_pwd->pw_shell)
! shell = strdup(target_pwd->pw_shell);
! else {
! shell = _DEF_CSH; /* default is cshell */
! }
! }
#ifdef HAVE_GETUSERSHELL
/* insist that the target login uses a standard shell (root is omited) */
! if (asme) {
! if (!standard_shell(pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! } else {
! if (!standard_shell(target_pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
}
#endif /* HAVE_GETUSERSHELL */
! if (!asme) {
! if (target_pwd->pw_uid){
! if (set_env_var("USER", target_pwd->pw_name)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
!
! if (set_env_var( "HOME", target_pwd->pw_dir)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
!
! if (set_env_var( "SHELL", shell)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
/* set the cc env name to target */

14
security/krb5-appl/files/patch-at Normal file
View file

@ -0,0 +1,14 @@
*** include/sys/syslog.h.ORIG Fri Feb 6 19:42:12 1998
--- include/sys/syslog.h Tue Jun 30 19:46:02 1998
***************
*** 34,39 ****
--- 34,42 ----
#define LOG_LPR (6<<3) /* line printer subsystem */
#define LOG_NEWS (7<<3) /* network news subsystem */
#define LOG_UUCP (8<<3) /* UUCP subsystem */
+ #if (defined(BSD) && (BSD >= 199306))
+ #define LOG_FTP (11<<3) /* ftp daemon */
+ #endif
/* other codes through 15 reserved for system use */
#define LOG_LOCAL0 (16<<3) /* reserved for local use */
#define LOG_LOCAL1 (17<<3) /* reserved for local use */

19
security/krb5-appl/files/patch-au Normal file
View file

@ -0,0 +1,19 @@
*** appl/bsd/forward.c.ORIG Fri Feb 6 19:41:16 1998
--- appl/bsd/forward.c Tue Jun 30 19:46:01 1998
***************
*** 51,57 ****
*/
sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
! setenv("KRB5CCNAME", ccname, 0);
if (retval = krb5_cc_resolve(context, ccname, ccache))
goto cleanup;
--- 51,57 ----
*/
sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
! setenv("KRB5CCNAME", ccname, 1);
if (retval = krb5_cc_resolve(context, ccname, ccache))
goto cleanup;

25
security/krb5/files/patch-ai Normal file
View file

@ -0,0 +1,25 @@
*** appl/gssftp/ftpd/ftpd.c.ORIG Fri Feb 6 19:41:25 1998
--- appl/gssftp/ftpd/ftpd.c Tue Jun 30 19:46:01 1998
***************
*** 374,380 ****
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
! openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_DAEMON);
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);
--- 374,386 ----
#ifndef LOG_DAEMON
#define LOG_DAEMON 0
#endif
!
! #ifndef LOG_FTP
! #define FACILITY LOG_DAEMON
! #else
! #define FACILITY LOG_FTP
! #endif
! openlog("ftpd", LOG_PID | LOG_NDELAY, FACILITY);
addrlen = sizeof (his_addr);
if (getpeername(0, (struct sockaddr *)&his_addr, &addrlen) < 0) {
syslog(LOG_ERR, "getpeername (%s): %m",argv[0]);

46
security/krb5/files/patch-aj Normal file
View file

@ -0,0 +1,46 @@
*** appl/gssftp/ftpd/logwtmp.c.ORIG Fri Feb 6 19:41:25 1998
--- appl/gssftp/ftpd/logwtmp.c Tue Jun 30 19:46:01 1998
***************
*** 44,55 ****
#include <unistd.h>
#include <string.h>
! #ifdef WTMP_FILE
! #define WTMPFILE WTMP_FILE
#endif
! #ifndef WTMPFILE
! #define WTMPFILE "/usr/adm/wtmp"
#endif
static int fd = -1;
--- 44,55 ----
#include <unistd.h>
#include <string.h>
! #if !defined(WTMP_FILE) && defined(_PATH_WTMP)
! #define WTMP_FILE _PATH_WTMP
#endif
! #ifndef WTMP_FILE
! #define WTMP_FILE "/usr/adm/wtmp"
#endif
static int fd = -1;
***************
*** 66,72 ****
struct stat buf;
time_t time();
! if (fd < 0 && (fd = open(WTMPFILE, O_WRONLY|O_APPEND, 0)) < 0)
return;
if (fstat(fd, &buf) == 0) {
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
--- 66,72 ----
struct stat buf;
time_t time();
! if (fd < 0 && (fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0)) < 0)
return;
if (fstat(fd, &buf) == 0) {
(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));

194
security/krb5/files/patch-as Normal file
View file

@ -0,0 +1,194 @@
*** clients/ksu/main.c.ORIG Fri Feb 6 19:41:57 1998
--- clients/ksu/main.c Tue Jun 30 19:46:02 1998
***************
*** 56,62 ****
ill specified arguments to commands */
void usage (){
! fprintf(stderr, "Usage: %s [target user] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
--- 56,62 ----
ill specified arguments to commands */
void usage (){
! fprintf(stderr, "Usage: %s [target user] [-m] [-n principal] [-c source cachename] [-C target cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]\n", prog_name);
}
***************
*** 75,80 ****
--- 75,81 ----
int argc;
char ** argv;
{
+ int asme = 0;
int hp =0;
int some_rest_copy = 0;
int all_rest_copy = 0;
***************
*** 90,95 ****
--- 91,97 ----
char * cc_target_tag = NULL;
char * target_user = NULL;
char * source_user;
+ char * source_shell;
krb5_ccache cc_source = NULL;
char * cc_source_tag = NULL;
***************
*** 174,180 ****
}
! while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkql:e:")) != EOF)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
--- 176,182 ----
}
! while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkmql:e:")) != EOF)){
switch (option) {
case 'r':
options.opt |= KDC_OPT_RENEWABLE;
***************
*** 216,221 ****
--- 218,226 ----
errflg++;
}
break;
+ case 'm':
+ asme = 1;
+ break;
case 'n':
if ((retval = krb5_parse_name(ksu_context, optarg, &client))){
com_err(prog_name, retval, "when parsing name %s", optarg);
***************
*** 355,362 ****
exit(1);
}
! /* allocate space and copy the usernamane there */
source_user = strdup(pwd->pw_name);
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
--- 360,368 ----
exit(1);
}
! /* allocate space and copy the username there */
source_user = strdup(pwd->pw_name);
+ source_shell = strdup(pwd->pw_shell);
source_uid = pwd->pw_uid;
source_gid = pwd->pw_gid;
***************
*** 727,769 ****
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
! if (target_pwd->pw_shell)
! shell = strdup(target_pwd->pw_shell);
! else {
! shell = _DEF_CSH; /* default is cshell */
! }
#ifdef HAVE_GETUSERSHELL
/* insist that the target login uses a standard shell (root is omited) */
! if (!standard_shell(target_pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
}
#endif /* HAVE_GETUSERSHELL */
! if (target_pwd->pw_uid){
!
! if(set_env_var("USER", target_pwd->pw_name)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
!
! if(set_env_var( "HOME", target_pwd->pw_dir)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
!
! if(set_env_var( "SHELL", shell)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
/* set the cc env name to target */
--- 733,792 ----
/* get the shell of the user, this will be the shell used by su */
target_pwd = getpwnam(target_user);
! if (asme) {
! if (source_shell && *source_shell) {
! shell = strdup(source_shell);
! } else {
! shell = _DEF_CSH;
! }
! } else {
! if (target_pwd->pw_shell)
! shell = strdup(target_pwd->pw_shell);
! else {
! shell = _DEF_CSH; /* default is cshell */
! }
! }
#ifdef HAVE_GETUSERSHELL
/* insist that the target login uses a standard shell (root is omited) */
! if (asme) {
! if (!standard_shell(pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! } else {
! if (!standard_shell(target_pwd->pw_shell) && source_uid) {
! fprintf(stderr, "ksu: permission denied (shell).\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
}
#endif /* HAVE_GETUSERSHELL */
! if (!asme) {
! if (target_pwd->pw_uid){
! if (set_env_var("USER", target_pwd->pw_name)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
!
! if (set_env_var( "HOME", target_pwd->pw_dir)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
!
! if (set_env_var( "SHELL", shell)){
! fprintf(stderr,"ksu: couldn't set environment variable USER\n");
! sweep_up(ksu_context, use_source_cache, cc_target);
! exit(1);
! }
! }
/* set the cc env name to target */

14
security/krb5/files/patch-at Normal file
View file

@ -0,0 +1,14 @@
*** include/sys/syslog.h.ORIG Fri Feb 6 19:42:12 1998
--- include/sys/syslog.h Tue Jun 30 19:46:02 1998
***************
*** 34,39 ****
--- 34,42 ----
#define LOG_LPR (6<<3) /* line printer subsystem */
#define LOG_NEWS (7<<3) /* network news subsystem */
#define LOG_UUCP (8<<3) /* UUCP subsystem */
+ #if (defined(BSD) && (BSD >= 199306))
+ #define LOG_FTP (11<<3) /* ftp daemon */
+ #endif
/* other codes through 15 reserved for system use */
#define LOG_LOCAL0 (16<<3) /* reserved for local use */
#define LOG_LOCAL1 (17<<3) /* reserved for local use */

19
security/krb5/files/patch-au Normal file
View file

@ -0,0 +1,19 @@
*** appl/bsd/forward.c.ORIG Fri Feb 6 19:41:16 1998
--- appl/bsd/forward.c Tue Jun 30 19:46:01 1998
***************
*** 51,57 ****
*/
sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
! setenv("KRB5CCNAME", ccname, 0);
if (retval = krb5_cc_resolve(context, ccname, ccache))
goto cleanup;
--- 51,57 ----
*/
sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
! setenv("KRB5CCNAME", ccname, 1);
if (retval = krb5_cc_resolve(context, ccname, ccache))
goto cleanup;