mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-18 10:35:55 +00:00
Code Issues Releases Activity
9,479 Commits 339 Branches 3,553 Tags 2 GiB
00f4a8c7f8
Commit Graph

69 Commits

Author SHA1 Message Date
Paul Traina
a4a142bd15 Do NOT compile with -DKLUDGELINEMODE...hoses many telnet clients 1995-08-28 17:55:08 +00:00
Mark Murray
bb462e80e7 Remove register, registerd & make_keypair until thedes library is moved. m 1995-08-26 13:46:12 +00:00
Mark Murray
b0e6df47f9 Allow the kerberos utilities and kerberised code to still find des.h in 
the old place. This corrects an upgrade that sneaked through too early.
 1995-08-26 12:45:06 +00:00
Mark Murray
b1ebdd50cb Start the eBones cleanup ball rolling. 
These are the start of a lot of work to clean up the FreeBSD eBones code.
these changes include, but are not limited to:
- Create prototypes for all the library routines
- Make all the libraries compile clean with -Wall set
- Fix numerous small bugs shown up in the above process
- Prepare the code for libdes's removal to secure/
- add register, registerd and make_keypair to the make
Lots more will follow in days to come.

OK'ed by: rgrimes
 1995-08-25 22:52:32 +00:00
Andrey A. Chernov
0a06628ab2 Comment out LDADD+=-ldescrypt, it is not yet active due to 
missng defines for krb4encpwd and rsaencpwd and missing rsa library too.
 1995-08-05 19:10:25 +00:00
Andrey A. Chernov
d2245bac95 Nuke one __FreeBSD__ left out 
Reviewed by:
Submitted by:
Obtained from:
 1995-08-04 03:02:30 +00:00
Andrey A. Chernov
ba60b431ca Change default banner to FreeBSD, properly ifdefed by __FreeBSD__ 
Reviewed by:
Submitted by:
Obtained from:
 1995-08-04 00:12:08 +00:00
Paul Traina
a98348f35c Update manual page to reflect "empty password" usage. 1995-08-03 16:23:12 +00:00
Paul Traina
4a1842c971 Null password should ask for random 1995-08-02 23:15:12 +00:00
Paul Traina
278022fad4 Make the DB/DBM routines generic (ifdef FreeBSD considered evil), and 
also fix a string allocation bug.

Submitted by: Havard Eidnes
 1995-08-02 23:08:18 +00:00
Paul Traina
f97a38cd65 Program to receive and process a new kerberos database (this is run on 
the slave server).

NOTE: This code should not be built, there is no documentation, and this
      method of database transfer is highly suboptimal.  It's here just
      for those of us who actually have multiple K4 servers and want
      something more secure than the other distribution mechanisms.

Obtained from: MIT Project Athena
 1995-08-02 22:14:27 +00:00
Paul Traina
fa84c42025 Import an updated revision of the MIT kprop program for distributing 
kerberos databases to slave servers.

NOTE: This method was abandoned by MIT long ago, this code is close to
      garbage,  but it is slightly more secure than using rdist.
      There is no documentation available on how to use it, and
      it should -not- be built by default.

Obtained from:	MIT Project Athena
 1995-08-02 22:11:44 +00:00
Justin T. Gibbs
e0deda6676 Make kadmind safe to run on multi-homed machines. 
Reviewed by: Garrett A. Wollman (wollman@FreeBSD.org)
 1995-08-02 18:31:08 +00:00
Andrey A. Chernov
9ed77b336f Final cleanup pass through Makefiles, now this stuff 
autodetect kerberos/eBones and work even with eBones,
but with reduced functionality (don't pick up des/krb stuff
in this case)
 1995-07-24 22:55:59 +00:00
Andrey A. Chernov
dbd07ffcc0 Add -ldescrypt, or wrong crypt version can be picked from libc 
Reviewed by:
Submitted by:
Obtained from:
 1995-07-24 22:01:01 +00:00
Andrey A. Chernov
6b370f4c7e Add LDADD+= -ldescrypt 
Reviewed by:
Submitted by:
Obtained from:
 1995-07-24 21:57:58 +00:00
Andrey A. Chernov
b6c080f6bc Move -ldes under kerb stuff, my fault 
Reviewed by:
Submitted by:
Obtained from:
 1995-07-24 21:49:06 +00:00
Andrey A. Chernov
e74d115547 Since this stuff not works with eBones, ifdef kerberos stuff 
with MAKE_KERBEROS to allow other things to live
Reviewed by:
Submitted by:
Obtained from:
 1995-07-24 21:47:30 +00:00
Andrey A. Chernov
3b901a0b79 Since this stuff not works with eBones, ifdef kerberos stuff 
with MAKE_KERBEROS to allow other things to live
Submitted by:
Obtained from:
 1995-07-24 21:38:32 +00:00
Andrey A. Chernov
4109d6bfef Add comment about new_rnd_key.c module needed from original 
libdes (and not present in eBones libdes)
 1995-07-24 21:12:57 +00:00
Andrey A. Chernov
7170827e21 Add comment about new_rbd_key.c module needed from 
original libdes
 1995-07-24 21:10:47 +00:00
Andrey A. Chernov
f8e556c37d Fix dependances, typing errors, etc. 
Note: this thing need original libdes not Eric Young libdes from eBones
Submitted by:
Obtained from:
 1995-07-24 20:40:03 +00:00
Andrey A. Chernov
bfdd0041fc Fix many bogus things, typing error, dependance errors, etc., 
now it compiles.
Note: this stuff requires original libdes, not libdes from
Eric Yang which we have in eBones.
 1995-07-24 20:29:12 +00:00
Rodney W. Grimes
4b6cee4dd6 date: 1995/07/12 13:10:58; author: jkh; state: Exp; lines: +3 -2 
Sync with Mark M's latest suggestions.
Submitted by:   markm

[This is being pulled from RELENG_2_0_5, it was commited there after the
release, and we need it here and in RELENG_2_1_0, it will be cvs admin -o'ed
off the RELENG_2_0_5 branch after this commit.]
 1995-07-22 04:24:05 +00:00
Paul Traina
4a0834a5a2 When hostname len > 8, name replaced with dot notation when -u flag 
not specified (default case).
Use _PATH_* for utmp/wtmp.

Support for >32 PTYs.
>Submitted by:   Heikki Suonsivu <hsu@cs.hut.fi>

Plug already known security hole. (Brought over from 1.1.5):
Fixed security problem with telnetd, which allowed
   telnet -l -hcert.org localhost
to change the user's host in utmp.
Thanks to Matthew Green <mrgreen@@mame.mu.oz.au> for showing me this one.

>Reviewed by:    karl, guido
>Submitted by:   mrgreen@mame.mu.oz.au

Obtained from:	FreeBSD insecure telnetd
 1995-07-20 12:35:01 +00:00
Paul Traina
4fd39f708a The final negotiation of DO_BINARY in the LINEMODE portion of the telnetd code 
causes some clients that do not support linemode to mis-interpret the return
key (i.e. double returns).
The fix is to only do the state check for binary options if linemode will
be used.
Closes PR#505.

Submitted by:   Charles Henrich
Obtained from:	FreeBSD insecure telnetd
 1995-07-20 12:32:40 +00:00
Paul Traina
9809ff32f6 Update telnet to the 95.05.31 release. 
Obtained from:	Dave Borman <dab@cray.com>
 1995-07-20 11:40:06 +00:00
Rodney W. Grimes
d3628763db Merge RELENG_2_0_5 into HEAD 1995-06-11 19:33:05 +00:00
Rodney W. Grimes
7799f52a32 Remove trailing whitespace. 1995-05-30 06:41:30 +00:00
Rodney W. Grimes
5ebc7e6281 Remove trailing whitespace. 1995-05-30 06:12:45 +00:00
Garrett Wollman
2b50c84ac1 Make certain that random keys havethe correct parity, for interoperation with 
MIT v4 implementations.

Submitted by: Reece R. Pollack <reece@eco.twg.com>
 1995-05-09 18:05:15 +00:00
Dima Ruban
399e5b4411 Security fixes. 
CERT Advisory CA-95:03.telnet.encryption

Obtained from: CERT
 1995-02-17 03:57:00 +00:00
Andrey A. Chernov
3d70f09304 Build kpasswd from normal passwd sources now 
Submitted by: mark@grondar.za
 1995-02-11 18:25:38 +00:00
Jordan K. Hubbard
2b6645c034 Various documentation changes. 
Submitted by:	Mark Murray <mark@grondar.za>
 1995-02-08 10:54:30 +00:00
Andrey A. Chernov
ac6802b11c Fix database deletion, we don't have .dir & .pag, use .db instead 1995-01-25 19:57:27 +00:00
Andrey A. Chernov
06b1dd511a Fix database rename, we don't have .dr & .pag, use .db instead 1995-01-25 19:45:25 +00:00
Justin T. Gibbs
8d4b2d911c Less expensive fix for the freeing of uninitialized fields in the hostdata 
struct.  Simply test the "no_host" variable, which if true implies that
the hostdata contains bogus data, and act accordingly.
 1995-01-25 06:37:33 +00:00
Justin T. Gibbs
33ac11112d bzero hostdata in send_to_kdc so that if we immediately jump to the 
cleanup routine, we don't look at bogus data to determine wheter or not
to free the fields of the hostdata struct.  This cures the "klogin segfaults
when no kerberos servers are availible" problem.
 1995-01-25 05:40:00 +00:00
Andrey A. Chernov
5ba6fadf2f Add missing newline (or messages concatenated) 1995-01-25 02:27:00 +00:00
Garrett Wollman
745bdc24b4 Print out error messages from libkadm correctly (i.e., using com_err). 1995-01-23 22:54:08 +00:00
Garrett Wollman
422c275a72 Add ksrvutil. 1995-01-20 22:40:02 +00:00
Garrett Wollman
8c5c9f2577 Add last piece in fully-functional Kerberos implementation: ksrvutil, 
a program to manage /etc/srvtab.
 1995-01-20 22:38:30 +00:00
Garrett Wollman
218a5dcf33 Added Kerberized passwd. 1995-01-20 22:16:47 +00:00
Garrett Wollman
788c8e2ea4 Password-changing program with Kerberos support via the `kadmin' 
protocol.  Replaces passwd(1) when eBones is installed.  As before, HOW-TO
explains the gory details.
 1995-01-20 22:14:14 +00:00
Garrett Wollman
01ae44681d Fix bonehead /usr/lib -> /usr/bin. 1995-01-20 22:08:14 +00:00
Garrett Wollman
4ed9828579 Add kadmind. 1995-01-20 03:13:48 +00:00
Garrett Wollman
acfdd75a53 Add kadmind. HOW-TO documents how to get here from raw eBones. 1995-01-20 03:13:00 +00:00
Garrett Wollman
703273c507 Add kadmin. 1995-01-20 02:49:47 +00:00
Garrett Wollman
516345750a The user side of the kadmin protocol. HOW-TO describes how to recreate 
this based just on the eBones distribution.
 1995-01-20 02:47:50 +00:00
Garrett Wollman
a15e22a637 Add the library used by kadmin' and kadmind'. Oddly enough, this 
little library is actually exportable (we think) even though it's pretty
useless iwithout the (non-exportable) clients.
 1995-01-20 02:02:54 +00:00