announced a K4 weakness with their rsh/rlogins. We were not put in any
danger by this, as we were not using KTH rlogin/rsh, but the patches
in themselves, had some good points. This lot means we can run our
rlogin without it being SUID root. Win win win. There are other KTH
cleanups as well.
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
Kerberos obtains a network address for the local host from the routing
tables and uses it consistently for all Kerberos transactions. This ensures
that packets only leave the *authenticated* interface. Clients who open
and use their own sockets for encrypted or authenticated correspondance
to kerberos services should bind their sockets to the same address as that
used by kerberos. krb_get_local_addr() and krb_bind_local_addr() allow
clients to obtain the local address or bind a socket to the local address
used by Kerberos respectively.
Reviewed by: Mark Murray <markm>, Garrett Wollman <wollman>
Obtained from: concept by Dieter Dworkin Muller <dworkin@village.org>
I do some digging out on this subject and found that remote
rlogind may reduce big speeds to 38400 by itself and (as more often
rlogind variant) speed setting ioctl fails, so speed left on 9600.
In all cases it doesn't do any real harm.
- Get rid of inverse logic (NOKERBEROS and NOEBONES) in src/makefile,
and replace with MAKE_KERBEROS and MAKE_EBONES. (Far fewer contortions,
and both default to off.) IF YOU WANT KERBEROS, YOU HAVE TO EXPLICITLY
DEFINE ONE OF THESE.
- Make Makefiles kerberos-aware.
Mark Murray
Philippe Charnier
Peter Wemm
Bruce Evans
Warner Losh
Wolfram Schneider
Paul Traina
Justin T. Gibbs
Andrey A. Chernov
Rodney W. Grimes
David Greenman
Garrett Wollman
Geoff Rehmet
Doug Rabson
Andreas Schulz