xref: /freebsd/crypto/heimdal/appl/rsh/ChangeLog (revision 39ee7a7a6bdd1557b1c3532abf60d139798ac88b)
12007-07-12  Love Hörnquist Åstrand  <lha@it.su.se>
2
3	* rsh.c: Fix pointer vs strict alias rules.
4
5	* rshd.c: Fix pointer vs strict alias rules.
6
72007-01-04  Love Hörnquist Åstrand  <lha@it.su.se>
8
9	* rshd.c: Declare iruserok if needed, based on bug report from
10	David Love.
11
122006-11-14  Love Hörnquist Åstrand  <lha@it.su.se>
13
14	* rsh_locl.h: Forward decl.
15
162006-10-14  Love Hörnquist Åstrand  <lha@it.su.se>
17
18	* rsh_locl.h: Include "crypto-headers.h".
19
202006-10-07  Love Hörnquist Åstrand  <lha@it.su.se>
21
22	* Makefile.am: Add man_MANS to EXTRA_DIST
23
242006-04-27  Love Hörnquist Åstrand  <lha@it.su.se>
25
26	* Makefile.am: rshd_SOURCES += add limits_conf.c
27
28	* rsh_locl.h: Include "loginpaths.h"
29
30	* rshd.c: Read limits from limits.confon non-root login, patch
31	from Daniel Ahlin
32
332006-02-27 Johan Danielsson <joda@pdc.kth.se>
34
35	* rshd.8: grammar (from Thomas Klausner)
36
372006-01-31  Johan Danielsson  <joda@pdc.kth.se>
38
39	* rshd.c (krb5_start_session): syslog failures to store cred cache
40
412005-12-21  Love Hörnquist Åstrand  <lha@it.su.se>
42
43	* rshd.c (doit): move creation of users ticket file to later to
44	avoid seteuid/setuid dance. this breaks DCE, so remove support for
45	it completely.
46
472005-10-22  Love Hörnquist Åstrand  <lha@it.su.se>
48
49	* rshd.c: Check return value from asprintf instead of string !=
50	NULL since it undefined behavior on Linux. From Björn Sandell
51
52	* rsh.c: Check return value from asprintf instead of string !=
53	NULL since it undefined behavior on Linux. From Björn Sandell
54
552005-06-08  Love Hörnquist Åstrand  <lha@it.su.se>
56
57	* rshd.c: init some important variables and check that they are
58	set checking authentication, all to please gcc
59
602005-05-27  Love Hörnquist Åstrand  <lha@it.su.se>
61
62	* rshd.c: case uid_t to unsigned long in printf format
63
642005-04-27  Love Hörnquist Åstrand  <lha@it.su.se>
65
66	* rsh_locl.h: Use larger buffer for recving data to be compatible
67	with older versions of heimdal (0.4 branch specificly)
68
69	* rshd.c: Use larger buffer for recving data to be compatible with
70	older versions of heimdal (0.4 branch specificly)
71
722005-04-25  Love Hörnquist Åstrand  <lha@it.su.se>
73
74	* rshd.c: use snprintf to format tkfile
75
762005-04-24  Love Hörnquist Åstrand  <lha@it.su.se>
77
78	* rsh.c: use strlcat
79
80	* rsh.c: use strlcpy
81
82	* rsh_locl.h: forward declaration for private structures
83
842005-04-20  Love Hörnquist Åstrand  <lha@it.su.se>
85
86	* rsh.c: cast size_t to unsigned long
87
882004-09-21  Johan Danielsson  <joda@pdc.kth.se>
89
90	* rshd.c: rename loop to rshd_loop
91
92	* rshd.c: pass errsock status to init_ivecs
93
94	* rsh.c: rename loop() to rsh_loop()
95
96	* rsh.c (loop): pass errsock status to init_ivecs
97
98	* common.c (init_ivecs): if we don't have an errsock the ivecs
99	should point to the same data
100
101	* rshd.c: if we don't have an errsock, dup stdout to stderr (this
102	would normally be done by inetd, but not by mini_inetd).
103
104	* rshd.c: move keepalive setting to after setting up sockets
105
1062004-02-20  Johan Danielsson  <joda@pdc.kth.se>
107
108	* rsh.1: reorder and document some options
109
110	* rsh_locl.h: include kafs.h if krb4 || krb5
111
112	* rsh.c: reorder some options
113
1142003-09-04  Johan Danielsson  <joda@pdc.kth.se>
115
116	* rsh.1: document -d
117
1182003-08-19  Johan Danielsson  <joda@pdc.kth.se>
119
120	* rshd.c: -P also with KRB5
121
1222003-04-22  Love Hörnquist Åstrand  <lha@it.su.se>
123
124	* rsh.1: replace > with \*[Gt]
125
1262003-04-16  Johan Danielsson  <joda@pdc.kth.se>
127
128	* rsh.c: use krb5_appdefault to get defaults for forward and
129	encrypt
130
131	* rshd.c: use ARG_MAX + 1
132
133	* rshd.c (read_str): return allocated string
134
135	* rsh_locl.h: set NCARGS to 8k if undefined
136
1372003-03-23  Assar Westerlund  <assar@kth.se>
138
139	* rsh.c (loop): only check errsock if it's valid
140
1412003-03-18  Love  Love Hörnquist Åstrand <lha@it.su.se>
142
143	* rshd.c: do krb5_afslog when compling with afs support
144
145	* rsh_locl.h: always include kafs.h
146
1472002-11-22  Johan Danielsson  <joda@pdc.kth.se>
148
149	* rshd.8: clarify -x and kerberos 5
150
1512002-11-01  Johan Danielsson  <joda@pdc.kth.se>
152
153	* rsh_locl.h: bump COMMAND_SZ to NCARGS+1
154
1552002-09-04  Johan Danielsson  <joda@pdc.kth.se>
156
157	* rsh.c: free some memory
158
1592002-09-04  Assar Westerlund  <assar@kth.se>
160
161	* common.c: krb5_crypto_block_size -> krb5_crypto_getblocksize
162
1632002-09-04  Johan Danielsson  <joda@pdc.kth.se>
164
165	* rsh.1: document -P
166
1672002-09-03  Johan Danielsson  <joda@pdc.kth.se>
168
169	* rsh.c: revert to protocol v1 if not asked for specific protocol
170
171	* rshd.c: handle protocol version 2
172
173	* rsh.c: handle protocol version 2
174
175	* common.c: handle protocol version 2
176
177	* rsh_locl.h: handle protocol version 2
178
1792002-02-18  Johan Danielsson  <joda@pdc.kth.se>
180
181	* rshd.c: don't show options that doesn't apply
182
183	* rsh.c: don't show options that doesn't apply
184
185	* rsh_locl.h: if we're not building with any kerberos support,
186	just call read/write directly
187
188	* common.c: if we're not building with any kerberos support, just
189	call read/write directly
190
191	* rshd.c: make this build without krb5; also use the addrinfo
192	interface to mini_inetd, and set the keepalive option if requested
193
194	* rsh.c: make this build without krb5
195
196	* rsh_locl.h: make this build without krb5
197
198	* common.c: make this build without krb5
199
2002001-11-30  Johan Danielsson  <joda@pdc.kth.se>
201
202	* rshd.c: make the syslog messages somewhat more informative
203
2042001-08-15  Johan Danielsson  <joda@pdc.kth.se>
205
206	* rsh.c: only complain about encryption flag when old
207	authentication is requested
208
2092001-08-07  Johan Danielsson  <joda@pdc.kth.se>
210
211	* rsh.c: don't try broken auth if rresvport failed; try to give
212	some more informative error messages
213
2142001-07-31  Johan Danielsson  <joda@pdc.kth.se>
215
216	* rshd.8: add an EXAMPLE
217	* rshd.8: manual page
218	* rshd.c: add some compat flags
219	* rsh.1: manual page
220	* rsh.c: iff -d, set the SO_DEBUG flags of the stdout and stderr
221	socket; implement parsing user@host
222
2232001-07-19  Assar Westerlund  <assar@sics.se>
224
225	* rshd.c (fatal): use vsnprintf correctly
226
2272001-02-07  Assar Westerlund  <assar@sics.se>
228
229	* Makefile.am: add login_access
230	* rshd.c (login_access): add prototype
231	(syslog_and_die, fatal): add printf attributes
232	(*): AIX -> _AIX
233	(doit): use login_access
234	based on patches from Ake Sandgren <ake@cs.umu.se>
235
2362001-01-09  Assar Westerlund  <assar@sics.se>
237
238	* rshd.c (save_krb5_creds): use krb5_rd_cred2 instead of
239	krb5_rd_cred
240
2412000-12-31  Assar Westerlund  <assar@sics.se>
242
243	* rshd.c (main): handle krb5_init_context failure consistently
244	* rsh.c (main): handle krb5_init_context failure consistently
245
2462000-12-05  Johan Danielsson  <joda@pdc.kth.se>
247
248	* rshd.c: require encryption if passed -x
249
2502000-11-15  Assar Westerlund  <assar@sics.se>
251
252	* rshd.c (loop): check that the fd's aren't too large to select on
253	* rsh.c (loop, proto): check that the fd's aren't too large to
254	select on
255
2562000-08-10  Assar Westerlund  <assar@sics.se>
257
258	* rsh.c: move code to do config/command parsing correctly.
259
2602000-08-09  Assar Westerlund  <assar@sics.se>
261
262	* rsh.c (main): only fetch stuff from krb5.conf when no option has
263	been given
264
2652000-08-01  Assar Westerlund  <assar@sics.se>
266
267	* rsh.c (doit): loop until we create an error socket of an
268	supported socket family
269
2702000-07-02  Assar Westerlund  <assar@sics.se>
271
272	* rshd.c: DCE stuff from Ake Sandgren <ake@cs.umu.se>
273	do not call syslog with a variable as format string
274
275	* rsh_locl.h (_PATH_ETC_ENVIRONMENT): add
276
2772000-06-09  Assar Westerlund  <assar@sics.se>
278
279	* rsh.c (main): work-around for setuid and capabilities bug fixed
280	in Linux 2.2.16
281
2822000-06-06  Johan Danielsson  <joda@pdc.kth.se>
283
284	* rsh.c: nuke long option from -z
285
286	* rsh.c: don't try to encrypt if auth is broken (Daniel Kouril)
287
2882000-06-03  Assar Westerlund  <assar@sics.se>
289
290	* rshd.c (doit): check return value of getspnam.  From
291	<haba@pdc.kth.se>
292
2932000-05-23  Assar Westerlund  <assar@sics.se>
294
295	* rsh.c (proto): select on the normal socket when waiting for the
296	daemon to connect back to the stderr port, so that we discover
297	when data arrives there before.  when that happens, we assume that
298	the daemon did not manage to connect (because of NAT/whatever) and
299	continue as if `-e' was given
300	* rshd.c (doit): if we fail to connect back to the stderr port,
301	act as if `-e' was given on the client side, i.e. without the
302	special TCP-connection.  This tries to make things better when
303	running the head against a NAT wall, for example.
304
3052000-02-07  Assar Westerlund  <assar@sics.se>
306
307	* Makefile.am (LDADD): make sure we use the heimdal libdes
308
3092000-02-06  Assar Westerlund  <assar@sics.se>
310
311	* *: conditionalize des stuff on KRB4
312
3131999-12-16  Assar Westerlund  <assar@sics.se>
314
315	* rsh.c (doit): addrinfo returned from getaddrinfo() is not usable
316	directly as hints.  copy it and set AI_PASSIVE.
317
3181999-11-20  Assar Westerlund  <assar@sics.se>
319
320	* rsh.c (main): remember to close the priviledged sockets before
321 	calling rlogin
322
3231999-11-02  Assar Westerlund  <assar@sics.se>
324
325	* rsh.c (main): redo the v4/v5 selection for consistency.  -4 ->
326 	try only v4 -5 -> try only v5 none, -45 -> try v5, v4
327
3281999-10-26  Assar Westerlund  <assar@sics.se>
329
330	* rshd.c (main): ignore SIGPIPE
331
332	* common.c (do_read): the encoded length can be longer than the
333 	buffer being used, allocate memory for it dynamically.  From Brian
334 	A May <bmay@dgs.monash.edu.au>
335
3361999-10-14  Assar Westerlund  <assar@sics.se>
337
338	* rsh.c (proto): be more careful and don't print errno when read()
339 	returns 0
340
3411999-09-20  Assar Westerlund  <assar@sics.se>
342
343	* rshd.c (recv_krb4_auth): set `iv'
344
3451999-08-16  Assar Westerlund  <assar@sics.se>
346
347	* common.c (do_read): be careful with the return value from
348 	krb5_net_read
349
3501999-08-05  Assar Westerlund  <assar@sics.se>
351
352	* rsh.c: call freehostent
353
354	* rsh.c: remove some dead code
355
3561999-08-04  Assar Westerlund  <assar@sics.se>
357
358	* rshd.c: re-write the handling of forwarded credentials and
359 	stuff.  From Miroslav Ruda <ruda@ics.muni.cz>
360
361	* rsh_locl.h: always include kafs.h
362
363	* rsh.c: add `-z' and `-G' options
364
365	* rsh.c (loop): shutdown one side of the TCP connection on EOF.
366  	From Brian A May <bmay@dgs.monash.edu.au>
367
368	* common.c (do_read): handle EOF.  From Brian A May
369 	<bmay@dgs.monash.edu.au>
370
3711999-08-01  Assar Westerlund  <assar@sics.se>
372
373	* rsh.c: const fixes
374
3751999-07-29  Assar Westerlund  <assar@sics.se>
376
377	* rshd.c: v6-ify
378
379	* rsh.c: v6-ify
380
3811999-07-28  Assar Westerlund  <assar@sics.se>
382
383	* rsh_locl.h: move around kafs.h
384
3851999-07-24  Assar Westerlund  <assar@sics.se>
386
387	* rsh_locl.h: <shadow.h>
388
389	* rsh.c, rshd.c: improve forwarding and implement unique ccache on
390 	server.  From Miroslav Ruda <ruda@ics.muni.cz>
391
3921999-07-03  Assar Westerlund  <assar@sics.se>
393
394	* rsh.c (construct_command): handle argc == 0 for generality
395
3961999-06-23  Assar Westerlund  <assar@sics.se>
397
398	* rsh.c: new option `-e' for not trying to open an stderr socket
399
4001999-06-17  Assar Westerlund  <assar@sics.se>
401
402	* rsh_locl.h (RSH_BUFSIZ): bump to 16 * 1024 to be sure that we
403 	don't leave any data inside des_enc_read.  (that constant should
404 	really be exported in some way...)
405
4061999-06-15  Assar Westerlund  <assar@sics.se>
407
408	* rsh.c: use get_default_username and resulting const pollution
409
4101999-05-21  Assar Westerlund  <assar@sics.se>
411
412	* rsh.c (main): try $USERNAME
413
4141999-05-14  Assar Westerlund  <assar@sics.se>
415
416	* rshd.c (doit): afslog correctly
417
4181999-05-11  Assar Westerlund  <assar@sics.se>
419
420	* rsh.c (main): add fallback to rlogin
421
4221999-05-10  Assar Westerlund  <assar@sics.se>
423
424	* rsh.c (send_krb5_auth): call krb5_sendauth with ccache == NULL.
425	check return value from krb5_crypto_init
426
427	* common.c (do_write, do_read): always return -1 for failure
428	(net_write, net_read): remove.  they already exist in libroken
429
4301999-05-09  Assar Westerlund  <assar@sics.se>
431
432	* rsh.c: make sure it tries with all other authentication methods
433	after one has failed
434	* rsh.c (main): detect the case of no command given.
435
4361999-04-11  Assar Westerlund  <assar@sics.se>
437
438	* rsh.c: new option --forwardable. use print_version
439
440Sat Apr 10 17:10:55 1999  Assar Westerlund  <assar@sics.se>
441
442	* rshd.c (setup_copier): use `socketpair' instead of `pipe'.  Some
443 	shells don't think it's a rsh session if they find a pipe at the
444 	other end.
445	(setup_environment): add SSH_CLIENT just to make bash happy
446
447	* common.c (do_read): use krb5_get_wrapped_length
448
449Wed Mar 24 03:59:42 1999  Assar Westerlund  <assar@sics.se>
450
451	* rsh.c (loop): more braces to make gcc happy
452
453Tue Mar 23 17:08:32 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
454
455	* rsh_locl.h: kafs.h
456
457	* rshd.c: add `-P', `-v', and `-L' flags
458
459Thu Mar 18 11:37:24 1999  Johan Danielsson  <joda@hella.pdc.kth.se>
460
461	* Makefile.am: include Makefile.am.common
462
463Tue Dec  1 14:44:44 1998  Johan Danielsson  <joda@hella.pdc.kth.se>
464
465	* appl/rsh/rshd.c: update to new crypto framework
466
467	* appl/rsh/rsh_locl.h: update to new crypto framework
468
469	* appl/rsh/rsh.c: update to new crypto framework
470
471	* appl/rsh/common.c: update to new crypto framework
472
473Mon Nov  2 01:15:06 1998  Assar Westerlund  <assar@sics.se>
474
475	* appl/rsh/rsh.c (main): initialize host
476
477	* appl/rsh/rshd.c (recv_krb5_auth): disable `do_encrypt' if not
478 	encrypting.
479
480Thu Jul 30 23:12:17 1998  Assar Westerlund  <assar@sics.se>
481
482	* appl/rsh/rsh.c: kludges for parsing `rsh hostname -l user'
483
484Thu Jul 23 19:49:03 1998  Johan Danielsson  <joda@emma.pdc.kth.se>
485
486	* appl/rsh/rshd.c: use krb5_verify_authenticator_checksum
487
488Sat Apr 18 21:13:06 1998  Johan Danielsson  <joda@emma.pdc.kth.se>
489
490	* appl/rsh/rsh.c: Don't try v5 if (only) `-4' is specified.
491
492Sun Dec 21 09:44:05 1997  Assar Westerlund  <assar@sics.se>
493
494	* appl/rsh/rshd.c (recv_krb5_auth): swap the order of the
495 	`local_user' and the `remote_user'
496
497	* appl/rsh/rsh.c (send_krb5_auth): swap the order of the
498 	`local_user' and the `remote_user'
499
500Sat Nov 29 07:10:11 1997  Assar Westerlund  <assar@sics.se>
501
502	* appl/rsh/rshd.c: updated to use getarg.
503	changed `struct fd_set' to `fd_set'.
504	implemented broken/BSD authentication (requires iruserok)
505
506Wed Nov 12 02:35:57 1997  Assar Westerlund  <assar@sics.se>
507
508	* appl/rsh/rsh_locl.h: add AUTH_BROKEN and PATH_RSH
509
510	* appl/rsh/Makefile.am: set BINDIR
511
512	* appl/rsh/rsh.c: implemented BSD-style reserved port
513 	`authentication'
514
515Sun Aug 24 08:06:54 1997  Assar Westerlund  <assar@sics.se>
516
517	* appl/rsh/rshd.c: syslog remote shells
518
519Tue Aug 12 01:29:46 1997  Assar Westerlund  <assar@sics.se>
520
521	* appl/rshd/rshd.c: Use `krb5_sock_to_principal'.  Send server
522 	parameter to krb5_rd_req/krb5_recvauth.  Set addresses in
523 	auth_context.
524
525Fri Jul 25 17:32:12 1997  Assar Westerlund  <assar@sics.se>
526
527	* appl/rsh/rshd.c: implement forwarding
528
529	* appl/rsh/rsh.c: Use getarg.  Implement forwarding.
530
531Sun Jul 13 00:32:16 1997  Assar Westerlund  <assar@sics.se>
532
533	* appl/rsh: Conditionalize the krb4-support.
534
535Wed Jul  9 06:58:00 1997  Assar Westerlund  <assar@sics.se>
536
537	* appl/rsh/rsh.c: use the correct user for the checksum
538
539Mon Jul  7 11:15:51 1997  Assar Westerlund  <assar@sics.se>
540
541	* appl/rsh/rshd.c: Now works.  Also implementd encryption and
542 	`-p'.
543
544	* appl/rsh/common.c: new file
545
546Mon Jun 30 06:08:14 1997  Assar Westerlund  <assar@sics.se>
547
548	* appl/rsh: New program.
549
550