Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| cde08e422d | |||
| 2df2c35bad | |||
| 9b7d786b6f | |||
| ca046af5d9 | |||
| df59088641 | |||
| b620b5d0d1 | |||
| 29dbcfbabd | |||
| 0217516349 |
+3
-10
@@ -1,12 +1,12 @@
|
|||||||
dnl Process this file with autoconf to produce a configure script.
|
dnl Process this file with autoconf to produce a configure script.
|
||||||
AC_PREREQ([2.69])
|
AC_PREREQ([2.69])
|
||||||
m4_define([libsubid_abi_major], 4)
|
m4_define([libsubid_abi_major], 5)
|
||||||
m4_define([libsubid_abi_minor], 0)
|
m4_define([libsubid_abi_minor], 0)
|
||||||
m4_define([libsubid_abi_micro], 0)
|
m4_define([libsubid_abi_micro], 0)
|
||||||
m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
|
m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
|
||||||
AC_INIT([shadow], [4.15.1], [pkg-shadow-devel@lists.alioth.debian.org], [],
|
AC_INIT([shadow], [4.16.0], [pkg-shadow-devel@lists.alioth.debian.org], [],
|
||||||
[https://github.com/shadow-maint/shadow])
|
[https://github.com/shadow-maint/shadow])
|
||||||
AM_INIT_AUTOMAKE([1.11 foreign dist-xz subdir-objects])
|
AM_INIT_AUTOMAKE([1.11 foreign dist-xz subdir-objects tar-pax])
|
||||||
AC_CONFIG_MACRO_DIRS([m4])
|
AC_CONFIG_MACRO_DIRS([m4])
|
||||||
AM_SILENT_RULES([yes])
|
AM_SILENT_RULES([yes])
|
||||||
AC_CONFIG_HEADERS([config.h])
|
AC_CONFIG_HEADERS([config.h])
|
||||||
@@ -159,13 +159,6 @@ fi])
|
|||||||
AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
|
AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
|
||||||
[Path to passwd program.])
|
[Path to passwd program.])
|
||||||
|
|
||||||
dnl XXX - quick hack, should disappear before anyone notices :).
|
|
||||||
dnl XXX - I just read the above message :).
|
|
||||||
if test "$ac_cv_func_ruserok" = "yes"; then
|
|
||||||
AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
|
|
||||||
AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
|
|
||||||
fi
|
|
||||||
|
|
||||||
AC_ARG_ENABLE(shadowgrp,
|
AC_ARG_ENABLE(shadowgrp,
|
||||||
[AS_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
|
[AS_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
|
||||||
[case "${enableval}" in
|
[case "${enableval}" in
|
||||||
|
|||||||
@@ -119,7 +119,6 @@ libshadow_la_SOURCES = \
|
|||||||
pwdcheck.c \
|
pwdcheck.c \
|
||||||
pwmem.c \
|
pwmem.c \
|
||||||
remove_tree.c \
|
remove_tree.c \
|
||||||
rlogin.c \
|
|
||||||
root_flag.c \
|
root_flag.c \
|
||||||
run_part.h \
|
run_part.h \
|
||||||
run_part.c \
|
run_part.c \
|
||||||
|
|||||||
@@ -131,6 +131,11 @@ void nss_init(const char *nsswitch_path) {
|
|||||||
fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
|
fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
|
||||||
goto close_lib;
|
goto close_lib;
|
||||||
}
|
}
|
||||||
|
subid_nss->free = dlsym(h, "shadow_subid_free");
|
||||||
|
if (!subid_nss->free) {
|
||||||
|
fprintf(shadow_logfd, "%s did not provide @subid_free@\n", libname);
|
||||||
|
goto close_lib;
|
||||||
|
}
|
||||||
subid_nss->handle = h;
|
subid_nss->handle = h;
|
||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
|
|||||||
+13
-4
@@ -284,6 +284,19 @@ struct subid_nss_ops {
|
|||||||
*/
|
*/
|
||||||
enum subid_status (*find_subid_owners)(unsigned long id, enum subid_type id_type, uid_t **uids, int *count);
|
enum subid_status (*find_subid_owners)(unsigned long id, enum subid_type id_type, uid_t **uids, int *count);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* nss_free: free a memory block allocated by a subid plugin.
|
||||||
|
*
|
||||||
|
* @ptr - a pointer to a memory block to deallocate
|
||||||
|
*
|
||||||
|
* Some routines of subid_nss_ops allocate memory which should be freed by
|
||||||
|
* caller after use. In order to deallocate that memory block, one should
|
||||||
|
* use this routine to release that memory. By default, this function
|
||||||
|
* pointer is set to free(3) for backward compatibility. However, it is
|
||||||
|
* strongly recommended to define this routine explicitly.
|
||||||
|
*/
|
||||||
|
void (*free)(void *ptr);
|
||||||
|
|
||||||
/* The dlsym handle to close */
|
/* The dlsym handle to close */
|
||||||
void *handle;
|
void *handle;
|
||||||
};
|
};
|
||||||
@@ -356,10 +369,6 @@ unsigned long csrand_interval (unsigned long min, unsigned long max);
|
|||||||
/* remove_tree.c */
|
/* remove_tree.c */
|
||||||
extern int remove_tree (const char *root, bool remove_root);
|
extern int remove_tree (const char *root, bool remove_root);
|
||||||
|
|
||||||
/* rlogin.c */
|
|
||||||
extern int do_rlogin(const char *remote_host, char *name, size_t namesize,
|
|
||||||
char *term, size_t termsize);
|
|
||||||
|
|
||||||
/* root_flag.c */
|
/* root_flag.c */
|
||||||
extern void process_root_flag (const char* short_opt, int argc, char **argv);
|
extern void process_root_flag (const char* short_opt, int argc, char **argv);
|
||||||
|
|
||||||
|
|||||||
-135
@@ -1,135 +0,0 @@
|
|||||||
/*
|
|
||||||
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
|
||||||
* SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz
|
|
||||||
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
|
||||||
* SPDX-FileCopyrightText: 2007 - 2008, Nicolas François
|
|
||||||
*
|
|
||||||
* SPDX-License-Identifier: BSD-3-Clause
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include <config.h>
|
|
||||||
|
|
||||||
#ifdef RLOGIN
|
|
||||||
|
|
||||||
#ident "$Id$"
|
|
||||||
|
|
||||||
#include "prototypes.h"
|
|
||||||
#include "defines.h"
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <pwd.h>
|
|
||||||
#include <netdb.h>
|
|
||||||
|
|
||||||
#include "atoi/str2i.h"
|
|
||||||
|
|
||||||
|
|
||||||
static struct {
|
|
||||||
int spd_name;
|
|
||||||
int spd_baud;
|
|
||||||
} speed_table[] =
|
|
||||||
{
|
|
||||||
{ B50, 50},
|
|
||||||
{ B75, 75},
|
|
||||||
{ B110, 110},
|
|
||||||
{ B134, 134},
|
|
||||||
{ B150, 150},
|
|
||||||
{ B200, 200},
|
|
||||||
{ B300, 300},
|
|
||||||
{ B600, 600},
|
|
||||||
{ B1200, 1200},
|
|
||||||
{ B1800, 1800},
|
|
||||||
{ B2400, 2400},
|
|
||||||
{ B4800, 4800},
|
|
||||||
{ B9600, 9600},
|
|
||||||
{ B19200, 19200},
|
|
||||||
{ B38400, 38400},
|
|
||||||
{ -1, -1}
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
static void
|
|
||||||
get_remote_string(char *buf, size_t size)
|
|
||||||
{
|
|
||||||
for (;;) {
|
|
||||||
if (read (0, buf, 1) != 1) {
|
|
||||||
exit (EXIT_FAILURE);
|
|
||||||
}
|
|
||||||
if ('\0' == *buf) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
--size;
|
|
||||||
if (size > 0) {
|
|
||||||
++buf;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
/*NOTREACHED*/
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
int
|
|
||||||
do_rlogin(const char *remote_host, char *name, size_t namesize, char *term,
|
|
||||||
size_t termsize)
|
|
||||||
{
|
|
||||||
struct passwd *pwd;
|
|
||||||
char remote_name[32];
|
|
||||||
char *cp;
|
|
||||||
unsigned long remote_speed = 9600;
|
|
||||||
int speed_name = B9600;
|
|
||||||
int i;
|
|
||||||
TERMIO termio;
|
|
||||||
|
|
||||||
get_remote_string(remote_name, sizeof(remote_name));
|
|
||||||
get_remote_string(name, namesize);
|
|
||||||
get_remote_string(term, termsize);
|
|
||||||
|
|
||||||
cp = strchr (term, '/');
|
|
||||||
if (NULL != cp) {
|
|
||||||
*cp = '\0';
|
|
||||||
cp++;
|
|
||||||
|
|
||||||
if (str2ul(&remote_speed, cp) == -1)
|
|
||||||
remote_speed = 9600;
|
|
||||||
}
|
|
||||||
for (i = 0;
|
|
||||||
( (speed_table[i].spd_baud != remote_speed)
|
|
||||||
&& (speed_table[i].spd_name != -1));
|
|
||||||
i++);
|
|
||||||
|
|
||||||
if (-1 != speed_table[i].spd_name) {
|
|
||||||
speed_name = speed_table[i].spd_name;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Put the terminal in cooked mode with echo turned on.
|
|
||||||
*/
|
|
||||||
|
|
||||||
GTTY (0, &termio);
|
|
||||||
termio.c_iflag |= ICRNL | IXON;
|
|
||||||
termio.c_oflag |= OPOST | ONLCR;
|
|
||||||
termio.c_lflag |= ICANON | ECHO | ECHOE;
|
|
||||||
#ifdef CBAUD
|
|
||||||
termio.c_cflag = (termio.c_cflag & ~CBAUD) | speed_name;
|
|
||||||
#else
|
|
||||||
termio.c_cflag = (termio.c_cflag) | speed_name;
|
|
||||||
#endif
|
|
||||||
STTY (0, &termio);
|
|
||||||
|
|
||||||
pwd = getpwnam (name); /* local, no need for xgetpwnam */
|
|
||||||
if (NULL == pwd) {
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* ruserok() returns 0 for success on modern systems, and 1 on
|
|
||||||
* older ones. If you are having trouble with people logging
|
|
||||||
* in without giving a required password, THIS is the culprit -
|
|
||||||
* go fix the #define in config.h.
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifndef RUSEROK
|
|
||||||
return 0;
|
|
||||||
#else
|
|
||||||
return ruserok (remote_host, pwd->pw_uid == 0,
|
|
||||||
remote_name, name) == RUSEROK;
|
|
||||||
#endif
|
|
||||||
}
|
|
||||||
#endif /* RLOGIN */
|
|
||||||
@@ -1117,6 +1117,16 @@ bool release_subid_range(struct subordinate_range *range, enum subid_type id_typ
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void free_subid_pointer(void *ptr)
|
||||||
|
{
|
||||||
|
struct subid_nss_ops *h = get_subid_nss_handle();
|
||||||
|
if (h) {
|
||||||
|
h->free(ptr);
|
||||||
|
} else {
|
||||||
|
free(ptr);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#else /* !ENABLE_SUBIDS */
|
#else /* !ENABLE_SUBIDS */
|
||||||
extern int ISO_C_forbids_an_empty_translation_unit;
|
extern int ISO_C_forbids_an_empty_translation_unit;
|
||||||
#endif /* !ENABLE_SUBIDS */
|
#endif /* !ENABLE_SUBIDS */
|
||||||
|
|||||||
@@ -43,6 +43,9 @@ extern int sub_gid_unlock (void);
|
|||||||
extern int sub_gid_add (const char *owner, gid_t start, unsigned long count);
|
extern int sub_gid_add (const char *owner, gid_t start, unsigned long count);
|
||||||
extern int sub_gid_remove (const char *owner, gid_t start, unsigned long count);
|
extern int sub_gid_remove (const char *owner, gid_t start, unsigned long count);
|
||||||
extern uid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count);
|
extern uid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count);
|
||||||
|
|
||||||
|
extern void free_subid_pointer(void *ptr);
|
||||||
|
|
||||||
#endif /* ENABLE_SUBIDS */
|
#endif /* ENABLE_SUBIDS */
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@@ -42,6 +42,11 @@ bool subid_init(const char *progname, FILE * logfd)
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void subid_free(void *ptr)
|
||||||
|
{
|
||||||
|
free_subid_pointer(ptr);
|
||||||
|
}
|
||||||
|
|
||||||
static
|
static
|
||||||
int get_subid_ranges(const char *owner, enum subid_type id_type, struct subid_range **ranges)
|
int get_subid_ranges(const char *owner, enum subid_type id_type, struct subid_range **ranges)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -55,6 +55,19 @@ extern "C" {
|
|||||||
*/
|
*/
|
||||||
bool subid_init(const char *progname, FILE *logfd);
|
bool subid_init(const char *progname, FILE *logfd);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* subid_free: free memory allocated in any subid_* function
|
||||||
|
*
|
||||||
|
* @ptr: Pointer to a memory block to release.
|
||||||
|
*
|
||||||
|
* Some functions like @subid_get_uid_ranges allocate memory internally. As
|
||||||
|
* soon as a result is no longer needed, it should be freed with this routine.
|
||||||
|
* Initially, default function `free()` was used. Thus for backward
|
||||||
|
* compatibility this function falls back to `free()` if a plugin does not
|
||||||
|
* explicitly specify routine to free allocated memory.
|
||||||
|
*/
|
||||||
|
void subid_free(void *ptr);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* subid_get_uid_ranges: return a list of UID ranges for a user
|
* subid_get_uid_ranges: return a list of UID ranges for a user
|
||||||
*
|
*
|
||||||
|
|||||||
@@ -215,14 +215,6 @@
|
|||||||
<para>Preserve environment.</para>
|
<para>Preserve environment.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
|
||||||
<term>
|
|
||||||
<option>-r</option>
|
|
||||||
</term>
|
|
||||||
<listitem>
|
|
||||||
<para>Perform autologin protocol for rlogin.</para>
|
|
||||||
</listitem>
|
|
||||||
</varlistentry>
|
|
||||||
</variablelist>
|
</variablelist>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
|
|||||||
@@ -53,7 +53,6 @@ lib/pwdcheck.c
|
|||||||
lib/pwio.c
|
lib/pwio.c
|
||||||
lib/pwmem.c
|
lib/pwmem.c
|
||||||
lib/remove_tree.c
|
lib/remove_tree.c
|
||||||
lib/rlogin.c
|
|
||||||
lib/root_flag.c
|
lib/root_flag.c
|
||||||
lib/salt.c
|
lib/salt.c
|
||||||
lib/selinux.c
|
lib/selinux.c
|
||||||
|
|||||||
+1
-1
@@ -44,6 +44,6 @@ int main(int argc, char *argv[])
|
|||||||
printf("%d: %s %lu %lu\n", i, owner,
|
printf("%d: %s %lu %lu\n", i, owner,
|
||||||
ranges[i].start, ranges[i].count);
|
ranges[i].start, ranges[i].count);
|
||||||
}
|
}
|
||||||
free(ranges);
|
subid_free(ranges);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
+12
-71
@@ -85,11 +85,6 @@ static struct lastlog ll;
|
|||||||
static bool pflg = false;
|
static bool pflg = false;
|
||||||
static bool fflg = false;
|
static bool fflg = false;
|
||||||
|
|
||||||
#ifdef RLOGIN
|
|
||||||
static bool rflg = false;
|
|
||||||
#else /* RLOGIN */
|
|
||||||
#define rflg false
|
|
||||||
#endif /* !RLOGIN */
|
|
||||||
static bool hflg = false;
|
static bool hflg = false;
|
||||||
static bool preauth_flag = false;
|
static bool preauth_flag = false;
|
||||||
|
|
||||||
@@ -134,7 +129,6 @@ static void exit_handler (int);
|
|||||||
* usage - print login command usage and exit
|
* usage - print login command usage and exit
|
||||||
*
|
*
|
||||||
* login [ name ]
|
* login [ name ]
|
||||||
* login -r hostname (for rlogind)
|
|
||||||
* login -h hostname (for telnetd, etc.)
|
* login -h hostname (for telnetd, etc.)
|
||||||
* login -f name (for pre-authenticated login: datakit, xterm, etc.)
|
* login -f name (for pre-authenticated login: datakit, xterm, etc.)
|
||||||
*/
|
*/
|
||||||
@@ -145,9 +139,6 @@ static void usage (void)
|
|||||||
exit (1);
|
exit (1);
|
||||||
}
|
}
|
||||||
fprintf (stderr, _(" %s [-p] [-h host] [-f name]\n"), Prog);
|
fprintf (stderr, _(" %s [-p] [-h host] [-f name]\n"), Prog);
|
||||||
#ifdef RLOGIN
|
|
||||||
fprintf (stderr, _(" %s [-p] -r host\n"), Prog);
|
|
||||||
#endif /* RLOGIN */
|
|
||||||
exit (1);
|
exit (1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -271,7 +262,7 @@ static void process_flags (int argc, char *const *argv)
|
|||||||
/*
|
/*
|
||||||
* Check the flags for proper form. Every argument starting with
|
* Check the flags for proper form. Every argument starting with
|
||||||
* "-" must be exactly two characters long. This closes all the
|
* "-" must be exactly two characters long. This closes all the
|
||||||
* clever rlogin, telnet, and getty holes.
|
* clever telnet, and getty holes.
|
||||||
*/
|
*/
|
||||||
for (arg = 1; arg < argc; arg++) {
|
for (arg = 1; arg < argc; arg++) {
|
||||||
if (argv[arg][0] == '-' && strlen (argv[arg]) > 2) {
|
if (argv[arg][0] == '-' && strlen (argv[arg]) > 2) {
|
||||||
@@ -298,13 +289,6 @@ static void process_flags (int argc, char *const *argv)
|
|||||||
hostname = optarg;
|
hostname = optarg;
|
||||||
reason = PW_TELNET;
|
reason = PW_TELNET;
|
||||||
break;
|
break;
|
||||||
#ifdef RLOGIN
|
|
||||||
case 'r':
|
|
||||||
rflg = true;
|
|
||||||
hostname = optarg;
|
|
||||||
reason = PW_RLOGIN;
|
|
||||||
break;
|
|
||||||
#endif /* RLOGIN */
|
|
||||||
case 'p':
|
case 'p':
|
||||||
pflg = true;
|
pflg = true;
|
||||||
break;
|
break;
|
||||||
@@ -313,21 +297,11 @@ static void process_flags (int argc, char *const *argv)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef RLOGIN
|
|
||||||
/*
|
|
||||||
* Neither -h nor -f should be combined with -r.
|
|
||||||
*/
|
|
||||||
|
|
||||||
if (rflg && (hflg || fflg)) {
|
|
||||||
usage ();
|
|
||||||
}
|
|
||||||
#endif /* RLOGIN */
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Allow authentication bypass only if real UID is zero.
|
* Allow authentication bypass only if real UID is zero.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if ((rflg || fflg || hflg) && !amroot) {
|
if ((fflg || hflg) && !amroot) {
|
||||||
fprintf (stderr, _("%s: Permission denied.\n"), Prog);
|
fprintf (stderr, _("%s: Permission denied.\n"), Prog);
|
||||||
exit (1);
|
exit (1);
|
||||||
}
|
}
|
||||||
@@ -342,11 +316,6 @@ static void process_flags (int argc, char *const *argv)
|
|||||||
++optind;
|
++optind;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef RLOGIN
|
|
||||||
if (rflg && (NULL != username)) {
|
|
||||||
usage ();
|
|
||||||
}
|
|
||||||
#endif /* RLOGIN */
|
|
||||||
if (fflg && (NULL == username)) {
|
if (fflg && (NULL == username)) {
|
||||||
usage ();
|
usage ();
|
||||||
}
|
}
|
||||||
@@ -474,7 +443,6 @@ static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *use
|
|||||||
* the flags which login supports are
|
* the flags which login supports are
|
||||||
*
|
*
|
||||||
* -p - preserve the environment
|
* -p - preserve the environment
|
||||||
* -r - perform autologin protocol for rlogin
|
|
||||||
* -f - do not perform authentication, user is preauthenticated
|
* -f - do not perform authentication, user is preauthenticated
|
||||||
* -h - the name of the remote host
|
* -h - the name of the remote host
|
||||||
*/
|
*/
|
||||||
@@ -505,9 +473,6 @@ int main (int argc, char **argv)
|
|||||||
# if defined(ENABLE_LASTLOG)
|
# if defined(ENABLE_LASTLOG)
|
||||||
char ptime[80];
|
char ptime[80];
|
||||||
# endif
|
# endif
|
||||||
#endif
|
|
||||||
#if defined(RLOGIN)
|
|
||||||
char term[128] = "";
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -559,7 +524,7 @@ int main (int argc, char **argv)
|
|||||||
is_console = console (tty);
|
is_console = console (tty);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (rflg || hflg) {
|
if (hflg) {
|
||||||
/*
|
/*
|
||||||
* Add remote hostname to the environment. I think
|
* Add remote hostname to the environment. I think
|
||||||
* (not sure) I saw it once on Irix. --marekm
|
* (not sure) I saw it once on Irix. --marekm
|
||||||
@@ -572,23 +537,6 @@ int main (int argc, char **argv)
|
|||||||
if (hflg) {
|
if (hflg) {
|
||||||
reason = PW_RLOGIN;
|
reason = PW_RLOGIN;
|
||||||
}
|
}
|
||||||
#ifdef RLOGIN
|
|
||||||
if (rflg) {
|
|
||||||
size_t max_size;
|
|
||||||
|
|
||||||
max_size = login_name_max_size();
|
|
||||||
assert (NULL == username);
|
|
||||||
username = XMALLOC(max_size, char);
|
|
||||||
username[max_size - 1] = '\0';
|
|
||||||
if (do_rlogin(hostname, username, max_size, term, sizeof(term)))
|
|
||||||
{
|
|
||||||
preauth_flag = true;
|
|
||||||
} else {
|
|
||||||
free (username);
|
|
||||||
username = NULL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#endif /* RLOGIN */
|
|
||||||
|
|
||||||
OPENLOG (Prog);
|
OPENLOG (Prog);
|
||||||
|
|
||||||
@@ -623,18 +571,11 @@ int main (int argc, char **argv)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef RLOGIN
|
/* preserve TERM from getty */
|
||||||
if (term[0] != '\0') {
|
if (!pflg) {
|
||||||
addenv ("TERM", term);
|
tmp = getenv ("TERM");
|
||||||
} else
|
if (NULL != tmp) {
|
||||||
#endif /* RLOGIN */
|
addenv ("TERM", tmp);
|
||||||
{
|
|
||||||
/* preserve TERM from getty */
|
|
||||||
if (!pflg) {
|
|
||||||
tmp = getenv ("TERM");
|
|
||||||
if (NULL != tmp) {
|
|
||||||
addenv ("TERM", tmp);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -644,7 +585,7 @@ int main (int argc, char **argv)
|
|||||||
set_env (argc - optind, &argv[optind]);
|
set_env (argc - optind, &argv[optind]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rflg || hflg) {
|
if (hflg) {
|
||||||
cp = hostname;
|
cp = hostname;
|
||||||
} else if ((host != NULL) && (host[0] != '\0')) {
|
} else if ((host != NULL) && (host[0] != '\0')) {
|
||||||
cp = host;
|
cp = host;
|
||||||
@@ -954,7 +895,7 @@ int main (int argc, char **argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The -r and -f flags provide a name which has already
|
* The -f flag provides a name which has already
|
||||||
* been authenticated by some server.
|
* been authenticated by some server.
|
||||||
*/
|
*/
|
||||||
if (preauth_flag) {
|
if (preauth_flag) {
|
||||||
@@ -1043,8 +984,8 @@ int main (int argc, char **argv)
|
|||||||
|
|
||||||
(void) puts (_("Login incorrect"));
|
(void) puts (_("Login incorrect"));
|
||||||
|
|
||||||
/* allow only one attempt with -r or -f */
|
/* allow only one attempt with -f */
|
||||||
if (rflg || fflg || (retries <= 0)) {
|
if (fflg || (retries <= 0)) {
|
||||||
closelog ();
|
closelog ();
|
||||||
exit (1);
|
exit (1);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,61 +0,0 @@
|
|||||||
#!/usr/bin/expect -f
|
|
||||||
|
|
||||||
# This is a script for repeatedly logging into the localhost
|
|
||||||
# using `rlogin` in order to apparently see a symptoms described
|
|
||||||
# in bug #332198.
|
|
||||||
# As described in the bug log, sometimes `rlogind` will fail to
|
|
||||||
# establish a connection, because it starts "login" process and
|
|
||||||
# the latter fails with "unable to determine TTY name, got /dev/pts/1"
|
|
||||||
# message.
|
|
||||||
#
|
|
||||||
# BUGS
|
|
||||||
#
|
|
||||||
# * the script rlogins to localhost
|
|
||||||
# * the script doesn't handle passwdord prompt, because it's intended
|
|
||||||
# to use .rhosts auth and expects shell prompt immediately after
|
|
||||||
# `rlogin`
|
|
||||||
# * the regexp for shell prompt is hardcoded
|
|
||||||
|
|
||||||
log_user 0
|
|
||||||
match_max 8192
|
|
||||||
|
|
||||||
while {1} {
|
|
||||||
set rlogin_spawn [spawn rlogin localhost]
|
|
||||||
if { $rlogin_spawn == 0 } { exit 1 }
|
|
||||||
expect {
|
|
||||||
-timeout 10 -re "^.*(Last login\[^\r\n\]*).*\n(\[^\r\n\]*\[#$\] )$" {
|
|
||||||
send_error "$expect_out(1,string)\n"
|
|
||||||
send_error "$expect_out(2,string)\n"
|
|
||||||
# send_error "$expect_out(0,string)\n"
|
|
||||||
}
|
|
||||||
timeout {
|
|
||||||
send_error "TIMEOUT/prompt\n"
|
|
||||||
send_error "$expect_out(buffer)\n"
|
|
||||||
send_error "RETRYING\n"
|
|
||||||
log_user 1
|
|
||||||
send "tty /\r"
|
|
||||||
expect -timeout 2 -re "^.*\r?\n(\[^\r\n\]*# )$" {}
|
|
||||||
send "tty /\r"
|
|
||||||
expect -timeout 2 -re "^.*\r?\n(\[^\r\n\]*# )$" {}
|
|
||||||
send_error "\n"
|
|
||||||
exit 2
|
|
||||||
}
|
|
||||||
}
|
|
||||||
send "tty\r"
|
|
||||||
expect {
|
|
||||||
-timeout 4 -re "tty\r?\n(\[^\r\n\]*)\r?\n(\[^\r\n\]*\[#$\] )$" {
|
|
||||||
send_error "$expect_out(2,string)$expect_out(1,string)\n"
|
|
||||||
# send_error "$expect_out(0,string)\n"
|
|
||||||
}
|
|
||||||
timeout { send_error "TIMEOUT/tty\n" ; exit 3 }
|
|
||||||
}
|
|
||||||
send "exit\r"
|
|
||||||
expect {
|
|
||||||
-timeout 2 eof {
|
|
||||||
# send_error "OK4: EOF\n"
|
|
||||||
}
|
|
||||||
timeout { send_error "TIMEOUT/eof\n" ; exit 4 }
|
|
||||||
}
|
|
||||||
wait
|
|
||||||
}
|
|
||||||
# vi: set sw=4:
|
|
||||||
@@ -138,3 +138,8 @@ enum subid_status shadow_subid_list_owner_ranges(const char *owner, enum subid_t
|
|||||||
|
|
||||||
return SUBID_STATUS_SUCCESS;
|
return SUBID_STATUS_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void shadow_subid_free(void *ptr)
|
||||||
|
{
|
||||||
|
free(ptr);
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user