Date: Tue, 10 Nov 1998 17:29:10 -0800 (PST) From: Cy Schubert <cschuber@uumail.gov.bc.ca> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: bin/8646: Implement rlogind -a option Message-ID: <199811110129.RAA20476@passer.osg.gov.bc.ca>
index | next in thread | raw e-mail
>Number: 8646
>Category: bin
>Synopsis: Implement rlogind -a option
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue Nov 10 17:30:01 PST 1998
>Last-Modified:
>Originator: Cy Schubert
>Organization:
ITSD, Province of British Columbia
>Release: FreeBSD 2.2.7-RELEASE i386
>Environment:
FreeBSD passer.osg.gov.bc.ca 2.2.7-RELEASE FreeBSD 2.2.7-RELEASE #0: Sat Oct 31 09:54:11 PST 1998 root@passer.osg.gov.bc.ca:/opt/usr_src-227/src/sys/compile/PASSER i386
>Description:
Implement rshd's -a option in rlogind. Hopefully this will
provide a little better security.
>How-To-Repeat:
N/A
>Fix:
--- /usr/src/libexec/rlogind/rlogind.c Sun Jul 19 03:57:45 1998
+++ /tmp/libexec/rlogind/rlogind.c Tue Nov 10 17:26:38 1998
@@ -215,6 +215,8 @@
int authenticated = 0;
register struct hostent *hp;
char hostname[2 * MAXHOSTNAMELEN + 1];
+ char remotehost[2 * MAXHOSTNAMELEN + 1];
+ char *errorstr = NULL;
char c;
alarm(60);
@@ -229,14 +231,58 @@
alarm(0);
fromp->sin_port = ntohs((u_short)fromp->sin_port);
+ errorstr = NULL;
hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof(struct in_addr),
fromp->sin_family);
if (hp) {
(void)strncpy(hostname, hp->h_name, sizeof(hostname));
+ (void)strncpy(hostname, hp->h_name, sizeof(hostname) - 1);
+ hostname[sizeof(hostname) - 1] = 0;
+#ifdef KERBEROS
+ if (!use_kerberos)
+#endif
+ if (check_all || local_domain(hp->h_name)) {
+ strncpy(remotehost, hp->h_name, sizeof(remotehost) - 1);
+ remotehost[sizeof(remotehost) - 1] = 0;
+ hp = gethostbyname(remotehost);
+ if (hp == NULL) {
+ syslog(LOG_INFO,
+ "couldn't look up address for %s",
+ remotehost);
+ errorstr =
+ "Couldn't look up address for your host (%s)\n";
+ strncpy(hostname, inet_ntoa(fromp->sin_addr),
+ sizeof(hostname) - 1);
+ hostname[sizeof(hostname) - 1] = 0;
+ } else for (; ; hp->h_addr_list++) {
+ if (hp->h_addr_list[0] == NULL) {
+ syslog(LOG_NOTICE,
+ "host addr %s not listed for host %s",
+ inet_ntoa(fromp->sin_addr),
+ hp->h_name);
+ errorstr =
+ "Host address mismatch for %s\n";
+ strncpy(hostname, inet_ntoa(fromp->sin_addr),
+ sizeof(hostname) - 1);
+ hostname[sizeof(hostname) - 1] = 0;
+ break;
+ }
+ if (!bcmp(hp->h_addr_list[0],
+ (caddr_t)&fromp->sin_addr,
+ sizeof(fromp->sin_addr))) {
+ (void)strncpy(hostname, remotehost, sizeof(hostname) - 1);
+ hostname[sizeof(hostname) - 1] = 0;
+ break;
+ }
+ }
+ if (errorstr)
+ fatal(f,errorstr,0);
+ }
} else {
- (void)strncpy(hostname, inet_ntoa(fromp->sin_addr), sizeof(hostname));
+ (void)strncpy(hostname, inet_ntoa(fromp->sin_addr),
+ sizeof(hostname) - 1);
+ hostname[sizeof(hostname) - 1] = 0;
}
- hostname[sizeof(hostname) - 1] = '\0';
#ifdef KERBEROS
if (use_kerberos) {
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811110129.RAA20476>