From owner-freebsd-stable@FreeBSD.ORG Wed Apr 23 23:42:21 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC7F537B401 for ; Wed, 23 Apr 2003 23:42:21 -0700 (PDT) Received: from kientzle.com (h-66-166-149-50.SNVACAID.covad.net [66.166.149.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id D3BE743FDD for ; Wed, 23 Apr 2003 23:42:20 -0700 (PDT) (envelope-from kientzle@acm.org) Received: from acm.org (ugly.x.kientzle.com [66.166.149.51]) by kientzle.com (8.11.3/8.11.3) with ESMTP id h3O6gKv36632 for ; Wed, 23 Apr 2003 23:42:20 -0700 (PDT) (envelope-from kientzle@acm.org) Message-ID: <3EA78791.6030009@acm.org> Date: Wed, 23 Apr 2003 23:43:29 -0700 From: Tim Kientzle User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.6) Gecko/20011206 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-stable@freebsd.org Content-Type: multipart/mixed; boundary="------------030805080106090203000104" Subject: Kerberized Telnet Badly Broken (Patch enclosed) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: kientzle@acm.org List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Apr 2003 06:42:22 -0000 This is a multi-part message in MIME format. --------------030805080106090203000104 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Ugh. With MAKE_KERBEROS5=yes, on a recent STABLE, I get the following trying to use Kerberized telnet: # telnet -l test big.x.kientzle.com Trying 66.166.149.54... Connected to big.x.kientzle.com. Escape character is '^]'. [ Trying mutual KERBEROS5 (host/big.x.kientzle.com@X.KIENTZLE.COM)... ] Bus error (core dumped) Fortunately, it's pretty easy to track down: (gdb) up #2 0x804a79d in net_write (str=0x4
, len=-1077940804) at /usr/src/stable/kerberos5/usr.bin/telnet/../../../crypto/telnet/telnet/authenc.c:61 61 ring_supply_data(&netoring, str, len); (gdb) up #3 0x280e1046 in send_and_recv_tcp (fd=4, tmout=3, req=0xbfbfeeac, rep=0xbfbfeea4) at /usr/src/stable/kerberos5/lib/libkrb5/../../../crypto/heimdal/lib/krb5/send_to_kdc.c:139 139 if(net_write(fd, len, sizeof(len)) < 0) Problem: libkrb5 is trying to use net_write defined in libroken, but is getting net_write from the telnet sources instead. Fix: rename net_write in the telnet sources to telnet_net_write. Patchfile attached, if someone would be kind enough to review and commit it. This seems to keep the telnet client from crashing, at least, although now telnetd is giving me fits. Tim Kientzle --------------030805080106090203000104 Content-Type: text/plain; name="kientzle_telnet_net_write.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="kientzle_telnet_net_write.diff" Index: libtelnet/auth.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/auth.c,v retrieving revision 1.3.2.5 diff -u -r1.3.2.5 auth.c --- libtelnet/auth.c 13 Apr 2002 10:59:07 -0000 1.3.2.5 +++ libtelnet/auth.c 24 Apr 2003 06:26:22 -0000 @@ -359,7 +359,7 @@ } *e++ = IAC; *e++ = SE; - net_write(str_request, e - str_request); + telnet_net_write(str_request, e - str_request); printsub('>', &str_request[2], e - str_request - 2); } } @@ -444,7 +444,7 @@ } auth_send_data += 2; } - net_write(str_none, sizeof(str_none)); + telnet_net_write(str_none, sizeof(str_none)); printsub('>', &str_none[2], sizeof(str_none) - 2); if (auth_debug_mode) printf(">>>%s: Sent failure message\r\n", Name); @@ -537,7 +537,7 @@ } *e++ = IAC; *e++ = SE; - net_write(str_request, e - str_request); + telnet_net_write(str_request, e - str_request); printsub('>', &str_request[2], e - &str_request[2]); return(1); } Index: libtelnet/enc_des.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/enc_des.c,v retrieving revision 1.3.2.1 diff -u -r1.3.2.1 enc_des.c --- libtelnet/enc_des.c 13 Apr 2002 10:59:07 -0000 1.3.2.1 +++ libtelnet/enc_des.c 24 Apr 2003 06:26:11 -0000 @@ -225,7 +225,7 @@ *p++ = IAC; *p++ = SE; printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - net_write(fbp->fb_feed, p - fbp->fb_feed); + telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); break; default: return(FAILED); @@ -284,7 +284,7 @@ *p++ = IAC; *p++ = SE; printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - net_write(fbp->fb_feed, p - fbp->fb_feed); + telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); state = fbp->state[DIR_DECRYPT-1] = IN_PROGRESS; break; @@ -309,7 +309,7 @@ *p++ = IAC; *p++ = SE; printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - net_write(fbp->fb_feed, p - fbp->fb_feed); + telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); break; } Index: libtelnet/encrypt.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/encrypt.c,v retrieving revision 1.3.2.2 diff -u -r1.3.2.2 encrypt.c --- libtelnet/encrypt.c 13 Apr 2002 10:59:07 -0000 1.3.2.2 +++ libtelnet/encrypt.c 24 Apr 2003 06:25:58 -0000 @@ -427,7 +427,7 @@ */ if (!Server && autodecrypt) encrypt_send_request_start(); - net_write(str_send, str_suplen); + telnet_net_write(str_send, str_suplen); printsub('>', &str_send[2], str_suplen - 2); str_suplen = 0; } @@ -773,7 +773,7 @@ } *strp++ = IAC; *strp++ = SE; - net_write(str_keyid, strp - str_keyid); + telnet_net_write(str_keyid, strp - str_keyid); printsub('>', &str_keyid[2], strp - str_keyid - 2); } @@ -832,7 +832,7 @@ } *p++ = IAC; *p++ = SE; - net_write(str_start, p - str_start); + telnet_net_write(str_start, p - str_start); net_encrypt(); printsub('>', &str_start[2], p - &str_start[2]); /* @@ -858,7 +858,7 @@ return; str_end[3] = ENCRYPT_END; - net_write(str_end, sizeof(str_end)); + telnet_net_write(str_end, sizeof(str_end)); net_encrypt(); printsub('>', &str_end[2], sizeof(str_end) - 2); /* @@ -886,7 +886,7 @@ } *p++ = IAC; *p++ = SE; - net_write(str_start, p - str_start); + telnet_net_write(str_start, p - str_start); printsub('>', &str_start[2], p - &str_start[2]); if (encrypt_debug_mode) printf(">>>%s: Request input to be encrypted\r\n", Name); @@ -896,7 +896,7 @@ encrypt_send_request_end(void) { str_end[3] = ENCRYPT_REQEND; - net_write(str_end, sizeof(str_end)); + telnet_net_write(str_end, sizeof(str_end)); printsub('>', &str_end[2], sizeof(str_end) - 2); if (encrypt_debug_mode) Index: libtelnet/kerberos.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/kerberos.c,v retrieving revision 1.3.2.1 diff -u -r1.3.2.1 kerberos.c --- libtelnet/kerberos.c 13 Apr 2002 10:59:07 -0000 1.3.2.1 +++ libtelnet/kerberos.c 24 Apr 2003 06:25:34 -0000 @@ -126,7 +126,7 @@ *p++ = SE; if (str_data[3] == TELQUAL_IS) printsub('>', &str_data[2], p - (&str_data[2])); - return(net_write(str_data, p - str_data)); + return(telnet_net_write(str_data, p - str_data)); } int Index: libtelnet/kerberos5.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/kerberos5.c,v retrieving revision 1.1.1.1.8.1 diff -u -r1.1.1.1.8.1 kerberos5.c --- libtelnet/kerberos5.c 13 Apr 2002 10:59:07 -0000 1.1.1.1.8.1 +++ libtelnet/kerberos5.c 24 Apr 2003 06:25:28 -0000 @@ -128,7 +128,7 @@ *p++ = SE; if (str_data[3] == TELQUAL_IS) printsub('>', &str_data[2], p - &str_data[2]); - return(net_write(str_data, p - str_data)); + return(telnet_net_write(str_data, p - str_data)); } int Index: libtelnet/krb4encpwd.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/krb4encpwd.c,v retrieving revision 1.3.2.1 diff -u -r1.3.2.1 krb4encpwd.c --- libtelnet/krb4encpwd.c 13 Apr 2002 10:59:07 -0000 1.3.2.1 +++ libtelnet/krb4encpwd.c 24 Apr 2003 06:25:19 -0000 @@ -146,7 +146,7 @@ *p++ = SE; if (str_data[3] == TELQUAL_IS) printsub('>', &str_data[2], p - (&str_data[2])); - return(net_write(str_data, p - str_data)); + return(telnet_net_write(str_data, p - str_data)); } int Index: libtelnet/misc-proto.h =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/misc-proto.h,v retrieving revision 1.1.1.1.8.1 diff -u -r1.1.1.1.8.1 misc-proto.h --- libtelnet/misc-proto.h 13 Apr 2002 10:59:07 -0000 1.1.1.1.8.1 +++ libtelnet/misc-proto.h 24 Apr 2003 06:25:00 -0000 @@ -71,7 +71,7 @@ /* * These functions are imported from the application */ -int net_write(unsigned char *, int); +int telnet_net_write(unsigned char *, int); void net_encrypt(void); int telnet_spin(void); char *telnet_getenv(char *); Index: libtelnet/rsaencpwd.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/rsaencpwd.c,v retrieving revision 1.1.1.1.8.1 diff -u -r1.1.1.1.8.1 rsaencpwd.c --- libtelnet/rsaencpwd.c 13 Apr 2002 10:59:07 -0000 1.1.1.1.8.1 +++ libtelnet/rsaencpwd.c 24 Apr 2003 06:24:53 -0000 @@ -142,7 +142,7 @@ *p++ = SE; if (str_data[3] == TELQUAL_IS) printsub('>', &str_data[2], p - (&str_data[2])); - return(net_write(str_data, p - str_data)); + return(telnet_net_write(str_data, p - str_data)); } int Index: libtelnet/sra.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/libtelnet/sra.c,v retrieving revision 1.1.2.7 diff -u -r1.1.2.7 sra.c --- libtelnet/sra.c 16 May 2002 08:46:49 -0000 1.1.2.7 +++ libtelnet/sra.c 24 Apr 2003 06:24:46 -0000 @@ -106,7 +106,7 @@ *p++ = SE; if (str_data[3] == TELQUAL_IS) printsub('>', &str_data[2], p - (&str_data[2])); - return(net_write(str_data, p - str_data)); + return(telnet_net_write(str_data, p - str_data)); } int Index: telnet/authenc.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/telnet/authenc.c,v retrieving revision 1.2.8.2 diff -u -r1.2.8.2 authenc.c --- telnet/authenc.c 13 Apr 2002 10:59:08 -0000 1.2.8.2 +++ telnet/authenc.c 24 Apr 2003 06:24:35 -0000 @@ -55,7 +55,7 @@ #include "types.h" int -net_write(unsigned char *str, int len) +telnet_net_write(unsigned char *str, int len) { if (NETROOM() > len) { ring_supply_data(&netoring, str, len); Index: telnetd/authenc.c =================================================================== RCS file: /usr/src/cvs/src/crypto/telnet/telnetd/authenc.c,v retrieving revision 1.4.2.2 diff -u -r1.4.2.2 authenc.c --- telnetd/authenc.c 13 Apr 2002 10:59:08 -0000 1.4.2.2 +++ telnetd/authenc.c 24 Apr 2003 06:24:28 -0000 @@ -47,7 +47,7 @@ #include int -net_write(unsigned char *str, int len) +telnet_net_write(unsigned char *str, int len) { if (nfrontp + len < netobuf + BUFSIZ) { output_datalen(str, len); --------------030805080106090203000104--