Date: Sat, 17 Mar 2001 17:35:29 -0800 (PST) From: Cy.Schubert@uumail.gov.bc.ca To: FreeBSD-gnats-submit@freebsd.org Subject: bin/25885: telnetd -a off broken Message-ID: <200103180135.f2I1ZTx13105@cwsys.cwsent.com>
next in thread | raw e-mail | index | archive | help
>Number: 25885 >Category: bin >Synopsis: telnet -a off still uses SRA authentication >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Mar 17 17:40:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: >Release: FreeBSD 4.3-BETA i386 >Organization: ITSD Province of BC >Environment: System: FreeBSD cwsys 4.3-BETA FreeBSD 4.3-BETA #0: Fri Mar 16 18:50:45 PST 2001 root@cwsys:/opt/cvs-430b/src/sys/compile/CWSYS i386 >Description: "telnetd -a off" continues to use SRA. The man page documents it should not. >How-To-Repeat: Telnet from a FreeBSD system to a FreeBSD system which has "telnetd -a off" specified in inetd.conf. >Fix: The following patch fixes src/libexec/telnetd and src/crypto/telnet/telnetd. --- src/libexec/telnetd/state.c.orig Mon Mar 5 03:25:26 2001 +++ src/libexec/telnetd/state.c Sat Mar 17 16:45:15 2001 @@ -564,8 +564,10 @@ #ifdef AUTHENTICATION case TELOPT_AUTHENTICATION: - func = auth_request; - changeok++; + if (auth_level >= 0) { + func = auth_request; + changeok++; + } break; #endif @@ -624,7 +626,8 @@ #ifdef AUTHENTICATION case TELOPT_AUTHENTICATION: - func = auth_request; + if (auth_level >= 0) + func = auth_request; break; #endif @@ -724,7 +727,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); + if (auth_level >= 0) + auth_finished(0, AUTH_REJECT); break; #endif @@ -777,7 +781,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); + if (auth_level >= 0) + auth_finished(0, AUTH_REJECT); break; #endif default: @@ -1418,6 +1423,8 @@ } /* end of case TELOPT_NEW_ENVIRON */ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: + if (auth_level < 0) + break; if (SB_EOF()) break; switch(SB_GET()) { --- src/libexec/telnetd/telnetd.c.orig Mon Mar 5 03:26:45 2001 +++ src/libexec/telnetd/telnetd.c Sat Mar 17 16:28:56 2001 @@ -616,14 +616,16 @@ settimer(baseline); #if defined(AUTHENTICATION) - /* - * Handle the Authentication option before we do anything else. - */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); + if (auth_level >= 0) + /* + * Handle the Authentication option before we do anything else. + */ + send_do(TELOPT_AUTHENTICATION, 1); + while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) + ttloop(); + if (his_state_is_will(TELOPT_AUTHENTICATION)) { + retval = auth_wait(name); + } } #endif --- src/libexec/telnetd/utility.c.orig Mon Oct 30 21:31:47 2000 +++ src/libexec/telnetd/utility.c Sat Mar 17 16:45:25 2001 @@ -971,6 +971,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: + if (auth_level < 0) + break; sprintf(nfrontp, "AUTHENTICATION"); nfrontp += strlen(nfrontp); --- src/crypto/telnet/telnetd/state.c.orig Fri Aug 27 18:26:15 1999 +++ src/crypto/telnet/telnetd/state.c Sat Mar 17 16:52:41 2001 @@ -582,8 +582,10 @@ #ifdef AUTHENTICATION case TELOPT_AUTHENTICATION: - func = auth_request; - changeok++; + if (auth_level >= 0) { + func = auth_request; + changeok++; + } break; #endif @@ -648,7 +650,8 @@ #ifdef AUTHENTICATION case TELOPT_AUTHENTICATION: - func = auth_request; + if (auth_level >= 0) + func = auth_request; break; #endif @@ -752,7 +755,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); + if (auth_level >= 0) + auth_finished(0, AUTH_REJECT); break; #endif @@ -805,7 +809,9 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); + if (auth_level >= 0) { + auth_finished(0, AUTH_REJECT); + } break; #endif default: @@ -1451,6 +1457,8 @@ } /* end of case TELOPT_NEW_ENVIRON */ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: + if (auth_level < 0) + break; if (SB_EOF()) break; switch(SB_GET()) { --- src/crypto/telnet/telnetd/telnetd.c.orig Mon Mar 5 03:35:42 2001 +++ src/crypto/telnet/telnetd/telnetd.c Sat Mar 17 17:08:49 2001 @@ -640,14 +640,16 @@ settimer(baseline); #if defined(AUTHENTICATION) - /* - * Handle the Authentication option before we do anything else. - */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); + if (auth_level >= 0) + /* + * Handle the Authentication option before we do anything else. + */ + send_do(TELOPT_AUTHENTICATION, 1); + while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) + ttloop(); + if (his_state_is_will(TELOPT_AUTHENTICATION)) { + retval = auth_wait(name); + } } #endif --- src/crypto/telnet/telnetd/utility.c.orig Mon Mar 5 03:37:25 2001 +++ src/crypto/telnet/telnetd/utility.c Sat Mar 17 16:54:59 2001 @@ -1012,6 +1012,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: + if (auth_level < 0) + break; sprintf(nfrontp, "AUTHENTICATION"); nfrontp += strlen(nfrontp); >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103180135.f2I1ZTx13105>