Date: Sat, 17 Mar 2001 20:40:03 -0800 (PST) From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/25885: telnet -a off still uses SRA authentication Message-ID: <200103180440.f2I4e3u02741@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/25885; it has been noted by GNATS.
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
To: freebsd-gnats-submit@FreeBSD.org
Cc:
Subject: Re: bin/25885: telnet -a off still uses SRA authentication
Date: Sat, 17 Mar 2001 20:31:36 -0800
Sorry, the patch is bad. I fat fingered the first patch corrupting it
after testing the patch but before creating the diff file. The
following patch is correct.
--- src/libexec/telnetd/state.c.orig Mon Mar 5 03:25:26 2001
+++ src/libexec/telnetd/state.c Sat Mar 17 16:45:15 2001
@@ -564,8 +564,10 @@
#ifdef AUTHENTICATION
case TELOPT_AUTHENTICATION:
- func = auth_request;
- changeok++;
+ if (auth_level >= 0) {
+ func = auth_request;
+ changeok++;
+ }
break;
#endif
@@ -624,7 +626,8 @@
#ifdef AUTHENTICATION
case TELOPT_AUTHENTICATION:
- func = auth_request;
+ if (auth_level >= 0)
+ func = auth_request;
break;
#endif
@@ -724,7 +727,8 @@
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
- auth_finished(0, AUTH_REJECT);
+ if (auth_level >= 0)
+ auth_finished(0, AUTH_REJECT);
break;
#endif
@@ -777,7 +781,8 @@
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
- auth_finished(0, AUTH_REJECT);
+ if (auth_level >= 0)
+ auth_finished(0, AUTH_REJECT);
break;
#endif
default:
@@ -1418,6 +1423,8 @@
} /* end of case TELOPT_NEW_ENVIRON */
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
+ if (auth_level < 0)
+ break;
if (SB_EOF())
break;
switch(SB_GET()) {
--- src/libexec/telnetd/telnetd.c.orig Mon Mar 5 03:26:45 2001
+++ src/libexec/telnetd/telnetd.c Sat Mar 17 16:28:56 2001
@@ -616,14 +616,16 @@
settimer(baseline);
#if defined(AUTHENTICATION)
- /*
- * Handle the Authentication option before we do anything else.
- */
- send_do(TELOPT_AUTHENTICATION, 1);
- while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
- ttloop();
- if (his_state_is_will(TELOPT_AUTHENTICATION)) {
- retval = auth_wait(name);
+ if (auth_level >= 0)
+ /*
+ * Handle the Authentication option before we do anything else.
+ */
+ send_do(TELOPT_AUTHENTICATION, 1);
+ while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
+ ttloop();
+ if (his_state_is_will(TELOPT_AUTHENTICATION)) {
+ retval = auth_wait(name);
+ }
}
#endif
--- src/libexec/telnetd/utility.c.orig Mon Oct 30 21:31:47 2000
+++ src/libexec/telnetd/utility.c Sat Mar 17 16:45:25 2001
@@ -971,6 +971,8 @@
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
+ if (auth_level < 0)
+ break;
sprintf(nfrontp, "AUTHENTICATION");
nfrontp += strlen(nfrontp);
--- src/crypto/telnet/telnetd/state.c.orig Fri Aug 27 18:26:15 1999
+++ src/crypto/telnet/telnetd/state.c Sat Mar 17 16:52:41 2001
@@ -582,8 +582,10 @@
#ifdef AUTHENTICATION
case TELOPT_AUTHENTICATION:
- func = auth_request;
- changeok++;
+ if (auth_level >= 0) {
+ func = auth_request;
+ changeok++;
+ }
break;
#endif
@@ -648,7 +650,8 @@
#ifdef AUTHENTICATION
case TELOPT_AUTHENTICATION:
- func = auth_request;
+ if (auth_level >= 0)
+ func = auth_request;
break;
#endif
@@ -752,7 +755,8 @@
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
- auth_finished(0, AUTH_REJECT);
+ if (auth_level >= 0)
+ auth_finished(0, AUTH_REJECT);
break;
#endif
@@ -805,7 +809,9 @@
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
- auth_finished(0, AUTH_REJECT);
+ if (auth_level >= 0) {
+ auth_finished(0, AUTH_REJECT);
+ }
break;
#endif
default:
@@ -1451,6 +1457,8 @@
} /* end of case TELOPT_NEW_ENVIRON */
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
+ if (auth_level < 0)
+ break;
if (SB_EOF())
break;
switch(SB_GET()) {
--- src/crypto/telnet/telnetd/telnetd.c.orig Mon Mar 5 03:35:42 2001
+++ src/crypto/telnet/telnetd/telnetd.c Sat Mar 17 17:08:49 2001
@@ -640,14 +640,16 @@
settimer(baseline);
#if defined(AUTHENTICATION)
- /*
- * Handle the Authentication option before we do anything else.
- */
- send_do(TELOPT_AUTHENTICATION, 1);
- while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
- ttloop();
- if (his_state_is_will(TELOPT_AUTHENTICATION)) {
- retval = auth_wait(name);
+ if (auth_level >= 0) {
+ /*
+ * Handle the Authentication option before we do anything else.
+ */
+ send_do(TELOPT_AUTHENTICATION, 1);
+ while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
+ ttloop();
+ if (his_state_is_will(TELOPT_AUTHENTICATION)) {
+ retval = auth_wait(name);
+ }
}
#endif
--- src/crypto/telnet/telnetd/utility.c.orig Mon Mar 5 03:37:25 2001
+++ src/crypto/telnet/telnetd/utility.c Sat Mar 17 16:54:59 2001
@@ -1012,6 +1012,8 @@
#if defined(AUTHENTICATION)
case TELOPT_AUTHENTICATION:
+ if (auth_level < 0)
+ break;
sprintf(nfrontp, "AUTHENTICATION");
nfrontp += strlen(nfrontp);
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103180440.f2I4e3u02741>