From owner-freebsd-bugs Sat Mar 17 20:40:15 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id CA00D37B718 for ; Sat, 17 Mar 2001 20:40:03 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.1/8.11.1) id f2I4e3u02741; Sat, 17 Mar 2001 20:40:03 -0800 (PST) (envelope-from gnats) Date: Sat, 17 Mar 2001 20:40:03 -0800 (PST) Message-Id: <200103180440.f2I4e3u02741@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Cy Schubert - ITSD Open Systems Group Subject: Re: bin/25885: telnet -a off still uses SRA authentication Reply-To: Cy Schubert - ITSD Open Systems Group Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR bin/25885; it has been noted by GNATS. From: Cy Schubert - ITSD Open Systems Group To: freebsd-gnats-submit@FreeBSD.org Cc: Subject: Re: bin/25885: telnet -a off still uses SRA authentication Date: Sat, 17 Mar 2001 20:31:36 -0800 Sorry, the patch is bad. I fat fingered the first patch corrupting it after testing the patch but before creating the diff file. The following patch is correct. --- src/libexec/telnetd/state.c.orig Mon Mar 5 03:25:26 2001 +++ src/libexec/telnetd/state.c Sat Mar 17 16:45:15 2001 @@ -564,8 +564,10 @@ #ifdef AUTHENTICATION case TELOPT_AUTHENTICATION: - func = auth_request; - changeok++; + if (auth_level >= 0) { + func = auth_request; + changeok++; + } break; #endif @@ -624,7 +626,8 @@ #ifdef AUTHENTICATION case TELOPT_AUTHENTICATION: - func = auth_request; + if (auth_level >= 0) + func = auth_request; break; #endif @@ -724,7 +727,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); + if (auth_level >= 0) + auth_finished(0, AUTH_REJECT); break; #endif @@ -777,7 +781,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); + if (auth_level >= 0) + auth_finished(0, AUTH_REJECT); break; #endif default: @@ -1418,6 +1423,8 @@ } /* end of case TELOPT_NEW_ENVIRON */ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: + if (auth_level < 0) + break; if (SB_EOF()) break; switch(SB_GET()) { --- src/libexec/telnetd/telnetd.c.orig Mon Mar 5 03:26:45 2001 +++ src/libexec/telnetd/telnetd.c Sat Mar 17 16:28:56 2001 @@ -616,14 +616,16 @@ settimer(baseline); #if defined(AUTHENTICATION) - /* - * Handle the Authentication option before we do anything else. - */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); + if (auth_level >= 0) + /* + * Handle the Authentication option before we do anything else. + */ + send_do(TELOPT_AUTHENTICATION, 1); + while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) + ttloop(); + if (his_state_is_will(TELOPT_AUTHENTICATION)) { + retval = auth_wait(name); + } } #endif --- src/libexec/telnetd/utility.c.orig Mon Oct 30 21:31:47 2000 +++ src/libexec/telnetd/utility.c Sat Mar 17 16:45:25 2001 @@ -971,6 +971,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: + if (auth_level < 0) + break; sprintf(nfrontp, "AUTHENTICATION"); nfrontp += strlen(nfrontp); --- src/crypto/telnet/telnetd/state.c.orig Fri Aug 27 18:26:15 1999 +++ src/crypto/telnet/telnetd/state.c Sat Mar 17 16:52:41 2001 @@ -582,8 +582,10 @@ #ifdef AUTHENTICATION case TELOPT_AUTHENTICATION: - func = auth_request; - changeok++; + if (auth_level >= 0) { + func = auth_request; + changeok++; + } break; #endif @@ -648,7 +650,8 @@ #ifdef AUTHENTICATION case TELOPT_AUTHENTICATION: - func = auth_request; + if (auth_level >= 0) + func = auth_request; break; #endif @@ -752,7 +755,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); + if (auth_level >= 0) + auth_finished(0, AUTH_REJECT); break; #endif @@ -805,7 +809,9 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); + if (auth_level >= 0) { + auth_finished(0, AUTH_REJECT); + } break; #endif default: @@ -1451,6 +1457,8 @@ } /* end of case TELOPT_NEW_ENVIRON */ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: + if (auth_level < 0) + break; if (SB_EOF()) break; switch(SB_GET()) { --- src/crypto/telnet/telnetd/telnetd.c.orig Mon Mar 5 03:35:42 2001 +++ src/crypto/telnet/telnetd/telnetd.c Sat Mar 17 17:08:49 2001 @@ -640,14 +640,16 @@ settimer(baseline); #if defined(AUTHENTICATION) - /* - * Handle the Authentication option before we do anything else. - */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name); + if (auth_level >= 0) { + /* + * Handle the Authentication option before we do anything else. + */ + send_do(TELOPT_AUTHENTICATION, 1); + while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) + ttloop(); + if (his_state_is_will(TELOPT_AUTHENTICATION)) { + retval = auth_wait(name); + } } #endif --- src/crypto/telnet/telnetd/utility.c.orig Mon Mar 5 03:37:25 2001 +++ src/crypto/telnet/telnetd/utility.c Sat Mar 17 16:54:59 2001 @@ -1012,6 +1012,8 @@ #if defined(AUTHENTICATION) case TELOPT_AUTHENTICATION: + if (auth_level < 0) + break; sprintf(nfrontp, "AUTHENTICATION"); nfrontp += strlen(nfrontp); Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message