diff options
Diffstat (limited to 'src/appl/telnet')
23 files changed, 229 insertions, 1033 deletions
diff --git a/src/appl/telnet/configure.in b/src/appl/telnet/configure.in index 7285696..fc91a5a 100644 --- a/src/appl/telnet/configure.in +++ b/src/appl/telnet/configure.in @@ -18,12 +18,6 @@ fi dnl KRB5_NEED_PROTO([#include <stdlib.h>],setenv) AC_C_CONST -if test "$KRB4_LIB" = ''; then - AC_MSG_RESULT(No Kerberos 4 authentication) -else - AC_MSG_RESULT(Kerberos 4 authentication enabled) - AC_DEFINE(KRB4,1,[Define if krb4 authentication is enabled]) -fi KRB5_BUILD_LIBRARY KRB5_BUILD_LIBOBJS dnl @@ -81,12 +75,6 @@ KRB5_NEED_PROTO([#include <sys/types.h> #include <netdb.h>],herror,1) dnl CHECK_SIGNALS -if test "$KRB4_LIB" = ''; then - AC_MSG_RESULT(No Kerberos 4 authentication) -else - AC_MSG_RESULT(Kerberos 4 authentication enabled) - AC_DEFINE(KRB4) -fi dnl KRB5_BUILD_PROGRAM dnl diff --git a/src/appl/telnet/deps b/src/appl/telnet/deps new file mode 100644 index 0000000..2feac3c --- /dev/null +++ b/src/appl/telnet/deps @@ -0,0 +1 @@ +# No dependencies here. diff --git a/src/appl/telnet/libtelnet/Makefile.in b/src/appl/telnet/libtelnet/Makefile.in index a3b401b..2b8aff2 100644 --- a/src/appl/telnet/libtelnet/Makefile.in +++ b/src/appl/telnet/libtelnet/Makefile.in @@ -25,7 +25,7 @@ BUILDTOP=$(REL)..$(S)..$(S).. # AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DDES_ENCRYPTION -DKRB5 -DFORWARD \ -UNO_LOGIN_F -DLOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN -LOCALINCLUDES=-I.. -I$(srcdir)/.. @KRB4_INCLUDES@ +LOCALINCLUDES=-I.. -I$(srcdir)/.. DEFINES = -DTELNET_BUFSIZE=65535 $(AUTH_DEF) LIBOBJS=@LIBOBJS@ @@ -42,7 +42,6 @@ SRCS= $(srcdir)/auth.c \ $(srcdir)/encrypt.c \ $(srcdir)/genget.c \ $(srcdir)/misc.c \ - $(srcdir)/kerberos.c \ $(srcdir)/kerberos5.c \ $(srcdir)/forward.c \ $(srcdir)/enc_des.c \ @@ -57,7 +56,7 @@ SRCS= $(srcdir)/auth.c \ $(srcdir)/strerror.c STLIBOBJS= auth.o encrypt.o genget.o \ - misc.o kerberos.o kerberos5.o forward.o enc_des.o \ + misc.o kerberos5.o forward.o enc_des.o \ $(LIBOBJS) getent.o $(SETENVOBJ) TELNET_H= $(srcdir)/../arpa/telnet.h @@ -73,10 +72,6 @@ auth.o: misc-proto.h encrypt.o: $(TELNET_H) encrypt.o: encrypt.h encrypt.o: misc.h -kerberos.o: $(TELNET_H) -kerberos.o: encrypt.h -kerberos.o: auth.h -kerberos.o: misc.h kerberos5.o: $(TELNET_H) kerberos5.o: encrypt.h kerberos5.o: auth.h @@ -92,47 +87,3 @@ install:: @lib_frag@ @libobj_frag@ -# +++ Dependency line eater +++ -# -# Makefile dependencies follow. This must be the last section in -# the Makefile.in file -# -auth.so auth.po $(OUTPRE)auth.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ - auth-proto.h auth.c auth.h enc-proto.h encrypt.h misc-proto.h -encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ - enc-proto.h encrypt.c encrypt.h misc-proto.h misc.h -genget.so genget.po $(OUTPRE)genget.$(OBJEXT): genget.c \ - misc-proto.h misc.h -misc.so misc.po $(OUTPRE)misc.$(OBJEXT): auth-proto.h \ - auth.h enc-proto.h encrypt.h misc-proto.h misc.c misc.h -kerberos.so kerberos.po $(OUTPRE)kerberos.$(OBJEXT): \ - $(KRB_ERR_H_DEP) $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/kerberosIV/des.h \ - $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/krb5.h \ - $(srcdir)/../arpa/telnet.h auth-proto.h auth.h enc-proto.h \ - encrypt.h kerberos.c misc-proto.h misc.h -kerberos5.so kerberos5.po $(OUTPRE)kerberos5.$(OBJEXT): \ - $(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h \ - $(srcdir)/../arpa/telnet.h auth-proto.h auth.h enc-proto.h \ - encrypt.h kerberos5.c krb5forw.h misc-proto.h misc.h -forward.so forward.po $(OUTPRE)forward.$(OBJEXT): $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h forward.c \ - krb5forw.h -enc_des.so enc_des.po $(OUTPRE)enc_des.$(OBJEXT): $(BUILDTOP)/include/krb5/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h $(srcdir)/../arpa/telnet.h \ - enc-proto.h enc_des.c encrypt.h key-proto.h misc-proto.h -setenv.so setenv.po $(OUTPRE)setenv.$(OBJEXT): misc-proto.h \ - setenv.c -getent.so getent.po $(OUTPRE)getent.$(OBJEXT): getent.c \ - gettytab.h -parsetos.so parsetos.po $(OUTPRE)parsetos.$(OBJEXT): \ - misc-proto.h parsetos.c -strdup.so strdup.po $(OUTPRE)strdup.$(OBJEXT): strdup.c -strcasecmp.so strcasecmp.po $(OUTPRE)strcasecmp.$(OBJEXT): \ - strcasecmp.c -strchr.so strchr.po $(OUTPRE)strchr.$(OBJEXT): strchr.c -strrchr.so strrchr.po $(OUTPRE)strrchr.$(OBJEXT): strrchr.c -strftime.so strftime.po $(OUTPRE)strftime.$(OBJEXT): \ - strftime.c -strerror.so strerror.po $(OUTPRE)strerror.$(OBJEXT): \ - strerror.c diff --git a/src/appl/telnet/libtelnet/auth-proto.h b/src/appl/telnet/libtelnet/auth-proto.h index 6b49570..faf806f 100644 --- a/src/appl/telnet/libtelnet/auth-proto.h +++ b/src/appl/telnet/libtelnet/auth-proto.h @@ -86,15 +86,6 @@ void auth_debug (int); void auth_printsub (unsigned char *, int, unsigned char *, unsigned int); -#ifdef KRB4 -int kerberos4_init (Authenticator *, int); -int kerberos4_send (Authenticator *); -void kerberos4_is (Authenticator *, unsigned char *, int); -void kerberos4_reply (Authenticator *, unsigned char *, int); -int kerberos4_status (Authenticator *, char *, int); -void kerberos4_printsub (unsigned char *, int, unsigned char *, unsigned int); -#endif - #ifdef KRB5 int kerberos5_init (Authenticator *, int); int kerberos5_send (Authenticator *); diff --git a/src/appl/telnet/libtelnet/auth.c b/src/appl/telnet/libtelnet/auth.c index 28b8ae8..1a10066 100644 --- a/src/appl/telnet/libtelnet/auth.c +++ b/src/appl/telnet/libtelnet/auth.c @@ -142,24 +142,6 @@ Authenticator authenticators[] = { kerberos5_status, kerberos5_printsub }, #endif -#ifdef KRB4 -# ifdef ENCRYPTION - { AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - kerberos4_init, - kerberos4_send, - kerberos4_is, - kerberos4_reply, - kerberos4_status, - kerberos4_printsub }, -# endif /* ENCRYPTION */ - { AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - kerberos4_init, - kerberos4_send, - kerberos4_is, - kerberos4_reply, - kerberos4_status, - kerberos4_printsub }, -#endif { 0, }, }; @@ -658,7 +640,7 @@ auth_gen_printsub(data, cnt, buf, buflen) buf[buflen-2] = '*'; buflen -= 2; for (; cnt > 0; cnt--, data++) { - sprintf((char *)tbuf, " %d", *data); + snprintf((char *)tbuf, sizeof(tbuf), " %d", *data); for (cp = tbuf; *cp && buflen > 0; --buflen) *buf++ = *cp++; if (buflen <= 0) diff --git a/src/appl/telnet/libtelnet/deps b/src/appl/telnet/libtelnet/deps new file mode 100644 index 0000000..09cecf0 --- /dev/null +++ b/src/appl/telnet/libtelnet/deps @@ -0,0 +1,38 @@ +# +# Generated makefile dependencies follow. +# +auth.so auth.po $(OUTPRE)auth.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ + auth-proto.h auth.c auth.h enc-proto.h encrypt.h misc-proto.h +encrypt.so encrypt.po $(OUTPRE)encrypt.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ + enc-proto.h encrypt.c encrypt.h misc-proto.h misc.h +genget.so genget.po $(OUTPRE)genget.$(OBJEXT): genget.c \ + misc-proto.h misc.h +misc.so misc.po $(OUTPRE)misc.$(OBJEXT): auth-proto.h \ + auth.h enc-proto.h encrypt.h misc-proto.h misc.c misc.h +kerberos5.so kerberos5.po $(OUTPRE)kerberos5.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(SRCTOP)/include/krb5.h $(srcdir)/../arpa/telnet.h \ + auth-proto.h auth.h enc-proto.h encrypt.h kerberos5.c \ + krb5forw.h misc-proto.h misc.h +forward.so forward.po $(OUTPRE)forward.$(OBJEXT): $(BUILDTOP)/include/krb5/krb5.h \ + $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h forward.c \ + krb5forw.h +enc_des.so enc_des.po $(OUTPRE)enc_des.$(OBJEXT): $(BUILDTOP)/include/krb5/krb5.h \ + $(COM_ERR_DEPS) $(SRCTOP)/include/krb5.h $(srcdir)/../arpa/telnet.h \ + enc-proto.h enc_des.c encrypt.h key-proto.h misc-proto.h +setenv.so setenv.po $(OUTPRE)setenv.$(OBJEXT): misc-proto.h \ + setenv.c +getent.so getent.po $(OUTPRE)getent.$(OBJEXT): getent.c \ + gettytab.h +parsetos.so parsetos.po $(OUTPRE)parsetos.$(OBJEXT): \ + misc-proto.h parsetos.c +strdup.so strdup.po $(OUTPRE)strdup.$(OBJEXT): strdup.c +strcasecmp.so strcasecmp.po $(OUTPRE)strcasecmp.$(OBJEXT): \ + strcasecmp.c +strchr.so strchr.po $(OUTPRE)strchr.$(OBJEXT): strchr.c +strrchr.so strrchr.po $(OUTPRE)strrchr.$(OBJEXT): strrchr.c +strftime.so strftime.po $(OUTPRE)strftime.$(OBJEXT): \ + strftime.c +strerror.so strerror.po $(OUTPRE)strerror.$(OBJEXT): \ + strerror.c diff --git a/src/appl/telnet/libtelnet/enc_des.c b/src/appl/telnet/libtelnet/enc_des.c index c399d22..aa00ae2 100644 --- a/src/appl/telnet/libtelnet/enc_des.c +++ b/src/appl/telnet/libtelnet/enc_des.c @@ -550,28 +550,28 @@ fb64_printsub(data, cnt, buf, buflen, type) switch(data[2]) { case FB64_IV: - sprintf(lbuf, "%s_IV", type); + snprintf(lbuf, sizeof(lbuf), "%s_IV", type); cp = lbuf; goto common; case FB64_IV_OK: - sprintf(lbuf, "%s_IV_OK", type); + snprintf(lbuf, sizeof(lbuf), "%s_IV_OK", type); cp = lbuf; goto common; case FB64_IV_BAD: - sprintf(lbuf, "%s_IV_BAD", type); + snprintf(lbuf, sizeof(lbuf), "%s_IV_BAD", type); cp = lbuf; goto common; default: - sprintf(lbuf, " %d (unknown)", data[2]); + snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[2]); cp = lbuf; common: for (; (buflen > 0) && (*buf = *cp++); buf++) buflen--; for (i = 3; i < cnt; i++) { - sprintf(lbuf, " %d", data[i]); + snprintf(lbuf, sizeof(lbuf), " %d", data[i]); for (cp = lbuf; (buflen > 0) && (*buf = *cp++); buf++) buflen--; } diff --git a/src/appl/telnet/libtelnet/encrypt.c b/src/appl/telnet/libtelnet/encrypt.c index e99f346..6317ece 100644 --- a/src/appl/telnet/libtelnet/encrypt.c +++ b/src/appl/telnet/libtelnet/encrypt.c @@ -984,7 +984,7 @@ encrypt_gen_printsub(data, cnt, buf, buflen) buf[buflen-2] = '*'; buflen -= 2;; for (; cnt > 0; cnt--, data++) { - sprintf(tbuf, " %d", *data); + snprintf(tbuf, sizeof(tbuf), " %d", *data); for (cp = tbuf; *cp && buflen > 0; --buflen) *buf++ = *cp++; if (buflen <= 0) diff --git a/src/appl/telnet/libtelnet/forward.c b/src/appl/telnet/libtelnet/forward.c index 09d5589..98dcb78 100644 --- a/src/appl/telnet/libtelnet/forward.c +++ b/src/appl/telnet/libtelnet/forward.c @@ -57,7 +57,7 @@ rd_and_store_for_creds(context, auth_context, inbuf, ticket) if ((retval = krb5_rd_cred(context, auth_context, inbuf, &creds, NULL))) return(retval); - sprintf(ccname, "FILE:/tmp/krb5cc_p%ld", (long) getpid()); + snprintf(ccname, sizeof(ccname), "FILE:/tmp/krb5cc_p%ld", (long) getpid()); setenv("KRB5CCNAME", ccname, 1); if ((retval = krb5_cc_resolve(context, ccname, &ccache))) diff --git a/src/appl/telnet/libtelnet/gettytab.c b/src/appl/telnet/libtelnet/gettytab.c index aaad43a..d50f879 100644 --- a/src/appl/telnet/libtelnet/gettytab.c +++ b/src/appl/telnet/libtelnet/gettytab.c @@ -117,7 +117,7 @@ nchktc() write(2, "Gettytab entry too long\n", 24); q[TABBUFSIZ - (p-tbuf)] = 0; } - strcpy(p, q+1); + strlcpy(p, q+1, TABBUFSIZ - (p-tbuf)); tbuf = holdtbuf; return(1); } diff --git a/src/appl/telnet/libtelnet/kerberos.c b/src/appl/telnet/libtelnet/kerberos.c deleted file mode 100644 index 7e0d736..0000000 --- a/src/appl/telnet/libtelnet/kerberos.c +++ /dev/null @@ -1,744 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* based on @(#)kerberos.c 8.1 (Berkeley) 6/4/93 */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifdef KRB4 -/* this code must be compiled in the krb5 tree. disgustingly, there - is code in here which declares structures which happen to mirror - the krb4 des structures. I didn't want to rototill this *completely* - so this is how it's going to work. --marc */ -#include <krb5.h> -#include <sys/types.h> -#include <errno.h> -#include <arpa/telnet.h> -#include <stdio.h> -#include <des.h> /* BSD wont include this in krb.h, so we do it here */ -#include <krb.h> -#ifdef __STDC__ -#include <stdlib.h> -#endif -#ifdef HAVE_STRING_H -#include <string.h> -#else -#include <strings.h> -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -extern int auth_debug_mode; -extern krb5_context telnet_context; - -int kerberos4_cksum (unsigned char *, int); - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_KERBEROS_V4, }; -#if 0 -static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_NAME, }; -#endif - -#define KRB_AUTH 0 /* Authentication data follows */ -#define KRB_REJECT 1 /* Rejected (reason might follow) */ -#define KRB_ACCEPT 2 /* Accepted */ -#define KRB_CHALLENGE 3 /* Challenge for mutual auth. */ -#define KRB_RESPONSE 4 /* Response for mutual auth. */ - -#define KRB_SERVICE_NAME "rcmd" - -static KTEXT_ST auth; -static char name[ANAME_SZ]; -static AUTH_DAT adat = { 0 }; -#ifdef ENCRYPTION -static Block session_key = { 0 }; -static krb5_keyblock krbkey; -static Block challenge = { 0 }; -#endif /* ENCRYPTION */ - - static int -Data(ap, type, d, c) - Authenticator *ap; - int type; - const void *d; - int c; -{ - unsigned char *p = str_data + 4; - const unsigned char *cd = (const unsigned char *)d; - size_t spaceleft = sizeof(str_data) - 4; - if (c == -1) - c = strlen((const char *)cd); - - if (auth_debug_mode) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - spaceleft -= 3; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) { - *p++ = IAC; - spaceleft--; - } - if ((--spaceleft < 4) && c) { - errno = ENOMEM; - return -1; - } - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(net_write(str_data, p - str_data)); -} - - int -kerberos4_init(ap, server) - Authenticator *ap; - int server; -{ - FILE *fp; - - if (server) { - str_data[3] = TELQUAL_REPLY; - if ((fp = fopen(KEYFILE, "r")) == NULL) - return(0); - fclose(fp); - } else { - str_data[3] = TELQUAL_IS; - } - - kerberos5_init(NULL, server); - - return(1); -} - -char dst_realm_buf[REALM_SZ], *dest_realm = NULL; -unsigned int dst_realm_sz = REALM_SZ; - - int -kerberos4_send(ap) - Authenticator *ap; -{ - KTEXT_ST kauth; - char instance[INST_SZ]; - char *realm; - char *krb_realmofhost(); - char *krb_get_phost(); - CREDENTIALS cred; - int r; -#ifdef ENCRYPTION - krb5_data data; - krb5_enc_data encdata; - krb5_error_code code; - krb5_keyblock rand_key; -#endif - - printf("[ Trying KERBEROS4 ... ]\r\n"); - if (!UserNameRequested) { - if (auth_debug_mode) { - printf("Kerberos V4: no user name supplied\r\n"); - } - return(0); - } - - memset(instance, 0, sizeof(instance)); - - if ((realm = krb_get_phost(RemoteHostName))) - strncpy(instance, realm, sizeof(instance)); - - instance[sizeof(instance)-1] = '\0'; - - realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName); - - if (!realm) { - printf("Kerberos V4: no realm for %s\r\n", RemoteHostName); - return(0); - } - if ((r = krb_mk_req(&kauth, KRB_SERVICE_NAME, instance, realm, 0))) { - printf("mk_req failed: %s\r\n", krb_get_err_text(r)); - return(0); - } - if ((r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred))) { - printf("get_cred failed: %s\r\n", krb_get_err_text(r)); - return(0); - } - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - if (auth_debug_mode) - printf("Not enough room for user name\r\n"); - return(0); - } - if (auth_debug_mode) - printf("Sent %d bytes of authentication data\r\n", kauth.length); - if (!Data(ap, KRB_AUTH, (void *)kauth.dat, kauth.length)) { - if (auth_debug_mode) - printf("Not enough room for authentication data\r\n"); - return(0); - } -#ifdef ENCRYPTION - /* - * If we are doing mutual authentication, get set up to send - * the challenge, and verify it when the response comes back. - */ - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - register int i; - - data.data = cred.session; - data.length = 8; /* sizeof(cred.session) */; - - if ((code = krb5_c_random_seed(telnet_context, &data))) { - com_err("libtelnet", code, - "while seeding random number generator"); - return(0); - } - - if ((code = krb5_c_make_random_key(telnet_context, - ENCTYPE_DES_CBC_RAW, - &rand_key))) { - com_err("libtelnet", code, - "while creating random session key"); - return(0); - } - - /* the krb4 code uses ecb mode, but on a single block - with a zero ivec, ecb and cbc are the same */ - krbkey.enctype = ENCTYPE_DES_CBC_RAW; - krbkey.length = 8; - krbkey.contents = cred.session; - - encdata.ciphertext.data = rand_key.contents; - encdata.ciphertext.length = rand_key.length; - encdata.enctype = ENCTYPE_UNKNOWN; - - data.data = session_key; - data.length = 8; - - code = krb5_c_decrypt(telnet_context, &krbkey, 0, 0, - &encdata, &data); - - krb5_free_keyblock_contents(telnet_context, &rand_key); - - if (code) { - com_err("libtelnet", code, "while encrypting random key"); - return(0); - } - - encdata.ciphertext.data = session_key; - encdata.ciphertext.length = 8; - encdata.enctype = ENCTYPE_UNKNOWN; - - data.data = challenge; - data.length = 8; - - code = krb5_c_decrypt(telnet_context, &krbkey, 0, 0, - &encdata, &data); - - /* - * Increment the challenge by 1, and encrypt it for - * later comparison. - */ - for (i = 7; i >= 0; --i) { - register int x; - x = (unsigned int)challenge[i] + 1; - challenge[i] = x; /* ignore overflow */ - if (x < 256) /* if no overflow, all done */ - break; - } - - data.data = challenge; - data.length = 8; - - encdata.ciphertext.data = challenge; - encdata.ciphertext.length = 8; - encdata.enctype = ENCTYPE_UNKNOWN; - - if ((code = krb5_c_encrypt(telnet_context, &krbkey, 0, 0, - &data, &encdata))) { - com_err("libtelnet", code, "while encrypting random key"); - return(0); - } - } -#endif /* ENCRYPTION */ - - if (auth_debug_mode) { - printf("CK: %d:", kerberos4_cksum(kauth.dat, kauth.length)); - printd(kauth.dat, kauth.length); - printf("\r\n"); - printf("Sent Kerberos V4 credentials to server\r\n"); - } - return(1); -} - - void -kerberos4_is(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ -#ifdef ENCRYPTION - Session_Key skey; - Block datablock, tmpkey; - krb5_data kdata; - krb5_enc_data encdata; - krb5_error_code code; -#endif /* ENCRYPTION */ - char realm[REALM_SZ]; - char instance[INST_SZ]; - int r; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_AUTH: - if (krb_get_lrealm(realm, 1) != KSUCCESS) { - Data(ap, KRB_REJECT, (void *)"No local V4 Realm.", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("No local realm\r\n"); - return; - } - memcpy((void *)auth.dat, (void *)data, auth.length = cnt); - if (auth_debug_mode) { - printf("Got %d bytes of authentication data\r\n", cnt); - printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); - printd(auth.dat, auth.length); - printf("\r\n"); - } - instance[0] = '*'; instance[1] = 0; - if ((r = krb_rd_req(&auth, KRB_SERVICE_NAME, - instance, 0, &adat, ""))) { - if (auth_debug_mode) - printf("Kerberos failed him as %s\r\n", name); - Data(ap, KRB_REJECT, (const void *)krb_get_err_text(r), -1); - auth_finished(ap, AUTH_REJECT); - return; - } -#ifdef ENCRYPTION - memcpy((void *)session_key, (void *)adat.session, sizeof(Block)); -#endif /* ENCRYPTION */ - krb_kntoln(&adat, name); - - if (UserNameRequested && !kuserok(&adat, UserNameRequested)) - Data(ap, KRB_ACCEPT, (void *)0, 0); - else - Data(ap, KRB_REJECT, - (void *)"user is not authorized", -1); - auth_finished(ap, AUTH_USER); - break; - - case KRB_CHALLENGE: -#ifndef ENCRYPTION - Data(ap, KRB_RESPONSE, (void *)0, 0); -#else /* ENCRYPTION */ - if (!VALIDKEY(session_key)) { - /* - * We don't have a valid session key, so just - * send back a response with an empty session - * key. - */ - Data(ap, KRB_RESPONSE, (void *)0, 0); - break; - } - - /* - * Initialize the random number generator since it's - * used later on by the encryption routine. - */ - - kdata.data = session_key; - kdata.length = 8; - - if ((code = krb5_c_random_seed(telnet_context, &kdata))) { - com_err("libtelnet", code, - "while seeding random number generator"); - return; - } - - memcpy((void *)datablock, (void *)data, sizeof(Block)); - /* - * Take the received encrypted challenge, and encrypt - * it again to get a unique session_key for the - * ENCRYPT option. - */ - krbkey.enctype = ENCTYPE_DES_CBC_RAW; - krbkey.length = 8; - krbkey.contents = session_key; - - kdata.data = datablock; - kdata.length = 8; - - encdata.ciphertext.data = tmpkey; - encdata.ciphertext.length = 8; - encdata.enctype = ENCTYPE_UNKNOWN; - - if ((code = krb5_c_encrypt(telnet_context, &krbkey, 0, 0, - &kdata, &encdata))) { - com_err("libtelnet", code, "while encrypting random key"); - return; - } - - skey.type = SK_DES; - skey.length = 8; - skey.data = tmpkey; - encrypt_session_key(&skey, 1); - /* - * Now decrypt the received encrypted challenge, - * increment by one, re-encrypt it and send it back. - */ - encdata.ciphertext.data = datablock; - encdata.ciphertext.length = 8; - encdata.enctype = ENCTYPE_UNKNOWN; - - kdata.data = challenge; - kdata.length = 8; - - if ((code = krb5_c_decrypt(telnet_context, &krbkey, 0, 0, - &encdata, &kdata))) { - com_err("libtelnet", code, "while decrypting challenge"); - return; - } - - for (r = 7; r >= 0; r--) { - register int t; - t = (unsigned int)challenge[r] + 1; - challenge[r] = t; /* ignore overflow */ - if (t < 256) /* if no overflow, all done */ - break; - } - - kdata.data = challenge; - kdata.length = 8; - - encdata.ciphertext.data = challenge; - encdata.ciphertext.length = 8; - encdata.enctype = ENCTYPE_UNKNOWN; - - if ((code = krb5_c_encrypt(telnet_context, &krbkey, 0, 0, - &kdata, &encdata))) { - com_err("libtelnet", code, "while decrypting challenge"); - return; - } - - Data(ap, KRB_RESPONSE, (void *)challenge, sizeof(challenge)); -#endif /* ENCRYPTION */ - break; - - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - Data(ap, KRB_REJECT, 0, 0); - break; - } -} - - void -kerberos4_reply(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ -#ifdef ENCRYPTION - Session_Key skey; - krb5_data kdata; - krb5_enc_data encdata; - krb5_error_code code; - -#endif /* ENCRYPTION */ - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_REJECT: - if (cnt > 0) { - printf("[ Kerberos V4 refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ Kerberos V4 refuses authentication ]\r\n"); - auth_send_retry(); - return; - case KRB_ACCEPT: - printf("[ Kerberos V4 accepts you ]\r\n"); - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - /* - * Send over the encrypted challenge. - */ -#ifndef ENCRYPTION - Data(ap, KRB_CHALLENGE, (void *)0, 0); -#else /* ENCRYPTION */ - Data(ap, KRB_CHALLENGE, (void *)session_key, - sizeof(session_key)); - - kdata.data = session_key; - kdata.length = 8; - - encdata.ciphertext.data = session_key; - encdata.ciphertext.length = 8; - encdata.enctype = ENCTYPE_UNKNOWN; - - if ((code = krb5_c_encrypt(telnet_context, &krbkey, - 0, 0, &kdata, &encdata))) { - com_err("libtelnet", code, - "while encrypting session_key"); - return; - } - - skey.type = SK_DES; - skey.length = 8; - skey.data = session_key; - encrypt_session_key(&skey, 0); -#endif /* ENCRYPTION */ - return; - } - auth_finished(ap, AUTH_USER); - return; - case KRB_RESPONSE: -#ifdef ENCRYPTION - /* - * Verify that the response to the challenge is correct. - */ - if ((cnt != sizeof(Block)) || - (0 != memcmp((void *)data, (void *)challenge, - sizeof(challenge)))) - { -#endif /* ENCRYPTION */ - printf("[ Kerberos V4 challenge failed!!! ]\r\n"); - auth_send_retry(); - return; -#ifdef ENCRYPTION - } - printf("[ Kerberos V4 challenge successful ]\r\n"); - auth_finished(ap, AUTH_USER); -#endif /* ENCRYPTION */ - break; - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - return; - } -} - - int -kerberos4_status(ap, kname, level) - Authenticator *ap; - char *kname; - int level; -{ - if (level < AUTH_USER) - return(level); - - /* - * Always copy in UserNameRequested if the authentication - * is valid, because the higher level routines need it. - */ - if (UserNameRequested) { - /* the name buffer comes from telnetd/telnetd{-ktd}.c */ - strncpy(kname, UserNameRequested, 255); - kname[255] = '\0'; - } - - if (UserNameRequested && !kuserok(&adat, UserNameRequested)) { - return(AUTH_VALID); - } else - return(AUTH_USER); -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - - void -kerberos4_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt; - unsigned int buflen; -{ - char lbuf[32]; - register int i; - - buf[buflen-1] = '\0'; /* make sure its NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB_REJECT: /* Rejected (reason might follow) */ - strncpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB_ACCEPT: /* Accepted (name might follow) */ - strncpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case KRB_AUTH: /* Authentication data follows */ - strncpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB_CHALLENGE: - strncpy((char *)buf, " CHALLENGE", buflen); - goto common2; - - case KRB_RESPONSE: - strncpy((char *)buf, " RESPONSE", buflen); - goto common2; - - default: - sprintf(lbuf, " %d (unknown)", data[3]); - strncpy((char *)buf, lbuf, buflen); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - sprintf(lbuf, " %d", data[i]); - strncpy((char *)buf, lbuf, buflen); - BUMP(buf, buflen); - } - break; - } -} - - int -kerberos4_cksum(d, n) - unsigned char *d; - int n; -{ - int ck = 0; - - /* - * A comment is probably needed here for those not - * well versed in the "C" language. Yes, this is - * supposed to be a "switch" with the body of the - * "switch" being a "while" statement. The whole - * purpose of the switch is to allow us to jump into - * the middle of the while() loop, and then not have - * to do any more switch()s. - * - * Some compilers will spit out a warning message - * about the loop not being entered at the top. - */ - switch (n&03) - while (n > 0) { - case 0: - ck ^= (int)*d++ << 24; - --n; - case 3: - ck ^= (int)*d++ << 16; - --n; - case 2: - ck ^= (int)*d++ << 8; - --n; - case 1: - ck ^= (int)*d++; - --n; - } - return(ck); -} -#else -#include <krb5.h> -#include <errno.h> - -#endif - -#ifdef notdef - -prkey(msg, key) - char *msg; - unsigned char *key; -{ - register int i; - printf("%s:", msg); - for (i = 0; i < 8; i++) - printf(" %3d", key[i]); - printf("\r\n"); -} -#endif diff --git a/src/appl/telnet/libtelnet/kerberos5.c b/src/appl/telnet/libtelnet/kerberos5.c index 1ef6fba..40eb184 100644 --- a/src/appl/telnet/libtelnet/kerberos5.c +++ b/src/appl/telnet/libtelnet/kerberos5.c @@ -66,6 +66,7 @@ #include <errno.h> #include <stdio.h> #include "krb5.h" +#include "k5-platform.h" #include "com_err.h" #include <netdb.h> @@ -266,12 +267,11 @@ kerberos5_send(ap) rdata.magic = 0; rdata.length = strlen(telnet_krb5_realm); - rdata.data = (char *) malloc(rdata.length + 1); + rdata.data = strdup(telnet_krb5_realm); if (rdata.data == NULL) { fprintf(stderr, "malloc failed\n"); return(0); } - strcpy(rdata.data, telnet_krb5_realm); krb5_princ_set_realm(telnet_context, creds.server, &rdata); } @@ -440,9 +440,9 @@ kerberos5_is(ap, data, cnt) r = krb5_rd_req(telnet_context, &auth_context, &auth, NULL, keytabid, NULL, &ticket); if (r) { - (void) strcpy(errbuf, "krb5_rd_req failed: "); - errbuf[sizeof(errbuf) - 1] = '\0'; - (void) strncat(errbuf, error_message(r), sizeof(errbuf) - 1 - strlen(errbuf)); + (void) snprintf(errbuf, sizeof(errbuf), + "krb5_rd_req failed: %s", + error_message(r)); goto errout; } @@ -452,7 +452,8 @@ kerberos5_is(ap, data, cnt) * the default is of length 4. */ if (krb5_princ_size(telnet_context,ticket->server) < 1) { - (void) strcpy(errbuf, "malformed service name"); + (void) strlcpy(errbuf, "malformed service name", + sizeof(errbuf)); goto errout; } if (krb5_princ_component(telnet_context,ticket->server,0)->length < 256) { @@ -464,15 +465,16 @@ kerberos5_is(ap, data, cnt) ticket->server,0)->length] = '\0'; if (strcmp("host", princ)) { if(strlen(princ) < sizeof(errbuf) - 39) { - (void) sprintf(errbuf, "incorrect service name: \"%s\" != \"host\"", + (void) snprintf(errbuf, sizeof(errbuf), "incorrect service name: \"%s\" != \"host\"", princ); } else { - (void) sprintf(errbuf, "incorrect service name: principal != \"host\""); + (void) snprintf(errbuf, sizeof(errbuf), "incorrect service name: principal != \"host\""); } goto errout; } } else { - (void) strcpy(errbuf, "service name too long"); + (void) strlcpy(errbuf, "service name too long", + sizeof(errbuf)); goto errout; } @@ -480,16 +482,16 @@ kerberos5_is(ap, data, cnt) auth_context, &authenticator); if (r) { - (void) strcpy(errbuf, - "krb5_auth_con_getauthenticator failed: "); - errbuf[sizeof(errbuf) - 1] = '\0'; - (void) strncat(errbuf, error_message(r), sizeof(errbuf) - 1 - strlen(errbuf)); - goto errout; + (void) snprintf(errbuf, sizeof(errbuf), + "krb5_auth_con_getauthenticator failed: %s", + error_message(r)); + goto errout; } if ((ap->way & AUTH_ENCRYPT_MASK) == AUTH_ENCRYPT_ON && !authenticator->checksum) { - (void) strcpy(errbuf, - "authenticator is missing required checksum"); + (void) strlcpy(errbuf, + "authenticator is missing required checksum", + sizeof(errbuf)); goto errout; } if (authenticator->checksum) { @@ -503,9 +505,9 @@ kerberos5_is(ap, data, cnt) r = krb5_auth_con_getkey(telnet_context, auth_context, &key); if (r) { - (void) strcpy(errbuf, "krb5_auth_con_getkey failed: "); - errbuf[sizeof(errbuf) - 1] = '\0'; - (void) strncat(errbuf, error_message(r), sizeof(errbuf) - 1 - strlen(errbuf)); + (void) snprintf(errbuf, sizeof(errbuf), + "krb5_auth_con_getkey failed: %s", + error_message(r)); goto errout; } r = krb5_verify_checksum(telnet_context, @@ -522,10 +524,9 @@ kerberos5_is(ap, data, cnt) * present at this time. */ if (r) { - (void) strcpy(errbuf, - "checksum verification failed: "); - errbuf[sizeof(errbuf) - 1] = '\0'; - (void) strncat(errbuf, error_message(r), sizeof(errbuf) - 1 - strlen(errbuf)); + (void) snprintf(errbuf, sizeof(errbuf), + "checksum verification failed: %s", + error_message(r)); goto errout; } krb5_free_keyblock(telnet_context, key); @@ -535,9 +536,9 @@ kerberos5_is(ap, data, cnt) /* do ap_rep stuff here */ if ((r = krb5_mk_rep(telnet_context, auth_context, &outbuf))) { - (void) strcpy(errbuf, "Make reply failed: "); - errbuf[sizeof(errbuf) - 1] = '\0'; - (void) strncat(errbuf, error_message(r), sizeof(errbuf) - 1 - strlen(errbuf)); + (void) snprintf(errbuf, sizeof(errbuf), + "Make reply failed: %s", + error_message(r)); goto errout; } @@ -589,11 +590,10 @@ kerberos5_is(ap, data, cnt) &inbuf, ticket))) { char kerrbuf[128]; - - (void) strcpy(kerrbuf, "Read forwarded creds failed: "); - kerrbuf[sizeof(kerrbuf) - 1] = '\0'; - (void) strncat(kerrbuf, error_message(r), - sizeof(kerrbuf) - 1 - strlen(kerrbuf)); + + (void) snprintf(kerrbuf, sizeof(kerrbuf), + "Read forwarded creds failed: %s", + error_message(r)); Data(ap, KRB_FORWARD_REJECT, kerrbuf, -1); if (auth_debug_mode) printf( @@ -618,9 +618,7 @@ kerberos5_is(ap, data, cnt) { char eerrbuf[329]; - strcpy(eerrbuf, "telnetd: "); - eerrbuf[sizeof(eerrbuf) - 1] = '\0'; - strncat(eerrbuf, errbuf, sizeof(eerrbuf) - 1 - strlen(eerrbuf)); + snprintf(eerrbuf, sizeof(eerrbuf), "telnetd: %s", errbuf); Data(ap, KRB_REJECT, eerrbuf, -1); } if (auth_debug_mode) @@ -813,12 +811,12 @@ kerberos5_printsub(data, cnt, buf, buflen) #endif /* FORWARD */ default: - sprintf(lbuf, " %d (unknown)", data[3]); + snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]); strncpy((char *)buf, lbuf, buflen); common2: BUMP(buf, buflen); for (i = 4; i < cnt; i++) { - sprintf(lbuf, " %d", data[i]); + snprintf(lbuf, sizeof(lbuf), " %d", data[i]); strncpy((char *)buf, lbuf, buflen); BUMP(buf, buflen); } diff --git a/src/appl/telnet/libtelnet/spx.c b/src/appl/telnet/libtelnet/spx.c index b3e0e9d..449ddc4 100644 --- a/src/appl/telnet/libtelnet/spx.c +++ b/src/appl/telnet/libtelnet/spx.c @@ -71,6 +71,7 @@ #include <arpa/telnet.h> #include <stdio.h> #include "gssapi_defs.h" +#include "k5-platform.h" #ifdef __STDC__ #include <stdlib.h> #endif @@ -172,9 +173,8 @@ spx_init(ap, server) if (server) { str_data[3] = TELQUAL_REPLY; gethostname(lhostname, sizeof(lhostname)); - strcpy(targ_printable, "SERVICE:rcmd@"); - strncat(targ_printable, lhostname, sizeof(targ_printable) - 1 - 13); - targ_printable[sizeof(targ_printable) - 1] = '\0'; + snprintf(targ_printable, sizeof(targ_printable), + "SERVICE:rcmd@%s", lhostname); input_name_buffer.length = strlen(targ_printable); input_name_buffer.value = targ_printable; major_status = gss_import_name(&status, @@ -216,9 +216,8 @@ spx_send(ap) char *address; printf("[ Trying SPX ... ]\n"); - strcpy(targ_printable, "SERVICE:rcmd@"); - strncat(targ_printable, RemoteHostName, sizeof(targ_printable) - 1 - 13); - targ_printable[sizeof(targ_printable) - 1] = '\0'; + snprintf(targ_printable, sizeof(targ_printable), "SERVICE:rcmd@%s", + RemoteHostName); input_name_buffer.length = strlen(targ_printable); input_name_buffer.value = targ_printable; @@ -325,9 +324,8 @@ spx_is(ap, data, cnt) gethostname(lhostname, sizeof(lhostname)); - strcpy(targ_printable, "SERVICE:rcmd@"); - strncat(targ_printable, lhostname, sizeof(targ_printable) - 1 - 13); - targ_printable[sizeof(targ_printable) - 1] = '\0'; + snprintf(targ_printable, sizeof(targ_printable), + "SERVICE:rcmd@%s", lhostname); input_name_buffer.length = strlen(targ_printable); input_name_buffer.value = targ_printable; @@ -563,12 +561,12 @@ spx_printsub(data, cnt, buf, buflen) goto common2; default: - sprintf(lbuf, " %d (unknown)", data[3]); + snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[3]); strncpy((char *)buf, lbuf, buflen); common2: BUMP(buf, buflen); for (i = 4; i < cnt; i++) { - sprintf(lbuf, " %d", data[i]); + snprintf(lbuf, sizeof(lbuf), " %d", data[i]); strncpy((char *)buf, lbuf, buflen); BUMP(buf, buflen); } diff --git a/src/appl/telnet/telnet/Makefile.in b/src/appl/telnet/telnet/Makefile.in index 42a0578..7fae8f7 100644 --- a/src/appl/telnet/telnet/Makefile.in +++ b/src/appl/telnet/telnet/Makefile.in @@ -47,8 +47,8 @@ OBJS= authenc.o commands.o main.o network.o ring.o sys_bsd.o \ all:: telnet -telnet: $(OBJS) $(KRB4COMPAT_DEPLIBS) ../libtelnet/libtelnet.a - $(CC_LINK) -o $@ $(OBJS) ../libtelnet/libtelnet.a $(KRB4COMPAT_LIBS) +telnet: $(OBJS) $(KRB5_BASE_DEPLIBS) ../libtelnet/libtelnet.a + $(CC_LINK) -o $@ $(OBJS) ../libtelnet/libtelnet.a $(KRB5_BASE_LIBS) clean:: $(RM) telnet @@ -72,41 +72,3 @@ telnet.o: defines.h externs.h general.h ring.h types.h $(ARPA_TELNET) terminal.o: externs.h ring.h types.h $(ARPA_TELNET) tn3270.o: defines.h externs.h fdset.h general.h ring.h $(ARPA_TELNET) utilities.o: defines.h externs.h fdset.h general.h ring.h $(ARPA_TELNET) -# +++ Dependency line eater +++ -# -# Makefile dependencies follow. This must be the last section in -# the Makefile.in file -# -$(OUTPRE)authenc.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ - $(srcdir)/../libtelnet/enc-proto.h $(srcdir)/../libtelnet/encrypt.h \ - $(srcdir)/../libtelnet/misc-proto.h $(srcdir)/../libtelnet/misc.h \ - authenc.c defines.h externs.h general.h ring.h types.h -$(OUTPRE)commands.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(srcdir)/../arpa/telnet.h \ - $(srcdir)/../libtelnet/auth-proto.h $(srcdir)/../libtelnet/auth.h \ - $(srcdir)/../libtelnet/enc-proto.h $(srcdir)/../libtelnet/encrypt.h \ - $(srcdir)/../libtelnet/misc-proto.h commands.c defines.h \ - externs.h general.h ring.h types.h -$(OUTPRE)main.$(OBJEXT): $(srcdir)/../libtelnet/auth-proto.h \ - $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ - $(srcdir)/../libtelnet/encrypt.h defines.h externs.h \ - main.c ring.h -$(OUTPRE)network.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ - defines.h externs.h fdset.h network.c ring.h -$(OUTPRE)ring.$(OBJEXT): general.h ring.c ring.h -$(OUTPRE)sys_bsd.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ - defines.h externs.h fdset.h ring.h sys_bsd.c types.h -$(OUTPRE)telnet.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ - $(srcdir)/../libtelnet/auth-proto.h $(srcdir)/../libtelnet/auth.h \ - $(srcdir)/../libtelnet/enc-proto.h $(srcdir)/../libtelnet/encrypt.h \ - $(srcdir)/../libtelnet/misc-proto.h defines.h externs.h \ - general.h ring.h telnet.c types.h -$(OUTPRE)terminal.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ - $(srcdir)/../libtelnet/enc-proto.h $(srcdir)/../libtelnet/encrypt.h \ - externs.h ring.h terminal.c types.h -$(OUTPRE)utilities.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ - $(srcdir)/../libtelnet/auth-proto.h $(srcdir)/../libtelnet/auth.h \ - $(srcdir)/../libtelnet/enc-proto.h $(srcdir)/../libtelnet/encrypt.h \ - defines.h externs.h fdset.h general.h ring.h utilities.c diff --git a/src/appl/telnet/telnet/commands.c b/src/appl/telnet/telnet/commands.c index 57106de..f82f3e6 100644 --- a/src/appl/telnet/telnet/commands.c +++ b/src/appl/telnet/telnet/commands.c @@ -117,6 +117,8 @@ static unsigned long sourceroute(char *, char **, int *); #include "fake-addrinfo.h" +#include <k5-platform.h> + char *hostname; static char _hostname[MAXDNAME]; static char hostaddrstring[NI_MAXHOST]; @@ -1745,8 +1747,8 @@ env_find(var) env_init() { extern char **environ; - register char **epp, *cp; - register struct env_lst *ep; + char **epp, *cp; + struct env_lst *ep; for (epp = environ; *epp; epp++) { if ((cp = strchr(*epp, '='))) { @@ -1770,8 +1772,7 @@ env_init() gethostname(hbuf, 256); hbuf[256] = '\0'; - cp = (char *)malloc(strlen(hbuf) + strlen(cp2) + 1); - sprintf((char *)cp, "%s%s", hbuf, cp2); + asprintf(&cp, "%s%s", hbuf, cp2); free(ep->value); ep->value = (unsigned char *)cp; } @@ -2431,7 +2432,7 @@ tn(argc, argv) return 0; } if (argc < 2) { - (void) strcpy(line, "open "); + (void) strlcpy(line, "open ", sizeof(line)); printf("(to) "); (void) fgets(&line[strlen(line)], (int) (sizeof(line) - strlen(line)), stdin); @@ -2580,7 +2581,8 @@ tn(argc, argv) if (error) { fprintf (stderr, "getnameinfo() error printing address: %s\n", gai_strerror (error)); - strcpy (hostaddrstring, "[address unprintable]"); + strlcpy (hostaddrstring, "[address unprintable]", + sizeof(hostaddrstring)); } printf("Trying %s...\r\n", hostaddrstring); #if defined(IP_OPTIONS) && defined(IPPROTO_IP) diff --git a/src/appl/telnet/telnet/deps b/src/appl/telnet/telnet/deps new file mode 100644 index 0000000..4015479 --- /dev/null +++ b/src/appl/telnet/telnet/deps @@ -0,0 +1,39 @@ +# +# Generated makefile dependencies follow. +# +$(OUTPRE)authenc.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ + $(srcdir)/../libtelnet/enc-proto.h $(srcdir)/../libtelnet/encrypt.h \ + $(srcdir)/../libtelnet/misc-proto.h $(srcdir)/../libtelnet/misc.h \ + authenc.c defines.h externs.h general.h ring.h types.h +$(OUTPRE)commands.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-platform.h \ + $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(srcdir)/../arpa/telnet.h \ + $(srcdir)/../libtelnet/auth-proto.h $(srcdir)/../libtelnet/auth.h \ + $(srcdir)/../libtelnet/enc-proto.h $(srcdir)/../libtelnet/encrypt.h \ + $(srcdir)/../libtelnet/misc-proto.h commands.c defines.h \ + externs.h general.h ring.h types.h +$(OUTPRE)main.$(OBJEXT): $(srcdir)/../libtelnet/auth-proto.h \ + $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ + $(srcdir)/../libtelnet/encrypt.h defines.h externs.h \ + main.c ring.h +$(OUTPRE)network.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ + defines.h externs.h fdset.h network.c ring.h +$(OUTPRE)ring.$(OBJEXT): general.h ring.c ring.h +$(OUTPRE)sys_bsd.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ + defines.h externs.h fdset.h ring.h sys_bsd.c types.h +$(OUTPRE)telnet.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ + $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ + $(srcdir)/../libtelnet/encrypt.h $(srcdir)/../libtelnet/misc-proto.h \ + defines.h externs.h general.h ring.h telnet.c types.h +$(OUTPRE)terminal.$(OBJEXT): $(srcdir)/../arpa/telnet.h \ + $(srcdir)/../libtelnet/enc-proto.h $(srcdir)/../libtelnet/encrypt.h \ + externs.h ring.h terminal.c types.h +$(OUTPRE)utilities.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ + $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ + $(srcdir)/../libtelnet/encrypt.h defines.h externs.h \ + fdset.h general.h ring.h utilities.c diff --git a/src/appl/telnet/telnet/main.c b/src/appl/telnet/telnet/main.c index 77832f9..c1dc204 100644 --- a/src/appl/telnet/telnet/main.c +++ b/src/appl/telnet/telnet/main.c @@ -235,14 +235,6 @@ main(argc, argv) #endif break; case 'k': -#if defined(AUTHENTICATION) && defined(KRB4) - { - extern char *dest_realm, dst_realm_buf[]; - extern unsigned int dst_realm_sz; - dest_realm = dst_realm_buf; - (void)strncpy(dest_realm, optarg, dst_realm_sz); - } -#endif #if defined(AUTHENTICATION) && defined(KRB5) { extern char *telnet_krb5_realm; @@ -250,8 +242,7 @@ main(argc, argv) telnet_krb5_realm = optarg; break; } -#endif -#if !defined(AUTHENTICATION) || (!defined(KRB4) && !defined(KRB5)) +#else fprintf(stderr, "%s: Warning: -k ignored, no Kerberos V4 support.\n", prompt); diff --git a/src/appl/telnet/telnet/telnet.c b/src/appl/telnet/telnet/telnet.c index 3b8a82d..be00687 100644 --- a/src/appl/telnet/telnet/telnet.c +++ b/src/appl/telnet/telnet/telnet.c @@ -79,6 +79,8 @@ #include <libtelnet/misc-proto.h> #endif /* defined(AUTHENTICATION) || defined(ENCRYPTION) */ +#include <k5-platform.h> + static int is_unique (char *, char **, char **); @@ -867,8 +869,8 @@ suboption() name = gettermname(); len = strlen(name) + 4 + 2; if (len < NETROOM()) { - sprintf((char *)temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_TTYPE, - TELQUAL_IS, name, IAC, SE); + snprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c", + IAC, SB, TELOPT_TTYPE, TELQUAL_IS, name, IAC, SE); ring_supply_data(&netoring, temp, len); printsub('>', &temp[2], len-2); } else { @@ -889,8 +891,8 @@ suboption() TerminalSpeeds(&ispeed, &o_speed); - sprintf((char *)temp, "%c%c%c%c%ld,%ld%c%c", IAC, SB, TELOPT_TSPEED, - TELQUAL_IS, o_speed, ispeed, IAC, SE); + snprintf((char *)temp, sizeof(temp), "%c%c%c%c%ld,%ld%c%c", IAC, + SB, TELOPT_TSPEED, TELQUAL_IS, o_speed, ispeed, IAC, SE); len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */ if (len < NETROOM()) { @@ -995,8 +997,8 @@ suboption() send_wont(TELOPT_XDISPLOC, 1); break; } - sprintf((char *)temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_XDISPLOC, - TELQUAL_IS, dp, IAC, SE); + snprintf((char *)temp, sizeof(temp), "%c%c%c%c%s%c%c", + IAC, SB, TELOPT_XDISPLOC, TELQUAL_IS, dp, IAC, SE); len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */ if (len < NETROOM()) { diff --git a/src/appl/telnet/telnet/utilities.c b/src/appl/telnet/telnet/utilities.c index 4b198da..4a076e5 100644 --- a/src/appl/telnet/telnet/utilities.c +++ b/src/appl/telnet/telnet/utilities.c @@ -61,6 +61,8 @@ #include <libtelnet/encrypt.h> #endif +#include <k5-platform.h> + FILE *NetTrace = 0; /* Not in bss, since needs to stay */ int prettydump; @@ -646,7 +648,7 @@ printsub(direction, pointer, length) } { char tbuf[64]; - sprintf(tbuf, "%s%s%s%s%s", + snprintf(tbuf, sizeof(tbuf), "%s%s%s%s%s", pointer[2]&MODE_EDIT ? "|EDIT" : "", pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "", pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", diff --git a/src/appl/telnet/telnetd/Makefile.in b/src/appl/telnet/telnetd/Makefile.in index 606bfb6..ac27b78 100644 --- a/src/appl/telnet/telnetd/Makefile.in +++ b/src/appl/telnet/telnetd/Makefile.in @@ -30,7 +30,7 @@ LOCALINCLUDES=-I.. -I$(srcdir)/.. DEFINES = -DTELNET_BUFSIZE=65535 $(AUTH_DEF) $(OTHERDEFS) ARPA_TELNET= $(srcdir)/../arpa/telnet.h -PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) +PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) LIBS= @TELNETD_LIBS@ @@ -60,8 +60,8 @@ OBJS= telnetd.o \ all:: telnetd -telnetd: $(OBJS) $(PTY_DEPLIB) $(KRB4COMPAT_DEPLIBS) ../libtelnet/libtelnet.a - $(CC_LINK) -o $@ $(OBJS) ../libtelnet/libtelnet.a $(PTY_LIB) $(UTIL_LIB) $(KRB4COMPAT_LIBS) +telnetd: $(OBJS) $(PTY_DEPLIB) $(KRB5_BASE_DEPLIBS) ../libtelnet/libtelnet.a + $(CC_LINK) -o $@ $(OBJS) ../libtelnet/libtelnet.a $(PTY_LIB) $(UTIL_LIB) $(KRB5_BASE_LIBS) clean:: $(RM) telnetd @@ -82,63 +82,3 @@ sys_term.o: telnetd.h pathnames.h defs.h ext.h $(ARPA_TELNET) telnetd.o: telnetd.h defs.h ext.h $(ARPA_TELNET) termstat.o: telnetd.h defs.h ext.h $(ARPA_TELNET) utility.o: telnetd.h defs.h ext.h $(ARPA_TELNET) -# +++ Dependency line eater +++ -# -# Makefile dependencies follow. This must be the last section in -# the Makefile.in file -# -$(OUTPRE)telnetd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/libpty.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ - $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ - $(srcdir)/../libtelnet/encrypt.h $(srcdir)/../libtelnet/misc-proto.h \ - defs.h ext.h pathnames.h telnetd.c telnetd.h -$(OUTPRE)termio-tn.$(OBJEXT): termio-tn.c -$(OUTPRE)termios-tn.$(OBJEXT): termios-tn.c -$(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ - $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ - $(srcdir)/../libtelnet/encrypt.h defs.h ext.h state.c \ - telnetd.h -$(OUTPRE)termstat.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../arpa/telnet.h defs.h ext.h telnetd.h termstat.c -$(OUTPRE)slc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../arpa/telnet.h defs.h ext.h slc.c telnetd.h -$(OUTPRE)sys_term.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/libpty.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \ - $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ - $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ - $(srcdir)/../libtelnet/auth.h defs.h ext.h pathnames.h \ - sys_term.c telnetd.h -$(OUTPRE)utility.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ - $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ - $(srcdir)/../libtelnet/encrypt.h defs.h ext.h telnetd.h \ - utility.c -$(OUTPRE)global.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../arpa/telnet.h defs.h ext.h global.c -$(OUTPRE)authenc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/misc-proto.h \ - $(srcdir)/../libtelnet/misc.h authenc.c defs.h ext.h \ - telnetd.h diff --git a/src/appl/telnet/telnetd/deps b/src/appl/telnet/telnetd/deps new file mode 100644 index 0000000..88e768d --- /dev/null +++ b/src/appl/telnet/telnetd/deps @@ -0,0 +1,58 @@ +# +# Generated makefile dependencies follow. +# +$(OUTPRE)telnetd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/libpty.h \ + $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h $(SRCTOP)/include/k5-platform.h \ + $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ + $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ + $(srcdir)/../libtelnet/encrypt.h $(srcdir)/../libtelnet/misc-proto.h \ + defs.h ext.h pathnames.h telnetd.c telnetd.h +$(OUTPRE)termio-tn.$(OBJEXT): termio-tn.c +$(OUTPRE)termios-tn.$(OBJEXT): termios-tn.c +$(OUTPRE)state.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ + $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ + $(srcdir)/../libtelnet/encrypt.h defs.h ext.h state.c \ + telnetd.h +$(OUTPRE)termstat.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(srcdir)/../arpa/telnet.h defs.h ext.h telnetd.h termstat.c +$(OUTPRE)slc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(srcdir)/../arpa/telnet.h defs.h ext.h slc.c telnetd.h +$(OUTPRE)sys_term.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/libpty.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ + $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ + $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ + $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ + $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(srcdir)/../arpa/telnet.h \ + $(srcdir)/../libtelnet/auth-proto.h $(srcdir)/../libtelnet/auth.h \ + defs.h ext.h pathnames.h sys_term.c telnetd.h +$(OUTPRE)utility.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/auth-proto.h \ + $(srcdir)/../libtelnet/auth.h $(srcdir)/../libtelnet/enc-proto.h \ + $(srcdir)/../libtelnet/encrypt.h defs.h ext.h telnetd.h \ + utility.c +$(OUTPRE)global.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(srcdir)/../arpa/telnet.h defs.h ext.h global.c +$(OUTPRE)authenc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-thread.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(srcdir)/../arpa/telnet.h $(srcdir)/../libtelnet/misc-proto.h \ + $(srcdir)/../libtelnet/misc.h authenc.c defs.h ext.h \ + telnetd.h diff --git a/src/appl/telnet/telnetd/slc.c b/src/appl/telnet/telnetd/slc.c index 613674b..8f32f43 100644 --- a/src/appl/telnet/telnetd/slc.c +++ b/src/appl/telnet/telnetd/slc.c @@ -154,8 +154,8 @@ start_slc(getit) slcchange = 0; if (getit) init_termbuf(); - (void) sprintf((char *)slcbuf, "%c%c%c%c", - IAC, SB, TELOPT_LINEMODE, LM_SLC); + (void) snprintf((char *)slcbuf, sizeof(slcbuf), "%c%c%c%c", + IAC, SB, TELOPT_LINEMODE, LM_SLC); slcptr = slcbuf + 4; } /* end of start_slc */ @@ -195,8 +195,9 @@ end_slc(bufp) *bufp = &slcbuf[4]; return(slcptr - slcbuf - 4); } else { - (void) sprintf((char *)slcptr, "%c%c", IAC, SE); - slcptr += 2; + *slcptr++ = IAC; + *slcptr++ = SE; + *slcptr = 0; len = slcptr - slcbuf; netwrite(slcbuf, len); netflush(); /* force it out immediately */ diff --git a/src/appl/telnet/telnetd/sys_term.c b/src/appl/telnet/telnetd/sys_term.c index d78c2e8..5c08c76 100644 --- a/src/appl/telnet/telnetd/sys_term.c +++ b/src/appl/telnet/telnetd/sys_term.c @@ -1133,7 +1133,8 @@ startslave(host, autologin, autoname) */ if ((i = open(INIT_FIFO, O_WRONLY)) < 0) { char tbuf[128]; - (void) sprintf(tbuf, "Can't open %s\n", INIT_FIFO); + (void) snprintf(tbuf, sizeof(tbuf), "Can't open %s\n", + INIT_FIFO); fatalperror(net, tbuf); } memset((char *)&request, 0, sizeof(request)); @@ -1156,7 +1157,8 @@ startslave(host, autologin, autoname) #endif /* BFTPDAEMON */ if (write(i, (char *)&request, sizeof(request)) < 0) { char tbuf[128]; - (void) sprintf(tbuf, "Can't write to %s\n", INIT_FIFO); + (void) snprintf(tbuf, sizeof(tbuf), "Can't write to %s\n", + INIT_FIFO); fatalperror(net, tbuf); } (void) close(i); @@ -1168,7 +1170,7 @@ startslave(host, autologin, autoname) if (i == 3 || n >= 0 || !gotalarm) break; gotalarm = 0; - sprintf(tbuf, "telnetd: waiting for /etc/init to start login process on %s\r\n", line); + snprintf(tbuf, sizeof(tbuf), "telnetd: waiting for /etc/init to start login process on %s\r\n", line); (void) write(net, tbuf, strlen(tbuf)); } if (n < 0 && gotalarm) @@ -1255,9 +1257,7 @@ start_login(host, autologin, name) if (term == NULL || term[0] == 0) { term = "-"; } else { - strcpy(termbuf, "TERM="); - strncat(termbuf, term, sizeof(termbuf) - 6); - termbuf[sizeof(termbuf) - 1] = '\0'; + snprintf(termbuf, sizeof(termbuf), "TERM=%s", term); term = termbuf; } argv = addarg(argv, term); @@ -1357,13 +1357,9 @@ start_login(host, autologin, name) write(xpty, name, len); write(xpty, name, len); memset(speed, 0, sizeof(speed)); - strncpy(speed, - (cp = getenv("TERM")) ? cp : "", - sizeof(speed)-1-(10*sizeof(def_rspeed)/4)-1); - /* 1 for /, () for the number, 1 for trailing 0. */ - sprintf(speed + strlen(speed), - "/%d", - (def_rspeed > 0) ? def_rspeed : 9600); + snprintf(speed, sizeof(speed), "%s/%d", + (cp = getenv("TERM")) ? cp : "", + (def_rspeed > 0) ? def_rspeed : 9600); len = strlen(speed)+1; write(xpty, speed, len); |