1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
|
2001-10-18 Ken Raeburn <raeburn@mit.edu>
Don't crash if .k[5]login file ownership is wrong. Patch from
Emily Ratliff, ratliff@austin.ibm.com.
* authorization.c (fowner): Don't close the file even on error.
(krb5_authorization): Close the file if fowner returns FALSE.
2001-02-21 Tom Yu <tlyu@mit.edu>
* setenv.c: Add conditionals for compilation of setenv, unsetenv,
and getenv such that they only get compiled if they don't already
exist.
2000-05-22 Tom Yu <tlyu@mit.edu>
* Makefile.in (OBJS): Put @SETENVOBJ@ on same line as xmalloc.o to
avoid trailing backslash on the end of the variable.
2000-05-15 Ken Raeburn <raeburn@mit.edu>
* ccache.c (krb5_ccache_copy): Modify conditionalized code block
slightly to make automatic indentation work better.
* main.c (main): Complain and quit if prog_name is longer than 50
characters.
2000-04-26 Ken Raeburn <raeburn@mit.edu>
Nalin Dahyabhai <nalin@redhat.com>
* main.c (DEBUG): Don't define.
(usage): Remove -C option from description.
(sweep_up): Deleted second argument; all callers changed.
(main): Support -D option only if DEBUG is defined. Initialize
ruid on entry. Set effective uid to ruid before processing
argument list. Removed -C option from -z/-Z conflict messages.
Report errors trying to stat source ccache using com_err. Verify
that getpwuid's returned data for source user has correct uid.
Eliminate use_source_cache variable.
* ksu.M: Updates for removal of -C option.
2000-01-27 Ken Raeburn <raeburn@mit.edu>
* main.c (print_status): Now static. Add format attribute if
using GNU C.
1999-12-02 Ken Raeburn <raeburn@mit.edu>
* krb_auth_su.c (krb5_get_tkt_via_passwd): Check length of
principal name before copying to fixed-size buffer.
* ccache.c (krb5_ccache_filter): Fix speling error.
(krb5_get_login_princ): Check length of home directory pathname.
* setenv.c: New file, copied from appl/bsd.
* Makefile.in (OBJS): Add @SETENVOBJ@.
(SRCS): Add setenv.c.
* xmalloc.c: New file, providing versions of malloc, calloc,
realloc, and strdup that print messages and exit if memory
allocation fails.
* ksu.h (xmalloc, xrealloc, xcalloc, xstrdup): Declare.
* Makefile.in (SRCS, OBJS): Use it.
* authorization.c, ccache.c, heuristic.c, main.c: Change all calls
to malloc, calloc, realloc, and strdup to call x* versions if the
return value is not checked before use.
* authorization.c (auth_cleanup): Ditch int arguments, check for
null pointers instead.
(krb5_authorization): Update calls. Initialize file pointers to
null.
(init_auth_names): Check for buffer overflow.
(fcmd_resolve): Ensure enough buffer space is allocated.
(find_first_cmd_that_exists): Likewise. Use strcat instead of
sprintf'ing a buffer into itself.
* krb_auth_su.c (dump_principal, plain_dump_principal): Reformat
slightly.
* main.c (cc_source_tag, cc_source_tag_tmp): Now point to const.
(main): Unset environment variable KRB5_CONFIG. Delete -C
option. Force an error if lifetime strings are over 14
characters. Fix error message string if setluid fails. Cast pid
to long for printing. Call krb5_init_secure_context instead of
krb5_init_context and krb5_secure_config_files.
(main): Fix speling error.
(ontty): Check string size.
(get_dir_of_file): Argument now points to const.
* ksu.h (get_dir_of_file): Update declaration.
1999-10-26 Tom Yu <tlyu@mit.edu>
* Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES,
LOCAL_INCLUDES such that one can override CFLAGS from the command
line without losing CPP search patchs and defines. Some associated
Makefile cleanup. [from wsanchez@apple.com]
1999-08-23 Ken Raeburn <raeburn@mit.edu>
* heuristic.c (find_ticket): Use flag KRB5_TC_SUPPORTED_KTYPES
when calling krb5_cc_retrieve_cred.
* krb_auth_su.c (krb5_auth_check, krb5_fast_auth): Ditto.
Fri Mar 12 18:52:18 1999 Tom Yu <tlyu@mit.edu>
* main.c (main): Fix cleanup code for setluid() failure.
Thu Mar 4 18:46:55 1999 Tom Yu <tlyu@mit.edu>
* heuristic.c (get_authorized_princ_names): Fix to not call
list_union() if cmd is NULL, otherwise freed memory gets
referenced. [krb5-clients/698]
Thu Feb 18 22:26:30 1999 Tom Yu <tlyu@mit.edu>
* Makefile.in (ksu): Add $(KSU_LIBS) in case we need -lsecurity.
* main.c (main): Add call to setluid() on systems that have it.
1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
* Makefile.in: Set the myfulldir and mydir variables (which are
relative to buildtop and thisconfigdir, respectively.)
1998-05-06 Theodore Ts'o <tytso@rsts-11.mit.edu>
* main.c (main): POSIX states that getopt returns -1 when it
is done parsing options, not EOF.
Wed Feb 18 15:44:15 1998 Tom Yu <tlyu@mit.edu>
* Makefile.in: Remove trailing slash from thisconfigdir. Fix up
BUILDTOP for new conventions.
Mon Feb 2 17:02:29 1998 Theodore Ts'o <tytso@rsts-11.mit.edu>
* Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile
Wed Feb 4 20:46:49 1998 Tom Yu <tlyu@mit.edu>
* krb_auth_su.c (krb5_verify_tkt_def): If using a pre-existing
credential cache, ensure that the host ticket has not yet
expired. Patch from vwelch@ncsa.uiuc.edu [krb5-clients/545].
Mon Jan 27 16:56:07 1997 Tom Yu <tlyu@mit.edu>
* Makefile.in:
* configure.in: Update to new program build procedure.
Sun Nov 10 20:10:53 1996 Sam Hartman <hartmans@mit.edu>
* krb_auth_su.c (path_passwd;): If you don't have a srvtab, always
fail.
Thu Nov 7 15:41:19 1996 Theodore Ts'o <tytso@rsts-11.mit.edu>
* main.c (main): Check the error return from
krb5_init_context(), and print an error message if
necessary.
Wed Sep 18 15:54:41 1996 Theodore Y. Ts'o <tytso@mit.edu>
* krb_auth_su.c (krb5_get_tkt_via_passwd): Remove call to
krb5_os_localaddr(), since get_in_tkt will default correctly.
Tue Sep 10 14:15:02 1996 Tom Yu <tlyu@mit.edu>
* ksu.M: remove ".so man1/header.doc"
Thu Aug 8 12:31:30 1996 Sam Hartman <hartmans@mit.edu>
* main.c (main): Close source cache before executing command.
Sat May 25 16:11:55 1996 Sam Hartman <hartmans@mit.edu>
* configure.in: Use aname db libs.
Tue May 21 19:14:27 1996 Sam Hartman <hartmans@mit.edu>
* Makefile.in (install): Ignore error return from installation of
ksu; if we can't set the setuid bit (AFS or non-root), we should
still continue.
Mon May 20 00:07:16 1996 Sam Hartman <hartmans@tertius.mit.edu>
* main.c (main): Do not force source cache open if we are going to use it as the target.
Sun May 19 13:41:21 1996 Sam Hartman <hartmans@mit.edu>
* main.c: Force source ccache to stay open between transactions.
Sun May 19 03:24:26 1996 Sam Hartman <hartmans@tertius.mit.edu>
* krb_auth_su.c: Use target uid while creating ccache
* ccache.c: Set uid to target before creating target cache.
* ksu.h: Add target_uid to copy_ccache and copy_ccache_restricted
Sat May 18 16:39:15 1996 Sam Hartman <hartmans@tertius.mit.edu>
* configure.in: Use libkrb5util to get krb5_seteuid
* heuristic.c (get_best_princ_for_target): Remove seteuid around stat call and insert call to krb5_seteuid before accessing .k5login or .k5users.
* main.c (main): Insert appropriate calls to krb5_seteuid so that
files are accessed as appropriate. Also, remove code to copy
tickets obtained while running ksu overthe source cache; this is
not appropriate because it changes the ownership of the source
cache.
Mon May 13 06:50:12 1996 Richard Basch <basch@lehman.com>
* authorization.c: users in the .k5login were not permitted to use
the '-e command' flag; the man page does not indicate this should fail.
All users in .k5login, and those in .k5users (for the specified cmd)
are now allowed to execute commands.
Also, a lot of indentation cleanup was done.
* configure.in heuristic.c:
Before getting the best principal from the ccache, reset the euid;
we don't want to use someone else's ccache.
Also, a lot of indentation cleanup was done.
Wed Apr 10 20:24:49 1996 Richard Basch <basch@lehman.com>
* main.c, krb_auth_su.c: Mostly cosmetic cleanup of output
statements. Also, rather than computing the default host key,
let the library routine do it.
Sun Mar 31 16:48:29 1996 Chris Provenzano <proven@cygnus.com>
* main.c (main): Handle suspend/fg properly.
Fri Mar 29 23:35:53 1996 Chris Provenzano <proven@cygnus.com>
* ccache.c main.c: Remove krb5_ccache_refresh(). All this functionality
is is done in the krb5_ccache_copy(), and the way refresh() was
implemented it was generating a new ccache owner by root (ksu is suid)
over the old ccache, thereby making it possible that programs
accessing the ccache during this time would fail.
Wed Mar 13 17:45:11 1996 Ken Raeburn <raeburn@cygnus.com>
* configure.in: Use AC_HEADER_STDARG.
Wed Nov 8 17:54:11 1995 Theodore Y. Ts'o <tytso@dcl>
* ccache.c (krb5_check_exp): Change use of krb5_clockskew to be
context->clockskew.
Mon Oct 9 23:14:33 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
* main.c (main): Handle case when ticket cache name does not
include ':'
Thu Oct 5 11:23:21 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
* ksu.M: Document authorization changes.
* ksu.1: Remove as was out of date.
* Makefile.in (DEFINES): Remove LOCAL_REALM definition.
* ksu.h: Remove local_realm from krb5_authorization.
* authorization.c (krb5_authorization): Remove old copied code
that is in krb5 library and is out of date. Use the
configurable aname to localname methods.
* main.c (main): Add krb5_secure_config_files so that users cannot
override system config files.
Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu)
* krb_auth_su.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g
Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu)
* krb_auth_su.c : Remove krb5_enctype references, and replace with
krb5_keytype where appropriate.
Mon Aug 21 16:53:40 EDT 1995 Paul Park (pjpark@mit.edu)
* ksu.h - Change lifetime types to krb5_deltat.
* main.c - Use string_to_deltat() to parse lifetimes. Fix gcc -Wall.
* krb_auth_su.c - Fix gcc -Wall. Remove krb5_parse_lifetime() and
convtime(). No longer needed.
* ccache.c - Remove English-specific months and let timestamp_to_
sfstring() handle it. Fix gcc -Wall.
* configure.in - Add -lkadm.
Sat Jul 29 04:41:07 1995 Tom Yu <tlyu@dragons-lair.MIT.EDU>
* configure.in: Don't link with -lkadm.
Tue Jul 11 11:10:13 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
* main.c (main): Remove extraneous argument to call to
krb5_parse_lifetime. Add context argument to call to
plain_dump_principal.
* authorization.c, heuristic.c, krb_auth_su.c: Add prototypes
for static functions. Add missing arguments to
_dbm_an_to_ln call.
* ccache.c: Remove prototype declaration of function now defined
in ksu.h
* ksu.h: Add full prototypes for all functions in program.
Fri Jul 7 15:55:14 EDT 1995 Paul Park (pjpark@mit.edu)
* Makefile.in - Remove explicit library handling and LDFLAGS.
* configure.in - Add USE_KADM_LIBRARY and KRB5_LIBRARIES.
Thu Jul 6 17:30:49 1995 Tom Yu <tlyu@lothlorien.MIT.EDU>
* krb_auth_su.c (krb5_get_tkt_via_passwd): Pass context to
os_localaddr.
Tue Jun 20 14:32:46 1995 Tom Yu (tlyu@dragons-lair)
* main.c: HAS_GETUSERSHELL -> HAVE_GETUSERSHELL
* configure.in: add test for getusershell()
Thu Jun 15 17:46:22 EDT 1995 Paul Park (pjpark@mit.edu)
* Makefile.in - Change explicit library names to -l<lib> form, and
change target link line to use $(LD) and associated flags.
* configure.in - Add shared library usage check.
Fri Jun 9 18:37:43 1995 <tytso@rsx-11.mit.edu>
* configure.in: Remove standardized set of autoconf macros, which
are now handled by CONFIG_RULES.
Tue May 9 15:52:15 1995 Ezra Peisach <epeisach@kangaroo.mit.edu>
* krb_auth_su.c (krb5_auth_check): Add missing context
(wolfgang@wsrcc.com)
* ccache.c (krb5_get_nonexp_tkts): Add missing context
(wolfgang@wsrcc.com)
* heuristic.c (get_best_princ_for_target): Missing context cuased
coredump.
(get_best_princ_for_target): Missing contexts in call to
find_either_ticket.
(find_either_ticket): Missing context in call of find_ticket
(get_best_princ_for_target): Add missing context
Thu Mar 16 20:50:32 1995 John Gilmore (gnu at toad.com)
* configure.in: Replace CHECK_STDARG with AC_CHECK_HEADERS.
* main.c (print_status): Use HAVE_STDARG_H to control whether to
declare with ", ..."; not STDARG_PROTOTYPES.
* ksu.h: Don't include <stdarg.h> or <varargs.h>, since they
are already included by "com_err.h".
Thu Mar 2 12:32:17 1995 Theodore Y. Ts'o <tytso@dcl>
* Makefile.in (ISODELIB): Remove reference to $(ISODELIB).
Wed Mar 1 16:28:36 1995 Theodore Y. Ts'o <tytso@dcl>
* configure.in: Remove ISODE_INCLUDE, replace check for -lsocket
and -lnsl with WITH_NETLIB check.
Tue Feb 28 02:11:21 1995 John Gilmore (gnu at toad.com)
* ksu.h: Avoid <krb5/...> and <com_err.h> includes.
Fri Feb 17 18:10:04 1995 Chris Provenzano (proven@mit.edu)
* krb_auth_su.c krb5_auth_check()) Call krb5_get_cred_from_kdc()
with new calling convention.
Mon Feb 06 17:19:04 1995 Chris Provenzano (proven@mit.edu)
* krb_auth_su.c Removed krb5_keytype, changed krb5_enctype to
krb5_enctype *, changed krb5_preauthtype to krb5_preauthtype *
for krb5_get_in_tkt_with_password() rotuine.
Sat Jan 28 14:45:55 1995 Chris Provenzano (proven@mit.edu)
* krb_auth_su.c (krb5_verify_tkt_def()) use new API for
krb5_kt_get_entry.
Wed Jan 18 12:21:30 1995 <tytso@rsx-11.mit.edu>
* main.c (main): If gethostbyname returns an error, exit after
printing an error message.
Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
* Added krb5_context to all krb5_routines
Mon Oct 3 19:15:28 1994 Theodore Y. Ts'o (tytso@dcl)
* Makefile.in: Use $(srcdir) to find manual page for make install.
Fri Sep 30 22:14:41 1994 Theodore Y. Ts'o (tytso@dcl)
* krb_auth_su.c: Add magic number placeholder to structures.
Tue Aug 9 20:29:47 1994 Tom Yu (tlyu@dragons-lair)
* *.c: "upgrade" to C Classic :-)
Tue Aug 9 00:11:07 1994 Mark Eichin (eichin@cygnus.com)
* main.c: define MAXHOSTNAMELEN if it isn't there already
(print_status): use varargs form as well
* configure.in: check for stdarg.h
Thu Aug 4 03:38:03 1994 Tom Yu (tlyu@dragons-lair)
* Makefile.in: make install fixes
Mon Jul 25 01:23:36 1994 Tom Yu (tlyu@dragons-lair)
* configure.in: check for ndbm/dbm
Thu Jul 21 01:01:20 1994 Tom Yu (tlyu at dragons-lair)
* Makefile.in:
* configure.in: attempt to autoconf
Sat Jul 16 03:02:17 1994 Tom Yu (tlyu at dragons-lair)
* ksu.c: frob error codes
Fri Jul 15 23:45:34 1994 Theodore Y. Ts'o (tytso at tsx-11)
* ksu.c (get_dir_of_file): Change to use POSIX getcwd() function.
|
