lunt@CTT.BELLCORE.COM (Steve Lunt) (05/21/91)
When using rlogin -x (encrypted rlogin), the remote system wasn't
putting the hostname into the utmp entry, so a ``who'' wouldn't reveal the
originating host. The following is a fix.
-- Steve
Steven J. Lunt | lunt@ctt.bellcore.com | RRC 1L-213
Computer Security Technology |-------------------------| 444 Hoes Lane
Bellcore | (908) 699-4244 | Piscataway, NJ 08854
s.login.c: 1.6 vs. 1.7
*** /tmp/geta7696 Tue May 21 10:10:42 1991
--- /tmp/getb7696 Tue May 21 10:10:43 1991
***************
*** 41,47 ****
* login -h hostname (for telnetd, etc.)
* login -f name (for pre-authenticated login: datakit, xterm, etc.)
* ifdef KERBEROS
! * login -e name (for pre-authenticated encrypted, must do term
* negotiation)
* login -k hostname (for Kerberos rlogind with password access)
* login -K hostname (for Kerberos rlogind with restricted access)
--- 41,47 ----
* login -h hostname (for telnetd, etc.)
* login -f name (for pre-authenticated login: datakit, xterm, etc.)
* ifdef KERBEROS
! * login -e hostname (for pre-authenticated encrypted, must do term
* negotiation)
* login -k hostname (for Kerberos rlogind with password access)
* login -K hostname (for Kerberos rlogind with restricted access)
***************
*** 195,201 ****
fflag = hflag = pflag = rflag = kflag = Kflag = eflag = 0;
passwd_req = 1;
! while ((ch = getopt(argc, argv, "feh:pr:k:K:")) != EOF)
switch (ch) {
case 'f':
EXCL_TEST;
--- 195,201 ----
fflag = hflag = pflag = rflag = kflag = Kflag = eflag = 0;
passwd_req = 1;
! while ((ch = getopt(argc, argv, "fe:h:pr:k:K:")) != EOF)
switch (ch) {
case 'f':
EXCL_TEST;
***************
*** 270,275 ****
--- 270,279 ----
}
eflag = 1;
passwd_req = 0;
+ if (domain && (p = index(optarg, '.')) &&
+ !strcmp(p, domain))
+ *p = '\0';
+ hostname = optarg;
break;
#endif /* KERBEROS */
case '?':
s.rlogind.c: 1.1 vs. 1.2
*** /tmp/geta7708 Tue May 21 10:11:04 1991
--- /tmp/getb7708 Tue May 21 10:11:04 1991
***************
*** 313,319 ****
syslog(LOG_INFO, "ROOT LOGIN (krb) from %s, %s.%s@%s.",
hp->h_name, kdata->pname, kdata->pinst,
kdata->prealm);
! execl(LOGIN_PROGRAM, "login", "-e", lusername, 0);
#endif
} else {
execl(LOGIN_PROGRAM, "login", "-r", hp->h_name, 0);
--- 313,319 ----
syslog(LOG_INFO, "ROOT LOGIN (krb) from %s, %s.%s@%s.",
hp->h_name, kdata->pname, kdata->pinst,
kdata->prealm);
! execl(LOGIN_PROGRAM, "login", "-e", hp->h_name, lusername, 0);
#endif
} else {
execl(LOGIN_PROGRAM, "login", "-r", hp->h_name, 0);