[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Bug#423944: /usr/bin/inetutils-telnet: Complains about ~/.shishi/tickets
From: |
Simon Josefsson |
Subject: |
Bug#423944: /usr/bin/inetutils-telnet: Complains about ~/.shishi/tickets and creates ~/.shishi, for all connections |
Date: |
Thu, 17 Jan 2008 17:16:03 +0100 |
User-agent: |
Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux) |
Hi!
I've pondered this issue, and have reached these conclusions:
1) libshishi should create the directory and user configuration file.
This is needed because the sysadmin may make site-local customization
in the user skeleton file, and for those to take effect, libshishi
needs to copy it to the user home directory.
I did consider whether possibly the command line tool 'shishi' could
be responsible for creating the directory and copying the user
configuration file, but this is not a good idea: it should be
possible to use libshishi from other application, in particular GUI
applications. Invoking the command line tool shouldn't be required.
2) we should minimize the amount of output related to this. With the
shishi in git, I get the following output when running telnet without
a ~/.shishi/:
address@hidden:~$ inetutils-telnet my.nada.kth.se
Trying 130.237.226.234...
Automatic encryption of output is enabled
Will send login name and/or authentication information.
Connected to my.nada.kth.se.
Escape character is '^]'.
libshishi: info: created `/home/jas/.shishi/shishi.conf'
...
After the first invocation, I get:
address@hidden:~$ inetutils-telnet my.nada.kth.se
Trying 130.237.226.234...
Automatic encryption of output is enabled
Will send login name and/or authentication information.
Connected to my.nada.kth.se.
Escape character is '^]'.
...
This seems OK to me, if it would only be printed when the user requests
a Kerberos connection. Which brings us to:
3) telnet should delay initialization of Shishi until it knows that
Kerberos is needed. The patch below achieves this, and the output
when there is no ~/.shishi/ will be:
address@hidden:~/src/inetutils/telnet$ ./telnet my.nada.kth.se
Trying 130.237.226.234...
Encryption is verbose
Connected to my.nada.kth.se.
Escape character is '^]'.
telnetd: Authorization failed.
Connection closed by foreign host.
address@hidden:~/src/inetutils/telnet$ ./telnet -a my.nada.kth.se
Trying 130.237.226.234...
Encryption is verbose
Connected to my.nada.kth.se.
Escape character is '^]'.
libshishi: info: created `/home/jas/.shishi/shishi.conf'
telnetd: Authorization failed.
^CConnection closed by foreign host.
address@hidden:~/src/inetutils/telnet$ ./telnet -a my.nada.kth.se
Trying 130.237.226.234...
Encryption is verbose
Connected to my.nada.kth.se.
Escape character is '^]'.
telnetd: Authorization failed.
^CCConnection closed by foreign host.
address@hidden:~/src/inetutils/telnet$
Thoughts?
/Simon
Index: libtelnet/shishi.c
===================================================================
RCS file: /sources/inetutils/inetutils/libtelnet/shishi.c,v
retrieving revision 1.4
diff -u -p -r1.4 shishi.c
--- libtelnet/shishi.c 29 Jun 2007 16:29:31 -0000 1.4
+++ libtelnet/shishi.c 17 Jan 2008 16:14:19 -0000
@@ -1,4 +1,4 @@
-/* Copyright (C) 2003, 2007 Free Software Foundation, Inc.
+/* Copyright (C) 2003, 2007, 2008 Free Software Foundation, Inc.
This file is part of Shishi / GNU Inetutils.
@@ -58,7 +58,7 @@ static unsigned char str_data[2048] = {
# define KRB_ACCEPT 2 /* Accepted */
# define KRB_RESPONSE 3 /* Response for mutual auth. */
-Shishi *shishi_handle = 0;
+Shishi *shishi_handle = NULL;
Shishi_ap *auth_handle;
# define DEBUG(c) if (auth_debug_mode) printf c
@@ -104,14 +104,29 @@ int
krb5shishi_init (TN_Authenticator * ap, int server)
{
if (server)
+ str_data[3] = TELQUAL_REPLY;
+ else
+ str_data[3] = TELQUAL_IS;
+
+ if (!shishi_check_version (SHISHI_VERSION))
+ return 0;
+
+ return 1;
+}
+
+static int
+delayed_shishi_init (void)
+{
+ if (shishi_handle)
+ return 1;
+
+ if (str_data[3] == TELQUAL_REPLY)
{
- str_data[3] = TELQUAL_REPLY;
if (!shishi_handle && shishi_init_server (&shishi_handle) != SHISHI_OK)
return 0;
}
else
{
- str_data[3] = TELQUAL_IS;
if (!shishi_handle && shishi_init (&shishi_handle) != SHISHI_OK)
return 0;
}
@@ -122,11 +137,11 @@ krb5shishi_init (TN_Authenticator * ap,
void
krb5shishi_cleanup (TN_Authenticator * ap)
{
- if (shishi_handle == 0)
+ if (shishi_handle == NULL)
return;
shishi_done (shishi_handle);
- shishi_handle = 0;
+ shishi_handle = NULL;
}
int
@@ -142,6 +157,12 @@ krb5shishi_send (TN_Authenticator * ap)
char *apreq;
size_t apreq_len;
+ if (!delayed_shishi_init ())
+ {
+ DEBUG (("telnet: Kerberos V5: shishi initialization failed\r\n"));
+ return 0;
+ }
+
tmp = malloc (strlen ("host/") + strlen (RemoteHostName) + 1);
sprintf (tmp, "host/%s", RemoteHostName);
memset (&hint, 0, sizeof (hint));
@@ -382,6 +403,12 @@ krb5shishi_is_auth (TN_Authenticator * a
Session_Key skey;
# endif
+ if (!delayed_shishi_init ())
+ {
+ DEBUG (("telnet: Kerberos V5: shishi initialization failed\r\n"));
+ return 0;
+ }
+
rc = shishi_ap (shishi_handle, &auth_handle);
if (rc != SHISHI_OK)
{
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Bug#423944: /usr/bin/inetutils-telnet: Complains about ~/.shishi/tickets and creates ~/.shishi, for all connections,
Simon Josefsson <=