From owner-freebsd-bugs  Sat Mar 17 17:40:19 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 5F4B737B71C
	for <freebsd-bugs@hub.freebsd.org>; Sat, 17 Mar 2001 17:40:01 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f2I1e1j85651;
	Sat, 17 Mar 2001 17:40:01 -0800 (PST)
	(envelope-from gnats)
Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44])
	by hub.freebsd.org (Postfix) with ESMTP id A9F1C37B71A
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Mar 2001 17:36:01 -0800 (PST)
	(envelope-from Cy.Schubert@uumail.gov.bc.ca)
Received: (from daemon@localhost)
	by point.osg.gov.bc.ca (8.8.7/8.8.8) id RAA01496
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Mar 2001 17:36:01 -0800
Received: from passer.osg.gov.bc.ca(142.32.110.29)
 via SMTP by point.osg.gov.bc.ca, id smtpda01494; Sat Mar 17 17:35:55 2001
Received: (from uucp@localhost)
	by passer.osg.gov.bc.ca (8.11.2/8.9.1) id f2I1ZoG13472
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 17 Mar 2001 17:35:50 -0800 (PST)
Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com"
 via SMTP by passer9.cwsent.com, id smtpdy13469; Sat Mar 17 17:35:29 2001
Received: (from cy@localhost)
	by cwsys.cwsent.com (8.11.3/8.9.1) id f2I1ZTx13105;
	Sat, 17 Mar 2001 17:35:29 -0800 (PST)
Message-Id: <200103180135.f2I1ZTx13105@cwsys.cwsent.com>
Date: Sat, 17 Mar 2001 17:35:29 -0800 (PST)
From: Cy.Schubert@uumail.gov.bc.ca
Reply-To: Cy.Schubert@uumail.gov.bc.ca
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.113
Subject: bin/25885: telnetd -a off broken
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         25885
>Category:       bin
>Synopsis:       telnet -a off still uses SRA authentication
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Mar 17 17:40:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     
>Release:        FreeBSD 4.3-BETA i386
>Organization:
ITSD Province of BC
>Environment:
System: FreeBSD cwsys 4.3-BETA FreeBSD 4.3-BETA #0: Fri Mar 16 18:50:45 PST 2001 root@cwsys:/opt/cvs-430b/src/sys/compile/CWSYS i386


>Description:
	"telnetd -a off" continues to use SRA.  The man page documents
	it should not.
>How-To-Repeat:
	Telnet from a FreeBSD system to a FreeBSD system which has
	"telnetd -a off" specified in inetd.conf.
>Fix:

The following patch fixes src/libexec/telnetd and src/crypto/telnet/telnetd.

--- src/libexec/telnetd/state.c.orig	Mon Mar  5 03:25:26 2001
+++ src/libexec/telnetd/state.c	Sat Mar 17 16:45:15 2001
@@ -564,8 +564,10 @@
 
 #ifdef	AUTHENTICATION
 		case TELOPT_AUTHENTICATION:
-			func = auth_request;
-			changeok++;
+			if (auth_level >= 0) {
+				func = auth_request;
+				changeok++;
+			}
 			break;
 #endif
 
@@ -624,7 +626,8 @@
 
 #ifdef	AUTHENTICATION
 		case TELOPT_AUTHENTICATION:
-			func = auth_request;
+			if (auth_level >= 0)
+				func = auth_request;
 			break;
 #endif
 
@@ -724,7 +727,8 @@
 
 #if	defined(AUTHENTICATION)
 		case TELOPT_AUTHENTICATION:
-			auth_finished(0, AUTH_REJECT);
+			if (auth_level >= 0)
+				auth_finished(0, AUTH_REJECT);
 			break;
 #endif
 
@@ -777,7 +781,8 @@
 
 #if	defined(AUTHENTICATION)
 		case TELOPT_AUTHENTICATION:
-			auth_finished(0, AUTH_REJECT);
+			if (auth_level >= 0)
+				auth_finished(0, AUTH_REJECT);
 			break;
 #endif
 		default:
@@ -1418,6 +1423,8 @@
     }  /* end of case TELOPT_NEW_ENVIRON */
 #if	defined(AUTHENTICATION)
     case TELOPT_AUTHENTICATION:
+	if (auth_level < 0)
+		break;
 	if (SB_EOF())
 		break;
 	switch(SB_GET()) {
--- src/libexec/telnetd/telnetd.c.orig	Mon Mar  5 03:26:45 2001
+++ src/libexec/telnetd/telnetd.c	Sat Mar 17 16:28:56 2001
@@ -616,14 +616,16 @@
 
     settimer(baseline);
 #if	defined(AUTHENTICATION)
-    /*
-     * Handle the Authentication option before we do anything else.
-     */
-    send_do(TELOPT_AUTHENTICATION, 1);
-    while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
-	ttloop();
-    if (his_state_is_will(TELOPT_AUTHENTICATION)) {
-	retval = auth_wait(name);
+    if (auth_level >= 0) 
+	/*
+	 * Handle the Authentication option before we do anything else.
+	 */
+	send_do(TELOPT_AUTHENTICATION, 1);
+	while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
+	    ttloop();
+	if (his_state_is_will(TELOPT_AUTHENTICATION)) {
+	    retval = auth_wait(name);
+	}
     }
 #endif
 
--- src/libexec/telnetd/utility.c.orig	Mon Oct 30 21:31:47 2000
+++ src/libexec/telnetd/utility.c	Sat Mar 17 16:45:25 2001
@@ -971,6 +971,8 @@
 
 #if	defined(AUTHENTICATION)
 	case TELOPT_AUTHENTICATION:
+	    if (auth_level < 0)
+		break;
 	    sprintf(nfrontp, "AUTHENTICATION");
 	    nfrontp += strlen(nfrontp);
 
--- src/crypto/telnet/telnetd/state.c.orig	Fri Aug 27 18:26:15 1999
+++ src/crypto/telnet/telnetd/state.c	Sat Mar 17 16:52:41 2001
@@ -582,8 +582,10 @@
 
 #ifdef	AUTHENTICATION
 		case TELOPT_AUTHENTICATION:
-			func = auth_request;
-			changeok++;
+			if (auth_level >= 0) {
+				func = auth_request;
+				changeok++;
+			}
 			break;
 #endif
 
@@ -648,7 +650,8 @@
 
 #ifdef	AUTHENTICATION
 		case TELOPT_AUTHENTICATION:
-			func = auth_request;
+			if (auth_level >= 0)
+				func = auth_request;
 			break;
 #endif
 
@@ -752,7 +755,8 @@
 
 #if	defined(AUTHENTICATION)
 		case TELOPT_AUTHENTICATION:
-			auth_finished(0, AUTH_REJECT);
+			if (auth_level >= 0)
+				auth_finished(0, AUTH_REJECT);
 			break;
 #endif
 
@@ -805,7 +809,9 @@
 
 #if	defined(AUTHENTICATION)
 		case TELOPT_AUTHENTICATION:
-			auth_finished(0, AUTH_REJECT);
+			if (auth_level >= 0) {
+				auth_finished(0, AUTH_REJECT);
+			}
 			break;
 #endif
 		default:
@@ -1451,6 +1457,8 @@
     }  /* end of case TELOPT_NEW_ENVIRON */
 #if	defined(AUTHENTICATION)
     case TELOPT_AUTHENTICATION:
+	if (auth_level < 0)
+		break;
 	if (SB_EOF())
 		break;
 	switch(SB_GET()) {
--- src/crypto/telnet/telnetd/telnetd.c.orig	Mon Mar  5 03:35:42 2001
+++ src/crypto/telnet/telnetd/telnetd.c	Sat Mar 17 17:08:49 2001
@@ -640,14 +640,16 @@
 
     settimer(baseline);
 #if	defined(AUTHENTICATION)
-    /*
-     * Handle the Authentication option before we do anything else.
-     */
-    send_do(TELOPT_AUTHENTICATION, 1);
-    while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
-	ttloop();
-    if (his_state_is_will(TELOPT_AUTHENTICATION)) {
-	retval = auth_wait(name);
+	if (auth_level >= 0)
+	/*
+	 * Handle the Authentication option before we do anything else.
+	 */
+	send_do(TELOPT_AUTHENTICATION, 1);
+	while (his_will_wont_is_changing(TELOPT_AUTHENTICATION))
+	    ttloop();
+	if (his_state_is_will(TELOPT_AUTHENTICATION)) {
+	    retval = auth_wait(name);
+	}
     }
 #endif
 
--- src/crypto/telnet/telnetd/utility.c.orig	Mon Mar  5 03:37:25 2001
+++ src/crypto/telnet/telnetd/utility.c	Sat Mar 17 16:54:59 2001
@@ -1012,6 +1012,8 @@
 
 #if	defined(AUTHENTICATION)
 	case TELOPT_AUTHENTICATION:
+	    if (auth_level < 0)
+		break;
 	    sprintf(nfrontp, "AUTHENTICATION");
 	    nfrontp += strlen(nfrontp);
 
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message