Index: acct.c =================================================================== RCS file: /networking/master_src/tac_plus/acct.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -c -r1.1.1.2 -r1.2 *** acct.c 1998/07/02 19:34:01 1.1.1.2 --- acct.c 1998/07/27 21:48:56 1.2 *************** *** 108,118 **** identity.NAS_port = tac_make_string(p, (int)acct_pak->port_len); p += acct_pak->port_len; if (acct_pak->port_len <= 0) { ! strcpy(session.port, "unknown-port"); } else { ! strcpy(session.port, identity.NAS_port); } ! identity.NAC_address = tac_make_string(p, (int)acct_pak->rem_addr_len); p += acct_pak->rem_addr_len; --- 108,118 ---- identity.NAS_port = tac_make_string(p, (int)acct_pak->port_len); p += acct_pak->port_len; if (acct_pak->port_len <= 0) { ! tac_strcpy(session.port, "unknown-port",NAS_PORT_MAX_LEN); } else { ! tac_strcpy(session.port, identity.NAS_port,NAS_PORT_MAX_LEN); } ! identity.NAC_address = tac_make_string(p, (int)acct_pak->rem_addr_len); p += acct_pak->rem_addr_len; Index: authen.c =================================================================== RCS file: /networking/master_src/tac_plus/authen.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -c -r1.1.1.2 -r1.2 *** authen.c 1998/07/02 19:34:01 1.1.1.2 --- authen.c 1998/07/27 21:48:57 1.2 *************** *** 99,108 **** p += start->port_len; if (start->port_len <= 0) { ! strcpy(session.port, "unknown-port"); } else { ! strcpy(session.port, identity.NAS_port); } identity.NAC_address = tac_make_string(p, (int)start->rem_addr_len); p += start->rem_addr_len; --- 99,109 ---- p += start->port_len; if (start->port_len <= 0) { ! strncpy(session.port, "unknown-port",NAS_PORT_MAX_LEN); } else { ! strncpy(session.port, identity.NAS_port,NAS_PORT_MAX_LEN); } + session.port[NAS_PORT_MAX_LEN] ='\0' ; identity.NAC_address = tac_make_string(p, (int)start->rem_addr_len); p += start->rem_addr_len; Index: author.c =================================================================== RCS file: /networking/master_src/tac_plus/author.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -c -r1.1.1.2 -r1.2 *** author.c 1998/07/02 19:34:02 1.1.1.2 --- author.c 1998/07/27 21:48:58 1.2 *************** *** 85,95 **** identity.NAS_port = tac_make_string(p, (int)apak->port_len); p += apak->port_len; if (apak->port_len <= 0) { ! strcpy(session.port, "unknown-port"); } else { ! strcpy(session.port, identity.NAS_port); } ! identity.NAC_address = tac_make_string(p, (int)apak->rem_addr_len); p += apak->rem_addr_len; --- 85,95 ---- identity.NAS_port = tac_make_string(p, (int)apak->port_len); p += apak->port_len; if (apak->port_len <= 0) { ! tac_strcpy(session.port, "unknown-port",NAS_PORT_MAX_LEN); } else { ! tac_strcpy(session.port, identity.NAS_port,NAS_PORT_MAX_LEN); } ! identity.NAC_address = tac_make_string(p, (int)apak->rem_addr_len); p += apak->rem_addr_len; Index: choose_authen.c =================================================================== RCS file: /networking/master_src/tac_plus/choose_authen.c,v retrieving revision 1.1.1.2 retrieving revision 1.7 diff -c -r1.1.1.2 -r1.7 *** choose_authen.c 1998/07/02 19:34:02 1.1.1.2 --- choose_authen.c 1998/07/27 21:48:58 1.7 *************** *** 59,65 **** break; } type->authen_func = enable_fn; ! strcpy(type->authen_name, "enable_fn"); return (CHOOSE_OK); } return(choose_login(data, type)); --- 59,67 ---- break; } type->authen_func = enable_fn; ! strncpy(type->authen_name, "enable_fn",AUTHEN_NAME_SIZE); ! type->authen_name[AUTHEN_NAME_SIZE] = '\0' ; ! return (CHOOSE_OK); } return(choose_login(data, type)); *************** *** 92,97 **** --- 94,100 ---- { char *name = data->NAS_id->username; char *cfg_passwd; + switch(type->authen_type) { case TAC_PLUS_AUTHEN_TYPE_ASCII: *************** *** 106,118 **** /* Does this user require s/key? */ cfg_passwd = cfg_get_login_secret(name, TAC_PLUS_RECURSE); if (cfg_passwd && STREQ(cfg_passwd, "skey")) { if (debug & DEBUG_PASSWD_FLAG) report(LOG_DEBUG, "%s %s: user %s requires skey", session.peer, session.port, name); #ifdef SKEY type->authen_func = skey_fn; ! strcpy(type->authen_name, "skey_fn"); return (CHOOSE_OK); #else /* SKEY */ report(LOG_ERR, --- 109,122 ---- /* Does this user require s/key? */ cfg_passwd = cfg_get_login_secret(name, TAC_PLUS_RECURSE); + if (cfg_passwd && STREQ(cfg_passwd, "skey")) { if (debug & DEBUG_PASSWD_FLAG) report(LOG_DEBUG, "%s %s: user %s requires skey", session.peer, session.port, name); #ifdef SKEY type->authen_func = skey_fn; ! tac_strcpy(type->authen_name, "skey_fn",AUTHEN_NAME_SIZE); return (CHOOSE_OK); #else /* SKEY */ report(LOG_ERR, *************** *** 121,131 **** session.peer, session.port); return(CHOOSE_FAILED); #endif /* SKEY */ ! } /* Not an skey user. Must be none, des, cleartext or file password */ type->authen_func = default_fn; ! strcpy(type->authen_name, "default_fn"); return (CHOOSE_OK); case TAC_PLUS_AUTHEN_TYPE_ARAP: --- 125,158 ---- session.peer, session.port); return(CHOOSE_FAILED); #endif /* SKEY */ ! } ! #ifdef USE_KRB4 ! if (cfg_passwd && STREQ(cfg_passwd, "kerberos4")) { ! if (debug & DEBUG_PASSWD_FLAG) ! report(LOG_DEBUG, "%s %s: user %s requires kerberos4", ! session.peer, session.port, name); ! type->authen_func = kerberos4_fn; ! tac_strcpy(type->authen_name, "kerberos4_fn",AUTHEN_NAME_SIZE); ! return (CHOOSE_OK); ! } ! #endif ! ! #ifdef USE_KRB5 ! if (cfg_passwd && STREQ(cfg_passwd, "kerberos5")) { ! if (debug & DEBUG_PASSWD_FLAG) ! report(LOG_DEBUG, "%s %s: user %s requires kerberos5", ! session.peer, session.port, name); ! type->authen_func = kerberos5_fn; ! tac_strcpy(type->authen_name, "kerberos5_fn",AUTHEN_NAME_SIZE); ! return (CHOOSE_OK); ! } ! ! #endif ! /* Not an skey user. Must be none, des, cleartext or file password */ type->authen_func = default_fn; ! tac_strcpy(type->authen_name, "default_fn",AUTHEN_NAME_SIZE); return (CHOOSE_OK); case TAC_PLUS_AUTHEN_TYPE_ARAP: *************** *** 159,168 **** #endif /* MSCHAP */ case TAC_PLUS_AUTHEN_TYPE_PAP: case TAC_PLUS_AUTHEN_TYPE_CHAP: if (session.version == TAC_PLUS_VER_0) { type->authen_func = default_v0_fn; ! strcpy(type->authen_name, "default_v0_fn"); return (CHOOSE_OK); } --- 186,197 ---- #endif /* MSCHAP */ case TAC_PLUS_AUTHEN_TYPE_PAP: + + case TAC_PLUS_AUTHEN_TYPE_CHAP: if (session.version == TAC_PLUS_VER_0) { type->authen_func = default_v0_fn; ! tac_strcpy(type->authen_name, "default_v0_fn",AUTHEN_NAME_SIZE); return (CHOOSE_OK); } *************** *** 174,181 **** session.peer, session.port); return (CHOOSE_FAILED); } type->authen_func = default_fn; ! strcpy(type->authen_name, "default_fn"); return (CHOOSE_OK); default: --- 203,237 ---- session.peer, session.port); return (CHOOSE_FAILED); } + + cfg_passwd = cfg_get_login_secret(name, TAC_PLUS_RECURSE); + /* We can do PAP with krb, we can't do chap */ + if ( type->authen_type == TAC_PLUS_AUTHEN_TYPE_PAP ) { + #ifdef USE_KRB4 + if (cfg_passwd && STREQ(cfg_passwd, "kerberos4")) { + if (debug & DEBUG_PASSWD_FLAG) + report(LOG_DEBUG, "%s %s: user %s requires kerberos4", + session.peer, session.port, name); + type->authen_func = kerberos4_fn; + tac_strcpy(type->authen_name, "kerberos4_fn",AUTHEN_NAME_SIZE); + return (CHOOSE_OK); + } + #endif + + #ifdef USE_KRB5 + if (cfg_passwd && STREQ(cfg_passwd, "kerberos5")) { + if (debug & DEBUG_PASSWD_FLAG) + report(LOG_DEBUG, "%s %s: user %s requires kerberos5", + session.peer, session.port, name); + type->authen_func = kerberos5_fn; + tac_strcpy(type->authen_name, "kerberos5_fn",AUTHEN_NAME_SIZE); + return (CHOOSE_OK); + } + + #endif + } type->authen_func = default_fn; ! tac_strcpy(type->authen_name, "default_fn",AUTHEN_NAME_SIZE); return (CHOOSE_OK); default: *************** *** 229,235 **** return (CHOOSE_FAILED); } type->authen_func = sendauth_fn; ! strcpy(type->authen_name, "sendauth_fn"); return (CHOOSE_OK); default: --- 285,291 ---- return (CHOOSE_FAILED); } type->authen_func = sendauth_fn; ! tac_strcpy(type->authen_name, "sendauth_fn",AUTHEN_NAME_SIZE); return (CHOOSE_OK); default: *************** *** 273,279 **** } type->authen_func = sendpass_fn; ! strcpy(type->authen_name, "sendpass_fn"); return (CHOOSE_OK); default: --- 329,335 ---- } type->authen_func = sendpass_fn; ! tac_strcpy(type->authen_name, "sendpass_fn",AUTHEN_NAME_SIZE); return (CHOOSE_OK); default: Index: config.c =================================================================== RCS file: /networking/master_src/tac_plus/config.c,v retrieving revision 1.1.1.2 retrieving revision 1.7 diff -c -r1.1.1.2 -r1.7 *** config.c 1998/07/02 19:34:03 1.1.1.2 --- config.c 1998/08/14 00:34:11 1.7 *************** *** 32,38 **** default authorization = permit | key = ! := default authentication = file := permit | deny --- 32,44 ---- default authorization = permit | key = ! := default authentication = file | ! #ifdef USE_KRB4 ! kerberos4 | ! #endif ! #ifdef USE_KRB5 ! kerberos5 ! #endif := permit | deny *************** *** 47,53 **** } := file | ! skey | cleartext | des | nopassword --- 53,65 ---- } := file | ! skey | ! #ifdef USE_KRB4 ! kerberos4 | ! #endif ! #ifdef USE_KRB5 ! kerberos5 | ! #endif cleartext | des | nopassword *************** *** 497,502 **** --- 509,515 ---- static int parse_decls() { + char buf[256] ; no_user_dflt = 0; /* default if user doesn't exist */ sym_code = 0; *************** *** 543,550 **** } parse(S_authentication); parse(S_separator); ! parse(S_file); ! authen_default = tac_strdup(sym_buf); sym_get(); continue; --- 556,601 ---- } parse(S_authentication); parse(S_separator); ! /* I'd like to use kerberosX here. Need to think about this */ ! switch(sym_code) { ! ! case S_skey: ! authen_default = tac_strdup(sym_buf); ! break; ! #ifdef USE_KRB4 ! case S_kerberos4: ! authen_default = tac_strdup(sym_buf); ! break; ! #endif ! #ifdef USE_KRB5 ! case S_kerberos5: ! authen_default = tac_strdup(sym_buf); ! break; ! #endif ! case S_nopasswd: ! /* set to dummy string, so that we detect a duplicate ! * password definition attempt ! */ ! authen_default = tac_strdup(nopasswd_str); ! ! break; ! ! case S_file: ! case S_cleartext: ! case S_des: ! sprintf(buf, "%s ", sym_buf); ! sym_get(); ! tac_strcat(buf, sym_buf,MAX_INPUT_LINE_LEN); ! authen_default = tac_strdup(buf); ! break; ! ! default: ! parse_error( ! "expecting 'file', 'cleartext', 'nopassword', 'skey', or 'des' keyword after 'login =' on line %d", ! sym_line); ! } ! ! sym_get(); continue; *************** *** 693,699 **** case S_skey: user->login = tac_strdup(sym_buf); break; ! case S_nopasswd: /* set to dummy string, so that we detect a duplicate * password definition attempt --- 744,759 ---- case S_skey: user->login = tac_strdup(sym_buf); break; ! #ifdef USE_KRB4 ! case S_kerberos4: ! user->login = tac_strdup(sym_buf); ! break; ! #endif ! #ifdef USE_KRB5 ! case S_kerberos5: ! user->login = tac_strdup(sym_buf); ! break; ! #endif case S_nopasswd: /* set to dummy string, so that we detect a duplicate * password definition attempt *************** *** 707,719 **** case S_des: sprintf(buf, "%s ", sym_buf); sym_get(); ! strcat(buf, sym_buf); user->login = tac_strdup(buf); break; default: parse_error( ! "expecting 'file', 'cleartext', 'nopassword', 'skey', or 'des' keyword after 'login =' on line %d", sym_line); } sym_get(); --- 767,787 ---- case S_des: sprintf(buf, "%s ", sym_buf); sym_get(); ! tac_strcat(buf, sym_buf,MAX_INPUT_LINE_LEN); user->login = tac_strdup(buf); break; default: parse_error( ! #ifdef USE_KRB4 ! #ifdef USE_KRB5 ! "expecting 'file', 'cleartext', 'nopassword', 'skey', 'kerberos4', 'kerberos5' or 'des' keyword after 'login =' on line %d", ! #else ! "expecting 'file', 'cleartext', 'nopassword', 'skey', 'kerberos4', or 'des' keyword after 'login =' on line %d", ! #endif ! #else ! "expecting 'file', 'cleartext', 'nopassword', 'skey' or 'des' keyword after 'login =' on line %d", ! #endif sym_line); } sym_get(); *************** *** 752,758 **** parse(S_separator); sprintf(buf, "%s ", sym_buf); parse(S_cleartext); ! strcat(buf, sym_buf); if (save_sym == S_arap) fieldp = &user->arap; --- 820,826 ---- parse(S_separator); sprintf(buf, "%s ", sym_buf); parse(S_cleartext); ! tac_strcat(buf, sym_buf,MAX_INPUT_LINE_LEN); if (save_sym == S_arap) fieldp = &user->arap; *************** *** 938,948 **** } result->type = optional ? N_optarg : N_arg; ! strcpy(buf, sym_buf); parse(S_string); ! strcat(buf, sym_buf); parse(S_separator); ! strcat(buf, sym_buf); parse(S_string); result->value = tac_strdup(buf); --- 1006,1016 ---- } result->type = optional ? N_optarg : N_arg; ! tac_strcpy(buf, sym_buf,MAX_INPUT_LINE_LEN); parse(S_string); ! tac_strcat(buf, sym_buf,MAX_INPUT_LINE_LEN); parse(S_separator); ! tac_strcat(buf, sym_buf,MAX_INPUT_LINE_LEN); parse(S_string); result->value = tac_strdup(buf); *************** *** 1005,1023 **** goto next; case '=': ! strcpy(sym_buf, "="); sym_code = S_separator; rch(); return; case '{': ! strcpy(sym_buf, "{"); sym_code = S_openbra; rch(); return; case '}': ! strcpy(sym_buf, "}"); sym_code = S_closebra; rch(); return; --- 1073,1091 ---- goto next; case '=': ! tac_strcpy(sym_buf, "=",MAX_INPUT_LINE_LEN); sym_code = S_separator; rch(); return; case '{': ! tac_strcpy(sym_buf, "{",MAX_INPUT_LINE_LEN); sym_code = S_openbra; rch(); return; case '}': ! tac_strcpy(sym_buf, "}",MAX_INPUT_LINE_LEN); sym_code = S_closebra; rch(); return; *************** *** 1435,1441 **** char *user; { ! return (cfg_get_pvalue(user, TAC_IS_USER, S_login, recurse)); } /* return value of the nopasswd field. If none, try groups she is a member --- 1503,1523 ---- char *user; { ! char *value ; ! value = cfg_get_pvalue(user, TAC_IS_USER, S_login, recurse); ! #if defined (USE_KRB4) || defined ( USE_KRB5 ) ! if ( value == NULL ) { ! value = cfg_get_authen_default() ; ! if ( STREQ(value,"kerberos4") || ! STREQ(value,"kerberos5") ) { /* this is want I want you could add ! other stuff like skey here */ ! return (value ) ; ! } else { ! value = NULL ; ! } ! } ! #endif ! return( value) ; } /* return value of the nopasswd field. If none, try groups she is a member Index: default_fn.c =================================================================== RCS file: /networking/master_src/tac_plus/default_fn.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -c -r1.1.1.2 -r1.2 *** default_fn.c 1998/07/02 19:34:11 1.1.1.2 --- default_fn.c 1998/07/27 21:48:59 1.2 *************** *** 427,433 **** arap_verify(data) struct authen_data *data; { ! char nas_chal[8], r_chal[8], r_resp[8], secret[8]; char *name, *cfg_secret, *exp_date, *p; if (!(char) data->NAS_id->username[0]) { --- 427,433 ---- arap_verify(data) struct authen_data *data; { ! char nas_chal[8], r_chal[8], r_resp[8], secret[9]; char *name, *cfg_secret, *exp_date, *p; if (!(char) data->NAS_id->username[0]) { *************** *** 471,477 **** } /* need to allocate 8 bytes for secret, even if it's actually shorter */ bzero(secret, sizeof(secret)); ! strcpy(secret, p); pw_bitshift(secret); --- 471,477 ---- } /* need to allocate 8 bytes for secret, even if it's actually shorter */ bzero(secret, sizeof(secret)); ! tac_strcpy(secret, p,sizeof(secret)); pw_bitshift(secret); Index: programs.c =================================================================== RCS file: /networking/master_src/tac_plus/programs.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -c -r1.1.1.2 -r1.2 *** programs.c 1998/07/02 19:34:09 1.1.1.2 --- programs.c 1998/07/27 21:49:01 1.2 *************** *** 292,298 **** *bufp = '\0'; out = read_args(n + 1, fd); out[n] = (char *) tac_malloc(strlen(buf) + 1); ! strcpy(out[n], buf); return (out); } /* eof */ --- 292,298 ---- *bufp = '\0'; out = read_args(n + 1, fd); out[n] = (char *) tac_malloc(strlen(buf) + 1); ! tac_strcpy(out[n], buf,sizeof(out[n])); return (out); } /* eof */ Index: regexp.c =================================================================== RCS file: /networking/master_src/tac_plus/regexp.c,v retrieving revision 1.1.1.2 retrieving revision 1.2 diff -c -r1.1.1.2 -r1.2 *** regexp.c 1998/07/02 19:34:09 1.1.1.2 --- regexp.c 1998/07/27 21:49:01 1.2 *************** *** 1128,1134 **** register char *p; static char buf[50]; ! (void) strcpy(buf, ":"); switch (OP(op)) { case BOL: --- 1128,1134 ---- register char *p; static char buf[50]; ! (void) tac_strcpy(buf, ":",sizeof(buf)); switch (OP(op)) { case BOL: *************** *** 1196,1202 **** break; } if (p != NULL) ! (void) strcat(buf, p); return(buf); } #endif --- 1196,1202 ---- break; } if (p != NULL) ! (void) tac_strcat(buf, p,sizeof(buf)); return(buf); } #endif Index: tac_plus.c =================================================================== RCS file: /networking/master_src/tac_plus/tac_plus.c,v retrieving revision 1.1.1.2 retrieving revision 1.5 diff -c -r1.1.1.2 -r1.5 *** tac_plus.c 1998/07/02 19:34:07 1.1.1.2 --- tac_plus.c 1998/08/12 20:13:17 1.5 *************** *** 25,32 **** --- 25,34 ---- #include "tac_plus.h" #include "sys/wait.h" #include "signal.h" + #include static int standalone = 1; /* running standalone (1) or under inetd (0) */ + static int frominit = 0; /* running out of init */ static int initialised = 0; /* data structures have been allocated */ int sendauth_only = 0; /* don't respond to sendpass requests */ int debug = 0; /* debugging flags */ *************** *** 37,43 **** struct session session; /* session data */ ! static char pidfilebuf[75]; /* holds current name of the pidfile */ void start_session(); --- 39,45 ---- struct session session; /* session data */ ! static char pidfilebuf[PATH_MAX]; /* holds current name of the pidfile */ void start_session(); *************** *** 84,90 **** report(LOG_INFO, "Reading config"); ! session.acctfile = tac_strdup("/var/tmp/acctfile"); if (!session.cfgfile) { report(LOG_ERR, "no config file specified"); --- 86,92 ---- report(LOG_INFO, "Reading config"); ! session.acctfile = tac_strdup(ACCTFILE_DEFAULT); if (!session.cfgfile) { report(LOG_ERR, "no config file specified"); *************** *** 212,218 **** if (argc <= 1) { fprintf(stderr, "Usage: tac_plus -C \n"); fprintf(stderr, "\t[ -t ] [ -P ] [ -g ] [ -p ]\n"); ! fprintf(stderr, "\t[ -d ] [ -i ] [ -v ] [ -s ]\n"); fprintf(stderr, "\t[ -l logfile ]"); #ifdef MAXSESS fprintf(stderr, " [ -w whologfile ]"); --- 214,220 ---- if (argc <= 1) { fprintf(stderr, "Usage: tac_plus -C \n"); fprintf(stderr, "\t[ -t ] [ -P ] [ -g ] [ -p ]\n"); ! fprintf(stderr, "\t[ -d ] [-I] [ -i ] [ -v ] [ -s ]\n"); fprintf(stderr, "\t[ -l logfile ]"); #ifdef MAXSESS fprintf(stderr, " [ -w whologfile ]"); *************** *** 221,227 **** tac_exit(1); } ! while ((c = getopt(argc, argv, "td:C:ip:PgvsLl:w:")) != EOF) switch (c) { case 'L': /* lookup peer names via DNS */ lookup_peer++; --- 223,229 ---- tac_exit(1); } ! while ((c = getopt(argc, argv, "td:C:iIp:PgvsLl:w:")) != EOF) switch (c) { case 'L': /* lookup peer names via DNS */ lookup_peer++; *************** *** 253,258 **** --- 255,263 ---- case 'i': /* stand-alone */ standalone = 0; break; + case 'I': /* from init */ + frominit = 1 ; + break ; case 'l': /* logfile */ logfile = tac_strdup(optarg); break; *************** *** 332,388 **** signal(SIGHUP, SIG_IGN); ! if ((childpid = fork()) < 0) report(LOG_ERR, "Can't fork first child"); ! else if (childpid > 0) exit(0); /* parent */ ! if (debug) report(LOG_DEBUG, "Backgrounded"); ! #ifndef REAPCHILD #ifdef LINUX ! if (setpgrp() == -1) #else /* LINUX */ ! if (setpgrp(0, getpid()) == -1) #endif /* LINUX */ ! report(LOG_ERR, "Can't change process group"); ! c = open("/dev/tty", O_RDWR); ! if (c >= 0) { ioctl(c, TIOCNOTTY, (char *) 0); (void) close(c); ! } ! signal(SIGCHLD, reapchild); #else /* REAPCHILD */ ! if (setpgrp() == 1) report(LOG_ERR, "Can't change process group"); ! signal(SIGHUP, SIG_IGN); ! if ((childpid = fork()) < 0) report(LOG_ERR, "Can't fork second child"); ! else if (childpid > 0) exit(0); ! if (debug & DEBUG_FORK_FLAG) report(LOG_DEBUG, "Forked grandchild"); ! signal(SIGCHLD, SIG_IGN); #endif /* REAPCHILD */ ! closelog(); /* some systems require this */ ! for (c = 0; c < getdtablesize(); c++) (void) close(c); ! /* make sure we can still log to syslog now we've closed everything */ ! open_logfile(); } /* ! single threaded */ ostream = NULL; --- 337,395 ---- signal(SIGHUP, SIG_IGN); ! if ( !frominit ) { ! if ((childpid = fork()) < 0) report(LOG_ERR, "Can't fork first child"); ! else if (childpid > 0) exit(0); /* parent */ ! if (debug) report(LOG_DEBUG, "Backgrounded"); ! #ifndef REAPCHILD #ifdef LINUX ! if (setpgrp() == -1) #else /* LINUX */ ! if (setpgrp(0, getpid()) == -1) #endif /* LINUX */ ! report(LOG_ERR, "Can't change process group"); ! c = open("/dev/tty", O_RDWR); ! if (c >= 0) { ioctl(c, TIOCNOTTY, (char *) 0); (void) close(c); ! } ! signal(SIGCHLD, reapchild); #else /* REAPCHILD */ ! if (setpgrp() == 1) report(LOG_ERR, "Can't change process group"); ! signal(SIGHUP, SIG_IGN); ! if ((childpid = fork()) < 0) report(LOG_ERR, "Can't fork second child"); ! else if (childpid > 0) exit(0); ! if (debug & DEBUG_FORK_FLAG) report(LOG_DEBUG, "Forked grandchild"); ! signal(SIGCHLD, SIG_IGN); #endif /* REAPCHILD */ ! closelog(); /* some systems require this */ ! for (c = 0; c < getdtablesize(); c++) (void) close(c); ! /* make sure we can still log to syslog now we've closed everything */ ! open_logfile(); + } /* ! frominit */ } /* ! single threaded */ ostream = NULL; *************** *** 403,409 **** } if (port == TAC_PLUS_PORT) { ! strcpy(pidfilebuf, TAC_PLUS_PIDFILE); } else { sprintf(pidfilebuf, "%s.%d", TAC_PLUS_PIDFILE, port); } --- 410,416 ---- } if (port == TAC_PLUS_PORT) { ! tac_strcpy(pidfilebuf, TAC_PLUS_PIDFILE,PATH_MAX); } else { sprintf(pidfilebuf, "%s.%d", TAC_PLUS_PIDFILE, port); } Index: tac_plus.h =================================================================== RCS file: /networking/master_src/tac_plus/tac_plus.h,v retrieving revision 1.1.1.2 retrieving revision 1.4 diff -c -r1.1.1.2 -r1.4 *** tac_plus.h 1998/07/02 19:34:15 1.1.1.2 --- tac_plus.h 1998/08/12 20:13:18 1.4 *************** *** 697,702 **** --- 697,708 ---- extern int default_fn(); extern int default_v0_fn(); extern int skey_fn(); + #ifdef USE_KRB4 + extern int kerberos4_fn(); + #endif + #ifdef USE_KRB5 + extern int kerberos5_fn(); + #endif #ifdef MSCHAP extern void mschap_lmchallengeresponse(); extern void mschap_ntchallengeresponse(); *************** *** 724,728 **** #endif /* MAXSESS */ ! #define LOGFILE_DEFAULT "/var/tmp/tac_plus.log" extern char *logfile; --- 730,735 ---- #endif /* MAXSESS */ ! #define LOGFILE_DEFAULT "/var/log/tac_plus.log" ! #define ACCTFILE_DEFAULT "/var/log/acctfile" extern char *logfile; Index: utils.c =================================================================== RCS file: /networking/master_src/tac_plus/utils.c,v retrieving revision 1.1.1.2 retrieving revision 1.3 diff -c -r1.1.1.2 -r1.3 *** utils.c 1998/07/02 19:34:07 1.1.1.2 --- utils.c 1998/08/12 20:13:18 1.3 *************** *** 82,94 **** tac_strdup(p) char *p; { ! char *n = strdup(p); ! ! if (n == NULL) { ! report(LOG_ERR, "strdup allocation failure"); ! tac_exit(1); ! } ! return (n); } char * --- 82,99 ---- tac_strdup(p) char *p; { ! char *n ; ! if ( p == NULL ) { ! report(LOG_ERR,"Attempted to dup NULL string"); ! tac_exit(1) ; ! } ! n = strdup(p); ! ! if (n == NULL) { ! report(LOG_ERR, "strdup allocation failure"); ! tac_exit(1); ! } ! return (n); } char * *************** *** 264,266 **** --- 269,302 ---- } return(1); } + + /* Having strcpy in a server gives me the hebbie-jebbies */ + char * + tac_strcpy(dst,src,size) + char *dst; + char *src; + int size ; { + char *result ; + + result = strncpy(dst,src,size) ; + dst[--size] = '\0' ; + + return result ; + + } + + char * + tac_strcat(dst,src,size) char *dst; + char *src; + int size ; { + char *result ; + int len ; + len = size - 1 - strlen(dst) ; /*strncat always appends \0*/ + + result = strncat(dst,src,len) ; + dst[--size] = '\0' ; + + return result ; + + } +