quite a bit of time, make telnetd ignore it completely now. This results
in the :if=: entry in the default gettytab entry to honored instead of
being ignored. The -h option to telnetd will continue to suppress the
inclusion of :if=:
bark if file descriptor goes above FD_SETSIZE. from openbsd.
XXX needs more checking.
XXX what is tab stop size for this code? need more consistency...
XXX we should really remove #ifdef CRAY, UNICOS5 and such.
we just cannot read it through.
pull in just about all of the differences from the crypto-us telnet
suite (which includes Kerberos 4 and connection encryption support).
Also bring in the Kerberos 5 support from the Heimdal telnet, and
frob a little so that it can work with the non-Heimdal telnet suite.
There is still some work left to do, specifically:
- Add Heimdal's ticket forwarding support to the Berkeley Kerberos 4
module.
- Add connection encryption support to the Heimdal Kerberos 5
module. Hints on this can be taken from the MIT Kerberos 5
module which still exists in crypto-us.
However, even with the shortcomings listed above, this is a
better situation than using the stock Heimdal telnet suite,
which does not understand the IPSec policy stuff, and is also
based on much older code which contains bugs that we have already
fixed in the NetBSD sources.
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
to keep stuff out of the environment on the way to exec (we already have
one in the state machine that keeps them from arriving over the wire, so
this should be redundant, but it'll make any further updates easier to
have it present).
also, RCS Id police.
agc