Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
X-RT-Original-Encoding: iso-8859-1
Content-Length: 2609

From kenh@cmf.nrl.navy.mil  Mon Feb 10 20:08:01 1997
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id UAA29737 for <bugs@RT-11.MIT.EDU>; Mon, 10 Feb 1997 20:08:00 -0500
Received: from [134.207.10.161] by MIT.EDU with SMTP
	id AA22988; Mon, 10 Feb 97 18:40:35 EST
Received: from nexus.cmf.nrl.navy.mil (kenh@nexus.cmf.nrl.navy.mil [134.207.10.9]) by ginger.cmf.nrl.navy.mil (8.7.5/8.7.3) with ESMTP id SAA20326 for <krb5-bugs@mit.edu>; Mon, 10 Feb 1997 18:39:31 -0500 (EST)
Received: (kenh@localhost) by nexus.cmf.nrl.navy.mil (8.7.5/8.6.11) id SAA29504; Mon, 10 Feb 1997 18:39:38 -0500 (EST)
Message-Id: <199702102339.SAA29504@nexus.cmf.nrl.navy.mil>
Date: Mon, 10 Feb 1997 18:39:38 -0500 (EST)
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Reply-To: kenh@cmf.nrl.navy.mil
To: krb5-bugs@MIT.EDU
Subject: The V4 telnetd code doesn't need to check for etc/srvtab
X-Send-Pr-Version: 3.99

>Number:         368
>Category:       telnet
>Synopsis:       The V4 telnetd code checks for /etc/srvtab - it doesn't need to
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    hartmans
>State:          open
>Class:          change-request
>Submitter-Id:   unknown
>Arrival-Date:   Mon Feb 10 20:09:00 EST 1997
>Last-Modified:
>Originator:     Ken Hornstein
>Organization:
Naval Research Lab
	
>Release:        1.0
>Environment:
	
System: SunOS nexus 4.1.4 2 sun4m
Architecture: sun4

>Description:
	
In the V4 authentication code for telnetd, it checks to see if /etc/srvtab
exists.  If it doesn't, then it doesn't offer V4 as a possible authentication
type.

However, the builtin V4 compat code doesn't _need_ a /etc/srvtab -- it can
read stuff out of a V5 keytab.  So this check makes the V4 telnetd not work
when it could.
>How-To-Repeat:
	
Try to use a V4 telnet client to a V5 telnetd.
>Fix:
	<how to correct or work around the pro blem, if known (multiple lines)>
This patch removes the check.  Note that to actually get users to successfully
use a V4 telnet client with a V5 telnetd, they either need a .klogin file
or /etc/krb.conf needs to be in place (since the V4 compat code doesn't know
about the V5 config files).

--- appl/telnet/libtelnet/kerberos.c.orig	Sun Feb  9 23:59:27 1997
+++ appl/telnet/libtelnet/kerberos.c	Mon Feb 10 18:33:29 1997
@@ -136,13 +136,8 @@
 	Authenticator *ap;
 	int server;
 {
-	FILE *fp;
-
 	if (server) {
 		str_data[3] = TELQUAL_REPLY;
-		if ((fp = fopen(KEYFILE, "r")) == NULL)
-			return(0);
-		fclose(fp);
 	} else {
 		str_data[3] = TELQUAL_IS;
 	}
>Audit-Trail:
>Unformatted: