non-crypto version)
Also update the crypto telnet's man page to reflect other options
ported from the non-crypto version.
Obtained from: Lyndon Nerenberg <lyndon@orthanc.ab.ca>
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@77095 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
references global variables from telnetd, but is also linked into
telnet as well. I was tempted to back out the last sra.c change
as it is 100% bogus and should be taken out and shot, but for now
this bandaid should get world working again. :-(
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@76616 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
now the default, so ignore the arguments that turn it on. Add a new -y
argument to turn off encryption in case someone wants to do that. Sync
these changes with the man page (including removing the now obsolete
statement about availability only in the US and Canada).
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@75263 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Make handling of SIGINT and SIGQUIT follow SIGTSTP in TerminalNewMode().
This allows people to break out of SRA authentication if they wish to.
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@75236 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Sorry there were still several bugs.
-error retry at af missmatch was incomplete.
-af matching for source addr option was wrong
-socket was not freed at retry.
Approved by: jkh
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@57233 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
-Should retry as much as possible when some of source
routing intermediate hosts' address families missmatch
happened.
(such as when a host has only A record, and another host
has each of A and AAAA record.)
-Should retry as much as possible when dest addr and
source addr(specified with -s option) address family
missmatch happend
Approved by: jkh
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@57125 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
getnameinfo() don't return error at name resolving failure.
But it is used at doaddrlookup(-N) case in telnet, error need to be
returned to correctly initialize hostname buffer.
Discovered at checking recent KAME repository change, noticed by itojun.
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@56870 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
SRA does a Diffie-Hellmen exchange and then DES-encrypts the
authentication data. If the authentication is successful, it also
sets up a session key for DES encryption.
SRA was originally developed at Texas A&M University.
This code is probably export restricted (despite the fact that I
originally found it at a University in Germany).
SRA is not perfect. It is vulnerable to monkey-in-the-middle attacks
and does not use tremendously large DH constants (and thus an individual
exchange probably could be factored in a few days on modern CPU
horsepower). It does not, however, require any changes in user or
administrative behavior and foils session hijacking and sniffing.
The goal of this commit is that telnet and telnetd end up in the DES
distribution and that therefore an encrypted session telnet becomes
standard issue for FreeBSD.
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@49887 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
