Bug 100496 - [patch] Fix to get rid of the telnet(1) to cisco problem
Summary: [patch] Fix to get rid of the telnet(1) to cisco problem
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 6.1-RELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-07-18 22:00 UTC by cwf-ml
Modified: 2018-05-20 23:52 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description cwf-ml 2006-07-18 22:00:28 UTC
	There is this old and ugly problem that whenever you telnet into
	a cisco box from FreeBSD, you get your login prompt garbled
	by an error message "No default realm defined for Kerberos!"

	This is caused by the cisco box seeing the autologin fields in
	telnet and getting nervous about its own nonexistent kerberos
	settings. The problem appeared somehwere in FreeBSD 3.x, when
	the telnet client started to default to autologin.

	Standard fix back then was to recompile telnet with kerberos
	disabled in /etc/make.conf. This doesn't work any more since
	5.0. Currently there is no documented way to disable autologin
	on a systemwide scale, or even on a user scale using .telnetrc 
	for all possible destinations. 

	In an environment where the main telnet targets are cisco boxes 
	(and many of them) this is major annoyance. 

	The appended fix reverses the default of the telnet client to
	no autologin. Autologin is still possible using the old
	-a option.

	Since autologin does not serve much useful function any more
	in the age of ssh and pam, this change seems sensible.

	( A more perfect would be an /etc/telnetrc and a config
	syntax enhancement that allows global defaults there.)

Fix: # --------- cut here ----------------------------------------------


rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE;
 #ifdef AUTHENTICATION
-       autologin = 1;
+       autologin = 0;
 #else
        autologin = -1;
 #endif
@@ -209,11 +209,7 @@
 #endif
                        break;
                case 'a':
-#ifdef AUTHENTICATION
-                       /* It's the default now, so ignore */
-#else
                        autologin = 1;
-#endif
                        break;
                case 'c':
                        skiprc = 1;
# --------- cut here ------------------------------------------------fVWXgefUlAPKRSTHqYIbM7lj0T2g5V6kmRj8f8IQL4ieVoBw
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

--- contrib/telnet/telnet/main.c.orig   Tue Jul 18 22:19:28 2006
+++ contrib/telnet/telnet/main.c        Tue Jul 18 22:41:11 2006
@@ -138,7 +138,7 @@
How-To-Repeat: 	telnet ciscobox
Comment 1 cwf-ml 2006-07-18 22:42:04 UTC
addenda:

- someone told me to use -K. This isn't what this submission
   is about, the very point is _not_ to be forced to use -K all
   the time, and not beeing to forced to change any telnet using
   script ported from another system.

- reading the code I noted a DEFAULT keyword matching all hosts
   in .telnetrc (at least it looks that way). This is undocumented
   and also not system wide available. But someone might want
   to update the man page accordingly.                      --CWF
Comment 2 dfilter service freebsd_committer 2006-09-18 16:03:34 UTC
maxim       2006-09-18 15:03:18 UTC

  FreeBSD src repository

  Modified files:
    contrib/telnet/telnet telnet.1 
  Log:
  o Mention .telnetrc DEFAULT keyword.
  
  PR:             bin/100496 (sort of)
  Obtained from:  NetBSD, heas@netbsd
  MFC after:      3 weeks
  
  Revision  Changes    Path
  1.19      +8 -1      src/contrib/telnet/telnet/telnet.1
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 3 Bruce M Simpson 2006-09-28 18:34:59 UTC
Any plans to MFC this?
Comment 4 Maxim Konovalov 2006-09-28 19:16:10 UTC
On Thu, 28 Sep 2006, 18:34+0100, Bruce M Simpson wrote:

> Any plans to MFC this?

From the commit log:

maxim       2006-09-18 15:03:18 UTC
[...]
  MFC after:      3 weeks

-- 
Maxim Konovalov
Comment 5 Gavin Atkinson freebsd_committer freebsd_triage 2008-01-29 14:16:19 UTC
State Changed
From-To: open->closed

This was patched and MFC'd to 6.x over a year ago
Comment 6 Mark Linimon 2008-01-30 00:24:47 UTC
----- Forwarded message from "C. Weber" <cwf-ml@arcor.de> -----

To: gavin@FreeBSD.org, freebsd-bugs@FreeBSD.org
Subject: Re: bin/100496: plese reopen this PR. The patch was NOT commtted.
 The Problem is NOT fixed

Hello,

Please reopen this PR. he patch was *not* committed (neither to HEAD nor
elsewhere). The problem is still there and has *not* been fixed!

1.) The problem is still there:

# -------------
wefa@XXX 21:01 [~]uname -a
FreeBSD XXX.tnd.lab.arcor.de 6.3-RELEASE FreeBSD 6.3-RELEASE #4:
	Tue Jan 29 19:48:42 CET 2008     
	wefa@XXX.tnd.lab.arcor.de:/usr/obj/usr/src/sys/DL140LOG  i386

wefa@XXX 21:26 [~]telnet sw2
Trying 192.168.50.25...
Connected to sw2
Escape character is '^]'.


User Access Verification

Password: Kerberos:     No default realm defined for Kerberos!
# -------------


2.) The patch was neither committed nor MFCd.

The comments in the PR regarding commit/mfc only refer to a mini patch by
a third party who JUST UPDATES THE MAN PAGE (documenting the DEFAULT 
keyword).
While this is a good thing, it doesn't solve the problem.

Please reopen this PR, apply the patch (will need cosmetic changes to
work against 6.2, 6.3 or HEAD) and MFC it.

Regards

Christoph Weber-Fahr


_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"


----- End forwarded message -----
Comment 7 Mark Linimon freebsd_committer freebsd_triage 2008-01-30 01:11:12 UTC
State Changed
From-To: closed->open

Apparently the commit did not fix the problem. 


Comment 8 Mark Linimon freebsd_committer freebsd_triage 2008-01-30 01:11:12 UTC
Responsible Changed
From-To: freebsd-bugs->linimon

Try to investigate.
Comment 9 Maxim Konovalov 2008-01-30 14:26:46 UTC
Hi,

On Tue, 29 Jan 2008, 21:33+0100, C. Weber wrote:

> Hello,
>
> gavin@FreeBSD.org schrieb am 29.01.2008 15:16:58:
>
> > Synopsis: [patch] Fix to get rid of the telnet(1) to cisco problem
>
> > State-Changed-From-To: open->closed
> > State-Changed-By: gavin
> > State-Changed-When: Tue Jan 29 14:16:19 UTC 2008
> > State-Changed-Why:
> > This was patched and MFC'd to 6.x over a year ago
>
> > http://www.freebsd.org/cgi/query-pr.cgi?pr=100496
>
> Please reopen this PR. he patch was *not* committed (neither to HEAD nor
> elsewhere). The problem is still there and has *not* been fixed!
>
> 1.) The problem is still there:
>
> # -------------
> wefa@XXX 21:01 [~]uname -a
> FreeBSD XXX.tnd.lab.arcor.de 6.3-RELEASE FreeBSD 6.3-RELEASE #4:
> 	Tue Jan 29 19:48:42 CET 2008
> 	wefa@XXX.tnd.lab.arcor.de:/usr/obj/usr/src/sys/DL140LOG  i386
>
> wefa@XXX 21:26 [~]telnet sw2
> Trying 192.168.50.25...
> Connected to sw2
> Escape character is '^]'.
>
>
> User Access Verification
>
> Password: Kerberos:     No default realm defined for Kerberos!
> # -------------
>
>
> 2.) The patch was neither committed nor MFCd.
>
> The comments in the PR regarding commit/mfc only refer to a mini patch by
> a third party who JUST UPDATES THE MAN PAGE (documenting the DEFAULT keyword).
> While this is a good thing, it doesn't solve the problem.
>
> Please reopen this PR, apply the patch (will need cosmetic changes to
> work against 6.2, 6.3 or HEAD) and MFC it.
>
To make it clear: I did not claim I was going to commit your patch.
I just committed a man page update that could help to solve your
problem with telnet.  That was why I didn't change PR state from
"open" to "patched".  And I MFC'ed my delta.

Second.  Have you actually tried the suggested solution?  I mean put
"DEFAULT toggle autologin" in your ~/.telnetrc?  Did it suit you or
not?

Thanks.

-- 
Maxim Konovalov
Comment 10 cwf-ml 2008-01-30 17:38:08 UTC
Hello,

Maxim Konovalov <maxim@macomnet.ru> schrieb am 30.01.2008 15:26:46:
[quoting me]
 > > > Synopsis: [patch] Fix to get rid of the telnet(1) to cisco problem
 > >
 > > > State-Changed-From-To: open->closed
 > > > State-Changed-By: gavin
 > > > State-Changed-When: Tue Jan 29 14:16:19 UTC 2008
 > > > State-Changed-Why:
 > > > This was patched and MFC'd to 6.x over a year ago
 > >
 > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=100496
 > >
 > > Please reopen this PR. he patch was *not* committed (neither to HEAD nor
 > > elsewhere). The problem is still there and has *not* been fixed!
[...]
 > > 2.) The patch was neither committed nor MFCd.
[...]
 > To make it clear: I did not claim I was going to commit your patch.

Indeed. As far as I am concerned I understood it this way back then
when this email exchange happened. OTOH, Gavin, who closed the PR,
apparently didn't understand it that way and closed the PR based on
this misconception. So I tried to make it clear.

 > Second.  Have you actually tried the suggested solution?

Yes, of course. And it works as advertized. It does not solve my
problem, though.

 > I mean put "DEFAULT toggle autologin" in your ~/.telnetrc?
 > Did it suit you or not?

No.

I informally administrate a number of multiuser systems in Lab
environments. Personally administrating all my user's home
directories is not feasible. And I keep getting immediate
complaints whenever I update the system (via build/install
world) and do not directly reapply my patch, because scripts
break and people are generally annoyed.

And even with few/single user systems it is yet just another
thing you have to correct manually whenever installing a new
machine (which we do often in test envoronments).

One complaint I keep getting and can't and won't counter is
"it works with our Suns and Linux systems, why doesn't it
work here". Yes, indeed, why doesn't it.

So let me give the question back (since you probably have the
necessary insight to answer it) - why is it so darned complicated
to apply a straightforward and simple patch that hurts noone
and removes a years old constant annoyance ?
What, actually, *is* the reason this PR keeps lingering around
instead of beeing committed ?

Regards

Christoph Weber-Fahr
Comment 11 Mark Linimon freebsd_committer freebsd_triage 2008-02-29 01:10:07 UTC
State Changed
From-To: open->analyzed

Confirmed to still be a problem. 


Comment 12 Mark Linimon freebsd_committer freebsd_triage 2008-02-29 01:10:07 UTC
Responsible Changed
From-To: linimon->freebsd-bugs
Comment 13 Eitan Adler freebsd_committer freebsd_triage 2018-05-20 23:52:28 UTC
For bugs matching the following conditions:
- Status == In Progress
- Assignee == "bugs@FreeBSD.org"
- Last Modified Year <= 2017

Do
- Set Status to "Open"