Fri Mar 12 19:01:35 1999  Tom Yu  <tlyu@mit.edu>

	* Makefile.in (kshd): Add $(LOGINLIBS).

Mon Mar  8 19:21:23 1999  Tom Yu  <tlyu@mit.edu>

	* kshd.M: Resync manpage.

	* krshd.c: Rework hostname logging.

Wed Feb 24 20:05:40 1999  Tom Yu  <tlyu@mit.edu>

	* klogind.M: Resync manpage.

	* krlogind.c: Rework flags for hostname logging.

Mon Feb 22 22:26:32 1999  Tom Yu  <tlyu@mit.edu>

	* kcmd.c (kcmd): Fix up to not call sname_to_principal until after
	all the addresses in hp have been iterated through to avoid
	smashing. [krb5-appl/516]

Wed Feb 17 17:24:11 1999  Tom Yu  <tlyu@mit.edu>

	* klogind.M: Document things a little better, including new
	options controlling hostname manipulation.

	* krlogind.c: Make use of pty_make_sane_hostname() for purposes of
	manipulating hostname to pass to login.  Also unconditionally
	syslog IP address and full hostname of remote host.  Add command
	line options to control such behavior.

	* configure.in: Add arpa/nameser.h to CHECK_HEADERS.

Fri Feb 12 10:20:20 1999  Theodore Y. Ts'o  <tytso@mit.edu>

	* login.c (read_env_vars_from_file): Fix so that it uses
		passed-in filename instead of the hard-coded to
		/etc/environment.  [krb5-appl/691]

Wed Jan 20 21:42:41 1999  Tom Yu  <tlyu@mit.edu>

	* login.c (main): Call setluid().

	* krshd.c (doit): Call setluid().

	* configure.in: Check for setluid() rather than main() in
	libsecurity.

1998-10-06  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* krshd.c (doit): Apply ghudson's patch so that rshd passes the
		port numbers for the local and foreign addresses so that
		the V4 encrypted RCP will work correctly.  [krb5-appl/638]
	* v4rcp.c (answer_auth): Apply ghudson's patch so that if
		KRB5LOCALPORT and KRB5REMOTEPORT are set, use them to set
		the foreign and local ports so that encrypted rcp for the
		same machine.  [krb5-appl/638]

Sat Aug 15 00:01:15 1998  Geoffrey King  <gjking@mit.edu>

	* krcp.c (error): Don't call rcmd_stream_write if iamremote is not
 	set, because it expects a valid file descriptor [krb5-appl/359].
  	Also, remove mistakenly duplicated comment above the function.

Mon Jul 27 00:06:20 1998  Geoffrey King  <gjking@mit.edu>

	* krlogin.c (main): Apply ghudson's patch so that rlogin -a
	no longer dumps core. [krb5-appl/612]

1998-05-26  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* login.c (dolastlog): BSD 4.4 systems don't have lastlog.h, but
		still define struct lastlog somewhere.  Included from Dima
		Ruban's FreeBSD patches.

	* krlogin.c: Include sys/ioctl_compat.h if it is present (instead
		of just for 386BSD).  

	* loginpaths.h (LPATH): If the OS provides _PATH_DEFPATH, use it
		to define LPATH and RPATH.

	* login.c: #include paths.h if present, and use it to set the
		pathnames for certain common files.

	* configure.in (withval): Check for <sys/ioctl_compat.h> and
	   <paths.h>

Sat May 16 16:07:42 1998  Tom Yu  <tlyu@mit.edu>

	* login.c: Replace strcpy with strncpy in places.  Add nul
	termination to some existing invocations of strncpy.

Tue Jan 20 21:42:06 1998  Tom Yu  <tlyu@mit.edu>

	* krlogind.c (protocol): Declare pibuf and fibuf as being BUFSIZ
	bytes long, rather than 1024.  Fixes an Irix bug. [krb5-appl/527]

Thu Nov 20 16:42:54 1997  Tom Yu  <tlyu@mit.edu>

	* krlogind.c (recvauth): Fix args in call to
 	rd_and_store_for_creds. [krb5-appl/502]

Mon Nov 17 20:55:31 1997  Tom Yu  <tlyu@mit.edu>

	* krshd.c: Don't set checksum_ignored to 1 if checksum_required is
	0; also, if a krb5 client passes in a checksum, check it
	regardless of whether checksum_required is true. [krb5-appl/500]

Wed Nov 12 19:03:02 1997  Tom Yu  <tlyu@mit.edu>

	* forward.c (rd_and_store_for_creds): Don't do the chown.  Avoids
	a security hole. [krb5-appl/494]

	* krshd.c (recvauth): chown the ccache explicitly, as
	rd_and_store_for_creds no longer does so. [krb5-appl/494]

Thu Nov  6 22:04:26 1997  Theodore Y. Ts'o  <tytso@mit.edu>

	* v4rcp.c: Use error_message(errno) instead of using
 		sys_errlist[errno].  This avoids the hair of deciding
 		whether or not we need to declare sys_errlist or use
 		strerror(), etc., since com_err has all of that complexity
 		anyway.  Also fixed lots of -Wall nits.

Mon Nov  3 15:25:48 1997  Tom Yu  <tlyu@mit.edu>

	* krlogind.c (doit): Fix up potential buffer overrun.
	[krb5-appl/488]

Tue Mar 18 12:34:03 1997  Sam Hartman  <hartmans@luminous.MIT.EDU>

 [326]	* login.c(doit):  Preserve terminal even without -p.

Sat Dec 28 21:06:43 1996  Sam Hartman  <hartmans@luminous.MIT.EDU>

	* login.c: Force environment variables like HOME to be set even if
 	-p given.

Thu Feb 27 10:58:07 1997  Sam Hartman  <hartmans@luminous.MIT.EDU>

	* krshd.c: Allow user to login with / as home directory if homedir
 	not found. [167]

Fri Dec  6 00:53:08 1996  Theodore Y. Ts'o  <tytso@mit.edu>

	* v4rcp.c: Extend the platform-specific braindamage so that
 		FreeBSD works.  This whole file is eventually going to
 		need serious rototilling to make it even vaguely correct.
		[PR #284]

Fri Dec  6 00:02:25 1996  Tom Yu  <tlyu@mit.edu>

	* loginpaths.h: Add catch-all entries for LPATH and RPATH in case
	we run across something that we haven't hardcoded paths for
	yet. [267]

Thu Dec  5 21:58:28 1996  Tom Yu  <tlyu@mit.edu>

	* login.M: v5srvtab -> krb5.keytab [279]

Sun Nov 24 23:35:22 1996  Ezra Peisach  <epeisach@mit.edu>

	* login.c (try_afscall): Change to take pointer to function
		instead of only calling setpag(). [krb5-appl/190]

Fri Nov 22 15:46:46 1996  unknown  <bjaspan@mit.edu>

	* kcmd.c (kcmd): use sizeof instead of h_length to determine
 	number of bytes of addr to copy from DNS response [krb5-misc/211]

Thu Nov 14 14:30:28 1996  Barry Jaspan  <bjaspan@mit.edu>

	* krcp.c: don't print our own error message if kcmd returns -1 (it
 	always printed something in that case, and error_message(-1)
 	prints a mess [krb5-appl/70]

Mon Nov 11 23:38:05 1996  Mark Eichin  <eichin@cygnus.com>

	* krshd "plumbing" fixes

	Tue Jun 25 19:51:07 1996  Mark Eichin  <eichin@cygnus.com>

	* krshd.c (doit): ignore SIGPIPE in the child, check the return
	status of write instead.
	Added comments labelling the various file descriptors.
	Cleaned up formatting somewhat.
	Check for failure of write to child stdin pipe, and stop reading.
	Check for output from child before checking for input from net, to
	reduce potential for missed output.
	(cleanup): moved before doit, to eliminate need for declaration.
  	Added an argument, to allow reporting of what signal kshd died
	on, and report that the daemon terminated, not the shell.

	Thu Jun 20 18:54:04 1996  Mark Eichin  <eichin@cygnus.com>

	* krshd.c: fix global-change typo in !KERBEROS branch.

Mon Nov 11 15:00:25 1996  Mark Eichin  <eichin@cygnus.com>

	* Makefile.in, configure.in, krshd.c, v4rcp.M, v4rcp.c: added
	kerberos V4 rcp -x support from Cygnus tree.
	* Makefile.in, configure.in: added support for not building v4rcp
	if --without-krb4 is used.
	
	Sun Aug 11 17:30:39 1996  Chris Provenzano  <proven@cygnus.com>

	* v4rcp.c : #include <fcntl.h> for O_* flags.

	Mon Jul  8 13:44:39 1996  Mark Eichin  <eichin@cygnus.com>

	* v4rcp.c (getdtablesize): eliminate local copy.
	(kstream_write): eliminate srandom/random in favor of
	krb5_random_confounder.
	Add sys/socket.h to includes (v4 had it internal to krb.h.)
	(utimes): clone utimes-emulation from v5 krcp.c (should perhaps be
	changed to use AC_REPLACE_FUNC...)
	Declare getenv.

	Sat Jul  6 16:39:28 1996  Mark W. Eichin  <eichin@kitten.gen.ma.us>

	* v4rcp.c (answer_auth): use inet_aton only if we have it;
	otherwise fake it with inet_addr.
	* configure.in: check_func for inet_aton.

	Tue Jul  2 19:37:52 1996  Mark Eichin  <eichin@cygnus.com>

	* krshd.c (envinit): clarified initializations, labeled all slot
	reservations (SAVEENVPAD, KRBPAD, ADDRPAD are lists of zeroes.)
	Move TZ to always be slot 5, even on the cray. Added space for the
	local and remote addresses.
	(doit): add a getsockname to save the correct local address for
	the child. Set KRB5LOCALADDR and KRB5REMOTEADDR to literal IP
	addresses since the child is on the wrong side of a pipe and can't
	recover them directly.
	* v4rcp.c (kstream): add common "writelen" field for the length of
	inbuf and outbuf.
	(kstream_create_rcp_from_fd): initialze new fields.
	(kstream_write): grab a big enough buffer (since this is called
	with chunks that may correspond to the *filesystem* blocksize,
	which is usually larger than BUFSIZ.) Also skip the first four
	bytes of outbuf so that the encryption is done on an 8 byte
	boundary (if malloc is correctly aligned, malloc+8 should also
	be.)
	(answer_auth): don't try to getpeername or getsockname, since
	we're run under a pipe; just use KRB5LOCALADDR and KRB5REMOTEADDR
	which are now provided by kshd (and fail if they are not present.)
	This is safe because if they're wrong, it just means that the
	mutual authentication will fail.

	Thu Jun 27 23:32:41 1996  Mark Eichin  <eichin@cygnus.com>

	* Makefile.in (all, clean, install, v4rcp): add v4rcp installation
	and build rules.
	* krshd.c: if we got a V4 connection and the command is rcp, use
	the v4rcp backend to handle encryption.
	* v4rcp.c: based on Cygnus CNS V4 rcp, stripped down to eliminate
	user commands (and truncated usage message.)  Includes a fake
	subset of the kstream interface that only handles "rcp -x" mode.
	* v4rcp.M: new file, documents v4rcp support.

Sat Nov  9 10:49:36 1996  Sam Hartman  <hartmans@mit.edu>

	* login.c: Re-arrange to deal with compiling without krb4 support. [148]

Fri Nov  8 20:59:27 1996  Tom Yu  <tlyu@mit.edu>

	* login.c (k_init): Set up KRBTKFILE if converting krb5 tickets to
	krb4 but not getting them via password.

Wed Nov  6 11:32:36 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* login.c (destroy_tickets): Just use global kcontext instead
		of creating a new krb5 context for no good reason.

	* krshd.c (main): 
	* krsh.c (main): 
	* krlogind.c (main): 
	* krlogin.c (main): 
	* krcp.c(main): Check the error return from krb5_init_context(),
 		and print an error message if necessary.

Fri Nov  1 23:11:21 1996  Sam Hartman  <hartmans@planet-zorp.MIT.EDU>

	* login.c: print out system error if -1 returns.
	(destroy_tickets): Destroy krb4 tickets if we are converting as
 	well as just for initial tickets.

Fri Nov  1 21:00:01 1996  Sam Hartman  <hartmans@mit.edu>

	* login.c: Have the this call must succeed comment before setuid,
 	not the AIX login uid setting.

Thu Oct 31 22:14:00 1996  Sam Hartman  <hartmans@planet-zorp.MIT.EDU>

	* krlogind.c (doit): Remove tab3 because it isn't very useful and
 	isn't always present.

Thu Oct 31 19:19:54 1996  Sam Hartman  <hartmans@mit.edu>

	* klogind.M kshd.M:  document -r goes away [138]

	* krshd.c (doit): Do not support rhosts authentication.  This was
 	never used by any clients and the cruft in kcmd.c was creating
 	problems. [138]

	* krlogind.c (do_krb_login): Remove broken rhosts support. [138]

	* kcmd.c: Remove ruserok and associated cruft along with killpg. [138]

Tue Oct 29 10:09:39 1996  Theodore Y. Ts'o  <tytso@mit.edu>

	* login.c: Make the defaults be to *not* to get Kerberos V4
 		tickets.  There are currently bad interactions between
 		defaulting and the default Kerberos V4 realm (which is
 		still hard-coded to be ATHENA.MIT.EDU).
		Also added some miscellaneous code cleanups.

Mon Oct 21 13:44:53 1996  Barry Jaspan  <bjaspan@mit.edu>

	* kcmd.c: don't retry (and waste 7 seconds) on ECONNREFUSED, just
 	fail immediately [krb5-appl/120]

Fri Oct 18 17:26:51 1996  Barry Jaspan  <bjaspan@mit.edu>

	* krsh.c, krlogin.c: don't print our own error message if kcmd
 	returns -1 (it always printed something in that case, and
 	error_message(-1) prints a mess [krb5-appl/70]

Mon Sep 30 17:15:14 1996  Sam Hartman  <hartmans@mit.edu>

	* login.c: Allow login -f to let you log in as root.

Mon Sep 30 16:22:48 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* login.c (stypeof): If TERM environment variable set, use it.

	* krlogind.c (doit): Do not use login -E; no one supports it
        besides login.krb5which also supports -f.

Sun Sep 29 20:49:47 1996  Sam Hartman  <hartmans@mit.edu>

	* login.c: Fix so it works with --without-krb4 option

Fri Sep 20 18:23:53 1996  Sam Hartman  <hartmans@planet-zorp.MIT.EDU>

	* login.c: Update so that we try to convert krb524 tickets after
 	we setuid(), and so that we don't hard fail if cache writeout
 	fail.

Fri Sep 20 17:35:22 1996  Sam Hartman  <hartmans@mit.edu>

	* login.c: Check to see if we got krb5 tickets at all times,
 	regardless of wether we are converting to krb4.  This helps us
 	know when to kdestroy.

Wed Sep 11 17:27:02 1996  Barry Jaspan  <bjaspan@mit.edu>

	* login.c: fix a security-threating race condition: chown'ing the
 	ccache to the user can be bad if the user can delete the file
 	first and make it a symlink to something else.  The solution is to
 	re-create the ccache after login as setuid() to the user.
	
Tue Sep 10 14:03:53 1996  Tom Yu  <tlyu@mit.edu>

	* klogind.M, kshd.M, login.M, rcp.M, rlogin.M, rsh.M: remove ".so
	 	man1/header.doc"

Fri Sep  6 13:22:46 1996  Theodore Y. Ts'o  <tytso@mit.edu>

	* login.M: Document that login_krb4_convert is off by default.

	* login.c: Turn login_krb4_convert off by default, since it causes
		problems if you don't have krb524d running on the KDC.
		This is necessary because a Solaris socket bug causes
		login to hang for 45 seconds if krb524d isn't present on
		the KDC.

Mon Sep  2 12:03:53 1996  Sam Hartman  <hartmans@mit.edu>

	* krlogind.c rlogin.c (v5_des_write): Write out length plus
 	encrypted data as one packet; this reduces latency by one RTT for
 	interactive traffic with kernels that support schemes similar to
 	RFC896, and reduces the number of packets with most other TCP
 	stacks.

Sat Aug 10 16:22:34 1996  Sam Hartman  <hartmans@mit.edu>

	* krcp.c (source): Cast stb.st_size to a long before printing it.
  	On NetBSD, it's a quad, so the following pointer is ignored and
 	all files look null.  We could special case NetBSD, but casting is
 	somewhat cleaner if we aren't dealing with 2g+ files.
e
Mon Jun 24 09:48:11 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>

	* krsh.c (main): Fix typo so that krsh doesn't exit when using the
		default port.

Fri Jun 21 21:12:52 1996  Sam Hartman  <hartmans@mit.edu>

	* configure.in : Make sure it works with the built-in libkrb4.a again.

Fri Jun 14 13:19:30 1996  Sam Hartman  <hartmans@mit.edu>

	* login.c: Add define to deal with krb_save_credentials possibly
 	being called save_credentials, and to define krb_get_err_text if
 	it is not defined by the krb4 library.

	* configure.in :  check for krb_save_credentials and krb_get_err_text

Thu Jun 13 14:24:50 1996  Sam Hartman  <hartmans@mit.edu>

	* krlogind.c (doit): If using vendor login, make sure output flags
 	are reasonable.


Sat Jun 15 04:03:32 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* configure.in: Cleanup of tests whose results are not longer used
		with the pty library in place.

Mon Jun  3 21:26:34 1996  Tom Yu  <tlyu@mit.edu>

	* login.c: Ezra's patches to trim unsed arg from
		verify_krb_v5_tgt, etc.

	* Makefile.in,configure.in: allow compilation w/o krb4 (Ezra's
		patches)

Sun May 19 15:22:06 1996  Sam Hartman  <hartmans@mit.edu>

	* login.c (destroy_tickets main):  Use a secure context

Thu May  9 00:09:14 1996  Richard Basch  <basch@lehman.com>

	* krlogind.c krshd.c:
	Use the replay cache associated with the default server name
	(rc_host*), like telnetd does.

Mon May  6 14:06:21 1996  Richard Basch  <basch@lehman.com>

	* login.c: SVR4 logins do not do motd or mailcheck normally; that
	is a function of /etc/profile.  login.krb should act the same...

Mon Apr 29 17:02:44 1996  Ken Raeburn  <raeburn@cygnus.com>

	Merge with Cygnus sources, changes from Mark Eichin, Marc
	Horowitz, Chris Provenzano and me:

	* Makefile.in (install): Install correct set of man pages, and
	check for failures.
	* kshd.M, klogind.M: Renamed from kr*.M versions.
	* login.M: New file. Man page for login with some description of
	new features.

	* rlogin.M: Remove references to using program with target
	hostname as argv[0].
	* rsh.M: Ditto.  Also document -f, -F, -x options.

	* login.c: Massive changes.  Split much functionality out of main
	and into separate file sections: terminal flag settings, Kerberos
	4 and 5 support, UNIX password support, mail check, signal handler
	handling, some other support routines.  Revamp controlling tty and
	process group handling.  For AFS configuration, use setpag and run
	aklog.  Try validating password using krb5.  Always set tty flags,
	not just for rlogin session.  When validating tickets, treat an
	existing key file that doesn't contain the key we think we want
	(possibly because DNS was spoofed) as an error condition.
	* Makefile.in (LOGINLIBS): List libkrb524.a here.
	(LIBOBJS): Not here.
	(login.krb5): Reverse the order of LIBOBJS and LOGINLIBS.
	* configure.in: Check for --with-afs.  Add AFS libs and define
	SETPAG if supplied.

	* login.c (KRB5_GET_TICKETS, KRB4_GET_TICKETS, KRB_RUN_AKLOG): new
	macros selecting single signon options.  krb5.conf profile support
	for control over authentication options, above the compile time
	selection.
	(conf_affirmative): new function, recognize yes/no in profile
	value.
	(login_get_kconf): new function, look for all [login] flags and
	set them in appropriate globals (via login_conf_set array.)
	(main, sleepexit, destroy_tickets): Check the new login_* flags.
	(main): rename KRB4_USE_524 to KRB4_CONVERT.

	* configure.in: Added checks for tcsetpgrp, tcgetpgrp, setpgid.
	* krlogind.c (control): Use tcgetpgrp if it's available.

	* loginpaths.h (RPATH, LPATH, LPATH_root): Define HP/UX 9.04
	versions, conditionalized on __hpux and !hpux.

	* login.c and configure.in: instead of checking _IBMR2 and
 	__sgi__, write configure tests to check for the existence of
 	/etc/environment and /etc/TIMEZONE files, respectively.

	* forward.c (rd_and_store_for_creds) : If chown fails then only
	pass failure back if owner is different than intended owner. This
	is to make rsh.exp test work without requiring root privlidges.

	* login.c (main): Don't set TERM to an empty value.
	(stypeof) [__hpux]: Return null if unknown.

	* krlogin.c (catchild): remove hp/ux kludge because of aclocal.m4 fix.
	(speeds): test __hpux for hpux speed list.
	(main): test __hpux for use of FIOSSAIOSTAT and FIOSSAIOOWN
	(USE_TERMIO): test __hpux for bsdtty/ptyio headers.
	* krlogind.c: test __hpux for bsdtty/ptyio headers.
	(doit): test __hpux for use of setpgrp2.
	* krcp.c (main): test __hpux as well for remsh vs. rsh.

	* krcp.c (des_write): Make sure the buffer for the encrypted data
	is large enough. Only return an error in malloc fails.

	* krsh.c (main): Always turn on anyport -A option.

	* krlogind.c (ptsname): Declare if it's going to be used.

	* krshd.c (main): Use basename of argv[0] for progname.

	* login.c (dofork): On linux, TIOCNOTTY causes us to die on a
	SIGHUP, so don't even try it.

Sun Apr 21 12:52:35 1996  Richard Basch  <basch@lehman.com>

	* krshd.c: If checksumming is required & ALWAYS_V5_KUSEROK is
	defined, incorrect messages were being displayed for V4 clients.
	Additionally, various errors were not being displayed with the
	trailing newline.
	Also, one could not specify -c in inetd.conf, because of the
	variable initialization; initialization has been corrected to
	allow either checksumming or ignoring the checksum.

Sun Apr 21 00:30:28 1996  Sam Hartman  <hartmans@mit.edu>

	* krshd.c krlogind.c: Implement -i.  Rewrite error message having
 	to do with checksums.

	* krshd.Mkrlogind.M : Document -i, remove documentation about
 	taking options from name of daemon.  Clean up checksum
 	documentation.

	* krlogind.c (do_krb_login): Fix up error messages for checksums.
  	Configuration errors are presented for situations where -c and -i
 	are used together, or where -4 and -c are used together.

Thu Apr 18 19:48:47 1996  Sam Hartman  <hartmans@mit.edu>

	* Makefile.in: Fix spaces by converting to tabs.

	* krlogind.c: Take patches from Doug Engert <deengert@anl.gov> to
 	allow login to work with vendor logins.  Also, fix packet-mode
 	bug; we have some hope of working on non-Solaris streams pty code.


Wed Apr 17 13:46:57 1996  Theodore Y. Ts'o  <tytso@mit.edu>

	* configure.in (LOGINLIBS): Remove DECLARE_SYS_ERRLIST since it's
		no longer necessary.

	* krcp.c (verifydir, allocbuf, rsource, source, sink): Don't use
 		sys_errlist[]; just call error_message() instead, since we
 		depend on com_err anyway.

	* krshd.c (recvauth): 
	* krlogind.c (recvauth): Don't actually check the checksum unless
 		it is required.  Old (pre-beta 5) clients sent a checksum
 		of random garbage (such as their pid) which is impossible to
 		actually check on the server side.  (Grad student stupidity
		strikes again.)
		(fatalperror): Don't use sys_errlist[] to get the right
		error message; just depend on com_err instead, since we're
		using it anyway.

	* krshd.c (doit): 
	* krlogind.c (do_krb_login): Fix logic so that if checksums are
	 	required, and the checksum is valid, don't syslog the
	 	stupid warning message about "Checksums are only required
	 	for v5 clients...."
  	
	* krcp.c, krshd.c, krlogind.c: Miscellaneous -Wall cleanups

	* krlogind.c (getpty): Removed dead code.


Tue Apr 16 11:33:33 1996  Sam Hartman  <hartmans@mit.edu>

	* krlogind.c kshd.c (main): Drop support for handling options in
	 	rlogind's name.

Sun Apr 14 03:41:49 1996  Sam Hartman  <hartmans@zygorthian-space-raiders.MIT.EDU>

	* krlogind.c (fatalperror): Only declar sys_errlist if needed.

	
Sat Apr 13 17:47:36 1996  Sam Hartman  <hartmans@mit.edu>

	* krshd.c (doit): Use setsid instead of setpgrp if you have it.
  	Note this doesn't work for Ultrix.

	* krlogind.c (doit): Don't call setpgrp or setsid; let pty library do
 	that for us.

Fri Apr 12 23:38:25 1996  Richard Basch  <basch@lehman.com>

	* krlogind.c (cleanup): Destroy any forwarded credentials at the
	end of the login session (they were placed in an unusual location
	anyway, so the chance that someone will be trying to reuse those
	credentials is minimal)

Thu Apr 11 00:22:51 1996  Richard Basch  <basch@lehman.com>

	* kcmd.c: Cleaned up whitespace and removed commented & unused cruft

	* krlogind.c, krshd.c: Allow the recvauth routine to find any key
	in the keytab for which the user is trying to login.  The host may
	be known as many names.  Additionally, for krlogind, clean up the
	error handling for bad authentication (potential null dereference
	and a misleading message because of the wrong authentication system
	being used)

Sun Apr  7 22:46:07 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krshd.c: Add an option -L to pass certain environment variables
		to the client.

Wed Apr  3 17:09:19 1996  Richard Basch  <basch@lehman.com>

	* krlogind.c: Under Solaris, when the connection pipe goes away,
		zero bytes are returned.  Since we are using blocking
		read calls, and the net_read function deals with
		interrupted/resumed reads, consider zero bytes to be
		be a terminated connection, so as not to spin.

Mon Apr  1 10:12:44 1996  Richard Basch  <basch@lehman.com>

	* loginpaths.h: Leading/trailing colons should not be there based
	on the variable usage in the code.  Also, the tests for Solaris
	were incorrect.

Fri Mar 29 16:22:18 1996  Richard Basch  <basch@lehman.com>

	* kcmd.c, krlogin.c, krsh.c, krcp.c:
		Allow for a proxy forwarder to be specified

Sat Mar 23 17:20:00 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krcp.c (des_write): Use krb5_net_write instead of write, because
 	most parts of rcp that call this code ignore the return value and
 	we want to reblock properly.

	* krshd.c (doit): Don't use non-blocking IO; it is unnecessary and
 	may cause problems.

Fri Mar 22 13:27:40 1996  Richard Basch  <basch@lehman.com>

	* krshd.c: use the library routines to do v4 to v5
	principal translation, for a more accurate representation.

Wed Mar 20 19:36:21 1996  Richard Basch  <basch@lehman.com>

	* krlogind.c: use the library routines to do v4 to v5
	principal translation, for a more accurate representation.

Tue Mar 19 20:11:28 1996  Richard Basch  <basch@lehman.com>

	* kcmd.c (ruserok): declare the function as taking const char *
	instead of char * (Solaris 2.5 refuses to compile it, otherwise).

Tue Mar 12 23:42:50 1996  Ken Raeburn  <raeburn@cygnus.com>

	* configure.in: Use AC_HEADER_STDARG.

Tue Mar 12 17:52:08 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krshd.c (doit): For encrypted rcp, fix logic in determining
		executable to run. 

Mon Feb 26 03:28:44 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* configure.in: call USE_ANAME.

Sun Feb 25 18:50:45 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krlogind.c (v5_des_read): Fix server side of bug in detecing eof
        on the network connection.  Same as client change: v5_des_read
        needs to return 0 if read returns <= 0, notjust a strict
        inequality.

Mon Feb 12 22:41:06 1996  Theodore Y. Ts'o  <tytso@dcl>

	* kcmd.c (kcmd): Fix lint flame (added missing cast).

Fri Feb  9 21:43:50 1996  Sam Hartman  <hartmans@hartman.mit.edu>

	* krsh.c (main): Only print secure_message if encrypt_flag set.

Fri Feb  9 20:18:48 1996  <hartmans@mit.edu>

	* krlogind.c (recvauth): Fix v4 incompatability created by
        checksum code; if using v4, don't try to verify a v5 checksum.

Fri Feb  2 16:10:56 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* configure.in (save_path): Look for "ucb" varients in
	/usr/athena/bin if --enable-athena specified.

	* krsh.c krlogin.c krcp.c (try_normal): If --enable-athena, don't
	quit just because we are encrypted.

Thu Feb  1 00:09:13 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* rcp.M: Fix typo.

	* krcp.c (des_write): If rcp tries to write to stdin, redirect it
        to stdout.  That way it works with pipes; the right thing is for
        rcp to not try and do this, but introducing remread and remwrite
        as variables is significantly more work for only slightly better
        code.
	(main):  Use rsh encryption; not user-to-user. Note that we still
	support the answer_auth mechanism for incoming connections
	so older clients work, but this is depricated.
	(send_auth): expunged with pleasure; answer_auth should go in a
	a version or two.

Wed Jan 31 16:24:50 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krsh.c (main): Print SECURE_MESSAGE when appropriate.

	* krshd.c (doit): Fork and handle pipes either if stderr signal
        processing is enabled *or* encryption is enabled.  Rsh always
        enables stderr, but rcp won't.
	(SECURE_MESSAGE): Moving to client where it belongs, so the stderr
	channel doesn't get corrupted for rcp.  Besides, the client can
	determine if it is talking to a tty and only print this message to
	a tty.

	* krlogind.c (recvauth): Pas ccache to rd_and_store_for_creds

	* krshd.c (recvauth): Pass address of ccache to rd_and_store_for_creds
	(ccache): new global variable.
	(cleanup): Destroy ccache if we have one.
	(doit): Destroy cache on normal terination.

	* forward.c (rd_and_store_for_creds): Take a pointer to a ccache;
        we should provide the caller with a way of destroying forwarded
        credentials.

Tue Jan 30 17:56:49 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krshd.c (envinit): Expand to have space KRB5_CCNAME
	(doit): Put krb5_ccname at the end of envinit; this is
	handled differently that other variables, because TZ may or may not
	beset, so our position cannot be fixed.


Sat Jan 27 18:40:31 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* kcmd.c (kcmd): We no longer need F_SETOWN as nothing in appl/bsd
        handles oob data with signals any more.

Fri Jan 26 00:37:23 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krlogin.c (reader): Deal with exceptions even while writing.
	(reader): Fix bogus select bug; actually select on writing

Wed Jan 24 00:34:42 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krlogind.M krshd.M: Update to document new options.

	* Makefile.in (install): Install as kshd and klogind not krshd and
 	krlogind.

	* krshd.c (main): Use krlogind-style options (-54kce)

	* krlogind.c (main): Change option parsing  to support new format.
	(do_krb_login): Use auth_ok and auth_sent masks instead of passed_*

Tue Jan 23 18:10:55 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krshd.c (recvauth): Use the correct username in strlen call for
        allocating chksumbuf.

	* krlogind.c (recvauth): Code to copy checksum verification code.


Mon Jan 22 15:14:11 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krshd.c (recvauth): Update to expect port in checksum.

	* kcmd.c (kcmd): Include port in string of checksumed data to
 	distinguish between encrypted and unencrypted rlogin.


Mon Jan 22 18:14:05 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krcp.c: Use KRB5_STDARG_P.

	* configure.in: Add KRB5_CHECK_PROTOS for prototyps definitions.


Fri Jan 19 10:45:29 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krshd.c (recvauth): Verify checksum against command line and
	remote user.
	(recvauth): Fix accidental memory leak with authenticator and fix
	include correct username in checksum

	* kcmd.c: Send authenticator with checksum of command line and
	remote user.

	* krlogin.c (des_read): Return 0 or -1 on close/error respectively.

Wed Jan 17 15:14:33 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* krlogin.c (reader): Use select to find out-of-band data, not signals.
	(oob): No longer a signal handler; just a function.
	(writer): get rid of copytochild setup as sigurg no longer needed
	(main): Don't block SIGURG
	* configure.in :  Include sys/time.h check

Mon Jan 15 16:16:07 1996  Sam Hartman  <hartmans@tertius.mit.edu>

	* login.c (main): ttyslot usable here as well

	* krlogind.c (doit): update_utmp can use ttyslot.

Thu Jan 11 12:40:08 1996  Ezra Peisach  (epeisach@paris)

	* krsh.c, krlogin.c: (main): Ultrix cc does not support automatic
		aggregate initiailzation of structures. 

Thu Jan 11 11:27:04 1996  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krcp.c (error): Convert to use varargs.

	* configure.in: Check for stdarg.h

Wed Jan 10 21:26:20 1996  Theodore Y. Ts'o  <tytso@dcl>

	* kcmd.c (getport): Clear the sin structure to be zero.  (From
		Doug Engert.)

	* krsh.c (main): Added code to default port to 544 if service not
	        found.  (From Doug Engert.)

	* krlogin.c (main): Added code to default port to 543 or 2105 if
	        service not found.  (From Doug Engert.)

	* login.c (main): Save KRB5CCNAME environment variable, which may
	        have been set by forward.c.  Add code for SGI to set
	        environment for its /etc/TIMEZONE (untested).  Don't print
	        MOTD twice on Suns, added #ifdef NO_MOTD.  (Patches from
		Doug Engert).

	* kcmd.c: Removed extern global of krb5_kdc_req_sumtype, which
		wasn't being used anyway.

Tue Jan  9 22:51:16 1996  Theodore Y. Ts'o  <tytso@dcl>

	* forward.c (get_for_creds): Removed no longer used function.

	* kcmd.c (kcmd): Convert from using get_for_creds() from forward.c
		to using the official library routine, krb5_fwd_tgt_creds().

Fri Dec 22 17:42:11 1995  Theodore Y. Ts'o  <tytso@dcl>

	* login.c (main): If HAVE_SHADOW is defined, and no shadow
		password entry is availble, try using the password entry
		in the password file.

Tue Dec 19 17:11:37 1995  Theodore Y. Ts'o  <tytso@dcl>

	* kcmd.c: Also include unistd.h, if it's available.

Tue Dec  5 20:44:39 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* configure.in: Use krb5util library.

	* login.c (main): Change two-argument call to syslog to three
		arguments to handle screw cases in hostnames.

Fri Dec  1 17:25:02 1995  Theodore Y. Ts'o  <tytso@dcl>

	* login.c (main, dofork): Applied patch from Scott Schwartz
	        <schwartz@galapagos.cse.psu.edu>

		Under SunOS, and maybe other systems, there is a a problem
		with krlogind.c and a similar problem with login.c as
		distributed with K5.5.

		The bug is that rlogind forks a child but retains a
		controlling tty.  If the child is in the same process
		group as the parent, which is will if you don't use a job
		control shell (chsh /bin/rc), keyboard signals will kill
		the daemon.  telnetd dissociates itself properly, but then
		login.krb5 waits for the shell to finish, but login.krb5
		has the same ctty as the shell and is in the same process
		group, so it has the same problem.

		In BSD you used to be able to give up your ctty at will,
		but SunOS seems to have setsid as the only mechanism to
		perform that action, and setsid can only succeed in
		limited circumstances.  Rlogind ought to be fixed to
		behave more like telnetd, but independent of that,
		login.krb5 needs to be patched if kerberos is to work
		properly under SunOS.

Sun Nov 12 12:39:23 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* krlogind.c (doit): Clear iextn for NetBSD and other 4.4-based
        systems so that ctrl-o isn't special.

Sat Oct 21 17:33:37 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* login.c (main): Don't set LOGNAME twice.

Sun Nov 12 04:44:50 1995  Mark W. Eichin  <eichin@cygnus.com>

	* krshd.c (doit): drag TZ= from parent environment into envinit to
	pass to child.
	(envinit, TZENV): add one more slot for optional TZ, and mark it.

Thu Nov  2 16:16:47 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krlogin.c, krcp.c, krsh.c (main): If invoked with -D port, do
		not die if entry is missing from /etc/services.

Mon Oct 16 17:27:43 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* login.c (main): Don't print warning about no tickets obtained if
	we didn't ask for a password.  Also, define LOGNAME for so sysvish
	systems are happy.  Patch from ramus@nersc.gov.

Wed Sep 06 14:20:57 1995   Chris Provenzano (proven@mit.edu)

        * krcp.c, krlogin.c, krlogind.c, krsh.c, krshd.c : 
		s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g

Sun Aug 27 15:35:04 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* rlogin.M: Document -f and -F options.

Mon Aug  7 17:32:29 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* krlogind.c: Close the write side of the syncpipe in the parent
        so we get SIGPIPE if child dies. 

	* login.c (main): Use new interface to pty_update_utmp

	* configure.in (LOGINLIBS): Check for utmp.h and utmpx.h.

	* krlogind.c (doit): Use new format for pty_update_utmp
	* Include utmp.h because libpty.h no longer does.

Fri Aug  4 00:50:41 1995  Tom Yu  <tlyu@dragons-lair.MIT.EDU>

	* krlogind.c: don't include utmp.h, since libty.h grabs it.

Wed Aug  2 13:06:02 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* krlogind.c (main): call pty_init()call pty_init()

Tue Aug  1 08:43:22 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* Makefile.in :  Remove references to logutil.c and logutil.o


	* krshd.c (doit): Replace logwtmp with pty_logwtmp

	* login.c (main): use pty_update_utmp not update_utmp

	* logutil.c: Removed because all its functionality is incorperated
        into libpty.

	* krlogind.c (doit): Pass length of line to pty_getpty

Mon Jul 31 17:07:59 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* login.c (main): Don't call TIOCSETD under Posix.
	 * Include iexten in terminal flags.


	* krlogin.c:  Don't include termio.h here either.

	* login.c: Remove special casing of AIX to include termio.h; it
        breaks almost all terminal handling, because it's the
        compatibility file for applications written for the RT.  Instead,
        just define CNUL if not already defined by ttychars.h


Sat Jul 29 04:37:33 1995  Tom Yu  <tlyu@dragons-lair.MIT.EDU>

	* configure.in: Don't link with -lkadm


Fri Jul 28 16:49:02 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* Makefile.in (LOCAL_LIBRARIES): include -lpty; also included in
        DEPLOCAL_LIBRARIES.

	* krlogind.c (doit): Use pipe for synchronization so pty can be
	opened in slave.  Use libpty for pty handling.
	(cleanup):  Use pty_cleanup to do most work.

Thu Jul 27 15:02:03 EDT 1995	Paul Park	(pjpark@mit.edu)
	* krshd.c - Check for interrupted select.  Should fix bug #1555.


Thu Jul 13 17:49:54 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* configure.in : Short circuit the streams test for AIX to false
        because AIX strops.h trashes definition of _IO from sys/ioctl.h.
        I think this is fixed in AIX4, so the test is only bypassed for
        AIX3.

Tue Jul 11 12:50:16 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* krlogind.c (getpty): Use ptsname before ttyname; it has a higher
        chance of doing what we want.

Fri Jul 7 15:40:42 EDT 1995	Paul Park	(pjpark@mit.edu)
	* Makefile.in - Remove all explcitit library handling.
	* configure.in - Add USE_<mumble> and KRB5_LIBRARIES.

Wed Jul  5 20:03:37 1995  Theodore Y. Ts'o  (tytso@dcl)

	* krcp.c, krlogin.c, krlogind.c, krshd.c, login.c: Remove
		declaration of errno altoghether.  "extern int errno;" is
		always wrong.

	* login.c (main): Don't use the TIOCLSET ioctl unless we're not
		using POSIX_TERMIOS.  Don't just blindly set the file
		status flags to 0.  Instead, do a fcntl(0, F_GETFL), and
		then reset the nonblocking flags.

Sun Jul  2 19:48:27 1995  Sam Hartman  <hartmans@tertius.mit.edu>

	* krcp.c: make errno extern

	* krshd.c: errno should be extern so it doesn't mask the libc
        definition in AIX.

Tue Jun 27 23:50:56 1995  Tom Yu  (tlyu@dragons-lair)

	* krlogin.c: don't redeclare noltc, defltc if we happen to have
		TIOCGLTC in addition to POSIX_TERMIOS

Tue Jun 27 16:18:49 EDT 1995	Paul Park	(pjpark@mit.edu)
	* configure.in - When checking number/type of arguments to {get,set}pgrp
		attempt to set __STDC__ in a vain attempt to ensure that we
		get function prototype checking turned on.  OSF/1's native
		compiler didn't really care what's passed as arguments unless
		__STDC__'s set.
	* krcp.c - Change usage of BUFSIZ to RCP_BUFSIZ.  Remove & from in
		front of array.  It's redundant.
	* krlogin.c - Change usage of BUFSIZ to RLOGIN_BUFSIZ.  Add signal
		name parameter to signal handlers to conform to prototype.
	* krlogind.c - Change usage of BUFSIZ to RLOGIND_BUFSIZ.  Cast 4th
		argument to setsockopt(2) to be const char *.
	* krsh.c - Change usage of BUFSIZ to RSH_BUFSIZ.  Cast 4th argument
		to setsockopt(2) to be const char *.
	* krshd.c - Change usage of BUFSIZ to RSHD_BUFSIZ.

Thu Jun 22 14:36:46 1995  Theodore Y. Ts'o  <tytso@dcl>

	* configure.in: Change AC_HAVE_HEADERS with AC_CHECK_HEADERS, and
		check for string.h as well.

	* krsh.c: Don't include ext-proto.h; move the #include of the
		header files which we actually needed into krsh.c, using
		the autoconf standard define's.

Wed Jun 21 17:29:27 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* login.c: Change RETSIGTYPE to krb5_sigtype to be consistant.

	* configure.in (LOGINLIBS): Add KRB5_SIGTYPE to declare krb5_sigtype.

Tue Jun 20 13:00:25 1995  Tom Yu  (tlyu@dragons-lair)

	* krlogin.c: HAS_STDLIB_H -> HAVE_STDLIB_H

Mon Jun 19 13:34:23 EDT 1995	Paul Park	(pjpark@mit.edu)
	* login.c - Change setluid call to check for luid and then set it if
		it fails, also make this logic conditional under HAVE_SETLUID.
	* configure.in - For OSF/1 systems where libsecurity is present, set
		HAVE_SETLUID.  We'll need to determine similar tests for other
		extended security systems that we are to support in the future.


Thu Jun 15 17:32:20 EDT 1995	Paul Park	(pjpark@mit.edu)
	* Makefile.in - Change explicit library names to -l<lib> form, and
		change target link line to use $(LD) and associated flags.
		Also, remove DBMLIB, it was not used. Also, for K4, use
		KRB4_LIB and KRB4_CRYPTO_LIB, these were
                split out.
	* configure.in - Remove dbm library checks, these are no longer needed
		with the Berkeley database code.  Also, add shared library
		usage check.

Sat Jun 10 22:56:10 1995  Tom Yu  (tlyu@dragons-lair)

	* forward.c, kcmd.c, krcp.c, krlogind.c, krshd.c:
		krb5_auth_context redefinitions

Fri Jun  9 18:26:30 1995    <tytso@rsx-11.mit.edu>

	* configure.in: Remove standardized set of autoconf macros, which
		are now handled by CONFIG_RULES.

Wed May 31 17:16:44 1995  Tom Yu  (tlyu@dragons-lair)

	* loginpaths.h: #ifdef ultrix => #ifdef __ultrix

Sun May 21 16:36:39 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* loginpaths.h: Add NetBSD paths.

	* login.c: Define TAB3 to 0 if non existant

	* krlogin.c (mode): ifdef code based on TABDLY existing on
		machine. (netbsd lacks this).

	* krcp.c: Declare sys_errlist only if needed by the OS.

	* configure.in: Add DECLARE_SYS_ERRLIST
		Check for libcrypt defining the function crypt

Mon May 15 10:43:30 1995    <tytso@rsx-11.mit.edu>

	* login.c (main): Only try to use TIOCSETD if it is defined
		(instead of relying on _IBMR2 *not* being defined).

		Only try to use TIOCNXCL if it is defined.

	* krcp.c: If setreuid() is emulated using setresuid(),
		#define HAVE_SETREUID so it gets used.

Sat May 13 08:59:38 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krshd.c (recvauth): Use krb5_auth_con_genaddrs to set the port
		on the connection so that credential forwarding works.

Tue May  9 08:17:18 1995  Ezra Peisach  (epeisach@kangaroo.mit.edu)

	* krshd.c (main): Cast a sockaddr_in * to sockaddr * in call to
		accept. 

	* kcmd.c: Add <stdlib.h>

	* krcp.c: Add <stdlib.h>.

Sat May  6 18:12:37 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krcp.c (answer_auth): Added const declaration to filenames.

Fri May 05 09:16:16 1995  Chris Provenzano (proven@mit.edu)

	* krcp.c (answer_auth()): Requires two new args that are passed
		from the command line. The first -c is to pass the filename
		of the remote credential cache. The second -C is to pass
		the filename of the remote krb5.conf file.

Thu May 04 23:53:23 1995  Chris Provenzano (proven@mit.edu)

	* krcp.c (answer_auth()): Don't destroy the credential cache.

Wed May 03 20:10:39 1995  Chris Provenzano (proven@mit.edu)

	* krcp.c (answer_auth()): Set auth_context = NULL before using it.

Wed May 03 03:30:51 1995  Chris Provenzano (proven@mit.edu)

        * krlogind.c, krshd.c: (krb5_compat_recvauth()): 
		No longer needs the rc_type arg.

Tue May  2 22:12:39 1995  Theodore Y. Ts'o  (tytso@dcl)

	* krcp.c (main): Don't try to play uid swapping games if the
		effective uid is not zero.

	* kcmd.c (kcmd): Bug fix to jik's bug fix.  (Caused by our code
		drift since jik's changes went in, and not sufficiently
		careful checking of jik's patches before applying it.)

Mon May 01 15:56:32 1995  Chris Provenzano

	* kcmd.c (kcmd()): Bug fixes from jik.

	* krlogind.c (recvauth()): Changes to auth_context to better 
		support full addresses, for rd_cred() and friends.

Sat Apr 29 01:26:06 1995  Theodore Y. Ts'o  <tytso@dcl>

	* Makefile.in (login.krb5): Link the libraries twice due to
		circular dependency in the libraries.  (read_password in
		libdes425.a depends on krb5_read_password in libkrb5.a)

Fri Apr 28 20:33:06 1995  Theodore Y. Ts'o  <tytso@dcl>

	* login.c (main): Don't use setreuid() to play games with the real
		uid, since not all systems have setreuid().  This method
		of communicating to in_tkt what the correct owner of the
		ticket file is completely broken, anyway.  We skip the
		setreuid() entirely, and then chown the ticket file to the
		correct owner and group afterwards.

Fri Apr 28 17:59:19 1995  Mark Eichin  <eichin@cygnus.com>

	* Makefile.in (KLIB): include KRB4_LIB directly, to satisfy both
	versions of the dependencies.

Fri Apr 28 16:55:14 EDT 1995	Paul Park	(pjpark@mit.edu)
	* Makefile.in	- change position of KRB4_LIB for krshd and krlogind
			  so that it links correctly for both --with-krb4
			  and --with-krb4=/usr/athena.

Fri Apr 28 16:12:57 1995  Mark Eichin  <eichin@cygnus.com>

	* configure.in (PATH): use internal AC_PROG_ECHO_N because change
	in path might change behavior of echo (example: solaris, native
	shell, with GNU echo (-n) in user path, but only Solaris echo (\c)
	in path here.)

Fri Apr 28 07:52:45 1995  Theodore Y. Ts'o  <tytso@lurch.mit.edu>

	* login.c: Lots of lint cleanup; declare functions before they
		are used, add appropriate return types (int or void)
		to functions as necessary, etc.
	
Thu Apr 27 21:44:17 1995  Ezra Peisach  (epeisach@kangaroo.mit.edu)

	* login.c: Remove definition of krb_err_txt. krb.h defines it.

Thu Apr 27 17:41:06 1995  Mark Eichin  <eichin@cygnus.com>

	* Makefile.in (krshd, login.krb5, krlogind): KRB4_LIB needs to
	appear before KLIB since it uses des425.

Thu Apr 27 14:36:54 1995  Mark Eichin  <eichin@cygnus.com>

	* Makefile.in (LOCALINCLUDE): get kerberosIV headers for login.c
	(login.krb): link against krb4 libs.
	* configure.in: check AC_CONST so it works.

Thu Apr 27 13:54:21 1995  Mark Eichin  <eichin@cygnus.com>

	* configure.in: use WITH_KRB4 as-is.
	* Makefile.in (krshd, krlogind): use KRB4_LIB directly.

Thu Apr 27 01:09:19 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krcp.c (answer_auth): Should not call krb5_cc_close after
		krb5_cc_destroy. (encrypted rcp failed).

	* krlogind.c (main): -S option was not getting a keytab. (passing
		a char * to krb5_compat_recvauth).

	* krshd.c (recvauth): extract the client principal from ticket
		before calling krb5_kuserok on a NULL principal.
		(main): -S option was not getting a keytab (passing a char *).

	* krcp.c: (main): Missing htons on port number when specified on
		command line.

Wed Apr 26 21:09:34 1995  Chris Provenzano  (proven@mit.edu)

	* kcmd.c (kcmd()) : Don't use hp->h_name use host_save instead.

Wed Apr 26 17:43:08 1995  Mark Eichin  <eichin@cygnus.com>

	* logutil.c (EMPTY): linux has UT_UNKNOWN, not EMPTY.

Wed Apr 26 09:41:35 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>

	* krlogind.c (main): LOG_AUTH in openlog arguments in wrong place.
		(recvauth): Do not copy principal on a V4 request. The
		ticket portion is not set by krb5_compat_recvauth for these.

	* configure.in: Check for libutil. Under OSF/1, logwtmp is stored
		there. 

Wed Apr 26 07:19:18 1995  Chris Provenzano  (proven@mit.edu)

	* krlogind.c (doit()) : If TIOCOTTY is defined unset the 
		controlling tty before setting it to another tty.

Tue Apr 25 21:23:28 1995  Chris Provenzano  (proven@mit.edu)

	* forward.c (rd_and_store_for_creds()) : Rewritten to use
		auth_context and the new krb5_rd_creds().
	* forward.c (get_for_creds()) : New function replacing
		krb5_get_for_creds() and uses auth_context and new
		krb5_mk_creds() routine.
	* kcmd.c (kcmd()): Use new get_for_creds() routine.
	* krlogind.c (recvauth()): Use new rd_and_store_for_creds() routine.

Sat Apr 22 00:42:22 1995  Theodore Y. Ts'o  (tytso@dcl)

	* rlogind (main, doit): The variable krb5_override_default_realm
		is obsolete.  Use the krb5_set_default_realm function instead.

	* krshd.c (main, doit): The variable krb5_override_default_realm
		is obsolete.  Use the krb5_set_default_realm function instead.

Fri Apr 21 21:11:17 1995  Theodore Y. Ts'o  (tytso@dcl)

	* krshd.c: Add #include for <sys/stat.h>, which is now needed.

Fri Apr 21 17:18:57 1995  Mark Eichin  <eichin@cygnus.com>

	rlogin testing changes from ian@cygnus.com.

Fri Apr 21 17:13:48 1995  Mark Eichin  <eichin@cygnus.com>

	More changes from ian@cygnus.com to support testing.

Fri Apr 21 14:07:15 1995  Mark Eichin  <eichin@cygnus.com>

	Added Ian's changes with minor tweaks. These are used by the testsuite.

Fri Apr 07 15:46:54 1995 Chris Provenzano (proven@mit.edu)

	* configure.in, krlogind.c, krsh.c, krshd.c, login.c, logutil.c.
		A bunch of patches from Ezra to get BSD to work on
		The Alpha that looked reasonable.

Mon Mar 27 07:56:26 1995 Chris Provenzano (proven@mit.edu)

        * krcp.c (send_auth()): Use new calling convention for krb5_rd_req().

        * krshd.c (recvauth()): Use new calling convention for 
		krb5_compat_recvauth().

        * krlogind.c (recvauth()): Use new calling convention for 
		krb5_compat_recvauth().

Fri Mar 24 15:04:25 1995  Ian Lance Taylor  <ian@cygnus.com>

	* krlogind.c (srvtab): New global variable.
	(krb5_override_default_realm): Declare.
	(ARGSTR): Add "S:M:L:" to Kerberos version.
	(login_program): New global variable.
	(main): Handle -S, -M, and -L arguments.  Call SO_REUSEADDR on
	socket if debug_port set.
	(doit): Use login_program instead of LOGIN_PROGRAM.
	(recvauth): Pass srvtab to krb5_compat_recvauth.
	* krlogind.M: Document -S, -M, and -L.

Fri Mar 24 15:04:25 1995  Ian Lance Taylor  <ian@cygnus.com>

	* krcp.c (forcenet): New global vraiable.
	(main): Accept -D and -N arguments.  Pass Kerberos realm to remote
	rcp execution.
	(hosteq): If -N specified, always return 0.
	* rcp.M: Document -D and -N.
	* krshd.c (ARGSTR): Add "P:" to KERBEROS version.
	(kprogdir): New global variable.
	(main): Handle -P.
	(path): Remove global variable.
	(path_rest): Remove explicit size.
	(envinit): Use 0 instead of path.
	(PATHENV): define.
	(doit): Use kprogdir variable instead of KPROGDIR macro when
	setting path.  Build path in allocated memory rather than using a
	fixed size array.  If the command starts with "rcp ", force use of
	kprogdir/rcp if it exists.
	* krshd.M: Document -P.

Thu Mar 23 18:18:31 1995  Ian Lance Taylor  <ian@cygnus.com>

	* krshd.c (ARGSTR): Add S:M:A to KERBEROS version.
	(srvtab): New global variable.
	(krb5_override_default_realm): Declare.
	(main): Handle -S, -M and -A arguments.  Call SO_REUSEADDR on
	socket if debug_port set.
	(doit): If -A used, allocate a random port for the stderr stream,
	rather than allocating a reserved port.  Don't call initgroups if
	not changing the uid.
	(recvauth): Pass srvtab to krb5_compat_recvauth.
	* krshd.M: Document -S, -M, and -A.
	* krsh.c (main): Accept -A, and pass it to kcmd.
	* rsh.M: Document -A.
	* kcmd.c (kcmd): Add new argument anyport.  If it is set, permit
	any port for the stderr stream, rather than requiring a reserved
	port.  Initialize ret_cred to NULL.
	* krcp.c (main): Pass 0 for anyport to kcmd.
	* krlogin.c (main): Pass 0 for anyport to kcmd.

Thu Mar 23 23:23:25 1995  Theodore Y. Ts'o  <tytso@dcl>

	* Makefile.in (krshd): Move $(K4LIB) after $(KLIB) so that if
		we're using des425, the V5 crypto library can be picked up.

	* configure.in: Use the correct path to find libdes425

Thu Mar 23 20:22:57 1995  Mark Eichin  <eichin@cygnus.com>

	* logutil.c (update_wtmp): initialize ut from ent the way the V4
	code did. Appears to handle SunOS case (when nearly all of the
	ifdef's are off) correctly now.

Tue Mar 14 16:08:08 1995    <tytso@rsx-11.mit.edu>

	* Makefile.in, configure.in: Use the libdes425 library so that the
		DES code doesn't get dragged in twice.

	* krlogind.c: Include <sys/time.h> so that Linux can get the
		FD_SET macros.

	* kcmd.c (kcmd): Close the credentials cache when you're done with
	        it.

	* krlogind.c (doit): Always initialize the Krb5 error table.

	* krlogind.c (main, doit): Minor type fixes to gethostbyname(),
		accept().

Tue Mar 14 12:30:23 1995  Chris Provenzano (proven@mit.edu)

	* kcmd.c (kcmd()): Don't pass any data to sendauth() to be 
		checksummed. The remote side doesn't check it anyway.

Fri Mar 10 18:32:22 1995  Theodore Y. Ts'o  <tytso@dcl>

	* kcmd.c (kcmd): Initialize ret_cred to zero so that in case of an
		error, we don't try to free stack garbage.

Fri Mar 10 11:09:34 1995  Chris Provenzano (proven@mit.edu)

        * kcmd.c (kcmd()) Use new calling convention for krb5_sendauth().
	* krcp.c () Use new calling convention for krb5_mk_req_extended().

Thu Mar  2 12:26:29 1995  Theodore Y. Ts'o  <tytso@dcl>

	* Makefile.in (ISODELIB): Remove reference to $(ISODELIB).

Wed Mar  1 11:54:50 1995  Theodore Y. Ts'o  <tytso@dcl>

	* configure.in: Remove ISODE_INCLUDE and ISODE_DEFS, replace check
		for -lsocket and -lnsl with WITH_NETLIB check.

Tue Feb 28 01:41:04 1995  John Gilmore  (gnu at toad.com)

	* forward.c, kcmd.c, krcp.c, krlogin.c, krlogind.c, krsh.c,
	krshd.c:  Avoid <krb5/...> and <com_err.h> includes.

Tue Feb 14 15:30:55 1995 Chris Provenzano  (proven@mit.edu)

        * kcmd.c Call krb5_sendauth() and krb5_get_credentials() with 
		new calling convention.

	* krcp.c (answer_auth()) Call krb5_mk_req_extended90 with new 
		calling convention.

Fri Feb  3 11:51:55 1995  Theodore Y. Ts'o  (tytso@dcl)

	* krcp.c (tgt_keyproc): Add keytype parameter to field.

Mon Jan 30 07:58:16 1995  Chris Provenzano (proven@mit.edu)

	* Removed all #include <krb5/crc-32.h> 

	* Removed krb5_enctype argument passed to krb5_get_for_creds()

Wed Jan 25 16:54:40 1995  Chris Provenzano (proven@mit.edu)

        * Removed all narrow types and references to wide.h and narrow.h

Wed Jan 18 14:33:50 1995  Mark Eichin  <eichin@cygnus.com>

	* krlogind.c (v4_des_read, v5_des_read): When reading length,
	ignore everything before a leading zero (MSB first "reasonable"
	value) to compensate for rlogin (mis)use of BSD-OOB data.
	* krlogin.c (des_read): same code (in both versions of des_read.)

Wed Jan 18 01:07:56 1995  Mark Eichin  <eichin@cygnus.com>

	* configure.in: undo streams test. It turns out that we want sunos
	to *fail* that test, since it doesn't have a streams PTEM module
	anyhow.
	* krlogind.c: don't include sys/tty.h and sys/ptyvar.h if we don't
	HAVE_STREAMS already.
	* krlogin.c: do the same thing.

Fri Jan 13 15:23:47 1995  Chris Provenzano (proven@mit.edu)

    * Added krb5_context to all krb5_routines

	* krsh.c (main): Use htons(debug_port).

Wed Jan 11 01:25:09 1995  Mark Eichin  <eichin@cygnus.com>

	* logutil.c (update_wtmp): declare missing variables if
	HAVE_SETUTENT isn't set.
	(update_utmp): declare tty at top of function.

Tue Jan 10 19:43:18 1995  Mark Eichin  (eichin@cygnus.com)

	* krlogin.c (doit): use exit_handler for signal exits, don't use
	exit directly.
	(exit_handler): new function, avoids type collision from misusing
	exit directly as a signal handler.

Tue Jan 10 15:23:31 1995  Richard Basch  (probe@tardis)

	* configure.in: Streams test needs to include sys/types.h

	* krsh.c: Include sys/time.h (linux)

Mon Jan  9 21:48:54 1995  Theodore Y. Ts'o  (tytso@dcl)
    
    	* kcmd.c, krlogin.c, krcp.c: Always include fcntl.h, and never
		sys/fcntl.h.

	* krshd.c: Always define the Kerberos V4 data structures.

Tue Jan  3 16:54:02 1995  Richard Basch  (probe@tardis)

	* krshd.c
	  	Cleaned up comments

	* krsh.c
	  	Removed debugging statement

	* kcmd.c
	  	Removed old sgi code (it has POSIX_SIGNALS).

Mon Jan  2 12:35:18 1995  Richard Basch  (probe@tardis)

	* krsh.c
	* krshd.c
	  	Added encrypted rsh support.
		It still isn't entirely secure; as the command-line could
		be spoofed by an active attack, but the data sharing is...

	* krlogind.c
	  	Ultrix doesn't have a fully functional POSIX termios.

	* krshd.c
	  	Cleaned up some of the #ifdef's and code duplication.
		Fixed decl. of return variable for getopt() [int not char]

Fri Dec 30 18:35:50 1994  Richard Basch  (probe@tardis)

	* krlogin.c
	  	Don't need: #ifdef _AIX, #undef _BSD, #endif

	* Makefile.in
	  	Fixed man page installation when build tree != source tree

	* configure.in
	  	No need to do the fcntl check
		Changed GETPGRP_ONEARG detection (and assign it when it
			takes one argument, not void).

	* logutil.c
	* login.c
	  	Tidied up the code a bit.
		Do not rely on NO_UT_TYPE (it has problems with AIX headers)

	* krlogind.c
	  	Tidied up the code a bit.
	  	Set the controlling tty for Ultrix
		Do not rely on NO_UT_TYPE (it has problems with AIX headers)

Thu Dec 29 10:12:48 1994  Richard Basch  (probe@tardis)

	* krlogind.c
	  	Conditionalize grantpt/unlockpt on HAVE_GRANTPT (not just Sun)
	  	Conditionalized references to ut_type and ut_pid.
		Try all the methods for getting a pty...

	* logutil.c
	  	Conditionalized references to ut_type and ut_pid.

	* configure.in
	  	Conditionalize grantpt/unlockpt on HAVE_GRANTPT
		Corrected a minor syntactical error with extraneous "],"

Thu Dec 29 01:38:17 1994  Richard Basch  <probe@k9>

	* krlogind.c:
	  	Error checks for Solaris tty setup routines (grantpt/unlockpt)
		Commented out the OOB code, as it causes problems currently.
		Cleaned up some of the #ifdef's for logging incoming users
		Removed extraneous declaration of malloc()
		Pass a "" for the hostname rather than NULL to update_utmp.
		Some additional cosmetic changes.
		Included/excluded SYSV code (SYSV is not defined anywhere)

Wed Dec 28 14:59:58 1994  Richard Basch  (probe@tardis)

	* krlogin.c
	* krlogind.c
	* krsh.c
	* krshd.c
	  	Corrected the arguments to select, based on sizeof fd_set.
		Converted what remained to use FD_* macros, instead of bitshift

	* login.c
	  	Changed uid_type to uid_t, gid_type to gid_t
		Added shadow password support
		Always use cfset*speed when POSIX_TERMIOS is defined

	* configure.in
		Changed the PATH for looking for BSD r* commands
		Use AC_TRY_LINK instead of AC_TRY_COMPILE for the setenv test.
		Cache results of compile/link tests.
		Added shadow password support.
	  	Don't bother checking for sys/stream.h; done elsewhere
		Look for the function ptsname.

	* logutil.c
	  	Search to the proper position in the utmp/utmpx files.
	  	Corrected arguments for the utmpx routines.

	* krlogind.c
	  	Revamped the tty setup routines.

Tue Dec 27 14:42:15 1994  Richard Basch  (probe@tardis)

	* krlogin.c
	  	Cleaned up some of the includes

	* krlogind.c
	* krshd.c
	* logutil.c
	* login.c
	  	Revamped the utmp/wtmp handling routines

	* Makefile.in
	  	Fixed the "krlogin" program define for "krsh"

	* configure.in
		Changed the HAVE_STREAMS macro to not try <sys/tty.h>
		Corrected the text for the setpgrp arguments check

Tue Dec 27 06:15:42 1994  Richard Basch  (probe@tardis)

	* krlogind.c
		Use the file descriptor macros (eg. FD_SET) to handle fd arrays
		Change #ifdef STREAMS to #ifdef HAVE_STREAMS
		Started to add SYS-V utmp handling
		Ripped out the old termio code.
		Include <unistd.h> and <stdlib.h> where available.

	* configure.in
		Combined KRB5_UT* macros into CHECK_UTMP, with more checks.
		Changed obsolete AC_COMPILE_CHECK to use newer macros.

Mon Dec 26 13:51:20 1994  Richard Basch  (probe@tardis)

	* Makefile.in
	* configure.in
	* krcp.c
	* krsh.c
	* krlogin.c
	Removed the hard-coded paths for the BSD rlogin/rcp/rsh programs.
	Let "configure" find the programs for us...

Mon Dec 19 15:09:57 1994  Theodore Y. Ts'o  (tytso@dcl)

	* krcp.c (des_write):
	* krlogin.c (des_write):
	* krlogind.c (v5_des_write): Fix byte swapping code (Missing shift
		instructions).

	* krlogind.c (v4_des_read, v4_des_write): Fixed byte swapping code
		so that V4 des compatibility works on 64 bit
		architectures.

Fri Nov 18 01:19:13 1994  Mark Eichin  <eichin@cygnus.com>

	* Makefile.in (install): add install rules for krlogind.M,
	krshd.M, rlogin.M, rcp.M, rsh.M. (Section numbers are explicit,
	and this should probably be changed.)
	(from Ted Lemon <mellon@ipd.wellsfargo.com>

Fri Nov 18 01:10:34 1994  Mark Eichin  <eichin@cygnus.com>

	* configure.in: use new macros KRB5_UTPID, KRB5_UTTYPE, and
	KRB5_UTHOST (from epeisach).

Wed Nov 16 11:45:01 1994  Richard Basch  (probe@tardis)

	* krlogin.c:
	If the system includes a SA_RESTART signal flag, use it.
	We want to be able to resume the read() system call after
	a SIGURG comes.

Fri Nov 11 00:53:57 1994  Theodore Y. Ts'o  (tytso@dcl)

	* forward.c (mk_cred, rd_cred): Move mk_cred and rd_cred to
		libkrb.a.

Tue Nov  8 23:52:58 1994  Theodore Y. Ts'o  (tytso@dcl)

	* krshd.c (setpgrp): Defining setpgrp(a,b) to setpgrp() if
		SETPGRP_TWOARG is not set can cause infinite macro
		recursion on some C preprocessors.  Fix by putting the
		#ifdef for SETPGRP_TWOARG where setpgrp is actually
		called, instead of trying to redefine setpgrp().

Mon Nov  7 21:22:00 1994  Theodore Y. Ts'o  (tytso@dcl)

	* configure.in: Add check for stdlib.h

	* configure.in: Remove unused check for HAVE_GETDTABLESIZE
		(especially since we replace it with AC_REPLACE_FUNCS
		later!)

	* getdtablesize.c:  Use POSIX method of obtaining fd table size,
		if available. 

Wed Nov 02 22:21:00 1994  Richard Basch  (probe@tardis)

	* configure.in:
	Moved POSIX signal check to aclocal.m4, and calls it (CHECK_SIGNALS)
	Added POSIX setjmp check (CHECK_SETJMP).
	Added checks for waitpid and setsid functions.

	* kcmd.c:
	Include <signal.h> not <sys/signal.h>.
	Don't bother declaring sigmask when POSIX_SIGNALS is set.
	
	* krcp.c:
	Replaced the conditionalized BITS64 code with more portable code.
	Use mode_t instead of int, for file modes.
	Use waitpid, instead of wait, where available (HAVE_WAITPID).
	Added POSIX signal handling (POSIX_SIGNALS).

	* krlogin.c:
	Include <unistd.h> and <stdlib.h> if available
	Replaced the conditionalized BITS64 code with more portable code.
	Use cfgetospeed() if POSIX_TERMIOS is defined.  It was already being
		used, so there is no need to use two methods.
	Use waitpid, instead of wait, where available (HAVE_WAITPID).
	Added POSIX setjmp handling (POSIX_SETJMP)
	Added POSIX signal handling (POSIX_SIGNALS).

	* krlogind.c:
	Added POSIX signal handling (POSIX_SIGNALS).
	Corrected an error in the arguments to chmod().
	Call setsid() if HAVE_SETSID is defined.
	Try not conditionalizing on __alpha; use other #ifdef's.
	Replaced the conditionalized BITS64 code with more portable code.

	* krsh.c:
	Added POSIX signal handling (POSIX_SIGNALS)

	* krshd.c:
	Declare and manipulate the file descriptor arrays properly,
		rather than bit shifting and passing them to select as
		(long *).  Some systems (eg. AIX) declare them to be structs.
	Added POSIX signal handling (POSIX_SIGNALS)

	* login.c:
	Include <unistd.h> and <stdlib.h> if available
	Added POSIX setjmp handling (POSIX_SETJMP)
	Added POSIX signal handling (POSIX_SIGNALS)
	Use waitpid, instead of wait, where available (HAVE_WAITPID).

	* logutil.c:
	Don't redeclare time(); it may conflict with the system header files.
	Include <unistd.h> first.

Thu Oct 27 20:07:03 1994  Mark Eichin  (eichin@cygnus.com)

	* login.c (main): if CSTATUS is missing, don't set c_cc[VSTATUS]
	(for sunos.)

Thu Oct 27 16:12:19 1994  Mark Eichin  (eichin@cygnus.com)

	* krlogin.c (des_write): get rid of srandom, since seeding is done
	directly in krb5_random_confounder. get rid of unused variables.
	* krlogind.c (v4_des_write): use krb5_random_confounder
	directly. get rid of unused variables.

Thu Oct 27 14:50:40 1994  Mark Eichin  (eichin@cygnus.com)

	* login.c (main): if CDISCARD is missing, use CFLUSH instead.

Thu Oct 27 14:47:41 1994  Mark Eichin  (eichin@cygnus.com)

	* configure.in: fix typo in "use streams interface" test (ttold.h
	not ttyold.h)

Thu Oct 27 14:31:17 1994  Mark Eichin  (eichin@cygnus.com)

	* configure.in: check for srand48, srand, and srandom.
	* krlogind.c (v4_des_write): use the best available of the three
	random number systems for padding (based on code from
	lib/crypto/os/rnd_confoun.c.)

Wed Oct 26 00:04:02 1994  Theodore Y. Ts'o  (tytso@dcl)

	* krsh.c (main):
	* krlogind.c (protocol, v5_des_read): Check for both EAGAIN in
		addition to EWOULDBLOCK.

Mon Oct 24 14:46:07 1994    (tytso@rsx-11)

	* Makefile.in: The Kerberos V4 libraries must be linked in after
		the V5 libraries; compat_recvauth pulls in the V4 routines.

	* kcmd.c (kcmd): Don't free host_save; it's supposed to be
		returned by kcmd to the caller!

	* configure.in
	* krlogin.c (des_write): Don't check for srand48 and then try to
		define srandom to be srand48.  This breaks on machines
		which have both srandom and srand48.  Instead, use
		krb5_random_confounder; it will do the right thing.

Wed Oct 19 12:36:47 1994  Theodore Y. Ts'o  (tytso@dcl)

	* krlogind.c (protocol): Change yet another variable to be an
		unsigned char.

	* login.c (main): Add other termios c_cc initializations for the
		ALPHA. 

	* krlogind.c (protocol): Make protocol buffers be unsigned, since
		we're comparing against unsigned data.

Tue Oct 18 15:48:37 1994  Mark Eichin  (eichin@cygnus.com)

	* configure.in (HAVE_STREAMS): test for streams interface headers
	in a way that fails on sunos but works on solaris.
	* krlogin.c: use HAVE_STREAMS.
	* krlogind.c: use HAVE_STREAMS, fix TIOCPKT_* test.

Tue Oct  4 17:14:38 1994  Theodore Y. Ts'o  (tytso@dcl)

	* krcp.c (tgt_keyproc): Add widen.h and narrow.h around
		declaration so that argument types are widened.

Mon Oct  3 13:21:51 1994  Theodore Y. Ts'o  (tytso@dcl)

	* logutil.c (logwtmp): Remove declaration for strncpy().

Fri Sep 30 17:04:24 1994  Theodore Y. Ts'o  (tytso@dcl)

        * krshd.c: Use ifdef for SETPGRP_TWOARG and HAVE_KILLPG

	* krlogind.c: Use ifdef include of HAVE_SYS_TTY_H and
		HAVE_SYS_PTYVAR_H (suncc doesn't #define solaris).

Thu Sep 29 22:50:05 1994  Theodore Y. Ts'o  (tytso@dcl)

	* Makefile.in: "make clean" should remove the executables

	* Makefile.in: Relink executables if libraries change

Thu Sep 29 17:55:57 1994  Mark Eichin  (eichin@tweedledumber.cygnus.com)

	* krlogin.c (mode): ifdef VLNEXT instead of svr4 for ^V fixing.
	(doit): ditto.
	krlogin.c, configure.in: include sys/tty.h and sys/ttold.h only if
	they're both there. 


Wed Sep 28 20:57:24 1994  Mark Eichin  (eichin@tweedledumber.cygnus.com)

	* configure.in (srand48): check for srand48, and if it exists,
	substitute it for srandom (and lrand48 for random.)
	(K4LIB): add libdes.a, needed for des_pcbc_encrypt.

Wed Sep 28 14:36:29 1994  Mark Eichin  (eichin@rtl.cygnus.com)

	* Makefile.in: always put $(K4LIB) before $(KLIB) so that
	references to libcrypto.a get resolved.

Thu Aug 18 18:57:44 1994  Theodore Y. Ts'o  (tytso at tsx-11)

	* Makefile.in:
	* configure.in: Fix KRB4 handling; do it here in configure.in
	instead of in Makefile.in

Thu Aug 18 18:55:36 1994  Mark Eichin  (eichin@perdiem)

	* configure.in (LOGINLIBS): always substitute it, even if it isn't
	set.

Thu Aug 18 17:09:36 1994  Theodore Y. Ts'o  (tytso at tsx-11)

    	* forward.c (get_for_creds): Fix bug to allow cross-realm
	forwarded credentials to work.

	* forward.c (rd_and_store_for_creds):  Store the forwarded
	credentials in a file which is PID dependent, to allow for
	different sessions in an rlogin session.

	* Makefile: Add $(SETENVOBJ) to all programs that use forward.c

Tue Aug 16 22:41:25 1994  Mark Eichin  (eichin@cygnus.com)

	* krlogind.c: add sys/ioctl.h.

Tue Aug 16 22:36:29 1994  Mark Eichin  (eichin@cygnus.com)

	* configure.in: set LOGINLIBS to -lodm -ls -lcfg if the system has
	all three (and is probably an AIX system.)
	* Makefile.in: use LOGINLIBS for login.krb5.
	* krshd.c: use HAVE_SYS_SELECT_H.

Tue Aug 16 17:58:09 1994  Mark Eichin  (eichin@cygnus.com)

	* krcp.c: check HAVE_VFORK_H
	* configure.in: use AC_VFORK (runtime test -- consider just using
	fork instead.)

Sat Aug 13 02:04:37 1994  Mark Eichin  (eichin@perdiem)

	* Makefile.in (DEFINES): set LOGIN_PROGRAM correctly.

Thu Aug 11 23:16:31 1994  Mark Eichin  (eichin@perdiem)

	* krsh.c: Don't (mis)declare getpwuid ever.

Sun Aug  7 04:43:24 1994  Mark Eichin  (eichin@cygnus.com)

	* krlogin.c (oob): FWRITE (and out) not needed w/POSIX_TERMIOS
	* logutil.c: if EMPTY is missing, use UT_UNKNOWN instead.
	* login.c (main): some systems just don't have TIOCLSET

Fri Aug  5 18:47:00 1994  Mark Eichin  (eichin@cygnus.com)

	* configure.in: test for sigprocmask and sigset_t to set POSIX_SIGNALS.
	* krlogin.c, kcmd.c: use POSIX_SIGNALS.

Fri Aug  5 15:35:54 1994  Mark Eichin  (eichin@cygnus.com)

	* configure.in, logutil.c: check for NO_UT_PID, use it.

Wed Jul 27 12:52:04 1994  Mark Eichin  (eichin@cygnus.com)

	* krlogind.c, krlogin.c, krcp.c: define roundup if needed.

	* Makefile.in: add LIBOBJS, dependency for getdtablesize.o.
	* getdtablesize.c: new file.
	* configure.in: build getdtablesize.c if needed.

	* login.c: HAVE_TTYENT_H.
	* configure.in: add ttyent.h to HEADERS test.

	* krshd.c: HAVE_SYS_LABEL_H, which seems to be SunOS 4 specific.
	* krlogind.c: ditto.
	* configure.in: test for add sys/label.h to HEADERS test.

	* krcp.c (rsource): USE_DIRENT_H.

	* configure.in: test for HAVE_UNISTD_H.
	* logutil.c: use HAVE_UNISTD_H.

Tue Jul 26 00:25:57 1994  Mark Eichin  (eichin@cygnus.com)

	* krlogin.c: include <fcntl.h>

	* configure.in: Added tests for NO_UT_HOST, NO_UT_EXIT.
	* logutil.c: use them.

	* configure.in: add CHECK_DIRENT, CHECK_FCNTL.

	* configure.in: Added tests for HAVE_SETOWN, HAVE_SYS_FILIO_H.
	* krlogin.c, krsh.c, krshd.c, krlogin.c, krlogind.c: use them.

Sat Jul 23 08:48:50 1994  Tom Yu  (tlyu@dragons-lair)

	* kcmd.c:
	* krshd.c: include ext-proto.h to avoid type warnings

Sat Jul 16 02:24:31 1994  Theodore Y. Ts'o  (tytso at tsx-11)

	* kcmd.c:
	* krsh.c: index->strchr, rindex->strrchr, add (char *) cast to
	malloc,	have proper include for the string functions.

Fri Jul 15 15:03:11 1994  Theodore Y. Ts'o  (tytso at tsx-11)

	* krcp.c: add utimes() emulation for systems that only have the
		POSIX utime() call.

Mon Jun 27 22:03:48 1994  Theodore Y. Ts'o  (tytso at tsx-11)

	* krlogind.c: remove spurious debugging #undef of KRB5_KRB4_COMPAT

