From root@ivr.lab.arcor.net  Tue Jul 18 20:51:24 2006
Return-Path: <root@ivr.lab.arcor.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 640E316A4DD
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 18 Jul 2006 20:51:24 +0000 (UTC)
	(envelope-from root@ivr.lab.arcor.net)
Received: from moritz.lab.arcor.net (moritz.lab.arcor.net [145.253.112.13])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F128943D45
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 18 Jul 2006 20:51:23 +0000 (GMT)
	(envelope-from root@ivr.lab.arcor.net)
Received: from max.ivr.lab.arcor.net (max.ivr.lab.arcor.net [192.168.249.177])
	by moritz.lab.arcor.net (Postfix) with ESMTP id 9EF1FA986
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 18 Jul 2006 22:51:21 +0200 (CEST)
Received: from login.ivr.lab.arcor.net (login.ivr.lab.arcor.net [192.168.249.8])
	by max.ivr.lab.arcor.net (Postfix) with ESMTP id 8E465152C5
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 18 Jul 2006 22:51:21 +0200 (CEST)
Received: by login.ivr.lab.arcor.net (Postfix, from userid 0)
	id 7675D1701C; Tue, 18 Jul 2006 22:51:21 +0200 (CEST)
Message-Id: <20060718205121.7675D1701C@login.ivr.lab.arcor.net>
Date: Tue, 18 Jul 2006 22:51:21 +0200 (CEST)
From: cwf-ml@arcor.de
To: FreeBSD-gnats-submit@freebsd.org
Subject: Fix to get rid of the telnet to cisco problem
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         100496
>Category:       bin
>Synopsis:       [patch] Fix to get rid of the telnet(1) to cisco problem
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          analyzed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jul 18 21:00:28 GMT 2006
>Closed-Date:    
>Last-Modified:  Fri Feb 29 01:11:46 UTC 2008
>Originator:     Charlie &
>Release:        FreeBSD 6.1-RELEASE-p2 i386
>Organization:
>Environment:
System: FreeBSD xx.xx.xx 6.1-RELEASE-p2 FreeBSD 6.1-RELEASE-p2 #2: Wed Jun 21 10:50:48 CEST 2006 root@xx.xx.xx:/usr/obj/usr/src/sys/DL140LOG i386

	FreeBSD 6.1, along the RELENG_6_1 branch

>Description:
	There is this old and ugly problem that whenever you telnet into
	a cisco box from FreeBSD, you get your login prompt garbled
	by an error message "No default realm defined for Kerberos!"

	This is caused by the cisco box seeing the autologin fields in
	telnet and getting nervous about its own nonexistent kerberos
	settings. The problem appeared somehwere in FreeBSD 3.x, when
	the telnet client started to default to autologin.

	Standard fix back then was to recompile telnet with kerberos
	disabled in /etc/make.conf. This doesn't work any more since
	5.0. Currently there is no documented way to disable autologin
	on a systemwide scale, or even on a user scale using .telnetrc 
	for all possible destinations. 

	In an environment where the main telnet targets are cisco boxes 
	(and many of them) this is major annoyance. 

	The appended fix reverses the default of the telnet client to
	no autologin. Autologin is still possible using the old
	-a option.

	Since autologin does not serve much useful function any more
	in the age of ssh and pam, this change seems sensible.

	( A more perfect would be an /etc/telnetrc and a config
	syntax enhancement that allows global defaults there.)

>How-To-Repeat:
	telnet ciscobox
>Fix:

# --------- cut here ----------------------------------------------
--- contrib/telnet/telnet/main.c.orig   Tue Jul 18 22:19:28 2006
+++ contrib/telnet/telnet/main.c        Tue Jul 18 22:41:11 2006
@@ -138,7 +138,7 @@

        rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE;
 #ifdef AUTHENTICATION
-       autologin = 1;
+       autologin = 0;
 #else
        autologin = -1;
 #endif
@@ -209,11 +209,7 @@
 #endif
                        break;
                case 'a':
-#ifdef AUTHENTICATION
-                       /* It's the default now, so ignore */
-#else
                        autologin = 1;
-#endif
                        break;
                case 'c':
                        skiprc = 1;
# --------- cut here ----------------------------------------------

>Release-Note:
>Audit-Trail:

From: "C. Weber" <cwf-ml@arcor.de>
To: FreeBSD-gnats-submit@FreeBSD.org, freebsd-bugs@FreeBSD.org
Cc:  
Subject: Re: bin/100496: Fix to get rid of the telnet to cisco problem
Date: Tue, 18 Jul 2006 23:42:04 +0200

 addenda:
 
 - someone told me to use -K. This isn't what this submission
    is about, the very point is _not_ to be forced to use -K all
    the time, and not beeing to forced to change any telnet using
    script ported from another system.
 
 - reading the code I noted a DEFAULT keyword matching all hosts
    in .telnetrc (at least it looks that way). This is undocumented
    and also not system wide available. But someone might want
    to update the man page accordingly.                      --CWF
 
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/100496: commit references a PR
Date: Mon, 18 Sep 2006 15:03:34 +0000 (UTC)

 maxim       2006-09-18 15:03:18 UTC
 
   FreeBSD src repository
 
   Modified files:
     contrib/telnet/telnet telnet.1 
   Log:
   o Mention .telnetrc DEFAULT keyword.
   
   PR:             bin/100496 (sort of)
   Obtained from:  NetBSD, heas@netbsd
   MFC after:      3 weeks
   
   Revision  Changes    Path
   1.19      +8 -1      src/contrib/telnet/telnet/telnet.1
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 

From: Bruce M Simpson <bms@incunabulum.net>
To: freebsd-gnats-submit@FreeBSD.org,  maxim@FreeBSD.org
Cc:  
Subject: Re: bin/100496: [patch] Fix to get rid of the telnet(1) to cisco
 problem
Date: Thu, 28 Sep 2006 18:34:59 +0100

 Any plans to MFC this?

From: Maxim Konovalov <maxim@macomnet.ru>
To: Bruce M Simpson <bms@incunabulum.net>
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: Re: bin/100496: [patch] Fix to get rid of the telnet(1) to cisco
 problem
Date: Thu, 28 Sep 2006 22:16:10 +0400 (MSD)

 On Thu, 28 Sep 2006, 18:34+0100, Bruce M Simpson wrote:
 
 > Any plans to MFC this?
 
 From the commit log:
 
 maxim       2006-09-18 15:03:18 UTC
 [...]
   MFC after:      3 weeks
 
 -- 
 Maxim Konovalov
State-Changed-From-To: open->closed 
State-Changed-By: gavin 
State-Changed-When: Tue Jan 29 14:16:19 UTC 2008 
State-Changed-Why:  
This was patched and MFC'd to 6.x over a year ago 

http://www.freebsd.org/cgi/query-pr.cgi?pr=100496 

From: linimon@lonesome.com (Mark Linimon)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/100496: plese reopen this PR. The patch was NOT commtted. The Problem is NOT fixed
Date: Tue, 29 Jan 2008 18:24:47 -0600

 ----- Forwarded message from "C. Weber" <cwf-ml@arcor.de> -----
 
 To: gavin@FreeBSD.org, freebsd-bugs@FreeBSD.org
 Subject: Re: bin/100496: plese reopen this PR. The patch was NOT commtted.
  The Problem is NOT fixed
 
 Hello,
 
 Please reopen this PR. he patch was *not* committed (neither to HEAD nor
 elsewhere). The problem is still there and has *not* been fixed!
 
 1.) The problem is still there:
 
 # -------------
 wefa@XXX 21:01 [~]uname -a
 FreeBSD XXX.tnd.lab.arcor.de 6.3-RELEASE FreeBSD 6.3-RELEASE #4:
 	Tue Jan 29 19:48:42 CET 2008     
 	wefa@XXX.tnd.lab.arcor.de:/usr/obj/usr/src/sys/DL140LOG  i386
 
 wefa@XXX 21:26 [~]telnet sw2
 Trying 192.168.50.25...
 Connected to sw2
 Escape character is '^]'.
 
 
 User Access Verification
 
 Password: Kerberos:     No default realm defined for Kerberos!
 # -------------
 
 
 2.) The patch was neither committed nor MFCd.
 
 The comments in the PR regarding commit/mfc only refer to a mini patch by
 a third party who JUST UPDATES THE MAN PAGE (documenting the DEFAULT 
 keyword).
 While this is a good thing, it doesn't solve the problem.
 
 Please reopen this PR, apply the patch (will need cosmetic changes to
 work against 6.2, 6.3 or HEAD) and MFC it.
 
 Regards
 
 Christoph Weber-Fahr
 
 
 _______________________________________________
 freebsd-bugs@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
 To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"
 
 
 ----- End forwarded message -----
State-Changed-From-To: closed->open 
State-Changed-By: linimon 
State-Changed-When: Wed Jan 30 01:11:12 UTC 2008 
State-Changed-Why:  
Apparently the commit did not fix the problem. 


Responsible-Changed-From-To: freebsd-bugs->linimon 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Jan 30 01:11:12 UTC 2008 
Responsible-Changed-Why:  
Try to investigate. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=100496 

From: Maxim Konovalov <maxim@macomnet.ru>
To: "C. Weber" <cwf-ml@arcor.de>
Cc: gavin@freebsd.org, bug-followup@freebsd.org
Subject: Re: bin/100496: plese reopen this PR. The patch was NOT commtted.
 The Problem is NOT fixed
Date: Wed, 30 Jan 2008 17:26:46 +0300 (MSK)

 Hi,
 
 On Tue, 29 Jan 2008, 21:33+0100, C. Weber wrote:
 
 > Hello,
 >
 > gavin@FreeBSD.org schrieb am 29.01.2008 15:16:58:
 >
 > > Synopsis: [patch] Fix to get rid of the telnet(1) to cisco problem
 >
 > > State-Changed-From-To: open->closed
 > > State-Changed-By: gavin
 > > State-Changed-When: Tue Jan 29 14:16:19 UTC 2008
 > > State-Changed-Why:
 > > This was patched and MFC'd to 6.x over a year ago
 >
 > > http://www.freebsd.org/cgi/query-pr.cgi?pr=100496
 >
 > Please reopen this PR. he patch was *not* committed (neither to HEAD nor
 > elsewhere). The problem is still there and has *not* been fixed!
 >
 > 1.) The problem is still there:
 >
 > # -------------
 > wefa@XXX 21:01 [~]uname -a
 > FreeBSD XXX.tnd.lab.arcor.de 6.3-RELEASE FreeBSD 6.3-RELEASE #4:
 > 	Tue Jan 29 19:48:42 CET 2008
 > 	wefa@XXX.tnd.lab.arcor.de:/usr/obj/usr/src/sys/DL140LOG  i386
 >
 > wefa@XXX 21:26 [~]telnet sw2
 > Trying 192.168.50.25...
 > Connected to sw2
 > Escape character is '^]'.
 >
 >
 > User Access Verification
 >
 > Password: Kerberos:     No default realm defined for Kerberos!
 > # -------------
 >
 >
 > 2.) The patch was neither committed nor MFCd.
 >
 > The comments in the PR regarding commit/mfc only refer to a mini patch by
 > a third party who JUST UPDATES THE MAN PAGE (documenting the DEFAULT keyword).
 > While this is a good thing, it doesn't solve the problem.
 >
 > Please reopen this PR, apply the patch (will need cosmetic changes to
 > work against 6.2, 6.3 or HEAD) and MFC it.
 >
 To make it clear: I did not claim I was going to commit your patch.
 I just committed a man page update that could help to solve your
 problem with telnet.  That was why I didn't change PR state from
 "open" to "patched".  And I MFC'ed my delta.
 
 Second.  Have you actually tried the suggested solution?  I mean put
 "DEFAULT toggle autologin" in your ~/.telnetrc?  Did it suit you or
 not?
 
 Thanks.
 
 -- 
 Maxim Konovalov

From: "C. Weber" <cwf-ml@arcor.de>
To: Maxim Konovalov <maxim@macomnet.ru>, gavin@freebsd.org,
        bug-followup@freebsd.org
Cc:  
Subject: Re: bin/100496: plese reopen this PR. The patch was NOT commtted.
 The Problem is NOT fixed 
Date: Wed, 30 Jan 2008 18:38:08 +0100

 Hello,
 
 Maxim Konovalov <maxim@macomnet.ru> schrieb am 30.01.2008 15:26:46:
 [quoting me]
  > > > Synopsis: [patch] Fix to get rid of the telnet(1) to cisco problem
  > >
  > > > State-Changed-From-To: open->closed
  > > > State-Changed-By: gavin
  > > > State-Changed-When: Tue Jan 29 14:16:19 UTC 2008
  > > > State-Changed-Why:
  > > > This was patched and MFC'd to 6.x over a year ago
  > >
  > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=100496
  > >
  > > Please reopen this PR. he patch was *not* committed (neither to HEAD nor
  > > elsewhere). The problem is still there and has *not* been fixed!
 [...]
  > > 2.) The patch was neither committed nor MFCd.
 [...]
  > To make it clear: I did not claim I was going to commit your patch.
 
 Indeed. As far as I am concerned I understood it this way back then
 when this email exchange happened. OTOH, Gavin, who closed the PR,
 apparently didn't understand it that way and closed the PR based on
 this misconception. So I tried to make it clear.
 
  > Second.  Have you actually tried the suggested solution?
 
 Yes, of course. And it works as advertized. It does not solve my
 problem, though.
 
  > I mean put "DEFAULT toggle autologin" in your ~/.telnetrc?
  > Did it suit you or not?
 
 No.
 
 I informally administrate a number of multiuser systems in Lab
 environments. Personally administrating all my user's home
 directories is not feasible. And I keep getting immediate
 complaints whenever I update the system (via build/install
 world) and do not directly reapply my patch, because scripts
 break and people are generally annoyed.
 
 And even with few/single user systems it is yet just another
 thing you have to correct manually whenever installing a new
 machine (which we do often in test envoronments).
 
 One complaint I keep getting and can't and won't counter is
 "it works with our Suns and Linux systems, why doesn't it
 work here". Yes, indeed, why doesn't it.
 
 So let me give the question back (since you probably have the
 necessary insight to answer it) - why is it so darned complicated
 to apply a straightforward and simple patch that hurts noone
 and removes a years old constant annoyance ?
 What, actually, *is* the reason this PR keeps lingering around
 instead of beeing committed ?
 
 Regards
 
 Christoph Weber-Fahr
 
 
 
 
 
 
 
State-Changed-From-To: open->analyzed 
State-Changed-By: linimon 
State-Changed-When: Fri Feb 29 01:10:07 UTC 2008 
State-Changed-Why:  
Confirmed to still be a problem. 


Responsible-Changed-From-To: linimon->freebsd-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Feb 29 01:10:07 UTC 2008 
Responsible-Changed-Why:  

http://www.freebsd.org/cgi/query-pr.cgi?pr=100496 
>Unformatted:
