![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to rlogind.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / foreign / src / rlogind|
Return to rlogind.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / foreign / src / rlogind |
1.1 root 1: /*
2: * Copyright (c) 1983, 1988, 1989 The Regents of the University of California.
3: * All rights reserved.
4: *
5: * Redistribution and use in source and binary forms are permitted
6: * provided that the above copyright notice and this paragraph are
7: * duplicated in all such forms and that any documentation,
8: * advertising materials, and other materials related to such
9: * distribution and use acknowledge that the software was developed
10: * by the University of California, Berkeley. The name of the
11: * University may not be used to endorse or promote products derived
12: * from this software without specific prior written permission.
13: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
15: * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
16: */
17:
18: #ifndef lint
19: char copyright[] =
20: "@(#) Copyright (c) 1983, 1988, 1989 The Regents of the University of California.\n\
21: All rights reserved.\n";
22: #endif /* not lint */
23:
24: #ifndef lint
25: static char sccsid[] = "@(#)rlogind.c 5.50.1.1 (Berkeley) 10/21/90";
26: #endif /* not lint */
27:
28: #ifdef KERBEROS
29: /* From:
30: * $Source: /mit/kerberos/ucb/mit/rlogind/RCS/rlogind.c,v $
31: * $Header: rlogind.c,v 5.0 89/06/26 18:31:01 kfall Locked $
32: */
33: #endif
34:
35: /*
36: * remote login server:
37: * \0
38: * remuser\0
39: * locuser\0
40: * terminal_type/speed\0
41: * data
42: */
43:
44: #define FD_SETSIZE 16 /* don't need many bits for select */
45: #include <sys/param.h>
46: #include <sys/stat.h>
47: #include <sys/socket.h>
48: #include <sys/wait.h>
49: #include <sys/file.h>
50: #include <sys/signal.h>
51: #include <sys/ioctl.h>
52: #include <sys/termios.h>
53:
54: #include <netinet/in.h>
55: #include <netinet/in_systm.h>
56: #include <netinet/ip.h>
57:
58: #include <errno.h>
59: #include <pwd.h>
60: #include <netdb.h>
61: #include <syslog.h>
62: #include <string.h>
63: #include <stdio.h>
64: #include <unistd.h>
65: #include "pathnames.h"
66:
67: #ifndef TIOCPKT_WINDOW
68: #define TIOCPKT_WINDOW 0x80
69: #endif
70:
71: #ifdef KERBEROS
72: #include <kerberosIV/des.h>
73: #include <kerberosIV/krb.h>
74: #define SECURE_MESSAGE "This rlogin session is using DES encryption for all transmissions.\r\n"
75:
76: AUTH_DAT *kdata;
77: KTEXT ticket;
78: u_char auth_buf[sizeof(AUTH_DAT)];
79: u_char tick_buf[sizeof(KTEXT_ST)];
80: Key_schedule schedule;
81: int encrypt = 0, retval, use_kerberos = 0, vacuous = 0;
82:
83: #define ARGSTR "alnkvx"
84: #else
85: #define ARGSTR "aln"
86: #endif /* KERBEROS */
87:
88: char *env[2];
89: #define NMAX 30
90: char lusername[NMAX+1], rusername[NMAX+1];
91: static char term[64] = "TERM=";
92: #define ENVSIZE (sizeof("TERM=")-1) /* skip null for concatenation */
93: int keepalive = 1;
94: int check_all = 0;
95:
96: extern int errno;
97: int reapchild();
98: struct passwd *getpwnam(), *pwd;
99: char *malloc();
100:
101: main(argc, argv)
102: int argc;
103: char **argv;
104: {
105: extern int opterr, optind;
106: extern int _check_rhosts_file;
107: int ch;
108: int on = 1, fromlen;
109: struct sockaddr_in from;
110:
111: openlog("rlogind", LOG_PID | LOG_CONS, LOG_AUTH);
112:
113: opterr = 0;
114: while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
115: switch (ch) {
116: case 'a':
117: check_all = 1;
118: break;
119: case 'l':
120: _check_rhosts_file = 0;
121: break;
122: case 'n':
123: keepalive = 0;
124: break;
125: #ifdef KERBEROS
126: case 'k':
127: use_kerberos = 1;
128: break;
129: case 'v':
130: vacuous = 1;
131: break;
132: #endif
133: case '?':
134: default:
135: usage();
136: break;
137: }
138: argc -= optind;
139: argv += optind;
140:
141: #ifdef KERBEROS
142: if (use_kerberos && vacuous) {
143: usage();
144: fatal(STDERR_FILENO, "only one of -k and -v allowed", 0);
145: }
146: #endif
147: fromlen = sizeof (from);
148: if (getpeername(0, &from, &fromlen) < 0) {
149: syslog(LOG_ERR,"Can't get peer name of remote host: %m");
150: fatal(STDERR_FILENO, "Can't get peer name of remote host", 1);
151: }
152: if (keepalive &&
153: setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof (on)) < 0)
154: syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
155: on = IPTOS_LOWDELAY;
156: if (setsockopt(0, IPPROTO_IP, IP_TOS, (char *)&on, sizeof(int)) < 0)
157: syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
158: doit(0, &from);
159: }
160:
161: int child;
162: int cleanup();
163: int netf;
164: char line[MAXPATHLEN];
165: int confirmed;
166: extern char *inet_ntoa();
167:
168: struct winsize win = { 0, 0, 0, 0 };
169:
170:
171: doit(f, fromp)
172: int f;
173: struct sockaddr_in *fromp;
174: {
175: int i, master, pid, on = 1;
176: int authenticated = 0, hostok = 0;
177: register struct hostent *hp;
178: char remotehost[2 * MAXHOSTNAMELEN + 1];
179: struct hostent hostent;
180: char c;
181:
182: alarm(60);
183: read(f, &c, 1);
184:
185: if (c != 0)
186: exit(1);
187: #ifdef KERBEROS
188: if (vacuous)
189: fatal(f, "Remote host requires Kerberos authentication", 0);
190: #endif
191:
192: alarm(0);
193: fromp->sin_port = ntohs((u_short)fromp->sin_port);
194: hp = gethostbyaddr(&fromp->sin_addr, sizeof (struct in_addr),
195: fromp->sin_family);
196: if (hp == 0) {
197: /*
198: * Only the name is used below.
199: */
200: hp = &hostent;
201: hp->h_name = inet_ntoa(fromp->sin_addr);
202: hostok++;
203: } else if (check_all || local_domain(hp->h_name)) {
204: /*
205: * If name returned by gethostbyaddr is in our domain,
206: * attempt to verify that we haven't been fooled by someone
207: * in a remote net; look up the name and check that this
208: * address corresponds to the name.
209: */
210: strncpy(remotehost, hp->h_name, sizeof(remotehost) - 1);
211: remotehost[sizeof(remotehost) - 1] = 0;
212: hp = gethostbyname(remotehost);
213: if (hp)
214: for (; hp->h_addr_list[0]; hp->h_addr_list++)
215: if (!bcmp(hp->h_addr_list[0], (caddr_t)&fromp->sin_addr,
216: sizeof(fromp->sin_addr))) {
217: hostok++;
218: break;
219: }
220: } else
221: hostok++;
222:
223: #ifdef KERBEROS
224: if (use_kerberos) {
225: if (!hostok)
226: fatal(f, "rlogind: Host address mismatch.", 0);
227: retval = do_krb_login(hp->h_name, fromp, encrypt);
228: if (retval == 0)
229: authenticated++;
230: else if (retval > 0)
231: fatal(f, krb_err_txt[retval], 0);
232: write(f, &c, 1);
233: confirmed = 1; /* we sent the null! */
234: } else
235: #endif
236: {
237: if (fromp->sin_family != AF_INET ||
238: fromp->sin_port >= IPPORT_RESERVED ||
239: fromp->sin_port < IPPORT_RESERVED/2) {
240: syslog(LOG_NOTICE, "Connection from %s on illegal port",
241: inet_ntoa(fromp->sin_addr));
242: fatal(f, "Permission denied", 0);
243: }
244: #ifdef IP_OPTIONS
245: {
246: u_char optbuf[BUFSIZ/3], *cp;
247: char lbuf[BUFSIZ], *lp;
248: int optsize = sizeof(optbuf), ipproto;
249: struct protoent *ip;
250:
251: if ((ip = getprotobyname("ip")) != NULL)
252: ipproto = ip->p_proto;
253: else
254: ipproto = IPPROTO_IP;
255: if (getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf,
256: &optsize) == 0 && optsize != 0) {
257: lp = lbuf;
258: for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3)
259: sprintf(lp, " %2.2x", *cp);
260: syslog(LOG_NOTICE,
261: "Connection received using IP options (ignored):%s",
262: lbuf);
263: if (setsockopt(0, ipproto, IP_OPTIONS,
264: (char *)NULL, &optsize) != 0) {
265: syslog(LOG_ERR, "setsockopt IP_OPTIONS NULL: %m");
266: exit(1);
267: }
268: }
269: }
270: #endif
271: if (do_rlogin(hp->h_name) == 0 && hostok)
272: authenticated++;
273: }
274: if (confirmed == 0) {
275: write(f, "", 1);
276: confirmed = 1; /* we sent the null! */
277: }
278: #ifdef KERBEROS
279: if (use_kerberos == 0)
280: #endif
281: if (!authenticated && !hostok)
282: write(f, "rlogind: Host address mismatch.\r\n",
283: sizeof("rlogind: Host address mismatch.\r\n") - 1);
284:
285: netf = f;
286:
287: pid = forkpty(&master, line, NULL, &win);
288: if (pid < 0) {
289: if (errno == ENOENT)
290: fatal(f, "Out of ptys", 0);
291: else
292: fatal(f, "Forkpty", 1);
293: }
294: if (pid == 0) {
295: if (f > 2) /* f should always be 0, but... */
296: (void) close(f);
297: setup_term(0);
298: if (authenticated) {
299: #ifdef KERBEROS
300: if (use_kerberos && (pwd->pw_uid == 0))
301: syslog(LOG_INFO|LOG_AUTH,
302: "ROOT Kerberos login from %s.%s@%s on %s\n",
303: kdata->pname, kdata->pinst, kdata->prealm,
304: hp->h_name);
305: #endif
306:
307: execl(_PATH_LOGIN, "login", "-p",
308: "-h", hp->h_name, "-f", lusername, 0);
309: } else
310: execl(_PATH_LOGIN, "login", "-p",
311: "-h", hp->h_name, lusername, 0);
312: fatal(STDERR_FILENO, _PATH_LOGIN, 1);
313: /*NOTREACHED*/
314: }
315: ioctl(f, FIONBIO, &on);
316: ioctl(master, FIONBIO, &on);
317: ioctl(master, TIOCPKT, &on);
318: signal(SIGCHLD, cleanup);
319: protocol(f, master);
320: signal(SIGCHLD, SIG_IGN);
321: cleanup();
322: }
323:
324: char magic[2] = { 0377, 0377 };
325: char oobdata[] = {TIOCPKT_WINDOW};
326:
327: /*
328: * Handle a "control" request (signaled by magic being present)
329: * in the data stream. For now, we are only willing to handle
330: * window size changes.
331: */
332: control(pty, cp, n)
333: int pty;
334: char *cp;
335: int n;
336: {
337: struct winsize w;
338:
339: if (n < 4+sizeof (w) || cp[2] != 's' || cp[3] != 's')
340: return (0);
341: oobdata[0] &= ~TIOCPKT_WINDOW; /* we know he heard */
342: bcopy(cp+4, (char *)&w, sizeof(w));
343: w.ws_row = ntohs(w.ws_row);
344: w.ws_col = ntohs(w.ws_col);
345: w.ws_xpixel = ntohs(w.ws_xpixel);
346: w.ws_ypixel = ntohs(w.ws_ypixel);
347: (void)ioctl(pty, TIOCSWINSZ, &w);
348: return (4+sizeof (w));
349: }
350:
351: /*
352: * rlogin "protocol" machine.
353: */
354: protocol(f, p)
355: register int f, p;
356: {
357: char pibuf[1024+1], fibuf[1024], *pbp, *fbp;
358: register pcc = 0, fcc = 0;
359: int cc, nfd, n;
360: char cntl;
361:
362: /*
363: * Must ignore SIGTTOU, otherwise we'll stop
364: * when we try and set slave pty's window shape
365: * (our controlling tty is the master pty).
366: */
367: (void) signal(SIGTTOU, SIG_IGN);
368: send(f, oobdata, 1, MSG_OOB); /* indicate new rlogin */
369: if (f > p)
370: nfd = f + 1;
371: else
372: nfd = p + 1;
373: if (nfd > FD_SETSIZE) {
374: syslog(LOG_ERR, "select mask too small, increase FD_SETSIZE");
375: fatal(f, "internal error (select mask too small)", 0);
376: }
377: for (;;) {
378: fd_set ibits, obits, ebits, *omask;
379:
380: FD_ZERO(&ebits);
381: FD_ZERO(&ibits);
382: FD_ZERO(&obits);
383: omask = (fd_set *)NULL;
384: if (fcc) {
385: FD_SET(p, &obits);
386: omask = &obits;
387: } else
388: FD_SET(f, &ibits);
389: if (pcc >= 0)
390: if (pcc) {
391: FD_SET(f, &obits);
392: omask = &obits;
393: } else
394: FD_SET(p, &ibits);
395: FD_SET(p, &ebits);
396: if ((n = select(nfd, &ibits, omask, &ebits, 0)) < 0) {
397: if (errno == EINTR)
398: continue;
399: fatal(f, "select", 1);
400: }
401: if (n == 0) {
402: /* shouldn't happen... */
403: sleep(5);
404: continue;
405: }
406: #define pkcontrol(c) ((c)&(TIOCPKT_FLUSHWRITE|TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))
407: if (FD_ISSET(p, &ebits)) {
408: cc = read(p, &cntl, 1);
409: if (cc == 1 && pkcontrol(cntl)) {
410: cntl |= oobdata[0];
411: send(f, &cntl, 1, MSG_OOB);
412: if (cntl & TIOCPKT_FLUSHWRITE) {
413: pcc = 0;
414: FD_CLR(p, &ibits);
415: }
416: }
417: }
418: if (FD_ISSET(f, &ibits)) {
419: fcc = read(f, fibuf, sizeof(fibuf));
420: if (fcc < 0 && errno == EWOULDBLOCK)
421: fcc = 0;
422: else {
423: register char *cp;
424: int left, n;
425:
426: if (fcc <= 0)
427: break;
428: fbp = fibuf;
429:
430: top:
431: for (cp = fibuf; cp < fibuf+fcc-1; cp++)
432: if (cp[0] == magic[0] &&
433: cp[1] == magic[1]) {
434: left = fcc - (cp-fibuf);
435: n = control(p, cp, left);
436: if (n) {
437: left -= n;
438: if (left > 0)
439: bcopy(cp+n, cp, left);
440: fcc -= n;
441: goto top; /* n^2 */
442: }
443: }
444: FD_SET(p, &obits); /* try write */
445: }
446: }
447:
448: if (FD_ISSET(p, &obits) && fcc > 0) {
449: cc = write(p, fbp, fcc);
450: if (cc > 0) {
451: fcc -= cc;
452: fbp += cc;
453: }
454: }
455:
456: if (FD_ISSET(p, &ibits)) {
457: pcc = read(p, pibuf, sizeof (pibuf));
458: pbp = pibuf;
459: if (pcc < 0 && errno == EWOULDBLOCK)
460: pcc = 0;
461: else if (pcc <= 0)
462: break;
463: else if (pibuf[0] == 0) {
464: pbp++, pcc--;
465: FD_SET(f, &obits); /* try write */
466: } else {
467: if (pkcontrol(pibuf[0])) {
468: pibuf[0] |= oobdata[0];
469: send(f, &pibuf[0], 1, MSG_OOB);
470: }
471: pcc = 0;
472: }
473: }
474: if ((FD_ISSET(f, &obits)) && pcc > 0) {
475: cc = write(f, pbp, pcc);
476: if (cc < 0 && errno == EWOULDBLOCK) {
477: /*
478: * This happens when we try write after read
479: * from p, but some old kernels balk at large
480: * writes even when select returns true.
481: */
482: if (!FD_ISSET(p, &ibits))
483: sleep(5);
484: continue;
485: }
486: if (cc > 0) {
487: pcc -= cc;
488: pbp += cc;
489: }
490: }
491: }
492: }
493:
494: cleanup()
495: {
496: char *p;
497:
498: p = line + sizeof(_PATH_DEV) - 1;
499: if (logout(p))
500: logwtmp(p, "", "");
501: (void)chmod(line, 0666);
502: (void)chown(line, 0, 0);
503: *p = 'p';
504: (void)chmod(line, 0666);
505: (void)chown(line, 0, 0);
506: shutdown(netf, 2);
507: exit(1);
508: }
509:
510: fatal(f, msg, syserr)
511: int f, syserr;
512: char *msg;
513: {
514: int len;
515: char buf[BUFSIZ], *bp = buf;
516:
517: /*
518: * Prepend binary one to message if we haven't sent
519: * the magic null as confirmation.
520: */
521: if (!confirmed)
522: *bp++ = '\01'; /* error indicator */
523: if (syserr)
524: len = sprintf(bp, "rlogind: %s: %s.\r\n",
525: msg, strerror(errno));
526: else
527: len = sprintf(bp, "rlogind: %s.\r\n", msg);
528: (void) write(f, buf, bp + len - buf);
529: exit(1);
530: }
531:
532: do_rlogin(host)
533: char *host;
534: {
535: getstr(rusername, sizeof(rusername), "remuser too long");
536: getstr(lusername, sizeof(lusername), "locuser too long");
537: getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long");
538:
539: pwd = getpwnam(lusername);
540: if (pwd == NULL)
541: return(-1);
542: if (pwd->pw_uid == 0)
543: return(-1);
544: return(ruserok(host, 0, rusername, lusername));
545: }
546:
547:
548: getstr(buf, cnt, errmsg)
549: char *buf;
550: int cnt;
551: char *errmsg;
552: {
553: char c;
554:
555: do {
556: if (read(0, &c, 1) != 1)
557: exit(1);
558: if (--cnt < 0)
559: fatal(STDOUT_FILENO, errmsg, 0);
560: *buf++ = c;
561: } while (c != 0);
562: }
563:
564: extern char **environ;
565:
566: setup_term(fd)
567: int fd;
568: {
569: register char *cp = index(term+ENVSIZE, '/');
570: char *speed;
571: struct termios tt;
572:
573: #ifndef notyet
574: tcgetattr(fd, &tt);
575: if (cp) {
576: *cp++ = '\0';
577: speed = cp;
578: cp = index(speed, '/');
579: if (cp)
580: *cp++ = '\0';
581: cfsetspeed(&tt, atoi(speed));
582: }
583:
584: tt.c_iflag = TTYDEF_IFLAG;
585: tt.c_oflag = TTYDEF_OFLAG;
586: tt.c_lflag = TTYDEF_LFLAG;
587: tcsetattr(fd, TCSAFLUSH, &tt);
588: #else
589: if (cp) {
590: *cp++ = '\0';
591: speed = cp;
592: cp = index(speed, '/');
593: if (cp)
594: *cp++ = '\0';
595: tcgetattr(fd, &tt);
596: cfsetspeed(&tt, atoi(speed));
597: tcsetattr(fd, TCSAFLUSH, &tt);
598: }
599: #endif
600:
601: env[0] = term;
602: env[1] = 0;
603: environ = env;
604: }
605:
606: #ifdef KERBEROS
607: #define VERSION_SIZE 9
608:
609: /*
610: * Do the remote kerberos login to the named host with the
611: * given inet address
612: *
613: * Return 0 on valid authorization
614: * Return -1 on valid authentication, no authorization
615: * Return >0 for error conditions
616: */
617: do_krb_login(host, dest, encrypt)
618: char *host;
619: struct sockaddr_in *dest;
620: int encrypt;
621: {
622: int rc;
623: char instance[INST_SZ], version[VERSION_SIZE];
624: long authopts = 0L; /* !mutual */
625: struct sockaddr_in faddr;
626:
627: kdata = (AUTH_DAT *) auth_buf;
628: ticket = (KTEXT) tick_buf;
629:
630: instance[0] = '*';
631: instance[1] = '\0';
632:
633: rc = krb_recvauth(
634: authopts, 0,
635: ticket, "rcmd",
636: instance, dest, (struct sockaddr_in *) 0,
637: kdata, "", (bit_64 *) 0, version);
638:
639: if (rc != KSUCCESS)
640: return(rc);
641:
642: getstr(lusername, sizeof(lusername), "locuser");
643: /* get the "cmd" in the rcmd protocol */
644: getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type");
645:
646: pwd = getpwnam(lusername);
647: if (pwd == NULL)
648: return(-1);
649:
650: /* returns nonzero for no access */
651: if (kuserok(kdata,lusername) != 0)
652: return(-1);
653:
654: return(0);
655:
656: }
657: #endif /* KERBEROS */
658:
659: usage()
660: {
661: #ifdef KERBEROS
662: syslog(LOG_ERR, "usage: rlogind [-aln] [-k | -v]");
663: #else
664: syslog(LOG_ERR, "usage: rlogind [-aln]");
665: #endif
666: }
667:
668: /*
669: * Check whether host h is in our local domain,
670: * defined as sharing the last two components of the domain part,
671: * or the entire domain part if the local domain has only one component.
672: * If either name is unqualified (contains no '.'),
673: * assume that the host is local, as it will be
674: * interpreted as such.
675: */
676: local_domain(h)
677: char *h;
678: {
679: char localhost[MAXHOSTNAMELEN];
680: char *p1, *p2, *topdomain();
681:
682: localhost[0] = 0;
683: (void) gethostname(localhost, sizeof(localhost));
684: p1 = topdomain(localhost);
685: p2 = topdomain(h);
686: if (p1 == NULL || p2 == NULL || !strcasecmp(p1, p2))
687: return(1);
688: return(0);
689: }
690:
691: char *
692: topdomain(h)
693: char *h;
694: {
695: register char *p;
696: char *maybe = NULL;
697: int dots = 0;
698:
699: for (p = h + strlen(h); p >= h; p--) {
700: if (*p == '.') {
701: if (++dots == 2)
702: return (p);
703: maybe = p;
704: }
705: }
706: return (maybe);
707: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.