![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to rlogind.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / libexec / rlogind|
Return to rlogind.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / libexec / rlogind |
1.1 root 1: /*
2: * Copyright (c) 1983, 1988, 1989 The Regents of the University of California.
3: * All rights reserved.
4: *
5: * Redistribution and use in source and binary forms are permitted
6: * provided that the above copyright notice and this paragraph are
7: * duplicated in all such forms and that any documentation,
8: * advertising materials, and other materials related to such
9: * distribution and use acknowledge that the software was developed
10: * by the University of California, Berkeley. The name of the
11: * University may not be used to endorse or promote products derived
12: * from this software without specific prior written permission.
13: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
14: * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
15: * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
16: */
17:
18: #ifndef lint
19: char copyright[] =
20: "@(#) Copyright (c) 1983, 1988, 1989 The Regents of the University of California.\n\
21: All rights reserved.\n";
22: #endif /* not lint */
23:
24: #ifndef lint
25: static char sccsid[] = "@(#)rlogind.c 5.48 (Berkeley) 6/27/90";
26: #endif /* not lint */
27:
28: #ifdef KERBEROS
29: /* From:
30: * $Source: /mit/kerberos/ucb/mit/rlogind/RCS/rlogind.c,v $
31: * $Header: rlogind.c,v 5.0 89/06/26 18:31:01 kfall Locked $
32: */
33: #endif
34:
35: /*
36: * remote login server:
37: * \0
38: * remuser\0
39: * locuser\0
40: * terminal_type/speed\0
41: * data
42: */
43:
44: #define FD_SETSIZE 16 /* don't need many bits for select */
45: #include <sys/param.h>
46: #include <sys/stat.h>
47: #include <sys/socket.h>
48: #include <sys/wait.h>
49: #include <sys/file.h>
50: #include <sys/signal.h>
51: #include <sys/ioctl.h>
52: #include <sys/termios.h>
53:
54: #include <netinet/in.h>
55: #include <netinet/in_systm.h>
56: #include <netinet/ip.h>
57:
58: #include <errno.h>
59: #include <pwd.h>
60: #include <netdb.h>
61: #include <syslog.h>
62: #include <string.h>
63: #include <stdio.h>
64: #include <unistd.h>
65: #include "pathnames.h"
66:
67: #ifndef TIOCPKT_WINDOW
68: #define TIOCPKT_WINDOW 0x80
69: #endif
70:
71: #ifdef KERBEROS
72: #include <kerberosIV/des.h>
73: #include <kerberosIV/krb.h>
74: #define SECURE_MESSAGE "This rlogin session is using DES encryption for all transmissions.\r\n"
75:
76: AUTH_DAT *kdata;
77: KTEXT ticket;
78: u_char auth_buf[sizeof(AUTH_DAT)];
79: u_char tick_buf[sizeof(KTEXT_ST)];
80: Key_schedule schedule;
81: int encrypt = 0, retval, use_kerberos = 0, vacuous = 0;
82:
83: #define ARGSTR "alnkvx"
84: #else
85: #define ARGSTR "aln"
86: #endif /* KERBEROS */
87:
88: char *env[2];
89: #define NMAX 30
90: char lusername[NMAX+1], rusername[NMAX+1];
91: static char term[64] = "TERM=";
92: #define ENVSIZE (sizeof("TERM=")-1) /* skip null for concatenation */
93: int keepalive = 1;
94: int check_all = 0;
95:
96: extern int errno;
97: int reapchild();
98: struct passwd *getpwnam(), *pwd;
99: char *malloc();
100:
101: main(argc, argv)
102: int argc;
103: char **argv;
104: {
105: extern int opterr, optind;
106: extern int _check_rhosts_file;
107: int ch;
108: int on = 1, fromlen;
109: struct sockaddr_in from;
110:
111: openlog("rlogind", LOG_PID | LOG_CONS, LOG_AUTH);
112:
113: opterr = 0;
114: while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
115: switch (ch) {
116: case 'a':
117: check_all = 1;
118: break;
119: case 'l':
120: _check_rhosts_file = 0;
121: break;
122: case 'n':
123: keepalive = 0;
124: break;
125: #ifdef KERBEROS
126: case 'k':
127: use_kerberos = 1;
128: break;
129: case 'v':
130: vacuous = 1;
131: break;
132: case 'x':
133: encrypt = 1;
134: break;
135: #endif
136: case '?':
137: default:
138: usage();
139: break;
140: }
141: argc -= optind;
142: argv += optind;
143:
144: #ifdef KERBEROS
145: if (use_kerberos && vacuous) {
146: usage();
147: fatal(STDERR_FILENO, "only one of -k and -v allowed", 0);
148: }
149: #endif
150: fromlen = sizeof (from);
151: if (getpeername(0, &from, &fromlen) < 0) {
152: syslog(LOG_ERR,"Can't get peer name of remote host: %m");
153: fatal(STDERR_FILENO, "Can't get peer name of remote host", 1);
154: }
155: if (keepalive &&
156: setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof (on)) < 0)
157: syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
158: on = IPTOS_LOWDELAY;
159: if (setsockopt(0, IPPROTO_IP, IP_TOS, (char *)&on, sizeof(int)) < 0)
160: syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
161: doit(0, &from);
162: }
163:
164: int child;
165: int cleanup();
166: int netf;
167: char line[MAXPATHLEN];
168: int confirmed;
169: extern char *inet_ntoa();
170:
171: struct winsize win = { 0, 0, 0, 0 };
172:
173:
174: doit(f, fromp)
175: int f;
176: struct sockaddr_in *fromp;
177: {
178: int i, master, pid, on = 1;
179: int authenticated = 0, hostok = 0;
180: register struct hostent *hp;
181: char remotehost[2 * MAXHOSTNAMELEN + 1];
182: struct hostent hostent;
183: char c;
184:
185: alarm(60);
186: read(f, &c, 1);
187:
188: if (c != 0)
189: exit(1);
190: #ifdef KERBEROS
191: if (vacuous)
192: fatal(f, "Remote host requires Kerberos authentication", 0);
193: #endif
194:
195: alarm(0);
196: fromp->sin_port = ntohs((u_short)fromp->sin_port);
197: hp = gethostbyaddr(&fromp->sin_addr, sizeof (struct in_addr),
198: fromp->sin_family);
199: if (hp == 0) {
200: /*
201: * Only the name is used below.
202: */
203: hp = &hostent;
204: hp->h_name = inet_ntoa(fromp->sin_addr);
205: hostok++;
206: } else if (check_all || local_domain(hp->h_name)) {
207: /*
208: * If name returned by gethostbyaddr is in our domain,
209: * attempt to verify that we haven't been fooled by someone
210: * in a remote net; look up the name and check that this
211: * address corresponds to the name.
212: */
213: strncpy(remotehost, hp->h_name, sizeof(remotehost) - 1);
214: remotehost[sizeof(remotehost) - 1] = 0;
215: hp = gethostbyname(remotehost);
216: if (hp)
217: for (; hp->h_addr_list[0]; hp->h_addr_list++)
218: if (!bcmp(hp->h_addr_list[0], (caddr_t)&fromp->sin_addr,
219: sizeof(fromp->sin_addr))) {
220: hostok++;
221: break;
222: }
223: } else
224: hostok++;
225:
226: #ifdef KERBEROS
227: if (use_kerberos) {
228: if (!hostok)
229: fatal(f, "rlogind: Host address mismatch.", 0);
230: retval = do_krb_login(hp->h_name, fromp, encrypt);
231: if (retval == 0)
232: authenticated++;
233: else if (retval > 0)
234: fatal(f, krb_err_txt[retval], 0);
235: write(f, &c, 1);
236: confirmed = 1; /* we sent the null! */
237: } else
238: #endif
239: {
240: if (fromp->sin_family != AF_INET ||
241: fromp->sin_port >= IPPORT_RESERVED ||
242: fromp->sin_port < IPPORT_RESERVED/2) {
243: syslog(LOG_NOTICE, "Connection from %s on illegal port",
244: inet_ntoa(fromp->sin_addr));
245: fatal(f, "Permission denied", 0);
246: }
247: #ifdef IP_OPTIONS
248: {
249: u_char optbuf[BUFSIZ/3], *cp;
250: char lbuf[BUFSIZ], *lp;
251: int optsize = sizeof(optbuf), ipproto;
252: struct protoent *ip;
253:
254: if ((ip = getprotobyname("ip")) != NULL)
255: ipproto = ip->p_proto;
256: else
257: ipproto = IPPROTO_IP;
258: if (getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf,
259: &optsize) == 0 && optsize != 0) {
260: lp = lbuf;
261: for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3)
262: sprintf(lp, " %2.2x", *cp);
263: syslog(LOG_NOTICE,
264: "Connection received using IP options (ignored):%s",
265: lbuf);
266: if (setsockopt(0, ipproto, IP_OPTIONS,
267: (char *)NULL, &optsize) != 0) {
268: syslog(LOG_ERR, "setsockopt IP_OPTIONS NULL: %m");
269: exit(1);
270: }
271: }
272: }
273: #endif
274: if (do_rlogin(hp->h_name) == 0 && hostok)
275: authenticated++;
276: }
277: if (confirmed == 0) {
278: write(f, "", 1);
279: confirmed = 1; /* we sent the null! */
280: }
281: #ifdef KERBEROS
282: if (encrypt)
283: (void) des_write(f, SECURE_MESSAGE, sizeof(SECURE_MESSAGE));
284:
285: if (use_kerberos == 0)
286: #endif
287: if (!authenticated && !hostok)
288: write(f, "rlogind: Host address mismatch.\r\n",
289: sizeof("rlogind: Host address mismatch.\r\n") - 1);
290:
291: netf = f;
292:
293: pid = forkpty(&master, line, NULL, &win);
294: if (pid < 0) {
295: if (errno == ENOENT)
296: fatal(f, "Out of ptys", 0);
297: else
298: fatal(f, "Forkpty", 1);
299: }
300: if (pid == 0) {
301: if (f > 2) /* f should always be 0, but... */
302: (void) close(f);
303: setup_term(0);
304: if (authenticated) {
305: #ifdef KERBEROS
306: if (use_kerberos && (pwd->pw_uid == 0))
307: syslog(LOG_INFO|LOG_AUTH,
308: "ROOT Kerberos login from %s.%s@%s on %s\n",
309: kdata->pname, kdata->pinst, kdata->prealm,
310: hp->h_name);
311: #endif
312:
313: execl(_PATH_LOGIN, "login", "-p",
314: "-h", hp->h_name, "-f", lusername, 0);
315: } else
316: execl(_PATH_LOGIN, "login", "-p",
317: "-h", hp->h_name, lusername, 0);
318: fatal(STDERR_FILENO, _PATH_LOGIN, 1);
319: /*NOTREACHED*/
320: }
321: #ifdef KERBEROS
322: /*
323: * If encrypted, don't turn on NBIO or the des read/write
324: * routines will croak.
325: */
326:
327: if (!encrypt)
328: #endif
329: ioctl(f, FIONBIO, &on);
330: ioctl(master, FIONBIO, &on);
331: ioctl(master, TIOCPKT, &on);
332: signal(SIGCHLD, cleanup);
333: protocol(f, master);
334: signal(SIGCHLD, SIG_IGN);
335: cleanup();
336: }
337:
338: char magic[2] = { 0377, 0377 };
339: char oobdata[] = {TIOCPKT_WINDOW};
340:
341: /*
342: * Handle a "control" request (signaled by magic being present)
343: * in the data stream. For now, we are only willing to handle
344: * window size changes.
345: */
346: control(pty, cp, n)
347: int pty;
348: char *cp;
349: int n;
350: {
351: struct winsize w;
352:
353: if (n < 4+sizeof (w) || cp[2] != 's' || cp[3] != 's')
354: return (0);
355: oobdata[0] &= ~TIOCPKT_WINDOW; /* we know he heard */
356: bcopy(cp+4, (char *)&w, sizeof(w));
357: w.ws_row = ntohs(w.ws_row);
358: w.ws_col = ntohs(w.ws_col);
359: w.ws_xpixel = ntohs(w.ws_xpixel);
360: w.ws_ypixel = ntohs(w.ws_ypixel);
361: (void)ioctl(pty, TIOCSWINSZ, &w);
362: return (4+sizeof (w));
363: }
364:
365: /*
366: * rlogin "protocol" machine.
367: */
368: protocol(f, p)
369: register int f, p;
370: {
371: char pibuf[1024+1], fibuf[1024], *pbp, *fbp;
372: register pcc = 0, fcc = 0;
373: int cc, nfd, n;
374: char cntl;
375:
376: /*
377: * Must ignore SIGTTOU, otherwise we'll stop
378: * when we try and set slave pty's window shape
379: * (our controlling tty is the master pty).
380: */
381: (void) signal(SIGTTOU, SIG_IGN);
382: send(f, oobdata, 1, MSG_OOB); /* indicate new rlogin */
383: if (f > p)
384: nfd = f + 1;
385: else
386: nfd = p + 1;
387: if (nfd > FD_SETSIZE) {
388: syslog(LOG_ERR, "select mask too small, increase FD_SETSIZE");
389: fatal(f, "internal error (select mask too small)", 0);
390: }
391: for (;;) {
392: fd_set ibits, obits, ebits, *omask;
393:
394: FD_ZERO(&ebits);
395: FD_ZERO(&ibits);
396: FD_ZERO(&obits);
397: omask = (fd_set *)NULL;
398: if (fcc) {
399: FD_SET(p, &obits);
400: omask = &obits;
401: } else
402: FD_SET(f, &ibits);
403: if (pcc >= 0)
404: if (pcc) {
405: FD_SET(f, &obits);
406: omask = &obits;
407: } else
408: FD_SET(p, &ibits);
409: FD_SET(p, &ebits);
410: if ((n = select(nfd, &ibits, omask, &ebits, 0)) < 0) {
411: if (errno == EINTR)
412: continue;
413: fatal(f, "select", 1);
414: }
415: if (n == 0) {
416: /* shouldn't happen... */
417: sleep(5);
418: continue;
419: }
420: #define pkcontrol(c) ((c)&(TIOCPKT_FLUSHWRITE|TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))
421: if (FD_ISSET(p, &ebits)) {
422: cc = read(p, &cntl, 1);
423: if (cc == 1 && pkcontrol(cntl)) {
424: cntl |= oobdata[0];
425: send(f, &cntl, 1, MSG_OOB);
426: if (cntl & TIOCPKT_FLUSHWRITE) {
427: pcc = 0;
428: FD_CLR(p, &ibits);
429: }
430: }
431: }
432: if (FD_ISSET(f, &ibits)) {
433: #ifdef KERBEROS
434: if (encrypt)
435: fcc = des_read(f, fibuf, sizeof(fibuf));
436: else
437: #endif
438: fcc = read(f, fibuf, sizeof(fibuf));
439: if (fcc < 0 && errno == EWOULDBLOCK)
440: fcc = 0;
441: else {
442: register char *cp;
443: int left, n;
444:
445: if (fcc <= 0)
446: break;
447: fbp = fibuf;
448:
449: top:
450: for (cp = fibuf; cp < fibuf+fcc-1; cp++)
451: if (cp[0] == magic[0] &&
452: cp[1] == magic[1]) {
453: left = fcc - (cp-fibuf);
454: n = control(p, cp, left);
455: if (n) {
456: left -= n;
457: if (left > 0)
458: bcopy(cp+n, cp, left);
459: fcc -= n;
460: goto top; /* n^2 */
461: }
462: }
463: FD_SET(p, &obits); /* try write */
464: }
465: }
466:
467: if (FD_ISSET(p, &obits) && fcc > 0) {
468: cc = write(p, fbp, fcc);
469: if (cc > 0) {
470: fcc -= cc;
471: fbp += cc;
472: }
473: }
474:
475: if (FD_ISSET(p, &ibits)) {
476: pcc = read(p, pibuf, sizeof (pibuf));
477: pbp = pibuf;
478: if (pcc < 0 && errno == EWOULDBLOCK)
479: pcc = 0;
480: else if (pcc <= 0)
481: break;
482: else if (pibuf[0] == 0) {
483: pbp++, pcc--;
484: #ifdef KERBEROS
485: if (!encrypt)
486: #endif
487: FD_SET(f, &obits); /* try write */
488: } else {
489: if (pkcontrol(pibuf[0])) {
490: pibuf[0] |= oobdata[0];
491: send(f, &pibuf[0], 1, MSG_OOB);
492: }
493: pcc = 0;
494: }
495: }
496: if ((FD_ISSET(f, &obits)) && pcc > 0) {
497: #ifdef KERBEROS
498: if (encrypt)
499: cc = des_write(f, pbp, pcc);
500: else
501: #endif
502: cc = write(f, pbp, pcc);
503: if (cc < 0 && errno == EWOULDBLOCK) {
504: /*
505: * This happens when we try write after read
506: * from p, but some old kernels balk at large
507: * writes even when select returns true.
508: */
509: if (!FD_ISSET(p, &ibits))
510: sleep(5);
511: continue;
512: }
513: if (cc > 0) {
514: pcc -= cc;
515: pbp += cc;
516: }
517: }
518: }
519: }
520:
521: cleanup()
522: {
523: char *p;
524:
525: p = line + sizeof(_PATH_DEV) - 1;
526: if (logout(p))
527: logwtmp(p, "", "");
528: (void)chmod(line, 0666);
529: (void)chown(line, 0, 0);
530: *p = 'p';
531: (void)chmod(line, 0666);
532: (void)chown(line, 0, 0);
533: shutdown(netf, 2);
534: exit(1);
535: }
536:
537: fatal(f, msg, syserr)
538: int f, syserr;
539: char *msg;
540: {
541: int len;
542: char buf[BUFSIZ], *bp = buf;
543:
544: /*
545: * Prepend binary one to message if we haven't sent
546: * the magic null as confirmation.
547: */
548: if (!confirmed)
549: *bp++ = '\01'; /* error indicator */
550: if (syserr)
551: len = sprintf(bp, "rlogind: %s: %s.\r\n",
552: msg, strerror(errno));
553: else
554: len = sprintf(bp, "rlogind: %s.\r\n", msg);
555: (void) write(f, buf, bp + len - buf);
556: exit(1);
557: }
558:
559: do_rlogin(host)
560: char *host;
561: {
562: getstr(rusername, sizeof(rusername), "remuser too long");
563: getstr(lusername, sizeof(lusername), "locuser too long");
564: getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long");
565:
566: pwd = getpwnam(lusername);
567: if (pwd == NULL)
568: return(-1);
569: if (pwd->pw_uid == 0)
570: return(-1);
571: return(ruserok(host, 0, rusername, lusername));
572: }
573:
574:
575: getstr(buf, cnt, errmsg)
576: char *buf;
577: int cnt;
578: char *errmsg;
579: {
580: char c;
581:
582: do {
583: if (read(0, &c, 1) != 1)
584: exit(1);
585: if (--cnt < 0)
586: fatal(STDOUT_FILENO, errmsg, 0);
587: *buf++ = c;
588: } while (c != 0);
589: }
590:
591: extern char **environ;
592:
593: setup_term(fd)
594: int fd;
595: {
596: register char *cp = index(term+ENVSIZE, '/');
597: char *speed;
598: struct termios tt;
599:
600: #ifndef notyet
601: tcgetattr(fd, &tt);
602: if (cp) {
603: *cp++ = '\0';
604: speed = cp;
605: cp = index(speed, '/');
606: if (cp)
607: *cp++ = '\0';
608: cfsetspeed(&tt, atoi(speed));
609: }
610:
611: tt.c_iflag = TTYDEF_IFLAG;
612: tt.c_oflag = TTYDEF_OFLAG;
613: tt.c_lflag = TTYDEF_LFLAG;
614: tcsetattr(fd, TCSAFLUSH, &tt);
615: #else
616: if (cp) {
617: *cp++ = '\0';
618: speed = cp;
619: cp = index(speed, '/');
620: if (cp)
621: *cp++ = '\0';
622: tcgetattr(fd, &tt);
623: cfsetspeed(&tt, atoi(speed));
624: tcsetattr(fd, TCSAFLUSH, &tt);
625: }
626: #endif
627:
628: env[0] = term;
629: env[1] = 0;
630: environ = env;
631: }
632:
633: #ifdef KERBEROS
634: #define VERSION_SIZE 9
635:
636: /*
637: * Do the remote kerberos login to the named host with the
638: * given inet address
639: *
640: * Return 0 on valid authorization
641: * Return -1 on valid authentication, no authorization
642: * Return >0 for error conditions
643: */
644: do_krb_login(host, dest, encrypt)
645: char *host;
646: struct sockaddr_in *dest;
647: int encrypt;
648: {
649: int rc;
650: char instance[INST_SZ], version[VERSION_SIZE];
651: long authopts = 0L; /* !mutual */
652: struct sockaddr_in faddr;
653:
654: kdata = (AUTH_DAT *) auth_buf;
655: ticket = (KTEXT) tick_buf;
656:
657: instance[0] = '*';
658: instance[1] = '\0';
659:
660: if (encrypt) {
661: rc = sizeof(faddr);
662: if (getsockname(0, &faddr, &rc))
663: return(-1);
664: authopts = KOPT_DO_MUTUAL;
665: rc = krb_recvauth(
666: authopts, 0,
667: ticket, "rcmd",
668: instance, dest, &faddr,
669: kdata, "", schedule, version);
670: des_set_key(kdata->session, schedule);
671:
672: } else {
673: rc = krb_recvauth(
674: authopts, 0,
675: ticket, "rcmd",
676: instance, dest, (struct sockaddr_in *) 0,
677: kdata, "", (bit_64 *) 0, version);
678: }
679:
680: if (rc != KSUCCESS)
681: return(rc);
682:
683: getstr(lusername, sizeof(lusername), "locuser");
684: /* get the "cmd" in the rcmd protocol */
685: getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type");
686:
687: pwd = getpwnam(lusername);
688: if (pwd == NULL)
689: return(-1);
690:
691: /* returns nonzero for no access */
692: if (kuserok(kdata,lusername) != 0)
693: return(-1);
694:
695: return(0);
696:
697: }
698: #endif /* KERBEROS */
699:
700: usage()
701: {
702: #ifdef KERBEROS
703: syslog(LOG_ERR, "usage: rlogind [-aln] [-k | -v]");
704: #else
705: syslog(LOG_ERR, "usage: rlogind [-aln]");
706: #endif
707: }
708:
709: /*
710: * Check whether host h is in our local domain,
711: * defined as sharing the last two components of the domain part,
712: * or the entire domain part if the local domain has only one component.
713: * If either name is unqualified (contains no '.'),
714: * assume that the host is local, as it will be
715: * interpreted as such.
716: */
717: local_domain(h)
718: char *h;
719: {
720: char localhost[MAXHOSTNAMELEN];
721: char *p1, *p2, *topdomain();
722:
723: localhost[0] = 0;
724: (void) gethostname(localhost, sizeof(localhost));
725: p1 = topdomain(localhost);
726: p2 = topdomain(h);
727: if (p1 == NULL || p2 == NULL || !strcasecmp(p1, p2))
728: return(1);
729: return(0);
730: }
731:
732: char *
733: topdomain(h)
734: char *h;
735: {
736: register char *p;
737: char *maybe = NULL;
738: int dots = 0;
739:
740: for (p = h + strlen(h); p >= h; p--) {
741: if (*p == '.') {
742: if (++dots == 2)
743: return (p);
744: maybe = p;
745: }
746: }
747: return (maybe);
748: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.