![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to rshd.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / libexec / rshd|
Return to rshd.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / libexec / rshd |
1.1 ! root 1: /* ! 2: * Copyright (c) 1983, 1988, 1989 The Regents of the University of California. ! 3: * All rights reserved. ! 4: * ! 5: * Redistribution and use in source and binary forms are permitted provided ! 6: * that: (1) source distributions retain this entire copyright notice and ! 7: * comment, and (2) distributions including binaries display the following ! 8: * acknowledgement: ``This product includes software developed by the ! 9: * University of California, Berkeley and its contributors'' in the ! 10: * documentation or other materials provided with the distribution and in ! 11: * all advertising materials mentioning features or use of this software. ! 12: * Neither the name of the University nor the names of its contributors may ! 13: * be used to endorse or promote products derived from this software without ! 14: * specific prior written permission. ! 15: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED ! 16: * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF ! 17: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. ! 18: */ ! 19: ! 20: #ifndef lint ! 21: char copyright[] = ! 22: "@(#) Copyright (c) 1983, 1988, 1089 The Regents of the University of California.\n\ ! 23: All rights reserved.\n"; ! 24: #endif /* not lint */ ! 25: ! 26: #ifndef lint ! 27: static char sccsid[] = "@(#)rshd.c 5.34 (Berkeley) 6/29/90"; ! 28: #endif /* not lint */ ! 29: ! 30: /* From: ! 31: * $Source: /mit/kerberos/ucb/mit/rshd/RCS/rshd.c,v $ ! 32: * $Header: /mit/kerberos/ucb/mit/rshd/RCS/rshd.c,v 5.2 89/07/31 19:30:04 kfall Exp $ ! 33: */ ! 34: ! 35: ! 36: /* ! 37: * remote shell server: ! 38: * [port]\0 ! 39: * remuser\0 ! 40: * locuser\0 ! 41: * command\0 ! 42: * data ! 43: */ ! 44: #include <sys/param.h> ! 45: #include <sys/ioctl.h> ! 46: #include <sys/socket.h> ! 47: #include <sys/file.h> ! 48: #include <sys/signal.h> ! 49: #include <sys/time.h> ! 50: ! 51: #include <netinet/in.h> ! 52: ! 53: #include <arpa/inet.h> ! 54: ! 55: #include <stdio.h> ! 56: #include <errno.h> ! 57: #include <pwd.h> ! 58: #include <netdb.h> ! 59: #include <syslog.h> ! 60: #include "pathnames.h" ! 61: ! 62: int errno; ! 63: int keepalive = 1; ! 64: int check_all = 0; ! 65: char *index(), *rindex(), *strncat(); ! 66: /*VARARGS1*/ ! 67: int error(); ! 68: int sent_null; ! 69: ! 70: #ifdef KERBEROS ! 71: #include <kerberosIV/des.h> ! 72: #include <kerberosIV/krb.h> ! 73: #define VERSION_SIZE 9 ! 74: #define SECURE_MESSAGE "This rsh session is using DES encryption for all transmissions.\r\n" ! 75: #define OPTIONS "alknvx" ! 76: char authbuf[sizeof(AUTH_DAT)]; ! 77: char tickbuf[sizeof(KTEXT_ST)]; ! 78: int use_kerberos = 0, vacuous = 0; ! 79: int encrypt = 0; ! 80: Key_schedule schedule; ! 81: #else ! 82: #define OPTIONS "aln" ! 83: #endif ! 84: ! 85: /*ARGSUSED*/ ! 86: main(argc, argv) ! 87: int argc; ! 88: char **argv; ! 89: { ! 90: extern int opterr, optind; ! 91: extern int _check_rhosts_file; ! 92: struct linger linger; ! 93: int ch, on = 1, fromlen; ! 94: struct sockaddr_in from; ! 95: ! 96: openlog("rshd", LOG_PID | LOG_ODELAY, LOG_DAEMON); ! 97: ! 98: opterr = 0; ! 99: while ((ch = getopt(argc, argv, OPTIONS)) != EOF) ! 100: switch (ch) { ! 101: case 'a': ! 102: check_all = 1; ! 103: break; ! 104: case 'l': ! 105: _check_rhosts_file = 0; ! 106: break; ! 107: case 'n': ! 108: keepalive = 0; ! 109: break; ! 110: #ifdef KERBEROS ! 111: case 'k': ! 112: use_kerberos = 1; ! 113: break; ! 114: ! 115: case 'v': ! 116: vacuous = 1; ! 117: break; ! 118: ! 119: case 'x': ! 120: encrypt = 1; ! 121: break; ! 122: #endif ! 123: case '?': ! 124: default: ! 125: usage(); ! 126: exit(2); ! 127: } ! 128: ! 129: argc -= optind; ! 130: argv += optind; ! 131: ! 132: #ifdef KERBEROS ! 133: if (use_kerberos && vacuous) { ! 134: syslog(LOG_ERR, "only one of -k and -v allowed"); ! 135: exit(2); ! 136: } ! 137: if (encrypt && !use_kerberos) { ! 138: syslog(LOG_ERR, "-k is required for -x"); ! 139: exit(2); ! 140: } ! 141: #endif ! 142: ! 143: fromlen = sizeof (from); ! 144: if (getpeername(0, &from, &fromlen) < 0) { ! 145: syslog(LOG_ERR, "getpeername: %m"); ! 146: _exit(1); ! 147: } ! 148: if (keepalive && ! 149: setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (char *)&on, ! 150: sizeof(on)) < 0) ! 151: syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); ! 152: linger.l_onoff = 1; ! 153: linger.l_linger = 60; /* XXX */ ! 154: if (setsockopt(0, SOL_SOCKET, SO_LINGER, (char *)&linger, ! 155: sizeof (linger)) < 0) ! 156: syslog(LOG_WARNING, "setsockopt (SO_LINGER): %m"); ! 157: doit(&from); ! 158: } ! 159: ! 160: char username[20] = "USER="; ! 161: char homedir[64] = "HOME="; ! 162: char shell[64] = "SHELL="; ! 163: char *envinit[] = ! 164: {homedir, shell, _PATH_DEFPATH, username, 0}; ! 165: char **environ; ! 166: ! 167: doit(fromp) ! 168: struct sockaddr_in *fromp; ! 169: { ! 170: char cmdbuf[NCARGS+1], *cp; ! 171: char locuser[16], remuser[16]; ! 172: struct passwd *pwd; ! 173: int s; ! 174: struct hostent *hp; ! 175: char *hostname, *errorstr = NULL, *errorhost; ! 176: u_short port; ! 177: int pv[2], pid, cc; ! 178: int nfd; ! 179: fd_set ready, readfrom; ! 180: char buf[BUFSIZ], sig; ! 181: int one = 1; ! 182: char remotehost[2 * MAXHOSTNAMELEN + 1]; ! 183: ! 184: #ifdef KERBEROS ! 185: AUTH_DAT *kdata = (AUTH_DAT *) NULL; ! 186: KTEXT ticket = (KTEXT) NULL; ! 187: char instance[INST_SZ], version[VERSION_SIZE]; ! 188: struct sockaddr_in fromaddr; ! 189: int rc; ! 190: long authopts; ! 191: int pv1[2], pv2[2]; ! 192: fd_set wready, writeto; ! 193: ! 194: fromaddr = *fromp; ! 195: #endif ! 196: ! 197: (void) signal(SIGINT, SIG_DFL); ! 198: (void) signal(SIGQUIT, SIG_DFL); ! 199: (void) signal(SIGTERM, SIG_DFL); ! 200: #ifdef DEBUG ! 201: { int t = open(_PATH_TTY, 2); ! 202: if (t >= 0) { ! 203: ioctl(t, TIOCNOTTY, (char *)0); ! 204: (void) close(t); ! 205: } ! 206: } ! 207: #endif ! 208: fromp->sin_port = ntohs((u_short)fromp->sin_port); ! 209: if (fromp->sin_family != AF_INET) { ! 210: syslog(LOG_ERR, "malformed \"from\" address (af %d)\n", ! 211: fromp->sin_family); ! 212: exit(1); ! 213: } ! 214: #ifdef IP_OPTIONS ! 215: { ! 216: u_char optbuf[BUFSIZ/3], *cp; ! 217: char lbuf[BUFSIZ], *lp; ! 218: int optsize = sizeof(optbuf), ipproto; ! 219: struct protoent *ip; ! 220: ! 221: if ((ip = getprotobyname("ip")) != NULL) ! 222: ipproto = ip->p_proto; ! 223: else ! 224: ipproto = IPPROTO_IP; ! 225: if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) && ! 226: optsize != 0) { ! 227: lp = lbuf; ! 228: for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3) ! 229: sprintf(lp, " %2.2x", *cp); ! 230: syslog(LOG_NOTICE, ! 231: "Connection received from %s using IP options (ignored):%s", ! 232: inet_ntoa(fromp->sin_addr), lbuf); ! 233: if (setsockopt(0, ipproto, IP_OPTIONS, ! 234: (char *)NULL, &optsize) != 0) { ! 235: syslog(LOG_ERR, "setsockopt IP_OPTIONS NULL: %m"); ! 236: exit(1); ! 237: } ! 238: } ! 239: } ! 240: #endif ! 241: ! 242: #ifdef KERBEROS ! 243: if (!use_kerberos) ! 244: #endif ! 245: if (fromp->sin_port >= IPPORT_RESERVED || ! 246: fromp->sin_port < IPPORT_RESERVED/2) { ! 247: syslog(LOG_NOTICE|LOG_AUTH, ! 248: "Connection from %s on illegal port", ! 249: inet_ntoa(fromp->sin_addr)); ! 250: exit(1); ! 251: } ! 252: ! 253: (void) alarm(60); ! 254: port = 0; ! 255: for (;;) { ! 256: char c; ! 257: if ((cc = read(0, &c, 1)) != 1) { ! 258: if (cc < 0) ! 259: syslog(LOG_NOTICE, "read: %m"); ! 260: shutdown(0, 1+1); ! 261: exit(1); ! 262: } ! 263: if (c== 0) ! 264: break; ! 265: port = port * 10 + c - '0'; ! 266: } ! 267: ! 268: (void) alarm(0); ! 269: if (port != 0) { ! 270: int lport = IPPORT_RESERVED - 1; ! 271: s = rresvport(&lport); ! 272: if (s < 0) { ! 273: syslog(LOG_ERR, "can't get stderr port: %m"); ! 274: exit(1); ! 275: } ! 276: #ifdef KERBEROS ! 277: if (!use_kerberos) ! 278: #endif ! 279: if (port >= IPPORT_RESERVED) { ! 280: syslog(LOG_ERR, "2nd port not reserved\n"); ! 281: exit(1); ! 282: } ! 283: fromp->sin_port = htons(port); ! 284: if (connect(s, fromp, sizeof (*fromp)) < 0) { ! 285: syslog(LOG_INFO, "connect second port: %m"); ! 286: exit(1); ! 287: } ! 288: } ! 289: ! 290: #ifdef KERBEROS ! 291: if (vacuous) { ! 292: error("rshd: remote host requires Kerberos authentication\n"); ! 293: exit(1); ! 294: } ! 295: #endif ! 296: ! 297: #ifdef notdef ! 298: /* from inetd, socket is already on 0, 1, 2 */ ! 299: dup2(f, 0); ! 300: dup2(f, 1); ! 301: dup2(f, 2); ! 302: #endif ! 303: hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof (struct in_addr), ! 304: fromp->sin_family); ! 305: if (hp) { ! 306: /* ! 307: * If name returned by gethostbyaddr is in our domain, ! 308: * attempt to verify that we haven't been fooled by someone ! 309: * in a remote net; look up the name and check that this ! 310: * address corresponds to the name. ! 311: */ ! 312: hostname = hp->h_name; ! 313: #ifdef KERBEROS ! 314: if (!use_kerberos) ! 315: #endif ! 316: if (check_all || local_domain(hp->h_name)) { ! 317: strncpy(remotehost, hp->h_name, sizeof(remotehost) - 1); ! 318: remotehost[sizeof(remotehost) - 1] = 0; ! 319: errorhost = remotehost; ! 320: hp = gethostbyname(remotehost); ! 321: if (hp == NULL) { ! 322: syslog(LOG_INFO, ! 323: "Couldn't look up address for %s", ! 324: remotehost); ! 325: errorstr = ! 326: "Couldn't look up address for your host (%s)\n"; ! 327: hostname = inet_ntoa(fromp->sin_addr); ! 328: } else for (; ; hp->h_addr_list++) { ! 329: if (hp->h_addr_list[0] == NULL) { ! 330: syslog(LOG_NOTICE, ! 331: "Host addr %s not listed for host %s", ! 332: inet_ntoa(fromp->sin_addr), ! 333: hp->h_name); ! 334: errorstr = ! 335: "Host address mismatch for %s\n"; ! 336: hostname = inet_ntoa(fromp->sin_addr); ! 337: break; ! 338: } ! 339: if (!bcmp(hp->h_addr_list[0], ! 340: (caddr_t)&fromp->sin_addr, ! 341: sizeof(fromp->sin_addr))) { ! 342: hostname = hp->h_name; ! 343: break; ! 344: } ! 345: } ! 346: } ! 347: } else ! 348: errorhost = hostname = inet_ntoa(fromp->sin_addr); ! 349: ! 350: #ifdef KERBEROS ! 351: if (use_kerberos) { ! 352: kdata = (AUTH_DAT *) authbuf; ! 353: ticket = (KTEXT) tickbuf; ! 354: authopts = 0L; ! 355: strcpy(instance, "*"); ! 356: version[VERSION_SIZE - 1] = '\0'; ! 357: if (encrypt) { ! 358: struct sockaddr_in local_addr; ! 359: rc = sizeof(local_addr); ! 360: if (getsockname(0, &local_addr, &rc) < 0) { ! 361: syslog(LOG_ERR, "getsockname: %m"); ! 362: error("rlogind: getsockname: %m"); ! 363: exit(1); ! 364: } ! 365: authopts = KOPT_DO_MUTUAL; ! 366: rc = krb_recvauth(authopts, 0, ticket, ! 367: "rcmd", instance, &fromaddr, ! 368: &local_addr, kdata, "", schedule, ! 369: version); ! 370: des_set_key(kdata->session, schedule); ! 371: } else { ! 372: rc = krb_recvauth(authopts, 0, ticket, "rcmd", ! 373: instance, &fromaddr, ! 374: (struct sockaddr_in *) 0, ! 375: kdata, "", (bit_64 *) 0, version); ! 376: } ! 377: if (rc != KSUCCESS) { ! 378: error("Kerberos authentication failure: %s\n", ! 379: krb_err_txt[rc]); ! 380: exit(1); ! 381: } ! 382: } else ! 383: #endif ! 384: getstr(remuser, sizeof(remuser), "remuser"); ! 385: ! 386: getstr(locuser, sizeof(locuser), "locuser"); ! 387: getstr(cmdbuf, sizeof(cmdbuf), "command"); ! 388: setpwent(); ! 389: pwd = getpwnam(locuser); ! 390: if (pwd == NULL) { ! 391: if (errorstr == NULL) ! 392: errorstr = "Login incorrect.\n"; ! 393: goto fail; ! 394: } ! 395: if (chdir(pwd->pw_dir) < 0) { ! 396: (void) chdir("/"); ! 397: #ifdef notdef ! 398: error("No remote directory.\n"); ! 399: exit(1); ! 400: #endif ! 401: } ! 402: ! 403: #ifdef KERBEROS ! 404: if (use_kerberos) { ! 405: if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0') { ! 406: if (kuserok(kdata, locuser) != 0) { ! 407: syslog(LOG_NOTICE|LOG_AUTH, ! 408: "Kerberos rsh denied to %s.%s@%s", ! 409: kdata->pname, kdata->pinst, kdata->prealm); ! 410: error("Permission denied.\n"); ! 411: exit(1); ! 412: } ! 413: } ! 414: } else ! 415: #endif ! 416: ! 417: if (errorstr || ! 418: pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' && ! 419: ruserok(hostname, pwd->pw_uid == 0, remuser, locuser) < 0) { ! 420: fail: ! 421: if (errorstr == NULL) ! 422: errorstr = "Permission denied.\n"; ! 423: error(errorstr, errorhost); ! 424: exit(1); ! 425: } ! 426: ! 427: if (pwd->pw_uid && !access(_PATH_NOLOGIN, F_OK)) { ! 428: error("Logins currently disabled.\n"); ! 429: exit(1); ! 430: } ! 431: ! 432: (void) write(2, "\0", 1); ! 433: sent_null = 1; ! 434: ! 435: if (port) { ! 436: if (pipe(pv) < 0) { ! 437: error("Can't make pipe.\n"); ! 438: exit(1); ! 439: } ! 440: #ifdef KERBEROS ! 441: if (encrypt) { ! 442: if (pipe(pv1) < 0) { ! 443: error("Can't make 2nd pipe.\n"); ! 444: exit(1); ! 445: } ! 446: if (pipe(pv2) < 0) { ! 447: error("Can't make 3rd pipe.\n"); ! 448: exit(1); ! 449: } ! 450: } ! 451: #endif ! 452: pid = fork(); ! 453: if (pid == -1) { ! 454: error("Can't fork; try again.\n"); ! 455: exit(1); ! 456: } ! 457: if (pid) { ! 458: #ifdef KERBEROS ! 459: if (encrypt) { ! 460: static char msg[] = SECURE_MESSAGE; ! 461: (void) close(pv1[1]); ! 462: (void) close(pv2[1]); ! 463: des_write(s, msg, sizeof(msg)); ! 464: ! 465: } else ! 466: #endif ! 467: { ! 468: (void) close(0); (void) close(1); ! 469: } ! 470: (void) close(2); (void) close(pv[1]); ! 471: ! 472: FD_ZERO(&readfrom); ! 473: FD_SET(s, &readfrom); ! 474: FD_SET(pv[0], &readfrom); ! 475: if (pv[0] > s) ! 476: nfd = pv[0]; ! 477: else ! 478: nfd = s; ! 479: #ifdef KERBEROS ! 480: if (encrypt) { ! 481: FD_ZERO(&writeto); ! 482: FD_SET(pv2[0], &writeto); ! 483: FD_SET(pv1[0], &readfrom); ! 484: ! 485: nfd = MAX(nfd, pv2[0]); ! 486: nfd = MAX(nfd, pv1[0]); ! 487: } else ! 488: #endif ! 489: ioctl(pv[0], FIONBIO, (char *)&one); ! 490: ! 491: /* should set s nbio! */ ! 492: nfd++; ! 493: do { ! 494: ready = readfrom; ! 495: #ifdef KERBEROS ! 496: if (encrypt) { ! 497: wready = writeto; ! 498: if (select(nfd, &ready, ! 499: &wready, (fd_set *) 0, ! 500: (struct timeval *) 0) < 0) ! 501: break; ! 502: } else ! 503: #endif ! 504: if (select(nfd, &ready, (fd_set *)0, ! 505: (fd_set *)0, (struct timeval *)0) < 0) ! 506: break; ! 507: if (FD_ISSET(s, &ready)) { ! 508: int ret; ! 509: #ifdef KERBEROS ! 510: if (encrypt) ! 511: ret = des_read(s, &sig, 1); ! 512: else ! 513: #endif ! 514: ret = read(s, &sig, 1); ! 515: if (ret <= 0) ! 516: FD_CLR(s, &readfrom); ! 517: else ! 518: killpg(pid, sig); ! 519: } ! 520: if (FD_ISSET(pv[0], &ready)) { ! 521: errno = 0; ! 522: cc = read(pv[0], buf, sizeof(buf)); ! 523: if (cc <= 0) { ! 524: shutdown(s, 1+1); ! 525: FD_CLR(pv[0], &readfrom); ! 526: } else { ! 527: #ifdef KERBEROS ! 528: if (encrypt) ! 529: (void) ! 530: des_write(s, buf, cc); ! 531: else ! 532: #endif ! 533: (void) ! 534: write(s, buf, cc); ! 535: } ! 536: } ! 537: #ifdef KERBEROS ! 538: ! 539: if (encrypt && FD_ISSET(pv1[0], &ready)) { ! 540: errno = 0; ! 541: cc = read(pv1[0], buf, sizeof(buf)); ! 542: if (cc <= 0) { ! 543: shutdown(pv1[0], 1+1); ! 544: FD_CLR(pv1[0], &readfrom); ! 545: } else ! 546: (void) des_write(1, buf, cc); ! 547: } ! 548: ! 549: if (encrypt && FD_ISSET(pv2[0], &wready)) { ! 550: errno = 0; ! 551: cc = des_read(0, buf, sizeof(buf)); ! 552: if (cc <= 0) { ! 553: shutdown(pv2[0], 1+1); ! 554: FD_CLR(pv2[0], &writeto); ! 555: } else ! 556: (void) write(pv2[0], buf, cc); ! 557: } ! 558: #endif ! 559: ! 560: } while (FD_ISSET(s, &readfrom) || ! 561: #ifdef KERBEROS ! 562: (encrypt && FD_ISSET(pv1[0], &readfrom)) || ! 563: #endif ! 564: FD_ISSET(pv[0], &readfrom)); ! 565: exit(0); ! 566: } ! 567: setpgrp(0, getpid()); ! 568: (void) close(s); (void) close(pv[0]); ! 569: #ifdef KERBEROS ! 570: if (encrypt) { ! 571: close(pv1[0]); close(pv2[0]); ! 572: dup2(pv1[1], 1); ! 573: dup2(pv2[1], 0); ! 574: close(pv1[1]); ! 575: close(pv2[1]); ! 576: } ! 577: #endif ! 578: dup2(pv[1], 2); ! 579: close(pv[1]); ! 580: } ! 581: if (*pwd->pw_shell == '\0') ! 582: pwd->pw_shell = _PATH_BSHELL; ! 583: #if BSD > 43 ! 584: if (setlogin(pwd->pw_name) < 0) ! 585: syslog(LOG_ERR, "setlogin() failed: %m"); ! 586: #endif ! 587: (void) setgid((gid_t)pwd->pw_gid); ! 588: initgroups(pwd->pw_name, pwd->pw_gid); ! 589: (void) setuid((uid_t)pwd->pw_uid); ! 590: environ = envinit; ! 591: strncat(homedir, pwd->pw_dir, sizeof(homedir)-6); ! 592: strncat(shell, pwd->pw_shell, sizeof(shell)-7); ! 593: strncat(username, pwd->pw_name, sizeof(username)-6); ! 594: cp = rindex(pwd->pw_shell, '/'); ! 595: if (cp) ! 596: cp++; ! 597: else ! 598: cp = pwd->pw_shell; ! 599: endpwent(); ! 600: if (pwd->pw_uid == 0) { ! 601: #ifdef KERBEROS ! 602: if (use_kerberos) ! 603: syslog(LOG_INFO|LOG_AUTH, ! 604: "ROOT Kerberos shell from %s.%s@%s on %s, comm: %s\n", ! 605: kdata->pname, kdata->pinst, kdata->prealm, ! 606: hostname, cmdbuf); ! 607: else ! 608: #endif ! 609: syslog(LOG_INFO|LOG_AUTH, ! 610: "ROOT shell from %s@%s, comm: %s\n", ! 611: remuser, hostname, cmdbuf); ! 612: } ! 613: execl(pwd->pw_shell, cp, "-c", cmdbuf, 0); ! 614: perror(pwd->pw_shell); ! 615: exit(1); ! 616: } ! 617: ! 618: /* ! 619: * Report error to client. ! 620: * Note: can't be used until second socket has connected ! 621: * to client, or older clients will hang waiting ! 622: * for that connection first. ! 623: */ ! 624: /*VARARGS1*/ ! 625: error(fmt, a1, a2, a3) ! 626: char *fmt; ! 627: int a1, a2, a3; ! 628: { ! 629: char buf[BUFSIZ], *bp = buf; ! 630: ! 631: if (sent_null == 0) ! 632: *bp++ = 1; ! 633: (void) sprintf(bp, fmt, a1, a2, a3); ! 634: (void) write(2, buf, strlen(buf)); ! 635: } ! 636: ! 637: getstr(buf, cnt, err) ! 638: char *buf; ! 639: int cnt; ! 640: char *err; ! 641: { ! 642: char c; ! 643: ! 644: do { ! 645: if (read(0, &c, 1) != 1) ! 646: exit(1); ! 647: *buf++ = c; ! 648: if (--cnt == 0) { ! 649: error("%s too long\n", err); ! 650: exit(1); ! 651: } ! 652: } while (c != 0); ! 653: } ! 654: ! 655: /* ! 656: * Check whether host h is in our local domain, ! 657: * defined as sharing the last two components of the domain part, ! 658: * or the entire domain part if the local domain has only one component. ! 659: * If either name is unqualified (contains no '.'), ! 660: * assume that the host is local, as it will be ! 661: * interpreted as such. ! 662: */ ! 663: local_domain(h) ! 664: char *h; ! 665: { ! 666: char localhost[MAXHOSTNAMELEN]; ! 667: char *p1, *p2, *topdomain(); ! 668: ! 669: localhost[0] = 0; ! 670: (void) gethostname(localhost, sizeof(localhost)); ! 671: p1 = topdomain(localhost); ! 672: p2 = topdomain(h); ! 673: if (p1 == NULL || p2 == NULL || !strcasecmp(p1, p2)) ! 674: return(1); ! 675: return(0); ! 676: } ! 677: ! 678: char * ! 679: topdomain(h) ! 680: char *h; ! 681: { ! 682: register char *p; ! 683: char *maybe = NULL; ! 684: int dots = 0; ! 685: ! 686: for (p = h + strlen(h); p >= h; p--) { ! 687: if (*p == '.') { ! 688: if (++dots == 2) ! 689: return (p); ! 690: maybe = p; ! 691: } ! 692: } ! 693: return (maybe); ! 694: } ! 695: ! 696: usage() ! 697: { ! 698: syslog(LOG_ERR, "usage: rshd [-%s]", OPTIONS); ! 699: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.