![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to rshd.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / libexec / rshd|
Return to rshd.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / libexec / rshd |
1.1 root 1: /*
2: * Copyright (c) 1983, 1988, 1989 The Regents of the University of California.
3: * All rights reserved.
4: *
5: * Redistribution and use in source and binary forms are permitted provided
6: * that: (1) source distributions retain this entire copyright notice and
7: * comment, and (2) distributions including binaries display the following
8: * acknowledgement: ``This product includes software developed by the
9: * University of California, Berkeley and its contributors'' in the
10: * documentation or other materials provided with the distribution and in
11: * all advertising materials mentioning features or use of this software.
12: * Neither the name of the University nor the names of its contributors may
13: * be used to endorse or promote products derived from this software without
14: * specific prior written permission.
15: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
16: * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
17: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
18: */
19:
20: #ifndef lint
21: char copyright[] =
22: "@(#) Copyright (c) 1983, 1988, 1089 The Regents of the University of California.\n\
23: All rights reserved.\n";
24: #endif /* not lint */
25:
26: #ifndef lint
27: static char sccsid[] = "@(#)rshd.c 5.34 (Berkeley) 6/29/90";
28: #endif /* not lint */
29:
30: /* From:
31: * $Source: /mit/kerberos/ucb/mit/rshd/RCS/rshd.c,v $
32: * $Header: /mit/kerberos/ucb/mit/rshd/RCS/rshd.c,v 5.2 89/07/31 19:30:04 kfall Exp $
33: */
34:
35:
36: /*
37: * remote shell server:
38: * [port]\0
39: * remuser\0
40: * locuser\0
41: * command\0
42: * data
43: */
44: #include <sys/param.h>
45: #include <sys/ioctl.h>
46: #include <sys/socket.h>
47: #include <sys/file.h>
48: #include <sys/signal.h>
49: #include <sys/time.h>
50:
51: #include <netinet/in.h>
52:
53: #include <arpa/inet.h>
54:
55: #include <stdio.h>
56: #include <errno.h>
57: #include <pwd.h>
58: #include <netdb.h>
59: #include <syslog.h>
60: #include "pathnames.h"
61:
62: int errno;
63: int keepalive = 1;
64: int check_all = 0;
65: char *index(), *rindex(), *strncat();
66: /*VARARGS1*/
67: int error();
68: int sent_null;
69:
70: #ifdef KERBEROS
71: #include <kerberosIV/des.h>
72: #include <kerberosIV/krb.h>
73: #define VERSION_SIZE 9
74: #define SECURE_MESSAGE "This rsh session is using DES encryption for all transmissions.\r\n"
75: #define OPTIONS "alknvx"
76: char authbuf[sizeof(AUTH_DAT)];
77: char tickbuf[sizeof(KTEXT_ST)];
78: int use_kerberos = 0, vacuous = 0;
79: int encrypt = 0;
80: Key_schedule schedule;
81: #else
82: #define OPTIONS "aln"
83: #endif
84:
85: /*ARGSUSED*/
86: main(argc, argv)
87: int argc;
88: char **argv;
89: {
90: extern int opterr, optind;
91: extern int _check_rhosts_file;
92: struct linger linger;
93: int ch, on = 1, fromlen;
94: struct sockaddr_in from;
95:
96: openlog("rshd", LOG_PID | LOG_ODELAY, LOG_DAEMON);
97:
98: opterr = 0;
99: while ((ch = getopt(argc, argv, OPTIONS)) != EOF)
100: switch (ch) {
101: case 'a':
102: check_all = 1;
103: break;
104: case 'l':
105: _check_rhosts_file = 0;
106: break;
107: case 'n':
108: keepalive = 0;
109: break;
110: #ifdef KERBEROS
111: case 'k':
112: use_kerberos = 1;
113: break;
114:
115: case 'v':
116: vacuous = 1;
117: break;
118:
119: case 'x':
120: encrypt = 1;
121: break;
122: #endif
123: case '?':
124: default:
125: usage();
126: exit(2);
127: }
128:
129: argc -= optind;
130: argv += optind;
131:
132: #ifdef KERBEROS
133: if (use_kerberos && vacuous) {
134: syslog(LOG_ERR, "only one of -k and -v allowed");
135: exit(2);
136: }
137: if (encrypt && !use_kerberos) {
138: syslog(LOG_ERR, "-k is required for -x");
139: exit(2);
140: }
141: #endif
142:
143: fromlen = sizeof (from);
144: if (getpeername(0, &from, &fromlen) < 0) {
145: syslog(LOG_ERR, "getpeername: %m");
146: _exit(1);
147: }
148: if (keepalive &&
149: setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (char *)&on,
150: sizeof(on)) < 0)
151: syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
152: linger.l_onoff = 1;
153: linger.l_linger = 60; /* XXX */
154: if (setsockopt(0, SOL_SOCKET, SO_LINGER, (char *)&linger,
155: sizeof (linger)) < 0)
156: syslog(LOG_WARNING, "setsockopt (SO_LINGER): %m");
157: doit(&from);
158: }
159:
160: char username[20] = "USER=";
161: char homedir[64] = "HOME=";
162: char shell[64] = "SHELL=";
163: char *envinit[] =
164: {homedir, shell, _PATH_DEFPATH, username, 0};
165: char **environ;
166:
167: doit(fromp)
168: struct sockaddr_in *fromp;
169: {
170: char cmdbuf[NCARGS+1], *cp;
171: char locuser[16], remuser[16];
172: struct passwd *pwd;
173: int s;
174: struct hostent *hp;
175: char *hostname, *errorstr = NULL, *errorhost;
176: u_short port;
177: int pv[2], pid, cc;
178: int nfd;
179: fd_set ready, readfrom;
180: char buf[BUFSIZ], sig;
181: int one = 1;
182: char remotehost[2 * MAXHOSTNAMELEN + 1];
183:
184: #ifdef KERBEROS
185: AUTH_DAT *kdata = (AUTH_DAT *) NULL;
186: KTEXT ticket = (KTEXT) NULL;
187: char instance[INST_SZ], version[VERSION_SIZE];
188: struct sockaddr_in fromaddr;
189: int rc;
190: long authopts;
191: int pv1[2], pv2[2];
192: fd_set wready, writeto;
193:
194: fromaddr = *fromp;
195: #endif
196:
197: (void) signal(SIGINT, SIG_DFL);
198: (void) signal(SIGQUIT, SIG_DFL);
199: (void) signal(SIGTERM, SIG_DFL);
200: #ifdef DEBUG
201: { int t = open(_PATH_TTY, 2);
202: if (t >= 0) {
203: ioctl(t, TIOCNOTTY, (char *)0);
204: (void) close(t);
205: }
206: }
207: #endif
208: fromp->sin_port = ntohs((u_short)fromp->sin_port);
209: if (fromp->sin_family != AF_INET) {
210: syslog(LOG_ERR, "malformed \"from\" address (af %d)\n",
211: fromp->sin_family);
212: exit(1);
213: }
214: #ifdef IP_OPTIONS
215: {
216: u_char optbuf[BUFSIZ/3], *cp;
217: char lbuf[BUFSIZ], *lp;
218: int optsize = sizeof(optbuf), ipproto;
219: struct protoent *ip;
220:
221: if ((ip = getprotobyname("ip")) != NULL)
222: ipproto = ip->p_proto;
223: else
224: ipproto = IPPROTO_IP;
225: if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) &&
226: optsize != 0) {
227: lp = lbuf;
228: for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3)
229: sprintf(lp, " %2.2x", *cp);
230: syslog(LOG_NOTICE,
231: "Connection received from %s using IP options (ignored):%s",
232: inet_ntoa(fromp->sin_addr), lbuf);
233: if (setsockopt(0, ipproto, IP_OPTIONS,
234: (char *)NULL, &optsize) != 0) {
235: syslog(LOG_ERR, "setsockopt IP_OPTIONS NULL: %m");
236: exit(1);
237: }
238: }
239: }
240: #endif
241:
242: #ifdef KERBEROS
243: if (!use_kerberos)
244: #endif
245: if (fromp->sin_port >= IPPORT_RESERVED ||
246: fromp->sin_port < IPPORT_RESERVED/2) {
247: syslog(LOG_NOTICE|LOG_AUTH,
248: "Connection from %s on illegal port",
249: inet_ntoa(fromp->sin_addr));
250: exit(1);
251: }
252:
253: (void) alarm(60);
254: port = 0;
255: for (;;) {
256: char c;
257: if ((cc = read(0, &c, 1)) != 1) {
258: if (cc < 0)
259: syslog(LOG_NOTICE, "read: %m");
260: shutdown(0, 1+1);
261: exit(1);
262: }
263: if (c== 0)
264: break;
265: port = port * 10 + c - '0';
266: }
267:
268: (void) alarm(0);
269: if (port != 0) {
270: int lport = IPPORT_RESERVED - 1;
271: s = rresvport(&lport);
272: if (s < 0) {
273: syslog(LOG_ERR, "can't get stderr port: %m");
274: exit(1);
275: }
276: #ifdef KERBEROS
277: if (!use_kerberos)
278: #endif
279: if (port >= IPPORT_RESERVED) {
280: syslog(LOG_ERR, "2nd port not reserved\n");
281: exit(1);
282: }
283: fromp->sin_port = htons(port);
284: if (connect(s, fromp, sizeof (*fromp)) < 0) {
285: syslog(LOG_INFO, "connect second port: %m");
286: exit(1);
287: }
288: }
289:
290: #ifdef KERBEROS
291: if (vacuous) {
292: error("rshd: remote host requires Kerberos authentication\n");
293: exit(1);
294: }
295: #endif
296:
297: #ifdef notdef
298: /* from inetd, socket is already on 0, 1, 2 */
299: dup2(f, 0);
300: dup2(f, 1);
301: dup2(f, 2);
302: #endif
303: hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof (struct in_addr),
304: fromp->sin_family);
305: if (hp) {
306: /*
307: * If name returned by gethostbyaddr is in our domain,
308: * attempt to verify that we haven't been fooled by someone
309: * in a remote net; look up the name and check that this
310: * address corresponds to the name.
311: */
312: hostname = hp->h_name;
313: #ifdef KERBEROS
314: if (!use_kerberos)
315: #endif
316: if (check_all || local_domain(hp->h_name)) {
317: strncpy(remotehost, hp->h_name, sizeof(remotehost) - 1);
318: remotehost[sizeof(remotehost) - 1] = 0;
319: errorhost = remotehost;
320: hp = gethostbyname(remotehost);
321: if (hp == NULL) {
322: syslog(LOG_INFO,
323: "Couldn't look up address for %s",
324: remotehost);
325: errorstr =
326: "Couldn't look up address for your host (%s)\n";
327: hostname = inet_ntoa(fromp->sin_addr);
328: } else for (; ; hp->h_addr_list++) {
329: if (hp->h_addr_list[0] == NULL) {
330: syslog(LOG_NOTICE,
331: "Host addr %s not listed for host %s",
332: inet_ntoa(fromp->sin_addr),
333: hp->h_name);
334: errorstr =
335: "Host address mismatch for %s\n";
336: hostname = inet_ntoa(fromp->sin_addr);
337: break;
338: }
339: if (!bcmp(hp->h_addr_list[0],
340: (caddr_t)&fromp->sin_addr,
341: sizeof(fromp->sin_addr))) {
342: hostname = hp->h_name;
343: break;
344: }
345: }
346: }
347: } else
348: errorhost = hostname = inet_ntoa(fromp->sin_addr);
349:
350: #ifdef KERBEROS
351: if (use_kerberos) {
352: kdata = (AUTH_DAT *) authbuf;
353: ticket = (KTEXT) tickbuf;
354: authopts = 0L;
355: strcpy(instance, "*");
356: version[VERSION_SIZE - 1] = '\0';
357: if (encrypt) {
358: struct sockaddr_in local_addr;
359: rc = sizeof(local_addr);
360: if (getsockname(0, &local_addr, &rc) < 0) {
361: syslog(LOG_ERR, "getsockname: %m");
362: error("rlogind: getsockname: %m");
363: exit(1);
364: }
365: authopts = KOPT_DO_MUTUAL;
366: rc = krb_recvauth(authopts, 0, ticket,
367: "rcmd", instance, &fromaddr,
368: &local_addr, kdata, "", schedule,
369: version);
370: des_set_key(kdata->session, schedule);
371: } else {
372: rc = krb_recvauth(authopts, 0, ticket, "rcmd",
373: instance, &fromaddr,
374: (struct sockaddr_in *) 0,
375: kdata, "", (bit_64 *) 0, version);
376: }
377: if (rc != KSUCCESS) {
378: error("Kerberos authentication failure: %s\n",
379: krb_err_txt[rc]);
380: exit(1);
381: }
382: } else
383: #endif
384: getstr(remuser, sizeof(remuser), "remuser");
385:
386: getstr(locuser, sizeof(locuser), "locuser");
387: getstr(cmdbuf, sizeof(cmdbuf), "command");
388: setpwent();
389: pwd = getpwnam(locuser);
390: if (pwd == NULL) {
391: if (errorstr == NULL)
392: errorstr = "Login incorrect.\n";
393: goto fail;
394: }
395: if (chdir(pwd->pw_dir) < 0) {
396: (void) chdir("/");
397: #ifdef notdef
398: error("No remote directory.\n");
399: exit(1);
400: #endif
401: }
402:
403: #ifdef KERBEROS
404: if (use_kerberos) {
405: if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0') {
406: if (kuserok(kdata, locuser) != 0) {
407: syslog(LOG_NOTICE|LOG_AUTH,
408: "Kerberos rsh denied to %s.%s@%s",
409: kdata->pname, kdata->pinst, kdata->prealm);
410: error("Permission denied.\n");
411: exit(1);
412: }
413: }
414: } else
415: #endif
416:
417: if (errorstr ||
418: pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' &&
419: ruserok(hostname, pwd->pw_uid == 0, remuser, locuser) < 0) {
420: fail:
421: if (errorstr == NULL)
422: errorstr = "Permission denied.\n";
423: error(errorstr, errorhost);
424: exit(1);
425: }
426:
427: if (pwd->pw_uid && !access(_PATH_NOLOGIN, F_OK)) {
428: error("Logins currently disabled.\n");
429: exit(1);
430: }
431:
432: (void) write(2, "\0", 1);
433: sent_null = 1;
434:
435: if (port) {
436: if (pipe(pv) < 0) {
437: error("Can't make pipe.\n");
438: exit(1);
439: }
440: #ifdef KERBEROS
441: if (encrypt) {
442: if (pipe(pv1) < 0) {
443: error("Can't make 2nd pipe.\n");
444: exit(1);
445: }
446: if (pipe(pv2) < 0) {
447: error("Can't make 3rd pipe.\n");
448: exit(1);
449: }
450: }
451: #endif
452: pid = fork();
453: if (pid == -1) {
454: error("Can't fork; try again.\n");
455: exit(1);
456: }
457: if (pid) {
458: #ifdef KERBEROS
459: if (encrypt) {
460: static char msg[] = SECURE_MESSAGE;
461: (void) close(pv1[1]);
462: (void) close(pv2[1]);
463: des_write(s, msg, sizeof(msg));
464:
465: } else
466: #endif
467: {
468: (void) close(0); (void) close(1);
469: }
470: (void) close(2); (void) close(pv[1]);
471:
472: FD_ZERO(&readfrom);
473: FD_SET(s, &readfrom);
474: FD_SET(pv[0], &readfrom);
475: if (pv[0] > s)
476: nfd = pv[0];
477: else
478: nfd = s;
479: #ifdef KERBEROS
480: if (encrypt) {
481: FD_ZERO(&writeto);
482: FD_SET(pv2[0], &writeto);
483: FD_SET(pv1[0], &readfrom);
484:
485: nfd = MAX(nfd, pv2[0]);
486: nfd = MAX(nfd, pv1[0]);
487: } else
488: #endif
489: ioctl(pv[0], FIONBIO, (char *)&one);
490:
491: /* should set s nbio! */
492: nfd++;
493: do {
494: ready = readfrom;
495: #ifdef KERBEROS
496: if (encrypt) {
497: wready = writeto;
498: if (select(nfd, &ready,
499: &wready, (fd_set *) 0,
500: (struct timeval *) 0) < 0)
501: break;
502: } else
503: #endif
504: if (select(nfd, &ready, (fd_set *)0,
505: (fd_set *)0, (struct timeval *)0) < 0)
506: break;
507: if (FD_ISSET(s, &ready)) {
508: int ret;
509: #ifdef KERBEROS
510: if (encrypt)
511: ret = des_read(s, &sig, 1);
512: else
513: #endif
514: ret = read(s, &sig, 1);
515: if (ret <= 0)
516: FD_CLR(s, &readfrom);
517: else
518: killpg(pid, sig);
519: }
520: if (FD_ISSET(pv[0], &ready)) {
521: errno = 0;
522: cc = read(pv[0], buf, sizeof(buf));
523: if (cc <= 0) {
524: shutdown(s, 1+1);
525: FD_CLR(pv[0], &readfrom);
526: } else {
527: #ifdef KERBEROS
528: if (encrypt)
529: (void)
530: des_write(s, buf, cc);
531: else
532: #endif
533: (void)
534: write(s, buf, cc);
535: }
536: }
537: #ifdef KERBEROS
538:
539: if (encrypt && FD_ISSET(pv1[0], &ready)) {
540: errno = 0;
541: cc = read(pv1[0], buf, sizeof(buf));
542: if (cc <= 0) {
543: shutdown(pv1[0], 1+1);
544: FD_CLR(pv1[0], &readfrom);
545: } else
546: (void) des_write(1, buf, cc);
547: }
548:
549: if (encrypt && FD_ISSET(pv2[0], &wready)) {
550: errno = 0;
551: cc = des_read(0, buf, sizeof(buf));
552: if (cc <= 0) {
553: shutdown(pv2[0], 1+1);
554: FD_CLR(pv2[0], &writeto);
555: } else
556: (void) write(pv2[0], buf, cc);
557: }
558: #endif
559:
560: } while (FD_ISSET(s, &readfrom) ||
561: #ifdef KERBEROS
562: (encrypt && FD_ISSET(pv1[0], &readfrom)) ||
563: #endif
564: FD_ISSET(pv[0], &readfrom));
565: exit(0);
566: }
567: setpgrp(0, getpid());
568: (void) close(s); (void) close(pv[0]);
569: #ifdef KERBEROS
570: if (encrypt) {
571: close(pv1[0]); close(pv2[0]);
572: dup2(pv1[1], 1);
573: dup2(pv2[1], 0);
574: close(pv1[1]);
575: close(pv2[1]);
576: }
577: #endif
578: dup2(pv[1], 2);
579: close(pv[1]);
580: }
581: if (*pwd->pw_shell == '\0')
582: pwd->pw_shell = _PATH_BSHELL;
583: #if BSD > 43
584: if (setlogin(pwd->pw_name) < 0)
585: syslog(LOG_ERR, "setlogin() failed: %m");
586: #endif
587: (void) setgid((gid_t)pwd->pw_gid);
588: initgroups(pwd->pw_name, pwd->pw_gid);
589: (void) setuid((uid_t)pwd->pw_uid);
590: environ = envinit;
591: strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
592: strncat(shell, pwd->pw_shell, sizeof(shell)-7);
593: strncat(username, pwd->pw_name, sizeof(username)-6);
594: cp = rindex(pwd->pw_shell, '/');
595: if (cp)
596: cp++;
597: else
598: cp = pwd->pw_shell;
599: endpwent();
600: if (pwd->pw_uid == 0) {
601: #ifdef KERBEROS
602: if (use_kerberos)
603: syslog(LOG_INFO|LOG_AUTH,
604: "ROOT Kerberos shell from %s.%s@%s on %s, comm: %s\n",
605: kdata->pname, kdata->pinst, kdata->prealm,
606: hostname, cmdbuf);
607: else
608: #endif
609: syslog(LOG_INFO|LOG_AUTH,
610: "ROOT shell from %s@%s, comm: %s\n",
611: remuser, hostname, cmdbuf);
612: }
613: execl(pwd->pw_shell, cp, "-c", cmdbuf, 0);
614: perror(pwd->pw_shell);
615: exit(1);
616: }
617:
618: /*
619: * Report error to client.
620: * Note: can't be used until second socket has connected
621: * to client, or older clients will hang waiting
622: * for that connection first.
623: */
624: /*VARARGS1*/
625: error(fmt, a1, a2, a3)
626: char *fmt;
627: int a1, a2, a3;
628: {
629: char buf[BUFSIZ], *bp = buf;
630:
631: if (sent_null == 0)
632: *bp++ = 1;
633: (void) sprintf(bp, fmt, a1, a2, a3);
634: (void) write(2, buf, strlen(buf));
635: }
636:
637: getstr(buf, cnt, err)
638: char *buf;
639: int cnt;
640: char *err;
641: {
642: char c;
643:
644: do {
645: if (read(0, &c, 1) != 1)
646: exit(1);
647: *buf++ = c;
648: if (--cnt == 0) {
649: error("%s too long\n", err);
650: exit(1);
651: }
652: } while (c != 0);
653: }
654:
655: /*
656: * Check whether host h is in our local domain,
657: * defined as sharing the last two components of the domain part,
658: * or the entire domain part if the local domain has only one component.
659: * If either name is unqualified (contains no '.'),
660: * assume that the host is local, as it will be
661: * interpreted as such.
662: */
663: local_domain(h)
664: char *h;
665: {
666: char localhost[MAXHOSTNAMELEN];
667: char *p1, *p2, *topdomain();
668:
669: localhost[0] = 0;
670: (void) gethostname(localhost, sizeof(localhost));
671: p1 = topdomain(localhost);
672: p2 = topdomain(h);
673: if (p1 == NULL || p2 == NULL || !strcasecmp(p1, p2))
674: return(1);
675: return(0);
676: }
677:
678: char *
679: topdomain(h)
680: char *h;
681: {
682: register char *p;
683: char *maybe = NULL;
684: int dots = 0;
685:
686: for (p = h + strlen(h); p >= h; p--) {
687: if (*p == '.') {
688: if (++dots == 2)
689: return (p);
690: maybe = p;
691: }
692: }
693: return (maybe);
694: }
695:
696: usage()
697: {
698: syslog(LOG_ERR, "usage: rshd [-%s]", OPTIONS);
699: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.