![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to auth_act.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Research Unix] / researchv10dc / ipc / mgrs / svcmgr|
Return to auth_act.c CVS log | Up to [Research Unix] / researchv10dc / ipc / mgrs / svcmgr |
1.1 ! root 1: #include "mgr.h" ! 2: #include <pwd.h> ! 3: #include <sys/filio.h> ! 4: #include "defs.h" ! 5: ! 6: extern int debug; ! 7: ! 8: /* ! 9: * execute as a specific user ! 10: */ ! 11: asuser(rp, ap) ! 12: Request *rp; ! 13: Action *ap; ! 14: { ! 15: char line[ARB]; ! 16: struct passwd *pwsearch(); ! 17: ! 18: if(pwsearch(ap->arg, -1, line)==NULL) { ! 19: ipcreject(rp->i, EACCES, "default user illegal"); ! 20: return -1; ! 21: } ! 22: rp->line = strdup(line); ! 23: ipcaccept(rp->i); ! 24: return 0; ! 25: } ! 26: ! 27: /* ! 28: * simple authentication ! 29: */ ! 30: auth(rp, ap) ! 31: Request *rp; ! 32: Action *ap; ! 33: { ! 34: struct passwd *pw; ! 35: static char line[ARB]; ! 36: struct passwd *pwsearch(); ! 37: char *mapuser(); ! 38: char *u; ! 39: ! 40: if(debug) ! 41: logtime("auth:\n"); ! 42: USE(ap); ! 43: ! 44: /* ! 45: * do the mapping from the authentication files ! 46: */ ! 47: u = mapuser(rp->s->name, rp->i->machine, rp->i->user); ! 48: if(u!=NULL) { ! 49: if ((pw = pwsearch(u, -1, line)) != NULL ! 50: && strcmp(pw->pw_name, "root") != 0) { ! 51: ipcaccept(rp->i); ! 52: rp->line = line; ! 53: return 0; ! 54: } ! 55: } ! 56: ipcreject(rp->i, EACCES, "authentication failure"); ! 57: return -1; ! 58: } ! 59: ! 60: /* ! 61: * v9 authentication ! 62: */ ! 63: v9auth(rp, ap) ! 64: Request *rp; ! 65: Action *ap; ! 66: { ! 67: struct passwd *pw; ! 68: static char line[ARB]; ! 69: register char *u, *p; ! 70: struct passwd *pwsearch(); ! 71: char *mapuser(); ! 72: char *rdline(); ! 73: ! 74: if(debug) ! 75: logtime("v9auth:\n"); ! 76: USE(ap); ! 77: ipcaccept(rp->i); ! 78: ! 79: /* ! 80: * do the mapping from the authentication files ! 81: */ ! 82: if(ap->arg && *ap->arg!=0) ! 83: u = ap->arg; ! 84: else ! 85: u = mapuser(rp->s->name, rp->i->machine, rp->i->user); ! 86: if(u!=NULL) { ! 87: if ((pw = pwsearch(u, -1, line)) != NULL ! 88: && pw->pw_uid != 0) { ! 89: write(rp->i->cfd, "OK", 2); ! 90: rp->line = line; ! 91: return 0; ! 92: } ! 93: } ! 94: ! 95: /* ! 96: * mapping didn't work, ask for password etc. ! 97: */ ! 98: for (;;) { ! 99: write(rp->i->cfd, "NO", 2); ! 100: if ((u = rdline(rp->i->cfd))==NULL){ ! 101: errno = EACCES; errstr = "authentication failure"; ! 102: return -1; ! 103: } ! 104: p = strchr(u, ','); ! 105: if (p) ! 106: *p++ = '\0'; ! 107: if ((pw = pwsearch(u, -1, line)) == NULL) ! 108: continue; ! 109: if (strcmp(crypt(p, pw->pw_passwd), pw->pw_passwd) == 0) ! 110: break; ! 111: } ! 112: write(rp->i->cfd, "OK", 2); ! 113: rp->line = strdup(line); ! 114: return 0; ! 115: } ! 116: ! 117: /* 4.2BSD inet stye authentication */ ! 118: #define SNDMSG(x) write(rp->i->cfd, x, strlen(x)) ! 119: inauth(rp, ap) ! 120: Request *rp; ! 121: Action *ap; ! 122: { ! 123: static char line[ARB]; ! 124: struct passwd *pw; ! 125: struct passwd *pwsearch(); ! 126: char *port; ! 127: char *u; ! 128: char buf[ARB]; ! 129: char *rdline(); ! 130: char *mapuser(); ! 131: char *tcptofs(); ! 132: ! 133: if(debug) ! 134: logtime("inauth:\n"); ! 135: USE(ap); ! 136: ! 137: /* ! 138: * get port number for stderr and connect to it ! 139: */ ! 140: ipcaccept(rp->i); ! 141: port = rdline(rp->i->cfd); ! 142: if(port==NULL) { ! 143: errno = EACCES; errstr = "protocol botch"; ! 144: return -1; ! 145: } ! 146: if(*port!='\0') { ! 147: rp->errfd = ipcopen(ipcpath(rp->i->machine, "tcp", ! 148: tcptofs(atoi(port))), "light"); ! 149: } ! 150: ! 151: /* ! 152: * get remuser, locuser ! 153: */ ! 154: u = rdline(rp->i->cfd); ! 155: if(u==NULL) { ! 156: SNDMSG("protocol botch\n"); ! 157: errno = EACCES; errstr = "protocol botch"; ! 158: return -1; ! 159: } ! 160: strcpy(buf, u); ! 161: u = rdline(rp->i->cfd); ! 162: if(u==NULL) { ! 163: SNDMSG("protocol botch\n"); ! 164: errno = EACCES; errstr = "protocol botch"; ! 165: return -1; ! 166: } ! 167: if(strcmp(buf, u)!=0) { ! 168: SNDMSG("-l option not supported\n"); ! 169: errno = EACCES; errstr = "-l attempted"; ! 170: return -1; ! 171: } ! 172: ! 173: /* ! 174: * don't trust user name if call didn't come from root ! 175: */ ! 176: if(strcmp(rp->i->user, "root")!=0) ! 177: u = rp->i->user; ! 178: write(rp->i->cfd, "", 1); ! 179: ! 180: /* authenticate */ ! 181: if(ap->arg && *ap->arg!=0) ! 182: u=ap->arg; ! 183: else ! 184: u=mapuser(rp->s->name, rp->i->machine, u); ! 185: if (u!=NULL ! 186: && (pw = pwsearch(u, -1, line)) != NULL ! 187: && pw->pw_uid != 0) ! 188: rp->line = strdup(line); ! 189: else ! 190: SNDMSG("cannot authenticate caller (.rhosts unsupported)\r\n"); ! 191: return 0; ! 192: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.