![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to auth_act.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Research Unix] / researchv10no / ipc / mgrs / svcmgr|
Return to auth_act.c CVS log | Up to [Research Unix] / researchv10no / ipc / mgrs / svcmgr |
1.1 root 1: #include "mgr.h"
2: #include <pwd.h>
3: #include <sys/filio.h>
4: #include "defs.h"
5:
6: extern int debug;
7:
8: /*
9: * execute as a specific user
10: */
11: asuser(rp, ap)
12: Request *rp;
13: Action *ap;
14: {
15: char line[ARB];
16: struct passwd *pwsearch();
17:
18: if(pwsearch(ap->arg, -1, line)==NULL) {
19: ipcreject(rp->i, EACCES, "default user illegal");
20: return -1;
21: }
22: rp->line = strdup(line);
23: ipcaccept(rp->i);
24: return 0;
25: }
26:
27: /*
28: * simple authentication
29: */
30: auth(rp, ap)
31: Request *rp;
32: Action *ap;
33: {
34: struct passwd *pw;
35: static char line[ARB];
36: struct passwd *pwsearch();
37: char *mapuser();
38: char *u;
39:
40: if(debug)
41: logtime("auth:\n");
42: USE(ap);
43:
44: /*
45: * do the mapping from the authentication files
46: */
47: u = mapuser(rp->s->name, rp->i->machine, rp->i->user);
48: if(u!=NULL) {
49: if ((pw = pwsearch(u, -1, line)) != NULL
50: && strcmp(pw->pw_name, "root") != 0) {
51: ipcaccept(rp->i);
52: rp->line = line;
53: return 0;
54: }
55: }
56: ipcreject(rp->i, EACCES, "authentication failure");
57: return -1;
58: }
59:
60: /*
61: * v9 authentication
62: */
63: v9auth(rp, ap)
64: Request *rp;
65: Action *ap;
66: {
67: struct passwd *pw;
68: static char line[ARB];
69: register char *u, *p;
70: struct passwd *pwsearch();
71: char *mapuser();
72: char *rdline();
73:
74: if(debug)
75: logtime("v9auth:\n");
76: USE(ap);
77: ipcaccept(rp->i);
78:
79: /*
80: * do the mapping from the authentication files
81: */
82: if(ap->arg && *ap->arg!=0)
83: u = ap->arg;
84: else
85: u = mapuser(rp->s->name, rp->i->machine, rp->i->user);
86: if(u!=NULL) {
87: if ((pw = pwsearch(u, -1, line)) != NULL
88: && pw->pw_uid != 0) {
89: write(rp->i->cfd, "OK", 2);
90: rp->line = line;
91: return 0;
92: }
93: }
94:
95: /*
96: * mapping didn't work, ask for password etc.
97: */
98: for (;;) {
99: write(rp->i->cfd, "NO", 2);
100: if ((u = rdline(rp->i->cfd))==NULL){
101: errno = EACCES; errstr = "authentication failure";
102: return -1;
103: }
104: p = strchr(u, ',');
105: if (p)
106: *p++ = '\0';
107: if ((pw = pwsearch(u, -1, line)) == NULL)
108: continue;
109: if (strcmp(crypt(p, pw->pw_passwd), pw->pw_passwd) == 0)
110: break;
111: }
112: write(rp->i->cfd, "OK", 2);
113: rp->line = strdup(line);
114: return 0;
115: }
116:
117: /* 4.2BSD inet stye authentication */
118: #define SNDMSG(x) write(rp->i->cfd, x, strlen(x))
119: inauth(rp, ap)
120: Request *rp;
121: Action *ap;
122: {
123: static char line[ARB];
124: struct passwd *pw;
125: struct passwd *pwsearch();
126: char *port;
127: char *u;
128: char buf[ARB];
129: char *rdline();
130: char *mapuser();
131: char *tcptofs();
132:
133: if(debug)
134: logtime("inauth:\n");
135: USE(ap);
136:
137: /*
138: * get port number for stderr and connect to it
139: */
140: ipcaccept(rp->i);
141: port = rdline(rp->i->cfd);
142: if(port==NULL) {
143: errno = EACCES; errstr = "protocol botch";
144: return -1;
145: }
146: if(*port!='\0') {
147: rp->errfd = ipcopen(ipcpath(rp->i->machine, "tcp",
148: tcptofs(atoi(port))), "light");
149: }
150:
151: /*
152: * get remuser, locuser
153: */
154: u = rdline(rp->i->cfd);
155: if(u==NULL) {
156: SNDMSG("protocol botch\n");
157: errno = EACCES; errstr = "protocol botch";
158: return -1;
159: }
160: strcpy(buf, u);
161: u = rdline(rp->i->cfd);
162: if(u==NULL) {
163: SNDMSG("protocol botch\n");
164: errno = EACCES; errstr = "protocol botch";
165: return -1;
166: }
167: if(strcmp(buf, u)!=0) {
168: SNDMSG("-l option not supported\n");
169: errno = EACCES; errstr = "-l attempted";
170: return -1;
171: }
172:
173: /*
174: * don't trust user name if call didn't come from root
175: */
176: if(strcmp(rp->i->user, "root")!=0)
177: u = rp->i->user;
178: write(rp->i->cfd, "", 1);
179:
180: /* authenticate */
181: if(ap->arg && *ap->arg!=0)
182: u=ap->arg;
183: else
184: u=mapuser(rp->s->name, rp->i->machine, u);
185: if (u!=NULL
186: && (pw = pwsearch(u, -1, line)) != NULL
187: && pw->pw_uid != 0)
188: rp->line = strdup(line);
189: else
190: SNDMSG("cannot authenticate caller (.rhosts unsupported)\r\n");
191: return 0;
192: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.