rexecd.c revision 1.1
1 1.1 cgd /* 2 1.1 cgd * Copyright (c) 1983 The Regents of the University of California. 3 1.1 cgd * All rights reserved. 4 1.1 cgd * 5 1.1 cgd * Redistribution and use in source and binary forms, with or without 6 1.1 cgd * modification, are permitted provided that the following conditions 7 1.1 cgd * are met: 8 1.1 cgd * 1. Redistributions of source code must retain the above copyright 9 1.1 cgd * notice, this list of conditions and the following disclaimer. 10 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright 11 1.1 cgd * notice, this list of conditions and the following disclaimer in the 12 1.1 cgd * documentation and/or other materials provided with the distribution. 13 1.1 cgd * 3. All advertising materials mentioning features or use of this software 14 1.1 cgd * must display the following acknowledgement: 15 1.1 cgd * This product includes software developed by the University of 16 1.1 cgd * California, Berkeley and its contributors. 17 1.1 cgd * 4. Neither the name of the University nor the names of its contributors 18 1.1 cgd * may be used to endorse or promote products derived from this software 19 1.1 cgd * without specific prior written permission. 20 1.1 cgd * 21 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 1.1 cgd * SUCH DAMAGE. 32 1.1 cgd */ 33 1.1 cgd 34 1.1 cgd #ifndef lint 35 1.1 cgd char copyright[] = 36 1.1 cgd "@(#) Copyright (c) 1983 The Regents of the University of California.\n\ 37 1.1 cgd All rights reserved.\n"; 38 1.1 cgd #endif /* not lint */ 39 1.1 cgd 40 1.1 cgd #ifndef lint 41 1.1 cgd static char sccsid[] = "@(#)rexecd.c 5.12 (Berkeley) 2/25/91"; 42 1.1 cgd #endif /* not lint */ 43 1.1 cgd 44 1.1 cgd #include <sys/param.h> 45 1.1 cgd #include <sys/ioctl.h> 46 1.1 cgd #include <sys/socket.h> 47 1.1 cgd #include <sys/time.h> 48 1.1 cgd #include <netinet/in.h> 49 1.1 cgd #include <signal.h> 50 1.1 cgd #include <netdb.h> 51 1.1 cgd #include <pwd.h> 52 1.1 cgd #include <errno.h> 53 1.1 cgd #include <unistd.h> 54 1.1 cgd #include <stdio.h> 55 1.1 cgd #include <stdlib.h> 56 1.1 cgd #include <string.h> 57 1.1 cgd #include <paths.h> 58 1.1 cgd 59 1.1 cgd /*VARARGS1*/ 60 1.1 cgd int error(); 61 1.1 cgd 62 1.1 cgd /* 63 1.1 cgd * remote execute server: 64 1.1 cgd * username\0 65 1.1 cgd * password\0 66 1.1 cgd * command\0 67 1.1 cgd * data 68 1.1 cgd */ 69 1.1 cgd /*ARGSUSED*/ 70 1.1 cgd main(argc, argv) 71 1.1 cgd int argc; 72 1.1 cgd char **argv; 73 1.1 cgd { 74 1.1 cgd struct sockaddr_in from; 75 1.1 cgd int fromlen; 76 1.1 cgd 77 1.1 cgd fromlen = sizeof (from); 78 1.1 cgd if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { 79 1.1 cgd (void)fprintf(stderr, 80 1.1 cgd "rexecd: getpeername: %s\n", strerror(errno)); 81 1.1 cgd exit(1); 82 1.1 cgd } 83 1.1 cgd doit(0, &from); 84 1.1 cgd } 85 1.1 cgd 86 1.1 cgd char username[20] = "USER="; 87 1.1 cgd char homedir[64] = "HOME="; 88 1.1 cgd char shell[64] = "SHELL="; 89 1.1 cgd char path[sizeof(_PATH_DEFPATH) + sizeof("PATH=")] = "PATH="; 90 1.1 cgd char *envinit[] = 91 1.1 cgd {homedir, shell, path, username, 0}; 92 1.1 cgd char **environ; 93 1.1 cgd 94 1.1 cgd struct sockaddr_in asin = { AF_INET }; 95 1.1 cgd 96 1.1 cgd doit(f, fromp) 97 1.1 cgd int f; 98 1.1 cgd struct sockaddr_in *fromp; 99 1.1 cgd { 100 1.1 cgd char cmdbuf[NCARGS+1], *cp, *namep; 101 1.1 cgd char user[16], pass[16]; 102 1.1 cgd struct passwd *pwd; 103 1.1 cgd int s; 104 1.1 cgd u_short port; 105 1.1 cgd int pv[2], pid, ready, readfrom, cc; 106 1.1 cgd char buf[BUFSIZ], sig; 107 1.1 cgd int one = 1; 108 1.1 cgd 109 1.1 cgd (void) signal(SIGINT, SIG_DFL); 110 1.1 cgd (void) signal(SIGQUIT, SIG_DFL); 111 1.1 cgd (void) signal(SIGTERM, SIG_DFL); 112 1.1 cgd #ifdef DEBUG 113 1.1 cgd { int t = open(_PATH_TTY, 2); 114 1.1 cgd if (t >= 0) { 115 1.1 cgd ioctl(t, TIOCNOTTY, (char *)0); 116 1.1 cgd (void) close(t); 117 1.1 cgd } 118 1.1 cgd } 119 1.1 cgd #endif 120 1.1 cgd dup2(f, 0); 121 1.1 cgd dup2(f, 1); 122 1.1 cgd dup2(f, 2); 123 1.1 cgd (void) alarm(60); 124 1.1 cgd port = 0; 125 1.1 cgd for (;;) { 126 1.1 cgd char c; 127 1.1 cgd if (read(f, &c, 1) != 1) 128 1.1 cgd exit(1); 129 1.1 cgd if (c == 0) 130 1.1 cgd break; 131 1.1 cgd port = port * 10 + c - '0'; 132 1.1 cgd } 133 1.1 cgd (void) alarm(0); 134 1.1 cgd if (port != 0) { 135 1.1 cgd s = socket(AF_INET, SOCK_STREAM, 0); 136 1.1 cgd if (s < 0) 137 1.1 cgd exit(1); 138 1.1 cgd if (bind(s, (struct sockaddr *)&asin, sizeof (asin)) < 0) 139 1.1 cgd exit(1); 140 1.1 cgd (void) alarm(60); 141 1.1 cgd fromp->sin_port = htons(port); 142 1.1 cgd if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0) 143 1.1 cgd exit(1); 144 1.1 cgd (void) alarm(0); 145 1.1 cgd } 146 1.1 cgd getstr(user, sizeof(user), "username"); 147 1.1 cgd getstr(pass, sizeof(pass), "password"); 148 1.1 cgd getstr(cmdbuf, sizeof(cmdbuf), "command"); 149 1.1 cgd setpwent(); 150 1.1 cgd pwd = getpwnam(user); 151 1.1 cgd if (pwd == NULL) { 152 1.1 cgd error("Login incorrect.\n"); 153 1.1 cgd exit(1); 154 1.1 cgd } 155 1.1 cgd endpwent(); 156 1.1 cgd if (*pwd->pw_passwd != '\0') { 157 1.1 cgd namep = crypt(pass, pwd->pw_passwd); 158 1.1 cgd if (strcmp(namep, pwd->pw_passwd)) { 159 1.1 cgd error("Password incorrect.\n"); 160 1.1 cgd exit(1); 161 1.1 cgd } 162 1.1 cgd } 163 1.1 cgd if (chdir(pwd->pw_dir) < 0) { 164 1.1 cgd error("No remote directory.\n"); 165 1.1 cgd exit(1); 166 1.1 cgd } 167 1.1 cgd (void) write(2, "\0", 1); 168 1.1 cgd if (port) { 169 1.1 cgd (void) pipe(pv); 170 1.1 cgd pid = fork(); 171 1.1 cgd if (pid == -1) { 172 1.1 cgd error("Try again.\n"); 173 1.1 cgd exit(1); 174 1.1 cgd } 175 1.1 cgd if (pid) { 176 1.1 cgd (void) close(0); (void) close(1); (void) close(2); 177 1.1 cgd (void) close(f); (void) close(pv[1]); 178 1.1 cgd readfrom = (1<<s) | (1<<pv[0]); 179 1.1 cgd ioctl(pv[1], FIONBIO, (char *)&one); 180 1.1 cgd /* should set s nbio! */ 181 1.1 cgd do { 182 1.1 cgd ready = readfrom; 183 1.1 cgd (void) select(16, (fd_set *)&ready, 184 1.1 cgd (fd_set *)NULL, (fd_set *)NULL, 185 1.1 cgd (struct timeval *)NULL); 186 1.1 cgd if (ready & (1<<s)) { 187 1.1 cgd if (read(s, &sig, 1) <= 0) 188 1.1 cgd readfrom &= ~(1<<s); 189 1.1 cgd else 190 1.1 cgd killpg(pid, sig); 191 1.1 cgd } 192 1.1 cgd if (ready & (1<<pv[0])) { 193 1.1 cgd cc = read(pv[0], buf, sizeof (buf)); 194 1.1 cgd if (cc <= 0) { 195 1.1 cgd shutdown(s, 1+1); 196 1.1 cgd readfrom &= ~(1<<pv[0]); 197 1.1 cgd } else 198 1.1 cgd (void) write(s, buf, cc); 199 1.1 cgd } 200 1.1 cgd } while (readfrom); 201 1.1 cgd exit(0); 202 1.1 cgd } 203 1.1 cgd setpgrp(0, getpid()); 204 1.1 cgd (void) close(s); (void)close(pv[0]); 205 1.1 cgd dup2(pv[1], 2); 206 1.1 cgd } 207 1.1 cgd if (*pwd->pw_shell == '\0') 208 1.1 cgd pwd->pw_shell = _PATH_BSHELL; 209 1.1 cgd if (f > 2) 210 1.1 cgd (void) close(f); 211 1.1 cgd (void) setgid((gid_t)pwd->pw_gid); 212 1.1 cgd initgroups(pwd->pw_name, pwd->pw_gid); 213 1.1 cgd (void) setuid((uid_t)pwd->pw_uid); 214 1.1 cgd (void)strcat(path, _PATH_DEFPATH); 215 1.1 cgd environ = envinit; 216 1.1 cgd strncat(homedir, pwd->pw_dir, sizeof(homedir)-6); 217 1.1 cgd strncat(shell, pwd->pw_shell, sizeof(shell)-7); 218 1.1 cgd strncat(username, pwd->pw_name, sizeof(username)-6); 219 1.1 cgd cp = rindex(pwd->pw_shell, '/'); 220 1.1 cgd if (cp) 221 1.1 cgd cp++; 222 1.1 cgd else 223 1.1 cgd cp = pwd->pw_shell; 224 1.1 cgd execl(pwd->pw_shell, cp, "-c", cmdbuf, 0); 225 1.1 cgd perror(pwd->pw_shell); 226 1.1 cgd exit(1); 227 1.1 cgd } 228 1.1 cgd 229 1.1 cgd /*VARARGS1*/ 230 1.1 cgd error(fmt, a1, a2, a3) 231 1.1 cgd char *fmt; 232 1.1 cgd int a1, a2, a3; 233 1.1 cgd { 234 1.1 cgd char buf[BUFSIZ]; 235 1.1 cgd 236 1.1 cgd buf[0] = 1; 237 1.1 cgd (void) sprintf(buf+1, fmt, a1, a2, a3); 238 1.1 cgd (void) write(2, buf, strlen(buf)); 239 1.1 cgd } 240 1.1 cgd 241 1.1 cgd getstr(buf, cnt, err) 242 1.1 cgd char *buf; 243 1.1 cgd int cnt; 244 1.1 cgd char *err; 245 1.1 cgd { 246 1.1 cgd char c; 247 1.1 cgd 248 1.1 cgd do { 249 1.1 cgd if (read(0, &c, 1) != 1) 250 1.1 cgd exit(1); 251 1.1 cgd *buf++ = c; 252 1.1 cgd if (--cnt == 0) { 253 1.1 cgd error("%s too long\n", err); 254 1.1 cgd exit(1); 255 1.1 cgd } 256 1.1 cgd } while (c != 0); 257 1.1 cgd } 258
Indexes created Sun Sep 21 20:09:37 GMT 2025