rshd.c revision 1.9
1 /*- 2 * Copyright (c) 1988, 1989, 1992, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifndef lint 35 static char copyright[] = 36 "@(#) Copyright (c) 1988, 1989, 1992, 1993, 1994\n\ 37 The Regents of the University of California. All rights reserved.\n"; 38 #endif /* not lint */ 39 40 #ifndef lint 41 /* from: static char sccsid[] = "@(#)rshd.c 8.2 (Berkeley) 4/6/94"; */ 42 static char *rcsid = "$Id: rshd.c,v 1.9 1995/01/20 18:48:50 christos Exp $"; 43 #endif /* not lint */ 44 45 /* 46 * remote shell server: 47 * [port]\0 48 * remuser\0 49 * locuser\0 50 * command\0 51 * data 52 */ 53 #include <sys/param.h> 54 #include <sys/ioctl.h> 55 #include <sys/time.h> 56 #include <sys/socket.h> 57 58 #include <netinet/in.h> 59 #include <arpa/inet.h> 60 #include <netdb.h> 61 62 #include <errno.h> 63 #include <fcntl.h> 64 #include <paths.h> 65 #include <pwd.h> 66 #include <signal.h> 67 #include <stdio.h> 68 #include <stdlib.h> 69 #include <string.h> 70 #include <syslog.h> 71 #include <unistd.h> 72 73 int keepalive = 1; 74 int check_all; 75 int log_success; /* If TRUE, log all successful accesses */ 76 int sent_null; 77 78 void doit __P((struct sockaddr_in *)); 79 void error __P((const char *, ...)); 80 void getstr __P((char *, int, char *)); 81 int local_domain __P((char *)); 82 char *topdomain __P((char *)); 83 void usage __P((void)); 84 85 #define OPTIONS "alnL" 86 87 int 88 main(argc, argv) 89 int argc; 90 char *argv[]; 91 { 92 extern int __check_rhosts_file; 93 struct linger linger; 94 int ch, on = 1, fromlen; 95 struct sockaddr_in from; 96 97 openlog("rshd", LOG_PID | LOG_ODELAY, LOG_DAEMON); 98 99 opterr = 0; 100 while ((ch = getopt(argc, argv, OPTIONS)) != EOF) 101 switch (ch) { 102 case 'a': 103 check_all = 1; 104 break; 105 case 'l': 106 __check_rhosts_file = 0; 107 break; 108 case 'n': 109 keepalive = 0; 110 break; 111 case 'L': 112 log_success = 1; 113 break; 114 case '?': 115 default: 116 usage(); 117 break; 118 } 119 120 argc -= optind; 121 argv += optind; 122 123 124 fromlen = sizeof (from); 125 if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { 126 syslog(LOG_ERR, "getpeername: %m"); 127 _exit(1); 128 } 129 if (keepalive && 130 setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (char *)&on, 131 sizeof(on)) < 0) 132 syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); 133 linger.l_onoff = 1; 134 linger.l_linger = 60; /* XXX */ 135 if (setsockopt(0, SOL_SOCKET, SO_LINGER, (char *)&linger, 136 sizeof (linger)) < 0) 137 syslog(LOG_WARNING, "setsockopt (SO_LINGER): %m"); 138 doit(&from); 139 /* NOTREACHED */ 140 } 141 142 char username[20] = "USER="; 143 char homedir[64] = "HOME="; 144 char shell[64] = "SHELL="; 145 char path[100] = "PATH="; 146 char *envinit[] = 147 {homedir, shell, path, username, 0}; 148 char **environ; 149 150 void 151 doit(fromp) 152 struct sockaddr_in *fromp; 153 { 154 extern char *__rcmd_errstr; /* syslog hook from libc/net/rcmd.c. */ 155 struct hostent *hp; 156 struct passwd *pwd; 157 u_short port; 158 fd_set ready, readfrom; 159 int cc, nfd, pv[2], pid, s; 160 int one = 1; 161 char *hostname, *errorstr, *errorhost; 162 char *cp, sig, buf[BUFSIZ]; 163 char cmdbuf[NCARGS+1], locuser[16], remuser[16]; 164 char remotehost[2 * MAXHOSTNAMELEN + 1]; 165 char hostnamebuf[2 * MAXHOSTNAMELEN + 1]; 166 167 168 (void) signal(SIGINT, SIG_DFL); 169 (void) signal(SIGQUIT, SIG_DFL); 170 (void) signal(SIGTERM, SIG_DFL); 171 #ifdef DEBUG 172 { int t = open(_PATH_TTY, 2); 173 if (t >= 0) { 174 ioctl(t, TIOCNOTTY, (char *)0); 175 (void) close(t); 176 } 177 } 178 #endif 179 fromp->sin_port = ntohs((u_short)fromp->sin_port); 180 if (fromp->sin_family != AF_INET) { 181 syslog(LOG_ERR, "malformed \"from\" address (af %d)\n", 182 fromp->sin_family); 183 exit(1); 184 } 185 #ifdef IP_OPTIONS 186 { 187 u_char optbuf[BUFSIZ/3], *cp; 188 char lbuf[BUFSIZ], *lp; 189 int optsize = sizeof(optbuf), ipproto; 190 struct protoent *ip; 191 192 if ((ip = getprotobyname("ip")) != NULL) 193 ipproto = ip->p_proto; 194 else 195 ipproto = IPPROTO_IP; 196 if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) && 197 optsize != 0) { 198 lp = lbuf; 199 for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3) 200 sprintf(lp, " %2.2x", *cp); 201 syslog(LOG_NOTICE, 202 "Connection received from %s using IP options (ignored):%s", 203 inet_ntoa(fromp->sin_addr), lbuf); 204 if (setsockopt(0, ipproto, IP_OPTIONS, 205 (char *)NULL, optsize) != 0) { 206 syslog(LOG_ERR, "setsockopt IP_OPTIONS NULL: %m"); 207 exit(1); 208 } 209 } 210 } 211 #endif 212 213 if (fromp->sin_port >= IPPORT_RESERVED || 214 fromp->sin_port < IPPORT_RESERVED/2) { 215 syslog(LOG_NOTICE|LOG_AUTH, 216 "Connection from %s on illegal port %u", 217 inet_ntoa(fromp->sin_addr), 218 fromp->sin_port); 219 exit(1); 220 } 221 222 (void) alarm(60); 223 port = 0; 224 for (;;) { 225 char c; 226 if ((cc = read(STDIN_FILENO, &c, 1)) != 1) { 227 if (cc < 0) 228 syslog(LOG_NOTICE, "read: %m"); 229 shutdown(0, 1+1); 230 exit(1); 231 } 232 if (c== 0) 233 break; 234 port = port * 10 + c - '0'; 235 } 236 237 (void) alarm(0); 238 if (port != 0) { 239 int lport = IPPORT_RESERVED - 1; 240 s = rresvport(&lport); 241 if (s < 0) { 242 syslog(LOG_ERR, "can't get stderr port: %m"); 243 exit(1); 244 } 245 if (port >= IPPORT_RESERVED) { 246 syslog(LOG_ERR, "2nd port not reserved\n"); 247 exit(1); 248 } 249 fromp->sin_port = htons(port); 250 if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0) { 251 syslog(LOG_INFO, "connect second port %d: %m", port); 252 exit(1); 253 } 254 } 255 256 257 #ifdef notdef 258 /* from inetd, socket is already on 0, 1, 2 */ 259 dup2(f, 0); 260 dup2(f, 1); 261 dup2(f, 2); 262 #endif 263 errorstr = NULL; 264 hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof (struct in_addr), 265 fromp->sin_family); 266 if (hp) { 267 /* 268 * If name returned by gethostbyaddr is in our domain, 269 * attempt to verify that we haven't been fooled by someone 270 * in a remote net; look up the name and check that this 271 * address corresponds to the name. 272 */ 273 hostname = hp->h_name; 274 if (check_all || local_domain(hp->h_name)) { 275 strncpy(remotehost, hp->h_name, sizeof(remotehost) - 1); 276 remotehost[sizeof(remotehost) - 1] = 0; 277 errorhost = remotehost; 278 hp = gethostbyname(remotehost); 279 if (hp == NULL) { 280 syslog(LOG_INFO, 281 "Couldn't look up address for %s", 282 remotehost); 283 errorstr = 284 "Couldn't look up address for your host (%s)\n"; 285 hostname = inet_ntoa(fromp->sin_addr); 286 } else for (; ; hp->h_addr_list++) { 287 if (hp->h_addr_list[0] == NULL) { 288 syslog(LOG_NOTICE, 289 "Host addr %s not listed for host %s", 290 inet_ntoa(fromp->sin_addr), 291 hp->h_name); 292 errorstr = 293 "Host address mismatch for %s\n"; 294 hostname = inet_ntoa(fromp->sin_addr); 295 break; 296 } 297 if (!bcmp(hp->h_addr_list[0], 298 (caddr_t)&fromp->sin_addr, 299 sizeof(fromp->sin_addr))) { 300 hostname = hp->h_name; 301 break; 302 } 303 } 304 } 305 hostname = strncpy(hostnamebuf, hostname, 306 sizeof(hostnamebuf) - 1); 307 } else 308 errorhost = hostname = strncpy(hostnamebuf, 309 inet_ntoa(fromp->sin_addr), 310 sizeof(hostnamebuf) - 1); 311 312 hostnamebuf[sizeof(hostnamebuf) - 1] = '\0'; 313 314 getstr(remuser, sizeof(remuser), "remuser"); 315 getstr(locuser, sizeof(locuser), "locuser"); 316 getstr(cmdbuf, sizeof(cmdbuf), "command"); 317 setpwent(); 318 pwd = getpwnam(locuser); 319 if (pwd == NULL) { 320 syslog(LOG_INFO|LOG_AUTH, 321 "%s@%s as %s: unknown login. cmd='%.80s'", 322 remuser, hostname, locuser, cmdbuf); 323 if (errorstr == NULL) 324 errorstr = "Login incorrect.\n"; 325 goto fail; 326 } 327 if (chdir(pwd->pw_dir) < 0) { 328 (void) chdir("/"); 329 #ifdef notdef 330 syslog(LOG_INFO|LOG_AUTH, 331 "%s@%s as %s: no home directory. cmd='%.80s'", 332 remuser, hostname, locuser, cmdbuf); 333 error("No remote directory.\n"); 334 exit(1); 335 #endif 336 } 337 338 339 if (errorstr || 340 pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' && 341 iruserok(fromp->sin_addr.s_addr, pwd->pw_uid == 0, 342 remuser, locuser) < 0) { 343 if (__rcmd_errstr) 344 syslog(LOG_INFO|LOG_AUTH, 345 "%s@%s as %s: permission denied (%s). cmd='%.80s'", 346 remuser, hostname, locuser, __rcmd_errstr, 347 cmdbuf); 348 else 349 syslog(LOG_INFO|LOG_AUTH, 350 "%s@%s as %s: permission denied. cmd='%.80s'", 351 remuser, hostname, locuser, cmdbuf); 352 fail: 353 if (errorstr == NULL) 354 errorstr = "Permission denied.\n"; 355 error(errorstr, errorhost); 356 exit(1); 357 } 358 359 if (pwd->pw_uid && !access(_PATH_NOLOGIN, F_OK)) { 360 error("Logins currently disabled.\n"); 361 exit(1); 362 } 363 364 (void) write(STDERR_FILENO, "\0", 1); 365 sent_null = 1; 366 367 if (port) { 368 if (pipe(pv) < 0) { 369 error("Can't make pipe.\n"); 370 exit(1); 371 } 372 pid = fork(); 373 if (pid == -1) { 374 error("Can't fork; try again.\n"); 375 exit(1); 376 } 377 if (pid) { 378 { 379 (void) close(0); 380 (void) close(1); 381 } 382 (void) close(2); 383 (void) close(pv[1]); 384 385 FD_ZERO(&readfrom); 386 FD_SET(s, &readfrom); 387 FD_SET(pv[0], &readfrom); 388 if (pv[0] > s) 389 nfd = pv[0]; 390 else 391 nfd = s; 392 ioctl(pv[0], FIONBIO, (char *)&one); 393 394 /* should set s nbio! */ 395 nfd++; 396 do { 397 ready = readfrom; 398 if (select(nfd, &ready, (fd_set *)0, 399 (fd_set *)0, (struct timeval *)0) < 0) 400 break; 401 if (FD_ISSET(s, &ready)) { 402 int ret; 403 ret = read(s, &sig, 1); 404 if (ret <= 0) 405 FD_CLR(s, &readfrom); 406 else 407 killpg(pid, sig); 408 } 409 if (FD_ISSET(pv[0], &ready)) { 410 errno = 0; 411 cc = read(pv[0], buf, sizeof(buf)); 412 if (cc <= 0) { 413 shutdown(s, 1+1); 414 FD_CLR(pv[0], &readfrom); 415 } else { 416 (void) 417 write(s, buf, cc); 418 } 419 } 420 421 } while (FD_ISSET(s, &readfrom) || 422 FD_ISSET(pv[0], &readfrom)); 423 exit(0); 424 } 425 setpgrp(0, getpid()); 426 (void) close(s); 427 (void) close(pv[0]); 428 dup2(pv[1], 2); 429 close(pv[1]); 430 } 431 if (*pwd->pw_shell == '\0') 432 pwd->pw_shell = _PATH_BSHELL; 433 #if BSD > 43 434 if (setlogin(pwd->pw_name) < 0) 435 syslog(LOG_ERR, "setlogin() failed: %m"); 436 #endif 437 (void) setgid((gid_t)pwd->pw_gid); 438 initgroups(pwd->pw_name, pwd->pw_gid); 439 (void) setuid((uid_t)pwd->pw_uid); 440 environ = envinit; 441 strncat(homedir, pwd->pw_dir, sizeof(homedir)-6); 442 strcat(path, _PATH_DEFPATH); 443 strncat(shell, pwd->pw_shell, sizeof(shell)-7); 444 strncat(username, pwd->pw_name, sizeof(username)-6); 445 cp = strrchr(pwd->pw_shell, '/'); 446 if (cp) 447 cp++; 448 else 449 cp = pwd->pw_shell; 450 endpwent(); 451 if (log_success || pwd->pw_uid == 0) { 452 syslog(LOG_INFO|LOG_AUTH, "%s@%s as %s: cmd='%.80s'", 453 remuser, hostname, locuser, cmdbuf); 454 } 455 execl(pwd->pw_shell, cp, "-c", cmdbuf, 0); 456 perror(pwd->pw_shell); 457 exit(1); 458 } 459 460 /* 461 * Report error to client. Note: can't be used until second socket has 462 * connected to client, or older clients will hang waiting for that 463 * connection first. 464 */ 465 #if __STDC__ 466 #include <stdarg.h> 467 #else 468 #include <varargs.h> 469 #endif 470 471 void 472 #if __STDC__ 473 error(const char *fmt, ...) 474 #else 475 error(fmt, va_alist) 476 char *fmt; 477 va_dcl 478 #endif 479 { 480 va_list ap; 481 int len; 482 char *bp, buf[BUFSIZ]; 483 #if __STDC__ 484 va_start(ap, fmt); 485 #else 486 va_start(ap); 487 #endif 488 bp = buf; 489 if (sent_null == 0) { 490 *bp++ = 1; 491 len = 1; 492 } else 493 len = 0; 494 (void)vsnprintf(bp, sizeof(buf) - 1, fmt, ap); 495 (void)write(STDERR_FILENO, buf, len + strlen(bp)); 496 } 497 498 void 499 getstr(buf, cnt, err) 500 char *buf, *err; 501 int cnt; 502 { 503 char c; 504 505 do { 506 if (read(STDIN_FILENO, &c, 1) != 1) 507 exit(1); 508 *buf++ = c; 509 if (--cnt == 0) { 510 error("%s too long\n", err); 511 exit(1); 512 } 513 } while (c != 0); 514 } 515 516 /* 517 * Check whether host h is in our local domain, 518 * defined as sharing the last two components of the domain part, 519 * or the entire domain part if the local domain has only one component. 520 * If either name is unqualified (contains no '.'), 521 * assume that the host is local, as it will be 522 * interpreted as such. 523 */ 524 int 525 local_domain(h) 526 char *h; 527 { 528 char localhost[MAXHOSTNAMELEN]; 529 char *p1, *p2; 530 531 localhost[0] = 0; 532 (void) gethostname(localhost, sizeof(localhost)); 533 p1 = topdomain(localhost); 534 p2 = topdomain(h); 535 if (p1 == NULL || p2 == NULL || !strcasecmp(p1, p2)) 536 return (1); 537 return (0); 538 } 539 540 char * 541 topdomain(h) 542 char *h; 543 { 544 char *p, *maybe = NULL; 545 int dots = 0; 546 547 for (p = h + strlen(h); p >= h; p--) { 548 if (*p == '.') { 549 if (++dots == 2) 550 return (p); 551 maybe = p; 552 } 553 } 554 return (maybe); 555 } 556 557 void 558 usage() 559 { 560 561 syslog(LOG_ERR, "usage: rshd [-%s]", OPTIONS); 562 exit(2); 563 } 564
Indexes created Wed Sep 24 15:09:51 GMT 2025