lpd.c revision 1.16
1 /* $NetBSD: lpd.c,v 1.16 1998/07/06 07:03:28 mrg Exp $ */ 2 3 /* 4 * Copyright (c) 1983, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 39 #ifndef lint 40 __COPYRIGHT("@(#) Copyright (c) 1983, 1993, 1994\n\ 41 The Regents of the University of California. All rights reserved.\n"); 42 #endif /* not lint */ 43 44 #ifndef lint 45 #if 0 46 static char sccsid[] = "@(#)lpd.c 8.7 (Berkeley) 5/10/95"; 47 #else 48 __RCSID("$NetBSD: lpd.c,v 1.16 1998/07/06 07:03:28 mrg Exp $"); 49 #endif 50 #endif /* not lint */ 51 52 /* 53 * lpd -- line printer daemon. 54 * 55 * Listen for a connection and perform the requested operation. 56 * Operations are: 57 * \1printer\n 58 * check the queue for jobs and print any found. 59 * \2printer\n 60 * receive a job from another machine and queue it. 61 * \3printer [users ...] [jobs ...]\n 62 * return the current state of the queue (short form). 63 * \4printer [users ...] [jobs ...]\n 64 * return the current state of the queue (long form). 65 * \5printer person [users ...] [jobs ...]\n 66 * remove jobs from the queue. 67 * 68 * Strategy to maintain protected spooling area: 69 * 1. Spooling area is writable only by daemon and spooling group 70 * 2. lpr runs setuid root and setgrp spooling group; it uses 71 * root to access any file it wants (verifying things before 72 * with an access call) and group id to know how it should 73 * set up ownership of files in the spooling area. 74 * 3. Files in spooling area are owned by root, group spooling 75 * group, with mode 660. 76 * 4. lpd, lpq and lprm run setuid daemon and setgrp spooling group to 77 * access files and printer. Users can't get to anything 78 * w/o help of lpq and lprm programs. 79 */ 80 81 #include <sys/param.h> 82 #include <sys/wait.h> 83 #include <sys/types.h> 84 #include <sys/socket.h> 85 #include <sys/un.h> 86 #include <sys/stat.h> 87 #include <sys/file.h> 88 #include <netinet/in.h> 89 90 #include <netdb.h> 91 #include <unistd.h> 92 #include <syslog.h> 93 #include <signal.h> 94 #include <errno.h> 95 #include <fcntl.h> 96 #include <dirent.h> 97 #include <stdio.h> 98 #include <stdlib.h> 99 #include <string.h> 100 #include <ctype.h> 101 #include <arpa/inet.h> 102 103 #include "lp.h" 104 #include "lp.local.h" 105 #include "pathnames.h" 106 #include "extern.h" 107 108 int lflag; /* log requests flag */ 109 int sflag; /* secure (no inet) flag */ 110 int from_remote; /* from remote socket */ 111 112 int main __P((int, char **)); 113 static void reapchild __P((int)); 114 static void mcleanup __P((int)); 115 static void doit __P((void)); 116 static void startup __P((void)); 117 static void chkhost __P((struct sockaddr_in *)); 118 static int ckqueue __P((char *)); 119 static void usage __P((void)); 120 121 uid_t uid, euid; 122 123 int 124 main(argc, argv) 125 int argc; 126 char **argv; 127 { 128 int f, funix, finet, options, fromlen; 129 fd_set defreadfds; 130 struct sockaddr_un un, fromunix; 131 struct sockaddr_in sin, frominet; 132 int omask, lfd, errs, i; 133 134 euid = geteuid(); /* these shouldn't be different */ 135 uid = getuid(); 136 options = 0; 137 gethostname(host, sizeof(host)); 138 host[sizeof(host) - 1] = '\0'; 139 name = argv[0]; 140 141 errs = 0; 142 while ((i = getopt(argc, argv, "dls")) != -1) 143 switch (i) { 144 case 'd': 145 options |= SO_DEBUG; 146 break; 147 case 'l': 148 lflag++; 149 break; 150 case 's': 151 sflag++; 152 break; 153 default: 154 errs++; 155 } 156 argc -= optind; 157 argv += optind; 158 if (errs || argc != 0) 159 usage(); 160 161 #ifndef DEBUG 162 /* 163 * Set up standard environment by detaching from the parent. 164 */ 165 daemon(0, 0); 166 #endif 167 168 openlog("lpd", LOG_PID, LOG_LPR); 169 syslog(LOG_INFO, "restarted"); 170 (void)umask(0); 171 lfd = open(_PATH_MASTERLOCK, O_WRONLY|O_CREAT, 0644); 172 if (lfd < 0) { 173 syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK); 174 exit(1); 175 } 176 if (flock(lfd, LOCK_EX|LOCK_NB) < 0) { 177 if (errno == EWOULDBLOCK) /* active deamon present */ 178 exit(0); 179 syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK); 180 exit(1); 181 } 182 ftruncate(lfd, 0); 183 /* 184 * write process id for others to know 185 */ 186 (void)snprintf(line, sizeof(line), "%u\n", getpid()); 187 f = strlen(line); 188 if (write(lfd, line, f) != f) { 189 syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK); 190 exit(1); 191 } 192 signal(SIGCHLD, reapchild); 193 /* 194 * Restart all the printers. 195 */ 196 startup(); 197 (void)unlink(_PATH_SOCKETNAME); 198 funix = socket(AF_UNIX, SOCK_STREAM, 0); 199 if (funix < 0) { 200 syslog(LOG_ERR, "socket: %m"); 201 exit(1); 202 } 203 #define mask(s) (1 << ((s) - 1)) 204 omask = sigblock(mask(SIGHUP)|mask(SIGINT)|mask(SIGQUIT)|mask(SIGTERM)); 205 signal(SIGHUP, mcleanup); 206 signal(SIGINT, mcleanup); 207 signal(SIGQUIT, mcleanup); 208 signal(SIGTERM, mcleanup); 209 memset(&un, 0, sizeof(un)); 210 un.sun_family = AF_UNIX; 211 strncpy(un.sun_path, _PATH_SOCKETNAME, sizeof(un.sun_path) - 1); 212 #ifndef SUN_LEN 213 #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2) 214 #endif 215 if (bind(funix, (struct sockaddr *)&un, SUN_LEN(&un)) < 0) { 216 syslog(LOG_ERR, "ubind: %m"); 217 exit(1); 218 } 219 sigsetmask(omask); 220 FD_ZERO(&defreadfds); 221 FD_SET(funix, &defreadfds); 222 listen(funix, 5); 223 if (!sflag) 224 finet = socket(AF_INET, SOCK_STREAM, 0); 225 else 226 finet = -1; /* pretend we couldn't open TCP socket. */ 227 if (finet >= 0) { 228 struct servent *sp; 229 230 if (options & SO_DEBUG) 231 if (setsockopt(finet, SOL_SOCKET, SO_DEBUG, 0, 0) < 0) { 232 syslog(LOG_ERR, "setsockopt (SO_DEBUG): %m"); 233 mcleanup(0); 234 } 235 sp = getservbyname("printer", "tcp"); 236 if (sp == NULL) { 237 syslog(LOG_ERR, "printer/tcp: unknown service"); 238 mcleanup(0); 239 } 240 memset(&sin, 0, sizeof(sin)); 241 sin.sin_family = AF_INET; 242 sin.sin_port = sp->s_port; 243 if (bind(finet, (struct sockaddr *)&sin, sizeof(sin)) < 0) { 244 syslog(LOG_ERR, "bind: %m"); 245 mcleanup(0); 246 } 247 FD_SET(finet, &defreadfds); 248 listen(finet, 5); 249 } 250 /* 251 * Main loop: accept, do a request, continue. 252 */ 253 memset(&frominet, 0, sizeof(frominet)); 254 memset(&fromunix, 0, sizeof(fromunix)); 255 for (;;) { 256 int domain, nfds, s; 257 fd_set readfds; 258 259 FD_COPY(&defreadfds, &readfds); 260 nfds = select(20, &readfds, 0, 0, 0); 261 if (nfds <= 0) { 262 if (nfds < 0 && errno != EINTR) 263 syslog(LOG_WARNING, "select: %m"); 264 continue; 265 } 266 if (FD_ISSET(funix, &readfds)) { 267 domain = AF_UNIX, fromlen = sizeof(fromunix); 268 s = accept(funix, 269 (struct sockaddr *)&fromunix, &fromlen); 270 } else /* if (FD_ISSET(finet, &readfds)) */ { 271 domain = AF_INET, fromlen = sizeof(frominet); 272 s = accept(finet, 273 (struct sockaddr *)&frominet, &fromlen); 274 } 275 if (s < 0) { 276 if (errno != EINTR) 277 syslog(LOG_WARNING, "accept: %m"); 278 continue; 279 } 280 if (fork() == 0) { 281 signal(SIGCHLD, SIG_IGN); 282 signal(SIGHUP, SIG_IGN); 283 signal(SIGINT, SIG_IGN); 284 signal(SIGQUIT, SIG_IGN); 285 signal(SIGTERM, SIG_IGN); 286 (void)close(funix); 287 if (!sflag) 288 (void)close(finet); 289 dup2(s, 1); 290 (void)close(s); 291 if (domain == AF_INET) { 292 from_remote = 1; 293 chkhost(&frominet); 294 } else 295 from_remote = 0; 296 doit(); 297 exit(0); 298 } 299 (void)close(s); 300 } 301 } 302 303 static void 304 reapchild(signo) 305 int signo; 306 { 307 union wait status; 308 309 while (wait3((int *)&status, WNOHANG, 0) > 0) 310 ; 311 } 312 313 static void 314 mcleanup(signo) 315 int signo; 316 { 317 if (lflag) 318 syslog(LOG_INFO, "exiting"); 319 unlink(_PATH_SOCKETNAME); 320 exit(0); 321 } 322 323 /* 324 * Stuff for handling job specifications 325 */ 326 char *user[MAXUSERS]; /* users to process */ 327 int users; /* # of users in user array */ 328 int requ[MAXREQUESTS]; /* job number of spool entries */ 329 int requests; /* # of spool requests */ 330 char *person; /* name of person doing lprm */ 331 332 char fromb[MAXHOSTNAMELEN]; /* buffer for client's machine name */ 333 char cbuf[BUFSIZ]; /* command line buffer */ 334 char *cmdnames[] = { 335 "null", 336 "printjob", 337 "recvjob", 338 "displayq short", 339 "displayq long", 340 "rmjob" 341 }; 342 343 static void 344 doit() 345 { 346 char *cp; 347 int n; 348 349 for (;;) { 350 cp = cbuf; 351 do { 352 if (cp >= &cbuf[sizeof(cbuf) - 1]) 353 fatal("Command line too long"); 354 if ((n = read(1, cp, 1)) != 1) { 355 if (n < 0) 356 fatal("Lost connection"); 357 return; 358 } 359 } while (*cp++ != '\n'); 360 *--cp = '\0'; 361 cp = cbuf; 362 if (lflag) { 363 if (*cp >= '\1' && *cp <= '\5') 364 syslog(LOG_INFO, "%s requests %s %s", 365 from, cmdnames[(int)*cp], cp+1); 366 else 367 syslog(LOG_INFO, "bad request (%d) from %s", 368 *cp, from); 369 } 370 switch (*cp++) { 371 case '\1': /* check the queue and print any jobs there */ 372 printer = cp; 373 printjob(); 374 break; 375 case '\2': /* receive files to be queued */ 376 if (!from_remote) { 377 syslog(LOG_INFO, "illegal request (%d)", *cp); 378 exit(1); 379 } 380 printer = cp; 381 recvjob(); 382 break; 383 case '\3': /* display the queue (short form) */ 384 case '\4': /* display the queue (long form) */ 385 printer = cp; 386 while (*cp) { 387 if (*cp != ' ') { 388 cp++; 389 continue; 390 } 391 *cp++ = '\0'; 392 while (isspace(*cp)) 393 cp++; 394 if (*cp == '\0') 395 break; 396 if (isdigit(*cp)) { 397 if (requests >= MAXREQUESTS) 398 fatal("Too many requests"); 399 requ[requests++] = atoi(cp); 400 } else { 401 if (users >= MAXUSERS) 402 fatal("Too many users"); 403 user[users++] = cp; 404 } 405 } 406 displayq(cbuf[0] - '\3'); 407 exit(0); 408 case '\5': /* remove a job from the queue */ 409 if (!from_remote) { 410 syslog(LOG_INFO, "illegal request (%d)", *cp); 411 exit(1); 412 } 413 printer = cp; 414 while (*cp && *cp != ' ') 415 cp++; 416 if (!*cp) 417 break; 418 *cp++ = '\0'; 419 person = cp; 420 while (*cp) { 421 if (*cp != ' ') { 422 cp++; 423 continue; 424 } 425 *cp++ = '\0'; 426 while (isspace(*cp)) 427 cp++; 428 if (*cp == '\0') 429 break; 430 if (isdigit(*cp)) { 431 if (requests >= MAXREQUESTS) 432 fatal("Too many requests"); 433 requ[requests++] = atoi(cp); 434 } else { 435 if (users >= MAXUSERS) 436 fatal("Too many users"); 437 user[users++] = cp; 438 } 439 } 440 rmjob(); 441 break; 442 } 443 fatal("Illegal service request"); 444 } 445 } 446 447 /* 448 * Make a pass through the printcap database and start printing any 449 * files left from the last time the machine went down. 450 */ 451 static void 452 startup() 453 { 454 char *buf; 455 char *cp; 456 int pid; 457 458 /* 459 * Restart the daemons. 460 */ 461 while (cgetnext(&buf, printcapdb) > 0) { 462 if (ckqueue(buf) <= 0) { 463 free(buf); 464 continue; /* no work to do for this printer */ 465 } 466 for (cp = buf; *cp; cp++) 467 if (*cp == '|' || *cp == ':') { 468 *cp = '\0'; 469 break; 470 } 471 if (lflag) 472 syslog(LOG_INFO, "work for %s", buf); 473 if ((pid = fork()) < 0) { 474 syslog(LOG_WARNING, "startup: cannot fork"); 475 mcleanup(0); 476 } 477 if (!pid) { 478 printer = buf; 479 cgetclose(); 480 printjob(); 481 /* NOTREACHED */ 482 } 483 else free(buf); 484 } 485 } 486 487 /* 488 * Make sure there's some work to do before forking off a child 489 */ 490 static int 491 ckqueue(cap) 492 char *cap; 493 { 494 struct dirent *d; 495 DIR *dirp; 496 char *spooldir; 497 498 if (cgetstr(cap, "sd", &spooldir) == -1) 499 spooldir = _PATH_DEFSPOOL; 500 if ((dirp = opendir(spooldir)) == NULL) 501 return (-1); 502 while ((d = readdir(dirp)) != NULL) { 503 if (d->d_name[0] != 'c' || d->d_name[1] != 'f') 504 continue; /* daemon control files only */ 505 closedir(dirp); 506 return (1); /* found something */ 507 } 508 closedir(dirp); 509 return (0); 510 } 511 512 #define DUMMY ":nobody::" 513 514 /* 515 * Check to see if the from host has access to the line printer. 516 */ 517 static void 518 chkhost(f) 519 struct sockaddr_in *f; 520 { 521 struct hostent *hp; 522 FILE *hostf; 523 int first = 1, good = 0; 524 525 f->sin_port = ntohs(f->sin_port); 526 if (f->sin_family != AF_INET || f->sin_port >= IPPORT_RESERVED) 527 fatal("Malformed from address"); 528 529 /* Need real hostname for temporary filenames */ 530 hp = gethostbyaddr((char *)&f->sin_addr, 531 sizeof(struct in_addr), f->sin_family); 532 if (hp == NULL) 533 fatal("Host name for your address (%s) unknown", 534 inet_ntoa(f->sin_addr)); 535 536 (void)strncpy(fromb, hp->h_name, sizeof(fromb) - 1); 537 from[sizeof(fromb) - 1] = '\0'; 538 from = fromb; 539 540 /* Check for spoof, ala rlogind */ 541 hp = gethostbyname(fromb); 542 if (!hp) 543 fatal("hostname for your address (%s) unknown", 544 inet_ntoa(f->sin_addr)); 545 for (; good == 0 && hp->h_addr_list[0] != NULL; hp->h_addr_list++) { 546 if (!memcmp(hp->h_addr_list[0], (caddr_t)&f->sin_addr, 547 sizeof(f->sin_addr))) 548 good = 1; 549 } 550 if (good == 0) 551 fatal("address for your hostname (%s) not matched", 552 inet_ntoa(f->sin_addr)); 553 hostf = fopen(_PATH_HOSTSEQUIV, "r"); 554 again: 555 if (hostf) { 556 if (__ivaliduser(hostf, f->sin_addr.s_addr, 557 DUMMY, DUMMY) == 0) { 558 (void)fclose(hostf); 559 return; 560 } 561 (void)fclose(hostf); 562 } 563 if (first == 1) { 564 first = 0; 565 hostf = fopen(_PATH_HOSTSLPD, "r"); 566 goto again; 567 } 568 fatal("Your host does not have line printer access"); 569 /*NOTREACHED*/ 570 } 571 572 static void 573 usage() 574 { 575 extern char *__progname; /* XXX */ 576 577 fprintf(stderr, "usage: %s [-d] [-l]\n", __progname); 578 exit(1); 579 } 580
Indexes created Mon Sep 29 13:09:55 GMT 2025