Commit | Line | Data |
---|---|---|
7c0b4877 WJ |
1 | /*- |
2 | * Copyright (c) 1990 The Regents of the University of California. | |
3 | * All rights reserved. | |
4 | * | |
5 | * Redistribution and use in source and binary forms, with or without | |
6 | * modification, are permitted provided that the following conditions | |
7 | * are met: | |
8 | * 1. Redistributions of source code must retain the above copyright | |
9 | * notice, this list of conditions and the following disclaimer. | |
10 | * 2. Redistributions in binary form must reproduce the above copyright | |
11 | * notice, this list of conditions and the following disclaimer in the | |
12 | * documentation and/or other materials provided with the distribution. | |
13 | * 3. All advertising materials mentioning features or use of this software | |
14 | * must display the following acknowledgement: | |
15 | * This product includes software developed by the University of | |
16 | * California, Berkeley and its contributors. | |
17 | * 4. Neither the name of the University nor the names of its contributors | |
18 | * may be used to endorse or promote products derived from this software | |
19 | * without specific prior written permission. | |
20 | * | |
21 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | |
22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
31 | * SUCH DAMAGE. | |
32 | */ | |
33 | ||
34 | #ifndef lint | |
35 | char copyright[] = | |
36 | "@(#) Copyright (c) 1990 The Regents of the University of California.\n\ | |
37 | All rights reserved.\n"; | |
38 | #endif /* not lint */ | |
39 | ||
40 | #ifndef lint | |
41 | static char sccsid[] = "@(#)sliplogin.c 5.6 (Berkeley) 3/2/91"; | |
42 | #endif /* not lint */ | |
43 | ||
44 | /* | |
45 | * sliplogin.c | |
46 | * [MUST BE RUN SUID, SLOPEN DOES A SUSER()!] | |
47 | * | |
48 | * This program initializes its own tty port to be an async TCP/IP interface. | |
49 | * It sets the line discipline to slip, invokes a shell script to initialize | |
50 | * the network interface, then pauses forever waiting for hangup. | |
51 | * | |
52 | * It is a remote descendant of several similar programs with incestuous ties: | |
53 | * - Kirk Smith's slipconf, modified by Richard Johnsson @ DEC WRL. | |
54 | * - slattach, probably by Rick Adams but touched by countless hordes. | |
55 | * - the original sliplogin for 4.2bsd, Doug Kingston the mover behind it. | |
56 | * | |
57 | * There are two forms of usage: | |
58 | * | |
59 | * "sliplogin" | |
60 | * Invoked simply as "sliplogin", the program looks up the username | |
61 | * in the file /etc/slip.hosts. | |
62 | * If an entry is found, the line on fd0 is configured for SLIP operation | |
63 | * as specified in the file. | |
64 | * | |
65 | * "sliplogin IPhostlogin </dev/ttyb" | |
66 | * Invoked by root with a username, the name is looked up in the | |
67 | * /etc/slip.hosts file and if found fd0 is configured as in case 1. | |
68 | */ | |
69 | ||
70 | #include <sys/param.h> | |
71 | #include <sys/socket.h> | |
72 | #include <sys/signal.h> | |
73 | #include <sys/file.h> | |
74 | #include <sys/syslog.h> | |
75 | #include <netdb.h> | |
76 | ||
77 | #if BSD >= 199006 | |
78 | #define POSIX | |
79 | #endif | |
80 | #ifdef POSIX | |
81 | #include <sys/termios.h> | |
82 | #include <sys/ioctl.h> | |
83 | #include <ttyent.h> | |
84 | #else | |
85 | #include <sgtty.h> | |
86 | #endif | |
87 | #include <netinet/in.h> | |
88 | #include <net/if.h> | |
89 | #include <net/if_slvar.h> | |
90 | ||
91 | #include <stdio.h> | |
92 | #include <errno.h> | |
93 | #include <ctype.h> | |
94 | #include <string.h> | |
95 | #include "pathnames.h" | |
96 | ||
97 | int unit; | |
98 | int slip_mode; | |
99 | int speed; | |
100 | int uid; | |
101 | char loginargs[BUFSIZ]; | |
102 | char loginfile[MAXPATHLEN]; | |
103 | char loginname[BUFSIZ]; | |
104 | ||
105 | struct slip_modes { | |
106 | char *sm_name; | |
107 | int sm_value; | |
108 | } modes[] = { | |
109 | "normal", 0, | |
110 | "compress", SC_COMPRESS, | |
111 | "noicmp", SC_NOICMP, | |
112 | "autocomp", SC_AUTOCOMP | |
113 | }; | |
114 | ||
115 | void | |
116 | findid(name) | |
117 | char *name; | |
118 | { | |
119 | FILE *fp; | |
120 | static char slopt[5][16]; | |
121 | static char laddr[16]; | |
122 | static char raddr[16]; | |
123 | static char mask[16]; | |
124 | char user[16]; | |
125 | int i, j, n; | |
126 | ||
127 | (void)strcpy(loginname, name); | |
128 | if ((fp = fopen(_PATH_ACCESS, "r")) == NULL) { | |
129 | (void)fprintf(stderr, "sliplogin: %s: %s\n", | |
130 | _PATH_ACCESS, strerror(errno)); | |
131 | syslog(LOG_ERR, "%s: %m\n", _PATH_ACCESS); | |
132 | exit(1); | |
133 | } | |
134 | while (fgets(loginargs, sizeof(loginargs) - 1, fp)) { | |
135 | if (ferror(fp)) | |
136 | break; | |
137 | n = sscanf(loginargs, "%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s\n", | |
138 | user, laddr, raddr, mask, slopt[0], slopt[1], | |
139 | slopt[2], slopt[3], slopt[4]); | |
140 | if (user[0] == '#' || isspace(user[0])) | |
141 | continue; | |
142 | if (strcmp(user, name) != 0) | |
143 | continue; | |
144 | ||
145 | slip_mode = 0; | |
146 | for (i = 0; i < n - 4; i++) { | |
147 | for (j = 0; j < sizeof(modes)/sizeof(struct slip_modes); | |
148 | j++) { | |
149 | if (strcmp(modes[j].sm_name, slopt[i]) == 0) { | |
150 | slip_mode |= modes[j].sm_value; | |
151 | break; | |
152 | } | |
153 | } | |
154 | } | |
155 | ||
156 | /* | |
157 | * we've found the guy we're looking for -- see if | |
158 | * there's a login file we can use. First check for | |
159 | * one specific to this host. If none found, try for | |
160 | * a generic one. | |
161 | */ | |
162 | (void)sprintf(loginfile, "%s.%s", _PATH_LOGIN, name); | |
163 | if (access(loginfile, R_OK|X_OK) != 0) { | |
164 | (void)strcpy(loginfile, _PATH_LOGIN); | |
165 | if (access(loginfile, R_OK|X_OK)) { | |
166 | fputs("access denied - no login file\n", | |
167 | stderr); | |
168 | syslog(LOG_ERR, | |
169 | "access denied for %s - no %s\n", | |
170 | name, _PATH_LOGIN); | |
171 | exit(5); | |
172 | } | |
173 | } | |
174 | ||
175 | (void) fclose(fp); | |
176 | return; | |
177 | } | |
178 | (void)fprintf(stderr, "SLIP access denied for %s\n", name); | |
179 | syslog(LOG_ERR, "SLIP access denied for %s\n", name); | |
180 | exit(4); | |
181 | /* NOTREACHED */ | |
182 | } | |
183 | ||
184 | char * | |
185 | sigstr(s) | |
186 | int s; | |
187 | { | |
188 | static char buf[32]; | |
189 | ||
190 | switch (s) { | |
191 | case SIGHUP: return("HUP"); | |
192 | case SIGINT: return("INT"); | |
193 | case SIGQUIT: return("QUIT"); | |
194 | case SIGILL: return("ILL"); | |
195 | case SIGTRAP: return("TRAP"); | |
196 | case SIGIOT: return("IOT"); | |
197 | case SIGEMT: return("EMT"); | |
198 | case SIGFPE: return("FPE"); | |
199 | case SIGKILL: return("KILL"); | |
200 | case SIGBUS: return("BUS"); | |
201 | case SIGSEGV: return("SEGV"); | |
202 | case SIGSYS: return("SYS"); | |
203 | case SIGPIPE: return("PIPE"); | |
204 | case SIGALRM: return("ALRM"); | |
205 | case SIGTERM: return("TERM"); | |
206 | case SIGURG: return("URG"); | |
207 | case SIGSTOP: return("STOP"); | |
208 | case SIGTSTP: return("TSTP"); | |
209 | case SIGCONT: return("CONT"); | |
210 | case SIGCHLD: return("CHLD"); | |
211 | case SIGTTIN: return("TTIN"); | |
212 | case SIGTTOU: return("TTOU"); | |
213 | case SIGIO: return("IO"); | |
214 | case SIGXCPU: return("XCPU"); | |
215 | case SIGXFSZ: return("XFSZ"); | |
216 | case SIGVTALRM: return("VTALRM"); | |
217 | case SIGPROF: return("PROF"); | |
218 | case SIGWINCH: return("WINCH"); | |
219 | #ifdef SIGLOST | |
220 | case SIGLOST: return("LOST"); | |
221 | #endif | |
222 | case SIGUSR1: return("USR1"); | |
223 | case SIGUSR2: return("USR2"); | |
224 | } | |
225 | (void)sprintf(buf, "sig %d", s); | |
226 | return(buf); | |
227 | } | |
228 | ||
229 | void | |
230 | hup_handler(s) | |
231 | int s; | |
232 | { | |
233 | char logoutfile[MAXPATHLEN]; | |
234 | ||
235 | (void)sprintf(logoutfile, "%s.%s", _PATH_LOGOUT, loginname); | |
236 | if (access(logoutfile, R_OK|X_OK) != 0) | |
237 | (void)strcpy(logoutfile, _PATH_LOGOUT); | |
238 | if (access(logoutfile, R_OK|X_OK) == 0) { | |
239 | char logincmd[2*MAXPATHLEN+32]; | |
240 | ||
241 | (void) sprintf(logincmd, "%s %d %d %s", logoutfile, unit, speed, | |
242 | loginargs); | |
243 | (void) system(logincmd); | |
244 | } | |
245 | (void) close(0); | |
246 | syslog(LOG_INFO, "closed %s slip unit %d (%s)\n", loginname, unit, | |
247 | sigstr(s)); | |
248 | exit(1); | |
249 | /* NOTREACHED */ | |
250 | } | |
251 | ||
252 | main(argc, argv) | |
253 | int argc; | |
254 | char *argv[]; | |
255 | { | |
256 | int fd, s, ldisc, odisc; | |
257 | char *name; | |
258 | #ifdef POSIX | |
259 | struct termios tios, otios; | |
260 | #else | |
261 | struct sgttyb tty, otty; | |
262 | #endif | |
263 | char logincmd[2*BUFSIZ+32]; | |
264 | extern uid_t getuid(); | |
265 | ||
266 | if ((name = strrchr(argv[0], '/')) == NULL) | |
267 | name = argv[0]; | |
268 | s = getdtablesize(); | |
269 | for (fd = 3 ; fd < s ; fd++) | |
270 | (void) close(fd); | |
271 | openlog(name, LOG_PID, LOG_DAEMON); | |
272 | uid = getuid(); | |
273 | if (argc > 1) { | |
274 | findid(argv[1]); | |
275 | ||
276 | /* | |
277 | * Disassociate from current controlling terminal, if any, | |
278 | * and ensure that the slip line is our controlling terminal. | |
279 | */ | |
280 | #ifdef POSIX | |
281 | if (fork() > 0) | |
282 | exit(0); | |
283 | if (setsid() != 0) | |
284 | perror("setsid"); | |
285 | #else | |
286 | if ((fd = open("/dev/tty", O_RDONLY, 0)) >= 0) { | |
287 | extern char *ttyname(); | |
288 | ||
289 | (void) ioctl(fd, TIOCNOTTY, (caddr_t)0); | |
290 | (void) close(fd); | |
291 | /* open slip tty again to acquire as controlling tty? */ | |
292 | fd = open(ttyname(0), O_RDWR, 0); | |
293 | if (fd >= 0) | |
294 | (void) close(fd); | |
295 | } | |
296 | (void) setpgrp(0, getpid()); | |
297 | #endif | |
298 | if (argc > 2) { | |
299 | if ((fd = open(argv[2], O_RDWR)) == -1) { | |
300 | perror(argv[2]); | |
301 | exit(2); | |
302 | } | |
303 | (void) dup2(fd, 0); | |
304 | if (fd > 2) | |
305 | close(fd); | |
306 | } | |
307 | #ifdef TIOCSCTTY | |
308 | if (ioctl(0, TIOCSCTTY, (caddr_t)0) != 0) | |
309 | perror("ioctl (TIOCSCTTY)"); | |
310 | #endif | |
311 | } else { | |
312 | extern char *getlogin(); | |
313 | ||
314 | if ((name = getlogin()) == NULL) { | |
315 | (void) fprintf(stderr, "access denied - no username\n"); | |
316 | syslog(LOG_ERR, "access denied - getlogin returned 0\n"); | |
317 | exit(1); | |
318 | } | |
319 | findid(name); | |
320 | } | |
321 | (void) fchmod(0, 0600); | |
322 | (void) fprintf(stderr, "starting slip login for %s\n", loginname); | |
323 | #ifdef POSIX | |
324 | /* set up the line parameters */ | |
325 | if (tcgetattr(0, &tios) < 0) { | |
326 | syslog(LOG_ERR, "tcgetattr: %m"); | |
327 | exit(1); | |
328 | } | |
329 | otios = tios; | |
330 | cfmakeraw(&tios); | |
331 | tios.c_iflag &= ~IMAXBEL; | |
332 | if (tcsetattr(0, TCSAFLUSH, &tios) < 0) { | |
333 | syslog(LOG_ERR, "tcsetattr: %m"); | |
334 | exit(1); | |
335 | } | |
336 | speed = cfgetispeed(&tios); | |
337 | #else | |
338 | /* set up the line parameters */ | |
339 | if (ioctl(0, TIOCGETP, (caddr_t)&tty) < 0) { | |
340 | syslog(LOG_ERR, "ioctl (TIOCGETP): %m"); | |
341 | exit(1); | |
342 | } | |
343 | otty = tty; | |
344 | speed = tty.sg_ispeed; | |
345 | tty.sg_flags = RAW | ANYP; | |
346 | if (ioctl(0, TIOCSETP, (caddr_t)&tty) < 0) { | |
347 | syslog(LOG_ERR, "ioctl (TIOCSETP): %m"); | |
348 | exit(1); | |
349 | } | |
350 | #endif | |
351 | /* find out what ldisc we started with */ | |
352 | if (ioctl(0, TIOCGETD, (caddr_t)&odisc) < 0) { | |
353 | syslog(LOG_ERR, "ioctl(TIOCGETD) (1): %m"); | |
354 | exit(1); | |
355 | } | |
356 | ldisc = SLIPDISC; | |
357 | if (ioctl(0, TIOCSETD, (caddr_t)&ldisc) < 0) { | |
358 | syslog(LOG_ERR, "ioctl(TIOCSETD): %m"); | |
359 | exit(1); | |
360 | } | |
361 | /* find out what unit number we were assigned */ | |
362 | if (ioctl(0, SLIOCGUNIT, (caddr_t)&unit) < 0) { | |
363 | syslog(LOG_ERR, "ioctl (SLIOCGUNIT): %m"); | |
364 | exit(1); | |
365 | } | |
366 | (void) signal(SIGHUP, hup_handler); | |
367 | (void) signal(SIGTERM, hup_handler); | |
368 | ||
369 | syslog(LOG_INFO, "attaching slip unit %d for %s\n", unit, loginname); | |
370 | (void)sprintf(logincmd, "%s %d %d %s", loginfile, unit, speed, | |
371 | loginargs); | |
372 | /* | |
373 | * aim stdout and errout at /dev/null so logincmd output won't | |
374 | * babble into the slip tty line. | |
375 | */ | |
376 | (void) close(1); | |
377 | if ((fd = open(_PATH_DEVNULL, O_WRONLY)) != 1) { | |
378 | if (fd < 0) { | |
379 | syslog(LOG_ERR, "open /dev/null: %m"); | |
380 | exit(1); | |
381 | } | |
382 | (void) dup2(fd, 1); | |
383 | (void) close(fd); | |
384 | } | |
385 | (void) dup2(1, 2); | |
386 | ||
387 | /* | |
388 | * Run login and logout scripts as root (real and effective); | |
389 | * current route(8) is setuid root, and checks the real uid | |
390 | * to see whether changes are allowed (or just "route get"). | |
391 | */ | |
392 | (void) setuid(0); | |
393 | if (s = system(logincmd)) { | |
394 | syslog(LOG_ERR, "%s login failed: exit status %d from %s", | |
395 | loginname, s, loginfile); | |
396 | (void) ioctl(0, TIOCSETD, (caddr_t)&odisc); | |
397 | exit(6); | |
398 | } | |
399 | if (ioctl(0, SLIOCSFLAGS, (caddr_t)&slip_mode) < 0) { | |
400 | syslog(LOG_ERR, "ioctl (SLIOCSFLAGS): %m"); | |
401 | exit(1); | |
402 | } | |
403 | ||
404 | /* twiddle thumbs until we get a signal */ | |
405 | while (1) | |
406 | sigpause(0); | |
407 | ||
408 | /* NOTREACHED */ | |
409 | } |