[unix-history] / usr / src / usr.bin / rlogin / kcmd.c

/*
 * Copyright (c) 1983 Regents of the University of California.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *	This product includes software developed by the University of
 *	California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#ifndef lint
static char Xsccsid[] = "derived from @(#)rcmd.c 5.17 (Berkeley) 6/27/88";
static char sccsid[] = "@(#)kcmd.c	5.6 (Berkeley) 6/1/90";
#endif /* not lint */

/*
 *	$Source: /mit/kerberos/src/appl/bsd/RCS/kcmd.c,v $
 *	$Header: kcmd.c,v 4.16 89/05/17 10:54:31 jtkohl Exp $
 *
 * static char *rcsid_kcmd_c =
 * "$Header: kcmd.c,v 4.16 89/05/17 10:54:31 jtkohl Exp $";
 */

#include <sys/param.h>
#include <sys/file.h>
#include <sys/signal.h>
#include <sys/socket.h>
#include <sys/stat.h>

#include <netinet/in.h>

#include <netdb.h>
#include <errno.h>
#include <kerberosIV/des.h>
#include <kerberosIV/krb.h>
#include <kerberosIV/kparse.h>
#include <pwd.h>
#include <stdio.h>
#include <ctype.h>

#ifndef MAXHOSTNAMELEN 
#define MAXHOSTNAMELEN 64
#endif

extern	errno;
char	*index(), *malloc(), *krb_realmofhost();

#define	START_PORT	5120	 /* arbitrary */

kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, ticket, service, realm,
      cred, schedule, msg_data, laddr, faddr, authopts)
int *sock;
char **ahost;
u_short rport;
char *locuser, *remuser, *cmd;
int *fd2p;
KTEXT ticket;
char *service;
char *realm;
CREDENTIALS *cred;
Key_schedule schedule;
MSG_DAT *msg_data;
struct sockaddr_in *laddr, *faddr;
long authopts;
{
	int s, timo = 1, pid;
	long oldmask;
	struct sockaddr_in sin, from;
	char c;
#ifdef ATHENA_COMPAT
	int lport = IPPORT_RESERVED - 1;
#else
	int lport = START_PORT;
#endif ATHENA_COMPAT
	struct hostent *hp;
	int rc;
	char *host_save;
	int status;

	pid = getpid();
	hp = gethostbyname(*ahost);
	if (hp == 0) {
		/* fprintf(stderr, "%s: unknown host\n", *ahost); */
		return (-1);
	}

    host_save = malloc(strlen(hp->h_name) + 1);
    strcpy(host_save, hp->h_name);
    *ahost = host_save;

    /* If realm is null, look up from table */
    if ((realm == NULL) || (realm[0] == '\0')) {
	realm = krb_realmofhost(host_save);
    }

	oldmask = sigblock(sigmask(SIGURG));
	for (;;) {
	s = getport(&lport);
		if (s < 0) {
			if (errno == EAGAIN)
				fprintf(stderr,
					"kcmd(socket): All ports in use\n");
			else
				perror("kcmd: socket");
			sigsetmask(oldmask);
			return (-1);
		}
		fcntl(s, F_SETOWN, pid);
		sin.sin_family = hp->h_addrtype;
#if defined(ultrix) || defined(sun)
		bcopy(hp->h_addr, (caddr_t)&sin.sin_addr, hp->h_length);
#else
		bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr, hp->h_length);
#endif /* defined(ultrix) || defined(sun) */
		sin.sin_port = rport;
		if (connect(s, (struct sockaddr *)&sin, sizeof (sin)) >= 0)
			break;
		(void) close(s);
		if (errno == EADDRINUSE) {
			lport--;
			continue;
		}
	/*
	 * don't wait very long for Kerberos rcmd.
	 */
	if (errno == ECONNREFUSED && timo <= 4) {
			/* sleep(timo); don't wait at all here */
			timo *= 2;
			continue;
		}
#if !(defined(ultrix) || defined(sun))
		if (hp->h_addr_list[1] != NULL) {
			int oerrno = errno;

			fprintf(stderr,
			    "kcmd: connect to address %s: ",
			    inet_ntoa(sin.sin_addr));
			errno = oerrno;
			perror(0);
			hp->h_addr_list++;
			bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr,
			    hp->h_length);
			fprintf(stderr, "Trying %s...\n",
				inet_ntoa(sin.sin_addr));
			continue;
		}
#endif /* !(defined(ultrix) || defined(sun)) */
		if (errno != ECONNREFUSED)
			perror(hp->h_name);
		sigsetmask(oldmask);
		return (-1);
	}
	lport--;
	if (fd2p == 0) {
		write(s, "", 1);
		lport = 0;
	} else {
		char num[8];
	int s2 = getport(&lport), s3;
		int len = sizeof (from);

	if (s2 < 0) {
	    status = -1;
			goto bad;
	}
		listen(s2, 1);
		(void) sprintf(num, "%d", lport);
		if (write(s, num, strlen(num)+1) != strlen(num)+1) {
			perror("kcmd(write): setting up stderr");
			(void) close(s2);
	    status = -1;
			goto bad;
		}
		s3 = accept(s2, (struct sockaddr *)&from, &len);
		(void) close(s2);
		if (s3 < 0) {
			perror("kcmd:accept");
			lport = 0;
			status = -1;
			goto bad;
		}
		*fd2p = s3;
		from.sin_port = ntohs((u_short)from.sin_port);
		if (from.sin_family != AF_INET ||
		    from.sin_port >= IPPORT_RESERVED) {
			fprintf(stderr,
			 "kcmd(socket): protocol failure in circuit setup.\n");
			goto bad2;
		}
	}
    /*
     * Kerberos-authenticated service.  Don't have to send locuser,
     * since its already in the ticket, and we'll extract it on
     * the other side.
     */
    /* (void) write(s, locuser, strlen(locuser)+1); */

    /* set up the needed stuff for mutual auth, but only if necessary */
    if (authopts & KOPT_DO_MUTUAL) {
	int sin_len;
	*faddr = sin;

	sin_len = sizeof (struct sockaddr_in);
	if (getsockname(s, (struct sockaddr *)laddr, &sin_len) < 0) {
	    perror("kcmd(getsockname)");
	    status = -1;
	    goto bad2;
	}
    }
    if ((status = krb_sendauth(authopts, s, ticket, service, *ahost,
			       realm, (unsigned long) getpid(), msg_data,
			       cred, schedule,
			       laddr,
			       faddr,
			       "KCMDV0.1")) != KSUCCESS)
	goto bad2;

	(void) write(s, remuser, strlen(remuser)+1);
	(void) write(s, cmd, strlen(cmd)+1);

    if ((rc=read(s, &c, 1)) != 1) {
	if (rc==-1) {
		perror(*ahost);
	} else {
	    fprintf(stderr,"kcmd: bad connection with remote host\n");
	}
	status = -1;
		goto bad2;
	}
	if (c != 0) {
		while (read(s, &c, 1) == 1) {
			(void) write(2, &c, 1);
			if (c == '\n')
				break;
		}
	status = -1;
		goto bad2;
	}
	sigsetmask(oldmask);
    *sock = s;
    return (KSUCCESS);
bad2:
	if (lport)
		(void) close(*fd2p);
bad:
	(void) close(s);
	sigsetmask(oldmask);
    return (status);
}

getport(alport)
	int *alport;
{
	struct sockaddr_in sin;
	int s;

	sin.sin_family = AF_INET;
	sin.sin_addr.s_addr = INADDR_ANY;
	s = socket(AF_INET, SOCK_STREAM, 0);
	if (s < 0)
		return (-1);
	for (;;) {
		sin.sin_port = htons((u_short)*alport);
		if (bind(s, (struct sockaddr *)&sin, sizeof (sin)) >= 0)
			return (s);
		if (errno != EADDRINUSE) {
			(void) close(s);
			return (-1);
		}
		(*alport)--;
#ifdef ATHENA_COMPAT
		if (*alport == IPPORT_RESERVED/2) {
#else
		if (*alport == IPPORT_RESERVED) {
#endif ATHENA_COMPAT
			(void) close(s);
			errno = EAGAIN;		/* close */
			return (-1);
		}
	}
}
Commit	Line	Data
ed878ac6	1	/*
86dc635c KB	2	* Copyright (c) 1983 Regents of the University of California.
	3	* All rights reserved.
	4	*
af359dea C	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	* 2. Redistributions in binary form must reproduce the above copyright
	11	* notice, this list of conditions and the following disclaimer in the
	12	* documentation and/or other materials provided with the distribution.
	13	* 3. All advertising materials mentioning features or use of this software
	14	* must display the following acknowledgement:
	15	* This product includes software developed by the University of
	16	* California, Berkeley and its contributors.
	17	* 4. Neither the name of the University nor the names of its contributors
	18	* may be used to endorse or promote products derived from this software
	19	* without specific prior written permission.
	20	*
	21	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	24	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	31	* SUCH DAMAGE.
ed878ac6 KF	32	*/
	33
	34	#ifndef lint
86dc635c	35	static char Xsccsid[] = "derived from @(#)rcmd.c 5.17 (Berkeley) 6/27/88";
1c15e888	36	static char sccsid[] = "@(#)kcmd.c 5.6 (Berkeley) 6/1/90";
86dc635c	37	#endif /* not lint */
ed878ac6 KF	38
ed878ac6 KF	39	/*
86dc635c KB	40	* $Source: /mit/kerberos/src/appl/bsd/RCS/kcmd.c,v $
86dc635c KB	41	* $Header: kcmd.c,v 4.16 89/05/17 10:54:31 jtkohl Exp $
ed878ac6	42	*
86dc635c KB	43	* static char *rcsid_kcmd_c =
86dc635c KB	44	* "$Header: kcmd.c,v 4.16 89/05/17 10:54:31 jtkohl Exp $";
ed878ac6 KF	45	*/
ed878ac6 KF	46
ed878ac6 KF	47	#include <sys/param.h>
	48	#include <sys/file.h>
	49	#include <sys/signal.h>
	50	#include <sys/socket.h>
	51	#include <sys/stat.h>
	52
	53	#include <netinet/in.h>
	54
	55	#include <netdb.h>
	56	#include <errno.h>
4f10ae0d	57	#include <kerberosIV/des.h>
63fc53d2 KB	58	#include <kerberosIV/krb.h>
	59	#include <kerberosIV/kparse.h>
	60	#include <pwd.h>
	61	#include <stdio.h>
	62	#include <ctype.h>
ed878ac6 KF	63
	64	#ifndef MAXHOSTNAMELEN
	65	#define MAXHOSTNAMELEN 64
	66	#endif
	67
	68	extern errno;
	69	char index(), malloc(), *krb_realmofhost();
	70
	71	#define START_PORT 5120 /* arbitrary */
	72
	73	kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, ticket, service, realm,
	74	cred, schedule, msg_data, laddr, faddr, authopts)
	75	int *sock;
	76	char **ahost;
	77	u_short rport;
	78	char locuser, remuser, *cmd;
	79	int *fd2p;
	80	KTEXT ticket;
	81	char *service;
	82	char *realm;
	83	CREDENTIALS *cred;
	84	Key_schedule schedule;
	85	MSG_DAT *msg_data;
	86	struct sockaddr_in laddr, faddr;
	87	long authopts;
	88	{
	89	int s, timo = 1, pid;
	90	long oldmask;
	91	struct sockaddr_in sin, from;
	92	char c;
	93	#ifdef ATHENA_COMPAT
	94	int lport = IPPORT_RESERVED - 1;
	95	#else
	96	int lport = START_PORT;
	97	#endif ATHENA_COMPAT
	98	struct hostent *hp;
	99	int rc;
	100	char *host_save;
	101	int status;
	102
	103	pid = getpid();
	104	hp = gethostbyname(*ahost);
	105	if (hp == 0) {
	106	/* fprintf(stderr, "%s: unknown host\n", ahost); /
	107	return (-1);
	108	}
	109
	110	host_save = malloc(strlen(hp->h_name) + 1);
	111	strcpy(host_save, hp->h_name);
	112	*ahost = host_save;
	113
	114	/* If realm is null, look up from table */
	115	if ((realm == NULL) \|\| (realm[0] == '\0')) {
	116	realm = krb_realmofhost(host_save);
	117	}
	118
	119	oldmask = sigblock(sigmask(SIGURG));
	120	for (;;) {
	121	s = getport(&lport);
	122	if (s < 0) {
	123	if (errno == EAGAIN)
5b56bddb KF	124	fprintf(stderr,
5b56bddb KF	125	"kcmd(socket): All ports in use\n");
ed878ac6	126	else
5b56bddb	127	perror("kcmd: socket");
ed878ac6 KF	128	sigsetmask(oldmask);
	129	return (-1);
	130	}
	131	fcntl(s, F_SETOWN, pid);
	132	sin.sin_family = hp->h_addrtype;
	133	#if defined(ultrix) \|\| defined(sun)
	134	bcopy(hp->h_addr, (caddr_t)&sin.sin_addr, hp->h_length);
	135	#else
	136	bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr, hp->h_length);
	137	#endif /* defined(ultrix) \|\| defined(sun) */
	138	sin.sin_port = rport;
	139	if (connect(s, (struct sockaddr *)&sin, sizeof (sin)) >= 0)
	140	break;
	141	(void) close(s);
	142	if (errno == EADDRINUSE) {
	143	lport--;
	144	continue;
	145	}
	146	/*
	147	* don't wait very long for Kerberos rcmd.
	148	*/
	149	if (errno == ECONNREFUSED && timo <= 4) {
5b56bddb	150	/* sleep(timo); don't wait at all here */
ed878ac6 KF	151	timo *= 2;
	152	continue;
	153	}
	154	#if !(defined(ultrix) \|\| defined(sun))
	155	if (hp->h_addr_list[1] != NULL) {
	156	int oerrno = errno;
	157
	158	fprintf(stderr,
5b56bddb KF	159	"kcmd: connect to address %s: ",
5b56bddb KF	160	inet_ntoa(sin.sin_addr));
ed878ac6 KF	161	errno = oerrno;
	162	perror(0);
	163	hp->h_addr_list++;
	164	bcopy(hp->h_addr_list[0], (caddr_t)&sin.sin_addr,
	165	hp->h_length);
	166	fprintf(stderr, "Trying %s...\n",
	167	inet_ntoa(sin.sin_addr));
	168	continue;
	169	}
	170	#endif /* !(defined(ultrix) \|\| defined(sun)) */
	171	if (errno != ECONNREFUSED)
	172	perror(hp->h_name);
	173	sigsetmask(oldmask);
	174	return (-1);
	175	}
	176	lport--;
	177	if (fd2p == 0) {
	178	write(s, "", 1);
	179	lport = 0;
	180	} else {
	181	char num[8];
	182	int s2 = getport(&lport), s3;
	183	int len = sizeof (from);
	184
	185	if (s2 < 0) {
	186	status = -1;
	187	goto bad;
	188	}
	189	listen(s2, 1);
	190	(void) sprintf(num, "%d", lport);
	191	if (write(s, num, strlen(num)+1) != strlen(num)+1) {
5b56bddb	192	perror("kcmd(write): setting up stderr");
ed878ac6 KF	193	(void) close(s2);
	194	status = -1;
	195	goto bad;
	196	}
	197	s3 = accept(s2, (struct sockaddr *)&from, &len);
	198	(void) close(s2);
	199	if (s3 < 0) {
5b56bddb	200	perror("kcmd:accept");
ed878ac6 KF	201	lport = 0;
	202	status = -1;
	203	goto bad;
	204	}
	205	*fd2p = s3;
	206	from.sin_port = ntohs((u_short)from.sin_port);
	207	if (from.sin_family != AF_INET \|\|
	208	from.sin_port >= IPPORT_RESERVED) {
	209	fprintf(stderr,
5b56bddb	210	"kcmd(socket): protocol failure in circuit setup.\n");
ed878ac6 KF	211	goto bad2;
	212	}
	213	}
	214	/*
	215	* Kerberos-authenticated service. Don't have to send locuser,
	216	* since its already in the ticket, and we'll extract it on
	217	* the other side.
	218	*/
	219	/* (void) write(s, locuser, strlen(locuser)+1); */
	220
	221	/* set up the needed stuff for mutual auth, but only if necessary */
	222	if (authopts & KOPT_DO_MUTUAL) {
	223	int sin_len;
	224	*faddr = sin;
	225
	226	sin_len = sizeof (struct sockaddr_in);
	227	if (getsockname(s, (struct sockaddr *)laddr, &sin_len) < 0) {
5b56bddb	228	perror("kcmd(getsockname)");
ed878ac6 KF	229	status = -1;
	230	goto bad2;
	231	}
	232	}
	233	if ((status = krb_sendauth(authopts, s, ticket, service, *ahost,
	234	realm, (unsigned long) getpid(), msg_data,
	235	cred, schedule,
	236	laddr,
	237	faddr,
	238	"KCMDV0.1")) != KSUCCESS)
	239	goto bad2;
	240
	241	(void) write(s, remuser, strlen(remuser)+1);
	242	(void) write(s, cmd, strlen(cmd)+1);
	243
	244	if ((rc=read(s, &c, 1)) != 1) {
	245	if (rc==-1) {
	246	perror(*ahost);
	247	} else {
5b56bddb	248	fprintf(stderr,"kcmd: bad connection with remote host\n");
ed878ac6 KF	249	}
	250	status = -1;
	251	goto bad2;
	252	}
	253	if (c != 0) {
	254	while (read(s, &c, 1) == 1) {
	255	(void) write(2, &c, 1);
	256	if (c == '\n')
	257	break;
	258	}
	259	status = -1;
	260	goto bad2;
	261	}
	262	sigsetmask(oldmask);
	263	*sock = s;
	264	return (KSUCCESS);
	265	bad2:
	266	if (lport)
	267	(void) close(*fd2p);
	268	bad:
	269	(void) close(s);
	270	sigsetmask(oldmask);
	271	return (status);
	272	}
	273
	274	getport(alport)
	275	int *alport;
	276	{
	277	struct sockaddr_in sin;
	278	int s;
	279
	280	sin.sin_family = AF_INET;
	281	sin.sin_addr.s_addr = INADDR_ANY;
	282	s = socket(AF_INET, SOCK_STREAM, 0);
	283	if (s < 0)
	284	return (-1);
	285	for (;;) {
	286	sin.sin_port = htons((u_short)*alport);
	287	if (bind(s, (struct sockaddr *)&sin, sizeof (sin)) >= 0)
	288	return (s);
	289	if (errno != EADDRINUSE) {
	290	(void) close(s);
	291	return (-1);
	292	}
	293	(*alport)--;
	294	#ifdef ATHENA_COMPAT
	295	if (*alport == IPPORT_RESERVED/2) {
	296	#else
	297	if (*alport == IPPORT_RESERVED) {
	298	#endif ATHENA_COMPAT
	299	(void) close(s);
	300	errno = EAGAIN; /* close */
	301	return (-1);
	302	}
	303	}
	304	}
	305