| 1 | /*- |
| 2 | * Copyright (c) 1990 The Regents of the University of California. |
| 3 | * All rights reserved. |
| 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions |
| 7 | * are met: |
| 8 | * 1. Redistributions of source code must retain the above copyright |
| 9 | * notice, this list of conditions and the following disclaimer. |
| 10 | * 2. Redistributions in binary form must reproduce the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer in the |
| 12 | * documentation and/or other materials provided with the distribution. |
| 13 | * 3. All advertising materials mentioning features or use of this software |
| 14 | * must display the following acknowledgement: |
| 15 | * This product includes software developed by the University of |
| 16 | * California, Berkeley and its contributors. |
| 17 | * 4. Neither the name of the University nor the names of its contributors |
| 18 | * may be used to endorse or promote products derived from this software |
| 19 | * without specific prior written permission. |
| 20 | * |
| 21 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
| 22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
| 25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 31 | * SUCH DAMAGE. |
| 32 | */ |
| 33 | |
| 34 | #ifndef lint |
| 35 | char copyright[] = |
| 36 | "@(#) Copyright (c) 1990 The Regents of the University of California.\n\ |
| 37 | All rights reserved.\n"; |
| 38 | #endif /* not lint */ |
| 39 | |
| 40 | #ifndef lint |
| 41 | static char sccsid[] = "@(#)sliplogin.c 5.6 (Berkeley) 3/2/91"; |
| 42 | #endif /* not lint */ |
| 43 | |
| 44 | /* |
| 45 | * sliplogin.c |
| 46 | * [MUST BE RUN SUID, SLOPEN DOES A SUSER()!] |
| 47 | * |
| 48 | * This program initializes its own tty port to be an async TCP/IP interface. |
| 49 | * It sets the line discipline to slip, invokes a shell script to initialize |
| 50 | * the network interface, then pauses forever waiting for hangup. |
| 51 | * |
| 52 | * It is a remote descendant of several similar programs with incestuous ties: |
| 53 | * - Kirk Smith's slipconf, modified by Richard Johnsson @ DEC WRL. |
| 54 | * - slattach, probably by Rick Adams but touched by countless hordes. |
| 55 | * - the original sliplogin for 4.2bsd, Doug Kingston the mover behind it. |
| 56 | * |
| 57 | * There are two forms of usage: |
| 58 | * |
| 59 | * "sliplogin" |
| 60 | * Invoked simply as "sliplogin", the program looks up the username |
| 61 | * in the file /etc/slip.hosts. |
| 62 | * If an entry is found, the line on fd0 is configured for SLIP operation |
| 63 | * as specified in the file. |
| 64 | * |
| 65 | * "sliplogin IPhostlogin </dev/ttyb" |
| 66 | * Invoked by root with a username, the name is looked up in the |
| 67 | * /etc/slip.hosts file and if found fd0 is configured as in case 1. |
| 68 | */ |
| 69 | |
| 70 | #include <sys/param.h> |
| 71 | #include <sys/socket.h> |
| 72 | #include <sys/signal.h> |
| 73 | #include <sys/file.h> |
| 74 | #include <sys/syslog.h> |
| 75 | #include <netdb.h> |
| 76 | |
| 77 | #if BSD >= 199006 |
| 78 | #define POSIX |
| 79 | #endif |
| 80 | #ifdef POSIX |
| 81 | #include <sys/termios.h> |
| 82 | #include <sys/ioctl.h> |
| 83 | #include <ttyent.h> |
| 84 | #else |
| 85 | #include <sgtty.h> |
| 86 | #endif |
| 87 | #include <netinet/in.h> |
| 88 | #include <net/if.h> |
| 89 | #include <net/if_slvar.h> |
| 90 | |
| 91 | #include <stdio.h> |
| 92 | #include <errno.h> |
| 93 | #include <ctype.h> |
| 94 | #include <string.h> |
| 95 | #include "pathnames.h" |
| 96 | |
| 97 | int unit; |
| 98 | int slip_mode; |
| 99 | int speed; |
| 100 | int uid; |
| 101 | char loginargs[BUFSIZ]; |
| 102 | char loginfile[MAXPATHLEN]; |
| 103 | char loginname[BUFSIZ]; |
| 104 | |
| 105 | struct slip_modes { |
| 106 | char *sm_name; |
| 107 | int sm_value; |
| 108 | } modes[] = { |
| 109 | "normal", 0, |
| 110 | "compress", SC_COMPRESS, |
| 111 | "noicmp", SC_NOICMP, |
| 112 | "autocomp", SC_AUTOCOMP |
| 113 | }; |
| 114 | |
| 115 | void |
| 116 | findid(name) |
| 117 | char *name; |
| 118 | { |
| 119 | FILE *fp; |
| 120 | static char slopt[5][16]; |
| 121 | static char laddr[16]; |
| 122 | static char raddr[16]; |
| 123 | static char mask[16]; |
| 124 | char user[16]; |
| 125 | int i, j, n; |
| 126 | |
| 127 | (void)strcpy(loginname, name); |
| 128 | if ((fp = fopen(_PATH_ACCESS, "r")) == NULL) { |
| 129 | (void)fprintf(stderr, "sliplogin: %s: %s\n", |
| 130 | _PATH_ACCESS, strerror(errno)); |
| 131 | syslog(LOG_ERR, "%s: %m\n", _PATH_ACCESS); |
| 132 | exit(1); |
| 133 | } |
| 134 | while (fgets(loginargs, sizeof(loginargs) - 1, fp)) { |
| 135 | if (ferror(fp)) |
| 136 | break; |
| 137 | n = sscanf(loginargs, "%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s\n", |
| 138 | user, laddr, raddr, mask, slopt[0], slopt[1], |
| 139 | slopt[2], slopt[3], slopt[4]); |
| 140 | if (user[0] == '#' || isspace(user[0])) |
| 141 | continue; |
| 142 | if (strcmp(user, name) != 0) |
| 143 | continue; |
| 144 | |
| 145 | slip_mode = 0; |
| 146 | for (i = 0; i < n - 4; i++) { |
| 147 | for (j = 0; j < sizeof(modes)/sizeof(struct slip_modes); |
| 148 | j++) { |
| 149 | if (strcmp(modes[j].sm_name, slopt[i]) == 0) { |
| 150 | slip_mode |= modes[j].sm_value; |
| 151 | break; |
| 152 | } |
| 153 | } |
| 154 | } |
| 155 | |
| 156 | /* |
| 157 | * we've found the guy we're looking for -- see if |
| 158 | * there's a login file we can use. First check for |
| 159 | * one specific to this host. If none found, try for |
| 160 | * a generic one. |
| 161 | */ |
| 162 | (void)sprintf(loginfile, "%s.%s", _PATH_LOGIN, name); |
| 163 | if (access(loginfile, R_OK|X_OK) != 0) { |
| 164 | (void)strcpy(loginfile, _PATH_LOGIN); |
| 165 | if (access(loginfile, R_OK|X_OK)) { |
| 166 | fputs("access denied - no login file\n", |
| 167 | stderr); |
| 168 | syslog(LOG_ERR, |
| 169 | "access denied for %s - no %s\n", |
| 170 | name, _PATH_LOGIN); |
| 171 | exit(5); |
| 172 | } |
| 173 | } |
| 174 | |
| 175 | (void) fclose(fp); |
| 176 | return; |
| 177 | } |
| 178 | (void)fprintf(stderr, "SLIP access denied for %s\n", name); |
| 179 | syslog(LOG_ERR, "SLIP access denied for %s\n", name); |
| 180 | exit(4); |
| 181 | /* NOTREACHED */ |
| 182 | } |
| 183 | |
| 184 | char * |
| 185 | sigstr(s) |
| 186 | int s; |
| 187 | { |
| 188 | static char buf[32]; |
| 189 | |
| 190 | switch (s) { |
| 191 | case SIGHUP: return("HUP"); |
| 192 | case SIGINT: return("INT"); |
| 193 | case SIGQUIT: return("QUIT"); |
| 194 | case SIGILL: return("ILL"); |
| 195 | case SIGTRAP: return("TRAP"); |
| 196 | case SIGIOT: return("IOT"); |
| 197 | case SIGEMT: return("EMT"); |
| 198 | case SIGFPE: return("FPE"); |
| 199 | case SIGKILL: return("KILL"); |
| 200 | case SIGBUS: return("BUS"); |
| 201 | case SIGSEGV: return("SEGV"); |
| 202 | case SIGSYS: return("SYS"); |
| 203 | case SIGPIPE: return("PIPE"); |
| 204 | case SIGALRM: return("ALRM"); |
| 205 | case SIGTERM: return("TERM"); |
| 206 | case SIGURG: return("URG"); |
| 207 | case SIGSTOP: return("STOP"); |
| 208 | case SIGTSTP: return("TSTP"); |
| 209 | case SIGCONT: return("CONT"); |
| 210 | case SIGCHLD: return("CHLD"); |
| 211 | case SIGTTIN: return("TTIN"); |
| 212 | case SIGTTOU: return("TTOU"); |
| 213 | case SIGIO: return("IO"); |
| 214 | case SIGXCPU: return("XCPU"); |
| 215 | case SIGXFSZ: return("XFSZ"); |
| 216 | case SIGVTALRM: return("VTALRM"); |
| 217 | case SIGPROF: return("PROF"); |
| 218 | case SIGWINCH: return("WINCH"); |
| 219 | #ifdef SIGLOST |
| 220 | case SIGLOST: return("LOST"); |
| 221 | #endif |
| 222 | case SIGUSR1: return("USR1"); |
| 223 | case SIGUSR2: return("USR2"); |
| 224 | } |
| 225 | (void)sprintf(buf, "sig %d", s); |
| 226 | return(buf); |
| 227 | } |
| 228 | |
| 229 | void |
| 230 | hup_handler(s) |
| 231 | int s; |
| 232 | { |
| 233 | char logoutfile[MAXPATHLEN]; |
| 234 | |
| 235 | (void)sprintf(logoutfile, "%s.%s", _PATH_LOGOUT, loginname); |
| 236 | if (access(logoutfile, R_OK|X_OK) != 0) |
| 237 | (void)strcpy(logoutfile, _PATH_LOGOUT); |
| 238 | if (access(logoutfile, R_OK|X_OK) == 0) { |
| 239 | char logincmd[2*MAXPATHLEN+32]; |
| 240 | |
| 241 | (void) sprintf(logincmd, "%s %d %d %s", logoutfile, unit, speed, |
| 242 | loginargs); |
| 243 | (void) system(logincmd); |
| 244 | } |
| 245 | (void) close(0); |
| 246 | syslog(LOG_INFO, "closed %s slip unit %d (%s)\n", loginname, unit, |
| 247 | sigstr(s)); |
| 248 | exit(1); |
| 249 | /* NOTREACHED */ |
| 250 | } |
| 251 | |
| 252 | main(argc, argv) |
| 253 | int argc; |
| 254 | char *argv[]; |
| 255 | { |
| 256 | int fd, s, ldisc, odisc; |
| 257 | char *name; |
| 258 | #ifdef POSIX |
| 259 | struct termios tios, otios; |
| 260 | #else |
| 261 | struct sgttyb tty, otty; |
| 262 | #endif |
| 263 | char logincmd[2*BUFSIZ+32]; |
| 264 | extern uid_t getuid(); |
| 265 | |
| 266 | if ((name = strrchr(argv[0], '/')) == NULL) |
| 267 | name = argv[0]; |
| 268 | s = getdtablesize(); |
| 269 | for (fd = 3 ; fd < s ; fd++) |
| 270 | (void) close(fd); |
| 271 | openlog(name, LOG_PID, LOG_DAEMON); |
| 272 | uid = getuid(); |
| 273 | if (argc > 1) { |
| 274 | findid(argv[1]); |
| 275 | |
| 276 | /* |
| 277 | * Disassociate from current controlling terminal, if any, |
| 278 | * and ensure that the slip line is our controlling terminal. |
| 279 | */ |
| 280 | #ifdef POSIX |
| 281 | if (fork() > 0) |
| 282 | exit(0); |
| 283 | if (setsid() != 0) |
| 284 | perror("setsid"); |
| 285 | #else |
| 286 | if ((fd = open("/dev/tty", O_RDONLY, 0)) >= 0) { |
| 287 | extern char *ttyname(); |
| 288 | |
| 289 | (void) ioctl(fd, TIOCNOTTY, (caddr_t)0); |
| 290 | (void) close(fd); |
| 291 | /* open slip tty again to acquire as controlling tty? */ |
| 292 | fd = open(ttyname(0), O_RDWR, 0); |
| 293 | if (fd >= 0) |
| 294 | (void) close(fd); |
| 295 | } |
| 296 | (void) setpgrp(0, getpid()); |
| 297 | #endif |
| 298 | if (argc > 2) { |
| 299 | if ((fd = open(argv[2], O_RDWR)) == -1) { |
| 300 | perror(argv[2]); |
| 301 | exit(2); |
| 302 | } |
| 303 | (void) dup2(fd, 0); |
| 304 | if (fd > 2) |
| 305 | close(fd); |
| 306 | } |
| 307 | #ifdef TIOCSCTTY |
| 308 | if (ioctl(0, TIOCSCTTY, (caddr_t)0) != 0) |
| 309 | perror("ioctl (TIOCSCTTY)"); |
| 310 | #endif |
| 311 | } else { |
| 312 | extern char *getlogin(); |
| 313 | |
| 314 | if ((name = getlogin()) == NULL) { |
| 315 | (void) fprintf(stderr, "access denied - no username\n"); |
| 316 | syslog(LOG_ERR, "access denied - getlogin returned 0\n"); |
| 317 | exit(1); |
| 318 | } |
| 319 | findid(name); |
| 320 | } |
| 321 | if (!isatty(0)) { |
| 322 | (void) fprintf(stderr, "access denied - stdin is not a tty\n"); |
| 323 | syslog(LOG_ERR, "access denied - stdin is not a tty\n"); |
| 324 | exit(1); |
| 325 | } |
| 326 | (void) fchmod(0, 0600); |
| 327 | (void) fprintf(stderr, "starting slip login for %s\n", loginname); |
| 328 | #ifdef POSIX |
| 329 | /* set up the line parameters */ |
| 330 | if (tcgetattr(0, &tios) < 0) { |
| 331 | syslog(LOG_ERR, "tcgetattr: %m"); |
| 332 | exit(1); |
| 333 | } |
| 334 | otios = tios; |
| 335 | cfmakeraw(&tios); |
| 336 | tios.c_iflag &= ~IMAXBEL; |
| 337 | if (tcsetattr(0, TCSAFLUSH, &tios) < 0) { |
| 338 | syslog(LOG_ERR, "tcsetattr: %m"); |
| 339 | exit(1); |
| 340 | } |
| 341 | speed = cfgetispeed(&tios); |
| 342 | #else |
| 343 | /* set up the line parameters */ |
| 344 | if (ioctl(0, TIOCGETP, (caddr_t)&tty) < 0) { |
| 345 | syslog(LOG_ERR, "ioctl (TIOCGETP): %m"); |
| 346 | exit(1); |
| 347 | } |
| 348 | otty = tty; |
| 349 | speed = tty.sg_ispeed; |
| 350 | tty.sg_flags = RAW | ANYP; |
| 351 | if (ioctl(0, TIOCSETP, (caddr_t)&tty) < 0) { |
| 352 | syslog(LOG_ERR, "ioctl (TIOCSETP): %m"); |
| 353 | exit(1); |
| 354 | } |
| 355 | #endif |
| 356 | /* find out what ldisc we started with */ |
| 357 | if (ioctl(0, TIOCGETD, (caddr_t)&odisc) < 0) { |
| 358 | syslog(LOG_ERR, "ioctl(TIOCGETD) (1): %m"); |
| 359 | exit(1); |
| 360 | } |
| 361 | ldisc = SLIPDISC; |
| 362 | if (ioctl(0, TIOCSETD, (caddr_t)&ldisc) < 0) { |
| 363 | syslog(LOG_ERR, "ioctl(TIOCSETD): %m"); |
| 364 | exit(1); |
| 365 | } |
| 366 | /* find out what unit number we were assigned */ |
| 367 | if (ioctl(0, SLIOCGUNIT, (caddr_t)&unit) < 0) { |
| 368 | syslog(LOG_ERR, "ioctl (SLIOCGUNIT): %m"); |
| 369 | exit(1); |
| 370 | } |
| 371 | (void) signal(SIGHUP, hup_handler); |
| 372 | (void) signal(SIGTERM, hup_handler); |
| 373 | |
| 374 | syslog(LOG_INFO, "attaching slip unit %d for %s\n", unit, loginname); |
| 375 | (void)sprintf(logincmd, "%s %d %d %s", loginfile, unit, speed, |
| 376 | loginargs); |
| 377 | /* |
| 378 | * aim stdout and errout at /dev/null so logincmd output won't |
| 379 | * babble into the slip tty line. |
| 380 | */ |
| 381 | (void) close(1); |
| 382 | if ((fd = open(_PATH_DEVNULL, O_WRONLY)) != 1) { |
| 383 | if (fd < 0) { |
| 384 | syslog(LOG_ERR, "open /dev/null: %m"); |
| 385 | exit(1); |
| 386 | } |
| 387 | (void) dup2(fd, 1); |
| 388 | (void) close(fd); |
| 389 | } |
| 390 | (void) dup2(1, 2); |
| 391 | |
| 392 | /* |
| 393 | * Run login and logout scripts as root (real and effective); |
| 394 | * current route(8) is setuid root, and checks the real uid |
| 395 | * to see whether changes are allowed (or just "route get"). |
| 396 | */ |
| 397 | (void) setuid(0); |
| 398 | if (s = system(logincmd)) { |
| 399 | syslog(LOG_ERR, "%s login failed: exit status %d from %s", |
| 400 | loginname, s, loginfile); |
| 401 | (void) ioctl(0, TIOCSETD, (caddr_t)&odisc); |
| 402 | exit(6); |
| 403 | } |
| 404 | if (ioctl(0, SLIOCSFLAGS, (caddr_t)&slip_mode) < 0) { |
| 405 | syslog(LOG_ERR, "ioctl (SLIOCSFLAGS): %m"); |
| 406 | exit(1); |
| 407 | } |
| 408 | |
| 409 | /* twiddle thumbs until we get a signal */ |
| 410 | while (1) |
| 411 | sigpause(0); |
| 412 | |
| 413 | /* NOTREACHED */ |
| 414 | } |