* Copyright (c) 1983, 1988 The Regents of the University of California.
* Redistribution and use in source and binary forms are permitted
* provided that the above copyright notice and this paragraph are
* duplicated in all such forms and that any documentation,
* advertising materials, and other materials related to such
* distribution and use acknowledge that the software was developed
* by the University of California, Berkeley. The name of the
* University may not be used to endorse or promote products derived
* from this software without specific prior written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
"@(#) Copyright (c) 1983, 1988 The Regents of the University of California.\n\
static char sccsid
[] = "@(#)rshd.c 5.20 (Berkeley) %G%";
char *index(), *rindex(), *strncat();
extern int opterr
, optind
, _check_rhosts_file
;
openlog("rshd", LOG_PID
| LOG_ODELAY
, LOG_DAEMON
);
while ((ch
= getopt(argc
, argv
, "ln")) != EOF
)
if (getpeername(0, &from
, &fromlen
) < 0) {
fprintf(stderr
, "%s: ", argv
[0]);
setsockopt(0, SOL_SOCKET
, SO_KEEPALIVE
, (char *)&on
,
syslog(LOG_WARNING
, "setsockopt (SO_KEEPALIVE): %m");
linger
.l_linger
= 60; /* XXX */
if (setsockopt(0, SOL_SOCKET
, SO_LINGER
, (char *)&linger
,
syslog(LOG_WARNING
, "setsockopt (SO_LINGER): %m");
char username
[20] = "USER=";
char homedir
[64] = "HOME=";
char shell
[64] = "SHELL=";
{homedir
, shell
, "PATH=/usr/ucb:/bin:/usr/bin:", username
, 0};
struct sockaddr_in
*fromp
;
char cmdbuf
[NCARGS
+1], *cp
;
char locuser
[16], remuser
[16];
char remotehost
[2 * MAXHOSTNAMELEN
+ 1];
(void) signal(SIGINT
, SIG_DFL
);
(void) signal(SIGQUIT
, SIG_DFL
);
(void) signal(SIGTERM
, SIG_DFL
);
{ int t
= open("/dev/tty", 2);
ioctl(t
, TIOCNOTTY
, (char *)0);
fromp
->sin_port
= ntohs((u_short
)fromp
->sin_port
);
if (fromp
->sin_family
!= AF_INET
) {
syslog(LOG_ERR
, "malformed from address\n");
u_char optbuf
[BUFSIZ
/3], *cp
;
int optsize
= sizeof(optbuf
), ipproto
;
u_char optbuf
[BUFSIZ
/3], *cp
;
int optsize
= sizeof(optbuf
), ipproto
;
if ((ip
= getprotobyname("ip")) != NULL
)
if (getsockopt(0, ipproto
, IP_OPTIONS
, (char *)optbuf
, &optsize
) == 0 &&
for (cp
= optbuf
; optsize
> 0; cp
++, optsize
--, lp
+= 3)
sprintf(lp
, " %2.2x", *cp
);
"Connection received using IP options (ignored):%s", lbuf
);
if (setsockopt(0, ipproto
, IP_OPTIONS
,
(char *)NULL
, &optsize
) != 0) {
syslog(LOG_ERR
, "setsockopt IP_OPTIONS NULL: %m");
if ((ip
= getprotobyname("ip")) != NULL
)
if (getsockopt(0, ipproto
, IP_OPTIONS
, (char *)optbuf
, &optsize
) == 0 &&
for (cp
= optbuf
; optsize
> 0; cp
++, optsize
--, lp
+= 3)
sprintf(lp
, " %2.2x", *cp
);
"Connection received using IP options (ignored):%s", lbuf
);
if (setsockopt(0, ipproto
, IP_OPTIONS
,
(char *)NULL
, &optsize
) != 0) {
syslog(LOG_ERR
, "setsockopt IP_OPTIONS NULL: %m");
if (fromp
->sin_port
>= IPPORT_RESERVED
||
fromp
->sin_port
< IPPORT_RESERVED
/2) {
syslog(LOG_NOTICE
, "Connection from %s on illegal port",
inet_ntoa(fromp
->sin_addr
));
if ((cc
= read(0, &c
, 1)) != 1) {
syslog(LOG_NOTICE
, "read: %m");
port
= port
* 10 + c
- '0';
int lport
= IPPORT_RESERVED
- 1;
syslog(LOG_ERR
, "can't get stderr port: %m");
if (port
>= IPPORT_RESERVED
) {
syslog(LOG_ERR
, "2nd port not reserved\n");
fromp
->sin_port
= htons((u_short
)port
);
if (connect(s
, fromp
, sizeof (*fromp
)) < 0) {
syslog(LOG_INFO
, "connect second port: %m");
/* from inetd, socket is already on 0, 1, 2 */
hp
= gethostbyaddr((char *)&fromp
->sin_addr
, sizeof (struct in_addr
),
* If name returned by gethostbyaddr is in our domain,
* attempt to verify that we haven't been fooled by someone
* in a remote net; look up the name and check that this
* address corresponds to the name.
if (local_domain(hp
->h_name
)) {
strncpy(remotehost
, hp
->h_name
, sizeof(remotehost
) - 1);
remotehost
[sizeof(remotehost
) - 1] = 0;
hp
= gethostbyname(remotehost
);
"Couldn't look up address for %s",
error("Couldn't look up address for your host");
} else for (; ; hp
->h_addr_list
++) {
if (!bcmp(hp
->h_addr_list
[0],
(caddr_t
)&fromp
->sin_addr
,
sizeof(fromp
->sin_addr
)))
if (hp
->h_addr_list
[0] == NULL
) {
"Host addr %s not listed for host %s",
inet_ntoa(fromp
->sin_addr
),
error("Host address mismatch");
hostname
= inet_ntoa(fromp
->sin_addr
);
getstr(remuser
, sizeof(remuser
), "remuser");
getstr(locuser
, sizeof(locuser
), "locuser");
getstr(cmdbuf
, sizeof(cmdbuf
), "command");
error("Login incorrect.\n");
if (chdir(pwd
->pw_dir
) < 0) {
error("No remote directory.\n");
if (pwd
->pw_passwd
!= 0 && *pwd
->pw_passwd
!= '\0' &&
ruserok(hostname
, pwd
->pw_uid
== 0, remuser
, locuser
) < 0) {
error("Permission denied.\n");
if (pwd
->pw_uid
&& !access("/etc/nologin", F_OK
)) {
error("Logins currently disabled.\n");
(void) write(2, "\0", 1);
error("Can't make pipe.\n");
(void) close(0); (void) close(1); (void) close(2);
FD_SET(pv
[0], &readfrom
);
ioctl(pv
[0], FIONBIO
, (char *)&one
);
if (select(nfd
, &ready
, (fd_set
*)0,
(fd_set
*)0, (struct timeval
*)0) < 0)
if (FD_ISSET(s
, &ready
)) {
if (read(s
, &sig
, 1) <= 0)
if (FD_ISSET(pv
[0], &ready
)) {
cc
= read(pv
[0], buf
, sizeof (buf
));
FD_CLR(pv
[0], &readfrom
);
(void) write(s
, buf
, cc
);
} while (FD_ISSET(s
, &readfrom
) ||
FD_ISSET(pv
[0], &readfrom
));
(void) close(s
); (void) close(pv
[0]);
if (*pwd
->pw_shell
== '\0')
pwd
->pw_shell
= "/bin/sh";
(void) setgid((gid_t
)pwd
->pw_gid
);
initgroups(pwd
->pw_name
, pwd
->pw_gid
);
(void) setuid((uid_t
)pwd
->pw_uid
);
strncat(homedir
, pwd
->pw_dir
, sizeof(homedir
)-6);
strncat(shell
, pwd
->pw_shell
, sizeof(shell
)-7);
strncat(username
, pwd
->pw_name
, sizeof(username
)-6);
cp
= rindex(pwd
->pw_shell
, '/');
execl(pwd
->pw_shell
, cp
, "-c", cmdbuf
, 0);
(void) sprintf(buf
+1, fmt
, a1
, a2
, a3
);
(void) write(2, buf
, strlen(buf
));
error("%s too long\n", err
);
* Check whether host h is in our local domain,
* as determined by the part of the name following
* the first '.' in its name and in ours.
* If either name is unqualified (contains no '.'),
* assume that the host is local, as it will be
char localhost
[MAXHOSTNAMELEN
];
char *p1
, *p2
= index(h
, '.');
(void) gethostname(localhost
, sizeof(localhost
));
p1
= index(localhost
, '.');
if (p1
== NULL
|| p2
== NULL
|| !strcasecmp(p1
, p2
))
syslog(LOG_ERR
, "usage: rshd [-l] [-n]");
syslog(LOG_ERR
, "usage: rshd [-l] [-n] [-k] [-v] [-e]");