* Copyright (c) 1983 The Regents of the University of California.
* Redistribution and use in source and binary forms are permitted
* provided that the above copyright notice and this paragraph are
* duplicated in all such forms and that any documentation,
* advertising materials, and other materials related to such
* distribution and use acknowledge that the software was developed
* by the University of California, Berkeley. The name of the
* University may not be used to endorse or promote products derived
* from this software without specific prior written permission.
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
"@(#) Copyright (c) 1983 The Regents of the University of California.\n\
static char sccsid
[] = "@(#)rshd.c 5.12 (Berkeley) %G%";
char *index(), *rindex(), *strncat();
openlog("rsh", LOG_PID
| LOG_ODELAY
, LOG_DAEMON
);
if (getpeername(0, &from
, &fromlen
) < 0) {
fprintf(stderr
, "%s: ", argv
[0]);
if (setsockopt(0, SOL_SOCKET
, SO_KEEPALIVE
, (char *)&on
,
syslog(LOG_WARNING
, "setsockopt (SO_KEEPALIVE): %m");
linger
.l_linger
= 60; /* XXX */
if (setsockopt(0, SOL_SOCKET
, SO_LINGER
, (char *)&linger
,
syslog(LOG_WARNING
, "setsockopt (SO_LINGER): %m");
char username
[20] = "USER=";
char homedir
[64] = "HOME=";
char shell
[64] = "SHELL=";
{homedir
, shell
, "PATH=:/usr/ucb:/bin:/usr/bin", username
, 0};
struct sockaddr_in
*fromp
;
char cmdbuf
[NCARGS
+1], *cp
;
char locuser
[16], remuser
[16];
(void) signal(SIGINT
, SIG_DFL
);
(void) signal(SIGQUIT
, SIG_DFL
);
(void) signal(SIGTERM
, SIG_DFL
);
{ int t
= open("/dev/tty", 2);
ioctl(t
, TIOCNOTTY
, (char *)0);
fromp
->sin_port
= ntohs((u_short
)fromp
->sin_port
);
if (fromp
->sin_family
!= AF_INET
) {
syslog(LOG_ERR
, "malformed from address\n");
if (fromp
->sin_port
>= IPPORT_RESERVED
||
fromp
->sin_port
< IPPORT_RESERVED
/2) {
syslog(LOG_NOTICE
, "connection from bad port\n");
if ((cc
= read(f
, &c
, 1)) != 1) {
syslog(LOG_NOTICE
, "read: %m");
port
= port
* 10 + c
- '0';
int lport
= IPPORT_RESERVED
- 1;
syslog(LOG_ERR
, "can't get stderr port: %m");
if (port
>= IPPORT_RESERVED
) {
syslog(LOG_ERR
, "2nd port not reserved\n");
fromp
->sin_port
= htons((u_short
)port
);
if (connect(s
, fromp
, sizeof (*fromp
)) < 0) {
syslog(LOG_INFO
, "connect second port: %m");
hp
= gethostbyaddr((char *)&fromp
->sin_addr
, sizeof (struct in_addr
),
hostname
= inet_ntoa(fromp
->sin_addr
);
getstr(remuser
, sizeof(remuser
), "remuser");
getstr(locuser
, sizeof(locuser
), "locuser");
getstr(cmdbuf
, sizeof(cmdbuf
), "command");
error("Login incorrect.\n");
if (chdir(pwd
->pw_dir
) < 0) {
error("No remote directory.\n");
if (pwd
->pw_passwd
!= 0 && *pwd
->pw_passwd
!= '\0' &&
ruserok(hostname
, pwd
->pw_uid
== 0, remuser
, locuser
) < 0) {
error("Permission denied.\n");
if (pwd
->pw_uid
&& !access("/etc/nologin", F_OK
)) {
error("Logins currently disabled.\n");
(void) write(2, "\0", 1);
error("Can't make pipe.\n");
(void) close(0); (void) close(1); (void) close(2);
(void) close(f
); (void) close(pv
[1]);
readfrom
= (1L<<s
) | (1L<<pv
[0]);
ioctl(pv
[0], FIONBIO
, (char *)&one
);
if (select(16, &ready
, (fd_set
*)0,
(fd_set
*)0, (struct timeval
*)0) < 0)
if (read(s
, &sig
, 1) <= 0)
if (ready
& (1L<<pv
[0])) {
cc
= read(pv
[0], buf
, sizeof (buf
));
readfrom
&= ~(1L<<pv
[0]);
(void) write(s
, buf
, cc
);
(void) close(s
); (void) close(pv
[0]);
if (*pwd
->pw_shell
== '\0')
pwd
->pw_shell
= "/bin/sh";
(void) setgid((gid_t
)pwd
->pw_gid
);
initgroups(pwd
->pw_name
, pwd
->pw_gid
);
(void) setuid((uid_t
)pwd
->pw_uid
);
strncat(homedir
, pwd
->pw_dir
, sizeof(homedir
)-6);
strncat(shell
, pwd
->pw_shell
, sizeof(shell
)-7);
strncat(username
, pwd
->pw_name
, sizeof(username
)-6);
cp
= rindex(pwd
->pw_shell
, '/');
execl(pwd
->pw_shell
, cp
, "-c", cmdbuf
, 0);
(void) sprintf(buf
+1, fmt
, a1
, a2
, a3
);
(void) write(2, buf
, strlen(buf
));
error("%s too long\n", err
);