386BSD 0.0 development

[unix-history] / usr / src / libexec / rshd / rshd.c
diff --git a/usr/src/libexec/rshd/rshd.c b/usr/src/libexec/rshd/rshd.c

index dc80938..b926772 100644 (file)
--- a/usr/src/libexec/rshd/rshd.c
+++ b/usr/src/libexec/rshd/rshd.c
@@ -1,38 +1,53 @@
-/*
- * Copyright (c) 1983, 1988, 1989 The Regents of the University of California.
+/*-
+ * Copyright (c) 1988, 1989 The Regents of the University of California.
   * All rights reserved.
   *
   * All rights reserved.
   *
- * Redistribution and use in source and binary forms are permitted provided
- * that: (1) source distributions retain this entire copyright notice and
- * comment, and (2) distributions including binaries display the following
- * acknowledgement:  ``This product includes software developed by the
- * University of California, Berkeley and its contributors'' in the
- * documentation or other materials provided with the distribution and in
- * all advertising materials mentioning features or use of this software.
- * Neither the name of the University nor the names of its contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *     This product includes software developed by the University of
+ *     California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
   */
  
  #ifndef lint
  char copyright[] =
   */
  
  #ifndef lint
  char copyright[] =
-"@(#) Copyright (c) 1983, 1988, 1089 The Regents of the University of California.\n\
+"@(#) Copyright (c) 1988, 1989 The Regents of the University of California.\n\
   All rights reserved.\n";
  #endif /* not lint */
  
  #ifndef lint
   All rights reserved.\n";
  #endif /* not lint */
  
  #ifndef lint
-static char sccsid[] = "@(#)rshd.c     5.34 (Berkeley) 6/29/90";
+static char sccsid[] = "@(#)rshd.c     5.38 (Berkeley) 3/2/91";
  #endif /* not lint */
  
  #endif /* not lint */
  
-/* From:
+/*
+ * From:
   *     $Source: /mit/kerberos/ucb/mit/rshd/RCS/rshd.c,v $
   *     $Source: /mit/kerberos/ucb/mit/rshd/RCS/rshd.c,v $
- *     $Header: /mit/kerberos/ucb/mit/rshd/RCS/rshd.c,v 5.2 89/07/31 19:30:04 kfall Exp $
+ *     $Header: /mit/kerberos/ucb/mit/rshd/RCS/rshd.c,v 
+ *             5.2 89/07/31 19:30:04 kfall Exp $
   */
  
   */
  
-
  /*
   * remote shell server:
   *     [port]\0
  /*
   * remote shell server:
   *     [port]\0
@@ -43,23 +58,24 @@ static char sccsid[] = "@(#)rshd.c  5.34 (Berkeley) 6/29/90";
   */
  #include <sys/param.h>
  #include <sys/ioctl.h>
   */
  #include <sys/param.h>
  #include <sys/ioctl.h>
-#include <sys/socket.h>
-#include <sys/file.h>
-#include <sys/signal.h>
  #include <sys/time.h>
  #include <sys/time.h>
+#include <fcntl.h>
+#include <signal.h>
  
  
+#include <sys/socket.h>
  #include <netinet/in.h>
  #include <netinet/in.h>
-
  #include <arpa/inet.h>
  #include <arpa/inet.h>
+#include <netdb.h>
  
  
-#include <stdio.h>
-#include <errno.h>
  #include <pwd.h>
  #include <pwd.h>
-#include <netdb.h>
  #include <syslog.h>
  #include <syslog.h>
-#include "pathnames.h"
+#include <unistd.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <paths.h>
  
  
-int    errno;
  int    keepalive = 1;
  int    check_all = 0;
  char   *index(), *rindex(), *strncat();
  int    keepalive = 1;
  int    check_all = 0;
  char   *index(), *rindex(), *strncat();
@@ -75,8 +91,7 @@ int   sent_null;
  #define        OPTIONS         "alknvx"
  char   authbuf[sizeof(AUTH_DAT)];
  char   tickbuf[sizeof(KTEXT_ST)];
  #define        OPTIONS         "alknvx"
  char   authbuf[sizeof(AUTH_DAT)];
  char   tickbuf[sizeof(KTEXT_ST)];
-int    use_kerberos = 0, vacuous = 0;
-int    encrypt = 0;
+int    doencrypt, use_kerberos, vacuous;
  Key_schedule   schedule;
  #else
  #define        OPTIONS "aln"
  Key_schedule   schedule;
  #else
  #define        OPTIONS "aln"
@@ -116,9 +131,11 @@ main(argc, argv)
                         vacuous = 1;
                         break;
  
                         vacuous = 1;
                         break;
  
+#ifdef CRYPT
                 case 'x':
                 case 'x':
-                       encrypt = 1;
+                       doencrypt = 1;
                         break;
                         break;
+#endif
  #endif
                 case '?':
                 default:
  #endif
                 case '?':
                 default:
@@ -134,14 +151,16 @@ main(argc, argv)
                 syslog(LOG_ERR, "only one of -k and -v allowed");
                 exit(2);
         }
                 syslog(LOG_ERR, "only one of -k and -v allowed");
                 exit(2);
         }
-       if (encrypt && !use_kerberos) {
+#ifdef CRYPT
+       if (doencrypt && !use_kerberos) {
                 syslog(LOG_ERR, "-k is required for -x");
                 exit(2);
         }
                 syslog(LOG_ERR, "-k is required for -x");
                 exit(2);
         }
+#endif
  #endif
  
         fromlen = sizeof (from);
  #endif
  
         fromlen = sizeof (from);
-       if (getpeername(0, &from, &fromlen) < 0) {
+       if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) {
                 syslog(LOG_ERR, "getpeername: %m");
                 _exit(1);
         }
                 syslog(LOG_ERR, "getpeername: %m");
                 _exit(1);
         }
@@ -160,8 +179,9 @@ main(argc, argv)
  char   username[20] = "USER=";
  char   homedir[64] = "HOME=";
  char   shell[64] = "SHELL=";
  char   username[20] = "USER=";
  char   homedir[64] = "HOME=";
  char   shell[64] = "SHELL=";
+char   path[100] = "PATH=";
  char   *envinit[] =
  char   *envinit[] =
-           {homedir, shell, _PATH_DEFPATH, username, 0};
+           {homedir, shell, path, username, 0};
  char   **environ;
  
  doit(fromp)
  char   **environ;
  
  doit(fromp)
@@ -231,7 +251,7 @@ doit(fromp)
                     "Connection received from %s using IP options (ignored):%s",
                     inet_ntoa(fromp->sin_addr), lbuf);
                 if (setsockopt(0, ipproto, IP_OPTIONS,
                     "Connection received from %s using IP options (ignored):%s",
                     inet_ntoa(fromp->sin_addr), lbuf);
                 if (setsockopt(0, ipproto, IP_OPTIONS,
-                   (char *)NULL, &optsize) != 0) {
+                   (char *)NULL, optsize) != 0) {
                         syslog(LOG_ERR, "setsockopt IP_OPTIONS NULL: %m");
                         exit(1);
                 }
                         syslog(LOG_ERR, "setsockopt IP_OPTIONS NULL: %m");
                         exit(1);
                 }
@@ -281,7 +301,7 @@ doit(fromp)
                                 exit(1);
                         }
                 fromp->sin_port = htons(port);
                                 exit(1);
                         }
                 fromp->sin_port = htons(port);
-               if (connect(s, fromp, sizeof (*fromp)) < 0) {
+               if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0) {
                         syslog(LOG_INFO, "connect second port: %m");
                         exit(1);
                 }
                         syslog(LOG_INFO, "connect second port: %m");
                         exit(1);
                 }
@@ -354,10 +374,12 @@ doit(fromp)
                 authopts = 0L;
                 strcpy(instance, "*");
                 version[VERSION_SIZE - 1] = '\0';
                 authopts = 0L;
                 strcpy(instance, "*");
                 version[VERSION_SIZE - 1] = '\0';
-               if (encrypt) {
+#ifdef CRYPT
+               if (doencrypt) {
                         struct sockaddr_in local_addr;
                         rc = sizeof(local_addr);
                         struct sockaddr_in local_addr;
                         rc = sizeof(local_addr);
-                       if (getsockname(0, &local_addr, &rc) < 0) {
+                       if (getsockname(0, (struct sockaddr *)&local_addr,
+                           &rc) < 0) {
                                 syslog(LOG_ERR, "getsockname: %m");
                                 error("rlogind: getsockname: %m");
                                 exit(1);
                                 syslog(LOG_ERR, "getsockname: %m");
                                 error("rlogind: getsockname: %m");
                                 exit(1);
@@ -368,12 +390,12 @@ doit(fromp)
                                 &local_addr, kdata, "", schedule,
                                 version);
                         des_set_key(kdata->session, schedule);
                                 &local_addr, kdata, "", schedule,
                                 version);
                         des_set_key(kdata->session, schedule);
-               } else {
+               } else
+#endif
                         rc = krb_recvauth(authopts, 0, ticket, "rcmd",
                                 instance, &fromaddr,
                                 (struct sockaddr_in *) 0,
                                 kdata, "", (bit_64 *) 0, version);
                         rc = krb_recvauth(authopts, 0, ticket, "rcmd",
                                 instance, &fromaddr,
                                 (struct sockaddr_in *) 0,
                                 kdata, "", (bit_64 *) 0, version);
-               }
                 if (rc != KSUCCESS) {
                         error("Kerberos authentication failure: %s\n",
                                   krb_err_txt[rc]);
                 if (rc != KSUCCESS) {
                         error("Kerberos authentication failure: %s\n",
                                   krb_err_txt[rc]);
@@ -437,8 +459,9 @@ fail:
                         error("Can't make pipe.\n");
                         exit(1);
                 }
                         error("Can't make pipe.\n");
                         exit(1);
                 }
-#ifdef KERBEROS
-               if (encrypt) {
+#ifdef CRYPT
+#ifdef KERBEROS
+               if (doencrypt) {
                         if (pipe(pv1) < 0) {
                                 error("Can't make 2nd pipe.\n");
                                 exit(1);
                         if (pipe(pv1) < 0) {
                                 error("Can't make 2nd pipe.\n");
                                 exit(1);
@@ -448,6 +471,7 @@ fail:
                                 exit(1);
                         }
                 }
                                 exit(1);
                         }
                 }
+#endif
  #endif
                 pid = fork();
                 if (pid == -1)  {
  #endif
                 pid = fork();
                 if (pid == -1)  {
@@ -455,14 +479,16 @@ fail:
                         exit(1);
                 }
                 if (pid) {
                         exit(1);
                 }
                 if (pid) {
-#ifdef KERBEROS
-                       if (encrypt) {
+#ifdef CRYPT
+#ifdef KERBEROS
+                       if (doencrypt) {
                                 static char msg[] = SECURE_MESSAGE;
                                 (void) close(pv1[1]);
                                 (void) close(pv2[1]);
                                 des_write(s, msg, sizeof(msg));
  
                         } else
                                 static char msg[] = SECURE_MESSAGE;
                                 (void) close(pv1[1]);
                                 (void) close(pv2[1]);
                                 des_write(s, msg, sizeof(msg));
  
                         } else
+#endif
  #endif
                         {
                                 (void) close(0); (void) close(1);
  #endif
                         {
                                 (void) close(0); (void) close(1);
@@ -476,8 +502,9 @@ fail:
                                 nfd = pv[0];
                         else
                                 nfd = s;
                                 nfd = pv[0];
                         else
                                 nfd = s;
-#ifdef KERBEROS
-                       if (encrypt) {
+#ifdef CRYPT
+#ifdef KERBEROS
+                       if (doencrypt) {
                                 FD_ZERO(&writeto);
                                 FD_SET(pv2[0], &writeto);
                                 FD_SET(pv1[0], &readfrom);
                                 FD_ZERO(&writeto);
                                 FD_SET(pv2[0], &writeto);
                                 FD_SET(pv1[0], &readfrom);
@@ -485,6 +512,7 @@ fail:
                                 nfd = MAX(nfd, pv2[0]);
                                 nfd = MAX(nfd, pv1[0]);
                         } else
                                 nfd = MAX(nfd, pv2[0]);
                                 nfd = MAX(nfd, pv1[0]);
                         } else
+#endif
  #endif
                                 ioctl(pv[0], FIONBIO, (char *)&one);
  
  #endif
                                 ioctl(pv[0], FIONBIO, (char *)&one);
  
@@ -492,24 +520,28 @@ fail:
                         nfd++;
                         do {
                                 ready = readfrom;
                         nfd++;
                         do {
                                 ready = readfrom;
-#ifdef KERBEROS
-                               if (encrypt) {
+#ifdef CRYPT
+#ifdef KERBEROS
+                               if (doencrypt) {
                                         wready = writeto;
                                         if (select(nfd, &ready,
                                             &wready, (fd_set *) 0,
                                             (struct timeval *) 0) < 0)
                                                 break;
                                 } else
                                         wready = writeto;
                                         if (select(nfd, &ready,
                                             &wready, (fd_set *) 0,
                                             (struct timeval *) 0) < 0)
                                                 break;
                                 } else
+#endif
  #endif
                                         if (select(nfd, &ready, (fd_set *)0,
                                           (fd_set *)0, (struct timeval *)0) < 0)
                                                 break;
                                 if (FD_ISSET(s, &ready)) {
                                         int     ret;
  #endif
                                         if (select(nfd, &ready, (fd_set *)0,
                                           (fd_set *)0, (struct timeval *)0) < 0)
                                                 break;
                                 if (FD_ISSET(s, &ready)) {
                                         int     ret;
-#ifdef KERBEROS
-                                       if (encrypt)
+#ifdef CRYPT
+#ifdef KERBEROS
+                                       if (doencrypt)
                                                 ret = des_read(s, &sig, 1);
                                         else
                                                 ret = des_read(s, &sig, 1);
                                         else
+#endif
  #endif
                                                 ret = read(s, &sig, 1);
                                         if (ret <= 0)
  #endif
                                                 ret = read(s, &sig, 1);
                                         if (ret <= 0)
@@ -524,19 +556,21 @@ fail:
                                                 shutdown(s, 1+1);
                                                 FD_CLR(pv[0], &readfrom);
                                         } else {
                                                 shutdown(s, 1+1);
                                                 FD_CLR(pv[0], &readfrom);
                                         } else {
-#ifdef KERBEROS
-                                               if (encrypt)
+#ifdef CRYPT
+#ifdef KERBEROS
+                                               if (doencrypt)
                                                         (void)
                                                           des_write(s, buf, cc);
                                                 else
                                                         (void)
                                                           des_write(s, buf, cc);
                                                 else
+#endif
  #endif
                                                         (void)
                                                           write(s, buf, cc);
                                         }
                                 }
  #endif
                                                         (void)
                                                           write(s, buf, cc);
                                         }
                                 }
-#ifdef KERBEROS
-
-                               if (encrypt && FD_ISSET(pv1[0], &ready)) {
+#ifdef CRYPT
+#ifdef KERBEROS
+                               if (doencrypt && FD_ISSET(pv1[0], &ready)) {
                                         errno = 0;
                                         cc = read(pv1[0], buf, sizeof(buf));
                                         if (cc <= 0) {
                                         errno = 0;
                                         cc = read(pv1[0], buf, sizeof(buf));
                                         if (cc <= 0) {
@@ -546,7 +580,7 @@ fail:
                                                 (void) des_write(1, buf, cc);
                                 }
  
                                                 (void) des_write(1, buf, cc);
                                 }
  
-                               if (encrypt && FD_ISSET(pv2[0], &wready)) {
+                               if (doencrypt && FD_ISSET(pv2[0], &wready)) {
                                         errno = 0;
                                         cc = des_read(0, buf, sizeof(buf));
                                         if (cc <= 0) {
                                         errno = 0;
                                         cc = des_read(0, buf, sizeof(buf));
                                         if (cc <= 0) {
@@ -555,25 +589,30 @@ fail:
                                         } else
                                                 (void) write(pv2[0], buf, cc);
                                 }
                                         } else
                                                 (void) write(pv2[0], buf, cc);
                                 }
+#endif
  #endif
  
                         } while (FD_ISSET(s, &readfrom) ||
  #endif
  
                         } while (FD_ISSET(s, &readfrom) ||
-#ifdef KERBEROS
-                           (encrypt && FD_ISSET(pv1[0], &readfrom)) ||
+#ifdef CRYPT
+#ifdef KERBEROS
+                           (doencrypt && FD_ISSET(pv1[0], &readfrom)) ||
+#endif
  #endif
                             FD_ISSET(pv[0], &readfrom));
                         exit(0);
                 }
                 setpgrp(0, getpid());
                 (void) close(s); (void) close(pv[0]);
  #endif
                             FD_ISSET(pv[0], &readfrom));
                         exit(0);
                 }
                 setpgrp(0, getpid());
                 (void) close(s); (void) close(pv[0]);
-#ifdef KERBEROS
-               if (encrypt) {
+#ifdef CRYPT
+#ifdef KERBEROS
+               if (doencrypt) {
                         close(pv1[0]); close(pv2[0]);
                         dup2(pv1[1], 1);
                         dup2(pv2[1], 0);
                         close(pv1[1]);
                         close(pv2[1]);
                 }
                         close(pv1[0]); close(pv2[0]);
                         dup2(pv1[1], 1);
                         dup2(pv2[1], 0);
                         close(pv1[1]);
                         close(pv2[1]);
                 }
+#endif
  #endif
                 dup2(pv[1], 2);
                 close(pv[1]);
  #endif
                 dup2(pv[1], 2);
                 close(pv[1]);
@@ -589,6 +628,7 @@ fail:
         (void) setuid((uid_t)pwd->pw_uid);
         environ = envinit;
         strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
         (void) setuid((uid_t)pwd->pw_uid);
         environ = envinit;
         strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
+       strcat(path, _PATH_DEFPATH);
         strncat(shell, pwd->pw_shell, sizeof(shell)-7);
         strncat(username, pwd->pw_name, sizeof(username)-6);
         cp = rindex(pwd->pw_shell, '/');
         strncat(shell, pwd->pw_shell, sizeof(shell)-7);
         strncat(username, pwd->pw_name, sizeof(username)-6);
         cp = rindex(pwd->pw_shell, '/');