X-Git-Url: https://git.subgeniuskitty.com/unix-history/.git/blobdiff_plain/9e7d84e3df8c5a03ecfd64d73b24292322521952..bec8d58c692d252d93d5e2c9a3aa35d7ccaa6796:/usr/src/lib/libc/net/rcmd.c

diff --git a/usr/src/lib/libc/net/rcmd.c b/usr/src/lib/libc/net/rcmd.c
index 81a1b47da7..16c2cc62d9 100644
--- a/usr/src/lib/libc/net/rcmd.c
+++ b/usr/src/lib/libc/net/rcmd.c
@@ -1,12 +1,23 @@
 /*
  * Copyright (c) 1983 Regents of the University of California.
- * All rights reserved.  The Berkeley software License Agreement
- * specifies the terms and conditions for redistribution.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that the above copyright notice and this paragraph are
+ * duplicated in all such forms and that any documentation,
+ * advertising materials, and other materials related to such
+ * distribution and use acknowledge that the software was developed
+ * by the University of California, Berkeley.  The name of the
+ * University may not be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)rcmd.c	5.11 (Berkeley) %G%";
-#endif LIBC_SCCS and not lint
+static char sccsid[] = "@(#)rcmd.c	5.19 (Berkeley) %G%";
+#endif /* LIBC_SCCS and not lint */
 
 #include <stdio.h>
 #include <ctype.h>
@@ -23,7 +34,7 @@ static char sccsid[] = "@(#)rcmd.c	5.11 (Berkeley) %G%";
 #include <errno.h>
 
 extern	errno;
-char	*index(), *sprintf();
+char	*index();
 
 rcmd(ahost, rport, locuser, remuser, cmd, fd2p)
 	char **ahost;
@@ -31,7 +42,8 @@ rcmd(ahost, rport, locuser, remuser, cmd, fd2p)
 	char *locuser, *remuser, *cmd;
 	int *fd2p;
 {
-	int s, timo = 1, pid, oldmask;
+	int s, timo = 1, pid;
+	long oldmask;
 	struct sockaddr_in sin, sin2, from;
 	char c;
 	int lport = IPPORT_RESERVED - 1;
@@ -40,7 +52,7 @@ rcmd(ahost, rport, locuser, remuser, cmd, fd2p)
 	pid = getpid();
 	hp = gethostbyname(*ahost);
 	if (hp == 0) {
-		fprintf(stderr, "%s: unknown host\n", *ahost);
+		herror(*ahost);
 		return (-1);
 	}
 	*ahost = hp->h_name;
@@ -156,6 +168,7 @@ rresvport(alport)
 	int s;
 
 	sin.sin_family = AF_INET;
+	sin.sin_len = sizeof(sin);
 	sin.sin_addr.s_addr = INADDR_ANY;
 	s = socket(AF_INET, SOCK_STREAM, 0);
 	if (s < 0)
@@ -177,6 +190,8 @@ rresvport(alport)
 	}
 }
 
+int	_check_rhosts_file = 1;
+
 ruserok(rhost, superuser, ruser, luser)
 	char *rhost;
 	int superuser;
@@ -209,7 +224,7 @@ again:
 		}
 		(void) fclose(hostf);
 	}
-	if (first == 1) {
+	if (first == 1 && (_check_rhosts_file || superuser)) {
 		struct stat sbuf;
 		struct passwd *pwd;
 		char pbuf[MAXPATHLEN];
@@ -221,8 +236,13 @@ again:
 		(void)strcat(pbuf, "/.rhosts");
 		if ((hostf = fopen(pbuf, "r")) == NULL)
 			return(-1);
-		(void)fstat(fileno(hostf), &sbuf);
-		if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) {
+		/*
+		 * if owned by someone other than user or root or if
+		 * writeable by anyone but the owner, quit
+		 */
+		if (fstat(fileno(hostf), &sbuf) ||
+		    sbuf.st_uid && sbuf.st_uid != pwd->pw_uid ||
+		    sbuf.st_mode&022) {
 			fclose(hostf);
 			return(-1);
 		}
@@ -231,10 +251,11 @@ again:
 	return (-1);
 }
 
+static
 _validuser(hostf, rhost, luser, ruser, baselen)
-char *rhost, *luser, *ruser;
-FILE *hostf;
-int baselen;
+	char *rhost, *luser, *ruser;
+	FILE *hostf;
+	int baselen;
 {
 	char *user;
 	char ahost[MAXHOSTNAMELEN];
@@ -264,12 +285,14 @@ int baselen;
 	return (-1);
 }
 
+static
 _checkhost(rhost, lhost, len)
-char *rhost, *lhost;
-int len;
+	char *rhost, *lhost;
+	int len;
 {
 	static char ldomain[MAXHOSTNAMELEN + 1];
 	static char *domainp = NULL;
+	static int nodomain = 0;
 	register char *cp;
 
 	if (len == -1)
@@ -280,21 +303,21 @@ int len;
 		return(1);
 	if (*(lhost + len) != '\0')
 		return(0);
+	if (nodomain)
+		return(0);
 	if (!domainp) {
 		if (gethostname(ldomain, sizeof(ldomain)) == -1) {
-			domainp = (char *)1;
+			nodomain = 1;
 			return(0);
 		}
 		ldomain[MAXHOSTNAMELEN] = NULL;
-		if ((domainp = index(ldomain, '.') + 1) == (char *)1)
+		if ((domainp = index(ldomain, '.')) == (char *)NULL) {
+			nodomain = 1;
 			return(0);
-		cp = domainp;
-		while (*cp) {
-			*cp = isupper(*cp) ? tolower(*cp) : *cp;
-			cp++;
 		}
+		for (cp = ++domainp; *cp; ++cp)
+			if (isupper(*cp))
+				*cp = tolower(*cp);
 	}
-	if (domainp == (char *)1)
-		return(0);
 	return(!strcmp(domainp, rhost + len +1));
 }