summaryrefslogtreecommitdiffstats
path: root/c/src/exec/libnetworking/libc/rcmd.c
diff options
context:
space:
mode:
Diffstat (limited to 'c/src/exec/libnetworking/libc/rcmd.c')
-rw-r--r--c/src/exec/libnetworking/libc/rcmd.c544
1 files changed, 0 insertions, 544 deletions
diff --git a/c/src/exec/libnetworking/libc/rcmd.c b/c/src/exec/libnetworking/libc/rcmd.c
deleted file mode 100644
index 8dd4d0cbe2..0000000000
--- a/c/src/exec/libnetworking/libc/rcmd.c
+++ /dev/null
@@ -1,544 +0,0 @@
-/*
- * Copyright (c) 1983, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id$
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)rcmd.c 8.3 (Berkeley) 3/26/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include <sys/param.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-
-#include <netinet/in.h>
-#include <arpa/inet.h>
-
-#include <signal.h>
-#include <fcntl.h>
-#include <netdb.h>
-#include <unistd.h>
-#include <pwd.h>
-#include <errno.h>
-#include <stdio.h>
-#include <ctype.h>
-#include <string.h>
-#ifdef YP
-#include <rpc/rpc.h>
-#include <rpcsvc/yp_prot.h>
-#include <rpcsvc/ypclnt.h>
-#endif
-
-
-#define max(a, b) ((a > b) ? a : b)
-
-#ifdef __rtems__
-int rresvport();
-#define bzero(a,s) memset((a),0,(s))
-#define bcmp memcmp
-#define bcopy(s,d,i) memcpy(d,s,i)
-#else /* __rtems__ */
-
-extern int innetgr __P(( const char *, const char *, const char *, const char * ));
-
-int __ivaliduser __P((FILE *, u_long, const char *, const char *));
-static int __icheckhost __P((u_long, char *));
-
-#endif
-
-int
-rcmd(ahost, rport, locuser, remuser, cmd, fd2p)
- char **ahost;
- u_short rport;
- const char *locuser, *remuser, *cmd;
- int *fd2p;
-{
- struct hostent *hp;
- struct sockaddr_in sin, from;
- fd_set reads;
-#ifndef __rtems__
- long oldmask;
-#endif
- pid_t pid;
- int s, lport, timo;
- char c;
-
- pid = getpid();
- hp = gethostbyname(*ahost);
- if (hp == NULL) {
- herror(*ahost);
- return (-1);
- }
- *ahost = hp->h_name;
-#ifndef __rtems__
- oldmask = sigblock(sigmask(SIGURG));
-#endif
- for (timo = 1, lport = IPPORT_RESERVED - 1;;) {
- s = rresvport(&lport);
- if (s < 0) {
- if (errno == EAGAIN)
- (void)fprintf(stderr,
- "rcmd: socket: All ports in use\n");
- else
- (void)fprintf(stderr, "rcmd: socket: %s\n",
- strerror(errno));
-#ifndef __rtems__
- sigsetmask(oldmask);
-#endif
- return (-1);
- }
- fcntl(s, F_SETOWN, pid);
- bzero(&sin, sizeof sin);
- sin.sin_len = sizeof(struct sockaddr_in);
- sin.sin_family = hp->h_addrtype;
- sin.sin_port = rport;
- bcopy(hp->h_addr_list[0], &sin.sin_addr, MIN(hp->h_length, sizeof sin.sin_addr));
- if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
- break;
- (void)close(s);
- if (errno == EADDRINUSE) {
- lport--;
- continue;
- }
- if (errno == ECONNREFUSED && timo <= 16) {
- (void)sleep(timo);
- timo *= 2;
- continue;
- }
- if (hp->h_addr_list[1] != NULL) {
- int oerrno = errno;
-
- (void)fprintf(stderr, "connect to address %s: ",
- inet_ntoa(sin.sin_addr));
- errno = oerrno;
- perror(0);
- hp->h_addr_list++;
- bcopy(hp->h_addr_list[0], &sin.sin_addr, MIN(hp->h_length, sizeof sin.sin_addr));
- (void)fprintf(stderr, "Trying %s...\n",
- inet_ntoa(sin.sin_addr));
- continue;
- }
- (void)fprintf(stderr, "%s: %s\n", hp->h_name, strerror(errno));
-#ifndef __rtems__
- sigsetmask(oldmask);
-#endif
- return (-1);
- }
- lport--;
- if (fd2p == 0) {
- write(s, "", 1);
- lport = 0;
- } else {
- char num[8];
- int s2 = rresvport(&lport), s3;
- int len = sizeof(from);
- int nfds;
-
- if (s2 < 0)
- goto bad;
- listen(s2, 1);
- (void)snprintf(num, sizeof(num), "%d", lport);
- if (write(s, num, strlen(num)+1) != strlen(num)+1) {
- (void)fprintf(stderr,
- "rcmd: write (setting up stderr): %s\n",
- strerror(errno));
- (void)close(s2);
- goto bad;
- }
- nfds = max(s, s2)+1;
- if(nfds > FD_SETSIZE) {
- fprintf(stderr, "rcmd: too many files\n");
- (void)close(s2);
- goto bad;
- }
-again:
- FD_ZERO(&reads);
- FD_SET(s, &reads);
- FD_SET(s2, &reads);
- errno = 0;
- if (select(nfds, &reads, 0, 0, 0) < 1 || !FD_ISSET(s2, &reads)){
- if (errno != 0)
- (void)fprintf(stderr,
- "rcmd: select (setting up stderr): %s\n",
- strerror(errno));
- else
- (void)fprintf(stderr,
- "select: protocol failure in circuit setup\n");
- (void)close(s2);
- goto bad;
- }
- s3 = accept(s2, (struct sockaddr *)&from, &len);
- /*
- * XXX careful for ftp bounce attacks. If discovered, shut them
- * down and check for the real auxiliary channel to connect.
- */
- if (from.sin_family == AF_INET && from.sin_port == htons(20)) {
- close(s3);
- goto again;
- }
- (void)close(s2);
- if (s3 < 0) {
- (void)fprintf(stderr,
- "rcmd: accept: %s\n", strerror(errno));
- lport = 0;
- goto bad;
- }
- *fd2p = s3;
- from.sin_port = ntohs((u_short)from.sin_port);
- if (from.sin_family != AF_INET ||
- from.sin_port >= IPPORT_RESERVED ||
- from.sin_port < IPPORT_RESERVED / 2) {
- (void)fprintf(stderr,
- "socket: protocol failure in circuit setup.\n");
- goto bad2;
- }
- }
- (void)write(s, locuser, strlen(locuser)+1);
- (void)write(s, remuser, strlen(remuser)+1);
- (void)write(s, cmd, strlen(cmd)+1);
- if (read(s, &c, 1) != 1) {
- (void)fprintf(stderr,
- "rcmd: %s: %s\n", *ahost, strerror(errno));
- goto bad2;
- }
- if (c != 0) {
- while (read(s, &c, 1) == 1) {
- (void)write(STDERR_FILENO, &c, 1);
- if (c == '\n')
- break;
- }
- goto bad2;
- }
-#ifndef __rtems__
- sigsetmask(oldmask);
-#endif
- return (s);
-bad2:
- if (lport)
- (void)close(*fd2p);
-bad:
- (void)close(s);
-#ifndef __rtems__
- sigsetmask(oldmask);
-#endif
- return (-1);
-}
-
-int
-rresvport(alport)
- int *alport;
-{
- struct sockaddr_in sin;
- int s;
-
- bzero(&sin, sizeof sin);
- sin.sin_len = sizeof(struct sockaddr_in);
- sin.sin_family = AF_INET;
- sin.sin_addr.s_addr = INADDR_ANY;
- s = socket(AF_INET, SOCK_STREAM, 0);
- if (s < 0)
- return (-1);
-#if 0 /* compat_exact_traditional_rresvport_semantics */
- sin.sin_port = htons((u_short)*alport);
- if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
- return (s);
- if (errno != EADDRINUSE) {
- (void)close(s);
- return (-1);
- }
-#endif
- sin.sin_port = 0;
- if (bindresvport(s, &sin) == -1) {
- (void)close(s);
- return (-1);
- }
- *alport = (int)ntohs(sin.sin_port);
- return (s);
-}
-
-#ifndef __rtems__
-int __check_rhosts_file = 1;
-char *__rcmd_errstr;
-
-int
-ruserok(rhost, superuser, ruser, luser)
- const char *rhost, *ruser, *luser;
- int superuser;
-{
- struct hostent *hp;
- u_long addr;
- char **ap;
-
- if ((hp = gethostbyname(rhost)) == NULL)
- return (-1);
- for (ap = hp->h_addr_list; *ap; ++ap) {
- bcopy(*ap, &addr, sizeof(addr));
- if (iruserok(addr, superuser, ruser, luser) == 0)
- return (0);
- }
- return (-1);
-}
-
-/*
- * New .rhosts strategy: We are passed an ip address. We spin through
- * hosts.equiv and .rhosts looking for a match. When the .rhosts only
- * has ip addresses, we don't have to trust a nameserver. When it
- * contains hostnames, we spin through the list of addresses the nameserver
- * gives us and look for a match.
- *
- * Returns 0 if ok, -1 if not ok.
- */
-int
-iruserok(raddr, superuser, ruser, luser)
- u_long raddr;
- int superuser;
- const char *ruser, *luser;
-{
- register char *cp;
- struct stat sbuf;
- struct passwd *pwd;
- FILE *hostf;
- uid_t uid;
- int first;
- char pbuf[MAXPATHLEN];
-
- first = 1;
- hostf = superuser ? NULL : fopen(_PATH_HEQUIV, "r");
-again:
- if (hostf) {
- if (__ivaliduser(hostf, raddr, luser, ruser) == 0) {
- (void)fclose(hostf);
- return (0);
- }
- (void)fclose(hostf);
- }
- if (first == 1 && (__check_rhosts_file || superuser)) {
- first = 0;
- if ((pwd = getpwnam(luser)) == NULL)
- return (-1);
- (void)strcpy(pbuf, pwd->pw_dir);
- (void)strcat(pbuf, "/.rhosts");
-
- /*
- * Change effective uid while opening .rhosts. If root and
- * reading an NFS mounted file system, can't read files that
- * are protected read/write owner only.
- */
- uid = geteuid();
- (void)seteuid(pwd->pw_uid);
- hostf = fopen(pbuf, "r");
- (void)seteuid(uid);
-
- if (hostf == NULL)
- return (-1);
- /*
- * If not a regular file, or is owned by someone other than
- * user or root or if writeable by anyone but the owner, quit.
- */
- cp = NULL;
- if (lstat(pbuf, &sbuf) < 0)
- cp = ".rhosts lstat failed";
- else if (!S_ISREG(sbuf.st_mode))
- cp = ".rhosts not regular file";
- else if (fstat(fileno(hostf), &sbuf) < 0)
- cp = ".rhosts fstat failed";
- else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid)
- cp = "bad .rhosts owner";
- else if (sbuf.st_mode & (S_IWGRP|S_IWOTH))
- cp = ".rhosts writeable by other than owner";
- /* If there were any problems, quit. */
- if (cp) {
- __rcmd_errstr = cp;
- (void)fclose(hostf);
- return (-1);
- }
- goto again;
- }
- return (-1);
-}
-
-/*
- * XXX
- * Don't make static, used by lpd(8).
- *
- * Returns 0 if ok, -1 if not ok.
- */
-int
-__ivaliduser(hostf, raddr, luser, ruser)
- FILE *hostf;
- u_long raddr;
- const char *luser, *ruser;
-{
- register char *user, *p;
- int ch;
- char buf[MAXHOSTNAMELEN + 128]; /* host + login */
- char hname[MAXHOSTNAMELEN];
- struct hostent *hp;
- /* Presumed guilty until proven innocent. */
- int userok = 0, hostok = 0;
-#ifdef YP
- char *ypdomain;
-
- if (yp_get_default_domain(&ypdomain))
- ypdomain = NULL;
-#else
-#define ypdomain NULL
-#endif
- /* We need to get the damn hostname back for netgroup matching. */
- if ((hp = gethostbyaddr((char *)&raddr, sizeof(u_long),
- AF_INET)) == NULL)
- return (-1);
- strncpy(hname, hp->h_name, sizeof(hname));
- hname[sizeof(hname) - 1] = '\0';
-
- while (fgets(buf, sizeof(buf), hostf)) {
- p = buf;
- /* Skip lines that are too long. */
- if (strchr(p, '\n') == NULL) {
- while ((ch = getc(hostf)) != '\n' && ch != EOF);
- continue;
- }
- if (*p == '\n' || *p == '#') {
- /* comment... */
- continue;
- }
- while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') {
- *p = isupper(*p) ? tolower(*p) : *p;
- p++;
- }
- if (*p == ' ' || *p == '\t') {
- *p++ = '\0';
- while (*p == ' ' || *p == '\t')
- p++;
- user = p;
- while (*p != '\n' && *p != ' ' &&
- *p != '\t' && *p != '\0')
- p++;
- } else
- user = p;
- *p = '\0';
- /*
- * Do +/- and +@/-@ checking. This looks really nasty,
- * but it matches SunOS's behavior so far as I can tell.
- */
- switch(buf[0]) {
- case '+':
- if (!buf[1]) { /* '+' matches all hosts */
- hostok = 1;
- break;
- }
- if (buf[1] == '@') /* match a host by netgroup */
- hostok = innetgr((char *)&buf[2],
- (char *)&hname, NULL, ypdomain);
- else /* match a host by addr */
- hostok = __icheckhost(raddr,(char *)&buf[1]);
- break;
- case '-': /* reject '-' hosts and all their users */
- if (buf[1] == '@') {
- if (innetgr((char *)&buf[2],
- (char *)&hname, NULL, ypdomain))
- return(-1);
- } else {
- if (__icheckhost(raddr,(char *)&buf[1]))
- return(-1);
- }
- break;
- default: /* if no '+' or '-', do a simple match */
- hostok = __icheckhost(raddr, buf);
- break;
- }
- switch(*user) {
- case '+':
- if (!*(user+1)) { /* '+' matches all users */
- userok = 1;
- break;
- }
- if (*(user+1) == '@') /* match a user by netgroup */
- userok = innetgr(user+2, NULL, ruser, ypdomain);
- else /* match a user by direct specification */
- userok = !(strcmp(ruser, user+1));
- break;
- case '-': /* if we matched a hostname, */
- if (hostok) { /* check for user field rejections */
- if (!*(user+1))
- return(-1);
- if (*(user+1) == '@') {
- if (innetgr(user+2, NULL,
- ruser, ypdomain))
- return(-1);
- } else {
- if (!strcmp(ruser, user+1))
- return(-1);
- }
- }
- break;
- default: /* no rejections: try to match the user */
- if (hostok)
- userok = !(strcmp(ruser,*user ? user : luser));
- break;
- }
- if (hostok && userok)
- return(0);
- }
- return (-1);
-}
-
-/*
- * Returns "true" if match, 0 if no match.
- */
-static int
-__icheckhost(raddr, lhost)
- u_long raddr;
- register char *lhost;
-{
- register struct hostent *hp;
- register u_long laddr;
- register char **pp;
-
- /* Try for raw ip address first. */
- if (isdigit(*lhost) && (long)(laddr = inet_addr(lhost)) != -1)
- return (raddr == laddr);
-
- /* Better be a hostname. */
- if ((hp = gethostbyname(lhost)) == NULL)
- return (0);
-
- /* Spin through ip addresses. */
- for (pp = hp->h_addr_list; *pp; ++pp)
- if (!bcmp(&raddr, *pp, sizeof(u_long)))
- return (1);
-
- /* No match. */
- return (0);
-}
-#endif