| rsh.c (103131) | rsh.c (105269) |
|---|---|
| 1/*- 2 * Copyright (c) 1983, 1990, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * Copyright (c) 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * Portions of this software were developed for the FreeBSD Project by 8 * ThinkSec AS and NAI Labs, the Security Research Division of Network --- 35 unchanged lines hidden (view full) --- 44 The Regents of the University of California. All rights reserved.\n"; 45#endif /* not lint */ 46 47#ifndef lint 48static const char sccsid[] = "From: @(#)rsh.c 8.3 (Berkeley) 4/6/94"; 49#endif /* not lint */ 50 51#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1983, 1990, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * Copyright (c) 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * Portions of this software were developed for the FreeBSD Project by 8 * ThinkSec AS and NAI Labs, the Security Research Division of Network --- 35 unchanged lines hidden (view full) --- 44 The Regents of the University of California. All rights reserved.\n"; 45#endif /* not lint */ 46 47#ifndef lint 48static const char sccsid[] = "From: @(#)rsh.c 8.3 (Berkeley) 4/6/94"; 49#endif /* not lint */ 50 51#include <sys/cdefs.h> |
| 52__FBSDID("$FreeBSD: head/usr.bin/rsh/rsh.c 103131 2002-09-09 16:14:03Z nectar $"); | 52__FBSDID("$FreeBSD: head/usr.bin/rsh/rsh.c 105269 2002-10-16 16:10:46Z markm $"); |
| 53 54#include <sys/param.h> 55#include <sys/signal.h> 56#include <sys/socket.h> 57#include <sys/ioctl.h> 58#include <sys/file.h> 59#include <sys/time.h> 60 --- 7 unchanged lines hidden (view full) --- 68#include <pwd.h> 69#include <signal.h> 70#include <stdio.h> 71#include <stdlib.h> 72#include <string.h> 73#include <unistd.h> 74#include <err.h> 75 | 53 54#include <sys/param.h> 55#include <sys/signal.h> 56#include <sys/socket.h> 57#include <sys/ioctl.h> 58#include <sys/file.h> 59#include <sys/time.h> 60 --- 7 unchanged lines hidden (view full) --- 68#include <pwd.h> 69#include <signal.h> 70#include <stdio.h> 71#include <stdlib.h> 72#include <string.h> 73#include <unistd.h> 74#include <err.h> 75 |
| 76#ifdef KERBEROS 77#include <openssl/des.h> 78#include <krb.h> 79#include "krb.h" 80 81CREDENTIALS cred; 82Key_schedule schedule; 83int use_kerberos = 1, doencrypt; 84char dst_realm_buf[REALM_SZ], *dest_realm; 85extern char *krb_realmofhost(); 86#endif 87 | |
| 88/* 89 * rsh - remote shell 90 */ 91int rfd2; 92 93int family = PF_UNSPEC; 94char rlogin[] = "rlogin"; 95 --- 9 unchanged lines hidden (view full) --- 105 struct passwd const *pw; 106 struct servent const *sp; 107 long omask; 108 int argoff, asrsh, ch, dflag, nflag, one, rem; 109 pid_t pid = 0; 110 uid_t uid; 111 char *args, *host, *p, *user; 112 int timeout = 0; | 76/* 77 * rsh - remote shell 78 */ 79int rfd2; 80 81int family = PF_UNSPEC; 82char rlogin[] = "rlogin"; 83 --- 9 unchanged lines hidden (view full) --- 93 struct passwd const *pw; 94 struct servent const *sp; 95 long omask; 96 int argoff, asrsh, ch, dflag, nflag, one, rem; 97 pid_t pid = 0; 98 uid_t uid; 99 char *args, *host, *p, *user; 100 int timeout = 0; |
| 113#ifdef KERBEROS 114 const char *k; 115#endif | |
| 116 117 argoff = asrsh = dflag = nflag = 0; 118 one = 1; 119 host = user = NULL; 120 121 /* if called as something other than "rsh", use it as the host name */ 122 if ((p = strrchr(argv[0], '/'))) 123 ++p; --- 5 unchanged lines hidden (view full) --- 129 asrsh = 1; 130 131 /* handle "rsh host flags" */ 132 if (!host && argc > 2 && argv[1][0] != '-') { 133 host = argv[1]; 134 argoff = 1; 135 } 136 | 101 102 argoff = asrsh = dflag = nflag = 0; 103 one = 1; 104 host = user = NULL; 105 106 /* if called as something other than "rsh", use it as the host name */ 107 if ((p = strrchr(argv[0], '/'))) 108 ++p; --- 5 unchanged lines hidden (view full) --- 114 asrsh = 1; 115 116 /* handle "rsh host flags" */ 117 if (!host && argc > 2 && argv[1][0] != '-') { 118 host = argv[1]; 119 argoff = 1; 120 } 121 |
| 137#ifdef KERBEROS 138#ifdef CRYPT 139#define OPTIONS "468KLde:k:l:nt:wx" 140#else 141#define OPTIONS "468KLde:k:l:nt:w" 142#endif 143#else | |
| 144#define OPTIONS "468KLde:l:nt:w" | 122#define OPTIONS "468KLde:l:nt:w" |
| 145#endif | |
| 146 while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1) 147 switch(ch) { 148 case '4': 149 family = PF_INET; 150 break; 151 152 case '6': 153 family = PF_INET6; 154 break; 155 | 123 while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1) 124 switch(ch) { 125 case '4': 126 family = PF_INET; 127 break; 128 129 case '6': 130 family = PF_INET6; 131 break; 132 |
| 156 case 'K': 157#ifdef KERBEROS 158 use_kerberos = 0; 159#endif 160 break; | |
| 161 case 'L': /* -8Lew are ignored to allow rlogin aliases */ 162 case 'e': 163 case 'w': 164 case '8': 165 break; 166 case 'd': 167 dflag = 1; 168 break; 169 case 'l': 170 user = optarg; 171 break; | 133 case 'L': /* -8Lew are ignored to allow rlogin aliases */ 134 case 'e': 135 case 'w': 136 case '8': 137 break; 138 case 'd': 139 dflag = 1; 140 break; 141 case 'l': 142 user = optarg; 143 break; |
| 172#ifdef KERBEROS 173 case 'k': 174 dest_realm = dst_realm_buf; 175 strncpy(dest_realm, optarg, REALM_SZ); 176 break; 177#endif | |
| 178 case 'n': 179 nflag = 1; 180 break; | 144 case 'n': 145 nflag = 1; 146 break; |
| 181#ifdef KERBEROS 182#ifdef CRYPT 183 case 'x': 184 doencrypt = 1; 185 break; 186#endif 187#endif | |
| 188 case 't': 189 timeout = atoi(optarg); 190 break; 191 case '?': 192 default: 193 usage(); 194 } 195 optind += argoff; --- 13 unchanged lines hidden (view full) --- 209 argc -= optind; 210 argv += optind; 211 212 if (!(pw = getpwuid(uid = getuid()))) 213 errx(1, "unknown user id"); 214 if (!user) 215 user = pw->pw_name; 216 | 147 case 't': 148 timeout = atoi(optarg); 149 break; 150 case '?': 151 default: 152 usage(); 153 } 154 optind += argoff; --- 13 unchanged lines hidden (view full) --- 168 argc -= optind; 169 argv += optind; 170 171 if (!(pw = getpwuid(uid = getuid()))) 172 errx(1, "unknown user id"); 173 if (!user) 174 user = pw->pw_name; 175 |
| 217#ifdef KERBEROS 218#ifdef CRYPT 219 /* -x turns off -n */ 220 if (doencrypt) 221 nflag = 0; 222#endif 223#endif 224 | |
| 225 args = copyargs(argv); 226 227 sp = NULL; | 176 args = copyargs(argv); 177 178 sp = NULL; |
| 228#ifdef KERBEROS 229 k = auth_getval("auth_list"); 230 if (k && !strstr(k, "kerberos")) 231 use_kerberos = 0; 232 if (use_kerberos) { 233 sp = getservbyname((doencrypt ? "ekshell" : "kshell"), "tcp"); 234 if (sp == NULL) { 235 use_kerberos = 0; 236 warnx( 237 "warning, using standard rsh: can't get entry for %s/tcp service", 238 doencrypt ? "ekshell" : "kshell"); 239 } 240 } 241#endif | |
| 242 if (sp == NULL) 243 sp = getservbyname("shell", "tcp"); 244 if (sp == NULL) 245 errx(1, "shell/tcp: unknown service"); 246 | 179 if (sp == NULL) 180 sp = getservbyname("shell", "tcp"); 181 if (sp == NULL) 182 errx(1, "shell/tcp: unknown service"); 183 |
| 247#ifdef KERBEROS 248try_connect: 249 if (use_kerberos) { 250 struct hostent *hp; 251 252 /* fully qualify hostname (needed for krb_realmofhost) */ 253 hp = gethostbyname(host); 254 if (hp != NULL && !(host = strdup(hp->h_name))) 255 err(1, NULL); 256 257 rem = KSUCCESS; 258 errno = 0; 259 if (dest_realm == NULL) 260 dest_realm = krb_realmofhost(host); 261 262#ifdef CRYPT 263 if (doencrypt) { 264 rem = krcmd_mutual(&host, sp->s_port, user, args, 265 &rfd2, dest_realm, &cred, schedule); 266 des_set_key(&cred.session, schedule); 267 } else 268#endif 269 rem = krcmd(&host, sp->s_port, user, args, &rfd2, 270 dest_realm); 271 if (rem < 0) { 272 use_kerberos = 0; 273 sp = getservbyname("shell", "tcp"); 274 if (sp == NULL) 275 errx(1, "shell/tcp: unknown service"); 276 if (errno == ECONNREFUSED) 277 warnx( 278 "warning, using standard rsh: remote host doesn't support Kerberos"); 279 if (errno == ENOENT) 280 warnx( 281 "warning, using standard rsh: can't provide Kerberos auth data"); 282 goto try_connect; 283 } 284 } else { 285 if (doencrypt) 286 errx(1, "the -x flag requires Kerberos authentication"); 287 rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args, 288 &rfd2, family); 289 } 290#else | |
| 291 if (timeout) { 292 signal(SIGALRM, connect_timeout); 293 alarm(timeout); 294 } 295 rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args, &rfd2, 296 family); 297 if (timeout) { 298 signal(SIGALRM, SIG_DFL); 299 alarm(0); 300 } | 184 if (timeout) { 185 signal(SIGALRM, connect_timeout); 186 alarm(timeout); 187 } 188 rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args, &rfd2, 189 family); 190 if (timeout) { 191 signal(SIGALRM, SIG_DFL); 192 alarm(0); 193 } |
| 301#endif | |
| 302 303 if (rem < 0) 304 exit(1); 305 306 if (rfd2 < 0) 307 errx(1, "can't establish stderr"); 308 if (dflag) { 309 if (setsockopt(rem, SOL_SOCKET, SO_DEBUG, &one, --- 16 unchanged lines hidden (view full) --- 326 if (!nflag) { 327 pid = fork(); 328 if (pid < 0) 329 err(1, "fork"); 330 } 331 else 332 (void)shutdown(rem, 1); 333 | 194 195 if (rem < 0) 196 exit(1); 197 198 if (rfd2 < 0) 199 errx(1, "can't establish stderr"); 200 if (dflag) { 201 if (setsockopt(rem, SOL_SOCKET, SO_DEBUG, &one, --- 16 unchanged lines hidden (view full) --- 218 if (!nflag) { 219 pid = fork(); 220 if (pid < 0) 221 err(1, "fork"); 222 } 223 else 224 (void)shutdown(rem, 1); 225 |
| 334#ifdef KERBEROS 335#ifdef CRYPT 336 if (!doencrypt) 337#endif 338#endif 339 { 340 (void)ioctl(rfd2, FIONBIO, &one); 341 (void)ioctl(rem, FIONBIO, &one); 342 } | 226 (void)ioctl(rfd2, FIONBIO, &one); 227 (void)ioctl(rem, FIONBIO, &one); |
| 343 344 talk(nflag, omask, pid, rem, timeout); 345 346 if (!nflag) 347 (void)kill(pid, SIGKILL); 348 exit(0); 349} 350 --- 23 unchanged lines hidden (view full) --- 374 nfds = rem + 1; 375 if (select(nfds, 0, &rembits, 0, 0) < 0) { 376 if (errno != EINTR) 377 err(1, "select"); 378 goto rewrite; 379 } 380 if (!FD_ISSET(rem, &rembits)) 381 goto rewrite; | 228 229 talk(nflag, omask, pid, rem, timeout); 230 231 if (!nflag) 232 (void)kill(pid, SIGKILL); 233 exit(0); 234} 235 --- 23 unchanged lines hidden (view full) --- 259 nfds = rem + 1; 260 if (select(nfds, 0, &rembits, 0, 0) < 0) { 261 if (errno != EINTR) 262 err(1, "select"); 263 goto rewrite; 264 } 265 if (!FD_ISSET(rem, &rembits)) 266 goto rewrite; |
| 382#ifdef KERBEROS 383#ifdef CRYPT 384 if (doencrypt) 385 wc = des_enc_write(rem, bp, cc, schedule, &cred.session); 386 else 387#endif 388#endif 389 wc = write(rem, bp, cc); | 267 wc = write(rem, bp, cc); |
| 390 if (wc < 0) { 391 if (errno == EWOULDBLOCK) 392 goto rewrite; 393 goto done; 394 } 395 bp += wc; 396 cc -= wc; 397 if (cc == 0) --- 26 unchanged lines hidden (view full) --- 424 if (errno != EINTR) 425 err(1, "select"); 426 continue; 427 } 428 if (srval == 0) 429 errx(1, "timeout reached (%d seconds)\n", timeout); 430 if (FD_ISSET(rfd2, &ready)) { 431 errno = 0; | 268 if (wc < 0) { 269 if (errno == EWOULDBLOCK) 270 goto rewrite; 271 goto done; 272 } 273 bp += wc; 274 cc -= wc; 275 if (cc == 0) --- 26 unchanged lines hidden (view full) --- 302 if (errno != EINTR) 303 err(1, "select"); 304 continue; 305 } 306 if (srval == 0) 307 errx(1, "timeout reached (%d seconds)\n", timeout); 308 if (FD_ISSET(rfd2, &ready)) { 309 errno = 0; |
| 432#ifdef KERBEROS 433#ifdef CRYPT 434 if (doencrypt) 435 cc = des_enc_read(rfd2, buf, sizeof buf, schedule, &cred.session); 436 else 437#endif 438#endif 439 cc = read(rfd2, buf, sizeof buf); | 310 cc = read(rfd2, buf, sizeof buf); |
| 440 if (cc <= 0) { 441 if (errno != EWOULDBLOCK) 442 FD_CLR(rfd2, &readfrom); 443 } else 444 (void)write(STDERR_FILENO, buf, cc); 445 } 446 if (FD_ISSET(rem, &ready)) { 447 errno = 0; | 311 if (cc <= 0) { 312 if (errno != EWOULDBLOCK) 313 FD_CLR(rfd2, &readfrom); 314 } else 315 (void)write(STDERR_FILENO, buf, cc); 316 } 317 if (FD_ISSET(rem, &ready)) { 318 errno = 0; |
| 448#ifdef KERBEROS 449#ifdef CRYPT 450 if (doencrypt) 451 cc = des_enc_read(rem, buf, sizeof buf, schedule, &cred.session); 452 else 453#endif 454#endif 455 cc = read(rem, buf, sizeof buf); | 319 cc = read(rem, buf, sizeof buf); |
| 456 if (cc <= 0) { 457 if (errno != EWOULDBLOCK) 458 FD_CLR(rem, &readfrom); 459 } else 460 (void)write(STDOUT_FILENO, buf, cc); 461 } 462 } while (FD_ISSET(rfd2, &readfrom) || FD_ISSET(rem, &readfrom)); 463} --- 8 unchanged lines hidden (view full) --- 472} 473 474void 475sendsig(int sig) 476{ 477 char signo; 478 479 signo = sig; | 320 if (cc <= 0) { 321 if (errno != EWOULDBLOCK) 322 FD_CLR(rem, &readfrom); 323 } else 324 (void)write(STDOUT_FILENO, buf, cc); 325 } 326 } while (FD_ISSET(rfd2, &readfrom) || FD_ISSET(rem, &readfrom)); 327} --- 8 unchanged lines hidden (view full) --- 336} 337 338void 339sendsig(int sig) 340{ 341 char signo; 342 343 signo = sig; |
| 480#ifdef KERBEROS 481#ifdef CRYPT 482 if (doencrypt) 483 (void)des_enc_write(rfd2, &signo, 1, schedule, &cred.session); 484 else 485#endif 486#endif 487 (void)write(rfd2, &signo, 1); | 344 (void)write(rfd2, &signo, 1); |
| 488} 489 490char * 491copyargs(char * const *argv) 492{ 493 int cc; 494 char *args, *p; 495 char * const *ap; --- 12 unchanged lines hidden (view full) --- 508 return (args); 509} 510 511void 512usage(void) 513{ 514 515 (void)fprintf(stderr, | 345} 346 347char * 348copyargs(char * const *argv) 349{ 350 int cc; 351 char *args, *p; 352 char * const *ap; --- 12 unchanged lines hidden (view full) --- 365 return (args); 366} 367 368void 369usage(void) 370{ 371 372 (void)fprintf(stderr, |
| 516 "usage: rsh [-46] [-ndK%s]%s[-l login] [-t timeout] host [command]\n", 517#ifdef KERBEROS 518#ifdef CRYPT 519 "x", " [-k realm] "); 520#else 521 "", " [-k realm] "); 522#endif 523#else 524 "", " "); 525#endif | 373 "usage: rsh [-46] [-nd] [-l login] [-t timeout] host [command]\n"); |
| 526 exit(1); 527} | 374 exit(1); 375} |