1/*-
2 * Copyright (c) 1983, 1988, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
--- 28 unchanged lines hidden (view full) ---
37 The Regents of the University of California. All rights reserved.\n";
38#endif /* not lint */
39
40#ifndef lint
41#if 0
42static const char sccsid[] = "@(#)rlogind.c 8.1 (Berkeley) 6/4/93";
43#endif
44static const char rcsid[] =
45 "$FreeBSD: head/libexec/rlogind/rlogind.c 51433 1999-09-19 22:05:32Z markm $";
46#endif /* not lint */
47
48/*
49 * remote login server:
50 * \0
51 * remuser\0
52 * locuser\0
53 * terminal_type/speed\0
--- 32 unchanged lines hidden (view full) ---
86#endif
87
88#ifndef TIOCPKT_WINDOW
89#define TIOCPKT_WINDOW 0x80
90#endif
91
92#define ARGSTR "Dalnx"
93
94char *env[2];
95#define NMAX 30
96char lusername[NMAX+1], rusername[NMAX+1];
97static char term[64] = "TERM=";
98#define ENVSIZE (sizeof("TERM=")-1) /* skip null for concatenation */
99int keepalive = 1;
100int check_all = 0;
101int no_delay;
102
103struct passwd *pwd;
104
105void doit __P((int, struct sockaddr_in *));
106int control __P((int, char *, int));
107void protocol __P((int, int));
108void cleanup __P((int));
109void fatal __P((int, char *, int));
110int do_rlogin __P((struct sockaddr_in *));
111void getstr __P((char *, int, char *));
112void setup_term __P((int));
113int do_krb_login __P((struct sockaddr_in *));
114void usage __P((void));
115
116#ifndef NO_PAM
117extern int auth_pam __P((char *));
118#endif
119
120int
121main(argc, argv)
122 int argc;
123 char *argv[];
124{
125 extern int __check_rhosts_file;
126 struct sockaddr_in from;
127 int ch, fromlen, on;
128
129 openlog("rlogind", LOG_PID | LOG_CONS, LOG_AUTH);
130
131 opterr = 0;
132 while ((ch = getopt(argc, argv, ARGSTR)) != -1)
133 switch (ch) {
134 case 'D':
--- 28 unchanged lines hidden (view full) ---
163 }
164 on = 1;
165 if (keepalive &&
166 setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof (on)) < 0)
167 syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
168 if (no_delay &&
169 setsockopt(0, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) < 0)
170 syslog(LOG_WARNING, "setsockopt (TCP_NODELAY): %m");
171 on = IPTOS_LOWDELAY;
172 if (setsockopt(0, IPPROTO_IP, IP_TOS, (char *)&on, sizeof(int)) < 0)
173 syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
174
175 doit(0, &from);
176 return 0;
177}
178
179int child;
180int netf;
181char line[MAXPATHLEN];
182int confirmed;
183
184struct winsize win = { 0, 0, 0, 0 };
185
186
187void
188doit(f, fromp)
189 int f;
190 struct sockaddr_in *fromp;
191{
192 int master, pid, on = 1;
193 int authenticated = 0;
194 char hostname[MAXHOSTNAMELEN];
195 char c;
196
197 alarm(60);
198 read(f, &c, 1);
199
200 if (c != 0)
201 exit(1);
202
203 alarm(0);
204 fromp->sin_port = ntohs((u_short)fromp->sin_port);
205 realhostname(hostname, sizeof(hostname) - 1, &fromp->sin_addr);
206 hostname[sizeof(hostname) - 1] = '\0';
207
208 {
209 if (fromp->sin_family != AF_INET ||
210 fromp->sin_port >= IPPORT_RESERVED ||
211 fromp->sin_port < IPPORT_RESERVED/2) {
212 syslog(LOG_NOTICE, "Connection from %s on illegal port",
213 inet_ntoa(fromp->sin_addr));
214 fatal(f, "Permission denied", 0);
215 }
216#ifdef IP_OPTIONS
217 {
218 u_char optbuf[BUFSIZ/3];
219 int optsize = sizeof(optbuf), ipproto, i;
220 struct protoent *ip;
221
222 if ((ip = getprotobyname("ip")) != NULL)
223 ipproto = ip->p_proto;
224 else
225 ipproto = IPPROTO_IP;
226 if (getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf,
227 &optsize) == 0 && optsize != 0) {
228 for (i = 0; i < optsize; ) {
229 u_char c = optbuf[i];
230 if (c == IPOPT_LSRR || c == IPOPT_SSRR) {
231 syslog(LOG_NOTICE,
232 "Connection refused from %s with IP option %s",
233 inet_ntoa(fromp->sin_addr),
234 c == IPOPT_LSRR ? "LSRR" : "SSRR");
235 exit(1);
236 }
237 if (c == IPOPT_EOL)
238 break;
239 i += (c == IPOPT_NOP) ? 1 : optbuf[i+1];
240 }
241 }
242 }
243#endif
244 if (do_rlogin(fromp) == 0)
245 authenticated++;
246 }
247 if (confirmed == 0) {
248 write(f, "", 1);
249 confirmed = 1; /* we sent the null! */
250 }
--- 277 unchanged lines hidden (view full) ---
528 else
529 len = sprintf(bp, "rlogind: %s.\r\n", msg);
530 (void) write(f, buf, bp + len - buf);
531 exit(1);
532}
533
534int
535do_rlogin(dest)
536 struct sockaddr_in *dest;
537{
538 int retval;
539
540 getstr(rusername, sizeof(rusername), "remuser too long");
541 getstr(lusername, sizeof(lusername), "locuser too long");
542 getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long");
543
544#ifndef NO_PAM
545 retval = auth_pam(lusername);
546
--- 7 unchanged lines hidden (view full) ---
554 exit(1);
555 }
556 }
557#endif
558 pwd = getpwnam(lusername);
559 if (pwd == NULL)
560 return (-1);
561 /* XXX why don't we syslog() failure? */
562 return (iruserok(dest->sin_addr.s_addr, pwd->pw_uid == 0,
563 rusername, lusername));
564}
565
566void
567getstr(buf, cnt, errmsg)
568 char *buf;
569 int cnt;
570 char *errmsg;
571{
--- 59 unchanged lines hidden ---
2 * Copyright (c) 1983, 1988, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
--- 28 unchanged lines hidden (view full) ---
37 The Regents of the University of California. All rights reserved.\n";
38#endif /* not lint */
39
40#ifndef lint
41#if 0
42static const char sccsid[] = "@(#)rlogind.c 8.1 (Berkeley) 6/4/93";
43#endif
44static const char rcsid[] =
45 "$FreeBSD: head/libexec/rlogind/rlogind.c 51433 1999-09-19 22:05:32Z markm $";
46#endif /* not lint */
47
48/*
49 * remote login server:
50 * \0
51 * remuser\0
52 * locuser\0
53 * terminal_type/speed\0
--- 32 unchanged lines hidden (view full) ---
86#endif
87
88#ifndef TIOCPKT_WINDOW
89#define TIOCPKT_WINDOW 0x80
90#endif
91
92#define ARGSTR "Dalnx"
93
94char *env[2];
95#define NMAX 30
96char lusername[NMAX+1], rusername[NMAX+1];
97static char term[64] = "TERM=";
98#define ENVSIZE (sizeof("TERM=")-1) /* skip null for concatenation */
99int keepalive = 1;
100int check_all = 0;
101int no_delay;
102
103struct passwd *pwd;
104
105void doit __P((int, struct sockaddr_in *));
106int control __P((int, char *, int));
107void protocol __P((int, int));
108void cleanup __P((int));
109void fatal __P((int, char *, int));
110int do_rlogin __P((struct sockaddr_in *));
111void getstr __P((char *, int, char *));
112void setup_term __P((int));
113int do_krb_login __P((struct sockaddr_in *));
114void usage __P((void));
115
116#ifndef NO_PAM
117extern int auth_pam __P((char *));
118#endif
119
120int
121main(argc, argv)
122 int argc;
123 char *argv[];
124{
125 extern int __check_rhosts_file;
126 struct sockaddr_in from;
127 int ch, fromlen, on;
128
129 openlog("rlogind", LOG_PID | LOG_CONS, LOG_AUTH);
130
131 opterr = 0;
132 while ((ch = getopt(argc, argv, ARGSTR)) != -1)
133 switch (ch) {
134 case 'D':
--- 28 unchanged lines hidden (view full) ---
163 }
164 on = 1;
165 if (keepalive &&
166 setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof (on)) < 0)
167 syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m");
168 if (no_delay &&
169 setsockopt(0, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) < 0)
170 syslog(LOG_WARNING, "setsockopt (TCP_NODELAY): %m");
171 on = IPTOS_LOWDELAY;
172 if (setsockopt(0, IPPROTO_IP, IP_TOS, (char *)&on, sizeof(int)) < 0)
173 syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
174
175 doit(0, &from);
176 return 0;
177}
178
179int child;
180int netf;
181char line[MAXPATHLEN];
182int confirmed;
183
184struct winsize win = { 0, 0, 0, 0 };
185
186
187void
188doit(f, fromp)
189 int f;
190 struct sockaddr_in *fromp;
191{
192 int master, pid, on = 1;
193 int authenticated = 0;
194 char hostname[MAXHOSTNAMELEN];
195 char c;
196
197 alarm(60);
198 read(f, &c, 1);
199
200 if (c != 0)
201 exit(1);
202
203 alarm(0);
204 fromp->sin_port = ntohs((u_short)fromp->sin_port);
205 realhostname(hostname, sizeof(hostname) - 1, &fromp->sin_addr);
206 hostname[sizeof(hostname) - 1] = '\0';
207
208 {
209 if (fromp->sin_family != AF_INET ||
210 fromp->sin_port >= IPPORT_RESERVED ||
211 fromp->sin_port < IPPORT_RESERVED/2) {
212 syslog(LOG_NOTICE, "Connection from %s on illegal port",
213 inet_ntoa(fromp->sin_addr));
214 fatal(f, "Permission denied", 0);
215 }
216#ifdef IP_OPTIONS
217 {
218 u_char optbuf[BUFSIZ/3];
219 int optsize = sizeof(optbuf), ipproto, i;
220 struct protoent *ip;
221
222 if ((ip = getprotobyname("ip")) != NULL)
223 ipproto = ip->p_proto;
224 else
225 ipproto = IPPROTO_IP;
226 if (getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf,
227 &optsize) == 0 && optsize != 0) {
228 for (i = 0; i < optsize; ) {
229 u_char c = optbuf[i];
230 if (c == IPOPT_LSRR || c == IPOPT_SSRR) {
231 syslog(LOG_NOTICE,
232 "Connection refused from %s with IP option %s",
233 inet_ntoa(fromp->sin_addr),
234 c == IPOPT_LSRR ? "LSRR" : "SSRR");
235 exit(1);
236 }
237 if (c == IPOPT_EOL)
238 break;
239 i += (c == IPOPT_NOP) ? 1 : optbuf[i+1];
240 }
241 }
242 }
243#endif
244 if (do_rlogin(fromp) == 0)
245 authenticated++;
246 }
247 if (confirmed == 0) {
248 write(f, "", 1);
249 confirmed = 1; /* we sent the null! */
250 }
--- 277 unchanged lines hidden (view full) ---
528 else
529 len = sprintf(bp, "rlogind: %s.\r\n", msg);
530 (void) write(f, buf, bp + len - buf);
531 exit(1);
532}
533
534int
535do_rlogin(dest)
536 struct sockaddr_in *dest;
537{
538 int retval;
539
540 getstr(rusername, sizeof(rusername), "remuser too long");
541 getstr(lusername, sizeof(lusername), "locuser too long");
542 getstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long");
543
544#ifndef NO_PAM
545 retval = auth_pam(lusername);
546
--- 7 unchanged lines hidden (view full) ---
554 exit(1);
555 }
556 }
557#endif
558 pwd = getpwnam(lusername);
559 if (pwd == NULL)
560 return (-1);
561 /* XXX why don't we syslog() failure? */
562 return (iruserok(dest->sin_addr.s_addr, pwd->pw_uid == 0,
563 rusername, lusername));
564}
565
566void
567getstr(buf, cnt, errmsg)
568 char *buf;
569 int cnt;
570 char *errmsg;
571{
--- 59 unchanged lines hidden ---