builtins.c revision 56303 
1/*-
2 * Copyright (c) 1983, 1991, 1993, 1994
3 *	The Regents of the University of California.  All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $FreeBSD: head/usr.sbin/inetd/builtins.c 56303 2000-01-20 01:49:41Z green $
27 *
28 */
29
30#include <sys/filio.h>
31#include <sys/ioccom.h>
32#include <sys/param.h>
33#include <sys/stat.h>
34#include <sys/socket.h>
35#include <sys/sysctl.h>
36#include <sys/ucred.h>
37#include <sys/uio.h>
38#include <sys/utsname.h>
39
40#include <ctype.h>
41#include <err.h>
42#include <errno.h>
43#include <limits.h>
44#include <pwd.h>
45#include <signal.h>
46#include <stdlib.h>
47#include <string.h>
48#include <sysexits.h>
49#include <syslog.h>
50#include <unistd.h>
51
52#include "inetd.h"
53
54extern int	 debug;
55extern struct servtab *servtab;
56
57char ring[128];
58char *endring;
59
60int check_loop __P((struct sockaddr_in *, struct servtab *sep));
61void inetd_setproctitle __P((char *, int));
62
63struct biltin biltins[] = {
64	/* Echo received data */
65	{ "echo",	SOCK_STREAM,	1, -1,	echo_stream },
66	{ "echo",	SOCK_DGRAM,	0, 1,	echo_dg },
67
68	/* Internet /dev/null */
69	{ "discard",	SOCK_STREAM,	1, -1,	discard_stream },
70	{ "discard",	SOCK_DGRAM,	0, 1,	discard_dg },
71
72	/* Return 32 bit time since 1970 */
73	{ "time",	SOCK_STREAM,	0, -1,	machtime_stream },
74	{ "time",	SOCK_DGRAM,	0, 1,	machtime_dg },
75
76	/* Return human-readable time */
77	{ "daytime",	SOCK_STREAM,	0, -1,	daytime_stream },
78	{ "daytime",	SOCK_DGRAM,	0, 1,	daytime_dg },
79
80	/* Familiar character generator */
81	{ "chargen",	SOCK_STREAM,	1, -1,	chargen_stream },
82	{ "chargen",	SOCK_DGRAM,	0, 1,	chargen_dg },
83
84	{ "tcpmux",	SOCK_STREAM,	1, -1,	(void (*)())tcpmux },
85
86	{ "auth",	SOCK_STREAM,	1, -1,	ident_stream },
87
88	{ NULL }
89};
90
91/*
92 * RFC864 Character Generator Protocol. Generates character data without
93 * any regard for input.
94 */
95
96void
97initring()
98{
99	int i;
100
101	endring = ring;
102
103	for (i = 0; i <= 128; ++i)
104		if (isprint(i))
105			*endring++ = i;
106}
107
108/* ARGSUSED */
109void
110chargen_dg(s, sep)		/* Character generator */
111	int s;
112	struct servtab *sep;
113{
114	struct sockaddr_in sin;
115	static char *rs;
116	int len, size;
117	char text[LINESIZ+2];
118
119	if (endring == 0) {
120		initring();
121		rs = ring;
122	}
123
124	size = sizeof(sin);
125	if (recvfrom(s, text, sizeof(text), 0,
126		     (struct sockaddr *)&sin, &size) < 0)
127		return;
128
129	if (check_loop(&sin, sep))
130		return;
131
132	if ((len = endring - rs) >= LINESIZ)
133		memmove(text, rs, LINESIZ);
134	else {
135		memmove(text, rs, len);
136		memmove(text + len, ring, LINESIZ - len);
137	}
138	if (++rs == endring)
139		rs = ring;
140	text[LINESIZ] = '\r';
141	text[LINESIZ + 1] = '\n';
142	(void) sendto(s, text, sizeof(text), 0,
143		      (struct sockaddr *)&sin, sizeof(sin));
144}
145
146/* ARGSUSED */
147void
148chargen_stream(s, sep)		/* Character generator */
149	int s;
150	struct servtab *sep;
151{
152	int len;
153	char *rs, text[LINESIZ+2];
154
155	inetd_setproctitle(sep->se_service, s);
156
157	if (!endring) {
158		initring();
159		rs = ring;
160	}
161
162	text[LINESIZ] = '\r';
163	text[LINESIZ + 1] = '\n';
164	for (rs = ring;;) {
165		if ((len = endring - rs) >= LINESIZ)
166			memmove(text, rs, LINESIZ);
167		else {
168			memmove(text, rs, len);
169			memmove(text + len, ring, LINESIZ - len);
170		}
171		if (++rs == endring)
172			rs = ring;
173		if (write(s, text, sizeof(text)) != sizeof(text))
174			break;
175	}
176	exit(0);
177}
178
179/*
180 * RFC867 Daytime Protocol. Sends the current date and time as an ascii
181 * character string without any regard for input.
182 */
183
184/* ARGSUSED */
185void
186daytime_dg(s, sep)		/* Return human-readable time of day */
187	int s;
188	struct servtab *sep;
189{
190	char buffer[256];
191	time_t clock;
192	struct sockaddr_in sin;
193	int size;
194
195	clock = time((time_t *) 0);
196
197	size = sizeof(sin);
198	if (recvfrom(s, buffer, sizeof(buffer), 0,
199		     (struct sockaddr *)&sin, &size) < 0)
200		return;
201
202	if (check_loop(&sin, sep))
203		return;
204
205	(void) sprintf(buffer, "%.24s\r\n", ctime(&clock));
206	(void) sendto(s, buffer, strlen(buffer), 0,
207		      (struct sockaddr *)&sin, sizeof(sin));
208}
209
210/* ARGSUSED */
211void
212daytime_stream(s, sep)		/* Return human-readable time of day */
213	int s;
214	struct servtab *sep;
215{
216	char buffer[256];
217	time_t clock;
218
219	clock = time((time_t *) 0);
220
221	(void) sprintf(buffer, "%.24s\r\n", ctime(&clock));
222	(void) write(s, buffer, strlen(buffer));
223}
224
225/*
226 * RFC863 Discard Protocol. Any data received is thrown away and no response
227 * is sent.
228 */
229
230/* ARGSUSED */
231void
232discard_dg(s, sep)		/* Discard service -- ignore data */
233	int s;
234	struct servtab *sep;
235{
236	char buffer[BUFSIZE];
237
238	(void) read(s, buffer, sizeof(buffer));
239}
240
241/* ARGSUSED */
242void
243discard_stream(s, sep)		/* Discard service -- ignore data */
244	int s;
245	struct servtab *sep;
246{
247	int ret;
248	char buffer[BUFSIZE];
249
250	inetd_setproctitle(sep->se_service, s);
251	while (1) {
252		while ((ret = read(s, buffer, sizeof(buffer))) > 0)
253			;
254		if (ret == 0 || errno != EINTR)
255			break;
256	}
257	exit(0);
258}
259
260/*
261 * RFC862 Echo Protocol. Any data received is sent back to the sender as
262 * received.
263 */
264
265/* ARGSUSED */
266void
267echo_dg(s, sep)			/* Echo service -- echo data back */
268	int s;
269	struct servtab *sep;
270{
271	char buffer[BUFSIZE];
272	int i, size;
273	struct sockaddr_in sin;
274
275	size = sizeof(sin);
276	if ((i = recvfrom(s, buffer, sizeof(buffer), 0,
277			  (struct sockaddr *)&sin, &size)) < 0)
278		return;
279
280	if (check_loop(&sin, sep))
281		return;
282
283	(void) sendto(s, buffer, i, 0, (struct sockaddr *)&sin,
284		      sizeof(sin));
285}
286
287/* ARGSUSED */
288void
289echo_stream(s, sep)		/* Echo service -- echo data back */
290	int s;
291	struct servtab *sep;
292{
293	char buffer[BUFSIZE];
294	int i;
295
296	inetd_setproctitle(sep->se_service, s);
297	while ((i = read(s, buffer, sizeof(buffer))) > 0 &&
298	    write(s, buffer, i) > 0)
299		;
300	exit(0);
301}
302
303/*
304 * RFC1413 Identification Protocol. Given a TCP port number pair, return a
305 * character string which identifies the owner of that connection on the
306 * server's system. Extended to allow for ~/.fakeid support and ~/.noident
307 * support.
308 */
309
310/* ARGSUSED */
311void
312iderror(lport, fport, s, er)	/* Generic ident_stream error-sending func */
313	int lport, fport, s, er;
314{
315	char *p;
316
317	asprintf(&p, "%d , %d : ERROR : %s\r\n", lport, fport,
318	    er == -1 ? "HIDDEN-USER" : er ? strerror(er) : "UNKNOWN-ERROR");
319	if (p == NULL) {
320		syslog(LOG_ERR, "asprintf: %m");
321		exit(EX_OSERR);
322	}
323	write(s, p, strlen(p));
324	free(p);
325
326	exit(0);
327}
328
329/* ARGSUSED */
330void
331ident_stream(s, sep)		/* Ident service (AKA "auth") */
332	int s;
333	struct servtab *sep;
334{
335	struct utsname un;
336	struct stat sb;
337	struct sockaddr_in sin[2];
338	struct ucred uc;
339	struct timeval tv = {
340		10,
341		0
342	};
343	struct passwd *pw = NULL;
344	fd_set fdset;
345	char buf[BUFSIZE], *cp = NULL, *p, **av, *osname = NULL, garbage[7];
346	char *fallback = NULL;
347	int len, c, fflag = 0, nflag = 0, rflag = 0, argc = 0, usedfallback = 0;
348	int gflag = 0, Rflag = 0;
349	u_short lport, fport;
350
351	inetd_setproctitle(sep->se_service, s);
352	/*
353	 * Reset getopt() since we are a fork() but not an exec() from
354	 * a parent which used getopt() already.
355	 */
356	optind = 1;
357	optreset = 1;
358	/*
359	 * Take the internal argument vector and count it out to make an
360	 * argument count for getopt. This can be used for any internal
361	 * service to read arguments and use getopt() easily.
362	 */
363	for (av = sep->se_argv; *av; av++)
364		argc++;
365	if (argc) {
366		int sec, usec;
367		size_t i;
368		u_int32_t random;
369
370		while ((c = getopt(argc, sep->se_argv, "d:fgno:rt:")) != -1)
371			switch (c) {
372			case 'd':
373				fallback = optarg;
374				break;
375			case 'f':
376				fflag = 1;
377				break;
378			case 'g':
379				gflag = 1;
380				random = 0;	/* Shush, compiler. */
381				/*
382				 * The number of bits in "random" divided
383				 * by the number of bits needed per iteration
384				 * gives a more optimal way to reload the
385				 * random number only when necessary.
386				 *
387				 * I'm using base-36, so I need at least 6
388				 * bits; round it up to 8 bits to make it
389				 * easier.
390				 */
391				for (i = 0; i < sizeof(garbage) - 1; i++) {
392					const char *const base36 =
393					    "0123456789"
394					    "abcdefghijklmnopqrstuvwxyz";
395					if (i % (sizeof(random) * 8 / 8) == 0)
396						random = arc4random();
397					garbage[i] =
398					    base36[(random & 0xff) % 36];
399					random >>= 8;
400				}
401				garbage[i] = '\0';
402				break;
403			case 'n':
404				nflag = 1;
405				break;
406			case 'o':
407				osname = optarg;
408				break;
409			case 'R':
410				Rflag = 2;
411				break;
412			case 'r':
413				rflag = 1;
414				break;
415			case 't':
416				switch (sscanf(optarg, "%d.%d", &sec, &usec)) {
417				case 2:
418					tv.tv_usec = usec;
419				case 1:
420					tv.tv_sec = sec;
421					break;
422				default:
423					if (debug)
424						warnx("bad -t argument");
425					break;
426				}
427				break;
428			default:
429				break;
430			}
431	}
432	if (osname == NULL) {
433		if (uname(&un) == -1)
434			iderror(0, 0, s, errno);
435		osname = un.sysname;
436	}
437	len = sizeof(sin[0]);
438	if (getsockname(s, (struct sockaddr *)&sin[0], &len) == -1)
439		iderror(0, 0, s, errno);
440	len = sizeof(sin[1]);
441	if (getpeername(s, (struct sockaddr *)&sin[1], &len) == -1)
442		iderror(0, 0, s, errno);
443	/*
444	 * We're going to prepare for and execute reception of a
445	 * packet of data from the user. The data is in the format
446	 * "local_port , foreign_port\r\n" (with local being the
447	 * server's port and foreign being the client's.)
448	 */
449	FD_ZERO(&fdset);
450	FD_SET(s, &fdset);
451	if (select(s + 1, &fdset, NULL, NULL, &tv) == -1)
452		iderror(0, 0, s, errno);
453	if (ioctl(s, FIONREAD, &len) == -1)
454		iderror(0, 0, s, errno);
455	if (len >= sizeof(buf))
456		len = sizeof(buf) - 1;
457	len = read(s, buf, len);
458	if (len == -1)
459		iderror(0, 0, s, errno);
460	buf[len] = '\0';
461	if (sscanf(buf, "%hu , %hu", &lport, &fport) != 2)
462		iderror(0, 0, s, 0);
463	if (gflag) {
464		cp = garbage;
465		goto printit;
466	}
467
468	if (!rflag)	/* Send HIDDEN-USER immediately if not "real" */
469		iderror(lport, fport, s, -1);
470	/*
471	 * We take the input and construct an array of two sockaddr_ins
472	 * which contain the local address information and foreign
473	 * address information, respectively, used to look up the
474	 * credentials for the socket (which are returned by the
475	 * sysctl "net.inet.tcp.getcred" when we call it.) The
476	 * arrays have been filled in above via get{peer,sock}name(),
477	 * so right here we are only setting the ports.
478	 */
479	sin[0].sin_port = htons(lport);
480	sin[1].sin_port = htons(fport);
481	len = sizeof(uc);
482	if (sysctlbyname("net.inet.tcp.getcred", &uc, &len, sin,
483	    sizeof(sin)) == -1) {
484		if (fallback == NULL)		/* Use a default, if asked to */
485			iderror(lport, fport, s, errno);
486		usedfallback = 1;
487	} else {
488		/* Look up the pw to get the username */
489		pw = getpwuid(uc.cr_uid);
490	}
491	if (pw == NULL && !usedfallback)		/* No such user... */
492		iderror(lport, fport, s, errno);
493	/*
494	 * If enabled, we check for a file named ".noident" in the user's
495	 * home directory. If found, we return HIDDEN-USER.
496	 */
497	if (nflag && !usedfallback) {
498		if (asprintf(&p, "%s/.noident", pw->pw_dir) == -1)
499			iderror(lport, fport, s, errno);
500		if (lstat(p, &sb) == 0) {
501			free(p);
502			iderror(lport, fport, s, -1);
503		}
504		free(p);
505	}
506	/*
507	 * Here, if enabled, we read a user's ".fakeid" file in their
508	 * home directory. It consists of a line containing the name
509	 * they want.
510	 */
511	if (fflag && !usedfallback) {
512		FILE *fakeid = NULL;
513
514		if (asprintf(&p, "%s/.fakeid", pw->pw_dir) == -1)
515			iderror(lport, fport, s, errno);
516		/*
517		 * Here we set ourself to effectively be the user, so we don't
518		 * open any files we have no permission to open, especially
519		 * symbolic links to sensitive root-owned files or devices.
520		 */
521		seteuid(pw->pw_uid);
522		setegid(pw->pw_gid);
523		/*
524		 * If we were to lstat() here, it would do no good, since it
525		 * would introduce a race condition and could be defeated.
526		 * Therefore, we open the file we have permissions to open
527		 * and if it's not a regular file, we close it and end up
528		 * returning the user's real username.
529		 */
530		fakeid = fopen(p, "r");
531		free(p);
532		if (fakeid != NULL &&
533		    fstat(fileno(fakeid), &sb) != -1 && S_ISREG(sb.st_mode)) {
534			buf[sizeof(buf) - 1] = '\0';
535			if (fgets(buf, sizeof(buf), fakeid) == NULL) {
536				cp = pw->pw_name;
537				fclose(fakeid);
538				goto printit;
539			}
540			fclose(fakeid);
541			/*
542			 * Usually, the file will have the desired identity
543			 * in the form "identity\n", so we use strtok() to
544			 * end the string (which fgets() doesn't do.)
545			 */
546			strtok(buf, "\r\n");
547			/* User names of >16 characters are invalid */
548			if (strlen(buf) > 16)
549				buf[16] = '\0';
550			cp = buf;
551			/* Allow for beginning white space... */
552			while (isspace(*cp))
553				cp++;
554			/* ...and ending white space. */
555			strtok(cp, " \t");
556			/*
557			 * If the name is a zero-length string or matches
558			 * the name of another user, it's invalid, so
559			 * we will return their real identity instead.
560			 */
561
562			if (!*cp || getpwnam(cp))
563				cp = getpwuid(uc.cr_uid)->pw_name;
564		} else
565			cp = pw->pw_name;
566	} else if (!usedfallback)
567		cp = pw->pw_name;
568	else
569		cp = fallback;
570printit:
571	/* Finally, we make and send the reply. */
572	if (asprintf(&p, "%d , %d : USERID : %s : %s\r\n", lport, fport, osname,
573	    cp) == -1) {
574		syslog(LOG_ERR, "asprintf: %m");
575		exit(EX_OSERR);
576	}
577	write(s, p, strlen(p));
578	free(p);
579
580	exit(0);
581}
582
583/*
584 * RFC738 Time Server.
585 * Return a machine readable date and time, in the form of the
586 * number of seconds since midnight, Jan 1, 1900.  Since gettimeofday
587 * returns the number of seconds since midnight, Jan 1, 1970,
588 * we must add 2208988800 seconds to this figure to make up for
589 * some seventy years Bell Labs was asleep.
590 */
591
592unsigned long
593machtime()
594{
595	struct timeval tv;
596
597	if (gettimeofday(&tv, (struct timezone *)NULL) < 0) {
598		if (debug)
599			warnx("unable to get time of day");
600		return (0L);
601	}
602#define	OFFSET ((u_long)25567 * 24*60*60)
603	return (htonl((long)(tv.tv_sec + OFFSET)));
604#undef OFFSET
605}
606
607/* ARGSUSED */
608void
609machtime_dg(s, sep)
610	int s;
611	struct servtab *sep;
612{
613	unsigned long result;
614	struct sockaddr_in sin;
615	int size;
616
617	size = sizeof(sin);
618	if (recvfrom(s, (char *)&result, sizeof(result), 0,
619		     (struct sockaddr *)&sin, &size) < 0)
620		return;
621
622	if (check_loop(&sin, sep))
623		return;
624
625	result = machtime();
626	(void) sendto(s, (char *) &result, sizeof(result), 0,
627		      (struct sockaddr *)&sin, sizeof(sin));
628}
629
630/* ARGSUSED */
631void
632machtime_stream(s, sep)
633	int s;
634	struct servtab *sep;
635{
636	unsigned long result;
637
638	result = machtime();
639	(void) write(s, (char *) &result, sizeof(result));
640}
641
642/*
643 * RFC1078 TCP Port Service Multiplexer (TCPMUX). Service connections to
644 * services based on the service name sent.
645 *
646 *  Based on TCPMUX.C by Mark K. Lottor November 1988
647 *  sri-nic::ps:<mkl>tcpmux.c
648 */
649
650#define MAX_SERV_LEN	(256+2)		/* 2 bytes for \r\n */
651#define strwrite(fd, buf)	(void) write(fd, buf, sizeof(buf)-1)
652
653static int		/* # of characters upto \r,\n or \0 */
654getline(fd, buf, len)
655	int fd;
656	char *buf;
657	int len;
658{
659	int count = 0, n;
660	struct sigaction sa;
661
662	sa.sa_flags = 0;
663	sigemptyset(&sa.sa_mask);
664	sa.sa_handler = SIG_DFL;
665	sigaction(SIGALRM, &sa, (struct sigaction *)0);
666	do {
667		alarm(10);
668		n = read(fd, buf, len-count);
669		alarm(0);
670		if (n == 0)
671			return (count);
672		if (n < 0)
673			return (-1);
674		while (--n >= 0) {
675			if (*buf == '\r' || *buf == '\n' || *buf == '\0')
676				return (count);
677			count++;
678			buf++;
679		}
680	} while (count < len);
681	return (count);
682}
683
684struct servtab *
685tcpmux(s)
686	int s;
687{
688	struct servtab *sep;
689	char service[MAX_SERV_LEN+1];
690	int len;
691
692	/* Get requested service name */
693	if ((len = getline(s, service, MAX_SERV_LEN)) < 0) {
694		strwrite(s, "-Error reading service name\r\n");
695		return (NULL);
696	}
697	service[len] = '\0';
698
699	if (debug)
700		warnx("tcpmux: someone wants %s", service);
701
702	/*
703	 * Help is a required command, and lists available services,
704	 * one per line.
705	 */
706	if (!strcasecmp(service, "help")) {
707		for (sep = servtab; sep; sep = sep->se_next) {
708			if (!ISMUX(sep))
709				continue;
710			(void)write(s,sep->se_service,strlen(sep->se_service));
711			strwrite(s, "\r\n");
712		}
713		return (NULL);
714	}
715
716	/* Try matching a service in inetd.conf with the request */
717	for (sep = servtab; sep; sep = sep->se_next) {
718		if (!ISMUX(sep))
719			continue;
720		if (!strcasecmp(service, sep->se_service)) {
721			if (ISMUXPLUS(sep)) {
722				strwrite(s, "+Go\r\n");
723			}
724			return (sep);
725		}
726	}
727	strwrite(s, "-Service not available\r\n");
728	return (NULL);
729}
730