insecure.c revision 92914 
169626Sru/* insecure.c: The opieinsecure() library function.
269626Sru
369626Sru%%% portions-copyright-cmetz-96
469626SruPortions of this software are Copyright 1996-1999 by Craig Metz, All Rights
569626SruReserved. The Inner Net License Version 2 applies to these portions of
6151497Sruthe software.
769626SruYou should have received a copy of the license with this software. If
8114402Sruyou didn't get a copy, you may request one from <license@inner.net>.
9151497Sru
10151497SruPortions of this software are Copyright 1995 by Randall Atkinson and Dan
1169626SruMcDonald, All Rights Reserved. All Rights under this copyright are assigned
1269626Sruto the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
1369626SruLicense Agreement applies to this software.
1469626Sru
1569626Sru        History:
1669626Sru
1769626Sru	Modified by cmetz for OPIE 2.4. Do utmp checks on utmpx systems.
1869626Sru	     Handle unterminated ut_host.
1969626Sru	Modified by cmetz for OPIE 2.31. Fixed a logic bug. Call endut[x]ent().
2069626Sru	Modified by cmetz for OPIE 2.3. Added result caching. Use
2169626Sru	     __opiegetutmpentry(). Ifdef around ut_host check. Eliminate
2269626Sru	     unused variable.
2369626Sru	Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
24151497Sru             Allow IP loopback. DISPLAY and ut_host must match exactly,
25151497Sru             not just the part before the colon. Added work-around for
2669626Sru             Sun CDE dtterm bug. Leave the environment as it was
27151497Sru             found. Use uname().
28151497Sru        Created at NRL for OPIE 2.2 from opiesubr.c. Fixed pointer
29151497Sru             assignment that should have been a comparison.
3069626Sru
3169626Sru$FreeBSD: head/contrib/opie/libopie/insecure.c 92914 2002-03-21 23:42:52Z markm $
3269626Sru
33151497Sru*/
34104862Sru#include "opie_cfg.h"
35151497Sru
36151497Sru#include <stdio.h>
3769626Sru#include <string.h>
38151497Sru#include <stdlib.h>	/* ANSI C standard library */
3969626Sru#include <sys/param.h>
4069626Sru#include <unistd.h>
4169626Sru
4269626Sru#include <utmp.h>
4369626Sru#if DOUTMPX
4469626Sru#include <utmpx.h>
4569626Sru#define utmp utmpx
4669626Sru#define endutent endutxent
4769626Sru#endif	/* DOUTMPX */
4869626Sru
4969626Sru#if HAVE_SYS_UTSNAME_H
50104862Sru#include <sys/utsname.h>
51104862Sru#endif /* HAVE_SYS_UTSNAME_H */
5269626Sru
5369626Sru#include "opie.h"
54151497Sru
55114402Sruchar *remote_terms[] = { "xterm", "xterms", "kterm", NULL };
56114402Sru
57114402Sruint opieinsecure FUNCTION_NOARGS
58151497Sru{
59151497Sru#ifndef NO_INSECURE_CHECK
6069626Sru  char *display_name;
61151497Sru  char *s;
6269626Sru  char *term_name;
6369626Sru  int  insecure = 0;
6469626Sru#if HAVE_UT_HOST || DOUTMPX
6569626Sru  struct utmp utmp;
6669626Sru#endif /* HAVE_UT_HOST || DOUTMPX */
6769626Sru  static int result = -1;
6869626Sru
6969626Sru  if (result != -1)
70114402Sru    return result;
71114402Sru
72114402Sru  if (getenv("SSH_CLIENT") != NULL)
73151497Sru	return (result = 0);
74114402Sru  display_name = (char *) getenv("DISPLAY");
75114402Sru  term_name = (char *) getenv("TERM");
76114402Sru
77151497Sru  if (display_name) {
7869626Sru    insecure = 1;
7969626Sru    if (s = strchr(display_name, ':')) {
8069626Sru      int n = s - display_name;
8169626Sru      if (!n)
8269626Sru	insecure = 0;
8369626Sru      else {
8469626Sru	if (!strncmp("unix", display_name, n))
8569626Sru	  insecure = 0;
8669626Sru        else if (!strncmp("localhost", display_name, n))
87151497Sru	    insecure = 0;
88114402Sru        else if (!strncmp("loopback", display_name, n))
89114402Sru	    insecure = 0;
9069626Sru        else if (!strncmp("127.0.0.1", display_name, n))
91151497Sru	    insecure = 0;
92151497Sru	else {
9369626Sru          struct utsname utsname;
94114402Sru
95151497Sru	  if (!uname(&utsname)) {
96151497Sru	    if (!strncmp(utsname.nodename, display_name, n))
97114402Sru	      insecure = 0;
9869626Sru	    else {
99151497Sru	      if (s = strchr(display_name, '.')) {
10069626Sru		int n2 = s - display_name;
10169626Sru                if (n < n2)
10269626Sru                  n2 = n;
10369626Sru		if (!strncmp(utsname.nodename, display_name, n2))
10469626Sru		  insecure = 0;
10569626Sru	      } /* endif display_name is '.' */
10669626Sru	    } /* endif hostname != display_name */
107151497Sru	  } /* endif was able to get hostname */
108151497Sru	} /* endif display_name == UNIX */
109151497Sru      }
110151497Sru    }
111151497Sru    } /* endif display_name == ":" */
112151497Sru    if (insecure)
113151497Sru      return (result = 1);
114151497Sru
115151497Sru  /* If no DISPLAY variable exists and TERM=xterm,
11669626Sru     then we probably have an xterm executing on a remote system
11769626Sru     with an rlogin or telnet to our system.  If it were a local
11869626Sru     xterm, then the DISPLAY environment variable would
11969626Sru     have to exist. rja */
12069626Sru  if (!display_name && term_name) {
12169626Sru    int i;
12269626Sru    for (i = 0; remote_terms[i]; i++)
12369626Sru      if (!strcmp(term_name, remote_terms[i]))
12469626Sru        return (result = 1);
12569626Sru  };
12669626Sru
12769626Sru#if HAVE_UT_HOST || DOUTMPX
12869626Sru  if (isatty(0)) {
12969626Sru    memset(&utmp, 0, sizeof(struct utmp));
13069626Sru    {
13169626Sru      int i = __opiegetutmpentry(ttyname(0), &utmp);
13269626Sru      endutent();
13369626Sru      if (!i && utmp.ut_host[0]) {
13469626Sru	char host[sizeof(utmp.ut_host) + 1];
13569626Sru	insecure = 1;
13669626Sru
13769626Sru	strncpy(host, utmp.ut_host, sizeof(utmp.ut_host));
13869626Sru	host[sizeof(utmp.ut_host)] = 0;
13969626Sru
14069626Sru	if (s = strchr(host, ':')) {
14169626Sru	  int n = s - host;
14269626Sru	  if (!n)
14369626Sru	    insecure = 0;
14469626Sru	  else
14569626Sru	    if (display_name) {
14669626Sru	      if (!strncmp(host, display_name, n))
14769626Sru		insecure = 0;
14869626Sru#if 1 /* def SOLARIS */
14969626Sru	      else
15069626Sru		if (s = strchr(host, ' ')) {
15169626Sru		  *s = ':';
15269626Sru		  if (s = strchr(s + 1, ' '))
15369626Sru		    *s = '.';
15469626Sru		  if (!strncmp(host, display_name, n))
15569626Sru		    insecure = 0;
156114402Sru		}
157114402Sru#endif /* SOLARIS */
158114402Sru	    }
159114402Sru	}
160114402Sru      }
161114402Sru    };
162114402Sru  };
163114402Sru#endif /* HAVE_UT_HOST || DOUTMPX */
164114402Sru  if (insecure)
165114402Sru    return (result = 1);
166151497Sru
167151497Sru  return (result = 0);
168151497Sru#else /* NO_INSECURE_CHECK */
169151497Sru  return 0;
17069626Sru#endif /* NO_INSECURE_CHECK */
17169626Sru}
17269626Sru