builtins.c revision 49104 
1/*-
2 * Copyright (c) 1983, 1991, 1993, 1994
3 *	The Regents of the University of California.  All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $Id: builtins.c,v 1.12 1999/07/25 23:15:03 green Exp $
27 *
28 */
29
30#include <sys/filio.h>
31#include <sys/ioccom.h>
32#include <sys/param.h>
33#include <sys/stat.h>
34#include <sys/socket.h>
35#include <sys/sysctl.h>
36#include <sys/ucred.h>
37#include <sys/uio.h>
38#include <sys/utsname.h>
39
40#include <ctype.h>
41#include <err.h>
42#include <errno.h>
43#include <limits.h>
44#include <pwd.h>
45#include <signal.h>
46#include <stdlib.h>
47#include <string.h>
48#include <sysexits.h>
49#include <syslog.h>
50#include <unistd.h>
51
52#include "inetd.h"
53
54extern int	 debug;
55extern struct servtab *servtab;
56
57char ring[128];
58char *endring;
59
60int check_loop __P((struct sockaddr_in *, struct servtab *sep));
61void inetd_setproctitle __P((char *, int));
62
63struct biltin biltins[] = {
64	/* Echo received data */
65	{ "echo",	SOCK_STREAM,	1, -1,	echo_stream },
66	{ "echo",	SOCK_DGRAM,	0, 1,	echo_dg },
67
68	/* Internet /dev/null */
69	{ "discard",	SOCK_STREAM,	1, -1,	discard_stream },
70	{ "discard",	SOCK_DGRAM,	0, 1,	discard_dg },
71
72	/* Return 32 bit time since 1970 */
73	{ "time",	SOCK_STREAM,	0, -1,	machtime_stream },
74	{ "time",	SOCK_DGRAM,	0, 1,	machtime_dg },
75
76	/* Return human-readable time */
77	{ "daytime",	SOCK_STREAM,	0, -1,	daytime_stream },
78	{ "daytime",	SOCK_DGRAM,	0, 1,	daytime_dg },
79
80	/* Familiar character generator */
81	{ "chargen",	SOCK_STREAM,	1, -1,	chargen_stream },
82	{ "chargen",	SOCK_DGRAM,	0, 1,	chargen_dg },
83
84	{ "tcpmux",	SOCK_STREAM,	1, -1,	(void (*)())tcpmux },
85
86	{ "auth",	SOCK_STREAM,	1, -1,	ident_stream },
87
88	{ NULL }
89};
90
91/*
92 * RFC864 Character Generator Protocol. Generates character data without
93 * any regard for input.
94 */
95
96void
97initring()
98{
99	int i;
100
101	endring = ring;
102
103	for (i = 0; i <= 128; ++i)
104		if (isprint(i))
105			*endring++ = i;
106}
107
108/* ARGSUSED */
109void
110chargen_dg(s, sep)		/* Character generator */
111	int s;
112	struct servtab *sep;
113{
114	struct sockaddr_in sin;
115	static char *rs;
116	int len, size;
117	char text[LINESIZ+2];
118
119	if (endring == 0) {
120		initring();
121		rs = ring;
122	}
123
124	size = sizeof(sin);
125	if (recvfrom(s, text, sizeof(text), 0,
126		     (struct sockaddr *)&sin, &size) < 0)
127		return;
128
129	if (check_loop(&sin, sep))
130		return;
131
132	if ((len = endring - rs) >= LINESIZ)
133		memmove(text, rs, LINESIZ);
134	else {
135		memmove(text, rs, len);
136		memmove(text + len, ring, LINESIZ - len);
137	}
138	if (++rs == endring)
139		rs = ring;
140	text[LINESIZ] = '\r';
141	text[LINESIZ + 1] = '\n';
142	(void) sendto(s, text, sizeof(text), 0,
143		      (struct sockaddr *)&sin, sizeof(sin));
144}
145
146/* ARGSUSED */
147void
148chargen_stream(s, sep)		/* Character generator */
149	int s;
150	struct servtab *sep;
151{
152	int len;
153	char *rs, text[LINESIZ+2];
154
155	inetd_setproctitle(sep->se_service, s);
156
157	if (!endring) {
158		initring();
159		rs = ring;
160	}
161
162	text[LINESIZ] = '\r';
163	text[LINESIZ + 1] = '\n';
164	for (rs = ring;;) {
165		if ((len = endring - rs) >= LINESIZ)
166			memmove(text, rs, LINESIZ);
167		else {
168			memmove(text, rs, len);
169			memmove(text + len, ring, LINESIZ - len);
170		}
171		if (++rs == endring)
172			rs = ring;
173		if (write(s, text, sizeof(text)) != sizeof(text))
174			break;
175	}
176	exit(0);
177}
178
179/*
180 * RFC867 Daytime Protocol. Sends the current date and time as an ascii
181 * character string without any regard for input.
182 */
183
184/* ARGSUSED */
185void
186daytime_dg(s, sep)		/* Return human-readable time of day */
187	int s;
188	struct servtab *sep;
189{
190	char buffer[256];
191	time_t clock;
192	struct sockaddr_in sin;
193	int size;
194
195	clock = time((time_t *) 0);
196
197	size = sizeof(sin);
198	if (recvfrom(s, buffer, sizeof(buffer), 0,
199		     (struct sockaddr *)&sin, &size) < 0)
200		return;
201
202	if (check_loop(&sin, sep))
203		return;
204
205	(void) sprintf(buffer, "%.24s\r\n", ctime(&clock));
206	(void) sendto(s, buffer, strlen(buffer), 0,
207		      (struct sockaddr *)&sin, sizeof(sin));
208}
209
210/* ARGSUSED */
211void
212daytime_stream(s, sep)		/* Return human-readable time of day */
213	int s;
214	struct servtab *sep;
215{
216	char buffer[256];
217	time_t clock;
218
219	clock = time((time_t *) 0);
220
221	(void) sprintf(buffer, "%.24s\r\n", ctime(&clock));
222	(void) write(s, buffer, strlen(buffer));
223}
224
225/*
226 * RFC863 Discard Protocol. Any data received is thrown away and no response
227 * is sent.
228 */
229
230/* ARGSUSED */
231void
232discard_dg(s, sep)		/* Discard service -- ignore data */
233	int s;
234	struct servtab *sep;
235{
236	char buffer[BUFSIZE];
237
238	(void) read(s, buffer, sizeof(buffer));
239}
240
241/* ARGSUSED */
242void
243discard_stream(s, sep)		/* Discard service -- ignore data */
244	int s;
245	struct servtab *sep;
246{
247	int ret;
248	char buffer[BUFSIZE];
249
250	inetd_setproctitle(sep->se_service, s);
251	while (1) {
252		while ((ret = read(s, buffer, sizeof(buffer))) > 0)
253			;
254		if (ret == 0 || errno != EINTR)
255			break;
256	}
257	exit(0);
258}
259
260/*
261 * RFC862 Echo Protocol. Any data received is sent back to the sender as
262 * received.
263 */
264
265/* ARGSUSED */
266void
267echo_dg(s, sep)			/* Echo service -- echo data back */
268	int s;
269	struct servtab *sep;
270{
271	char buffer[BUFSIZE];
272	int i, size;
273	struct sockaddr_in sin;
274
275	size = sizeof(sin);
276	if ((i = recvfrom(s, buffer, sizeof(buffer), 0,
277			  (struct sockaddr *)&sin, &size)) < 0)
278		return;
279
280	if (check_loop(&sin, sep))
281		return;
282
283	(void) sendto(s, buffer, i, 0, (struct sockaddr *)&sin,
284		      sizeof(sin));
285}
286
287/* ARGSUSED */
288void
289echo_stream(s, sep)		/* Echo service -- echo data back */
290	int s;
291	struct servtab *sep;
292{
293	char buffer[BUFSIZE];
294	int i;
295
296	inetd_setproctitle(sep->se_service, s);
297	while ((i = read(s, buffer, sizeof(buffer))) > 0 &&
298	    write(s, buffer, i) > 0)
299		;
300	exit(0);
301}
302
303/*
304 * RFC1413 Identification Protocol. Given a TCP port number pair, return a
305 * character string which identifies the owner of that connection on the
306 * server's system. Extended to allow for ~/.fakeid support and ~/.noident
307 * support.
308 */
309
310/* ARGSUSED */
311void
312iderror(lport, fport, s, er)	/* Generic ident_stream error-sending func */
313	int lport, fport, s, er;
314{
315	char *p;
316
317	asprintf(&p, "%d , %d : ERROR : %s\r\n", lport, fport,
318	    er == -1 ? "HIDDEN-USER" : er ? strerror(er) : "UNKNOWN-ERROR");
319	if (p == NULL) {
320		syslog(LOG_ERR, "asprintf: %m");
321		exit(EX_OSERR);
322	}
323	write(s, p, strlen(p));
324	free(p);
325
326	exit(0);
327}
328
329/* ARGSUSED */
330void
331ident_stream(s, sep)		/* Ident service (AKA "auth") */
332	int s;
333	struct servtab *sep;
334{
335	struct utsname un;
336	struct stat sb;
337	struct sockaddr_in sin[2];
338	struct ucred uc;
339	struct timeval tv = {
340		10,
341		0
342	};
343	struct passwd *pw;
344	fd_set fdset;
345	char buf[BUFSIZE], *cp = NULL, *p, **av, *osname = NULL;
346	int len, c, fflag = 0, nflag = 0, rflag = 0, argc = 0;
347	u_short lport, fport;
348
349	inetd_setproctitle(sep->se_service, s);
350	/*
351	 * Reset getopt() since we are a fork() but not an exec() from
352	 * a parent which used getopt() already.
353	 */
354	optind = 1;
355	optreset = 1;
356	/*
357	 * Take the internal argument vector and count it out to make an
358	 * argument count for getopt. This can be used for any internal
359	 * service to read arguments and use getopt() easily.
360	 */
361	for (av = sep->se_argv; *av; av++)
362		argc++;
363	if (argc) {
364		int sec, usec;
365
366		while ((c = getopt(argc, sep->se_argv, "fno:rt:")) != -1)
367			switch (c) {
368			case 'f':
369				fflag = 1;
370				break;
371			case 'n':
372				nflag = 1;
373				break;
374			case 'o':
375				osname = optarg;
376				break;
377			case 'r':
378				rflag = 1;
379				break;
380			case 't':
381				switch (sscanf(optarg, "%d.%d", &sec, &usec)) {
382				case 2:
383					tv.tv_usec = usec;
384				case 1:
385					tv.tv_sec = sec;
386					break;
387				default:
388					if (debug)
389						warnx("bad -t argument");
390					break;
391				}
392				break;
393			default:
394				break;
395			}
396	}
397	if (osname == NULL) {
398		if (uname(&un) == -1)
399			iderror(0, 0, s, errno);
400		osname = un.sysname;
401	}
402	len = sizeof(sin[0]);
403	if (getsockname(s, (struct sockaddr *)&sin[0], &len) == -1)
404		iderror(0, 0, s, errno);
405	len = sizeof(sin[1]);
406	if (getpeername(s, (struct sockaddr *)&sin[1], &len) == -1)
407		iderror(0, 0, s, errno);
408	/*
409	 * We're going to prepare for and execute reception of a
410	 * packet of data from the user. The data is in the format
411	 * "local_port , foreign_port\r\n" (with local being the
412	 * server's port and foreign being the client's.)
413	 */
414	FD_ZERO(&fdset);
415	FD_SET(s, &fdset);
416	if (select(s + 1, &fdset, NULL, NULL, &tv) == -1)
417		iderror(0, 0, s, errno);
418	if (ioctl(s, FIONREAD, &len) == -1)
419		iderror(0, 0, s, errno);
420	if (len >= sizeof(buf))
421		len = sizeof(buf) - 1;
422	len = read(s, buf, len);
423	if (len == -1)
424		iderror(0, 0, s, errno);
425	buf[len] = '\0';
426	if (sscanf(buf, "%hu , %hu", &lport, &fport) != 2)
427		iderror(0, 0, s, 0);
428	if (!rflag) /* Send HIDDEN-USER immediately if not "real" */
429		iderror(lport, fport, s, -1);
430	/*
431	 * We take the input and construct an array of two sockaddr_ins
432	 * which contain the local address information and foreign
433	 * address information, respectively, used to look up the
434	 * credentials for the socket (which are returned by the
435	 * sysctl "net.inet.tcp.getcred" when we call it.) The
436	 * arrays have been filled in above via get{peer,sock}name(),
437	 * so right here we are only setting the ports.
438	 */
439	sin[0].sin_port = htons(lport);
440	sin[1].sin_port = htons(fport);
441	len = sizeof(uc);
442	if (sysctlbyname("net.inet.tcp.getcred", &uc, &len, sin,
443	    sizeof(sin)) == -1)
444		iderror(lport, fport, s, errno);
445	pw = getpwuid(uc.cr_uid);	/* Look up the pw to get the username */
446	if (pw == NULL)
447		iderror(lport, fport, s, errno);
448	/*
449	 * If enabled, we check for a file named ".noident" in the user's
450	 * home directory. If found, we return HIDDEN-USER.
451	 */
452	if (nflag) {
453		if (asprintf(&p, "%s/.noident", pw->pw_dir) == -1)
454			iderror(lport, fport, s, errno);
455		if (lstat(p, &sb) == 0) {
456			free(p);
457			iderror(lport, fport, s, -1);
458		}
459		free(p);
460	}
461	/*
462	 * Here, if enabled, we read a user's ".fakeid" file in their
463	 * home directory. It consists of a line containing the name
464	 * they want.
465	 */
466	if (fflag) {
467		FILE *fakeid = NULL;
468
469		if (asprintf(&p, "%s/.fakeid", pw->pw_dir) == -1)
470			iderror(lport, fport, s, errno);
471		/*
472		 * Here we set ourself to effectively be the user, so we don't
473		 * open any files we have no permission to open, especially
474		 * symbolic links to sensitive root-owned files or devices.
475		 */
476		seteuid(pw->pw_uid);
477		setegid(pw->pw_gid);
478		/*
479		 * If we were to lstat() here, it would do no good, since it
480		 * would introduce a race condition and could be defeated.
481		 * Therefore, we open the file we have permissions to open
482		 * and if it's not a regular file, we close it and end up
483		 * returning the user's real username.
484		 */
485		fakeid = fopen(p, "r");
486		free(p);
487		if (fakeid != NULL &&
488		    fstat(fileno(fakeid), &sb) != -1 && S_ISREG(sb.st_mode)) {
489			buf[sizeof(buf) - 1] = '\0';
490			if (fgets(buf, sizeof(buf), fakeid) == NULL) {
491				cp = pw->pw_name;
492				fclose(fakeid);
493				goto printit;
494			}
495			fclose(fakeid);
496			/*
497			 * Usually, the file will have the desired identity
498			 * in the form "identity\n", so we use strtok() to
499			 * end the string (which fgets() doesn't do.)
500			 */
501			strtok(buf, "\r\n");
502			/* User names of >16 characters are invalid */
503			if (strlen(buf) > 16)
504				buf[16] = '\0';
505			cp = buf;
506			/* Allow for beginning white space... */
507			while (isspace(*cp))
508				cp++;
509			/* ...and ending white space. */
510			strtok(cp, " \t");
511			/*
512			 * If the name is a zero-length string or matches
513			 * the name of another user, it's invalid, so
514			 * we will return their real identity instead.
515			 */
516
517			if (!*cp || getpwnam(cp))
518				cp = getpwuid(uc.cr_uid)->pw_name;
519		} else
520			cp = pw->pw_name;
521	} else
522		cp = pw->pw_name;
523printit:
524	/* Finally, we make and send the reply. */
525	if (asprintf(&p, "%d , %d : USERID : %s : %s\r\n", lport, fport, osname,
526	    cp) == -1) {
527		syslog(LOG_ERR, "asprintf: %m");
528		exit(EX_OSERR);
529	}
530	write(s, p, strlen(p));
531	free(p);
532
533	exit(0);
534}
535
536/*
537 * RFC738 Time Server.
538 * Return a machine readable date and time, in the form of the
539 * number of seconds since midnight, Jan 1, 1900.  Since gettimeofday
540 * returns the number of seconds since midnight, Jan 1, 1970,
541 * we must add 2208988800 seconds to this figure to make up for
542 * some seventy years Bell Labs was asleep.
543 */
544
545unsigned long
546machtime()
547{
548	struct timeval tv;
549
550	if (gettimeofday(&tv, (struct timezone *)NULL) < 0) {
551		if (debug)
552			warnx("unable to get time of day");
553		return (0L);
554	}
555#define	OFFSET ((u_long)25567 * 24*60*60)
556	return (htonl((long)(tv.tv_sec + OFFSET)));
557#undef OFFSET
558}
559
560/* ARGSUSED */
561void
562machtime_dg(s, sep)
563	int s;
564	struct servtab *sep;
565{
566	unsigned long result;
567	struct sockaddr_in sin;
568	int size;
569
570	size = sizeof(sin);
571	if (recvfrom(s, (char *)&result, sizeof(result), 0,
572		     (struct sockaddr *)&sin, &size) < 0)
573		return;
574
575	if (check_loop(&sin, sep))
576		return;
577
578	result = machtime();
579	(void) sendto(s, (char *) &result, sizeof(result), 0,
580		      (struct sockaddr *)&sin, sizeof(sin));
581}
582
583/* ARGSUSED */
584void
585machtime_stream(s, sep)
586	int s;
587	struct servtab *sep;
588{
589	unsigned long result;
590
591	result = machtime();
592	(void) write(s, (char *) &result, sizeof(result));
593}
594
595/*
596 * RFC1078 TCP Port Service Multiplexer (TCPMUX). Service connections to
597 * services based on the service name sent.
598 *
599 *  Based on TCPMUX.C by Mark K. Lottor November 1988
600 *  sri-nic::ps:<mkl>tcpmux.c
601 */
602
603#define MAX_SERV_LEN	(256+2)		/* 2 bytes for \r\n */
604#define strwrite(fd, buf)	(void) write(fd, buf, sizeof(buf)-1)
605
606static int		/* # of characters upto \r,\n or \0 */
607getline(fd, buf, len)
608	int fd;
609	char *buf;
610	int len;
611{
612	int count = 0, n;
613	struct sigaction sa;
614
615	sa.sa_flags = 0;
616	sigemptyset(&sa.sa_mask);
617	sa.sa_handler = SIG_DFL;
618	sigaction(SIGALRM, &sa, (struct sigaction *)0);
619	do {
620		alarm(10);
621		n = read(fd, buf, len-count);
622		alarm(0);
623		if (n == 0)
624			return (count);
625		if (n < 0)
626			return (-1);
627		while (--n >= 0) {
628			if (*buf == '\r' || *buf == '\n' || *buf == '\0')
629				return (count);
630			count++;
631			buf++;
632		}
633	} while (count < len);
634	return (count);
635}
636
637struct servtab *
638tcpmux(s)
639	int s;
640{
641	struct servtab *sep;
642	char service[MAX_SERV_LEN+1];
643	int len;
644
645	/* Get requested service name */
646	if ((len = getline(s, service, MAX_SERV_LEN)) < 0) {
647		strwrite(s, "-Error reading service name\r\n");
648		return (NULL);
649	}
650	service[len] = '\0';
651
652	if (debug)
653		warnx("tcpmux: someone wants %s", service);
654
655	/*
656	 * Help is a required command, and lists available services,
657	 * one per line.
658	 */
659	if (!strcasecmp(service, "help")) {
660		for (sep = servtab; sep; sep = sep->se_next) {
661			if (!ISMUX(sep))
662				continue;
663			(void)write(s,sep->se_service,strlen(sep->se_service));
664			strwrite(s, "\r\n");
665		}
666		return (NULL);
667	}
668
669	/* Try matching a service in inetd.conf with the request */
670	for (sep = servtab; sep; sep = sep->se_next) {
671		if (!ISMUX(sep))
672			continue;
673		if (!strcasecmp(service, sep->se_service)) {
674			if (ISMUXPLUS(sep)) {
675				strwrite(s, "+Go\r\n");
676			}
677			return (sep);
678		}
679	}
680	strwrite(s, "-Service not available\r\n");
681	return (NULL);
682}
683