builtins.c revision 57906
1/*- 2 * Copyright (c) 1983, 1991, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD: head/usr.sbin/inetd/builtins.c 57906 2000-03-11 11:28:08Z shin $ 27 * 28 */ 29 30#include <sys/filio.h> 31#include <sys/ioccom.h> 32#include <sys/param.h> 33#include <sys/stat.h> 34#include <sys/socket.h> 35#include <sys/sysctl.h> 36#include <sys/ucred.h> 37#include <sys/uio.h> 38#include <sys/utsname.h> 39 40#include <ctype.h> 41#include <err.h> 42#include <errno.h> 43#include <limits.h> 44#include <pwd.h> 45#include <signal.h> 46#include <stdlib.h> 47#include <string.h> 48#include <sysexits.h> 49#include <syslog.h> 50#include <unistd.h> 51 52#include "inetd.h" 53 54extern int debug; 55extern struct servtab *servtab; 56 57char ring[128]; 58char *endring; 59 60int check_loop __P((struct sockaddr *, struct servtab *sep)); 61void inetd_setproctitle __P((char *, int)); 62 63struct biltin biltins[] = { 64 /* Echo received data */ 65 { "echo", SOCK_STREAM, 1, -1, echo_stream }, 66 { "echo", SOCK_DGRAM, 0, 1, echo_dg }, 67 68 /* Internet /dev/null */ 69 { "discard", SOCK_STREAM, 1, -1, discard_stream }, 70 { "discard", SOCK_DGRAM, 0, 1, discard_dg }, 71 72 /* Return 32 bit time since 1970 */ 73 { "time", SOCK_STREAM, 0, -1, machtime_stream }, 74 { "time", SOCK_DGRAM, 0, 1, machtime_dg }, 75 76 /* Return human-readable time */ 77 { "daytime", SOCK_STREAM, 0, -1, daytime_stream }, 78 { "daytime", SOCK_DGRAM, 0, 1, daytime_dg }, 79 80 /* Familiar character generator */ 81 { "chargen", SOCK_STREAM, 1, -1, chargen_stream }, 82 { "chargen", SOCK_DGRAM, 0, 1, chargen_dg }, 83 84 { "tcpmux", SOCK_STREAM, 1, -1, (void (*)())tcpmux }, 85 86 { "auth", SOCK_STREAM, 1, -1, ident_stream }, 87 88 { NULL } 89}; 90 91/* 92 * RFC864 Character Generator Protocol. Generates character data without 93 * any regard for input. 94 */ 95 96void 97initring() 98{ 99 int i; 100 101 endring = ring; 102 103 for (i = 0; i <= 128; ++i) 104 if (isprint(i)) 105 *endring++ = i; 106} 107 108/* ARGSUSED */ 109void 110chargen_dg(s, sep) /* Character generator */ 111 int s; 112 struct servtab *sep; 113{ 114 struct sockaddr_storage ss; 115 static char *rs; 116 int len; 117 socklen_t size; 118 char text[LINESIZ+2]; 119 120 if (endring == 0) { 121 initring(); 122 rs = ring; 123 } 124 125 size = sizeof(ss); 126 if (recvfrom(s, text, sizeof(text), 0, 127 (struct sockaddr *)&ss, &size) < 0) 128 return; 129 130 if (check_loop((struct sockaddr *)&ss, sep)) 131 return; 132 133 if ((len = endring - rs) >= LINESIZ) 134 memmove(text, rs, LINESIZ); 135 else { 136 memmove(text, rs, len); 137 memmove(text + len, ring, LINESIZ - len); 138 } 139 if (++rs == endring) 140 rs = ring; 141 text[LINESIZ] = '\r'; 142 text[LINESIZ + 1] = '\n'; 143 (void) sendto(s, text, sizeof(text), 0, (struct sockaddr *)&ss, size); 144} 145 146/* ARGSUSED */ 147void 148chargen_stream(s, sep) /* Character generator */ 149 int s; 150 struct servtab *sep; 151{ 152 int len; 153 char *rs, text[LINESIZ+2]; 154 155 inetd_setproctitle(sep->se_service, s); 156 157 if (!endring) { 158 initring(); 159 rs = ring; 160 } 161 162 text[LINESIZ] = '\r'; 163 text[LINESIZ + 1] = '\n'; 164 for (rs = ring;;) { 165 if ((len = endring - rs) >= LINESIZ) 166 memmove(text, rs, LINESIZ); 167 else { 168 memmove(text, rs, len); 169 memmove(text + len, ring, LINESIZ - len); 170 } 171 if (++rs == endring) 172 rs = ring; 173 if (write(s, text, sizeof(text)) != sizeof(text)) 174 break; 175 } 176 exit(0); 177} 178 179/* 180 * RFC867 Daytime Protocol. Sends the current date and time as an ascii 181 * character string without any regard for input. 182 */ 183 184/* ARGSUSED */ 185void 186daytime_dg(s, sep) /* Return human-readable time of day */ 187 int s; 188 struct servtab *sep; 189{ 190 char buffer[256]; 191 time_t clock; 192 struct sockaddr_storage ss; 193 socklen_t size; 194 195 clock = time((time_t *) 0); 196 197 size = sizeof(ss); 198 if (recvfrom(s, buffer, sizeof(buffer), 0, 199 (struct sockaddr *)&ss, &size) < 0) 200 return; 201 202 if (check_loop((struct sockaddr *)&ss, sep)) 203 return; 204 205 (void) sprintf(buffer, "%.24s\r\n", ctime(&clock)); 206 (void) sendto(s, buffer, strlen(buffer), 0, 207 (struct sockaddr *)&ss, size); 208} 209 210/* ARGSUSED */ 211void 212daytime_stream(s, sep) /* Return human-readable time of day */ 213 int s; 214 struct servtab *sep; 215{ 216 char buffer[256]; 217 time_t clock; 218 219 clock = time((time_t *) 0); 220 221 (void) sprintf(buffer, "%.24s\r\n", ctime(&clock)); 222 (void) write(s, buffer, strlen(buffer)); 223} 224 225/* 226 * RFC863 Discard Protocol. Any data received is thrown away and no response 227 * is sent. 228 */ 229 230/* ARGSUSED */ 231void 232discard_dg(s, sep) /* Discard service -- ignore data */ 233 int s; 234 struct servtab *sep; 235{ 236 char buffer[BUFSIZE]; 237 238 (void) read(s, buffer, sizeof(buffer)); 239} 240 241/* ARGSUSED */ 242void 243discard_stream(s, sep) /* Discard service -- ignore data */ 244 int s; 245 struct servtab *sep; 246{ 247 int ret; 248 char buffer[BUFSIZE]; 249 250 inetd_setproctitle(sep->se_service, s); 251 while (1) { 252 while ((ret = read(s, buffer, sizeof(buffer))) > 0) 253 ; 254 if (ret == 0 || errno != EINTR) 255 break; 256 } 257 exit(0); 258} 259 260/* 261 * RFC862 Echo Protocol. Any data received is sent back to the sender as 262 * received. 263 */ 264 265/* ARGSUSED */ 266void 267echo_dg(s, sep) /* Echo service -- echo data back */ 268 int s; 269 struct servtab *sep; 270{ 271 char buffer[BUFSIZE]; 272 int i; 273 socklen_t size; 274 struct sockaddr_storage ss; 275 276 size = sizeof(ss); 277 if ((i = recvfrom(s, buffer, sizeof(buffer), 0, 278 (struct sockaddr *)&ss, &size)) < 0) 279 return; 280 281 if (check_loop((struct sockaddr *)&ss, sep)) 282 return; 283 284 (void) sendto(s, buffer, i, 0, (struct sockaddr *)&ss, size); 285} 286 287/* ARGSUSED */ 288void 289echo_stream(s, sep) /* Echo service -- echo data back */ 290 int s; 291 struct servtab *sep; 292{ 293 char buffer[BUFSIZE]; 294 int i; 295 296 inetd_setproctitle(sep->se_service, s); 297 while ((i = read(s, buffer, sizeof(buffer))) > 0 && 298 write(s, buffer, i) > 0) 299 ; 300 exit(0); 301} 302 303/* 304 * RFC1413 Identification Protocol. Given a TCP port number pair, return a 305 * character string which identifies the owner of that connection on the 306 * server's system. Extended to allow for ~/.fakeid support and ~/.noident 307 * support. 308 */ 309 310/* ARGSUSED */ 311void 312iderror(lport, fport, s, er) /* Generic ident_stream error-sending func */ 313 int lport, fport, s, er; 314{ 315 char *p; 316 317 asprintf(&p, "%d , %d : ERROR : %s\r\n", lport, fport, 318 er == -1 ? "HIDDEN-USER" : er ? strerror(er) : "UNKNOWN-ERROR"); 319 if (p == NULL) { 320 syslog(LOG_ERR, "asprintf: %m"); 321 exit(EX_OSERR); 322 } 323 write(s, p, strlen(p)); 324 free(p); 325 326 exit(0); 327} 328 329/* ARGSUSED */ 330void 331ident_stream(s, sep) /* Ident service (AKA "auth") */ 332 int s; 333 struct servtab *sep; 334{ 335 struct utsname un; 336 struct stat sb; 337 struct sockaddr_in sin[2]; 338#ifdef INET6 339 struct sockaddr_in6 sin6[2]; 340#endif 341 struct sockaddr_storage ss[2]; 342 struct ucred uc; 343 struct timeval tv = { 344 10, 345 0 346 }; 347 struct passwd *pw = NULL; 348 fd_set fdset; 349 char buf[BUFSIZE], *cp = NULL, *p, **av, *osname = NULL, garbage[7]; 350 char *fallback = NULL; 351 int len, c, fflag = 0, nflag = 0, rflag = 0, argc = 0, usedfallback = 0; 352 int gflag = 0, Rflag = 0, getcredfail = 0; 353 u_short lport, fport; 354 355 inetd_setproctitle(sep->se_service, s); 356 /* 357 * Reset getopt() since we are a fork() but not an exec() from 358 * a parent which used getopt() already. 359 */ 360 optind = 1; 361 optreset = 1; 362 /* 363 * Take the internal argument vector and count it out to make an 364 * argument count for getopt. This can be used for any internal 365 * service to read arguments and use getopt() easily. 366 */ 367 for (av = sep->se_argv; *av; av++) 368 argc++; 369 if (argc) { 370 int sec, usec; 371 size_t i; 372 u_int32_t random; 373 374 while ((c = getopt(argc, sep->se_argv, "d:fgno:rt:")) != -1) 375 switch (c) { 376 case 'd': 377 fallback = optarg; 378 break; 379 case 'f': 380 fflag = 1; 381 break; 382 case 'g': 383 gflag = 1; 384 random = 0; /* Shush, compiler. */ 385 /* 386 * The number of bits in "random" divided 387 * by the number of bits needed per iteration 388 * gives a more optimal way to reload the 389 * random number only when necessary. 390 * 391 * I'm using base-36, so I need at least 6 392 * bits; round it up to 8 bits to make it 393 * easier. 394 */ 395 for (i = 0; i < sizeof(garbage) - 1; i++) { 396 const char *const base36 = 397 "0123456789" 398 "abcdefghijklmnopqrstuvwxyz"; 399 if (i % (sizeof(random) * 8 / 8) == 0) 400 random = arc4random(); 401 garbage[i] = 402 base36[(random & 0xff) % 36]; 403 random >>= 8; 404 } 405 garbage[i] = '\0'; 406 break; 407 case 'n': 408 nflag = 1; 409 break; 410 case 'o': 411 osname = optarg; 412 break; 413 case 'R': 414 Rflag = 2; 415 break; 416 case 'r': 417 rflag = 1; 418 break; 419 case 't': 420 switch (sscanf(optarg, "%d.%d", &sec, &usec)) { 421 case 2: 422 tv.tv_usec = usec; 423 case 1: 424 tv.tv_sec = sec; 425 break; 426 default: 427 if (debug) 428 warnx("bad -t argument"); 429 break; 430 } 431 break; 432 default: 433 break; 434 } 435 } 436 if (osname == NULL) { 437 if (uname(&un) == -1) 438 iderror(0, 0, s, errno); 439 osname = un.sysname; 440 } 441 len = sizeof(ss[0]); 442 if (getsockname(s, (struct sockaddr *)&ss[0], &len) == -1) 443 iderror(0, 0, s, errno); 444 len = sizeof(ss[1]); 445 if (getpeername(s, (struct sockaddr *)&ss[1], &len) == -1) 446 iderror(0, 0, s, errno); 447 /* 448 * We're going to prepare for and execute reception of a 449 * packet of data from the user. The data is in the format 450 * "local_port , foreign_port\r\n" (with local being the 451 * server's port and foreign being the client's.) 452 */ 453 FD_ZERO(&fdset); 454 FD_SET(s, &fdset); 455 if (select(s + 1, &fdset, NULL, NULL, &tv) == -1) 456 iderror(0, 0, s, errno); 457 if (ioctl(s, FIONREAD, &len) == -1) 458 iderror(0, 0, s, errno); 459 if (len >= sizeof(buf)) 460 len = sizeof(buf) - 1; 461 len = read(s, buf, len); 462 if (len == -1) 463 iderror(0, 0, s, errno); 464 buf[len] = '\0'; 465 if (sscanf(buf, "%hu , %hu", &lport, &fport) != 2) 466 iderror(0, 0, s, 0); 467 if (gflag) { 468 cp = garbage; 469 goto printit; 470 } 471 472 if (!rflag) /* Send HIDDEN-USER immediately if not "real" */ 473 iderror(lport, fport, s, -1); 474 /* 475 * We take the input and construct an array of two sockaddr_ins 476 * which contain the local address information and foreign 477 * address information, respectively, used to look up the 478 * credentials for the socket (which are returned by the 479 * sysctl "net.inet.tcp.getcred" when we call it.) The 480 * arrays have been filled in above via get{peer,sock}name(), 481 * so right here we are only setting the ports. 482 */ 483 if (ss[0].ss_family != ss[1].ss_family) 484 iderror(lport, fport, s, errno); 485 len = sizeof(uc); 486 switch (ss[0].ss_family) { 487 case AF_INET: 488 sin[0] = *(struct sockaddr_in *)&ss[0]; 489 sin[0].sin_port = htons(lport); 490 sin[1] = *(struct sockaddr_in *)&ss[1]; 491 sin[1].sin_port = htons(fport); 492 if (sysctlbyname("net.inet.tcp.getcred", &uc, &len, sin, 493 sizeof(sin)) == -1) 494 getcredfail = 1; 495 break; 496#ifdef INET6 497 case AF_INET6: 498 sin6[0] = *(struct sockaddr_in6 *)&ss[0]; 499 sin6[0].sin6_port = htons(lport); 500 sin6[1] = *(struct sockaddr_in6 *)&ss[1]; 501 sin6[1].sin6_port = htons(fport); 502 if (sysctlbyname("net.inet6.tcp6.getcred", &uc, &len, sin6, 503 sizeof(sin6)) == -1) 504 getcredfail = 1; 505 break; 506#endif 507 default: /* should not reach here */ 508 getcredfail = 1; 509 break; 510 } 511 if (getcredfail != 0) { 512 if (fallback == NULL) /* Use a default, if asked to */ 513 iderror(lport, fport, s, errno); 514 usedfallback = 1; 515 } else { 516 /* Look up the pw to get the username */ 517 pw = getpwuid(uc.cr_uid); 518 } 519 if (pw == NULL && !usedfallback) /* No such user... */ 520 iderror(lport, fport, s, errno); 521 /* 522 * If enabled, we check for a file named ".noident" in the user's 523 * home directory. If found, we return HIDDEN-USER. 524 */ 525 if (nflag && !usedfallback) { 526 if (asprintf(&p, "%s/.noident", pw->pw_dir) == -1) 527 iderror(lport, fport, s, errno); 528 if (lstat(p, &sb) == 0) { 529 free(p); 530 iderror(lport, fport, s, -1); 531 } 532 free(p); 533 } 534 /* 535 * Here, if enabled, we read a user's ".fakeid" file in their 536 * home directory. It consists of a line containing the name 537 * they want. 538 */ 539 if (fflag && !usedfallback) { 540 FILE *fakeid = NULL; 541 542 if (asprintf(&p, "%s/.fakeid", pw->pw_dir) == -1) 543 iderror(lport, fport, s, errno); 544 /* 545 * Here we set ourself to effectively be the user, so we don't 546 * open any files we have no permission to open, especially 547 * symbolic links to sensitive root-owned files or devices. 548 */ 549 seteuid(pw->pw_uid); 550 setegid(pw->pw_gid); 551 /* 552 * If we were to lstat() here, it would do no good, since it 553 * would introduce a race condition and could be defeated. 554 * Therefore, we open the file we have permissions to open 555 * and if it's not a regular file, we close it and end up 556 * returning the user's real username. 557 */ 558 fakeid = fopen(p, "r"); 559 free(p); 560 if (fakeid != NULL && 561 fstat(fileno(fakeid), &sb) != -1 && S_ISREG(sb.st_mode)) { 562 buf[sizeof(buf) - 1] = '\0'; 563 if (fgets(buf, sizeof(buf), fakeid) == NULL) { 564 cp = pw->pw_name; 565 fclose(fakeid); 566 goto printit; 567 } 568 fclose(fakeid); 569 /* 570 * Usually, the file will have the desired identity 571 * in the form "identity\n", so we use strtok() to 572 * end the string (which fgets() doesn't do.) 573 */ 574 strtok(buf, "\r\n"); 575 /* User names of >16 characters are invalid */ 576 if (strlen(buf) > 16) 577 buf[16] = '\0'; 578 cp = buf; 579 /* Allow for beginning white space... */ 580 while (isspace(*cp)) 581 cp++; 582 /* ...and ending white space. */ 583 strtok(cp, " \t"); 584 /* 585 * If the name is a zero-length string or matches 586 * the name of another user, it's invalid, so 587 * we will return their real identity instead. 588 */ 589 590 if (!*cp || getpwnam(cp)) 591 cp = getpwuid(uc.cr_uid)->pw_name; 592 } else 593 cp = pw->pw_name; 594 } else if (!usedfallback) 595 cp = pw->pw_name; 596 else 597 cp = fallback; 598printit: 599 /* Finally, we make and send the reply. */ 600 if (asprintf(&p, "%d , %d : USERID : %s : %s\r\n", lport, fport, osname, 601 cp) == -1) { 602 syslog(LOG_ERR, "asprintf: %m"); 603 exit(EX_OSERR); 604 } 605 write(s, p, strlen(p)); 606 free(p); 607 608 exit(0); 609} 610 611/* 612 * RFC738 Time Server. 613 * Return a machine readable date and time, in the form of the 614 * number of seconds since midnight, Jan 1, 1900. Since gettimeofday 615 * returns the number of seconds since midnight, Jan 1, 1970, 616 * we must add 2208988800 seconds to this figure to make up for 617 * some seventy years Bell Labs was asleep. 618 */ 619 620unsigned long 621machtime() 622{ 623 struct timeval tv; 624 625 if (gettimeofday(&tv, (struct timezone *)NULL) < 0) { 626 if (debug) 627 warnx("unable to get time of day"); 628 return (0L); 629 } 630#define OFFSET ((u_long)25567 * 24*60*60) 631 return (htonl((long)(tv.tv_sec + OFFSET))); 632#undef OFFSET 633} 634 635/* ARGSUSED */ 636void 637machtime_dg(s, sep) 638 int s; 639 struct servtab *sep; 640{ 641 unsigned long result; 642 struct sockaddr_storage ss; 643 socklen_t size; 644 645 size = sizeof(ss); 646 if (recvfrom(s, (char *)&result, sizeof(result), 0, 647 (struct sockaddr *)&ss, &size) < 0) 648 return; 649 650 if (check_loop((struct sockaddr *)&ss, sep)) 651 return; 652 653 result = machtime(); 654 (void) sendto(s, (char *) &result, sizeof(result), 0, 655 (struct sockaddr *)&ss, size); 656} 657 658/* ARGSUSED */ 659void 660machtime_stream(s, sep) 661 int s; 662 struct servtab *sep; 663{ 664 unsigned long result; 665 666 result = machtime(); 667 (void) write(s, (char *) &result, sizeof(result)); 668} 669 670/* 671 * RFC1078 TCP Port Service Multiplexer (TCPMUX). Service connections to 672 * services based on the service name sent. 673 * 674 * Based on TCPMUX.C by Mark K. Lottor November 1988 675 * sri-nic::ps:<mkl>tcpmux.c 676 */ 677 678#define MAX_SERV_LEN (256+2) /* 2 bytes for \r\n */ 679#define strwrite(fd, buf) (void) write(fd, buf, sizeof(buf)-1) 680 681static int /* # of characters upto \r,\n or \0 */ 682getline(fd, buf, len) 683 int fd; 684 char *buf; 685 int len; 686{ 687 int count = 0, n; 688 struct sigaction sa; 689 690 sa.sa_flags = 0; 691 sigemptyset(&sa.sa_mask); 692 sa.sa_handler = SIG_DFL; 693 sigaction(SIGALRM, &sa, (struct sigaction *)0); 694 do { 695 alarm(10); 696 n = read(fd, buf, len-count); 697 alarm(0); 698 if (n == 0) 699 return (count); 700 if (n < 0) 701 return (-1); 702 while (--n >= 0) { 703 if (*buf == '\r' || *buf == '\n' || *buf == '\0') 704 return (count); 705 count++; 706 buf++; 707 } 708 } while (count < len); 709 return (count); 710} 711 712struct servtab * 713tcpmux(s) 714 int s; 715{ 716 struct servtab *sep; 717 char service[MAX_SERV_LEN+1]; 718 int len; 719 720 /* Get requested service name */ 721 if ((len = getline(s, service, MAX_SERV_LEN)) < 0) { 722 strwrite(s, "-Error reading service name\r\n"); 723 return (NULL); 724 } 725 service[len] = '\0'; 726 727 if (debug) 728 warnx("tcpmux: someone wants %s", service); 729 730 /* 731 * Help is a required command, and lists available services, 732 * one per line. 733 */ 734 if (!strcasecmp(service, "help")) { 735 for (sep = servtab; sep; sep = sep->se_next) { 736 if (!ISMUX(sep)) 737 continue; 738 (void)write(s,sep->se_service,strlen(sep->se_service)); 739 strwrite(s, "\r\n"); 740 } 741 return (NULL); 742 } 743 744 /* Try matching a service in inetd.conf with the request */ 745 for (sep = servtab; sep; sep = sep->se_next) { 746 if (!ISMUX(sep)) 747 continue; 748 if (!strcasecmp(service, sep->se_service)) { 749 if (ISMUXPLUS(sep)) { 750 strwrite(s, "+Go\r\n"); 751 } 752 return (sep); 753 } 754 } 755 strwrite(s, "-Service not available\r\n"); 756 return (NULL); 757} 758