contrib/tcp_wrappers/inetcf.c

   1  /*
   2   * Routines to parse an inetd.conf or tlid.conf file. This would be a great
   3   * job for a PERL script.
   4   *
   5   * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
   6   */
   7
   8 #ifndef lint
   9 static char sccsid[] = "@(#) inetcf.c 1.7 97/02/12 02:13:23";
  10 #endif
  11
  12 #include <sys/types.h>
  13 #include <sys/stat.h>
  14 #include <stdio.h>
  15 #include <errno.h>
  16 #include <string.h>
  17
  18 extern void exit();
  19
  20 #include "tcpd.h"
  21 #include "inetcf.h"
  22
  23  /*
  24   * Network configuration files may live in unusual places. Here are some
  25   * guesses. Shorter names follow longer ones.
  26   */
  27 char   *inet_files[] = {
  28     "/private/etc/inetd.conf",          /* NEXT */
  29     "/etc/inet/inetd.conf",             /* SYSV4 */
  30     "/usr/etc/inetd.conf",              /* IRIX?? */
  31     "/etc/inetd.conf",                  /* BSD */
  32     "/etc/net/tlid.conf",               /* SYSV4?? */
  33     "/etc/saf/tlid.conf",               /* SYSV4?? */
  34     "/etc/tlid.conf",                   /* SYSV4?? */
  35     0,
  36 };
  37
  38 static void inet_chk();
  39 static char *base_name();
  40
  41  /*
  42   * Structure with everything we know about a service.
  43   */
  44 struct inet_ent {
  45     struct inet_ent *next;
  46     int     type;
  47     char    name[1];
  48 };
  49
  50 static struct inet_ent *inet_list = 0;
  51
  52 static char whitespace[] = " \t\r\n";
  53
  54 /* inet_conf - read in and examine inetd.conf (or tlid.conf) entries */
  55
  56 char   *inet_cfg(conf)
  57 char   *conf;
  58 {
  59     char    buf[BUFSIZ];
  60     FILE   *fp;
  61     char   *service;
  62     char   *protocol;
  63     char   *user;
  64     char   *path;
  65     char   *arg0;
  66     char   *arg1;
  67     struct tcpd_context saved_context;
  68     char   *percent_m();
  69     int     i;
  70     struct stat st;
  71
  72     saved_context = tcpd_context;
  73
  74     /*
  75      * The inetd.conf (or tlid.conf) information is so useful that we insist
  76      * on its availability. When no file is given run a series of educated
  77      * guesses.
  78      */
  79     if (conf != 0) {
  80         if ((fp = fopen(conf, "r")) == 0) {
  81             fprintf(stderr, percent_m(buf, "open %s: %m\n"), conf);
  82             exit(1);
  83         }
  84     } else {
  85         for (i = 0; inet_files[i] && (fp = fopen(inet_files[i], "r")) == 0; i++)
  86              /* void */ ;
  87         if (fp == 0) {
  88             fprintf(stderr, "Cannot find your inetd.conf or tlid.conf file.\n");
  89             fprintf(stderr, "Please specify its location.\n");
  90             exit(1);
  91         }
  92         conf = inet_files[i];
  93         check_path(conf, &st);
  94     }
  95
  96     /*
  97      * Process the file. After the 7.0 wrapper release it became clear that
  98      * there are many more inetd.conf formats than the 8 systems that I had
  99      * studied. EP/IX uses a two-line specification for rpc services; HP-UX
 100      * permits long lines to be broken with backslash-newline.
 101      */
 102     tcpd_context.file = conf;
 103     tcpd_context.line = 0;
 104     while (xgets(buf, sizeof(buf), fp)) {
 105         service = strtok(buf, whitespace);      /* service */
 106         if (service == 0 || *service == '#')
 107             continue;
 108         if (STR_NE(service, "stream") && STR_NE(service, "dgram"))
 109             strtok((char *) 0, whitespace);     /* endpoint */
 110         protocol = strtok((char *) 0, whitespace);
 111         (void) strtok((char *) 0, whitespace);  /* wait */
 112         if ((user = strtok((char *) 0, whitespace)) == 0)
 113             continue;
 114         if (user[0] == '/') {                   /* user */
 115             path = user;
 116         } else {                                /* path */
 117             if ((path = strtok((char *) 0, whitespace)) == 0)
 118                 continue;
 119         }
 120         if (path[0] == '?')                     /* IRIX optional service */
 121             path++;
 122         if (STR_EQ(path, "internal"))
 123             continue;
 124         if (path[strspn(path, "-0123456789")] == 0) {
 125
 126             /*
 127              * ConvexOS puts RPC version numbers before path names. Jukka
 128              * Ukkonen <ukkonen@csc.fi>.
 129              */
 130             if ((path = strtok((char *) 0, whitespace)) == 0)
 131                 continue;
 132         }
 133         if ((arg0 = strtok((char *) 0, whitespace)) == 0) {
 134             tcpd_warn("incomplete line");
 135             continue;
 136         }
 137         if (arg0[strspn(arg0, "0123456789")] == 0) {
 138
 139             /*
 140              * We're reading a tlid.conf file, the format is:
 141              *
 142              * ...stuff... path arg_count arguments mod_count modules
 143              */
 144             if ((arg0 = strtok((char *) 0, whitespace)) == 0) {
 145                 tcpd_warn("incomplete line");
 146                 continue;
 147             }
 148         }
 149         if ((arg1 = strtok((char *) 0, whitespace)) == 0)
 150             arg1 = "";
 151
 152         inet_chk(protocol, path, arg0, arg1);
 153     }
 154     fclose(fp);
 155     tcpd_context = saved_context;
 156     return (conf);
 157 }
 158
 159 /* inet_chk - examine one inetd.conf (tlid.conf?) entry */
 160
 161 static void inet_chk(protocol, path, arg0, arg1)
 162 char   *protocol;
 163 char   *path;
 164 char   *arg0;
 165 char   *arg1;
 166 {
 167     char    daemon[BUFSIZ];
 168     struct stat st;
 169     int     wrap_status = WR_MAYBE;
 170     char   *base_name_path = base_name(path);
 171     char   *tcpd_proc_name = (arg0[0] == '/' ? base_name(arg0) : arg0);
 172
 173     /*
 174      * Always warn when the executable does not exist or when it is not
 175      * executable.
 176      */
 177     if (check_path(path, &st) < 0) {
 178         tcpd_warn("%s: not found: %m", path);
 179     } else if ((st.st_mode & 0100) == 0) {
 180         tcpd_warn("%s: not executable", path);
 181     }
 182
 183     /*
 184      * Cheat on the miscd tests, nobody uses it anymore.
 185      */
 186     if (STR_EQ(base_name_path, "miscd")) {
 187         inet_set(arg0, WR_YES);
 188         return;
 189     }
 190
 191     /*
 192      * While we are here...
 193      */
 194     if (STR_EQ(tcpd_proc_name, "rexd") || STR_EQ(tcpd_proc_name, "rpc.rexd"))
 195         tcpd_warn("%s may be an insecure service", tcpd_proc_name);
 196
 197     /*
 198      * The tcpd program gets most of the attention.
 199      */
 200     if (STR_EQ(base_name_path, "tcpd")) {
 201
 202         if (STR_EQ(tcpd_proc_name, "tcpd"))
 203             tcpd_warn("%s is recursively calling itself", tcpd_proc_name);
 204
 205         wrap_status = WR_YES;
 206
 207         /*
 208          * Check: some sites install the wrapper set-uid.
 209          */
 210         if ((st.st_mode & 06000) != 0)
 211             tcpd_warn("%s: file is set-uid or set-gid", path);
 212
 213         /*
 214          * Check: some sites insert tcpd in inetd.conf, instead of replacing
 215          * the daemon pathname.
 216          */
 217         if (arg0[0] == '/' && STR_EQ(tcpd_proc_name, base_name(arg1)))
 218             tcpd_warn("%s inserted before %s", path, arg0);
 219
 220         /*
 221          * Check: make sure files exist and are executable. On some systems
 222          * the network daemons are set-uid so we cannot complain. Note that
 223          * tcpd takes the basename only in case of absolute pathnames.
 224          */
 225         if (arg0[0] == '/') {                   /* absolute path */
 226             if (check_path(arg0, &st) < 0) {
 227                 tcpd_warn("%s: not found: %m", arg0);
 228             } else if ((st.st_mode & 0100) == 0) {
 229                 tcpd_warn("%s: not executable", arg0);
 230             }
 231         } else {                                /* look in REAL_DAEMON_DIR */
 232             sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0);
 233             if (check_path(daemon, &st) < 0) {
 234                 tcpd_warn("%s: not found in %s: %m",
 235                           arg0, REAL_DAEMON_DIR);
 236             } else if ((st.st_mode & 0100) == 0) {
 237                 tcpd_warn("%s: not executable", daemon);
 238             }
 239         }
 240
 241     } else {
 242
 243         /*
 244          * No tcpd program found. Perhaps they used the "simple installation"
 245          * recipe. Look for a file with the same basename in REAL_DAEMON_DIR.
 246          * Draw some conservative conclusions when a distinct file is found.
 247          */
 248         sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0);
 249         if (STR_EQ(path, daemon)) {
 250 #ifdef __FreeBSD__
 251             wrap_status = WR_MAYBE;
 252 #else
 253             wrap_status = WR_NOT;
 254 #endif
 255         } else if (check_path(daemon, &st) >= 0) {
 256             wrap_status = WR_MAYBE;
 257         } else if (errno == ENOENT) {
 258             wrap_status = WR_NOT;
 259         } else {
 260             tcpd_warn("%s: file lookup: %m", daemon);
 261             wrap_status = WR_MAYBE;
 262         }
 263     }
 264
 265     /*
 266      * Alas, we cannot wrap rpc/tcp services.
 267      */
 268     if (wrap_status == WR_YES && STR_EQ(protocol, "rpc/tcp"))
 269         tcpd_warn("%s: cannot wrap rpc/tcp services", tcpd_proc_name);
 270
 271     inet_set(tcpd_proc_name, wrap_status);
 272 }
 273
 274 /* inet_set - remember service status */
 275
 276 void    inet_set(name, type)
 277 char   *name;
 278 int     type;
 279 {
 280     struct inet_ent *ip =
 281     (struct inet_ent *) malloc(sizeof(struct inet_ent) + strlen(name));
 282
 283     if (ip == 0) {
 284         fprintf(stderr, "out of memory\n");
 285         exit(1);
 286     }
 287     ip->next = inet_list;
 288     strcpy(ip->name, name);
 289     ip->type = type;
 290     inet_list = ip;
 291 }
 292
 293 /* inet_get - look up service status */
 294
 295 int     inet_get(name)
 296 char   *name;
 297 {
 298     struct inet_ent *ip;
 299
 300     if (inet_list == 0)
 301         return (WR_MAYBE);
 302
 303     for (ip = inet_list; ip; ip = ip->next)
 304         if (STR_EQ(ip->name, name))
 305             return (ip->type);
 306
 307     return (-1);
 308 }
 309
 310 /* base_name - compute last pathname component */
 311
 312 static char *base_name(path)
 313 char   *path;
 314 {
 315     char   *cp;
 316
 317     if ((cp = strrchr(path, '/')) != 0)
 318         path = cp + 1;
 319     return (path);
 320 }