contrib/tcp_wrappers/inetcf.c

   1  /*
   2   * Routines to parse an inetd.conf or tlid.conf file. This would be a great
   3   * job for a PERL script.
   4   *
   5   * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
   6   */
   7
   8 #include <sys/types.h>
   9 #include <sys/stat.h>
  10 #include <stdio.h>
  11 #include <errno.h>
  12 #include <string.h>
  13 #include <stdlib.h>
  14
  15 extern void exit();
  16
  17 #include "tcpd.h"
  18 #include "inetcf.h"
  19 #include "scaffold.h"
  20
  21  /*
  22   * Network configuration files may live in unusual places. Here are some
  23   * guesses. Shorter names follow longer ones.
  24   */
  25 char   *inet_files[] = {
  26     "/private/etc/inetd.conf",          /* NEXT */
  27     "/etc/inet/inetd.conf",             /* SYSV4 */
  28     "/usr/etc/inetd.conf",              /* IRIX?? */
  29     "/etc/inetd.conf",                  /* BSD */
  30     "/etc/net/tlid.conf",               /* SYSV4?? */
  31     "/etc/saf/tlid.conf",               /* SYSV4?? */
  32     "/etc/tlid.conf",                   /* SYSV4?? */
  33     0,
  34 };
  35
  36 static void inet_chk();
  37 static char *base_name();
  38
  39  /*
  40   * Structure with everything we know about a service.
  41   */
  42 struct inet_ent {
  43     struct inet_ent *next;
  44     int     type;
  45     char    name[1];
  46 };
  47
  48 static struct inet_ent *inet_list = 0;
  49
  50 static char whitespace[] = " \t\r\n";
  51
  52 /* inet_conf - read in and examine inetd.conf (or tlid.conf) entries */
  53
  54 char   *inet_cfg(conf)
  55 char   *conf;
  56 {
  57     char    buf[BUFSIZ];
  58     FILE   *fp;
  59     char   *service;
  60     char   *protocol;
  61     char   *user;
  62     char   *path;
  63     char   *arg0;
  64     char   *arg1;
  65     struct tcpd_context saved_context;
  66     char   *percent_m();
  67     int     i;
  68     struct stat st;
  69
  70     saved_context = tcpd_context;
  71
  72     /*
  73      * The inetd.conf (or tlid.conf) information is so useful that we insist
  74      * on its availability. When no file is given run a series of educated
  75      * guesses.
  76      */
  77     if (conf != 0) {
  78         if ((fp = fopen(conf, "r")) == 0) {
  79             fprintf(stderr, percent_m(buf, "open %s: %m\n"), conf);
  80             exit(1);
  81         }
  82     } else {
  83         for (i = 0; inet_files[i] && (fp = fopen(inet_files[i], "r")) == 0; i++)
  84              /* void */ ;
  85         if (fp == 0) {
  86             fprintf(stderr, "Cannot find your inetd.conf or tlid.conf file.\n");
  87             fprintf(stderr, "Please specify its location.\n");
  88             exit(1);
  89         }
  90         conf = inet_files[i];
  91         check_path(conf, &st);
  92     }
  93
  94     /*
  95      * Process the file. After the 7.0 wrapper release it became clear that
  96      * there are many more inetd.conf formats than the 8 systems that I had
  97      * studied. EP/IX uses a two-line specification for rpc services; HP-UX
  98      * permits long lines to be broken with backslash-newline.
  99      */
 100     tcpd_context.file = conf;
 101     tcpd_context.line = 0;
 102     while (xgets(buf, sizeof(buf), fp)) {
 103         service = strtok(buf, whitespace);      /* service */
 104         if (service == 0 || *service == '#')
 105             continue;
 106         if (STR_NE(service, "stream") && STR_NE(service, "dgram"))
 107             strtok((char *) 0, whitespace);     /* endpoint */
 108         protocol = strtok((char *) 0, whitespace);
 109         (void) strtok((char *) 0, whitespace);  /* wait */
 110         if ((user = strtok((char *) 0, whitespace)) == 0)
 111             continue;
 112         if (user[0] == '/') {                   /* user */
 113             path = user;
 114         } else {                                /* path */
 115             if ((path = strtok((char *) 0, whitespace)) == 0)
 116                 continue;
 117         }
 118         if (path[0] == '?')                     /* IRIX optional service */
 119             path++;
 120         if (STR_EQ(path, "internal"))
 121             continue;
 122         if (path[strspn(path, "-0123456789")] == 0) {
 123
 124             /*
 125              * ConvexOS puts RPC version numbers before path names. Jukka
 126              * Ukkonen <ukkonen@csc.fi>.
 127              */
 128             if ((path = strtok((char *) 0, whitespace)) == 0)
 129                 continue;
 130         }
 131         if ((arg0 = strtok((char *) 0, whitespace)) == 0) {
 132             tcpd_warn("incomplete line");
 133             continue;
 134         }
 135         if (arg0[strspn(arg0, "0123456789")] == 0) {
 136
 137             /*
 138              * We're reading a tlid.conf file, the format is:
 139              *
 140              * ...stuff... path arg_count arguments mod_count modules
 141              */
 142             if ((arg0 = strtok((char *) 0, whitespace)) == 0) {
 143                 tcpd_warn("incomplete line");
 144                 continue;
 145             }
 146         }
 147         if ((arg1 = strtok((char *) 0, whitespace)) == 0)
 148             arg1 = "";
 149
 150         inet_chk(protocol, path, arg0, arg1);
 151     }
 152     fclose(fp);
 153     tcpd_context = saved_context;
 154     return (conf);
 155 }
 156
 157 /* inet_chk - examine one inetd.conf (tlid.conf?) entry */
 158
 159 static void inet_chk(protocol, path, arg0, arg1)
 160 char   *protocol;
 161 char   *path;
 162 char   *arg0;
 163 char   *arg1;
 164 {
 165     char    daemon[BUFSIZ];
 166     struct stat st;
 167     int     wrap_status = WR_MAYBE;
 168     char   *base_name_path = base_name(path);
 169     char   *tcpd_proc_name = (arg0[0] == '/' ? base_name(arg0) : arg0);
 170
 171     /*
 172      * Always warn when the executable does not exist or when it is not
 173      * executable.
 174      */
 175     if (check_path(path, &st) < 0) {
 176         tcpd_warn("%s: not found: %m", path);
 177     } else if ((st.st_mode & 0100) == 0) {
 178         tcpd_warn("%s: not executable", path);
 179     }
 180
 181     /*
 182      * Cheat on the miscd tests, nobody uses it anymore.
 183      */
 184     if (STR_EQ(base_name_path, "miscd")) {
 185         inet_set(arg0, WR_YES);
 186         return;
 187     }
 188
 189     /*
 190      * While we are here...
 191      */
 192     if (STR_EQ(tcpd_proc_name, "rexd") || STR_EQ(tcpd_proc_name, "rpc.rexd"))
 193         tcpd_warn("%s may be an insecure service", tcpd_proc_name);
 194
 195     /*
 196      * The tcpd program gets most of the attention.
 197      */
 198     if (STR_EQ(base_name_path, "tcpd")) {
 199
 200         if (STR_EQ(tcpd_proc_name, "tcpd"))
 201             tcpd_warn("%s is recursively calling itself", tcpd_proc_name);
 202
 203         wrap_status = WR_YES;
 204
 205         /*
 206          * Check: some sites install the wrapper set-uid.
 207          */
 208         if ((st.st_mode & 06000) != 0)
 209             tcpd_warn("%s: file is set-uid or set-gid", path);
 210
 211         /*
 212          * Check: some sites insert tcpd in inetd.conf, instead of replacing
 213          * the daemon pathname.
 214          */
 215         if (arg0[0] == '/' && STR_EQ(tcpd_proc_name, base_name(arg1)))
 216             tcpd_warn("%s inserted before %s", path, arg0);
 217
 218         /*
 219          * Check: make sure files exist and are executable. On some systems
 220          * the network daemons are set-uid so we cannot complain. Note that
 221          * tcpd takes the basename only in case of absolute pathnames.
 222          */
 223         if (arg0[0] == '/') {                   /* absolute path */
 224             if (check_path(arg0, &st) < 0) {
 225                 tcpd_warn("%s: not found: %m", arg0);
 226             } else if ((st.st_mode & 0100) == 0) {
 227                 tcpd_warn("%s: not executable", arg0);
 228             }
 229         } else {                                /* look in REAL_DAEMON_DIR */
 230             sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0);
 231             if (check_path(daemon, &st) < 0) {
 232                 tcpd_warn("%s: not found in %s: %m",
 233                           arg0, REAL_DAEMON_DIR);
 234             } else if ((st.st_mode & 0100) == 0) {
 235                 tcpd_warn("%s: not executable", daemon);
 236             }
 237         }
 238
 239     } else {
 240
 241         /*
 242          * No tcpd program found. Perhaps they used the "simple installation"
 243          * recipe. Look for a file with the same basename in REAL_DAEMON_DIR.
 244          * Draw some conservative conclusions when a distinct file is found.
 245          */
 246         sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0);
 247         if (STR_EQ(path, daemon)) {
 248 #ifdef __FreeBSD__
 249             wrap_status = WR_MAYBE;
 250 #else
 251             wrap_status = WR_NOT;
 252 #endif
 253         } else if (check_path(daemon, &st) >= 0) {
 254             wrap_status = WR_MAYBE;
 255         } else if (errno == ENOENT) {
 256             wrap_status = WR_NOT;
 257         } else {
 258             tcpd_warn("%s: file lookup: %m", daemon);
 259             wrap_status = WR_MAYBE;
 260         }
 261     }
 262
 263     /*
 264      * Alas, we cannot wrap rpc/tcp services.
 265      */
 266     if (wrap_status == WR_YES && STR_EQ(protocol, "rpc/tcp"))
 267         tcpd_warn("%s: cannot wrap rpc/tcp services", tcpd_proc_name);
 268
 269     inet_set(tcpd_proc_name, wrap_status);
 270 }
 271
 272 /* inet_set - remember service status */
 273
 274 void    inet_set(name, type)
 275 char   *name;
 276 int     type;
 277 {
 278     struct inet_ent *ip =
 279     (struct inet_ent *) malloc(sizeof(struct inet_ent) + strlen(name));
 280
 281     if (ip == 0) {
 282         fprintf(stderr, "out of memory\n");
 283         exit(1);
 284     }
 285     ip->next = inet_list;
 286     strcpy(ip->name, name);
 287     ip->type = type;
 288     inet_list = ip;
 289 }
 290
 291 /* inet_get - look up service status */
 292
 293 int     inet_get(name)
 294 char   *name;
 295 {
 296     struct inet_ent *ip;
 297
 298     if (inet_list == 0)
 299         return (WR_MAYBE);
 300
 301     for (ip = inet_list; ip; ip = ip->next)
 302         if (STR_EQ(ip->name, name))
 303             return (ip->type);
 304
 305     return (-1);
 306 }
 307
 308 /* base_name - compute last pathname component */
 309
 310 static char *base_name(path)
 311 char   *path;
 312 {
 313     char   *cp;
 314
 315     if ((cp = strrchr(path, '/')) != 0)
 316         path = cp + 1;
 317     return (path);
 318 }