2 * Copyright (c) 1983, 1990, 1993
3 * The Regents of the University of California. All rights reserved.
4 * Copyright (c) 2002 Networks Associates Technology, Inc.
7 * Portions of this software were developed for the FreeBSD Project by
8 * ThinkSec AS and NAI Labs, the Security Research Division of Network
9 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
10 * ("CBOSS"), as part of the DARPA CHATS research program.
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 3. All advertising materials mentioning features or use of this software
21 * must display the following acknowledgement:
22 * This product includes software developed by the University of
23 * California, Berkeley and its contributors.
24 * 4. Neither the name of the University nor the names of its contributors
25 * may be used to endorse or promote products derived from this software
26 * without specific prior written permission.
28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40 * @(#) Copyright (c) 1983, 1990, 1993 The Regents of the University of California. All rights reserved.
41 * @(#)rlogin.c 8.1 (Berkeley) 6/6/93
42 * $FreeBSD: src/usr.bin/rlogin/rlogin.c,v 1.30 2002/04/28 11:16:43 markm Exp $
46 * rlogin - remote login
48 #include <sys/param.h>
49 #include <sys/socket.h>
51 #include <sys/resource.h>
54 #include <netinet/in.h>
55 #include <netinet/in_systm.h>
56 #include <netinet/ip.h>
57 #include <netinet/tcp.h>
75 #include <openssl/des.h>
81 Key_schedule schedule
;
82 int use_kerberos
= 1, doencrypt
;
83 char dst_realm_buf
[REALM_SZ
], *dest_realm
= NULL
;
86 #ifndef TIOCPKT_WINDOW
87 #define TIOCPKT_WINDOW 0x80
90 /* concession to Sun */
95 int eight
, litout
, rem
;
96 int family
= PF_UNSPEC
;
99 u_char escapechar
= '~';
101 const char *speeds
[] = {
102 "0", "50", "75", "110", "134", "150", "200", "300", "600", "1200",
103 "1800", "2400", "4800", "9600", "19200", "38400", "57600", "115200"
104 #define MAX_SPEED_LENGTH (sizeof("115200") - 1)
107 #define get_window_size(fd, wp) ioctl(fd, TIOCGWINSZ, wp)
108 struct winsize winsize
;
110 void catch_child(int);
111 void copytochild(int);
112 void doit(long) __dead2
;
113 void done(int) __dead2
;
115 u_int
getescape(char *);
118 void msg(const char *);
121 void sendwindow(void);
125 void usage(void) __dead2
;
130 main(int argc
, char *argv
[])
136 int argoff
, ch
, dflag
, Dflag
, one
, uid
;
137 char *host
, *localname
, *p
, *user
, term
[1024];
141 struct sockaddr_storage ss
;
144 argoff
= dflag
= Dflag
= 0;
146 host
= localname
= user
= NULL
;
148 if ((p
= strrchr(argv
[0], '/')))
153 if (strcmp(p
, "rlogin"))
156 /* handle "rlogin host flags" */
157 if (!host
&& argc
> 2 && argv
[1][0] != '-') {
163 #define OPTIONS "468DEKLde:i:k:l:x"
165 #define OPTIONS "468DEKLde:i:l:"
167 while ((ch
= getopt(argc
- argoff
, argv
+ argoff
, OPTIONS
)) != -1)
199 escapechar
= getescape(optarg
);
203 errx(1, "-i user: permission denied");
208 dest_realm
= dst_realm_buf
;
209 (void)strncpy(dest_realm
, optarg
, REALM_SZ
);
228 /* if haven't gotten a host yet, do so */
229 if (!host
&& !(host
= argv
[optind
++]))
235 if (!(pw
= getpwuid(uid
= getuid())))
236 errx(1, "unknown user id");
240 localname
= pw
->pw_name
;
244 k
= auth_getval("auth_list");
245 if (k
&& !strstr(k
, "kerberos"))
248 sp
= getservbyname((doencrypt
? "eklogin" : "klogin"), "tcp");
251 warn("can't get entry for %s/tcp service",
252 doencrypt
? "eklogin" : "klogin");
257 sp
= getservbyname("login", "tcp");
259 errx(1, "login/tcp: unknown service");
261 #define MAX_TERM_LENGTH (sizeof(term) - 1 - MAX_SPEED_LENGTH - 1)
263 (void)strncpy(term
, (p
= getenv("TERM")) ? p
: "network",
265 term
[MAX_TERM_LENGTH
] = '\0';
266 if (ioctl(0, TIOCGETP
, &ttyb
) == 0) {
267 (void)strcat(term
, "/");
268 (void)strcat(term
, speeds
[(int)ttyb
.sg_ospeed
]);
271 (void)get_window_size(0, &winsize
);
273 (void)signal(SIGPIPE
, lostpeer
);
274 /* will use SIGUSR1 for window size hack, so hold it off */
275 omask
= sigblock(sigmask(SIGURG
) | sigmask(SIGUSR1
));
277 * We set SIGURG and SIGUSR1 below so that an
278 * incoming signal will be held pending rather than being
279 * discarded. Note that these routines will be ready to get
280 * a signal by the time that they are unblocked below.
282 (void)signal(SIGURG
, copytochild
);
283 (void)signal(SIGUSR1
, writeroob
);
290 if (dest_realm
== NULL
)
291 dest_realm
= krb_realmofhost(host
);
295 rem
= krcmd_mutual(&host
, sp
->s_port
, user
, term
, 0,
296 dest_realm
, &cred
, schedule
);
297 des_set_key(&cred
.session
, schedule
);
300 rem
= krcmd(&host
, sp
->s_port
, user
, term
, 0,
306 sp
= getservbyname("login", "tcp");
308 errx(1, "unknown service login/tcp");
309 if (errno
== ECONNREFUSED
)
310 warn("remote host doesn't support Kerberos");
312 warn("can't provide Kerberos auth data");
313 newargv
= malloc((argc
+ 2) * sizeof(*newargv
));
316 newargv
[0] = argv
[0];
318 for(i
= 1; i
< argc
; ++i
)
319 newargv
[i
+ 1] = argv
[i
];
320 newargv
[argc
+ 1] = NULL
;
321 execv(_PATH_RLOGIN
, newargv
);
326 errx(1, "the -x flag requires Kerberos authentication");
328 rem
= rcmd_af(&host
, sp
->s_port
, localname
, user
, term
, 0,
332 rem
= rcmd_af(&host
, sp
->s_port
, localname
, user
, term
, 0, family
);
333 #endif /* KERBEROS */
339 setsockopt(rem
, SOL_SOCKET
, SO_DEBUG
, &one
, sizeof(one
)) < 0)
342 setsockopt(rem
, IPPROTO_TCP
, TCP_NODELAY
, &one
, sizeof(one
)) < 0)
343 warn("setsockopt NODELAY (ignored)");
346 one
= IPTOS_LOWDELAY
;
347 if (getsockname(rem
, (struct sockaddr
*)&ss
, &sslen
) == 0 &&
348 ss
.ss_family
== AF_INET
) {
349 if (setsockopt(rem
, IPPROTO_IP
, IP_TOS
, (char *)&one
,
351 warn("setsockopt TOS (ignored)");
353 if (ss
.ss_family
== AF_INET
)
354 warn("setsockopt getsockname failed");
361 int child
, defflags
, deflflags
, tabflag
;
362 char deferase
, defkill
;
364 struct ltchars defltc
;
365 struct tchars notc
= { -1, -1, -1, -1, -1, -1 };
366 struct ltchars noltc
= { -1, -1, -1, -1, -1, -1 };
373 (void)ioctl(0, TIOCGETP
, (char *)&sb
);
374 defflags
= sb
.sg_flags
;
375 tabflag
= defflags
& TBDELAY
;
376 defflags
&= ECHO
| CRMOD
;
377 deferase
= sb
.sg_erase
;
378 defkill
= sb
.sg_kill
;
379 (void)ioctl(0, TIOCLGET
, &deflflags
);
380 (void)ioctl(0, TIOCGETC
, &deftc
);
381 notc
.t_startc
= deftc
.t_startc
;
382 notc
.t_stopc
= deftc
.t_stopc
;
383 (void)ioctl(0, TIOCGLTC
, &defltc
);
384 (void)signal(SIGINT
, SIG_IGN
);
394 if (reader(omask
) == 0) {
395 msg("connection closed.");
399 msg("\007connection closed.");
404 * We may still own the socket, and may have a pending SIGURG (or might
405 * receive one soon) that we really want to send to the reader. When
406 * one of these comes in, the trap copytochild simply copies such
407 * signals to the child. We can now unblock SIGURG and SIGUSR1
408 * that were set above.
410 (void)sigsetmask(omask
);
411 (void)signal(SIGCHLD
, catch_child
);
413 msg("closed connection.");
417 /* trap a signal, unless it is being ignored. */
421 int omask
= sigblock(sigmask(sig
));
423 if (signal(sig
, exit
) == SIG_IGN
)
424 (void)signal(sig
, SIG_IGN
);
425 (void)sigsetmask(omask
);
435 /* make sure catch_child does not snap it up */
436 (void)signal(SIGCHLD
, SIG_DFL
);
437 if (kill(child
, SIGKILL
) >= 0)
438 while ((w
= wait(&wstatus
)) > 0 && w
!= child
);
446 * This is called when the reader process gets the out-of-band (urgent)
447 * request to turn on the window-changing protocol.
450 writeroob(int signo __unused
)
452 if (dosigwinch
== 0) {
454 (void)signal(SIGWINCH
, sigwinch
);
460 catch_child(int signo __unused
)
466 pid
= wait3((int *)&status
, WNOHANG
|WUNTRACED
, NULL
);
469 /* if the child (reader) dies, just quit */
470 if (pid
< 0 || (pid
== child
&& !WIFSTOPPED(status
)))
471 done((int)(status
.w_termsig
| status
.w_retcode
));
477 * writer: write to remote: 0 -> line.
479 * ~^Z suspend rlogin process.
480 * ~<delayed-suspend char> suspend rlogin process, but leave reader alone.
488 bol
= 1; /* beginning of line */
491 n
= read(STDIN_FILENO
, &c
, 1);
493 if (n
< 0 && errno
== EINTR
)
498 * If we're at the beginning of the line and recognize a
499 * command character, then we echo locally. Otherwise,
500 * characters are echo'd remotely. If the command character
501 * is doubled, this acts as a force and local echo is
506 if (!noescape
&& c
== escapechar
) {
512 if (c
== '.' || c
== deftc
.t_eofc
) {
516 if (c
== defltc
.t_suspc
|| c
== defltc
.t_dsuspc
) {
526 (void)des_enc_write(rem
,
527 (char *)&escapechar
, 1,
528 schedule
, &cred
.session
);
532 (void)write(rem
, &escapechar
, 1);
538 if (des_enc_write(rem
, &c
, 1, schedule
, &cred
.session
) == 0) {
545 if (write(rem
, &c
, 1) == 0) {
549 bol
= c
== defkill
|| c
== deftc
.t_eofc
||
550 c
== deftc
.t_intrc
|| c
== defltc
.t_suspc
||
551 c
== '\r' || c
== '\n';
567 } else if (c
== 0177) {
574 (void)write(STDOUT_FILENO
, buf
, p
- buf
);
581 (void)signal(SIGCHLD
, SIG_IGN
);
582 (void)kill(cmdc
== defltc
.t_suspc
? 0 : getpid(), SIGTSTP
);
583 (void)signal(SIGCHLD
, catch_child
);
585 sigwinch(0); /* check for size changes */
589 sigwinch(int signo __unused
)
593 if (dosigwinch
&& get_window_size(0, &ws
) == 0 &&
594 bcmp(&ws
, &winsize
, sizeof(ws
))) {
601 * Send the window size to the server via the magic escape
607 char obuf
[4 + sizeof (struct winsize
)];
609 wp
= (struct winsize
*)(obuf
+4);
614 wp
->ws_row
= htons(winsize
.ws_row
);
615 wp
->ws_col
= htons(winsize
.ws_col
);
616 wp
->ws_xpixel
= htons(winsize
.ws_xpixel
);
617 wp
->ws_ypixel
= htons(winsize
.ws_ypixel
);
622 (void)des_enc_write(rem
, obuf
, sizeof(obuf
),
623 schedule
, &cred
.session
);
627 (void)write(rem
, obuf
, sizeof(obuf
));
631 * reader: read from remote: line -> 1
637 int ppid
, rcvcnt
, rcvstate
;
638 char rcvbuf
[8 * 1024];
641 oob(int signo __unused
)
644 int atmark
, n
, out
, rcvd
;
645 char waste
[BUFSIZ
], mark
;
649 while (recv(rem
, &mark
, 1, MSG_OOB
) < 0) {
653 * Urgent data not here yet. It may not be possible
654 * to send it yet if we are blocked for output and
655 * our input buffer is full.
657 if (rcvcnt
< (int)sizeof(rcvbuf
)) {
658 n
= read(rem
, rcvbuf
+ rcvcnt
,
659 sizeof(rcvbuf
) - rcvcnt
);
664 n
= read(rem
, waste
, sizeof(waste
));
673 if (mark
& TIOCPKT_WINDOW
) {
674 /* Let server know about window size changes */
675 (void)kill(ppid
, SIGUSR1
);
677 if (!eight
&& (mark
& TIOCPKT_NOSTOP
)) {
678 (void)ioctl(0, TIOCGETP
, (char *)&sb
);
679 sb
.sg_flags
&= ~CBREAK
;
681 (void)ioctl(0, TIOCSETN
, (char *)&sb
);
684 (void)ioctl(0, TIOCSETC
, (char *)¬c
);
686 if (!eight
&& (mark
& TIOCPKT_DOSTOP
)) {
687 (void)ioctl(0, TIOCGETP
, (char *)&sb
);
689 sb
.sg_flags
|= CBREAK
;
690 (void)ioctl(0, TIOCSETN
, (char *)&sb
);
691 notc
.t_stopc
= deftc
.t_stopc
;
692 notc
.t_startc
= deftc
.t_startc
;
693 (void)ioctl(0, TIOCSETC
, (char *)¬c
);
695 if (mark
& TIOCPKT_FLUSHWRITE
) {
696 (void)ioctl(1, TIOCFLUSH
, (char *)&out
);
698 if (ioctl(rem
, SIOCATMARK
, &atmark
) < 0) {
704 n
= read(rem
, waste
, sizeof (waste
));
709 * Don't want any pending data to be output, so clear the recv
710 * buffer. If we were hanging on a write when interrupted,
711 * don't want it to restart. If we were reading, restart
718 /* oob does not do FLUSHREAD (alas!) */
721 * If we filled the receive buffer while a read was pending, longjmp
722 * to the top to restart appropriately. Don't abort a pending write,
723 * however, or we won't know how much was written.
725 if (rcvd
&& rcvstate
== READING
)
729 /* reader: read from remote: line -> 1 */
733 int pid
, n
, remaining
;
736 #if BSD >= 43 || defined(SUNOS4)
737 pid
= getpid(); /* modern systems use positives for pid */
739 pid
= -getpid(); /* old broken systems use negatives */
741 (void)signal(SIGTTOU
, SIG_IGN
);
742 (void)signal(SIGURG
, oob
);
743 (void)signal(SIGUSR1
, oob
); /* When propogating SIGURG from parent */
745 (void)fcntl(rem
, F_SETOWN
, pid
);
746 (void)setjmp(rcvtop
);
747 (void)sigsetmask(omask
);
750 while ((remaining
= rcvcnt
- (bufp
- rcvbuf
)) > 0) {
752 n
= write(STDOUT_FILENO
, bufp
, remaining
);
767 rcvcnt
= des_enc_read(rem
, rcvbuf
, sizeof(rcvbuf
),
768 schedule
, &cred
.session
);
772 rcvcnt
= read(rem
, rcvbuf
, sizeof (rcvbuf
));
792 (void)ioctl(0, TIOCGETP
, (char *)&sb
);
793 (void)ioctl(0, TIOCLGET
, (char *)&lflags
);
796 sb
.sg_flags
&= ~(CBREAK
|RAW
|TBDELAY
);
797 sb
.sg_flags
|= defflags
|tabflag
;
800 sb
.sg_kill
= defkill
;
801 sb
.sg_erase
= deferase
;
805 sb
.sg_flags
|= (eight
? RAW
: CBREAK
);
806 sb
.sg_flags
&= ~defflags
;
807 /* preserve tab delays, but turn off XTABS */
808 if ((sb
.sg_flags
& TBDELAY
) == XTABS
)
809 sb
.sg_flags
&= ~TBDELAY
;
812 sb
.sg_kill
= sb
.sg_erase
= -1;
819 (void)ioctl(0, TIOCSLTC
, (char *)ltc
);
820 (void)ioctl(0, TIOCSETC
, (char *)tc
);
821 (void)ioctl(0, TIOCSETN
, (char *)&sb
);
822 (void)ioctl(0, TIOCLSET
, (char *)&lflags
);
826 lostpeer(int signo __unused
)
828 (void)signal(SIGPIPE
, SIG_IGN
);
829 msg("\007connection closed.");
833 /* copy SIGURGs to the child process via SIGUSR1. */
835 copytochild(int signo __unused
)
837 (void)kill(child
, SIGUSR1
);
843 (void)fprintf(stderr
, "rlogin: %s\r\n", str
);
849 (void)fprintf(stderr
,
850 "usage: rlogin [-46%s]%s[-e char] [-i localname] [-l username] host\n",
853 "8DEKLdx", " [-k realm] ");
855 "8DEKLd", " [-k realm] ");
869 if ((len
= strlen(p
)) == 1) /* use any single char, including '\' */
871 /* otherwise, \nnn */
872 if (*p
== '\\' && len
>= 2 && len
<= 4) {
873 val
= strtol(++p
, NULL
, 8);
877 if (*p
< '0' || *p
> '8')
881 msg("illegal option value -- e");