search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
HAMMER 42C/Many: Stabilization.
[dragonfly.git] / usr.bin / rsh / rsh.c
blob7080b0ab49867e6452953abda3be0585ee44904c
1 /*-
2 * Copyright (c) 1983, 1990, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 * @(#) Copyright (c) 1983, 1990, 1993, 1994 The Regents of the University of California. All rights reserved.
34 * @(#)rsh.c 8.3 (Berkeley) 4/6/94
35 * $FreeBSD: src/usr.bin/rsh/rsh.c,v 1.21.2.4 2002/09/17 15:34:41 nectar Exp $
36 * $DragonFly: src/usr.bin/rsh/rsh.c,v 1.7 2007/05/18 17:05:12 dillon Exp $
37 */
38
39 #include <sys/param.h>
40 #include <sys/signal.h>
41 #include <sys/socket.h>
42 #include <sys/ioctl.h>
43 #include <sys/file.h>
44 #include <sys/time.h>
45
46 #include <netinet/in.h>
47 #include <netdb.h>
48
49 #include <err.h>
50 #include <errno.h>
51 #include <libutil.h>
52 #include <pwd.h>
53 #include <signal.h>
54 #include <stdio.h>
55 #include <stdlib.h>
56 #include <string.h>
57 #include <unistd.h>
58
59 #include "pathnames.h"
60
61 #ifdef KERBEROS
62 #include <openssl/des.h>
63 #include <krb.h>
64 #include "krb.h"
65
66 CREDENTIALS cred;
67 Key_schedule schedule;
68 int use_kerberos = 1, doencrypt;
69 char dst_realm_buf[REALM_SZ], *dest_realm;
70 extern char *krb_realmofhost();
71 #endif
72
73 /*
74 * rsh - remote shell
75 */
76 int rfd2;
77
78 int family = PF_UNSPEC;
79
80 void connect_timeout(int);
81 char *copyargs(char **);
82 void sendsig(int);
83 void talk(int, long, pid_t, int, int);
84 void usage(void);
85
86 static char rlogin[] = "rlogin";
87
88 int
89 main(int argc, char **argv)
90 {
91 struct passwd *pw;
92 struct servent *sp;
93 long omask;
94 int argoff, asrsh, ch, dflag, nflag, one, rem;
95 pid_t pid = 0;
96 uid_t uid;
97 char *args, *host, *p, *user;
98 int timeout = 0;
99 #ifdef KERBEROS
100 char *k;
101 #endif
102
103 argoff = asrsh = dflag = nflag = 0;
104 one = 1;
105 host = user = NULL;
106
107 /* if called as something other than "rsh", use it as the host name */
108 if ((p = strrchr(argv[0], '/')))
109 ++p;
110 else
111 p = argv[0];
112 if (strcmp(p, "rsh"))
113 host = p;
114 else
115 asrsh = 1;
116
117 /* handle "rsh host flags" */
118 if (!host && argc > 2 && argv[1][0] != '-') {
119 host = argv[1];
120 argoff = 1;
121 }
122
123 #ifdef KERBEROS
124 #ifdef CRYPT
125 #define OPTIONS "468KLde:k:l:nt:wx"
126 #else
127 #define OPTIONS "468KLde:k:l:nt:w"
128 #endif
129 #else
130 #define OPTIONS "468KLde:l:nt:w"
131 #endif
132 while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1)
133 switch(ch) {
134 case '4':
135 family = PF_INET;
136 break;
137
138 case '6':
139 family = PF_INET6;
140 break;
141
142 case 'K':
143 #ifdef KERBEROS
144 use_kerberos = 0;
145 #endif
146 break;
147 case 'L': /* -8Lew are ignored to allow rlogin aliases */
148 case 'e':
149 case 'w':
150 case '8':
151 break;
152 case 'd':
153 dflag = 1;
154 break;
155 case 'l':
156 user = optarg;
157 break;
158 #ifdef KERBEROS
159 case 'k':
160 dest_realm = dst_realm_buf;
161 strncpy(dest_realm, optarg, REALM_SZ);
162 break;
163 #endif
164 case 'n':
165 nflag = 1;
166 break;
167 #ifdef KERBEROS
168 #ifdef CRYPT
169 case 'x':
170 doencrypt = 1;
171 break;
172 #endif
173 #endif
174 case 't':
175 timeout = atoi(optarg);
176 break;
177 case '?':
178 default:
179 usage();
180 }
181 optind += argoff;
182
183 /* if haven't gotten a host yet, do so */
184 if (!host && !(host = argv[optind++]))
185 usage();
186
187 /* if no further arguments, must have been called as rlogin. */
188 if (!argv[optind]) {
189 if (asrsh)
190 *argv = rlogin;
191 execv(_PATH_RLOGIN, argv);
192 err(1, "can't exec %s", _PATH_RLOGIN);
193 }
194
195 argc -= optind;
196 argv += optind;
197
198 if (!(pw = getpwuid(uid = getuid())))
199 errx(1, "unknown user id");
200 if (!user)
201 user = pw->pw_name;
202
203 #ifdef KERBEROS
204 #ifdef CRYPT
205 /* -x turns off -n */
206 if (doencrypt)
207 nflag = 0;
208 #endif
209 #endif
210
211 args = copyargs(argv);
212
213 sp = NULL;
214 #ifdef KERBEROS
215 k = auth_getval("auth_list");
216 if (k && !strstr(k, "kerberos"))
217 use_kerberos = 0;
218 if (use_kerberos) {
219 sp = getservbyname((doencrypt ? "ekshell" : "kshell"), "tcp");
220 if (sp == NULL) {
221 use_kerberos = 0;
222 warnx(
223 "warning, using standard rsh: can't get entry for %s/tcp service",
224 doencrypt ? "ekshell" : "kshell");
225 }
226 }
227 #endif
228 if (sp == NULL)
229 sp = getservbyname("shell", "tcp");
230 if (sp == NULL)
231 errx(1, "shell/tcp: unknown service");
232
233 #ifdef KERBEROS
234 try_connect:
235 if (use_kerberos) {
236 struct hostent *hp;
237
238 /* fully qualify hostname (needed for krb_realmofhost) */
239 hp = gethostbyname(host);
240 if (hp != NULL && !(host = strdup(hp->h_name)))
241 err(1, NULL);
242
243 rem = KSUCCESS;
244 errno = 0;
245 if (dest_realm == NULL)
246 dest_realm = krb_realmofhost(host);
247
248 #ifdef CRYPT
249 if (doencrypt) {
250 rem = krcmd_mutual(&host, sp->s_port, user, args,
251 &rfd2, dest_realm, &cred, schedule);
252 des_set_key(&cred.session, schedule);
253 } else
254 #endif
255 rem = krcmd(&host, sp->s_port, user, args, &rfd2,
256 dest_realm);
257 if (rem < 0) {
258 use_kerberos = 0;
259 sp = getservbyname("shell", "tcp");
260 if (sp == NULL)
261 errx(1, "shell/tcp: unknown service");
262 if (errno == ECONNREFUSED)
263 warnx(
264 "warning, using standard rsh: remote host doesn't support Kerberos");
265 if (errno == ENOENT)
266 warnx(
267 "warning, using standard rsh: can't provide Kerberos auth data");
268 goto try_connect;
269 }
270 } else {
271 if (doencrypt)
272 errx(1, "the -x flag requires Kerberos authentication");
273 rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args,
274 &rfd2, family);
275 }
276 #else
277 if (timeout) {
278 signal(SIGALRM, connect_timeout);
279 alarm(timeout);
280 }
281 rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args, &rfd2,
282 family);
283 if (timeout) {
284 signal(SIGALRM, SIG_DFL);
285 alarm(0);
286 }
287 #endif
288
289 if (rem < 0)
290 exit(1);
291
292 if (rfd2 < 0)
293 errx(1, "can't establish stderr");
294 if (dflag) {
295 if (setsockopt(rem, SOL_SOCKET, SO_DEBUG, &one,
296 sizeof(one)) < 0)
297 warn("setsockopt");
298 if (setsockopt(rfd2, SOL_SOCKET, SO_DEBUG, &one,
299 sizeof(one)) < 0)
300 warn("setsockopt");
301 }
302
303 setuid(uid);
304 omask = sigblock(sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGTERM));
305 if (signal(SIGINT, SIG_IGN) != SIG_IGN)
306 signal(SIGINT, sendsig);
307 if (signal(SIGQUIT, SIG_IGN) != SIG_IGN)
308 signal(SIGQUIT, sendsig);
309 if (signal(SIGTERM, SIG_IGN) != SIG_IGN)
310 signal(SIGTERM, sendsig);
311
312 if (!nflag) {
313 pid = fork();
314 if (pid < 0)
315 err(1, "fork");
316 }
317 else
318 shutdown(rem, SHUT_WR);
319
320 #ifdef KERBEROS
321 #ifdef CRYPT
322 if (!doencrypt)
323 #endif
324 #endif
325 {
326 ioctl(rfd2, FIONBIO, &one);
327 ioctl(rem, FIONBIO, &one);
328 }
329
330 talk(nflag, omask, pid, rem, timeout);
331
332 if (!nflag)
333 kill(pid, SIGKILL);
334 exit(0);
335 }
336
337 void
338 talk(int nflag, long omask, pid_t pid, int rem, int timeout)
339 {
340 int cc, wc;
341 fd_set readfrom, ready, rembits;
342 char *bp, buf[BUFSIZ];
343 struct timeval tvtimeout;
344 int nfds, srval;
345
346 if (!nflag && pid == 0) {
347 close(rfd2);
348
349 reread: errno = 0;
350 if ((cc = read(STDIN_FILENO, buf, sizeof(buf))) <= 0)
351 goto done;
352 bp = buf;
353
354 rewrite:
355 if (rem >= FD_SETSIZE)
356 errx(1, "descriptor too big");
357 FD_ZERO(&rembits);
358 FD_SET(rem, &rembits);
359 nfds = rem + 1;
360 if (select(nfds, 0, &rembits, 0, 0) < 0) {
361 if (errno != EINTR)
362 err(1, "select");
363 goto rewrite;
364 }
365 if (!FD_ISSET(rem, &rembits))
366 goto rewrite;
367 #ifdef KERBEROS
368 #ifdef CRYPT
369 if (doencrypt)
370 wc = des_enc_write(rem, bp, cc, schedule, &cred.session);
371 else
372 #endif
373 #endif
374 wc = write(rem, bp, cc);
375 if (wc < 0) {
376 if (errno == EWOULDBLOCK)
377 goto rewrite;
378 goto done;
379 }
380 bp += wc;
381 cc -= wc;
382 if (cc == 0)
383 goto reread;
384 goto rewrite;
385 done:
386 shutdown(rem, SHUT_WR);
387 exit(0);
388 }
389
390 tvtimeout.tv_sec = timeout;
391 tvtimeout.tv_usec = 0;
392
393 sigsetmask(omask);
394 if (rfd2 >= FD_SETSIZE || rem >= FD_SETSIZE)
395 errx(1, "descriptor too big");
396 FD_ZERO(&readfrom);
397 FD_SET(rfd2, &readfrom);
398 FD_SET(rem, &readfrom);
399 nfds = MAX(rfd2+1, rem+1);
400 do {
401 ready = readfrom;
402 if (timeout) {
403 srval = select(nfds, &ready, 0, 0, &tvtimeout);
404 } else {
405 srval = select(nfds, &ready, 0, 0, 0);
406 }
407
408 if (srval < 0) {
409 if (errno != EINTR)
410 err(1, "select");
411 continue;
412 }
413 if (srval == 0)
414 errx(1, "timeout reached (%d seconds)", timeout);
415 if (FD_ISSET(rfd2, &ready)) {
416 errno = 0;
417 #ifdef KERBEROS
418 #ifdef CRYPT
419 if (doencrypt)
420 cc = des_enc_read(rfd2, buf, sizeof(buf), schedule, &cred.session);
421 else
422 #endif
423 #endif
424 cc = read(rfd2, buf, sizeof(buf));
425 if (cc <= 0) {
426 if (errno != EWOULDBLOCK)
427 FD_CLR(rfd2, &readfrom);
428 } else
429 write(STDERR_FILENO, buf, cc);
430 }
431 if (FD_ISSET(rem, &ready)) {
432 errno = 0;
433 #ifdef KERBEROS
434 #ifdef CRYPT
435 if (doencrypt)
436 cc = des_enc_read(rem, buf, sizeof(buf), schedule, &cred.session);
437 else
438 #endif
439 #endif
440 cc = read(rem, buf, sizeof(buf));
441 if (cc <= 0) {
442 if (errno != EWOULDBLOCK)
443 FD_CLR(rem, &readfrom);
444 } else
445 write(STDOUT_FILENO, buf, cc);
446 }
447 } while (FD_ISSET(rfd2, &readfrom) || FD_ISSET(rem, &readfrom));
448 }
449
450 void
451 connect_timeout(__unused int sig)
452 {
453 char message[] = "timeout reached before connection completed.\n";
454
455 write(STDERR_FILENO, message, sizeof(message) - 1);
456 _exit(1);
457 }
458
459 void
460 sendsig(int sig)
461 {
462 char signo;
463
464 signo = sig;
465 #ifdef KERBEROS
466 #ifdef CRYPT
467 if (doencrypt)
468 des_enc_write(rfd2, &signo, 1, schedule, &cred.session);
469 else
470 #endif
471 #endif
472 write(rfd2, &signo, 1);
473 }
474
475 char *
476 copyargs(char **argv)
477 {
478 int cc;
479 char **ap, *args, *p;
480
481 cc = 0;
482 for (ap = argv; *ap; ++ap)
483 cc += strlen(*ap) + 1;
484 if (!(args = malloc((u_int)cc)))
485 err(1, NULL);
486 for (p = args, ap = argv; *ap; ++ap) {
487 strcpy(p, *ap);
488 for (p = strcpy(p, *ap); *p; ++p);
489 if (ap[1])
490 *p++ = ' ';
491 }
492 return (args);
493 }
494
495 void
496 usage(void)
497 {
498
499 fprintf(stderr,
500 "usage: rsh [-46] [-ndK%s]%s[-l login] [-t timeout] host [command]\n",
501 #ifdef KERBEROS
502 #ifdef CRYPT
503 "x", " [-k realm] ");
504 #else
505 "", " [-k realm] ");
506 #endif
507 #else
508 "", " ");
509 #endif
510 exit(1);
511 }
512
DragonFly BSD