2 * Copyright (c) 1983, 1988, 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * @(#) Copyright (c) 1983, 1988, 1989, 1993 The Regents of the University of California. All rights reserved.
34 * @(#)rlogind.c 8.1 (Berkeley) 6/4/93
35 * $FreeBSD: src/libexec/rlogind/rlogind.c,v 1.29.2.5 2000/12/07 15:02:31 ru Exp $
36 * $DragonFly: src/libexec/rlogind/rlogind.c,v 1.5 2007/05/18 17:05:12 dillon Exp $
40 * remote login server:
44 * terminal_type/speed\0
48 #define FD_SETSIZE 16 /* don't need many bits for select */
49 #include <sys/types.h>
50 #include <sys/param.h>
52 #include <sys/ioctl.h>
56 #include <sys/socket.h>
57 #include <netinet/in.h>
58 #include <netinet/in_systm.h>
59 #include <netinet/ip.h>
60 #include <netinet/tcp.h>
61 #include <arpa/inet.h>
72 #include "pathnames.h"
75 #ifndef TIOCPKT_WINDOW
76 #define TIOCPKT_WINDOW 0x80
79 #define ARGSTR "Dalnx"
81 /* wrapper for KAME-special getnameinfo() */
82 #ifndef NI_WITHSCOPEID
83 #define NI_WITHSCOPEID 0
86 extern int __check_rhosts_file
;
87 extern char **environ
;
91 char lusername
[NMAX
+1], rusername
[NMAX
+1];
92 static char term
[64] = "TERM=";
93 #define ENVSIZE (sizeof("TERM=")-1) /* skip null for concatenation */
106 struct sockaddr_in su_sin
;
107 struct sockaddr_in6 su_sin6
;
109 #define su_len su_si.si_len
110 #define su_family su_si.si_family
111 #define su_port su_si.si_port
113 void doit(int, union sockunion
*);
114 int control(int, char *, int);
115 void protocol(int, int);
117 void fatal(int, const char *, int);
118 int do_rlogin(union sockunion
*);
119 void getstr(char *, int, const char *);
120 void setup_term(int);
121 int do_krb_login(struct sockaddr_in
*);
126 main(int argc
, char *argv
[])
128 union sockunion from
;
132 openlog("rlogind", LOG_PID
| LOG_CONS
, LOG_AUTH
);
135 while ((ch
= getopt(argc
, argv
, ARGSTR
)) != -1)
144 __check_rhosts_file
= 0;
162 fromlen
= sizeof (from
);
163 if (getpeername(0, (struct sockaddr
*)&from
, &fromlen
) < 0) {
164 syslog(LOG_ERR
,"Can't get peer name of remote host: %m");
165 fatal(STDERR_FILENO
, "Can't get peer name of remote host", 1);
169 setsockopt(0, SOL_SOCKET
, SO_KEEPALIVE
, &on
, sizeof (on
)) < 0)
170 syslog(LOG_WARNING
, "setsockopt (SO_KEEPALIVE): %m");
172 setsockopt(0, IPPROTO_TCP
, TCP_NODELAY
, &on
, sizeof(on
)) < 0)
173 syslog(LOG_WARNING
, "setsockopt (TCP_NODELAY): %m");
174 if (from
.su_family
== AF_INET
)
177 if (setsockopt(0, IPPROTO_IP
, IP_TOS
, (char *)&on
, sizeof(int)) < 0)
178 syslog(LOG_WARNING
, "setsockopt (IP_TOS): %m");
187 char line
[MAXPATHLEN
];
190 struct winsize win
= { 0, 0, 0, 0 };
194 doit(int f
, union sockunion
*fromp
)
196 int master
, pid
, on
= 1;
197 int authenticated
= 0;
198 char hostname
[2 * MAXHOSTNAMELEN
+ 1];
199 char nameinfo
[2 * INET6_ADDRSTRLEN
+ 1];
210 realhostname_sa(hostname
, sizeof(hostname
) - 1,
211 (struct sockaddr
*)fromp
, fromp
->su_len
);
213 fromp
->su_port
= ntohs((u_short
)fromp
->su_port
);
214 hostname
[sizeof(hostname
) - 1] = '\0';
217 if ((fromp
->su_family
!= AF_INET
219 && fromp
->su_family
!= AF_INET6
222 fromp
->su_port
>= IPPORT_RESERVED
||
223 fromp
->su_port
< IPPORT_RESERVED
/2) {
224 getnameinfo((struct sockaddr
*)fromp
,
226 nameinfo
, sizeof(nameinfo
), NULL
, 0,
227 NI_NUMERICHOST
|NI_WITHSCOPEID
);
229 syslog(LOG_NOTICE
, "Connection from %s on illegal port",
231 fatal(f
, "Permission denied", 0);
234 if (fromp
->su_family
== AF_INET
)
236 u_char optbuf
[BUFSIZ
/3];
237 socklen_t optsize
= sizeof(optbuf
), i
;
241 if ((ip
= getprotobyname("ip")) != NULL
)
242 ipproto
= ip
->p_proto
;
244 ipproto
= IPPROTO_IP
;
245 if (getsockopt(0, ipproto
, IP_OPTIONS
, (char *)optbuf
,
246 &optsize
) == 0 && optsize
!= 0) {
247 for (i
= 0; i
< optsize
; ) {
249 if (c
== IPOPT_LSRR
|| c
== IPOPT_SSRR
) {
251 "Connection refused from %s with IP option %s",
252 inet_ntoa(fromp
->su_sin
.sin_addr
),
253 c
== IPOPT_LSRR
? "LSRR" : "SSRR");
258 i
+= (c
== IPOPT_NOP
) ? 1 : optbuf
[i
+1];
263 if (do_rlogin(fromp
) == 0)
266 if (confirmed
== 0) {
268 confirmed
= 1; /* we sent the null! */
272 des_enc_write(f
, SECURE_MESSAGE
, strlen(SECURE_MESSAGE
),
273 schedule
, &kdata
->session
);
278 pid
= forkpty(&master
, line
, NULL
, &win
);
281 fatal(f
, "Out of ptys", 0);
283 fatal(f
, "Forkpty", 1);
286 if (f
> 2) /* f should always be 0, but... */
289 if (*lusername
=='-') {
290 syslog(LOG_ERR
, "tried to pass user \"%s\" to login",
292 fatal(STDERR_FILENO
, "invalid user", 0);
295 execl(_PATH_LOGIN
, "login", "-p",
296 "-h", hostname
, "-f", lusername
, NULL
);
298 execl(_PATH_LOGIN
, "login", "-p",
299 "-h", hostname
, lusername
, NULL
);
300 fatal(STDERR_FILENO
, _PATH_LOGIN
, 1);
305 * If encrypted, don't turn on NBIO or the des read/write
306 * routines will croak.
311 ioctl(f
, FIONBIO
, &on
);
312 ioctl(master
, FIONBIO
, &on
);
313 ioctl(master
, TIOCPKT
, &on
);
314 signal(SIGCHLD
, cleanup
);
316 signal(SIGCHLD
, SIG_IGN
);
320 char magic
[2] = { 0377, 0377 };
321 char oobdata
[] = {TIOCPKT_WINDOW
};
324 * Handle a "control" request (signaled by magic being present)
325 * in the data stream. For now, we are only willing to handle
326 * window size changes.
329 control(int pty
, char *cp
, int n
)
333 if (n
< 4 + (int)sizeof(w
) || cp
[2] != 's' || cp
[3] != 's')
335 oobdata
[0] &= ~TIOCPKT_WINDOW
; /* we know he heard */
336 bcopy(cp
+4, (char *)&w
, sizeof(w
));
337 w
.ws_row
= ntohs(w
.ws_row
);
338 w
.ws_col
= ntohs(w
.ws_col
);
339 w
.ws_xpixel
= ntohs(w
.ws_xpixel
);
340 w
.ws_ypixel
= ntohs(w
.ws_ypixel
);
341 ioctl(pty
, TIOCSWINSZ
, &w
);
342 return (4+sizeof (w
));
346 * rlogin "protocol" machine.
349 protocol(int f
, int p
)
351 char pibuf
[1024+1], fibuf
[1024], *pbp
= NULL
, *fbp
= NULL
;
352 int pcc
= 0, fcc
= 0;
357 * Must ignore SIGTTOU, otherwise we'll stop
358 * when we try and set slave pty's window shape
359 * (our controlling tty is the master pty).
361 signal(SIGTTOU
, SIG_IGN
);
362 send(f
, oobdata
, 1, MSG_OOB
); /* indicate new rlogin */
367 if (nfd
> FD_SETSIZE
) {
368 syslog(LOG_ERR
, "select mask too small, increase FD_SETSIZE");
369 fatal(f
, "internal error (select mask too small)", 0);
372 fd_set ibits
, obits
, ebits
, *omask
;
391 if ((n
= select(nfd
, &ibits
, omask
, &ebits
, 0)) < 0) {
394 fatal(f
, "select", 1);
397 /* shouldn't happen... */
401 #define pkcontrol(c) ((c)&(TIOCPKT_FLUSHWRITE|TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))
402 if (FD_ISSET(p
, &ebits
)) {
403 cc
= read(p
, &cntl
, 1);
404 if (cc
== 1 && pkcontrol(cntl
)) {
406 send(f
, &cntl
, 1, MSG_OOB
);
407 if (cntl
& TIOCPKT_FLUSHWRITE
) {
413 if (FD_ISSET(f
, &ibits
)) {
416 fcc
= des_enc_read(f
, fibuf
, sizeof(fibuf
),
417 schedule
, &kdata
->session
);
420 fcc
= read(f
, fibuf
, sizeof(fibuf
));
421 if (fcc
< 0 && errno
== EWOULDBLOCK
)
432 for (cp
= fibuf
; cp
< fibuf
+fcc
-1; cp
++)
433 if (cp
[0] == magic
[0] &&
435 left
= fcc
- (cp
-fibuf
);
436 n
= control(p
, cp
, left
);
440 bcopy(cp
+n
, cp
, left
);
445 FD_SET(p
, &obits
); /* try write */
449 if (FD_ISSET(p
, &obits
) && fcc
> 0) {
450 cc
= write(p
, fbp
, fcc
);
457 if (FD_ISSET(p
, &ibits
)) {
458 pcc
= read(p
, pibuf
, sizeof (pibuf
));
460 if (pcc
< 0 && errno
== EWOULDBLOCK
)
464 else if (pibuf
[0] == 0) {
469 FD_SET(f
, &obits
); /* try write */
471 if (pkcontrol(pibuf
[0])) {
472 pibuf
[0] |= oobdata
[0];
473 send(f
, &pibuf
[0], 1, MSG_OOB
);
478 if ((FD_ISSET(f
, &obits
)) && pcc
> 0) {
481 cc
= des_enc_write(f
, pbp
, pcc
,
482 schedule
, &kdata
->session
);
485 cc
= write(f
, pbp
, pcc
);
486 if (cc
< 0 && errno
== EWOULDBLOCK
) {
488 * This happens when we try write after read
489 * from p, but some old kernels balk at large
490 * writes even when select returns true.
492 if (!FD_ISSET(p
, &ibits
))
505 cleanup(int signo __unused
)
509 p
= line
+ sizeof(_PATH_DEV
) - 1;
519 shutdown(netf
, SHUT_RDWR
);
524 fatal(int f
, const char *msg
, int syserr
)
527 char buf
[BUFSIZ
], *bp
= buf
;
530 * Prepend binary one to message if we haven't sent
531 * the magic null as confirmation.
534 *bp
++ = '\01'; /* error indicator */
536 len
= snprintf(bp
, sizeof(buf
), "rlogind: %s: %s.\r\n",
537 msg
, strerror(errno
));
539 len
= snprintf(bp
, sizeof(buf
), "rlogind: %s.\r\n", msg
);
540 write(f
, buf
, bp
+ len
- buf
);
545 do_rlogin(union sockunion
*dest
)
548 getstr(rusername
, sizeof(rusername
), "remuser too long");
549 getstr(lusername
, sizeof(lusername
), "locuser too long");
550 getstr(term
+ENVSIZE
, sizeof(term
)-ENVSIZE
, "Terminal type too long");
552 pwd
= getpwnam(lusername
);
555 /* XXX why don't we syslog() failure? */
557 return (iruserok_sa(dest
, dest
->su_len
, pwd
->pw_uid
== 0, rusername
,
562 getstr(char *buf
, int cnt
, const char *errmsg
)
567 if (read(0, &c
, 1) != 1)
570 fatal(STDOUT_FILENO
, errmsg
, 0);
578 register char *cp
= index(term
+ENVSIZE
, '/');
587 cp
= index(speed
, '/');
590 cfsetspeed(&tt
, atoi(speed
));
593 tt
.c_iflag
= TTYDEF_IFLAG
;
594 tt
.c_oflag
= TTYDEF_OFLAG
;
595 tt
.c_lflag
= TTYDEF_LFLAG
;
596 tcsetattr(fd
, TCSAFLUSH
, &tt
);
601 cp
= index(speed
, '/');
605 cfsetspeed(&tt
, atoi(speed
));
606 tcsetattr(fd
, TCSAFLUSH
, &tt
);
618 syslog(LOG_ERR
, "usage: rlogind [-" ARGSTR
"]");