2 * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 enum auth_method auth_method
;
42 int do_unique_tkfile
= 0;
43 char *unique_tkfile
= NULL
;
44 char tkfile
[MAXPATHLEN
];
46 int do_forwardable
= -1;
48 krb5_keyblock
*keyblock
;
54 static int use_v5
= -1;
57 static int use_only_broken
= 0;
59 static int use_only_broken
= 1;
61 static int use_broken
= 1;
62 static char *port_str
;
63 static const char *user
;
64 static int do_version
;
66 static int do_errsock
= 1;
68 static char *protocol_version_str
;
69 static int protocol_version
= 2;
76 static int input
= 1; /* Read from stdin */
79 rsh_loop (int s
, int errsock
)
85 if(auth_method
== AUTH_KRB5
&& protocol_version
== 2)
86 init_ivecs(1, errsock
!= -1);
89 if (s
>= FD_SETSIZE
|| (errsock
!= -1 && errsock
>= FD_SETSIZE
))
90 errx (1, "fd too large");
92 FD_ZERO(&real_readset
);
93 FD_SET(s
, &real_readset
);
95 FD_SET(errsock
, &real_readset
);
99 FD_SET(STDIN_FILENO
, &real_readset
);
104 char buf
[RSH_BUFSIZ
];
106 readset
= real_readset
;
107 ret
= select (max(s
, errsock
) + 1, &readset
, NULL
, NULL
, NULL
);
114 if (FD_ISSET(s
, &readset
)) {
115 ret
= do_read (s
, buf
, sizeof(buf
), ivec_in
[0]);
120 FD_CLR(s
, &real_readset
);
124 net_write (STDOUT_FILENO
, buf
, ret
);
126 if (errsock
!= -1 && FD_ISSET(errsock
, &readset
)) {
127 ret
= do_read (errsock
, buf
, sizeof(buf
), ivec_in
[1]);
132 FD_CLR(errsock
, &real_readset
);
136 net_write (STDERR_FILENO
, buf
, ret
);
138 if (FD_ISSET(STDIN_FILENO
, &readset
)) {
139 ret
= read (STDIN_FILENO
, buf
, sizeof(buf
));
143 close (STDIN_FILENO
);
144 FD_CLR(STDIN_FILENO
, &real_readset
);
145 shutdown (s
, SHUT_WR
);
147 do_write (s
, buf
, ret
, ivec_out
[0]);
154 * Send forward information on `s' for host `hostname', them being
155 * forwardable themselves if `forwardable'
159 krb5_forward_cred (krb5_auth_context auth_context
,
161 const char *hostname
,
167 krb5_kdc_flags flags
;
169 krb5_principal principal
;
171 memset (&creds
, 0, sizeof(creds
));
173 ret
= krb5_cc_default (context
, &ccache
);
175 warnx ("could not forward creds: krb5_cc_default: %s",
176 krb5_get_err_text (context
, ret
));
180 ret
= krb5_cc_get_principal (context
, ccache
, &principal
);
182 warnx ("could not forward creds: krb5_cc_get_principal: %s",
183 krb5_get_err_text (context
, ret
));
187 creds
.client
= principal
;
189 ret
= krb5_build_principal (context
,
191 strlen(principal
->realm
),
198 warnx ("could not forward creds: krb5_build_principal: %s",
199 krb5_get_err_text (context
, ret
));
203 creds
.times
.endtime
= 0;
206 flags
.b
.forwarded
= 1;
207 flags
.b
.forwardable
= forwardable
;
209 ret
= krb5_get_forwarded_creds (context
,
217 warnx ("could not forward creds: krb5_get_forwarded_creds: %s",
218 krb5_get_err_text (context
, ret
));
222 ret
= krb5_write_message (context
,
225 krb5_data_free (&out_data
);
228 warnx ("could not forward creds: krb5_write_message: %s",
229 krb5_get_err_text (context
, ret
));
233 static int sendauth_version_error
;
236 send_krb5_auth(int s
,
237 struct sockaddr
*thisaddr
,
238 struct sockaddr
*thataddr
,
239 const char *hostname
,
240 const char *remote_user
,
241 const char *local_user
,
245 krb5_principal server
;
246 krb5_data cksum_data
;
249 krb5_auth_context auth_context
= NULL
;
250 const char *protocol_string
= NULL
;
254 status
= krb5_sname_to_principal(context
,
260 warnx ("%s: %s", hostname
, krb5_get_err_text(context
, status
));
264 if(do_encrypt
== -1) {
265 krb5_appdefault_boolean(context
, NULL
,
266 krb5_principal_get_realm(context
, server
),
272 cksum_data
.length
= asprintf (&str
,
274 ntohs(socket_get_port(thataddr
)),
275 do_encrypt
? "-x " : "",
279 warnx ("%s: failed to allocate command", hostname
);
282 cksum_data
.data
= str
;
287 ap_opts
|= AP_OPTS_MUTUAL_REQUIRED
;
289 switch(protocol_version
) {
291 ap_opts
|= AP_OPTS_USE_SUBKEY
;
292 protocol_string
= KCMD_NEW_VERSION
;
295 protocol_string
= KCMD_OLD_VERSION
;
296 key_usage
= KRB5_KU_OTHER_ENCRYPTED
;
302 status
= krb5_sendauth (context
,
316 /* do this while we have a principal */
317 if(do_forward
== -1 || do_forwardable
== -1) {
318 krb5_const_realm realm
= krb5_principal_get_realm(context
, server
);
319 if (do_forwardable
== -1)
320 krb5_appdefault_boolean(context
, NULL
, realm
,
321 "forwardable", FALSE
,
323 if (do_forward
== -1)
324 krb5_appdefault_boolean(context
, NULL
, realm
,
329 krb5_free_principal(context
, server
);
330 krb5_data_free(&cksum_data
);
333 if(status
== KRB5_SENDAUTH_REJECTED
&&
334 protocol_version
== 2 && protocol_version_str
== NULL
)
335 sendauth_version_error
= 1;
337 krb5_warn(context
, status
, "%s", hostname
);
341 status
= krb5_auth_con_getlocalsubkey (context
, auth_context
, &keyblock
);
343 status
= krb5_auth_con_getkey (context
, auth_context
, &keyblock
);
345 warnx ("krb5_auth_con_getkey: %s", krb5_get_err_text(context
, status
));
349 status
= krb5_auth_con_setaddrs_from_fd (context
,
353 warnx("krb5_auth_con_setaddrs_from_fd: %s",
354 krb5_get_err_text(context
, status
));
358 status
= krb5_crypto_init(context
, keyblock
, 0, &crypto
);
360 warnx ("krb5_crypto_init: %s", krb5_get_err_text(context
, status
));
364 len
= strlen(remote_user
) + 1;
365 if (net_write (s
, remote_user
, len
) != len
) {
369 if (do_encrypt
&& net_write (s
, "-x ", 3) != 3) {
373 if (net_write (s
, cmd
, cmd_len
) != cmd_len
) {
378 if (do_unique_tkfile
) {
379 if (net_write (s
, tkfile
, strlen(tkfile
)) != strlen(tkfile
)) {
384 len
= strlen(local_user
) + 1;
385 if (net_write (s
, local_user
, len
) != len
) {
391 || krb5_forward_cred (auth_context
, s
, hostname
, do_forwardable
)) {
392 /* Empty forwarding info */
394 u_char zero
[4] = {0, 0, 0, 0};
397 krb5_auth_con_free (context
, auth_context
);
404 send_broken_auth(int s
,
405 struct sockaddr
*thisaddr
,
406 struct sockaddr
*thataddr
,
407 const char *hostname
,
408 const char *remote_user
,
409 const char *local_user
,
415 len
= strlen(local_user
) + 1;
416 if (net_write (s
, local_user
, len
) != len
) {
420 len
= strlen(remote_user
) + 1;
421 if (net_write (s
, remote_user
, len
) != len
) {
425 if (net_write (s
, cmd
, cmd_len
) != cmd_len
) {
433 proto (int s
, int errsock
,
434 const char *hostname
, const char *local_user
, const char *remote_user
,
435 const char *cmd
, size_t cmd_len
,
436 int (*auth_func
)(int s
,
437 struct sockaddr
*this, struct sockaddr
*that
,
438 const char *hostname
, const char *remote_user
,
439 const char *local_user
, size_t cmd_len
,
447 struct sockaddr_storage thisaddr_ss
;
448 struct sockaddr
*thisaddr
= (struct sockaddr
*)&thisaddr_ss
;
449 struct sockaddr_storage thataddr_ss
;
450 struct sockaddr
*thataddr
= (struct sockaddr
*)&thataddr_ss
;
451 struct sockaddr_storage erraddr_ss
;
452 struct sockaddr
*erraddr
= (struct sockaddr
*)&erraddr_ss
;
456 addrlen
= sizeof(thisaddr_ss
);
457 if (getsockname (s
, thisaddr
, &addrlen
) < 0) {
458 warn ("getsockname(%s)", hostname
);
461 addrlen
= sizeof(thataddr_ss
);
462 if (getpeername (s
, thataddr
, &addrlen
) < 0) {
463 warn ("getpeername(%s)", hostname
);
469 addrlen
= sizeof(erraddr_ss
);
470 if (getsockname (errsock
, erraddr
, &addrlen
) < 0) {
471 warn ("getsockname");
475 if (listen (errsock
, 1) < 0) {
481 snprintf (p
, sizeof(buf
), "%u",
482 ntohs(socket_get_port(erraddr
)));
483 len
= strlen(buf
) + 1;
484 if(net_write (s
, buf
, len
) != len
) {
494 if (errsock
>= FD_SETSIZE
|| s
>= FD_SETSIZE
)
495 errx (1, "fd too large");
498 FD_SET(errsock
, &fdset
);
501 ret
= select (max(errsock
, s
) + 1, &fdset
, NULL
, NULL
, NULL
);
509 if (FD_ISSET(errsock
, &fdset
)) {
510 errsock2
= accept (errsock
, NULL
, NULL
);
520 * there should not arrive any data on this fd so if it's
521 * readable it probably indicates that the other side when
525 if (FD_ISSET(s
, &fdset
)) {
526 warnx ("socket closed");
533 if (net_write (s
, "0", 2) != 2) {
540 if ((*auth_func
)(s
, thisaddr
, thataddr
, hostname
,
541 remote_user
, local_user
,
547 ret
= net_read (s
, &reply
, 1);
552 } else if (ret
== 0) {
553 warnx ("unexpected EOF from %s", hostname
);
559 warnx ("Error from rshd at %s:", hostname
);
561 while ((ret
= read (s
, buf
, sizeof(buf
))) > 0)
562 write (STDOUT_FILENO
, buf
, ret
);
563 write (STDOUT_FILENO
,"\n",1);
570 if (setsockopt(s
, SOL_SOCKET
, SO_DEBUG
, (void *)&one
, sizeof(one
)) < 0)
571 warn("setsockopt remote");
572 if (errsock2
!= -1 &&
573 setsockopt(errsock2
, SOL_SOCKET
, SO_DEBUG
,
574 (void *)&one
, sizeof(one
)) < 0)
575 warn("setsockopt stderr");
578 return rsh_loop (s
, errsock2
);
582 * Return in `res' a copy of the concatenation of `argc, argv' into
586 construct_command (char **res
, int argc
, char **argv
)
592 for (i
= 0; i
< argc
; ++i
)
593 len
+= strlen(argv
[i
]) + 1;
597 errx (1, "malloc %lu failed", (unsigned long)len
);
600 for (i
= 0; i
< argc
- 1; ++i
) {
601 strlcat (tmp
, argv
[i
], len
);
602 strlcat (tmp
, " ", len
);
605 strlcat (tmp
, argv
[argc
-1], len
);
611 print_addr (const struct sockaddr
*sa
)
615 const char *as
= NULL
;
617 if(sa
->sa_family
== AF_INET
)
618 as
= inet_ntop (sa
->sa_family
, &((struct sockaddr_in
*)sa
)->sin_addr
,
619 addr_str
, sizeof(addr_str
));
621 else if(sa
->sa_family
== AF_INET6
)
622 as
= inet_ntop (sa
->sa_family
, &((struct sockaddr_in6
*)sa
)->sin6_addr
,
623 addr_str
, sizeof(addr_str
));
629 errx (1, "malloc: out of memory");
634 doit_broken (int argc
,
638 const char *remote_user
,
639 const char *local_user
,
647 if (connect (priv_socket1
, ai
->ai_addr
, ai
->ai_addrlen
) < 0) {
648 int save_errno
= errno
;
653 for (a
= ai
->ai_next
; a
!= NULL
; a
= a
->ai_next
) {
655 char *adr
= print_addr(a
->ai_addr
);
666 new_argv
= malloc((argc
+ 2) * sizeof(*new_argv
));
667 if (new_argv
== NULL
)
668 errx (1, "malloc: out of memory");
669 new_argv
[i
] = argv
[i
];
673 new_argv
[i
++] = "-K";
674 for(; i
<= argc
; ++i
)
675 new_argv
[i
] = argv
[i
- 1];
677 new_argv
[hostindex
+ 1] = adr
;
678 new_argv
[argc
+ 1] = NULL
;
679 execv(PATH_RSH
, new_argv
);
680 err(1, "execv(%s)", PATH_RSH
);
685 while(waitpid(pid
, &status
, 0) < 0)
687 if(WIFEXITED(status
) && WEXITSTATUS(status
) == 0)
692 warn("%s", argv
[hostindex
]);
697 ret
= proto (priv_socket1
, priv_socket2
,
699 local_user
, remote_user
,
708 doit (const char *hostname
,
710 const char *remote_user
,
711 const char *local_user
,
714 int (*auth_func
)(int s
,
715 struct sockaddr
*this, struct sockaddr
*that
,
716 const char *hostname
, const char *remote_user
,
717 const char *local_user
, size_t cmd_len
,
722 int socketfailed
= 1;
725 for (a
= ai
; a
!= NULL
; a
= a
->ai_next
) {
729 s
= socket (a
->ai_family
, a
->ai_socktype
, a
->ai_protocol
);
733 if (connect (s
, a
->ai_addr
, a
->ai_addrlen
) < 0) {
735 if(getnameinfo(a
->ai_addr
, a
->ai_addrlen
,
736 addr
, sizeof(addr
), NULL
, 0, NI_NUMERICHOST
) == 0)
737 warn ("connect(%s [%s])", hostname
, addr
);
739 warn ("connect(%s)", hostname
);
744 struct addrinfo
*ea
, *eai
;
745 struct addrinfo hints
;
747 memset (&hints
, 0, sizeof(hints
));
748 hints
.ai_socktype
= a
->ai_socktype
;
749 hints
.ai_protocol
= a
->ai_protocol
;
750 hints
.ai_family
= a
->ai_family
;
751 hints
.ai_flags
= AI_PASSIVE
;
755 error
= getaddrinfo (NULL
, "0", &hints
, &eai
);
757 errx (1, "getaddrinfo: %s", gai_strerror(error
));
758 for (ea
= eai
; ea
!= NULL
; ea
= ea
->ai_next
) {
759 errsock
= socket (ea
->ai_family
, ea
->ai_socktype
,
763 if (bind (errsock
, ea
->ai_addr
, ea
->ai_addrlen
) < 0)
773 ret
= proto (s
, errsock
,
775 local_user
, remote_user
,
776 cmd
, cmd_len
, auth_func
);
781 warnx ("failed to contact %s", hostname
);
786 struct getargs args
[] = {
788 { "krb5", '5', arg_flag
, &use_v5
, "Use Kerberos V5" },
789 { "forward", 'f', arg_flag
, &do_forward
, "Forward credentials [krb5]"},
790 { "forwardable", 'F', arg_flag
, &do_forwardable
,
791 "Forward forwardable credentials [krb5]" },
792 { NULL
, 'G', arg_negative_flag
,&do_forward
, "Don't forward credentials" },
793 { "unique", 'u', arg_flag
, &do_unique_tkfile
,
794 "Use unique remote credentials cache [krb5]" },
795 { "tkfile", 'U', arg_string
, &unique_tkfile
,
796 "Specifies remote credentials cache [krb5]" },
797 { "protocol", 'P', arg_string
, &protocol_version_str
,
798 "Protocol version [krb5]", "protocol" },
800 { "broken", 'K', arg_flag
, &use_only_broken
, "Use only priv port" },
802 { "encrypt", 'x', arg_flag
, &do_encrypt
, "Encrypt connection" },
803 { NULL
, 'z', arg_negative_flag
, &do_encrypt
,
804 "Don't encrypt connection", NULL
},
806 { NULL
, 'd', arg_flag
, &sock_debug
, "Enable socket debugging" },
807 { "input", 'n', arg_negative_flag
, &input
, "Close stdin" },
808 { "port", 'p', arg_string
, &port_str
, "Use this port",
810 { "user", 'l', arg_string
, &user
, "Run as this user", "login" },
811 { "stderr", 'e', arg_negative_flag
, &do_errsock
, "Don't open stderr"},
814 { "version", 0, arg_flag
, &do_version
, NULL
},
815 { "help", 0, arg_flag
, &do_help
, NULL
}
821 arg_printusage (args
,
822 sizeof(args
) / sizeof(args
[0]),
824 "[login@]host [command]");
833 main(int argc
, char **argv
)
835 int priv_port1
, priv_port2
;
836 int priv_socket1
, priv_socket2
;
839 struct addrinfo hints
, *ai
;
844 const char *local_user
;
852 priv_port1
= priv_port2
= IPPORT_RESERVED
-1;
853 priv_socket1
= rresvport(&priv_port1
);
854 priv_socket2
= rresvport(&priv_port2
);
856 if (setuid (uid
) || (uid
!= 0 && setuid(0) == 0))
859 setprogname (argv
[0]);
861 if (argc
>= 2 && argv
[1][0] != '-') {
862 host
= argv
[host_index
= 1];
866 if (getarg (args
, sizeof(args
) / sizeof(args
[0]), argc
, argv
,
874 print_version (NULL
);
879 if(protocol_version_str
!= NULL
) {
880 if(strcasecmp(protocol_version_str
, "N") == 0)
881 protocol_version
= 2;
882 else if(strcasecmp(protocol_version_str
, "O") == 0)
883 protocol_version
= 1;
887 v
= strtol(protocol_version_str
, &end
, 0);
888 if(*end
!= '\0' || (v
!= 1 && v
!= 2)) {
889 errx(1, "unknown protocol version \"%s\"",
890 protocol_version_str
);
892 protocol_version
= v
;
896 status
= krb5_init_context (&context
);
899 errx(1, "krb5_init_context failed: %d", status
);
904 /* request for forwardable on the command line means we should
906 if (do_forwardable
== 1)
911 if (use_only_broken
) {
917 if(priv_socket1
< 0) {
919 errx (1, "unable to bind reserved port: is rsh setuid root?");
924 if (do_encrypt
== 1 && use_only_broken
)
925 errx (1, "encryption not supported with old style authentication");
931 if (do_unique_tkfile
&& unique_tkfile
!= NULL
)
932 errx (1, "Only one of -u and -U allowed.");
934 if (do_unique_tkfile
)
935 strlcpy(tkfile
,"-u ", sizeof(tkfile
));
936 else if (unique_tkfile
!= NULL
) {
937 if (strchr(unique_tkfile
,' ') != NULL
) {
938 warnx("Space is not allowed in tkfilename");
941 do_unique_tkfile
= 1;
942 snprintf (tkfile
, sizeof(tkfile
), "-U %s ", unique_tkfile
);
947 if (argc
- argindex
< 1)
950 host
= argv
[host_index
= argindex
++];
953 if((tmp
= strchr(host
, '@')) != NULL
) {
959 if (argindex
== argc
) {
960 close (priv_socket1
);
961 close (priv_socket2
);
963 execvp ("rlogin", argv
);
964 err (1, "execvp rlogin");
967 local_user
= get_default_username ();
968 if (local_user
== NULL
)
969 errx (1, "who are you?");
974 cmd_len
= construct_command(&cmd
, argc
- argindex
, argv
+ argindex
);
977 * Try all different authentication methods
982 memset (&hints
, 0, sizeof(hints
));
983 hints
.ai_socktype
= SOCK_STREAM
;
984 hints
.ai_protocol
= IPPROTO_TCP
;
986 if(port_str
== NULL
) {
987 error
= getaddrinfo(host
, "kshell", &hints
, &ai
);
988 if(error
== EAI_NONAME
)
989 error
= getaddrinfo(host
, "544", &hints
, &ai
);
991 error
= getaddrinfo(host
, port_str
, &hints
, &ai
);
994 errx (1, "getaddrinfo: %s", gai_strerror(error
));
996 auth_method
= AUTH_KRB5
;
998 ret
= doit (host
, ai
, user
, local_user
, cmd
, cmd_len
,
1000 if(ret
!= 0 && sendauth_version_error
&&
1001 protocol_version
== 2) {
1002 protocol_version
= 1;
1008 if (ret
&& use_broken
) {
1009 memset (&hints
, 0, sizeof(hints
));
1010 hints
.ai_socktype
= SOCK_STREAM
;
1011 hints
.ai_protocol
= IPPROTO_TCP
;
1013 if(port_str
== NULL
) {
1014 error
= getaddrinfo(host
, "shell", &hints
, &ai
);
1015 if(error
== EAI_NONAME
)
1016 error
= getaddrinfo(host
, "514", &hints
, &ai
);
1018 error
= getaddrinfo(host
, port_str
, &hints
, &ai
);
1021 errx (1, "getaddrinfo: %s", gai_strerror(error
));
1023 auth_method
= AUTH_BROKEN
;
1024 ret
= doit_broken (argc
, argv
, host_index
, ai
,
1027 do_errsock
? priv_socket2
: -1,