2 * Copyright (C) 1998 WIDE Project.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the project nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * Copyright (c) 1983, 1993, 1994
31 * The Regents of the University of California. All rights reserved.
33 * Redistribution and use in source and binary forms, with or without
34 * modification, are permitted provided that the following conditions
36 * 1. Redistributions of source code must retain the above copyright
37 * notice, this list of conditions and the following disclaimer.
38 * 2. Redistributions in binary form must reproduce the above copyright
39 * notice, this list of conditions and the following disclaimer in the
40 * documentation and/or other materials provided with the distribution.
41 * 4. Neither the name of the University nor the names of its contributors
42 * may be used to endorse or promote products derived from this software
43 * without specific prior written permission.
45 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
48 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
59 static char sccsid
[] = "@(#)rcmd.c 8.3 (Berkeley) 3/26/94";
60 #endif /* LIBC_SCCS and not lint */
62 #define __UCLIBC_HIDE_DEPRECATED__
64 #include <sys/param.h>
66 #include <sys/socket.h>
69 #include <netinet/in.h>
70 #include <arpa/inet.h>
80 #include <stdio_ext.h>
85 #ifdef __UCLIBC_HAS_WCHAR__
91 /* some forward declarations */
92 static int __ivaliduser2(FILE *hostf
, u_int32_t raddr
,
93 const char *luser
, const char *ruser
, const char *rhost
);
94 static int iruserok2 (u_int32_t raddr
, int superuser
, const char *ruser
,
95 const char *luser
, const char *rhost
);
98 int rcmd(ahost
, rport
, locuser
, remuser
, cmd
, fd2p
)
101 const char *locuser
, *remuser
, *cmd
;
104 #ifdef __UCLIBC_HAS_REENTRANT_RPC__
106 struct hostent hostbuf
;
111 struct sockaddr_in sin
, from
;
112 struct pollfd pfd
[2];
120 #ifdef __UCLIBC_HAS_REENTRANT_RPC__
122 #ifdef __ARCH_USE_MMU__
123 tmphstbuf
= alloca (hstbuflen
);
125 tmphstbuf
= malloc (hstbuflen
);
128 while (gethostbyname_r (*ahost
, &hostbuf
, tmphstbuf
,
129 hstbuflen
, &hp
, &herr
) != 0 || hp
== NULL
)
131 if (herr
!= NETDB_INTERNAL
|| errno
!= ERANGE
)
133 __set_h_errno (herr
);
134 #ifndef __ARCH_USE_MMU__
142 /* Enlarge the buffer. */
144 #ifdef __ARCH_USE_MMU__
145 tmphstbuf
= alloca (hstbuflen
);
148 tmphstbuf
= malloc (hstbuflen
);
152 #ifndef __ARCH_USE_MMU__
155 #else /* call the non-reentrant version */
156 if ((hp
= gethostbyname(*ahost
)) == NULL
) {
160 pfd
[0].events
= POLLIN
;
161 pfd
[1].events
= POLLIN
;
164 oldmask
= sigblock(sigmask(SIGURG
)); /* __sigblock */
165 for (timo
= 1, lport
= IPPORT_RESERVED
- 1;;) {
166 s
= rresvport(&lport
);
169 (void)fprintf(stderr
,
170 "rcmd: socket: All ports in use\n");
172 (void)fprintf(stderr
, "rcmd: socket: %m\n");
173 sigsetmask(oldmask
); /* sigsetmask */
176 fcntl(s
, F_SETOWN
, pid
);
177 sin
.sin_family
= hp
->h_addrtype
;
178 memmove(&sin
.sin_addr
, hp
->h_addr_list
[0],
179 MIN (sizeof (sin
.sin_addr
), hp
->h_length
));
180 sin
.sin_port
= rport
;
181 if (connect(s
, (struct sockaddr
*)&sin
, sizeof(sin
)) >= 0) /* __connect */
184 if (errno
== EADDRINUSE
) {
188 if (errno
== ECONNREFUSED
&& timo
<= 16) {
189 (void)sleep(timo
); /* __sleep */
193 if (hp
->h_addr_list
[1] != NULL
) {
196 (void)fprintf(stderr
, "connect to address %s: ",
197 inet_ntoa(sin
.sin_addr
));
198 __set_errno (oerrno
);
201 memmove(&sin
.sin_addr
, hp
->h_addr_list
[0],
202 MIN (sizeof (sin
.sin_addr
), hp
->h_length
));
203 (void)fprintf(stderr
, "Trying %s...\n",
204 inet_ntoa(sin
.sin_addr
));
207 (void)fprintf(stderr
, "%s: %m\n", hp
->h_name
);
208 sigsetmask(oldmask
); /* __sigsetmask */
217 int s2
= rresvport(&lport
), s3
;
218 socklen_t len
= sizeof(from
);
223 (void)snprintf(num
, sizeof(num
), "%d", lport
); /* __snprintf */
224 if (write(s
, num
, strlen(num
)+1) != strlen(num
)+1) {
225 (void)fprintf(stderr
,
226 "rcmd: write (setting up stderr): %m\n");
233 if (poll (pfd
, 2, -1) < 1 || (pfd
[1].revents
& POLLIN
) == 0){
235 (void)fprintf(stderr
, "rcmd: poll (setting up stderr): %m\n");
237 (void)fprintf(stderr
, "poll: protocol failure in circuit setup\n");
241 s3
= accept(s2
, (struct sockaddr
*)&from
, &len
);
244 (void)fprintf(stderr
,
245 "rcmd: accept: %m\n");
250 from
.sin_port
= ntohs((u_short
)from
.sin_port
);
251 if (from
.sin_family
!= AF_INET
||
252 from
.sin_port
>= IPPORT_RESERVED
||
253 from
.sin_port
< IPPORT_RESERVED
/ 2) {
254 (void)fprintf(stderr
,
255 "socket: protocol failure in circuit setup\n");
259 (void)write(s
, locuser
, strlen(locuser
)+1);
260 (void)write(s
, remuser
, strlen(remuser
)+1);
261 (void)write(s
, cmd
, strlen(cmd
)+1);
262 if (read(s
, &c
, 1) != 1) {
263 (void)fprintf(stderr
,
264 "rcmd: %s: %m\n", *ahost
);
268 while (read(s
, &c
, 1) == 1) {
269 (void)write(STDERR_FILENO
, &c
, 1);
286 int rresvport(int *alport
)
288 struct sockaddr_in sin
;
291 sin
.sin_family
= AF_INET
;
292 sin
.sin_addr
.s_addr
= INADDR_ANY
;
293 s
= socket(AF_INET
, SOCK_STREAM
, 0);
297 sin
.sin_port
= htons((u_short
)*alport
);
298 if (bind(s
, (struct sockaddr
*)&sin
, sizeof(sin
)) >= 0)
300 if (errno
!= EADDRINUSE
) {
305 if (*alport
== IPPORT_RESERVED
/2) {
307 __set_errno (EAGAIN
); /* close */
314 libc_hidden_def(rresvport
)
316 /* This needs to be exported ... while it is not a documented interface
317 * for rcp related apps, it's a required one that is used to control the
318 * rhost behavior. Legacy sucks.
320 int __check_rhosts_file
= 1;
322 int ruserok(rhost
, superuser
, ruser
, luser
)
323 const char *rhost
, *ruser
, *luser
;
329 #ifdef __UCLIBC_HAS_REENTRANT_RPC__
333 struct hostent hostbuf
;
336 #ifdef __UCLIBC_HAS_REENTRANT_RPC__
338 #ifdef __ARCH_USE_MMU__
339 buffer
= alloca (buflen
);
341 buffer
= malloc (buflen
);
344 while (gethostbyname_r (rhost
, &hostbuf
, buffer
,
345 buflen
, &hp
, &herr
) != 0 || hp
== NULL
)
347 if (herr
!= NETDB_INTERNAL
|| errno
!= ERANGE
) {
348 #ifndef __ARCH_USE_MMU__
354 /* Enlarge the buffer. */
356 #ifdef __ARCH_USE_MMU__
357 buffer
= alloca (buflen
);
360 buffer
= malloc (buflen
);
364 #ifndef __ARCH_USE_MMU__
368 if ((hp
= gethostbyname(rhost
)) == NULL
) {
372 for (ap
= hp
->h_addr_list
; *ap
; ++ap
) {
373 memmove(&addr
, *ap
, sizeof(addr
));
374 if (iruserok2(addr
, superuser
, ruser
, luser
, rhost
) == 0)
381 /* Extremely paranoid file open function. */
383 iruserfopen (const char *file
, uid_t okuser
)
389 /* If not a regular file, if owned by someone other than user or
390 root, if writeable by anyone but the owner, or if hardlinked
392 if (lstat (file
, &st
))
394 else if (!S_ISREG (st
.st_mode
))
395 cp
= "not regular file";
398 res
= fopen (file
, "r");
401 else if (fstat (fileno (res
), &st
) < 0)
403 else if (st
.st_uid
&& st
.st_uid
!= okuser
)
405 else if (st
.st_mode
& (S_IWGRP
|S_IWOTH
))
406 cp
= "writeable by other than owner";
407 else if (st
.st_nlink
> 1)
408 cp
= "hard linked somewhere";
411 /* If there were any problems, quit. */
424 * New .rhosts strategy: We are passed an ip address. We spin through
425 * hosts.equiv and .rhosts looking for a match. When the .rhosts only
426 * has ip addresses, we don't have to trust a nameserver. When it
427 * contains hostnames, we spin through the list of addresses the nameserver
428 * gives us and look for a match.
430 * Returns 0 if ok, -1 if not ok.
433 iruserok2 (raddr
, superuser
, ruser
, luser
, rhost
)
436 const char *ruser
, *luser
, *rhost
;
442 hostf
= iruserfopen (_PATH_HEQUIV
, 0);
445 isbad
= __ivaliduser2 (hostf
, raddr
, luser
, ruser
, rhost
);
452 if (__check_rhosts_file
|| superuser
) {
458 #ifdef __UCLIBC_HAS_REENTRANT_RPC__
459 size_t buflen
= sysconf (_SC_GETPW_R_SIZE_MAX
);
460 struct passwd pwdbuf
;
461 #ifdef __ARCH_USE_MMU__
462 char *buffer
= alloca (buflen
);
464 char *buffer
= malloc (buflen
);
467 if (getpwnam_r (luser
, &pwdbuf
, buffer
,
468 buflen
, &pwd
) != 0 || pwd
== NULL
)
470 #ifndef __ARCH_USE_MMU__
475 #ifndef __ARCH_USE_MMU__
479 if ((pwd
= getpwnam(luser
)) == NULL
)
483 dirlen
= strlen (pwd
->pw_dir
);
484 pbuf
= malloc (dirlen
+ sizeof "/.rhosts");
485 strcpy (pbuf
, pwd
->pw_dir
);
486 strcat (pbuf
, "/.rhosts");
488 /* Change effective uid while reading .rhosts. If root and
489 reading an NFS mounted file system, can't read files that
490 are protected read/write owner only. */
492 seteuid (pwd
->pw_uid
);
493 hostf
= iruserfopen (pbuf
, pwd
->pw_uid
);
497 isbad
= __ivaliduser2 (hostf
, raddr
, luser
, ruser
, rhost
);
507 /* This is the exported version. */
508 int iruserok (u_int32_t raddr
, int superuser
, const char * ruser
, const char * luser
);
509 int iruserok (u_int32_t raddr
, int superuser
, const char * ruser
, const char * luser
)
511 return iruserok2 (raddr
, superuser
, ruser
, luser
, "-");
517 * Don't make static, used by lpd(8).
519 * This function is not used anymore. It is only present because lpd(8)
520 * calls it (!?!). We simply call __invaliduser2() with an illegal rhost
521 * argument. This means that netgroups won't work in .rhost/hosts.equiv
522 * files. If you want lpd to work with netgroups, fix lpd to use ruserok()
524 * Returns 0 if ok, -1 if not ok.
527 __ivaliduser(FILE *hostf
, u_int32_t raddr
, const char *luser
, const char *ruser
);
529 __ivaliduser(FILE *hostf
, u_int32_t raddr
, const char *luser
, const char *ruser
)
531 return __ivaliduser2(hostf
, raddr
, luser
, ruser
, "-");
535 /* Returns 1 on positive match, 0 on no match, -1 on negative match. */
537 __icheckhost (u_int32_t raddr
, char *lhost
, const char *rhost
)
541 int negate
=1; /* Multiply return with this to get -1 instead of 1 */
544 #ifdef __UCLIBC_HAS_REENTRANT_RPC__
548 struct hostent hostbuf
;
553 /* Check nis netgroup. */
554 if (strncmp ("+@", lhost
, 2) == 0)
555 return innetgr (&lhost
[2], rhost
, NULL
, NULL
);
557 if (strncmp ("-@", lhost
, 2) == 0)
558 return -innetgr (&lhost
[2], rhost
, NULL
, NULL
);
559 #endif /* HAVE_NETGROUP */
562 if (strncmp ("-", lhost
,1) == 0) {
565 } else if (strcmp ("+",lhost
) == 0) {
566 return 1; /* asking for trouble, but ok.. */
569 /* Try for raw ip address first. */
570 if (isdigit (*lhost
) && (laddr
= inet_addr (lhost
)) != INADDR_NONE
)
571 return negate
* (! (raddr
^ laddr
));
573 /* Better be a hostname. */
574 #ifdef __UCLIBC_HAS_REENTRANT_RPC__
576 buffer
= malloc(buflen
);
579 while (gethostbyname_r (lhost
, &hostbuf
, buffer
, buflen
, &hp
, &herr
)
585 __set_errno (save_errno
);
587 hp
= gethostbyname(lhost
);
588 #endif /* __UCLIBC_HAS_REENTRANT_RPC__ */
593 /* Spin through ip addresses. */
594 for (pp
= hp
->h_addr_list
; *pp
; ++pp
)
595 if (!memcmp (&raddr
, *pp
, sizeof (u_int32_t
)))
602 /* Returns 1 on positive match, 0 on no match, -1 on negative match. */
604 __icheckuser (const char *luser
, const char *ruser
)
608 luser is user entry from .rhosts/hosts.equiv file
609 ruser is user id on remote host
614 if (strncmp ("+@", luser
, 2) == 0)
615 return innetgr (&luser
[2], NULL
, ruser
, NULL
);
617 if (strncmp ("-@", luser
,2) == 0)
618 return -innetgr (&luser
[2], NULL
, ruser
, NULL
);
619 #endif /* HAVE_NETGROUP */
622 if (strncmp ("-", luser
, 1) == 0)
623 return -(strcmp (&luser
[1], ruser
) == 0);
626 if (strcmp ("+", luser
) == 0)
629 /* simple string match */
630 return strcmp (ruser
, luser
) == 0;
634 * Returns 1 for blank lines (or only comment lines) and 0 otherwise
639 while (*p
&& isspace (*p
)) {
643 return (*p
== '\0' || *p
== '#') ? 1 : 0 ;
647 * Returns 0 if positive match, -1 if _not_ ok.
650 __ivaliduser2(hostf
, raddr
, luser
, ruser
, rhost
)
653 const char *luser
, *ruser
, *rhost
;
655 register const char *user
;
662 while (getline (&buf
, &bufsize
, hostf
) > 0) {
663 buf
[bufsize
- 1] = '\0'; /* Make sure it's terminated. */
666 /* Skip empty or comment lines */
671 /* Skip lines that are too long. */
672 if (strchr (p
, '\n') == NULL
) {
673 int ch
= getc_unlocked (hostf
);
675 while (ch
!= '\n' && ch
!= EOF
)
676 ch
= getc_unlocked (hostf
);
680 for (;*p
&& !isspace(*p
); ++p
) {
684 /* Next we want to find the permitted name for the remote user. */
685 if (*p
== ' ' || *p
== '\t') {
686 /* <nul> terminate hostname and skip spaces */
687 for (*p
++='\0'; *p
&& isspace (*p
); ++p
);
689 user
= p
; /* this is the user's name */
690 while (*p
&& !isspace (*p
))
691 ++p
; /* find end of user's name */
695 *p
= '\0'; /* <nul> terminate username (+host?) */
697 /* buf -> host(?) ; user -> username(?) */
699 /* First check host part */
700 hcheck
= __icheckhost (raddr
, buf
, rhost
);
706 /* Then check user part */
710 ucheck
= __icheckuser (user
, ruser
);
712 /* Positive 'host user' match? */
718 /* Negative 'host -user' match? */
722 /* Neither, go on looking for match */