1 /*
2 * Copyright (c) 1983, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * %sccs.include.redist.c%
6 */
7
8 #ifndef lint
9 static char copyright[] =
10 "@(#) Copyright (c) 1983, 1993\n\
11 The Regents of the University of California. All rights reserved.\n";
12 #endif /* not lint */
13
14 #ifndef lint
15 static char sccsid[] = "@(#)rexecd.c 8.1 (Berkeley) 06/04/93";
16 #endif /* not lint */
17
18 #include <sys/param.h>
19 #include <sys/ioctl.h>
20 #include <sys/socket.h>
21 #include <sys/time.h>
22
23 #include <netinet/in.h>
24
25 #include <errno.h>
26 #include <netdb.h>
27 #include <paths.h>
28 #include <pwd.h>
29 #include <signal.h>
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33 #include <unistd.h>
34
35 /*VARARGS1*/
36 int error();
37
38 /*
39 * remote execute server:
40 * username\0
41 * password\0
42 * command\0
43 * data
44 */
45 /*ARGSUSED*/
main(argc,argv)46 main(argc, argv)
47 int argc;
48 char **argv;
49 {
50 struct sockaddr_in from;
51 int fromlen;
52
53 fromlen = sizeof (from);
54 if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) {
55 (void)fprintf(stderr,
56 "rexecd: getpeername: %s\n", strerror(errno));
57 exit(1);
58 }
59 doit(0, &from);
60 }
61
62 char username[20] = "USER=";
63 char homedir[64] = "HOME=";
64 char shell[64] = "SHELL=";
65 char path[sizeof(_PATH_DEFPATH) + sizeof("PATH=")] = "PATH=";
66 char *envinit[] =
67 {homedir, shell, path, username, 0};
68 char **environ;
69
70 struct sockaddr_in asin = { AF_INET };
71
doit(f,fromp)72 doit(f, fromp)
73 int f;
74 struct sockaddr_in *fromp;
75 {
76 char cmdbuf[NCARGS+1], *cp, *namep;
77 char user[16], pass[16];
78 struct passwd *pwd;
79 int s;
80 u_short port;
81 int pv[2], pid, ready, readfrom, cc;
82 char buf[BUFSIZ], sig;
83 int one = 1;
84
85 (void) signal(SIGINT, SIG_DFL);
86 (void) signal(SIGQUIT, SIG_DFL);
87 (void) signal(SIGTERM, SIG_DFL);
88 #ifdef DEBUG
89 { int t = open(_PATH_TTY, 2);
90 if (t >= 0) {
91 ioctl(t, TIOCNOTTY, (char *)0);
92 (void) close(t);
93 }
94 }
95 #endif
96 dup2(f, 0);
97 dup2(f, 1);
98 dup2(f, 2);
99 (void) alarm(60);
100 port = 0;
101 for (;;) {
102 char c;
103 if (read(f, &c, 1) != 1)
104 exit(1);
105 if (c == 0)
106 break;
107 port = port * 10 + c - '0';
108 }
109 (void) alarm(0);
110 if (port != 0) {
111 s = socket(AF_INET, SOCK_STREAM, 0);
112 if (s < 0)
113 exit(1);
114 if (bind(s, (struct sockaddr *)&asin, sizeof (asin)) < 0)
115 exit(1);
116 (void) alarm(60);
117 fromp->sin_port = htons(port);
118 if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0)
119 exit(1);
120 (void) alarm(0);
121 }
122 getstr(user, sizeof(user), "username");
123 getstr(pass, sizeof(pass), "password");
124 getstr(cmdbuf, sizeof(cmdbuf), "command");
125 setpwent();
126 pwd = getpwnam(user);
127 if (pwd == NULL) {
128 error("Login incorrect.\n");
129 exit(1);
130 }
131 endpwent();
132 if (*pwd->pw_passwd != '\0') {
133 namep = crypt(pass, pwd->pw_passwd);
134 if (strcmp(namep, pwd->pw_passwd)) {
135 error("Password incorrect.\n");
136 exit(1);
137 }
138 }
139 if (chdir(pwd->pw_dir) < 0) {
140 error("No remote directory.\n");
141 exit(1);
142 }
143 (void) write(2, "\0", 1);
144 if (port) {
145 (void) pipe(pv);
146 pid = fork();
147 if (pid == -1) {
148 error("Try again.\n");
149 exit(1);
150 }
151 if (pid) {
152 (void) close(0); (void) close(1); (void) close(2);
153 (void) close(f); (void) close(pv[1]);
154 readfrom = (1<<s) | (1<<pv[0]);
155 ioctl(pv[1], FIONBIO, (char *)&one);
156 /* should set s nbio! */
157 do {
158 ready = readfrom;
159 (void) select(16, (fd_set *)&ready,
160 (fd_set *)NULL, (fd_set *)NULL,
161 (struct timeval *)NULL);
162 if (ready & (1<<s)) {
163 if (read(s, &sig, 1) <= 0)
164 readfrom &= ~(1<<s);
165 else
166 killpg(pid, sig);
167 }
168 if (ready & (1<<pv[0])) {
169 cc = read(pv[0], buf, sizeof (buf));
170 if (cc <= 0) {
171 shutdown(s, 1+1);
172 readfrom &= ~(1<<pv[0]);
173 } else
174 (void) write(s, buf, cc);
175 }
176 } while (readfrom);
177 exit(0);
178 }
179 setpgrp(0, getpid());
180 (void) close(s); (void)close(pv[0]);
181 dup2(pv[1], 2);
182 }
183 if (*pwd->pw_shell == '\0')
184 pwd->pw_shell = _PATH_BSHELL;
185 if (f > 2)
186 (void) close(f);
187 (void) setgid((gid_t)pwd->pw_gid);
188 initgroups(pwd->pw_name, pwd->pw_gid);
189 (void) setuid((uid_t)pwd->pw_uid);
190 (void)strcat(path, _PATH_DEFPATH);
191 environ = envinit;
192 strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
193 strncat(shell, pwd->pw_shell, sizeof(shell)-7);
194 strncat(username, pwd->pw_name, sizeof(username)-6);
195 cp = strrchr(pwd->pw_shell, '/');
196 if (cp)
197 cp++;
198 else
199 cp = pwd->pw_shell;
200 execl(pwd->pw_shell, cp, "-c", cmdbuf, 0);
201 perror(pwd->pw_shell);
202 exit(1);
203 }
204
205 /*VARARGS1*/
error(fmt,a1,a2,a3)206 error(fmt, a1, a2, a3)
207 char *fmt;
208 int a1, a2, a3;
209 {
210 char buf[BUFSIZ];
211
212 buf[0] = 1;
213 (void) sprintf(buf+1, fmt, a1, a2, a3);
214 (void) write(2, buf, strlen(buf));
215 }
216
getstr(buf,cnt,err)217 getstr(buf, cnt, err)
218 char *buf;
219 int cnt;
220 char *err;
221 {
222 char c;
223
224 do {
225 if (read(0, &c, 1) != 1)
226 exit(1);
227 *buf++ = c;
228 if (--cnt == 0) {
229 error("%s too long\n", err);
230 exit(1);
231 }
232 } while (c != 0);
233 }
234