1 /* 2 * Copyright (c) 1980, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * $FreeBSD: src/lib/libcompat/4.3/rexec.c,v 1.5.8.3 2000/11/22 13:36:00 ben Exp $ 34 * $DragonFly: src/lib/libcompat/4.3/rexec.c,v 1.6 2008/10/05 18:26:41 swildner Exp $ 35 * 36 * @(#)rexec.c 8.1 (Berkeley) 6/4/93 37 */ 38 39 #include <sys/types.h> 40 #include <sys/uio.h> 41 #include <sys/socket.h> 42 #include <sys/param.h> 43 #include <sys/stat.h> 44 45 #include <netinet/in.h> 46 47 #include <stdio.h> 48 #include <unistd.h> 49 #include <string.h> 50 #include <netdb.h> 51 #include <errno.h> 52 #include <ctype.h> 53 #include <err.h> 54 #include <stdlib.h> 55 #include <unistd.h> 56 57 int rexecoptions; 58 char *getpass(), *getlogin(); 59 60 /* 61 * Options and other state info. 62 */ 63 struct macel { 64 char mac_name[9]; /* macro name */ 65 char *mac_start; /* start of macro in macbuf */ 66 char *mac_end; /* end of macro in macbuf */ 67 }; 68 69 int macnum; /* number of defined macros */ 70 struct macel macros[16]; 71 char macbuf[4096]; 72 73 static FILE *cfile; 74 75 #define DEFAULT 1 76 #define LOGIN 2 77 #define PASSWD 3 78 #define ACCOUNT 4 79 #define MACDEF 5 80 #define ID 10 81 #define MACH 11 82 83 static char tokval[100]; 84 85 static struct toktab { 86 char *tokstr; 87 int tval; 88 } toktab[]= { 89 { "default", DEFAULT }, 90 { "login", LOGIN }, 91 { "password", PASSWD }, 92 { "passwd", PASSWD }, 93 { "account", ACCOUNT }, 94 { "machine", MACH }, 95 { "macdef", MACDEF }, 96 { NULL, 0 } 97 }; 98 99 static int 100 token(void) 101 { 102 char *cp; 103 int c; 104 struct toktab *t; 105 106 if (feof(cfile) || ferror(cfile)) 107 return (0); 108 while ((c = getc(cfile)) != EOF && 109 (c == '\n' || c == '\t' || c == ' ' || c == ',')) 110 continue; 111 if (c == EOF) 112 return (0); 113 cp = tokval; 114 if (c == '"') { 115 while ((c = getc(cfile)) != EOF && c != '"') { 116 if (c == '\\') 117 c = getc(cfile); 118 *cp++ = c; 119 } 120 } else { 121 *cp++ = c; 122 while ((c = getc(cfile)) != EOF 123 && c != '\n' && c != '\t' && c != ' ' && c != ',') { 124 if (c == '\\') 125 c = getc(cfile); 126 *cp++ = c; 127 } 128 } 129 *cp = 0; 130 if (tokval[0] == 0) 131 return (0); 132 for (t = toktab; t->tokstr; t++) 133 if (!strcmp(t->tokstr, tokval)) 134 return (t->tval); 135 return (ID); 136 } 137 138 static int 139 ruserpass(char *host, char **aname, char **apass, char **aacct) 140 { 141 char *hdir, buf[BUFSIZ], *tmp; 142 char myname[MAXHOSTNAMELEN], *mydomain; 143 int t, i, c, usedefault = 0; 144 struct stat stb; 145 146 hdir = getenv("HOME"); 147 if (hdir == NULL) 148 hdir = "."; 149 if (strlen(hdir) + 8 > sizeof(buf)) 150 return (0); 151 (void) sprintf(buf, "%s/.netrc", hdir); 152 cfile = fopen(buf, "r"); 153 if (cfile == NULL) { 154 if (errno != ENOENT) 155 warn("%s", buf); 156 return (0); 157 } 158 if (gethostname(myname, sizeof(myname)) < 0) 159 myname[0] = '\0'; 160 if ((mydomain = strchr(myname, '.')) == NULL) 161 mydomain = ""; 162 next: 163 while ((t = token())) switch(t) { 164 165 case DEFAULT: 166 usedefault = 1; 167 /* FALL THROUGH */ 168 169 case MACH: 170 if (!usedefault) { 171 if (token() != ID) 172 continue; 173 /* 174 * Allow match either for user's input host name 175 * or official hostname. Also allow match of 176 * incompletely-specified host in local domain. 177 */ 178 if (strcasecmp(host, tokval) == 0) 179 goto match; 180 if ((tmp = strchr(host, '.')) != NULL && 181 strcasecmp(tmp, mydomain) == 0 && 182 strncasecmp(host, tokval, tmp - host) == 0 && 183 tokval[tmp - host] == '\0') 184 goto match; 185 continue; 186 } 187 match: 188 while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { 189 190 case LOGIN: 191 if (token()) 192 if (*aname == 0) { 193 *aname = malloc((unsigned) strlen(tokval) + 1); 194 (void) strcpy(*aname, tokval); 195 } else { 196 if (strcmp(*aname, tokval)) 197 goto next; 198 } 199 break; 200 case PASSWD: 201 if ((*aname == 0 || strcmp(*aname, "anonymous")) && 202 fstat(fileno(cfile), &stb) >= 0 && 203 (stb.st_mode & 077) != 0) { 204 warnx("Error: .netrc file is readable by others."); 205 warnx("Remove password or make file unreadable by others."); 206 goto bad; 207 } 208 if (token() && *apass == 0) { 209 *apass = malloc((unsigned) strlen(tokval) + 1); 210 (void) strcpy(*apass, tokval); 211 } 212 break; 213 case ACCOUNT: 214 if (fstat(fileno(cfile), &stb) >= 0 215 && (stb.st_mode & 077) != 0) { 216 warnx("Error: .netrc file is readable by others."); 217 warnx("Remove account or make file unreadable by others."); 218 goto bad; 219 } 220 if (token() && *aacct == 0) { 221 *aacct = malloc((unsigned) strlen(tokval) + 1); 222 (void) strcpy(*aacct, tokval); 223 } 224 break; 225 case MACDEF: 226 while ((c=getc(cfile)) != EOF && 227 (c == ' ' || c == '\t')) 228 ; 229 if (c == EOF || c == '\n') { 230 printf("Missing macdef name argument.\n"); 231 goto bad; 232 } 233 if (macnum == 16) { 234 printf("Limit of 16 macros have already been defined\n"); 235 goto bad; 236 } 237 tmp = macros[macnum].mac_name; 238 *tmp++ = c; 239 for (i=0; i < 8 && (c=getc(cfile)) != EOF && 240 !isspace(c); ++i) { 241 *tmp++ = c; 242 } 243 if (c == EOF) { 244 printf("Macro definition missing null line terminator.\n"); 245 goto bad; 246 } 247 *tmp = '\0'; 248 if (c != '\n') { 249 while ((c=getc(cfile)) != EOF && c != '\n'); 250 } 251 if (c == EOF) { 252 printf("Macro definition missing null line terminator.\n"); 253 goto bad; 254 } 255 if (macnum == 0) { 256 macros[macnum].mac_start = macbuf; 257 } 258 else { 259 macros[macnum].mac_start = macros[macnum-1].mac_end + 1; 260 } 261 tmp = macros[macnum].mac_start; 262 while (tmp != macbuf + 4096) { 263 if ((c=getc(cfile)) == EOF) { 264 printf("Macro definition missing null line terminator.\n"); 265 goto bad; 266 } 267 *tmp = c; 268 if (*tmp == '\n') { 269 if (*(tmp-1) == '\0') { 270 macros[macnum++].mac_end = tmp - 1; 271 break; 272 } 273 *tmp = '\0'; 274 } 275 tmp++; 276 } 277 if (tmp == macbuf + 4096) { 278 printf("4K macro buffer exceeded\n"); 279 goto bad; 280 } 281 break; 282 default: 283 warnx("Unknown .netrc keyword %s", tokval); 284 break; 285 } 286 goto done; 287 } 288 done: 289 (void) fclose(cfile); 290 return (0); 291 bad: 292 (void) fclose(cfile); 293 return (-1); 294 } 295 296 int 297 rexec_af(char **ahost, int rport, const char *name, const char *pass, 298 const char *cmd, int *fd2p, sa_family_t *af) 299 { 300 struct sockaddr_storage sa2, from; 301 struct addrinfo hints, *res0; 302 const char *orig_name = name; 303 const char *orig_pass = pass; 304 static char *ahostbuf; 305 u_short port = 0; 306 int s, timo = 1, s3; 307 char c; 308 int gai; 309 char servbuff[NI_MAXSERV]; 310 311 snprintf(servbuff, sizeof(servbuff), "%d", ntohs(rport)); 312 servbuff[sizeof(servbuff) - 1] = '\0'; 313 314 memset(&hints, '\0', sizeof(hints)); 315 hints.ai_family = af; 316 hints.ai_socktype = SOCK_STREAM; 317 hints.ai_flags = AI_CANONNAME; 318 gai = getaddrinfo(*ahost, servbuff, &hints, &res0); 319 if (gai){ 320 /* XXX: set errno? */ 321 return -1; 322 } 323 324 if (res0->ai_canonname){ 325 free (ahostbuf); 326 ahostbuf = strdup (res0->ai_canonname); 327 if (ahostbuf == NULL) { 328 perror ("rexec: strdup"); 329 return (-1); 330 } 331 *ahost = ahostbuf; 332 } else { 333 *ahost = NULL; 334 __set_errno (ENOENT); 335 return -1; 336 } 337 ruserpass(res0->ai_canonname, &name, &pass, 0); 338 retry: 339 s = socket(res0->ai_family, res0->ai_socktype, 0); 340 if (s < 0) { 341 perror("rexec: socket"); 342 return (-1); 343 } 344 if (connect(s, res0->ai_addr, res0->ai_addrlen) < 0) { 345 if (errno == ECONNREFUSED && timo <= 16) { 346 (void) close(s); 347 sleep(timo); 348 timo *= 2; 349 goto retry; 350 } 351 perror(res0->ai_canonname); 352 return (-1); 353 } 354 if (fd2p == 0) { 355 (void) write(s, "", 1); 356 port = 0; 357 } else { 358 char num[32]; 359 int s2; 360 socklen_t sa2len; 361 362 s2 = socket(res0->ai_family, res0->ai_socktype, 0); 363 if (s2 < 0) { 364 (void) close(s); 365 return (-1); 366 } 367 listen(s2, 1); 368 sa2len = sizeof (sa2); 369 if (getsockname(s2, (struct sockaddr *)&sa2, &sa2len) < 0) { 370 perror("getsockname"); 371 (void) close(s2); 372 goto bad; 373 } else if (sa2len != SA_LEN((struct sockaddr *)&sa2)) { 374 __set_errno(EINVAL); 375 (void) close(s2); 376 goto bad; 377 } 378 port = 0; 379 if (!getnameinfo((struct sockaddr *)&sa2, sa2len, 380 NULL, 0, servbuff, sizeof(servbuff), 381 NI_NUMERICSERV)) 382 port = atoi(servbuff); 383 (void) sprintf(num, "%u", port); 384 (void) write(s, num, strlen(num)+1); 385 { socklen_t len = sizeof (from); 386 s3 = accept(s2, (struct sockaddr *)&from, 387 &len); 388 close(s2); 389 if (s3 < 0) { 390 perror("accept"); 391 port = 0; 392 goto bad; 393 } 394 } 395 *fd2p = s3; 396 } 397 398 (void) write(s, name, strlen(name) + 1); 399 /* should public key encypt the password here */ 400 (void) write(s, pass, strlen(pass) + 1); 401 (void) write(s, cmd, strlen(cmd) + 1); 402 403 /* We don't need the memory allocated for the name and the password 404 in ruserpass anymore. */ 405 if (name != orig_name) 406 free ((char *) name); 407 if (pass != orig_pass) 408 free ((char *) pass); 409 410 if (read(s, &c, 1) != 1) { 411 perror(*ahost); 412 goto bad; 413 } 414 if (c != 0) { 415 while (read(s, &c, 1) == 1) { 416 (void) write(2, &c, 1); 417 if (c == '\n') 418 break; 419 } 420 goto bad; 421 } 422 freeaddrinfo(res0); 423 return (s); 424 bad: 425 if (port) 426 (void) close(*fd2p); 427 (void) close(s); 428 freeaddrinfo(res0); 429 return (-1); 430 } 431 432 433 int 434 rexec(char **ahost, int rport, char *name, char *pass, char *cmd, int *fd2p) 435 { 436 struct sockaddr_in sin, sin2, from; 437 struct hostent *hp; 438 u_short port; 439 int s, timo = 1, s3; 440 char c; 441 char *acct = NULL; 442 443 hp = gethostbyname(*ahost); 444 if (hp == 0) { 445 herror(*ahost); 446 return (-1); 447 } 448 *ahost = hp->h_name; 449 ruserpass(hp->h_name, &name, &pass, &acct); 450 if (acct != NULL) 451 free(acct); 452 retry: 453 s = socket(AF_INET, SOCK_STREAM, 0); 454 if (s < 0) { 455 perror("rexec: socket"); 456 return (-1); 457 } 458 sin.sin_family = hp->h_addrtype; 459 sin.sin_port = rport; 460 bcopy(hp->h_addr, (caddr_t)&sin.sin_addr, hp->h_length); 461 if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) < 0) { 462 if (errno == ECONNREFUSED && timo <= 16) { 463 (void) close(s); 464 sleep(timo); 465 timo *= 2; 466 goto retry; 467 } 468 perror(hp->h_name); 469 return (-1); 470 } 471 if (fd2p == 0) { 472 (void) write(s, "", 1); 473 port = 0; 474 } else { 475 char num[8]; 476 int s2, sin2len; 477 478 s2 = socket(AF_INET, SOCK_STREAM, 0); 479 if (s2 < 0) { 480 (void) close(s); 481 return (-1); 482 } 483 listen(s2, 1); 484 sin2len = sizeof (sin2); 485 if (getsockname(s2, (struct sockaddr *)&sin2, &sin2len) < 0 || 486 sin2len != sizeof (sin2)) { 487 perror("getsockname"); 488 (void) close(s2); 489 goto bad; 490 } 491 port = ntohs((u_short)sin2.sin_port); 492 (void) sprintf(num, "%u", port); 493 (void) write(s, num, strlen(num)+1); 494 { int len = sizeof (from); 495 s3 = accept(s2, (struct sockaddr *)&from, &len); 496 close(s2); 497 if (s3 < 0) { 498 perror("accept"); 499 port = 0; 500 goto bad; 501 } 502 } 503 *fd2p = s3; 504 } 505 (void) write(s, name, strlen(name) + 1); 506 /* should public key encypt the password here */ 507 (void) write(s, pass, strlen(pass) + 1); 508 (void) write(s, cmd, strlen(cmd) + 1); 509 if (read(s, &c, 1) != 1) { 510 perror(*ahost); 511 goto bad; 512 } 513 if (c != 0) { 514 while (read(s, &c, 1) == 1) { 515 (void) write(2, &c, 1); 516 if (c == '\n') 517 break; 518 } 519 goto bad; 520 } 521 return (s); 522 bad: 523 if (port) 524 (void) close(*fd2p); 525 (void) close(s); 526 return (-1); 527 } 528