xref: /dragonfly/contrib/tcp_wrappers/inetcf.c (revision 3170ffd7) 
1  /*
2   * Routines to parse an inetd.conf or tlid.conf file. This would be a great
3   * job for a PERL script.
4   *
5   * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
6   */
7 
8 #ifndef lint
9 static char sccsid[] = "@(#) inetcf.c 1.7 97/02/12 02:13:23";
10 #endif
11 
12 #include <sys/types.h>
13 #include <sys/stat.h>
14 #include <stdio.h>
15 #include <errno.h>
16 #include <string.h>
17 
18 extern void exit();
19 
20 #include "tcpd.h"
21 #include "inetcf.h"
22 
23  /*
24   * Network configuration files may live in unusual places. Here are some
25   * guesses. Shorter names follow longer ones.
26   */
27 char   *inet_files[] = {
28     "/private/etc/inetd.conf",		/* NEXT */
29     "/etc/inet/inetd.conf",		/* SYSV4 */
30     "/usr/etc/inetd.conf",		/* IRIX?? */
31     "/etc/inetd.conf",			/* BSD */
32     "/etc/net/tlid.conf",		/* SYSV4?? */
33     "/etc/saf/tlid.conf",		/* SYSV4?? */
34     "/etc/tlid.conf",			/* SYSV4?? */
35     0,
36 };
37 
38 static void inet_chk();
39 static char *base_name();
40 
41  /*
42   * Structure with everything we know about a service.
43   */
44 struct inet_ent {
45     struct inet_ent *next;
46     int     type;
47     char    name[1];
48 };
49 
50 static struct inet_ent *inet_list = 0;
51 
52 static char whitespace[] = " \t\r\n";
53 
54 /* inet_conf - read in and examine inetd.conf (or tlid.conf) entries */
55 
56 char   *inet_cfg(conf)
57 char   *conf;
58 {
59     char    buf[BUFSIZ];
60     FILE   *fp;
61     char   *service;
62     char   *protocol;
63     char   *user;
64     char   *path;
65     char   *arg0;
66     char   *arg1;
67     struct tcpd_context saved_context;
68     char   *percent_m();
69     int     i;
70     struct stat st;
71 
72     saved_context = tcpd_context;
73 
74     /*
75      * The inetd.conf (or tlid.conf) information is so useful that we insist
76      * on its availability. When no file is given run a series of educated
77      * guesses.
78      */
79     if (conf != 0) {
80 	if ((fp = fopen(conf, "r")) == 0) {
81 	    fprintf(stderr, percent_m(buf, "open %s: %m\n"), conf);
82 	    exit(1);
83 	}
84     } else {
85 	for (i = 0; inet_files[i] && (fp = fopen(inet_files[i], "r")) == 0; i++)
86 	     /* void */ ;
87 	if (fp == 0) {
88 	    fprintf(stderr, "Cannot find your inetd.conf or tlid.conf file.\n");
89 	    fprintf(stderr, "Please specify its location.\n");
90 	    exit(1);
91 	}
92 	conf = inet_files[i];
93 	check_path(conf, &st);
94     }
95 
96     /*
97      * Process the file. After the 7.0 wrapper release it became clear that
98      * there are many more inetd.conf formats than the 8 systems that I had
99      * studied. EP/IX uses a two-line specification for rpc services; HP-UX
100      * permits long lines to be broken with backslash-newline.
101      */
102     tcpd_context.file = conf;
103     tcpd_context.line = 0;
104     while (xgets(buf, sizeof(buf), fp)) {
105 	service = strtok(buf, whitespace);	/* service */
106 	if (service == 0 || *service == '#')
107 	    continue;
108 	if (STR_NE(service, "stream") && STR_NE(service, "dgram"))
109 	    strtok((char *) 0, whitespace);	/* endpoint */
110 	protocol = strtok((char *) 0, whitespace);
111 	(void) strtok((char *) 0, whitespace);	/* wait */
112 	if ((user = strtok((char *) 0, whitespace)) == 0)
113 	    continue;
114 	if (user[0] == '/') {			/* user */
115 	    path = user;
116 	} else {				/* path */
117 	    if ((path = strtok((char *) 0, whitespace)) == 0)
118 		continue;
119 	}
120 	if (path[0] == '?')			/* IRIX optional service */
121 	    path++;
122 	if (STR_EQ(path, "internal"))
123 	    continue;
124 	if (path[strspn(path, "-0123456789")] == 0) {
125 
126 	    /*
127 	     * ConvexOS puts RPC version numbers before path names. Jukka
128 	     * Ukkonen <ukkonen@csc.fi>.
129 	     */
130 	    if ((path = strtok((char *) 0, whitespace)) == 0)
131 		continue;
132 	}
133 	if ((arg0 = strtok((char *) 0, whitespace)) == 0) {
134 	    tcpd_warn("incomplete line");
135 	    continue;
136 	}
137 	if (arg0[strspn(arg0, "0123456789")] == 0) {
138 
139 	    /*
140 	     * We're reading a tlid.conf file, the format is:
141 	     *
142 	     * ...stuff... path arg_count arguments mod_count modules
143 	     */
144 	    if ((arg0 = strtok((char *) 0, whitespace)) == 0) {
145 		tcpd_warn("incomplete line");
146 		continue;
147 	    }
148 	}
149 	if ((arg1 = strtok((char *) 0, whitespace)) == 0)
150 	    arg1 = "";
151 
152 	inet_chk(protocol, path, arg0, arg1);
153     }
154     fclose(fp);
155     tcpd_context = saved_context;
156     return (conf);
157 }
158 
159 /* inet_chk - examine one inetd.conf (tlid.conf?) entry */
160 
161 static void inet_chk(protocol, path, arg0, arg1)
162 char   *protocol;
163 char   *path;
164 char   *arg0;
165 char   *arg1;
166 {
167     char    daemon[BUFSIZ];
168     struct stat st;
169     int     wrap_status = WR_MAYBE;
170     char   *base_name_path = base_name(path);
171     char   *tcpd_proc_name = (arg0[0] == '/' ? base_name(arg0) : arg0);
172 
173     /*
174      * Always warn when the executable does not exist or when it is not
175      * executable.
176      */
177     if (check_path(path, &st) < 0) {
178 	tcpd_warn("%s: not found: %m", path);
179     } else if ((st.st_mode & 0100) == 0) {
180 	tcpd_warn("%s: not executable", path);
181     }
182 
183     /*
184      * Cheat on the miscd tests, nobody uses it anymore.
185      */
186     if (STR_EQ(base_name_path, "miscd")) {
187 	inet_set(arg0, WR_YES);
188 	return;
189     }
190 
191     /*
192      * While we are here...
193      */
194     if (STR_EQ(tcpd_proc_name, "rexd") || STR_EQ(tcpd_proc_name, "rpc.rexd"))
195 	tcpd_warn("%s may be an insecure service", tcpd_proc_name);
196 
197     /*
198      * The tcpd program gets most of the attention.
199      */
200     if (STR_EQ(base_name_path, "tcpd")) {
201 
202 	if (STR_EQ(tcpd_proc_name, "tcpd"))
203 	    tcpd_warn("%s is recursively calling itself", tcpd_proc_name);
204 
205 	wrap_status = WR_YES;
206 
207 	/*
208 	 * Check: some sites install the wrapper set-uid.
209 	 */
210 	if ((st.st_mode & 06000) != 0)
211 	    tcpd_warn("%s: file is set-uid or set-gid", path);
212 
213 	/*
214 	 * Check: some sites insert tcpd in inetd.conf, instead of replacing
215 	 * the daemon pathname.
216 	 */
217 	if (arg0[0] == '/' && STR_EQ(tcpd_proc_name, base_name(arg1)))
218 	    tcpd_warn("%s inserted before %s", path, arg0);
219 
220 	/*
221 	 * Check: make sure files exist and are executable. On some systems
222 	 * the network daemons are set-uid so we cannot complain. Note that
223 	 * tcpd takes the basename only in case of absolute pathnames.
224 	 */
225 	if (arg0[0] == '/') {			/* absolute path */
226 	    if (check_path(arg0, &st) < 0) {
227 		tcpd_warn("%s: not found: %m", arg0);
228 	    } else if ((st.st_mode & 0100) == 0) {
229 		tcpd_warn("%s: not executable", arg0);
230 	    }
231 	} else {				/* look in REAL_DAEMON_DIR */
232 	    sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0);
233 	    if (check_path(daemon, &st) < 0) {
234 		tcpd_warn("%s: not found in %s: %m",
235 			  arg0, REAL_DAEMON_DIR);
236 	    } else if ((st.st_mode & 0100) == 0) {
237 		tcpd_warn("%s: not executable", daemon);
238 	    }
239 	}
240 
241     } else {
242 
243 	/*
244 	 * No tcpd program found. Perhaps they used the "simple installation"
245 	 * recipe. Look for a file with the same basename in REAL_DAEMON_DIR.
246 	 * Draw some conservative conclusions when a distinct file is found.
247 	 */
248 	sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0);
249 	if (STR_EQ(path, daemon)) {
250 #ifdef __FreeBSD__
251 	    wrap_status = WR_MAYBE;
252 #else
253 	    wrap_status = WR_NOT;
254 #endif
255 	} else if (check_path(daemon, &st) >= 0) {
256 	    wrap_status = WR_MAYBE;
257 	} else if (errno == ENOENT) {
258 	    wrap_status = WR_NOT;
259 	} else {
260 	    tcpd_warn("%s: file lookup: %m", daemon);
261 	    wrap_status = WR_MAYBE;
262 	}
263     }
264 
265     /*
266      * Alas, we cannot wrap rpc/tcp services.
267      */
268     if (wrap_status == WR_YES && STR_EQ(protocol, "rpc/tcp"))
269 	tcpd_warn("%s: cannot wrap rpc/tcp services", tcpd_proc_name);
270 
271     inet_set(tcpd_proc_name, wrap_status);
272 }
273 
274 /* inet_set - remember service status */
275 
276 void    inet_set(name, type)
277 char   *name;
278 int     type;
279 {
280     struct inet_ent *ip =
281     (struct inet_ent *) malloc(sizeof(struct inet_ent) + strlen(name));
282 
283     if (ip == 0) {
284 	fprintf(stderr, "out of memory\n");
285 	exit(1);
286     }
287     ip->next = inet_list;
288     strcpy(ip->name, name);
289     ip->type = type;
290     inet_list = ip;
291 }
292 
293 /* inet_get - look up service status */
294 
295 int     inet_get(name)
296 char   *name;
297 {
298     struct inet_ent *ip;
299 
300     if (inet_list == 0)
301 	return (WR_MAYBE);
302 
303     for (ip = inet_list; ip; ip = ip->next)
304 	if (STR_EQ(ip->name, name))
305 	    return (ip->type);
306 
307     return (-1);
308 }
309 
310 /* base_name - compute last pathname component */
311 
312 static char *base_name(path)
313 char   *path;
314 {
315     char   *cp;
316 
317     if ((cp = strrchr(path, '/')) != 0)
318 	path = cp + 1;
319     return (path);
320 }
321