1 /* 2 * Copyright (c) 1980, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * $FreeBSD: src/lib/libcompat/4.3/rexec.c,v 1.5.8.3 2000/11/22 13:36:00 ben Exp $ 34 * $DragonFly: src/lib/libcompat/4.3/rexec.c,v 1.6 2008/10/05 18:26:41 swildner Exp $ 35 * 36 * @(#)rexec.c 8.1 (Berkeley) 6/4/93 37 */ 38 39 #include <sys/types.h> 40 #include <sys/uio.h> 41 #include <sys/socket.h> 42 #include <sys/param.h> 43 #include <sys/stat.h> 44 45 #include <netinet/in.h> 46 47 #include <stdio.h> 48 #include <unistd.h> 49 #include <string.h> 50 #include <netdb.h> 51 #include <errno.h> 52 #include <ctype.h> 53 #include <err.h> 54 #include <stdlib.h> 55 #include <unistd.h> 56 57 int rexecoptions; 58 char *getpass(), *getlogin(); 59 60 /* 61 * Options and other state info. 62 */ 63 struct macel { 64 char mac_name[9]; /* macro name */ 65 char *mac_start; /* start of macro in macbuf */ 66 char *mac_end; /* end of macro in macbuf */ 67 }; 68 69 int macnum; /* number of defined macros */ 70 struct macel macros[16]; 71 char macbuf[4096]; 72 73 static FILE *cfile; 74 75 #define DEFAULT 1 76 #define LOGIN 2 77 #define PASSWD 3 78 #define ACCOUNT 4 79 #define MACDEF 5 80 #define ID 10 81 #define MACH 11 82 83 static char tokval[100]; 84 85 static struct toktab { 86 char *tokstr; 87 int tval; 88 } toktab[]= { 89 { "default", DEFAULT }, 90 { "login", LOGIN }, 91 { "password", PASSWD }, 92 { "passwd", PASSWD }, 93 { "account", ACCOUNT }, 94 { "machine", MACH }, 95 { "macdef", MACDEF }, 96 { NULL, 0 } 97 }; 98 99 static int 100 token(void) 101 { 102 char *cp; 103 int c; 104 struct toktab *t; 105 106 if (feof(cfile) || ferror(cfile)) 107 return (0); 108 while ((c = getc(cfile)) != EOF && 109 (c == '\n' || c == '\t' || c == ' ' || c == ',')) 110 continue; 111 if (c == EOF) 112 return (0); 113 cp = tokval; 114 if (c == '"') { 115 while ((c = getc(cfile)) != EOF && c != '"') { 116 if (c == '\\') 117 c = getc(cfile); 118 *cp++ = c; 119 } 120 } else { 121 *cp++ = c; 122 while ((c = getc(cfile)) != EOF 123 && c != '\n' && c != '\t' && c != ' ' && c != ',') { 124 if (c == '\\') 125 c = getc(cfile); 126 *cp++ = c; 127 } 128 } 129 *cp = 0; 130 if (tokval[0] == 0) 131 return (0); 132 for (t = toktab; t->tokstr; t++) 133 if (!strcmp(t->tokstr, tokval)) 134 return (t->tval); 135 return (ID); 136 } 137 138 static int 139 ruserpass(char *host, const char **aname, const char **apass, char **aacct) 140 { 141 char *hdir, buf[BUFSIZ], *tmp; 142 char myname[MAXHOSTNAMELEN], *mydomain; 143 int t, i, c, usedefault = 0; 144 struct stat stb; 145 146 hdir = getenv("HOME"); 147 if (hdir == NULL) 148 hdir = "."; 149 if (strlen(hdir) + 8 > sizeof(buf)) 150 return (0); 151 (void) sprintf(buf, "%s/.netrc", hdir); 152 cfile = fopen(buf, "r"); 153 if (cfile == NULL) { 154 if (errno != ENOENT) 155 warn("%s", buf); 156 return (0); 157 } 158 if (gethostname(myname, sizeof(myname)) < 0) 159 myname[0] = '\0'; 160 if ((mydomain = strchr(myname, '.')) == NULL) 161 mydomain = ""; 162 next: 163 while ((t = token())) switch(t) { 164 165 case DEFAULT: 166 usedefault = 1; 167 /* FALL THROUGH */ 168 169 case MACH: 170 if (!usedefault) { 171 if (token() != ID) 172 continue; 173 /* 174 * Allow match either for user's input host name 175 * or official hostname. Also allow match of 176 * incompletely-specified host in local domain. 177 */ 178 if (strcasecmp(host, tokval) == 0) 179 goto match; 180 if ((tmp = strchr(host, '.')) != NULL && 181 strcasecmp(tmp, mydomain) == 0 && 182 strncasecmp(host, tokval, tmp - host) == 0 && 183 tokval[tmp - host] == '\0') 184 goto match; 185 continue; 186 } 187 match: 188 while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { 189 190 case LOGIN: 191 if (token()) 192 if (*aname == NULL) { 193 char *tmp; 194 tmp = malloc(strlen(tokval) + 1); 195 strcpy(tmp, tokval); 196 *aname = tmp; 197 } else { 198 if (strcmp(*aname, tokval)) 199 goto next; 200 } 201 break; 202 case PASSWD: 203 if ((*aname == 0 || strcmp(*aname, "anonymous")) && 204 fstat(fileno(cfile), &stb) >= 0 && 205 (stb.st_mode & 077) != 0) { 206 warnx("Error: .netrc file is readable by others."); 207 warnx("Remove password or make file unreadable by others."); 208 goto bad; 209 } 210 if (token() && *apass == 0) { 211 char *tmp; 212 tmp = malloc(strlen(tokval) + 1); 213 strcpy(tmp, tokval); 214 *apass = tmp; 215 } 216 break; 217 case ACCOUNT: 218 if (fstat(fileno(cfile), &stb) >= 0 219 && (stb.st_mode & 077) != 0) { 220 warnx("Error: .netrc file is readable by others."); 221 warnx("Remove account or make file unreadable by others."); 222 goto bad; 223 } 224 if (token() && *aacct == 0) { 225 *aacct = malloc((unsigned) strlen(tokval) + 1); 226 (void) strcpy(*aacct, tokval); 227 } 228 break; 229 case MACDEF: 230 while ((c=getc(cfile)) != EOF && 231 (c == ' ' || c == '\t')) 232 ; 233 if (c == EOF || c == '\n') { 234 printf("Missing macdef name argument.\n"); 235 goto bad; 236 } 237 if (macnum == 16) { 238 printf("Limit of 16 macros have already been defined\n"); 239 goto bad; 240 } 241 tmp = macros[macnum].mac_name; 242 *tmp++ = c; 243 for (i=0; i < 8 && (c=getc(cfile)) != EOF && 244 !isspace(c); ++i) { 245 *tmp++ = c; 246 } 247 if (c == EOF) { 248 printf("Macro definition missing null line terminator.\n"); 249 goto bad; 250 } 251 *tmp = '\0'; 252 if (c != '\n') { 253 while ((c=getc(cfile)) != EOF && c != '\n'); 254 } 255 if (c == EOF) { 256 printf("Macro definition missing null line terminator.\n"); 257 goto bad; 258 } 259 if (macnum == 0) { 260 macros[macnum].mac_start = macbuf; 261 } 262 else { 263 macros[macnum].mac_start = macros[macnum-1].mac_end + 1; 264 } 265 tmp = macros[macnum].mac_start; 266 while (tmp != macbuf + 4096) { 267 if ((c=getc(cfile)) == EOF) { 268 printf("Macro definition missing null line terminator.\n"); 269 goto bad; 270 } 271 *tmp = c; 272 if (*tmp == '\n') { 273 if (*(tmp-1) == '\0') { 274 macros[macnum++].mac_end = tmp - 1; 275 break; 276 } 277 *tmp = '\0'; 278 } 279 tmp++; 280 } 281 if (tmp == macbuf + 4096) { 282 printf("4K macro buffer exceeded\n"); 283 goto bad; 284 } 285 break; 286 default: 287 warnx("Unknown .netrc keyword %s", tokval); 288 break; 289 } 290 goto done; 291 } 292 done: 293 (void) fclose(cfile); 294 return (0); 295 bad: 296 (void) fclose(cfile); 297 return (-1); 298 } 299 300 int 301 rexec_af(char **ahost, int rport, const char *name, const char *pass, 302 const char *cmd, int *fd2p, sa_family_t *af) 303 { 304 struct sockaddr_storage sa2, from; 305 struct addrinfo hints, *res0; 306 const char *orig_name = name; 307 const char *orig_pass = pass; 308 static char *ahostbuf; 309 u_short port = 0; 310 int s, timo = 1, s3; 311 char c; 312 int gai; 313 char servbuff[NI_MAXSERV]; 314 315 snprintf(servbuff, sizeof(servbuff), "%d", ntohs(rport)); 316 servbuff[sizeof(servbuff) - 1] = '\0'; 317 318 memset(&hints, '\0', sizeof(hints)); 319 if (af) 320 hints.ai_family = *af; 321 hints.ai_socktype = SOCK_STREAM; 322 hints.ai_flags = AI_CANONNAME; 323 gai = getaddrinfo(*ahost, servbuff, &hints, &res0); 324 if (gai){ 325 /* XXX: set errno? */ 326 return -1; 327 } 328 329 if (res0->ai_canonname){ 330 free (ahostbuf); 331 ahostbuf = strdup (res0->ai_canonname); 332 if (ahostbuf == NULL) { 333 perror ("rexec: strdup"); 334 return (-1); 335 } 336 *ahost = ahostbuf; 337 } else { 338 *ahost = NULL; 339 __set_errno (ENOENT); 340 return -1; 341 } 342 ruserpass(res0->ai_canonname, &name, &pass, 0); 343 retry: 344 s = socket(res0->ai_family, res0->ai_socktype, 0); 345 if (s < 0) { 346 perror("rexec: socket"); 347 return (-1); 348 } 349 if (connect(s, res0->ai_addr, res0->ai_addrlen) < 0) { 350 if (errno == ECONNREFUSED && timo <= 16) { 351 (void) close(s); 352 sleep(timo); 353 timo *= 2; 354 goto retry; 355 } 356 perror(res0->ai_canonname); 357 return (-1); 358 } 359 if (fd2p == 0) { 360 (void) write(s, "", 1); 361 port = 0; 362 } else { 363 char num[32]; 364 int s2; 365 socklen_t sa2len; 366 367 s2 = socket(res0->ai_family, res0->ai_socktype, 0); 368 if (s2 < 0) { 369 (void) close(s); 370 return (-1); 371 } 372 listen(s2, 1); 373 sa2len = sizeof (sa2); 374 if (getsockname(s2, (struct sockaddr *)&sa2, &sa2len) < 0) { 375 perror("getsockname"); 376 (void) close(s2); 377 goto bad; 378 } else if (sa2len != SA_LEN((struct sockaddr *)&sa2)) { 379 __set_errno(EINVAL); 380 (void) close(s2); 381 goto bad; 382 } 383 port = 0; 384 if (!getnameinfo((struct sockaddr *)&sa2, sa2len, 385 NULL, 0, servbuff, sizeof(servbuff), 386 NI_NUMERICSERV)) 387 port = atoi(servbuff); 388 (void) sprintf(num, "%u", port); 389 (void) write(s, num, strlen(num)+1); 390 { socklen_t len = sizeof (from); 391 s3 = accept(s2, (struct sockaddr *)&from, 392 &len); 393 close(s2); 394 if (s3 < 0) { 395 perror("accept"); 396 port = 0; 397 goto bad; 398 } 399 } 400 *fd2p = s3; 401 } 402 403 (void) write(s, name, strlen(name) + 1); 404 /* should public key encypt the password here */ 405 (void) write(s, pass, strlen(pass) + 1); 406 (void) write(s, cmd, strlen(cmd) + 1); 407 408 /* We don't need the memory allocated for the name and the password 409 in ruserpass anymore. */ 410 if (name != orig_name) 411 free ((char *) name); 412 if (pass != orig_pass) 413 free ((char *) pass); 414 415 if (read(s, &c, 1) != 1) { 416 perror(*ahost); 417 goto bad; 418 } 419 if (c != 0) { 420 while (read(s, &c, 1) == 1) { 421 (void) write(2, &c, 1); 422 if (c == '\n') 423 break; 424 } 425 goto bad; 426 } 427 freeaddrinfo(res0); 428 return (s); 429 bad: 430 if (port) 431 (void) close(*fd2p); 432 (void) close(s); 433 freeaddrinfo(res0); 434 return (-1); 435 } 436 437 438 int 439 rexec(char **ahost, int rport, const char *name, const char *pass, char *cmd, int *fd2p) 440 { 441 struct sockaddr_in sin, sin2, from; 442 struct hostent *hp; 443 u_short port; 444 int s, timo = 1, s3; 445 char c; 446 char *acct = NULL; 447 448 hp = gethostbyname(*ahost); 449 if (hp == 0) { 450 herror(*ahost); 451 return (-1); 452 } 453 *ahost = hp->h_name; 454 ruserpass(hp->h_name, &name, &pass, &acct); 455 if (acct != NULL) 456 free(acct); 457 retry: 458 s = socket(AF_INET, SOCK_STREAM, 0); 459 if (s < 0) { 460 perror("rexec: socket"); 461 return (-1); 462 } 463 sin.sin_family = hp->h_addrtype; 464 sin.sin_port = rport; 465 bcopy(hp->h_addr, (caddr_t)&sin.sin_addr, hp->h_length); 466 if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) < 0) { 467 if (errno == ECONNREFUSED && timo <= 16) { 468 (void) close(s); 469 sleep(timo); 470 timo *= 2; 471 goto retry; 472 } 473 perror(hp->h_name); 474 return (-1); 475 } 476 if (fd2p == 0) { 477 (void) write(s, "", 1); 478 port = 0; 479 } else { 480 char num[8]; 481 int s2, sin2len; 482 483 s2 = socket(AF_INET, SOCK_STREAM, 0); 484 if (s2 < 0) { 485 (void) close(s); 486 return (-1); 487 } 488 listen(s2, 1); 489 sin2len = sizeof (sin2); 490 if (getsockname(s2, (struct sockaddr *)&sin2, &sin2len) < 0 || 491 sin2len != sizeof (sin2)) { 492 perror("getsockname"); 493 (void) close(s2); 494 goto bad; 495 } 496 port = ntohs((u_short)sin2.sin_port); 497 (void) sprintf(num, "%u", port); 498 (void) write(s, num, strlen(num)+1); 499 { int len = sizeof (from); 500 s3 = accept(s2, (struct sockaddr *)&from, &len); 501 close(s2); 502 if (s3 < 0) { 503 perror("accept"); 504 port = 0; 505 goto bad; 506 } 507 } 508 *fd2p = s3; 509 } 510 (void) write(s, name, strlen(name) + 1); 511 /* should public key encypt the password here */ 512 (void) write(s, pass, strlen(pass) + 1); 513 (void) write(s, cmd, strlen(cmd) + 1); 514 if (read(s, &c, 1) != 1) { 515 perror(*ahost); 516 goto bad; 517 } 518 if (c != 0) { 519 while (read(s, &c, 1) == 1) { 520 (void) write(2, &c, 1); 521 if (c == '\n') 522 break; 523 } 524 goto bad; 525 } 526 return (s); 527 bad: 528 if (port) 529 (void) close(*fd2p); 530 (void) close(s); 531 return (-1); 532 } 533