xref: /csrg-svn/usr.sbin/lpr/lpd/lpd.c (revision 37968) 
1 /*
2  * Copyright (c) 1983 Regents of the University of California.
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms are permitted
6  * provided that the above copyright notice and this paragraph are
7  * duplicated in all such forms and that any documentation,
8  * advertising materials, and other materials related to such
9  * distribution and use acknowledge that the software was developed
10  * by the University of California, Berkeley.  The name of the
11  * University may not be used to endorse or promote products derived
12  * from this software without specific prior written permission.
13  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
15  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
16  */
17 
18 #ifndef lint
19 char copyright[] =
20 "@(#) Copyright (c) 1983 Regents of the University of California.\n\
21  All rights reserved.\n";
22 #endif /* not lint */
23 
24 #ifndef lint
25 static char sccsid[] = "@(#)lpd.c	5.7 (Berkeley) 05/11/89";
26 #endif /* not lint */
27 
28 /*
29  * lpd -- line printer daemon.
30  *
31  * Listen for a connection and perform the requested operation.
32  * Operations are:
33  *	\1printer\n
34  *		check the queue for jobs and print any found.
35  *	\2printer\n
36  *		receive a job from another machine and queue it.
37  *	\3printer [users ...] [jobs ...]\n
38  *		return the current state of the queue (short form).
39  *	\4printer [users ...] [jobs ...]\n
40  *		return the current state of the queue (long form).
41  *	\5printer person [users ...] [jobs ...]\n
42  *		remove jobs from the queue.
43  *
44  * Strategy to maintain protected spooling area:
45  *	1. Spooling area is writable only by daemon and spooling group
46  *	2. lpr runs setuid root and setgrp spooling group; it uses
47  *	   root to access any file it wants (verifying things before
48  *	   with an access call) and group id to know how it should
49  *	   set up ownership of files in the spooling area.
50  *	3. Files in spooling area are owned by root, group spooling
51  *	   group, with mode 660.
52  *	4. lpd, lpq and lprm run setuid daemon and setgrp spooling group to
53  *	   access files and printer.  Users can't get to anything
54  *	   w/o help of lpq and lprm programs.
55  */
56 
57 #include "lp.h"
58 #include "pathnames.h"
59 
60 int	lflag;				/* log requests flag */
61 
62 int	reapchild();
63 int	mcleanup();
64 
65 main(argc, argv)
66 	int argc;
67 	char **argv;
68 {
69 	int f, funix, finet, options, defreadfds, fromlen;
70 	struct sockaddr_un sun, fromunix;
71 	struct sockaddr_in sin, frominet;
72 	int omask, lfd;
73 
74 	gethostname(host, sizeof(host));
75 	name = argv[0];
76 
77 	while (--argc > 0) {
78 		argv++;
79 		if (argv[0][0] == '-')
80 			switch (argv[0][1]) {
81 			case 'd':
82 				options |= SO_DEBUG;
83 				break;
84 			case 'l':
85 				lflag++;
86 				break;
87 			}
88 	}
89 
90 #ifndef DEBUG
91 	/*
92 	 * Set up standard environment by detaching from the parent.
93 	 */
94 	if (fork())
95 		exit(0);
96 	for (f = 0; f < 5; f++)
97 		(void) close(f);
98 	(void) open(_PATH_DEVNULL, O_RDONLY);
99 	(void) open(_PATH_DEVNULL, O_WRONLY);
100 	(void) dup(1);
101 	f = open(_PATH_TTY, O_RDWR);
102 	if (f > 0) {
103 		ioctl(f, TIOCNOTTY, 0);
104 		(void) close(f);
105 	}
106 #endif
107 
108 	openlog("lpd", LOG_PID, LOG_LPR);
109 	(void) umask(0);
110 	lfd = open(_PATH_MASTERLOCK, O_WRONLY|O_CREAT, 0644);
111 	if (lfd < 0) {
112 		syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK);
113 		exit(1);
114 	}
115 	if (flock(lfd, LOCK_EX|LOCK_NB) < 0) {
116 		if (errno == EWOULDBLOCK)	/* active deamon present */
117 			exit(0);
118 		syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK);
119 		exit(1);
120 	}
121 	ftruncate(lfd, 0);
122 	/*
123 	 * write process id for others to know
124 	 */
125 	sprintf(line, "%u\n", getpid());
126 	f = strlen(line);
127 	if (write(lfd, line, f) != f) {
128 		syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK);
129 		exit(1);
130 	}
131 	signal(SIGCHLD, reapchild);
132 	/*
133 	 * Restart all the printers.
134 	 */
135 	startup();
136 	(void) unlink(_PATH_SOCKETNAME);
137 	funix = socket(AF_UNIX, SOCK_STREAM, 0);
138 	if (funix < 0) {
139 		syslog(LOG_ERR, "socket: %m");
140 		exit(1);
141 	}
142 #define	mask(s)	(1 << ((s) - 1))
143 	omask = sigblock(mask(SIGHUP)|mask(SIGINT)|mask(SIGQUIT)|mask(SIGTERM));
144 	signal(SIGHUP, mcleanup);
145 	signal(SIGINT, mcleanup);
146 	signal(SIGQUIT, mcleanup);
147 	signal(SIGTERM, mcleanup);
148 	sun.sun_family = AF_UNIX;
149 	strcpy(sun.sun_path, _PATH_SOCKETNAME);
150 	if (bind(funix, &sun, strlen(sun.sun_path) + 2) < 0) {
151 		syslog(LOG_ERR, "ubind: %m");
152 		exit(1);
153 	}
154 	sigsetmask(omask);
155 	defreadfds = 1 << funix;
156 	listen(funix, 5);
157 	finet = socket(AF_INET, SOCK_STREAM, 0);
158 	if (finet >= 0) {
159 		struct servent *sp;
160 
161 		if (options & SO_DEBUG)
162 			if (setsockopt(finet, SOL_SOCKET, SO_DEBUG, 0, 0) < 0) {
163 				syslog(LOG_ERR, "setsockopt (SO_DEBUG): %m");
164 				mcleanup();
165 			}
166 		sp = getservbyname("printer", "tcp");
167 		if (sp == NULL) {
168 			syslog(LOG_ERR, "printer/tcp: unknown service");
169 			mcleanup();
170 		}
171 		sin.sin_family = AF_INET;
172 		sin.sin_port = sp->s_port;
173 		if (bind(finet, &sin, sizeof(sin), 0) < 0) {
174 			syslog(LOG_ERR, "bind: %m");
175 			mcleanup();
176 		}
177 		defreadfds |= 1 << finet;
178 		listen(finet, 5);
179 	}
180 	/*
181 	 * Main loop: accept, do a request, continue.
182 	 */
183 	for (;;) {
184 		int domain, nfds, s, readfds = defreadfds;
185 
186 		nfds = select(20, &readfds, 0, 0, 0);
187 		if (nfds <= 0) {
188 			if (nfds < 0 && errno != EINTR)
189 				syslog(LOG_WARNING, "select: %m");
190 			continue;
191 		}
192 		if (readfds & (1 << funix)) {
193 			domain = AF_UNIX, fromlen = sizeof(fromunix);
194 			s = accept(funix, &fromunix, &fromlen);
195 		} else if (readfds & (1 << finet)) {
196 			domain = AF_INET, fromlen = sizeof(frominet);
197 			s = accept(finet, &frominet, &fromlen);
198 		}
199 		if (s < 0) {
200 			if (errno != EINTR)
201 				syslog(LOG_WARNING, "accept: %m");
202 			continue;
203 		}
204 		if (fork() == 0) {
205 			signal(SIGCHLD, SIG_IGN);
206 			signal(SIGHUP, SIG_IGN);
207 			signal(SIGINT, SIG_IGN);
208 			signal(SIGQUIT, SIG_IGN);
209 			signal(SIGTERM, SIG_IGN);
210 			(void) close(funix);
211 			(void) close(finet);
212 			dup2(s, 1);
213 			(void) close(s);
214 			if (domain == AF_INET)
215 				chkhost(&frominet);
216 			doit();
217 			exit(0);
218 		}
219 		(void) close(s);
220 	}
221 }
222 
223 reapchild()
224 {
225 	union wait status;
226 
227 	while (wait3(&status, WNOHANG, 0) > 0)
228 		;
229 }
230 
231 mcleanup()
232 {
233 	if (lflag)
234 		syslog(LOG_INFO, "exiting");
235 	unlink(_PATH_SOCKETNAME);
236 	exit(0);
237 }
238 
239 /*
240  * Stuff for handling job specifications
241  */
242 char	*user[MAXUSERS];	/* users to process */
243 int	users;			/* # of users in user array */
244 int	requ[MAXREQUESTS];	/* job number of spool entries */
245 int	requests;		/* # of spool requests */
246 char	*person;		/* name of person doing lprm */
247 
248 char	fromb[32];	/* buffer for client's machine name */
249 char	cbuf[BUFSIZ];	/* command line buffer */
250 char	*cmdnames[] = {
251 	"null",
252 	"printjob",
253 	"recvjob",
254 	"displayq short",
255 	"displayq long",
256 	"rmjob"
257 };
258 
259 doit()
260 {
261 	register char *cp;
262 	register int n;
263 
264 	for (;;) {
265 		cp = cbuf;
266 		do {
267 			if (cp >= &cbuf[sizeof(cbuf) - 1])
268 				fatal("Command line too long");
269 			if ((n = read(1, cp, 1)) != 1) {
270 				if (n < 0)
271 					fatal("Lost connection");
272 				return;
273 			}
274 		} while (*cp++ != '\n');
275 		*--cp = '\0';
276 		cp = cbuf;
277 		if (lflag) {
278 			if (*cp >= '\1' && *cp <= '\5')
279 				syslog(LOG_INFO, "%s requests %s %s",
280 					from, cmdnames[*cp], cp+1);
281 			else
282 				syslog(LOG_INFO, "bad request (%d) from %s",
283 					*cp, from);
284 		}
285 		switch (*cp++) {
286 		case '\1':	/* check the queue and print any jobs there */
287 			printer = cp;
288 			printjob();
289 			break;
290 		case '\2':	/* receive files to be queued */
291 			printer = cp;
292 			recvjob();
293 			break;
294 		case '\3':	/* display the queue (short form) */
295 		case '\4':	/* display the queue (long form) */
296 			printer = cp;
297 			while (*cp) {
298 				if (*cp != ' ') {
299 					cp++;
300 					continue;
301 				}
302 				*cp++ = '\0';
303 				while (isspace(*cp))
304 					cp++;
305 				if (*cp == '\0')
306 					break;
307 				if (isdigit(*cp)) {
308 					if (requests >= MAXREQUESTS)
309 						fatal("Too many requests");
310 					requ[requests++] = atoi(cp);
311 				} else {
312 					if (users >= MAXUSERS)
313 						fatal("Too many users");
314 					user[users++] = cp;
315 				}
316 			}
317 			displayq(cbuf[0] - '\3');
318 			exit(0);
319 		case '\5':	/* remove a job from the queue */
320 			printer = cp;
321 			while (*cp && *cp != ' ')
322 				cp++;
323 			if (!*cp)
324 				break;
325 			*cp++ = '\0';
326 			person = cp;
327 			while (*cp) {
328 				if (*cp != ' ') {
329 					cp++;
330 					continue;
331 				}
332 				*cp++ = '\0';
333 				while (isspace(*cp))
334 					cp++;
335 				if (*cp == '\0')
336 					break;
337 				if (isdigit(*cp)) {
338 					if (requests >= MAXREQUESTS)
339 						fatal("Too many requests");
340 					requ[requests++] = atoi(cp);
341 				} else {
342 					if (users >= MAXUSERS)
343 						fatal("Too many users");
344 					user[users++] = cp;
345 				}
346 			}
347 			rmjob();
348 			break;
349 		}
350 		fatal("Illegal service request");
351 	}
352 }
353 
354 /*
355  * Make a pass through the printcap database and start printing any
356  * files left from the last time the machine went down.
357  */
358 startup()
359 {
360 	char buf[BUFSIZ];
361 	register char *cp;
362 	int pid;
363 
364 	printer = buf;
365 
366 	/*
367 	 * Restart the daemons.
368 	 */
369 	while (getprent(buf) > 0) {
370 		for (cp = buf; *cp; cp++)
371 			if (*cp == '|' || *cp == ':') {
372 				*cp = '\0';
373 				break;
374 			}
375 		if ((pid = fork()) < 0) {
376 			syslog(LOG_WARNING, "startup: cannot fork");
377 			mcleanup();
378 		}
379 		if (!pid) {
380 			endprent();
381 			printjob();
382 		}
383 	}
384 }
385 
386 #define DUMMY ":nobody::"
387 
388 /*
389  * Check to see if the from host has access to the line printer.
390  */
391 chkhost(f)
392 	struct sockaddr_in *f;
393 {
394 	register struct hostent *hp;
395 	register FILE *hostf;
396 	register char *cp, *sp;
397 	char ahost[50];
398 	int first = 1;
399 	extern char *inet_ntoa();
400 	int baselen = -1;
401 
402 	f->sin_port = ntohs(f->sin_port);
403 	if (f->sin_family != AF_INET || f->sin_port >= IPPORT_RESERVED)
404 		fatal("Malformed from address");
405 	hp = gethostbyaddr(&f->sin_addr, sizeof(struct in_addr), f->sin_family);
406 	if (hp == 0)
407 		fatal("Host name for your address (%s) unknown",
408 			inet_ntoa(f->sin_addr));
409 
410 	strcpy(fromb, hp->h_name);
411 	from = fromb;
412 	if (!strcmp(from, host))
413 		return;
414 
415 	sp = fromb;
416 	cp = ahost;
417 	while (*sp) {
418 		if (*sp == '.') {
419 			if (baselen == -1)
420 				baselen = sp - fromb;
421 			*cp++ = *sp++;
422 		} else {
423 			*cp++ = isupper(*sp) ? tolower(*sp++) : *sp++;
424 		}
425 	}
426 	*cp = '\0';
427 	hostf = fopen(_PATH_HOSTSEQUIV, "r");
428 again:
429 	if (hostf) {
430 		if (!_validuser(hostf, ahost, DUMMY, DUMMY, baselen)) {
431 			(void) fclose(hostf);
432 			return;
433 		}
434 		(void) fclose(hostf);
435 	}
436 	if (first == 1) {
437 		first = 0;
438 		hostf = fopen(_PATH_HOSTSLPD, "r");
439 		goto again;
440 	}
441 	fatal("Your host does not have line printer access");
442 }
443