1 /* $NetBSD: rsh.c,v 1.22 2003/08/07 11:15:43 agc Exp $ */ 2 3 /*- 4 * Copyright (c) 1983, 1990, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #ifndef lint 34 __COPYRIGHT("@(#) Copyright (c) 1983, 1990, 1993, 1994\n\ 35 The Regents of the University of California. All rights reserved.\n"); 36 #endif /* not lint */ 37 38 #ifndef lint 39 #if 0 40 static char sccsid[] = "@(#)rsh.c 8.4 (Berkeley) 4/29/95"; 41 #else 42 __RCSID("$NetBSD: rsh.c,v 1.22 2003/08/07 11:15:43 agc Exp $"); 43 #endif 44 #endif /* not lint */ 45 46 #include <sys/types.h> 47 #include <sys/socket.h> 48 #include <sys/ioctl.h> 49 #include <sys/file.h> 50 #include <poll.h> 51 52 #include <netinet/in.h> 53 #include <netinet/tcp.h> 54 #include <netdb.h> 55 56 #include <err.h> 57 #include <errno.h> 58 #include <pwd.h> 59 #include <signal.h> 60 #include <stdarg.h> 61 #include <stdio.h> 62 #include <stdlib.h> 63 #include <string.h> 64 #include <unistd.h> 65 66 #include "pathnames.h" 67 68 #ifdef KERBEROS 69 #include <des.h> 70 #include <kerberosIV/krb.h> 71 72 CREDENTIALS cred; 73 Key_schedule schedule; 74 int use_kerberos = 1, doencrypt; 75 char dst_realm_buf[REALM_SZ], *dest_realm; 76 77 void warning(const char *, ...); 78 #endif 79 80 /* 81 * rsh - remote shell 82 */ 83 int remerr; 84 85 static int sigs[] = { SIGINT, SIGTERM, SIGQUIT }; 86 87 char *copyargs(char **); 88 void sendsig(int); 89 int checkfd(struct pollfd *, int); 90 void talk(int, sigset_t *, pid_t, int); 91 void usage(void); 92 int main(int, char **); 93 #ifdef IN_RCMD 94 int orcmd(char **, int, const char *, 95 const char *, const char *, int *); 96 int orcmd_af(char **, int, const char *, 97 const char *, const char *, int *, int); 98 #endif 99 100 int 101 main(int argc, char **argv) 102 { 103 struct passwd *pw; 104 struct servent *sp; 105 sigset_t oset, nset; 106 struct protoent *proto; 107 108 #ifdef IN_RCMD 109 char *locuser = 0, *loop; 110 #endif /* IN_RCMD */ 111 int argoff, asrsh, ch, dflag, nflag, one, rem, i; 112 pid_t pid; 113 uid_t uid; 114 char *args, *host, *p, *user, *name; 115 char *service=NULL; 116 117 argoff = asrsh = dflag = nflag = 0; 118 one = 1; 119 host = user = NULL; 120 sp = NULL; 121 122 #ifndef IN_RCMD 123 /* 124 * If called as something other than "rsh" use it as the host name, 125 * only for rsh. 126 */ 127 if (strcmp(getprogname(), "rsh") == 0) 128 asrsh = 1; 129 else { 130 host = strdup(getprogname()); 131 if (host == NULL) 132 err(1, NULL); 133 } 134 #endif /* IN_RCMD */ 135 136 /* handle "rsh host flags" */ 137 if (!host && argc > 2 && argv[1][0] != '-') { 138 host = argv[1]; 139 argoff = 1; 140 } 141 142 #ifdef IN_RCMD 143 if ((loop = getenv("RCMD_LOOP")) && strcmp(loop, "YES") == 0) 144 warnx("rcmd appears to be looping!"); 145 146 putenv("RCMD_LOOP=YES"); 147 148 # ifdef KERBEROS 149 # ifdef CRYPT 150 # define OPTIONS "8KLdek:l:np:u:wx" 151 # else 152 # define OPTIONS "8KLdek:l:np:u:w" 153 # endif 154 # else 155 # define OPTIONS "8KLdel:np:u:w" 156 # endif 157 158 #else /* IN_RCMD */ 159 160 # ifdef KERBEROS 161 # ifdef CRYPT 162 # define OPTIONS "8KLdek:l:np:wx" 163 # else 164 # define OPTIONS "8KLdek:l:np:w" 165 # endif 166 # else 167 # define OPTIONS "8KLdel:np:w" 168 # endif 169 170 #endif /* IN_RCMD */ 171 172 if (!(pw = getpwuid(uid = getuid()))) 173 errx(1, "unknown user id"); 174 175 if ((name = strdup(pw->pw_name)) == NULL) 176 err(1, "malloc"); 177 while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1) 178 switch(ch) { 179 case 'K': 180 #ifdef KERBEROS 181 use_kerberos = 0; 182 #endif 183 break; 184 case 'L': /* -8Lew are ignored to allow rlogin aliases */ 185 case 'e': 186 case 'w': 187 case '8': 188 break; 189 case 'd': 190 dflag = 1; 191 break; 192 case 'l': 193 user = optarg; 194 break; 195 #ifdef KERBEROS 196 case 'k': 197 strlcpy(dest_realm_buf, optarg, sizeof(dest_realm_buf)); 198 dest_realm = dst_realm_buf; 199 break; 200 #endif 201 case 'n': 202 nflag = 1; 203 break; 204 case 'p': 205 service = optarg; 206 sp = getservbyname(service, "tcp"); 207 if (sp == NULL) { /* number given, no name */ 208 sp = malloc(sizeof(*sp)); 209 memset(sp, 0, sizeof(*sp)); 210 sp->s_name = service; 211 sp->s_proto = "tcp"; 212 sp->s_port = atoi(service); 213 if (sp->s_port <= 0 || sp->s_port > IPPORT_ANONMAX) 214 errx(1,"port must be between 1 and %d", IPPORT_ANONMAX); 215 } 216 break; 217 #ifdef IN_RCMD 218 case 'u': 219 if (getuid() != 0 && optarg && name && 220 strcmp(name, optarg) != 0) 221 errx(1,"only super user can use the -u option"); 222 locuser = optarg; 223 break; 224 #endif /* IN_RCMD */ 225 #ifdef KERBEROS 226 #ifdef CRYPT 227 case 'x': 228 doencrypt = 1; 229 des_set_key((des_cblock *) cred.session, schedule); 230 break; 231 #endif 232 #endif 233 case '?': 234 default: 235 usage(); 236 } 237 optind += argoff; 238 239 /* if haven't gotten a host yet, do so */ 240 if (!host && !(host = argv[optind++])) 241 usage(); 242 243 /* if no further arguments, must have been called as rlogin. */ 244 if (!argv[optind]) { 245 #ifdef IN_RCMD 246 usage(); 247 #else 248 if (asrsh) 249 *argv = "rlogin"; 250 execv(_PATH_RLOGIN, argv); 251 err(1, "can't exec %s", _PATH_RLOGIN); 252 #endif 253 } 254 255 argc -= optind; 256 argv += optind; 257 258 /* Accept user1@host format, though "-l user2" overrides user1 */ 259 p = strchr(host, '@'); 260 if (p) { 261 *p = '\0'; 262 if (!user && p > host) 263 user = host; 264 host = p + 1; 265 if (*host == '\0') 266 usage(); 267 } 268 if (!user) 269 user = name; 270 271 #ifdef KERBEROS 272 #ifdef CRYPT 273 /* -x turns off -n */ 274 if (doencrypt) 275 nflag = 0; 276 #endif 277 #endif 278 279 args = copyargs(argv); 280 281 #ifdef KERBEROS 282 if (use_kerberos) { 283 if (sp == NULL) { 284 sp = getservbyname((doencrypt ? "ekshell" : "kshell"), "tcp"); 285 } 286 if (sp == NULL) { 287 use_kerberos = 0; 288 warning("can't get entry for %s/tcp service", 289 doencrypt ? "ekshell" : "kshell"); 290 } 291 } 292 #endif 293 if (sp == NULL) 294 sp = getservbyname("shell", "tcp"); 295 if (sp == NULL) 296 errx(1, "shell/tcp: unknown service"); 297 298 #ifdef KERBEROS 299 try_connect: 300 if (use_kerberos) { 301 #if 1 302 struct hostent *hp; 303 304 /* fully qualify hostname (needed for krb_realmofhost) */ 305 hp = gethostbyname(host); 306 if (hp != NULL && !(host = strdup(hp->h_name))) 307 err(1, "strdup"); 308 #endif 309 310 rem = KSUCCESS; 311 errno = 0; 312 if (dest_realm == NULL) 313 dest_realm = krb_realmofhost(host); 314 315 #ifdef CRYPT 316 if (doencrypt) 317 rem = krcmd_mutual(&host, sp->s_port, user, args, 318 &remerr, dest_realm, &cred, schedule); 319 else 320 #endif 321 rem = krcmd(&host, sp->s_port, user, args, &remerr, 322 dest_realm); 323 if (rem < 0) { 324 use_kerberos = 0; 325 sp = getservbyname("shell", "tcp"); 326 if (sp == NULL) 327 errx(1, "shell/tcp: unknown service"); 328 if (errno == ECONNREFUSED) 329 warning("remote host doesn't support Kerberos"); 330 if (errno == ENOENT) 331 warning("can't provide Kerberos auth data"); 332 goto try_connect; 333 } 334 } else { 335 if (doencrypt) 336 errx(1, "the -x flag requires Kerberos authentication."); 337 #ifdef IN_RCMD 338 rem = orcmd_af(&host, sp->s_port, locuser ? locuser : 339 #else 340 rem = rcmd_af(&host, sp->s_port, 341 #endif 342 name, 343 user, args, &remerr, PF_UNSPEC); 344 } 345 #else /* KERBEROS */ 346 347 #ifdef IN_RCMD 348 rem = orcmd_af(&host, sp->s_port, locuser ? locuser : 349 #else 350 rem = rcmd_af(&host, sp->s_port, 351 #endif 352 name, user, args, &remerr, PF_UNSPEC); 353 #endif /* KERBEROS */ 354 (void)free(name); 355 356 if (rem < 0) 357 exit(1); 358 359 if (remerr < 0) 360 errx(1, "can't establish stderr"); 361 if (dflag) { 362 if (setsockopt(rem, SOL_SOCKET, SO_DEBUG, &one, 363 sizeof(one)) < 0) 364 warn("setsockopt remote"); 365 if (setsockopt(remerr, SOL_SOCKET, SO_DEBUG, &one, 366 sizeof(one)) < 0) 367 warn("setsockopt stderr"); 368 } 369 proto = getprotobyname("tcp"); 370 setsockopt(rem, proto->p_proto, TCP_NODELAY, &one, sizeof(one)); 371 setsockopt(remerr, proto->p_proto, TCP_NODELAY, &one, sizeof(one)); 372 373 374 (void) setuid(uid); 375 376 (void) sigemptyset(&nset); 377 for (i = 0; i < sizeof(sigs) / sizeof(sigs[0]); i++) 378 (void) sigaddset(&nset, sigs[i]); 379 380 (void) sigprocmask(SIG_BLOCK, &nset, &oset); 381 382 for (i = 0; i < sizeof(sigs) / sizeof(sigs[0]); i++) { 383 struct sigaction sa; 384 385 if (sa.sa_handler != SIG_IGN) { 386 sa.sa_handler = sendsig; 387 (void) sigaction(sigs[i], &sa, NULL); 388 } 389 } 390 391 if (!nflag) { 392 pid = fork(); 393 if (pid < 0) 394 err(1, "fork"); 395 } 396 else 397 pid = -1; 398 399 #if defined(KERBEROS) && defined(CRYPT) 400 if (!doencrypt) 401 #endif 402 { 403 (void)ioctl(remerr, FIONBIO, &one); 404 (void)ioctl(rem, FIONBIO, &one); 405 } 406 407 talk(nflag, &oset, pid, rem); 408 409 if (!nflag) 410 (void)kill(pid, SIGKILL); 411 exit(0); 412 } 413 414 int 415 checkfd(struct pollfd *fdp, int outfd) 416 { 417 int nr, nw; 418 char buf[BUFSIZ]; 419 420 if (fdp->revents & (POLLNVAL|POLLERR|POLLHUP)) 421 return -1; 422 423 if ((fdp->revents & POLLIN) == 0) 424 return 0; 425 426 errno = 0; 427 #if defined(KERBEROS) && defined(CRYPT) 428 if (doencrypt) 429 nr = des_read(fdp->fd, buf, sizeof buf); 430 else 431 #endif 432 nr = read(fdp->fd, buf, sizeof buf); 433 434 if (nr <= 0) { 435 if (errno != EAGAIN) 436 return -1; 437 else 438 return 0; 439 } 440 else { 441 char *bc = buf; 442 while (nr) { 443 if ((nw = write(outfd, bc, nr)) <= 0) 444 return -1; 445 nr -= nw; 446 bc += nw; 447 } 448 return 0; 449 } 450 } 451 452 void 453 talk(int nflag, sigset_t *oset, __pid_t pid, int rem) 454 { 455 int nr, nw, nfds; 456 struct pollfd fds[2], *fdp = &fds[0]; 457 char *bp, buf[BUFSIZ]; 458 459 460 if (!nflag && pid == 0) { 461 (void)close(remerr); 462 463 fdp->events = POLLOUT|POLLNVAL|POLLERR|POLLHUP; 464 fdp->fd = rem; 465 nr = 0; 466 bp = buf; 467 468 for (;;) { 469 errno = 0; 470 471 if (nr == 0) { 472 if ((nr = read(0, buf, sizeof buf)) == 0) 473 goto done; 474 if (nr == -1) { 475 if (errno == EIO) 476 goto done; 477 if (errno == EINTR) 478 continue; 479 err(1, "read"); 480 } 481 bp = buf; 482 } 483 484 rewrite: if (poll(fdp, 1, INFTIM) == -1) { 485 if (errno != EINTR) 486 err(1, "poll"); 487 goto rewrite; 488 } 489 490 if (fdp->revents & (POLLNVAL|POLLERR|POLLHUP)) 491 err(1, "poll"); 492 493 if ((fdp->revents & POLLOUT) == 0) 494 goto rewrite; 495 496 #if defined(KERBEROS) && defined(CRYPT) 497 if (doencrypt) 498 nw = des_write(rem, bp, nr); 499 else 500 #endif 501 nw = write(rem, bp, nr); 502 503 if (nw < 0) { 504 if (errno == EAGAIN) 505 continue; 506 err(1, "write"); 507 } 508 bp += nw; 509 nr -= nw; 510 } 511 done: 512 (void)shutdown(rem, 1); 513 exit(0); 514 } 515 516 (void) sigprocmask(SIG_SETMASK, oset, NULL); 517 fds[0].events = fds[1].events = POLLIN|POLLNVAL|POLLERR|POLLHUP; 518 fds[0].fd = remerr; 519 fds[1].fd = rem; 520 fdp = &fds[0]; 521 nfds = 2; 522 do { 523 if (poll(fdp, nfds, INFTIM) == -1) { 524 if (errno != EINTR) 525 err(1, "poll"); 526 continue; 527 } 528 if (fds[0].events != 0 && checkfd(&fds[0], 2) == -1) { 529 nfds--; 530 fds[0].events = 0; 531 fdp = &fds[1]; 532 } 533 if (fds[1].events != 0 && checkfd(&fds[1], 1) == -1) { 534 nfds--; 535 fds[1].events = 0; 536 } 537 } 538 while (nfds); 539 } 540 541 void 542 sendsig(int sig) 543 { 544 char signo; 545 546 signo = sig; 547 #ifdef KERBEROS 548 #ifdef CRYPT 549 if (doencrypt) 550 (void)des_write(remerr, &signo, 1); 551 else 552 #endif 553 #endif 554 (void)write(remerr, &signo, 1); 555 } 556 557 #ifdef KERBEROS 558 /* VARARGS */ 559 void 560 warning(const char *fmt, ...) 561 { 562 va_list ap; 563 564 va_start(ap, fmt); 565 (void) fprintf(stderr, "%s: warning, using standard rsh: ", 566 getprogname()); 567 (void) vfprintf(stderr, fmt, ap); 568 va_end(ap); 569 (void) fprintf(stderr, ".\n"); 570 } 571 #endif 572 573 char * 574 copyargs(char **argv) 575 { 576 int cc; 577 char **ap, *args, *p, *ep; 578 579 cc = 0; 580 for (ap = argv; *ap; ++ap) 581 cc += strlen(*ap) + 1; 582 if (!(args = malloc((u_int)cc))) 583 err(1, "malloc"); 584 ep = args + cc; 585 for (p = args, *p = '\0', ap = argv; *ap; ++ap) { 586 (void)strlcpy(p, *ap, ep - p); 587 p += strlen(p); 588 if (ap[1]) 589 *p++ = ' '; 590 } 591 *p = '\0'; 592 return (args); 593 } 594 595 void 596 usage(void) 597 { 598 599 (void)fprintf(stderr, 600 "usage: %s [-nd%s]%s[-l login] [-p port]%s [login@]host %s\n", getprogname(), 601 #ifdef KERBEROS 602 #ifdef CRYPT 603 "x", " [-k realm] ", 604 #else 605 "", " [-k realm] ", 606 #endif 607 #else 608 "", " ", 609 #endif 610 #ifdef IN_RCMD 611 " [-u locuser]", "command" 612 #else 613 "", "[command]" 614 #endif 615 ); 616 exit(1); 617 } 618