7080b0ab49867e6452953abda3be0585ee44904c
[dragonfly.git] / usr.bin / rsh / rsh.c
1 /*-
2  * Copyright (c) 1983, 1990, 1993, 1994
3  *      The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  * 3. All advertising materials mentioning features or use of this software
14  *    must display the following acknowledgement:
15  *      This product includes software developed by the University of
16  *      California, Berkeley and its contributors.
17  * 4. Neither the name of the University nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  *
33  * @(#) Copyright (c) 1983, 1990, 1993, 1994 The Regents of the University of California.  All rights reserved.
34  * @(#)rsh.c    8.3 (Berkeley) 4/6/94
35  * $FreeBSD: src/usr.bin/rsh/rsh.c,v 1.21.2.4 2002/09/17 15:34:41 nectar Exp $
36  * $DragonFly: src/usr.bin/rsh/rsh.c,v 1.7 2007/05/18 17:05:12 dillon Exp $
37  */
38
39 #include <sys/param.h>
40 #include <sys/signal.h>
41 #include <sys/socket.h>
42 #include <sys/ioctl.h>
43 #include <sys/file.h>
44 #include <sys/time.h>
45
46 #include <netinet/in.h>
47 #include <netdb.h>
48
49 #include <err.h>
50 #include <errno.h>
51 #include <libutil.h>
52 #include <pwd.h>
53 #include <signal.h>
54 #include <stdio.h>
55 #include <stdlib.h>
56 #include <string.h>
57 #include <unistd.h>
58
59 #include "pathnames.h"
60
61 #ifdef KERBEROS
62 #include <openssl/des.h>
63 #include <krb.h>
64 #include "krb.h"
65
66 CREDENTIALS cred;
67 Key_schedule schedule;
68 int use_kerberos = 1, doencrypt;
69 char dst_realm_buf[REALM_SZ], *dest_realm;
70 extern char *krb_realmofhost();
71 #endif
72
73 /*
74  * rsh - remote shell
75  */
76 int     rfd2;
77
78 int family = PF_UNSPEC;
79
80 void    connect_timeout(int);
81 char   *copyargs(char **);
82 void    sendsig(int);
83 void    talk(int, long, pid_t, int, int);
84 void    usage(void);
85
86 static char rlogin[] = "rlogin";
87
88 int
89 main(int argc, char **argv)
90 {
91         struct passwd *pw;
92         struct servent *sp;
93         long omask;
94         int argoff, asrsh, ch, dflag, nflag, one, rem;
95         pid_t pid = 0;
96         uid_t uid;
97         char *args, *host, *p, *user;
98         int timeout = 0;
99 #ifdef KERBEROS
100         char *k;
101 #endif
102
103         argoff = asrsh = dflag = nflag = 0;
104         one = 1;
105         host = user = NULL;
106
107         /* if called as something other than "rsh", use it as the host name */
108         if ((p = strrchr(argv[0], '/')))
109                 ++p;
110         else
111                 p = argv[0];
112         if (strcmp(p, "rsh"))
113                 host = p;
114         else
115                 asrsh = 1;
116
117         /* handle "rsh host flags" */
118         if (!host && argc > 2 && argv[1][0] != '-') {
119                 host = argv[1];
120                 argoff = 1;
121         }
122
123 #ifdef KERBEROS
124 #ifdef CRYPT
125 #define OPTIONS "468KLde:k:l:nt:wx"
126 #else
127 #define OPTIONS "468KLde:k:l:nt:w"
128 #endif
129 #else
130 #define OPTIONS "468KLde:l:nt:w"
131 #endif
132         while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1)
133                 switch(ch) {
134                 case '4':
135                         family = PF_INET;
136                         break;
137
138                 case '6':
139                         family = PF_INET6;
140                         break;
141
142                 case 'K':
143 #ifdef KERBEROS
144                         use_kerberos = 0;
145 #endif
146                         break;
147                 case 'L':       /* -8Lew are ignored to allow rlogin aliases */
148                 case 'e':
149                 case 'w':
150                 case '8':
151                         break;
152                 case 'd':
153                         dflag = 1;
154                         break;
155                 case 'l':
156                         user = optarg;
157                         break;
158 #ifdef KERBEROS
159                 case 'k':
160                         dest_realm = dst_realm_buf;
161                         strncpy(dest_realm, optarg, REALM_SZ);
162                         break;
163 #endif
164                 case 'n':
165                         nflag = 1;
166                         break;
167 #ifdef KERBEROS
168 #ifdef CRYPT
169                 case 'x':
170                         doencrypt = 1;
171                         break;
172 #endif
173 #endif
174                 case 't':
175                         timeout = atoi(optarg);
176                         break;
177                 case '?':
178                 default:
179                         usage();
180                 }
181         optind += argoff;
182
183         /* if haven't gotten a host yet, do so */
184         if (!host && !(host = argv[optind++]))
185                 usage();
186
187         /* if no further arguments, must have been called as rlogin. */
188         if (!argv[optind]) {
189                 if (asrsh)
190                         *argv = rlogin;
191                 execv(_PATH_RLOGIN, argv);
192                 err(1, "can't exec %s", _PATH_RLOGIN);
193         }
194
195         argc -= optind;
196         argv += optind;
197
198         if (!(pw = getpwuid(uid = getuid())))
199                 errx(1, "unknown user id");
200         if (!user)
201                 user = pw->pw_name;
202
203 #ifdef KERBEROS
204 #ifdef CRYPT
205         /* -x turns off -n */
206         if (doencrypt)
207                 nflag = 0;
208 #endif
209 #endif
210
211         args = copyargs(argv);
212
213         sp = NULL;
214 #ifdef KERBEROS
215         k = auth_getval("auth_list");
216         if (k && !strstr(k, "kerberos"))
217             use_kerberos = 0;
218         if (use_kerberos) {
219                 sp = getservbyname((doencrypt ? "ekshell" : "kshell"), "tcp");
220                 if (sp == NULL) {
221                         use_kerberos = 0;
222                         warnx(
223         "warning, using standard rsh: can't get entry for %s/tcp service",
224                             doencrypt ? "ekshell" : "kshell");
225                 }
226         }
227 #endif
228         if (sp == NULL)
229                 sp = getservbyname("shell", "tcp");
230         if (sp == NULL)
231                 errx(1, "shell/tcp: unknown service");
232
233 #ifdef KERBEROS
234 try_connect:
235         if (use_kerberos) {
236                 struct hostent *hp;
237
238                 /* fully qualify hostname (needed for krb_realmofhost) */
239                 hp = gethostbyname(host);
240                 if (hp != NULL && !(host = strdup(hp->h_name)))
241                         err(1, NULL);
242
243                 rem = KSUCCESS;
244                 errno = 0;
245                 if (dest_realm == NULL)
246                         dest_realm = krb_realmofhost(host);
247
248 #ifdef CRYPT
249                 if (doencrypt) {
250                         rem = krcmd_mutual(&host, sp->s_port, user, args,
251                             &rfd2, dest_realm, &cred, schedule);
252                         des_set_key(&cred.session, schedule);
253                 } else
254 #endif
255                         rem = krcmd(&host, sp->s_port, user, args, &rfd2,
256                             dest_realm);
257                 if (rem < 0) {
258                         use_kerberos = 0;
259                         sp = getservbyname("shell", "tcp");
260                         if (sp == NULL)
261                                 errx(1, "shell/tcp: unknown service");
262                         if (errno == ECONNREFUSED)
263                                 warnx(
264                 "warning, using standard rsh: remote host doesn't support Kerberos");
265                         if (errno == ENOENT)
266                                 warnx(
267                 "warning, using standard rsh: can't provide Kerberos auth data");
268                         goto try_connect;
269                 }
270         } else {
271                 if (doencrypt)
272                         errx(1, "the -x flag requires Kerberos authentication");
273                 rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args,
274                               &rfd2, family);
275         }
276 #else
277         if (timeout) {
278                 signal(SIGALRM, connect_timeout);
279                 alarm(timeout);
280         }
281         rem = rcmd_af(&host, sp->s_port, pw->pw_name, user, args, &rfd2,
282                       family);
283         if (timeout) {
284                 signal(SIGALRM, SIG_DFL);
285                 alarm(0);
286         }
287 #endif
288
289         if (rem < 0)
290                 exit(1);
291
292         if (rfd2 < 0)
293                 errx(1, "can't establish stderr");
294         if (dflag) {
295                 if (setsockopt(rem, SOL_SOCKET, SO_DEBUG, &one,
296                     sizeof(one)) < 0)
297                         warn("setsockopt");
298                 if (setsockopt(rfd2, SOL_SOCKET, SO_DEBUG, &one,
299                     sizeof(one)) < 0)
300                         warn("setsockopt");
301         }
302
303         setuid(uid);
304         omask = sigblock(sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGTERM));
305         if (signal(SIGINT, SIG_IGN) != SIG_IGN)
306                 signal(SIGINT, sendsig);
307         if (signal(SIGQUIT, SIG_IGN) != SIG_IGN)
308                 signal(SIGQUIT, sendsig);
309         if (signal(SIGTERM, SIG_IGN) != SIG_IGN)
310                 signal(SIGTERM, sendsig);
311
312         if (!nflag) {
313                 pid = fork();
314                 if (pid < 0)
315                         err(1, "fork");
316         }
317         else
318                 shutdown(rem, SHUT_WR);
319
320 #ifdef KERBEROS
321 #ifdef CRYPT
322         if (!doencrypt)
323 #endif
324 #endif
325         {
326                 ioctl(rfd2, FIONBIO, &one);
327                 ioctl(rem, FIONBIO, &one);
328         }
329
330         talk(nflag, omask, pid, rem, timeout);
331
332         if (!nflag)
333                 kill(pid, SIGKILL);
334         exit(0);
335 }
336
337 void
338 talk(int nflag, long omask, pid_t pid, int rem, int timeout)
339 {
340         int cc, wc;
341         fd_set readfrom, ready, rembits;
342         char *bp, buf[BUFSIZ];
343         struct timeval tvtimeout;
344         int nfds, srval;
345
346         if (!nflag && pid == 0) {
347                 close(rfd2);
348
349 reread:         errno = 0;
350                 if ((cc = read(STDIN_FILENO, buf, sizeof(buf))) <= 0)
351                         goto done;
352                 bp = buf;
353
354 rewrite:
355                 if (rem >= FD_SETSIZE)
356                         errx(1, "descriptor too big");
357                 FD_ZERO(&rembits);
358                 FD_SET(rem, &rembits);
359                 nfds = rem + 1;
360                 if (select(nfds, 0, &rembits, 0, 0) < 0) {
361                         if (errno != EINTR)
362                                 err(1, "select");
363                         goto rewrite;
364                 }
365                 if (!FD_ISSET(rem, &rembits))
366                         goto rewrite;
367 #ifdef KERBEROS
368 #ifdef CRYPT
369                 if (doencrypt)
370                         wc = des_enc_write(rem, bp, cc, schedule, &cred.session);
371                 else
372 #endif
373 #endif
374                         wc = write(rem, bp, cc);
375                 if (wc < 0) {
376                         if (errno == EWOULDBLOCK)
377                                 goto rewrite;
378                         goto done;
379                 }
380                 bp += wc;
381                 cc -= wc;
382                 if (cc == 0)
383                         goto reread;
384                 goto rewrite;
385 done:
386                 shutdown(rem, SHUT_WR);
387                 exit(0);
388         }
389
390         tvtimeout.tv_sec = timeout;
391         tvtimeout.tv_usec = 0;
392
393         sigsetmask(omask);
394         if (rfd2 >= FD_SETSIZE || rem >= FD_SETSIZE)
395                 errx(1, "descriptor too big");
396         FD_ZERO(&readfrom);
397         FD_SET(rfd2, &readfrom);
398         FD_SET(rem, &readfrom);
399         nfds = MAX(rfd2+1, rem+1);
400         do {
401                 ready = readfrom;
402                 if (timeout) {
403                         srval = select(nfds, &ready, 0, 0, &tvtimeout);
404                 } else {
405                         srval = select(nfds, &ready, 0, 0, 0);
406                 }
407
408                 if (srval < 0) {
409                         if (errno != EINTR)
410                                 err(1, "select");
411                         continue;
412                 }
413                 if (srval == 0)
414                         errx(1, "timeout reached (%d seconds)", timeout);
415                 if (FD_ISSET(rfd2, &ready)) {
416                         errno = 0;
417 #ifdef KERBEROS
418 #ifdef CRYPT
419                         if (doencrypt)
420                                 cc = des_enc_read(rfd2, buf, sizeof(buf), schedule, &cred.session);
421                         else
422 #endif
423 #endif
424                                 cc = read(rfd2, buf, sizeof(buf));
425                         if (cc <= 0) {
426                                 if (errno != EWOULDBLOCK)
427                                         FD_CLR(rfd2, &readfrom);
428                         } else
429                                 write(STDERR_FILENO, buf, cc);
430                 }
431                 if (FD_ISSET(rem, &ready)) {
432                         errno = 0;
433 #ifdef KERBEROS
434 #ifdef CRYPT
435                         if (doencrypt)
436                                 cc = des_enc_read(rem, buf, sizeof(buf), schedule, &cred.session);
437                         else
438 #endif
439 #endif
440                                 cc = read(rem, buf, sizeof(buf));
441                         if (cc <= 0) {
442                                 if (errno != EWOULDBLOCK)
443                                         FD_CLR(rem, &readfrom);
444                         } else
445                                 write(STDOUT_FILENO, buf, cc);
446                 }
447         } while (FD_ISSET(rfd2, &readfrom) || FD_ISSET(rem, &readfrom));
448 }
449
450 void
451 connect_timeout(__unused int sig)
452 {
453         char message[] = "timeout reached before connection completed.\n";
454
455         write(STDERR_FILENO, message, sizeof(message) - 1);
456         _exit(1);
457 }
458
459 void
460 sendsig(int sig)
461 {
462         char signo;
463
464         signo = sig;
465 #ifdef KERBEROS
466 #ifdef CRYPT
467         if (doencrypt)
468                 des_enc_write(rfd2, &signo, 1, schedule, &cred.session);
469         else
470 #endif
471 #endif
472                 write(rfd2, &signo, 1);
473 }
474
475 char *
476 copyargs(char **argv)
477 {
478         int cc;
479         char **ap, *args, *p;
480
481         cc = 0;
482         for (ap = argv; *ap; ++ap)
483                 cc += strlen(*ap) + 1;
484         if (!(args = malloc((u_int)cc)))
485                 err(1, NULL);
486         for (p = args, ap = argv; *ap; ++ap) {
487                 strcpy(p, *ap);
488                 for (p = strcpy(p, *ap); *p; ++p);
489                 if (ap[1])
490                         *p++ = ' ';
491         }
492         return (args);
493 }
494
495 void
496 usage(void)
497 {
498
499         fprintf(stderr,
500             "usage: rsh [-46] [-ndK%s]%s[-l login] [-t timeout] host [command]\n",
501 #ifdef KERBEROS
502 #ifdef CRYPT
503             "x", " [-k realm] ");
504 #else
505             "", " [-k realm] ");
506 #endif
507 #else
508             "", " ");
509 #endif
510         exit(1);
511 }
512