2 * Copyright (c) 1983, 1990, 1993
3 * The Regents of the University of California. All rights reserved.
4 * Copyright (c) 2002 Networks Associates Technology, Inc.
7 * Portions of this software were developed for the FreeBSD Project by
8 * ThinkSec AS and NAI Labs, the Security Research Division of Network
9 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
10 * ("CBOSS"), as part of the DARPA CHATS research program.
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 3. All advertising materials mentioning features or use of this software
21 * must display the following acknowledgement:
22 * This product includes software developed by the University of
23 * California, Berkeley and its contributors.
24 * 4. Neither the name of the University nor the names of its contributors
25 * may be used to endorse or promote products derived from this software
26 * without specific prior written permission.
28 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
29 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
30 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
31 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
32 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
33 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
42 static const char copyright[] =
43 "@(#) Copyright (c) 1983, 1990, 1993\n\
44 The Regents of the University of California. All rights reserved.\n";
48 static const char sccsid[] = "@(#)rlogin.c 8.1 (Berkeley) 6/6/93";
49 static const char rcsid[] =
50 "$FreeBSD: src/usr.bin/rlogin/rlogin.c,v 1.24.2.2 2002/07/19 18:03:41 ru Exp $";
54 * rlogin - remote login
56 #include <sys/param.h>
57 #include <sys/socket.h>
59 #include <sys/resource.h>
62 #include <netinet/in.h>
63 #include <netinet/in_systm.h>
64 #include <netinet/ip.h>
65 #include <netinet/tcp.h>
84 #include <openssl/des.h>
90 Key_schedule schedule;
91 int use_kerberos = 1, doencrypt;
92 char dst_realm_buf[REALM_SZ], *dest_realm = NULL;
95 #ifndef TIOCPKT_WINDOW
96 #define TIOCPKT_WINDOW 0x80
99 /* concession to Sun */
104 int eight, litout, rem;
105 int family = PF_UNSPEC;
108 u_char escapechar = '~';
111 "0", "50", "75", "110", "134", "150", "200", "300", "600", "1200",
112 "1800", "2400", "4800", "9600", "19200", "38400", "57600", "115200"
113 #define MAX_SPEED_LENGTH (sizeof("115200") - 1)
118 unsigned short ws_row, ws_col;
119 unsigned short ws_xpixel, ws_ypixel;
122 #define get_window_size(fd, wp) ioctl(fd, TIOCGWINSZ, wp)
124 struct winsize winsize;
126 void catch_child __P((int));
127 void copytochild __P((int));
128 void doit __P((long)) __dead2;
129 void done __P((int)) __dead2;
130 void echo __P((char));
131 u_int getescape __P((char *));
132 void lostpeer __P((int));
133 void mode __P((int));
134 void msg __P((char *));
136 int reader __P((int));
137 void sendwindow __P((void));
138 void setsignal __P((int));
139 void sigwinch __P((int));
140 void stop __P((char));
141 void usage __P((void)) __dead2;
142 void writer __P((void));
143 void writeroob __P((int));
146 int get_window_size __P((int, struct winsize *));
158 int argoff, ch, dflag, Dflag, one, uid;
159 char *host, *localname, *p, *user, term[1024];
163 struct sockaddr_storage ss;
166 argoff = dflag = Dflag = 0;
168 host = localname = user = NULL;
170 if ((p = rindex(argv[0], '/')))
175 if (strcmp(p, "rlogin"))
178 /* handle "rlogin host flags" */
179 if (!host && argc > 2 && argv[1][0] != '-') {
185 #define OPTIONS "468DEKLde:i:k:l:x"
187 #define OPTIONS "468DEKLde:i:l:"
189 while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1)
221 escapechar = getescape(optarg);
225 errx(1, "-i user: permission denied");
230 dest_realm = dst_realm_buf;
231 (void)strncpy(dest_realm, optarg, REALM_SZ);
250 /* if haven't gotten a host yet, do so */
251 if (!host && !(host = argv[optind++]))
257 if (!(pw = getpwuid(uid = getuid())))
258 errx(1, "unknown user id");
262 localname = pw->pw_name;
266 k = auth_getval("auth_list");
267 if (k && !strstr(k, "kerberos"))
270 sp = getservbyname((doencrypt ? "eklogin" : "klogin"), "tcp");
273 warn("can't get entry for %s/tcp service",
274 doencrypt ? "eklogin" : "klogin");
279 sp = getservbyname("login", "tcp");
281 errx(1, "login/tcp: unknown service");
283 #define MAX_TERM_LENGTH (sizeof(term) - 1 - MAX_SPEED_LENGTH - 1)
285 (void)strncpy(term, (p = getenv("TERM")) ? p : "network",
287 term[MAX_TERM_LENGTH] = '\0';
288 if (ioctl(0, TIOCGETP, &ttyb) == 0) {
289 (void)strcat(term, "/");
290 (void)strcat(term, speeds[(int)ttyb.sg_ospeed]);
293 (void)get_window_size(0, &winsize);
295 (void)signal(SIGPIPE, lostpeer);
296 /* will use SIGUSR1 for window size hack, so hold it off */
297 omask = sigblock(sigmask(SIGURG) | sigmask(SIGUSR1));
299 * We set SIGURG and SIGUSR1 below so that an
300 * incoming signal will be held pending rather than being
301 * discarded. Note that these routines will be ready to get
302 * a signal by the time that they are unblocked below.
304 (void)signal(SIGURG, copytochild);
305 (void)signal(SIGUSR1, writeroob);
312 if (dest_realm == NULL)
313 dest_realm = krb_realmofhost(host);
317 rem = krcmd_mutual(&host, sp->s_port, user, term, 0,
318 dest_realm, &cred, schedule);
319 des_set_key(&cred.session, schedule);
322 rem = krcmd(&host, sp->s_port, user, term, 0,
328 sp = getservbyname("login", "tcp");
330 errx(1, "unknown service login/tcp");
331 if (errno == ECONNREFUSED)
332 warn("remote host doesn't support Kerberos");
334 warn("can't provide Kerberos auth data");
335 newargv = malloc((argc + 2) * sizeof(*newargv));
338 newargv[0] = argv[0];
340 for(i = 1; i < argc; ++i)
341 newargv[i + 1] = argv[i];
342 newargv[argc + 1] = NULL;
343 execv(_PATH_RLOGIN, newargv);
348 errx(1, "the -x flag requires Kerberos authentication");
350 rem = rcmd_af(&host, sp->s_port, localname, user, term, 0,
354 rem = rcmd_af(&host, sp->s_port, localname, user, term, 0, family);
355 #endif /* KERBEROS */
361 setsockopt(rem, SOL_SOCKET, SO_DEBUG, &one, sizeof(one)) < 0)
364 setsockopt(rem, IPPROTO_TCP, TCP_NODELAY, &one, sizeof(one)) < 0)
365 warn("setsockopt NODELAY (ignored)");
368 one = IPTOS_LOWDELAY;
369 if (getsockname(rem, (struct sockaddr *)&ss, &sslen) == 0 &&
370 ss.ss_family == AF_INET) {
371 if (setsockopt(rem, IPPROTO_IP, IP_TOS, (char *)&one,
373 warn("setsockopt TOS (ignored)");
375 if (ss.ss_family == AF_INET)
376 warn("setsockopt getsockname failed");
383 int child, defflags, deflflags, tabflag;
384 char deferase, defkill;
386 struct ltchars defltc;
387 struct tchars notc = { -1, -1, -1, -1, -1, -1 };
388 struct ltchars noltc = { -1, -1, -1, -1, -1, -1 };
396 (void)ioctl(0, TIOCGETP, (char *)&sb);
397 defflags = sb.sg_flags;
398 tabflag = defflags & TBDELAY;
399 defflags &= ECHO | CRMOD;
400 deferase = sb.sg_erase;
401 defkill = sb.sg_kill;
402 (void)ioctl(0, TIOCLGET, &deflflags);
403 (void)ioctl(0, TIOCGETC, &deftc);
404 notc.t_startc = deftc.t_startc;
405 notc.t_stopc = deftc.t_stopc;
406 (void)ioctl(0, TIOCGLTC, &defltc);
407 (void)signal(SIGINT, SIG_IGN);
417 if (reader(omask) == 0) {
418 msg("connection closed.");
422 msg("\007connection closed.");
427 * We may still own the socket, and may have a pending SIGURG (or might
428 * receive one soon) that we really want to send to the reader. When
429 * one of these comes in, the trap copytochild simply copies such
430 * signals to the child. We can now unblock SIGURG and SIGUSR1
431 * that were set above.
433 (void)sigsetmask(omask);
434 (void)signal(SIGCHLD, catch_child);
436 msg("closed connection.");
440 /* trap a signal, unless it is being ignored. */
445 int omask = sigblock(sigmask(sig));
447 if (signal(sig, exit) == SIG_IGN)
448 (void)signal(sig, SIG_IGN);
449 (void)sigsetmask(omask);
460 /* make sure catch_child does not snap it up */
461 (void)signal(SIGCHLD, SIG_DFL);
462 if (kill(child, SIGKILL) >= 0)
463 while ((w = wait(&wstatus)) > 0 && w != child);
471 * This is called when the reader process gets the out-of-band (urgent)
472 * request to turn on the window-changing protocol.
478 if (dosigwinch == 0) {
480 (void)signal(SIGWINCH, sigwinch);
493 pid = wait3((int *)&status, WNOHANG|WUNTRACED, NULL);
496 /* if the child (reader) dies, just quit */
497 if (pid < 0 || (pid == child && !WIFSTOPPED(status)))
498 done((int)(status.w_termsig | status.w_retcode));
504 * writer: write to remote: 0 -> line.
506 * ~^Z suspend rlogin process.
507 * ~<delayed-suspend char> suspend rlogin process, but leave reader alone.
512 register int bol, local, n;
515 bol = 1; /* beginning of line */
518 n = read(STDIN_FILENO, &c, 1);
520 if (n < 0 && errno == EINTR)
525 * If we're at the beginning of the line and recognize a
526 * command character, then we echo locally. Otherwise,
527 * characters are echo'd remotely. If the command character
528 * is doubled, this acts as a force and local echo is
533 if (!noescape && c == escapechar) {
539 if (c == '.' || c == deftc.t_eofc) {
543 if (c == defltc.t_suspc || c == defltc.t_dsuspc) {
553 (void)des_enc_write(rem,
554 (char *)&escapechar, 1,
555 schedule, &cred.session);
559 (void)write(rem, &escapechar, 1);
565 if (des_enc_write(rem, &c, 1, schedule, &cred.session) == 0) {
572 if (write(rem, &c, 1) == 0) {
576 bol = c == defkill || c == deftc.t_eofc ||
577 c == deftc.t_intrc || c == defltc.t_suspc ||
578 c == '\r' || c == '\n';
584 echo(register char c)
599 } else if (c == 0177) {
606 (void)write(STDOUT_FILENO, buf, p - buf);
618 (void)signal(SIGCHLD, SIG_IGN);
619 (void)kill(cmdc == defltc.t_suspc ? 0 : getpid(), SIGTSTP);
620 (void)signal(SIGCHLD, catch_child);
622 sigwinch(0); /* check for size changes */
631 if (dosigwinch && get_window_size(0, &ws) == 0 &&
632 bcmp(&ws, &winsize, sizeof(ws))) {
639 * Send the window size to the server via the magic escape
645 char obuf[4 + sizeof (struct winsize)];
647 wp = (struct winsize *)(obuf+4);
652 wp->ws_row = htons(winsize.ws_row);
653 wp->ws_col = htons(winsize.ws_col);
654 wp->ws_xpixel = htons(winsize.ws_xpixel);
655 wp->ws_ypixel = htons(winsize.ws_ypixel);
660 (void)des_enc_write(rem, obuf, sizeof(obuf),
661 schedule, &cred.session);
665 (void)write(rem, obuf, sizeof(obuf));
669 * reader: read from remote: line -> 1
675 int ppid, rcvcnt, rcvstate;
676 char rcvbuf[8 * 1024];
683 int atmark, n, out, rcvd;
684 char waste[BUFSIZ], mark;
688 while (recv(rem, &mark, 1, MSG_OOB) < 0) {
692 * Urgent data not here yet. It may not be possible
693 * to send it yet if we are blocked for output and
694 * our input buffer is full.
696 if (rcvcnt < sizeof(rcvbuf)) {
697 n = read(rem, rcvbuf + rcvcnt,
698 sizeof(rcvbuf) - rcvcnt);
703 n = read(rem, waste, sizeof(waste));
712 if (mark & TIOCPKT_WINDOW) {
713 /* Let server know about window size changes */
714 (void)kill(ppid, SIGUSR1);
716 if (!eight && (mark & TIOCPKT_NOSTOP)) {
717 (void)ioctl(0, TIOCGETP, (char *)&sb);
718 sb.sg_flags &= ~CBREAK;
720 (void)ioctl(0, TIOCSETN, (char *)&sb);
723 (void)ioctl(0, TIOCSETC, (char *)¬c);
725 if (!eight && (mark & TIOCPKT_DOSTOP)) {
726 (void)ioctl(0, TIOCGETP, (char *)&sb);
728 sb.sg_flags |= CBREAK;
729 (void)ioctl(0, TIOCSETN, (char *)&sb);
730 notc.t_stopc = deftc.t_stopc;
731 notc.t_startc = deftc.t_startc;
732 (void)ioctl(0, TIOCSETC, (char *)¬c);
734 if (mark & TIOCPKT_FLUSHWRITE) {
735 (void)ioctl(1, TIOCFLUSH, (char *)&out);
737 if (ioctl(rem, SIOCATMARK, &atmark) < 0) {
743 n = read(rem, waste, sizeof (waste));
748 * Don't want any pending data to be output, so clear the recv
749 * buffer. If we were hanging on a write when interrupted,
750 * don't want it to restart. If we were reading, restart
757 /* oob does not do FLUSHREAD (alas!) */
760 * If we filled the receive buffer while a read was pending, longjmp
761 * to the top to restart appropriately. Don't abort a pending write,
762 * however, or we won't know how much was written.
764 if (rcvd && rcvstate == READING)
768 /* reader: read from remote: line -> 1 */
773 int pid, n, remaining;
776 #if BSD >= 43 || defined(SUNOS4)
777 pid = getpid(); /* modern systems use positives for pid */
779 pid = -getpid(); /* old broken systems use negatives */
781 (void)signal(SIGTTOU, SIG_IGN);
782 (void)signal(SIGURG, oob);
784 (void)fcntl(rem, F_SETOWN, pid);
785 (void)setjmp(rcvtop);
786 (void)sigsetmask(omask);
789 while ((remaining = rcvcnt - (bufp - rcvbuf)) > 0) {
791 n = write(STDOUT_FILENO, bufp, remaining);
806 rcvcnt = des_enc_read(rem, rcvbuf, sizeof(rcvbuf),
807 schedule, &cred.session);
811 rcvcnt = read(rem, rcvbuf, sizeof (rcvbuf));
832 (void)ioctl(0, TIOCGETP, (char *)&sb);
833 (void)ioctl(0, TIOCLGET, (char *)&lflags);
836 sb.sg_flags &= ~(CBREAK|RAW|TBDELAY);
837 sb.sg_flags |= defflags|tabflag;
840 sb.sg_kill = defkill;
841 sb.sg_erase = deferase;
845 sb.sg_flags |= (eight ? RAW : CBREAK);
846 sb.sg_flags &= ~defflags;
847 /* preserve tab delays, but turn off XTABS */
848 if ((sb.sg_flags & TBDELAY) == XTABS)
849 sb.sg_flags &= ~TBDELAY;
852 sb.sg_kill = sb.sg_erase = -1;
859 (void)ioctl(0, TIOCSLTC, (char *)ltc);
860 (void)ioctl(0, TIOCSETC, (char *)tc);
861 (void)ioctl(0, TIOCSETN, (char *)&sb);
862 (void)ioctl(0, TIOCLSET, (char *)&lflags);
869 (void)signal(SIGPIPE, SIG_IGN);
870 msg("\007connection closed.");
874 /* copy SIGURGs to the child process. */
879 (void)kill(child, SIGURG);
886 (void)fprintf(stderr, "rlogin: %s\r\n", str);
892 (void)fprintf(stderr,
893 "usage: rlogin [-46%s]%s[-e char] [-i localname] [-l username] host\n",
896 "8DEKLdx", " [-k realm] ");
898 "8DEKLd", " [-k realm] ");
907 * The following routine provides compatibility (such as it is) between older
908 * Suns and others. Suns have only a `ttysize', so we convert it to a winsize.
912 get_window_size(fd, wp)
919 if ((error = ioctl(0, TIOCGSIZE, &ts)) != 0)
921 wp->ws_row = ts.ts_lines;
922 wp->ws_col = ts.ts_cols;
936 if ((len = strlen(p)) == 1) /* use any single char, including '\' */
938 /* otherwise, \nnn */
939 if (*p == '\\' && len >= 2 && len <= 4) {
940 val = strtol(++p, NULL, 8);
944 if (*p < '0' || *p > '8')
948 msg("illegal option value -- e");