Commit | Line | Data |
---|---|---|
984263bc MD |
1 | /* |
2 | * Routines to parse an inetd.conf or tlid.conf file. This would be a great | |
3 | * job for a PERL script. | |
4 | * | |
5 | * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. | |
6 | */ | |
7 | ||
984263bc MD |
8 | #include <sys/types.h> |
9 | #include <sys/stat.h> | |
10 | #include <stdio.h> | |
11 | #include <errno.h> | |
12 | #include <string.h> | |
4badba38 | 13 | #include <stdlib.h> |
984263bc | 14 | |
984263bc MD |
15 | extern void exit(); |
16 | ||
17 | #include "tcpd.h" | |
18 | #include "inetcf.h" | |
4badba38 | 19 | #include "scaffold.h" |
984263bc MD |
20 | |
21 | /* | |
22 | * Network configuration files may live in unusual places. Here are some | |
23 | * guesses. Shorter names follow longer ones. | |
24 | */ | |
25 | char *inet_files[] = { | |
26 | "/private/etc/inetd.conf", /* NEXT */ | |
27 | "/etc/inet/inetd.conf", /* SYSV4 */ | |
28 | "/usr/etc/inetd.conf", /* IRIX?? */ | |
29 | "/etc/inetd.conf", /* BSD */ | |
30 | "/etc/net/tlid.conf", /* SYSV4?? */ | |
31 | "/etc/saf/tlid.conf", /* SYSV4?? */ | |
32 | "/etc/tlid.conf", /* SYSV4?? */ | |
33 | 0, | |
34 | }; | |
35 | ||
36 | static void inet_chk(); | |
37 | static char *base_name(); | |
38 | ||
39 | /* | |
40 | * Structure with everything we know about a service. | |
41 | */ | |
42 | struct inet_ent { | |
43 | struct inet_ent *next; | |
44 | int type; | |
45 | char name[1]; | |
46 | }; | |
47 | ||
48 | static struct inet_ent *inet_list = 0; | |
49 | ||
50 | static char whitespace[] = " \t\r\n"; | |
51 | ||
52 | /* inet_conf - read in and examine inetd.conf (or tlid.conf) entries */ | |
53 | ||
54 | char *inet_cfg(conf) | |
55 | char *conf; | |
56 | { | |
57 | char buf[BUFSIZ]; | |
58 | FILE *fp; | |
59 | char *service; | |
60 | char *protocol; | |
61 | char *user; | |
62 | char *path; | |
63 | char *arg0; | |
64 | char *arg1; | |
65 | struct tcpd_context saved_context; | |
66 | char *percent_m(); | |
67 | int i; | |
68 | struct stat st; | |
69 | ||
70 | saved_context = tcpd_context; | |
71 | ||
72 | /* | |
73 | * The inetd.conf (or tlid.conf) information is so useful that we insist | |
74 | * on its availability. When no file is given run a series of educated | |
75 | * guesses. | |
76 | */ | |
77 | if (conf != 0) { | |
78 | if ((fp = fopen(conf, "r")) == 0) { | |
79 | fprintf(stderr, percent_m(buf, "open %s: %m\n"), conf); | |
80 | exit(1); | |
81 | } | |
82 | } else { | |
83 | for (i = 0; inet_files[i] && (fp = fopen(inet_files[i], "r")) == 0; i++) | |
84 | /* void */ ; | |
85 | if (fp == 0) { | |
86 | fprintf(stderr, "Cannot find your inetd.conf or tlid.conf file.\n"); | |
87 | fprintf(stderr, "Please specify its location.\n"); | |
88 | exit(1); | |
89 | } | |
90 | conf = inet_files[i]; | |
91 | check_path(conf, &st); | |
92 | } | |
93 | ||
94 | /* | |
95 | * Process the file. After the 7.0 wrapper release it became clear that | |
96 | * there are many more inetd.conf formats than the 8 systems that I had | |
97 | * studied. EP/IX uses a two-line specification for rpc services; HP-UX | |
98 | * permits long lines to be broken with backslash-newline. | |
99 | */ | |
100 | tcpd_context.file = conf; | |
101 | tcpd_context.line = 0; | |
102 | while (xgets(buf, sizeof(buf), fp)) { | |
103 | service = strtok(buf, whitespace); /* service */ | |
104 | if (service == 0 || *service == '#') | |
105 | continue; | |
106 | if (STR_NE(service, "stream") && STR_NE(service, "dgram")) | |
107 | strtok((char *) 0, whitespace); /* endpoint */ | |
108 | protocol = strtok((char *) 0, whitespace); | |
109 | (void) strtok((char *) 0, whitespace); /* wait */ | |
110 | if ((user = strtok((char *) 0, whitespace)) == 0) | |
111 | continue; | |
112 | if (user[0] == '/') { /* user */ | |
113 | path = user; | |
114 | } else { /* path */ | |
115 | if ((path = strtok((char *) 0, whitespace)) == 0) | |
116 | continue; | |
117 | } | |
118 | if (path[0] == '?') /* IRIX optional service */ | |
119 | path++; | |
120 | if (STR_EQ(path, "internal")) | |
121 | continue; | |
122 | if (path[strspn(path, "-0123456789")] == 0) { | |
123 | ||
124 | /* | |
125 | * ConvexOS puts RPC version numbers before path names. Jukka | |
126 | * Ukkonen <ukkonen@csc.fi>. | |
127 | */ | |
128 | if ((path = strtok((char *) 0, whitespace)) == 0) | |
129 | continue; | |
130 | } | |
131 | if ((arg0 = strtok((char *) 0, whitespace)) == 0) { | |
132 | tcpd_warn("incomplete line"); | |
133 | continue; | |
134 | } | |
135 | if (arg0[strspn(arg0, "0123456789")] == 0) { | |
136 | ||
137 | /* | |
138 | * We're reading a tlid.conf file, the format is: | |
139 | * | |
140 | * ...stuff... path arg_count arguments mod_count modules | |
141 | */ | |
142 | if ((arg0 = strtok((char *) 0, whitespace)) == 0) { | |
143 | tcpd_warn("incomplete line"); | |
144 | continue; | |
145 | } | |
146 | } | |
147 | if ((arg1 = strtok((char *) 0, whitespace)) == 0) | |
148 | arg1 = ""; | |
149 | ||
150 | inet_chk(protocol, path, arg0, arg1); | |
151 | } | |
152 | fclose(fp); | |
153 | tcpd_context = saved_context; | |
154 | return (conf); | |
155 | } | |
156 | ||
157 | /* inet_chk - examine one inetd.conf (tlid.conf?) entry */ | |
158 | ||
159 | static void inet_chk(protocol, path, arg0, arg1) | |
160 | char *protocol; | |
161 | char *path; | |
162 | char *arg0; | |
163 | char *arg1; | |
164 | { | |
165 | char daemon[BUFSIZ]; | |
166 | struct stat st; | |
167 | int wrap_status = WR_MAYBE; | |
168 | char *base_name_path = base_name(path); | |
169 | char *tcpd_proc_name = (arg0[0] == '/' ? base_name(arg0) : arg0); | |
170 | ||
171 | /* | |
172 | * Always warn when the executable does not exist or when it is not | |
173 | * executable. | |
174 | */ | |
175 | if (check_path(path, &st) < 0) { | |
176 | tcpd_warn("%s: not found: %m", path); | |
177 | } else if ((st.st_mode & 0100) == 0) { | |
178 | tcpd_warn("%s: not executable", path); | |
179 | } | |
180 | ||
181 | /* | |
182 | * Cheat on the miscd tests, nobody uses it anymore. | |
183 | */ | |
184 | if (STR_EQ(base_name_path, "miscd")) { | |
185 | inet_set(arg0, WR_YES); | |
186 | return; | |
187 | } | |
188 | ||
189 | /* | |
190 | * While we are here... | |
191 | */ | |
192 | if (STR_EQ(tcpd_proc_name, "rexd") || STR_EQ(tcpd_proc_name, "rpc.rexd")) | |
193 | tcpd_warn("%s may be an insecure service", tcpd_proc_name); | |
194 | ||
195 | /* | |
196 | * The tcpd program gets most of the attention. | |
197 | */ | |
198 | if (STR_EQ(base_name_path, "tcpd")) { | |
199 | ||
200 | if (STR_EQ(tcpd_proc_name, "tcpd")) | |
201 | tcpd_warn("%s is recursively calling itself", tcpd_proc_name); | |
202 | ||
203 | wrap_status = WR_YES; | |
204 | ||
205 | /* | |
206 | * Check: some sites install the wrapper set-uid. | |
207 | */ | |
208 | if ((st.st_mode & 06000) != 0) | |
209 | tcpd_warn("%s: file is set-uid or set-gid", path); | |
210 | ||
211 | /* | |
212 | * Check: some sites insert tcpd in inetd.conf, instead of replacing | |
213 | * the daemon pathname. | |
214 | */ | |
215 | if (arg0[0] == '/' && STR_EQ(tcpd_proc_name, base_name(arg1))) | |
216 | tcpd_warn("%s inserted before %s", path, arg0); | |
217 | ||
218 | /* | |
219 | * Check: make sure files exist and are executable. On some systems | |
220 | * the network daemons are set-uid so we cannot complain. Note that | |
221 | * tcpd takes the basename only in case of absolute pathnames. | |
222 | */ | |
223 | if (arg0[0] == '/') { /* absolute path */ | |
224 | if (check_path(arg0, &st) < 0) { | |
225 | tcpd_warn("%s: not found: %m", arg0); | |
226 | } else if ((st.st_mode & 0100) == 0) { | |
227 | tcpd_warn("%s: not executable", arg0); | |
228 | } | |
229 | } else { /* look in REAL_DAEMON_DIR */ | |
230 | sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0); | |
231 | if (check_path(daemon, &st) < 0) { | |
232 | tcpd_warn("%s: not found in %s: %m", | |
233 | arg0, REAL_DAEMON_DIR); | |
234 | } else if ((st.st_mode & 0100) == 0) { | |
235 | tcpd_warn("%s: not executable", daemon); | |
236 | } | |
237 | } | |
238 | ||
239 | } else { | |
240 | ||
241 | /* | |
242 | * No tcpd program found. Perhaps they used the "simple installation" | |
243 | * recipe. Look for a file with the same basename in REAL_DAEMON_DIR. | |
244 | * Draw some conservative conclusions when a distinct file is found. | |
245 | */ | |
246 | sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0); | |
247 | if (STR_EQ(path, daemon)) { | |
248 | #ifdef __FreeBSD__ | |
249 | wrap_status = WR_MAYBE; | |
250 | #else | |
251 | wrap_status = WR_NOT; | |
252 | #endif | |
253 | } else if (check_path(daemon, &st) >= 0) { | |
254 | wrap_status = WR_MAYBE; | |
255 | } else if (errno == ENOENT) { | |
256 | wrap_status = WR_NOT; | |
257 | } else { | |
258 | tcpd_warn("%s: file lookup: %m", daemon); | |
259 | wrap_status = WR_MAYBE; | |
260 | } | |
261 | } | |
262 | ||
263 | /* | |
264 | * Alas, we cannot wrap rpc/tcp services. | |
265 | */ | |
266 | if (wrap_status == WR_YES && STR_EQ(protocol, "rpc/tcp")) | |
267 | tcpd_warn("%s: cannot wrap rpc/tcp services", tcpd_proc_name); | |
268 | ||
269 | inet_set(tcpd_proc_name, wrap_status); | |
270 | } | |
271 | ||
272 | /* inet_set - remember service status */ | |
273 | ||
274 | void inet_set(name, type) | |
275 | char *name; | |
276 | int type; | |
277 | { | |
278 | struct inet_ent *ip = | |
279 | (struct inet_ent *) malloc(sizeof(struct inet_ent) + strlen(name)); | |
280 | ||
281 | if (ip == 0) { | |
282 | fprintf(stderr, "out of memory\n"); | |
283 | exit(1); | |
284 | } | |
285 | ip->next = inet_list; | |
286 | strcpy(ip->name, name); | |
287 | ip->type = type; | |
288 | inet_list = ip; | |
289 | } | |
290 | ||
291 | /* inet_get - look up service status */ | |
292 | ||
293 | int inet_get(name) | |
294 | char *name; | |
295 | { | |
296 | struct inet_ent *ip; | |
297 | ||
298 | if (inet_list == 0) | |
299 | return (WR_MAYBE); | |
300 | ||
301 | for (ip = inet_list; ip; ip = ip->next) | |
302 | if (STR_EQ(ip->name, name)) | |
303 | return (ip->type); | |
304 | ||
305 | return (-1); | |
306 | } | |
307 | ||
308 | /* base_name - compute last pathname component */ | |
309 | ||
310 | static char *base_name(path) | |
311 | char *path; | |
312 | { | |
313 | char *cp; | |
314 | ||
315 | if ((cp = strrchr(path, '/')) != 0) | |
316 | path = cp + 1; | |
317 | return (path); | |
318 | } |