Initial import from FreeBSD RELENG_4:

[dragonfly.git] / crypto / kerberosIV / appl / bsd / rcmd_util.c

/*
 * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
 * (Royal Institute of Technology, Stockholm, Sweden).
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 
 * 3. Neither the name of the Institute nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 * 
 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include "bsd_locl.h"

RCSID("$Id: rcmd_util.c,v 1.19.2.1 2000/06/23 02:34:48 assar Exp $");

int
get_login_port(int kerberos, int encryption)
{
  char *service="login";
  int port=htons(513);

  if(kerberos && encryption){
    service="eklogin";
    port=htons(2105);
  }
  
  if(kerberos && !encryption){
    service="klogin";
    port=htons(543);
  }
  return k_getportbyname (service, "tcp", port);
}

int
get_shell_port(int kerberos, int encryption)
{
  char *service="shell";
  int port=htons(514);

  if(kerberos && encryption){
    service="ekshell";
    port=htons(545);
  }
  
  if(kerberos && !encryption){
    service="kshell";
    port=htons(544);
  }

  return k_getportbyname (service, "tcp", port);
}

/* 
 * On reasonable systems, `cf[gs]et[io]speed' use values of bit/s
 * directly, and the following functions are just identity functions.
 * This is however a slower way of doing those
 * should-be-but-are-not-always idenity functions.  
 */

static struct { int speed; int bps; } conv[] = {
#ifdef B0
    {B0, 0},
#endif
#ifdef B50
    {B50, 50},
#endif
#ifdef B75
    {B75, 75},
#endif
#ifdef B110
    {B110, 110},
#endif
#ifdef B134
    {B134, 134},
#endif
#ifdef B150
    {B150, 150},
#endif
#ifdef B200
    {B200, 200},
#endif
#ifdef B300
    {B300, 300},
#endif
#ifdef B600
    {B600, 600},
#endif
#ifdef B1200
    {B1200, 1200},
#endif
#ifdef B1800
    {B1800, 1800},
#endif
#ifdef B2400
    {B2400, 2400},
#endif
#ifdef B4800
    {B4800, 4800},
#endif
#ifdef B9600
    {B9600, 9600},
#endif
#ifdef B19200
    {B19200, 19200},
#endif
#ifdef EXTA
    {EXTA, 19200},
#endif
#ifdef B38400
    {B38400, 38400},
#endif
#ifdef EXTB
    {EXTB, 38400},
#endif
#ifdef B57600
    {B57600, 57600},
#endif
#ifdef B115200
    {B115200, 115200},
#endif
#ifdef B153600
    {B153600, 153600},
#endif
#ifdef B230400
    {B230400, 230400},
#endif
#ifdef B307200
    {B307200, 307200},
#endif
#ifdef B460800
    {B460800, 460800},
#endif
};

#define N (sizeof(conv)/sizeof(*conv))

int
speed_t2int (speed_t s)
{
  int l, r, m;

  l = 0;
  r = N - 1;
  while(l <= r) {
    m = (l + r) / 2;
    if (conv[m].speed == s)
      return conv[m].bps;
    else if(conv[m].speed < s)
      l = m + 1;
    else
      r = m - 1; 
  }
  return -1;
}

/*
 *
 */

speed_t
int2speed_t (int i)
{
  int l, r, m;

  l = 0;
  r = N - 1;
  while(l <= r) {
    m = (l + r) / 2;
    if (conv[m].bps == i)
      return conv[m].speed;
    else if(conv[m].bps < i)
      l = m + 1;
    else
      r = m - 1;
  }
  return -1;
}

/*
 * If there are any IP options on `sock', die.
 */

void
ip_options_and_die (int sock, struct sockaddr_in *fromp)
{
#if defined(IP_OPTIONS) && defined(HAVE_GETSOCKOPT)
  u_char optbuf[BUFSIZ/3], *cp;
  char lbuf[BUFSIZ], *lp;
  int optsize = sizeof(optbuf), ipproto;
  struct protoent *ip;

  if ((ip = getprotobyname("ip")) != NULL)
    ipproto = ip->p_proto;
  else
    ipproto = IPPROTO_IP;
  if (getsockopt(sock, ipproto, IP_OPTIONS,
                 (void *)optbuf, &optsize) == 0 &&
      optsize != 0) {
    lp = lbuf;
    for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3)
      snprintf(lp, sizeof(lbuf) - (lp - lbuf), " %2.2x", *cp);
    syslog(LOG_NOTICE,
           "Connection received from %s using IP options (dead):%s",
           inet_ntoa(fromp->sin_addr), lbuf);
    exit(1);
  }
#endif
}

void
warning(const char *fmt, ...)
{
    char *rstar_no_warn = getenv("RSTAR_NO_WARN");
    va_list args;

    va_start(args, fmt);
    if (rstar_no_warn == NULL)
        rstar_no_warn = "";
    if (strncmp(rstar_no_warn, "yes", 3) != 0) {
        /* XXX */
        fprintf(stderr, "%s: warning, using standard ", __progname);
        vwarnx(fmt, args);
    }
    va_end(args);
}

/*
 * setuid but work-around Linux 2.2.15 bug with setuid and capabilities
 */

void
paranoid_setuid (uid_t uid)
{
    if (setuid (uid) < 0)
        err (1, "setuid");
    if (uid != 0 && setuid (0) == 0) {
        syslog(LOG_ALERT | LOG_AUTH,
               "Failed to drop privileges for uid %u", (unsigned)uid);
        err (1, "setuid");
    }
}