2 * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 RCSID("$Id: rsh.c,v 1.71 2003/04/16 20:37:20 joda Exp $");
37 enum auth_method auth_method;
38 #if defined(KRB4) || defined(KRB5)
42 int do_unique_tkfile = 0;
43 char *unique_tkfile = NULL;
44 char tkfile[MAXPATHLEN];
46 int do_forwardable = -1;
48 krb5_keyblock *keyblock;
52 des_key_schedule schedule;
58 static int use_v4 = -1;
61 static int use_v5 = -1;
63 static int use_only_broken = 0;
64 static int use_broken = 1;
65 static char *port_str;
66 static const char *user;
67 static int do_version;
69 static int do_errsock = 1;
70 static char *protocol_version_str;
71 static int protocol_version = 2;
77 static int input = 1; /* Read from stdin */
80 loop (int s, int errsock)
86 if(auth_method == AUTH_KRB5 && protocol_version == 2)
90 if (s >= FD_SETSIZE || (errsock != -1 && errsock >= FD_SETSIZE))
91 errx (1, "fd too large");
93 FD_ZERO(&real_readset);
94 FD_SET(s, &real_readset);
96 FD_SET(errsock, &real_readset);
100 FD_SET(STDIN_FILENO, &real_readset);
105 char buf[RSH_BUFSIZ];
107 readset = real_readset;
108 ret = select (max(s, errsock) + 1, &readset, NULL, NULL, NULL);
115 if (FD_ISSET(s, &readset)) {
116 ret = do_read (s, buf, sizeof(buf), ivec_in[0]);
121 FD_CLR(s, &real_readset);
125 net_write (STDOUT_FILENO, buf, ret);
127 if (errsock != -1 && FD_ISSET(errsock, &readset)) {
128 ret = do_read (errsock, buf, sizeof(buf), ivec_in[1]);
133 FD_CLR(errsock, &real_readset);
137 net_write (STDERR_FILENO, buf, ret);
139 if (FD_ISSET(STDIN_FILENO, &readset)) {
140 ret = read (STDIN_FILENO, buf, sizeof(buf));
144 close (STDIN_FILENO);
145 FD_CLR(STDIN_FILENO, &real_readset);
146 shutdown (s, SHUT_WR);
148 do_write (s, buf, ret, ivec_out[0]);
155 send_krb4_auth(int s,
156 struct sockaddr *thisaddr,
157 struct sockaddr *thataddr,
158 const char *hostname,
159 const char *remote_user,
160 const char *local_user,
170 /* the normal default for krb4 should be to disable encryption */
171 status = krb_sendauth ((do_encrypt == 1) ? KOPT_DO_MUTUAL : 0,
173 (char *)hostname, krb_realmofhost (hostname),
174 getpid(), &msg, &cred, schedule,
175 (struct sockaddr_in *)thisaddr,
176 (struct sockaddr_in *)thataddr,
178 if (status != KSUCCESS) {
179 warnx("%s: %s", hostname, krb_get_err_text(status));
182 memcpy (iv, cred.session, sizeof(iv));
184 len = strlen(remote_user) + 1;
185 if (net_write (s, remote_user, len) != len) {
189 if (net_write (s, cmd, cmd_len) != cmd_len) {
199 * Send forward information on `s' for host `hostname', them being
200 * forwardable themselves if `forwardable'
204 krb5_forward_cred (krb5_auth_context auth_context,
206 const char *hostname,
212 krb5_kdc_flags flags;
214 krb5_principal principal;
216 memset (&creds, 0, sizeof(creds));
218 ret = krb5_cc_default (context, &ccache);
220 warnx ("could not forward creds: krb5_cc_default: %s",
221 krb5_get_err_text (context, ret));
225 ret = krb5_cc_get_principal (context, ccache, &principal);
227 warnx ("could not forward creds: krb5_cc_get_principal: %s",
228 krb5_get_err_text (context, ret));
232 creds.client = principal;
234 ret = krb5_build_principal (context,
236 strlen(principal->realm),
243 warnx ("could not forward creds: krb5_build_principal: %s",
244 krb5_get_err_text (context, ret));
248 creds.times.endtime = 0;
251 flags.b.forwarded = 1;
252 flags.b.forwardable = forwardable;
254 ret = krb5_get_forwarded_creds (context,
262 warnx ("could not forward creds: krb5_get_forwarded_creds: %s",
263 krb5_get_err_text (context, ret));
267 ret = krb5_write_message (context,
270 krb5_data_free (&out_data);
273 warnx ("could not forward creds: krb5_write_message: %s",
274 krb5_get_err_text (context, ret));
278 static int sendauth_version_error;
281 send_krb5_auth(int s,
282 struct sockaddr *thisaddr,
283 struct sockaddr *thataddr,
284 const char *hostname,
285 const char *remote_user,
286 const char *local_user,
290 krb5_principal server;
291 krb5_data cksum_data;
294 krb5_auth_context auth_context = NULL;
295 const char *protocol_string = NULL;
298 status = krb5_sname_to_principal(context,
304 warnx ("%s: %s", hostname, krb5_get_err_text(context, status));
308 if(do_encrypt == -1) {
309 krb5_appdefault_boolean(context, NULL,
310 krb5_principal_get_realm(context, server),
316 cksum_data.length = asprintf ((char **)&cksum_data.data,
318 ntohs(socket_get_port(thataddr)),
319 do_encrypt ? "-x " : "",
326 ap_opts |= AP_OPTS_MUTUAL_REQUIRED;
328 switch(protocol_version) {
330 ap_opts |= AP_OPTS_USE_SUBKEY;
331 protocol_string = KCMD_NEW_VERSION;
334 protocol_string = KCMD_OLD_VERSION;
335 key_usage = KRB5_KU_OTHER_ENCRYPTED;
341 status = krb5_sendauth (context,
355 /* do this while we have a principal */
356 if(do_forward == -1 || do_forwardable == -1) {
357 krb5_const_realm realm = krb5_principal_get_realm(context, server);
358 if (do_forwardable == -1)
359 krb5_appdefault_boolean(context, NULL, realm,
360 "forwardable", FALSE,
362 if (do_forward == -1)
363 krb5_appdefault_boolean(context, NULL, realm,
368 krb5_free_principal(context, server);
369 krb5_data_free(&cksum_data);
372 if(status == KRB5_SENDAUTH_REJECTED &&
373 protocol_version == 2 && protocol_version_str == NULL)
374 sendauth_version_error = 1;
376 krb5_warn(context, status, "%s", hostname);
380 status = krb5_auth_con_getlocalsubkey (context, auth_context, &keyblock);
382 status = krb5_auth_con_getkey (context, auth_context, &keyblock);
384 warnx ("krb5_auth_con_getkey: %s", krb5_get_err_text(context, status));
388 status = krb5_auth_con_setaddrs_from_fd (context,
392 warnx("krb5_auth_con_setaddrs_from_fd: %s",
393 krb5_get_err_text(context, status));
397 status = krb5_crypto_init(context, keyblock, 0, &crypto);
399 warnx ("krb5_crypto_init: %s", krb5_get_err_text(context, status));
403 len = strlen(remote_user) + 1;
404 if (net_write (s, remote_user, len) != len) {
408 if (do_encrypt && net_write (s, "-x ", 3) != 3) {
412 if (net_write (s, cmd, cmd_len) != cmd_len) {
417 if (do_unique_tkfile) {
418 if (net_write (s, tkfile, strlen(tkfile)) != strlen(tkfile)) {
423 len = strlen(local_user) + 1;
424 if (net_write (s, local_user, len) != len) {
430 || krb5_forward_cred (auth_context, s, hostname, do_forwardable)) {
431 /* Empty forwarding info */
433 u_char zero[4] = {0, 0, 0, 0};
436 krb5_auth_con_free (context, auth_context);
443 send_broken_auth(int s,
444 struct sockaddr *thisaddr,
445 struct sockaddr *thataddr,
446 const char *hostname,
447 const char *remote_user,
448 const char *local_user,
454 len = strlen(local_user) + 1;
455 if (net_write (s, local_user, len) != len) {
459 len = strlen(remote_user) + 1;
460 if (net_write (s, remote_user, len) != len) {
464 if (net_write (s, cmd, cmd_len) != cmd_len) {
472 proto (int s, int errsock,
473 const char *hostname, const char *local_user, const char *remote_user,
474 const char *cmd, size_t cmd_len,
475 int (*auth_func)(int s,
476 struct sockaddr *this, struct sockaddr *that,
477 const char *hostname, const char *remote_user,
478 const char *local_user, size_t cmd_len,
486 struct sockaddr_storage thisaddr_ss;
487 struct sockaddr *thisaddr = (struct sockaddr *)&thisaddr_ss;
488 struct sockaddr_storage thataddr_ss;
489 struct sockaddr *thataddr = (struct sockaddr *)&thataddr_ss;
490 struct sockaddr_storage erraddr_ss;
491 struct sockaddr *erraddr = (struct sockaddr *)&erraddr_ss;
495 addrlen = sizeof(thisaddr_ss);
496 if (getsockname (s, thisaddr, &addrlen) < 0) {
497 warn ("getsockname(%s)", hostname);
500 addrlen = sizeof(thataddr_ss);
501 if (getpeername (s, thataddr, &addrlen) < 0) {
502 warn ("getpeername(%s)", hostname);
508 addrlen = sizeof(erraddr_ss);
509 if (getsockname (errsock, erraddr, &addrlen) < 0) {
510 warn ("getsockname");
514 if (listen (errsock, 1) < 0) {
520 snprintf (p, sizeof(buf), "%u",
521 ntohs(socket_get_port(erraddr)));
522 len = strlen(buf) + 1;
523 if(net_write (s, buf, len) != len) {
533 if (errsock >= FD_SETSIZE || s >= FD_SETSIZE)
534 errx (1, "fd too large");
537 FD_SET(errsock, &fdset);
540 ret = select (max(errsock, s) + 1, &fdset, NULL, NULL, NULL);
548 if (FD_ISSET(errsock, &fdset)) {
549 errsock2 = accept (errsock, NULL, NULL);
559 * there should not arrive any data on this fd so if it's
560 * readable it probably indicates that the other side when
564 if (FD_ISSET(s, &fdset)) {
565 warnx ("socket closed");
572 if (net_write (s, "0", 2) != 2) {
579 if ((*auth_func)(s, thisaddr, thataddr, hostname,
580 remote_user, local_user,
586 ret = net_read (s, &reply, 1);
591 } else if (ret == 0) {
592 warnx ("unexpected EOF from %s", hostname);
598 warnx ("Error from rshd at %s:", hostname);
600 while ((ret = read (s, buf, sizeof(buf))) > 0)
601 write (STDOUT_FILENO, buf, ret);
602 write (STDOUT_FILENO,"\n",1);
609 if (setsockopt(s, SOL_SOCKET, SO_DEBUG, (void *)&one, sizeof(one)) < 0)
610 warn("setsockopt remote");
611 if (errsock2 != -1 &&
612 setsockopt(errsock2, SOL_SOCKET, SO_DEBUG,
613 (void *)&one, sizeof(one)) < 0)
614 warn("setsockopt stderr");
617 return loop (s, errsock2);
621 * Return in `res' a copy of the concatenation of `argc, argv' into
625 construct_command (char **res, int argc, char **argv)
631 for (i = 0; i < argc; ++i)
632 len += strlen(argv[i]) + 1;
636 errx (1, "malloc %u failed", len);
639 for (i = 0; i < argc - 1; ++i) {
640 strcat (tmp, argv[i]);
644 strcat (tmp, argv[argc-1]);
650 print_addr (const struct sockaddr *sa)
654 const char *as = NULL;
656 if(sa->sa_family == AF_INET)
657 as = inet_ntop (sa->sa_family, &((struct sockaddr_in*)sa)->sin_addr,
658 addr_str, sizeof(addr_str));
660 else if(sa->sa_family == AF_INET6)
661 as = inet_ntop (sa->sa_family, &((struct sockaddr_in6*)sa)->sin6_addr,
662 addr_str, sizeof(addr_str));
668 errx (1, "malloc: out of memory");
673 doit_broken (int argc,
677 const char *remote_user,
678 const char *local_user,
686 if (connect (priv_socket1, ai->ai_addr, ai->ai_addrlen) < 0) {
687 int save_errno = errno;
692 for (a = ai->ai_next; a != NULL; a = a->ai_next) {
694 char *adr = print_addr(a->ai_addr);
705 new_argv = malloc((argc + 2) * sizeof(*new_argv));
706 if (new_argv == NULL)
707 errx (1, "malloc: out of memory");
708 new_argv[i] = argv[i];
712 new_argv[i++] = "-K";
713 for(; i <= argc; ++i)
714 new_argv[i] = argv[i - 1];
716 new_argv[hostindex + 1] = adr;
717 new_argv[argc + 1] = NULL;
718 execv(PATH_RSH, new_argv);
719 err(1, "execv(%s)", PATH_RSH);
724 while(waitpid(pid, &status, 0) < 0)
726 if(WIFEXITED(status) && WEXITSTATUS(status) == 0)
731 warn("%s", argv[hostindex]);
736 ret = proto (priv_socket1, priv_socket2,
738 local_user, remote_user,
745 #if defined(KRB4) || defined(KRB5)
747 doit (const char *hostname,
749 const char *remote_user,
750 const char *local_user,
754 int (*auth_func)(int s,
755 struct sockaddr *this, struct sockaddr *that,
756 const char *hostname, const char *remote_user,
757 const char *local_user, size_t cmd_len,
762 int socketfailed = 1;
765 for (a = ai; a != NULL; a = a->ai_next) {
769 s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
773 if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {
775 if(getnameinfo(a->ai_addr, a->ai_addrlen,
776 addr, sizeof(addr), NULL, 0, NI_NUMERICHOST) == 0)
777 warn ("connect(%s [%s])", hostname, addr);
779 warn ("connect(%s)", hostname);
784 struct addrinfo *ea, *eai;
785 struct addrinfo hints;
787 memset (&hints, 0, sizeof(hints));
788 hints.ai_socktype = a->ai_socktype;
789 hints.ai_protocol = a->ai_protocol;
790 hints.ai_family = a->ai_family;
791 hints.ai_flags = AI_PASSIVE;
795 error = getaddrinfo (NULL, "0", &hints, &eai);
797 errx (1, "getaddrinfo: %s", gai_strerror(error));
798 for (ea = eai; ea != NULL; ea = ea->ai_next) {
799 errsock = socket (ea->ai_family, ea->ai_socktype,
803 if (bind (errsock, ea->ai_addr, ea->ai_addrlen) < 0)
813 ret = proto (s, errsock,
815 local_user, remote_user,
816 cmd, cmd_len, auth_func);
821 warnx ("failed to contact %s", hostname);
824 #endif /* KRB4 || KRB5 */
826 struct getargs args[] = {
828 { "krb4", '4', arg_flag, &use_v4, "Use Kerberos V4" },
831 { "krb5", '5', arg_flag, &use_v5, "Use Kerberos V5" },
832 { "forward", 'f', arg_flag, &do_forward, "Forward credentials (krb5)"},
833 { NULL, 'G', arg_negative_flag,&do_forward, "Don't forward credentials" },
834 { "forwardable", 'F', arg_flag, &do_forwardable,
835 "Forward forwardable credentials" },
837 #if defined(KRB4) || defined(KRB5)
838 { "broken", 'K', arg_flag, &use_only_broken, "Use only priv port" },
839 { "encrypt", 'x', arg_flag, &do_encrypt, "Encrypt connection" },
840 { NULL, 'z', arg_negative_flag, &do_encrypt,
841 "Don't encrypt connection", NULL },
844 { "unique", 'u', arg_flag, &do_unique_tkfile,
845 "Use unique remote tkfile (krb5)" },
846 { "tkfile", 'U', arg_string, &unique_tkfile,
847 "Use that remote tkfile (krb5)" },
849 { NULL, 'd', arg_flag, &sock_debug, "Enable socket debugging" },
850 { "input", 'n', arg_negative_flag, &input, "Close stdin" },
851 { "port", 'p', arg_string, &port_str, "Use this port",
853 { "user", 'l', arg_string, &user, "Run as this user", "login" },
854 { "stderr", 'e', arg_negative_flag, &do_errsock, "Don't open stderr"},
855 { "protocol", 'P', arg_string, &protocol_version_str,
856 "Protocol version", "protocol" },
857 { "version", 0, arg_flag, &do_version, NULL },
858 { "help", 0, arg_flag, &do_help, NULL }
864 arg_printusage (args,
865 sizeof(args) / sizeof(args[0]),
867 "[login@]host [command]");
876 main(int argc, char **argv)
878 int priv_port1, priv_port2;
879 int priv_socket1, priv_socket2;
882 struct addrinfo hints, *ai;
887 const char *local_user;
895 priv_port1 = priv_port2 = IPPORT_RESERVED-1;
896 priv_socket1 = rresvport(&priv_port1);
897 priv_socket2 = rresvport(&priv_port2);
899 if (setuid (uid) || (uid != 0 && setuid(0) == 0))
902 setprogname (argv[0]);
904 if (argc >= 2 && argv[1][0] != '-') {
905 host = argv[host_index = 1];
909 if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv,
917 print_version (NULL);
921 if(protocol_version_str != NULL) {
922 if(strcasecmp(protocol_version_str, "N") == 0)
923 protocol_version = 2;
924 else if(strcasecmp(protocol_version_str, "O") == 0)
925 protocol_version = 1;
929 v = strtol(protocol_version_str, &end, 0);
930 if(*end != '\0' || (v != 1 && v != 2)) {
931 errx(1, "unknown protocol version \"%s\"",
932 protocol_version_str);
934 protocol_version = v;
939 status = krb5_init_context (&context);
942 errx(1, "krb5_init_context failed: %d", status);
947 /* request for forwardable on the command line means we should
949 if (do_forwardable == 1)
954 #if defined(KRB4) && defined(KRB5)
955 if(use_v4 == -1 && use_v5 == 1)
957 if(use_v5 == -1 && use_v4 == 1)
961 if (use_only_broken) {
970 if(priv_socket1 < 0) {
972 errx (1, "unable to bind reserved port: is rsh setuid root?");
976 #if defined(KRB4) || defined(KRB5)
977 if (do_encrypt == 1 && use_only_broken)
978 errx (1, "encryption not supported with old style authentication");
984 if (do_unique_tkfile && unique_tkfile != NULL)
985 errx (1, "Only one of -u and -U allowed.");
987 if (do_unique_tkfile)
988 strcpy(tkfile,"-u ");
989 else if (unique_tkfile != NULL) {
990 if (strchr(unique_tkfile,' ') != NULL) {
991 warnx("Space is not allowed in tkfilename");
994 do_unique_tkfile = 1;
995 snprintf (tkfile, sizeof(tkfile), "-U %s ", unique_tkfile);
1000 if (argc - argindex < 1)
1003 host = argv[host_index = argindex++];
1006 if((tmp = strchr(host, '@')) != NULL) {
1012 if (argindex == argc) {
1013 close (priv_socket1);
1014 close (priv_socket2);
1016 execvp ("rlogin", argv);
1017 err (1, "execvp rlogin");
1020 local_user = get_default_username ();
1021 if (local_user == NULL)
1022 errx (1, "who are you?");
1027 cmd_len = construct_command(&cmd, argc - argindex, argv + argindex);
1030 * Try all different authentication methods
1034 if (ret && use_v5) {
1035 memset (&hints, 0, sizeof(hints));
1036 hints.ai_socktype = SOCK_STREAM;
1037 hints.ai_protocol = IPPROTO_TCP;
1039 if(port_str == NULL) {
1040 error = getaddrinfo(host, "kshell", &hints, &ai);
1041 if(error == EAI_NONAME)
1042 error = getaddrinfo(host, "544", &hints, &ai);
1044 error = getaddrinfo(host, port_str, &hints, &ai);
1047 errx (1, "getaddrinfo: %s", gai_strerror(error));
1049 auth_method = AUTH_KRB5;
1051 ret = doit (host, ai, user, local_user, cmd, cmd_len,
1054 if(ret != 0 && sendauth_version_error &&
1055 protocol_version == 2) {
1056 protocol_version = 1;
1063 if (ret && use_v4) {
1064 memset (&hints, 0, sizeof(hints));
1065 hints.ai_socktype = SOCK_STREAM;
1066 hints.ai_protocol = IPPROTO_TCP;
1068 if(port_str == NULL) {
1070 error = getaddrinfo(host, "ekshell", &hints, &ai);
1071 if(error == EAI_NONAME)
1072 error = getaddrinfo(host, "545", &hints, &ai);
1074 error = getaddrinfo(host, "kshell", &hints, &ai);
1075 if(error == EAI_NONAME)
1076 error = getaddrinfo(host, "544", &hints, &ai);
1079 error = getaddrinfo(host, port_str, &hints, &ai);
1082 errx (1, "getaddrinfo: %s", gai_strerror(error));
1083 auth_method = AUTH_KRB4;
1084 ret = doit (host, ai, user, local_user, cmd, cmd_len,
1090 if (ret && use_broken) {
1091 memset (&hints, 0, sizeof(hints));
1092 hints.ai_socktype = SOCK_STREAM;
1093 hints.ai_protocol = IPPROTO_TCP;
1095 if(port_str == NULL) {
1096 error = getaddrinfo(host, "shell", &hints, &ai);
1097 if(error == EAI_NONAME)
1098 error = getaddrinfo(host, "514", &hints, &ai);
1100 error = getaddrinfo(host, port_str, &hints, &ai);
1103 errx (1, "getaddrinfo: %s", gai_strerror(error));
1105 auth_method = AUTH_BROKEN;
1106 ret = doit_broken (argc, argv, host_index, ai,
1109 do_errsock ? priv_socket2 : -1,