initial import of NetBSD tree

author: deraadt <> 1995-10-18 08:42:23 +0000
committer: deraadt <> 1995-10-18 08:42:23 +0000
commit: 0527d29da443886d92e9a418180c5b25a5f8d270 (patch)
tree: 86b3a64928451a669cefa27900e5884036b4e349 /src/lib/libc/net/rcmd.3
download: openbsd-0527d29da443886d92e9a418180c5b25a5f8d270.tar.gz
openbsd-0527d29da443886d92e9a418180c5b25a5f8d270.tar.bz2
openbsd-0527d29da443886d92e9a418180c5b25a5f8d270.zip
1 files changed, 204 insertions, 0 deletions
diff --git a/src/lib/libc/net/rcmd.3 b/src/lib/libc/net/rcmd.3
new file mode 100644
index 0000000000..4db847c392
--- /dev/null
+++ b/src/lib/libc/net/rcmd.3
@@ -0,0 +1,204 @@
+.\"     $NetBSD: rcmd.3,v 1.8 1995/02/25 06:20:52 cgd Exp $
+.\"
+.\" Copyright (c) 1983, 1991, 1993
+.\"     The Regents of the University of California.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\"     This product includes software developed by the University of
+.\"     California, Berkeley and its contributors.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"     @(#)rcmd.3      8.1 (Berkeley) 6/4/93
+.\"
+.Dd June 4, 1993
+.Dt RCMD 3
+.Os BSD 4.2
+.Sh NAME
+.Nm rcmd ,
+.Nm rresvport ,
+.Nm iruserok ,
+.Nm ruserok
+.Nd routines for returning a stream to a remote command
+.Sh SYNOPSIS
+.Fd #include <unistd.h>
+.Ft int
+.Fn rcmd "char **ahost" "int inport" "const char *locuser" "const char *remuser" "const char *cmd" "int *fd2p"
+.Ft int
+.Fn rresvport "int *port"
+.Ft int
+.Fn iruserok "u_long raddr" "int superuser" "const char *ruser" "const char *luser"
+.Ft int
+.Fn ruserok "const char *rhost" "int superuser" "const char *ruser" "const char *luser"
+.Sh DESCRIPTION
+The
+.Fn rcmd
+function
+is used by the super-user to execute a command on
+a remote machine using an authentication scheme based
+on reserved port numbers.
+The
+.Fn rresvport
+function
+returns a descriptor to a socket
+with an address in the privileged port space.
+The
+.Fn iruserok
+and
+.Fn ruserok
+functions are used by servers
+to authenticate clients requesting service with
+.Fn rcmd .
+All four functions are present in the same file and are used
+by the
+.Xr rshd 8
+server (among others).
+.Pp
+The
+.Fn rcmd
+function
+looks up the host
+.Fa *ahost
+using
+.Xr gethostbyname 3 ,
+returning \-1 if the host does not exist.
+Otherwise
+.Fa *ahost
+is set to the standard name of the host
+and a connection is established to a server
+residing at the well-known Internet port
+.Fa inport .
+.Pp
+If the connection succeeds,
+a socket in the Internet domain of type
+.Dv SOCK_STREAM
+is returned to the caller, and given to the remote
+command as 
+.Em stdin
+and
+.Em stdout .
+If
+.Fa fd2p
+is non-zero, then an auxiliary channel to a control
+process will be set up, and a descriptor for it will be placed
+in
+.Fa *fd2p .
+The control process will return diagnostic
+output from the command (unit 2) on this channel, and will also
+accept bytes on this channel as being
+.Tn UNIX
+signal numbers, to be
+forwarded to the process group of the command.
+If
+.Fa fd2p
+is 0, then the 
+.Em stderr
+(unit 2 of the remote
+command) will be made the same as the 
+.Em stdout
+and no
+provision is made for sending arbitrary signals to the remote process,
+although you may be able to get its attention by using out-of-band data.
+.Pp
+The protocol is described in detail in
+.Xr rshd 8 .
+.Pp
+The
+.Fn rresvport
+function is used to obtain a socket with a privileged
+address bound to it.  This socket is suitable for use
+by 
+.Fn rcmd
+and several other functions.  Privileged Internet ports are those
+in the range 0 to 1023.  Only the super-user
+is allowed to bind an address of this sort to a socket.
+.Pp
+The
+.Fn iruserok
+and
+.Fn ruserok
+functions take a remote host's IP address or name, respectively,
+two user names and a flag indicating whether the local user's
+name is that of the super-user.
+Then, if the user is
+.Em NOT
+the super-user, it checks the
+.Pa /etc/hosts.equiv
+file.
+If that lookup is not done, or is unsuccessful, the
+.Pa .rhosts
+in the local user's home directory is checked to see if the request for
+service is allowed.
+.Pp
+If this file does not exist, is not a regular file, is owned by anyone
+other than the user or the super-user, or is writeable by anyone other
+than the owner, the check automatically fails.
+Zero is returned if the machine name is listed in the
+.Dq Pa hosts.equiv
+file, or the host and remote user name are found in the
+.Dq Pa .rhosts
+file; otherwise
+.Fn iruserok
+and
+.Fn ruserok
+return \-1.
+If the local domain (as obtained from
+.Xr gethostname 2 )
+is the same as the remote domain, only the machine name need be specified.
+.Pp
+If the IP address of the remote host is known,
+.Fn iruserok
+should be used in preference to
+.Fn ruserok ,
+as it does not require trusting the DNS server for the remote host's domain.
+.Sh DIAGNOSTICS
+The
+.Fn rcmd
+function
+returns a valid socket descriptor on success.
+It returns \-1 on error and prints a diagnostic message on the standard error.
+.Pp
+The
+.Fn rresvport
+function
+returns a valid, bound socket descriptor on success.
+It returns \-1 on error with the global value
+.Va errno
+set according to the reason for failure.
+The error code
+.Dv EAGAIN
+is overloaded to mean ``All network ports in use.''
+.Sh SEE ALSO
+.Xr rlogin 1 ,
+.Xr rsh 1 ,
+.Xr intro 2 ,
+.Xr rexec 3 ,
+.Xr rexecd 8 ,
+.Xr rlogind 8 ,
+.Xr rshd 8
+.Sh HISTORY
+These
+functions appeared in 
+.Bx 4.2 .
author	deraadt <>	1995-10-18 08:42:23 +0000
committer	deraadt <>	1995-10-18 08:42:23 +0000
commit	0527d29da443886d92e9a418180c5b25a5f8d270 (patch)
tree	86b3a64928451a669cefa27900e5884036b4e349 /src/lib/libc/net/rcmd.3
download	openbsd-0527d29da443886d92e9a418180c5b25a5f8d270.tar.gz openbsd-0527d29da443886d92e9a418180c5b25a5f8d270.tar.bz2 openbsd-0527d29da443886d92e9a418180c5b25a5f8d270.zip

diff --git a/src/lib/libc/net/rcmd.3 b/src/lib/libc/net/rcmd.3 new file mode 100644 index 0000000000..4db847c392 --- /dev/null +++ b/src/lib/libc/net/rcmd.3
@@ -0,0 +1,204 @@
	1	.\" $NetBSD: rcmd.3,v 1.8 1995/02/25 06:20:52 cgd Exp $
	2	.\"
	3	.\" Copyright (c) 1983, 1991, 1993
	4	.\" The Regents of the University of California. All rights reserved.
	5	.\"
	6	.\" Redistribution and use in source and binary forms, with or without
	7	.\" modification, are permitted provided that the following conditions
	8	.\" are met:
	9	.\" 1. Redistributions of source code must retain the above copyright
	10	.\" notice, this list of conditions and the following disclaimer.
	11	.\" 2. Redistributions in binary form must reproduce the above copyright
	12	.\" notice, this list of conditions and the following disclaimer in the
	13	.\" documentation and/or other materials provided with the distribution.
	14	.\" 3. All advertising materials mentioning features or use of this software
	15	.\" must display the following acknowledgement:
	16	.\" This product includes software developed by the University of
	17	.\" California, Berkeley and its contributors.
	18	.\" 4. Neither the name of the University nor the names of its contributors
	19	.\" may be used to endorse or promote products derived from this software
	20	.\" without specific prior written permission.
	21	.\"
	22	.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	23	.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	24	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	25	.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	26	.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	27	.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	28	.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	29	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	30	.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	31	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	32	.\" SUCH DAMAGE.
	33	.\"
	34	.\" @(#)rcmd.3 8.1 (Berkeley) 6/4/93
	35	.\"
	36	.Dd June 4, 1993
	37	.Dt RCMD 3
	38	.Os BSD 4.2
	39	.Sh NAME
	40	.Nm rcmd ,
	41	.Nm rresvport ,
	42	.Nm iruserok ,
	43	.Nm ruserok
	44	.Nd routines for returning a stream to a remote command
	45	.Sh SYNOPSIS
	46	.Fd #include <unistd.h>
	47	.Ft int
	48	.Fn rcmd "char *ahost" "int inport" "const char locuser" "const char remuser" "const char cmd" "int *fd2p"
	49	.Ft int
	50	.Fn rresvport "int *port"
	51	.Ft int
	52	.Fn iruserok "u_long raddr" "int superuser" "const char ruser" "const char luser"
	53	.Ft int
	54	.Fn ruserok "const char rhost" "int superuser" "const char ruser" "const char *luser"
	55	.Sh DESCRIPTION
	56	The
	57	.Fn rcmd
	58	function
	59	is used by the super-user to execute a command on
	60	a remote machine using an authentication scheme based
	61	on reserved port numbers.
	62	The
	63	.Fn rresvport
	64	function
	65	returns a descriptor to a socket
	66	with an address in the privileged port space.
	67	The
	68	.Fn iruserok
	69	and
	70	.Fn ruserok
	71	functions are used by servers
	72	to authenticate clients requesting service with
	73	.Fn rcmd .
	74	All four functions are present in the same file and are used
	75	by the
	76	.Xr rshd 8
	77	server (among others).
	78	.Pp
	79	The
	80	.Fn rcmd
	81	function
	82	looks up the host
	83	.Fa *ahost
	84	using
	85	.Xr gethostbyname 3 ,
	86	returning \-1 if the host does not exist.
	87	Otherwise
	88	.Fa *ahost
	89	is set to the standard name of the host
	90	and a connection is established to a server
	91	residing at the well-known Internet port
	92	.Fa inport .
	93	.Pp
	94	If the connection succeeds,
	95	a socket in the Internet domain of type
	96	.Dv SOCK_STREAM
	97	is returned to the caller, and given to the remote
	98	command as
	99	.Em stdin
	100	and
	101	.Em stdout .
	102	If
	103	.Fa fd2p
	104	is non-zero, then an auxiliary channel to a control
	105	process will be set up, and a descriptor for it will be placed
	106	in
	107	.Fa *fd2p .
	108	The control process will return diagnostic
	109	output from the command (unit 2) on this channel, and will also
	110	accept bytes on this channel as being
	111	.Tn UNIX
	112	signal numbers, to be
	113	forwarded to the process group of the command.
	114	If
	115	.Fa fd2p
	116	is 0, then the
	117	.Em stderr
	118	(unit 2 of the remote
	119	command) will be made the same as the
	120	.Em stdout
	121	and no
	122	provision is made for sending arbitrary signals to the remote process,
	123	although you may be able to get its attention by using out-of-band data.
	124	.Pp
	125	The protocol is described in detail in
	126	.Xr rshd 8 .
	127	.Pp
	128	The
	129	.Fn rresvport
	130	function is used to obtain a socket with a privileged
	131	address bound to it. This socket is suitable for use
	132	by
	133	.Fn rcmd
	134	and several other functions. Privileged Internet ports are those
	135	in the range 0 to 1023. Only the super-user
	136	is allowed to bind an address of this sort to a socket.
	137	.Pp
	138	The
	139	.Fn iruserok
	140	and
	141	.Fn ruserok
	142	functions take a remote host's IP address or name, respectively,
	143	two user names and a flag indicating whether the local user's
	144	name is that of the super-user.
	145	Then, if the user is
	146	.Em NOT
	147	the super-user, it checks the
	148	.Pa /etc/hosts.equiv
	149	file.
	150	If that lookup is not done, or is unsuccessful, the
	151	.Pa .rhosts
	152	in the local user's home directory is checked to see if the request for
	153	service is allowed.
	154	.Pp
	155	If this file does not exist, is not a regular file, is owned by anyone
	156	other than the user or the super-user, or is writeable by anyone other
	157	than the owner, the check automatically fails.
	158	Zero is returned if the machine name is listed in the
	159	.Dq Pa hosts.equiv
	160	file, or the host and remote user name are found in the
	161	.Dq Pa .rhosts
	162	file; otherwise
	163	.Fn iruserok
	164	and
	165	.Fn ruserok
	166	return \-1.
	167	If the local domain (as obtained from
	168	.Xr gethostname 2 )
	169	is the same as the remote domain, only the machine name need be specified.
	170	.Pp
	171	If the IP address of the remote host is known,
	172	.Fn iruserok
	173	should be used in preference to
	174	.Fn ruserok ,
	175	as it does not require trusting the DNS server for the remote host's domain.
	176	.Sh DIAGNOSTICS
	177	The
	178	.Fn rcmd
	179	function
	180	returns a valid socket descriptor on success.
	181	It returns \-1 on error and prints a diagnostic message on the standard error.
	182	.Pp
	183	The
	184	.Fn rresvport
	185	function
	186	returns a valid, bound socket descriptor on success.
	187	It returns \-1 on error with the global value
	188	.Va errno
	189	set according to the reason for failure.
	190	The error code
	191	.Dv EAGAIN
	192	is overloaded to mean ``All network ports in use.''
	193	.Sh SEE ALSO
	194	.Xr rlogin 1 ,
	195	.Xr rsh 1 ,
	196	.Xr intro 2 ,
	197	.Xr rexec 3 ,
	198	.Xr rexecd 8 ,
	199	.Xr rlogind 8 ,
	200	.Xr rshd 8
	201	.Sh HISTORY
	202	These
	203	functions appeared in
	204	.Bx 4.2 .