1 files changed, 186 insertions, 0 deletions
diff --git a/src/lib/libc/net/rcmdsh.c b/src/lib/libc/net/rcmdsh.c
new file mode 100644
index 0000000000..a472162711
--- /dev/null
+++ b/src/lib/libc/net/rcmdsh.c
@@ -0,0 +1,186 @@
+/*      $OpenBSD: rcmdsh.c,v 1.12 2007/09/02 15:19:17 deraadt Exp $     */ 
+/*
+ * Copyright (c) 2001, MagniComp
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright 
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright 
+ *    notice, this list of conditions and the following disclaimer in 
+ *    the documentation and/or other materials provided with the distribution. 
+ * 3. Neither the name of the MagniComp nor the names of its contributors may
+ *    be used to endorse or promote products derived from this software
+ *    without specific prior written permission. 
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This is an rcmd() replacement originally by 
+ * Chris Siebenmann <cks@utcc.utoronto.ca>.
+ */
+#include      <sys/types.h>
+#include      <sys/socket.h>
+#include      <sys/wait.h>
+#include      <signal.h>
+#include      <errno.h>
+#include      <netdb.h>
+#include      <stdio.h>
+#include      <stdlib.h>
+#include      <string.h>
+#include      <pwd.h>
+#include      <paths.h>
+#include      <unistd.h>
+/*
+ * This is a replacement rcmd() function that uses the rsh(1)
+ * program in place of a direct rcmd(3) function call so as to
+ * avoid having to be root.  Note that rport is ignored.
+ */
+/* ARGSUSED */
+int
+rcmdsh(char **ahost, int rport, const char *locuser, const char *remuser,
+    const char *cmd, char *rshprog)
+{
+        struct hostent *hp;
+        int sp[2];
+        pid_t cpid;
+        char *p;
+        struct passwd *pw;
+        /* What rsh/shell to use. */
+        if (rshprog == NULL)
+                rshprog = _PATH_RSH;
+        /* locuser must exist on this host. */
+        if ((pw = getpwnam(locuser)) == NULL) {
+                (void) fprintf(stderr, "rcmdsh: unknown user: %s\n", locuser);
+                return(-1);
+        }
+        /* Validate remote hostname. */
+        if (strcmp(*ahost, "localhost") != 0) {
+                if (((hp = gethostbyname2(*ahost, AF_INET)) == NULL) &&
+                    ((hp = gethostbyname2(*ahost, AF_INET6)) == NULL)) {
+                        herror(*ahost);
+                        return(-1);
+                }
+                *ahost = hp->h_name;
+        }
+        /* Get a socketpair we'll use for stdin and stdout. */
+        if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, sp) < 0) {
+                perror("rcmdsh: socketpair");
+                return(-1);
+        }
+        cpid = fork();
+        if (cpid < 0) {
+                perror("rcmdsh: fork failed");
+                return(-1);
+        } else if (cpid == 0) {
+                /*
+                 * Child.  We use sp[1] to be stdin/stdout, and close sp[0].
+                 */
+                (void) close(sp[0]);
+                if (dup2(sp[1], 0) < 0 || dup2(0, 1) < 0) {
+                        perror("rcmdsh: dup2 failed");
+                        _exit(255);
+                }
+                /* Fork again to lose parent. */
+                cpid = fork();
+                if (cpid < 0) {
+                        perror("rcmdsh: fork to lose parent failed");
+                        _exit(255);
+                }
+                if (cpid > 0)
+                        _exit(0);
+                /* In grandchild here.  Become local user for rshprog. */
+                if (setuid(pw->pw_uid)) {
+                        (void) fprintf(stderr, "rcmdsh: setuid(%u): %s\n",
+                                       pw->pw_uid, strerror(errno));
+                        _exit(255);
+                }
+                /*
+                 * If remote host is "localhost" and local and remote user
+                 * are the same, avoid running remote shell for efficiency.
+                 */
+                if (!strcmp(*ahost, "localhost") && !strcmp(locuser, remuser)) {
+                        char *argv[4];
+                        if (pw->pw_shell[0] == '\0')
+                                rshprog = _PATH_BSHELL;
+                        else
+                                rshprog = pw->pw_shell;
+                        p = strrchr(rshprog, '/');
+                        argv[0] = p ? p + 1 : rshprog;
+                        argv[1] = "-c";
+                        argv[2] = (char *)cmd;
+                        argv[3] = NULL;
+                        execvp(rshprog, argv);
+                } else if ((p = strchr(rshprog, ' ')) == NULL) {
+                        /* simple case */
+                        char *argv[6];
+                        p = strrchr(rshprog, '/');
+                        argv[0] = p ? p + 1 : rshprog;
+                        argv[1] = "-l";
+                        argv[2] = (char *)remuser;
+                        argv[3] = *ahost;
+                        argv[4] = (char *)cmd;
+                        argv[5] = NULL;
+                        execvp(rshprog, argv);
+                } else {
+                        /* must pull args out of rshprog and dyn alloc argv */
+                        char **argv, **ap;
+                        int n;
+                        for (n = 7; (p = strchr(++p, ' ')) != NULL; n++)
+                                continue;
+                        rshprog = strdup(rshprog);
+                        ap = argv = calloc(sizeof(char *), n);
+                        if (rshprog == NULL || argv == NULL) {
+                                perror("rcmdsh");
+                                _exit(255);
+                        }
+                        while ((p = strsep(&rshprog, " ")) != NULL) {
+                                if (*p == '\0')
+                                        continue;
+                                *ap++ = p;
+                        }
+                        if (ap != argv)         /* all spaces?!? */
+                                rshprog = argv[0];
+                        if ((p = strrchr(argv[0], '/')) != NULL)
+                                argv[0] = p + 1;
+                        *ap++ = "-l";
+                        *ap++ = (char *)remuser;
+                        *ap++ = *ahost;
+                        *ap++ = (char *)cmd;
+                        *ap++ = NULL;
+                        execvp(rshprog, argv);
+                }
+                (void) fprintf(stderr, "rcmdsh: execvp %s failed: %s\n",
+                               rshprog, strerror(errno));
+                _exit(255);
+        } else {
+                /* Parent. close sp[1], return sp[0]. */
+                (void) close(sp[1]);
+                /* Reap child. */
+                (void) wait(NULL);
+                return(sp[0]);
+        }
+        /* NOTREACHED */
+}

diff --git a/src/lib/libc/net/rcmdsh.c b/src/lib/libc/net/rcmdsh.c new file mode 100644 index 0000000000..a472162711 --- /dev/null +++ b/src/lib/libc/net/rcmdsh.c
@@ -0,0 +1,186 @@
	1	/* $OpenBSD: rcmdsh.c,v 1.12 2007/09/02 15:19:17 deraadt Exp $ */
	2
	3	/*
	4	* Copyright (c) 2001, MagniComp
	5	* All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions
	9	* are met:
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in
	14	* the documentation and/or other materials provided with the distribution.
	15	* 3. Neither the name of the MagniComp nor the names of its contributors may
	16	* be used to endorse or promote products derived from this software
	17	* without specific prior written permission.
	18	*
	19	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
	20	* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	21	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	22	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
	23	* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	24	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
	25	* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
	26	* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
	27	* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
	28	* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	/*
	32	* This is an rcmd() replacement originally by
	33	* Chris Siebenmann <cks@utcc.utoronto.ca>.
	34	*/
	35
	36	#include <sys/types.h>
	37	#include <sys/socket.h>
	38	#include <sys/wait.h>
	39	#include <signal.h>
	40	#include <errno.h>
	41	#include <netdb.h>
	42	#include <stdio.h>
	43	#include <stdlib.h>
	44	#include <string.h>
	45	#include <pwd.h>
	46	#include <paths.h>
	47	#include <unistd.h>
	48
	49	/*
	50	* This is a replacement rcmd() function that uses the rsh(1)
	51	* program in place of a direct rcmd(3) function call so as to
	52	* avoid having to be root. Note that rport is ignored.
	53	*/
	54	/* ARGSUSED */
	55	int
	56	rcmdsh(char *ahost, int rport, const char locuser, const char *remuser,
	57	const char cmd, char rshprog)
	58	{
	59	struct hostent *hp;
	60	int sp[2];
	61	pid_t cpid;
	62	char *p;
	63	struct passwd *pw;
	64
	65	/* What rsh/shell to use. */
	66	if (rshprog == NULL)
	67	rshprog = _PATH_RSH;
	68
	69	/* locuser must exist on this host. */
	70	if ((pw = getpwnam(locuser)) == NULL) {
	71	(void) fprintf(stderr, "rcmdsh: unknown user: %s\n", locuser);
	72	return(-1);
	73	}
	74
	75	/* Validate remote hostname. */
	76	if (strcmp(*ahost, "localhost") != 0) {
	77	if (((hp = gethostbyname2(*ahost, AF_INET)) == NULL) &&
	78	((hp = gethostbyname2(*ahost, AF_INET6)) == NULL)) {
	79	herror(*ahost);
	80	return(-1);
	81	}
	82	*ahost = hp->h_name;
	83	}
	84
	85	/* Get a socketpair we'll use for stdin and stdout. */
	86	if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, sp) < 0) {
	87	perror("rcmdsh: socketpair");
	88	return(-1);
	89	}
	90
	91	cpid = fork();
	92	if (cpid < 0) {
	93	perror("rcmdsh: fork failed");
	94	return(-1);
	95	} else if (cpid == 0) {
	96	/*
	97	* Child. We use sp[1] to be stdin/stdout, and close sp[0].
	98	*/
	99	(void) close(sp[0]);
	100	if (dup2(sp[1], 0) < 0 \|\| dup2(0, 1) < 0) {
	101	perror("rcmdsh: dup2 failed");
	102	_exit(255);
	103	}
	104	/* Fork again to lose parent. */
	105	cpid = fork();
	106	if (cpid < 0) {
	107	perror("rcmdsh: fork to lose parent failed");
	108	_exit(255);
	109	}
	110	if (cpid > 0)
	111	_exit(0);
	112
	113	/* In grandchild here. Become local user for rshprog. */
	114	if (setuid(pw->pw_uid)) {
	115	(void) fprintf(stderr, "rcmdsh: setuid(%u): %s\n",
	116	pw->pw_uid, strerror(errno));
	117	_exit(255);
	118	}
	119
	120	/*
	121	* If remote host is "localhost" and local and remote user
	122	* are the same, avoid running remote shell for efficiency.
	123	*/
	124	if (!strcmp(*ahost, "localhost") && !strcmp(locuser, remuser)) {
	125	char *argv[4];
	126	if (pw->pw_shell[0] == '\0')
	127	rshprog = _PATH_BSHELL;
	128	else
	129	rshprog = pw->pw_shell;
	130	p = strrchr(rshprog, '/');
	131	argv[0] = p ? p + 1 : rshprog;
	132	argv[1] = "-c";
	133	argv[2] = (char *)cmd;
	134	argv[3] = NULL;
	135	execvp(rshprog, argv);
	136	} else if ((p = strchr(rshprog, ' ')) == NULL) {
	137	/* simple case */
	138	char *argv[6];
	139	p = strrchr(rshprog, '/');
	140	argv[0] = p ? p + 1 : rshprog;
	141	argv[1] = "-l";
	142	argv[2] = (char *)remuser;
	143	argv[3] = *ahost;
	144	argv[4] = (char *)cmd;
	145	argv[5] = NULL;
	146	execvp(rshprog, argv);
	147	} else {
	148	/* must pull args out of rshprog and dyn alloc argv */
	149	char argv, ap;
	150	int n;
	151	for (n = 7; (p = strchr(++p, ' ')) != NULL; n++)
	152	continue;
	153	rshprog = strdup(rshprog);
	154	ap = argv = calloc(sizeof(char *), n);
	155	if (rshprog == NULL \|\| argv == NULL) {
	156	perror("rcmdsh");
	157	_exit(255);
	158	}
	159	while ((p = strsep(&rshprog, " ")) != NULL) {
	160	if (*p == '\0')
	161	continue;
	162	*ap++ = p;
	163	}
	164	if (ap != argv) /* all spaces?!? */
	165	rshprog = argv[0];
	166	if ((p = strrchr(argv[0], '/')) != NULL)
	167	argv[0] = p + 1;
	168	*ap++ = "-l";
	169	ap++ = (char )remuser;
	170	ap++ = ahost;
	171	ap++ = (char )cmd;
	172	*ap++ = NULL;
	173	execvp(rshprog, argv);
	174	}
	175	(void) fprintf(stderr, "rcmdsh: execvp %s failed: %s\n",
	176	rshprog, strerror(errno));
	177	_exit(255);
	178	} else {
	179	/* Parent. close sp[1], return sp[0]. */
	180	(void) close(sp[1]);
	181	/* Reap child. */
	182	(void) wait(NULL);
	183	return(sp[0]);
	184	}
	185	/* NOTREACHED */
	186	}