1: /*
   2:  * Copyright (c) 1983 Regents of the University of California.
   3:  * All rights reserved.  The Berkeley software License Agreement
   4:  * specifies the terms and conditions for redistribution.
   5:  */
   6: 
   7: #ifndef lint
   8: char copyright[] =
   9: "@(#) Copyright (c) 1983 Regents of the University of California.\n\
  10:  All rights reserved.\n";
  11: #endif not lint
  12: 
  13: #ifndef lint
  14: static char sccsid[] = "@(#)rexecd.c	5.4 (Berkeley) 5/9/86";
  15: #endif not lint
  16: 
  17: #include <sys/ioctl.h>
  18: #include <sys/param.h>
  19: #include <sys/socket.h>
  20: #include <sys/time.h>
  21: 
  22: #include <netinet/in.h>
  23: 
  24: #include <stdio.h>
  25: #include <errno.h>
  26: #include <pwd.h>
  27: #include <signal.h>
  28: #include <netdb.h>
  29: 
  30: extern  errno;
  31: struct  passwd *getpwnam();
  32: char    *crypt(), *rindex(), *strncat(), *sprintf();
  33: /*VARARGS1*/
  34: int error();
  35: 
  36: /*
  37:  * remote execute server:
  38:  *	username\0
  39:  *	password\0
  40:  *	command\0
  41:  *	data
  42:  */
  43: /*ARGSUSED*/
  44: main(argc, argv)
  45:     int argc;
  46:     char **argv;
  47: {
  48:     struct sockaddr_in from;
  49:     int fromlen;
  50: 
  51:     fromlen = sizeof (from);
  52:     if (getpeername(0, &from, &fromlen) < 0) {
  53:         fprintf(stderr, "%s: ", argv[0]);
  54:         perror("getpeername");
  55:         exit(1);
  56:     }
  57:     doit(0, &from);
  58: }
  59: 
  60: char    username[20] = "USER=";
  61: char    homedir[64] = "HOME=";
  62: char    shell[64] = "SHELL=";
  63: char    *envinit[] =
  64:         {homedir, shell, "PATH=:/usr/ucb:/bin:/usr/bin", username, 0};
  65: char    **environ;
  66: 
  67: struct  sockaddr_in asin = { AF_INET };
  68: 
  69: doit(f, fromp)
  70:     int f;
  71:     struct sockaddr_in *fromp;
  72: {
  73:     char cmdbuf[NCARGS+1], *cp, *namep;
  74:     char user[16], pass[16];
  75:     struct passwd *pwd;
  76:     int s;
  77:     short port;
  78:     int pv[2], pid, cc;
  79:     long ready, readfrom;
  80:     char buf[BUFSIZ], sig;
  81:     int one = 1;
  82: 
  83:     (void) signal(SIGINT, SIG_DFL);
  84:     (void) signal(SIGQUIT, SIG_DFL);
  85:     (void) signal(SIGTERM, SIG_DFL);
  86: #ifdef DEBUG
  87:     { int t = open("/dev/tty", 2);
  88:       if (t >= 0) {
  89:         ioctl(t, TIOCNOTTY, (char *)0);
  90:         (void) close(t);
  91:       }
  92:     }
  93: #endif
  94:     dup2(f, 0);
  95:     dup2(f, 1);
  96:     dup2(f, 2);
  97:     (void) alarm(60);
  98:     port = 0;
  99:     for (;;) {
 100:         char c;
 101:         if (read(f, &c, 1) != 1)
 102:             exit(1);
 103:         if (c == 0)
 104:             break;
 105:         port = port * 10 + c - '0';
 106:     }
 107:     (void) alarm(0);
 108:     if (port != 0) {
 109:         s = socket(AF_INET, SOCK_STREAM, 0);
 110:         if (s < 0)
 111:             exit(1);
 112:         if (bind(s, &asin, sizeof (asin)) < 0)
 113:             exit(1);
 114:         (void) alarm(60);
 115:         fromp->sin_port = htons((u_short)port);
 116:         if (connect(s, fromp, sizeof (*fromp)) < 0)
 117:             exit(1);
 118:         (void) alarm(0);
 119:     }
 120:     getstr(user, sizeof(user), "username");
 121:     getstr(pass, sizeof(pass), "password");
 122:     getstr(cmdbuf, sizeof(cmdbuf), "command");
 123:     setpwent();
 124:     pwd = getpwnam(user);
 125:     if (pwd == NULL) {
 126:         error("Login incorrect.\n");
 127:         exit(1);
 128:     }
 129:     endpwent();
 130:     if (*pwd->pw_passwd != '\0') {
 131:         namep = crypt(pass, pwd->pw_passwd);
 132:         if (strcmp(namep, pwd->pw_passwd)) {
 133:             error("Password incorrect.\n");
 134:             exit(1);
 135:         }
 136:     }
 137:     if (chdir(pwd->pw_dir) < 0) {
 138:         error("No remote directory.\n");
 139:         exit(1);
 140:     }
 141:     (void) write(2, "\0", 1);
 142:     if (port) {
 143:         (void) pipe(pv);
 144:         pid = fork();
 145:         if (pid == -1)  {
 146:             error("Try again.\n");
 147:             exit(1);
 148:         }
 149:         if (pid) {
 150:             (void) close(0); (void) close(1); (void) close(2);
 151:             (void) close(f); (void) close(pv[1]);
 152:             readfrom = (1L<<s) | (1L<<pv[0]);
 153:             ioctl(pv[1], FIONBIO, (char *)&one);
 154:             /* should set s nbio! */
 155:             do {
 156:                 ready = readfrom;
 157:                 (void) select(16, &ready, (fd_set *)0,
 158:                     (fd_set *)0, (struct timeval *)0);
 159:                 if (ready & (1L<<s)) {
 160:                     if (read(s, &sig, 1) <= 0)
 161:                         readfrom &= ~(1L<<s);
 162:                     else
 163:                         killpg(pid, sig);
 164:                 }
 165:                 if (ready & (1L<<pv[0])) {
 166:                     cc = read(pv[0], buf, sizeof (buf));
 167:                     if (cc <= 0) {
 168:                         shutdown(s, 1+1);
 169:                         readfrom &= ~(1L<<pv[0]);
 170:                     } else
 171:                         (void) write(s, buf, cc);
 172:                 }
 173:             } while (readfrom);
 174:             exit(0);
 175:         }
 176:         setpgrp(0, getpid());
 177:         (void) close(s); (void)close(pv[0]);
 178:         dup2(pv[1], 2);
 179:     }
 180:     if (*pwd->pw_shell == '\0')
 181:         pwd->pw_shell = "/bin/sh";
 182:     if (f > 2)
 183:         (void) close(f);
 184:     (void) setgid((gid_t)pwd->pw_gid);
 185:     initgroups(pwd->pw_name, pwd->pw_gid);
 186:     (void) setuid((uid_t)pwd->pw_uid);
 187:     environ = envinit;
 188:     strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
 189:     strncat(shell, pwd->pw_shell, sizeof(shell)-7);
 190:     strncat(username, pwd->pw_name, sizeof(username)-6);
 191:     cp = rindex(pwd->pw_shell, '/');
 192:     if (cp)
 193:         cp++;
 194:     else
 195:         cp = pwd->pw_shell;
 196:     execl(pwd->pw_shell, cp, "-c", cmdbuf, 0);
 197:     perror(pwd->pw_shell);
 198:     exit(1);
 199: }
 200: 
 201: /*VARARGS1*/
 202: error(fmt, a1, a2, a3)
 203:     char *fmt;
 204:     int a1, a2, a3;
 205: {
 206:     char buf[BUFSIZ];
 207: 
 208:     buf[0] = 1;
 209:     (void) sprintf(buf+1, fmt, a1, a2, a3);
 210:     (void) write(2, buf, strlen(buf));
 211: }
 212: 
 213: getstr(buf, cnt, err)
 214:     char *buf;
 215:     int cnt;
 216:     char *err;
 217: {
 218:     char c;
 219: 
 220:     do {
 221:         if (read(0, &c, 1) != 1)
 222:             exit(1);
 223:         *buf++ = c;
 224:         if (--cnt == 0) {
 225:             error("%s too long\n", err);
 226:             exit(1);
 227:         }
 228:     } while (c != 0);
 229: }

Defined functions

doit defined in line 69; used 1 times
  • in line 57
error defined in line 202; used 6 times
getstr defined in line 213; used 3 times
main defined in line 44; never used

Defined variables

asin defined in line 67; used 2 times
  • in line 112(2)
copyright defined in line 8; never used
envinit defined in line 63; used 1 times
environ defined in line 65; used 1 times
homedir defined in line 61; used 3 times
sccsid defined in line 14; never used
shell defined in line 62; used 3 times
username defined in line 60; used 3 times
Last modified: 1988-12-25
Generated: 2016-12-26
Generated by src2html V0.67
page hit count: 4924
Valid CSS Valid XHTML 1.0 Strict