1999-05-18 08:49:41 +04:00
|
|
|
/* $NetBSD: parse.c,v 1.12 1999/05/18 04:49:41 jwise Exp $ */
|
1997-10-08 11:07:40 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/*
|
|
|
|
** parse.c This file contains the protocol parser
|
|
|
|
**
|
|
|
|
** This program is in the public domain and may be used freely by anyone
|
1998-07-15 11:31:55 +04:00
|
|
|
** who wants to.
|
1994-02-05 00:41:32 +03:00
|
|
|
**
|
1998-07-15 11:31:55 +04:00
|
|
|
** Last update: 23 Feb 1994
|
1994-02-05 00:41:32 +03:00
|
|
|
**
|
|
|
|
** Please send bug fixes/bug reports to: Peter Eriksson <pen@lysator.liu.se>
|
|
|
|
*/
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef NeXT31
|
|
|
|
# include <libc.h>
|
|
|
|
#endif
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
#include <stdio.h>
|
1998-07-15 11:31:55 +04:00
|
|
|
#include <stdlib.h>
|
1994-12-23 17:29:31 +03:00
|
|
|
#include <string.h>
|
1994-02-05 00:41:32 +03:00
|
|
|
#include <errno.h>
|
|
|
|
#include <ctype.h>
|
|
|
|
#include <pwd.h>
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef ALLOW_FORMAT
|
|
|
|
# include <grp.h>
|
|
|
|
#endif
|
1994-02-05 00:41:32 +03:00
|
|
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <netinet/in.h>
|
|
|
|
|
|
|
|
#ifndef HPUX7
|
|
|
|
# include <arpa/inet.h>
|
|
|
|
#endif
|
|
|
|
|
1994-02-05 02:17:50 +03:00
|
|
|
#include <kvm.h>
|
1994-02-05 00:41:32 +03:00
|
|
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
|
|
|
#if defined(MIPS) || defined(BSD43)
|
|
|
|
extern int errno;
|
|
|
|
#endif
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
#if defined(SOLARIS) || defined(__linux__)
|
|
|
|
# include <string.h>
|
|
|
|
# include <stdlib.h>
|
|
|
|
#endif
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
#include "identd.h"
|
|
|
|
#include "error.h"
|
|
|
|
|
1997-10-08 11:07:40 +04:00
|
|
|
static int eat_whitespace __P((void));
|
1998-07-26 23:44:12 +04:00
|
|
|
static int check_noident __P((const char *));
|
1998-07-15 11:31:55 +04:00
|
|
|
static int valid_fhost(struct in_addr *, char *);
|
1994-02-05 00:41:32 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
** This function will eat whitespace characters until
|
|
|
|
** either a non-whitespace character is read, or EOF
|
|
|
|
** occurs. This function is only used if the "-m" option
|
|
|
|
** is enabled.
|
|
|
|
*/
|
|
|
|
static int eat_whitespace()
|
|
|
|
{
|
|
|
|
int c;
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
while ((c = getchar()) != EOF &&
|
|
|
|
!(c == '\r' || c == '\n'))
|
|
|
|
;
|
|
|
|
|
|
|
|
if (c != EOF)
|
|
|
|
while ((c = getchar()) != EOF &&
|
|
|
|
(c == ' ' || c == '\t' || c == '\n' || c == '\r'))
|
|
|
|
;
|
|
|
|
|
|
|
|
if (c != EOF)
|
|
|
|
ungetc(c, stdin);
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
return (c != EOF);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#ifdef INCLUDE_EXTENSIONS
|
|
|
|
/*
|
|
|
|
** Validate an indirect request
|
|
|
|
*/
|
|
|
|
static int valid_fhost(faddr, password)
|
|
|
|
struct in_addr *faddr;
|
|
|
|
char *password;
|
|
|
|
{
|
|
|
|
if (indirect_host == NULL)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
if (strcmp(indirect_host, "*") != 0)
|
|
|
|
{
|
|
|
|
if (isdigit(indirect_host[0]))
|
|
|
|
{
|
|
|
|
if (strcmp(inet_ntoa(*faddr), indirect_host))
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
syslog(LOG_NOTICE, "valid_fhost: Access Denied for: %s",
|
1994-02-05 00:41:32 +03:00
|
|
|
gethost(faddr));
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
if (strcmp(gethost(faddr), indirect_host))
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
syslog(LOG_NOTICE, "valid_fhost: Access Denied for: %s",
|
1994-02-05 00:41:32 +03:00
|
|
|
gethost(faddr));
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
if (indirect_password == NULL)
|
|
|
|
return 1;
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
if (strcmp(password, indirect_password))
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
syslog(LOG_NOTICE, "valid_fhost: Invalid password from: %s",
|
1994-02-05 00:41:32 +03:00
|
|
|
gethost(faddr));
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
** A small routine to check for the existance of the ".noident"
|
|
|
|
** file in a users home directory.
|
|
|
|
*/
|
|
|
|
static int check_noident(homedir)
|
1998-07-26 23:44:12 +04:00
|
|
|
const char *homedir;
|
1994-02-05 00:41:32 +03:00
|
|
|
{
|
|
|
|
char *tmp_path;
|
|
|
|
struct stat sbuf;
|
|
|
|
int rcode;
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
|
|
|
|
if (!homedir)
|
|
|
|
return 0;
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
tmp_path = (char *) malloc(strlen(homedir) + sizeof("/.noident") + 1);
|
|
|
|
if (!tmp_path)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
strcpy(tmp_path, homedir);
|
|
|
|
strcat(tmp_path, "/.noident");
|
|
|
|
|
|
|
|
rcode = stat(tmp_path, &sbuf);
|
|
|
|
free(tmp_path);
|
|
|
|
|
|
|
|
return (rcode == 0);
|
|
|
|
}
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef INCLUDE_CRYPT
|
|
|
|
/*
|
|
|
|
** Checks address of incoming call against network/mask pairs of trusted
|
|
|
|
** networks to determine whether to crypt response or not.
|
|
|
|
*/
|
|
|
|
int check_crypt(faddr)
|
|
|
|
struct in_addr *faddr;
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
extern int netcnt;
|
|
|
|
extern u_long localnet[], localmask[];
|
|
|
|
|
|
|
|
for (i = 0; i < netcnt; i++) {
|
|
|
|
if ((faddr->s_addr & localmask[i]) == localnet[i])
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
#endif
|
1994-02-05 00:41:32 +03:00
|
|
|
|
|
|
|
int parse(fp, laddr, faddr)
|
|
|
|
FILE *fp;
|
|
|
|
struct in_addr *laddr, *faddr;
|
|
|
|
{
|
|
|
|
int uid, try, rcode;
|
|
|
|
struct passwd *pwp;
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef ALLOW_FORMAT
|
|
|
|
int pid;
|
|
|
|
char *cmd, *cmd_and_args;
|
|
|
|
struct group *grp;
|
|
|
|
char grname[128];
|
|
|
|
#endif
|
1994-02-05 00:41:32 +03:00
|
|
|
char lhostaddr[16];
|
|
|
|
char fhostaddr[16];
|
|
|
|
char password[33];
|
1998-07-15 11:31:55 +04:00
|
|
|
#if defined(INCLUDE_EXTENSIONS) || defined(STRONG_LOG)
|
1994-02-05 00:41:32 +03:00
|
|
|
char arg[33];
|
1998-07-15 11:31:55 +04:00
|
|
|
#endif
|
|
|
|
#ifdef INCLUDE_EXTENSIONS
|
1994-02-05 00:41:32 +03:00
|
|
|
int c;
|
|
|
|
#endif
|
|
|
|
struct in_addr laddr2;
|
|
|
|
struct in_addr faddr2;
|
1998-07-15 11:31:55 +04:00
|
|
|
int k_opened;
|
|
|
|
|
|
|
|
k_opened = 0;
|
|
|
|
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
if (debug_flag && syslog_flag)
|
|
|
|
syslog(LOG_DEBUG, "In function parse()");
|
1998-07-15 11:31:55 +04:00
|
|
|
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/*
|
|
|
|
** Get the local/foreign port pair from the luser
|
|
|
|
*/
|
|
|
|
do
|
|
|
|
{
|
|
|
|
if (debug_flag && syslog_flag)
|
|
|
|
syslog(LOG_DEBUG, " Before fscanf()");
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
faddr2 = *faddr;
|
|
|
|
laddr2 = *laddr;
|
|
|
|
lport = fport = 0;
|
|
|
|
lhostaddr[0] = fhostaddr[0] = password[0] = '\0';
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/* Read query from client */
|
|
|
|
rcode = fscanf(fp, " %d , %d", &lport, &fport);
|
|
|
|
|
1999-05-18 08:49:41 +04:00
|
|
|
if (liar_flag)
|
|
|
|
{
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE, "User %s requested a user for host %s: %d, %d, and I lied",
|
|
|
|
pwp->pw_name,
|
|
|
|
gethost(faddr),
|
|
|
|
lport, fport);
|
|
|
|
|
|
|
|
printf("%d , %d : USER-ID : OTHER :%s\r\n",
|
|
|
|
lport, fport, lie_string);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
#ifdef INCLUDE_EXTENSIONS
|
|
|
|
/*
|
|
|
|
** Do additional parsing in case of extended request
|
|
|
|
*/
|
|
|
|
if (rcode == 0)
|
|
|
|
{
|
|
|
|
rcode = fscanf(fp, "%32[^ \t\n\r:]", arg);
|
|
|
|
|
|
|
|
/* Skip leading space up to EOF, EOL or non-space char */
|
|
|
|
while ((c = getc(fp)) == ' ' || c == '\t')
|
|
|
|
;
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
if (rcode <= 0)
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE, "from: %s (%s) INVALID REQUEST",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr));
|
|
|
|
#endif
|
1994-02-05 00:41:32 +03:00
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
** Non-standard extended request, returns with Pidentd
|
|
|
|
** version information
|
|
|
|
*/
|
|
|
|
if (strcmp(arg, "VERSION") == 0)
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE, "from: %s (%s) VERSION REQUEST",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr));
|
|
|
|
#endif
|
|
|
|
#if defined(__TIME__) && defined(__DATE__)
|
|
|
|
printf("%d , %d : X-VERSION : %s (Compiled: %s %s)\r\n", lport, fport,
|
|
|
|
version, __TIME__, __DATE__);
|
|
|
|
#else
|
|
|
|
printf("%d , %d : X-VERSION : %s\r\n", lport, fport,
|
1994-02-05 00:41:32 +03:00
|
|
|
version);
|
1998-07-15 11:31:55 +04:00
|
|
|
#endif
|
1994-02-05 00:41:32 +03:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
** Non-standard extended proxy request
|
|
|
|
*/
|
|
|
|
else if (strcmp(arg, "PROXY") == 0 && c == ':')
|
|
|
|
{
|
|
|
|
/* We have a colon char, check for port numbers */
|
|
|
|
rcode = fscanf(fp, " %d , %d : %15[0-9.] , %15[0-9.]",
|
|
|
|
&lport, &fport, fhostaddr, lhostaddr);
|
|
|
|
|
|
|
|
if (!(rcode == 3 || rcode == 4))
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE, "from: %s (%s) INVALID PROXY REQUEST",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr));
|
|
|
|
#endif
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (rcode == 4)
|
1998-07-15 11:31:55 +04:00
|
|
|
laddr2.s_addr = inet_addr(lhostaddr);
|
|
|
|
|
|
|
|
faddr2.s_addr = inet_addr(fhostaddr);
|
|
|
|
|
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
{
|
|
|
|
char a1[64], a2[64], a3[64];
|
|
|
|
|
|
|
|
strcpy(a1, inet_ntoa(*faddr));
|
|
|
|
strcpy(a2, inet_ntoa(faddr2));
|
|
|
|
strcpy(a3, inet_ntoa(laddr2));
|
|
|
|
|
|
|
|
syslog(LOG_NOTICE,
|
|
|
|
"from: %s (%s) PROXY REQUEST for %d, %d between %s and %s",
|
|
|
|
a1, gethost(faddr), lport, fport, a2, a3);
|
|
|
|
}
|
|
|
|
#endif
|
1994-02-05 00:41:32 +03:00
|
|
|
|
|
|
|
proxy(&laddr2, &faddr2, lport, fport, NULL);
|
|
|
|
continue;
|
|
|
|
}
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/*
|
|
|
|
** Non-standard extended remote indirect request
|
|
|
|
*/
|
|
|
|
else if (strcmp(arg, "REMOTE") == 0 && c == ':')
|
|
|
|
{
|
|
|
|
/* We have a colon char, check for port numbers */
|
|
|
|
rcode = fscanf(fp, " %d , %d", &lport, &fport);
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/* Skip leading space up to EOF, EOL or non-space char */
|
|
|
|
while ((c = getc(fp)) == ' ' || c == '\t')
|
|
|
|
;
|
|
|
|
|
|
|
|
if (rcode != 2 || c != ':')
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE, "from: %s (%s) INVALID REMOTE REQUEST",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr));
|
|
|
|
#endif
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
|
|
|
|
continue;
|
|
|
|
}
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/* We have a colon char, check for addr and password */
|
|
|
|
rcode = fscanf(fp, " %15[0-9.] , %32[^ \t\r\n]",
|
|
|
|
fhostaddr, password);
|
|
|
|
if (rcode > 0)
|
|
|
|
rcode += 2;
|
|
|
|
else
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE,
|
|
|
|
"from: %s (%s) INVALID REMOTE REQUEST for %d, %d",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr), lport, fport);
|
|
|
|
#endif
|
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
|
|
|
|
continue;
|
1994-02-05 00:41:32 +03:00
|
|
|
}
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/*
|
|
|
|
** Verify that the host originating the indirect request
|
|
|
|
** is allowed to do that
|
|
|
|
*/
|
|
|
|
if (!valid_fhost(faddr, password))
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE,
|
|
|
|
"from: %s (%s) REJECTED REMOTE REQUEST for %d, %d with password %s",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr), lport, fport,
|
|
|
|
password);
|
|
|
|
#endif
|
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "X-ACCESS-DENIED");
|
|
|
|
continue;
|
1994-02-05 00:41:32 +03:00
|
|
|
}
|
1998-07-15 11:31:55 +04:00
|
|
|
|
|
|
|
faddr2.s_addr = inet_addr(fhostaddr);
|
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
{
|
|
|
|
char a1[64];
|
|
|
|
|
|
|
|
strcpy(a1, inet_ntoa(*faddr));
|
|
|
|
|
|
|
|
syslog(LOG_INFO,
|
|
|
|
"from: %s (%s) REMOTE REQUEST for %d, %d from %s with password %s",
|
|
|
|
a1, gethost(faddr), lport, fport,
|
|
|
|
inet_ntoa(faddr2), password);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
else
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE, "from: %s (%s) UNKNOWN REQUEST: %s",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr), arg);
|
|
|
|
#endif
|
|
|
|
|
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
|
|
|
|
continue;
|
1994-02-05 00:41:32 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif /* EXTENSIONS */
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
if (rcode < 2 || lport < 1 || lport > 65535 || fport < 1 || fport > 65535)
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
{
|
|
|
|
if (rcode > 0)
|
|
|
|
/* we have scanned at least one correct port */
|
|
|
|
syslog(LOG_NOTICE,
|
|
|
|
"from: %s (%s) for invalid-port(s): %d , %d",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr), lport, fport);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
/* we have scanned nothing at all so try to get the rest */
|
|
|
|
if (fscanf(fp, "%32[^\n\r]", arg) <= 0)
|
|
|
|
syslog(LOG_NOTICE, "from: %s (%s) EMPTY REQUEST",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr));
|
|
|
|
else
|
|
|
|
syslog(LOG_NOTICE, "from: %s (%s) INVALID REQUEST: %s",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr), arg);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
if (syslog_flag && rcode > 0)
|
|
|
|
syslog(LOG_NOTICE, "scanf: invalid-port(s): %d , %d from %s",
|
|
|
|
lport, fport, gethost(faddr));
|
|
|
|
#endif
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "INVALID-PORT");
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef STRONG_LOG
|
|
|
|
if (syslog_flag)
|
|
|
|
{
|
|
|
|
syslog(LOG_INFO, "from: %s ( %s ) for: %d, %d",
|
|
|
|
inet_ntoa(*faddr), gethost(faddr), lport, fport);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
if (debug_flag && syslog_flag)
|
|
|
|
syslog(LOG_DEBUG, " After fscanf(), before k_open()");
|
|
|
|
|
|
|
|
|
|
|
|
if (! k_opened)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
** Open the kernel memory device and read the nlist table
|
|
|
|
**
|
|
|
|
** Of course k_open should not call ERROR (which then exits)
|
|
|
|
** but maybe use syslog(LOG_ERR) and return non-zero. But I am
|
|
|
|
** too lazy to change them all ...
|
|
|
|
*/
|
|
|
|
if (k_open() != 0)
|
|
|
|
{
|
|
|
|
if (syslog_flag) syslog(LOG_ERR, "k_open call failed");
|
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "X-CANNOT-OPEN-KMEM");
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
k_opened = 1;
|
|
|
|
}
|
|
|
|
|
1994-02-05 02:42:16 +03:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
if (debug_flag && syslog_flag)
|
1998-07-15 11:31:55 +04:00
|
|
|
syslog(LOG_DEBUG, " After k_open(), before k_getuid()");
|
|
|
|
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/*
|
1998-07-15 11:31:55 +04:00
|
|
|
** Get the specific TCP connection and return the uid - user number.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifdef ALLOW_FORMAT
|
|
|
|
/* Initialize values, for architectures that do not set it */
|
|
|
|
pid = 0;
|
|
|
|
cmd = "";
|
|
|
|
cmd_and_args = "";
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#define MAX_RETRY 20
|
|
|
|
/*
|
|
|
|
** Try to fetch the information MAX_RETRY times in case the
|
|
|
|
** kernel changed beneath us and we missed or took a fault.
|
1994-02-05 00:41:32 +03:00
|
|
|
**
|
1998-07-15 11:31:55 +04:00
|
|
|
** Why would we ever fail? Is not there a reliable way for the
|
|
|
|
** kernel to identify its sockets? Cannot we use that interface?
|
|
|
|
**
|
|
|
|
** Used to be 5 times, but often this is not enough on Alpha OSF.
|
1994-02-05 00:41:32 +03:00
|
|
|
*/
|
1998-07-15 11:31:55 +04:00
|
|
|
/* #define SLEEP_BETWEEN_RETRIES 1 */
|
|
|
|
/*
|
|
|
|
** If we failed in k_getuid, that is presumably because the OS was
|
|
|
|
** busy creating or destroying processes. We may want to sleep for
|
|
|
|
** a random time between retries, hoping for peace and quiet.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* k_getuid returns 0 on success, any non-zero on failure. */
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
for (try = 0;
|
1998-07-15 11:31:55 +04:00
|
|
|
(try < MAX_RETRY &&
|
|
|
|
k_getuid(&faddr2, htons(fport), laddr, htons(lport), &uid
|
|
|
|
#ifdef ALLOW_FORMAT
|
|
|
|
, &pid, &cmd, &cmd_and_args
|
|
|
|
#endif
|
|
|
|
) != 0);
|
1994-02-05 00:41:32 +03:00
|
|
|
try++)
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef SLEEP_BETWEEN_RETRIES
|
|
|
|
{
|
|
|
|
/* Seed the generator: lport should be unique (among other concurrent identd's) */
|
|
|
|
if (try < 1) srandom(lport);
|
|
|
|
/* This gives a max sleep of 0xffff = 65535 microsecs, about 32millisec average */
|
|
|
|
usleep(random()&0x00ffff);
|
|
|
|
}
|
|
|
|
#else
|
1994-02-05 00:41:32 +03:00
|
|
|
;
|
1998-07-15 11:31:55 +04:00
|
|
|
#endif
|
1994-02-05 00:41:32 +03:00
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
if (try >= MAX_RETRY)
|
1994-02-05 00:41:32 +03:00
|
|
|
{
|
|
|
|
if (syslog_flag)
|
1998-07-15 11:31:55 +04:00
|
|
|
syslog(LOG_INFO, "Returned: %d , %d : NO-USER", lport, fport);
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
printf("%d , %d : ERROR : %s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
unknown_flag ? "UNKNOWN-ERROR" : "NO-USER");
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (try > 0 && syslog_flag)
|
|
|
|
syslog(LOG_NOTICE, "k_getuid retries: %d", try);
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
if (debug_flag && syslog_flag)
|
|
|
|
syslog(LOG_DEBUG, " After k_getuid(), before getpwuid()");
|
|
|
|
|
|
|
|
/*
|
|
|
|
** Then we should try to get the username. If that fails we
|
|
|
|
** return it as an OTHER identifier
|
|
|
|
*/
|
|
|
|
pwp = getpwuid(uid);
|
1998-07-15 11:31:55 +04:00
|
|
|
|
|
|
|
if (!pwp || uid != pwp->pw_uid)
|
1994-02-05 00:41:32 +03:00
|
|
|
{
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_WARNING, "getpwuid() could not map uid (%d) to name",
|
|
|
|
uid);
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
printf("%d , %d : USERID : OTHER%s%s : %d\r\n",
|
1994-02-05 00:41:32 +03:00
|
|
|
lport, fport,
|
|
|
|
charset_name ? " , " : "",
|
|
|
|
charset_name ? charset_name : "",
|
|
|
|
uid);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef ALLOW_FORMAT
|
|
|
|
grp = getgrgid(pwp->pw_gid);
|
|
|
|
if (grp && pwp->pw_gid != grp->gr_gid)
|
|
|
|
{
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_WARNING,
|
|
|
|
"getgrgid() could not map gid (%d) to name (for uid %d, name %s)",
|
|
|
|
pwp->pw_gid, uid, pwp->pw_name);
|
|
|
|
|
|
|
|
printf("%d , %d : USERID : OTHER%s%s : %d\r\n",
|
|
|
|
lport, fport,
|
|
|
|
charset_name ? " , " : "",
|
|
|
|
charset_name ? charset_name : "",
|
|
|
|
uid);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (grp)
|
|
|
|
sprintf (grname, "%.99s", grp->gr_name);
|
|
|
|
else
|
|
|
|
sprintf (grname, "%d", pwp->pw_gid);
|
|
|
|
#endif
|
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
/*
|
|
|
|
** Hey! We finally made it!!!
|
|
|
|
*/
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef ALLOW_FORMAT
|
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_DEBUG, "Successful lookup: %d , %d : %s.%s\n",
|
|
|
|
lport, fport, pwp->pw_name, grname);
|
|
|
|
#else
|
1994-02-05 00:41:32 +03:00
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_DEBUG, "Successful lookup: %d , %d : %s\n",
|
|
|
|
lport, fport, pwp->pw_name);
|
1998-07-15 11:31:55 +04:00
|
|
|
#endif
|
1994-02-05 00:41:32 +03:00
|
|
|
|
|
|
|
if (noident_flag && check_noident(pwp->pw_dir))
|
|
|
|
{
|
1998-07-15 11:31:55 +04:00
|
|
|
if (syslog_flag)
|
|
|
|
syslog(LOG_NOTICE, "User %s requested HIDDEN-USER for host %s: %d, %d",
|
1994-02-05 00:41:32 +03:00
|
|
|
pwp->pw_name,
|
|
|
|
gethost(faddr),
|
|
|
|
lport, fport);
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
printf("%d , %d : ERROR : HIDDEN-USER\r\n",
|
|
|
|
lport, fport);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
1998-07-15 11:31:55 +04:00
|
|
|
#ifdef INCLUDE_CRYPT
|
|
|
|
if (crypto_flag && check_crypt(faddr))
|
|
|
|
printf("%d , %d : USERID : OTHER%s%s : [%s]\r\n",
|
1994-02-05 00:41:32 +03:00
|
|
|
lport, fport,
|
|
|
|
charset_name ? " , " : "",
|
|
|
|
charset_name ? charset_name : "",
|
1998-07-15 11:31:55 +04:00
|
|
|
make_packet (pwp->pw_uid, laddr, lport, faddr, fport));
|
|
|
|
else
|
|
|
|
#endif
|
|
|
|
#ifdef ALLOW_FORMAT
|
|
|
|
if (format_flag)
|
|
|
|
{
|
1998-07-26 23:44:12 +04:00
|
|
|
char *cp;
|
1998-07-27 19:11:06 +04:00
|
|
|
__aconst char *__aconst *gmp;
|
1998-07-15 11:31:55 +04:00
|
|
|
int bp;
|
|
|
|
char buff[512];
|
|
|
|
for (cp = format, bp = 0; *cp != 0; cp++)
|
|
|
|
{
|
|
|
|
if (*cp == '%')
|
|
|
|
{
|
|
|
|
cp++;
|
|
|
|
if (*cp == 0) break;
|
|
|
|
else if (*cp == 'u') sprintf (&buff[bp], "%.*s", 490-bp, pwp->pw_name);
|
|
|
|
else if (*cp == 'U') sprintf (&buff[bp], "%d", pwp->pw_uid);
|
|
|
|
else if (*cp == 'g') sprintf (&buff[bp], "%.*s", 490-bp, grname);
|
|
|
|
else if (*cp == 'G') sprintf (&buff[bp], "%d", pwp->pw_gid);
|
|
|
|
else if (*cp == 'c') sprintf (&buff[bp], "%.*s", 490-bp, cmd);
|
|
|
|
else if (*cp == 'C') sprintf (&buff[bp], "%.*s", 490-bp, cmd_and_args);
|
|
|
|
else if (*cp == 'l') {
|
|
|
|
sprintf (&buff[bp], "%.*s", 490-bp, grname);
|
|
|
|
bp += strlen(&buff[bp]); if (bp >= 490) break;
|
|
|
|
setgrent();
|
|
|
|
while ((grp = getgrent()) != NULL) {
|
|
|
|
if (grp->gr_gid == pwp->pw_gid) continue;
|
|
|
|
for (gmp = grp->gr_mem; *gmp && **gmp; gmp++) {
|
|
|
|
if (! strcmp(*gmp, pwp->pw_name)) {
|
|
|
|
sprintf (&buff[bp], ",%.*s", 490-bp, grp->gr_name);
|
|
|
|
bp += strlen(&buff[bp]);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (bp >= 490) break;
|
|
|
|
}
|
|
|
|
endgrent();
|
|
|
|
}
|
|
|
|
else if (*cp == 'L') {
|
|
|
|
sprintf (&buff[bp], "%d", pwp->pw_gid);
|
|
|
|
bp += strlen(&buff[bp]); if (bp >= 490) break;
|
|
|
|
setgrent();
|
|
|
|
while ((grp = getgrent()) != NULL) {
|
|
|
|
if (grp->gr_gid == pwp->pw_gid) continue;
|
|
|
|
for (gmp = grp->gr_mem; *gmp && **gmp; gmp++) {
|
|
|
|
if (! strcmp(*gmp, pwp->pw_name)) {
|
|
|
|
sprintf (&buff[bp], ",%d", grp->gr_gid);
|
|
|
|
bp += strlen(&buff[bp]);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (bp >= 490) break;
|
|
|
|
}
|
|
|
|
endgrent();
|
|
|
|
}
|
|
|
|
else if (*cp == 'p') sprintf (&buff[bp], "%d", pid);
|
|
|
|
else { buff[bp] = *cp; buff[bp+1] = 0; }
|
|
|
|
bp += strlen(&buff[bp]); if (bp >= 490) break;
|
|
|
|
}
|
|
|
|
else { buff[bp++] = *cp; if (bp >= 490) break; }
|
|
|
|
}
|
|
|
|
if (bp >= 490) { sprintf(&buff[490], "..."); bp = 493; }
|
|
|
|
buff[bp] = 0;
|
|
|
|
printf("%d , %d : USERID : %s%s%s :%s\r\n",
|
|
|
|
lport, fport,
|
|
|
|
other_flag ? "OTHER" : "UNIX",
|
|
|
|
charset_name ? " , " : "",
|
|
|
|
charset_name ? charset_name : "",
|
|
|
|
buff);
|
|
|
|
}
|
1994-02-05 00:41:32 +03:00
|
|
|
else
|
1998-07-15 11:31:55 +04:00
|
|
|
#endif
|
1996-01-03 01:01:55 +03:00
|
|
|
printf("%d , %d : USERID : %s%s%s :%s\r\n",
|
1994-02-05 00:41:32 +03:00
|
|
|
lport, fport,
|
|
|
|
other_flag ? "OTHER" : "UNIX",
|
|
|
|
charset_name ? " , " : "",
|
|
|
|
charset_name ? charset_name : "",
|
|
|
|
pwp->pw_name);
|
1998-07-15 11:31:55 +04:00
|
|
|
|
1994-02-05 00:41:32 +03:00
|
|
|
} while(fflush(stdout), fflush(stderr), multi_flag && eat_whitespace());
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|