From 642afa18502acc62d64b23d0633d0353cea3e06a Mon Sep 17 00:00:00 2001 From: cgd Date: Fri, 4 Feb 1994 21:41:32 +0000 Subject: [PATCH] import of pidentd 2.1.2, by Peter Eriksson . needs clennup --- libexec/identd/CREDITS | 52 ++++ libexec/identd/Makefile | 10 + libexec/identd/README | 129 ++++++++ libexec/identd/config.c | 46 +++ libexec/identd/error.h | 42 +++ libexec/identd/identd.8 | 265 +++++++++++++++++ libexec/identd/identd.c | 629 +++++++++++++++++++++++++++++++++++++++ libexec/identd/identd.h | 43 +++ libexec/identd/netbsd.c | 235 +++++++++++++++ libexec/identd/parse.c | 399 +++++++++++++++++++++++++ libexec/identd/paths.h | 62 ++++ libexec/identd/proxy.c | 98 ++++++ libexec/identd/version.c | 1 + 13 files changed, 2011 insertions(+) create mode 100644 libexec/identd/CREDITS create mode 100644 libexec/identd/Makefile create mode 100644 libexec/identd/README create mode 100644 libexec/identd/config.c create mode 100644 libexec/identd/error.h create mode 100644 libexec/identd/identd.8 create mode 100644 libexec/identd/identd.c create mode 100644 libexec/identd/identd.h create mode 100644 libexec/identd/netbsd.c create mode 100644 libexec/identd/parse.c create mode 100644 libexec/identd/paths.h create mode 100644 libexec/identd/proxy.c create mode 100644 libexec/identd/version.c diff --git a/libexec/identd/CREDITS b/libexec/identd/CREDITS new file mode 100644 index 000000000000..c117a03ecf01 --- /dev/null +++ b/libexec/identd/CREDITS @@ -0,0 +1,52 @@ +Credits go to (I've probably forgot someone - please don't hesitate +to tell me!) for helping making Pidentd what it is: + +Casper Dik , Math & CS Faculty, U. of Amsterdam, NL + (Added support for SunOS 5 (Solaris 2)) + +Dave Shield , CS Dept. Liverpool U., UK + (Added support for HP9K HPUX 8.*) + +Jan L. Peterson , Math Dept. BYU, USA + (Added support for MIPS RISC/os and fixed a few other things) + +Fletcher Mattox , University of Texas, USA + (Added support for HP9K HP-UX 7.*) + +Mark Monnin , Rose-Hulman Inst. of Tech, USA + (Added support for DEC Ultrix 4.*) + +Simon Leinen , Switzerland + (Added support for Silicon Graphics IRIX 4.*) + +Frank Maas , Delft Univ. of Technology, The Netherlands + (Added support for Sequent Dynix 3.*) + +Andrew Herbert , Monash University, Australia + (Added support for System V/Release 4) + +David Bennet , Australia + (Added support for 386BSD) + +Fishman M. Shmuel , Technion Inst. of Tech., Israel + (Added support for Convex & 4.3BSDtahoe (then heavily hacked by me)) + +Bradley E. Smith , Bradley University, USA + (Added support for AT&T's own version of SVR4) + +RenE J.V. Bertin , Uni. of Utrecht, The Netherlands + (Added support for Apple A/UX 2.*) + +Douglas Lee Schales , Texas A&M University, USA + (Added support for Cray UNICOS 6.*) + +Don Hazlewood , SW Texas State U., USA + (Added support for A/UX 3.*) + + Nigel Metheringham , University of York, UK + (Added support for NeXT, SunOS 3.*, corrections for MIPS) + +---------------------------------------------------------------------------- +Peter Eriksson , Lysator, Linkoping University, Sweden. + (Original code for Sun SunOS 4.* and Sequent Dynix 2.*) + diff --git a/libexec/identd/Makefile b/libexec/identd/Makefile new file mode 100644 index 000000000000..b71be8c9ffd6 --- /dev/null +++ b/libexec/identd/Makefile @@ -0,0 +1,10 @@ +# $Id: Makefile,v 1.1.1.1 1994/02/04 21:41:32 cgd Exp $ + +PROG= identd +SRCS= config.c identd.c netbsd.c parse.c proxy.c version.c +MAN8= identd.0 + +LDADD= -lkvm +DPADD= ${LIBKVM} + +.include diff --git a/libexec/identd/README b/libexec/identd/README new file mode 100644 index 000000000000..f1e1d3b500ca --- /dev/null +++ b/libexec/identd/README @@ -0,0 +1,129 @@ + pidentd + + ("Peter's Ident Daemon" or is it "Portable Ident Daemon"?) + + Peter Eriksson + + +This program is released into the public domain and can be used by +anyone who wants to. Vendors may include it into their distributions +if they want to without any restrictions. (Although it would be nice +to be notified by email if someone decides to do that, and/or a note +somewhere about who wrote this program. Like in the man-page or so.. :-) + +This is a program that implements the RFC1413 identification server. It +was very much inspired by Dan Bernstein's original 'authd' (but unlike +that program doesn't use 'netstat' to get some of the information) It +uses the kernel information directly. (And is due to that fact a lot +faster). Dan has now written another version of the 'authd' daemon that +uses his 'kstuff' to read the kernel information. Unlike that daemon, +this will use only normally available kernel access functions (and is due +to that more limited in the different machines it support). Please note +that this daemon used to be called pauthd but has changed name to better +reflect what it does (and to conform to the new RFC). + +This daemon has been tested on the following machines/OS (please report +to me if you've tested a newer version, or if your machine/OS isn't among +the ones below): + +Machine Operating System Pidentd version +---------------------- ---------------------- -------------------------- + Sequent Balance Dynix 3.0.14 2.1beta.12 + Sequent Symmetry Dynix 3.1.2 2.1beta.3 + Sun 3/50 SunOS 3.5 2.1beta.8.1 (3) + Sun 386i SunOS 4.0.2 1.9beta + Sun 2/120 SunOS 4.0.3 2.1beta.10 + Sun 3/280 SunOS 4.1.1 2.1beta.12 + Sun 4/380 SunOS 4.1.3 2.1beta.12 + Sun SS1/41 SunOS 5.1 2.1beta.11 + HP 9000/375 HP-UX 7.0 2.1beta.10.1 (1) + HP 9000/300 HP-UX 8.0 2.1beta.12 + HP 9000/340 HP-UX 8.0 2.1beta.10.1 + HP 9000/360 HP-UX 8.0 2.1beta.10.1 + HP 9000/710 HP-UX 8.07 2.1beta.10.1 + HP 9000/720 HP-UX 8.07 2.1beta.10.1 + HP 9000/715 HP-UX 9.0 2.1beta.9.1 + HP 9000/827 HP-UX 8.02 2.1beta.8.1 + HP 9000/834 HP-UX 7.0 2.0beta.4 + HP 9000/835 HP-UX 8.00 2.1beta.10.1 + MIPS RISC/OS 4.5x 2.1beta.8.1 + DECstation 2100 Ultrix 4.2-96 2.1beta.2 (2) + DECstation 5000/133 Ultrix 4.2 2.1beta.9.1 (2) [?] + DEC VAXstation 2000 Ultrix-32 3.1 2.1beta.12 (2) [?] + DEC VAX vs3520 Ultrix 3.0 2.1beta.9.1 (2) [?] + DEC VAX 11/780 4.3BSD Reno 2.1beta.12 (2) + i486-PC UHC SVR4 2.0 2.0beta.4 (2) + i486-PC Dell SVR4 2.2 2.0beta.4 (2) + i486-PC ESIX SVR4 4.0.4 2.1beta.2 (2) + i486-PC 386BSD 0.1 2.1beta.3 (2) + Cray UNICOS 6.0.12 2.1beta.7 + NeXT NeXTSTEP 2.1 2.1beta.9.1 (3) + NeXT NeXTSTEP 3.0 2.1beta.9.1 (3) + Pyramid 90x dualPort OSx 4.1 2.1beta.12 + Silicon Graphics IRIX 4 2.1beta.10 + +Notes: + 1) HP-UX 7.0 doesn't support running streams based services from + Inetd with the "wait" option (and the "-w" flag to Pidentd). + + It also has problems with starting stuff as user "sys" from Inetd. + (It doesn't correctly set the group id to "sys") so I suggest you + either starts it as user "root" and use the "-u" and "-g" flags + to setuid and setgid itself to user "sys", group "sys", or do a + 'chgrp sys in.identd' and then a 'chmod g+s in.identd' and start + it as user "sys" from Inetd. + + 2) These systems also doesn't support running streams based + services from Inetd with the "wait" option. + + 3) See notes in the READMEs/README. specific files. + + +Please let me know if you find any bugs, or have ported it to other +machines (and care to share the changes with me and the world!). + +See the manual page for information about the various command line +options that are available. + +NOTE: One should NOT use the -d option when using it for normal use! + +If you intend to create or modify daemons that use the IDENT protocol +then you may wish to get the "libident" library that contains some +functions to implement the client side of this protocol. It is available +as "libident-*.tar.Z" in "pub/ident/libs" at "ftp.lysator.liu.se". + +There is a mailing list for users of the IDENT(RFC1413)/TAP protocol called +'ident-users@lysator.liu.se' that you may want to consider joining. +Send mail to the address 'ident-users-request@lysator.liu.se' to +join it. This list is intended for generic discussions on using this +protocol and it's associated tools. + +If you only want to receive news about new (non-alpha/beta) releases of +Pidentd then you can join the 'ident-announce@lysator.liu.se' mailing +list. Send mail to the address 'ident-announce-request@lysator.liu.se' to +join it. No discussions will take place on this list. + +I also run a small mailing list for people who wants to act as testers +of new alpha/beta-versions of Pidentd. If you wish to join, please send +mail to the address 'pidentd-testers-request@lysator.liu.se'. (I can always +use more testers, so don't hesitate :-) + +It's a human (namely me :-) that reads the letters sent to *-request. +Please include the full email address to which to wish to have the +letters sent. + +I'm grateful for success/failure stories about installing/compiling this +daemon... + +Information of interrest: + + 1. Machine and operating system type and version. + 2. Command line flags. + 3. Inetd.conf configuration. + 4. Did it work, or not. And if not - what did it report to the + syslog file? (You'll have to add the "-l" option and probably + reconfigure your Syslogd). If you use the "-d" option then + you can see a verbose error if you Telnet into it directly and + send it a query manually. (See the INSTALL file for more information). + +/Peter Eriksson , 5 April 1993 diff --git a/libexec/identd/config.c b/libexec/identd/config.c new file mode 100644 index 000000000000..5ce6f9759fe2 --- /dev/null +++ b/libexec/identd/config.c @@ -0,0 +1,46 @@ +/* +** config.c This file handles the config file +** +** This program is in the public domain and may be used freely by anyone +** who wants to. +** +** Last update: 6 Dec 1992 +** +** Please send bug fixes/bug reports to: Peter Eriksson +*/ + +#include +#include + +#include "error.h" +#include "identd.h" +#include "paths.h" + + +int parse_config(path, silent_flag) + char *path; + int silent_flag; +{ + FILE *fp; + + if (!path) + path = PATH_CONFIG; + + fp = fopen(path, "r"); + if (!fp) + { + if (silent_flag) + return 0; + + ERROR1("error opening %s", path); + } + + /* + ** Code should go here to parse the config file data. + ** For now we just ignore the contents... + */ + + + fclose(fp); + return 0; +} diff --git a/libexec/identd/error.h b/libexec/identd/error.h new file mode 100644 index 000000000000..e4e9fda45748 --- /dev/null +++ b/libexec/identd/error.h @@ -0,0 +1,42 @@ +/* +** error.h Error handling macros +** +** This program is in the public domain and may be used freely by anyone +** who wants to. +** +** Last update: 19 Aug 1992 +** +** Please send bug fixes/bug reports to: Peter Eriksson +*/ + +#ifndef __ERROR_H__ +#define __ERROR_H__ + +#include + +#define ERROR(fmt) \ + ((syslog_flag ? (syslog(LOG_ERR, fmt),0) : 0), \ + (debug_flag ? (fprintf(stderr, "%d , %d : ERROR : X-DBG : ", \ + lport, fport), \ + fprintf(stderr, fmt), perror(": "), 0) : \ + (printf("%d , %d : ERROR : UNKNOWN-ERROR\r\n", lport, fport), 0)), \ + fflush(stdout), fflush(stderr), exit(1), 0) + + +#define ERROR1(fmt,v1) \ + ((syslog_flag ? (syslog(LOG_ERR, fmt, v1),0) : 0), \ + (debug_flag ? (fprintf(stderr, "%d , %d : ERROR : X-DBG : ", \ + lport, fport), \ + fprintf(stderr, fmt, v1), perror(": "), 0) : \ + (printf("%d , %d : ERROR : UNKNOWN-ERROR\r\n", lport, fport), 0)), \ + fflush(stdout), fflush(stderr), exit(1), 0) + +#define ERROR2(fmt,v1,v2) \ + ((syslog_flag ? (syslog(LOG_ERR, fmt, v1, v2),0) : 0), \ + (debug_flag ? (fprintf(stderr, "%d , %d : ERROR : X-DBG : ", \ + lport, fport), \ + fprintf(stderr, fmt, v1, v2), perror(": "), 0) : \ + (printf("%d , %d : ERROR : UNKNOWN-ERROR\r\n", lport, fport), 0)), \ + fflush(stdout), fflush(stderr), exit(1), 0) + +#endif diff --git a/libexec/identd/identd.8 b/libexec/identd/identd.8 new file mode 100644 index 000000000000..f9f6228c15f4 --- /dev/null +++ b/libexec/identd/identd.8 @@ -0,0 +1,265 @@ +.\" @(#)identd.8 1.9 92/02/11 Lysator +.\" Copyright (c) 1992 Peter Eriksson, Lysator, Linkoping University. +.\" This software has been released into the public domain. +.\" +.TH IDENTD 8 "27 May 1992" +.SH NAME +identd, in.identd \- TCP/IP IDENT protocol server +.SH SYNOPSIS +.B /usr/sbin/in.identd +.RB [ \-i | \-w | \-b ] +.RB [ \-t ] +.RB [ \-u ] +.RB [ \-g ] +.RB [ \-p ] +.RB [ \-a
] +.RB [ \-c ] +.RB [ \-n ] +.RB [ \-o ] +.RB [ \-e ] +.RB [ \-l ] +.RB [ \-V ] +.RB [ \-m ] +.RB [ \-N ] +.RB [ \-d ] +.RB [ kernelfile [ kmemfile ] ] +.SH DESCRIPTION +.IX "identd daemon" "" \fLidentd\fP daemon" +.B identd +is a server which implements the +.SM TCP/IP +proposed standard +.SM IDENT +user identification protocol as specified in the +.SM RFC\s0 1413 +document. +.PP +.B identd +operates by looking up specific +.SM TCP/IP +connections and returning the user name of the +process owning the connection. +.SH ARGUMENTS +The +.B -i +flag, which is the default mode, should be used when starting the +daemon from +.B inetd +with the "nowait" option in the +.B /etc/inetd.conf +file. Use of this mode will make +.B inetd +start one +.B identd +daemon for each connection request. +.PP +The +.B -w +flag should be used when starting the daemon from +.B inetd +with the "wait" option in the +.B /etc/inetd.conf +file . This is the prefered mode of +operation since that will start a copy of +.B identd +at the first connection request and then +.B identd +will handle subsequent requests +without having to do the nlist lookup in the kernel file for +every request as in the +.B -i +mode above. The +.B identd +daemon will run either forever, until a bug +makes it crash or a timeout, as specified by the +.B -t +flag, occurs. +.PP +The +.B -b +flag can be used to make the daemon run in standalone mode without +the assistance from +.B inetd. +This mode is the least prefered mode since +a bug or any other fatal condition in the server will make it terminate +and it will then have to be restarted manually. Other than that is has the +same advantage as the +.B -w +mode in that it parses the nlist only once. +.PP +The +.B -t +option is used to specify the timeout limit. This is the number +of seconds a server started with the +.B -w +flag will wait for new connections before terminating. The server is +automatically restarted by +.B inetd +whenever a new connection is requested +if it has terminated. A suitable value for this is 120 (2 minutes), if +used. It defaults to no timeout (ie, will wait forever, or until a +fatal condition occurs in the server). +.PP +The +.B -u +option is used to specify a user id number which the +.B ident +server should +switch to after binding itself to the +.SM TCP/IP +port if using the +.B -b +mode of operation. +.PP +The +.B -g +option is used to specify a group id number which the +.B ident +server should +switch to after binding itself to the +.SM TCP/IP +port if using the +.B -b +mode of operation. +.PP +The +.B -p +option is used to specify an alternative port number to bind to if using +the +.B -b +mode of operation. It can be specified by name or by number. Defaults to the +.SM IDENT +port (113). +.PP +The +.B -a
+option is used to specify the local address to bind the socket to if using +the +.B -b +mode of operation. Can only be specified by IP address and not by domain +name. Defaults to the +.SM INADDR_ANY +address which normally means all local addresses. +.PP +The +.B -V +flag makes +.B identd +display the version number and the exit. +.PP +The +.B -l +flag tells +.B identd +to use the System logging daemon +.B syslogd +for logging purposes. +.PP +The +.B -o +flag tells +.B identd +to not reveal the operating system type it is run on and to instead +always return "OTHER". +.PP +The +.B -e +flag tells +.B identd +to always return "UNKNOWN-ERROR" instead of the "NO-USER" or +"INVALID-PORT" errors. +.PP +The +.B -c +flags tells +.B identd +to add the optional (according to the IDENT protocol) character set +designator to the reply generated. should be a valid character +set as described in the MIME RFC in upper case characters. +.PP +The +.B -n +flags tells +.B identd +to always return user numbers instead of user names if you wish to +keep the user names a secret. +.PP +The +.B -N +flag makes +.B identd +check for a file ".noident" in each homedirectory for a user which the +daemon is about to return the user name for. It that file exists then the +daemon will give the error +.B HIDDEN-USER +instead of the normal USERID response. +.PP +.B -m +flag makes +.B identd +use a mode of operation that will allow multiple requests to be +processed per session. Each request is specified one per line and +the responses will be returned one per line. The connection will not +be closed until the connecting part closes it's end of the line. +PLEASE NOTE THAT THIS MODE VIOLATES THE PROTOCOL SPECIFICATION AS +IT CURRENTLY STANDS. +.PP +The +.B -d +flag enables some debugging code that normally should NOT +be enabled since that breaks the protocol and may reveal information +that should not be available to outsiders. +.PP +.B kernelfile +defaults to the normally running kernel file. +.PP +.B kmemfile +defaults to the memory space of the normally running kernel. +.SH INSTALLATION +.B identd +is invoked either by the internet server (see +.BR inetd (8C) +) for requests to connect to the +.SM IDENT +port as indicated by the +.B /etc/services +file (see +.BR services (5) +) when using the +.B -w +or +.B -i +modes of operation or started manually by using the +.B -b +mode of operation. +.SH EXAMPLES +Assuming the server is located in +.B /usr/etc/in.identd +one can put either: +.PP +ident stream tcp wait sys /usr/etc/in.identd in.identd -w -t120 +.PP +or: +.PP +ident stream tcp nowait sys /usr/etc/in.identd in.identd -i +.PP +into the +.B /etc/inetd.conf +file. User "sys" should have enough rights to READ the kernel +but NOT to write to it. +.PP +To start it using the +.B -b +mode of operation one can put a line like this into the +.B /etc/rc.local +file: +.PP +/usr/etc/in.identd -b -u2 -g2 +.PP +This will make it run in the background as user 2, group 2 (user "sys", +group "kmem" on SunOS 4.1.1). +.SH SEE ALSO +.BR authuser (3) +.BR inetd.conf (5) +.SH BUGS +The handling of fatal errors could be better. diff --git a/libexec/identd/identd.c b/libexec/identd/identd.c new file mode 100644 index 000000000000..bb96f811742b --- /dev/null +++ b/libexec/identd/identd.c @@ -0,0 +1,629 @@ +/* +** identd.c A TCP/IP link identification protocol server +** +** This program is in the public domain and may be used freely by anyone +** who wants to. +** +** Last update: 22 April 1993 +** +** Please send bug fixes/bug reports to: Peter Eriksson +*/ + +#if defined(IRIX) || defined(SVR4) || defined(NeXT) +# define SIGRETURN_TYPE void +# define SIGRETURN_TYPE_IS_VOID +#else +# define SIGRETURN_TYPE int +#endif + +#ifdef SVR4 +# define STRNET +#endif + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#ifndef _AUX_SOURCE +# include +#endif +#include +#include + +#include +#include + +#include + +#ifndef HPUX7 +# include +#endif + +#if defined(MIPS) || defined(BSD43) +extern int errno; +#endif + +#include "identd.h" +#include "error.h" + +/* Antique unixes do not have these things defined... */ +#ifndef FD_SETSIZE +# define FD_SETSIZE 256 +#endif + +#ifndef FD_SET +# ifndef NFDBITS +# define NFDBITS (sizeof(int) * NBBY) /* bits per mask */ +# endif +# define FD_SET(n, p) ((p)->fds_bits[(n)/NFDBITS] |= (1 << ((n) % NFDBITS))) +#endif + +#ifndef FD_ZERO +# define FD_ZERO(p) bzero((char *)(p), sizeof(*(p))) +#endif + +extern char *version; + +extern void *calloc(); +extern void *malloc(); + + +char *path_unix = NULL; +char *path_kmem = NULL; + +int verbose_flag = 0; +int debug_flag = 0; +int syslog_flag = 0; +int multi_flag = 0; +int other_flag = 0; +int unknown_flag = 0; +int number_flag = 0; +int noident_flag = 0; + +int lport = 0; +int fport = 0; + +char *charset_name = NULL; +char *indirect_host = NULL; +char *indirect_password = NULL; + +static int child_pid; + +#ifdef LOG_DAEMON +static int syslog_facility = LOG_DAEMON; +#endif + +/* +** The structure passing convention for GCC is incompatible with +** Suns own C compiler, so we define our own inet_ntoa() function. +** (This should only affect GCC version 1 I think, a well, this works +** for version 2 also so why bother.. :-) +*/ +#if defined(__GNUC__) && defined(__sparc__) + +#ifdef inet_ntoa +#undef inet_ntoa +#endif + +char *inet_ntoa(ad) + struct in_addr ad; +{ + unsigned long int s_ad; + int a, b, c, d; + static char addr[20]; + + s_ad = ad.s_addr; + d = s_ad % 256; + s_ad /= 256; + c = s_ad % 256; + s_ad /= 256; + b = s_ad % 256; + a = s_ad / 256; + sprintf(addr, "%d.%d.%d.%d", a, b, c, d); + + return addr; +} +#endif + + +/* +** Return the name of the connecting host, or the IP number as a string. +*/ +char *gethost(addr) + struct in_addr *addr; +{ + struct hostent *hp; + + + hp = gethostbyaddr((char *) addr, sizeof(struct in_addr), AF_INET); + if (hp) + return hp->h_name; + else + return inet_ntoa(*addr); +} + +#ifdef USE_SIGALARM +/* +** Exit cleanly after our time's up. +*/ +static SIGRETURN_TYPE +alarm_handler() +{ + if (syslog_flag) + syslog(LOG_DEBUG, "SIGALRM triggered, exiting"); + + exit(0); +} +#endif + + +#if !defined(hpux) && !defined(__hpux) && !defined(SVR4) || defined(_CRAY) +/* +** This is used to clean up zombie child processes +** if the -w or -b options are used. +*/ +static SIGRETURN_TYPE +child_handler() +{ +#if defined(IRIX) || defined(NeXT) + union wait status; +#else + int status; +#endif + + while (wait3(&status, WNOHANG, NULL) > 0) + ; + +#ifndef SIGRETURN_TYPE_IS_VOID + return 0; +#endif +} +#endif + + +char *clearmem(bp, len) + char *bp; + int len; +{ + char *cp; + + cp = bp; + while (len-- > 0) + *cp++ = 0; + + return bp; +} + + +/* +** Main entry point into this daemon +*/ +int main(argc,argv) + int argc; + char *argv[]; +{ + int i, len; + struct sockaddr_in sin; + struct in_addr laddr, faddr; +#ifndef USE_SIGALARM + struct timeval tv; +#endif + + int background_flag = 0; + int timeout = 0; + char *portno = "113"; + char *bind_address = NULL; + int set_uid = 0; + int set_gid = 0; + int inhibit_default_config = 0; + int opt_count = 0; /* Count of option flags */ + +#ifdef __convex__ + argc--; /* get rid of extra argument passed by inetd */ +#endif + + /* + ** Prescan the arguments for "-f" switches + */ + inhibit_default_config = 0; + for (i = 1; i < argc && argv[i][0] == '-'; i++) + if (argv[i][1] == 'f') + inhibit_default_config = 1; + + /* + ** Parse the default config file - if it exists + */ + if (!inhibit_default_config) + parse_config(NULL, 1); + + /* + ** Parse the command line arguments + */ + for (i = 1; i < argc && argv[i][0] == '-'; i++) { + opt_count++; + switch (argv[i][1]) + { + case 'b': /* Start as standalone daemon */ + background_flag = 1; + break; + + case 'w': /* Start from Inetd, wait mode */ + background_flag = 2; + break; + + case 'i': /* Start from Inetd, nowait mode */ + background_flag = 0; + break; + + case 't': + timeout = atoi(argv[i]+2); + break; + + case 'p': + portno = argv[i]+2; + break; + + case 'a': + bind_address = argv[i]+2; + break; + + case 'u': + if (isdigit(argv[i][2])) + set_uid = atoi(argv[i]+2); + else + { + struct passwd *pwd; + + pwd = getpwnam(argv[i]+2); + if (!pwd) + ERROR1("no such user (%s) for -u option", argv[i]+2); + else + { + set_uid = pwd->pw_uid; + set_gid = pwd->pw_gid; + } + } + break; + + case 'g': + if (isdigit(argv[i][2])) + set_gid = atoi(argv[i]+2); + else + { + struct group *grp; + + grp = getgrnam(argv[i]+2); + if (!grp) + ERROR1("no such group (%s) for -g option", argv[i]+2); + else + set_gid = grp->gr_gid; + } + break; + + case 'c': + charset_name = argv[i]+2; + break; + + case 'r': + indirect_host = argv[i]+2; + break; + + case 'l': /* Use the Syslog daemon for logging */ + syslog_flag++; + break; + + case 'o': + other_flag = 1; + break; + + case 'e': + unknown_flag = 1; + break; + + case 'n': + number_flag = 1; + break; + + case 'V': /* Give version of this daemon */ + printf("[in.identd, version %s]\r\n", version); + exit(0); + break; + + case 'v': /* Be verbose */ + verbose_flag++; + break; + + case 'd': /* Enable debugging */ + debug_flag++; + break; + + case 'm': /* Enable multiline queries */ + multi_flag++; + break; + + case 'N': /* Enable users ".noident" files */ + noident_flag++; + break; + } + } + +#if defined(_AUX_SOURCE) || defined (SUNOS35) + /* A/UX 2.0* & SunOS 3.5 calls us with an argument XXXXXXXX.YYYY + ** where XXXXXXXXX is the hexadecimal version of the callers + ** IP number, and YYYY is the port/socket or something. + ** It seems to be impossible to pass arguments to a daemon started + ** by inetd. + ** + ** Just in case it is started from something else, then we only + ** skip the argument if no option flags have been seen. + */ + if (opt_count == 0) + argc--; +#endif + + /* + ** Path to kernel namelist file specified on command line + */ + if (i < argc) + path_unix = argv[i++]; + + /* + ** Path to kernel memory device specified on command line + */ + if (i < argc) + path_kmem = argv[i++]; + + + /* + ** Open the kernel memory device and read the nlist table + */ + if (k_open() < 0) + ERROR("main: k_open"); + + /* + ** Do the special handling needed for the "-b" flag + */ + if (background_flag == 1) + { + struct sockaddr_in addr; + struct servent *sp; + int fd; + + + if (fork()) + exit(0); + + close(0); + close(1); + close(2); + + if (fork()) + exit(0); + + fd = socket(AF_INET, SOCK_STREAM, 0); + if (fd == -1) + ERROR("main: socket"); + + if (fd != 0) + dup2(fd, 0); + + clearmem(&addr, sizeof(addr)); + + addr.sin_family = AF_INET; + if (bind_address == NULL) + addr.sin_addr.s_addr = htonl(INADDR_ANY); + else + { + if (isdigit(bind_address[0])) + addr.sin_addr.s_addr = inet_addr(bind_address); + else + { + struct hostent *hp; + + hp = gethostbyname(bind_address); + if (!hp) + ERROR1("no such address (%s) for -a switch", bind_address); + + /* This is ugly, should use memcpy() or bcopy() but... */ + addr.sin_addr.s_addr = * (unsigned long *) (hp->h_addr); + } + } + + if (isdigit(portno[0])) + addr.sin_port = htons(atoi(portno)); + else + { + sp = getservbyname(portno, "tcp"); + if (sp == NULL) + ERROR1("main: getservbyname: %s", portno); + addr.sin_port = sp->s_port; + } + + if (bind(0, (struct sockaddr *) &addr, sizeof(addr)) < 0) + ERROR("main: bind"); + + if (listen(0, 3) < 0) + ERROR("main: listen"); + } + + if (set_gid) + if (setgid(set_gid) == -1) + ERROR("main: setgid"); + + if (set_uid) + if (setuid(set_uid) == -1) + ERROR("main: setuid"); + + /* + ** Do some special handling if the "-b" or "-w" flags are used + */ + if (background_flag) + { + int nfds, fd; + fd_set read_set; + + + /* + ** Set up the SIGCHLD signal child termination handler so + ** that we can avoid zombie processes hanging around and + ** handle childs terminating before being able to complete the + ** handshake. + */ +#if (defined(SVR4) || defined(hpux) || defined(__hpux) || \ + defined(_CRAY) || defined(_AUX_SOURCE)) + signal(SIGCHLD, SIG_IGN); +#else + signal(SIGCHLD, (SIGRETURN_TYPE (*)()) child_handler); +#endif + + /* + ** Loop and dispatch client handling processes + */ + do + { +#ifdef USE_SIGALARM + /* + ** Terminate if we've been idle for 'timeout' seconds + */ + if (background_flag == 2 && timeout) + { + signal(SIGALRM, alarm_handler); + alarm(timeout); + } +#endif + + /* + ** Wait for a connection request to occur. + ** Ignore EINTR (Interrupted System Call). + */ + do + { + FD_ZERO(&read_set); + FD_SET(0, &read_set); + +#ifndef USE_SIGALARM + if (timeout) + { + tv.tv_sec = timeout; + tv.tv_usec = 0; + nfds = select(FD_SETSIZE, &read_set, NULL, NULL, &tv); + } + else +#endif + + nfds = select(FD_SETSIZE, &read_set, NULL, NULL, NULL); + } while (nfds < 0 && errno == EINTR); + + /* + ** An error occured in select? Just die + */ + if (nfds < 0) + ERROR("main: select"); + + /* + ** Timeout limit reached. Exit nicely + */ + if (nfds == 0) + exit(0); + +#ifdef USE_SIGALARM + /* + ** Disable the alarm timeout + */ + alarm(0); +#endif + + /* + ** Accept the new client + */ + fd = accept(0, NULL, NULL); + if (fd == -1) + ERROR1("main: accept. errno = %d", errno); + + /* + ** And fork, then close the fd if we are the parent. + */ + child_pid = fork(); + } while (child_pid && (close(fd), 1)); + + /* + ** We are now in child, the parent has returned to "do" above. + */ + if (dup2(fd, 0) == -1) + ERROR("main: dup2: failed fd 0"); + + if (dup2(fd, 1) == -1) + ERROR("main: dup2: failed fd 1"); + + if (dup2(fd, 2) == -1) + ERROR("main: dup2: failed fd 2"); + } + + /* + ** Get foreign internet address + */ + len = sizeof(sin); + if (getpeername(0, (struct sockaddr *) &sin, &len) == -1) + { + /* + ** A user has tried to start us from the command line or + ** the network link died, in which case this message won't + ** reach to other end anyway, so lets give the poor user some + ** errors. + */ + perror("in.identd: getpeername()"); + exit(1); + } + + faddr = sin.sin_addr; + + + /* + ** Open the connection to the Syslog daemon if requested + */ + if (syslog_flag) + { +#ifdef LOG_DAEMON + openlog("identd", LOG_PID, syslog_facility); +#else + openlog("identd", LOG_PID); +#endif + + syslog(LOG_INFO, "Connection from %s", gethost(&faddr)); + } + + + /* + ** Get local internet address + */ + len = sizeof(sin); +#ifdef ATTSVR4 + if (t_getsockname(0, (struct sockaddr *) &sin, &len) == -1) +#else + if (getsockname(0, (struct sockaddr *) &sin, &len) == -1) +#endif + { + /* + ** We can just die here, because if this fails then the + ** network has died and we haven't got anyone to return + ** errors to. + */ + exit(1); + } + laddr = sin.sin_addr; + + + /* + ** Get the local/foreign port pair from the luser + */ + parse(stdin, &laddr, &faddr); + + exit(0); +} diff --git a/libexec/identd/identd.h b/libexec/identd/identd.h new file mode 100644 index 000000000000..6268faf7956f --- /dev/null +++ b/libexec/identd/identd.h @@ -0,0 +1,43 @@ +/* +** identd.h Common variables for the Pidentd daemon +** +** This program is in the public domain and may be used freely by anyone +** who wants to. +** +** Last update: 6 Dec 1992 +** +** Please send bug fixes/bug reports to: Peter Eriksson +*/ + +#ifndef __IDENTD_H__ +#define __IDENTD_H__ + +extern char *version; + +extern char *path_unix; +extern char *path_kmem; + +extern int verbose_flag; +extern int debug_flag; +extern int syslog_flag; +extern int multi_flag; +extern int other_flag; +extern int unknown_flag; +extern int number_flag; +extern int noident_flag; + +extern char *charset_name; +extern char *indirect_host; +extern char *indirect_password; + +extern int lport; +extern int fport; + +extern char *gethost(); + +extern int k_open(); +extern int k_getuid(); +extern int parse(); +extern int parse_config(); + +#endif diff --git a/libexec/identd/netbsd.c b/libexec/identd/netbsd.c new file mode 100644 index 000000000000..9a294e413207 --- /dev/null +++ b/libexec/identd/netbsd.c @@ -0,0 +1,235 @@ +/* +** kernel/386bsd.c Low level kernel access functions for 386BSD +** +** This program is in the public domain and may be used freely by anyone +** who wants to. +** +** Last update: 17 March 1993 +** +** Please send bug fixes/bug reports to: Peter Eriksson +*/ + +#include +#include +#include +#include +#include +#include +#include + +#include "kvm.h" + +#include +#include +#include +#include +#include + +#include + +#define KERNEL + +#include + +#undef KERNEL +#include + +#include + +#include + +#include + +#include +#include +#include + +#include +#include + +#include + +#include +#include +#include +#include + +#include + +#include "identd.h" +#include "error.h" + + +extern void *calloc(); +extern void *malloc(); + + +struct nlist nl[] = +{ +#define N_FILE 0 +#define N_NFILE 1 +#define N_TCB 2 + + { "_filehead" }, + { "_nfiles" }, + { "_tcb" }, + { "" } +}; + + +static struct file *xfile; +static int nfile; + +static struct inpcb tcb; + + +int k_open() +{ + int kd; + + /* + ** Open the kernel memory device + */ + if ((kd = kvm_openfiles(path_unix, path_kmem, NULL))) + ERROR("main: kvm_open"); + + /* + ** Extract offsets to the needed variables in the kernel + */ + if (kvm_nlist(nl) < 0) + ERROR("main: kvm_nlist"); + + return 0; +} + + +/* +** Get a piece of kernel memory with error handling. +** Returns 1 if call succeeded, else 0 (zero). +*/ +static int getbuf(addr, buf, len, what) + long addr; + char *buf; + int len; + char *what; +{ + if (kvm_read(addr, buf, len) < 0) + { + if (syslog_flag) + syslog(LOG_ERR, "getbuf: kvm_read(%08x, %d) - %s : %m", + addr, len, what); + + return 0; + } + + return 1; +} + + + +/* +** Traverse the inpcb list until a match is found. +** Returns NULL if no match. +*/ +static struct socket * + getlist(pcbp, faddr, fport, laddr, lport) + struct inpcb *pcbp; + struct in_addr *faddr; + int fport; + struct in_addr *laddr; + int lport; +{ + struct inpcb *head; + + if (!pcbp) + return NULL; + + + head = pcbp->inp_prev; + do + { + if ( pcbp->inp_faddr.s_addr == faddr->s_addr && + pcbp->inp_laddr.s_addr == laddr->s_addr && + pcbp->inp_fport == fport && + pcbp->inp_lport == lport ) + return pcbp->inp_socket; + } while (pcbp->inp_next != head && + getbuf((long) pcbp->inp_next, + pcbp, + sizeof(struct inpcb), + "tcblist")); + + return NULL; +} + + + +/* +** Return the user number for the connection owner +*/ +int k_getuid(faddr, fport, laddr, lport, uid) + struct in_addr *faddr; + int fport; + struct in_addr *laddr; + int lport; + int *uid; +{ + long addr; + struct socket *sockp; + int i; + struct ucred ucb; + + /* -------------------- FILE DESCRIPTOR TABLE -------------------- */ + if (!getbuf(nl[N_NFILE].n_value, &nfile, sizeof(nfile), "nfile")) + return -1; + + if (!getbuf(nl[N_FILE].n_value, &addr, sizeof(addr), "&file")) + return -1; + + { + int siz = (nfile+10)*sizeof(struct file); + xfile = (struct file *) calloc(nfile+10, sizeof(struct file)); + if (!xfile) + ERROR2("k_getuid: calloc(%d,%d)", nfile+10, sizeof(struct file)); + + if (!getkerninfo(KINFO_FILE, xfile, &siz, 0)) + { + ERROR("k_getuid: getkerninfo"); + return -1; + } + xfile = (struct file *)((char *)xfile + sizeof(filehead)); + } + + /* -------------------- TCP PCB LIST -------------------- */ + if (!getbuf(nl[N_TCB].n_value, &tcb, sizeof(tcb), "tcb")) + return -1; + + tcb.inp_prev = (struct inpcb *) nl[N_TCB].n_value; + sockp = getlist(&tcb, faddr, fport, laddr, lport); + + if (!sockp) + return -1; + + /* + ** Locate the file descriptor that has the socket in question + ** open so that we can get the 'ucred' information + */ + for (i = 0; i < nfile; i++) + { + if (xfile[i].f_count == 0) + continue; + + if (xfile[i].f_type == DTYPE_SOCKET && + (struct socket *) xfile[i].f_data == sockp) + { + if (!getbuf(xfile[i].f_cred, &ucb, sizeof(ucb), "ucb")) + return -1; + + *uid = ucb.cr_uid; + return 0; + } + } + + return -1; +} + diff --git a/libexec/identd/parse.c b/libexec/identd/parse.c new file mode 100644 index 000000000000..949e908c385d --- /dev/null +++ b/libexec/identd/parse.c @@ -0,0 +1,399 @@ +/* +** parse.c This file contains the protocol parser +** +** This program is in the public domain and may be used freely by anyone +** who wants to. +** +** Last update: 6 Dec 1992 +** +** Please send bug fixes/bug reports to: Peter Eriksson +*/ + +#include +#include +#include +#include + +#include +#include + +#ifndef HPUX7 +# include +#endif + +#ifdef HAVE_KVM +# include +#else +# include "kvm.h" +#endif + +#include +#include + +#if defined(MIPS) || defined(BSD43) +extern int errno; +#endif + +#include "identd.h" +#include "error.h" + +extern void *malloc(); + +/* +** This function will eat whitespace characters until +** either a non-whitespace character is read, or EOF +** occurs. This function is only used if the "-m" option +** is enabled. +*/ +static int eat_whitespace() +{ + int c; + + + while ((c = getchar()) != EOF && + !(c == '\r' || c == '\n')) + ; + + if (c != EOF) + while ((c = getchar()) != EOF && + (c == ' ' || c == '\t' || c == '\n' || c == '\r')) + ; + + if (c != EOF) + ungetc(c, stdin); + + return (c != EOF); +} + + +#ifdef INCLUDE_EXTENSIONS +/* +** Validate an indirect request +*/ +static int valid_fhost(faddr, password) + struct in_addr *faddr; + char *password; +{ + if (indirect_host == NULL) + return 0; + + if (strcmp(indirect_host, "*") != 0) + { + if (isdigit(indirect_host[0])) + { + if (strcmp(inet_ntoa(*faddr), indirect_host)) + { + syslog(LOG_NOTICE, "valid_fhost: Access Denied for: %s", + gethost(faddr)); + return 0; + } + } + else + { + if (strcmp(gethost(faddr), indirect_host)) + { + syslog(LOG_NOTICE, "valid_fhost: Access Denied for: %s", + gethost(faddr)); + return 0; + } + } + } + + if (indirect_password == NULL) + return 1; + + if (strcmp(password, indirect_password)) + { + syslog(LOG_NOTICE, "valid_fhost: Invalid password from: %s", + gethost(faddr)); + return 0; + } + + return 1; +} +#endif + +/* +** A small routine to check for the existance of the ".noident" +** file in a users home directory. +*/ +static int check_noident(homedir) + char *homedir; +{ + char *tmp_path; + struct stat sbuf; + int rcode; + + + if (!homedir) + return 0; + + tmp_path = (char *) malloc(strlen(homedir) + sizeof("/.noident") + 1); + if (!tmp_path) + return 0; + + strcpy(tmp_path, homedir); + strcat(tmp_path, "/.noident"); + + rcode = stat(tmp_path, &sbuf); + free(tmp_path); + + return (rcode == 0); +} + + +int parse(fp, laddr, faddr) + FILE *fp; + struct in_addr *laddr, *faddr; +{ + int uid, try, rcode; + struct passwd *pwp; + char lhostaddr[16]; + char fhostaddr[16]; + char password[33]; +#ifdef INCLUDE_EXTENSIONS + char arg[33]; + int c; +#endif + struct in_addr laddr2; + struct in_addr faddr2; + + + if (debug_flag && syslog_flag) + syslog(LOG_DEBUG, "In function parse()"); + + /* + ** Get the local/foreign port pair from the luser + */ + do + { + if (debug_flag && syslog_flag) + syslog(LOG_DEBUG, " Before fscanf()"); + + faddr2 = *faddr; + laddr2 = *laddr; + lport = fport = 0; + lhostaddr[0] = fhostaddr[0] = password[0] = '\0'; + + /* Read query from client */ + rcode = fscanf(fp, " %d , %d", &lport, &fport); + +#ifdef INCLUDE_EXTENSIONS + /* + ** Do additional parsing in case of extended request + */ + if (rcode == 0) + { + rcode = fscanf(fp, "%32[^ \t\n\r:]", arg); + + /* Skip leading space up to EOF, EOL or non-space char */ + while ((c = getc(fp)) == ' ' || c == '\t') + ; + + if (rcode <= 0) + { + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); + continue; + } + + /* + ** Non-standard extended request, returns with Pidentd + ** version information + */ + if (strcmp(arg, "VERSION") == 0) + { + printf("%d , %d : ERROR : X-VERSION : %s\r\n", lport, fport, + version); + continue; + } + + /* + ** Non-standard extended proxy request + */ + else if (strcmp(arg, "PROXY") == 0 && c == ':') + { + /* We have a colon char, check for port numbers */ + rcode = fscanf(fp, " %d , %d : %15[0-9.] , %15[0-9.]", + &lport, &fport, fhostaddr, lhostaddr); + + if (!(rcode == 3 || rcode == 4)) + { + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); + continue; + } + + if (rcode == 4) + laddr2.s_addr = inet_addr(lhostaddr); + + faddr2.s_addr = inet_addr(fhostaddr); + + proxy(&laddr2, &faddr2, lport, fport, NULL); + continue; + } + + /* + ** Non-standard extended remote indirect request + */ + else if (strcmp(arg, "REMOTE") == 0 && c == ':') + { + /* We have a colon char, check for port numbers */ + rcode = fscanf(fp, " %d , %d", &lport, &fport); + + /* Skip leading space up to EOF, EOL or non-space char */ + while ((c = getc(fp)) == ' ' || c == '\t') + ; + + if (rcode != 2 || c != ':') + { + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); + continue; + } + + /* We have a colon char, check for addr and password */ + rcode = fscanf(fp, " %15[0-9.] , %32[^ \t\r\n]", + fhostaddr, password); + if (rcode > 0) + rcode += 2; + else + { + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); + continue; + } + + /* + ** Verify that the host originating the indirect request + ** is allowed to do that + */ + if (!valid_fhost(faddr, password)) + { + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-ACCESS-DENIED"); + continue; + } + + faddr2.s_addr = inet_addr(fhostaddr); + } + + else + { + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); + continue; + } + } +#endif /* EXTENSIONS */ + + if (rcode < 2 || lport < 1 || lport > 65535 || fport < 1 || fport > 65535) + { + if (syslog_flag && rcode > 0) + syslog(LOG_NOTICE, "scanf: invalid-port(s): %d , %d from %s", + lport, fport, gethost(faddr)); + + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "INVALID-PORT"); + continue; + } + + if (debug_flag && syslog_flag) + syslog(LOG_DEBUG, " After fscanf(), before k_getuid()"); + + /* + ** Next - get the specific TCP connection and return the + ** uid - user number. + ** + ** Try to fetch the information 5 times incase the + ** kernel changed beneath us and we missed or took + ** a fault. + */ + for (try = 0; + (try < 5 && + k_getuid(&faddr2, htons(fport), laddr, htons(lport), &uid) == -1); + try++) + ; + + if (try >= 5) + { + if (syslog_flag) + syslog(LOG_DEBUG, "Returned: %d , %d : NO-USER", lport, fport); + + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "NO-USER"); + continue; + } + + if (try > 0 && syslog_flag) + syslog(LOG_NOTICE, "k_getuid retries: %d", try); + + if (debug_flag && syslog_flag) + syslog(LOG_DEBUG, " After k_getuid(), before getpwuid()"); + + /* + ** Then we should try to get the username. If that fails we + ** return it as an OTHER identifier + */ + pwp = getpwuid(uid); + + if (!pwp) + { + if (syslog_flag) + syslog(LOG_WARNING, "getpwuid() could not map uid (%d) to name", + uid); + + printf("%d , %d : USERID : OTHER%s%s : %d\r\n", + lport, fport, + charset_name ? " , " : "", + charset_name ? charset_name : "", + uid); + continue; + } + + /* + ** Hey! We finally made it!!! + */ + if (syslog_flag) + syslog(LOG_DEBUG, "Successful lookup: %d , %d : %s\n", + lport, fport, pwp->pw_name); + + if (noident_flag && check_noident(pwp->pw_dir)) + { + if (syslog_flag) + syslog(LOG_NOTICE, "User %s requested HIDDEN-USER for host %s: %d, %d", + pwp->pw_name, + gethost(faddr), + lport, fport); + + printf("%d , %d : ERROR : HIDDEN-USER\r\n", + lport, fport); + continue; + } + + if (number_flag) + printf("%d , %d : USERID : OTHER%s%s : %d\r\n", + lport, fport, + charset_name ? " , " : "", + charset_name ? charset_name : "", + uid); + else + printf("%d , %d : USERID : %s%s%s : %s\r\n", + lport, fport, + other_flag ? "OTHER" : "UNIX", + charset_name ? " , " : "", + charset_name ? charset_name : "", + pwp->pw_name); + + } while(fflush(stdout), fflush(stderr), multi_flag && eat_whitespace()); + + return 0; +} diff --git a/libexec/identd/paths.h b/libexec/identd/paths.h new file mode 100644 index 000000000000..8d1b501c5e2c --- /dev/null +++ b/libexec/identd/paths.h @@ -0,0 +1,62 @@ +/* +** paths.h Common path definitions for the in.identd daemon +** +** Last update: 11 Dec 1992 +** +** Please send bug fixes/bug reports to: Peter Eriksson +*/ + +#ifdef SEQUENT +# define _PATH_UNIX "/dynix" +#endif + +#if defined(MIPS) || defined(IRIX) +# define _PATH_UNIX "/unix" +#endif + +#if defined(hpux) || defined(__hpux) +# define _PATH_UNIX "/hp-ux" +#endif + +#ifdef SOLARIS +# define _PATH_UNIX "/dev/ksyms" +#else +# ifdef SVR4 +# define _PATH_UNIX "/stand/unix" +# endif +#endif + +#ifdef BSD43 +# define _PATH_SWAP "/dev/drum" +# define _PATH_MEM "/dev/mem" +#endif + +#ifdef _AUX_SOURCE +# define _PATH_UNIX "/unix" +#endif + +#ifdef _CRAY +# define _PATH_UNIX "/unicos" +# define _PATH_MEM "/dev/mem" +#endif + +#ifdef NeXT +# define _PATH_UNIX "/mach" +#endif + + +/* + * Some defaults... + */ +#ifndef _PATH_KMEM +# define _PATH_KMEM "/dev/kmem" +#endif + +#ifndef _PATH_UNIX +# define _PATH_UNIX "/vmunix" +#endif + + +#ifndef PATH_CONFIG +# define PATH_CONFIG "/etc/identd.conf" +#endif diff --git a/libexec/identd/proxy.c b/libexec/identd/proxy.c new file mode 100644 index 000000000000..9c1a6b693108 --- /dev/null +++ b/libexec/identd/proxy.c @@ -0,0 +1,98 @@ +/* +** proxy.c This file implements the proxy() call. +** +** This program is in the public domain and may be used freely by anyone +** who wants to. +** +** Last update: 12 Dec 1992 +** +** Please send bug fixes/bug reports to: Peter Eriksson +*/ + +#include +#include + +#include "identd.h" + + +#ifdef INCLUDE_PROXY +#include +#include +#include + +#include +#endif + + +/* +** This function should establish a connection to a remote IDENT +** server and query it for the information associated with the +** specified connection and the return that to the caller. +** +** Should there be three different timeouts (Connection Establishment, +** Query Transmit and Query Receive)? +*/ +int proxy(laddr, faddr, lport, fport, timeout) + struct in_addr *laddr; + struct in_addr *faddr; + int lport; + int fport; + struct timeval *timeout; +{ +#ifndef INCLUDE_PROXY + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-NOT-YET-IMPLEMENTED"); + + return -1; +#else + id_t *idp; + char *answer; + char *opsys; + char *charset; + + idp = id_open(laddr, faddr, timeout); + if (!idp) + { + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-CONNECTION-REFUSED"); + return -1; + } + + if (id_query(idp, lport, fport, timeout) < 0) + { + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-TRANSMIT-QUERY-ERROR"); + id_close(idp); + return -1; + } + + switch (id_parse(idp, timeout, &lport, &fport, &answer, &opsys, &charset)) + { + case 1: + printf("%d , %d : USERID : %s %s%s : %s\r\n", + lport, fport, + opsys, + charset ? "," : "", + charset ? charset : "", + answer); + break; + + case 2: + printf("%d , %d : ERROR : %s\r\n", + lport, fport, answer); + break; + + case 0: /* More to parse - fix this later! */ + case -1: /* Internal error */ + default: + printf("%d , %d : ERROR : %s\r\n", + lport, fport, + unknown_flag ? "UNKNOWN-ERROR" : "X-PARSE-REPLY-ERROR"); + } + + id_close(idp); +#endif +} diff --git a/libexec/identd/version.c b/libexec/identd/version.c new file mode 100644 index 000000000000..d1e5837005d9 --- /dev/null +++ b/libexec/identd/version.c @@ -0,0 +1 @@ +char *version = "2.1.2";