]>
git.saurik.com Git - apple/network_cmds.git/blob - identd.tproj/parse.c
2 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights
7 * Reserved. This file contains Original Code and/or Modifications of
8 * Original Code as defined in and that are subject to the Apple Public
9 * Source License Version 1.0 (the 'License'). You may not use this file
10 * except in compliance with the License. Please obtain a copy of the
11 * License at http://www.apple.com/publicsource and read it before using
14 * The Original Code and all software distributed under the License are
15 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
16 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
17 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
19 * License for the specific language governing rights and limitations
22 * @APPLE_LICENSE_HEADER_END@
25 ** $Id: parse.c,v 1.2 2000/10/03 02:38:32 lindak Exp $
27 ** parse.c This file contains the protocol parser
29 ** This program is in the public domain and may be used freely by anyone
32 ** Last update: 6 Dec 1992
34 ** Please send bug fixes/bug reports to: Peter Eriksson <pen@lysator.liu.se>
42 #include <sys/types.h>
43 #include <netinet/in.h>
46 # include <arpa/inet.h>
52 #include <sys/types.h>
55 #if defined(MIPS) || defined(BSD43)
62 extern void *malloc();
65 ** This function will eat whitespace characters until
66 ** either a non-whitespace character is read, or EOF
67 ** occurs. This function is only used if the "-m" option
70 static int eat_whitespace()
75 while ((c
= getchar()) != EOF
&&
76 !(c
== '\r' || c
== '\n'))
80 while ((c
= getchar()) != EOF
&&
81 (c
== ' ' || c
== '\t' || c
== '\n' || c
== '\r'))
91 #ifdef INCLUDE_EXTENSIONS
93 ** Validate an indirect request
95 static int valid_fhost(faddr
, password
)
96 struct in_addr
*faddr
;
99 if (indirect_host
== NULL
)
102 if (strcmp(indirect_host
, "*") != 0)
104 if (isdigit(indirect_host
[0]))
106 if (strcmp(inet_ntoa(*faddr
), indirect_host
))
108 syslog(LOG_NOTICE
, "valid_fhost: access denied for: %s",
115 if (strcmp(gethost(faddr
), indirect_host
))
117 syslog(LOG_NOTICE
, "valid_fhost: access denied for: %s",
124 if (indirect_password
== NULL
)
127 if (strcmp(password
, indirect_password
))
129 syslog(LOG_NOTICE
, "valid_fhost: invalid password from: %s",
139 ** A small routine to check for the existance of the ".noident"
140 ** file in a users home directory.
142 static int check_noident(homedir
)
153 tmp_path
= (char *) malloc(strlen(homedir
) + sizeof("/.noident") + 1);
157 strcpy(tmp_path
, homedir
);
158 strcat(tmp_path
, "/.noident");
160 rcode
= stat(tmp_path
, &sbuf
);
167 int parse(fp
, laddr
, faddr
)
169 struct in_addr
*laddr
, *faddr
;
176 #ifdef INCLUDE_EXTENSIONS
180 struct in_addr laddr2
;
181 struct in_addr faddr2
;
184 if (debug_flag
&& syslog_flag
)
185 syslog(LOG_DEBUG
, "In function parse()");
188 ** Get the local/foreign port pair from the luser
192 if (debug_flag
&& syslog_flag
)
193 syslog(LOG_DEBUG
, " Before fscanf()");
198 lhostaddr
[0] = fhostaddr
[0] = password
[0] = '\0';
200 /* Read query from client */
201 rcode
= fscanf(fp
, " %d , %d", &lport
, &fport
);
203 #ifdef INCLUDE_EXTENSIONS
205 ** Do additional parsing in case of extended request
209 rcode
= fscanf(fp
, "%32[^ \t\n\r:]", arg
);
211 /* Skip leading space up to EOF, EOL or non-space char */
212 while ((c
= getc(fp
)) == ' ' || c
== '\t')
217 printf("%d , %d : ERROR : %s\r\n",
219 unknown_flag
? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
224 ** Non-standard extended request, returns with Pidentd
225 ** version information
227 if (strcmp(arg
, "VERSION") == 0)
229 printf("%d , %d : ERROR : X-VERSION : %s\r\n", lport
, fport
,
235 ** Non-standard extended proxy request
237 else if (strcmp(arg
, "PROXY") == 0 && c
== ':')
239 /* We have a colon char, check for port numbers */
240 rcode
= fscanf(fp
, " %d , %d : %15[0-9.] , %15[0-9.]",
241 &lport
, &fport
, fhostaddr
, lhostaddr
);
243 if (!(rcode
== 3 || rcode
== 4))
245 printf("%d , %d : ERROR : %s\r\n",
247 unknown_flag
? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
252 laddr2
.s_addr
= inet_addr(lhostaddr
);
254 faddr2
.s_addr
= inet_addr(fhostaddr
);
256 proxy(&laddr2
, &faddr2
, lport
, fport
, NULL
);
261 ** Non-standard extended remote indirect request
263 else if (strcmp(arg
, "REMOTE") == 0 && c
== ':')
265 /* We have a colon char, check for port numbers */
266 rcode
= fscanf(fp
, " %d , %d", &lport
, &fport
);
268 /* Skip leading space up to EOF, EOL or non-space char */
269 while ((c
= getc(fp
)) == ' ' || c
== '\t')
272 if (rcode
!= 2 || c
!= ':')
274 printf("%d , %d : ERROR : %s\r\n",
276 unknown_flag
? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
280 /* We have a colon char, check for addr and password */
281 rcode
= fscanf(fp
, " %15[0-9.] , %32[^ \t\r\n]",
282 fhostaddr
, password
);
287 printf("%d , %d : ERROR : %s\r\n",
289 unknown_flag
? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
294 ** Verify that the host originating the indirect request
295 ** is allowed to do that
297 if (!valid_fhost(faddr
, password
))
299 printf("%d , %d : ERROR : %s\r\n",
301 unknown_flag
? "UNKNOWN-ERROR" : "X-ACCESS-DENIED");
305 faddr2
.s_addr
= inet_addr(fhostaddr
);
310 printf("%d , %d : ERROR : %s\r\n",
312 unknown_flag
? "UNKNOWN-ERROR" : "X-INVALID-REQUEST");
316 #endif /* EXTENSIONS */
318 if (rcode
< 2 || lport
< 1 || lport
> 65535 || fport
< 1 || fport
> 65535)
320 if (syslog_flag
&& rcode
> 0)
321 syslog(LOG_NOTICE
, "scanf: invalid-port(s): %d , %d from %s",
322 lport
, fport
, gethost(faddr
));
324 printf("%d , %d : ERROR : %s\r\n",
326 unknown_flag
? "UNKNOWN-ERROR" : "INVALID-PORT");
330 if (syslog_flag
&& verbose_flag
)
331 syslog(LOG_NOTICE
, "request for (%d,%d) from %s",
332 lport
, fport
, gethost(faddr
));
334 if (debug_flag
&& syslog_flag
)
335 syslog(LOG_DEBUG
, " After fscanf(), before k_getuid()");
338 ** Next - get the specific TCP connection and return the
339 ** uid - user number.
341 ** Try to fetch the information 5 times incase the
342 ** kernel changed beneath us and we missed or took
347 k_getuid(&faddr2
, htons(fport
), laddr
, htons(lport
), &uid
) == -1);
354 syslog(LOG_DEBUG
, "Returned: %d , %d : NO-USER", lport
, fport
);
356 printf("%d , %d : ERROR : %s\r\n",
358 unknown_flag
? "UNKNOWN-ERROR" : "NO-USER");
362 if (try > 0 && syslog_flag
)
363 syslog(LOG_NOTICE
, "k_getuid retries: %d", try);
365 if (debug_flag
&& syslog_flag
)
366 syslog(LOG_DEBUG
, " After k_getuid(), before getpwuid()");
369 ** Then we should try to get the username. If that fails we
370 ** return it as an OTHER identifier
377 syslog(LOG_WARNING
, "getpwuid() could not map uid (%d) to name",
380 printf("%d , %d : USERID : OTHER%s%s : %d\r\n",
382 charset_name
? " , " : "",
383 charset_name
? charset_name
: "",
389 ** Hey! We finally made it!!!
392 syslog(LOG_DEBUG
, "Successful lookup: %d , %d : %s",
393 lport
, fport
, pwp
->pw_name
);
395 if (noident_flag
&& check_noident(pwp
->pw_dir
))
397 if (syslog_flag
&& verbose_flag
)
398 syslog(LOG_NOTICE
, "user %s requested HIDDEN-USER for host %s: %d, %d",
403 printf("%d , %d : ERROR : HIDDEN-USER\r\n",
409 printf("%d , %d : USERID : OTHER%s%s : %d\r\n",
411 charset_name
? " , " : "",
412 charset_name
? charset_name
: "",
415 printf("%d , %d : USERID : %s%s%s : %s\r\n",
417 other_flag
? "OTHER" : "UNIX",
418 charset_name
? " , " : "",
419 charset_name
? charset_name
: "",
422 } while(fflush(stdout
), fflush(stderr
), multi_flag
&& eat_whitespace());
projects / apple / network_cmds.git / blob