]> git.saurik.com Git - apple/network_cmds.git/blob - sliplogin.tproj/sliplogin.c
projects / apple / network_cmds.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
network_cmds-85.tar.gz
[apple/network_cmds.git] / sliplogin.tproj / sliplogin.c
1 /*
2 * Copyright (c) 1999 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * "Portions Copyright (c) 1999 Apple Computer, Inc. All Rights
7 * Reserved. This file contains Original Code and/or Modifications of
8 * Original Code as defined in and that are subject to the Apple Public
9 * Source License Version 1.0 (the 'License'). You may not use this file
10 * except in compliance with the License. Please obtain a copy of the
11 * License at http://www.apple.com/publicsource and read it before using
12 * this file.
13 *
14 * The Original Code and all software distributed under the License are
15 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
16 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
17 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
19 * License for the specific language governing rights and limitations
20 * under the License."
21 *
22 * @APPLE_LICENSE_HEADER_END@
23 */
24 /*-
25 * Copyright (c) 1990, 1993
26 * The Regents of the University of California. All rights reserved.
27 *
28 * Redistribution and use in source and binary forms, with or without
29 * modification, are permitted provided that the following conditions
30 * are met:
31 * 1. Redistributions of source code must retain the above copyright
32 * notice, this list of conditions and the following disclaimer.
33 * 2. Redistributions in binary form must reproduce the above copyright
34 * notice, this list of conditions and the following disclaimer in the
35 * documentation and/or other materials provided with the distribution.
36 * 3. All advertising materials mentioning features or use of this software
37 * must display the following acknowledgement:
38 * This product includes software developed by the University of
39 * California, Berkeley and its contributors.
40 * 4. Neither the name of the University nor the names of its contributors
41 * may be used to endorse or promote products derived from this software
42 * without specific prior written permission.
43 *
44 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
45 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
46 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
47 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
48 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
49 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
50 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
51 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
52 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
53 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
54 * SUCH DAMAGE.
55 */
56
57 #ifndef lint
58 static char copyright[] =
59 "@(#) Copyright (c) 1990, 1993\n\
60 The Regents of the University of California. All rights reserved.\n";
61 #endif /* not lint */
62
63 #ifndef lint
64 static char sccsid[] = "@(#)sliplogin.c 8.2 (Berkeley) 2/1/94";
65 #endif /* not lint */
66
67 /*
68 * sliplogin.c
69 * [MUST BE RUN SUID, SLOPEN DOES A SUSER()!]
70 *
71 * This program initializes its own tty port to be an async TCP/IP interface.
72 * It sets the line discipline to slip, invokes a shell script to initialize
73 * the network interface, then pauses forever waiting for hangup.
74 *
75 * It is a remote descendant of several similar programs with incestuous ties:
76 * - Kirk Smith's slipconf, modified by Richard Johnsson @ DEC WRL.
77 * - slattach, probably by Rick Adams but touched by countless hordes.
78 * - the original sliplogin for 4.2bsd, Doug Kingston the mover behind it.
79 *
80 * There are two forms of usage:
81 *
82 * "sliplogin"
83 * Invoked simply as "sliplogin", the program looks up the username
84 * in the file /etc/slip.hosts.
85 * If an entry is found, the line on fd0 is configured for SLIP operation
86 * as specified in the file.
87 *
88 * "sliplogin IPhostlogin </dev/ttyb"
89 * Invoked by root with a username, the name is looked up in the
90 * /etc/slip.hosts file and if found fd0 is configured as in case 1.
91 */
92
93 #include <sys/param.h>
94 #include <sys/socket.h>
95 #include <sys/signal.h>
96 #include <sys/file.h>
97 #include <sys/syslog.h>
98 #include <netdb.h>
99
100 #if BSD >= 199006
101 #define POSIX
102 #endif
103 #ifdef POSIX
104 #include <sys/termios.h>
105 #include <sys/ioctl.h>
106 #include <ttyent.h>
107 #else
108 #include <sgtty.h>
109 #endif
110 #include <net/slip.h>
111
112 #include <stdio.h>
113 #include <errno.h>
114 #include <ctype.h>
115 #include <string.h>
116 #include "pathnames.h"
117
118 int unit;
119 int speed;
120 int uid;
121 char loginargs[BUFSIZ];
122 char loginfile[MAXPATHLEN];
123 char loginname[BUFSIZ];
124
125 void
126 findid(name)
127 char *name;
128 {
129 FILE *fp;
130 static char slopt[5][16];
131 static char laddr[16];
132 static char raddr[16];
133 static char mask[16];
134 char user[16];
135 int i, j, n;
136
137 (void)strcpy(loginname, name);
138 if ((fp = fopen(_PATH_ACCESS, "r")) == NULL) {
139 (void)fprintf(stderr, "sliplogin: %s: %s\n",
140 _PATH_ACCESS, strerror(errno));
141 syslog(LOG_ERR, "%s: %m\n", _PATH_ACCESS);
142 exit(1);
143 }
144 while (fgets(loginargs, sizeof(loginargs) - 1, fp)) {
145 if (ferror(fp))
146 break;
147 n = sscanf(loginargs, "%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s\n",
148 user, laddr, raddr, mask, slopt[0], slopt[1],
149 slopt[2], slopt[3], slopt[4]);
150 if (user[0] == '#' || isspace(user[0]))
151 continue;
152 if (strcmp(user, name) != 0)
153 continue;
154
155 /*
156 * we've found the guy we're looking for -- see if
157 * there's a login file we can use. First check for
158 * one specific to this host. If none found, try for
159 * a generic one.
160 */
161 (void)sprintf(loginfile, "%s.%s", _PATH_LOGIN, name);
162 if (access(loginfile, R_OK|X_OK) != 0) {
163 (void)strcpy(loginfile, _PATH_LOGIN);
164 if (access(loginfile, R_OK|X_OK)) {
165 fputs("access denied - no login file\n",
166 stderr);
167 syslog(LOG_ERR,
168 "access denied for %s - no %s\n",
169 name, _PATH_LOGIN);
170 exit(5);
171 }
172 }
173
174 (void) fclose(fp);
175 return;
176 }
177 (void)fprintf(stderr, "SLIP access denied for %s\n", name);
178 syslog(LOG_ERR, "SLIP access denied for %s\n", name);
179 exit(4);
180 /* NOTREACHED */
181 }
182
183 char *
184 sigstr(s)
185 int s;
186 {
187 static char buf[32];
188
189 switch (s) {
190 case SIGHUP: return("HUP");
191 case SIGINT: return("INT");
192 case SIGQUIT: return("QUIT");
193 case SIGILL: return("ILL");
194 case SIGTRAP: return("TRAP");
195 case SIGIOT: return("IOT");
196 case SIGEMT: return("EMT");
197 case SIGFPE: return("FPE");
198 case SIGKILL: return("KILL");
199 case SIGBUS: return("BUS");
200 case SIGSEGV: return("SEGV");
201 case SIGSYS: return("SYS");
202 case SIGPIPE: return("PIPE");
203 case SIGALRM: return("ALRM");
204 case SIGTERM: return("TERM");
205 case SIGURG: return("URG");
206 case SIGSTOP: return("STOP");
207 case SIGTSTP: return("TSTP");
208 case SIGCONT: return("CONT");
209 case SIGCHLD: return("CHLD");
210 case SIGTTIN: return("TTIN");
211 case SIGTTOU: return("TTOU");
212 case SIGIO: return("IO");
213 case SIGXCPU: return("XCPU");
214 case SIGXFSZ: return("XFSZ");
215 case SIGVTALRM: return("VTALRM");
216 case SIGPROF: return("PROF");
217 case SIGWINCH: return("WINCH");
218 #ifdef SIGLOST
219 case SIGLOST: return("LOST");
220 #endif
221 case SIGUSR1: return("USR1");
222 case SIGUSR2: return("USR2");
223 }
224 (void)sprintf(buf, "sig %d", s);
225 return(buf);
226 }
227
228 void
229 hup_handler(s)
230 int s;
231 {
232 char logoutfile[MAXPATHLEN];
233
234 (void)sprintf(logoutfile, "%s.%s", _PATH_LOGOUT, loginname);
235 if (access(logoutfile, R_OK|X_OK) != 0)
236 (void)strcpy(logoutfile, _PATH_LOGOUT);
237 if (access(logoutfile, R_OK|X_OK) == 0) {
238 char logincmd[2*MAXPATHLEN+32];
239
240 (void) sprintf(logincmd, "%s %d %d %s", logoutfile, unit, speed,
241 loginargs);
242 (void) system(logincmd);
243 }
244 (void) close(0);
245 syslog(LOG_INFO, "closed %s slip unit %d (%s)\n", loginname, unit,
246 sigstr(s));
247 exit(1);
248 /* NOTREACHED */
249 }
250
251 main(argc, argv)
252 int argc;
253 char *argv[];
254 {
255 int fd, s, ldisc, odisc;
256 char *name;
257 #ifdef POSIX
258 struct termios tios, otios;
259 #else
260 struct sgttyb tty, otty;
261 #endif
262 char logincmd[2*BUFSIZ+32];
263 extern uid_t getuid();
264
265 if ((name = strrchr(argv[0], '/')) == NULL)
266 name = argv[0];
267 s = getdtablesize();
268 for (fd = 3 ; fd < s ; fd++)
269 (void) close(fd);
270 openlog(name, LOG_PID, LOG_DAEMON);
271 uid = getuid();
272 if (argc > 1) {
273 findid(argv[1]);
274
275 /*
276 * Disassociate from current controlling terminal, if any,
277 * and ensure that the slip line is our controlling terminal.
278 */
279 #ifdef POSIX
280 if (fork() > 0)
281 exit(0);
282 if (setsid() != 0)
283 perror("setsid");
284 #else
285 if ((fd = open("/dev/tty", O_RDONLY, 0)) >= 0) {
286 extern char *ttyname();
287
288 (void) ioctl(fd, TIOCNOTTY, (caddr_t)0);
289 (void) close(fd);
290 /* open slip tty again to acquire as controlling tty? */
291 fd = open(ttyname(0), O_RDWR, 0);
292 if (fd >= 0)
293 (void) close(fd);
294 }
295 (void) setpgrp(0, getpid());
296 #endif
297 if (argc > 2) {
298 if ((fd = open(argv[2], O_RDWR)) == -1) {
299 perror(argv[2]);
300 exit(2);
301 }
302 (void) dup2(fd, 0);
303 if (fd > 2)
304 close(fd);
305 }
306 #ifdef TIOCSCTTY
307 if (ioctl(0, TIOCSCTTY, (caddr_t)0) != 0)
308 perror("ioctl (TIOCSCTTY)");
309 #endif
310 } else {
311 extern char *getlogin();
312
313 if ((name = getlogin()) == NULL) {
314 (void) fprintf(stderr, "access denied - no username\n");
315 syslog(LOG_ERR, "access denied - getlogin returned 0\n");
316 exit(1);
317 }
318 findid(name);
319 }
320 (void) fchmod(0, 0600);
321 (void) fprintf(stderr, "starting slip login for %s\n", loginname);
322 #ifdef POSIX
323 /* set up the line parameters */
324 if (tcgetattr(0, &tios) < 0) {
325 syslog(LOG_ERR, "tcgetattr: %m");
326 exit(1);
327 }
328 otios = tios;
329 cfmakeraw(&tios);
330 tios.c_iflag &= ~IMAXBEL;
331 if (tcsetattr(0, TCSAFLUSH, &tios) < 0) {
332 syslog(LOG_ERR, "tcsetattr: %m");
333 exit(1);
334 }
335 speed = cfgetispeed(&tios);
336 #else
337 /* set up the line parameters */
338 if (ioctl(0, TIOCGETP, (caddr_t)&tty) < 0) {
339 syslog(LOG_ERR, "ioctl (TIOCGETP): %m");
340 exit(1);
341 }
342 otty = tty;
343 speed = tty.sg_ispeed;
344 tty.sg_flags = RAW | ANYP;
345 if (ioctl(0, TIOCSETP, (caddr_t)&tty) < 0) {
346 syslog(LOG_ERR, "ioctl (TIOCSETP): %m");
347 exit(1);
348 }
349 #endif
350 /* find out what ldisc we started with */
351 if (ioctl(0, TIOCGETD, (caddr_t)&odisc) < 0) {
352 syslog(LOG_ERR, "ioctl(TIOCGETD) (1): %m");
353 exit(1);
354 }
355 ldisc = SLIPDISC;
356 if (ioctl(0, TIOCSETD, (caddr_t)&ldisc) < 0) {
357 syslog(LOG_ERR, "ioctl(TIOCSETD): %m");
358 exit(1);
359 }
360 /* find out what unit number we were assigned */
361 if (ioctl(0, SLIOCGUNIT, (caddr_t)&unit) < 0) {
362 syslog(LOG_ERR, "ioctl (SLIOCGUNIT): %m");
363 exit(1);
364 }
365 (void) signal(SIGHUP, hup_handler);
366 (void) signal(SIGTERM, hup_handler);
367
368 syslog(LOG_INFO, "attaching slip unit %d for %s\n", unit, loginname);
369 (void)sprintf(logincmd, "%s %d %d %s", loginfile, unit, speed,
370 loginargs);
371 /*
372 * aim stdout and errout at /dev/null so logincmd output won't
373 * babble into the slip tty line.
374 */
375 (void) close(1);
376 if ((fd = open(_PATH_DEVNULL, O_WRONLY)) != 1) {
377 if (fd < 0) {
378 syslog(LOG_ERR, "open /dev/null: %m");
379 exit(1);
380 }
381 (void) dup2(fd, 1);
382 (void) close(fd);
383 }
384 (void) dup2(1, 2);
385
386 /*
387 * Run login and logout scripts as root (real and effective);
388 * current route(8) is setuid root, and checks the real uid
389 * to see whether changes are allowed (or just "route get").
390 */
391 (void) setuid(0);
392 if (s = system(logincmd)) {
393 syslog(LOG_ERR, "%s login failed: exit status %d from %s",
394 loginname, s, loginfile);
395 (void) ioctl(0, TIOCSETD, (caddr_t)&odisc);
396 exit(6);
397 }
398
399 /* twiddle thumbs until we get a signal */
400 while (1)
401 sigpause(0);
402
403 /* NOTREACHED */
404 }
mirror of network_cmds