diff options
author | markm <markm@FreeBSD.org> | 2002-06-26 17:09:08 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 2002-06-26 17:09:08 +0000 |
commit | 33f0a5804d6d625ff988e6651f2c782d86ec5001 (patch) | |
tree | e66d8c08c92f6a6cac068639316f85421fb2d4d2 /libexec/rshd | |
parent | 741591a6b40f032b21f83aaf9f79ecd33566857e (diff) | |
download | FreeBSD-src-33f0a5804d6d625ff988e6651f2c782d86ec5001.zip FreeBSD-src-33f0a5804d6d625ff988e6651f2c782d86ec5001.tar.gz |
Gut out (by default unused) cruft, and tidy up warnings.
Diffstat (limited to 'libexec/rshd')
-rw-r--r-- | libexec/rshd/Makefile | 11 | ||||
-rw-r--r-- | libexec/rshd/rshd.8 | 19 | ||||
-rw-r--r-- | libexec/rshd/rshd.c | 162 |
3 files changed, 22 insertions, 170 deletions
diff --git a/libexec/rshd/Makefile b/libexec/rshd/Makefile index 4b9091c..9e9d20e 100644 --- a/libexec/rshd/Makefile +++ b/libexec/rshd/Makefile @@ -5,19 +5,12 @@ PROG= rshd SRCS= rshd.c MAN= rshd.8 -#CFLAGS+= -DCRYPT WFORMAT=0 DPADD+= ${LIBUTIL} LDADD+= -lutil -.if !defined(NOPAM) -CFLAGS+= -DUSE_PAM -DPADD+= ${LIBPAM} -LDADD+= ${MINUSLPAM} -.endif - -# IPv6 support -CFLAGS+= -DINET6 +DPADD+= ${LIBUTIL} ${LIBPAM} +LDADD+= -lutil ${MINUSLPAM} .include <bsd.prog.mk> diff --git a/libexec/rshd/rshd.8 b/libexec/rshd/rshd.8 index 81eac4f..76db9e9 100644 --- a/libexec/rshd/rshd.8 +++ b/libexec/rshd/rshd.8 @@ -127,20 +127,6 @@ from doing any validation based on the user's file, unless the user is the superuser. .It -If the file -.Pa /var/run/nologin -exists and the user is not the superuser, -the connection is closed. -The name of the nologin file may be overridden -using the nologin capability in -.Pa /etc/login.conf -according to the local user's login class, -which may also be used to restrict -.Xr rsh 1 -access by -login time (times.allow and times.deny capabilities) -and remote host (hosts.allow and hosts.deny capabilities). -.It A .Tn NUL byte is returned on the initial socket @@ -229,7 +215,6 @@ and is not preceded by a flag byte. .Xr hosts 5 , .Xr hosts.equiv 5 , .Xr login.conf 5 , -.Xr nologin 5 , .Xr services 5 , .Xr named 8 , .Xr rlogind 8 , @@ -240,12 +225,10 @@ and is not preceded by a flag byte. .It Pa /etc/hosts.equiv .It Pa /etc/login.conf .It Ev $HOME Ns Pa /.rhosts -.It Pa /var/run/nologin .Pp .It Pa /etc/pam.conf -If .Nm -is configured with PAM support, it uses +uses .Pa /etc/pam.conf entries with service name .Dq rsh . diff --git a/libexec/rshd/rshd.c b/libexec/rshd/rshd.c index b6665ea..7fa68f1 100644 --- a/libexec/rshd/rshd.c +++ b/libexec/rshd/rshd.c @@ -48,10 +48,11 @@ static const char copyright[] = #if 0 static const char sccsid[] = "@(#)rshd.c 8.2 (Berkeley) 4/6/94"; #endif -static const char rcsid[] = - "$FreeBSD$"; #endif /* not lint */ +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + /* * remote shell server: * [port]\0 @@ -108,9 +109,6 @@ int keepalive = 1; int log_success; /* If TRUE, log all successful accesses */ int sent_null; int no_delay; -#ifdef CRYPT -int doencrypt = 0; -#endif void doit(struct sockaddr *); static void rshd_errx(int, const char *, ...) __printf0like(2, 3); @@ -119,6 +117,9 @@ int local_domain(char *); char *topdomain(char *); void usage(void); +char slash[] = "/"; +char bshell[] = _PATH_BSHELL; + #define OPTIONS "alnDL" int @@ -143,11 +144,6 @@ main(int argc, char *argv[]) case 'n': keepalive = 0; break; -#ifdef CRYPT - case 'x': - doencrypt = 1; - break; -#endif case 'D': no_delay = 1; break; @@ -163,13 +159,6 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; -#ifdef CRYPT - if (doencrypt) { - syslog(LOG_ERR, "-k is required for -x"); - exit(2); - } -#endif - fromlen = sizeof (from); if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { syslog(LOG_ERR, "getpeername: %m"); @@ -208,11 +197,7 @@ doit(struct sockaddr *fromp) char cmdbuf[NCARGS+1], luser[16], ruser[16]; char rhost[2 * MAXHOSTNAMELEN + 1]; char numericname[INET6_ADDRSTRLEN]; - int af, error, srcport; -#ifdef CRYPT - int rc; - int pv1[2], pv2[2]; -#endif + int af, srcport; login_cap_t *lc; (void) signal(SIGINT, SIG_DFL); @@ -223,11 +208,9 @@ doit(struct sockaddr *fromp) if (af == AF_INET) { inet_ntop(af, &((struct sockaddr_in *)fromp)->sin_addr, numericname, sizeof numericname); -#ifdef INET6 } else if (af == AF_INET6) { inet_ntop(af, &((struct sockaddr_in6 *)fromp)->sin6_addr, numericname, sizeof numericname); -#endif } else { syslog(LOG_ERR, "malformed \"from\" address (af %d)", af); exit(1); @@ -314,23 +297,6 @@ doit(struct sockaddr *fromp) rhost[sizeof(rhost) - 1] = '\0'; /* XXX truncation! */ -#ifdef CRYPT - if (doencrypt && af == AF_INET) { - struct sockaddr_in local_addr; - rc = sizeof(local_addr); - if (getsockname(0, (struct sockaddr *)&local_addr, - &rc) < 0) { - syslog(LOG_ERR, "getsockname: %m"); - rshd_errx(1, "rlogind: getsockname: %m"); /* XXX */ - } - authopts = KOPT_DO_MUTUAL; - rc = krb_recvauth(authopts, 0, ticket, - "rcmd", instance, &fromaddr, - &local_addr, kdata, "", schedule, - version); - des_set_key(&kdata->session, schedule); - } -#endif (void) alarm(60); getstr(ruser, sizeof(ruser), "ruser"); getstr(luser, sizeof(luser), "luser"); @@ -390,7 +356,7 @@ doit(struct sockaddr *fromp) ruser, rhost, luser, cmdbuf); rshd_errx(0, "No remote home directory."); } - pwd->pw_dir = "/"; + pwd->pw_dir = slash; } if (lc != NULL && fromp->sa_family == AF_INET) { /*XXX*/ @@ -433,32 +399,12 @@ doit(struct sockaddr *fromp) if (port) { if (pipe(pv) < 0) rshd_errx(1, "Can't make pipe."); -#ifdef CRYPT - if (doencrypt) { - if (pipe(pv1) < 0) - rshd_errx(1, "Can't make 2nd pipe."); - if (pipe(pv2) < 0) - rshd_errx(1, "Can't make 3rd pipe."); - } -#endif pid = fork(); if (pid == -1) rshd_errx(1, "Can't fork; try again."); if (pid) { -#ifdef CRYPT - if (doencrypt) { - static char msg[] = SECURE_MESSAGE; - (void) close(pv1[1]); - (void) close(pv2[1]); - des_enc_write(s, msg, sizeof(msg) - 1, - schedule, &kdata->session); - - } else -#endif - { - (void) close(0); - (void) close(1); - } + (void) close(0); + (void) close(1); (void) close(2); (void) close(pv[1]); @@ -469,47 +415,22 @@ doit(struct sockaddr *fromp) nfd = pv[0]; else nfd = s; -#ifdef CRYPT - if (doencrypt) { - FD_ZERO(&writeto); - FD_SET(pv2[0], &writeto); - FD_SET(pv1[0], &readfrom); - - nfd = MAX(nfd, pv2[0]); - nfd = MAX(nfd, pv1[0]); - } else -#endif ioctl(pv[0], FIONBIO, (char *)&one); /* should set s nbio! */ nfd++; do { ready = readfrom; -#ifdef CRYPT - if (doencrypt) { - wready = writeto; - if (select(nfd, &ready, - &wready, (fd_set *) 0, - (struct timeval *) 0) < 0) - break; - } else -#endif - if (select(nfd, &ready, (fd_set *)0, - (fd_set *)0, (struct timeval *)0) < 0) - break; + if (select(nfd, &ready, (fd_set *)0, + (fd_set *)0, (struct timeval *)0) < 0) + break; if (FD_ISSET(s, &ready)) { int ret; -#ifdef CRYPT - if (doencrypt) - ret = des_enc_read(s, &sig, 1, - schedule, &kdata->session); - else -#endif ret = read(s, &sig, 1); - if (ret <= 0) - FD_CLR(s, &readfrom); - else - killpg(pid, sig); + if (ret <= 0) + FD_CLR(s, &readfrom); + else + killpg(pid, sig); } if (FD_ISSET(pv[0], &ready)) { errno = 0; @@ -518,62 +439,17 @@ doit(struct sockaddr *fromp) shutdown(s, 1+1); FD_CLR(pv[0], &readfrom); } else { -#ifdef CRYPT - if (doencrypt) - (void) - des_enc_write(s, buf, cc, - schedule, &kdata->session); - else -#endif - (void) - write(s, buf, cc); + (void)write(s, buf, cc); } } -#ifdef CRYPT - if (doencrypt && FD_ISSET(pv1[0], &ready)) { - errno = 0; - cc = read(pv1[0], buf, sizeof(buf)); - if (cc <= 0) { - shutdown(pv1[0], 1+1); - FD_CLR(pv1[0], &readfrom); - } else - (void) des_enc_write(STDOUT_FILENO, - buf, cc, - schedule, &kdata->session); - } - - if (doencrypt && FD_ISSET(pv2[0], &wready)) { - errno = 0; - cc = des_enc_read(STDIN_FILENO, - buf, sizeof(buf), - schedule, &kdata->session); - if (cc <= 0) { - shutdown(pv2[0], 1+1); - FD_CLR(pv2[0], &writeto); - } else - (void) write(pv2[0], buf, cc); - } -#endif } while (FD_ISSET(s, &readfrom) || -#ifdef CRYPT - (doencrypt && FD_ISSET(pv1[0], &readfrom)) || -#endif FD_ISSET(pv[0], &readfrom)); PAM_END; exit(0); } (void) close(s); (void) close(pv[0]); -#ifdef CRYPT - if (doencrypt) { - close(pv1[0]); close(pv2[0]); - dup2(pv1[1], 1); - dup2(pv2[1], 0); - close(pv1[1]); - close(pv2[1]); - } -#endif dup2(pv[1], 2); close(pv[1]); } @@ -598,7 +474,7 @@ doit(struct sockaddr *fromp) syslog(LOG_ERR, "setlogin() failed: %m"); if (*pwd->pw_shell == '\0') - pwd->pw_shell = _PATH_BSHELL; + pwd->pw_shell = bshell; (void) pam_setenv(pamh, "HOME", pwd->pw_dir, 1); (void) pam_setenv(pamh, "SHELL", pwd->pw_shell, 1); (void) pam_setenv(pamh, "USER", pwd->pw_name, 1); |