Implement -g and -d options in my ident code. The -g flag uses a random

garbage value for the username (hex garbage, that is), and the -d flag
provides a default username for fallback purposes if the user cannot be
looked up.  That is very useful for the case where inetd auth is
running on a NAT box.

While I'm here updating the manpage, clean up an English error and a
few small nits.

2 files changed, 67 insertions, 18 deletions

diff --git a/usr.sbin/inetd/builtins.c b/usr.sbin/inetd/builtins.c
index d5fa0bb..2107b95 100644
--- a/usr.sbin/inetd/builtins.c
+++ b/usr.sbin/inetd/builtins.c
@@ -340,10 +340,12 @@ ident_stream(s, sep)		/* Ident service (AKA "auth") */
 		10,
 		0
 	};
-	struct passwd *pw;
+	struct passwd *pw = NULL;
 	fd_set fdset;
-	char buf[BUFSIZE], *cp = NULL, *p, **av, *osname = NULL;
-	int len, c, fflag = 0, nflag = 0, rflag = 0, argc = 0;
+	char buf[BUFSIZE], *cp = NULL, *p, **av, *osname = NULL, garbage[7];
+	char *fallback = NULL;
+	int len, c, fflag = 0, nflag = 0, rflag = 0, argc = 0, usedfallback = 0;
+	int gflag = 0, Rflag = 0;
 	u_short lport, fport;
 
 	inetd_setproctitle(sep->se_service, s);
@@ -362,18 +364,37 @@ ident_stream(s, sep)		/* Ident service (AKA "auth") */
 		argc++;
 	if (argc) {
 		int sec, usec;
+		size_t i;
+		u_int32_t random;
 
-		while ((c = getopt(argc, sep->se_argv, "fno:rt:")) != -1)
+		while ((c = getopt(argc, sep->se_argv, "d:fgno:rt:")) != -1)
 			switch (c) {
+			case 'd':
+				fallback = optarg;
+				break;
 			case 'f':
 				fflag = 1;
 				break;
+			case 'g':
+				gflag = 1;
+				random = 0;	/* Shush, compiler. */
+				for (i = 0; i < sizeof(garbage) - 1; i++) {
+					if (i % (sizeof(random) * 8 / 4) == 0)
+						random = arc4random();
+					snprintf(garbage + i, 2, "%.1x",
+					    (int)random & 0xf);
+					random >>= 4;
+				}
+				break;
 			case 'n':
 				nflag = 1;
 				break;
 			case 'o':
 				osname = optarg;
 				break;
+			case 'R':
+				Rflag = 2;
+				break;
 			case 'r':
 				rflag = 1;
 				break;
@@ -425,7 +446,12 @@ ident_stream(s, sep)		/* Ident service (AKA "auth") */
 	buf[len] = '\0';
 	if (sscanf(buf, "%hu , %hu", &lport, &fport) != 2)
 		iderror(0, 0, s, 0);
-	if (!rflag) /* Send HIDDEN-USER immediately if not "real" */
+	if (gflag) {
+		cp = garbage;
+		goto printit;
+	}
+		
+	if (!rflag)	/* Send HIDDEN-USER immediately if not "real" */
 		iderror(lport, fport, s, -1);
 	/*
 	 * We take the input and construct an array of two sockaddr_ins
@@ -440,16 +466,21 @@ ident_stream(s, sep)		/* Ident service (AKA "auth") */
 	sin[1].sin_port = htons(fport);
 	len = sizeof(uc);
 	if (sysctlbyname("net.inet.tcp.getcred", &uc, &len, sin,
-	    sizeof(sin)) == -1)
-		iderror(lport, fport, s, errno);
-	pw = getpwuid(uc.cr_uid);	/* Look up the pw to get the username */
-	if (pw == NULL)
+	    sizeof(sin)) == -1) {
+		if (fallback == NULL)		/* Use a default, if asked to */
+			iderror(lport, fport, s, errno);
+		usedfallback = 1;
+	} else {
+		/* Look up the pw to get the username */
+		pw = getpwuid(uc.cr_uid);
+	}
+	if (pw == NULL && !usedfallback)		/* No such user... */
 		iderror(lport, fport, s, errno);
 	/*
 	 * If enabled, we check for a file named ".noident" in the user's
 	 * home directory. If found, we return HIDDEN-USER.
 	 */
-	if (nflag) {
+	if (nflag && !usedfallback) {
 		if (asprintf(&p, "%s/.noident", pw->pw_dir) == -1)
 			iderror(lport, fport, s, errno);
 		if (lstat(p, &sb) == 0) {
@@ -463,7 +494,7 @@ ident_stream(s, sep)		/* Ident service (AKA "auth") */
 	 * home directory. It consists of a line containing the name
 	 * they want.
 	 */
-	if (fflag) {
+	if (fflag && !usedfallback) {
 		FILE *fakeid = NULL;
 
 		if (asprintf(&p, "%s/.fakeid", pw->pw_dir) == -1)
@@ -518,8 +549,10 @@ ident_stream(s, sep)		/* Ident service (AKA "auth") */
 				cp = getpwuid(uc.cr_uid)->pw_name;
 		} else
 			cp = pw->pw_name;
-	} else
+	} else if (!usedfallback)
 		cp = pw->pw_name;
+	else
+		cp = fallback;
 printit:
 	/* Finally, we make and send the reply. */
 	if (asprintf(&p, "%d , %d : USERID : %s : %s\r\n", lport, fport, osname,
diff --git a/usr.sbin/inetd/inetd.8 b/usr.sbin/inetd/inetd.8
index f063f27..3796c50 100644
--- a/usr.sbin/inetd/inetd.8
+++ b/usr.sbin/inetd/inetd.8
@@ -360,17 +360,36 @@ Currently, the only internal service to take arguments is
 .Dq auth .
 Without options, the service will always return
 .Dq ERROR\ : HIDDEN-USER .
-The available arguments to this service that alter its behaviour are:
+The available arguments to this service that alter its behavior are:
 .Bl -tag -width indent
+.It Fl d Ar fallback
+Instead of returning an error if getting the socket credentials or
+looking up the user name fails, return a default
+.Ar fallback
+user name to the requesting ident client.  This is primarily useful
+when running this service on a NAT machine.
+.It Fl t Ar sec[.usec]
+Specify a timeout for the service. The default timeout is 10.0 seconds.
 .It Fl r
 Offer a real
 .Dq auth
-service, as per RFC 1413. All the following flags apply only in this case.
+service, as per RFC 1413. All the remaining flags apply only in this case.
 .It Fl f
 If the file
 .Pa .fakeid
 exists in the home directory of the identified user, report the username
 found in that file instead of the real username.
+.It Fl g
+Instead of returning the user's name to the ident requester, report a
+username made up of random alphanumeric characters, e.g.
+.Dq c0c993 .
+The
+.Fl g
+flag overrides not only the user names, but also any
+.Pa .fakeid
+or
+.Pa .noident
+files.
 .It Fl n
 If the file
 .Pa .noident
@@ -380,11 +399,8 @@ instead.
 .It Fl o Ar osname
 Use
 .Ar osname
-instead of the name of the system implementation
-returned by
+instead of the name of the system as reported by
 .Xr uname 3 .
-.It Fl t Ar sec[.usec]
-Specify a timeout for the service. The default timeout is 10.0 seconds.
 .El
 .Pp
 The