contrib/opie/libopie/insecure.c


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166

/* insecure.c: The opieinsecure() library function.

%%% portions-copyright-cmetz-96
Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
Reserved. The Inner Net License Version 2 applies to these portions of
the software.
You should have received a copy of the license with this software. If
you didn't get a copy, you may request one from <license@inner.net>.

Portions of this software are Copyright 1995 by Randall Atkinson and Dan
McDonald, All Rights Reserved. All Rights under this copyright are assigned
to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
License Agreement applies to this software.

        History:

	Modified by cmetz for OPIE 2.4. Do utmp checks on utmpx systems.
	     Handle unterminated ut_host.
	Modified by cmetz for OPIE 2.31. Fixed a logic bug. Call endut[x]ent().
	Modified by cmetz for OPIE 2.3. Added result caching. Use
	     __opiegetutmpentry(). Ifdef around ut_host check. Eliminate
	     unused variable.
	Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
             Allow IP loopback. DISPLAY and ut_host must match exactly,
             not just the part before the colon. Added work-around for 
             Sun CDE dtterm bug. Leave the environment as it was
             found. Use uname().
        Created at NRL for OPIE 2.2 from opiesubr.c. Fixed pointer
             assignment that should have been a comparison.
*/
#include "opie_cfg.h"

#include <stdio.h>
#include <string.h>
#include <stdlib.h>	/* ANSI C standard library */
#include <sys/param.h>
#include <unistd.h>

#include <utmp.h>
#if DOUTMPX
#include <utmpx.h>
#define utmp utmpx
#define endutent endutxent
#endif	/* DOUTMPX */

#if HAVE_SYS_UTSNAME_H
#include <sys/utsname.h>
#endif /* HAVE_SYS_UTSNAME_H */

#include "opie.h"

char *remote_terms[] = { "xterm", "xterms", "kterm", NULL };

int opieinsecure FUNCTION_NOARGS
{
#ifndef NO_INSECURE_CHECK
  char *display_name;
  char *s;
  char *term_name;
  int  insecure = 0;
#if HAVE_UT_HOST || DOUTMPX
  struct utmp utmp;
#endif /* HAVE_UT_HOST || DOUTMPX */
  static int result = -1;

  if (result != -1)
    return result;

  display_name = (char *) getenv("DISPLAY");
  term_name = (char *) getenv("TERM");

  if (display_name) {
    insecure = 1;
    if (s = strchr(display_name, ':')) {
      int n = s - display_name;
      if (!n)
	insecure = 0;
      else {
	if (!strncmp("unix", display_name, n))
	  insecure = 0;
        else if (!strncmp("localhost", display_name, n))
	    insecure = 0;
        else if (!strncmp("loopback", display_name, n))
	    insecure = 0;
        else if (!strncmp("127.0.0.1", display_name, n))
	    insecure = 0;
	else {
          struct utsname utsname;

	  if (!uname(&utsname)) {
	    if (!strncmp(utsname.nodename, display_name, n))
	      insecure = 0;
	    else {
	      if (s = strchr(display_name, '.')) {
		int n2 = s - display_name;
                if (n < n2)
                  n2 = n;
		if (!strncmp(utsname.nodename, display_name, n2))
		  insecure = 0;
	      } /* endif display_name is '.' */
	    } /* endif hostname != display_name */
	  } /* endif was able to get hostname */
	} /* endif display_name == UNIX */
      }
    }
    } /* endif display_name == ":" */ 
    if (insecure)
      return (result = 1);

  /* If no DISPLAY variable exists and TERM=xterm, 
     then we probably have an xterm executing on a remote system 
     with an rlogin or telnet to our system.  If it were a local
     xterm, then the DISPLAY environment variable would
     have to exist. rja */
  if (!display_name && term_name) {
    int i;
    for (i = 0; remote_terms[i]; i++)
      if (!strcmp(term_name, remote_terms[i]))
        return (result = 1);
  };

#if HAVE_UT_HOST || DOUTMPX
  if (isatty(0)) {
    memset(&utmp, 0, sizeof(struct utmp));
    {
      int i = __opiegetutmpentry(ttyname(0), &utmp);
      endutent();
      if (!i && utmp.ut_host[0]) {
	char host[sizeof(utmp.ut_host) + 1];
	insecure = 1;

	strncpy(host, utmp.ut_host, sizeof(utmp.ut_host));
	host[sizeof(utmp.ut_host)] = 0;

	if (s = strchr(host, ':')) {
	  int n = s - host;
	  if (!n)
	    insecure = 0;
	  else
	    if (display_name) {
	      if (!strncmp(host, display_name, n))
		insecure = 0;
#if 1 /* def SOLARIS */
	      else
		if (s = strchr(host, ' ')) {
		  *s = ':';
		  if (s = strchr(s + 1, ' '))
		    *s = '.';
		  if (!strncmp(host, display_name, n))
		    insecure = 0; 
		}
#endif /* SOLARIS */
	    }
	}
      }
    };
  };
#endif /* HAVE_UT_HOST || DOUTMPX */
  if (insecure)
    return (result = 1);

  return (result = 0);
#else /* NO_INSECURE_CHECK */
  return 0;
#endif /* NO_INSECURE_CHECK */
}