1 /* insecure.c: The opieinsecure() library function.
3 %%% portions-copyright-cmetz-96
4 Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
5 Reserved. The Inner Net License Version 2 applies to these portions of
7 You should have received a copy of the license with this software. If
8 you didn't get a copy, you may request one from <license@inner.net>.
10 Portions of this software are Copyright 1995 by Randall Atkinson and Dan
11 McDonald, All Rights Reserved. All Rights under this copyright are assigned
12 to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
13 License Agreement applies to this software.
17 Modified by cmetz for OPIE 2.4. Do utmp checks on utmpx systems.
18 Handle unterminated ut_host.
19 Modified by cmetz for OPIE 2.31. Fixed a logic bug. Call endut[x]ent().
20 Modified by cmetz for OPIE 2.3. Added result caching. Use
21 __opiegetutmpentry(). Ifdef around ut_host check. Eliminate
23 Modified by cmetz for OPIE 2.2. Use FUNCTION declaration et al.
24 Allow IP loopback. DISPLAY and ut_host must match exactly,
25 not just the part before the colon. Added work-around for
26 Sun CDE dtterm bug. Leave the environment as it was
28 Created at NRL for OPIE 2.2 from opiesubr.c. Fixed pointer
29 assignment that should have been a comparison.
38 #include <stdlib.h> /* ANSI C standard library */
39 #include <sys/param.h>
46 #define endutent endutxent
49 #if HAVE_SYS_UTSNAME_H
50 #include <sys/utsname.h>
51 #endif /* HAVE_SYS_UTSNAME_H */
55 char *remote_terms[] = { "xterm", "xterms", "kterm", NULL };
57 int opieinsecure FUNCTION_NOARGS
59 #ifndef NO_INSECURE_CHECK
64 #if HAVE_UT_HOST || DOUTMPX
66 #endif /* HAVE_UT_HOST || DOUTMPX */
67 static int result = -1;
72 if (getenv("SSH_CLIENT") != NULL)
74 display_name = (char *) getenv("DISPLAY");
75 term_name = (char *) getenv("TERM");
79 if (s = strchr(display_name, ':')) {
80 int n = s - display_name;
84 if (!strncmp("unix", display_name, n))
86 else if (!strncmp("localhost", display_name, n))
88 else if (!strncmp("loopback", display_name, n))
90 else if (!strncmp("127.0.0.1", display_name, n))
93 struct utsname utsname;
95 if (!uname(&utsname)) {
96 if (!strncmp(utsname.nodename, display_name, n))
99 if (s = strchr(display_name, '.')) {
100 int n2 = s - display_name;
103 if (!strncmp(utsname.nodename, display_name, n2))
105 } /* endif display_name is '.' */
106 } /* endif hostname != display_name */
107 } /* endif was able to get hostname */
108 } /* endif display_name == UNIX */
111 } /* endif display_name == ":" */
115 /* If no DISPLAY variable exists and TERM=xterm,
116 then we probably have an xterm executing on a remote system
117 with an rlogin or telnet to our system. If it were a local
118 xterm, then the DISPLAY environment variable would
119 have to exist. rja */
120 if (!display_name && term_name) {
122 for (i = 0; remote_terms[i]; i++)
123 if (!strcmp(term_name, remote_terms[i]))
127 #if HAVE_UT_HOST || DOUTMPX
129 memset(&utmp, 0, sizeof(struct utmp));
131 int i = __opiegetutmpentry(ttyname(0), &utmp);
133 if (!i && utmp.ut_host[0]) {
134 char host[sizeof(utmp.ut_host) + 1];
137 strncpy(host, utmp.ut_host, sizeof(utmp.ut_host));
138 host[sizeof(utmp.ut_host)] = 0;
140 if (s = strchr(host, ':')) {
146 if (!strncmp(host, display_name, n))
148 #if 1 /* def SOLARIS */
150 if (s = strchr(host, ' ')) {
152 if (s = strchr(s + 1, ' '))
154 if (!strncmp(host, display_name, n))
163 #endif /* HAVE_UT_HOST || DOUTMPX */
168 #else /* NO_INSECURE_CHECK */
170 #endif /* NO_INSECURE_CHECK */