2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 1983, 1991, 1993, 1994
5 * The Regents of the University of California. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/cdefs.h>
30 __FBSDID("$FreeBSD$");
32 #include <sys/filio.h>
33 #include <sys/ioccom.h>
34 #include <sys/param.h>
36 #include <sys/socket.h>
37 #include <sys/sysctl.h>
38 #include <sys/ucred.h>
40 #include <sys/utsname.h>
57 static void chargen_dg(int, struct servtab *);
58 static void chargen_stream(int, struct servtab *);
59 static void daytime_dg(int, struct servtab *);
60 static void daytime_stream(int, struct servtab *);
61 static void discard_dg(int, struct servtab *);
62 static void discard_stream(int, struct servtab *);
63 static void echo_dg(int, struct servtab *);
64 static void echo_stream(int, struct servtab *);
65 static int get_line(int, char *, int);
66 static void iderror(int, int, int, const char *);
67 static void ident_stream(int, struct servtab *);
68 static void initring(void);
69 static uint32_t machtime(void);
70 static void machtime_dg(int, struct servtab *);
71 static void machtime_stream(int, struct servtab *);
73 static char ring[128];
76 struct biltin biltins[] = {
77 /* Echo received data */
78 { "echo", SOCK_STREAM, 1, -1, echo_stream },
79 { "echo", SOCK_DGRAM, 0, 1, echo_dg },
81 /* Internet /dev/null */
82 { "discard", SOCK_STREAM, 1, -1, discard_stream },
83 { "discard", SOCK_DGRAM, 0, 1, discard_dg },
85 /* Return 32 bit time since 1900 */
86 { "time", SOCK_STREAM, 0, -1, machtime_stream },
87 { "time", SOCK_DGRAM, 0, 1, machtime_dg },
89 /* Return human-readable time */
90 { "daytime", SOCK_STREAM, 0, -1, daytime_stream },
91 { "daytime", SOCK_DGRAM, 0, 1, daytime_dg },
93 /* Familiar character generator */
94 { "chargen", SOCK_STREAM, 1, -1, chargen_stream },
95 { "chargen", SOCK_DGRAM, 0, 1, chargen_dg },
97 { "tcpmux", SOCK_STREAM, 1, -1, (bi_fn_t *)tcpmux },
99 { "auth", SOCK_STREAM, 1, -1, ident_stream },
101 { NULL, 0, 0, 0, NULL }
105 * RFC864 Character Generator Protocol. Generates character data without
106 * any regard for input.
116 for (i = 0; i <= 128; ++i)
121 /* Character generator
122 * The RFC says that we should send back a random number of
123 * characters chosen from the range 0 to 512. We send LINESIZ+2.
127 chargen_dg(int s, struct servtab *sep)
129 struct sockaddr_storage ss;
133 char text[LINESIZ+2];
141 if (recvfrom(s, text, sizeof(text), 0,
142 (struct sockaddr *)&ss, &size) < 0)
145 if (check_loop((struct sockaddr *)&ss, sep))
148 if ((len = endring - rs) >= LINESIZ)
149 memmove(text, rs, LINESIZ);
151 memmove(text, rs, len);
152 memmove(text + len, ring, LINESIZ - len);
156 text[LINESIZ] = '\r';
157 text[LINESIZ + 1] = '\n';
158 (void) sendto(s, text, sizeof(text), 0, (struct sockaddr *)&ss, size);
161 /* Character generator */
164 chargen_stream(int s, struct servtab *sep)
167 char *rs, text[LINESIZ+2];
169 inetd_setproctitle(sep->se_service, s);
174 text[LINESIZ] = '\r';
175 text[LINESIZ + 1] = '\n';
177 if ((len = endring - rs) >= LINESIZ)
178 memmove(text, rs, LINESIZ);
180 memmove(text, rs, len);
181 memmove(text + len, ring, LINESIZ - len);
185 if (write(s, text, sizeof(text)) != sizeof(text))
192 * RFC867 Daytime Protocol. Sends the current date and time as an ascii
193 * character string without any regard for input.
196 /* Return human-readable time of day */
199 daytime_dg(int s, struct servtab *sep)
203 struct sockaddr_storage ss;
206 now = time((time_t *) 0);
209 if (recvfrom(s, buffer, sizeof(buffer), 0,
210 (struct sockaddr *)&ss, &size) < 0)
213 if (check_loop((struct sockaddr *)&ss, sep))
216 (void) sprintf(buffer, "%.24s\r\n", ctime(&now));
217 (void) sendto(s, buffer, strlen(buffer), 0,
218 (struct sockaddr *)&ss, size);
221 /* Return human-readable time of day */
224 daytime_stream(int s, struct servtab *sep __unused)
229 now = time((time_t *) 0);
231 (void) sprintf(buffer, "%.24s\r\n", ctime(&now));
232 (void) send(s, buffer, strlen(buffer), MSG_EOF);
236 * RFC863 Discard Protocol. Any data received is thrown away and no response
240 /* Discard service -- ignore data */
243 discard_dg(int s, struct servtab *sep __unused)
245 char buffer[BUFSIZE];
247 (void) read(s, buffer, sizeof(buffer));
250 /* Discard service -- ignore data */
253 discard_stream(int s, struct servtab *sep)
256 char buffer[BUFSIZE];
258 inetd_setproctitle(sep->se_service, s);
260 while ((ret = read(s, buffer, sizeof(buffer))) > 0)
262 if (ret == 0 || errno != EINTR)
269 * RFC862 Echo Protocol. Any data received is sent back to the sender as
273 /* Echo service -- echo data back */
276 echo_dg(int s, struct servtab *sep)
278 char buffer[65536]; /* Should be sizeof(max datagram). */
281 struct sockaddr_storage ss;
284 if ((i = recvfrom(s, buffer, sizeof(buffer), 0,
285 (struct sockaddr *)&ss, &size)) < 0)
288 if (check_loop((struct sockaddr *)&ss, sep))
291 (void) sendto(s, buffer, i, 0, (struct sockaddr *)&ss, size);
294 /* Echo service -- echo data back */
297 echo_stream(int s, struct servtab *sep)
299 char buffer[BUFSIZE];
302 inetd_setproctitle(sep->se_service, s);
303 while ((i = read(s, buffer, sizeof(buffer))) > 0 &&
304 write(s, buffer, i) > 0)
310 * RFC1413 Identification Protocol. Given a TCP port number pair, return a
311 * character string which identifies the owner of that connection on the
312 * server's system. Extended to allow for ~/.fakeid support and ~/.noident
316 /* RFC 1413 says the following are the only errors you can return. */
317 #define ID_INVALID "INVALID-PORT" /* Port number improperly specified. */
318 #define ID_NOUSER "NO-USER" /* Port not in use/not identifable. */
319 #define ID_HIDDEN "HIDDEN-USER" /* Hiden at user's request. */
320 #define ID_UNKNOWN "UNKNOWN-ERROR" /* Everything else. */
322 /* Generic ident_stream error-sending func */
325 iderror(int lport, int fport, int s, const char *er)
329 asprintf(&p, "%d , %d : ERROR : %s\r\n", lport, fport, er);
331 syslog(LOG_ERR, "asprintf: %m");
334 send(s, p, strlen(p), MSG_EOF);
340 /* Ident service (AKA "auth") */
343 ident_stream(int s, struct servtab *sep)
347 struct sockaddr_in sin4[2];
349 struct sockaddr_in6 sin6[2];
351 struct sockaddr_storage ss[2];
353 struct timeval tv = {
357 struct passwd *pw = NULL;
359 char buf[BUFSIZE], *p, **av, *osname = NULL, e;
360 char idbuf[MAXLOGNAME] = ""; /* Big enough to hold uid in decimal. */
364 int c, fflag = 0, nflag = 0, rflag = 0, argc = 0;
365 int gflag = 0, iflag = 0, Fflag = 0, getcredfail = 0, onreadlen;
366 u_short lport, fport;
368 inetd_setproctitle(sep->se_service, s);
370 * Reset getopt() since we are a fork() but not an exec() from
371 * a parent which used getopt() already.
376 * Take the internal argument vector and count it out to make an
377 * argument count for getopt. This can be used for any internal
378 * service to read arguments and use getopt() easily.
380 for (av = sep->se_argv; *av; av++)
387 while ((c = getopt(argc, sep->se_argv, "d:fFgino:rt:")) != -1)
391 strlcpy(idbuf, optarg, sizeof(idbuf));
402 rnd32 = 0; /* Shush, compiler. */
404 * The number of bits in "rnd32" divided
405 * by the number of bits needed per iteration
406 * gives a more optimal way to reload the
407 * random number only when necessary.
409 * 32 bits from arc4random corresponds to
410 * about 6 base-36 digits, so we reseed evey 6.
412 for (i = 0; i < sizeof(idbuf) - 1; i++) {
413 static const char *const base36 =
415 "abcdefghijklmnopqrstuvwxyz";
417 rnd32 = arc4random();
418 idbuf[i] = base36[rnd32 % 36];
436 switch (sscanf(optarg, "%d.%d", &sec, &usec)) {
445 warnx("bad -t argument");
453 if (osname == NULL) {
454 if (uname(&un) == -1)
455 iderror(0, 0, s, ID_UNKNOWN);
460 * We're going to prepare for and execute reception of a
461 * packet of data from the user. The data is in the format
462 * "local_port , foreign_port\r\n" (with local being the
463 * server's port and foreign being the client's.)
465 gettimeofday(&to, NULL);
466 to.tv_sec += tv.tv_sec;
467 to.tv_usec += tv.tv_usec;
468 if (to.tv_usec >= 1000000) {
469 to.tv_usec -= 1000000;
474 bufsiz = sizeof(buf) - 1;
477 gettimeofday(&tv, NULL);
478 tv.tv_sec = to.tv_sec - tv.tv_sec;
479 tv.tv_usec = to.tv_usec - tv.tv_usec;
480 if (tv.tv_usec < 0) {
481 tv.tv_usec += 1000000;
487 if (select(s + 1, &fdset, NULL, NULL, &tv) == -1)
488 iderror(0, 0, s, ID_UNKNOWN);
489 if (ioctl(s, FIONREAD, &onreadlen) == -1)
490 iderror(0, 0, s, ID_UNKNOWN);
491 if ((size_t)onreadlen > bufsiz)
493 ssize = read(s, &buf[size], (size_t)onreadlen);
495 iderror(0, 0, s, ID_UNKNOWN);
500 if (memchr(&buf[size - ssize], '\n', ssize) != NULL)
504 /* Read two characters, and check for a delimiting character */
505 if (sscanf(buf, "%hu , %hu%c", &lport, &fport, &e) != 3 || isdigit(e))
506 iderror(0, 0, s, ID_INVALID);
513 * If not "real" (-r), send a HIDDEN-USER error for everything.
514 * If -d is used to set a fallback username, this is used to
515 * override it, and the fallback is returned instead.
519 iderror(lport, fport, s, ID_HIDDEN);
524 * We take the input and construct an array of two sockaddr_ins
525 * which contain the local address information and foreign
526 * address information, respectively, used to look up the
527 * credentials for the socket (which are returned by the
528 * sysctl "net.inet.tcp.getcred" when we call it.)
530 socklen = sizeof(ss[0]);
531 if (getsockname(s, (struct sockaddr *)&ss[0], &socklen) == -1)
532 iderror(lport, fport, s, ID_UNKNOWN);
533 socklen = sizeof(ss[1]);
534 if (getpeername(s, (struct sockaddr *)&ss[1], &socklen) == -1)
535 iderror(lport, fport, s, ID_UNKNOWN);
536 if (ss[0].ss_family != ss[1].ss_family)
537 iderror(lport, fport, s, ID_UNKNOWN);
539 switch (ss[0].ss_family) {
541 sin4[0] = *(struct sockaddr_in *)&ss[0];
542 sin4[0].sin_port = htons(lport);
543 sin4[1] = *(struct sockaddr_in *)&ss[1];
544 sin4[1].sin_port = htons(fport);
545 if (sysctlbyname("net.inet.tcp.getcred", &uc, &size, sin4,
551 sin6[0] = *(struct sockaddr_in6 *)&ss[0];
552 sin6[0].sin6_port = htons(lport);
553 sin6[1] = *(struct sockaddr_in6 *)&ss[1];
554 sin6[1].sin6_port = htons(fport);
555 if (sysctlbyname("net.inet6.tcp6.getcred", &uc, &size, sin6,
560 default: /* should not reach here */
561 getcredfail = EAFNOSUPPORT;
564 if (getcredfail != 0 || uc.cr_version != XUCRED_VERSION) {
566 iderror(lport, fport, s,
567 getcredfail == ENOENT ? ID_NOUSER : ID_UNKNOWN);
571 /* Look up the pw to get the username and home directory*/
573 pw = getpwuid(uc.cr_uid);
575 iderror(lport, fport, s, errno == 0 ? ID_NOUSER : ID_UNKNOWN);
578 snprintf(idbuf, sizeof(idbuf), "%u", (unsigned)pw->pw_uid);
580 strlcpy(idbuf, pw->pw_name, sizeof(idbuf));
583 * If enabled, we check for a file named ".noident" in the user's
584 * home directory. If found, we return HIDDEN-USER.
587 if (asprintf(&p, "%s/.noident", pw->pw_dir) == -1)
588 iderror(lport, fport, s, ID_UNKNOWN);
589 if (lstat(p, &sb) == 0) {
591 iderror(lport, fport, s, ID_HIDDEN);
597 * Here, if enabled, we read a user's ".fakeid" file in their
598 * home directory. It consists of a line containing the name
605 * Here we set ourself to effectively be the user, so we don't
606 * open any files we have no permission to open, especially
607 * symbolic links to sensitive root-owned files or devices.
609 if (initgroups(pw->pw_name, pw->pw_gid) == -1)
610 iderror(lport, fport, s, ID_UNKNOWN);
611 if (seteuid(pw->pw_uid) == -1)
612 iderror(lport, fport, s, ID_UNKNOWN);
614 * We can't stat() here since that would be a race
616 * Therefore, we open the file we have permissions to open
617 * and if it's not a regular file, we close it and end up
618 * returning the user's real username.
620 if (asprintf(&p, "%s/.fakeid", pw->pw_dir) == -1)
621 iderror(lport, fport, s, ID_UNKNOWN);
622 fakeid_fd = open(p, O_RDONLY | O_NONBLOCK);
624 if (fakeid_fd == -1 || fstat(fakeid_fd, &sb) == -1 ||
625 !S_ISREG(sb.st_mode))
628 if ((ssize = read(fakeid_fd, buf, sizeof(buf) - 1)) < 0)
633 * Usually, the file will have the desired identity
634 * in the form "identity\n". Allow for leading white
635 * space and trailing white space/end of line.
638 p += strspn(p, " \t");
639 p[strcspn(p, " \t\r\n")] = '\0';
640 if (strlen(p) > MAXLOGNAME - 1) /* Too long (including nul)? */
641 p[MAXLOGNAME - 1] = '\0';
644 * If the name is a zero-length string or matches it
645 * the id or name of another user (unless permitted by -F)
646 * then it is invalid.
655 uid = strtonum(p, 0, UID_MAX, &errstr);
659 if (getpwuid(uid) != NULL)
662 if (getpwnam(p) != NULL)
667 strlcpy(idbuf, p, sizeof(idbuf));
675 /* Finally, we make and send the reply. */
676 if (asprintf(&p, "%d , %d : USERID : %s : %s\r\n", lport, fport, osname,
678 syslog(LOG_ERR, "asprintf: %m");
681 send(s, p, strlen(p), MSG_EOF);
688 * RFC738/868 Time Server.
689 * Return a machine readable date and time, in the form of the
690 * number of seconds since midnight, Jan 1, 1900. Since gettimeofday
691 * returns the number of seconds since midnight, Jan 1, 1970,
692 * we must add 2208988800 seconds to this figure to make up for
693 * some seventy years Bell Labs was asleep.
700 #define OFFSET ((uint32_t)25567 * 24*60*60)
701 return (htonl((uint32_t)(time(NULL) + OFFSET)));
707 machtime_dg(int s, struct servtab *sep)
710 struct sockaddr_storage ss;
714 if (recvfrom(s, (char *)&result, sizeof(result), 0,
715 (struct sockaddr *)&ss, &size) < 0)
718 if (check_loop((struct sockaddr *)&ss, sep))
722 (void) sendto(s, (char *) &result, sizeof(result), 0,
723 (struct sockaddr *)&ss, size);
728 machtime_stream(int s, struct servtab *sep __unused)
733 (void) send(s, (char *) &result, sizeof(result), MSG_EOF);
737 * RFC1078 TCP Port Service Multiplexer (TCPMUX). Service connections to
738 * services based on the service name sent.
740 * Based on TCPMUX.C by Mark K. Lottor November 1988
741 * sri-nic::ps:<mkl>tcpmux.c
744 #define MAX_SERV_LEN (256+2) /* 2 bytes for \r\n */
745 #define strwrite(fd, buf) (void) write(fd, buf, sizeof(buf)-1)
747 static int /* # of characters up to \r,\n or \0 */
748 get_line(int fd, char *buf, int len)
754 sigemptyset(&sa.sa_mask);
755 sa.sa_handler = SIG_DFL;
756 sigaction(SIGALRM, &sa, (struct sigaction *)0);
759 n = read(fd, buf, len-count);
766 if (*buf == '\r' || *buf == '\n' || *buf == '\0')
771 } while (count < len);
779 char service[MAX_SERV_LEN+1];
782 /* Get requested service name */
783 if ((len = get_line(s, service, MAX_SERV_LEN)) < 0) {
784 strwrite(s, "-Error reading service name\r\n");
790 warnx("tcpmux: someone wants %s", service);
793 * Help is a required command, and lists available services,
796 if (!strcasecmp(service, "help")) {
797 for (sep = servtab; sep; sep = sep->se_next) {
800 (void)write(s,sep->se_service,strlen(sep->se_service));
806 /* Try matching a service in inetd.conf with the request */
807 for (sep = servtab; sep; sep = sep->se_next) {
810 if (!strcasecmp(service, sep->se_service)) {
811 if (ISMUXPLUS(sep)) {
812 strwrite(s, "+Go\r\n");
817 strwrite(s, "-Service not available\r\n");