2 * Copyright (c) 1990, 1993
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 static char copyright[] =
36 "@(#) Copyright (c) 1990, 1993\n\
37 The Regents of the University of California. All rights reserved.\n";
41 static char sccsid[] = "@(#)sliplogin.c 8.2 (Berkeley) 2/1/94";
46 * [MUST BE RUN SUID, SLOPEN DOES A SUSER()!]
48 * This program initializes its own tty port to be an async TCP/IP interface.
49 * It sets the line discipline to slip, invokes a shell script to initialize
50 * the network interface, then pauses forever waiting for hangup.
52 * It is a remote descendant of several similar programs with incestuous ties:
53 * - Kirk Smith's slipconf, modified by Richard Johnsson @ DEC WRL.
54 * - slattach, probably by Rick Adams but touched by countless hordes.
55 * - the original sliplogin for 4.2bsd, Doug Kingston the mover behind it.
57 * There are two forms of usage:
60 * Invoked simply as "sliplogin", the program looks up the username
61 * in the file /etc/slip.hosts.
62 * If an entry is found, the line on fd0 is configured for SLIP operation
63 * as specified in the file.
65 * "sliplogin IPhostlogin </dev/ttyb"
66 * Invoked by root with a username, the name is looked up in the
67 * /etc/slip.hosts file and if found fd0 is configured as in case 1.
70 #include <sys/param.h>
71 #include <sys/socket.h>
78 #include <sys/ioctl.h>
89 #include "pathnames.h"
91 extern char **environ;
93 static char *restricted_environ[] = {
94 "PATH=" _PATH_STDPATH,
105 char loginargs[BUFSIZ];
106 char loginfile[MAXPATHLEN];
107 char loginname[BUFSIZ];
108 static char raddr[32]; /* remote address */
109 char ifname[IFNAMSIZ]; /* interface name */
110 static char pidfilename[MAXPATHLEN]; /* name of pid file */
111 static char iffilename[MAXPATHLEN]; /* name of if file */
112 static pid_t pid; /* our pid */
117 static char address[20] ="";
119 unsigned long ipaddr;
123 if ((he = gethostbyname(raddr)) != NULL) {
124 ipaddr = ntohl(*(long *)he->h_addr_list[0]);
125 sprintf(address, "%lu.%lu.%lu.%lu",
127 (ipaddr & 0x00ff0000) >> 16,
128 (ipaddr & 0x0000ff00) >> 8,
129 (ipaddr & 0x000000ff));
141 "compress", IFF_LINK0, IFF_LINK2,
142 "noicmp", IFF_LINK1, 0 ,
143 "autocomp", IFF_LINK2, IFF_LINK0,
151 static char slopt[5][16];
152 static char laddr[16];
153 static char mask[16];
154 char slparmsfile[MAXPATHLEN];
159 environ = restricted_environ; /* minimal protection for system() */
161 (void)strncpy(loginname, name, sizeof(loginname)-1);
162 loginname[sizeof(loginname)-1] = '\0';
164 if ((fp = fopen(_PATH_ACCESS, "r")) == NULL) {
166 syslog(LOG_ERR, "%s: %m\n", _PATH_ACCESS);
169 while (fgets(loginargs, sizeof(loginargs) - 1, fp)) {
172 if (loginargs[0] == '#' || isspace(loginargs[0]))
174 n = sscanf(loginargs, "%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s%*[ \t]%15s\n",
175 user, laddr, raddr, mask, slopt[0], slopt[1],
176 slopt[2], slopt[3], slopt[4]);
178 syslog(LOG_ERR, "%s: wrong format\n", _PATH_ACCESS);
181 if (strcmp(user, name) != 0)
187 for (i = 0; i < n - 4; i++) {
188 for (j = 0; j < sizeof(modes)/sizeof(struct slip_modes);
190 if (strcmp(modes[j].sm_name, slopt[i]) == 0) {
191 slip_mode |= (modes[j].sm_or_flag);
192 slip_mode &= ~(modes[j].sm_and_flag);
199 * we've found the guy we're looking for -- see if
200 * there's a login file we can use. First check for
201 * one specific to this host. If none found, try for
204 (void)snprintf(loginfile, sizeof(loginfile), "%s.%s", _PATH_LOGIN, name);
205 if (access(loginfile, R_OK|X_OK) != 0) {
206 (void)strncpy(loginfile, _PATH_LOGIN, sizeof(loginfile)-1);
207 loginfile[sizeof(loginfile)-1] = '\0';
208 if (access(loginfile, R_OK|X_OK)) {
210 "access denied for %s - no %s\n",
215 (void)snprintf(slparmsfile, sizeof(slparmsfile), "%s.%s", _PATH_SLPARMS, name);
216 if (access(slparmsfile, R_OK|X_OK) != 0) {
217 (void)strncpy(slparmsfile, _PATH_SLPARMS, sizeof(slparmsfile)-1);
218 slparmsfile[sizeof(slparmsfile)-1] = '\0';
219 if (access(slparmsfile, R_OK|X_OK))
222 keepal = outfill = 0;
225 if ((fp = fopen(slparmsfile, "r")) == NULL) {
227 syslog(LOG_ERR, "%s: %m\n", slparmsfile);
231 while (fgets(buf, sizeof(buf) - 1, fp) != NULL) {
234 if (buf[0] == '#' || isspace(buf[0]))
236 n = sscanf(buf, "%d %d %d", &keepal, &outfill, &slunit);
239 syslog(LOG_ERR, "%s: wrong format\n", slparmsfile);
251 syslog(LOG_ERR, "SLIP access denied for %s\n", name);
263 case SIGHUP: return("HUP");
264 case SIGINT: return("INT");
265 case SIGQUIT: return("QUIT");
266 case SIGILL: return("ILL");
267 case SIGTRAP: return("TRAP");
268 case SIGIOT: return("IOT");
269 case SIGEMT: return("EMT");
270 case SIGFPE: return("FPE");
271 case SIGKILL: return("KILL");
272 case SIGBUS: return("BUS");
273 case SIGSEGV: return("SEGV");
274 case SIGSYS: return("SYS");
275 case SIGPIPE: return("PIPE");
276 case SIGALRM: return("ALRM");
277 case SIGTERM: return("TERM");
278 case SIGURG: return("URG");
279 case SIGSTOP: return("STOP");
280 case SIGTSTP: return("TSTP");
281 case SIGCONT: return("CONT");
282 case SIGCHLD: return("CHLD");
283 case SIGTTIN: return("TTIN");
284 case SIGTTOU: return("TTOU");
285 case SIGIO: return("IO");
286 case SIGXCPU: return("XCPU");
287 case SIGXFSZ: return("XFSZ");
288 case SIGVTALRM: return("VTALRM");
289 case SIGPROF: return("PROF");
290 case SIGWINCH: return("WINCH");
292 case SIGLOST: return("LOST");
294 case SIGUSR1: return("USR1");
295 case SIGUSR2: return("USR2");
297 (void)snprintf(buf, sizeof(buf), "sig %d", s);
305 char logoutfile[MAXPATHLEN];
309 (void)snprintf(logoutfile, sizeof(logoutfile), "%s.%s", _PATH_LOGOUT, loginname);
310 if (access(logoutfile, R_OK|X_OK) != 0) {
311 (void)strncpy(logoutfile, _PATH_LOGOUT, sizeof(logoutfile)-1);
312 logoutfile[sizeof(logoutfile)-1] = '\0';
314 if (access(logoutfile, R_OK|X_OK) == 0) {
315 char logincmd[2*MAXPATHLEN+32];
317 (void) snprintf(logincmd, sizeof(logincmd), "%s %d %ld %s", logoutfile, unit, speed, loginargs);
318 (void) system(logincmd);
320 syslog(LOG_INFO, "closed %s slip unit %d (%s)\n", loginname, unit,
322 if (unlink(pidfilename) < 0 && errno != ENOENT)
323 syslog(LOG_WARNING, "unable to delete pid file: %m");
324 if (unlink(iffilename) < 0 && errno != ENOENT)
325 syslog(LOG_WARNING, "unable to delete if file: %m");
331 /* Modify the slip line mode and add any compression or no-icmp flags. */
332 void line_flags(unit)
338 /* open a socket as the handle to the interface */
339 s = socket(AF_INET, SOCK_DGRAM, 0);
341 syslog(LOG_ERR, "socket: %m");
344 sprintf(ifr.ifr_name, "sl%d", unit);
346 /* get the flags for the interface */
347 if (ioctl(s, SIOCGIFFLAGS, (caddr_t)&ifr) < 0) {
348 syslog(LOG_ERR, "ioctl (SIOCGIFFLAGS): %m");
352 /* Assert any compression or no-icmp flags. */
353 #define SLMASK (~(IFF_LINK0 | IFF_LINK1 | IFF_LINK2))
354 ifr.ifr_flags &= SLMASK;
355 ifr.ifr_flags |= slip_mode;
356 if (ioctl(s, SIOCSIFFLAGS, (caddr_t)&ifr) < 0) {
357 syslog(LOG_ERR, "ioctl (SIOCSIFFLAGS): %m");
370 struct termios tios, otios;
371 char logincmd[2*BUFSIZ+32];
372 extern uid_t getuid();
374 FILE *pidfile; /* pid file */
375 FILE *iffile; /* interfaces file */
378 char devnam[MAXPATHLEN] = "/dev/tty"; /* Device name */
380 if ((name = strrchr(argv[0], '/')) == NULL)
383 for (fd = 3 ; fd < s ; fd++)
385 openlog(name, LOG_PID|LOG_PERROR, LOG_DAEMON);
391 * Disassociate from current controlling terminal, if any,
392 * and ensure that the slip line is our controlling terminal.
395 syslog(LOG_ERR, "daemon(1, 1): %m");
399 if ((fd = open(argv[2], O_RDWR)) == -1) {
400 syslog(LOG_ERR, "open %s: %m", argv[2]);
407 if (ioctl(0, TIOCSCTTY, 0) == -1) {
408 syslog(LOG_ERR, "ioctl (TIOCSCTTY): %m");
411 if (tcsetpgrp(0, getpid()) < 0) {
412 syslog(LOG_ERR, "tcsetpgrp failed: %m");
416 if ((name = getlogin()) == NULL) {
417 syslog(LOG_ERR, "access denied - login name not found\n");
422 (void) fchmod(0, 0600);
423 (void) fprintf(stderr, "starting slip login for %s\n", loginname);
424 (void) fprintf(stderr, "your address is %s\n\n", make_ipaddr());
426 (void) fflush(stderr);
429 /* set up the line parameters */
430 if (tcgetattr(0, &tios) < 0) {
431 syslog(LOG_ERR, "tcgetattr: %m");
436 if (tcsetattr(0, TCSAFLUSH, &tios) < 0) {
437 syslog(LOG_ERR, "tcsetattr: %m");
440 speed = cfgetispeed(&tios);
443 if (ioctl(0, TIOCSETD, &ldisc) < 0) {
444 syslog(LOG_ERR, "ioctl(TIOCSETD): %m");
447 if (slunit >= 0 && ioctl(0, SLIOCSUNIT, &slunit) < 0) {
448 syslog(LOG_ERR, "ioctl (SLIOCSUNIT): %m");
451 /* find out what unit number we were assigned */
452 if (ioctl(0, SLIOCGUNIT, &unit) < 0) {
453 syslog(LOG_ERR, "ioctl (SLIOCGUNIT): %m");
456 (void) signal(SIGHUP, hup_handler);
457 (void) signal(SIGTERM, hup_handler);
460 (void) signal(SIGURG, hup_handler);
461 if (ioctl(0, SLIOCSKEEPAL, &keepal) < 0) {
462 syslog(LOG_ERR, "ioctl(SLIOCSKEEPAL): %m");
466 if (outfill > 0 && ioctl(0, SLIOCSOUTFILL, &outfill) < 0) {
467 syslog(LOG_ERR, "ioctl(SLIOCSOUTFILL): %m");
471 /* write pid to file */
473 (void) sprintf(ifname, "sl%d", unit);
474 (void) sprintf(pidfilename, "%s%s.pid", _PATH_VARRUN, ifname);
475 if ((pidfile = fopen(pidfilename, "w")) != NULL) {
476 fprintf(pidfile, "%d\n", pid);
477 (void) fclose(pidfile);
479 syslog(LOG_ERR, "Failed to create pid file %s: %m",
484 /* write interface unit number to file */
488 for (n = strlen(devnam); n > 0; n--)
489 if (devnam[n] == '/') {
493 (void) sprintf(iffilename, "%s%s.if", _PATH_VARRUN, &devnam[n]);
494 if ((iffile = fopen(iffilename, "w")) != NULL) {
495 fprintf(iffile, "sl%d\n", unit);
496 (void) fclose(iffile);
498 syslog(LOG_ERR, "Failed to create if file %s: %m", iffilename);
503 syslog(LOG_INFO, "attaching slip unit %d for %s\n", unit, loginname);
504 (void)snprintf(logincmd, sizeof(logincmd), "%s %d %ld %s", loginfile, unit, speed,
507 * aim stdout and errout at /dev/null so logincmd output won't
508 * babble into the slip tty line.
511 if ((fd = open(_PATH_DEVNULL, O_WRONLY)) != 1) {
513 syslog(LOG_ERR, "open /dev/null: %m");
522 * Run login and logout scripts as root (real and effective);
523 * current route(8) is setuid root, and checks the real uid
524 * to see whether changes are allowed (or just "route get").
527 if (s = system(logincmd)) {
528 syslog(LOG_ERR, "%s login failed: exit status %d from %s",
529 loginname, s, loginfile);
533 /* Handle any compression or no-icmp flags. */
536 /* reset uid to users' to allow the user to give a signal. */
538 /* twiddle thumbs until we get a signal */