xref: /freebsd/lib/libc/net/rcmd.c (revision f0cfa1b168014f56c02b83e5f28412cc5f78d117)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1983, 1993, 1994
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the University nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  */
31 
32 #if defined(LIBC_SCCS) && !defined(lint)
33 static char sccsid[] = "@(#)rcmd.c	8.3 (Berkeley) 3/26/94";
34 #endif /* LIBC_SCCS and not lint */
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
37 
38 #include "namespace.h"
39 #include <sys/param.h>
40 #include <sys/socket.h>
41 #include <sys/stat.h>
42 
43 #include <netinet/in.h>
44 #include <arpa/inet.h>
45 
46 #include <signal.h>
47 #include <fcntl.h>
48 #include <netdb.h>
49 #include <stdlib.h>
50 #include <unistd.h>
51 #include <pwd.h>
52 #include <errno.h>
53 #include <stdio.h>
54 #include <ctype.h>
55 #include <string.h>
56 #include <rpc/rpc.h>
57 #ifdef YP
58 #include <rpcsvc/yp_prot.h>
59 #include <rpcsvc/ypclnt.h>
60 #endif
61 #include <arpa/nameser.h>
62 #include "un-namespace.h"
63 #include "libc_private.h"
64 
65 extern int innetgr( const char *, const char *, const char *, const char * );
66 
67 #define max(a, b)	((a > b) ? a : b)
68 
69 int __ivaliduser(FILE *, u_int32_t, const char *, const char *);
70 int __ivaliduser_af(FILE *,const void *, const char *, const char *, int, int);
71 int __ivaliduser_sa(FILE *, const struct sockaddr *, socklen_t, const char *,
72     const char *);
73 static int __icheckhost(const struct sockaddr *, socklen_t, const char *);
74 
75 char paddr[NI_MAXHOST];
76 
77 int
78 rcmd(char **ahost, int rport, const char *locuser, const char *remuser,
79     const char *cmd, int *fd2p)
80 {
81 	return rcmd_af(ahost, rport, locuser, remuser, cmd, fd2p, AF_INET);
82 }
83 
84 int
85 rcmd_af(char **ahost, int rport, const char *locuser, const char *remuser,
86     const char *cmd, int *fd2p, int af)
87 {
88 	struct addrinfo hints, *res, *ai;
89 	struct sockaddr_storage from;
90 	fd_set reads;
91 	sigset_t oldmask, newmask;
92 	pid_t pid;
93 	int s, aport, lport, timo, error;
94 	char c, *p;
95 	int refused, nres;
96 	char num[8];
97 	static char canonnamebuf[MAXDNAME];	/* is it proper here? */
98 
99 	/* call rcmdsh() with specified remote shell if appropriate. */
100 	if (!issetugid() && (p = getenv("RSH"))) {
101 		struct servent *sp = getservbyname("shell", "tcp");
102 
103 		if (sp && sp->s_port == rport)
104 			return (rcmdsh(ahost, rport, locuser, remuser,
105 			    cmd, p));
106 	}
107 
108 	/* use rsh(1) if non-root and remote port is shell. */
109 	if (geteuid()) {
110 		struct servent *sp = getservbyname("shell", "tcp");
111 
112 		if (sp && sp->s_port == rport)
113 			return (rcmdsh(ahost, rport, locuser, remuser,
114 			    cmd, NULL));
115 	}
116 
117 	pid = getpid();
118 
119 	memset(&hints, 0, sizeof(hints));
120 	hints.ai_flags = AI_CANONNAME;
121 	hints.ai_family = af;
122 	hints.ai_socktype = SOCK_STREAM;
123 	hints.ai_protocol = 0;
124 	(void)snprintf(num, sizeof(num), "%d", ntohs(rport));
125 	error = getaddrinfo(*ahost, num, &hints, &res);
126 	if (error) {
127 		fprintf(stderr, "rcmd: getaddrinfo: %s\n",
128 			gai_strerror(error));
129 		if (error == EAI_SYSTEM)
130 			fprintf(stderr, "rcmd: getaddrinfo: %s\n",
131 				strerror(errno));
132 		return (-1);
133 	}
134 
135 	if (res->ai_canonname
136 	 && strlen(res->ai_canonname) + 1 < sizeof(canonnamebuf)) {
137 		strncpy(canonnamebuf, res->ai_canonname, sizeof(canonnamebuf));
138 		*ahost = canonnamebuf;
139 	}
140 	nres = 0;
141 	for (ai = res; ai; ai = ai->ai_next)
142 		nres++;
143 	ai = res;
144 	refused = 0;
145 	sigemptyset(&newmask);
146 	sigaddset(&newmask, SIGURG);
147 	__libc_sigprocmask(SIG_BLOCK, (const sigset_t *)&newmask, &oldmask);
148 	for (timo = 1, lport = IPPORT_RESERVED - 1;;) {
149 		s = rresvport_af(&lport, ai->ai_family);
150 		if (s < 0) {
151 			if (errno != EAGAIN && ai->ai_next) {
152 				ai = ai->ai_next;
153 				continue;
154 			}
155 			if (errno == EAGAIN)
156 				(void)fprintf(stderr,
157 				    "rcmd: socket: All ports in use\n");
158 			else
159 				(void)fprintf(stderr, "rcmd: socket: %s\n",
160 				    strerror(errno));
161 			freeaddrinfo(res);
162 			__libc_sigprocmask(SIG_SETMASK, (const sigset_t *)&oldmask,
163 			    NULL);
164 			return (-1);
165 		}
166 		_fcntl(s, F_SETOWN, pid);
167 		if (_connect(s, ai->ai_addr, ai->ai_addrlen) >= 0)
168 			break;
169 		(void)_close(s);
170 		if (errno == EADDRINUSE) {
171 			lport--;
172 			continue;
173 		}
174 		if (errno == ECONNREFUSED)
175 			refused = 1;
176 		if (ai->ai_next == NULL && (!refused || timo > 16)) {
177 			(void)fprintf(stderr, "%s: %s\n",
178 				      *ahost, strerror(errno));
179 			freeaddrinfo(res);
180 			__libc_sigprocmask(SIG_SETMASK, (const sigset_t *)&oldmask,
181 			    NULL);
182 			return (-1);
183 		}
184 		if (nres > 1) {
185 			int oerrno = errno;
186 
187 			getnameinfo(ai->ai_addr, ai->ai_addrlen, paddr,
188 			    sizeof(paddr), NULL, 0, NI_NUMERICHOST);
189 			(void)fprintf(stderr, "connect to address %s: ",
190 				      paddr);
191 			errno = oerrno;
192 			perror(0);
193 		}
194 		if ((ai = ai->ai_next) == NULL) {
195 			/* refused && timo <= 16 */
196 			struct timespec time_to_sleep, time_remaining;
197 
198 			time_to_sleep.tv_sec = timo;
199 			time_to_sleep.tv_nsec = 0;
200 			(void)_nanosleep(&time_to_sleep, &time_remaining);
201 			timo *= 2;
202 			ai = res;
203 			refused = 0;
204 		}
205 		if (nres > 1) {
206 			getnameinfo(ai->ai_addr, ai->ai_addrlen, paddr,
207 			    sizeof(paddr), NULL, 0, NI_NUMERICHOST);
208 			fprintf(stderr, "Trying %s...\n", paddr);
209 		}
210 	}
211 	lport--;
212 	if (fd2p == NULL) {
213 		_write(s, "", 1);
214 		lport = 0;
215 	} else {
216 		int s2 = rresvport_af(&lport, ai->ai_family), s3;
217 		socklen_t len = ai->ai_addrlen;
218 		int nfds;
219 
220 		if (s2 < 0)
221 			goto bad;
222 		_listen(s2, 1);
223 		(void)snprintf(num, sizeof(num), "%d", lport);
224 		if (_write(s, num, strlen(num)+1) != strlen(num)+1) {
225 			(void)fprintf(stderr,
226 			    "rcmd: write (setting up stderr): %s\n",
227 			    strerror(errno));
228 			(void)_close(s2);
229 			goto bad;
230 		}
231 		nfds = max(s, s2)+1;
232 		if(nfds > FD_SETSIZE) {
233 			fprintf(stderr, "rcmd: too many files\n");
234 			(void)_close(s2);
235 			goto bad;
236 		}
237 again:
238 		FD_ZERO(&reads);
239 		FD_SET(s, &reads);
240 		FD_SET(s2, &reads);
241 		errno = 0;
242 		if (_select(nfds, &reads, 0, 0, 0) < 1 || !FD_ISSET(s2, &reads)){
243 			if (errno != 0)
244 				(void)fprintf(stderr,
245 				    "rcmd: select (setting up stderr): %s\n",
246 				    strerror(errno));
247 			else
248 				(void)fprintf(stderr,
249 				"select: protocol failure in circuit setup\n");
250 			(void)_close(s2);
251 			goto bad;
252 		}
253 		s3 = _accept(s2, (struct sockaddr *)&from, &len);
254 		switch (from.ss_family) {
255 		case AF_INET:
256 			aport = ntohs(((struct sockaddr_in *)&from)->sin_port);
257 			break;
258 #ifdef INET6
259 		case AF_INET6:
260 			aport = ntohs(((struct sockaddr_in6 *)&from)->sin6_port);
261 			break;
262 #endif
263 		default:
264 			aport = 0;	/* error */
265 			break;
266 		}
267 		/*
268 		 * XXX careful for ftp bounce attacks. If discovered, shut them
269 		 * down and check for the real auxiliary channel to connect.
270 		 */
271 		if (aport == 20) {
272 			_close(s3);
273 			goto again;
274 		}
275 		(void)_close(s2);
276 		if (s3 < 0) {
277 			(void)fprintf(stderr,
278 			    "rcmd: accept: %s\n", strerror(errno));
279 			lport = 0;
280 			goto bad;
281 		}
282 		*fd2p = s3;
283 		if (aport >= IPPORT_RESERVED || aport < IPPORT_RESERVED / 2) {
284 			(void)fprintf(stderr,
285 			    "socket: protocol failure in circuit setup.\n");
286 			goto bad2;
287 		}
288 	}
289 	(void)_write(s, locuser, strlen(locuser)+1);
290 	(void)_write(s, remuser, strlen(remuser)+1);
291 	(void)_write(s, cmd, strlen(cmd)+1);
292 	if (_read(s, &c, 1) != 1) {
293 		(void)fprintf(stderr,
294 		    "rcmd: %s: %s\n", *ahost, strerror(errno));
295 		goto bad2;
296 	}
297 	if (c != 0) {
298 		while (_read(s, &c, 1) == 1) {
299 			(void)_write(STDERR_FILENO, &c, 1);
300 			if (c == '\n')
301 				break;
302 		}
303 		goto bad2;
304 	}
305 	__libc_sigprocmask(SIG_SETMASK, (const sigset_t *)&oldmask, NULL);
306 	freeaddrinfo(res);
307 	return (s);
308 bad2:
309 	if (lport)
310 		(void)_close(*fd2p);
311 bad:
312 	(void)_close(s);
313 	__libc_sigprocmask(SIG_SETMASK, (const sigset_t *)&oldmask, NULL);
314 	freeaddrinfo(res);
315 	return (-1);
316 }
317 
318 int
319 rresvport(int *port)
320 {
321 	return rresvport_af(port, AF_INET);
322 }
323 
324 int
325 rresvport_af(int *alport, int family)
326 {
327 	int s;
328 	struct sockaddr_storage ss;
329 	u_short *sport;
330 
331 	memset(&ss, 0, sizeof(ss));
332 	ss.ss_family = family;
333 	switch (family) {
334 	case AF_INET:
335 		((struct sockaddr *)&ss)->sa_len = sizeof(struct sockaddr_in);
336 		sport = &((struct sockaddr_in *)&ss)->sin_port;
337 		((struct sockaddr_in *)&ss)->sin_addr.s_addr = INADDR_ANY;
338 		break;
339 #ifdef INET6
340 	case AF_INET6:
341 		((struct sockaddr *)&ss)->sa_len = sizeof(struct sockaddr_in6);
342 		sport = &((struct sockaddr_in6 *)&ss)->sin6_port;
343 		((struct sockaddr_in6 *)&ss)->sin6_addr = in6addr_any;
344 		break;
345 #endif
346 	default:
347 		errno = EAFNOSUPPORT;
348 		return -1;
349 	}
350 
351 	s = _socket(ss.ss_family, SOCK_STREAM, 0);
352 	if (s < 0)
353 		return (-1);
354 #if 0 /* compat_exact_traditional_rresvport_semantics */
355 	sin.sin_port = htons((u_short)*alport);
356 	if (_bind(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
357 		return (s);
358 	if (errno != EADDRINUSE) {
359 		(void)_close(s);
360 		return (-1);
361 	}
362 #endif
363 	*sport = 0;
364 	if (bindresvport_sa(s, (struct sockaddr *)&ss) == -1) {
365 		(void)_close(s);
366 		return (-1);
367 	}
368 	*alport = (int)ntohs(*sport);
369 	return (s);
370 }
371 
372 int	__check_rhosts_file = 1;
373 char	*__rcmd_errstr;
374 
375 int
376 ruserok(const char *rhost, int superuser, const char *ruser, const char *luser)
377 {
378 	struct addrinfo hints, *res, *r;
379 	int error;
380 
381 	memset(&hints, 0, sizeof(hints));
382 	hints.ai_family = PF_UNSPEC;
383 	hints.ai_socktype = SOCK_DGRAM;	/*dummy*/
384 	error = getaddrinfo(rhost, "0", &hints, &res);
385 	if (error)
386 		return (-1);
387 
388 	for (r = res; r; r = r->ai_next) {
389 		if (iruserok_sa(r->ai_addr, r->ai_addrlen, superuser, ruser,
390 		    luser) == 0) {
391 			freeaddrinfo(res);
392 			return (0);
393 		}
394 	}
395 	freeaddrinfo(res);
396 	return (-1);
397 }
398 
399 /*
400  * New .rhosts strategy: We are passed an ip address. We spin through
401  * hosts.equiv and .rhosts looking for a match. When the .rhosts only
402  * has ip addresses, we don't have to trust a nameserver.  When it
403  * contains hostnames, we spin through the list of addresses the nameserver
404  * gives us and look for a match.
405  *
406  * Returns 0 if ok, -1 if not ok.
407  */
408 int
409 iruserok(unsigned long raddr, int superuser, const char *ruser, const char *luser)
410 {
411 	struct sockaddr_in sin;
412 
413 	memset(&sin, 0, sizeof(sin));
414 	sin.sin_family = AF_INET;
415 	sin.sin_len = sizeof(struct sockaddr_in);
416 	memcpy(&sin.sin_addr, &raddr, sizeof(sin.sin_addr));
417 	return iruserok_sa((struct sockaddr *)&sin, sin.sin_len, superuser,
418 		ruser, luser);
419 }
420 
421 /*
422  * AF independent extension of iruserok.
423  *
424  * Returns 0 if ok, -1 if not ok.
425  */
426 int
427 iruserok_sa(const void *ra, int rlen, int superuser, const char *ruser,
428     const char *luser)
429 {
430 	char *cp;
431 	struct stat sbuf;
432 	struct passwd *pwd;
433 	FILE *hostf;
434 	uid_t uid;
435 	int first;
436 	char pbuf[MAXPATHLEN];
437 	const struct sockaddr *raddr;
438 	struct sockaddr_storage ss;
439 
440 	/* avoid alignment issue */
441 	if (rlen > sizeof(ss))
442 		return(-1);
443 	memcpy(&ss, ra, rlen);
444 	raddr = (struct sockaddr *)&ss;
445 
446 	first = 1;
447 	hostf = superuser ? NULL : fopen(_PATH_HEQUIV, "re");
448 again:
449 	if (hostf) {
450 		if (__ivaliduser_sa(hostf, raddr, rlen, luser, ruser) == 0) {
451 			(void)fclose(hostf);
452 			return (0);
453 		}
454 		(void)fclose(hostf);
455 	}
456 	if (first == 1 && (__check_rhosts_file || superuser)) {
457 		first = 0;
458 		if ((pwd = getpwnam(luser)) == NULL)
459 			return (-1);
460 		(void)strcpy(pbuf, pwd->pw_dir);
461 		(void)strcat(pbuf, "/.rhosts");
462 
463 		/*
464 		 * Change effective uid while opening .rhosts.  If root and
465 		 * reading an NFS mounted file system, can't read files that
466 		 * are protected read/write owner only.
467 		 */
468 		uid = geteuid();
469 		(void)seteuid(pwd->pw_uid);
470 		hostf = fopen(pbuf, "re");
471 		(void)seteuid(uid);
472 
473 		if (hostf == NULL)
474 			return (-1);
475 		/*
476 		 * If not a regular file, or is owned by someone other than
477 		 * user or root or if writeable by anyone but the owner, quit.
478 		 */
479 		cp = NULL;
480 		if (lstat(pbuf, &sbuf) < 0)
481 			cp = ".rhosts lstat failed";
482 		else if (!S_ISREG(sbuf.st_mode))
483 			cp = ".rhosts not regular file";
484 		else if (_fstat(fileno(hostf), &sbuf) < 0)
485 			cp = ".rhosts fstat failed";
486 		else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid)
487 			cp = "bad .rhosts owner";
488 		else if (sbuf.st_mode & (S_IWGRP|S_IWOTH))
489 			cp = ".rhosts writeable by other than owner";
490 		/* If there were any problems, quit. */
491 		if (cp) {
492 			__rcmd_errstr = cp;
493 			(void)fclose(hostf);
494 			return (-1);
495 		}
496 		goto again;
497 	}
498 	return (-1);
499 }
500 
501 /*
502  * XXX
503  * Don't make static, used by lpd(8).
504  *
505  * Returns 0 if ok, -1 if not ok.
506  */
507 int
508 __ivaliduser(FILE *hostf, u_int32_t raddr, const char *luser, const char *ruser)
509 {
510 	struct sockaddr_in sin;
511 
512 	memset(&sin, 0, sizeof(sin));
513 	sin.sin_family = AF_INET;
514 	sin.sin_len = sizeof(struct sockaddr_in);
515 	memcpy(&sin.sin_addr, &raddr, sizeof(sin.sin_addr));
516 	return __ivaliduser_sa(hostf, (struct sockaddr *)&sin, sin.sin_len,
517 		luser, ruser);
518 }
519 
520 /*
521  * Returns 0 if ok, -1 if not ok.
522  *
523  * XXX obsolete API.
524  */
525 int
526 __ivaliduser_af(FILE *hostf, const void *raddr, const char *luser,
527     const char *ruser, int af, int len)
528 {
529 	struct sockaddr *sa = NULL;
530 	struct sockaddr_in *sin = NULL;
531 #ifdef INET6
532 	struct sockaddr_in6 *sin6 = NULL;
533 #endif
534 	struct sockaddr_storage ss;
535 
536 	memset(&ss, 0, sizeof(ss));
537 	switch (af) {
538 	case AF_INET:
539 		if (len != sizeof(sin->sin_addr))
540 			return -1;
541 		sin = (struct sockaddr_in *)&ss;
542 		sin->sin_family = AF_INET;
543 		sin->sin_len = sizeof(struct sockaddr_in);
544 		memcpy(&sin->sin_addr, raddr, sizeof(sin->sin_addr));
545 		break;
546 #ifdef INET6
547 	case AF_INET6:
548 		if (len != sizeof(sin6->sin6_addr))
549 			return -1;
550 		/* you will lose scope info */
551 		sin6 = (struct sockaddr_in6 *)&ss;
552 		sin6->sin6_family = AF_INET6;
553 		sin6->sin6_len = sizeof(struct sockaddr_in6);
554 		memcpy(&sin6->sin6_addr, raddr, sizeof(sin6->sin6_addr));
555 		break;
556 #endif
557 	default:
558 		return -1;
559 	}
560 
561 	sa = (struct sockaddr *)&ss;
562 	return __ivaliduser_sa(hostf, sa, sa->sa_len, luser, ruser);
563 }
564 
565 int
566 __ivaliduser_sa(FILE *hostf, const struct sockaddr *raddr, socklen_t salen,
567     const char *luser, const char *ruser)
568 {
569 	char *user, *p;
570 	int ch;
571 	char buf[MAXHOSTNAMELEN + 128];		/* host + login */
572 	char hname[MAXHOSTNAMELEN];
573 	/* Presumed guilty until proven innocent. */
574 	int userok = 0, hostok = 0;
575 #ifdef YP
576 	char *ypdomain;
577 
578 	if (yp_get_default_domain(&ypdomain))
579 		ypdomain = NULL;
580 #else
581 #define	ypdomain NULL
582 #endif
583 	/* We need to get the damn hostname back for netgroup matching. */
584 	if (getnameinfo(raddr, salen, hname, sizeof(hname), NULL, 0,
585 			NI_NAMEREQD) != 0)
586 		hname[0] = '\0';
587 
588 	while (fgets(buf, sizeof(buf), hostf)) {
589 		p = buf;
590 		/* Skip lines that are too long. */
591 		if (strchr(p, '\n') == NULL) {
592 			while ((ch = getc(hostf)) != '\n' && ch != EOF);
593 			continue;
594 		}
595 		if (*p == '\n' || *p == '#') {
596 			/* comment... */
597 			continue;
598 		}
599 		while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') {
600 			*p = isupper((unsigned char)*p) ? tolower((unsigned char)*p) : *p;
601 			p++;
602 		}
603 		if (*p == ' ' || *p == '\t') {
604 			*p++ = '\0';
605 			while (*p == ' ' || *p == '\t')
606 				p++;
607 			user = p;
608 			while (*p != '\n' && *p != ' ' &&
609 			    *p != '\t' && *p != '\0')
610 				p++;
611 		} else
612 			user = p;
613 		*p = '\0';
614 		/*
615 		 * Do +/- and +@/-@ checking. This looks really nasty,
616 		 * but it matches SunOS's behavior so far as I can tell.
617 		 */
618 		switch(buf[0]) {
619 		case '+':
620 			if (!buf[1]) {     /* '+' matches all hosts */
621 				hostok = 1;
622 				break;
623 			}
624 			if (buf[1] == '@')  /* match a host by netgroup */
625 				hostok = hname[0] != '\0' &&
626 				    innetgr(&buf[2], hname, NULL, ypdomain);
627 			else		/* match a host by addr */
628 				hostok = __icheckhost(raddr, salen,
629 						      (char *)&buf[1]);
630 			break;
631 		case '-':     /* reject '-' hosts and all their users */
632 			if (buf[1] == '@') {
633 				if (hname[0] == '\0' ||
634 				    innetgr(&buf[2], hname, NULL, ypdomain))
635 					return(-1);
636 			} else {
637 				if (__icheckhost(raddr, salen,
638 						 (char *)&buf[1]))
639 					return(-1);
640 			}
641 			break;
642 		default:  /* if no '+' or '-', do a simple match */
643 			hostok = __icheckhost(raddr, salen, buf);
644 			break;
645 		}
646 		switch(*user) {
647 		case '+':
648 			if (!*(user+1)) {      /* '+' matches all users */
649 				userok = 1;
650 				break;
651 			}
652 			if (*(user+1) == '@')  /* match a user by netgroup */
653 				userok = innetgr(user+2, NULL, ruser, ypdomain);
654 			else	   /* match a user by direct specification */
655 				userok = !(strcmp(ruser, user+1));
656 			break;
657 		case '-': 		/* if we matched a hostname, */
658 			if (hostok) {   /* check for user field rejections */
659 				if (!*(user+1))
660 					return(-1);
661 				if (*(user+1) == '@') {
662 					if (innetgr(user+2, NULL,
663 							ruser, ypdomain))
664 						return(-1);
665 				} else {
666 					if (!strcmp(ruser, user+1))
667 						return(-1);
668 				}
669 			}
670 			break;
671 		default:	/* no rejections: try to match the user */
672 			if (hostok)
673 				userok = !(strcmp(ruser,*user ? user : luser));
674 			break;
675 		}
676 		if (hostok && userok)
677 			return(0);
678 	}
679 	return (-1);
680 }
681 
682 /*
683  * Returns "true" if match, 0 if no match.
684  */
685 static int
686 __icheckhost(const struct sockaddr *raddr, socklen_t salen, const char *lhost)
687 {
688 	struct sockaddr_in sin;
689 	struct sockaddr_in6 *sin6;
690 	struct addrinfo hints, *res, *r;
691 	int error;
692 	char h1[NI_MAXHOST], h2[NI_MAXHOST];
693 
694 	if (raddr->sa_family == AF_INET6) {
695 		sin6 = (struct sockaddr_in6 *)raddr;
696 		if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
697 			memset(&sin, 0, sizeof(sin));
698 			sin.sin_family = AF_INET;
699 			sin.sin_len = sizeof(struct sockaddr_in);
700 			memcpy(&sin.sin_addr, &sin6->sin6_addr.s6_addr[12],
701 			       sizeof(sin.sin_addr));
702 			raddr = (struct sockaddr *)&sin;
703 			salen = sin.sin_len;
704 		}
705 	}
706 
707 	h1[0] = '\0';
708 	if (getnameinfo(raddr, salen, h1, sizeof(h1), NULL, 0,
709 			NI_NUMERICHOST) != 0)
710 		return (0);
711 
712 	/* Resolve laddr into sockaddr */
713 	memset(&hints, 0, sizeof(hints));
714 	hints.ai_family = raddr->sa_family;
715 	hints.ai_socktype = SOCK_DGRAM;	/*XXX dummy*/
716 	res = NULL;
717 	error = getaddrinfo(lhost, "0", &hints, &res);
718 	if (error)
719 		return (0);
720 
721 	for (r = res; r ; r = r->ai_next) {
722 		h2[0] = '\0';
723 		if (getnameinfo(r->ai_addr, r->ai_addrlen, h2, sizeof(h2),
724 				NULL, 0, NI_NUMERICHOST) != 0)
725 			continue;
726 		if (strcmp(h1, h2) == 0) {
727 			freeaddrinfo(res);
728 			return (1);
729 		}
730 	}
731 
732 	/* No match. */
733 	freeaddrinfo(res);
734 	return (0);
735 }
736