xref: /freebsd/usr.sbin/lpr/lpd/lpd.c (revision daf1cffce2e07931f27c6c6998652e90df6ba87e) 
1 /*
2  * Copyright (c) 1983, 1993, 1994
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  * 3. All advertising materials mentioning features or use of this software
15  *    must display the following acknowledgement:
16  *	This product includes software developed by the University of
17  *	California, Berkeley and its contributors.
18  * 4. Neither the name of the University nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 #ifndef lint
36 static const char copyright[] =
37 "@(#) Copyright (c) 1983, 1993, 1994\n\
38 	The Regents of the University of California.  All rights reserved.\n";
39 #endif /* not lint */
40 
41 #ifndef lint
42 #if 0
43 static char sccsid[] = "@(#)lpd.c	8.7 (Berkeley) 5/10/95";
44 #endif
45 static const char rcsid[] =
46   "$FreeBSD$";
47 #endif /* not lint */
48 
49 /*
50  * lpd -- line printer daemon.
51  *
52  * Listen for a connection and perform the requested operation.
53  * Operations are:
54  *	\1printer\n
55  *		check the queue for jobs and print any found.
56  *	\2printer\n
57  *		receive a job from another machine and queue it.
58  *	\3printer [users ...] [jobs ...]\n
59  *		return the current state of the queue (short form).
60  *	\4printer [users ...] [jobs ...]\n
61  *		return the current state of the queue (long form).
62  *	\5printer person [users ...] [jobs ...]\n
63  *		remove jobs from the queue.
64  *
65  * Strategy to maintain protected spooling area:
66  *	1. Spooling area is writable only by daemon and spooling group
67  *	2. lpr runs setuid root and setgrp spooling group; it uses
68  *	   root to access any file it wants (verifying things before
69  *	   with an access call) and group id to know how it should
70  *	   set up ownership of files in the spooling area.
71  *	3. Files in spooling area are owned by root, group spooling
72  *	   group, with mode 660.
73  *	4. lpd, lpq and lprm run setuid daemon and setgrp spooling group to
74  *	   access files and printer.  Users can't get to anything
75  *	   w/o help of lpq and lprm programs.
76  */
77 
78 #include <sys/param.h>
79 #include <sys/wait.h>
80 #include <sys/types.h>
81 #include <sys/socket.h>
82 #include <sys/un.h>
83 #include <sys/stat.h>
84 #include <sys/file.h>
85 #include <netinet/in.h>
86 #include <arpa/inet.h>
87 
88 #include <netdb.h>
89 #include <unistd.h>
90 #include <syslog.h>
91 #include <signal.h>
92 #include <err.h>
93 #include <errno.h>
94 #include <fcntl.h>
95 #include <dirent.h>
96 #include <stdio.h>
97 #include <stdlib.h>
98 #include <string.h>
99 #include <sysexits.h>
100 #include <ctype.h>
101 #include "lp.h"
102 #include "lp.local.h"
103 #include "pathnames.h"
104 #include "extern.h"
105 
106 int	lflag;				/* log requests flag */
107 int	from_remote;			/* from remote socket */
108 
109 int		  main __P((int, char **));
110 static void       reapchild __P((int));
111 static void       mcleanup __P((int));
112 static void       doit __P((void));
113 static void       startup __P((void));
114 static void       chkhost __P((struct sockaddr_in *));
115 static int	  ckqueue __P((struct printer *));
116 static void	  usage __P((void));
117 /* From rcmd.c: */
118 int		  __ivaliduser __P((FILE *, u_long, const char *,
119 				    const char *));
120 
121 uid_t	uid, euid;
122 
123 int
124 main(argc, argv)
125 	int argc;
126 	char **argv;
127 {
128 	int f, funix, finet, options, fromlen, i, errs;
129 	fd_set defreadfds;
130 	struct sockaddr_un un, fromunix;
131 	struct sockaddr_in sin, frominet;
132 	int lfd;
133 	sigset_t omask, nmask;
134 	struct servent *sp, serv;
135 
136 	euid = geteuid();	/* these shouldn't be different */
137 	uid = getuid();
138 	options = 0;
139 	gethostname(host, sizeof(host));
140 
141 	name = "lpd";
142 
143 	if (euid != 0)
144 		errx(EX_NOPERM,"must run as root");
145 
146 	errs = 0;
147 	while ((i = getopt(argc, argv, "dl")) != -1)
148 		switch (i) {
149 		case 'd':
150 			options |= SO_DEBUG;
151 			break;
152 		case 'l':
153 			lflag++;
154 			break;
155 		default:
156 			errs++;
157 		}
158 	argc -= optind;
159 	argv += optind;
160 	if (errs)
161 		usage();
162 
163 	if (argc == 1) {
164 		if ((i = atoi(argv[0])) == 0)
165 			usage();
166 		if (i < 0 || i > USHRT_MAX)
167 			errx(EX_USAGE, "port # %d is invalid", i);
168 
169 		serv.s_port = htons(i);
170 		sp = &serv;
171 		argc--;
172 	} else {
173 		sp = getservbyname("printer", "tcp");
174 		if (sp == NULL)
175 			errx(EX_OSFILE, "printer/tcp: unknown service");
176 	}
177 
178 	if (argc != 0)
179 		usage();
180 
181 	/*
182 	 * We run chkprintcap right away to catch any errors and blat them
183 	 * to stderr while we still have it open, rather than sending them
184 	 * to syslog and leaving the user wondering why lpd started and
185 	 * then stopped.  There should probably be a command-line flag to
186 	 * ignore errors from chkprintcap.
187 	 */
188 	{
189 		pid_t pid;
190 		int status;
191 		pid = fork();
192 		if (pid < 0) {
193 			err(EX_OSERR, "cannot fork");
194 		} else if (pid == 0) {	/* child */
195 			execl(_PATH_CHKPRINTCAP, _PATH_CHKPRINTCAP, (char *)0);
196 			err(EX_OSERR, "cannot execute %s", _PATH_CHKPRINTCAP);
197 		}
198 		if (waitpid(pid, &status, 0) < 0) {
199 			err(EX_OSERR, "cannot wait");
200 		}
201 		if (WIFEXITED(status) && WEXITSTATUS(status) != 0)
202 			errx(EX_OSFILE, "%d errors in printcap file, exiting",
203 			     WEXITSTATUS(status));
204 	}
205 
206 #ifndef DEBUG
207 	/*
208 	 * Set up standard environment by detaching from the parent.
209 	 */
210 	daemon(0, 0);
211 #endif
212 
213 	openlog("lpd", LOG_PID, LOG_LPR);
214 	syslog(LOG_INFO, "restarted");
215 	(void) umask(0);
216 	/*
217 	 * NB: This depends on O_NONBLOCK semantics doing the right thing;
218 	 * i.e., applying only to the O_EXLOCK and not to the rest of the
219 	 * open/creation.  As of 1997-12-02, this is the case for commonly-
220 	 * used filesystems.  There are other places in this code which
221 	 * make the same assumption.
222 	 */
223 	lfd = open(_PATH_MASTERLOCK, O_WRONLY|O_CREAT|O_EXLOCK|O_NONBLOCK,
224 		   LOCK_FILE_MODE);
225 	if (lfd < 0) {
226 		if (errno == EWOULDBLOCK)	/* active deamon present */
227 			exit(0);
228 		syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK);
229 		exit(1);
230 	}
231 	fcntl(lfd, F_SETFL, 0);	/* turn off non-blocking mode */
232 	ftruncate(lfd, 0);
233 	/*
234 	 * write process id for others to know
235 	 */
236 	sprintf(line, "%u\n", getpid());
237 	f = strlen(line);
238 	if (write(lfd, line, f) != f) {
239 		syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK);
240 		exit(1);
241 	}
242 	signal(SIGCHLD, reapchild);
243 	/*
244 	 * Restart all the printers.
245 	 */
246 	startup();
247 	(void) unlink(_PATH_SOCKETNAME);
248 	funix = socket(AF_UNIX, SOCK_STREAM, 0);
249 	if (funix < 0) {
250 		syslog(LOG_ERR, "socket: %m");
251 		exit(1);
252 	}
253 
254 	sigemptyset(&nmask);
255 	sigaddset(&nmask, SIGHUP);
256 	sigaddset(&nmask, SIGINT);
257 	sigaddset(&nmask, SIGQUIT);
258 	sigaddset(&nmask, SIGTERM);
259 	sigprocmask(SIG_BLOCK, &nmask, &omask);
260 
261 	(void) umask(07);
262 	signal(SIGHUP, mcleanup);
263 	signal(SIGINT, mcleanup);
264 	signal(SIGQUIT, mcleanup);
265 	signal(SIGTERM, mcleanup);
266 	memset(&un, 0, sizeof(un));
267 	un.sun_family = AF_UNIX;
268 	strcpy(un.sun_path, _PATH_SOCKETNAME);
269 #ifndef SUN_LEN
270 #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2)
271 #endif
272 	if (bind(funix, (struct sockaddr *)&un, SUN_LEN(&un)) < 0) {
273 		syslog(LOG_ERR, "ubind: %m");
274 		exit(1);
275 	}
276 	(void) umask(0);
277 	sigprocmask(SIG_SETMASK, &omask, (sigset_t *)0);
278 	FD_ZERO(&defreadfds);
279 	FD_SET(funix, &defreadfds);
280 	listen(funix, 5);
281 	finet = socket(AF_INET, SOCK_STREAM, 0);
282 	if (finet >= 0) {
283 		if (options & SO_DEBUG)
284 			if (setsockopt(finet, SOL_SOCKET, SO_DEBUG, 0, 0) < 0) {
285 				syslog(LOG_ERR, "setsockopt (SO_DEBUG): %m");
286 				mcleanup(0);
287 			}
288 		memset(&sin, 0, sizeof(sin));
289 		sin.sin_family = AF_INET;
290 		sin.sin_port = sp->s_port;
291 		if (bind(finet, (struct sockaddr *)&sin, sizeof(sin)) < 0) {
292 			syslog(LOG_ERR, "bind: %m");
293 			mcleanup(0);
294 		}
295 		FD_SET(finet, &defreadfds);
296 		listen(finet, 5);
297 	}
298 	/*
299 	 * Main loop: accept, do a request, continue.
300 	 */
301 	memset(&frominet, 0, sizeof(frominet));
302 	memset(&fromunix, 0, sizeof(fromunix));
303 	/*
304 	 * XXX - should be redone for multi-protocol
305 	 */
306 	for (;;) {
307 		int domain, nfds, s;
308 		fd_set readfds;
309 
310 		FD_COPY(&defreadfds, &readfds);
311 		nfds = select(20, &readfds, 0, 0, 0);
312 		if (nfds <= 0) {
313 			if (nfds < 0 && errno != EINTR)
314 				syslog(LOG_WARNING, "select: %m");
315 			continue;
316 		}
317 		if (FD_ISSET(funix, &readfds)) {
318 			domain = AF_UNIX, fromlen = sizeof(fromunix);
319 			s = accept(funix,
320 			    (struct sockaddr *)&fromunix, &fromlen);
321 		} else /* if (FD_ISSET(finet, &readfds)) */  {
322 			domain = AF_INET, fromlen = sizeof(frominet);
323 			s = accept(finet,
324 			    (struct sockaddr *)&frominet, &fromlen);
325 			if (frominet.sin_port == htons(20)) {
326 				close(s);
327 				continue;
328 			}
329 		}
330 		if (s < 0) {
331 			if (errno != EINTR)
332 				syslog(LOG_WARNING, "accept: %m");
333 			continue;
334 		}
335 		if (fork() == 0) {
336 			signal(SIGCHLD, SIG_IGN);
337 			signal(SIGHUP, SIG_IGN);
338 			signal(SIGINT, SIG_IGN);
339 			signal(SIGQUIT, SIG_IGN);
340 			signal(SIGTERM, SIG_IGN);
341 			(void) close(funix);
342 			(void) close(finet);
343 			dup2(s, 1);
344 			(void) close(s);
345 			if (domain == AF_INET) {
346 				from_remote = 1;
347 				chkhost(&frominet);
348 			} else
349 				from_remote = 0;
350 			doit();
351 			exit(0);
352 		}
353 		(void) close(s);
354 	}
355 }
356 
357 static void
358 reapchild(signo)
359 	int signo;
360 {
361 	union wait status;
362 
363 	while (wait3((int *)&status, WNOHANG, 0) > 0)
364 		;
365 }
366 
367 static void
368 mcleanup(signo)
369 	int signo;
370 {
371 	if (lflag)
372 		syslog(LOG_INFO, "exiting");
373 	unlink(_PATH_SOCKETNAME);
374 	exit(0);
375 }
376 
377 /*
378  * Stuff for handling job specifications
379  */
380 char	*user[MAXUSERS];	/* users to process */
381 int	users;			/* # of users in user array */
382 int	requ[MAXREQUESTS];	/* job number of spool entries */
383 int	requests;		/* # of spool requests */
384 char	*person;		/* name of person doing lprm */
385 
386 char	fromb[MAXHOSTNAMELEN];	/* buffer for client's machine name */
387 char	cbuf[BUFSIZ];		/* command line buffer */
388 char	*cmdnames[] = {
389 	"null",
390 	"printjob",
391 	"recvjob",
392 	"displayq short",
393 	"displayq long",
394 	"rmjob"
395 };
396 
397 static void
398 doit()
399 {
400 	char *cp, *printer;
401 	int n;
402 	int status;
403 	struct printer myprinter, *pp = &myprinter;
404 
405 	init_printer(&myprinter);
406 
407 	for (;;) {
408 		cp = cbuf;
409 		do {
410 			if (cp >= &cbuf[sizeof(cbuf) - 1])
411 				fatal(0, "Command line too long");
412 			if ((n = read(1, cp, 1)) != 1) {
413 				if (n < 0)
414 					fatal(0, "Lost connection");
415 				return;
416 			}
417 		} while (*cp++ != '\n');
418 		*--cp = '\0';
419 		cp = cbuf;
420 		if (lflag) {
421 			if (*cp >= '\1' && *cp <= '\5')
422 				syslog(LOG_INFO, "%s requests %s %s",
423 					from, cmdnames[(u_char)*cp], cp+1);
424 			else
425 				syslog(LOG_INFO, "bad request (%d) from %s",
426 					*cp, from);
427 		}
428 		switch (*cp++) {
429 		case CMD_CHECK_QUE: /* check the queue, print any jobs there */
430 			startprinting(cp);
431 			break;
432 		case CMD_TAKE_THIS: /* receive files to be queued */
433 			if (!from_remote) {
434 				syslog(LOG_INFO, "illegal request (%d)", *cp);
435 				exit(1);
436 			}
437 			recvjob(cp);
438 			break;
439 		case CMD_SHOWQ_SHORT: /* display the queue (short form) */
440 		case CMD_SHOWQ_LONG: /* display the queue (long form) */
441 			/* XXX - this all needs to be redone. */
442 			printer = cp;
443 			while (*cp) {
444 				if (*cp != ' ') {
445 					cp++;
446 					continue;
447 				}
448 				*cp++ = '\0';
449 				while (isspace(*cp))
450 					cp++;
451 				if (*cp == '\0')
452 					break;
453 				if (isdigit(*cp)) {
454 					if (requests >= MAXREQUESTS)
455 						fatal(0, "Too many requests");
456 					requ[requests++] = atoi(cp);
457 				} else {
458 					if (users >= MAXUSERS)
459 						fatal(0, "Too many users");
460 					user[users++] = cp;
461 				}
462 			}
463 			status = getprintcap(printer, pp);
464 			if (status < 0)
465 				fatal(pp, pcaperr(status));
466 			displayq(pp, cbuf[0] == CMD_SHOWQ_LONG);
467 			exit(0);
468 		case CMD_RMJOB:	/* remove a job from the queue */
469 			if (!from_remote) {
470 				syslog(LOG_INFO, "illegal request (%d)", *cp);
471 				exit(1);
472 			}
473 			printer = cp;
474 			while (*cp && *cp != ' ')
475 				cp++;
476 			if (!*cp)
477 				break;
478 			*cp++ = '\0';
479 			person = cp;
480 			while (*cp) {
481 				if (*cp != ' ') {
482 					cp++;
483 					continue;
484 				}
485 				*cp++ = '\0';
486 				while (isspace(*cp))
487 					cp++;
488 				if (*cp == '\0')
489 					break;
490 				if (isdigit(*cp)) {
491 					if (requests >= MAXREQUESTS)
492 						fatal(0, "Too many requests");
493 					requ[requests++] = atoi(cp);
494 				} else {
495 					if (users >= MAXUSERS)
496 						fatal(0, "Too many users");
497 					user[users++] = cp;
498 				}
499 			}
500 			rmjob(printer);
501 			break;
502 		}
503 		fatal(0, "Illegal service request");
504 	}
505 }
506 
507 /*
508  * Make a pass through the printcap database and start printing any
509  * files left from the last time the machine went down.
510  */
511 static void
512 startup()
513 {
514 	int pid, status, more;
515 	struct printer myprinter, *pp = &myprinter;
516 
517 	more = firstprinter(pp, &status);
518 	if (status)
519 		goto errloop;
520 	while (more) {
521 		if (ckqueue(pp) <= 0) {
522 			goto next;
523 		}
524 		if (lflag)
525 			syslog(LOG_INFO, "work for %s", pp->printer);
526 		if ((pid = fork()) < 0) {
527 			syslog(LOG_WARNING, "startup: cannot fork");
528 			mcleanup(0);
529 		}
530 		if (pid == 0) {
531 			lastprinter();
532 			printjob(pp);
533 			/* NOTREACHED */
534 		}
535 		do {
536 next:
537 			more = nextprinter(pp, &status);
538 errloop:
539 			if (status)
540 				syslog(LOG_WARNING,
541 				       "printcap for %s has errors, skipping",
542 				       pp->printer ? pp->printer : "<???>");
543 		} while (more && status);
544 	}
545 }
546 
547 /*
548  * Make sure there's some work to do before forking off a child
549  */
550 static int
551 ckqueue(pp)
552 	struct printer *pp;
553 {
554 	register struct dirent *d;
555 	DIR *dirp;
556 	char *spooldir;
557 
558 	spooldir = pp->spool_dir;
559 	if ((dirp = opendir(spooldir)) == NULL)
560 		return (-1);
561 	while ((d = readdir(dirp)) != NULL) {
562 		if (d->d_name[0] != 'c' || d->d_name[1] != 'f')
563 			continue;	/* daemon control files only */
564 		closedir(dirp);
565 		return (1);		/* found something */
566 	}
567 	closedir(dirp);
568 	return (0);
569 }
570 
571 #define DUMMY ":nobody::"
572 
573 /*
574  * Check to see if the from host has access to the line printer.
575  */
576 static void
577 chkhost(f)
578 	struct sockaddr_in *f;
579 {
580 	register struct hostent *hp;
581 	register FILE *hostf;
582 	int first = 1;
583 	int good = 0;
584 
585 	/* Need real hostname for temporary filenames */
586 	hp = gethostbyaddr((char *)&f->sin_addr,
587 	    sizeof(struct in_addr), f->sin_family);
588 	if (hp == NULL)
589 		fatal(0, "Host name for your address (%s) unknown",
590 			inet_ntoa(f->sin_addr));
591 
592 	(void) strncpy(fromb, hp->h_name, sizeof(fromb) - 1);
593 	fromb[sizeof(fromb) - 1] = '\0';
594 	from = fromb;
595 
596 	/* Check for spoof, ala rlogind */
597 	hp = gethostbyname(fromb);
598 	if (!hp)
599 		fatal(0, "hostname for your address (%s) unknown",
600 		    inet_ntoa(f->sin_addr));
601 	for (; good == 0 && hp->h_addr_list[0] != NULL; hp->h_addr_list++) {
602 		if (!bcmp(hp->h_addr_list[0], (caddr_t)&f->sin_addr,
603 		    sizeof(f->sin_addr)))
604 			good = 1;
605 	}
606 	if (good == 0)
607 		fatal(0, "address for your hostname (%s) not matched",
608 		    inet_ntoa(f->sin_addr));
609 
610 	hostf = fopen(_PATH_HOSTSEQUIV, "r");
611 again:
612 	if (hostf) {
613 		if (__ivaliduser(hostf, f->sin_addr.s_addr,
614 		    DUMMY, DUMMY) == 0) {
615 			(void) fclose(hostf);
616 			return;
617 		}
618 		(void) fclose(hostf);
619 	}
620 	if (first == 1) {
621 		first = 0;
622 		hostf = fopen(_PATH_HOSTSLPD, "r");
623 		goto again;
624 	}
625 	fatal(0, "Your host does not have line printer access");
626 	/*NOTREACHED*/
627 }
628 
629 static void
630 usage()
631 {
632 	fprintf(stderr, "usage: lpd [-dl] [port#]\n");
633 	exit(EX_USAGE);
634 }
635