1 /* 2 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 #pragma ident "%Z%%M% %I% %E% SMI" 7 8 /* 9 * Copyright (c) 1983 The Regents of the University of California. 10 * All rights reserved. 11 * 12 * Redistribution and use in source and binary forms are permitted 13 * provided that the above copyright notice and this paragraph are 14 * duplicated in all such forms and that any documentation, 15 * advertising materials, and other materials related to such 16 * distribution and use acknowledge that the software was developed 17 * by the University of California, Berkeley. The name of the 18 * University may not be used to endorse or promote products derived 19 * from this software without specific prior written permission. 20 * 21 */ 22 23 #define _FILE_OFFSET_BITS 64 24 25 /* 26 * rcp 27 */ 28 #include <sys/param.h> 29 #include <sys/file.h> 30 #include <sys/stat.h> 31 #include <sys/time.h> 32 #include <sys/types.h> 33 #include <sys/ioctl.h> 34 #include <sys/acl.h> 35 #include <dirent.h> 36 #include <signal.h> 37 #include <sys/socket.h> 38 #include <netinet/in.h> 39 #include <pwd.h> 40 #include <netdb.h> 41 #include <wchar.h> 42 #include <stdlib.h> 43 #include <errno.h> 44 #include <locale.h> 45 #include <strings.h> 46 #include <stdio.h> 47 #include <ctype.h> 48 #include <fcntl.h> 49 #include <unistd.h> 50 #include <limits.h> 51 #include <priv_utils.h> 52 #include <sys/sendfile.h> 53 #include <sys/sysmacros.h> 54 #include <sys/wait.h> 55 #include <aclutils.h> 56 57 /* 58 * It seems like Berkeley got these from pathnames.h? 59 */ 60 #define _PATH_RSH "/usr/bin/rsh" 61 #define _PATH_CP "/usr/bin/cp" 62 #define _PATH_BSHELL "/usr/bin/sh" 63 64 #define ACL_FAIL 1 65 #define ACL_OK 0 66 #define RCP_BUFSIZE (64 * 1024) 67 68 #define RCP_ACL "/usr/lib/sunw,rcp" 69 /* see PSARC/1993/004/opinion */ 70 71 typedef struct _buf { 72 int cnt; 73 char *buf; 74 } BUF; 75 76 static char *cmd_sunw; 77 static struct passwd *pwd; 78 static int errs; 79 static int pflag; 80 static uid_t userid; 81 static int rem; 82 static int zflag; 83 static int iamremote; 84 static int iamrecursive; 85 static int targetshouldbedirectory; 86 static int aclflag; 87 static int acl_aclflag; 88 static int retval = 0; 89 static int portnumber = 0; 90 91 static void lostconn(void); 92 static char *search_char(unsigned char *, unsigned char); 93 static char *removebrackets(char *); 94 static char *colon(char *); 95 static int response(void); 96 static void usage(void); 97 static void source(int, char **); 98 static void sink(int, char **); 99 static void toremote(char *, int, char **); 100 static void tolocal(int, char **); 101 static void verifydir(char *); 102 static int okname(char *); 103 static int susystem(char *); 104 static void rsource(char *, struct stat *); 105 static int sendacl(int); 106 static int recvacl(int, int, int); 107 static int zwrite(int, char *, int); 108 static void zopen(int, int); 109 static int zclose(int); 110 static int notzero(char *, int); 111 static BUF *allocbuf(BUF *, int, int); 112 static void error(char *fmt, ...); 113 114 /* 115 * As a 32 bit application, we can only transfer (2gb - 1) i.e 0x7FFFFFFF 116 * bytes of data. We would like the size to be aligned to the nearest 117 * MAXBOFFSET (8192) boundary for optimal performance. 118 */ 119 #define SENDFILE_SIZE 0x7FFFE000 120 121 #include <k5-int.h> 122 #include <profile/prof_int.h> 123 #include <com_err.h> 124 #include <kcmd.h> 125 126 #define NULLBUF (BUF *) 0 127 128 static int sock; 129 static char *cmd, *cmd_orig, *cmd_sunw_orig; 130 static char *krb_realm = NULL; 131 static char *krb_cache = NULL; 132 static char *krb_config = NULL; 133 static char des_inbuf[2 * RCP_BUFSIZE]; 134 /* needs to be > largest read size */ 135 static char des_outbuf[2 * RCP_BUFSIZE]; 136 /* needs to be > largest write size */ 137 138 static krb5_data desinbuf, desoutbuf; 139 static krb5_encrypt_block eblock; /* eblock for encrypt/decrypt */ 140 static krb5_keyblock *session_key; /* static key for session */ 141 static krb5_context bsd_context; 142 static krb5_auth_context auth_context; 143 static krb5_flags authopts; 144 static krb5_error_code status; 145 146 static void try_normal_rcp(int, char **); 147 static int init_service(int); 148 static char **save_argv(int, char **); 149 static void answer_auth(char *, char *); 150 static int desrcpwrite(int, char *, int); 151 static int desrcpread(int, char *, int); 152 153 /* 154 * Not sure why these two don't have their own header file declarations, but 155 * lint complains about absent declarations so place some here. Sigh. 156 */ 157 extern errcode_t profile_get_options_boolean(profile_t, char **, 158 profile_options_boolean *); 159 extern errcode_t profile_get_options_string(profile_t, char **, 160 profile_option_strings *); 161 162 static int krb5auth_flag = 0; /* Flag set, when KERBEROS is enabled */ 163 static int encrypt_flag = 0; /* Flag set, when encryption is enabled */ 164 static int encrypt_done = 0; /* Flag set, if "-x" is specified */ 165 static enum kcmd_proto kcmd_proto = KCMD_NEW_PROTOCOL; 166 167 /* Flag set, if -PN / -PO is specified */ 168 static boolean_t rcmdoption_done = B_FALSE; 169 170 static profile_options_boolean option[] = { 171 { "encrypt", &encrypt_flag, 0 }, 172 { NULL, NULL, 0 } 173 }; 174 175 static char *rcmdproto = NULL; 176 static profile_option_strings rcmdversion[] = { 177 { "rcmd_protocol", &rcmdproto, 0 }, 178 { NULL, NULL, 0 } 179 }; 180 181 static char *realmdef[] = { "realms", NULL, "rcp", NULL }; 182 static char *appdef[] = { "appdefaults", "rcp", NULL }; 183 static char **prev_argv; 184 static int prev_argc; 185 186 int 187 main(int argc, char *argv[]) 188 { 189 int ch, fflag, tflag; 190 char *targ; 191 size_t cmdsiz; 192 193 (void) setlocale(LC_ALL, ""); 194 195 if (strcmp(argv[0], RCP_ACL) == 0) 196 aclflag = 1; 197 198 if (!(pwd = getpwuid(userid = getuid()))) { 199 (void) fprintf(stderr, "rcp: unknown user %d.\n", 200 (uint_t)userid); 201 return (1); 202 } 203 204 fflag = tflag = 0; 205 while ((ch = getopt(argc, argv, "axdfprtz:D:k:P:Z")) != EOF) { 206 switch (ch) { 207 case 'd': 208 targetshouldbedirectory = 1; 209 break; 210 case 'f': /* "from" */ 211 fflag = 1; 212 if (aclflag | acl_aclflag) 213 /* ok response */ 214 (void) desrcpwrite(rem, "", 1); 215 break; 216 case 'p': /* preserve access/mod times */ 217 ++pflag; 218 break; 219 case 'r': 220 ++iamrecursive; 221 break; 222 case 't': /* "to" */ 223 tflag = 1; 224 break; 225 case 'Z': 226 acl_aclflag++; 227 break; 228 case 'x': 229 if (!krb5_privacy_allowed()) { 230 (void) fprintf(stderr, gettext("rcp: " 231 "Encryption not supported.\n")); 232 return (1); 233 } 234 encrypt_flag++; 235 krb5auth_flag++; 236 encrypt_done++; 237 break; 238 case 'k': 239 if ((krb_realm = (char *)strdup(optarg)) == NULL) { 240 (void) fprintf(stderr, gettext("rcp:" 241 " Cannot malloc.\n")); 242 return (1); 243 } 244 krb5auth_flag++; 245 break; 246 case 'P': 247 if (strncmp(optarg, "O", 1) == 0) { 248 if (rcmdoption_done == B_TRUE) { 249 (void) fprintf(stderr, gettext("rcp: " 250 "Only one of -PN and -PO " 251 "allowed.\n")); 252 usage(); 253 } 254 kcmd_proto = KCMD_OLD_PROTOCOL; 255 rcmdoption_done = B_TRUE; 256 } else if (strncmp(optarg, "N", 1) == 0) { 257 if (rcmdoption_done == B_TRUE) { 258 (void) fprintf(stderr, gettext("rcp: " 259 "Only one of -PN and -PO " 260 "allowed.\n")); 261 usage(); 262 } 263 kcmd_proto = KCMD_NEW_PROTOCOL; 264 rcmdoption_done = B_TRUE; 265 } else { 266 usage(); 267 } 268 krb5auth_flag++; 269 break; 270 case 'a': 271 krb5auth_flag++; 272 break; 273 #ifdef DEBUG 274 case 'D': 275 portnumber = htons(atoi(optarg)); 276 krb5auth_flag++; 277 break; 278 #endif /* DEBUG */ 279 case '?': 280 default: 281 usage(); 282 } 283 } 284 argc -= optind; 285 argv += optind; 286 287 if (krb5auth_flag > 0) { 288 status = krb5_init_context(&bsd_context); 289 if (status) { 290 com_err("rcp", status, 291 gettext("while initializing krb5")); 292 return (1); 293 } 294 295 /* 296 * Set up buffers for desread and deswrite. 297 */ 298 desinbuf.data = des_inbuf; 299 desoutbuf.data = des_outbuf; 300 desinbuf.length = sizeof (des_inbuf); 301 desoutbuf.length = sizeof (des_outbuf); 302 } 303 304 if (fflag || tflag) 305 if (encrypt_flag > 0) 306 (void) answer_auth(krb_config, krb_cache); 307 308 if (fflag) { 309 iamremote = 1; 310 (void) response(); 311 (void) setuid(userid); 312 source(argc, argv); 313 return (errs); 314 } 315 316 if (tflag) { 317 iamremote = 1; 318 (void) setuid(userid); 319 sink(argc, argv); 320 return (errs); 321 } 322 323 if (argc < 2) 324 usage(); 325 326 /* This will make "rcmd_af()" magically get the proper privilege */ 327 if (__init_suid_priv(0, PRIV_NET_PRIVADDR, (char *)NULL) == -1) { 328 (void) fprintf(stderr, "rcp: must be set-uid root\n"); 329 exit(1); 330 } 331 332 if (krb5auth_flag > 0) { 333 /* 334 * Get our local realm to look up local realm options. 335 */ 336 status = krb5_get_default_realm(bsd_context, &realmdef[1]); 337 if (status) { 338 com_err("rcp", status, 339 gettext("while getting default realm")); 340 return (1); 341 } 342 /* 343 * See if encryption should be done for this realm 344 */ 345 profile_get_options_boolean(bsd_context->profile, realmdef, 346 option); 347 /* 348 * Check the appdefaults section 349 */ 350 profile_get_options_boolean(bsd_context->profile, appdef, 351 option); 352 profile_get_options_string(bsd_context->profile, appdef, 353 rcmdversion); 354 if ((encrypt_done > 0) || (encrypt_flag > 0)) { 355 if (krb5_privacy_allowed() == TRUE) { 356 encrypt_flag++; 357 } else { 358 (void) fprintf(stderr, gettext("rcp: Encryption" 359 " not supported.\n")); 360 return (1); 361 } 362 } 363 364 if ((rcmdoption_done == B_FALSE) && (rcmdproto != NULL)) { 365 if (strncmp(rcmdproto, "rcmdv2", 6) == 0) { 366 kcmd_proto = KCMD_NEW_PROTOCOL; 367 } else if (strncmp(rcmdproto, "rcmdv1", 6) == 0) { 368 kcmd_proto = KCMD_OLD_PROTOCOL; 369 } else { 370 (void) fprintf(stderr, gettext("Unrecognized " 371 "KCMD protocol (%s)"), rcmdproto); 372 return (1); 373 } 374 } 375 } 376 377 if (argc > 2) 378 targetshouldbedirectory = 1; 379 380 rem = -1; 381 382 if (portnumber == 0) { 383 if (krb5auth_flag > 0) { 384 retval = init_service(krb5auth_flag); 385 if (!retval) { 386 /* 387 * Connecting to the kshell service failed, 388 * fallback to normal rcp & reset KRB5 flags. 389 */ 390 krb5auth_flag = encrypt_flag = 0; 391 encrypt_done = 0; 392 (void) init_service(krb5auth_flag); 393 } 394 } 395 else 396 (void) init_service(krb5auth_flag); 397 } 398 399 #ifdef DEBUG 400 if (retval || krb5auth_flag) { 401 (void) fprintf(stderr, gettext("Kerberized rcp session, " 402 "port %d in use "), portnumber); 403 if (kcmd_proto == KCMD_OLD_PROTOCOL) 404 (void) fprintf(stderr, gettext("[kcmd ver.1]\n")); 405 else 406 (void) fprintf(stderr, gettext("[kcmd ver.2]\n")); 407 } else { 408 (void) fprintf(stderr, gettext("Normal rcp session, port %d " 409 "in use.\n"), portnumber); 410 } 411 #endif /* DEBUG */ 412 413 if (krb5auth_flag > 0) { 414 /* 415 * We calculate here a buffer size that can be used in the 416 * allocation of the three buffers cmd, cmd_orig and 417 * cmd_sunw_orig that are used to hold different incantations 418 * of rcp. 419 */ 420 cmdsiz = MAX(sizeof ("-x rcp -r -p -d -k ") + 421 strlen(krb_realm != NULL ? krb_realm : ""), 422 sizeof (RCP_ACL " -r -p -z -d")); 423 424 if (((cmd = (char *)malloc(cmdsiz)) == NULL) || 425 ((cmd_sunw_orig = (char *)malloc(cmdsiz)) == NULL) || 426 ((cmd_orig = (char *)malloc(cmdsiz)) == NULL)) { 427 (void) fprintf(stderr, gettext("rcp: Cannot " 428 "malloc.\n")); 429 return (1); 430 } 431 432 (void) snprintf(cmd, cmdsiz, "%srcp %s%s%s%s%s", 433 encrypt_flag ? "-x " : "", 434 435 iamrecursive ? " -r" : "", pflag ? " -p" : "", 436 targetshouldbedirectory ? " -d" : "", 437 krb_realm != NULL ? " -k " : "", 438 krb_realm != NULL ? krb_realm : ""); 439 440 /* 441 * We would use cmd-orig as the 'cmd-buffer' if kerberized 442 * rcp fails, in which case we fallback to normal rcp. We also 443 * save argc & argv for the same purpose 444 */ 445 (void) snprintf(cmd_orig, cmdsiz, "rcp%s%s%s%s", 446 iamrecursive ? " -r" : "", 447 pflag ? " -p" : "", 448 zflag ? " -z" : "", 449 targetshouldbedirectory ? " -d" : ""); 450 451 (void) snprintf(cmd_sunw_orig, cmdsiz, "%s%s%s%s%s", RCP_ACL, 452 iamrecursive ? " -r" : "", 453 pflag ? " -p" : "", 454 zflag ? " -z" : "", 455 targetshouldbedirectory ? " -d" : ""); 456 457 prev_argc = argc; 458 prev_argv = save_argv(argc, argv); 459 460 } else { 461 cmdsiz = sizeof ("rcp -r -p -z -d"); 462 if (((cmd = (char *)malloc(cmdsiz)) == NULL)) { 463 (void) fprintf(stderr, gettext("rcp: Cannot " 464 "malloc.\n")); 465 return (1); 466 } 467 468 (void) snprintf(cmd, cmdsiz, "rcp%s%s%s%s", 469 iamrecursive ? " -r" : "", 470 pflag ? " -p" : "", 471 zflag ? " -z" : "", 472 targetshouldbedirectory ? " -d" : ""); 473 } 474 475 cmdsiz = sizeof (RCP_ACL " -r -p -z -d"); 476 if ((cmd_sunw = (char *)malloc(cmdsiz)) == NULL) { 477 (void) fprintf(stderr, gettext("rcp: Cannot malloc.\n")); 478 return (1); 479 } 480 481 (void) snprintf(cmd_sunw, cmdsiz, "%s%s%s%s%s", RCP_ACL, 482 iamrecursive ? " -r" : "", 483 pflag ? " -p" : "", 484 zflag ? " -z" : "", 485 targetshouldbedirectory ? " -d" : ""); 486 487 (void) signal(SIGPIPE, (void (*)(int))lostconn); 488 489 if (targ = colon(argv[argc - 1])) 490 toremote(targ, argc, argv); 491 else { 492 tolocal(argc, argv); 493 if (targetshouldbedirectory) 494 verifydir(argv[argc - 1]); 495 } 496 497 return (errs > 0 ? EXIT_FAILURE : EXIT_SUCCESS); 498 } 499 500 501 static void 502 toremote(char *targ, int argc, char *argv[]) 503 { 504 int i; 505 char *host, *src, *suser, *thost, *tuser; 506 char resp; 507 size_t buffersize; 508 char bp[RCP_BUFSIZE]; 509 krb5_creds *cred; 510 buffersize = RCP_BUFSIZE; 511 512 *targ++ = 0; 513 if (*targ == 0) 514 targ = "."; 515 516 if (thost = search_char((unsigned char *)argv[argc - 1], '@')) { 517 *thost++ = 0; 518 tuser = argv[argc - 1]; 519 if (*tuser == '\0') 520 tuser = NULL; 521 else if (!okname(tuser)) 522 exit(1); 523 } else { 524 thost = argv[argc - 1]; 525 tuser = NULL; 526 } 527 thost = removebrackets(thost); 528 529 for (i = 0; i < argc - 1; i++) { 530 src = colon(argv[i]); 531 if (src) { /* remote to remote */ 532 *src++ = 0; 533 if (*src == 0) 534 src = "."; 535 host = search_char((unsigned char *)argv[i], '@'); 536 if (host) { 537 *host++ = 0; 538 host = removebrackets(host); 539 suser = argv[i]; 540 if (*suser == '\0') { 541 suser = pwd->pw_name; 542 } else if (!okname(suser)) { 543 errs++; 544 continue; 545 } 546 (void) snprintf(bp, buffersize, 547 "%s %s -l %s -n %s %s '%s%s%s:%s'", 548 _PATH_RSH, host, suser, cmd, src, 549 tuser ? tuser : "", tuser ? "@" : "", 550 thost, targ); 551 } else { 552 host = removebrackets(argv[i]); 553 (void) snprintf(bp, buffersize, 554 "%s %s -n %s %s '%s%s%s:%s'", 555 _PATH_RSH, host, cmd, src, 556 tuser ? tuser : "", tuser ? "@" : "", 557 thost, targ); 558 } 559 if (susystem(bp) == -1) 560 errs++; 561 } else { /* local to remote */ 562 if (rem == -1) { 563 host = thost; 564 if (krb5auth_flag > 0) { 565 566 (void) snprintf(bp, buffersize, 567 "%s -t %s", cmd, targ); 568 authopts = AP_OPTS_MUTUAL_REQUIRED; 569 status = kcmd(&sock, &host, 570 portnumber, 571 pwd->pw_name, 572 tuser ? tuser : 573 pwd->pw_name, 574 bp, 575 0, 576 "host", 577 krb_realm, 578 bsd_context, 579 &auth_context, 580 &cred, 581 0, /* No seq # */ 582 0, /* No server seq # */ 583 authopts, 584 0, /* Not any port # */ 585 &kcmd_proto); 586 if (status) { 587 /* 588 * If new protocol requested, we dont 589 * fallback to less secure ones. 590 */ 591 592 if (kcmd_proto == KCMD_NEW_PROTOCOL) { 593 (void) fprintf(stderr, 594 gettext("rcp: kcmdv2 " 595 "to host %s failed - %s" 596 "\nFallback to normal " 597 "rcp denied."), host, 598 error_message(status)); 599 exit(1); 600 } 601 if (status != -1) { 602 (void) fprintf(stderr, 603 gettext("rcp: kcmd to host " 604 "%s failed - %s,\n" 605 "trying normal rcp...\n\n"), 606 host, error_message(status)); 607 } else { 608 (void) fprintf(stderr, 609 gettext("trying normal" 610 " rcp...\n")); 611 } 612 /* 613 * kcmd() failed, so we have to 614 * fallback to normal rcp 615 */ 616 try_normal_rcp(prev_argc, prev_argv); 617 } else { 618 rem = sock; 619 session_key = &cred->keyblock; 620 if (kcmd_proto == KCMD_NEW_PROTOCOL) { 621 /* CSTYLED */ 622 status = krb5_auth_con_getlocalsubkey(bsd_context, auth_context, &session_key); 623 if (status) { 624 com_err("rcp", status, 625 "determining " 626 "subkey for " 627 "session"); 628 exit(1); 629 } 630 if (!session_key) { 631 com_err("rcp", 0, 632 "no subkey " 633 "negotiated for" 634 " connection"); 635 exit(1); 636 } 637 } 638 eblock.crypto_entry = 639 session_key->enctype; 640 eblock.key = 641 (krb5_keyblock *)session_key; 642 643 init_encrypt(encrypt_flag, 644 bsd_context, kcmd_proto, 645 &desinbuf, &desoutbuf, CLIENT, 646 &eblock); 647 if (encrypt_flag > 0) { 648 char *s = gettext("This rcp " 649 "session is using " 650 "encryption for all " 651 "data transmissions." 652 "\r\n"); 653 654 (void) write(2, s, strlen(s)); 655 } 656 } 657 if (response() < 0) 658 exit(1); 659 660 } else { 661 662 /* 663 * ACL support: try to find out if the remote 664 * site is running acl cognizant version of 665 * rcp. A special binary name is used for this 666 * purpose. 667 */ 668 aclflag = 1; 669 acl_aclflag = 1; 670 671 /* 672 * First see if the remote side will support 673 * both aclent_t and ace_t acl's? 674 */ 675 (void) snprintf(bp, buffersize, "%s -tZ %s", 676 cmd_sunw, targ); 677 rem = rcmd_af(&host, portnumber, pwd->pw_name, 678 tuser ? tuser : pwd->pw_name, 679 bp, 0, AF_INET6); 680 if (rem < 0) 681 exit(1); 682 683 /* 684 * This is similar to routine response(). 685 * If response is not ok, treat the other 686 * side as non-acl rcp. 687 */ 688 if (read(rem, &resp, sizeof (resp)) 689 != sizeof (resp)) 690 lostconn(); 691 if (resp != 0) { 692 acl_aclflag = 0; 693 (void) snprintf(bp, buffersize, 694 "%s -t %s", cmd_sunw, targ); 695 696 (void) close(rem); 697 host = thost; 698 rem = rcmd_af(&host, portnumber, 699 pwd->pw_name, 700 tuser ? tuser : pwd->pw_name, 701 bp, 0, AF_INET6); 702 if (rem < 0) 703 exit(1); 704 705 if (read(rem, &resp, sizeof (resp)) 706 != sizeof (resp)) 707 lostconn(); 708 if (resp != 0) { 709 /* 710 * Not OK: 711 * The other side is running 712 * non-acl rcp. Try again with 713 * normal stuff 714 */ 715 aclflag = 0; 716 (void) snprintf(bp, buffersize, 717 "%s -t %s", cmd, targ); 718 (void) close(rem); 719 host = thost; 720 rem = rcmd_af(&host, portnumber, 721 pwd->pw_name, 722 tuser ? tuser : 723 pwd->pw_name, bp, 0, 724 AF_INET6); 725 if (rem < 0) 726 exit(1); 727 if (response() < 0) 728 exit(1); 729 } 730 } 731 /* everything should be fine now */ 732 (void) setuid(userid); 733 734 } 735 } 736 source(1, argv + i); 737 } 738 } 739 } 740 741 static void 742 tolocal(int argc, char *argv[]) 743 { 744 int i; 745 char *host, *src, *suser, *lhost; 746 char resp; 747 size_t buffersize; 748 char bp[RCP_BUFSIZE]; 749 krb5_creds *cred; 750 buffersize = RCP_BUFSIZE; 751 752 for (i = 0; i < argc - 1; i++) { 753 if (!(src = colon(argv[i]))) { /* local to local */ 754 (void) snprintf(bp, buffersize, "%s%s%s%s %s %s", 755 _PATH_CP, iamrecursive ? " -r" : "", 756 pflag ? " -p" : "", 757 zflag ? " -z" : "", 758 argv[i], argv[argc - 1]); 759 if (susystem(bp) == -1) 760 errs++; 761 continue; 762 } 763 *src++ = 0; 764 if (*src == 0) 765 src = "."; 766 host = search_char((unsigned char *)argv[i], '@'); 767 if (host) { 768 *host++ = 0; 769 suser = argv[i]; 770 if (*suser == '\0') { 771 suser = pwd->pw_name; 772 } else if (!okname(suser)) { 773 errs++; 774 continue; 775 } 776 } else { 777 host = argv[i]; 778 suser = pwd->pw_name; 779 } 780 host = removebrackets(host); 781 lhost = host; 782 if (krb5auth_flag > 0) { 783 784 (void) snprintf(bp, buffersize, "%s -f %s", cmd, src); 785 authopts = AP_OPTS_MUTUAL_REQUIRED; 786 status = kcmd(&sock, &host, 787 portnumber, 788 pwd->pw_name, suser, 789 bp, 790 0, /* &rfd2 */ 791 "host", 792 krb_realm, 793 bsd_context, 794 &auth_context, 795 &cred, 796 0, /* No seq # */ 797 0, /* No server seq # */ 798 authopts, 799 1, /* Not any port # */ 800 &kcmd_proto); 801 if (status) { 802 /* 803 * If new protocol requested, we dont 804 * fallback to less secure ones. 805 */ 806 if (kcmd_proto == KCMD_NEW_PROTOCOL) { 807 (void) fprintf(stderr, gettext("rcp: kcmdv2 " 808 "to host %s failed - %s\n" 809 "Fallback to normal rcp denied."), 810 host, error_message(status)); 811 exit(1); 812 } 813 if (status != -1) { 814 (void) fprintf(stderr, gettext("rcp: kcmd " 815 "to host %s failed - %s,\n" 816 "trying normal rcp...\n\n"), 817 host, error_message(status)); 818 } else { 819 (void) fprintf(stderr, 820 gettext("trying normal rcp...\n")); 821 } 822 /* 823 * kcmd() failed, so we have to 824 * fallback to normal rcp 825 */ 826 try_normal_rcp(prev_argc, prev_argv); 827 } else { 828 rem = sock; 829 session_key = &cred->keyblock; 830 if (kcmd_proto == KCMD_NEW_PROTOCOL) { 831 status = krb5_auth_con_getlocalsubkey( 832 bsd_context, auth_context, 833 &session_key); 834 if (status) { 835 com_err("rcp", status, "determining " 836 "subkey for session"); 837 exit(1); 838 } 839 if (!session_key) { 840 com_err("rcp", 0, "no subkey negotiated" 841 " for connection"); 842 exit(1); 843 } 844 } 845 eblock.crypto_entry = session_key->enctype; 846 eblock.key = (krb5_keyblock *)session_key; 847 848 init_encrypt(encrypt_flag, bsd_context, kcmd_proto, 849 &desinbuf, &desoutbuf, CLIENT, 850 &eblock); 851 if (encrypt_flag > 0) { 852 char *s = gettext("This rcp " 853 "session is using DES " 854 "encryption for all " 855 "data transmissions." 856 "\r\n"); 857 858 (void) write(2, s, strlen(s)); 859 } 860 } 861 862 } 863 else 864 { 865 866 /* 867 * ACL support: try to find out if the remote site is 868 * running acl cognizant version of rcp. 869 */ 870 aclflag = 1; 871 acl_aclflag = 1; 872 873 (void) snprintf(bp, buffersize, "%s -Zf %s", cmd_sunw, src); 874 rem = rcmd_af(&host, portnumber, pwd->pw_name, suser, 875 bp, 0, AF_INET6); 876 877 if (rem < 0) { 878 ++errs; 879 continue; 880 } 881 882 /* 883 * The remote system is supposed to send an ok response. 884 * If there are any data other than "ok", it must be error 885 * messages from the remote system. We can assume the 886 * remote system is running non-acl version rcp. 887 */ 888 if (read(rem, &resp, sizeof (resp)) != sizeof (resp)) 889 lostconn(); 890 if (resp != 0) { 891 892 /* 893 * Try again without ace_acl support 894 */ 895 acl_aclflag = 0; 896 (void) snprintf(bp, buffersize, "%s -f %s", 897 cmd_sunw, src); 898 rem = rcmd_af(&host, portnumber, pwd->pw_name, suser, 899 bp, 0, AF_INET6); 900 901 if (rem < 0) { 902 ++errs; 903 continue; 904 } 905 906 if (read(rem, &resp, sizeof (resp)) != sizeof (resp)) 907 lostconn(); 908 909 /* 910 * NOT ok: 911 * The other side is running non-acl rcp. 912 * Try again with normal stuff 913 */ 914 aclflag = 0; 915 (void) snprintf(bp, buffersize, "%s -f %s", cmd, src); 916 (void) close(rem); 917 host = lhost; 918 rem = rcmd_af(&host, portnumber, pwd->pw_name, 919 suser, bp, 0, AF_INET6); 920 if (rem < 0) { 921 ++errs; 922 continue; 923 } 924 } 925 } 926 927 sink(1, argv + argc - 1); 928 929 (void) close(rem); 930 rem = -1; 931 } 932 } 933 934 935 static void 936 verifydir(char *cp) 937 { 938 struct stat stb; 939 940 if (stat(cp, &stb) >= 0) { 941 if ((stb.st_mode & S_IFMT) == S_IFDIR) 942 return; 943 errno = ENOTDIR; 944 } 945 error("rcp: %s: %s.\n", cp, strerror(errno)); 946 exit(1); 947 } 948 949 static char * 950 colon(char *cp) 951 { 952 boolean_t is_bracket_open = B_FALSE; 953 954 for (; *cp; ++cp) { 955 if (*cp == '[') 956 is_bracket_open = B_TRUE; 957 else if (*cp == ']') 958 is_bracket_open = B_FALSE; 959 else if (*cp == ':' && !is_bracket_open) 960 return (cp); 961 else if (*cp == '/') 962 return (0); 963 } 964 return (0); 965 } 966 967 static int 968 okname(char *cp0) 969 { 970 register char *cp = cp0; 971 register int c; 972 973 do { 974 c = *cp; 975 if (c & 0200) 976 goto bad; 977 if (!isalpha(c) && !isdigit(c) && c != '_' && c != '-') 978 goto bad; 979 } while (*++cp); 980 return (1); 981 bad: 982 (void) fprintf(stderr, "rcp: invalid user name %s\n", cp0); 983 return (0); 984 } 985 986 987 static char * 988 removebrackets(char *str) 989 { 990 char *newstr = str; 991 992 if ((str[0] == '[') && (str[strlen(str) - 1] == ']')) { 993 newstr = str + 1; 994 str[strlen(str) - 1] = '\0'; 995 } 996 return (newstr); 997 } 998 999 static int 1000 susystem(char *s) 1001 { 1002 int status, pid, w; 1003 register void (*istat)(), (*qstat)(); 1004 int pfds[2]; 1005 char buf[BUFSIZ]; 1006 int cnt; 1007 boolean_t seen_stderr_traffic; 1008 1009 /* 1010 * Due to the fact that rcp uses rsh to copy between 2 remote 1011 * machines, rsh doesn't return the exit status of the remote 1012 * command, and we can't modify the rcmd protocol used by rsh 1013 * (for interoperability reasons) we use the hack of using any 1014 * output on stderr as indication that an error occurred and 1015 * that we should return a non-zero error code. 1016 */ 1017 1018 if (pipe(pfds) == -1) { 1019 (void) fprintf(stderr, "Couldn't create pipe: %s\n", 1020 strerror(errno)); 1021 return (-1); 1022 } 1023 1024 if ((pid = vfork()) < 0) { 1025 (void) close(pfds[0]); 1026 (void) close(pfds[1]); 1027 (void) fprintf(stderr, "Couldn't fork child process: %s\n", 1028 strerror(errno)); 1029 return (-1); 1030 } else if (pid == 0) { 1031 /* 1032 * Child. 1033 */ 1034 (void) close(pfds[0]); 1035 /* 1036 * Send stderr messages down the pipe so that we can detect 1037 * them in the parent process. 1038 */ 1039 if (pfds[1] != STDERR_FILENO) { 1040 (void) dup2(pfds[1], STDERR_FILENO); 1041 (void) close(pfds[1]); 1042 } 1043 /* 1044 * This shell does not inherit the additional privilege 1045 * we have in our Permitted set. 1046 */ 1047 (void) execl(_PATH_BSHELL, "sh", "-c", s, (char *)0); 1048 _exit(127); 1049 } 1050 /* 1051 * Parent. 1052 */ 1053 istat = signal(SIGINT, SIG_IGN); 1054 qstat = signal(SIGQUIT, SIG_IGN); 1055 1056 (void) close(pfds[1]); 1057 seen_stderr_traffic = B_FALSE; 1058 while ((cnt = read(pfds[0], buf, sizeof (buf))) > 0) { 1059 /* 1060 * If any data is read from the pipe the child process 1061 * has output something on stderr so we set the boolean 1062 * 'seen_stderr_traffic' to true, which will cause the 1063 * function to return -1. 1064 */ 1065 (void) write(STDERR_FILENO, buf, cnt); 1066 seen_stderr_traffic = B_TRUE; 1067 } 1068 (void) close(pfds[0]); 1069 while ((w = wait(&status)) != pid && w != -1) 1070 ; 1071 if (w == -1) 1072 status = -1; 1073 1074 (void) signal(SIGINT, istat); 1075 (void) signal(SIGQUIT, qstat); 1076 1077 return (seen_stderr_traffic ? -1 : status); 1078 } 1079 1080 static void 1081 source(int argc, char *argv[]) 1082 { 1083 struct stat stb; 1084 static BUF buffer; 1085 BUF *bp; 1086 int x, readerr, f, amt; 1087 char *last, *name, buf[RCP_BUFSIZE]; 1088 off_t off, size, i; 1089 ssize_t cnt; 1090 1091 for (x = 0; x < argc; x++) { 1092 name = argv[x]; 1093 if ((f = open(name, O_RDONLY, 0)) < 0) { 1094 error("rcp: %s: %s\n", name, strerror(errno)); 1095 continue; 1096 } 1097 if (fstat(f, &stb) < 0) 1098 goto notreg; 1099 switch (stb.st_mode&S_IFMT) { 1100 1101 case S_IFREG: 1102 break; 1103 1104 case S_IFDIR: 1105 if (iamrecursive) { 1106 (void) close(f); 1107 rsource(name, &stb); 1108 continue; 1109 } 1110 /* FALLTHROUGH */ 1111 default: 1112 notreg: 1113 (void) close(f); 1114 error("rcp: %s: not a plain file\n", name); 1115 continue; 1116 } 1117 last = rindex(name, '/'); 1118 if (last == 0) 1119 last = name; 1120 else 1121 last++; 1122 if (pflag) { 1123 time_t mtime, atime; 1124 time_t now; 1125 1126 /* 1127 * Make it compatible with possible future 1128 * versions expecting microseconds. 1129 */ 1130 mtime = stb.st_mtime; 1131 atime = stb.st_atime; 1132 1133 if ((mtime < 0) || (atime < 0)) { 1134 now = time(NULL); 1135 1136 if (mtime < 0) { 1137 mtime = now; 1138 error("negative modification time on " 1139 "%s; not preserving\n", name); 1140 } 1141 if (atime < 0) { 1142 atime = now; 1143 error("negative access time on " 1144 "%s; not preserving\n", name); 1145 } 1146 } 1147 (void) snprintf(buf, sizeof (buf), "T%ld 0 %ld 0\n", 1148 mtime, atime); 1149 (void) desrcpwrite(rem, buf, strlen(buf)); 1150 if (response() < 0) { 1151 (void) close(f); 1152 continue; 1153 } 1154 } 1155 (void) snprintf(buf, sizeof (buf), "C%04o %lld %s\n", 1156 (uint_t)(stb.st_mode & 07777), (longlong_t)stb.st_size, 1157 last); 1158 (void) desrcpwrite(rem, buf, strlen(buf)); 1159 if (response() < 0) { 1160 (void) close(f); 1161 continue; 1162 } 1163 1164 /* ACL support: send */ 1165 if (aclflag | acl_aclflag) { 1166 /* get acl from f and send it over */ 1167 if (sendacl(f) == ACL_FAIL) { 1168 (void) close(f); 1169 continue; 1170 } 1171 } 1172 if ((krb5auth_flag > 0) || (iamremote == 1)) { 1173 bp = allocbuf(&buffer, f, RCP_BUFSIZE); 1174 if (bp == NULLBUF) { 1175 (void) close(f); 1176 continue; 1177 } 1178 readerr = 0; 1179 for (i = 0; i < stb.st_size; i += bp->cnt) { 1180 amt = bp->cnt; 1181 if (i + amt > stb.st_size) 1182 amt = stb.st_size - i; 1183 if (readerr == 0 && 1184 read(f, bp->buf, amt) != amt) 1185 readerr = errno; 1186 (void) desrcpwrite(rem, bp->buf, amt); 1187 } 1188 (void) close(f); 1189 if (readerr == 0) 1190 (void) desrcpwrite(rem, "", 1); 1191 else 1192 error("rcp: %s: %s\n", name, 1193 error_message(readerr)); 1194 } else { 1195 cnt = off = 0; 1196 size = stb.st_size; 1197 while (size != 0) { 1198 amt = MIN(size, SENDFILE_SIZE); 1199 cnt = sendfile(rem, f, &off, amt); 1200 if (cnt == -1) { 1201 if (errno == EINTR) { 1202 continue; 1203 } else { 1204 break; 1205 } 1206 } 1207 size -= cnt; 1208 } 1209 if (cnt == -1) { 1210 error("rcp: %s: %s\n", name, strerror(errno)); 1211 } else { 1212 (void) write(rem, "", 1); 1213 } 1214 (void) close(f); 1215 } 1216 (void) response(); 1217 } 1218 } 1219 1220 1221 static void 1222 rsource(char *name, struct stat *statp) 1223 { 1224 DIR *d; 1225 struct dirent *dp; 1226 char *last, *vect[1]; 1227 char path[MAXPATHLEN]; 1228 1229 if (!(d = opendir(name))) { 1230 error("rcp: %s: %s\n", name, strerror(errno)); 1231 return; 1232 } 1233 last = rindex(name, '/'); 1234 if (last == 0) 1235 last = name; 1236 else 1237 last++; 1238 if (pflag) { 1239 (void) snprintf(path, sizeof (path), "T%ld 0 %ld 0\n", 1240 statp->st_mtime, statp->st_atime); 1241 (void) desrcpwrite(rem, path, strlen(path)); 1242 if (response() < 0) { 1243 (void) closedir(d); 1244 return; 1245 } 1246 } 1247 (void) snprintf(path, sizeof (path), "D%04o %d %s\n", 1248 (uint_t)(statp->st_mode & 07777), 0, last); 1249 (void) desrcpwrite(rem, path, strlen(path)); 1250 1251 /* acl support for directory */ 1252 if (aclflag) { 1253 /* get acl from f and send it over */ 1254 if (sendacl(d->dd_fd) == ACL_FAIL) { 1255 (void) closedir(d); 1256 return; 1257 } 1258 } 1259 1260 if (response() < 0) { 1261 (void) closedir(d); 1262 return; 1263 } 1264 1265 while (dp = readdir(d)) { 1266 if (dp->d_ino == 0) 1267 continue; 1268 if ((strcmp(dp->d_name, ".") == 0) || 1269 (strcmp(dp->d_name, "..") == 0)) 1270 continue; 1271 if ((uint_t)strlen(name) + 1 + strlen(dp->d_name) >= 1272 MAXPATHLEN - 1) { 1273 error("%s/%s: name too long.\n", name, dp->d_name); 1274 continue; 1275 } 1276 (void) snprintf(path, sizeof (path), "%s/%s", 1277 name, dp->d_name); 1278 vect[0] = path; 1279 source(1, vect); 1280 } 1281 (void) closedir(d); 1282 (void) desrcpwrite(rem, "E\n", 2); 1283 (void) response(); 1284 } 1285 1286 static int 1287 response(void) 1288 { 1289 register char *cp; 1290 char ch, resp, rbuf[RCP_BUFSIZE]; 1291 1292 if (desrcpread(rem, &resp, 1) != 1) 1293 lostconn(); 1294 cp = rbuf; 1295 switch (resp) { 1296 case 0: /* ok */ 1297 return (0); 1298 default: 1299 *cp++ = resp; 1300 /* FALLTHROUGH */ 1301 case 1: /* error, followed by err msg */ 1302 case 2: /* fatal error, "" */ 1303 do { 1304 if (desrcpread(rem, &ch, sizeof (ch)) != sizeof (ch)) 1305 lostconn(); 1306 *cp++ = ch; 1307 } while (cp < &rbuf[RCP_BUFSIZE] && ch != '\n'); 1308 1309 if (!iamremote) 1310 (void) write(STDERR_FILENO, rbuf, cp - rbuf); 1311 ++errs; 1312 if (resp == 1) 1313 return (-1); 1314 exit(1); 1315 } 1316 /*NOTREACHED*/ 1317 } 1318 1319 static void 1320 lostconn(void) 1321 { 1322 if (!iamremote) 1323 (void) fprintf(stderr, "rcp: lost connection\n"); 1324 exit(1); 1325 } 1326 1327 1328 static void 1329 sink(int argc, char *argv[]) 1330 { 1331 char *cp; 1332 static BUF buffer; 1333 struct stat stb; 1334 struct timeval tv[2]; 1335 BUF *bp; 1336 off_t i, j; 1337 char ch, *targ, *why; 1338 int amt, count, exists, first, mask, mode; 1339 off_t size; 1340 int ofd, setimes, targisdir, wrerr; 1341 char *np, *vect[1], buf[RCP_BUFSIZE]; 1342 char *namebuf = NULL; 1343 size_t namebuf_sz = 0; 1344 size_t need; 1345 1346 #define atime tv[0] 1347 #define mtime tv[1] 1348 #define SCREWUP(str) { why = str; goto screwup; } 1349 1350 setimes = targisdir = 0; 1351 mask = umask(0); 1352 if (!pflag) 1353 (void) umask(mask); 1354 if (argc != 1) { 1355 error("rcp: ambiguous target\n"); 1356 exit(1); 1357 } 1358 targ = *argv; 1359 if (targetshouldbedirectory) 1360 verifydir(targ); 1361 (void) desrcpwrite(rem, "", 1); 1362 1363 if (stat(targ, &stb) == 0 && (stb.st_mode & S_IFMT) == S_IFDIR) 1364 targisdir = 1; 1365 for (first = 1; ; first = 0) { 1366 cp = buf; 1367 if (desrcpread(rem, cp, 1) <= 0) { 1368 if (namebuf != NULL) 1369 free(namebuf); 1370 return; 1371 } 1372 1373 if (*cp++ == '\n') 1374 SCREWUP("unexpected <newline>"); 1375 do { 1376 if (desrcpread(rem, &ch, sizeof (ch)) != sizeof (ch)) 1377 SCREWUP("lost connection"); 1378 *cp++ = ch; 1379 } while (cp < &buf[RCP_BUFSIZE - 1] && ch != '\n'); 1380 *cp = 0; 1381 1382 if (buf[0] == '\01' || buf[0] == '\02') { 1383 if (iamremote == 0) 1384 (void) write(STDERR_FILENO, buf + 1, 1385 strlen(buf + 1)); 1386 if (buf[0] == '\02') 1387 exit(1); 1388 errs++; 1389 continue; 1390 } 1391 if (buf[0] == 'E') { 1392 (void) desrcpwrite(rem, "", 1); 1393 if (namebuf != NULL) 1394 free(namebuf); 1395 return; 1396 } 1397 1398 if (ch == '\n') 1399 *--cp = 0; 1400 cp = buf; 1401 if (*cp == 'T') { 1402 setimes++; 1403 cp++; 1404 mtime.tv_sec = strtol(cp, &cp, 0); 1405 if (*cp++ != ' ') 1406 SCREWUP("mtime.sec not delimited"); 1407 mtime.tv_usec = strtol(cp, &cp, 0); 1408 if (*cp++ != ' ') 1409 SCREWUP("mtime.usec not delimited"); 1410 atime.tv_sec = strtol(cp, &cp, 0); 1411 if (*cp++ != ' ') 1412 SCREWUP("atime.sec not delimited"); 1413 atime.tv_usec = strtol(cp, &cp, 0); 1414 if (*cp++ != '\0') 1415 SCREWUP("atime.usec not delimited"); 1416 (void) desrcpwrite(rem, "", 1); 1417 continue; 1418 } 1419 if (*cp != 'C' && *cp != 'D') { 1420 /* 1421 * Check for the case "rcp remote:foo\* local:bar". 1422 * In this case, the line "No match." can be returned 1423 * by the shell before the rcp command on the remote is 1424 * executed so the ^Aerror_message convention isn't 1425 * followed. 1426 */ 1427 if (first) { 1428 error("%s\n", cp); 1429 exit(1); 1430 } 1431 SCREWUP("expected control record"); 1432 } 1433 mode = 0; 1434 for (++cp; cp < buf + 5; cp++) { 1435 if (*cp < '0' || *cp > '7') 1436 SCREWUP("bad mode"); 1437 mode = (mode << 3) | (*cp - '0'); 1438 } 1439 if (*cp++ != ' ') 1440 SCREWUP("mode not delimited"); 1441 size = 0; 1442 while (isdigit(*cp)) 1443 size = size * 10 + (*cp++ - '0'); 1444 if (*cp++ != ' ') 1445 SCREWUP("size not delimited"); 1446 if (targisdir) { 1447 need = strlen(targ) + sizeof ("/") + strlen(cp); 1448 if (need > namebuf_sz) { 1449 if ((namebuf = realloc(namebuf, need)) == NULL) { 1450 error("rcp: out of memory\n"); 1451 exit(1); 1452 } 1453 namebuf_sz = need; 1454 } 1455 (void) snprintf(namebuf, need, "%s%s%s", targ, 1456 *targ ? "/" : "", cp); 1457 np = namebuf; 1458 } else { 1459 np = targ; 1460 } 1461 1462 exists = stat(np, &stb) == 0; 1463 if (buf[0] == 'D') { 1464 if (exists) { 1465 if ((stb.st_mode&S_IFMT) != S_IFDIR) { 1466 if (aclflag | acl_aclflag) { 1467 /* 1468 * consume acl in the pipe 1469 * fd = -1 to indicate the 1470 * special case 1471 */ 1472 if (recvacl(-1, exists, pflag) 1473 == ACL_FAIL) { 1474 goto bad; 1475 } 1476 } 1477 errno = ENOTDIR; 1478 goto bad; 1479 } 1480 if (pflag) 1481 (void) chmod(np, mode); 1482 } else if (mkdir(np, mode) < 0) { 1483 if (aclflag) { 1484 /* consume acl in the pipe */ 1485 (void) recvacl(-1, exists, pflag); 1486 } 1487 goto bad; 1488 } 1489 1490 /* acl support for directories */ 1491 if (aclflag | acl_aclflag) { 1492 int dfd; 1493 1494 if ((dfd = open(np, O_RDONLY)) == -1) 1495 goto bad; 1496 1497 /* get acl and set it to ofd */ 1498 if (recvacl(dfd, exists, pflag) == ACL_FAIL) { 1499 (void) close(dfd); 1500 if (!exists) 1501 (void) rmdir(np); 1502 goto bad; 1503 } 1504 (void) close(dfd); 1505 } 1506 1507 vect[0] = np; 1508 sink(1, vect); 1509 if (setimes) { 1510 setimes = 0; 1511 if (utimes(np, tv) < 0) 1512 error("rcp: can't set times on %s: %s\n", 1513 np, strerror(errno)); 1514 } 1515 continue; 1516 } 1517 1518 if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { 1519 bad: 1520 error("rcp: %s: %s\n", np, strerror(errno)); 1521 continue; 1522 } 1523 1524 /* 1525 * If the output file exists we have to force zflag off 1526 * to avoid erroneously seeking past old data. 1527 */ 1528 zopen(ofd, zflag && !exists); 1529 1530 if (exists && pflag) 1531 (void) fchmod(ofd, mode); 1532 1533 (void) desrcpwrite(rem, "", 1); 1534 1535 /* 1536 * ACL support: receiving 1537 */ 1538 if (aclflag | acl_aclflag) { 1539 /* get acl and set it to ofd */ 1540 if (recvacl(ofd, exists, pflag) == ACL_FAIL) { 1541 (void) close(ofd); 1542 if (!exists) 1543 (void) unlink(np); 1544 continue; 1545 } 1546 } 1547 1548 if ((bp = allocbuf(&buffer, ofd, RCP_BUFSIZE)) == 0) { 1549 (void) close(ofd); 1550 continue; 1551 } 1552 cp = bp->buf; 1553 count = 0; 1554 wrerr = 0; 1555 for (i = 0; i < size; i += RCP_BUFSIZE) { 1556 amt = RCP_BUFSIZE; 1557 if (i + amt > size) 1558 amt = size - i; 1559 count += amt; 1560 do { 1561 j = desrcpread(rem, cp, amt); 1562 if (j <= 0) { 1563 int sverrno = errno; 1564 1565 /* 1566 * Connection to supplier lost. 1567 * Truncate file to correspond 1568 * to amount already transferred. 1569 * 1570 * Note that we must call ftruncate() 1571 * before any call to error() (which 1572 * might result in a SIGPIPE and 1573 * sudden death before we have a chance 1574 * to correct the file's size). 1575 */ 1576 size = lseek(ofd, 0, SEEK_CUR); 1577 if ((ftruncate(ofd, size) == -1) && 1578 (errno != EINVAL) && 1579 (errno != EACCES)) 1580 #define TRUNCERR "rcp: can't truncate %s: %s\n" 1581 error(TRUNCERR, np, 1582 strerror(errno)); 1583 error("rcp: %s\n", 1584 j ? strerror(sverrno) : 1585 "dropped connection"); 1586 (void) close(ofd); 1587 exit(1); 1588 } 1589 amt -= j; 1590 cp += j; 1591 } while (amt > 0); 1592 if (count == bp->cnt) { 1593 cp = bp->buf; 1594 if (wrerr == 0 && 1595 zwrite(ofd, cp, count) < 0) 1596 wrerr++; 1597 count = 0; 1598 } 1599 } 1600 if (count != 0 && wrerr == 0 && 1601 zwrite(ofd, bp->buf, count) < 0) 1602 wrerr++; 1603 if (zclose(ofd) < 0) 1604 wrerr++; 1605 1606 1607 if ((ftruncate(ofd, size) == -1) && (errno != EINVAL) && 1608 (errno != EACCES)) { 1609 error(TRUNCERR, np, strerror(errno)); 1610 } 1611 (void) close(ofd); 1612 (void) response(); 1613 if (setimes) { 1614 setimes = 0; 1615 if (utimes(np, tv) < 0) 1616 error("rcp: can't set times on %s: %s\n", 1617 np, strerror(errno)); 1618 } 1619 if (wrerr) 1620 error("rcp: %s: %s\n", np, strerror(errno)); 1621 else 1622 (void) desrcpwrite(rem, "", 1); 1623 } 1624 screwup: 1625 error("rcp: protocol screwup: %s\n", why); 1626 exit(1); 1627 } 1628 1629 #ifndef roundup 1630 #define roundup(x, y) ((((x)+((y)-1))/(y))*(y)) 1631 #endif /* !roundup */ 1632 1633 static BUF * 1634 allocbuf(BUF *bp, int fd, int blksize) 1635 { 1636 struct stat stb; 1637 int size; 1638 1639 if (fstat(fd, &stb) < 0) { 1640 error("rcp: fstat: %s\n", strerror(errno)); 1641 return (0); 1642 } 1643 size = roundup(stb.st_blksize, blksize); 1644 if (size == 0) 1645 size = blksize; 1646 if (bp->cnt < size) { 1647 if (bp->buf != 0) 1648 free(bp->buf); 1649 bp->buf = (char *)malloc((uint_t)size); 1650 if (!bp->buf) { 1651 error("rcp: malloc: out of memory\n"); 1652 return (0); 1653 } 1654 } 1655 bp->cnt = size; 1656 return (bp); 1657 } 1658 1659 static void 1660 usage(void) 1661 { 1662 (void) fprintf(stderr, "%s: \t%s\t%s", gettext("Usage"), 1663 gettext("\trcp [-p] [-a] [-x] [-k realm] [-PN / -PO] " 1664 #ifdef DEBUG 1665 "[-D port] " 1666 #endif /* DEBUG */ 1667 "f1 f2; or:\n"), 1668 gettext("\trcp [-r] [-p] [-a] [-x] " 1669 #ifdef DEBUG 1670 "[-D port] " 1671 #endif /* DEBUG */ 1672 "[-k realm] [-PN / -PO] f1...fn d2\n")); 1673 exit(1); 1674 } 1675 1676 1677 /* 1678 * sparse file support 1679 */ 1680 1681 static off_t zbsize; 1682 static off_t zlastseek; 1683 1684 /* is it ok to try to create holes? */ 1685 static void 1686 zopen(int fd, int flag) 1687 { 1688 struct stat st; 1689 1690 zbsize = 0; 1691 zlastseek = 0; 1692 1693 if (flag && 1694 fstat(fd, &st) == 0 && 1695 (st.st_mode & S_IFMT) == S_IFREG) 1696 zbsize = st.st_blksize; 1697 } 1698 1699 /* write and/or seek */ 1700 static int 1701 zwrite(int fd, char *buf, int nbytes) 1702 { 1703 off_t block = zbsize ? zbsize : nbytes; 1704 1705 do { 1706 if (block > nbytes) 1707 block = nbytes; 1708 nbytes -= block; 1709 1710 if (!zbsize || notzero(buf, block)) { 1711 register int n, count = block; 1712 1713 do { 1714 if ((n = write(fd, buf, count)) < 0) 1715 return (-1); 1716 buf += n; 1717 } while ((count -= n) > 0); 1718 zlastseek = 0; 1719 } else { 1720 if (lseek(fd, (off_t)block, SEEK_CUR) < 0) 1721 return (-1); 1722 buf += block; 1723 zlastseek = 1; 1724 } 1725 } while (nbytes > 0); 1726 1727 return (0); 1728 } 1729 1730 /* write last byte of file if necessary */ 1731 static int 1732 zclose(int fd) 1733 { 1734 zbsize = 0; 1735 1736 if (zlastseek && (lseek(fd, (off_t)-1, SEEK_CUR) < 0 || 1737 zwrite(fd, "", 1) < 0)) 1738 return (-1); 1739 else 1740 return (0); 1741 } 1742 1743 /* return true if buffer is not all zeros */ 1744 static int 1745 notzero(char *p, int n) 1746 { 1747 register int result = 0; 1748 1749 while ((int)p & 3 && --n >= 0) 1750 result |= *p++; 1751 1752 while ((n -= 4 * sizeof (int)) >= 0) { 1753 /* LINTED */ 1754 result |= ((int *)p)[0]; 1755 /* LINTED */ 1756 result |= ((int *)p)[1]; 1757 /* LINTED */ 1758 result |= ((int *)p)[2]; 1759 /* LINTED */ 1760 result |= ((int *)p)[3]; 1761 if (result) 1762 return (result); 1763 p += 4 * sizeof (int); 1764 } 1765 n += 4 * sizeof (int); 1766 1767 while (--n >= 0) 1768 result |= *p++; 1769 1770 return (result); 1771 } 1772 1773 /* 1774 * New functions to support ACLs 1775 */ 1776 1777 /* 1778 * Get acl from f and send it over. 1779 * ACL record includes acl entry count, acl text length, and acl text. 1780 */ 1781 static int 1782 sendacl(int f) 1783 { 1784 int aclcnt; 1785 char *acltext; 1786 char buf[BUFSIZ]; 1787 acl_t *aclp; 1788 char acltype; 1789 int aclerror; 1790 int trivial; 1791 1792 1793 aclerror = facl_get(f, ACL_NO_TRIVIAL, &aclp); 1794 if (aclerror != 0) { 1795 error("can't retrieve ACL: %s \n", acl_strerror(aclerror)); 1796 return (ACL_FAIL); 1797 } 1798 1799 /* 1800 * if acl type is not ACLENT_T and were operating in acl_aclflag == 0 1801 * then don't do the malloc and facl(fd, getcntcmd,...); 1802 * since the remote side doesn't support alternate style ACL's. 1803 */ 1804 1805 if (aclp && (acl_type(aclp) != ACLENT_T) && (acl_aclflag == 0)) { 1806 aclcnt = MIN_ACL_ENTRIES; 1807 acltype = 'A'; 1808 trivial = ACL_IS_TRIVIAL; 1809 } else { 1810 1811 aclcnt = (aclp != NULL) ? acl_cnt(aclp) : 0; 1812 1813 if (aclp) { 1814 acltype = (acl_type(aclp) != ACLENT_T) ? 'Z' : 'A'; 1815 aclcnt = acl_cnt(aclp); 1816 trivial = (acl_flags(aclp) & ACL_IS_TRIVIAL); 1817 } else { 1818 acltype = 'A'; 1819 aclcnt = MIN_ACL_ENTRIES; 1820 trivial = ACL_IS_TRIVIAL; 1821 } 1822 1823 } 1824 1825 /* send the acl count over */ 1826 (void) snprintf(buf, sizeof (buf), "%c%d\n", acltype, aclcnt); 1827 (void) desrcpwrite(rem, buf, strlen(buf)); 1828 1829 /* 1830 * only send acl when we have an aclp, which would 1831 * imply its not trivial. 1832 */ 1833 if (aclp && (trivial != ACL_IS_TRIVIAL)) { 1834 acltext = acl_totext(aclp, 0); 1835 if (acltext == NULL) { 1836 error("rcp: failed to convert to text\n"); 1837 acl_free(aclp); 1838 return (ACL_FAIL); 1839 } 1840 1841 /* send ACLs over: send the length first */ 1842 (void) snprintf(buf, sizeof (buf), "%c%d\n", 1843 acltype, strlen(acltext)); 1844 1845 (void) desrcpwrite(rem, buf, strlen(buf)); 1846 (void) desrcpwrite(rem, acltext, strlen(acltext)); 1847 free(acltext); 1848 if (response() < 0) { 1849 acl_free(aclp); 1850 return (ACL_FAIL); 1851 } 1852 1853 } 1854 1855 if (aclp) 1856 acl_free(aclp); 1857 return (ACL_OK); 1858 } 1859 1860 /* 1861 * Use this routine to get acl entry count and acl text size (in bytes) 1862 */ 1863 static int 1864 getaclinfo(int *cnt, int *acltype) 1865 { 1866 char buf[BUFSIZ]; 1867 char *cp; 1868 char ch; 1869 1870 /* get acl count */ 1871 cp = buf; 1872 if (desrcpread(rem, cp, 1) <= 0) 1873 return (ACL_FAIL); 1874 1875 switch (*cp++) { 1876 case 'A': 1877 *acltype = 0; 1878 break; 1879 case 'Z': 1880 *acltype = 1; 1881 break; 1882 default: 1883 error("rcp: expect an ACL record, but got %c\n", *cp); 1884 return (ACL_FAIL); 1885 } 1886 do { 1887 if (desrcpread(rem, &ch, sizeof (ch)) != sizeof (ch)) { 1888 error("rcp: lost connection ..\n"); 1889 return (ACL_FAIL); 1890 } 1891 *cp++ = ch; 1892 } while (cp < &buf[BUFSIZ - 1] && ch != '\n'); 1893 if (ch != '\n') { 1894 error("rcp: ACL record corrupted \n"); 1895 return (ACL_FAIL); 1896 } 1897 cp = &buf[1]; 1898 *cnt = strtol(cp, &cp, 0); 1899 if (*cp != '\n') { 1900 error("rcp: ACL record corrupted \n"); 1901 return (ACL_FAIL); 1902 } 1903 return (ACL_OK); 1904 } 1905 1906 1907 /* 1908 * Receive acl from the pipe and set it to f 1909 */ 1910 static int 1911 recvacl(int f, int exists, int preserve) 1912 { 1913 int aclcnt; /* acl entry count */ 1914 int aclsize; /* acl text length */ 1915 int j; 1916 char *tp; 1917 char *acltext; /* external format */ 1918 acl_t *aclp; 1919 int acltype; 1920 int min_entries; 1921 int aclerror; 1922 1923 /* get acl count */ 1924 if (getaclinfo(&aclcnt, &acltype) != ACL_OK) 1925 return (ACL_FAIL); 1926 1927 if (acltype == 0) { 1928 min_entries = MIN_ACL_ENTRIES; 1929 } else { 1930 min_entries = 1; 1931 } 1932 1933 if (aclcnt > min_entries) { 1934 /* get acl text size */ 1935 if (getaclinfo(&aclsize, &acltype) != ACL_OK) 1936 return (ACL_FAIL); 1937 if ((acltext = malloc(aclsize + 1)) == NULL) { 1938 error("rcp: cant allocate memory: %d\n", aclsize); 1939 return (ACL_FAIL); 1940 } 1941 1942 tp = acltext; 1943 do { 1944 j = desrcpread(rem, tp, aclsize); 1945 if (j <= 0) { 1946 error("rcp: %s\n", j ? strerror(errno) : 1947 "dropped connection"); 1948 exit(1); 1949 } 1950 aclsize -= j; 1951 tp += j; 1952 } while (aclsize > 0); 1953 *tp = '\0'; 1954 1955 if (preserve || !exists) { 1956 aclerror = acl_fromtext(acltext, &aclp); 1957 if (aclerror != 0) { 1958 error("rcp: failed to parse acl : %s\n", 1959 acl_strerror(aclerror)); 1960 free(acltext); 1961 return (ACL_FAIL); 1962 } 1963 1964 if (f != -1) { 1965 if (facl_set(f, aclp) < 0) { 1966 error("rcp: failed to set acl\n"); 1967 acl_free(aclp); 1968 free(acltext); 1969 return (ACL_FAIL); 1970 } 1971 } 1972 /* -1 means that just consume the data in the pipe */ 1973 acl_free(aclp); 1974 } 1975 free(acltext); 1976 (void) desrcpwrite(rem, "", 1); 1977 } 1978 return (ACL_OK); 1979 } 1980 1981 1982 static char * 1983 search_char(unsigned char *cp, unsigned char chr) 1984 { 1985 int len; 1986 1987 while (*cp) { 1988 if (*cp == chr) 1989 return ((char *)cp); 1990 if ((len = mblen((char *)cp, MB_CUR_MAX)) <= 0) 1991 len = 1; 1992 cp += len; 1993 } 1994 return (0); 1995 } 1996 1997 1998 static int 1999 desrcpread(int fd, char *buf, int len) 2000 { 2001 return ((int)desread(fd, buf, len, 0)); 2002 } 2003 2004 static int 2005 desrcpwrite(int fd, char *buf, int len) 2006 { 2007 /* 2008 * Note that rcp depends on the same file descriptor being both 2009 * input and output to the remote side. This is bogus, especially 2010 * when rcp is being run by a rsh that pipes. Fix it here because 2011 * it would require significantly more work in other places. 2012 * --hartmans 1/96 2013 */ 2014 2015 if (fd == 0) 2016 fd = 1; 2017 return ((int)deswrite(fd, buf, len, 0)); 2018 } 2019 2020 static char ** 2021 save_argv(int argc, char **argv) 2022 { 2023 int i; 2024 2025 char **local_argv = (char **)calloc((unsigned)argc + 1, 2026 (unsigned)sizeof (char *)); 2027 2028 /* 2029 * allocate an extra pointer, so that it is initialized to NULL and 2030 * execv() will work 2031 */ 2032 for (i = 0; i < argc; i++) { 2033 local_argv[i] = strsave(argv[i]); 2034 } 2035 2036 return (local_argv); 2037 } 2038 2039 #define SIZEOF_INADDR sizeof (struct in_addr) 2040 2041 static void 2042 answer_auth(char *config_file, char *ccache_file) 2043 { 2044 krb5_data pname_data, msg; 2045 krb5_creds creds, *new_creds; 2046 krb5_ccache cc; 2047 krb5_auth_context auth_context = NULL; 2048 2049 if (config_file) { 2050 const char *filenames[2]; 2051 2052 filenames[1] = NULL; 2053 filenames[0] = config_file; 2054 if (krb5_set_config_files(bsd_context, filenames)) 2055 exit(1); 2056 } 2057 (void) memset((char *)&creds, 0, sizeof (creds)); 2058 2059 if (krb5_read_message(bsd_context, (krb5_pointer) &rem, &pname_data)) 2060 exit(1); 2061 2062 if (krb5_read_message(bsd_context, (krb5_pointer) &rem, 2063 &creds.second_ticket)) 2064 exit(1); 2065 2066 if (ccache_file == NULL) { 2067 if (krb5_cc_default(bsd_context, &cc)) 2068 exit(1); 2069 } else { 2070 if (krb5_cc_resolve(bsd_context, ccache_file, &cc)) 2071 exit(1); 2072 } 2073 2074 if (krb5_cc_get_principal(bsd_context, cc, &creds.client)) 2075 exit(1); 2076 2077 if (krb5_parse_name(bsd_context, pname_data.data, &creds.server)) 2078 exit(1); 2079 2080 krb5_xfree(pname_data.data); 2081 if (krb5_get_credentials(bsd_context, KRB5_GC_USER_USER, cc, &creds, 2082 &new_creds)) 2083 exit(1); 2084 2085 if (krb5_mk_req_extended(bsd_context, &auth_context, 2086 AP_OPTS_USE_SESSION_KEY, NULL, new_creds, &msg)) 2087 exit(1); 2088 2089 if (krb5_write_message(bsd_context, (krb5_pointer) & rem, &msg)) { 2090 krb5_xfree(msg.data); 2091 exit(1); 2092 } 2093 /* setup eblock for des_read and write */ 2094 krb5_copy_keyblock(bsd_context, &new_creds->keyblock, &session_key); 2095 2096 /* OK process key */ 2097 eblock.crypto_entry = session_key->enctype; 2098 eblock.key = (krb5_keyblock *)session_key; 2099 2100 init_encrypt(encrypt_flag, bsd_context, KCMD_OLD_PROTOCOL, 2101 &desinbuf, &desoutbuf, CLIENT, &eblock); 2102 /* cleanup */ 2103 krb5_free_cred_contents(bsd_context, &creds); 2104 krb5_free_creds(bsd_context, new_creds); 2105 krb5_xfree(msg.data); 2106 } 2107 2108 2109 static void 2110 try_normal_rcp(int cur_argc, char **cur_argv) 2111 { 2112 char *target; 2113 2114 /* 2115 * Reset all KRB5 relevant flags and set the 2116 * cmd-buffer so that normal rcp works 2117 */ 2118 krb5auth_flag = encrypt_flag = encrypt_done = 0; 2119 cmd = cmd_orig; 2120 cmd_sunw = cmd_sunw_orig; 2121 2122 if (cur_argc < 2) 2123 usage(); 2124 2125 if (cur_argc > 2) 2126 targetshouldbedirectory = 1; 2127 2128 rem = -1; 2129 2130 prev_argc = cur_argc; 2131 prev_argv = save_argv(cur_argc, cur_argv); 2132 2133 (void) init_service(krb5auth_flag); 2134 2135 if (target = colon(cur_argv[cur_argc - 1])) { 2136 toremote(target, cur_argc, cur_argv); 2137 } else { 2138 tolocal(cur_argc, cur_argv); 2139 if (targetshouldbedirectory) 2140 verifydir(cur_argv[cur_argc - 1]); 2141 } 2142 exit(errs); 2143 /* NOTREACHED */ 2144 } 2145 2146 2147 static int 2148 init_service(int krb5flag) 2149 { 2150 struct servent *sp; 2151 boolean_t success = B_FALSE; 2152 2153 if (krb5flag > 0) { 2154 sp = getservbyname("kshell", "tcp"); 2155 if (sp == NULL) { 2156 (void) fprintf(stderr, 2157 gettext("rcp: kshell/tcp: unknown service.\n" 2158 "trying normal shell/tcp service\n")); 2159 } else { 2160 portnumber = sp->s_port; 2161 success = B_TRUE; 2162 } 2163 } else { 2164 portnumber = htons(IPPORT_CMDSERVER); 2165 success = B_TRUE; 2166 } 2167 return (success); 2168 } 2169 2170 /*PRINTFLIKE1*/ 2171 static void 2172 error(char *fmt, ...) 2173 { 2174 va_list ap; 2175 char buf[RCP_BUFSIZE]; 2176 char *cp = buf; 2177 2178 va_start(ap, fmt); 2179 errs++; 2180 *cp++ = 1; 2181 (void) vsnprintf(cp, sizeof (buf) - 1, fmt, ap); 2182 va_end(ap); 2183 2184 (void) desrcpwrite(rem, buf, strlen(buf)); 2185 if (iamremote == 0) 2186 (void) write(2, buf + 1, strlen(buf + 1)); 2187 } 2188