1 /* 2 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* 7 * Copyright (c) 1983 The Regents of the University of California. 8 * All rights reserved. 9 * 10 * Redistribution and use in source and binary forms are permitted 11 * provided that the above copyright notice and this paragraph are 12 * duplicated in all such forms and that any documentation, 13 * advertising materials, and other materials related to such 14 * distribution and use acknowledge that the software was developed 15 * by the University of California, Berkeley. The name of the 16 * University may not be used to endorse or promote products derived 17 * from this software without specific prior written permission. 18 * 19 */ 20 21 #define _FILE_OFFSET_BITS 64 22 23 /* 24 * rcp 25 */ 26 #include <sys/param.h> 27 #include <sys/file.h> 28 #include <sys/stat.h> 29 #include <sys/time.h> 30 #include <sys/types.h> 31 #include <sys/ioctl.h> 32 #include <sys/acl.h> 33 #include <dirent.h> 34 #include <signal.h> 35 #include <sys/socket.h> 36 #include <netinet/in.h> 37 #include <pwd.h> 38 #include <netdb.h> 39 #include <wchar.h> 40 #include <stdlib.h> 41 #include <errno.h> 42 #include <locale.h> 43 #include <strings.h> 44 #include <stdio.h> 45 #include <ctype.h> 46 #include <fcntl.h> 47 #include <unistd.h> 48 #include <limits.h> 49 #include <priv_utils.h> 50 #include <sys/sendfile.h> 51 #include <sys/sysmacros.h> 52 #include <sys/wait.h> 53 #include <aclutils.h> 54 #include <sys/varargs.h> 55 56 /* 57 * It seems like Berkeley got these from pathnames.h? 58 */ 59 #define _PATH_RSH "/usr/bin/rsh" 60 #define _PATH_CP "/usr/bin/cp" 61 62 #define ACL_FAIL 1 63 #define ACL_OK 0 64 #define RCP_BUFSIZE (64 * 1024) 65 66 #define RCP_ACL "/usr/lib/sunw,rcp" 67 /* see PSARC/1993/004/opinion */ 68 69 typedef struct _buf { 70 int cnt; 71 char *buf; 72 } BUF; 73 74 static char *cmd_sunw; 75 static struct passwd *pwd; 76 static int errs; 77 static int pflag; 78 static uid_t userid; 79 static int rem; 80 static int zflag; 81 static int iamremote; 82 static int iamrecursive; 83 static int targetshouldbedirectory; 84 static int aclflag; 85 static int acl_aclflag; 86 static int retval = 0; 87 static int portnumber = 0; 88 89 static void lostconn(void); 90 static char *search_char(unsigned char *, unsigned char); 91 static char *removebrackets(char *); 92 static char *colon(char *); 93 static int response(void); 94 static void usage(void); 95 static void source(int, char **); 96 static void sink(int, char **); 97 static void toremote(char *, int, char **); 98 static void tolocal(int, char **); 99 static void verifydir(char *); 100 static int okname(char *); 101 static int susystem(char *, char **); 102 static void rsource(char *, struct stat *); 103 static int sendacl(int); 104 static int recvacl(int, int, int); 105 static int zwrite(int, char *, int); 106 static void zopen(int, int); 107 static int zclose(int); 108 static int notzero(char *, int); 109 static BUF *allocbuf(BUF *, int, int); 110 static void error(char *fmt, ...); 111 static void addargs(char **, ...); 112 113 /* 114 * As a 32 bit application, we can only transfer (2gb - 1) i.e 0x7FFFFFFF 115 * bytes of data. We would like the size to be aligned to the nearest 116 * MAXBOFFSET (8192) boundary for optimal performance. 117 */ 118 #define SENDFILE_SIZE 0x7FFFE000 119 120 #include <k5-int.h> 121 #include <profile/prof_int.h> 122 #include <com_err.h> 123 #include <kcmd.h> 124 125 #define NULLBUF (BUF *) 0 126 #define MAXARGS 10 /* Number of arguments passed to execv() */ 127 128 static int sock; 129 static char *cmd, *cmd_orig, *cmd_sunw_orig; 130 static char *krb_realm = NULL; 131 static char *krb_cache = NULL; 132 static char *krb_config = NULL; 133 static char des_inbuf[2 * RCP_BUFSIZE]; 134 /* needs to be > largest read size */ 135 static char des_outbuf[2 * RCP_BUFSIZE]; 136 /* needs to be > largest write size */ 137 138 static krb5_data desinbuf, desoutbuf; 139 static krb5_encrypt_block eblock; /* eblock for encrypt/decrypt */ 140 static krb5_keyblock *session_key; /* static key for session */ 141 static krb5_context bsd_context = NULL; 142 static krb5_auth_context auth_context; 143 static krb5_flags authopts; 144 static krb5_error_code status; 145 146 static void try_normal_rcp(int, char **); 147 static int init_service(int); 148 static char **save_argv(int, char **); 149 static void answer_auth(char *, char *); 150 static int desrcpwrite(int, char *, int); 151 static int desrcpread(int, char *, int); 152 153 /* 154 * Not sure why these two don't have their own header file declarations, but 155 * lint complains about absent declarations so place some here. Sigh. 156 */ 157 extern errcode_t profile_get_options_boolean(profile_t, char **, 158 profile_options_boolean *); 159 extern errcode_t profile_get_options_string(profile_t, char **, 160 profile_option_strings *); 161 162 static int krb5auth_flag = 0; /* Flag set, when KERBEROS is enabled */ 163 static profile_options_boolean autologin_option[] = { 164 { "autologin", &krb5auth_flag, 0 }, 165 { NULL, NULL, 0 } 166 }; 167 static int no_krb5auth_flag = 0; 168 169 static int encrypt_flag = 0; /* Flag set, when encryption is enabled */ 170 static int encrypt_done = 0; /* Flag set, if "-x" is specified */ 171 static enum kcmd_proto kcmd_proto = KCMD_NEW_PROTOCOL; 172 173 /* Flag set, if -PN / -PO is specified */ 174 static boolean_t rcmdoption_done = B_FALSE; 175 176 static profile_options_boolean option[] = { 177 { "encrypt", &encrypt_flag, 0 }, 178 { NULL, NULL, 0 } 179 }; 180 181 static char *rcmdproto = NULL; 182 static profile_option_strings rcmdversion[] = { 183 { "rcmd_protocol", &rcmdproto, 0 }, 184 { NULL, NULL, 0 } 185 }; 186 187 static char *realmdef[] = { "realms", NULL, "rcp", NULL }; 188 static char *appdef[] = { "appdefaults", "rcp", NULL }; 189 static char **prev_argv; 190 static int prev_argc; 191 192 int 193 main(int argc, char *argv[]) 194 { 195 int ch, fflag, tflag; 196 char *targ; 197 size_t cmdsiz; 198 199 (void) setlocale(LC_ALL, ""); 200 201 if (strcmp(argv[0], RCP_ACL) == 0) 202 aclflag = 1; 203 204 if (!(pwd = getpwuid(userid = getuid()))) { 205 (void) fprintf(stderr, "rcp: unknown user %d.\n", 206 (uint_t)userid); 207 return (1); 208 } 209 210 fflag = tflag = 0; 211 while ((ch = getopt(argc, argv, "axdfprtz:D:k:P:ZK")) != EOF) { 212 switch (ch) { 213 case 'd': 214 targetshouldbedirectory = 1; 215 break; 216 case 'f': /* "from" */ 217 fflag = 1; 218 if (aclflag | acl_aclflag) 219 /* ok response */ 220 (void) desrcpwrite(rem, "", 1); 221 break; 222 case 'p': /* preserve access/mod times */ 223 ++pflag; 224 break; 225 case 'r': 226 ++iamrecursive; 227 break; 228 case 't': /* "to" */ 229 tflag = 1; 230 break; 231 case 'Z': 232 acl_aclflag++; 233 break; 234 case 'K': 235 no_krb5auth_flag++; 236 break; 237 case 'x': 238 if (!krb5_privacy_allowed()) { 239 (void) fprintf(stderr, gettext("rcp: " 240 "Encryption not supported.\n")); 241 return (1); 242 } 243 encrypt_flag++; 244 krb5auth_flag++; 245 encrypt_done++; 246 break; 247 case 'k': 248 if ((krb_realm = (char *)strdup(optarg)) == NULL) { 249 (void) fprintf(stderr, gettext("rcp:" 250 " Cannot malloc.\n")); 251 return (1); 252 } 253 krb5auth_flag++; 254 break; 255 case 'P': 256 if (strncmp(optarg, "O", 1) == 0) { 257 if (rcmdoption_done == B_TRUE) { 258 (void) fprintf(stderr, gettext("rcp: " 259 "Only one of -PN and -PO " 260 "allowed.\n")); 261 usage(); 262 } 263 kcmd_proto = KCMD_OLD_PROTOCOL; 264 rcmdoption_done = B_TRUE; 265 } else if (strncmp(optarg, "N", 1) == 0) { 266 if (rcmdoption_done == B_TRUE) { 267 (void) fprintf(stderr, gettext("rcp: " 268 "Only one of -PN and -PO " 269 "allowed.\n")); 270 usage(); 271 } 272 kcmd_proto = KCMD_NEW_PROTOCOL; 273 rcmdoption_done = B_TRUE; 274 } else { 275 usage(); 276 } 277 krb5auth_flag++; 278 break; 279 case 'a': 280 krb5auth_flag++; 281 break; 282 #ifdef DEBUG 283 case 'D': 284 portnumber = htons(atoi(optarg)); 285 krb5auth_flag++; 286 break; 287 #endif /* DEBUG */ 288 case '?': 289 default: 290 usage(); 291 } 292 } 293 argc -= optind; 294 argv += optind; 295 296 /* 297 * if the user disables krb5 on the cmdline (-K), then skip 298 * all krb5 setup. 299 * 300 * if the user does not disable krb5 or enable krb5 on the 301 * cmdline, check krb5.conf to see if it should be enabled. 302 */ 303 304 if (no_krb5auth_flag) { 305 krb5auth_flag = 0; 306 fflag = encrypt_flag = 0; 307 } else if (!krb5auth_flag) { 308 /* is autologin set in krb5.conf? */ 309 status = krb5_init_context(&bsd_context); 310 /* don't sweat failure here */ 311 if (!status) { 312 /* 313 * note that the call to profile_get_options_boolean 314 * with autologin_option can affect value of 315 * krb5auth_flag 316 */ 317 (void) profile_get_options_boolean(bsd_context->profile, 318 appdef, 319 autologin_option); 320 } 321 } 322 323 if (krb5auth_flag > 0) { 324 if (!bsd_context) { 325 status = krb5_init_context(&bsd_context); 326 if (status) { 327 com_err("rcp", status, 328 gettext("while initializing krb5")); 329 return (1); 330 } 331 } 332 333 /* 334 * Set up buffers for desread and deswrite. 335 */ 336 desinbuf.data = des_inbuf; 337 desoutbuf.data = des_outbuf; 338 desinbuf.length = sizeof (des_inbuf); 339 desoutbuf.length = sizeof (des_outbuf); 340 } 341 342 if (fflag || tflag) 343 if (encrypt_flag > 0) 344 (void) answer_auth(krb_config, krb_cache); 345 346 if (fflag) { 347 iamremote = 1; 348 (void) response(); 349 (void) setuid(userid); 350 source(argc, argv); 351 return (errs); 352 } 353 354 if (tflag) { 355 iamremote = 1; 356 (void) setuid(userid); 357 sink(argc, argv); 358 return (errs); 359 } 360 361 if (argc < 2) 362 usage(); 363 364 /* This will make "rcmd_af()" magically get the proper privilege */ 365 if (__init_suid_priv(0, PRIV_NET_PRIVADDR, (char *)NULL) == -1) { 366 (void) fprintf(stderr, "rcp: must be set-uid root\n"); 367 exit(1); 368 } 369 370 if (krb5auth_flag > 0) { 371 /* 372 * Get our local realm to look up local realm options. 373 */ 374 status = krb5_get_default_realm(bsd_context, &realmdef[1]); 375 if (status) { 376 com_err("rcp", status, 377 gettext("while getting default realm")); 378 return (1); 379 } 380 /* 381 * See if encryption should be done for this realm 382 */ 383 (void) profile_get_options_boolean(bsd_context->profile, 384 realmdef, option); 385 /* 386 * Check the appdefaults section 387 */ 388 (void) profile_get_options_boolean(bsd_context->profile, 389 appdef, option); 390 (void) profile_get_options_string(bsd_context->profile, 391 appdef, rcmdversion); 392 if ((encrypt_done > 0) || (encrypt_flag > 0)) { 393 if (krb5_privacy_allowed() == TRUE) { 394 encrypt_flag++; 395 } else { 396 (void) fprintf(stderr, gettext("rcp: Encryption" 397 " not supported.\n")); 398 return (1); 399 } 400 } 401 402 if ((rcmdoption_done == B_FALSE) && (rcmdproto != NULL)) { 403 if (strncmp(rcmdproto, "rcmdv2", 6) == 0) { 404 kcmd_proto = KCMD_NEW_PROTOCOL; 405 } else if (strncmp(rcmdproto, "rcmdv1", 6) == 0) { 406 kcmd_proto = KCMD_OLD_PROTOCOL; 407 } else { 408 (void) fprintf(stderr, gettext("Unrecognized " 409 "KCMD protocol (%s)"), rcmdproto); 410 return (1); 411 } 412 } 413 } 414 415 if (argc > 2) 416 targetshouldbedirectory = 1; 417 418 rem = -1; 419 420 if (portnumber == 0) { 421 if (krb5auth_flag > 0) { 422 retval = init_service(krb5auth_flag); 423 if (!retval) { 424 /* 425 * Connecting to the kshell service failed, 426 * fallback to normal rcp & reset KRB5 flags. 427 */ 428 krb5auth_flag = encrypt_flag = 0; 429 encrypt_done = 0; 430 (void) init_service(krb5auth_flag); 431 } 432 } 433 else 434 (void) init_service(krb5auth_flag); 435 } 436 437 #ifdef DEBUG 438 if (retval || krb5auth_flag) { 439 (void) fprintf(stderr, gettext("Kerberized rcp session, " 440 "port %d in use "), portnumber); 441 if (kcmd_proto == KCMD_OLD_PROTOCOL) 442 (void) fprintf(stderr, gettext("[kcmd ver.1]\n")); 443 else 444 (void) fprintf(stderr, gettext("[kcmd ver.2]\n")); 445 } else { 446 (void) fprintf(stderr, gettext("Normal rcp session, port %d " 447 "in use.\n"), portnumber); 448 } 449 #endif /* DEBUG */ 450 451 if (krb5auth_flag > 0) { 452 /* 453 * We calculate here a buffer size that can be used in the 454 * allocation of the three buffers cmd, cmd_orig and 455 * cmd_sunw_orig that are used to hold different incantations 456 * of rcp. 457 */ 458 cmdsiz = MAX(sizeof ("-x rcp -r -p -d -k ") + 459 strlen(krb_realm != NULL ? krb_realm : ""), 460 sizeof (RCP_ACL " -r -p -z -d")); 461 462 if (((cmd = (char *)malloc(cmdsiz)) == NULL) || 463 ((cmd_sunw_orig = (char *)malloc(cmdsiz)) == NULL) || 464 ((cmd_orig = (char *)malloc(cmdsiz)) == NULL)) { 465 (void) fprintf(stderr, gettext("rcp: Cannot " 466 "malloc.\n")); 467 return (1); 468 } 469 470 (void) snprintf(cmd, cmdsiz, "%srcp %s%s%s%s%s", 471 encrypt_flag ? "-x " : "", 472 iamrecursive ? " -r" : "", pflag ? " -p" : "", 473 targetshouldbedirectory ? " -d" : "", 474 krb_realm != NULL ? " -k " : "", 475 krb_realm != NULL ? krb_realm : ""); 476 477 /* 478 * We would use cmd-orig as the 'cmd-buffer' if kerberized 479 * rcp fails, in which case we fallback to normal rcp. We also 480 * save argc & argv for the same purpose 481 */ 482 (void) snprintf(cmd_orig, cmdsiz, "rcp%s%s%s%s", 483 iamrecursive ? " -r" : "", 484 pflag ? " -p" : "", 485 zflag ? " -z" : "", 486 targetshouldbedirectory ? " -d" : ""); 487 488 (void) snprintf(cmd_sunw_orig, cmdsiz, "%s%s%s%s%s", RCP_ACL, 489 iamrecursive ? " -r" : "", 490 pflag ? " -p" : "", 491 zflag ? " -z" : "", 492 targetshouldbedirectory ? " -d" : ""); 493 494 prev_argc = argc; 495 prev_argv = save_argv(argc, argv); 496 497 } else { 498 cmdsiz = sizeof ("rcp -r -p -z -d"); 499 if (((cmd = (char *)malloc(cmdsiz)) == NULL)) { 500 (void) fprintf(stderr, gettext("rcp: Cannot " 501 "malloc.\n")); 502 return (1); 503 } 504 505 (void) snprintf(cmd, cmdsiz, "rcp%s%s%s%s", 506 iamrecursive ? " -r" : "", 507 pflag ? " -p" : "", 508 zflag ? " -z" : "", 509 targetshouldbedirectory ? " -d" : ""); 510 } 511 512 cmdsiz = sizeof (RCP_ACL " -r -p -z -d"); 513 if ((cmd_sunw = (char *)malloc(cmdsiz)) == NULL) { 514 (void) fprintf(stderr, gettext("rcp: Cannot malloc.\n")); 515 return (1); 516 } 517 518 (void) snprintf(cmd_sunw, cmdsiz, "%s%s%s%s%s", RCP_ACL, 519 iamrecursive ? " -r" : "", 520 pflag ? " -p" : "", 521 zflag ? " -z" : "", 522 targetshouldbedirectory ? " -d" : ""); 523 524 (void) signal(SIGPIPE, (void (*)(int))lostconn); 525 526 if (targ = colon(argv[argc - 1])) 527 toremote(targ, argc, argv); 528 else { 529 tolocal(argc, argv); 530 if (targetshouldbedirectory) 531 verifydir(argv[argc - 1]); 532 } 533 534 return (errs > 0 ? EXIT_FAILURE : EXIT_SUCCESS); 535 } 536 537 538 static void 539 toremote(char *targ, int argc, char *argv[]) 540 { 541 int i; 542 char *host, *src, *suser, *thost, *tuser; 543 char resp; 544 size_t buffersize; 545 char bp[RCP_BUFSIZE]; 546 krb5_creds *cred; 547 char *arglist[MAXARGS+1]; 548 buffersize = RCP_BUFSIZE; 549 550 *targ++ = 0; 551 if (*targ == 0) 552 targ = "."; 553 554 if (thost = search_char((unsigned char *)argv[argc - 1], '@')) { 555 *thost++ = 0; 556 tuser = argv[argc - 1]; 557 if (*tuser == '\0') 558 tuser = NULL; 559 else if (!okname(tuser)) 560 exit(1); 561 } else { 562 thost = argv[argc - 1]; 563 tuser = NULL; 564 } 565 thost = removebrackets(thost); 566 567 for (i = 0; i < argc - 1; i++) { 568 src = colon(argv[i]); 569 if (src) { /* remote to remote */ 570 *src++ = 0; 571 if (*src == 0) 572 src = "."; 573 host = search_char((unsigned char *)argv[i], '@'); 574 if (host) { 575 *host++ = 0; 576 host = removebrackets(host); 577 suser = argv[i]; 578 if (*suser == '\0') { 579 suser = pwd->pw_name; 580 } else if (!okname(suser)) { 581 errs++; 582 continue; 583 } 584 (void) snprintf(bp, buffersize, "'%s%s%s:%s'", 585 tuser ? tuser : "", tuser ? "@" : "", 586 thost, targ); 587 (void) addargs(arglist, "rsh", host, "-l", 588 suser, "-n", cmd, src, bp, (char *)NULL); 589 } else { 590 host = removebrackets(argv[i]); 591 (void) snprintf(bp, buffersize, "'%s%s%s:%s'", 592 tuser ? tuser : "", tuser ? "@" : "", 593 thost, targ); 594 (void) addargs(arglist, "rsh", host, "-n", cmd, 595 src, bp, (char *)NULL); 596 } 597 if (susystem(_PATH_RSH, arglist) == -1) 598 errs++; 599 } else { /* local to remote */ 600 if (rem == -1) { 601 host = thost; 602 if (krb5auth_flag > 0) { 603 604 (void) snprintf(bp, buffersize, 605 "%s -t %s", cmd, targ); 606 authopts = AP_OPTS_MUTUAL_REQUIRED; 607 status = kcmd(&sock, &host, 608 portnumber, 609 pwd->pw_name, 610 tuser ? tuser : 611 pwd->pw_name, 612 bp, 613 0, 614 "host", 615 krb_realm, 616 bsd_context, 617 &auth_context, 618 &cred, 619 0, /* No seq # */ 620 0, /* No server seq # */ 621 authopts, 622 0, /* Not any port # */ 623 &kcmd_proto); 624 if (status) { 625 /* 626 * If new protocol requested, we dont 627 * fallback to less secure ones. 628 */ 629 630 if (kcmd_proto == KCMD_NEW_PROTOCOL) { 631 (void) fprintf(stderr, 632 gettext("rcp: kcmdv2 " 633 "to host %s failed - %s" 634 "\nFallback to normal " 635 "rcp denied."), host, 636 error_message(status)); 637 exit(1); 638 } 639 if (status != -1) { 640 (void) fprintf(stderr, 641 gettext("rcp: kcmd to host " 642 "%s failed - %s,\n" 643 "trying normal rcp...\n\n"), 644 host, error_message(status)); 645 } else { 646 (void) fprintf(stderr, 647 gettext("trying normal" 648 " rcp...\n")); 649 } 650 /* 651 * kcmd() failed, so we have to 652 * fallback to normal rcp 653 */ 654 try_normal_rcp(prev_argc, prev_argv); 655 } else { 656 rem = sock; 657 session_key = &cred->keyblock; 658 if (kcmd_proto == KCMD_NEW_PROTOCOL) { 659 /* CSTYLED */ 660 status = krb5_auth_con_getlocalsubkey(bsd_context, auth_context, &session_key); 661 if (status) { 662 com_err("rcp", status, 663 "determining " 664 "subkey for " 665 "session"); 666 exit(1); 667 } 668 if (!session_key) { 669 com_err("rcp", 0, 670 "no subkey " 671 "negotiated for" 672 " connection"); 673 exit(1); 674 } 675 } 676 eblock.crypto_entry = 677 session_key->enctype; 678 eblock.key = 679 (krb5_keyblock *)session_key; 680 681 init_encrypt(encrypt_flag, 682 bsd_context, kcmd_proto, 683 &desinbuf, &desoutbuf, CLIENT, 684 &eblock); 685 if (encrypt_flag > 0) { 686 char *s = gettext("This rcp " 687 "session is using " 688 "encryption for all " 689 "data transmissions." 690 "\r\n"); 691 692 (void) write(2, s, strlen(s)); 693 } 694 } 695 if (response() < 0) 696 exit(1); 697 698 } else { 699 700 /* 701 * ACL support: try to find out if the remote 702 * site is running acl cognizant version of 703 * rcp. A special binary name is used for this 704 * purpose. 705 */ 706 aclflag = 1; 707 acl_aclflag = 1; 708 709 /* 710 * First see if the remote side will support 711 * both aclent_t and ace_t acl's? 712 */ 713 (void) snprintf(bp, buffersize, "%s -tZ %s", 714 cmd_sunw, targ); 715 rem = rcmd_af(&host, portnumber, pwd->pw_name, 716 tuser ? tuser : pwd->pw_name, 717 bp, 0, AF_INET6); 718 if (rem < 0) 719 exit(1); 720 721 /* 722 * This is similar to routine response(). 723 * If response is not ok, treat the other 724 * side as non-acl rcp. 725 */ 726 if (read(rem, &resp, sizeof (resp)) 727 != sizeof (resp)) 728 lostconn(); 729 if (resp != 0) { 730 acl_aclflag = 0; 731 (void) snprintf(bp, buffersize, 732 "%s -t %s", cmd_sunw, targ); 733 734 (void) close(rem); 735 host = thost; 736 rem = rcmd_af(&host, portnumber, 737 pwd->pw_name, 738 tuser ? tuser : pwd->pw_name, 739 bp, 0, AF_INET6); 740 if (rem < 0) 741 exit(1); 742 743 if (read(rem, &resp, sizeof (resp)) 744 != sizeof (resp)) 745 lostconn(); 746 if (resp != 0) { 747 /* 748 * Not OK: 749 * The other side is running 750 * non-acl rcp. Try again with 751 * normal stuff 752 */ 753 aclflag = 0; 754 (void) snprintf(bp, buffersize, 755 "%s -t %s", cmd, targ); 756 (void) close(rem); 757 host = thost; 758 rem = rcmd_af(&host, portnumber, 759 pwd->pw_name, 760 tuser ? tuser : 761 pwd->pw_name, bp, 0, 762 AF_INET6); 763 if (rem < 0) 764 exit(1); 765 if (response() < 0) 766 exit(1); 767 } 768 } 769 /* everything should be fine now */ 770 (void) setuid(userid); 771 772 } 773 } 774 source(1, argv + i); 775 } 776 } 777 } 778 779 static void 780 tolocal(int argc, char *argv[]) 781 { 782 int i; 783 char *host, *src, *suser, *lhost; 784 char resp; 785 size_t buffersize; 786 char bp[RCP_BUFSIZE]; 787 krb5_creds *cred; 788 char *arglist[MAXARGS+1]; 789 buffersize = RCP_BUFSIZE; 790 791 for (i = 0; i < argc - 1; i++) { 792 if (!(src = colon(argv[i]))) { /* local to local */ 793 (void) addargs(arglist, "cp", 794 iamrecursive ? "-r" : "", pflag ? "-p" : "", 795 zflag ? "-z" : "", argv[i], argv[argc - 1], 796 (char *)NULL); 797 if (susystem(_PATH_CP, arglist) == -1) 798 errs++; 799 continue; 800 } 801 *src++ = 0; 802 if (*src == 0) 803 src = "."; 804 host = search_char((unsigned char *)argv[i], '@'); 805 if (host) { 806 *host++ = 0; 807 suser = argv[i]; 808 if (*suser == '\0') { 809 suser = pwd->pw_name; 810 } else if (!okname(suser)) { 811 errs++; 812 continue; 813 } 814 } else { 815 host = argv[i]; 816 suser = pwd->pw_name; 817 } 818 host = removebrackets(host); 819 lhost = host; 820 if (krb5auth_flag > 0) { 821 822 (void) snprintf(bp, buffersize, "%s -f %s", cmd, src); 823 authopts = AP_OPTS_MUTUAL_REQUIRED; 824 status = kcmd(&sock, &host, 825 portnumber, 826 pwd->pw_name, suser, 827 bp, 828 0, /* &rfd2 */ 829 "host", 830 krb_realm, 831 bsd_context, 832 &auth_context, 833 &cred, 834 0, /* No seq # */ 835 0, /* No server seq # */ 836 authopts, 837 1, /* Not any port # */ 838 &kcmd_proto); 839 if (status) { 840 /* 841 * If new protocol requested, we dont 842 * fallback to less secure ones. 843 */ 844 if (kcmd_proto == KCMD_NEW_PROTOCOL) { 845 (void) fprintf(stderr, gettext("rcp: kcmdv2 " 846 "to host %s failed - %s\n" 847 "Fallback to normal rcp denied."), 848 host, error_message(status)); 849 exit(1); 850 } 851 if (status != -1) { 852 (void) fprintf(stderr, gettext("rcp: kcmd " 853 "to host %s failed - %s,\n" 854 "trying normal rcp...\n\n"), 855 host, error_message(status)); 856 } else { 857 (void) fprintf(stderr, 858 gettext("trying normal rcp...\n")); 859 } 860 /* 861 * kcmd() failed, so we have to 862 * fallback to normal rcp 863 */ 864 try_normal_rcp(prev_argc, prev_argv); 865 } else { 866 rem = sock; 867 session_key = &cred->keyblock; 868 if (kcmd_proto == KCMD_NEW_PROTOCOL) { 869 status = krb5_auth_con_getlocalsubkey( 870 bsd_context, auth_context, 871 &session_key); 872 if (status) { 873 com_err("rcp", status, "determining " 874 "subkey for session"); 875 exit(1); 876 } 877 if (!session_key) { 878 com_err("rcp", 0, "no subkey negotiated" 879 " for connection"); 880 exit(1); 881 } 882 } 883 eblock.crypto_entry = session_key->enctype; 884 eblock.key = (krb5_keyblock *)session_key; 885 886 init_encrypt(encrypt_flag, bsd_context, kcmd_proto, 887 &desinbuf, &desoutbuf, CLIENT, 888 &eblock); 889 if (encrypt_flag > 0) { 890 char *s = gettext("This rcp " 891 "session is using DES " 892 "encryption for all " 893 "data transmissions." 894 "\r\n"); 895 896 (void) write(2, s, strlen(s)); 897 } 898 } 899 900 } 901 else 902 { 903 904 /* 905 * ACL support: try to find out if the remote site is 906 * running acl cognizant version of rcp. 907 */ 908 aclflag = 1; 909 acl_aclflag = 1; 910 911 (void) snprintf(bp, buffersize, "%s -Zf %s", cmd_sunw, src); 912 rem = rcmd_af(&host, portnumber, pwd->pw_name, suser, 913 bp, 0, AF_INET6); 914 915 if (rem < 0) { 916 ++errs; 917 continue; 918 } 919 920 /* 921 * The remote system is supposed to send an ok response. 922 * If there are any data other than "ok", it must be error 923 * messages from the remote system. We can assume the 924 * remote system is running non-acl version rcp. 925 */ 926 if (read(rem, &resp, sizeof (resp)) != sizeof (resp)) 927 lostconn(); 928 if (resp != 0) { 929 930 /* 931 * Try again without ace_acl support 932 */ 933 acl_aclflag = 0; 934 (void) snprintf(bp, buffersize, "%s -f %s", 935 cmd_sunw, src); 936 rem = rcmd_af(&host, portnumber, pwd->pw_name, suser, 937 bp, 0, AF_INET6); 938 939 if (rem < 0) { 940 ++errs; 941 continue; 942 } 943 944 if (read(rem, &resp, sizeof (resp)) != sizeof (resp)) 945 lostconn(); 946 947 /* 948 * NOT ok: 949 * The other side is running non-acl rcp. 950 * Try again with normal stuff 951 */ 952 aclflag = 0; 953 (void) snprintf(bp, buffersize, "%s -f %s", cmd, src); 954 (void) close(rem); 955 host = lhost; 956 rem = rcmd_af(&host, portnumber, pwd->pw_name, 957 suser, bp, 0, AF_INET6); 958 if (rem < 0) { 959 ++errs; 960 continue; 961 } 962 } 963 } 964 965 sink(1, argv + argc - 1); 966 967 (void) close(rem); 968 rem = -1; 969 } 970 } 971 972 973 static void 974 verifydir(char *cp) 975 { 976 struct stat stb; 977 978 if (stat(cp, &stb) >= 0) { 979 if ((stb.st_mode & S_IFMT) == S_IFDIR) 980 return; 981 errno = ENOTDIR; 982 } 983 error("rcp: %s: %s.\n", cp, strerror(errno)); 984 exit(1); 985 } 986 987 static char * 988 colon(char *cp) 989 { 990 boolean_t is_bracket_open = B_FALSE; 991 992 for (; *cp; ++cp) { 993 if (*cp == '[') 994 is_bracket_open = B_TRUE; 995 else if (*cp == ']') 996 is_bracket_open = B_FALSE; 997 else if (*cp == ':' && !is_bracket_open) 998 return (cp); 999 else if (*cp == '/') 1000 return (0); 1001 } 1002 return (0); 1003 } 1004 1005 static int 1006 okname(char *cp0) 1007 { 1008 register char *cp = cp0; 1009 register int c; 1010 1011 do { 1012 c = *cp; 1013 if (c & 0200) 1014 goto bad; 1015 if (!isalpha(c) && !isdigit(c) && c != '_' && c != '-') 1016 goto bad; 1017 } while (*++cp); 1018 return (1); 1019 bad: 1020 (void) fprintf(stderr, "rcp: invalid user name %s\n", cp0); 1021 return (0); 1022 } 1023 1024 1025 static char * 1026 removebrackets(char *str) 1027 { 1028 char *newstr = str; 1029 1030 if ((str[0] == '[') && (str[strlen(str) - 1] == ']')) { 1031 newstr = str + 1; 1032 str[strlen(str) - 1] = '\0'; 1033 } 1034 return (newstr); 1035 } 1036 1037 static int 1038 susystem(char *path, char **arglist) 1039 { 1040 int status, pid, w; 1041 register void (*istat)(), (*qstat)(); 1042 int pfds[2]; 1043 char buf[BUFSIZ]; 1044 int cnt; 1045 boolean_t seen_stderr_traffic; 1046 1047 /* 1048 * Due to the fact that rcp uses rsh to copy between 2 remote 1049 * machines, rsh doesn't return the exit status of the remote 1050 * command, and we can't modify the rcmd protocol used by rsh 1051 * (for interoperability reasons) we use the hack of using any 1052 * output on stderr as indication that an error occurred and 1053 * that we should return a non-zero error code. 1054 */ 1055 1056 if (pipe(pfds) == -1) { 1057 (void) fprintf(stderr, "Couldn't create pipe: %s\n", 1058 strerror(errno)); 1059 return (-1); 1060 } 1061 1062 if ((pid = vfork()) < 0) { 1063 (void) close(pfds[0]); 1064 (void) close(pfds[1]); 1065 (void) fprintf(stderr, "Couldn't fork child process: %s\n", 1066 strerror(errno)); 1067 return (-1); 1068 } else if (pid == 0) { 1069 /* 1070 * Child. 1071 */ 1072 (void) close(pfds[0]); 1073 /* 1074 * Send stderr messages down the pipe so that we can detect 1075 * them in the parent process. 1076 */ 1077 if (pfds[1] != STDERR_FILENO) { 1078 (void) dup2(pfds[1], STDERR_FILENO); 1079 (void) close(pfds[1]); 1080 } 1081 /* 1082 * This shell does not inherit the additional privilege 1083 * we have in our Permitted set. 1084 */ 1085 (void) execv(path, arglist); 1086 _exit(127); 1087 } 1088 /* 1089 * Parent. 1090 */ 1091 istat = signal(SIGINT, SIG_IGN); 1092 qstat = signal(SIGQUIT, SIG_IGN); 1093 1094 (void) close(pfds[1]); 1095 seen_stderr_traffic = B_FALSE; 1096 while ((cnt = read(pfds[0], buf, sizeof (buf))) > 0) { 1097 /* 1098 * If any data is read from the pipe the child process 1099 * has output something on stderr so we set the boolean 1100 * 'seen_stderr_traffic' to true, which will cause the 1101 * function to return -1. 1102 */ 1103 (void) write(STDERR_FILENO, buf, cnt); 1104 seen_stderr_traffic = B_TRUE; 1105 } 1106 (void) close(pfds[0]); 1107 while ((w = wait(&status)) != pid && w != -1) 1108 ; 1109 if (w == -1) 1110 status = -1; 1111 1112 (void) signal(SIGINT, istat); 1113 (void) signal(SIGQUIT, qstat); 1114 1115 return (seen_stderr_traffic ? -1 : status); 1116 } 1117 1118 static void 1119 source(int argc, char *argv[]) 1120 { 1121 struct stat stb; 1122 static BUF buffer; 1123 BUF *bp; 1124 int x, readerr, f, amt; 1125 char *last, *name, buf[RCP_BUFSIZE]; 1126 off_t off, size, i; 1127 ssize_t cnt; 1128 struct linger lingerbuf; 1129 1130 for (x = 0; x < argc; x++) { 1131 name = argv[x]; 1132 if ((f = open(name, O_RDONLY, 0)) < 0) { 1133 error("rcp: %s: %s\n", name, strerror(errno)); 1134 continue; 1135 } 1136 if (fstat(f, &stb) < 0) 1137 goto notreg; 1138 switch (stb.st_mode&S_IFMT) { 1139 1140 case S_IFREG: 1141 break; 1142 1143 case S_IFDIR: 1144 if (iamrecursive) { 1145 (void) close(f); 1146 rsource(name, &stb); 1147 continue; 1148 } 1149 /* FALLTHROUGH */ 1150 default: 1151 notreg: 1152 (void) close(f); 1153 error("rcp: %s: not a plain file\n", name); 1154 continue; 1155 } 1156 last = rindex(name, '/'); 1157 if (last == 0) 1158 last = name; 1159 else 1160 last++; 1161 if (pflag) { 1162 time_t mtime, atime; 1163 time_t now; 1164 1165 /* 1166 * Make it compatible with possible future 1167 * versions expecting microseconds. 1168 */ 1169 mtime = stb.st_mtime; 1170 atime = stb.st_atime; 1171 1172 if ((mtime < 0) || (atime < 0)) { 1173 now = time(NULL); 1174 1175 if (mtime < 0) { 1176 mtime = now; 1177 error("negative modification time on " 1178 "%s; not preserving\n", name); 1179 } 1180 if (atime < 0) { 1181 atime = now; 1182 error("negative access time on " 1183 "%s; not preserving\n", name); 1184 } 1185 } 1186 (void) snprintf(buf, sizeof (buf), "T%ld 0 %ld 0\n", 1187 mtime, atime); 1188 (void) desrcpwrite(rem, buf, strlen(buf)); 1189 if (response() < 0) { 1190 (void) close(f); 1191 continue; 1192 } 1193 } 1194 (void) snprintf(buf, sizeof (buf), "C%04o %lld %s\n", 1195 (uint_t)(stb.st_mode & 07777), (longlong_t)stb.st_size, 1196 last); 1197 (void) desrcpwrite(rem, buf, strlen(buf)); 1198 if (response() < 0) { 1199 (void) close(f); 1200 continue; 1201 } 1202 1203 /* ACL support: send */ 1204 if (aclflag | acl_aclflag) { 1205 /* get acl from f and send it over */ 1206 if (sendacl(f) == ACL_FAIL) { 1207 (void) close(f); 1208 continue; 1209 } 1210 } 1211 if ((krb5auth_flag > 0) || (iamremote == 1)) { 1212 bp = allocbuf(&buffer, f, RCP_BUFSIZE); 1213 if (bp == NULLBUF) { 1214 (void) close(f); 1215 continue; 1216 } 1217 readerr = 0; 1218 for (i = 0; i < stb.st_size; i += bp->cnt) { 1219 amt = bp->cnt; 1220 if (i + amt > stb.st_size) 1221 amt = stb.st_size - i; 1222 if (readerr == 0 && 1223 read(f, bp->buf, amt) != amt) 1224 readerr = errno; 1225 (void) desrcpwrite(rem, bp->buf, amt); 1226 } 1227 (void) close(f); 1228 if (readerr == 0) 1229 (void) desrcpwrite(rem, "", 1); 1230 else 1231 error("rcp: %s: %s\n", name, 1232 error_message(readerr)); 1233 } else { 1234 cnt = off = 0; 1235 size = stb.st_size; 1236 while (size != 0) { 1237 amt = MIN(size, SENDFILE_SIZE); 1238 cnt = sendfile(rem, f, &off, amt); 1239 if (cnt == -1) { 1240 if (errno == EINTR) { 1241 continue; 1242 } else { 1243 break; 1244 } 1245 } 1246 if (cnt == 0) 1247 break; 1248 size -= cnt; 1249 } 1250 if (cnt < 0) { 1251 error("rcp: %s: %s\n", name, strerror(errno)); 1252 } else if (cnt == 0 && size != 0) { 1253 error("rcp: %s: unexpected end of file\n", 1254 name); 1255 lingerbuf.l_onoff = 1; 1256 lingerbuf.l_linger = 0; 1257 (void) setsockopt(rem, SOL_SOCKET, SO_LINGER, 1258 &lingerbuf, sizeof (lingerbuf)); 1259 /* 1260 * When response() (see below) is invoked it 1261 * tries to read data from closed handle which 1262 * triggers error and lostconn() function. 1263 * lostconn() terminates the program with 1264 * appropriate message. 1265 */ 1266 (void) close(rem); 1267 rem = -1; 1268 } else { 1269 (void) write(rem, "", 1); 1270 } 1271 (void) close(f); 1272 } 1273 (void) response(); 1274 } 1275 } 1276 1277 1278 static void 1279 rsource(char *name, struct stat *statp) 1280 { 1281 DIR *d; 1282 struct dirent *dp; 1283 char *last, *vect[1]; 1284 char path[MAXPATHLEN]; 1285 1286 if (!(d = opendir(name))) { 1287 error("rcp: %s: %s\n", name, strerror(errno)); 1288 return; 1289 } 1290 last = rindex(name, '/'); 1291 if (last == 0) 1292 last = name; 1293 else 1294 last++; 1295 if (pflag) { 1296 (void) snprintf(path, sizeof (path), "T%ld 0 %ld 0\n", 1297 statp->st_mtime, statp->st_atime); 1298 (void) desrcpwrite(rem, path, strlen(path)); 1299 if (response() < 0) { 1300 (void) closedir(d); 1301 return; 1302 } 1303 } 1304 (void) snprintf(path, sizeof (path), "D%04o %d %s\n", 1305 (uint_t)(statp->st_mode & 07777), 0, last); 1306 (void) desrcpwrite(rem, path, strlen(path)); 1307 1308 /* acl support for directory */ 1309 if (aclflag) { 1310 /* get acl from f and send it over */ 1311 if (sendacl(d->dd_fd) == ACL_FAIL) { 1312 (void) closedir(d); 1313 return; 1314 } 1315 } 1316 1317 if (response() < 0) { 1318 (void) closedir(d); 1319 return; 1320 } 1321 1322 while (dp = readdir(d)) { 1323 if (dp->d_ino == 0) 1324 continue; 1325 if ((strcmp(dp->d_name, ".") == 0) || 1326 (strcmp(dp->d_name, "..") == 0)) 1327 continue; 1328 if ((uint_t)strlen(name) + 1 + strlen(dp->d_name) >= 1329 MAXPATHLEN - 1) { 1330 error("%s/%s: name too long.\n", name, dp->d_name); 1331 continue; 1332 } 1333 (void) snprintf(path, sizeof (path), "%s/%s", 1334 name, dp->d_name); 1335 vect[0] = path; 1336 source(1, vect); 1337 } 1338 (void) closedir(d); 1339 (void) desrcpwrite(rem, "E\n", 2); 1340 (void) response(); 1341 } 1342 1343 static int 1344 response(void) 1345 { 1346 register char *cp; 1347 char ch, resp, rbuf[RCP_BUFSIZE]; 1348 1349 if (desrcpread(rem, &resp, 1) != 1) 1350 lostconn(); 1351 cp = rbuf; 1352 switch (resp) { 1353 case 0: /* ok */ 1354 return (0); 1355 default: 1356 *cp++ = resp; 1357 /* FALLTHROUGH */ 1358 case 1: /* error, followed by err msg */ 1359 case 2: /* fatal error, "" */ 1360 do { 1361 if (desrcpread(rem, &ch, sizeof (ch)) != sizeof (ch)) 1362 lostconn(); 1363 *cp++ = ch; 1364 } while (cp < &rbuf[RCP_BUFSIZE] && ch != '\n'); 1365 1366 if (!iamremote) 1367 (void) write(STDERR_FILENO, rbuf, cp - rbuf); 1368 ++errs; 1369 if (resp == 1) 1370 return (-1); 1371 exit(1); 1372 } 1373 /*NOTREACHED*/ 1374 } 1375 1376 static void 1377 lostconn(void) 1378 { 1379 if (!iamremote) 1380 (void) fprintf(stderr, "rcp: lost connection\n"); 1381 exit(1); 1382 } 1383 1384 1385 static void 1386 sink(int argc, char *argv[]) 1387 { 1388 char *cp; 1389 static BUF buffer; 1390 struct stat stb; 1391 struct timeval tv[2]; 1392 BUF *bp; 1393 off_t i, j; 1394 char ch, *targ, *why; 1395 int amt, count, exists, first, mask, mode; 1396 off_t size; 1397 int ofd, setimes, targisdir, wrerr; 1398 char *np, *vect[1], buf[RCP_BUFSIZE]; 1399 char *namebuf = NULL; 1400 size_t namebuf_sz = 0; 1401 size_t need; 1402 1403 #define atime tv[0] 1404 #define mtime tv[1] 1405 #define SCREWUP(str) { why = str; goto screwup; } 1406 1407 setimes = targisdir = 0; 1408 mask = umask(0); 1409 if (!pflag) 1410 (void) umask(mask); 1411 if (argc != 1) { 1412 error("rcp: ambiguous target\n"); 1413 exit(1); 1414 } 1415 targ = *argv; 1416 if (targetshouldbedirectory) 1417 verifydir(targ); 1418 (void) desrcpwrite(rem, "", 1); 1419 1420 if (stat(targ, &stb) == 0 && (stb.st_mode & S_IFMT) == S_IFDIR) 1421 targisdir = 1; 1422 for (first = 1; ; first = 0) { 1423 cp = buf; 1424 if (desrcpread(rem, cp, 1) <= 0) { 1425 if (namebuf != NULL) 1426 free(namebuf); 1427 return; 1428 } 1429 1430 if (*cp++ == '\n') 1431 SCREWUP("unexpected <newline>"); 1432 do { 1433 if (desrcpread(rem, &ch, sizeof (ch)) != sizeof (ch)) 1434 SCREWUP("lost connection"); 1435 *cp++ = ch; 1436 } while (cp < &buf[RCP_BUFSIZE - 1] && ch != '\n'); 1437 *cp = 0; 1438 1439 if (buf[0] == '\01' || buf[0] == '\02') { 1440 if (iamremote == 0) 1441 (void) write(STDERR_FILENO, buf + 1, 1442 strlen(buf + 1)); 1443 if (buf[0] == '\02') 1444 exit(1); 1445 errs++; 1446 continue; 1447 } 1448 if (buf[0] == 'E') { 1449 (void) desrcpwrite(rem, "", 1); 1450 if (namebuf != NULL) 1451 free(namebuf); 1452 return; 1453 } 1454 1455 if (ch == '\n') 1456 *--cp = 0; 1457 cp = buf; 1458 if (*cp == 'T') { 1459 setimes++; 1460 cp++; 1461 mtime.tv_sec = strtol(cp, &cp, 0); 1462 if (*cp++ != ' ') 1463 SCREWUP("mtime.sec not delimited"); 1464 mtime.tv_usec = strtol(cp, &cp, 0); 1465 if (*cp++ != ' ') 1466 SCREWUP("mtime.usec not delimited"); 1467 atime.tv_sec = strtol(cp, &cp, 0); 1468 if (*cp++ != ' ') 1469 SCREWUP("atime.sec not delimited"); 1470 atime.tv_usec = strtol(cp, &cp, 0); 1471 if (*cp++ != '\0') 1472 SCREWUP("atime.usec not delimited"); 1473 (void) desrcpwrite(rem, "", 1); 1474 continue; 1475 } 1476 if (*cp != 'C' && *cp != 'D') { 1477 /* 1478 * Check for the case "rcp remote:foo\* local:bar". 1479 * In this case, the line "No match." can be returned 1480 * by the shell before the rcp command on the remote is 1481 * executed so the ^Aerror_message convention isn't 1482 * followed. 1483 */ 1484 if (first) { 1485 error("%s\n", cp); 1486 exit(1); 1487 } 1488 SCREWUP("expected control record"); 1489 } 1490 mode = 0; 1491 for (++cp; cp < buf + 5; cp++) { 1492 if (*cp < '0' || *cp > '7') 1493 SCREWUP("bad mode"); 1494 mode = (mode << 3) | (*cp - '0'); 1495 } 1496 if (*cp++ != ' ') 1497 SCREWUP("mode not delimited"); 1498 size = 0; 1499 while (isdigit(*cp)) 1500 size = size * 10 + (*cp++ - '0'); 1501 if (*cp++ != ' ') 1502 SCREWUP("size not delimited"); 1503 if (targisdir) { 1504 need = strlen(targ) + sizeof ("/") + strlen(cp); 1505 if (need > namebuf_sz) { 1506 if ((namebuf = realloc(namebuf, need)) == NULL) { 1507 error("rcp: out of memory\n"); 1508 exit(1); 1509 } 1510 namebuf_sz = need; 1511 } 1512 (void) snprintf(namebuf, need, "%s%s%s", targ, 1513 *targ ? "/" : "", cp); 1514 np = namebuf; 1515 } else { 1516 np = targ; 1517 } 1518 1519 exists = stat(np, &stb) == 0; 1520 if (buf[0] == 'D') { 1521 if (exists) { 1522 if ((stb.st_mode&S_IFMT) != S_IFDIR) { 1523 if (aclflag | acl_aclflag) { 1524 /* 1525 * consume acl in the pipe 1526 * fd = -1 to indicate the 1527 * special case 1528 */ 1529 if (recvacl(-1, exists, pflag) 1530 == ACL_FAIL) { 1531 goto bad; 1532 } 1533 } 1534 errno = ENOTDIR; 1535 goto bad; 1536 } 1537 if (pflag) 1538 (void) chmod(np, mode); 1539 } else if (mkdir(np, mode) < 0) { 1540 if (aclflag) { 1541 /* consume acl in the pipe */ 1542 (void) recvacl(-1, exists, pflag); 1543 } 1544 goto bad; 1545 } 1546 1547 /* acl support for directories */ 1548 if (aclflag | acl_aclflag) { 1549 int dfd; 1550 1551 if ((dfd = open(np, O_RDONLY)) == -1) 1552 goto bad; 1553 1554 /* get acl and set it to ofd */ 1555 if (recvacl(dfd, exists, pflag) == ACL_FAIL) { 1556 (void) close(dfd); 1557 if (!exists) 1558 (void) rmdir(np); 1559 goto bad; 1560 } 1561 (void) close(dfd); 1562 } 1563 1564 vect[0] = np; 1565 sink(1, vect); 1566 if (setimes) { 1567 setimes = 0; 1568 if (utimes(np, tv) < 0) 1569 error("rcp: can't set times on %s: %s\n", 1570 np, strerror(errno)); 1571 } 1572 continue; 1573 } 1574 1575 if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { 1576 bad: 1577 error("rcp: %s: %s\n", np, strerror(errno)); 1578 continue; 1579 } 1580 1581 /* 1582 * If the output file exists we have to force zflag off 1583 * to avoid erroneously seeking past old data. 1584 */ 1585 zopen(ofd, zflag && !exists); 1586 1587 if (exists && pflag) 1588 (void) fchmod(ofd, mode); 1589 1590 (void) desrcpwrite(rem, "", 1); 1591 1592 /* 1593 * ACL support: receiving 1594 */ 1595 if (aclflag | acl_aclflag) { 1596 /* get acl and set it to ofd */ 1597 if (recvacl(ofd, exists, pflag) == ACL_FAIL) { 1598 (void) close(ofd); 1599 if (!exists) 1600 (void) unlink(np); 1601 continue; 1602 } 1603 } 1604 1605 if ((bp = allocbuf(&buffer, ofd, RCP_BUFSIZE)) == 0) { 1606 (void) close(ofd); 1607 continue; 1608 } 1609 cp = bp->buf; 1610 count = 0; 1611 wrerr = 0; 1612 for (i = 0; i < size; i += RCP_BUFSIZE) { 1613 amt = RCP_BUFSIZE; 1614 if (i + amt > size) 1615 amt = size - i; 1616 count += amt; 1617 do { 1618 j = desrcpread(rem, cp, amt); 1619 if (j <= 0) { 1620 int sverrno = errno; 1621 1622 /* 1623 * Connection to supplier lost. 1624 * Truncate file to correspond 1625 * to amount already transferred. 1626 * 1627 * Note that we must call ftruncate() 1628 * before any call to error() (which 1629 * might result in a SIGPIPE and 1630 * sudden death before we have a chance 1631 * to correct the file's size). 1632 */ 1633 size = lseek(ofd, 0, SEEK_CUR); 1634 if ((ftruncate(ofd, size) == -1) && 1635 (errno != EINVAL) && 1636 (errno != EACCES)) 1637 #define TRUNCERR "rcp: can't truncate %s: %s\n" 1638 error(TRUNCERR, np, 1639 strerror(errno)); 1640 error("rcp: %s\n", 1641 j ? strerror(sverrno) : 1642 "dropped connection"); 1643 (void) close(ofd); 1644 exit(1); 1645 } 1646 amt -= j; 1647 cp += j; 1648 } while (amt > 0); 1649 if (count == bp->cnt) { 1650 cp = bp->buf; 1651 if (wrerr == 0 && 1652 zwrite(ofd, cp, count) < 0) 1653 wrerr++; 1654 count = 0; 1655 } 1656 } 1657 if (count != 0 && wrerr == 0 && 1658 zwrite(ofd, bp->buf, count) < 0) 1659 wrerr++; 1660 if (zclose(ofd) < 0) 1661 wrerr++; 1662 1663 1664 if ((ftruncate(ofd, size) == -1) && (errno != EINVAL) && 1665 (errno != EACCES)) { 1666 error(TRUNCERR, np, strerror(errno)); 1667 } 1668 (void) close(ofd); 1669 (void) response(); 1670 if (setimes) { 1671 setimes = 0; 1672 if (utimes(np, tv) < 0) 1673 error("rcp: can't set times on %s: %s\n", 1674 np, strerror(errno)); 1675 } 1676 if (wrerr) 1677 error("rcp: %s: %s\n", np, strerror(errno)); 1678 else 1679 (void) desrcpwrite(rem, "", 1); 1680 } 1681 screwup: 1682 error("rcp: protocol screwup: %s\n", why); 1683 exit(1); 1684 } 1685 1686 #ifndef roundup 1687 #define roundup(x, y) ((((x)+((y)-1))/(y))*(y)) 1688 #endif /* !roundup */ 1689 1690 static BUF * 1691 allocbuf(BUF *bp, int fd, int blksize) 1692 { 1693 struct stat stb; 1694 int size; 1695 1696 if (fstat(fd, &stb) < 0) { 1697 error("rcp: fstat: %s\n", strerror(errno)); 1698 return (0); 1699 } 1700 size = roundup(stb.st_blksize, blksize); 1701 if (size == 0) 1702 size = blksize; 1703 if (bp->cnt < size) { 1704 if (bp->buf != 0) 1705 free(bp->buf); 1706 bp->buf = (char *)malloc((uint_t)size); 1707 if (!bp->buf) { 1708 error("rcp: malloc: out of memory\n"); 1709 return (0); 1710 } 1711 } 1712 bp->cnt = size; 1713 return (bp); 1714 } 1715 1716 static void 1717 usage(void) 1718 { 1719 (void) fprintf(stderr, "%s: \t%s\t%s", gettext("Usage"), 1720 gettext("\trcp [-p] [-a] [-x] [-k realm] [-PN / -PO] " 1721 #ifdef DEBUG 1722 "[-D port] " 1723 #endif /* DEBUG */ 1724 "f1 f2; or:\n"), 1725 gettext("\trcp [-r] [-p] [-a] [-x] " 1726 #ifdef DEBUG 1727 "[-D port] " 1728 #endif /* DEBUG */ 1729 "[-k realm] [-PN / -PO] f1...fn d2\n")); 1730 exit(1); 1731 } 1732 1733 1734 /* 1735 * sparse file support 1736 */ 1737 1738 static off_t zbsize; 1739 static off_t zlastseek; 1740 1741 /* is it ok to try to create holes? */ 1742 static void 1743 zopen(int fd, int flag) 1744 { 1745 struct stat st; 1746 1747 zbsize = 0; 1748 zlastseek = 0; 1749 1750 if (flag && 1751 fstat(fd, &st) == 0 && 1752 (st.st_mode & S_IFMT) == S_IFREG) 1753 zbsize = st.st_blksize; 1754 } 1755 1756 /* write and/or seek */ 1757 static int 1758 zwrite(int fd, char *buf, int nbytes) 1759 { 1760 off_t block = zbsize ? zbsize : nbytes; 1761 1762 do { 1763 if (block > nbytes) 1764 block = nbytes; 1765 nbytes -= block; 1766 1767 if (!zbsize || notzero(buf, block)) { 1768 register int n, count = block; 1769 1770 do { 1771 if ((n = write(fd, buf, count)) < 0) 1772 return (-1); 1773 buf += n; 1774 } while ((count -= n) > 0); 1775 zlastseek = 0; 1776 } else { 1777 if (lseek(fd, (off_t)block, SEEK_CUR) < 0) 1778 return (-1); 1779 buf += block; 1780 zlastseek = 1; 1781 } 1782 } while (nbytes > 0); 1783 1784 return (0); 1785 } 1786 1787 /* write last byte of file if necessary */ 1788 static int 1789 zclose(int fd) 1790 { 1791 zbsize = 0; 1792 1793 if (zlastseek && (lseek(fd, (off_t)-1, SEEK_CUR) < 0 || 1794 zwrite(fd, "", 1) < 0)) 1795 return (-1); 1796 else 1797 return (0); 1798 } 1799 1800 /* return true if buffer is not all zeros */ 1801 static int 1802 notzero(char *p, int n) 1803 { 1804 register int result = 0; 1805 1806 while ((int)p & 3 && --n >= 0) 1807 result |= *p++; 1808 1809 while ((n -= 4 * sizeof (int)) >= 0) { 1810 /* LINTED */ 1811 result |= ((int *)p)[0]; 1812 /* LINTED */ 1813 result |= ((int *)p)[1]; 1814 /* LINTED */ 1815 result |= ((int *)p)[2]; 1816 /* LINTED */ 1817 result |= ((int *)p)[3]; 1818 if (result) 1819 return (result); 1820 p += 4 * sizeof (int); 1821 } 1822 n += 4 * sizeof (int); 1823 1824 while (--n >= 0) 1825 result |= *p++; 1826 1827 return (result); 1828 } 1829 1830 /* 1831 * New functions to support ACLs 1832 */ 1833 1834 /* 1835 * Get acl from f and send it over. 1836 * ACL record includes acl entry count, acl text length, and acl text. 1837 */ 1838 static int 1839 sendacl(int f) 1840 { 1841 int aclcnt; 1842 char *acltext; 1843 char buf[BUFSIZ]; 1844 acl_t *aclp; 1845 char acltype; 1846 int aclerror; 1847 int trivial; 1848 1849 1850 aclerror = facl_get(f, ACL_NO_TRIVIAL, &aclp); 1851 if (aclerror != 0) { 1852 error("can't retrieve ACL: %s \n", acl_strerror(aclerror)); 1853 return (ACL_FAIL); 1854 } 1855 1856 /* 1857 * if acl type is not ACLENT_T and were operating in acl_aclflag == 0 1858 * then don't do the malloc and facl(fd, getcntcmd,...); 1859 * since the remote side doesn't support alternate style ACL's. 1860 */ 1861 1862 if (aclp && (acl_type(aclp) != ACLENT_T) && (acl_aclflag == 0)) { 1863 aclcnt = MIN_ACL_ENTRIES; 1864 acltype = 'A'; 1865 trivial = ACL_IS_TRIVIAL; 1866 } else { 1867 1868 aclcnt = (aclp != NULL) ? acl_cnt(aclp) : 0; 1869 1870 if (aclp) { 1871 acltype = (acl_type(aclp) != ACLENT_T) ? 'Z' : 'A'; 1872 aclcnt = acl_cnt(aclp); 1873 trivial = (acl_flags(aclp) & ACL_IS_TRIVIAL); 1874 } else { 1875 acltype = 'A'; 1876 aclcnt = MIN_ACL_ENTRIES; 1877 trivial = ACL_IS_TRIVIAL; 1878 } 1879 1880 } 1881 1882 /* send the acl count over */ 1883 (void) snprintf(buf, sizeof (buf), "%c%d\n", acltype, aclcnt); 1884 (void) desrcpwrite(rem, buf, strlen(buf)); 1885 1886 /* 1887 * only send acl when we have an aclp, which would 1888 * imply its not trivial. 1889 */ 1890 if (aclp && (trivial != ACL_IS_TRIVIAL)) { 1891 acltext = acl_totext(aclp, 0); 1892 if (acltext == NULL) { 1893 error("rcp: failed to convert to text\n"); 1894 acl_free(aclp); 1895 return (ACL_FAIL); 1896 } 1897 1898 /* send ACLs over: send the length first */ 1899 (void) snprintf(buf, sizeof (buf), "%c%d\n", 1900 acltype, strlen(acltext)); 1901 1902 (void) desrcpwrite(rem, buf, strlen(buf)); 1903 (void) desrcpwrite(rem, acltext, strlen(acltext)); 1904 free(acltext); 1905 if (response() < 0) { 1906 acl_free(aclp); 1907 return (ACL_FAIL); 1908 } 1909 1910 } 1911 1912 if (aclp) 1913 acl_free(aclp); 1914 return (ACL_OK); 1915 } 1916 1917 /* 1918 * Use this routine to get acl entry count and acl text size (in bytes) 1919 */ 1920 static int 1921 getaclinfo(int *cnt, int *acltype) 1922 { 1923 char buf[BUFSIZ]; 1924 char *cp; 1925 char ch; 1926 1927 /* get acl count */ 1928 cp = buf; 1929 if (desrcpread(rem, cp, 1) <= 0) 1930 return (ACL_FAIL); 1931 1932 switch (*cp++) { 1933 case 'A': 1934 *acltype = 0; 1935 break; 1936 case 'Z': 1937 *acltype = 1; 1938 break; 1939 default: 1940 error("rcp: expect an ACL record, but got %c\n", *cp); 1941 return (ACL_FAIL); 1942 } 1943 do { 1944 if (desrcpread(rem, &ch, sizeof (ch)) != sizeof (ch)) { 1945 error("rcp: lost connection ..\n"); 1946 return (ACL_FAIL); 1947 } 1948 *cp++ = ch; 1949 } while (cp < &buf[BUFSIZ - 1] && ch != '\n'); 1950 if (ch != '\n') { 1951 error("rcp: ACL record corrupted \n"); 1952 return (ACL_FAIL); 1953 } 1954 cp = &buf[1]; 1955 *cnt = strtol(cp, &cp, 0); 1956 if (*cp != '\n') { 1957 error("rcp: ACL record corrupted \n"); 1958 return (ACL_FAIL); 1959 } 1960 return (ACL_OK); 1961 } 1962 1963 1964 /* 1965 * Receive acl from the pipe and set it to f 1966 */ 1967 static int 1968 recvacl(int f, int exists, int preserve) 1969 { 1970 int aclcnt; /* acl entry count */ 1971 int aclsize; /* acl text length */ 1972 int j; 1973 char *tp; 1974 char *acltext; /* external format */ 1975 acl_t *aclp; 1976 int acltype; 1977 int min_entries; 1978 int aclerror; 1979 1980 /* get acl count */ 1981 if (getaclinfo(&aclcnt, &acltype) != ACL_OK) 1982 return (ACL_FAIL); 1983 1984 if (acltype == 0) { 1985 min_entries = MIN_ACL_ENTRIES; 1986 } else { 1987 min_entries = 1; 1988 } 1989 1990 if (aclcnt > min_entries) { 1991 /* get acl text size */ 1992 if (getaclinfo(&aclsize, &acltype) != ACL_OK) 1993 return (ACL_FAIL); 1994 if ((acltext = malloc(aclsize + 1)) == NULL) { 1995 error("rcp: cant allocate memory: %d\n", aclsize); 1996 return (ACL_FAIL); 1997 } 1998 1999 tp = acltext; 2000 do { 2001 j = desrcpread(rem, tp, aclsize); 2002 if (j <= 0) { 2003 error("rcp: %s\n", j ? strerror(errno) : 2004 "dropped connection"); 2005 exit(1); 2006 } 2007 aclsize -= j; 2008 tp += j; 2009 } while (aclsize > 0); 2010 *tp = '\0'; 2011 2012 if (preserve || !exists) { 2013 aclerror = acl_fromtext(acltext, &aclp); 2014 if (aclerror != 0) { 2015 error("rcp: failed to parse acl : %s\n", 2016 acl_strerror(aclerror)); 2017 free(acltext); 2018 return (ACL_FAIL); 2019 } 2020 2021 if (f != -1) { 2022 if (facl_set(f, aclp) < 0) { 2023 error("rcp: failed to set acl\n"); 2024 acl_free(aclp); 2025 free(acltext); 2026 return (ACL_FAIL); 2027 } 2028 } 2029 /* -1 means that just consume the data in the pipe */ 2030 acl_free(aclp); 2031 } 2032 free(acltext); 2033 (void) desrcpwrite(rem, "", 1); 2034 } 2035 return (ACL_OK); 2036 } 2037 2038 2039 static char * 2040 search_char(unsigned char *cp, unsigned char chr) 2041 { 2042 int len; 2043 2044 while (*cp) { 2045 if (*cp == chr) 2046 return ((char *)cp); 2047 if ((len = mblen((char *)cp, MB_CUR_MAX)) <= 0) 2048 len = 1; 2049 cp += len; 2050 } 2051 return (0); 2052 } 2053 2054 2055 static int 2056 desrcpread(int fd, char *buf, int len) 2057 { 2058 return ((int)desread(fd, buf, len, 0)); 2059 } 2060 2061 static int 2062 desrcpwrite(int fd, char *buf, int len) 2063 { 2064 /* 2065 * Note that rcp depends on the same file descriptor being both 2066 * input and output to the remote side. This is bogus, especially 2067 * when rcp is being run by a rsh that pipes. Fix it here because 2068 * it would require significantly more work in other places. 2069 * --hartmans 1/96 2070 */ 2071 2072 if (fd == 0) 2073 fd = 1; 2074 return ((int)deswrite(fd, buf, len, 0)); 2075 } 2076 2077 static char ** 2078 save_argv(int argc, char **argv) 2079 { 2080 int i; 2081 2082 char **local_argv = (char **)calloc((unsigned)argc + 1, 2083 (unsigned)sizeof (char *)); 2084 2085 /* 2086 * allocate an extra pointer, so that it is initialized to NULL and 2087 * execv() will work 2088 */ 2089 for (i = 0; i < argc; i++) { 2090 local_argv[i] = strsave(argv[i]); 2091 } 2092 2093 return (local_argv); 2094 } 2095 2096 #define SIZEOF_INADDR sizeof (struct in_addr) 2097 2098 static void 2099 answer_auth(char *config_file, char *ccache_file) 2100 { 2101 krb5_data pname_data, msg; 2102 krb5_creds creds, *new_creds; 2103 krb5_ccache cc; 2104 krb5_auth_context auth_context = NULL; 2105 2106 if (config_file) { 2107 const char *filenames[2]; 2108 2109 filenames[1] = NULL; 2110 filenames[0] = config_file; 2111 if (krb5_set_config_files(bsd_context, filenames)) 2112 exit(1); 2113 } 2114 (void) memset((char *)&creds, 0, sizeof (creds)); 2115 2116 if (krb5_read_message(bsd_context, (krb5_pointer) &rem, &pname_data)) 2117 exit(1); 2118 2119 if (krb5_read_message(bsd_context, (krb5_pointer) &rem, 2120 &creds.second_ticket)) 2121 exit(1); 2122 2123 if (ccache_file == NULL) { 2124 if (krb5_cc_default(bsd_context, &cc)) 2125 exit(1); 2126 } else { 2127 if (krb5_cc_resolve(bsd_context, ccache_file, &cc)) 2128 exit(1); 2129 } 2130 2131 if (krb5_cc_get_principal(bsd_context, cc, &creds.client)) 2132 exit(1); 2133 2134 if (krb5_parse_name(bsd_context, pname_data.data, &creds.server)) 2135 exit(1); 2136 2137 krb5_xfree(pname_data.data); 2138 if (krb5_get_credentials(bsd_context, KRB5_GC_USER_USER, cc, &creds, 2139 &new_creds)) 2140 exit(1); 2141 2142 if (krb5_mk_req_extended(bsd_context, &auth_context, 2143 AP_OPTS_USE_SESSION_KEY, NULL, new_creds, &msg)) 2144 exit(1); 2145 2146 if (krb5_write_message(bsd_context, (krb5_pointer) & rem, &msg)) { 2147 krb5_xfree(msg.data); 2148 exit(1); 2149 } 2150 /* setup eblock for des_read and write */ 2151 (void) krb5_copy_keyblock(bsd_context, 2152 &new_creds->keyblock, &session_key); 2153 2154 /* OK process key */ 2155 eblock.crypto_entry = session_key->enctype; 2156 eblock.key = (krb5_keyblock *)session_key; 2157 2158 init_encrypt(encrypt_flag, bsd_context, KCMD_OLD_PROTOCOL, 2159 &desinbuf, &desoutbuf, CLIENT, &eblock); 2160 /* cleanup */ 2161 krb5_free_cred_contents(bsd_context, &creds); 2162 krb5_free_creds(bsd_context, new_creds); 2163 krb5_xfree(msg.data); 2164 } 2165 2166 2167 static void 2168 try_normal_rcp(int cur_argc, char **cur_argv) 2169 { 2170 char *target; 2171 2172 /* 2173 * Reset all KRB5 relevant flags and set the 2174 * cmd-buffer so that normal rcp works 2175 */ 2176 krb5auth_flag = encrypt_flag = encrypt_done = 0; 2177 cmd = cmd_orig; 2178 cmd_sunw = cmd_sunw_orig; 2179 2180 if (cur_argc < 2) 2181 usage(); 2182 2183 if (cur_argc > 2) 2184 targetshouldbedirectory = 1; 2185 2186 rem = -1; 2187 2188 prev_argc = cur_argc; 2189 prev_argv = save_argv(cur_argc, cur_argv); 2190 2191 (void) init_service(krb5auth_flag); 2192 2193 if (target = colon(cur_argv[cur_argc - 1])) { 2194 toremote(target, cur_argc, cur_argv); 2195 } else { 2196 tolocal(cur_argc, cur_argv); 2197 if (targetshouldbedirectory) 2198 verifydir(cur_argv[cur_argc - 1]); 2199 } 2200 exit(errs); 2201 /* NOTREACHED */ 2202 } 2203 2204 2205 static int 2206 init_service(int krb5flag) 2207 { 2208 struct servent *sp; 2209 boolean_t success = B_FALSE; 2210 2211 if (krb5flag > 0) { 2212 sp = getservbyname("kshell", "tcp"); 2213 if (sp == NULL) { 2214 (void) fprintf(stderr, 2215 gettext("rcp: kshell/tcp: unknown service.\n" 2216 "trying normal shell/tcp service\n")); 2217 } else { 2218 portnumber = sp->s_port; 2219 success = B_TRUE; 2220 } 2221 } else { 2222 portnumber = htons(IPPORT_CMDSERVER); 2223 success = B_TRUE; 2224 } 2225 return (success); 2226 } 2227 2228 /*PRINTFLIKE1*/ 2229 static void 2230 error(char *fmt, ...) 2231 { 2232 va_list ap; 2233 char buf[RCP_BUFSIZE]; 2234 char *cp = buf; 2235 2236 va_start(ap, fmt); 2237 errs++; 2238 *cp++ = 1; 2239 (void) vsnprintf(cp, sizeof (buf) - 1, fmt, ap); 2240 va_end(ap); 2241 2242 (void) desrcpwrite(rem, buf, strlen(buf)); 2243 if (iamremote == 0) 2244 (void) write(2, buf + 1, strlen(buf + 1)); 2245 } 2246 2247 static void 2248 addargs(char **arglist, ...) 2249 { 2250 va_list ap; 2251 int i = 0; 2252 char *pm; 2253 2254 va_start(ap, arglist); 2255 while (i < MAXARGS && (pm = va_arg(ap, char *)) != NULL) 2256 if (strcmp(pm, "")) 2257 arglist[i++] = pm; 2258 arglist[i] = NULL; 2259 va_end(ap); 2260 } 2261