xref: /titanic_41/usr/src/cmd/cmd-inet/usr.bin/rlogin.c (revision 0b4fd3b107539afdb6ac991e02328c2176598b78)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*	Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T	*/
27 /*	  All Rights Reserved  	*/
28 
29 /*
30  * University Copyright- Copyright (c) 1982, 1986, 1988
31  * The Regents of the University of California
32  * All Rights Reserved
33  *
34  * University Acknowledgment- Portions of this document are derived from
35  * software developed by the University of California, Berkeley, and its
36  * contributors.
37  */
38 
39 /*
40  * rlogin - remote login
41  */
42 #include <sys/types.h>
43 #include <sys/param.h>
44 #include <sys/errno.h>
45 #include <sys/file.h>
46 #include <sys/socket.h>
47 #include <sys/wait.h>
48 #include <sys/stropts.h>
49 #include <sys/ttold.h>
50 #include <sys/sockio.h>
51 #include <sys/tty.h>
52 #include <sys/ptyvar.h>
53 #include <sys/resource.h>
54 #include <sys/select.h>
55 #include <sys/time.h>
56 
57 #include <netinet/in.h>
58 #include <arpa/inet.h>
59 #include <priv_utils.h>
60 
61 #include <stdio.h>
62 #include <errno.h>
63 #include <pwd.h>
64 #include <signal.h>
65 #include <setjmp.h>
66 #include <netdb.h>
67 #include <fcntl.h>
68 #include <locale.h>
69 #include <stdarg.h>
70 #include <stdlib.h>
71 #include <string.h>
72 #include <unistd.h>
73 
74 #include <k5-int.h>
75 #include <profile/prof_int.h>
76 #include <com_err.h>
77 #include <kcmd.h>
78 #include <krb5.h>
79 
80 /* signal disposition - signal handler or SIG_IGN, SIG_ERR, etc. */
81 typedef void (*sigdisp_t)(int);
82 
83 extern errcode_t	profile_get_options_boolean(profile_t, char **,
84     profile_options_boolean *);
85 extern errcode_t	profile_get_options_string(profile_t, char **,
86     profile_option_strings *);
87 
88 #define	RLOGIN_BUFSIZ	(1024 * 50)
89 static char des_inbuf[2 * RLOGIN_BUFSIZ];
90 					/* needs to be > largest read size */
91 static char des_outbuf[2 * RLOGIN_BUFSIZ];
92 					/* needs to be > largest write size */
93 static krb5_data desinbuf, desoutbuf;
94 static krb5_encrypt_block eblock;	/* eblock for encrypt/decrypt */
95 static krb5_keyblock *session_key;
96 static krb5_creds *cred;
97 static krb5_context bsd_context = NULL;
98 static krb5_auth_context auth_context;
99 
100 static char *krb_realm;
101 
102 static	int krb5auth_flag;	/* Flag set, when KERBEROS is enabled */
103 static profile_options_boolean autologin_option[] = {
104 	{ "autologin", &krb5auth_flag, 0 },
105 	{ NULL, NULL, 0 }
106 };
107 
108 static	int fflag, Fflag;	/* Flag set, when option -f / -F used */
109 static	int encrypt_flag;	/* Flag set, when the "-x" option is used */
110 
111 /* Flag set, if -PN / -PO is specified */
112 static boolean_t rcmdoption_done;
113 
114 /* Flags set, if corres. cmd line options are turned on */
115 static boolean_t encrypt_done, fwd_done, fwdable_done;
116 
117 static profile_options_boolean option[] = {
118 	{ "encrypt", &encrypt_flag, 0 },
119 	{ "forward", &fflag, 0 },
120 	{ "forwardable", &Fflag, 0 },
121 	{ NULL, NULL, 0 }
122 };
123 
124 static char *rcmdproto;
125 static profile_option_strings rcmdversion[] = {
126 	{ "rcmd_protocol", &rcmdproto, 0 },
127 	{ NULL, NULL, 0 }
128 };
129 
130 static char rlogin[] = "rlogin";
131 
132 static char *realmdef[] = { "realms", NULL, rlogin, NULL };
133 static char *appdef[] = { "appdefaults", rlogin, NULL };
134 
135 #ifndef TIOCPKT_WINDOW
136 #define	TIOCPKT_WINDOW 0x80
137 #endif /* TIOCPKT_WINDOW */
138 
139 #ifndef sigmask
140 #define	sigmask(m)	(1 << ((m)-1))
141 #endif
142 
143 #define	set2mask(setp)	((setp)->__sigbits[0])
144 #define	mask2set(mask, setp) \
145 	((mask) == -1 ? sigfillset(setp) : (((setp)->__sigbits[0]) = (mask)))
146 
147 #ifdef DEBUG
148 #define	DEBUGOPTSTRING	"D:"
149 #else
150 #define	DEBUGOPTSTRING	""
151 #endif	/* DEBUG */
152 
153 static	boolean_t ttcompat;
154 static	struct termios savetty;
155 
156 static	char *host;
157 static	int port_number;
158 static	int rem = -1;
159 static	char cmdchar = '~';
160 static	boolean_t nocmdchar;
161 static	boolean_t eight;
162 static	boolean_t litout;
163 static	boolean_t null_local_username;
164 /*
165  * Note that this list of speeds is shorter than the list of speeds
166  * supported by termios.  This is because we can't be sure other rlogind's
167  * in the world will correctly cope with values other than what 4.2/4.3BSD
168  * supported.
169  */
170 static	char *speeds[] =
171 	{ "0", "50", "75", "110", "134", "150", "200", "300",
172 	    "600", "1200", "1800", "2400", "4800", "9600", "19200",
173 	    "38400" };
174 static	char term[256] = "network";
175 static	void lostpeer(void);
176 static	boolean_t dosigwinch;
177 static	struct winsize winsize;
178 static	void sigwinch(int);
179 static	void oob(void);
180 static	void doit(int);
181 static	sigdisp_t sigdisp(int);
182 
183 #define	CRLF "\r\n"
184 
185 static	pid_t child;
186 static	void catchild(int);
187 /* LINTED */
188 static	void copytochild(int);
189 static	void writeroob(int);
190 static	void stop(char), echo(char);
191 
192 static	int defflags, tabflag;
193 static	int deflflags;
194 static	char deferase, defkill;
195 static	struct tchars deftc;
196 static	struct ltchars defltc;
197 static	struct tchars notc = { (char)-1, (char)-1, (char)-1,
198 				(char)-1, (char)-1, (char)-1 };
199 static	struct ltchars noltc =	{ (char)-1, (char)-1, (char)-1,
200 				(char)-1, (char)-1, (char)-1 };
201 
202 static	void done(int);
203 static	void mode(int);
204 static	int reader(int);
205 static	void writer(void);
206 static	void prf(const char *, ...);
207 static	void sendwindow(void);
208 static	int compat_ioctl(int, int, void *);
209 
210 static void
sigsetmask(int mask)211 sigsetmask(int mask)
212 {
213 	sigset_t oset;
214 	sigset_t nset;
215 
216 	(void) sigprocmask(0, NULL, &nset);
217 	mask2set(mask, &nset);
218 	(void) sigprocmask(SIG_SETMASK, &nset, &oset);
219 }
220 
221 static int
sigblock(int mask)222 sigblock(int mask)
223 {
224 	sigset_t oset;
225 	sigset_t nset;
226 
227 	(void) sigprocmask(0, NULL, &nset);
228 	mask2set(mask, &nset);
229 	(void) sigprocmask(SIG_BLOCK, &nset, &oset);
230 	return (set2mask(&oset));
231 }
232 
233 static void
pop(int status)234 pop(int status) {
235 	if (ttcompat) {
236 		/*
237 		 * Pop ttcompat module
238 		 */
239 		(void) ioctl(STDIN_FILENO, I_POP, 0);
240 	}
241 	(void) tcsetattr(STDIN_FILENO, TCSANOW, &savetty);
242 	exit(status);
243 }
244 
245 static void
usage(void)246 usage(void) {
247 	(void) fprintf(stderr, "%s\n%s\n",
248 	    gettext("usage: rlogin [-option] [-option...] "
249 		"[-k realm] [-l username] host"),
250 	    gettext("       where option is e, 8, E, L, A, a, K, x, "
251 		"PN / PO, f or F"));
252 	pop(EXIT_FAILURE);
253 }
254 
255 /* PRINTFLIKE(0) */
256 static void
die(const char * format,...)257 die(const char *format, ...)
258 {
259 	va_list	ap;
260 
261 	va_start(ap, format);
262 	(void) vfprintf(stderr, format, ap);
263 	va_end(ap);
264 	usage();
265 }
266 
267 static void
usage_forward(void)268 usage_forward(void)
269 {
270 	die(gettext("rlogin: Only one of -f and -F allowed.\n"));
271 }
272 
273 int
main(int argc,char ** argv)274 main(int argc, char **argv)
275 {
276 	int c;
277 	char *cp, *cmd, *name = NULL;
278 	struct passwd *pwd;
279 	uid_t uid;
280 	int options = 0, oldmask;
281 	int on = 1;
282 	speed_t speed = 0;
283 	int getattr_ret;
284 	char *tmp;
285 	int sock;
286 	krb5_flags authopts;
287 	krb5_error_code status;
288 	enum kcmd_proto kcmd_proto = KCMD_NEW_PROTOCOL;
289 
290 	(void) setlocale(LC_ALL, "");
291 
292 #if !defined(TEXT_DOMAIN)
293 #define	TEXT_DOMAIN "SYS_TEST"
294 #endif
295 	(void) textdomain(TEXT_DOMAIN);
296 
297 	if (__init_suid_priv(0, PRIV_NET_PRIVADDR, NULL) == -1) {
298 		(void) fprintf(stderr,
299 		    gettext("Insufficient privileges, "
300 			"rlogin must be set-uid root\n"));
301 		exit(1);
302 	}
303 
304 	{
305 		int it;
306 
307 		if ((getattr_ret = tcgetattr(STDIN_FILENO, &savetty)) < 0)
308 			perror("tcgetattr");
309 		it = ioctl(STDIN_FILENO, I_FIND, "ttcompat");
310 		if (it < 0) {
311 			perror("ioctl I_FIND ttcompat");
312 			return (EXIT_FAILURE);
313 		}
314 		if (it == 0) {
315 			if (ioctl(STDIN_FILENO, I_PUSH, "ttcompat") < 0) {
316 				perror("ioctl I_PUSH ttcompat");
317 				exit(EXIT_FAILURE);
318 			}
319 			ttcompat = B_TRUE;
320 		}
321 	}
322 
323 	/*
324 	 * Determine command name used to invoke to rlogin(1). Users can
325 	 * create links named by a host pointing to the binary and type
326 	 * "hostname" to log into that host afterwards.
327 	 */
328 	cmd = strrchr(argv[0], '/');
329 	cmd = (cmd != NULL) ? (cmd + 1) : argv[0];
330 
331 	if (strcmp(cmd, rlogin) == 0) {
332 		if (argc < 2)
333 			usage();
334 		if (*argv[1] != '-') {
335 			host = argv[1];
336 			argc--;
337 			argv[1] = argv[0];
338 			argv++;
339 		}
340 	} else {
341 		host = cmd;
342 	}
343 
344 	while ((c = getopt(argc, argv,
345 	    DEBUGOPTSTRING "8AEFLP:aKde:fk:l:x")) != -1) {
346 		switch (c) {
347 		case '8':
348 			eight = B_TRUE;
349 			break;
350 		case 'A':
351 			krb5auth_flag++;
352 			break;
353 #ifdef DEBUG
354 		case 'D':
355 			portnumber = htons(atoi(optarg));
356 			krb5auth_flag++;
357 			break;
358 #endif /* DEBUG */
359 		case 'E':
360 			nocmdchar = B_TRUE;
361 			break;
362 		case 'F':
363 			if (fflag)
364 				usage_forward();
365 			Fflag = 1;
366 			krb5auth_flag++;
367 			fwdable_done = B_TRUE;
368 			break;
369 		case 'f':
370 			if (Fflag)
371 				usage_forward();
372 			fflag = 1;
373 			krb5auth_flag++;
374 			fwd_done = B_TRUE;
375 			break;
376 		case 'L':
377 			litout = B_TRUE;
378 			break;
379 		case 'P':
380 			if (strcmp(optarg, "N") == 0)
381 				kcmd_proto = KCMD_NEW_PROTOCOL;
382 			else if (strcmp(optarg, "O") == 0)
383 				kcmd_proto = KCMD_OLD_PROTOCOL;
384 			else
385 				die(gettext("rlogin: Only -PN or -PO "
386 				    "allowed.\n"));
387 			if (rcmdoption_done)
388 				die(gettext("rlogin: Only one of -PN and -PO "
389 				    "allowed.\n"));
390 			rcmdoption_done = B_TRUE;
391 			krb5auth_flag++;
392 			break;
393 		case 'a':
394 		case 'K':
395 		/*
396 		 * Force the remote host to prompt for a password by sending
397 		 * a NULL username. These options are mutually exclusive with
398 		 * the -A, -x, -f, -F, -k <realm> options.
399 		 */
400 			null_local_username = B_TRUE;
401 			break;
402 		case 'd':
403 			options |= SO_DEBUG;
404 			break;
405 		case 'e': {
406 			int c;
407 
408 			cp = optarg;
409 
410 			if ((c = *cp) != '\\') {
411 				cmdchar = c;
412 			} else {
413 				c = cp[1];
414 				if (c == '\0' || c == '\\') {
415 					cmdchar = '\\';
416 				} else if (c >= '0' && c <= '7') {
417 					long lc;
418 
419 					lc = strtol(&cp[1], NULL, 8);
420 					if (lc < 0 || lc > 255)
421 						die(gettext("rlogin: octal "
422 						    "escape character %s too "
423 						    "large.\n"), cp);
424 					cmdchar = (char)lc;
425 				} else {
426 					die(gettext("rlogin: unrecognized "
427 					    "escape character option %s.\n"),
428 					    cp);
429 				}
430 			}
431 			break;
432 		}
433 		case 'k':
434 			krb_realm = optarg;
435 			krb5auth_flag++;
436 			break;
437 		case 'l':
438 			name = optarg;
439 			break;
440 		case 'x':
441 			encrypt_flag = 1;
442 			krb5auth_flag++;
443 			encrypt_done = B_TRUE;
444 			break;
445 		default:
446 			usage();
447 		}
448 	}
449 
450 	argc -= optind;
451 	argv += optind;
452 
453 	if (host == NULL) {
454 		if (argc == 0)
455 			usage();
456 		argc--;
457 		host = *argv++;
458 	}
459 
460 	if (argc > 0)
461 		usage();
462 
463 	pwd = getpwuid(uid = getuid());
464 	if (pwd == NULL) {
465 		(void) fprintf(stderr, gettext("getpwuid(): can not find "
466 			"password entry for user id %d."), uid);
467 		return (EXIT_FAILURE);
468 	}
469 	if (name == NULL)
470 		name = pwd->pw_name;
471 
472 	/*
473 	 * If the `-a or -K' options are issued on the cmd line, we reset
474 	 * all flags associated with other KRB5 specific options, since
475 	 * these options are mutually exclusive with the rest.
476 	 */
477 	if (null_local_username) {
478 		krb5auth_flag = 0;
479 		fflag = Fflag = encrypt_flag = 0;
480 		(void) fprintf(stderr,
481 				gettext("Note: The -a (or -K) option nullifies "
482 					"all other Kerberos-specific\noptions "
483 					"you may have used.\n"));
484 	} else if (!krb5auth_flag) {
485 		/* is autologin set in krb5.conf? */
486 		status = krb5_init_context(&bsd_context);
487 		/* don't sweat failure here */
488 		if (!status) {
489 			/*
490 			 * note that the call to profile_get_options_boolean
491 			 * with autologin_option can affect value of
492 			 * krb5auth_flag
493 			 */
494 			(void) profile_get_options_boolean(bsd_context->profile,
495 			    appdef, autologin_option);
496 		}
497 	}
498 
499 	if (krb5auth_flag) {
500 		if (!bsd_context) {
501 			status = krb5_init_context(&bsd_context);
502 			if (status) {
503 				com_err(rlogin, status,
504 				    gettext("while initializing krb5"));
505 				return (EXIT_FAILURE);
506 			}
507 		}
508 		/*
509 		 * Set up buffers for desread and deswrite.
510 		 */
511 		desinbuf.data = des_inbuf;
512 		desoutbuf.data = des_outbuf;
513 		desinbuf.length = sizeof (des_inbuf);
514 		desoutbuf.length = sizeof (des_outbuf);
515 
516 		/*
517 		 * Get our local realm to look up local realm options.
518 		 */
519 		status = krb5_get_default_realm(bsd_context, &realmdef[1]);
520 		if (status) {
521 			com_err(rlogin, status,
522 				gettext("while getting default realm"));
523 			return (EXIT_FAILURE);
524 		}
525 		/*
526 		 * Check the realms section in krb5.conf for encryption,
527 		 * forward & forwardable info
528 		 */
529 		(void) profile_get_options_boolean(bsd_context->profile,
530 		    realmdef, option);
531 		/*
532 		 * Check the appdefaults section
533 		 */
534 		(void) profile_get_options_boolean(bsd_context->profile,
535 		    appdef, option);
536 		(void) profile_get_options_string(bsd_context->profile,
537 		    appdef, rcmdversion);
538 
539 		/*
540 		 * Set the *_flag variables, if the corresponding *_done are
541 		 * set to 1, because we dont want the config file values
542 		 * overriding the command line options.
543 		 */
544 		if (encrypt_done)
545 			encrypt_flag = 1;
546 		if (fwd_done) {
547 			fflag = 1;
548 			Fflag = 0;
549 		} else if (fwdable_done) {
550 			Fflag = 1;
551 			fflag = 0;
552 		}
553 		if (!rcmdoption_done && (rcmdproto != NULL)) {
554 			if (strncmp(rcmdproto, "rcmdv2", 6) == 0) {
555 				kcmd_proto = KCMD_NEW_PROTOCOL;
556 			} else if (strncmp(rcmdproto, "rcmdv1", 6) == 0) {
557 				kcmd_proto = KCMD_OLD_PROTOCOL;
558 			} else {
559 				(void) fprintf(stderr, gettext("Unrecognized "
560 					"KCMD protocol (%s)"), rcmdproto);
561 				return (EXIT_FAILURE);
562 			}
563 		}
564 
565 		if (encrypt_flag && (!krb5_privacy_allowed())) {
566 			(void) fprintf(stderr, gettext("rlogin: "
567 					"Encryption not supported.\n"));
568 			return (EXIT_FAILURE);
569 		}
570 	}
571 
572 	if (port_number == 0) {
573 		if (krb5auth_flag) {
574 			struct servent *sp;
575 
576 			/*
577 			 * If the krb5auth_flag is set (via -A, -f, -F, -k) &
578 			 * if there is an entry in /etc/services for Kerberos
579 			 * login, attempt to login with Kerberos. If we fail
580 			 * at any step,  use the standard rlogin
581 			 */
582 			sp = getservbyname(encrypt_flag ?
583 			    "eklogin" : "klogin", "tcp");
584 			if (sp == NULL) {
585 				port_number = encrypt_flag ?
586 				    htons(2105) : htons(543);
587 			} else {
588 				port_number = sp->s_port;
589 			}
590 		} else {
591 			port_number = htons(IPPORT_LOGINSERVER);
592 		}
593 	}
594 
595 	cp = getenv("TERM");
596 	if (cp) {
597 		(void) strncpy(term, cp, sizeof (term));
598 		term[sizeof (term) - 1] = '\0';
599 	}
600 	if (getattr_ret == 0) {
601 		speed = cfgetospeed(&savetty);
602 		/*
603 		 * "Be conservative in what we send" -- Only send baud rates
604 		 * which at least all 4.x BSD derivatives are known to handle
605 		 * correctly.
606 		 * NOTE:  This code assumes new termios speed values will
607 		 * be "higher" speeds.
608 		 */
609 		if (speed > B38400)
610 			speed = B38400;
611 	}
612 
613 	/*
614 	 * Only put the terminal speed info in if we have room
615 	 * so we don't overflow the buffer, and only if we have
616 	 * a speed we recognize.
617 	 */
618 	if (speed > 0 && speed < sizeof (speeds)/sizeof (char *) &&
619 	    strlen(term) + strlen("/") + strlen(speeds[speed]) + 1 <
620 	    sizeof (term)) {
621 		(void) strcat(term, "/");
622 		(void) strcat(term, speeds[speed]);
623 	}
624 	(void) sigset(SIGPIPE, (sigdisp_t)lostpeer);
625 	/* will use SIGUSR1 for window size hack, so hold it off */
626 	oldmask = sigblock(sigmask(SIGURG) | sigmask(SIGUSR1));
627 
628 	/*
629 	 * Determine if v4 literal address and if so store it to one
630 	 * side. This is to correct the undesired behaviour of rcmd_af
631 	 * which converts a passed in v4 literal address to a v4 mapped
632 	 * v6 literal address. If it was a v4 literal we then re-assign
633 	 * it to host.
634 	 */
635 	tmp = NULL;
636 	if (inet_addr(host) != (in_addr_t)-1)
637 		tmp = host;
638 
639 	if (krb5auth_flag) {
640 		authopts = AP_OPTS_MUTUAL_REQUIRED;
641 
642 		/* Piggy-back forwarding flags on top of authopts; */
643 		/* they will be reset in kcmd */
644 		if (fflag || Fflag)
645 			authopts |= OPTS_FORWARD_CREDS;
646 		if (Fflag)
647 			authopts |= OPTS_FORWARDABLE_CREDS;
648 
649 		status = kcmd(&sock, &host, port_number,
650 			null_local_username ? "" : pwd->pw_name,
651 			name, term, NULL,
652 			"host", krb_realm, bsd_context, &auth_context,
653 			&cred,
654 			NULL,		/* No need for sequence number */
655 			NULL,		/* No need for server seq # */
656 			authopts,
657 			0,		/* Not any port # */
658 			&kcmd_proto);
659 
660 		if (status != 0) {
661 			/*
662 			 * If new protocol requested, we dont fallback to
663 			 * less secure ones.
664 			 */
665 			if (kcmd_proto == KCMD_NEW_PROTOCOL) {
666 				(void) fprintf(stderr, gettext("rlogin: kcmdv2 "
667 					"to host %s failed - %s\n"
668 					"Fallback to normal rlogin denied."),
669 					host, error_message(status));
670 				return (EXIT_FAILURE);
671 			}
672 			if (status != -1) {
673 				(void) fprintf(stderr, gettext("rlogin: kcmd "
674 						"to host %s failed - %s,\n"
675 						"trying normal rlogin...\n\n"),
676 						host, error_message(status));
677 			} else {
678 				(void) fprintf(stderr,
679 					gettext("trying normal rlogin...\n"));
680 			}
681 			/*
682 			 * kcmd() failed, so we have to
683 			 * fallback to normal rlogin
684 			 */
685 			port_number = htons(IPPORT_LOGINSERVER);
686 			krb5auth_flag = 0;
687 			fflag = Fflag = encrypt_flag = 0;
688 			null_local_username = B_FALSE;
689 		} else {
690 			(void) fprintf(stderr,
691 			    gettext("connected with Kerberos V5\n"));
692 
693 			/*
694 			 * Setup eblock for desread and deswrite.
695 			 */
696 			session_key = &cred->keyblock;
697 
698 			if (kcmd_proto == KCMD_NEW_PROTOCOL) {
699 				status = krb5_auth_con_getlocalsubkey(
700 				    bsd_context,
701 				    auth_context,
702 				    &session_key);
703 				if (status) {
704 					com_err(rlogin, status,
705 					    "determining subkey for session");
706 					return (EXIT_FAILURE);
707 				}
708 				if (session_key == NULL) {
709 					com_err(rlogin, 0,
710 					    "no subkey negotiated for "
711 					    "connection");
712 					return (EXIT_FAILURE);
713 				}
714 			}
715 
716 			eblock.crypto_entry = session_key->enctype;
717 			eblock.key = (krb5_keyblock *)session_key;
718 
719 			init_encrypt(encrypt_flag, bsd_context, kcmd_proto,
720 			    &desinbuf, &desoutbuf, CLIENT, &eblock);
721 
722 			rem = sock;
723 			if (rem < 0)
724 				pop(EXIT_FAILURE);
725 		}
726 	}
727 
728 	/*
729 	 * Don't merge this with the "if" statement above because
730 	 * "krb5auth_flag" might be set to false inside it.
731 	 */
732 	if (!krb5auth_flag) {
733 		rem = rcmd_af(&host, port_number,
734 			null_local_username ? "" : pwd->pw_name,
735 			name, term, NULL, AF_INET6);
736 		if (rem < 0)
737 			pop(EXIT_FAILURE);
738 	}
739 
740 	/* Never need our privilege again */
741 	__priv_relinquish();
742 
743 	if (tmp != NULL)
744 		host = tmp;
745 
746 	if (options & SO_DEBUG &&
747 	    setsockopt(rem, SOL_SOCKET, SO_DEBUG, (char *)&on,
748 			    sizeof (on)) < 0)
749 		perror("rlogin: setsockopt (SO_DEBUG)");
750 
751 	{
752 		int bufsize = 8192;
753 
754 		(void) setsockopt(rem, SOL_SOCKET, SO_RCVBUF, (char *)&bufsize,
755 			sizeof (int));
756 	}
757 
758 	doit(oldmask);
759 	return (0);
760 }
761 
762 static void
doit(int oldmask)763 doit(int oldmask)
764 {
765 	struct sgttyb sb;
766 	int atmark;
767 
768 	if (ioctl(STDIN_FILENO, TIOCGETP, (char *)&sb) == -1)
769 		perror("ioctl TIOCGETP");
770 	defflags = sb.sg_flags;
771 	tabflag = defflags & O_TBDELAY;
772 	defflags &= ECHO | O_CRMOD;
773 	deferase = sb.sg_erase;
774 	defkill = sb.sg_kill;
775 	if (ioctl(STDIN_FILENO, TIOCLGET, (char *)&deflflags) == -1)
776 		perror("ioctl TIOCLGET");
777 	if (ioctl(STDIN_FILENO, TIOCGETC, (char *)&deftc) == -1)
778 		perror("ioctl TIOCGETC");
779 	notc.t_startc = deftc.t_startc;
780 	notc.t_stopc = deftc.t_stopc;
781 	if (ioctl(STDIN_FILENO, TIOCGLTC, (char *)&defltc) == -1)
782 		perror("ioctl TIOCGLTC");
783 	(void) sigset(SIGINT, SIG_IGN);
784 	if (sigdisp(SIGHUP) != SIG_IGN)
785 		(void) sigset(SIGHUP, exit);
786 	if (sigdisp(SIGQUIT) != SIG_IGN)
787 		(void) sigset(SIGQUIT, exit);
788 	child = fork();
789 	if (child == (pid_t)-1) {
790 		perror("rlogin: fork");
791 		done(EXIT_FAILURE);
792 	}
793 	if (child == 0) {
794 		mode(1);
795 		if (reader(oldmask) == 0) {
796 			prf(gettext("Connection to %.*s closed."),
797 			    MAXHOSTNAMELEN, host);
798 			exit(EXIT_SUCCESS);
799 		}
800 		(void) sleep(1);
801 		prf(gettext("\aConnection to %.*s closed."),
802 		    MAXHOSTNAMELEN, host);
803 		exit(EXIT_FAILURE);
804 	}
805 
806 	/*
807 	 * We may still own the socket, and may have a pending SIGURG (or might
808 	 * receive one soon) that we really want to send to the reader.  Set a
809 	 * trap that simply copies such signals to the child.
810 	 */
811 #ifdef F_SETOWN_BUG_FIXED
812 	(void) sigset(SIGURG, copytochild);
813 #else
814 	(void) sigset(SIGURG, SIG_IGN);
815 #endif /* F_SETOWN_BUG_FIXED */
816 	(void) sigset(SIGUSR1, writeroob);
817 	/*
818 	 * Of course, if the urgent byte already arrived, allowing SIGURG
819 	 * won't get us notification.  So, we check to see if we've got
820 	 * an urgent byte.  If so, force a call to writeroob() to pretend
821 	 * we got SIGURG.
822 	 */
823 	if (ioctl(rem, SIOCATMARK, &atmark) >= 0) {
824 		if (atmark)
825 			writeroob(0);
826 	}
827 	sigsetmask(oldmask);
828 	(void) sigset(SIGCHLD, catchild);
829 	writer();
830 	prf(gettext("Closed connection to %.*s."), MAXHOSTNAMELEN, host);
831 	done(EXIT_SUCCESS);
832 }
833 
834 /*
835  * Get signal disposition (or signal handler) for a given signal
836  */
837 static sigdisp_t
sigdisp(int sig)838 sigdisp(int sig)
839 {
840 	struct sigaction act;
841 
842 	act.sa_handler = NULL;
843 	act.sa_flags = 0;
844 	(void) sigemptyset(&act.sa_mask);
845 	(void) sigaction(sig, NULL, &act);
846 	return (act.sa_handler);
847 }
848 
849 static void
done(int status)850 done(int status)
851 {
852 	pid_t w;
853 
854 	mode(0);
855 	if (child > 0) {
856 		/* make sure catchild does not snap it up */
857 		(void) sigset(SIGCHLD, SIG_DFL);
858 		if (kill(child, SIGKILL) >= 0)
859 			while ((w = wait(0)) > (pid_t)0 && w != child)
860 				/* void */;
861 	}
862 	pop(status);
863 }
864 
865 /*
866  * Copy SIGURGs to the child process.
867  */
868 
869 /* ARGSUSED */
870 static void
copytochild(int signum)871 copytochild(int signum)
872 {
873 
874 	(void) kill(child, SIGURG);
875 }
876 
877 /*
878  * This is called when the reader process gets the out-of-band (urgent)
879  * request to turn on the window-changing protocol.
880  */
881 
882 /* ARGSUSED */
883 static void
writeroob(int signum)884 writeroob(int signum)
885 {
886 	int mask;
887 
888 	if (!dosigwinch) {
889 		/*
890 		 * Start tracking window size.  It doesn't matter which
891 		 * order the next two are in, because we'll be unconditionally
892 		 * sending a size notification in a moment.
893 		 */
894 		(void) sigset(SIGWINCH, sigwinch);
895 		dosigwinch = B_TRUE;
896 
897 		/*
898 		 * It would be bad if a SIGWINCH came in between the ioctl
899 		 * and sending the data.  It could result in the SIGWINCH
900 		 * handler sending a good message, and then us sending an
901 		 * outdated or inconsistent message.
902 		 *
903 		 * Instead, if the change is made before the
904 		 * ioctl, the sigwinch handler will send a size message
905 		 * and we'll send another, identical, one.  If the change
906 		 * is made after the ioctl, we'll send a message with the
907 		 * old value, and then the sigwinch handler will send
908 		 * a revised, correct one.
909 		 */
910 		mask = sigblock(sigmask(SIGWINCH));
911 		if (ioctl(STDIN_FILENO, TIOCGWINSZ, &winsize) == 0)
912 			sendwindow();
913 		sigsetmask(mask);
914 	}
915 }
916 
917 /* ARGSUSED */
918 static void
catchild(int signum)919 catchild(int signum)
920 {
921 	int options;
922 	siginfo_t	info;
923 	int error;
924 
925 	for (;;) {
926 		options = WNOHANG | WEXITED;
927 		error = waitid(P_ALL, 0, &info, options);
928 		if (error != 0)
929 			return;
930 		if (info.si_pid == 0)
931 			return;
932 		if (info.si_code == CLD_TRAPPED)
933 			continue;
934 		if (info.si_code == CLD_STOPPED)
935 			continue;
936 		done(info.si_status);
937 	}
938 }
939 
940 /*
941  * writer: write to remote: 0 -> line.
942  * ~.	terminate
943  * ~^Z	suspend rlogin process.
944  * ~^Y  suspend rlogin process, but leave reader alone.
945  */
946 static void
writer(void)947 writer(void)
948 {
949 	char c;
950 	int n;
951 	boolean_t bol = B_TRUE;		/* beginning of line */
952 	boolean_t local = B_FALSE;
953 
954 	for (;;) {
955 		n = read(STDIN_FILENO, &c, 1);
956 		if (n <= 0) {
957 			if (n == 0)
958 				break;
959 			if (errno == EINTR)
960 				continue;
961 			else {
962 				prf(gettext("Read error from terminal: %s"),
963 				    strerror(errno));
964 				break;
965 			}
966 		}
967 		/*
968 		 * If we're at the beginning of the line
969 		 * and recognize a command character, then
970 		 * we echo locally.  Otherwise, characters
971 		 * are echo'd remotely.  If the command
972 		 * character is doubled, this acts as a
973 		 * force and local echo is suppressed.
974 		 */
975 		if (bol && !nocmdchar) {
976 			bol = B_FALSE;
977 			if (c == cmdchar) {
978 				local = B_TRUE;
979 				continue;
980 			}
981 		} else if (local) {
982 			local = B_FALSE;
983 			if (c == '.' || c == deftc.t_eofc) {
984 				echo(c);
985 				break;
986 			}
987 			if (c == defltc.t_suspc || c == defltc.t_dsuspc) {
988 				bol = B_TRUE;
989 				echo(c);
990 				stop(c);
991 				continue;
992 			}
993 			if (c != cmdchar) {
994 				if (deswrite(rem, &cmdchar, 1, 0) < 0) {
995 					prf(gettext(
996 					    "Write error to network: %s"),
997 					    strerror(errno));
998 					break;
999 				}
1000 			}
1001 		}
1002 		if ((n = deswrite(rem, &c, 1, 0)) <= 0) {
1003 			if (n == 0)
1004 				prf(gettext("line gone"));
1005 			else
1006 				prf(gettext("Write error to network: %s"),
1007 				    strerror(errno));
1008 			break;
1009 		}
1010 		bol = c == defkill || c == deftc.t_eofc ||
1011 		    c == deftc.t_intrc || c == defltc.t_suspc ||
1012 		    c == '\r' || c == '\n';
1013 	}
1014 }
1015 
1016 static void
echo(char c)1017 echo(char c)
1018 {
1019 	char buf[8];
1020 	char *p = buf;
1021 
1022 	c &= 0177;
1023 	*p++ = cmdchar;
1024 	if (c < ' ') {
1025 		*p++ = '^';
1026 		*p++ = c + '@';
1027 	} else if (c == 0177) {
1028 		*p++ = '^';
1029 		*p++ = '?';
1030 	} else
1031 		*p++ = c;
1032 	*p++ = '\r';
1033 	*p++ = '\n';
1034 	if (write(STDOUT_FILENO, buf, p - buf) < 0)
1035 		prf(gettext("Write error to terminal: %s"), strerror(errno));
1036 }
1037 
1038 static void
stop(char cmdc)1039 stop(char cmdc)
1040 {
1041 	mode(0);
1042 	(void) sigset(SIGCHLD, SIG_IGN);
1043 	(void) kill(cmdc == defltc.t_suspc ? 0 : getpid(), SIGTSTP);
1044 	(void) sigset(SIGCHLD, catchild);
1045 	mode(1);
1046 	sigwinch(0);			/* check for size changes */
1047 }
1048 
1049 /* ARGSUSED */
1050 static void
sigwinch(int signum)1051 sigwinch(int signum)
1052 {
1053 	struct winsize ws;
1054 
1055 	if (dosigwinch && ioctl(STDIN_FILENO, TIOCGWINSZ, &ws) == 0 &&
1056 	    memcmp(&winsize, &ws, sizeof (ws)) != 0) {
1057 		winsize = ws;
1058 		sendwindow();
1059 	}
1060 }
1061 
1062 /*
1063  * Send the window size to the server via the magic escape.
1064  * Note:  SIGWINCH should be blocked when this is called, lest
1065  * winsize change underneath us and chaos result.
1066  */
1067 static void
sendwindow(void)1068 sendwindow(void)
1069 {
1070 	char obuf[4 + sizeof (struct winsize)];
1071 	struct winsize *wp = (struct winsize *)(void *)(obuf+4);
1072 
1073 	obuf[0] = -1;
1074 	obuf[1] = -1;
1075 	obuf[2] = 's';
1076 	obuf[3] = 's';
1077 	wp->ws_row = htons(winsize.ws_row);
1078 	wp->ws_col = htons(winsize.ws_col);
1079 	wp->ws_xpixel = htons(winsize.ws_xpixel);
1080 	wp->ws_ypixel = htons(winsize.ws_ypixel);
1081 	if (deswrite(rem, obuf, sizeof (obuf), 0) < 0)
1082 		prf(gettext("Write error to network: %s"), strerror(errno));
1083 }
1084 
1085 
1086 /*
1087  * reader: read from remote: remote -> stdout
1088  */
1089 #define	READING	1
1090 #define	WRITING	2
1091 
1092 static	char rcvbuf[8 * 1024];
1093 static	int rcvcnt;
1094 static	int rcvstate;
1095 static	pid_t ppid;
1096 static	jmp_buf rcvtop;
1097 
1098 static void
oob(void)1099 oob(void)
1100 {
1101 	int out = FWRITE, atmark, n;
1102 	int rcvd = 0;
1103 	char waste[4*BUFSIZ], mark;
1104 	struct sgttyb sb;
1105 	fd_set exceptfds;
1106 	struct timeval tv;
1107 	int ret;
1108 
1109 	FD_ZERO(&exceptfds);
1110 	FD_SET(rem, &exceptfds);
1111 	timerclear(&tv);
1112 	ret = select(rem+1, NULL, NULL, &exceptfds, &tv);
1113 	/*
1114 	 * We may get an extra signal at start up time since we are trying
1115 	 * to take all precautions not to miss the urgent byte. This
1116 	 * means we may get here without any urgent data to process, in which
1117 	 * case we do nothing and just return.
1118 	 */
1119 	if (ret <= 0)
1120 		return;
1121 
1122 	do {
1123 		if (ioctl(rem, SIOCATMARK, &atmark) < 0) {
1124 			break;
1125 		}
1126 		if (!atmark) {
1127 			/*
1128 			 * Urgent data not here yet.
1129 			 * It may not be possible to send it yet
1130 			 * if we are blocked for output
1131 			 * and our input buffer is full.
1132 			 */
1133 			if (rcvcnt < sizeof (rcvbuf)) {
1134 				n = desread(rem, rcvbuf + rcvcnt,
1135 					sizeof (rcvbuf) - rcvcnt, 0);
1136 				if (n <= 0)
1137 					return;
1138 				rcvd += n;
1139 				rcvcnt += n;
1140 			} else {
1141 				/*
1142 				 * We still haven't gotten to the urgent mark
1143 				 * and we're out of buffer space.  Since we
1144 				 * must clear our receive window to allow it
1145 				 * to arrive, we will have to throw away
1146 				 * these bytes.
1147 				 */
1148 				n = desread(rem, waste, sizeof (waste), 0);
1149 				if (n <= 0)
1150 					return;
1151 			}
1152 		}
1153 	} while (atmark == 0);
1154 	while (recv(rem, &mark, 1, MSG_OOB) < 0) {
1155 		switch (errno) {
1156 
1157 		case EWOULDBLOCK:
1158 			/*
1159 			 * We've reached the urgent mark, so the next
1160 			 * data to arrive will be the urgent, but it must
1161 			 * not have arrived yet.
1162 			 */
1163 			(void) sleep(1);
1164 			continue;
1165 
1166 		default:
1167 			return;
1168 		}
1169 	}
1170 	if (mark & TIOCPKT_WINDOW) {
1171 		/*
1172 		 * Let server know about window size changes
1173 		 */
1174 		(void) kill(ppid, SIGUSR1);
1175 	}
1176 	if (!eight && (mark & TIOCPKT_NOSTOP)) {
1177 		if (ioctl(STDIN_FILENO, TIOCGETP, (char *)&sb) == -1)
1178 			perror("ioctl TIOCGETP");
1179 		sb.sg_flags &= ~O_CBREAK;
1180 		sb.sg_flags |= O_RAW;
1181 		if (compat_ioctl(STDIN_FILENO, TIOCSETP, &sb) == -1)
1182 			perror("ioctl TIOCSETP 1");
1183 		notc.t_stopc = -1;
1184 		notc.t_startc = -1;
1185 		if (compat_ioctl(STDIN_FILENO, TIOCSETC, &notc) == -1)
1186 			perror("ioctl TIOCSETC");
1187 	}
1188 	if (!eight && (mark & TIOCPKT_DOSTOP)) {
1189 		if (ioctl(STDIN_FILENO, TIOCGETP, (char *)&sb) == -1)
1190 			perror("ioctl TIOCGETP");
1191 		sb.sg_flags &= ~O_RAW;
1192 		sb.sg_flags |= O_CBREAK;
1193 		if (compat_ioctl(STDIN_FILENO, TIOCSETP, &sb) == -1)
1194 			perror("ioctl TIOCSETP 2");
1195 		notc.t_stopc = deftc.t_stopc;
1196 		notc.t_startc = deftc.t_startc;
1197 		if (compat_ioctl(STDIN_FILENO, TIOCSETC, &notc) == -1)
1198 			perror("ioctl TIOCSETC");
1199 	}
1200 	if (mark & TIOCPKT_FLUSHWRITE) {
1201 		if (ioctl(STDOUT_FILENO, TIOCFLUSH, (char *)&out) == -1)
1202 			perror("ioctl TIOCFLUSH");
1203 		for (;;) {
1204 			if (ioctl(rem, SIOCATMARK, &atmark) < 0) {
1205 				perror("ioctl SIOCATMARK");
1206 				break;
1207 			}
1208 			if (atmark)
1209 				break;
1210 			n = desread(rem, waste, sizeof (waste), 0);
1211 			if (n <= 0) {
1212 				if (n < 0)
1213 					prf(gettext(
1214 					    "Read error from network: %s"),
1215 					    strerror(errno));
1216 				break;
1217 			}
1218 		}
1219 		/*
1220 		 * Don't want any pending data to be output,
1221 		 * so clear the recv buffer.
1222 		 * If we were hanging on a write when interrupted,
1223 		 * don't want it to restart.  If we were reading,
1224 		 * restart anyway.
1225 		 */
1226 		rcvcnt = 0;
1227 		longjmp(rcvtop, 1);
1228 	}
1229 	/*
1230 	 * If we filled the receive buffer while a read was pending,
1231 	 * longjmp to the top to restart appropriately.  Don't abort
1232 	 * a pending write, however, or we won't know how much was written.
1233 	 */
1234 	if (rcvd && rcvstate == READING)
1235 		longjmp(rcvtop, 1);
1236 }
1237 
1238 /*
1239  * reader: read from remote: line -> 1
1240  */
1241 static int
reader(int oldmask)1242 reader(int oldmask)
1243 {
1244 	/*
1245 	 * 4.3bsd or later and SunOS 4.0 or later use the posiitive
1246 	 * pid; otherwise use the negative.
1247 	 */
1248 	pid_t pid = getpid();
1249 	int n, remaining;
1250 	char *bufp = rcvbuf;
1251 
1252 	(void) sigset(SIGTTOU, SIG_IGN);
1253 	(void) sigset(SIGURG, (void (*)())oob);
1254 	ppid = getppid();
1255 	if (fcntl(rem, F_SETOWN, pid) == -1)
1256 		perror("fcntl F_SETOWN");
1257 	/*
1258 	 * A SIGURG may have been posted before we were completely forked,
1259 	 * which means we may not have received it. To insure we do not miss
1260 	 * any urgent data, we force the signal. The signal hander will be
1261 	 * able to determine if in fact there is urgent data or not.
1262 	 */
1263 	(void) kill(pid, SIGURG);
1264 	(void) setjmp(rcvtop);
1265 	sigsetmask(oldmask);
1266 	for (;;) {
1267 		while ((remaining = rcvcnt - (bufp - rcvbuf)) > 0) {
1268 			rcvstate = WRITING;
1269 			n = write(STDOUT_FILENO, bufp, remaining);
1270 			if (n < 0) {
1271 				if (errno != EINTR) {
1272 					prf(gettext(
1273 					    "Write error to terminal: %s"),
1274 					    strerror(errno));
1275 					return (-1);
1276 				}
1277 				continue;
1278 			}
1279 			bufp += n;
1280 		}
1281 		bufp = rcvbuf;
1282 		rcvcnt = 0;
1283 		rcvstate = READING;
1284 		rcvcnt = desread(rem, rcvbuf, sizeof (rcvbuf), 0);
1285 		if (rcvcnt == 0)
1286 			return (0);
1287 		if (rcvcnt < 0) {
1288 			if (errno == EINTR)
1289 				continue;
1290 			prf(gettext("Read error from network: %s"),
1291 			    strerror(errno));
1292 			return (-1);
1293 		}
1294 	}
1295 }
1296 
1297 static void
mode(int f)1298 mode(int f)
1299 {
1300 	struct tchars *tc;
1301 	struct ltchars *ltc;
1302 	struct sgttyb sb;
1303 	int	lflags;
1304 
1305 	if (ioctl(STDIN_FILENO, TIOCGETP, (char *)&sb) == -1)
1306 		perror("ioctl TIOCGETP");
1307 	if (ioctl(STDIN_FILENO, TIOCLGET, (char *)&lflags) == -1)
1308 		perror("ioctl TIOCLGET");
1309 	switch (f) {
1310 
1311 	case 0:
1312 		sb.sg_flags &= ~(O_CBREAK|O_RAW|O_TBDELAY);
1313 		sb.sg_flags |= defflags|tabflag;
1314 		tc = &deftc;
1315 		ltc = &defltc;
1316 		sb.sg_kill = defkill;
1317 		sb.sg_erase = deferase;
1318 		lflags = deflflags;
1319 		break;
1320 
1321 	case 1:
1322 		sb.sg_flags |= (eight ? O_RAW : O_CBREAK);
1323 		sb.sg_flags &= ~defflags;
1324 		/* preserve tab delays, but turn off XTABS */
1325 		if ((sb.sg_flags & O_TBDELAY) == O_XTABS)
1326 			sb.sg_flags &= ~O_TBDELAY;
1327 		tc = &notc;
1328 		ltc = &noltc;
1329 		sb.sg_kill = sb.sg_erase = -1;
1330 		if (litout)
1331 			lflags |= LLITOUT;
1332 		break;
1333 
1334 	default:
1335 		/*NOTREACHED*/
1336 		return;
1337 	}
1338 	if (compat_ioctl(STDIN_FILENO, TIOCSLTC, ltc) == -1)
1339 		perror("ioctl TIOCSLTC");
1340 	if (compat_ioctl(STDIN_FILENO, TIOCSETC, tc) == -1)
1341 		perror("ioctl TIOCSETC");
1342 	if (compat_ioctl(STDIN_FILENO, TIOCSETP, &sb) == -1)
1343 		perror("ioctl TIOCSETP 3");
1344 	if (compat_ioctl(STDIN_FILENO, TIOCLSET, &lflags) == -1)
1345 		perror("ioctl TIOCLSET");
1346 }
1347 
1348 /* PRINTFLIKE(0) */
1349 static void
prf(const char * format,...)1350 prf(const char *format, ...)
1351 {
1352 	va_list	ap;
1353 
1354 	va_start(ap, format);
1355 	(void) vfprintf(stderr, format, ap);
1356 	va_end(ap);
1357 	(void) fputs(CRLF, stderr);
1358 }
1359 
1360 static void
lostpeer(void)1361 lostpeer(void)
1362 {
1363 	(void) sigset(SIGPIPE, SIG_IGN);
1364 	prf(gettext("\aConnection to %.*s closed."), MAXHOSTNAMELEN, host);
1365 	done(EXIT_FAILURE);
1366 }
1367 
1368 static int
compat_ioctl(int des,int request,void * arg)1369 compat_ioctl(int des, int request, void *arg)
1370 {
1371 	struct termios	tb;
1372 	boolean_t	flag = B_FALSE;
1373 
1374 	if (ioctl(des, request, arg) < 0)
1375 		return (-1);
1376 
1377 	if (tcgetattr(des, &tb) < 0)
1378 		return (-1);
1379 
1380 	if (cfgetispeed(&tb) != cfgetispeed(&savetty)) {
1381 		(void) cfsetispeed(&tb, cfgetispeed(&savetty));
1382 		flag = B_TRUE;
1383 	}
1384 	if (cfgetospeed(&tb) != cfgetospeed(&savetty)) {
1385 		(void) cfsetospeed(&tb, cfgetospeed(&savetty));
1386 		flag = B_TRUE;
1387 	}
1388 
1389 	return (flag ? tcsetattr(des, TCSANOW, &tb) : 0);
1390 }
1391