From 9481b5428e98e716617db6a6c27f40921ce441b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@FreeBSD.org>
Date: Thu, 1 Apr 2010 13:11:39 +0000
Subject: [PATCH] Add a debugging option (-d) Add a -k option which fingerd(8)
 passes through to finger(1).

MFC after:	2 weeks
---
 libexec/fingerd/fingerd.8 | 23 ++++++++++++++++++++++-
 libexec/fingerd/fingerd.c | 36 +++++++++++++++++++++++++-----------
 2 files changed, 47 insertions(+), 12 deletions(-)

diff --git a/libexec/fingerd/fingerd.8 b/libexec/fingerd/fingerd.8
index 232771ad0013..e28164c4e785 100644
--- a/libexec/fingerd/fingerd.8
+++ b/libexec/fingerd/fingerd.8
@@ -32,7 +32,7 @@
 .\"     @(#)fingerd.8	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd June 4, 1993
+.Dd April 1, 2010
 .Dt FINGERD 8
 .Os
 .Sh NAME
@@ -40,6 +40,8 @@
 .Nd remote user information server
 .Sh SYNOPSIS
 .Nm
+.Op Fl d
+.Op Fl k
 .Op Fl s
 .Op Fl l
 .Op Fl p Ar filename
@@ -106,6 +108,25 @@ The following options may be passed to
 as server program arguments in
 .Pa /etc/inetd.conf :
 .Bl -tag -width indent
+.It Fl d
+Enable debugging mode.
+In debugging mode,
+.Nm
+will not attempt any network-related operations on
+.Va stdin ,
+and it will print the full
+.Nm finger
+command line
+to
+.Va stderr
+before executing it.
+.It Fl k
+Suppress login information.
+See the description of the
+.Fl k
+option in
+.Xr finger 1
+for details.
 .It Fl s
 Enable secure mode.
 Queries without a user name are rejected and
diff --git a/libexec/fingerd/fingerd.c b/libexec/fingerd/fingerd.c
index 7d2a7547893b..3b98bee9891e 100644
--- a/libexec/fingerd/fingerd.c
+++ b/libexec/fingerd/fingerd.c
@@ -72,17 +72,23 @@ main(int argc, char *argv[])
 	char *lp;
 	struct sockaddr_storage ss;
 	socklen_t sval;
-	int p[2], logging, pflag, secure;
+	int p[2], debug, kflag, logging, pflag, secure;
 #define	ENTRIES	50
 	char **ap, *av[ENTRIES + 1], **comp, line[1024], *prog;
 	char rhost[MAXHOSTNAMELEN];
 
 	prog = _PATH_FINGER;
-	logging = pflag = secure = 0;
+	logging = kflag = pflag = secure = 0;
 	openlog("fingerd", LOG_PID | LOG_CONS, LOG_DAEMON);
 	opterr = 0;
-	while ((ch = getopt(argc, argv, "lp:s")) != -1)
+	while ((ch = getopt(argc, argv, "dklp:s")) != -1)
 		switch (ch) {
+		case 'd':
+			debug = 1;
+			break;
+		case 'k':
+			kflag = 1;
+			break;
 		case 'l':
 			logging = 1;
 			break;
@@ -101,7 +107,7 @@ main(int argc, char *argv[])
 	/*
 	 * Enable server-side Transaction TCP.
 	 */
-	{
+	if (!debug) {
 		int one = 1;
 		if (setsockopt(STDOUT_FILENO, IPPROTO_TCP, TCP_NOPUSH, &one, 
 			       sizeof one) < 0) {
@@ -112,7 +118,7 @@ main(int argc, char *argv[])
 	if (!fgets(line, sizeof(line), stdin))
 		exit(1);
 
-	if (logging || pflag) {
+	if (!debug && (logging || pflag)) {
 		sval = sizeof(ss);
 		if (getpeername(0, (struct sockaddr *)&ss, &sval) < 0)
 			logerr("getpeername: %s", strerror(errno));
@@ -143,12 +149,14 @@ main(int argc, char *argv[])
 		syslog(LOG_NOTICE, "query from %s: `%s'", rhost, t);
 	}
 
-	comp = &av[1];
-	av[2] = "--";
-	for (lp = line, ap = &av[3];;) {
+	comp = &av[2];
+	av[3] = "--";
+	if (kflag)
+		*comp-- = "-k";
+	for (lp = line, ap = &av[4];;) {
 		*ap = strtok(lp, " \t\r\n");
 		if (!*ap) {
-			if (secure && ap == &av[3]) {
+			if (secure && ap == &av[4]) {
 				puts("must provide username\r\n");
 				exit(1);
 			}
@@ -161,8 +169,7 @@ main(int argc, char *argv[])
 
 		/* RFC742: "/[Ww]" == "-l" */
 		if ((*ap)[0] == '/' && ((*ap)[1] == 'W' || (*ap)[1] == 'w')) {
-			av[1] = "-l";
-			comp = &av[0];
+			*comp-- = "-l";
 		}
 		else if (++ap == av + ENTRIES) {
 			*ap = NULL;
@@ -178,6 +185,13 @@ main(int argc, char *argv[])
 	if (pipe(p) < 0)
 		logerr("pipe: %s", strerror(errno));
 
+	if (debug) {
+		fprintf(stderr, "%s", prog);
+		for (ap = comp; *ap != NULL; ++ap)
+			fprintf(stderr, " %s", *ap);
+		fprintf(stderr, "\n");
+	}
+
 	switch(vfork()) {
 	case 0:
 		(void)close(p[0]);