freebsd-dev/crypto/kerberosIV/appl/bsd/rcmd_util.c
2000-12-29 21:00:22 +00:00

264 lines
5.5 KiB
C

/*
* Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "bsd_locl.h"
RCSID("$Id: rcmd_util.c,v 1.19.2.1 2000/06/23 02:34:48 assar Exp $");
int
get_login_port(int kerberos, int encryption)
{
char *service="login";
int port=htons(513);
if(kerberos && encryption){
service="eklogin";
port=htons(2105);
}
if(kerberos && !encryption){
service="klogin";
port=htons(543);
}
return k_getportbyname (service, "tcp", port);
}
int
get_shell_port(int kerberos, int encryption)
{
char *service="shell";
int port=htons(514);
if(kerberos && encryption){
service="ekshell";
port=htons(545);
}
if(kerberos && !encryption){
service="kshell";
port=htons(544);
}
return k_getportbyname (service, "tcp", port);
}
/*
* On reasonable systems, `cf[gs]et[io]speed' use values of bit/s
* directly, and the following functions are just identity functions.
* This is however a slower way of doing those
* should-be-but-are-not-always idenity functions.
*/
static struct { int speed; int bps; } conv[] = {
#ifdef B0
{B0, 0},
#endif
#ifdef B50
{B50, 50},
#endif
#ifdef B75
{B75, 75},
#endif
#ifdef B110
{B110, 110},
#endif
#ifdef B134
{B134, 134},
#endif
#ifdef B150
{B150, 150},
#endif
#ifdef B200
{B200, 200},
#endif
#ifdef B300
{B300, 300},
#endif
#ifdef B600
{B600, 600},
#endif
#ifdef B1200
{B1200, 1200},
#endif
#ifdef B1800
{B1800, 1800},
#endif
#ifdef B2400
{B2400, 2400},
#endif
#ifdef B4800
{B4800, 4800},
#endif
#ifdef B9600
{B9600, 9600},
#endif
#ifdef B19200
{B19200, 19200},
#endif
#ifdef EXTA
{EXTA, 19200},
#endif
#ifdef B38400
{B38400, 38400},
#endif
#ifdef EXTB
{EXTB, 38400},
#endif
#ifdef B57600
{B57600, 57600},
#endif
#ifdef B115200
{B115200, 115200},
#endif
#ifdef B153600
{B153600, 153600},
#endif
#ifdef B230400
{B230400, 230400},
#endif
#ifdef B307200
{B307200, 307200},
#endif
#ifdef B460800
{B460800, 460800},
#endif
};
#define N (sizeof(conv)/sizeof(*conv))
int
speed_t2int (speed_t s)
{
int l, r, m;
l = 0;
r = N - 1;
while(l <= r) {
m = (l + r) / 2;
if (conv[m].speed == s)
return conv[m].bps;
else if(conv[m].speed < s)
l = m + 1;
else
r = m - 1;
}
return -1;
}
/*
*
*/
speed_t
int2speed_t (int i)
{
int l, r, m;
l = 0;
r = N - 1;
while(l <= r) {
m = (l + r) / 2;
if (conv[m].bps == i)
return conv[m].speed;
else if(conv[m].bps < i)
l = m + 1;
else
r = m - 1;
}
return -1;
}
/*
* If there are any IP options on `sock', die.
*/
void
ip_options_and_die (int sock, struct sockaddr_in *fromp)
{
#if defined(IP_OPTIONS) && defined(HAVE_GETSOCKOPT)
u_char optbuf[BUFSIZ/3], *cp;
char lbuf[BUFSIZ], *lp;
int optsize = sizeof(optbuf), ipproto;
struct protoent *ip;
if ((ip = getprotobyname("ip")) != NULL)
ipproto = ip->p_proto;
else
ipproto = IPPROTO_IP;
if (getsockopt(sock, ipproto, IP_OPTIONS,
(void *)optbuf, &optsize) == 0 &&
optsize != 0) {
lp = lbuf;
for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3)
snprintf(lp, sizeof(lbuf) - (lp - lbuf), " %2.2x", *cp);
syslog(LOG_NOTICE,
"Connection received from %s using IP options (dead):%s",
inet_ntoa(fromp->sin_addr), lbuf);
exit(1);
}
#endif
}
void
warning(const char *fmt, ...)
{
char *rstar_no_warn = getenv("RSTAR_NO_WARN");
va_list args;
va_start(args, fmt);
if (rstar_no_warn == NULL)
rstar_no_warn = "";
if (strncmp(rstar_no_warn, "yes", 3) != 0) {
/* XXX */
fprintf(stderr, "%s: warning, using standard ", __progname);
vwarnx(fmt, args);
}
va_end(args);
}
/*
* setuid but work-around Linux 2.2.15 bug with setuid and capabilities
*/
void
paranoid_setuid (uid_t uid)
{
if (setuid (uid) < 0)
err (1, "setuid");
if (uid != 0 && setuid (0) == 0) {
syslog(LOG_ALERT | LOG_AUTH,
"Failed to drop privileges for uid %u", (unsigned)uid);
err (1, "setuid");
}
}