diff options
| -rw-r--r-- | libexec/rlogind/rlogind.c | 68 | ||||
| -rw-r--r-- | libexec/rshd/rshd.8 | 14 | ||||
| -rw-r--r-- | libexec/rshd/rshd.c | 79 |
3 files changed, 50 insertions, 111 deletions
diff --git a/libexec/rlogind/rlogind.c b/libexec/rlogind/rlogind.c index b0227e6db13b..64cf70fa68c7 100644 --- a/libexec/rlogind/rlogind.c +++ b/libexec/rlogind/rlogind.c @@ -42,7 +42,7 @@ static const char copyright[] = static const char sccsid[] = "@(#)rlogind.c 8.1 (Berkeley) 6/4/93"; #endif static const char rcsid[] = - "$Id$"; + "$Id: rlogind.c,v 1.19 1997/11/25 07:17:15 charnier Exp $"; #endif /* not lint */ /* @@ -122,8 +122,6 @@ void getstr __P((char *, int, char *)); void setup_term __P((int)); int do_krb_login __P((struct sockaddr_in *)); void usage __P((void)); -int local_domain __P((char *)); -char *topdomain __P((char *)); int main(argc, argv) @@ -232,9 +230,27 @@ doit(f, fromp) hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof(struct in_addr), fromp->sin_family); if (hp) { - (void)strncpy(hostname, hp->h_name, sizeof(hostname)); + strncpy(hostname, hp->h_name, sizeof(hostname) - 1); + hostname[sizeof(hostname) - 1] = '\0'; + hp = gethostbyname(hostname); + if (hp == NULL) { + strncpy(hostname, inet_ntoa(fromp->sin_addr), + sizeof(hostname) - 1); + } else for (; ; hp->h_addr_list++) { + if (hp->h_addr_list[0] == NULL) { + /* End of list - ditch it */ + strncpy(hostname, inet_ntoa(fromp->sin_addr), + sizeof(hostname) - 1); + break; + } + if (!bcmp(hp->h_addr_list[0], + (caddr_t)&fromp->sin_addr, + sizeof(fromp->sin_addr))) + break; /* OK! */ + } } else { - (void)strncpy(hostname, inet_ntoa(fromp->sin_addr), sizeof(hostname)); + strncpy(hostname, inet_ntoa(fromp->sin_addr), + sizeof(hostname) - 1); } hostname[sizeof(hostname) - 1] = '\0'; @@ -742,45 +758,3 @@ usage() syslog(LOG_ERR, "usage: rlogind [-Daln]"); #endif } - -/* - * Check whether host h is in our local domain, - * defined as sharing the last two components of the domain part, - * or the entire domain part if the local domain has only one component. - * If either name is unqualified (contains no '.'), - * assume that the host is local, as it will be - * interpreted as such. - */ -int -local_domain(h) - char *h; -{ - char localhost[MAXHOSTNAMELEN]; - char *p1, *p2; - - localhost[0] = 0; - (void) gethostname(localhost, sizeof(localhost)); - p1 = topdomain(localhost); - p2 = topdomain(h); - if (p1 == NULL || p2 == NULL || !strcasecmp(p1, p2)) - return (1); - return (0); -} - -char * -topdomain(h) - char *h; -{ - register char *p; - char *maybe = NULL; - int dots = 0; - - for (p = h + strlen(h); p >= h; p--) { - if (*p == '.') { - if (++dots == 2) - return (p); - maybe = p; - } - } - return (maybe); -} diff --git a/libexec/rshd/rshd.8 b/libexec/rshd/rshd.8 index 0fc7b1c64b4b..314f3fe2710b 100644 --- a/libexec/rshd/rshd.8 +++ b/libexec/rshd/rshd.8 @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" @(#)rshd.8 8.1 (Berkeley) 6/4/93 -.\" $Id: rshd.8,v 1.12 1998/12/01 23:27:24 dg Exp $ +.\" $Id: rshd.8,v 1.13 1998/12/03 05:45:18 bde Exp $ .\" .Dd June 4, 1993 .Dt RSHD 8 @@ -88,17 +88,9 @@ and requests the corresponding host name (see .Xr hosts 5 and .Xr named 8 ). -If the hostname cannot be determined, +If the hostname cannot be determined or the hostname and address do +not match after verification, the dot-notation representation of the host address is used. -If the hostname is in the same domain as the server (according to -the last two components of the domain name), -or if the -.Fl a -option is given, -the addresses for the hostname are requested, -verifying that the name and address correspond. -If address verification fails, the connection is aborted -with the message: ``Host address mismatch.''. .It A null terminated user name of at most 16 characters is retrieved on the initial socket. This user name diff --git a/libexec/rshd/rshd.c b/libexec/rshd/rshd.c index 1f3278ac308f..cd2f57c36a1f 100644 --- a/libexec/rshd/rshd.c +++ b/libexec/rshd/rshd.c @@ -42,7 +42,7 @@ static const char copyright[] = static const char sccsid[] = "@(#)rshd.c 8.2 (Berkeley) 4/6/94"; #endif static const char rcsid[] = - "$Id: rshd.c,v 1.21 1998/05/05 00:28:51 rnordier Exp $"; + "$Id: rshd.c,v 1.22 1998/12/01 23:27:24 dg Exp $"; #endif /* not lint */ /* @@ -80,7 +80,6 @@ static const char rcsid[] = #endif int keepalive = 1; -int check_all; int log_success; /* If TRUE, log all successful accesses */ int sent_null; int no_delay; @@ -122,7 +121,7 @@ main(argc, argv) while ((ch = getopt(argc, argv, OPTIONS)) != -1) switch (ch) { case 'a': - check_all = 1; + /* ignored for compatability */ break; case 'l': __check_rhosts_file = 0; @@ -214,10 +213,9 @@ doit(fromp) fd_set ready, readfrom; int cc, nfd, pv[2], pid, s; int one = 1; - char *hostname, *errorstr, *errorhost; + char *hostname, *errorstr; char *cp, sig, buf[BUFSIZ]; char cmdbuf[NCARGS+1], locuser[16], remuser[16]; - char remotehost[2 * MAXHOSTNAMELEN + 1]; char fromhost[2 * MAXHOSTNAMELEN + 1]; #ifdef LOGIN_CAP login_cap_t *lc; @@ -296,6 +294,7 @@ doit(fromp) (void) alarm(60); port = 0; + s = 0; /* not set or used if port == 0 */ for (;;) { char c; if ((cc = read(STDIN_FILENO, &c, 1)) != 1) { @@ -304,7 +303,7 @@ doit(fromp) shutdown(0, 1+1); exit(1); } - if (c== 0) + if (c == 0) break; port = port * 10 + c - '0'; } @@ -349,64 +348,38 @@ doit(fromp) dup2(f, 2); #endif errorstr = NULL; + strncpy(fromhost, inet_ntoa(fromp->sin_addr), + sizeof(fromhost) - 1); + hostname = fromhost; hp = gethostbyaddr((char *)&fromp->sin_addr, sizeof (struct in_addr), fromp->sin_family); if (hp) { /* - * If name returned by gethostbyaddr is in our domain, - * attempt to verify that we haven't been fooled by someone - * in a remote net; look up the name and check that this - * address corresponds to the name. + * OK, it looks like a DNS name is attached.. Lets see if + * it looks like we can use it. If it doesn't check out, + * ditch it and use the IP address for logging instead. + * Note that iruserok() does it's own hostname checking!! */ strncpy(fromhost, hp->h_name, sizeof(fromhost) - 1); fromhost[sizeof(fromhost) - 1] = 0; - hostname = fromhost; -#ifdef KERBEROS - if (!use_kerberos) -#endif - if (check_all || local_domain(hp->h_name)) { - strncpy(remotehost, hp->h_name, sizeof(remotehost) - 1); - remotehost[sizeof(remotehost) - 1] = 0; - errorhost = remotehost; - hp = gethostbyname(remotehost); - if (hp == NULL) { - syslog(LOG_INFO, - "couldn't look up address for %s", - remotehost); - errorstr = - "Couldn't look up address for your host (%s)\n"; + hp = gethostbyname(fromhost); + if (hp == NULL) { + strncpy(fromhost, inet_ntoa(fromp->sin_addr), + sizeof(fromhost) - 1); + } else for (; ; hp->h_addr_list++) { + if (hp->h_addr_list[0] == NULL) { + /* End of list - ditch it */ strncpy(fromhost, inet_ntoa(fromp->sin_addr), sizeof(fromhost) - 1); - fromhost[sizeof(fromhost) - 1] = 0; - hostname = fromhost; - } else for (; ; hp->h_addr_list++) { - if (hp->h_addr_list[0] == NULL) { - syslog(LOG_NOTICE, - "host addr %s not listed for host %s", - inet_ntoa(fromp->sin_addr), - hp->h_name); - errorstr = - "Host address mismatch for %s\n"; - strncpy(fromhost, inet_ntoa(fromp->sin_addr), - sizeof(fromhost) - 1); - fromhost[sizeof(fromhost) - 1] = 0; - hostname = fromhost; - break; - } - if (!bcmp(hp->h_addr_list[0], - (caddr_t)&fromp->sin_addr, - sizeof(fromp->sin_addr))) { - hostname = remotehost; - break; - } + break; } + if (!bcmp(hp->h_addr_list[0], + (caddr_t)&fromp->sin_addr, + sizeof(fromp->sin_addr))) + break; /* OK! */ } - } else { - strncpy(fromhost, inet_ntoa(fromp->sin_addr), - sizeof(fromhost) - 1); - fromhost[sizeof(fromhost) - 1] = 0; - errorhost = hostname = fromhost; } + fromhost[sizeof(fromhost) - 1] = 0; #ifdef KERBEROS if (use_kerberos) { @@ -515,7 +488,7 @@ doit(fromp) fail: if (errorstr == NULL) errorstr = "Login incorrect.\n"; - error(errorstr, errorhost); + error(errorstr, hostname); exit(1); } |