usr/src/cmd/tcpd/inetcf.c

   1  /*
   2   * Routines to parse an inetd.conf or tlid.conf file. This would be a great
   3   * job for a PERL script.
   4   *
   5   * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
   6   */
   7
   8 static char sccsid[] = "@(#) inetcf.c 1.7 97/02/12 02:13:23";
   9
  10 #include <sys/types.h>
  11 #include <sys/stat.h>
  12 #include <stdio.h>
  13 #include <errno.h>
  14 #include <string.h>
  15
  16 extern int errno;
  17 extern void exit();
  18
  19 #include "tcpd.h"
  20 #include "inetcf.h"
  21
  22  /*
  23   * Network configuration files may live in unusual places. Here are some
  24   * guesses. Shorter names follow longer ones.
  25   */
  26 char   *inet_files[] = {
  27     "/private/etc/inetd.conf",          /* NEXT */
  28     "/etc/inet/inetd.conf",             /* SYSV4 */
  29     "/usr/etc/inetd.conf",              /* IRIX?? */
  30     "/etc/inetd.conf",                  /* BSD */
  31     "/etc/net/tlid.conf",               /* SYSV4?? */
  32     "/etc/saf/tlid.conf",               /* SYSV4?? */
  33     "/etc/tlid.conf",                   /* SYSV4?? */
  34     0,
  35 };
  36
  37 static void inet_chk();
  38 static char *base_name();
  39
  40  /*
  41   * Structure with everything we know about a service.
  42   */
  43 struct inet_ent {
  44     struct inet_ent *next;
  45     int     type;
  46     char    name[1];
  47 };
  48
  49 static struct inet_ent *inet_list = 0;
  50
  51 static char whitespace[] = " \t\r\n";
  52
  53 /* inet_conf - read in and examine inetd.conf (or tlid.conf) entries */
  54
  55 char   *inet_cfg(conf)
  56 char   *conf;
  57 {
  58     char    buf[BUFSIZ];
  59     FILE   *fp;
  60     char   *service;
  61     char   *protocol;
  62     char   *user;
  63     char   *path;
  64     char   *arg0;
  65     char   *arg1;
  66     struct tcpd_context saved_context;
  67     char   *percent_m();
  68     int     i;
  69     struct stat st;
  70
  71     saved_context = tcpd_context;
  72
  73     /*
  74      * The inetd.conf (or tlid.conf) information is so useful that we insist
  75      * on its availability. When no file is given run a series of educated
  76      * guesses.
  77      */
  78     if (conf != 0) {
  79         if ((fp = fopen(conf, "r")) == 0) {
  80             fprintf(stderr, percent_m(buf, "open %s: %m\n"), conf);
  81             exit(1);
  82         }
  83     } else {
  84         for (i = 0; inet_files[i] && (fp = fopen(inet_files[i], "r")) == 0; i++)
  85              /* void */ ;
  86         if (fp == 0) {
  87             fprintf(stderr, "Cannot find your inetd.conf or tlid.conf file.\n");
  88             fprintf(stderr, "Please specify its location.\n");
  89             exit(1);
  90         }
  91         conf = inet_files[i];
  92         check_path(conf, &st);
  93     }
  94
  95     /*
  96      * Process the file. After the 7.0 wrapper release it became clear that
  97      * there are many more inetd.conf formats than the 8 systems that I had
  98      * studied. EP/IX uses a two-line specification for rpc services; HP-UX
  99      * permits long lines to be broken with backslash-newline.
 100      */
 101     tcpd_context.file = conf;
 102     tcpd_context.line = 0;
 103     while (xgets(buf, sizeof(buf), fp)) {
 104         service = strtok(buf, whitespace);      /* service */
 105         if (service == 0 || *service == '#')
 106             continue;
 107         if (STR_NE(service, "stream") && STR_NE(service, "dgram"))
 108             strtok(NULL, whitespace);   /* endpoint */
 109         protocol = strtok(NULL, whitespace);
 110         (void) strtok(NULL, whitespace);        /* wait */
 111         if ((user = strtok(NULL, whitespace)) == 0)
 112             continue;
 113         if (user[0] == '/') {                   /* user */
 114             path = user;
 115         } else {                                /* path */
 116             if ((path = strtok(NULL, whitespace)) == 0)
 117                 continue;
 118         }
 119         if (path[0] == '?')                     /* IRIX optional service */
 120             path++;
 121         if (STR_EQ(path, "internal"))
 122             continue;
 123         if (path[strspn(path, "-0123456789")] == 0) {
 124
 125             /*
 126              * ConvexOS puts RPC version numbers before path names. Jukka
 127              * Ukkonen <ukkonen@csc.fi>.
 128              */
 129             if ((path = strtok(NULL, whitespace)) == 0)
 130                 continue;
 131         }
 132         if ((arg0 = strtok(NULL, whitespace)) == 0) {
 133             tcpd_warn("incomplete line");
 134             continue;
 135         }
 136         if (arg0[strspn(arg0, "0123456789")] == 0) {
 137
 138             /*
 139              * We're reading a tlid.conf file, the format is:
 140              *
 141              * ...stuff... path arg_count arguments mod_count modules
 142              */
 143             if ((arg0 = strtok(NULL, whitespace)) == 0) {
 144                 tcpd_warn("incomplete line");
 145                 continue;
 146             }
 147         }
 148         if ((arg1 = strtok(NULL, whitespace)) == 0)
 149             arg1 = "";
 150
 151         inet_chk(protocol, path, arg0, arg1);
 152     }
 153     fclose(fp);
 154     tcpd_context = saved_context;
 155     return (conf);
 156 }
 157
 158 /* inet_chk - examine one inetd.conf (tlid.conf?) entry */
 159
 160 static void inet_chk(protocol, path, arg0, arg1)
 161 char   *protocol;
 162 char   *path;
 163 char   *arg0;
 164 char   *arg1;
 165 {
 166     char    daemon[BUFSIZ];
 167     struct stat st;
 168     int     wrap_status = WR_MAYBE;
 169     char   *base_name_path = base_name(path);
 170     char   *tcpd_proc_name = (arg0[0] == '/' ? base_name(arg0) : arg0);
 171
 172     /*
 173      * Always warn when the executable does not exist or when it is not
 174      * executable.
 175      */
 176     if (check_path(path, &st) < 0) {
 177         tcpd_warn("%s: not found: %m", path);
 178     } else if ((st.st_mode & 0100) == 0) {
 179         tcpd_warn("%s: not executable", path);
 180     }
 181
 182     /*
 183      * Cheat on the miscd tests, nobody uses it anymore.
 184      */
 185     if (STR_EQ(base_name_path, "miscd")) {
 186         inet_set(arg0, WR_YES);
 187         return;
 188     }
 189
 190     /*
 191      * While we are here...
 192      */
 193     if (STR_EQ(tcpd_proc_name, "rexd") || STR_EQ(tcpd_proc_name, "rpc.rexd"))
 194         tcpd_warn("%s may be an insecure service", tcpd_proc_name);
 195
 196     /*
 197      * The tcpd program gets most of the attention.
 198      */
 199     if (STR_EQ(base_name_path, "tcpd")) {
 200
 201         if (STR_EQ(tcpd_proc_name, "tcpd"))
 202             tcpd_warn("%s is recursively calling itself", tcpd_proc_name);
 203
 204         wrap_status = WR_YES;
 205
 206         /*
 207          * Check: some sites install the wrapper set-uid.
 208          */
 209         if ((st.st_mode & 06000) != 0)
 210             tcpd_warn("%s: file is set-uid or set-gid", path);
 211
 212         /*
 213          * Check: some sites insert tcpd in inetd.conf, instead of replacing
 214          * the daemon pathname.
 215          */
 216         if (arg0[0] == '/' && STR_EQ(tcpd_proc_name, base_name(arg1)))
 217             tcpd_warn("%s inserted before %s", path, arg0);
 218
 219         /*
 220          * Check: make sure files exist and are executable. On some systems
 221          * the network daemons are set-uid so we cannot complain. Note that
 222          * tcpd takes the basename only in case of absolute pathnames.
 223          */
 224         if (arg0[0] == '/') {                   /* absolute path */
 225             if (check_path(arg0, &st) < 0) {
 226                 tcpd_warn("%s: not found: %m", arg0);
 227             } else if ((st.st_mode & 0100) == 0) {
 228                 tcpd_warn("%s: not executable", arg0);
 229             }
 230         } else {                                /* look in REAL_DAEMON_DIR */
 231             sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0);
 232             if (check_path(daemon, &st) < 0) {
 233                 tcpd_warn("%s: not found in %s: %m",
 234                           arg0, REAL_DAEMON_DIR);
 235             } else if ((st.st_mode & 0100) == 0) {
 236                 tcpd_warn("%s: not executable", daemon);
 237             }
 238         }
 239
 240     } else {
 241
 242         /*
 243          * No tcpd program found. Perhaps they used the "simple installation"
 244          * recipe. Look for a file with the same basename in REAL_DAEMON_DIR.
 245          * Draw some conservative conclusions when a distinct file is found.
 246          */
 247         sprintf(daemon, "%s/%s", REAL_DAEMON_DIR, arg0);
 248         if (STR_EQ(path, daemon)) {
 249             wrap_status = WR_NOT;
 250         } else if (check_path(daemon, &st) >= 0) {
 251             wrap_status = WR_MAYBE;
 252         } else if (errno == ENOENT) {
 253             wrap_status = WR_NOT;
 254         } else {
 255             tcpd_warn("%s: file lookup: %m", daemon);
 256             wrap_status = WR_MAYBE;
 257         }
 258     }
 259
 260     /*
 261      * Alas, we cannot wrap rpc/tcp services.
 262      */
 263     if (wrap_status == WR_YES && STR_EQ(protocol, "rpc/tcp"))
 264         tcpd_warn("%s: cannot wrap rpc/tcp services", tcpd_proc_name);
 265
 266     inet_set(tcpd_proc_name, wrap_status);
 267 }
 268
 269 /* inet_set - remember service status */
 270
 271 void    inet_set(name, type)
 272 char   *name;
 273 int     type;
 274 {
 275     struct inet_ent *ip =
 276     (struct inet_ent *) malloc(sizeof(struct inet_ent) + strlen(name));
 277
 278     if (ip == 0) {
 279         fprintf(stderr, "out of memory\n");
 280         exit(1);
 281     }
 282     ip->next = inet_list;
 283     strcpy(ip->name, name);
 284     ip->type = type;
 285     inet_list = ip;
 286 }
 287
 288 /* inet_get - look up service status */
 289
 290 int     inet_get(name)
 291 char   *name;
 292 {
 293     struct inet_ent *ip;
 294
 295     if (inet_list == 0)
 296         return (WR_MAYBE);
 297
 298     for (ip = inet_list; ip; ip = ip->next)
 299         if (STR_EQ(ip->name, name))
 300             return (ip->type);
 301
 302     return (-1);
 303 }
 304
 305 /* base_name - compute last pathname component */
 306
 307 static char *base_name(path)
 308 char   *path;
 309 {
 310     char   *cp;
 311
 312     if ((cp = strrchr(path, '/')) != 0)
 313         path = cp + 1;
 314     return (path);
 315 }