2.11BSD#431 - /usr/src/libexec/tcpd/miscd.c

   1:  /*
   2:   * Front end to the ULTRIX miscd service. The front end logs the remote host
   3:   * name and then invokes the real miscd daemon. Install as "/usr/etc/miscd",
   4:   * after renaming the real miscd daemon to the name defined with the
   5:   * REAL_MISCD macro.
   6:   *
   7:   * Connections and diagnostics are logged through syslog(3).
   8:   *
   9:   * The Ultrix miscd program implements (among others) the systat service, which
  10:   * pipes the output from who(1) to stdout. This information is potentially
  11:   * useful to systems crackers.
  12:   *
  13:   * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
  14:   */
  15: 
  16: #ifndef lint
  17: static char sccsid[] = "@(#) miscd.c 1.9 94/12/28 17:42:32";
  18: #endif
  19: 
  20: /* System libraries. */
  21: 
  22: #include <sys/types.h>
  23: #include <sys/param.h>
  24: #include <sys/stat.h>
  25: #include <sys/socket.h>
  26: #include <netinet/in.h>
  27: #include <stdio.h>
  28: #include <syslog.h>
  29: 
  30: #ifndef MAXPATHNAMELEN
  31: #define MAXPATHNAMELEN  BUFSIZ
  32: #endif
  33: 
  34: #ifndef STDIN_FILENO
  35: #define STDIN_FILENO    0
  36: #endif
  37: 
  38: /* Local stuff. */
  39: 
  40: #include "patchlevel.h"
  41: #include "tcpd.h"
  42: 
  43: int     allow_severity = SEVERITY;  /* run-time adjustable */
  44: int     deny_severity = LOG_WARNING;    /* ditto */
  45: 
  46: main(argc, argv)
  47: int     argc;
  48: char  **argv;
  49: {
  50:     struct request_info request;
  51:     char    path[MAXPATHNAMELEN];
  52: 
  53:     /* Attempt to prevent the creation of world-writable files. */
  54: 
  55: #ifdef DAEMON_UMASK
  56:     umask(DAEMON_UMASK);
  57: #endif
  58: 
  59:     /*
  60:      * Open a channel to the syslog daemon. Older versions of openlog()
  61:      * require only two arguments.
  62:      */
  63: 
  64: #ifdef LOG_MAIL
  65:     (void) openlog(argv[0], LOG_PID, FACILITY);
  66: #else
  67:     (void) openlog(argv[0], LOG_PID);
  68: #endif
  69: 
  70:     /*
  71:      * Find out the endpoint addresses of this conversation. Host name
  72:      * lookups and double checks will be done on demand.
  73:      */
  74: 
  75:     request_init(&request, RQ_DAEMON, argv[0], RQ_FILE, STDIN_FILENO, 0);
  76:     fromhost(&request);
  77: 
  78:     /*
  79:      * Optionally look up and double check the remote host name. Sites
  80:      * concerned with security may choose to refuse connections from hosts
  81:      * that pretend to have someone elses host name.
  82:      */
  83: 
  84: #ifdef PARANOID
  85:     if (STR_EQ(eval_hostname(request.client), paranoid))
  86:     refuse(&request);
  87: #endif
  88: 
  89:     /*
  90:      * The BSD rlogin and rsh daemons that came out after 4.3 BSD disallow
  91:      * socket options at the IP level. They do so for a good reason.
  92:      * Unfortunately, we cannot use this with SunOS 4.1.x because the
  93:      * getsockopt() system call can panic the system.
  94:      */
  95: 
  96: #ifdef KILL_IP_OPTIONS
  97:     fix_options(&request);
  98: #endif
  99: 
 100:     /*
 101:      * Check whether this host can access the service in argv[0]. The
 102:      * access-control code invokes optional shell commands as specified in
 103:      * the access-control tables.
 104:      */
 105: 
 106: #ifdef HOSTS_ACCESS
 107:     if (!hosts_access(&request))
 108:     refuse(&request);
 109: #endif
 110: 
 111:     /* Report request and invoke the real daemon program. */
 112: 
 113:     syslog(allow_severity, "connect from %s", eval_client(&request));
 114:     sprintf(path, "%s/miscd", REAL_DAEMON_DIR);
 115:     (void) execv(path, argv);
 116:     syslog(LOG_ERR, "error: cannot execute %s: %m", path);
 117:     clean_exit(&request);
 118:     /* NOTREACHED */
 119: }

Defined functions

Defined variables

Defined macros