version 1.8, 1997/10/08 07:07:53 |
version 1.9, 1998/07/15 07:31:57 |
|
|
** parse.c This file contains the protocol parser |
** parse.c This file contains the protocol parser |
** |
** |
** This program is in the public domain and may be used freely by anyone |
** This program is in the public domain and may be used freely by anyone |
** who wants to. |
** who wants to. |
** |
** |
** Last update: 6 Dec 1992 |
** Last update: 23 Feb 1994 |
** |
** |
** Please send bug fixes/bug reports to: Peter Eriksson <pen@lysator.liu.se> |
** Please send bug fixes/bug reports to: Peter Eriksson <pen@lysator.liu.se> |
*/ |
*/ |
|
|
|
#ifdef NeXT31 |
|
# include <libc.h> |
|
#endif |
|
|
#include <stdio.h> |
#include <stdio.h> |
|
#include <stdlib.h> |
#include <string.h> |
#include <string.h> |
#include <errno.h> |
#include <errno.h> |
#include <ctype.h> |
#include <ctype.h> |
#include <pwd.h> |
#include <pwd.h> |
#include <stdlib.h> |
#ifdef ALLOW_FORMAT |
|
# include <grp.h> |
|
#endif |
|
|
#include <sys/types.h> |
#include <sys/types.h> |
#include <netinet/in.h> |
#include <netinet/in.h> |
|
|
# include <arpa/inet.h> |
# include <arpa/inet.h> |
#endif |
#endif |
|
|
#include <nlist.h> |
|
#include <kvm.h> |
#include <kvm.h> |
|
|
#include <sys/types.h> |
#include <sys/types.h> |
|
|
extern int errno; |
extern int errno; |
#endif |
#endif |
|
|
|
#if defined(SOLARIS) || defined(__linux__) |
|
# include <string.h> |
|
# include <stdlib.h> |
|
#endif |
|
|
#include "identd.h" |
#include "identd.h" |
#include "error.h" |
#include "error.h" |
|
|
static int eat_whitespace __P((void)); |
static int eat_whitespace __P((void)); |
static int check_noident __P((char *)); |
static int check_noident __P((char *)); |
|
static int valid_fhost(struct in_addr *, char *); |
|
|
/* |
/* |
** This function will eat whitespace characters until |
** This function will eat whitespace characters until |
Line 51 static int eat_whitespace() |
|
Line 63 static int eat_whitespace() |
|
{ |
{ |
int c; |
int c; |
|
|
|
|
while ((c = getchar()) != EOF && |
while ((c = getchar()) != EOF && |
!(c == '\r' || c == '\n')) |
!(c == '\r' || c == '\n')) |
; |
; |
Line 63 static int eat_whitespace() |
|
Line 75 static int eat_whitespace() |
|
|
|
if (c != EOF) |
if (c != EOF) |
ungetc(c, stdin); |
ungetc(c, stdin); |
|
|
return (c != EOF); |
return (c != EOF); |
} |
} |
|
|
Line 85 static int valid_fhost(faddr, password) |
|
Line 97 static int valid_fhost(faddr, password) |
|
{ |
{ |
if (strcmp(inet_ntoa(*faddr), indirect_host)) |
if (strcmp(inet_ntoa(*faddr), indirect_host)) |
{ |
{ |
syslog(LOG_NOTICE, "valid_fhost: access denied for: %s", |
syslog(LOG_NOTICE, "valid_fhost: Access Denied for: %s", |
gethost(faddr)); |
gethost(faddr)); |
return 0; |
return 0; |
} |
} |
Line 94 static int valid_fhost(faddr, password) |
|
Line 106 static int valid_fhost(faddr, password) |
|
{ |
{ |
if (strcmp(gethost(faddr), indirect_host)) |
if (strcmp(gethost(faddr), indirect_host)) |
{ |
{ |
syslog(LOG_NOTICE, "valid_fhost: access denied for: %s", |
syslog(LOG_NOTICE, "valid_fhost: Access Denied for: %s", |
gethost(faddr)); |
gethost(faddr)); |
return 0; |
return 0; |
} |
} |
} |
} |
} |
} |
|
|
if (indirect_password == NULL) |
if (indirect_password == NULL) |
return 1; |
return 1; |
|
|
if (strcmp(password, indirect_password)) |
if (strcmp(password, indirect_password)) |
{ |
{ |
syslog(LOG_NOTICE, "valid_fhost: invalid password from: %s", |
syslog(LOG_NOTICE, "valid_fhost: Invalid password from: %s", |
gethost(faddr)); |
gethost(faddr)); |
return 0; |
return 0; |
} |
} |
Line 125 static int check_noident(homedir) |
|
Line 137 static int check_noident(homedir) |
|
char *tmp_path; |
char *tmp_path; |
struct stat sbuf; |
struct stat sbuf; |
int rcode; |
int rcode; |
|
|
|
|
if (!homedir) |
if (!homedir) |
return 0; |
return 0; |
|
|
tmp_path = (char *) malloc(strlen(homedir) + sizeof("/.noident") + 1); |
tmp_path = (char *) malloc(strlen(homedir) + sizeof("/.noident") + 1); |
if (!tmp_path) |
if (!tmp_path) |
return 0; |
return 0; |
Line 143 static int check_noident(homedir) |
|
Line 155 static int check_noident(homedir) |
|
return (rcode == 0); |
return (rcode == 0); |
} |
} |
|
|
|
#ifdef INCLUDE_CRYPT |
|
/* |
|
** Checks address of incoming call against network/mask pairs of trusted |
|
** networks to determine whether to crypt response or not. |
|
*/ |
|
int check_crypt(faddr) |
|
struct in_addr *faddr; |
|
{ |
|
int i; |
|
extern int netcnt; |
|
extern u_long localnet[], localmask[]; |
|
|
|
for (i = 0; i < netcnt; i++) { |
|
if ((faddr->s_addr & localmask[i]) == localnet[i]) |
|
return 0; |
|
} |
|
return 1; |
|
} |
|
#endif |
|
|
int parse(fp, laddr, faddr) |
int parse(fp, laddr, faddr) |
FILE *fp; |
FILE *fp; |
Line 150 int parse(fp, laddr, faddr) |
|
Line 181 int parse(fp, laddr, faddr) |
|
{ |
{ |
int uid, try, rcode; |
int uid, try, rcode; |
struct passwd *pwp; |
struct passwd *pwp; |
|
#ifdef ALLOW_FORMAT |
|
int pid; |
|
char *cmd, *cmd_and_args; |
|
struct group *grp; |
|
char grname[128]; |
|
#endif |
char lhostaddr[16]; |
char lhostaddr[16]; |
char fhostaddr[16]; |
char fhostaddr[16]; |
char password[33]; |
char password[33]; |
#ifdef INCLUDE_EXTENSIONS |
#if defined(INCLUDE_EXTENSIONS) || defined(STRONG_LOG) |
char arg[33]; |
char arg[33]; |
|
#endif |
|
#ifdef INCLUDE_EXTENSIONS |
int c; |
int c; |
#endif |
#endif |
struct in_addr laddr2; |
struct in_addr laddr2; |
struct in_addr faddr2; |
struct in_addr faddr2; |
|
int k_opened; |
|
|
|
k_opened = 0; |
|
|
|
|
if (debug_flag && syslog_flag) |
if (debug_flag && syslog_flag) |
syslog(LOG_DEBUG, "In function parse()"); |
syslog(LOG_DEBUG, "In function parse()"); |
|
|
|
|
/* |
/* |
** Get the local/foreign port pair from the luser |
** Get the local/foreign port pair from the luser |
*/ |
*/ |
Line 171 int parse(fp, laddr, faddr) |
|
Line 214 int parse(fp, laddr, faddr) |
|
{ |
{ |
if (debug_flag && syslog_flag) |
if (debug_flag && syslog_flag) |
syslog(LOG_DEBUG, " Before fscanf()"); |
syslog(LOG_DEBUG, " Before fscanf()"); |
|
|
faddr2 = *faddr; |
faddr2 = *faddr; |
laddr2 = *laddr; |
laddr2 = *laddr; |
lport = fport = 0; |
lport = fport = 0; |
lhostaddr[0] = fhostaddr[0] = password[0] = '\0'; |
lhostaddr[0] = fhostaddr[0] = password[0] = '\0'; |
|
|
|
|
/* Read query from client */ |
/* Read query from client */ |
rcode = fscanf(fp, " %d , %d", &lport, &fport); |
rcode = fscanf(fp, " %d , %d", &lport, &fport); |
|
|
Line 191 int parse(fp, laddr, faddr) |
|
Line 235 int parse(fp, laddr, faddr) |
|
/* Skip leading space up to EOF, EOL or non-space char */ |
/* Skip leading space up to EOF, EOL or non-space char */ |
while ((c = getc(fp)) == ' ' || c == '\t') |
while ((c = getc(fp)) == ' ' || c == '\t') |
; |
; |
|
|
if (rcode <= 0) |
if (rcode <= 0) |
{ |
{ |
|
#ifdef STRONG_LOG |
|
if (syslog_flag) |
|
syslog(LOG_NOTICE, "from: %s (%s) INVALID REQUEST", |
|
inet_ntoa(*faddr), gethost(faddr)); |
|
#endif |
printf("%d , %d : ERROR : %s\r\n", |
printf("%d , %d : ERROR : %s\r\n", |
lport, fport, |
lport, fport, |
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
Line 206 int parse(fp, laddr, faddr) |
|
Line 255 int parse(fp, laddr, faddr) |
|
*/ |
*/ |
if (strcmp(arg, "VERSION") == 0) |
if (strcmp(arg, "VERSION") == 0) |
{ |
{ |
printf("%d , %d : ERROR : X-VERSION : %s\r\n", lport, fport, |
#ifdef STRONG_LOG |
|
if (syslog_flag) |
|
syslog(LOG_NOTICE, "from: %s (%s) VERSION REQUEST", |
|
inet_ntoa(*faddr), gethost(faddr)); |
|
#endif |
|
#if defined(__TIME__) && defined(__DATE__) |
|
printf("%d , %d : X-VERSION : %s (Compiled: %s %s)\r\n", lport, fport, |
|
version, __TIME__, __DATE__); |
|
#else |
|
printf("%d , %d : X-VERSION : %s\r\n", lport, fport, |
version); |
version); |
|
#endif |
continue; |
continue; |
} |
} |
|
|
Line 222 int parse(fp, laddr, faddr) |
|
Line 281 int parse(fp, laddr, faddr) |
|
|
|
if (!(rcode == 3 || rcode == 4)) |
if (!(rcode == 3 || rcode == 4)) |
{ |
{ |
|
#ifdef STRONG_LOG |
|
if (syslog_flag) |
|
syslog(LOG_NOTICE, "from: %s (%s) INVALID PROXY REQUEST", |
|
inet_ntoa(*faddr), gethost(faddr)); |
|
#endif |
|
|
printf("%d , %d : ERROR : %s\r\n", |
printf("%d , %d : ERROR : %s\r\n", |
lport, fport, |
lport, fport, |
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
Line 229 int parse(fp, laddr, faddr) |
|
Line 294 int parse(fp, laddr, faddr) |
|
} |
} |
|
|
if (rcode == 4) |
if (rcode == 4) |
(void) inet_aton(lhostaddr, &laddr2); |
laddr2.s_addr = inet_addr(lhostaddr); |
|
|
(void) inet_aton(fhostaddr, &faddr2); |
faddr2.s_addr = inet_addr(fhostaddr); |
|
|
|
#ifdef STRONG_LOG |
|
if (syslog_flag) |
|
{ |
|
char a1[64], a2[64], a3[64]; |
|
|
|
strcpy(a1, inet_ntoa(*faddr)); |
|
strcpy(a2, inet_ntoa(faddr2)); |
|
strcpy(a3, inet_ntoa(laddr2)); |
|
|
|
syslog(LOG_NOTICE, |
|
"from: %s (%s) PROXY REQUEST for %d, %d between %s and %s", |
|
a1, gethost(faddr), lport, fport, a2, a3); |
|
} |
|
#endif |
|
|
proxy(&laddr2, &faddr2, lport, fport, NULL); |
proxy(&laddr2, &faddr2, lport, fport, NULL); |
continue; |
continue; |
} |
} |
|
|
/* |
/* |
** Non-standard extended remote indirect request |
** Non-standard extended remote indirect request |
*/ |
*/ |
Line 244 int parse(fp, laddr, faddr) |
|
Line 324 int parse(fp, laddr, faddr) |
|
{ |
{ |
/* We have a colon char, check for port numbers */ |
/* We have a colon char, check for port numbers */ |
rcode = fscanf(fp, " %d , %d", &lport, &fport); |
rcode = fscanf(fp, " %d , %d", &lport, &fport); |
|
|
/* Skip leading space up to EOF, EOL or non-space char */ |
/* Skip leading space up to EOF, EOL or non-space char */ |
while ((c = getc(fp)) == ' ' || c == '\t') |
while ((c = getc(fp)) == ' ' || c == '\t') |
; |
; |
|
|
if (rcode != 2 || c != ':') |
if (rcode != 2 || c != ':') |
{ |
{ |
|
#ifdef STRONG_LOG |
|
if (syslog_flag) |
|
syslog(LOG_NOTICE, "from: %s (%s) INVALID REMOTE REQUEST", |
|
inet_ntoa(*faddr), gethost(faddr)); |
|
#endif |
|
|
printf("%d , %d : ERROR : %s\r\n", |
printf("%d , %d : ERROR : %s\r\n", |
lport, fport, |
lport, fport, |
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
continue; |
continue; |
} |
} |
|
|
/* We have a colon char, check for addr and password */ |
/* We have a colon char, check for addr and password */ |
rcode = fscanf(fp, " %15[0-9.] , %32[^ \t\r\n]", |
rcode = fscanf(fp, " %15[0-9.] , %32[^ \t\r\n]", |
fhostaddr, password); |
fhostaddr, password); |
Line 264 int parse(fp, laddr, faddr) |
|
Line 350 int parse(fp, laddr, faddr) |
|
rcode += 2; |
rcode += 2; |
else |
else |
{ |
{ |
printf("%d , %d : ERROR : %s\r\n", |
#ifdef STRONG_LOG |
lport, fport, |
if (syslog_flag) |
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
syslog(LOG_NOTICE, |
continue; |
"from: %s (%s) INVALID REMOTE REQUEST for %d, %d", |
|
inet_ntoa(*faddr), gethost(faddr), lport, fport); |
|
#endif |
|
printf("%d , %d : ERROR : %s\r\n", |
|
lport, fport, |
|
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
|
continue; |
} |
} |
|
|
/* |
/* |
** Verify that the host originating the indirect request |
** Verify that the host originating the indirect request |
** is allowed to do that |
** is allowed to do that |
*/ |
*/ |
if (!valid_fhost(faddr, password)) |
if (!valid_fhost(faddr, password)) |
{ |
{ |
printf("%d , %d : ERROR : %s\r\n", |
#ifdef STRONG_LOG |
lport, fport, |
if (syslog_flag) |
unknown_flag ? "UNKNOWN-ERROR" : "X-ACCESS-DENIED"); |
syslog(LOG_NOTICE, |
continue; |
"from: %s (%s) REJECTED REMOTE REQUEST for %d, %d with password %s", |
|
inet_ntoa(*faddr), gethost(faddr), lport, fport, |
|
password); |
|
#endif |
|
printf("%d , %d : ERROR : %s\r\n", |
|
lport, fport, |
|
unknown_flag ? "UNKNOWN-ERROR" : "X-ACCESS-DENIED"); |
|
continue; |
} |
} |
|
|
(void) inet_aton(fhostaddr, &faddr2); |
faddr2.s_addr = inet_addr(fhostaddr); |
} |
#ifdef STRONG_LOG |
|
if (syslog_flag) |
|
{ |
|
char a1[64]; |
|
|
|
strcpy(a1, inet_ntoa(*faddr)); |
|
|
|
syslog(LOG_INFO, |
|
"from: %s (%s) REMOTE REQUEST for %d, %d from %s with password %s", |
|
a1, gethost(faddr), lport, fport, |
|
inet_ntoa(faddr2), password); |
|
} |
|
#endif |
|
} |
|
|
else |
else |
{ |
{ |
printf("%d , %d : ERROR : %s\r\n", |
#ifdef STRONG_LOG |
lport, fport, |
if (syslog_flag) |
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
syslog(LOG_NOTICE, "from: %s (%s) UNKNOWN REQUEST: %s", |
continue; |
inet_ntoa(*faddr), gethost(faddr), arg); |
|
#endif |
|
|
|
printf("%d , %d : ERROR : %s\r\n", |
|
lport, fport, |
|
unknown_flag ? "UNKNOWN-ERROR" : "X-INVALID-REQUEST"); |
|
continue; |
} |
} |
} |
} |
#endif /* EXTENSIONS */ |
#endif /* EXTENSIONS */ |
|
|
if (rcode < 2 || lport < 1 || lport > 65535 || fport < 1 || fport > 65535) |
if (rcode < 2 || lport < 1 || lport > 65535 || fport < 1 || fport > 65535) |
{ |
{ |
if (syslog_flag && rcode > 0) |
#ifdef STRONG_LOG |
syslog(LOG_NOTICE, "scanf: invalid-port(s): %d , %d from %s", |
if (syslog_flag) |
lport, fport, gethost(faddr)); |
{ |
|
if (rcode > 0) |
|
/* we have scanned at least one correct port */ |
|
syslog(LOG_NOTICE, |
|
"from: %s (%s) for invalid-port(s): %d , %d", |
|
inet_ntoa(*faddr), gethost(faddr), lport, fport); |
|
else |
|
{ |
|
/* we have scanned nothing at all so try to get the rest */ |
|
if (fscanf(fp, "%32[^\n\r]", arg) <= 0) |
|
syslog(LOG_NOTICE, "from: %s (%s) EMPTY REQUEST", |
|
inet_ntoa(*faddr), gethost(faddr)); |
|
else |
|
syslog(LOG_NOTICE, "from: %s (%s) INVALID REQUEST: %s", |
|
inet_ntoa(*faddr), gethost(faddr), arg); |
|
} |
|
} |
|
#else |
|
if (syslog_flag && rcode > 0) |
|
syslog(LOG_NOTICE, "scanf: invalid-port(s): %d , %d from %s", |
|
lport, fport, gethost(faddr)); |
|
#endif |
|
|
printf("%d , %d : ERROR : %s\r\n", |
printf("%d , %d : ERROR : %s\r\n", |
lport, fport, |
lport, fport, |
unknown_flag ? "UNKNOWN-ERROR" : "INVALID-PORT"); |
unknown_flag ? "UNKNOWN-ERROR" : "INVALID-PORT"); |
continue; |
continue; |
} |
} |
|
|
if (syslog_flag && verbose_flag) |
#ifdef STRONG_LOG |
syslog(LOG_NOTICE, "request for (%d,%d) from %s", |
if (syslog_flag) |
lport, fport, gethost(faddr)); |
{ |
|
syslog(LOG_INFO, "from: %s ( %s ) for: %d, %d", |
|
inet_ntoa(*faddr), gethost(faddr), lport, fport); |
|
} |
|
#endif |
|
|
|
if (debug_flag && syslog_flag) |
|
syslog(LOG_DEBUG, " After fscanf(), before k_open()"); |
|
|
|
|
|
if (! k_opened) |
|
{ |
|
/* |
|
** Open the kernel memory device and read the nlist table |
|
** |
|
** Of course k_open should not call ERROR (which then exits) |
|
** but maybe use syslog(LOG_ERR) and return non-zero. But I am |
|
** too lazy to change them all ... |
|
*/ |
|
if (k_open() != 0) |
|
{ |
|
if (syslog_flag) syslog(LOG_ERR, "k_open call failed"); |
|
printf("%d , %d : ERROR : %s\r\n", |
|
lport, fport, |
|
unknown_flag ? "UNKNOWN-ERROR" : "X-CANNOT-OPEN-KMEM"); |
|
continue; |
|
} |
|
k_opened = 1; |
|
} |
|
|
|
|
if (debug_flag && syslog_flag) |
if (debug_flag && syslog_flag) |
syslog(LOG_DEBUG, " After fscanf(), before k_getuid()"); |
syslog(LOG_DEBUG, " After k_open(), before k_getuid()"); |
|
|
|
|
/* |
/* |
** Next - get the specific TCP connection and return the |
** Get the specific TCP connection and return the uid - user number. |
** uid - user number. |
*/ |
|
|
|
#ifdef ALLOW_FORMAT |
|
/* Initialize values, for architectures that do not set it */ |
|
pid = 0; |
|
cmd = ""; |
|
cmd_and_args = ""; |
|
#endif |
|
|
|
#define MAX_RETRY 20 |
|
/* |
|
** Try to fetch the information MAX_RETRY times in case the |
|
** kernel changed beneath us and we missed or took a fault. |
** |
** |
** Try to fetch the information 5 times incase the |
** Why would we ever fail? Is not there a reliable way for the |
** kernel changed beneath us and we missed or took |
** kernel to identify its sockets? Cannot we use that interface? |
** a fault. |
** |
|
** Used to be 5 times, but often this is not enough on Alpha OSF. |
*/ |
*/ |
|
/* #define SLEEP_BETWEEN_RETRIES 1 */ |
|
/* |
|
** If we failed in k_getuid, that is presumably because the OS was |
|
** busy creating or destroying processes. We may want to sleep for |
|
** a random time between retries, hoping for peace and quiet. |
|
*/ |
|
|
|
/* k_getuid returns 0 on success, any non-zero on failure. */ |
|
|
for (try = 0; |
for (try = 0; |
(try < 5 && |
(try < MAX_RETRY && |
k_getuid(&faddr2, htons(fport), laddr, htons(lport), &uid) == -1); |
k_getuid(&faddr2, htons(fport), laddr, htons(lport), &uid |
|
#ifdef ALLOW_FORMAT |
|
, &pid, &cmd, &cmd_and_args |
|
#endif |
|
) != 0); |
try++) |
try++) |
|
#ifdef SLEEP_BETWEEN_RETRIES |
|
{ |
|
/* Seed the generator: lport should be unique (among other concurrent identd's) */ |
|
if (try < 1) srandom(lport); |
|
/* This gives a max sleep of 0xffff = 65535 microsecs, about 32millisec average */ |
|
usleep(random()&0x00ffff); |
|
} |
|
#else |
; |
; |
|
#endif |
|
|
if (try >= 5) |
if (try >= MAX_RETRY) |
{ |
{ |
if (syslog_flag) |
if (syslog_flag) |
syslog(LOG_DEBUG, "Returned: %d , %d : NO-USER", lport, fport); |
syslog(LOG_INFO, "Returned: %d , %d : NO-USER", lport, fport); |
|
|
printf("%d , %d : ERROR : %s\r\n", |
printf("%d , %d : ERROR : %s\r\n", |
lport, fport, |
lport, fport, |
unknown_flag ? "UNKNOWN-ERROR" : "NO-USER"); |
unknown_flag ? "UNKNOWN-ERROR" : "NO-USER"); |
Line 341 int parse(fp, laddr, faddr) |
|
Line 545 int parse(fp, laddr, faddr) |
|
|
|
if (try > 0 && syslog_flag) |
if (try > 0 && syslog_flag) |
syslog(LOG_NOTICE, "k_getuid retries: %d", try); |
syslog(LOG_NOTICE, "k_getuid retries: %d", try); |
|
|
if (debug_flag && syslog_flag) |
if (debug_flag && syslog_flag) |
syslog(LOG_DEBUG, " After k_getuid(), before getpwuid()"); |
syslog(LOG_DEBUG, " After k_getuid(), before getpwuid()"); |
|
|
Line 350 int parse(fp, laddr, faddr) |
|
Line 554 int parse(fp, laddr, faddr) |
|
** return it as an OTHER identifier |
** return it as an OTHER identifier |
*/ |
*/ |
pwp = getpwuid(uid); |
pwp = getpwuid(uid); |
|
|
if (!pwp) |
if (!pwp || uid != pwp->pw_uid) |
{ |
{ |
if (syslog_flag) |
if (syslog_flag) |
syslog(LOG_WARNING, "getpwuid() could not map uid (%d) to name", |
syslog(LOG_WARNING, "getpwuid() could not map uid (%d) to name", |
uid); |
uid); |
|
|
printf("%d , %d : USERID : OTHER%s%s :%d\r\n", |
printf("%d , %d : USERID : OTHER%s%s : %d\r\n", |
lport, fport, |
lport, fport, |
charset_name ? " , " : "", |
charset_name ? " , " : "", |
charset_name ? charset_name : "", |
charset_name ? charset_name : "", |
Line 365 int parse(fp, laddr, faddr) |
|
Line 569 int parse(fp, laddr, faddr) |
|
continue; |
continue; |
} |
} |
|
|
|
#ifdef ALLOW_FORMAT |
|
grp = getgrgid(pwp->pw_gid); |
|
if (grp && pwp->pw_gid != grp->gr_gid) |
|
{ |
|
if (syslog_flag) |
|
syslog(LOG_WARNING, |
|
"getgrgid() could not map gid (%d) to name (for uid %d, name %s)", |
|
pwp->pw_gid, uid, pwp->pw_name); |
|
|
|
printf("%d , %d : USERID : OTHER%s%s : %d\r\n", |
|
lport, fport, |
|
charset_name ? " , " : "", |
|
charset_name ? charset_name : "", |
|
uid); |
|
continue; |
|
} |
|
if (grp) |
|
sprintf (grname, "%.99s", grp->gr_name); |
|
else |
|
sprintf (grname, "%d", pwp->pw_gid); |
|
#endif |
|
|
/* |
/* |
** Hey! We finally made it!!! |
** Hey! We finally made it!!! |
*/ |
*/ |
|
#ifdef ALLOW_FORMAT |
|
if (syslog_flag) |
|
syslog(LOG_DEBUG, "Successful lookup: %d , %d : %s.%s\n", |
|
lport, fport, pwp->pw_name, grname); |
|
#else |
if (syslog_flag) |
if (syslog_flag) |
syslog(LOG_DEBUG, "Successful lookup: %d , %d : %s\n", |
syslog(LOG_DEBUG, "Successful lookup: %d , %d : %s\n", |
lport, fport, pwp->pw_name); |
lport, fport, pwp->pw_name); |
|
#endif |
|
|
if (noident_flag && check_noident(pwp->pw_dir)) |
if (noident_flag && check_noident(pwp->pw_dir)) |
{ |
{ |
if (syslog_flag && verbose_flag) |
if (syslog_flag) |
syslog(LOG_NOTICE, "user %s requested HIDDEN-USER for host %s: %d, %d", |
syslog(LOG_NOTICE, "User %s requested HIDDEN-USER for host %s: %d, %d", |
pwp->pw_name, |
pwp->pw_name, |
gethost(faddr), |
gethost(faddr), |
lport, fport); |
lport, fport); |
|
|
printf("%d , %d : ERROR : HIDDEN-USER\r\n", |
printf("%d , %d : ERROR : HIDDEN-USER\r\n", |
lport, fport); |
lport, fport); |
continue; |
continue; |
} |
} |
|
|
if (number_flag) |
#ifdef INCLUDE_CRYPT |
printf("%d , %d : USERID : OTHER%s%s :%d\r\n", |
if (crypto_flag && check_crypt(faddr)) |
|
printf("%d , %d : USERID : OTHER%s%s : [%s]\r\n", |
lport, fport, |
lport, fport, |
charset_name ? " , " : "", |
charset_name ? " , " : "", |
charset_name ? charset_name : "", |
charset_name ? charset_name : "", |
uid); |
make_packet (pwp->pw_uid, laddr, lport, faddr, fport)); |
|
else |
|
#endif |
|
#ifdef ALLOW_FORMAT |
|
if (format_flag) |
|
{ |
|
char* cp; |
|
char** gmp; |
|
int bp; |
|
char buff[512]; |
|
for (cp = format, bp = 0; *cp != 0; cp++) |
|
{ |
|
if (*cp == '%') |
|
{ |
|
cp++; |
|
if (*cp == 0) break; |
|
else if (*cp == 'u') sprintf (&buff[bp], "%.*s", 490-bp, pwp->pw_name); |
|
else if (*cp == 'U') sprintf (&buff[bp], "%d", pwp->pw_uid); |
|
else if (*cp == 'g') sprintf (&buff[bp], "%.*s", 490-bp, grname); |
|
else if (*cp == 'G') sprintf (&buff[bp], "%d", pwp->pw_gid); |
|
else if (*cp == 'c') sprintf (&buff[bp], "%.*s", 490-bp, cmd); |
|
else if (*cp == 'C') sprintf (&buff[bp], "%.*s", 490-bp, cmd_and_args); |
|
else if (*cp == 'l') { |
|
sprintf (&buff[bp], "%.*s", 490-bp, grname); |
|
bp += strlen(&buff[bp]); if (bp >= 490) break; |
|
setgrent(); |
|
while ((grp = getgrent()) != NULL) { |
|
if (grp->gr_gid == pwp->pw_gid) continue; |
|
for (gmp = grp->gr_mem; *gmp && **gmp; gmp++) { |
|
if (! strcmp(*gmp, pwp->pw_name)) { |
|
sprintf (&buff[bp], ",%.*s", 490-bp, grp->gr_name); |
|
bp += strlen(&buff[bp]); |
|
break; |
|
} |
|
} |
|
if (bp >= 490) break; |
|
} |
|
endgrent(); |
|
} |
|
else if (*cp == 'L') { |
|
sprintf (&buff[bp], "%d", pwp->pw_gid); |
|
bp += strlen(&buff[bp]); if (bp >= 490) break; |
|
setgrent(); |
|
while ((grp = getgrent()) != NULL) { |
|
if (grp->gr_gid == pwp->pw_gid) continue; |
|
for (gmp = grp->gr_mem; *gmp && **gmp; gmp++) { |
|
if (! strcmp(*gmp, pwp->pw_name)) { |
|
sprintf (&buff[bp], ",%d", grp->gr_gid); |
|
bp += strlen(&buff[bp]); |
|
break; |
|
} |
|
} |
|
if (bp >= 490) break; |
|
} |
|
endgrent(); |
|
} |
|
else if (*cp == 'p') sprintf (&buff[bp], "%d", pid); |
|
else { buff[bp] = *cp; buff[bp+1] = 0; } |
|
bp += strlen(&buff[bp]); if (bp >= 490) break; |
|
} |
|
else { buff[bp++] = *cp; if (bp >= 490) break; } |
|
} |
|
if (bp >= 490) { sprintf(&buff[490], "..."); bp = 493; } |
|
buff[bp] = 0; |
|
printf("%d , %d : USERID : %s%s%s :%s\r\n", |
|
lport, fport, |
|
other_flag ? "OTHER" : "UNIX", |
|
charset_name ? " , " : "", |
|
charset_name ? charset_name : "", |
|
buff); |
|
} |
else |
else |
|
#endif |
printf("%d , %d : USERID : %s%s%s :%s\r\n", |
printf("%d , %d : USERID : %s%s%s :%s\r\n", |
lport, fport, |
lport, fport, |
other_flag ? "OTHER" : "UNIX", |
other_flag ? "OTHER" : "UNIX", |
charset_name ? " , " : "", |
charset_name ? " , " : "", |
charset_name ? charset_name : "", |
charset_name ? charset_name : "", |
pwp->pw_name); |
pwp->pw_name); |
|
|
} while(fflush(stdout), fflush(stderr), multi_flag && eat_whitespace()); |
} while(fflush(stdout), fflush(stderr), multi_flag && eat_whitespace()); |
|
|
return 0; |
return 0; |