1 | /* |
---|
2 | * tli_host() determines the type of transport (connected, connectionless), |
---|
3 | * the transport address of a client host, and the transport address of a |
---|
4 | * server endpoint. In addition, it provides methods to map a transport |
---|
5 | * address to a printable host name or address. Socket address results are |
---|
6 | * in static memory; tli structures are allocated from the heap. |
---|
7 | * |
---|
8 | * The result from the hostname lookup method is STRING_PARANOID when a host |
---|
9 | * pretends to have someone elses name, or when a host name is available but |
---|
10 | * could not be verified. |
---|
11 | * |
---|
12 | * Diagnostics are reported through syslog(3). |
---|
13 | * |
---|
14 | * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. |
---|
15 | */ |
---|
16 | |
---|
17 | #ifndef lint |
---|
18 | static char sccsid[] = "@(#) tli.c 1.15 97/03/21 19:27:25"; |
---|
19 | #endif |
---|
20 | |
---|
21 | #ifdef TLI |
---|
22 | |
---|
23 | /* System libraries. */ |
---|
24 | |
---|
25 | #include <sys/types.h> |
---|
26 | #include <sys/param.h> |
---|
27 | #include <sys/stream.h> |
---|
28 | #include <sys/stat.h> |
---|
29 | #include <sys/mkdev.h> |
---|
30 | #include <sys/tiuser.h> |
---|
31 | #include <sys/timod.h> |
---|
32 | #include <sys/socket.h> |
---|
33 | #include <netinet/in.h> |
---|
34 | #include <stdio.h> |
---|
35 | #include <syslog.h> |
---|
36 | #include <errno.h> |
---|
37 | #include <netconfig.h> |
---|
38 | #include <netdir.h> |
---|
39 | #include <string.h> |
---|
40 | |
---|
41 | extern char *nc_sperror(); |
---|
42 | extern int errno; |
---|
43 | extern char *sys_errlist[]; |
---|
44 | extern int sys_nerr; |
---|
45 | extern int t_errno; |
---|
46 | extern char *t_errlist[]; |
---|
47 | extern int t_nerr; |
---|
48 | |
---|
49 | /* Local stuff. */ |
---|
50 | |
---|
51 | #include "tcpd.h" |
---|
52 | |
---|
53 | /* Forward declarations. */ |
---|
54 | |
---|
55 | static void tli_endpoints(); |
---|
56 | static struct netconfig *tli_transport(); |
---|
57 | static void tli_hostname(); |
---|
58 | static void tli_hostaddr(); |
---|
59 | static void tli_cleanup(); |
---|
60 | static char *tli_error(); |
---|
61 | static void tli_sink(); |
---|
62 | |
---|
63 | /* tli_host - look up endpoint addresses and install conversion methods */ |
---|
64 | |
---|
65 | void tli_host(request) |
---|
66 | struct request_info *request; |
---|
67 | { |
---|
68 | static struct sockaddr_in client; |
---|
69 | static struct sockaddr_in server; |
---|
70 | |
---|
71 | /* |
---|
72 | * If we discover that we are using an IP transport, pretend we never |
---|
73 | * were here. Otherwise, use the transport-independent method and stick |
---|
74 | * to generic network addresses. XXX hard-coded protocol family name. |
---|
75 | */ |
---|
76 | |
---|
77 | tli_endpoints(request); |
---|
78 | if ((request->config = tli_transport(request->fd)) != 0 |
---|
79 | && STR_EQ(request->config->nc_protofmly, "inet")) { |
---|
80 | if (request->client->unit != 0) { |
---|
81 | client = *(struct sockaddr_in *) request->client->unit->addr.buf; |
---|
82 | request->client->sin = &client; |
---|
83 | } |
---|
84 | if (request->server->unit != 0) { |
---|
85 | server = *(struct sockaddr_in *) request->server->unit->addr.buf; |
---|
86 | request->server->sin = &server; |
---|
87 | } |
---|
88 | tli_cleanup(request); |
---|
89 | sock_methods(request); |
---|
90 | } else { |
---|
91 | request->hostname = tli_hostname; |
---|
92 | request->hostaddr = tli_hostaddr; |
---|
93 | request->cleanup = tli_cleanup; |
---|
94 | } |
---|
95 | } |
---|
96 | |
---|
97 | /* tli_cleanup - cleanup some dynamically-allocated data structures */ |
---|
98 | |
---|
99 | static void tli_cleanup(request) |
---|
100 | struct request_info *request; |
---|
101 | { |
---|
102 | if (request->config != 0) |
---|
103 | freenetconfigent(request->config); |
---|
104 | if (request->client->unit != 0) |
---|
105 | t_free((char *) request->client->unit, T_UNITDATA); |
---|
106 | if (request->server->unit != 0) |
---|
107 | t_free((char *) request->server->unit, T_UNITDATA); |
---|
108 | } |
---|
109 | |
---|
110 | /* tli_endpoints - determine TLI client and server endpoint information */ |
---|
111 | |
---|
112 | static void tli_endpoints(request) |
---|
113 | struct request_info *request; |
---|
114 | { |
---|
115 | struct t_unitdata *server; |
---|
116 | struct t_unitdata *client; |
---|
117 | int fd = request->fd; |
---|
118 | int flags; |
---|
119 | |
---|
120 | /* |
---|
121 | * Determine the client endpoint address. With unconnected services, peek |
---|
122 | * at the sender address of the pending protocol data unit without |
---|
123 | * popping it off the receive queue. This trick works because only the |
---|
124 | * address member of the unitdata structure has been allocated. |
---|
125 | * |
---|
126 | * Beware of successful returns with zero-length netbufs (for example, |
---|
127 | * Solaris 2.3 with ticlts transport). The netdir(3) routines can't |
---|
128 | * handle that. Assume connection-less transport when TI_GETPEERNAME |
---|
129 | * produces no usable result, even when t_rcvudata() is unable to figure |
---|
130 | * out the peer address. Better to hang than to loop. |
---|
131 | */ |
---|
132 | |
---|
133 | if ((client = (struct t_unitdata *) t_alloc(fd, T_UNITDATA, T_ADDR)) == 0) { |
---|
134 | tcpd_warn("t_alloc: %s", tli_error()); |
---|
135 | return; |
---|
136 | } |
---|
137 | if (ioctl(fd, TI_GETPEERNAME, &client->addr) < 0 || client->addr.len == 0) { |
---|
138 | request->sink = tli_sink; |
---|
139 | if (t_rcvudata(fd, client, &flags) < 0 || client->addr.len == 0) { |
---|
140 | tcpd_warn("can't get client address: %s", tli_error()); |
---|
141 | t_free((void *) client, T_UNITDATA); |
---|
142 | return; |
---|
143 | } |
---|
144 | } |
---|
145 | request->client->unit = client; |
---|
146 | |
---|
147 | /* |
---|
148 | * Look up the server endpoint address. This can be used for filtering on |
---|
149 | * server address or name, or to look up the client user. |
---|
150 | */ |
---|
151 | |
---|
152 | if ((server = (struct t_unitdata *) t_alloc(fd, T_UNITDATA, T_ADDR)) == 0) { |
---|
153 | tcpd_warn("t_alloc: %s", tli_error()); |
---|
154 | return; |
---|
155 | } |
---|
156 | if (ioctl(fd, TI_GETMYNAME, &server->addr) < 0) { |
---|
157 | tcpd_warn("TI_GETMYNAME: %m"); |
---|
158 | t_free((void *) server, T_UNITDATA); |
---|
159 | return; |
---|
160 | } |
---|
161 | request->server->unit = server; |
---|
162 | } |
---|
163 | |
---|
164 | /* tli_transport - find out TLI transport type */ |
---|
165 | |
---|
166 | static struct netconfig *tli_transport(fd) |
---|
167 | int fd; |
---|
168 | { |
---|
169 | struct stat from_client; |
---|
170 | struct stat from_config; |
---|
171 | void *handlep; |
---|
172 | struct netconfig *config; |
---|
173 | |
---|
174 | /* |
---|
175 | * Assuming that the network device is a clone device, we must compare |
---|
176 | * the major device number of stdin to the minor device number of the |
---|
177 | * devices listed in the netconfig table. |
---|
178 | */ |
---|
179 | |
---|
180 | if (fstat(fd, &from_client) != 0) { |
---|
181 | tcpd_warn("fstat(fd %d): %m", fd); |
---|
182 | return (0); |
---|
183 | } |
---|
184 | if ((handlep = setnetconfig()) == 0) { |
---|
185 | tcpd_warn("setnetconfig: %m"); |
---|
186 | return (0); |
---|
187 | } |
---|
188 | while (config = getnetconfig(handlep)) { |
---|
189 | if (stat(config->nc_device, &from_config) == 0) { |
---|
190 | if (minor(from_config.st_rdev) == major(from_client.st_rdev)) |
---|
191 | break; |
---|
192 | } |
---|
193 | } |
---|
194 | if (config == 0) { |
---|
195 | tcpd_warn("unable to identify transport protocol"); |
---|
196 | return (0); |
---|
197 | } |
---|
198 | |
---|
199 | /* |
---|
200 | * Something else may clobber our getnetconfig() result, so we'd better |
---|
201 | * acquire our private copy. |
---|
202 | */ |
---|
203 | |
---|
204 | if ((config = getnetconfigent(config->nc_netid)) == 0) { |
---|
205 | tcpd_warn("getnetconfigent(%s): %s", config->nc_netid, nc_sperror()); |
---|
206 | return (0); |
---|
207 | } |
---|
208 | return (config); |
---|
209 | } |
---|
210 | |
---|
211 | /* tli_hostaddr - map TLI transport address to printable address */ |
---|
212 | |
---|
213 | static void tli_hostaddr(host) |
---|
214 | struct host_info *host; |
---|
215 | { |
---|
216 | struct request_info *request = host->request; |
---|
217 | struct netconfig *config = request->config; |
---|
218 | struct t_unitdata *unit = host->unit; |
---|
219 | char *uaddr; |
---|
220 | |
---|
221 | if (config != 0 && unit != 0 |
---|
222 | && (uaddr = taddr2uaddr(config, &unit->addr)) != 0) { |
---|
223 | STRN_CPY(host->addr, uaddr, sizeof(host->addr)); |
---|
224 | free(uaddr); |
---|
225 | } |
---|
226 | } |
---|
227 | |
---|
228 | /* tli_hostname - map TLI transport address to hostname */ |
---|
229 | |
---|
230 | static void tli_hostname(host) |
---|
231 | struct host_info *host; |
---|
232 | { |
---|
233 | struct request_info *request = host->request; |
---|
234 | struct netconfig *config = request->config; |
---|
235 | struct t_unitdata *unit = host->unit; |
---|
236 | struct nd_hostservlist *servlist; |
---|
237 | |
---|
238 | if (config != 0 && unit != 0 |
---|
239 | && netdir_getbyaddr(config, &servlist, &unit->addr) == ND_OK) { |
---|
240 | |
---|
241 | struct nd_hostserv *service = servlist->h_hostservs; |
---|
242 | struct nd_addrlist *addr_list; |
---|
243 | int found = 0; |
---|
244 | |
---|
245 | if (netdir_getbyname(config, service, &addr_list) != ND_OK) { |
---|
246 | |
---|
247 | /* |
---|
248 | * Unable to verify that the name matches the address. This may |
---|
249 | * be a transient problem or a botched name server setup. We |
---|
250 | * decide to play safe. |
---|
251 | */ |
---|
252 | |
---|
253 | tcpd_warn("can't verify hostname: netdir_getbyname(%.*s) failed", |
---|
254 | STRING_LENGTH, service->h_host); |
---|
255 | |
---|
256 | } else { |
---|
257 | |
---|
258 | /* |
---|
259 | * Look up the host address in the address list we just got. The |
---|
260 | * comparison is done on the textual representation, because the |
---|
261 | * transport address is an opaque structure that may have holes |
---|
262 | * with uninitialized garbage. This approach obviously loses when |
---|
263 | * the address does not have a textual representation. |
---|
264 | */ |
---|
265 | |
---|
266 | char *uaddr = eval_hostaddr(host); |
---|
267 | char *ua; |
---|
268 | int i; |
---|
269 | |
---|
270 | for (i = 0; found == 0 && i < addr_list->n_cnt; i++) { |
---|
271 | if ((ua = taddr2uaddr(config, &(addr_list->n_addrs[i]))) != 0) { |
---|
272 | found = !strcmp(ua, uaddr); |
---|
273 | free(ua); |
---|
274 | } |
---|
275 | } |
---|
276 | netdir_free((void *) addr_list, ND_ADDRLIST); |
---|
277 | |
---|
278 | /* |
---|
279 | * When the host name does not map to the initial address, assume |
---|
280 | * someone has compromised a name server. More likely someone |
---|
281 | * botched it, but that could be dangerous, too. |
---|
282 | */ |
---|
283 | |
---|
284 | if (found == 0) |
---|
285 | tcpd_warn("host name/address mismatch: %s != %.*s", |
---|
286 | host->addr, STRING_LENGTH, service->h_host); |
---|
287 | } |
---|
288 | STRN_CPY(host->name, found ? service->h_host : paranoid, |
---|
289 | sizeof(host->name)); |
---|
290 | netdir_free((void *) servlist, ND_HOSTSERVLIST); |
---|
291 | } |
---|
292 | } |
---|
293 | |
---|
294 | /* tli_error - convert tli error number to text */ |
---|
295 | |
---|
296 | static char *tli_error() |
---|
297 | { |
---|
298 | static char buf[40]; |
---|
299 | |
---|
300 | if (t_errno != TSYSERR) { |
---|
301 | if (t_errno < 0 || t_errno >= t_nerr) { |
---|
302 | sprintf(buf, "Unknown TLI error %d", t_errno); |
---|
303 | return (buf); |
---|
304 | } else { |
---|
305 | return (t_errlist[t_errno]); |
---|
306 | } |
---|
307 | } else { |
---|
308 | if (errno < 0 || errno >= sys_nerr) { |
---|
309 | sprintf(buf, "Unknown UNIX error %d", errno); |
---|
310 | return (buf); |
---|
311 | } else { |
---|
312 | return (sys_errlist[errno]); |
---|
313 | } |
---|
314 | } |
---|
315 | } |
---|
316 | |
---|
317 | /* tli_sink - absorb unreceived datagram */ |
---|
318 | |
---|
319 | static void tli_sink(fd) |
---|
320 | int fd; |
---|
321 | { |
---|
322 | struct t_unitdata *unit; |
---|
323 | int flags; |
---|
324 | |
---|
325 | /* |
---|
326 | * Something went wrong. Absorb the datagram to keep inetd from looping. |
---|
327 | * Allocate storage for address, control and data. If that fails, sleep |
---|
328 | * for a couple of seconds in an attempt to keep inetd from looping too |
---|
329 | * fast. |
---|
330 | */ |
---|
331 | |
---|
332 | if ((unit = (struct t_unitdata *) t_alloc(fd, T_UNITDATA, T_ALL)) == 0) { |
---|
333 | tcpd_warn("t_alloc: %s", tli_error()); |
---|
334 | sleep(5); |
---|
335 | } else { |
---|
336 | (void) t_rcvudata(fd, unit, &flags); |
---|
337 | t_free((void *) unit, T_UNITDATA); |
---|
338 | } |
---|
339 | } |
---|
340 | |
---|
341 | #endif /* TLI */ |
---|