Usenet 1994 January

home *** CD-ROM | disk | FTP | other *** search

/ Usenet 1994 January / usenetsourcesnewsgroupsinfomagicjanuary1994.iso / sources / unix / volume23 / pty / part01 next >

Wrap

Internet Message Format | 1991-01-08 | 54.6 KB

Path: j.cc.purdue.edu!mentor.cc.purdue.edu!noose.ecn.purdue.edu!samsung!uunet!papaya.bbn.com!rsalz From: rsalz@bbn.com (Rich Salz) Newsgroups: comp.sources.unix Subject: v23i031: Run a program under a pty session, Part01/06 Message-ID: <2881@litchi.bbn.com> Date: 10 Oct 90 14:15:59 GMT Organization: BBN Systems and Technologies, Cambridge MA Lines: 1671 Approved: rsalz@uunet.UU.NET X-Checksum-Snefru: c8bfce4a 3a9f2967 7f682eaf c4c836ba Submitted-by: Dan Bernstein <brnstnd@kramden.acf.nyu.edu> Posting-number: Volume 23, Issue 31 Archive-name: pty/part01 [ This is the Ginsu knife (it slices, it dices, it never rusts) that Dan has been talking about in comp.unix.wixards/internals for some time now. It is a mind-blower. --r$ ] pty - run a program under a pty session pty is meant as the sole interface between pseudo-terminals and the rest of the system. Some features: improved security; over fifty options for precise control; session disconnecting and reconnecting; full efficiency after a reconnect; a gradual upgrade path so that all your old utilities will work without change; support for applications that need full pty control; and a reasonably smart install script. Also in this package are twenty-one utilities, including a ``script'' that actually works. pty has been thoroughly tested on several BSD 4.3-based machines and tested on several BSD 4.2-based machines. It should be easy to port to any system supporting pseudo-terminals and UNIX-domain sockets. If you know any application of ptys that this program can't handle, or if you have a different machine that would benefit from the modularity and power of a pty port, please let the author know. pty does not work under POSIX-based machines (such as SunOS 4.1), even when it works perfectly under their predecessors (such as SunOS 4.0.3). The main problem is POSIX's introduction of sessions and the way it kills a non-orphaned process in an orphaned process group. There are other incompatibilities, mostly minor but some (like accounting and setuid problems) important. The author is working on a POSIX port. #! /bin/sh # This is a shell archive. Remove anything before this line, then feed it # into a shell via "sh file" or similar. To overwrite existing files, # type "sh file -c". # The tool that generated this appeared in the comp.sources.unix newsgroup; # send mail to comp-sources-unix@uunet.uu.net if you want that tool. # Contents: PACKNOTES README MANIFEST FILES INSTALL patch # patch/telnetd.90.06.28.patch util # Wrapped by rsalz@litchi.bbn.com on Wed Oct 10 10:11:35 1990 PATH=/bin:/usr/bin:/usr/ucb ; export PATH echo If this archive is complete, you will see the following message: echo ' "shar: End of archive 1 (of 6)."' if test -f 'PACKNOTES' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'PACKNOTES'\" else echo shar: Extracting \"'PACKNOTES'\" $1756 characters$ sed "s/^X//" >'PACKNOTES' <<'END_OF_FILE' XBad character 010 in line 384 of "INSTALL". XBad character 010 in line 385 of "INSTALL". XBad character 010 in line 401 of "INSTALL". XBad character 010 in line 402 of "INSTALL". XBad character 010 in line 428 of "INSTALL". XBad character 010 in line 429 of "INSTALL". XBad character 010 in line 443 of "INSTALL". XBad character 010 in line 444 of "INSTALL". XBad character 010 in line 467 of "INSTALL". XBad character 010 in line 468 of "INSTALL". XFound 10 control chars in "INSTALL" X XBad character 07 in line 98 of "util/write.c". XFound 1 control char in "util/write.c" X XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 30 of "util/lock.c". XBad character 07 in line 34 of "util/lock.c". XBad character 07 in line 36 of "util/lock.c". XBad character 07 in line 38 of "util/lock.c". XFound 20 control chars in "util/lock.c" X XBad character 07 in line 53 of "util/wall.c". XFound 1 control char in "util/wall.c" X XBad character 010 in line 2 of "util/script.tidy". XBad character 010 in line 2 of "util/script.tidy". XFound 2 control chars in "util/script.tidy" END_OF_FILE if test 1756 -ne `wc -c <'PACKNOTES'`; then echo shar: \"'PACKNOTES'\" unpacked with wrong size! fi # end of 'PACKNOTES' fi if test -f 'README' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'README'\" else echo shar: Extracting \"'README'\" $3922 characters$ sed "s/^X//" >'README' <<'END_OF_FILE' Xpty - run a program under a pty session X Xpty is meant as the sole interface between pseudo-terminals and the rest Xof the system. Some features: improved security; over fifty options for Xprecise control; session disconnecting and reconnecting; full efficiency Xafter a reconnect; a gradual upgrade path so that all your old utilities Xwill work without change; support for applications that need full pty Xcontrol; and a reasonably smart install script. Also in this package are Xtwenty-one utilities, including a ``script'' that actually works. X Xpty has been thoroughly tested on several BSD 4.3-based machines and Xtested on several BSD 4.2-based machines. It should be easy to port to Xany system supporting pseudo-terminals and UNIX-domain sockets. If you Xknow any application of ptys that this program can't handle, or if you Xhave a different machine that would benefit from the modularity and Xpower of a pty port, please let the author know. X X Xpty does not work under POSIX-based machines (such as SunOS 4.1), even Xwhen it works perfectly under their predecessors (such as SunOS 4.0.3). XThe main problem is POSIX's introduction of sessions and the way it Xkills a non-orphaned process in an orphaned process group. There are Xother incompatibilities, mostly minor but some (like accounting and Xsetuid problems) important. The author is working on a POSIX port. X X Xpty version 3.001, August 21, 1990. XCopyright (c) 1990, Daniel J. Bernstein. XAll rights reserved. X XThis distribution packaged August 22, 1990. X XGeneral layout: XCHANGES Description of changes since first distributed version XCOPYRIGHT A comprehensible copyright notice XFILES File list (used by make shar) XINSTALL A script to guide you through compilation and installation XINSTALLREADABLE INSTALL's information, in a format you can reasonably edit XMANIFEST Shipping list XQUESTIONS Some questions that pty answers XREADME This document XTESTS A script to guide you through some tests XMakefile Installation commands X*.c Programs X*.h Header files Xpty.man Documentation Xpatch/* Patches to other programs to better use pty Xutil/* Utilities X XBefore you do anything else, run the INSTALL script. It'll guide you Xthrough compiling and installing pty and the utilities. Then run TESTS Xto exercise a few of pty's features on your system. patch/ is separate; Xread patch/README at your leisure. X XRead CHANGES for a list of changes. pty -C and pty -W give copyright and Xwarranty information; pty -H prints a help screen. X XNote that INSTALL, util/lock.c, util/script.tidy, util/write.c, and Xutil/wall.c all contain control characters. X X XKnown problems: X XPOSIX compatibility---might as well do complete rewrite Xlast was removed but is mentioned in INSTALL and INSTALLREADABLE XINSTALL's usleep test is not accurate in Ultrix 3.1C (aargh) Xchildsig = SIGCONT for TSTP in master.c? XPIPE should be handled by finish in sigler.c for NO_FDPASSING folks Xsesslist gives error for a session directory not yet created Xpty -H lists /etc/wtmp---guaranteed to confuse some people XQUESTIONS and TESTS list sed ... | more, race; more should be grep x Xon cannot chdir to session directory, pty does not restore correctly X (set up your session directory correctly!) X X XTODO list: X XINSTALLSU script, for the final stages of installation Xfix PTYDIR propagation into utilities Xvhangup()? this is a sticky issue. probably not but we'll see Xlocking on /etc/utmp and /usr/adm/wtmp? not necessary if APPEND works Xgenerally handle signals better in sigler Xclean up ``last'' and include it in package X``detach''? not yet, for reasons discussed in paper Xmust pty really stop on pty -T ... &? X``utmpinit'', so that pty and login will get along---generally useful X X XMore comprehensive discussion will be available soon in ``The Design, XImplementation, and Use of a Pseudo-Terminal Manager.'' END_OF_FILE if test 3922 -ne `wc -c <'README'`; then echo shar: \"'README'\" unpacked with wrong size! fi # end of 'README' fi if test -f 'MANIFEST' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'MANIFEST'\" else echo shar: Extracting \"'MANIFEST'\" $2906 characters$ sed "s/^X//" >'MANIFEST' <<'END_OF_FILE' X File Name Archive # Description X---------------------------------------------------------- XPACKNOTES 1 XREADME 1 XMANIFEST 1 This shipping list XCHANGES 5 XCOPYRIGHT 4 XFILES 1 XINSTALL 1 XINSTALLREADABLE 2 XMakefile 5 XQUESTIONS 4 XTESTS 4 Xconfig.h 3 Xerr.c 5 Xerr.h 6 Xfile.h 6 Xfile.h.new 6 Xfile.h.old 5 Xgetopt.h 6 Xglobals.c 5 Xlogs.c 3 Xlogs.h 6 Xmaster.c 2 Xmaster.h 6 Xmisc.c 5 Xmisc.h 6 Xpatch 1 Xpatch/Makefile 4 Xpatch/README 4 Xpatch/TELNET.FTP 6 Xpatch/igntt.c 5 Xpatch/telnetd.90.06.28.patch 1 Xpty.1 3 Xpty.c 2 Xpty.h 5 Xsig.c 4 Xsig.h 5 Xsigler.c 3 Xsigler.h 6 Xslave.c 4 Xslave.h 6 Xsock.c 3 Xsock.h 5 Xtexts.c 4 Xtexts.h 6 Xtty.c 3 Xtty.h 5 Xutil 1 Xutil/Makefile 3 Xutil/biff.1 5 Xutil/biff.c 4 Xutil/condom 6 Xutil/condom.1 5 Xutil/disconnect.1 5 Xutil/disconnect.c 5 Xutil/excloff.1 6 Xutil/excloff.c 6 Xutil/exclon.1 5 Xutil/exclon.c 6 Xutil/lock.1 5 Xutil/lock.c 5 Xutil/mesg.1 5 Xutil/mesg.c 5 Xutil/reconnect.1 5 Xutil/reconnect.c 5 Xutil/script 6 Xutil/script.1 5 Xutil/script.tidy 6 Xutil/script.tidy.1 5 Xutil/sess 6 Xutil/sess.1 5 Xutil/sesskill.1 5 Xutil/sesskill.c 5 Xutil/sesslist.1 5 Xutil/sesslist.c 4 Xutil/sessname.1 5 Xutil/sessname.c 5 Xutil/sessuser.1 4 Xutil/sessuser.c 4 Xutil/sessutil.c 4 Xutil/sessutil.h 5 Xutil/tiocsti.1 6 Xutil/tiocsti.c 6 Xutil/tty.1 6 Xutil/tty.c 6 Xutil/u.1 5 Xutil/u.c 5 Xutil/wall.1 5 Xutil/wall.c 5 Xutil/who.1 5 Xutil/who.c 5 Xutil/write.1 5 Xutil/write.c 4 Xutil/xsessutil.c 4 END_OF_FILE if test 2906 -ne `wc -c <'MANIFEST'`; then echo shar: \"'MANIFEST'\" unpacked with wrong size! fi # end of 'MANIFEST' fi if test -f 'FILES' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'FILES'\" else echo shar: Extracting \"'FILES'\" $1052 characters$ sed "s/^X//" >'FILES' <<'END_OF_FILE' XCHANGES XREADME XFILES XCOPYRIGHT XMANIFEST XINSTALL XINSTALLREADABLE XTESTS XQUESTIONS XMakefile Xpty.1 Xconfig.h Xpty.h Xsigler.h Xmaster.h Xslave.h Xerr.h Xtty.h Xgetopt.h Xtexts.h Xsig.h Xlogs.h Xfile.h Xfile.h.old Xfile.h.new Xsock.h Xmisc.h Xpty.c Xsigler.c Xmaster.c Xslave.c Xerr.c Xtty.c Xtexts.c Xsig.c Xglobals.c Xlogs.c Xsock.c Xmisc.c Xpatch Xpatch/README Xpatch/TELNET.FTP Xpatch/Makefile Xpatch/telnetd.90.06.28.patch Xpatch/igntt.c Xutil Xutil/Makefile Xutil/biff.1 Xutil/biff.c Xutil/condom Xutil/condom.1 Xutil/disconnect.1 Xutil/disconnect.c Xutil/excloff.1 Xutil/excloff.c Xutil/exclon.1 Xutil/exclon.c Xutil/lock.1 Xutil/lock.c Xutil/mesg.1 Xutil/mesg.c Xutil/reconnect.1 Xutil/reconnect.c Xutil/script Xutil/script.1 Xutil/script.tidy Xutil/script.tidy.1 Xutil/sess Xutil/sess.1 Xutil/sesskill.1 Xutil/sesskill.c Xutil/sesslist.1 Xutil/sesslist.c Xutil/sessname.1 Xutil/sessname.c Xutil/sessuser.1 Xutil/sessuser.c Xutil/sessutil.c Xutil/sessutil.h Xutil/tiocsti.1 Xutil/tiocsti.c Xutil/tty.1 Xutil/tty.c Xutil/u.1 Xutil/u.c Xutil/wall.1 Xutil/wall.c Xutil/who.1 Xutil/who.c Xutil/write.1 Xutil/write.c Xutil/xsessutil.c END_OF_FILE if test 1052 -ne `wc -c <'FILES'`; then echo shar: \"'FILES'\" unpacked with wrong size! fi # end of 'FILES' fi if test -f 'INSTALL' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'INSTALL'\" else echo shar: Extracting \"'INSTALL'\" $25242 characters$ sed "s/^X//" >'INSTALL' <<'END_OF_FILE' X#!/bin/sh X# This is a shell script. Feed it to sh. Xecho ' XHi, and welcome to the pty install script. Xpty is a program for managing pseudo-terminals. X XI'\''m not actually going to install anything. XI'\''ll just guide you through what has to be done, Xfrom compiling through installation. X XOne advantage of this hands-off philosophy is that Xyou can kill and restart this script at any time. XYou may prefer to read through INSTALLREADABLE, Xwhich has the same information. X XIn the first part of this script, I'\''ll lead you through configuration. XFor the moment, don'\''t actually change anything in your system. Just Xalternate between reading this script and fooling around with the XMakefile, and I'\''ll remind you later, after compilation, of what has Xto be changed elsewhere. X XI need the following programs: echo, tr [-d], man, sed [-n], grep, test. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XThe first versions of pty were designed on a BSD 4.2-based system. XDuring May 1990 pty 3.0 was written completely from scratch, Xon a BSD 4.3-based system. It has been thoroughly tested on Xseveral BSD 4.3-based systems, tested with a few Makefile changes Xon several BSD 4.2-based systems, and run on at least one mutant. X XIf you make it through installation and testing and get pty running, Xplease send a note to the author, Dan Bernstein, on the Internet Xat brnstnd@nyu.edu. Let him know your computer model, OS version, and Xwhat changes you had to make. If you have any trouble, please also get Xin touch with the author. If you have a different kind of system with Xpseudo-terminal support that could use a pty port, the author would Xlove to hear about it. X XOne note: Like all software, pty comes without warranty, to the extent Xpermitted by applicable law. Use it at your own risk. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XI assume that you don'\''t want to make any major changes Xto your computer just to take advantage of pty'\''s capabilities. XYou might not even have a privileged account, for all I know. X XThe first major decision you have to make is what privileges to give pty. XObviously if you don'\''t have privileges then pty won'\''t either; Xthis is Case UN. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XThere are several good reasons for giving programs privileges. XMost importantly, privileged programs can precisely control access Xto a shared resource. pty supports an interactive user list in X/etc/utmp, a login-logout record in /usr/adm/wtmp, and controlled Xaccess to the pseudo-terminal files themselves, including security and Xmode changing. None of these are possible if pty isn'\''t setuid. X XIf your system has a lot more tty security than usual, you probably Xwon'\''t be able to run pty without privileges. (However, if your system Xhas a lot more tty security than usual, it'\''s almost certainly running Xpty anyway.) X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XIf you do want pty to have privileges, you have to decide between Xsetting up pty as root (Case ROOT) or as some other user, say ``pty'\'\'' X(Case PTY). Staying away from root has the advantage that problems Xcan'\''t possibly destroy all security in one blow. However, root has Xseveral advantages, mainly because of BSD limitations: 1. A process Xcan'\''t change ownership of a file between its euid and uid. Only root Xcan change ownership. It shouldn'\''t be necessary to change ownership Xof ptys anyway, but that'\''s what many programs assume. 2. MAXUPRC in X<sys/param.h> limits the number of processes under a given *effective* Xuid. This absolutely idiotic behavior is a serious problem for programs Xsetuid to anything other than root. pty tries to work around this Xproblem, but there are no true solutions. 3. Despite the documentation Xin kill(2), many machines don'\''t allow non-root processes to send XCONT to children with a different uid. Unlike almost all other programs, Xpty sensibly handles its child stopping and restarting; but this won'\''t Xwork on those machines if pty isn'\''t root. X XYou should decide now between Case ROOT and Case PTY. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XWhether you'\''ve decided on ROOT, PTY, or UN, Xnow is the time to check the security of the entire pty package. XIt'\''d be difficult for anything to slip through the checks by the Xauthor, testers, and source group moderator, but you should take Xat least a moment to look for your pet security peeves. X XA couple of security notes: The only open(,O_CREAT) in pty is in Xmaster.c, at the top of master(), of a file with a very restricted Xform constructed from the filename of a /dev/ttyxx. There are no Xcreat()s. The only bind() is in sock.c'\''s pty_readsock(), which is Xcalled only from master.c'\''s master() to create a socket with a Xsimilarly restricted name. (fnsty is changed in sigler but not in Xmaster.) The only exec() is in slave.c, after a forced setreuid() Xto a uid that is only set to getuid(). unlink(), mkdir(), and rename() Xare only used with restricted pathnames. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XIn Case PTY, you have to set up a new uid, say ``pty'\'\'' (or whatever Xusername you want). pty should not allow logins. Its password should Xbe an asterisk; its home directory should be /nonexistent; its shell Xshould be /bin/true. In other words, the only access to user pty Xshould be through these setuid programs. X XIn any privileged case you should have group tty, Xwhich most BSD 4.3 systems have as gid 4. X' X Xecho 'Running '\ X'$ ttygroup="`sed -n '\''s/^tty:[^:]*:$.*$:.*/\1/p'\'' < /etc/group`" ...' Xttygroup="`sed -n 's/^tty:[^:]*:$.*$:.*/\1/p' < /etc/group`" X Xcase "$ttygroup" in X4) echo ' XI see that you have a tty group, 4 as usual. Good. X' ;; X'') echo ' XYou don'\''t have a tty group. Unless you have a suitable group under a Xdifferent name, you should add the line Xtty:*:4:root Xto /etc/group. X' ;; X*) echo ' XI see that you have a tty group, gid '"$ttygroup"' rather than 4. Okay. X' ;; Xesac X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XNext, we'\''re going to drudge through the config.h file. X XIn Cases ROOT or PTY, you have to set up a system-wide directory Xfor storing information about pty sessions. (A session is a program Xstuck under a pty that you can disconnect and reconnect.) Users can Xget around this directory, storing the information in ~/.pty and Xrevoking any privileges, with pty -xS; you can even make this default Xby setting flagxsetuid = 0 in globals.c. However, a single system-wide Xdirectory is safer. X XAnyway, that directory, PTYDIR, should be mode 0700, owner root in case XROOT or pty in case PTY, group irrelevant. PTYDIR is defined in config.h Xas /usr/etc/pty by default; if you choose a different directory, add X-DPTYDIR=\"/what/ever/dir/ect/ory\" to CCOPTS in the Makefile. X XIn Case UN, you may want to set up a directory ~/PTY inside your home Xdirectory, and set PTYDIR to that; you may want to set flagxsetuid = 0 Xin globals.c; or you may want to just type -xS to pty all the time. I Xrecommend the first strategy. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XNext come pseudo-terminal pathnames. I assume that your ptys are Xlabelled as /dev/ptyxx and /dev/ttyxx, where xx is any two-letter Xextension. pty can support any initial strings instead of these, Xbut some of the utilities have /dev/tty hardcoded, and lots of other Xprograms running around assume those names. If you'\''re desperate, Xdefine DEVMTY and DEVSTY in the Makefile, and figure out what has to Xbe changed in util/*. (Sorry.) X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XThe extension is traditionally [p-za-o][0-9a-f]. The first letter of the Xsecond string is special: if /dev/ttyq0 doesn'\''t exist, for example, then Xnone of /dev/ttyq[0-9a-f] will be used. (That'\''s called a pty bank.) X XYou can change those strings by defining, e.g., PTY1=\"ABCDEFG\" or XPTY2=\"02468abfq\" in the Makefile. You have at least four choices here: X1. Give pty its own, new, banks of new pseudo-terminals with weird bank Xnames not including a through z, and define PTY1 appropriately. pty will Xonly use those new ptys, and older programs will just use the old ptys. XThis may require reconfiguring your system for the larger number of Xterminals. 2. Give pty some new banks, and take out some old ones to Xmake up for it. 3. Give pty a chunk of the old banks. 4. Give pty all Xthe old banks. X XNote that pty searches randomly through PTY1 and PTY2 by default; for Xefficiency, PTY1 really should reflect exactly the pty banks you have. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XSo now you'\''ve decided on new ptys, or set aside some or all of your Xold ptys, and changed PTY1 and PTY2 appropriately. Because BSD gives a Xprocess very little control over its controlling terminal, pty has to Xpass a terminal name explicitly when it reconnects. If any of your tty X(not just pseudo-tty!) filenames are longer than 30 characters, you have Xto set -DTTYNAMELEN=60 (or whatever) in the Makefile. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' X/etc/utmp has traditionally listed all users logged on. XThis nebulous concept has evolved through the years; given the way Xthat most programs use utmp, utmp is probably better defined as a Xlist of all interactive sessions. Anyway, pty supports this file, Xand will make an entry in it when given -xu. If you have a different Xfile, add -DPTYUTMP_FILE=\"/foo/bar/utmp\" to DEFINES in the Makefile. X XNote that /etc/utmp is unprotected (mode 666) on Suns. This was Sun'\''s Xattempt to let unprivileged programs manage the file. Unforunately, this Xerror in judgment opens up a huge security hole, which even on Xsingle-user machines is an invitation to make mistakes. I advise you to Xmake /etc/utmp owned by root in Case ROOT or pty in Case PTY, mode 644. XThere aren'\''t many unprivileged programs that don'\''t understand the Xpty interface; people on non-Suns have survived so far, and there'\''s Xno reason for you to keep subscribing to an insecure model of resource Xsharing. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XAlthough pty will put an entry into utmp, it doesn'\''t really support Xthe remote-host field. There is no logical association between sessions Xand connections; why should a login require a pty, and why should a Xsession only stick around for one connection? So pty just puts "pty" in Xthe host field. You can change this with -DPTYUTMP_HOST=\"foo\"; you may Xeven want to make PTY_UTMPHOST call a function that you define. X X(Similar comments apply to PTYWTMP_HOST. There are also PTYUTMP_SWHOST Xand PTYWTMP_SWHOST, defaults PTYUTMP_HOST and "pty-sessuser" Xrespectively; see util/sessuser.1 for more information.) X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' X/usr/adm/wtmp has traditionally recorded all logins, logouts, reboots, Xftp sessions, and various other interesting events. (The entry for a Xline in utmp is the last entry for that line in wtmp.) pty supports wtmp Xfully, in the same way as utmp. You should make wtmp mode 644, owner Xroot or pty as appropriate. Change PTYWTMP_FILE if /usr/adm/wtmp is Xsomewhere else. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XYou can turn off utmp support by uncommenting the NO_UTMP line in Xconfig.h. (Just delete the initial /*.) You can also turn off support Xfor wtmp, disconnectable sessions, or changing pseudo-terminal file Xownership; just uncomment the appropriate line. You can force use of Xeach of these features by defining MUST_UTMP, etc., in the same way. X XNote that the usual login programs do their own wtmp management, and Xmany accounting programs incorrectly equate session time with connect Xtime, so users will rarely want wtmp. As more programs appear using the Xpty interface, and as login programs start using a more logical system Xfor accounting, MUST_WTMP may become an appropriate way to monitor Xpseudo-terminal usage. For the moment, I do not advise setting any NO Xor MUST. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' Xpty subscribes (not very willingly) to the BSD 4.3 model of pty Xprotection, with a few twists. All ptys are under group tty, at all Xtimes; if you don'\''t have a tty group, all ptys should be under some Xother protected group at all times. Anyway, pty will change the group of Xeach pseudo-terminal file to PTYGROUP, default 4, under -xc. X' X Xcase "$ttygroup" in X4) echo ' XSince you already have a tty group, gid 4, you'\''re fine. X' ;; X'') echo ' XYou don'\''t have a tty group. You should pick a gid and define X-DPTYGROUP=whatever in the Makefile. X' ;; X*) echo ' XYou have a tty group, but it'\''s not gid 4. You should define X-DPTYGROUP='"$ttygroup"' in the Makefile. X' ;; Xesac X Xecho ' X(Under Case UN, don'\''t worry about all this group stuff. Just leave XPTYGROUP alone.) X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XUnder -xc, pty changes the pseudo-terminal owner to the current real Xuid. The fact that terminals need to be in the file hierarchy reflects a Xserious failure in the BSD terminal model; but anyway, many programs Xexpect to be able to fool around with /dev/tty. After pty is done with Xthe terminal, it sets the owner back to its effective uid. You can Xmodify this behavior by changing PTYOWNER from euid to something else. X XUnder Case UN, PTYOWNER is irrelevant. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XWhile a tty is unused, BSD systems traditionally leave it unprotected. XUnfortunately, this leaves some huge security holes. Here'\''s one of Xthe biggest advantages of a privileged pty manager: unused ttys don'\''t Xhave to be left open for any random program to use. After it'\''s done Xwith a pseudo-terminal, pty changes it to mode UNUSEDPTYMODE, default X0600. (This is another case of a poor model for kludging pty support Xinto unprivileged programs. If you haven'\''t set up separate pty banks Xfor pty, and you really want to allow unprivileged access to unused Xptys, try mode 0660 and make those other programs setgid to tty.) X XA tty that someone'\''s using can be in many different modes. Typically XUSEDPTYMODE should be 0600, which means user-only access, messages off, Xbiff off. If you really, really, really want to make the mistake of Xhaving messages or biff on by default, try 0620, 0700, or 0720. Note Xthat the world protection should always be 0: the point of the tty group Xis that only setgid-tty programs can access ttys. X XAs usual, you can'\''t do anything about these in Case UN. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XNow we'\''re past generic configuration and down to your system'\''s Xnitty-gritty. X XFor purity, pty has SIGRET_TYPE, default int, as the type returned by a Xsignal handler. On Suns and ANSI-compliant machines, you should define XSIGRET_TYPE=void. Then you can admire the lint -haxc *.c output. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XOUTBUFSIZE, default 16384, is the size of the buffer pty keeps between Xthe incoming data and the pseudo-tty, and between the pseudo-tty and the Xoutgoing data. If you want to spare less than 32K per pty just for Xbuffer space, feel free to change this. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XGENERIC is another concession to ANSI taste. GENERIC * should be a Xpointer type that any other pointer can be safely converted to and back; XGENERIC is char by default, but on newer machines can be set to void. XAs it'\''ll be at least five years before ANSI manages to outlaw char *, Xand as void * is often invalid, I advise you to leave GENERIC alone. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' Xpty attempts to forward window-size changes transparently. It also Xsupports the auxiliary characters structure, which lets you type a Xsingle character to get system and tty status. X' X Xecho 'Running $ man 4 tty | sed '\''s/_//g'\'' | grep -s winsize' Xif man 4 tty | sed 's/_//g' | grep -s winsize Xthen havewin=y; echo ' XI see you have window sizes. X' Xelse havewin=n; echo ' XI see you don'\''t have window sizes. XYou'\''ll have to comment out #define TTY_WINSIZE in config.h. X(This may be inaccurate on Suns; try grep winsize /usr/include/sys/tt*.h.) X' X case "$ttygroup" in X 4) ;; X '') echo '(Let me guess: This isn'\''t a BSD 4.3 system.)' ;; X *) ;; X esac Xfi X Xecho 'Running $ man 4 tty | sed '\''s/_//g'\'' | grep -s auxchars' Xif man 4 tty | sed 's/_//g' | grep -s auxchars Xthen haveaux=y; echo ' XI see you have auxiliary characters. XYou should uncomment #define TTY_AUXCHARS in config.h. X' Xelse haveaux=n; echo ' XI see you don'\''t have auxiliary characters. X' Xfi X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' Xpty also puts siginterrupt() and usleep() to good use in working Xaround BSD limitations. Without siginterrupt(), there is absolutely Xno way to get per-process non-blocking I/O, so pty may block when it Xdoesn'\''t have to (namely, when it has N bytes to write to the output, Xthe output is a pipe with M bytes of space, and N > M > 0). If you Xdefine SIGINTERRUPT (as default), pty will take some extra effort to Xnever, ever, ever block when it doesn'\''t have to. X XAt one point, pty pauses to kludge around a common bug in UNIX-domain Xsockets. With usleep() it will pause much more briefly. This makes Xreconnects much faster. X' X Xecho 'Running $ man siginterrupt | sed '\''s/_//g'\'' | grep -s siginterrupt' Xif man siginterrupt | sed 's/_//g' | grep -s siginterrupt Xthen havesigintr=y; echo ' XI see you have siginterrupt(). Good. X' X case "$ttygroup$havewinsize" in X 4y) echo 'I'\''ll bet you'\''re a BSD 4.3 system.' ;; X *) echo 'Weird, are you BSD 4.3?' ;; X esac Xelse havesigintr=n; echo ' XI see you don'\''t have siginterrupt(). You have to comment out X#define SIGINTERRUPT in config.h. X' Xfi X Xecho 'Running $ man usleep | sed '\''s/_//g'\'' | grep -s usleep' Xif man usleep | sed 's/_//g' | grep -s usleep Xthen haveusleep=y; echo ' XI see you have usleep(). Good. X' Xelse haveusleep=n; echo ' XI see you don'\''t have usleep(). You have to comment out X#define USLEEP in config.h. X' Xfi X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XFinally (almost done with configuration!), we have to make sure that you Xhave UNIX-domain sockets, and check whether you have file descriptor Xpassing. X' X Xecho 'Running $ test -r /usr/include/sys/un.h' Xif test -r /usr/include/sys/un.h Xthen haveunsocks=y; echo ' XI see you have UNIX-domain sockets. Good. X' X echo 'Running $ man recvmsg | sed '\''s/_//g'\'' | grep -s rights' X if man recvmsg | sed 's/_//g' | grep -s rights X then havefdpass=y; echo ' XI see you have file descriptor passing. Good. (Your fd passing may be Xbuggy, as it'\''s a relatively new, powerful, and rarely exploited Xfeature. If you have trouble, try defining NO_FDPASSING.) X' X else havefdpass=n; echo ' XI see you don'\''t have file descriptor passing. This isn'\''t a Xdisaster, though it means that reconnected sessions will be as Xinefficient as they are in programs other than pty, boo hoo hoo. XUncomment NO_FDPASSING in config.h. X' X fi Xelse haveunsocks=n; echo ' XUh-oh. I don'\''t see <sys/un.h>, which means you probably don'\''t have XUNIX-domain sockets. Without sockets you can'\''t have disconnectable Xsessions. Sigh. I guess you have to define NO_UNIXSOCKS in config.h. X' Xfi X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XWhew! We'\''ve finally made it through configuration. If you want, try Xrunning lint -haxc *.c or whatever your favorite code checker is; the Xlint here gives some bogus errors about correct char * casts, an error Xbecause the SIG_IGN definition is unportable, and a couple of bzero Xcomplaints because FD_ZERO isn'\''t defined very well. X XIf you'\''re on an old system without FD_ZERO, FD_SET, and FD_ISSET in X<sys/types.h>, I recommend you upgrade. Try copying file.h.old to file.h X(the original version is in file.h.new). X XWe'\''re nearly at the end. Change CC and CCOPTS in the Makefile for any Xlast-minute additions; if you'\''re worried, change -s to -g for debugging. XNow compile! % (date; make) >>& Makelog & and come back to this script. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XWhile the program is compiling, let'\''s start providing some support. X(If the compile finishes or has an error, just ignore it for the Xmoment.) These are some real changes, so watch out! X XFirst---in Case PTY only!---make a new uid, pty, not allowing logins. X X/etc/passwd: pty:*:whatever:4:::/bin/true X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XSecond, make sure you have a tty group set up. X X/etc/group: tty:*:4:root X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XThird, make PTYDIR. X XROOT: # mkdir /usr/etc/pty; chmod 700 /usr/etc/pty XPTY: # mkdir /usr/etc/pty; chown pty /usr/etc/pty; chmod 700 /usr/etc/pty XUN: % mkdir ~/PTY; chmod 700 ~/PTY X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XFourth, make sure you have all the pseudo-terminal files set up and Xappropriately configured. X XChange each of them to group tty. X XChange each of them to owner pty in case PTY or root in case ROOT. X XChange each of them to mode UNUSEDPTYMODE (0600). X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XFifth, make sure /etc/utmp and /usr/adm/wtmp exist, owned by root in XCase ROOT or pty in Case PTY, each mode 644. (In Case UN, you probably Xwant to be working on a Sun with its insecure /etc/utmp, so that pty can Xtake advantage of it. Sigh.) X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XSixth, I advise that you make a special directory /usr/local/ptybin for Xpty and its associated utilities, with symbolic links in /usr/local. XThis choice isn'\''t too important, but it'\''s easier if you know a Xplace to put programs. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XOkay. You'\''ve done about all that can be done before compilation Xfinishes, so go do something else. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XThe compile should be done now. If all went well, the make should have Xexited normally, Makelog should show no errors, and you should have an Xexecutable pty program sitting in this directory. Unfortunately, life Xisn'\''t always so generous. Here are a few of the more common errors. X XThe loader complains about missing getopt(), optarg, and optind: These Xare all in the getopt library, available in the early volumes of Xcomp.sources.unix. If you use GNU getopt, please make sure you Xunderstand the implications of its license. X XThe loader complains about missing FD_ZERO, FD_SET, and FD_ISSET: Try Xcopying file.h.old to file.h and recompiling. If the compiler gives Xvarious further errors related to these macros, uncomment the Xcommented-out lines in file.h.old, copy to file.h, and try once again. X Xbcopy() isn'\''t defined: In pty.h, change bcopy(src,dst,num) to Xmemcpy(dst,src,num). (Note the order.) Try again. X XIf you still can'\''t get the code to compile, let the author know. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XNext, compile the utilities. There isn'\''t much to say about them; Xthey'\''re all public domain, some of them clones of or improvements Xover standard utilities, some of them clones with special features to Xwork with pty, some of them entirely new programs for pty'\''s new Xfeatures. Just glance at the top of util/Makefile; then X% cd util; (date; make) >>& Makelog & and wait. X XWarning: The pty session directory is hardcoded in util/sessutil.c. XIf you have changed PTYDIR, check through sessutil.c carefully. X' X Xecho '----- Press return to continue. ' | tr -d '\012'; read contline X Xecho ' XSo now you should have some executables sitting around collecting dust. XIn Cases ROOT and PTY, put {pty,biff,disconnect,mesg,reconnect,sesskill, Xsesslist,sessname,sessuser} into a system-wide directory, owner root or Xpty, mode 4755. Put wall and write into the same place, group tty, mode X2755. Put {condom,excloff,exclon,last,lock,script,script.tidy,sess,tiocsti, Xtty,u,who,xdisconnect,xreconnect,xsesskill,xsesslist,xsessname,xsessuser} Xinto the same place, mode 755. Make absolutely sure none of the shell Xscripts are setuid. X XIn Case UN, just put all the programs somewhere in your PATH. X XThat'\''s it! Try running TESTS now. X X(Two other things you have to do at some point: move your old script, Xbiff, mesg, and so on to script.old, biff.old, mesg.old, etc., with Xsymbolic links to the new versions in their place; and move the old X/usr/man/{script,biff,mesg,...}.1 somewhere else, copy all the *.1 Xhere to /usr/man/man1, and run /etc/catman.) X' END_OF_FILE echo shar: 10 control characters may be missing from \"'INSTALL'\" if test 25242 -ne `wc -c <'INSTALL'`; then echo shar: \"'INSTALL'\" unpacked with wrong size! fi chmod +x 'INSTALL' # end of 'INSTALL' fi if test ! -d 'patch' ; then echo shar: Creating directory \"'patch'\" mkdir 'patch' fi if test -f 'patch/telnetd.90.06.28.patch' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'patch/telnetd.90.06.28.patch'\" else echo shar: Extracting \"'patch/telnetd.90.06.28.patch'\" $13647 characters$ sed "s/^X//" >'patch/telnetd.90.06.28.patch' <<'END_OF_FILE' X*** pathnames.h.original Tue Aug 21 15:45:25 1990 X--- pathnames.h Tue Aug 21 22:24:30 1990 X*************** X*** 35,37 **** X--- 35,40 ---- X #ifdef BFTPDAEMON X #define BFTPPATH "/usr/ucb/bftp" X #endif /* BFTPDAEMON */ X+ #ifdef USEPTY X+ #define _PATH_PTY "/usr/local/pty" X+ #endif X*** sys_term.c.original Tue Aug 21 15:45:31 1990 X--- sys_term.c Tue Aug 21 22:00:56 1990 X*************** X*** 23,28 **** X--- 23,32 ---- X X #include "telnetd.h" X #include "pathnames.h" X+ #ifdef USEPTY X+ #include "sock.h" X+ extern char *ttyname(); X+ #endif X X #ifdef NEWINIT X #include <initreq.h> X*************** X*** 354,359 **** X--- 358,364 ---- X X getpty() X { X+ #ifndef USEPTY X register int p; X #ifndef CRAY X register char c, *p1, *p2; X*************** X*** 398,403 **** X--- 403,416 ---- X } X #endif /* CRAY */ X return(-1); X+ #else USEPTY X+ /* In this new 'n' improved pty-based telnetd, we've already called */ X+ /* startslave, which in turn waited to grab pseudo-terminals from the */ X+ /* pty program. Global variable pty (grrrr) already has our tty. line */ X+ /* has already been filled in by startslave. In fact, there's no point */ X+ /* in calling getpty() at all. */ X+ return pty; X+ #endif USEPTY X } X X #ifdef LINEMODE X*************** X*** 764,772 **** X--- 777,788 ---- X */ X getptyslave() X { X+ #ifndef USEPTY X register int t = -1; X+ #endif X X #ifndef CRAY X+ #ifndef USEPTY X /* X * Disassociate self from control terminal and open ttyp side. X * Set important flags on ttyp and ptyp. X*************** X*** 791,796 **** X--- 807,815 ---- X fatalperror(net, line); X #endif X X+ #else USEPTY X+ /* In a pty-based world, this function is rendered similarly useless. */ X+ #endif USEPTY X init_termbuf(); X #ifndef USE_TERMIO X termbuf.sg.sg_flags |= CRMOD|ANYP|ECHO|XTABS; X*************** X*** 812,821 **** X--- 831,846 ---- X #endif X set_termbuf(); X #else /* CRAY */ X+ #ifndef USEPTY X (void) chown(line, 0, 0); X (void) chmod(line, 0600); X+ #endif X #endif /* CRAY */ X+ #ifndef USEPTY X return(t); X+ #else USEPTY X+ /* What's there to return? We've thrown away fdsty. */ X+ #endif X } X X #ifdef NEWINIT X*************** X*** 829,842 **** X--- 854,891 ---- X * is necessary to startup the login process on the slave side of the pty. X */ X X+ #ifdef USEPTY X+ int fdpass[2]; X+ int siglerpid; X+ #endif USEPTY X /* ARGSUSED */ X+ #ifndef USEPTY X startslave(t, host) X int t; X+ #else USEPTY X+ startslave(host) X+ #endif USEPTY X char *host; X { X register int i; X long time(); X X+ #ifdef USEPTY X+ char strfdpass[10]; X+ char ch; X+ int fdmty; X+ int fdsty; X+ char *ttyn; X+ int pgrp; X+ int fd; X+ #endif USEPTY X+ #ifdef USEPTY X+ /* Prepare for receiving pseudo-terminal descriptors from pty. */ X+ if (socketpair(AF_UNIX,SOCK_STREAM,0,fdpass) == -1) /* virtually impossible */ X+ fatalperror(net,"pty-socketpair"); X+ (void) sprintf(strfdpass,"%d",fdpass[1]); X+ X+ #endif USEPTY X #ifndef NEWINIT X # ifdef CRAY X utmp_sig_init(); X*************** X*** 845,850 **** X--- 894,902 ---- X if ((i = fork()) < 0) X fatalperror(net, "fork"); X if (i) { X+ #ifdef USEPTY X+ siglerpid = i; X+ #endif X # ifdef CRAY X /* X * Cray parent will create utmp entry for child and send X*************** X*** 873,881 **** X--- 925,972 ---- X } X utmp_sig_notify(pid); X # endif /* CRAY */ X+ #ifndef USEPTY X (void) close(t); X+ #else USEPTY X+ /* Now we'll receive the descriptors. */ X+ (void) close(fdpass[1]); X+ (void) sprintf(line,"/NONexistent"); X+ fdmty = fdsty = -1; X+ if (pty_getch(fdpass[0],&ch) == -1) X+ cleanup(); /* XXX: telnetd's finishup handling really sucks. */ X+ if (pty_putgetint(fdpass[0],'G',&siglerpid) == -1) X+ cleanup(); X+ if (pty_getch(fdpass[0],&ch) == -1) X+ cleanup(); X+ if (pty_putgetfd(fdpass[0],'m',&fdmty) == -1) X+ cleanup(); X+ if (pty_getch(fdpass[0],&ch) == -1) X+ cleanup(); X+ if (pty_putgetfd(fdpass[0],'s',&fdsty) == -1) X+ cleanup(); X+ if (!(ttyn = ttyname(fdsty))) X+ cleanup(); X+ (void) strncpy(line,ttyn,14); X+ if ((fd = open("/dev/tty",O_RDWR)) != -1) X+ { X+ (void) ioctl(fd,TIOCNOTTY,0); /* detach */ X+ (void) close(fd); X+ } X+ (void) close(open(ttyn,O_RDWR)); /* attach ourselves to tty */ X+ pty = fdmty; X+ (void) ioctl(fdsty,TIOCGPGRP,&pgrp); X+ (void) setpgrp(0,pgrp); X+ (void) close(fdsty); /* we won't need it for anything else */ X+ (void) fcntl(fdpass[0],F_SETFL,FNDELAY); /* XXX */ X+ X+ #endif USEPTY X } else { X+ #ifndef USEPTY X start_login(t, host); X+ #else USEPTY X+ (void) close(fdpass[0]); X+ start_login(host,strfdpass); X+ #endif USEPTY X /*NOTREACHED*/ X } X #else /* NEWINIT */ X*************** X*** 986,994 **** X--- 1077,1095 ---- X * function will turn us into the login process. X */ X X+ #ifndef USEPTY X start_login(t, host) X int t; X+ #else USEPTY X+ /* Added parameter, for dealing with pty: strfdpass, a printable version */ X+ /* of the file descriptor for passing more descriptors up to us. */ X+ X+ start_login(host,strfdpass) X+ #endif USEPTY X char *host; X+ #ifdef USEPTY X+ char *strfdpass; X+ #endif USEPTY X { X register char *cp; X register char **argv; X*************** X*** 996,1001 **** X--- 1097,1103 ---- X #ifdef CRAY X register char **cpp, **cpp2; X utmp_sig_wait(); X+ #ifndef USEPTY X # ifndef TCVHUP X setpgrp(); X # endif X*************** X*** 1028,1038 **** X--- 1130,1142 ---- X termbuf.c_lflag = ISIG|ICANON|ECHO|ECHOE|ECHOK; X termbuf.c_cflag = EXTB|HUPCL|CS8; X set_termbuf(); X+ #endif USEPTY X #endif /* CRAY */ X X /* X * set up standard paths before forking to login X */ X+ #ifndef USEPTY X #ifndef NO_SETSID X if (setsid() < 0) X fatalperror(net, "setsid"); X*************** X*** 1042,1053 **** X--- 1146,1167 ---- X if (ioctl(t, TIOCSCTTY, (char *)0) < 0) X fatalperror(net, "ioctl(sctty)"); X #endif X+ #else USEPTY X+ /* The POSIXish setsid() handling here is pty's responsibility. */ X+ #endif USEPTY X (void) close(net); X (void) close(pty); X+ #ifndef USEPTY X (void) dup2(t, 0); X (void) dup2(t, 1); X (void) dup2(t, 2); X (void) close(t); X+ #else USEPTY X+ (void) close(0); /* ahhh, life is easy */ X+ (void) close(1); X+ (void) close(2); X+ /* but absolutely don't close fdpass. */ X+ #endif USEPTY X /* X * -h : pass on name of host. X * WARNING: -h is accepted by login if and only if X*************** X*** 1054,1060 **** X--- 1168,1183 ---- X * getuid() == 0. X * -p : don't clobber the environment (so terminal type stays set). X */ X+ #ifdef USEPTY X+ /* Stick the pty magic in front. */ X+ argv = addarg(0, "pty"); /* this addarg stuff is stupid */ X+ argv = addarg(argv,"-sdf"); X+ argv = addarg(argv,strfdpass); X+ argv = addarg(argv,"-xRCUWX"); /* XXX: -xr? */ X+ argv = addarg(argv,_PATH_LOGIN); X+ #else X argv = addarg(0, "login"); X+ #endif X argv = addarg(argv, "-h"); X argv = addarg(argv, host); X #if !defined(CRAY) && !defined(NO_LOGIN_P) X*************** X*** 1084,1090 **** X--- 1207,1217 ---- X } X #endif X X+ #ifdef USEPTY X+ execv(_PATH_PTY,argv); X+ #else USEPTY X execv(_PATH_LOGIN, argv); X+ #endif USEPTY X X syslog(LOG_ERR, "%s: %m\n", _PATH_LOGIN); X fatalperror(net, _PATH_LOGIN); X*************** X*** 1142,1155 **** X--- 1269,1294 ---- X p = line + sizeof("/dev/") - 1; X if (logout(p)) X logwtmp(p, "", ""); X+ #ifndef USEPTY X (void)chmod(line, 0666); X+ #else USEPTY X+ (void) chmod(line,0600); /* banish these security holes! */ X+ #endif USEPTY X (void)chown(line, 0, 0); X *p = 'p'; X+ #ifndef USEPTY X (void)chmod(line, 0666); X+ #else USEPTY X+ (void) chmod(line,0600); X+ #endif USEPTY X (void)chown(line, 0, 0); X # else X rmut(); X+ #ifndef USEPTY X vhangup(); /* XXX */ X+ #else USEPTY X+ /* vhangup(); XXX: This is also pty's responsibility. */ X+ #endif USEPTY X # endif X (void) shutdown(net, 2); X #else /* CRAY */ X*************** X*** 1156,1162 **** X--- 1295,1306 ---- X # ifndef NEWINIT X rmut(line); X (void) shutdown(net, 2); X+ #ifndef USEPTY X kill(0, SIGHUP); X+ #else USEPTY X+ /* kill(0, SIGHUP); The pty master makes this decision. */ X+ (void) kill(siglerpid,SIGHUP); /* but we do have to tell the sigler. */ X+ #endif USEPTY X # else /* NEWINIT */ X (void) shutdown(net, 2); X # endif /* NEWINT */ X*************** X*** 1273,1282 **** X--- 1417,1434 ---- X (void) close(f); X } X } X+ #ifndef USEPTY X (void) chmod(line, 0666); X+ #else USEPTY X+ (void) chmod(line, 0600); X+ #endif USEPTY X (void) chown(line, 0, 0); X line[strlen("/dev/")] = 'p'; X+ #ifndef USEPTY X (void) chmod(line, 0666); X+ #else USEPTY X+ (void) chmod(line, 0600); X+ #endif USEPTY X (void) chown(line, 0, 0); X } /* end of rmut */ X #endif /* CRAY */ X*** telnetd.c.original Tue Aug 21 15:45:36 1990 X--- telnetd.c Tue Aug 21 21:27:48 1990 X*************** X*** 28,33 **** X--- 28,37 ---- X #endif /* not lint */ X X #include "telnetd.h" X+ #ifdef USEPTY X+ #include "sock.h" X+ extern char *ttyname(); X+ #endif USEPTY X X /* X * I/O data buffers, X*************** X*** 462,467 **** X--- 466,472 ---- X int t; X struct hostent *hp; X X+ #ifndef USEPTY X /* X * Find an available pty to use. X */ X*************** X*** 470,475 **** X--- 475,481 ---- X fatal(net, "All network ports in use"); X X t = getptyslave(); X+ #endif USEPTY X X /* get name of connected client */ X hp = gethostbyaddr((char *)&who->sin_addr, sizeof (struct in_addr), X*************** X*** 489,500 **** X--- 495,533 ---- X /* X * Start up the login process on the slave side of the terminal X */ X+ #ifndef USEPTY X startslave(t, host); X+ #else USEPTY X+ startslave(host); X+ #endif USEPTY X X+ #ifdef USEPTY X+ /* In this pty-based version of the world, life is easy. startslave() */ X+ /* actually dumps its process under the pty program, which handles all */ X+ /* those nasty details of finding a pty and getting it started. pty */ X+ /* then passes its pty master side up to telnetd (the ``controller'') */ X+ /* so that we have full control. Joy to the world. */ X+ X+ /* X+ * Find an available pty to use. X+ */ X+ pty = getpty(); /* noop */ X+ if (pty < 0) /* impossible */ X+ fatal(net, "All network ports in use"); X+ X+ getptyslave(); X+ X+ #endif USEPTY X telnet(net, pty); /* begin server processing */ X /*NOTREACHED*/ X } /* end of doit */ X X+ #ifdef USEPTY X+ extern int fdpass[2]; X+ extern int siglerpid; X+ char ch; X+ X+ #endif USEPTY X #ifndef MAXHOSTNAMELEN X #define MAXHOSTNAMELEN 64 X #endif MAXHOSTNAMELEN X*************** X*** 775,780 **** X--- 808,819 ---- X if (!SYNCHing) { X FD_SET(f, &xbits); X } X+ #ifdef USEPTY X+ FD_SET(fdpass[0],&ibits); X+ /* When we get input on fdpass, we're switching ttys. */ X+ /* This FD_SET seems logical, but it invites bugs under many */ X+ /* implementations. XXX. */ X+ #endif USEPTY X if ((c = select(16, &ibits, &obits, &xbits, X (struct timeval *)0)) < 1) { X if (c == -1) { X*************** X*** 785,791 **** X--- 824,899 ---- X sleep(5); X continue; X } X+ #ifdef USEPTY X+ if (pty_getch(fdpass[0],&ch) != -1) X+ { X+ /* reconnect... */ X+ int fdmty; X+ int fdsty; X+ char *ttyn; X+ int pgrp; X+ int fd; X X+ fdmty = fdsty = -1; X+ (void) fcntl(fdpass[0],F_SETFL,0); /*XXX*/ X+ if (ch != 'G') X+ if (pty_getch(fdpass[0],&ch) == -1) X+ ; X+ if (pty_putgetint(fdpass[0],'G',&siglerpid) == -1) X+ cleanup(); X+ if (pty_getch(fdpass[0],&ch) == -1) X+ cleanup(); X+ if (pty_putgetfd(fdpass[0],'m',&fdmty) == -1) X+ cleanup(); X+ if (pty_getch(fdpass[0],&ch) == -1) X+ cleanup(); X+ if (pty_putgetfd(fdpass[0],'s',&fdsty) == -1) X+ cleanup(); X+ if (!(ttyn = ttyname(fdsty))) X+ cleanup(); X+ /* It's impossible to do anything sensible with utmp; */ X+ /* this shows very clearly why utmp's remote field */ X+ /* is inconsistent. So we stick to the same ``line.'' */ X+ X+ fd = 0; X+ (void) ioctl(p, TIOCPKT, (char *)&fd); X+ /* Packet mode, like NDELAY, is not a polite thing to */ X+ /* give someone else. One of those unstated conventions */ X+ /* that people should learn... */ X+ X+ if ((fd = open("/dev/tty",O_RDWR)) != -1) X+ { X+ (void) ioctl(fd,TIOCNOTTY,0); /* detach */ X+ (void) close(fd); X+ } X+ (void) close(open(ttyn,O_RDWR)); /* attach */ X+ X+ (void) close(pty); X+ pty = fdmty; X+ p = pty; /* XXX: Blame DAB for this. Whither modularity? */ X+ X+ (void) ioctl(p, TIOCPKT, (char *)&on); X+ /* If we didn't do this, telnetd would become very */ X+ /* confused, because it's expecting packet-mode stuff. */ X+ X+ (void) fcntl(fdpass[0],F_SETFL,FNDELAY); /* XXX */ X+ (void) ioctl(fdsty,TIOCGPGRP,&pgrp); X+ (void) setpgrp(0,pgrp); X+ X+ /* XXX: If this messes up Linemode, TOUGH LUCK! */ X+ init_termbuf(); /* XXX */ X+ #ifdef LINEMODE X+ localstat(); /* XXX */ X+ #endif X+ X+ FD_ZERO(&xbits); X+ FD_ZERO(&ibits); /* XXX */ X+ FD_ZERO(&obits); X+ X+ /* XXX: anything else to do? */ X+ } X+ #endif USEPTY X+ X /* X * Any urgent data? X */ X*************** X*** 881,888 **** X--- 989,1004 ---- X if (pcc < 0 && errno == EWOULDBLOCK) X pcc = 0; X else { X+ #ifndef USEPTY X if (pcc <= 0) X break; X+ #else USEPTY X+ if (pcc <= 0) X+ { X+ pcc = 0; X+ goto wtfiseofpty; X+ } X+ #endif USEPTY X #if !defined(CRAY2) || !defined(UNICOS5) X #ifdef LINEMODE X /* X*************** X*** 932,937 **** X--- 1048,1056 ---- X ptyip = ptyibuf; X #endif /* defined(CRAY2) && defined(UNICOS5) */ X } X+ #ifdef USEPTY X+ wtfiseofpty: ; X+ #endif USEPTY X } X X while (pcc > 0) { END_OF_FILE if test 13647 -ne `wc -c <'patch/telnetd.90.06.28.patch'`; then echo shar: \"'patch/telnetd.90.06.28.patch'\" unpacked with wrong size! fi # end of 'patch/telnetd.90.06.28.patch' fi if test ! -d 'util' ; then echo shar: Creating directory \"'util'\" mkdir 'util' fi echo shar: End of archive 1 $of 6$. cp /dev/null ark1isdone MISSING="" for I in 1 2 3 4 5 6 ; do if test ! -f ark${I}isdone ; then MISSING="${MISSING} ${I}" fi done if test "${MISSING}" = "" ; then echo You have unpacked all 6 archives. rm -f ark[1-9]isdone else echo You still must unpack the following archives: echo " " ${MISSING} fi exit 0 exit 0 # Just in case... -- Please send comp.sources.unix-related mail to rsalz@uunet.uu.net. Use a domain-based address or give alternate paths, or you may lose out.