From Rcrh@bsdprd1.ais.msu.edu Sat May 13 14:14:07 1995 Received: from bsdprd1.ais.msu.edu (bsdprd1.ais.msu.edu [35.8.113.20]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id OAA12579 for ; Sat, 13 May 1995 14:14:06 -0700 Received: (from root@localhost) by bsdprd1.ais.msu.edu (8.6.11/8.6.9) id RAA26502; Sat, 13 May 1995 17:14:53 -0400 Message-Id: <199505132114.RAA26502@bsdprd1.ais.msu.edu> Date: Sat, 13 May 1995 17:14:53 -0400 From: henrich@crh.cl.msu.edu (Charles Henrich) Reply-To: henrich@msu.edu To: FreeBSD-gnats-submit@freebsd.org Subject: REMOTE_HOST REMOTE_PORT REMOTE_IP X-Send-Pr-Version: 3.2 >Number: 401 >Category: bin >Synopsis: Add REMOTE_* variables >Confidential: no >Severity: non-critical >Priority: low >Responsible: dwmalone >State: closed >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat May 13 14:20:01 1995 >Closed-Date: Tue Feb 27 11:50:50 PST 2001 >Last-Modified: Tue Feb 27 11:51:34 PST 2001 >Originator: Charles Henrich & >Release: FreeBSD 2.1.0-Development i386 >Organization: Michigan State University >Environment: FreeBSD 950412-SNAP >Description: Modifications to inetd, telnetd, rlogind to make the following environment variables available to all processes. REMOTE_IP (Contains IP or -1.-1.-1.-1 (always a dotquad parseable) REMOTE_HOST (Contains hostname or ip if resolver fails) REMOTE_PORT (Contains the port of the remote host or -1 if failure) >How-To-Repeat: >Fix: As well as applying the following three patches, need to add -DDO_REMOTEVARS to telnetd and rlogind Makefile(s). The code in inetd wasnt #ifdef'd because working around the existing code would have been ugly/nasty. ------------------------------------------------------------------------------- *** usr.sbin/inetd/inetd.c Sat May 13 14:27:21 1995 --- usr.sbin/inetd/inetd.c.new Sat May 13 14:27:15 1995 *************** *** 252,257 **** --- 252,258 ---- pid_t pid; char buf[50]; struct sockaddr_in peer; + struct hostent *hs; int i; Argv = argv; *************** *** 354,372 **** sep->se_service); continue; } ! if(log) { ! i = sizeof peer; ! if(getpeername(ctrl, (struct sockaddr *) ! &peer, &i)) { syslog(LOG_WARNING, "getpeername(for %s): %m", sep->se_service); - continue; } ! syslog(LOG_INFO,"%s from %s", ! sep->se_service, ! inet_ntoa(peer.sin_addr)); } /* * Call tcpmux to find the real service to exec. */ --- 355,416 ---- sep->se_service); continue; } ! ! /***********************************************/ ! /* */ ! /* Originally getpeername was only called */ ! /* inside the if(log) block, and in that case */ ! /* if getpeername returned an error the code */ ! /* would continue back to the top of the loop. */ ! /* This doesnt make any sense, so in the new */ ! /* case (we always do a getpeername for the */ ! /* REMOTE_* vars) we just set the variables to */ ! /* UNKNOWN, -1.-1.-1.-1, -1 and drop through */ ! /* as it should. -Crh (henrich@msu.edu) */ ! /* */ ! /***********************************************/ ! ! i = sizeof peer; ! if(getpeername(ctrl, (struct sockaddr *) ! &peer, &i)) { ! ! if(log) { syslog(LOG_WARNING, "getpeername(for %s): %m", sep->se_service); } ! ! (void)setenv("REMOTE_HOST", "UNKNOWN", 1); ! (void)setenv("REMOTE_IP", "-1.-1.-1.-1", 1); ! (void)setenv("REMOTE_PORT", "-1", 1); ! ! } else { ! ! if(log) { ! syslog(LOG_INFO,"%s from %s", ! sep->se_service, ! inet_ntoa(peer.sin_addr)); ! } ! ! hs=gethostbyaddr((char *)&peer.sin_addr, ! sizeof(peer.sin_addr), ! AF_INET); ! ! if(hs != NULL) { ! (void)setenv("REMOTE_HOST", hs->h_name, ! 1); ! } else { ! (void)setenv("REMOTE_HOST", ! inet_ntoa(peer.sin_addr), 1); ! } ! ! (void)setenv("REMOTE_IP", ! inet_ntoa(peer.sin_addr), 1); ! ! sprintf(buf,"%hd", ntohs(peer.sin_port)); ! (void)setenv("REMOTE_PORT", buf, 1); } + /* * Call tcpmux to find the real service to exec. */ ------------------------------------------------------------------------------- *** libexec/telnetd/telnetd.c Fri Aug 12 19:00:02 1994 --- libexec/telnetd/telnetd.c.new Sat May 13 16:05:46 1995 *************** *** 758,763 **** --- 758,766 ---- int level; int ptynum; char user_name[256]; + #ifdef DO_REMOTEVARS + char remote_port[20]; + #endif /* DO_REMOTEVARS */ /* * Find an available pty to use. *************** *** 833,838 **** --- 836,848 ---- *user_name = 0; level = getterminaltype(user_name); setenv("TERM", terminaltype ? terminaltype : "network", 1); + + #ifdef DO_REMOTEVARS + setenv("REMOTE_HOST", remote_host_name, 1); + setenv("REMOTE_IP", inet_ntoa(who->sin_addr), 1); + sprintf(remote_port,"%hd", ntohs(who->sin_port)); + setenv("REMOTE_PORT", remote_port, 1); + #endif /* DO_REMOTEVARS */ /* * Start up the login process on the slave side of the terminal ------------------------------------------------------------------------------- *** libexec/rlogind/rlogind.c Sat May 13 16:07:38 1995 --- libexec/rlogind/rlogind.c.new Sat May 13 17:02:46 1995 *************** *** 200,205 **** --- 200,208 ---- register struct hostent *hp; char hostname[2 * MAXHOSTNAMELEN + 1]; char c; + #ifdef DO_REMOTEVARS + char remote_port[20]; + #endif /* DO_REMOTEVARS */ alarm(60); read(f, &c, 1); *************** *** 293,298 **** --- 296,315 ---- if (f > 2) /* f should always be 0, but... */ (void) close(f); setup_term(0); + + #ifdef DO_REMOTEVARS + setenv("REMOTE_HOST", hostname, 1); + setenv("REMOTE_IP", inet_ntoa(fromp->sin_addr), 1); + + /**********************************************************/ + /* fromp->sin_port is in host-byte-order for some strange */ + /* reason here, so we dont do a ntohs here. */ + /**********************************************************/ + + sprintf(remote_port,"%hd", fromp->sin_port); + setenv("REMOTE_PORT", remote_port, 1); + #endif /* DO_REMOTEVARS */ + if (strchr(lusername, '-')) { syslog(LOG_ERR, "tried to pass user \"%s\" to login", lusername); >Release-Note: >Audit-Trail: Responsible-Changed-From-To: freebsd-bugs->wollman Responsible-Changed-By: scrappy Responsible-Changed-When: Sun May 26 14:41:01 PDT 1996 Responsible-Changed-Why: last to touch inetd State-Changed-From-To: open->suspended State-Changed-By: phk State-Changed-When: Mon Apr 13 01:25:23 PDT 1998 State-Changed-Why: -> suspended Responsible-Changed-From-To: wollman->freebsd-bugs Responsible-Changed-By: phk Responsible-Changed-When: Mon Apr 13 01:25:23 PDT 1998 Responsible-Changed-Why: -> suspended Responsible-Changed-From-To: freebsd-bugs->dwmalone Responsible-Changed-By: johan Responsible-Changed-When: Sun Feb 25 04:12:45 PST 2001 Responsible-Changed-Why: David, since yuo have been looking at inetd can you please have a look at the old old PR. http://www.freebsd.org/cgi/query-pr.cgi?pr=401 From: David Malone To: johan@FreeBSD.org Cc: freebsd-gnats-submit@FreeBSD.org, henrich@msu.edu Subject: Re: bin/401: Add REMOTE_* variables Date: Sun, 25 Feb 2001 13:27:47 +0000 > Synopsis: Add REMOTE_* variables > David, since yuo have been looking at inetd can you > please have a look at the old old PR. > http://www.freebsd.org/cgi/query-pr.cgi?pr=401 Alot of what is added to inetd here can also currently be done with tcp wrappers setenv option. For example, you can set REMOTE_HOST and REMOTE_IP by saying: telnetd: ALL : setenv REMOTE_HOST %h : setenv REMOTE_IP %a : allow in hosts.allow. There isn't currently a way to set a varible to the remote port. The need for this work may have been replaced by the availability of ssh 'cos it provides an SSH_CLIENT variable which provides much of this information. Charles, can you explain your motivation for the patch? Do you still feel it is necessary in the light of the built-in tcp wrappers and the availability of ssh? David. From: Charles Henrich To: David Malone Cc: johan@FreeBSD.org, freebsd-gnats-submit@FreeBSD.org Subject: Re: bin/401: Add REMOTE_* variables Date: Tue, 27 Feb 2001 11:45:42 -0800 This has to be one of the oldest problems in the system :) Almost 6 years! :) Anyway, your solution below is just fine. It just wasnt an option in '95 :) -Crh > > Synopsis: Add REMOTE_* variables > > > David, since yuo have been looking at inetd can you please have a look at > > the old old PR. http://www.freebsd.org/cgi/query-pr.cgi?pr=401 > > Alot of what is added to inetd here can also currently be done with tcp > wrappers setenv option. For example, you can set REMOTE_HOST and REMOTE_IP > by saying: > > telnetd: ALL : setenv REMOTE_HOST %h : setenv REMOTE_IP %a : allow > > in hosts.allow. There isn't currently a way to set a varible to the remote > port. The need for this work may have been replaced by the availability of > ssh 'cos it provides an SSH_CLIENT variable which provides much of this > information. > > Charles, can you explain your motivation for the patch? Do you still feel it > is necessary in the light of the built-in tcp wrappers and the availability > of ssh? > > David. Charles Henrich Manex Visual Effects henrich@sigbus.com http://www.sigbus.com/~henrich State-Changed-From-To: suspended->closed State-Changed-By: dwmalone State-Changed-When: Tue Feb 27 11:50:50 PST 2001 State-Changed-Why: A combination of ssh and/or tcp wrappers can provide alot of this patch today and the submitter says this is fine. http://www.freebsd.org/cgi/query-pr.cgi?pr=401 >Unformatted: