17c478bd9Sstevel@tonic-gate /*
2159d09a2SMark Phalan  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
37c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate  */
57c478bd9Sstevel@tonic-gate 
67c478bd9Sstevel@tonic-gate /*
77c478bd9Sstevel@tonic-gate  * Copyright (c) 1983 Regents of the University of California.
87c478bd9Sstevel@tonic-gate  * All rights reserved.
97c478bd9Sstevel@tonic-gate  *
107c478bd9Sstevel@tonic-gate  * Redistribution and use in source and binary forms are permitted
117c478bd9Sstevel@tonic-gate  * provided that the above copyright notice and this paragraph are
127c478bd9Sstevel@tonic-gate  * duplicated in all such forms and that any documentation,
137c478bd9Sstevel@tonic-gate  * advertising materials, and other materials related to such
147c478bd9Sstevel@tonic-gate  * distribution and use acknowledge that the software was developed
157c478bd9Sstevel@tonic-gate  * by the University of California, Berkeley.  The name of the
167c478bd9Sstevel@tonic-gate  * University may not be used to endorse or promote products derived
177c478bd9Sstevel@tonic-gate  * from this software without specific prior written permission.
187c478bd9Sstevel@tonic-gate  */
197c478bd9Sstevel@tonic-gate 
207c478bd9Sstevel@tonic-gate #include "defs.h"
217c478bd9Sstevel@tonic-gate #include <string.h>
227c478bd9Sstevel@tonic-gate #include <syslog.h>
237c478bd9Sstevel@tonic-gate #include <k5-int.h>
24159d09a2SMark Phalan #include <krb5defs.h>
257c478bd9Sstevel@tonic-gate #include <priv_utils.h>
267c478bd9Sstevel@tonic-gate 
277c478bd9Sstevel@tonic-gate #define	NHOSTS 100
287c478bd9Sstevel@tonic-gate 
297c478bd9Sstevel@tonic-gate /*
307c478bd9Sstevel@tonic-gate  * Remote distribution program.
317c478bd9Sstevel@tonic-gate  */
327c478bd9Sstevel@tonic-gate 
337c478bd9Sstevel@tonic-gate char	*distfile = NULL;
347c478bd9Sstevel@tonic-gate char	Tmpfile[] = "/tmp/rdistXXXXXX";
357c478bd9Sstevel@tonic-gate char	*tmpname = &Tmpfile[5];
367c478bd9Sstevel@tonic-gate 
377c478bd9Sstevel@tonic-gate int	debug;		/* debugging flag */
387c478bd9Sstevel@tonic-gate int	nflag;		/* NOP flag, just print commands without executing */
397c478bd9Sstevel@tonic-gate int	qflag;		/* Quiet. Don't print messages */
407c478bd9Sstevel@tonic-gate int	options;	/* global options */
417c478bd9Sstevel@tonic-gate int	iamremote;	/* act as remote server for transfering files */
427c478bd9Sstevel@tonic-gate 
437c478bd9Sstevel@tonic-gate FILE	*fin = NULL;	/* input file pointer */
447c478bd9Sstevel@tonic-gate int	rem = -1;	/* file descriptor to remote source/sink process */
457c478bd9Sstevel@tonic-gate char	host[32];	/* host name */
467c478bd9Sstevel@tonic-gate int	nerrs;		/* number of errors while sending/receiving */
477c478bd9Sstevel@tonic-gate char	user[10];	/* user's name */
487c478bd9Sstevel@tonic-gate char	homedir[128];	/* user's home directory */
497c478bd9Sstevel@tonic-gate char	buf[RDIST_BUFSIZ];	/* general purpose buffer */
507c478bd9Sstevel@tonic-gate 
517c478bd9Sstevel@tonic-gate struct	passwd *pw;	/* pointer to static area used by getpwent */
527c478bd9Sstevel@tonic-gate struct	group *gr;	/* pointer to static area used by getgrent */
537c478bd9Sstevel@tonic-gate 
547c478bd9Sstevel@tonic-gate char des_inbuf[2 * RDIST_BUFSIZ];	/* needs to be > largest read size */
557c478bd9Sstevel@tonic-gate char des_outbuf[2 * RDIST_BUFSIZ];	/* needs to be > largest write size */
567c478bd9Sstevel@tonic-gate krb5_data desinbuf, desoutbuf;
577c478bd9Sstevel@tonic-gate krb5_encrypt_block eblock;		/* eblock for encrypt/decrypt */
58*3ca4cacdSPeter Shoults krb5_context bsd_context = NULL;
597c478bd9Sstevel@tonic-gate krb5_auth_context auth_context;
607c478bd9Sstevel@tonic-gate krb5_creds *cred;
617c478bd9Sstevel@tonic-gate char *krb_cache = NULL;
627c478bd9Sstevel@tonic-gate krb5_flags authopts;
637c478bd9Sstevel@tonic-gate krb5_error_code status;
647c478bd9Sstevel@tonic-gate enum kcmd_proto kcmd_proto = KCMD_NEW_PROTOCOL;
657c478bd9Sstevel@tonic-gate 
667c478bd9Sstevel@tonic-gate int encrypt_flag = 0;	/* Flag set when encryption is used */
677c478bd9Sstevel@tonic-gate int krb5auth_flag = 0;	/* Flag set, when KERBEROS is enabled */
68*3ca4cacdSPeter Shoults static profile_options_boolean autologin_option[] = {
69*3ca4cacdSPeter Shoults 	{ "autologin", &krb5auth_flag, 0 },
70*3ca4cacdSPeter Shoults 	{ NULL, NULL, 0 }
71*3ca4cacdSPeter Shoults };
72*3ca4cacdSPeter Shoults static int no_krb5auth_flag = 0;
73*3ca4cacdSPeter Shoults 
747c478bd9Sstevel@tonic-gate int debug_port = 0;
757c478bd9Sstevel@tonic-gate 
767c478bd9Sstevel@tonic-gate int retval = 0;
777c478bd9Sstevel@tonic-gate char *krb_realm = NULL;
787c478bd9Sstevel@tonic-gate 
797c478bd9Sstevel@tonic-gate /* Flag set, if -PN / -PO is specified */
807c478bd9Sstevel@tonic-gate static boolean_t rcmdoption_done = B_FALSE;
817c478bd9Sstevel@tonic-gate 
827c478bd9Sstevel@tonic-gate static int encrypt_done = 0;	/* Flag set, if -x is specified */
837c478bd9Sstevel@tonic-gate profile_options_boolean option[] = {
847c478bd9Sstevel@tonic-gate 	{ "encrypt", &encrypt_flag, 0 },
857c478bd9Sstevel@tonic-gate 	{ NULL, NULL, 0 }
867c478bd9Sstevel@tonic-gate };
877c478bd9Sstevel@tonic-gate 
887c478bd9Sstevel@tonic-gate static char *rcmdproto = NULL;
897c478bd9Sstevel@tonic-gate profile_option_strings rcmdversion[] = {
907c478bd9Sstevel@tonic-gate 	{ "rcmd_protocol", &rcmdproto, 0 },
917c478bd9Sstevel@tonic-gate 	{ NULL, NULL, 0 }
927c478bd9Sstevel@tonic-gate };
937c478bd9Sstevel@tonic-gate 
947c478bd9Sstevel@tonic-gate char *realmdef[] = { "realms", NULL, "rdist", NULL };
957c478bd9Sstevel@tonic-gate char *appdef[] = { "appdefaults", "rdist", NULL };
967c478bd9Sstevel@tonic-gate 
97740638c8Sbw static void usage(void);
98740638c8Sbw static char *prtype(int t);
99740638c8Sbw static void prsubcmd(struct subcmd *s);
100740638c8Sbw static void docmdargs(int nargs, char *args[]);
101740638c8Sbw void prnames();
102740638c8Sbw void prcmd();
103740638c8Sbw 
1047c478bd9Sstevel@tonic-gate int
main(argc,argv)1057c478bd9Sstevel@tonic-gate main(argc, argv)
1067c478bd9Sstevel@tonic-gate 	int argc;
1077c478bd9Sstevel@tonic-gate 	char *argv[];
1087c478bd9Sstevel@tonic-gate {
1097c478bd9Sstevel@tonic-gate 	register char *arg;
1107c478bd9Sstevel@tonic-gate 	int cmdargs = 0;
1117c478bd9Sstevel@tonic-gate 	char *dhosts[NHOSTS], **hp = dhosts;
1127c478bd9Sstevel@tonic-gate 
1137c478bd9Sstevel@tonic-gate 	(void) setlocale(LC_ALL, "");
1147c478bd9Sstevel@tonic-gate 
1157c478bd9Sstevel@tonic-gate 	pw = getpwuid(getuid());
1167c478bd9Sstevel@tonic-gate 	if (pw == NULL) {
1177c478bd9Sstevel@tonic-gate 		(void) fprintf(stderr, gettext("%s: Who are you?\n"), argv[0]);
1187c478bd9Sstevel@tonic-gate 		exit(1);
1197c478bd9Sstevel@tonic-gate 	}
1207c478bd9Sstevel@tonic-gate 	strncpy(user, pw->pw_name, sizeof (user));
1217c478bd9Sstevel@tonic-gate 	user[sizeof (user) - 1] = '\0';
1227c478bd9Sstevel@tonic-gate 	strncpy(homedir, pw->pw_dir, sizeof (homedir));
1237c478bd9Sstevel@tonic-gate 	homedir[sizeof (homedir) - 1] = '\0';
1247c478bd9Sstevel@tonic-gate 	gethostname(host, sizeof (host));
1257c478bd9Sstevel@tonic-gate 
1267c478bd9Sstevel@tonic-gate 	while (--argc > 0) {
1277c478bd9Sstevel@tonic-gate 		if ((arg = *++argv)[0] != '-')
1287c478bd9Sstevel@tonic-gate 			break;
1297c478bd9Sstevel@tonic-gate 		if ((strcmp(arg, "-Server") == 0))
1307c478bd9Sstevel@tonic-gate 			iamremote++;
1317c478bd9Sstevel@tonic-gate 		else while (*++arg) {
1327c478bd9Sstevel@tonic-gate 			if (strncmp(*argv, "-PO", 3) == 0) {
1337c478bd9Sstevel@tonic-gate 				if (rcmdoption_done == B_TRUE) {
1347c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr, gettext("rdist: "
1357c478bd9Sstevel@tonic-gate 						"Only one of -PN "
1367c478bd9Sstevel@tonic-gate 						"and -PO allowed.\n"));
1377c478bd9Sstevel@tonic-gate 					usage();
1387c478bd9Sstevel@tonic-gate 				}
1397c478bd9Sstevel@tonic-gate 				kcmd_proto = KCMD_OLD_PROTOCOL;
1407c478bd9Sstevel@tonic-gate 				krb5auth_flag++;
1417c478bd9Sstevel@tonic-gate 				rcmdoption_done = B_TRUE;
1427c478bd9Sstevel@tonic-gate 				break;
1437c478bd9Sstevel@tonic-gate 			}
1447c478bd9Sstevel@tonic-gate 			if (strncmp(*argv, "-PN", 3) == 0) {
1457c478bd9Sstevel@tonic-gate 				if (rcmdoption_done == B_TRUE) {
1467c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr, gettext("rdist: "
1477c478bd9Sstevel@tonic-gate 						"Only one of -PN "
1487c478bd9Sstevel@tonic-gate 						"and -PO allowed.\n"));
1497c478bd9Sstevel@tonic-gate 					usage();
1507c478bd9Sstevel@tonic-gate 				}
1517c478bd9Sstevel@tonic-gate 				kcmd_proto = KCMD_NEW_PROTOCOL;
1527c478bd9Sstevel@tonic-gate 				krb5auth_flag++;
1537c478bd9Sstevel@tonic-gate 				rcmdoption_done = B_TRUE;
1547c478bd9Sstevel@tonic-gate 				break;
1557c478bd9Sstevel@tonic-gate 			}
1567c478bd9Sstevel@tonic-gate 
1577c478bd9Sstevel@tonic-gate 			switch (*arg) {
1587c478bd9Sstevel@tonic-gate #ifdef DEBUG
1597c478bd9Sstevel@tonic-gate 			case 'p':
1607c478bd9Sstevel@tonic-gate 				if (--argc <= 0)
1617c478bd9Sstevel@tonic-gate 					usage();
1627c478bd9Sstevel@tonic-gate 				debug_port = htons(atoi(*++argv));
1637c478bd9Sstevel@tonic-gate 				break;
1647c478bd9Sstevel@tonic-gate #endif /* DEBUG */
1657c478bd9Sstevel@tonic-gate 			case 'k':
1667c478bd9Sstevel@tonic-gate 				if (--argc <= 0) {
1677c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr, gettext("rdist: "
1687c478bd9Sstevel@tonic-gate 						"-k flag must be followed with "
1697c478bd9Sstevel@tonic-gate 						" a realm name.\n"));
1707c478bd9Sstevel@tonic-gate 					exit(1);
1717c478bd9Sstevel@tonic-gate 				}
1727c478bd9Sstevel@tonic-gate 				if ((krb_realm = strdup(*++argv)) == NULL) {
1737c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr, gettext("rdist: "
1747c478bd9Sstevel@tonic-gate 						"Cannot malloc.\n"));
1757c478bd9Sstevel@tonic-gate 					exit(1);
1767c478bd9Sstevel@tonic-gate 				}
1777c478bd9Sstevel@tonic-gate 				krb5auth_flag++;
1787c478bd9Sstevel@tonic-gate 				break;
1797c478bd9Sstevel@tonic-gate 
180*3ca4cacdSPeter Shoults 			case 'K':
181*3ca4cacdSPeter Shoults 				no_krb5auth_flag++;
182*3ca4cacdSPeter Shoults 				break;
183*3ca4cacdSPeter Shoults 
1847c478bd9Sstevel@tonic-gate 			case 'a':
1857c478bd9Sstevel@tonic-gate 				krb5auth_flag++;
1867c478bd9Sstevel@tonic-gate 				break;
1877c478bd9Sstevel@tonic-gate 
1887c478bd9Sstevel@tonic-gate 			case 'x':
1897c478bd9Sstevel@tonic-gate 				encrypt_flag++;
1907c478bd9Sstevel@tonic-gate 				encrypt_done++;
1917c478bd9Sstevel@tonic-gate 				krb5auth_flag++;
1927c478bd9Sstevel@tonic-gate 				break;
1937c478bd9Sstevel@tonic-gate 
1947c478bd9Sstevel@tonic-gate 			case 'f':
1957c478bd9Sstevel@tonic-gate 				if (--argc <= 0)
1967c478bd9Sstevel@tonic-gate 					usage();
1977c478bd9Sstevel@tonic-gate 				distfile = *++argv;
1987c478bd9Sstevel@tonic-gate 				if (distfile[0] == '-' && distfile[1] == '\0')
1997c478bd9Sstevel@tonic-gate 					fin = stdin;
2007c478bd9Sstevel@tonic-gate 				break;
2017c478bd9Sstevel@tonic-gate 
2027c478bd9Sstevel@tonic-gate 			case 'm':
2037c478bd9Sstevel@tonic-gate 				if (--argc <= 0)
2047c478bd9Sstevel@tonic-gate 					usage();
2057c478bd9Sstevel@tonic-gate 				if (hp >= &dhosts[NHOSTS-2]) {
2067c478bd9Sstevel@tonic-gate 					(void) fprintf(stderr, gettext("rdist:"
2077c478bd9Sstevel@tonic-gate 						" too many destination"
2087c478bd9Sstevel@tonic-gate 						" hosts\n"));
2097c478bd9Sstevel@tonic-gate 					exit(1);
2107c478bd9Sstevel@tonic-gate 				}
2117c478bd9Sstevel@tonic-gate 				*hp++ = *++argv;
2127c478bd9Sstevel@tonic-gate 				break;
2137c478bd9Sstevel@tonic-gate 
2147c478bd9Sstevel@tonic-gate 			case 'd':
2157c478bd9Sstevel@tonic-gate 				if (--argc <= 0)
2167c478bd9Sstevel@tonic-gate 					usage();
2177c478bd9Sstevel@tonic-gate 				define(*++argv);
2187c478bd9Sstevel@tonic-gate 				break;
2197c478bd9Sstevel@tonic-gate 
2207c478bd9Sstevel@tonic-gate 			case 'D':
2217c478bd9Sstevel@tonic-gate 				debug++;
2227c478bd9Sstevel@tonic-gate 				break;
2237c478bd9Sstevel@tonic-gate 
2247c478bd9Sstevel@tonic-gate 			case 'c':
2257c478bd9Sstevel@tonic-gate 				cmdargs++;
2267c478bd9Sstevel@tonic-gate 				break;
2277c478bd9Sstevel@tonic-gate 
2287c478bd9Sstevel@tonic-gate 			case 'n':
2297c478bd9Sstevel@tonic-gate 				if (options & VERIFY) {
2307c478bd9Sstevel@tonic-gate 					printf("rdist: -n overrides -v\n");
2317c478bd9Sstevel@tonic-gate 					options &= ~VERIFY;
2327c478bd9Sstevel@tonic-gate 				}
2337c478bd9Sstevel@tonic-gate 				nflag++;
2347c478bd9Sstevel@tonic-gate 				break;
2357c478bd9Sstevel@tonic-gate 
2367c478bd9Sstevel@tonic-gate 			case 'q':
2377c478bd9Sstevel@tonic-gate 				qflag++;
2387c478bd9Sstevel@tonic-gate 				break;
2397c478bd9Sstevel@tonic-gate 
2407c478bd9Sstevel@tonic-gate 			case 'b':
2417c478bd9Sstevel@tonic-gate 				options |= COMPARE;
2427c478bd9Sstevel@tonic-gate 				break;
2437c478bd9Sstevel@tonic-gate 
2447c478bd9Sstevel@tonic-gate 			case 'R':
2457c478bd9Sstevel@tonic-gate 				options |= REMOVE;
2467c478bd9Sstevel@tonic-gate 				break;
2477c478bd9Sstevel@tonic-gate 
2487c478bd9Sstevel@tonic-gate 			case 'v':
2497c478bd9Sstevel@tonic-gate 				if (nflag) {
2507c478bd9Sstevel@tonic-gate 					printf("rdist: -n overrides -v\n");
2517c478bd9Sstevel@tonic-gate 					break;
2527c478bd9Sstevel@tonic-gate 				}
2537c478bd9Sstevel@tonic-gate 				options |= VERIFY;
2547c478bd9Sstevel@tonic-gate 				break;
2557c478bd9Sstevel@tonic-gate 
2567c478bd9Sstevel@tonic-gate 			case 'w':
2577c478bd9Sstevel@tonic-gate 				options |= WHOLE;
2587c478bd9Sstevel@tonic-gate 				break;
2597c478bd9Sstevel@tonic-gate 
2607c478bd9Sstevel@tonic-gate 			case 'y':
2617c478bd9Sstevel@tonic-gate 				options |= YOUNGER;
2627c478bd9Sstevel@tonic-gate 				break;
2637c478bd9Sstevel@tonic-gate 
2647c478bd9Sstevel@tonic-gate 			case 'h':
2657c478bd9Sstevel@tonic-gate 				options |= FOLLOW;
2667c478bd9Sstevel@tonic-gate 				break;
2677c478bd9Sstevel@tonic-gate 
2687c478bd9Sstevel@tonic-gate 			case 'i':
2697c478bd9Sstevel@tonic-gate 				options |= IGNLNKS;
2707c478bd9Sstevel@tonic-gate 				break;
2717c478bd9Sstevel@tonic-gate 
2727c478bd9Sstevel@tonic-gate 			default:
2737c478bd9Sstevel@tonic-gate 				usage();
2747c478bd9Sstevel@tonic-gate 			}
2757c478bd9Sstevel@tonic-gate 		}
2767c478bd9Sstevel@tonic-gate 	}
2777c478bd9Sstevel@tonic-gate 	*hp = NULL;
2787c478bd9Sstevel@tonic-gate 
2797c478bd9Sstevel@tonic-gate 	mktemp(Tmpfile);
2807c478bd9Sstevel@tonic-gate 
281*3ca4cacdSPeter Shoults 	/*
282*3ca4cacdSPeter Shoults 	 * if the user disables krb5 on the cmdline (-K), then skip
283*3ca4cacdSPeter Shoults 	 * all krb5 setup.
284*3ca4cacdSPeter Shoults 	 *
285*3ca4cacdSPeter Shoults 	 * if the user does not disable krb5 or enable krb5 on the
286*3ca4cacdSPeter Shoults 	 * cmdline, check krb5.conf to see if it should be enabled.
287*3ca4cacdSPeter Shoults 	 */
288*3ca4cacdSPeter Shoults 
289*3ca4cacdSPeter Shoults 	if (no_krb5auth_flag) {
290*3ca4cacdSPeter Shoults 		krb5auth_flag = 0;
291*3ca4cacdSPeter Shoults 		encrypt_flag = 0;
292*3ca4cacdSPeter Shoults 	} else if (!krb5auth_flag) {
293*3ca4cacdSPeter Shoults 		/* is autologin set in krb5.conf? */
2947c478bd9Sstevel@tonic-gate 		status = krb5_init_context(&bsd_context);
295*3ca4cacdSPeter Shoults 		/* don't sweat failure here */
296*3ca4cacdSPeter Shoults 		if (!status) {
297*3ca4cacdSPeter Shoults 			/*
298*3ca4cacdSPeter Shoults 			 * note that the call to profile_get_options_boolean
299*3ca4cacdSPeter Shoults 			 * with autologin_option can affect value of
300*3ca4cacdSPeter Shoults 			 * krb5auth_flag
301*3ca4cacdSPeter Shoults 			 */
302*3ca4cacdSPeter Shoults 			(void) profile_get_options_boolean(bsd_context->profile,
303*3ca4cacdSPeter Shoults 							appdef,
304*3ca4cacdSPeter Shoults 							autologin_option);
305*3ca4cacdSPeter Shoults 		}
306*3ca4cacdSPeter Shoults 	}
307*3ca4cacdSPeter Shoults 
308*3ca4cacdSPeter Shoults 	if (krb5auth_flag > 0) {
309*3ca4cacdSPeter Shoults 		if (!bsd_context) {
310*3ca4cacdSPeter Shoults 			status = krb5_init_context(&bsd_context);
311*3ca4cacdSPeter Shoults 			if (status) {
312*3ca4cacdSPeter Shoults 				com_err("rdist", status,
313*3ca4cacdSPeter Shoults 				    gettext("while initializing krb5"));
314*3ca4cacdSPeter Shoults 				exit(1);
315*3ca4cacdSPeter Shoults 			}
3167c478bd9Sstevel@tonic-gate 		}
3177c478bd9Sstevel@tonic-gate 
3187c478bd9Sstevel@tonic-gate 		/* Set up des buffers */
3197c478bd9Sstevel@tonic-gate 		desinbuf.data = des_inbuf;
3207c478bd9Sstevel@tonic-gate 		desoutbuf.data = des_outbuf;
3217c478bd9Sstevel@tonic-gate 		desinbuf.length = sizeof (des_inbuf);
3227c478bd9Sstevel@tonic-gate 		desoutbuf.length = sizeof (des_outbuf);
3237c478bd9Sstevel@tonic-gate 
3247c478bd9Sstevel@tonic-gate 		/*
3257c478bd9Sstevel@tonic-gate 		 * Get our local realm to look up local realm options.
3267c478bd9Sstevel@tonic-gate 		 */
3277c478bd9Sstevel@tonic-gate 		status = krb5_get_default_realm(bsd_context, &realmdef[1]);
3287c478bd9Sstevel@tonic-gate 		if (status) {
3297c478bd9Sstevel@tonic-gate 			com_err("rdist", status,
3307c478bd9Sstevel@tonic-gate 				gettext("while getting default realm"));
3317c478bd9Sstevel@tonic-gate 			exit(1);
3327c478bd9Sstevel@tonic-gate 		}
3337c478bd9Sstevel@tonic-gate 		/*
3347c478bd9Sstevel@tonic-gate 		 * See if encryption should be done for this realm
3357c478bd9Sstevel@tonic-gate 		 */
3367c478bd9Sstevel@tonic-gate 		profile_get_options_boolean(bsd_context->profile, realmdef,
3377c478bd9Sstevel@tonic-gate 						option);
3387c478bd9Sstevel@tonic-gate 		/*
3397c478bd9Sstevel@tonic-gate 		 * Check the appdefaults section
3407c478bd9Sstevel@tonic-gate 		 */
3417c478bd9Sstevel@tonic-gate 		profile_get_options_boolean(bsd_context->profile, appdef,
3427c478bd9Sstevel@tonic-gate 						option);
3437c478bd9Sstevel@tonic-gate 		profile_get_options_string(bsd_context->profile, appdef,
3447c478bd9Sstevel@tonic-gate 						rcmdversion);
3457c478bd9Sstevel@tonic-gate 
3467c478bd9Sstevel@tonic-gate 		if ((encrypt_done > 0) || (encrypt_flag > 0)) {
3477c478bd9Sstevel@tonic-gate 			if (krb5_privacy_allowed() == TRUE) {
3487c478bd9Sstevel@tonic-gate 				encrypt_flag++;
3497c478bd9Sstevel@tonic-gate 			} else {
3507c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr, gettext("rdist: "
3517c478bd9Sstevel@tonic-gate 						"Encryption not supported.\n"));
3527c478bd9Sstevel@tonic-gate 				exit(1);
3537c478bd9Sstevel@tonic-gate 			}
3547c478bd9Sstevel@tonic-gate 		}
3557c478bd9Sstevel@tonic-gate 
3567c478bd9Sstevel@tonic-gate 		if ((rcmdoption_done == B_FALSE) && (rcmdproto != NULL)) {
3577c478bd9Sstevel@tonic-gate 			if (strncmp(rcmdproto, "rcmdv2", 6) == 0) {
3587c478bd9Sstevel@tonic-gate 				kcmd_proto = KCMD_NEW_PROTOCOL;
3597c478bd9Sstevel@tonic-gate 			} else if (strncmp(rcmdproto, "rcmdv1", 6) == 0) {
3607c478bd9Sstevel@tonic-gate 				kcmd_proto = KCMD_OLD_PROTOCOL;
3617c478bd9Sstevel@tonic-gate 			} else {
3627c478bd9Sstevel@tonic-gate 				(void) fprintf(stderr, gettext("Unrecognized "
3637c478bd9Sstevel@tonic-gate 					"KCMD protocol (%s)"), rcmdproto);
3647c478bd9Sstevel@tonic-gate 				exit(1);
3657c478bd9Sstevel@tonic-gate 			}
3667c478bd9Sstevel@tonic-gate 		}
3677c478bd9Sstevel@tonic-gate 	}
3687c478bd9Sstevel@tonic-gate 
3697c478bd9Sstevel@tonic-gate 	if (iamremote) {
3707c478bd9Sstevel@tonic-gate 		setreuid(getuid(), getuid());
3717c478bd9Sstevel@tonic-gate 		server();
3727c478bd9Sstevel@tonic-gate 		exit(nerrs != 0);
3737c478bd9Sstevel@tonic-gate 	}
3747c478bd9Sstevel@tonic-gate 	if (__init_suid_priv(0, PRIV_NET_PRIVADDR, NULL) == -1) {
3757c478bd9Sstevel@tonic-gate 		(void) fprintf(stderr,
3767c478bd9Sstevel@tonic-gate 			"rdist needs to run with sufficient privilege\n");
3777c478bd9Sstevel@tonic-gate 		exit(1);
3787c478bd9Sstevel@tonic-gate 	}
3797c478bd9Sstevel@tonic-gate 
3807c478bd9Sstevel@tonic-gate 	if (cmdargs)
3817c478bd9Sstevel@tonic-gate 		docmdargs(argc, argv);
3827c478bd9Sstevel@tonic-gate 	else {
3837c478bd9Sstevel@tonic-gate 		if (fin == NULL) {
3847c478bd9Sstevel@tonic-gate 			if (distfile == NULL) {
3857c478bd9Sstevel@tonic-gate 				if ((fin = fopen("distfile", "r")) == NULL)
3867c478bd9Sstevel@tonic-gate 					fin = fopen("Distfile", "r");
3877c478bd9Sstevel@tonic-gate 			} else
3887c478bd9Sstevel@tonic-gate 				fin = fopen(distfile, "r");
3897c478bd9Sstevel@tonic-gate 			if (fin == NULL) {
3907c478bd9Sstevel@tonic-gate 				perror(distfile ? distfile : "distfile");
3917c478bd9Sstevel@tonic-gate 				exit(1);
3927c478bd9Sstevel@tonic-gate 			}
3937c478bd9Sstevel@tonic-gate 		}
3947c478bd9Sstevel@tonic-gate 		yyparse();
3957c478bd9Sstevel@tonic-gate 		if (nerrs == 0)
3967c478bd9Sstevel@tonic-gate 			docmds(dhosts, argc, argv);
3977c478bd9Sstevel@tonic-gate 	}
3987c478bd9Sstevel@tonic-gate 
399740638c8Sbw 	return (nerrs != 0);
4007c478bd9Sstevel@tonic-gate }
4017c478bd9Sstevel@tonic-gate 
402740638c8Sbw static void
usage()4037c478bd9Sstevel@tonic-gate usage()
4047c478bd9Sstevel@tonic-gate {
4057c478bd9Sstevel@tonic-gate 	printf(gettext("Usage: rdist [-nqbhirvwyDax] [-PN / -PO] "
4067c478bd9Sstevel@tonic-gate #ifdef DEBUG
4077c478bd9Sstevel@tonic-gate 	"[-p port] "
4087c478bd9Sstevel@tonic-gate #endif /* DEBUG */
4097c478bd9Sstevel@tonic-gate 	"[-k realm] [-f distfile] [-d var=value] [-m host] [file ...]\n"));
4107c478bd9Sstevel@tonic-gate 	printf(gettext("or: rdist [-nqbhirvwyDax] [-PN / -PO] [-p port] "
4117c478bd9Sstevel@tonic-gate 	"[-k realm] -c source [...] machine[:dest]\n"));
4127c478bd9Sstevel@tonic-gate 	exit(1);
4137c478bd9Sstevel@tonic-gate }
4147c478bd9Sstevel@tonic-gate 
4157c478bd9Sstevel@tonic-gate /*
4167c478bd9Sstevel@tonic-gate  * rcp like interface for distributing files.
4177c478bd9Sstevel@tonic-gate  */
418740638c8Sbw static void
docmdargs(nargs,args)4197c478bd9Sstevel@tonic-gate docmdargs(nargs, args)
4207c478bd9Sstevel@tonic-gate 	int nargs;
4217c478bd9Sstevel@tonic-gate 	char *args[];
4227c478bd9Sstevel@tonic-gate {
4237c478bd9Sstevel@tonic-gate 	register struct namelist *nl, *prev;
4247c478bd9Sstevel@tonic-gate 	register char *cp;
4257c478bd9Sstevel@tonic-gate 	struct namelist *files, *hosts;
4267c478bd9Sstevel@tonic-gate 	struct subcmd *cmds;
4277c478bd9Sstevel@tonic-gate 	char *dest;
4287c478bd9Sstevel@tonic-gate 	static struct namelist tnl = { NULL, NULL };
4297c478bd9Sstevel@tonic-gate 	int i;
4307c478bd9Sstevel@tonic-gate 
4317c478bd9Sstevel@tonic-gate 	if (nargs < 2)
4327c478bd9Sstevel@tonic-gate 		usage();
4337c478bd9Sstevel@tonic-gate 
4347c478bd9Sstevel@tonic-gate 	prev = NULL;
4357c478bd9Sstevel@tonic-gate 	for (i = 0; i < nargs - 1; i++) {
4367c478bd9Sstevel@tonic-gate 		nl = makenl(args[i]);
4377c478bd9Sstevel@tonic-gate 		if (prev == NULL)
4387c478bd9Sstevel@tonic-gate 			files = prev = nl;
4397c478bd9Sstevel@tonic-gate 		else {
4407c478bd9Sstevel@tonic-gate 			prev->n_next = nl;
4417c478bd9Sstevel@tonic-gate 			prev = nl;
4427c478bd9Sstevel@tonic-gate 		}
4437c478bd9Sstevel@tonic-gate 	}
4447c478bd9Sstevel@tonic-gate 
4457c478bd9Sstevel@tonic-gate 	cp = args[i];
4467c478bd9Sstevel@tonic-gate 	if ((dest = index(cp, ':')) != NULL)
4477c478bd9Sstevel@tonic-gate 		*dest++ = '\0';
4487c478bd9Sstevel@tonic-gate 	tnl.n_name = cp;
4497c478bd9Sstevel@tonic-gate 	hosts = expand(&tnl, E_ALL);
4507c478bd9Sstevel@tonic-gate 	if (nerrs)
4517c478bd9Sstevel@tonic-gate 		exit(1);
4527c478bd9Sstevel@tonic-gate 
4537c478bd9Sstevel@tonic-gate 	if (dest == NULL || *dest == '\0')
4547c478bd9Sstevel@tonic-gate 		cmds = NULL;
4557c478bd9Sstevel@tonic-gate 	else {
4567c478bd9Sstevel@tonic-gate 		cmds = makesubcmd(INSTALL);
4577c478bd9Sstevel@tonic-gate 		cmds->sc_options = options;
4587c478bd9Sstevel@tonic-gate 		cmds->sc_name = dest;
4597c478bd9Sstevel@tonic-gate 	}
4607c478bd9Sstevel@tonic-gate 
4617c478bd9Sstevel@tonic-gate 	if (debug) {
4627c478bd9Sstevel@tonic-gate 		printf("docmdargs()\nfiles = ");
4637c478bd9Sstevel@tonic-gate 		prnames(files);
4647c478bd9Sstevel@tonic-gate 		printf("hosts = ");
4657c478bd9Sstevel@tonic-gate 		prnames(hosts);
4667c478bd9Sstevel@tonic-gate 	}
4677c478bd9Sstevel@tonic-gate 	insert(NULL, files, hosts, cmds);
4687c478bd9Sstevel@tonic-gate 	docmds(NULL, 0, NULL);
4697c478bd9Sstevel@tonic-gate }
4707c478bd9Sstevel@tonic-gate 
4717c478bd9Sstevel@tonic-gate /*
4727c478bd9Sstevel@tonic-gate  * Print a list of NAME blocks (mostly for debugging).
4737c478bd9Sstevel@tonic-gate  */
474740638c8Sbw void
prnames(nl)4757c478bd9Sstevel@tonic-gate prnames(nl)
4767c478bd9Sstevel@tonic-gate 	register struct namelist *nl;
4777c478bd9Sstevel@tonic-gate {
4787c478bd9Sstevel@tonic-gate 	printf("( ");
4797c478bd9Sstevel@tonic-gate 	while (nl != NULL) {
4807c478bd9Sstevel@tonic-gate 		printf("%s ", nl->n_name);
4817c478bd9Sstevel@tonic-gate 		nl = nl->n_next;
4827c478bd9Sstevel@tonic-gate 	}
4837c478bd9Sstevel@tonic-gate 	printf(")\n");
4847c478bd9Sstevel@tonic-gate }
4857c478bd9Sstevel@tonic-gate 
486740638c8Sbw void
prcmd(c)4877c478bd9Sstevel@tonic-gate prcmd(c)
4887c478bd9Sstevel@tonic-gate 	struct cmd *c;
4897c478bd9Sstevel@tonic-gate {
4907c478bd9Sstevel@tonic-gate 	extern char *prtype();
4917c478bd9Sstevel@tonic-gate 
4927c478bd9Sstevel@tonic-gate 	while (c) {
4937c478bd9Sstevel@tonic-gate 		printf("c_type %s, c_name %s, c_label %s, c_files ",
4947c478bd9Sstevel@tonic-gate 			prtype(c->c_type), c->c_name,
4957c478bd9Sstevel@tonic-gate 			c->c_label?  c->c_label : "NULL");
4967c478bd9Sstevel@tonic-gate 		prnames(c->c_files);
4977c478bd9Sstevel@tonic-gate 		prsubcmd(c->c_cmds);
4987c478bd9Sstevel@tonic-gate 		c = c->c_next;
4997c478bd9Sstevel@tonic-gate 	}
5007c478bd9Sstevel@tonic-gate }
5017c478bd9Sstevel@tonic-gate 
502740638c8Sbw static void
prsubcmd(s)5037c478bd9Sstevel@tonic-gate prsubcmd(s)
5047c478bd9Sstevel@tonic-gate 	struct subcmd *s;
5057c478bd9Sstevel@tonic-gate {
5067c478bd9Sstevel@tonic-gate 	extern char *prtype();
5077c478bd9Sstevel@tonic-gate 	extern char *proptions();
5087c478bd9Sstevel@tonic-gate 
5097c478bd9Sstevel@tonic-gate 	while (s) {
5107c478bd9Sstevel@tonic-gate 		printf("sc_type %s, sc_options %d%s, sc_name %s, sc_args ",
5117c478bd9Sstevel@tonic-gate 			prtype(s->sc_type),
5127c478bd9Sstevel@tonic-gate 			s->sc_options, proptions(s->sc_options),
5137c478bd9Sstevel@tonic-gate 			s->sc_name ? s->sc_name : "NULL");
5147c478bd9Sstevel@tonic-gate 		prnames(s->sc_args);
5157c478bd9Sstevel@tonic-gate 		s = s->sc_next;
5167c478bd9Sstevel@tonic-gate 	}
5177c478bd9Sstevel@tonic-gate }
5187c478bd9Sstevel@tonic-gate 
5197c478bd9Sstevel@tonic-gate char *
prtype(t)5207c478bd9Sstevel@tonic-gate prtype(t)
5217c478bd9Sstevel@tonic-gate 	int t;
5227c478bd9Sstevel@tonic-gate {
5237c478bd9Sstevel@tonic-gate 	switch (t) {
5247c478bd9Sstevel@tonic-gate 		case EQUAL:
5257c478bd9Sstevel@tonic-gate 			return ("EQUAL");
5267c478bd9Sstevel@tonic-gate 		case LP:
5277c478bd9Sstevel@tonic-gate 			return ("LP");
5287c478bd9Sstevel@tonic-gate 		case RP:
5297c478bd9Sstevel@tonic-gate 			return ("RP");
5307c478bd9Sstevel@tonic-gate 		case SM:
5317c478bd9Sstevel@tonic-gate 			return ("SM");
5327c478bd9Sstevel@tonic-gate 		case ARROW:
5337c478bd9Sstevel@tonic-gate 			return ("ARROW");
5347c478bd9Sstevel@tonic-gate 		case COLON:
5357c478bd9Sstevel@tonic-gate 			return ("COLON");
5367c478bd9Sstevel@tonic-gate 		case DCOLON:
5377c478bd9Sstevel@tonic-gate 			return ("DCOLON");
5387c478bd9Sstevel@tonic-gate 		case NAME:
5397c478bd9Sstevel@tonic-gate 			return ("NAME");
5407c478bd9Sstevel@tonic-gate 		case STRING:
5417c478bd9Sstevel@tonic-gate 			return ("STRING");
5427c478bd9Sstevel@tonic-gate 		case INSTALL:
5437c478bd9Sstevel@tonic-gate 			return ("INSTALL");
5447c478bd9Sstevel@tonic-gate 		case NOTIFY:
5457c478bd9Sstevel@tonic-gate 			return ("NOTIFY");
5467c478bd9Sstevel@tonic-gate 		case EXCEPT:
5477c478bd9Sstevel@tonic-gate 			return ("EXCEPT");
5487c478bd9Sstevel@tonic-gate 		case PATTERN:
5497c478bd9Sstevel@tonic-gate 			return ("PATTERN");
5507c478bd9Sstevel@tonic-gate 		case SPECIAL:
5517c478bd9Sstevel@tonic-gate 			return ("SPECIAL");
5527c478bd9Sstevel@tonic-gate 		case OPTION:
5537c478bd9Sstevel@tonic-gate 			return ("OPTION");
5547c478bd9Sstevel@tonic-gate 	}
555740638c8Sbw 	return (NULL);
5567c478bd9Sstevel@tonic-gate }
5577c478bd9Sstevel@tonic-gate 
5587c478bd9Sstevel@tonic-gate char *
proptions(o)5597c478bd9Sstevel@tonic-gate proptions(o)
5607c478bd9Sstevel@tonic-gate 	int o;
5617c478bd9Sstevel@tonic-gate {
5627c478bd9Sstevel@tonic-gate 	return (printb((unsigned short) o, OBITS));
5637c478bd9Sstevel@tonic-gate }
5647c478bd9Sstevel@tonic-gate 
5657c478bd9Sstevel@tonic-gate char *
printb(v,bits)5667c478bd9Sstevel@tonic-gate printb(v, bits)
5677c478bd9Sstevel@tonic-gate 	register char *bits;
5687c478bd9Sstevel@tonic-gate 	register unsigned short v;
5697c478bd9Sstevel@tonic-gate {
5707c478bd9Sstevel@tonic-gate 	register int i, any = 0;
5717c478bd9Sstevel@tonic-gate 	register char c;
5727c478bd9Sstevel@tonic-gate 	char *p = buf;
5737c478bd9Sstevel@tonic-gate 
5747c478bd9Sstevel@tonic-gate 	bits++;
5757c478bd9Sstevel@tonic-gate 	if (bits) {
5767c478bd9Sstevel@tonic-gate 
5777c478bd9Sstevel@tonic-gate 		*p++ = '<';
5787c478bd9Sstevel@tonic-gate 		while ((i = *bits++) != 0) {
5797c478bd9Sstevel@tonic-gate 			if (v & (1 << (i-1))) {
5807c478bd9Sstevel@tonic-gate 				if (any)
5817c478bd9Sstevel@tonic-gate 					*p++ = ',';
5827c478bd9Sstevel@tonic-gate 				any = 1;
5837c478bd9Sstevel@tonic-gate 				for (; (c = *bits) > 32; bits++)
5847c478bd9Sstevel@tonic-gate 					*p++ = c;
5857c478bd9Sstevel@tonic-gate 			} else
5867c478bd9Sstevel@tonic-gate 				for (; *bits > 32; bits++)
5877c478bd9Sstevel@tonic-gate 					;
5887c478bd9Sstevel@tonic-gate 		}
5897c478bd9Sstevel@tonic-gate 		*p++ = '>';
5907c478bd9Sstevel@tonic-gate 	}
5917c478bd9Sstevel@tonic-gate 
5927c478bd9Sstevel@tonic-gate 	*p = '\0';
5937c478bd9Sstevel@tonic-gate 	return (buf);
5947c478bd9Sstevel@tonic-gate }
595