diff options
-rwxr-xr-x | nocompile/bin/identd.sh | 17 | ||||
-rw-r--r-- | src/bin/tcpident.c | 80 |
2 files changed, 97 insertions, 0 deletions
diff --git a/nocompile/bin/identd.sh b/nocompile/bin/identd.sh new file mode 100755 index 0000000..67de244 --- /dev/null +++ b/nocompile/bin/identd.sh @@ -0,0 +1,17 @@ +#!/bin/sh +IPA="$(/usr/local/libexec/sockip | head -n1)" +IPB="$(/usr/local/libexec/peerip | head -n1)" +#read the ports from stdin to be looked up. +#in the format: PORT, PORT\r\n +read LINE +PB="$(printf "%s" "$LINE" | cut -d, -f1 | tr -cd "[0-9]")" +PA="$(printf "%s" "$LINE" | cut -d, -f2 | tr -cd "[0-9]")" +#example output: +#57132,6667:USERID:UNIX:segfault +#5132,6667:ERROR:NO-USER +USER="$(getent passwd "$(tcpident $IPA $PA $IPB $PB)" | cut -d: -f1)" +if [ "_$USER" != "_" ];then + printf "%s,%s:USERID:UNIX:%s\r\n" "$PB" "$PA" "$USER" +else + printf "%s,%s:ERROR:NO-USER\r\n" "$PB" "$PA" +fi diff --git a/src/bin/tcpident.c b/src/bin/tcpident.c new file mode 100644 index 0000000..1af3bc1 --- /dev/null +++ b/src/bin/tcpident.c @@ -0,0 +1,80 @@ +//this program was written to be used on NetBSD. YMMV. +#include <string.h> +#include <sys/param.h> +#include <sys/socket.h> +#include <sys/sysctl.h> + +#include <netinet/in.h> +#include <netinet/ip_var.h> +#include <netinet/tcp.h> +#include <netinet/tcp_timer.h> +#include <netinet/tcp_var.h> + +#include <arpa/inet.h> + +#include <netdb.h> +#include <stdio.h> + + +//ripped from NetBSD's identd.c (found mine in /usr/src/libexec/identd/identd.c) +static int +sysctl_getuid(struct sockaddr_storage *ss, socklen_t len, uid_t *uid) +{ + int mib[4]; + uid_t myuid; + size_t uidlen; + + uidlen = sizeof(myuid); + + mib[0] = CTL_NET; + mib[1] = ss->ss_family; + mib[2] = IPPROTO_TCP; + mib[3] = TCPCTL_IDENT; + + if (sysctl(mib, sizeof(mib)/ sizeof(int), &myuid, &uidlen, ss, len) < 0) + return -1; + *uid = myuid; + + return 0; +} + +//for debugging +void dump_sockaddr(struct sockaddr_in *sin,int len) { + unsigned char *p=(void *)sin; + for(;len;len--,p++) { + printf("%02x ",*p); + } + printf("\n"); +} + +int main(int argc,char *argv[]) { + uid_t myuid=-1; + int len=sizeof(struct sockaddr_storage); + struct sockaddr_storage mine[2]; + +//future IPv6 support? + struct sockaddr_in *inA=(struct sockaddr_in *)(&mine[0]); +// struct sockaddr_in6 *in6A=(struct sockaddr_in6 *)(&mine[0]); + struct sockaddr_in *inB=(struct sockaddr_in *)(&mine[1]); +// struct sockaddr_in6 *in6B=(struct sockaddr_in6 *)(&mine[1]); + if(argc <= 4) return -2; + memset(inA,0,len); + memset(inB,0,len); + inA->sin_len=16; + inB->sin_len=16; + inA->sin_family=AF_INET; + inB->sin_family=AF_INET; + inA->sin_addr.s_addr=(inet_addr(argv[1])); + inB->sin_addr.s_addr=(inet_addr(argv[3])); + inA->sin_port=htons(atoi(argv[2])); + inB->sin_port=htons(atoi(argv[4])); +//these were to see what real sockaddr looked like. +// getpeername(0,inB,&len); +// getsockname(0,inA,&len); +// dump_sockaddr(inA,len); +// dump_sockaddr(inB,len); + + if(sysctl_getuid(mine,sizeof(mine),&myuid) == -1) return -1; + printf("%d\n",myuid); + return 0; +} |