From 2b4697d313c0dfae862ee42d4bbc608e50c5eb22 Mon Sep 17 00:00:00 2001
From: epochqwert <epoch@hacking.allowed.org>
Date: Sun, 3 May 2015 06:31:59 -0500
Subject: added a NetBSDian tcpident which doesn't even deal with real sockets
 so you can check any ports and IPs you want. identd.sh uses tcpident and
 peerip and sockip programs to be a simple inetd runnable ident service.

---
 nocompile/bin/identd.sh | 17 +++++++++++
 src/bin/tcpident.c      | 80 +++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 97 insertions(+)
 create mode 100755 nocompile/bin/identd.sh
 create mode 100644 src/bin/tcpident.c

diff --git a/nocompile/bin/identd.sh b/nocompile/bin/identd.sh
new file mode 100755
index 0000000..67de244
--- /dev/null
+++ b/nocompile/bin/identd.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+IPA="$(/usr/local/libexec/sockip | head -n1)"
+IPB="$(/usr/local/libexec/peerip | head -n1)"
+#read the ports from stdin to be looked up.
+#in the format: PORT, PORT\r\n
+read LINE
+PB="$(printf "%s" "$LINE" | cut -d, -f1 | tr -cd "[0-9]")"
+PA="$(printf "%s" "$LINE" | cut -d, -f2 | tr -cd "[0-9]")"
+#example output:
+#57132,6667:USERID:UNIX:segfault
+#5132,6667:ERROR:NO-USER
+USER="$(getent passwd "$(tcpident $IPA $PA $IPB $PB)" | cut -d: -f1)"
+if [ "_$USER" != "_" ];then
+ printf "%s,%s:USERID:UNIX:%s\r\n" "$PB" "$PA" "$USER"
+else
+ printf "%s,%s:ERROR:NO-USER\r\n" "$PB" "$PA"
+fi
diff --git a/src/bin/tcpident.c b/src/bin/tcpident.c
new file mode 100644
index 0000000..1af3bc1
--- /dev/null
+++ b/src/bin/tcpident.c
@@ -0,0 +1,80 @@
+//this program was written to be used on NetBSD. YMMV.
+#include <string.h>
+#include <sys/param.h>
+#include <sys/socket.h>
+#include <sys/sysctl.h>
+
+#include <netinet/in.h>
+#include <netinet/ip_var.h>
+#include <netinet/tcp.h>
+#include <netinet/tcp_timer.h>
+#include <netinet/tcp_var.h>
+
+#include <arpa/inet.h>
+
+#include <netdb.h>
+#include <stdio.h>
+
+
+//ripped from NetBSD's identd.c (found mine in /usr/src/libexec/identd/identd.c)
+static int
+sysctl_getuid(struct sockaddr_storage *ss, socklen_t len, uid_t *uid)
+{
+        int mib[4];
+        uid_t myuid;
+        size_t uidlen;
+
+        uidlen = sizeof(myuid);
+
+        mib[0] = CTL_NET;
+        mib[1] = ss->ss_family;
+        mib[2] = IPPROTO_TCP;
+        mib[3] = TCPCTL_IDENT;
+
+        if (sysctl(mib, sizeof(mib)/ sizeof(int), &myuid, &uidlen, ss, len) < 0)
+                return -1;
+        *uid = myuid;
+
+        return 0;
+}
+
+//for debugging
+void dump_sockaddr(struct sockaddr_in *sin,int len) {
+ unsigned char *p=(void *)sin;
+ for(;len;len--,p++) {
+  printf("%02x ",*p);
+ }
+ printf("\n");
+}
+
+int main(int argc,char *argv[]) {
+ uid_t myuid=-1;
+ int len=sizeof(struct sockaddr_storage);
+ struct sockaddr_storage mine[2];
+
+//future IPv6 support?
+ struct sockaddr_in *inA=(struct sockaddr_in *)(&mine[0]);
+// struct sockaddr_in6 *in6A=(struct sockaddr_in6 *)(&mine[0]);
+ struct sockaddr_in *inB=(struct sockaddr_in *)(&mine[1]);
+// struct sockaddr_in6 *in6B=(struct sockaddr_in6 *)(&mine[1]);
+ if(argc <= 4) return -2;
+ memset(inA,0,len);
+ memset(inB,0,len);
+ inA->sin_len=16;
+ inB->sin_len=16;
+ inA->sin_family=AF_INET;
+ inB->sin_family=AF_INET;
+ inA->sin_addr.s_addr=(inet_addr(argv[1]));
+ inB->sin_addr.s_addr=(inet_addr(argv[3]));
+ inA->sin_port=htons(atoi(argv[2]));
+ inB->sin_port=htons(atoi(argv[4]));
+//these were to see what real sockaddr looked like.
+// getpeername(0,inB,&len);
+// getsockname(0,inA,&len);
+// dump_sockaddr(inA,len);
+// dump_sockaddr(inB,len);
+
+ if(sysctl_getuid(mine,sizeof(mine),&myuid) == -1) return -1;
+ printf("%d\n",myuid);
+ return 0;
+}
-- 
cgit v1.2.3