diff --git a/usr.sbin/lpr/lpd/lpd.8 b/usr.sbin/lpr/lpd/lpd.8 index 2554aba2f834..c9607265ee6f 100644 --- a/usr.sbin/lpr/lpd/lpd.8 +++ b/usr.sbin/lpr/lpd/lpd.8 @@ -1,343 +1,354 @@ .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" @(#)lpd.8 8.3 (Berkeley) 4/19/94 .\" $FreeBSD$ .\" .Dd April 9, 2021 .Dt LPD 8 .Os .Sh NAME .Nm lpd .Nd line printer spooler daemon .Sh SYNOPSIS .Nm .Op Fl cdlpsW46 .Op Ar port# .Sh DESCRIPTION The .Nm utility is the line printer daemon (spool area handler) and is normally invoked at boot time from the .Xr rc 8 file. It makes a single pass through the .Xr printcap 5 file to find out about the existing printers and prints any files left after a crash. It then uses the system calls .Xr listen 2 and .Xr accept 2 to receive requests to print files in the queue, transfer files to the spooling area, display the queue, or remove jobs from the queue. In each case, it forks a child to handle the request so the parent can continue to listen for more requests. .Pp Available options: .Bl -tag -width Ds .It Fl c By default, if some remote host has a connection error while trying to send a print request to .Nm on a local host, .Nm will only send error message to that remote host. The .Fl c flag causes .Nm to also log all of those connection errors via .Xr syslog 3 . .It Fl d Turn on .Dv SO_DEBUG on the Internet listening socket (see .Xr setsockopt 2 ) . .It Fl l The .Fl l flag causes .Nm to log valid requests received from the network. This can be useful for debugging purposes. .It Fl p The .Fl p flag is a synonym for the .Fl s flag. It is being deprecated, and may be removed in a future version of .Nm . .It Fl s The .Fl s (secure) flag causes .Nm not to open an Internet listening socket. This means that .Nm will not accept any connections from any remote hosts, although it will still accept print requests from all local users. +.It Fl F +By default, +.Nm +will daemonize into the background. +The +.Fl F +flag causes +.Nm +to remain in the foreground. +Logging is still performed with +.Xr syslog 3 . .It Fl W By default, the .Nm daemon will only accept connections which originate from a reserved-port (<1024) on the remote host. The .Fl W flag causes .Nm to accept connections coming from any port. This is can be useful when you want to accept print jobs from certain implementations of lpr written for Windows. .It Fl 4 Inet only. .It Fl 6 Inet6 only. .It Fl 46 Inet and inet6 (default). .It Ar "port#" The Internet port number used to rendezvous with other processes is normally obtained with .Xr getservbyname 3 but can be changed with the .Ar port# argument. .El .Pp Access control is provided by two means. First, all requests must come from one of the machines listed in the file .Pa /etc/hosts.equiv or .Pa /etc/hosts.lpd . Second, if the .Li rs capability is specified in the .Xr printcap 5 entry for the printer being accessed, .Em lpr requests will only be honored for those users with accounts on the machine with the printer. .Pp The file .Em minfree in each spool directory contains the number of kilobytes to leave free so that the line printer queue will not completely fill the disk. The .Em minfree file can be edited with your favorite text editor. .Pp The daemon begins processing files after it has successfully set the lock for exclusive access (described a bit later), and scans the spool directory for files beginning with .Em cf . Lines in each .Em cf file specify files to be printed or non-printing actions to be performed. Each such line begins with a key character to specify what to do with the remainder of the line. .Bl -tag -width Ds .It J Job Name. String to be used for the job name on the burst page. .It C Classification. String to be used for the classification line on the burst page. .It L Literal. The line contains identification info from the password file and causes the banner page to be printed. .It T Title. String to be used as the title for .Xr pr 1 . .It H Host Name. Name of the machine where .Xr lpr 1 was invoked. .It P Person. Login name of the person who invoked .Xr lpr 1 . This is used to verify ownership by .Xr lprm 1 . .It M Send mail to the specified user when the current print job completes. .It f Formatted File. Name of a file to print which is already formatted. .It l Like ``f'' but passes control characters and does not make page breaks. .It p Name of a file to print using .Xr pr 1 as a filter. .It t Troff File. The file contains .Xr troff 1 output (cat phototypesetter commands). .It n Ditroff File. The file contains device independent troff output. .It r DVI File. The file contains .Tn Tex l output DVI format from Stanford. .It g Graph File. The file contains data produced by .Xr plot 3 . .It c Cifplot File. The file contains data produced by .Em cifplot . .It v The file contains a raster image. .It r The file contains text data with FORTRAN carriage control characters. .It \&1 Troff Font R. Name of the font file to use instead of the default. .It \&2 Troff Font I. Name of the font file to use instead of the default. .It \&3 Troff Font B. Name of the font file to use instead of the default. .It \&4 Troff Font S. Name of the font file to use instead of the default. .It W Width. Changes the page width (in characters) used by .Xr pr 1 and the text filters. .It I Indent. The number of characters to indent the output by (in ASCII). .It U Unlink. Name of file to remove upon completion of printing. .It N File name. The name of the file which is being printed, or a blank for the standard input (when .Xr lpr 1 is invoked in a pipeline). .It Z Locale. String to be used as the locale for .Xr pr 1 . .El .Pp If a file cannot be opened, a message will be logged via .Xr syslog 3 using the .Em LOG_LPR facility. The .Nm utility will try up to 20 times to reopen a file it expects to be there, after which it will skip the file to be printed. .Pp The .Nm utility uses .Xr flock 2 to provide exclusive access to the lock file and to prevent multiple daemons from becoming active simultaneously. If the daemon should be killed or die unexpectedly, the lock file need not be removed. The lock file is kept in a readable .Tn ASCII form and contains two lines. The first is the process id of the daemon and the second is the control file name of the current job being printed. The second line is updated to reflect the current status of .Nm for the programs .Xr lpq 1 and .Xr lprm 1 . .Sh FILES .Bl -tag -width "/var/spool/*/minfree" -compact .It Pa /etc/printcap printer description file .It Pa /var/spool/* spool directories .It Pa /var/spool/*/minfree minimum free space to leave .It Pa /dev/lp* line printer devices .It Pa /var/run/printer socket for local requests .It Pa /etc/hosts.equiv lists machine names allowed printer access .It Pa /etc/hosts.lpd lists machine names allowed printer access, but not under same administrative control. .El .Sh SEE ALSO .Xr lpq 1 , .Xr lpr 1 , .Xr lprm 1 , .Xr setsockopt 2 , .Xr syslog 3 , .Xr hosts.lpd 5 , .Xr printcap 5 , .Xr chkprintcap 8 , .Xr lpc 8 , .Xr pac 8 .Rs .\" 4.4BSD SMM:7 .%A Ralph Campbell .%T "4.2 BSD Line Printer Spooler Manual" .Re .Sh HISTORY An .Nm daemon appeared in Version 6 AT&T UNIX. diff --git a/usr.sbin/lpr/lpd/lpd.c b/usr.sbin/lpr/lpd/lpd.c index f2f8994d1fee..56821d114268 100644 --- a/usr.sbin/lpr/lpd/lpd.c +++ b/usr.sbin/lpr/lpd/lpd.c @@ -1,940 +1,948 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993, 1994 * The Regents of the University of California. All rights reserved. * * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1983, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #if 0 #ifndef lint static char sccsid[] = "@(#)lpd.c 8.7 (Berkeley) 5/10/95"; #endif /* not lint */ #endif #include "lp.cdefs.h" /* A cross-platform version of */ __FBSDID("$FreeBSD$"); /* * lpd -- line printer daemon. * * Listen for a connection and perform the requested operation. * Operations are: * \1printer\n * check the queue for jobs and print any found. * \2printer\n * receive a job from another machine and queue it. * \3printer [users ...] [jobs ...]\n * return the current state of the queue (short form). * \4printer [users ...] [jobs ...]\n * return the current state of the queue (long form). * \5printer person [users ...] [jobs ...]\n * remove jobs from the queue. * * Strategy to maintain protected spooling area: * 1. Spooling area is writable only by daemon and spooling group * 2. lpr runs setuid root and setgrp spooling group; it uses * root to access any file it wants (verifying things before * with an access call) and group id to know how it should * set up ownership of files in the spooling area. * 3. Files in spooling area are owned by root, group spooling * group, with mode 660. * 4. lpd, lpq and lprm run setuid daemon and setgrp spooling group to * access files and printer. Users can't get to anything * w/o help of lpq and lprm programs. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "lp.h" #include "lp.local.h" #include "pathnames.h" #include "extern.h" int lflag; /* log requests flag */ int sflag; /* no incoming port flag */ +int Fflag; /* run in foreground flag */ int from_remote; /* from remote socket */ int main(int argc, char **_argv); static void reapchild(int _signo); static void mcleanup(int _signo); static void doit(void); static void startup(void); static void chkhost(struct sockaddr *_f, int _ch_opts); static int ckqueue(struct printer *_pp); static void fhosterr(int _ch_opts, char *_sysmsg, char *_usermsg); static int *socksetup(int _af, int _debuglvl); static void usage(void); /* XXX from libc/net/rcmd.c */ extern int __ivaliduser_sa(FILE *, struct sockaddr *, socklen_t, const char *, const char *); uid_t uid, euid; #define LPD_NOPORTCHK 0001 /* skip reserved-port check */ #define LPD_LOGCONNERR 0002 /* (sys)log connection errors */ #define LPD_ADDFROMLINE 0004 /* just used for fhosterr() */ int main(int argc, char **argv) { int ch_options, errs, f, funix, *finet, i, lfd, socket_debug; fd_set defreadfds; struct sockaddr_un un, fromunix; struct sockaddr_storage frominet; socklen_t fromlen; sigset_t omask, nmask; struct servent *sp, serv; int inet_flag = 0, inet6_flag = 0; euid = geteuid(); /* these shouldn't be different */ uid = getuid(); ch_options = 0; socket_debug = 0; gethostname(local_host, sizeof(local_host)); progname = "lpd"; if (euid != 0) errx(EX_NOPERM,"must run as root"); errs = 0; - while ((i = getopt(argc, argv, "cdlpswW46")) != -1) + while ((i = getopt(argc, argv, "cdlpswFW46")) != -1) switch (i) { case 'c': /* log all kinds of connection-errors to syslog */ ch_options |= LPD_LOGCONNERR; break; case 'd': socket_debug++; break; case 'l': lflag++; break; case 'p': /* letter initially used for -s */ /* * This will probably be removed with 5.0-release. */ /* FALLTHROUGH */ case 's': /* secure (no inet) */ sflag++; break; case 'w': /* netbsd uses -w for maxwait */ /* * This will be removed after the release of 4.4, as * it conflicts with -w in netbsd's lpd. For now it * is just a warning, so we won't suddenly break lpd * for anyone who is currently using the option. */ syslog(LOG_WARNING, "NOTE: the -w option has been renamed -W"); syslog(LOG_WARNING, "NOTE: please change your lpd config to use -W"); /* FALLTHROUGH */ + case 'F': + Fflag++; + break; case 'W': /* allow connections coming from a non-reserved port */ /* (done by some lpr-implementations for MS-Windows) */ ch_options |= LPD_NOPORTCHK; break; case '4': family = PF_INET; inet_flag++; break; case '6': #ifdef INET6 family = PF_INET6; inet6_flag++; #else errx(EX_USAGE, "lpd compiled sans INET6 (IPv6 support)"); #endif break; /* * The following options are not in FreeBSD (yet?), but are * listed here to "reserve" them, because the option-letters * are used by either NetBSD or OpenBSD (as of July 2001). */ case 'b': /* set bind-addr */ case 'n': /* set max num of children */ case 'r': /* allow 'of' for remote ptrs */ /* ...[not needed in freebsd] */ /* FALLTHROUGH */ default: errs++; } if (inet_flag && inet6_flag) family = PF_UNSPEC; argc -= optind; argv += optind; if (errs) usage(); if (argc == 1) { if ((i = atoi(argv[0])) == 0) usage(); if (i < 0 || i > USHRT_MAX) errx(EX_USAGE, "port # %d is invalid", i); serv.s_port = htons(i); sp = &serv; argc--; } else { sp = getservbyname("printer", "tcp"); if (sp == NULL) errx(EX_OSFILE, "printer/tcp: unknown service"); } if (argc != 0) usage(); /* * We run chkprintcap right away to catch any errors and blat them * to stderr while we still have it open, rather than sending them * to syslog and leaving the user wondering why lpd started and * then stopped. There should probably be a command-line flag to * ignore errors from chkprintcap. */ { pid_t pid; int status; pid = fork(); if (pid < 0) { err(EX_OSERR, "cannot fork"); } else if (pid == 0) { /* child */ execl(_PATH_CHKPRINTCAP, _PATH_CHKPRINTCAP, (char *)0); err(EX_OSERR, "cannot execute %s", _PATH_CHKPRINTCAP); } if (waitpid(pid, &status, 0) < 0) { err(EX_OSERR, "cannot wait"); } if (WIFEXITED(status) && WEXITSTATUS(status) != 0) errx(EX_OSFILE, "%d errors in printcap file, exiting", WEXITSTATUS(status)); } -#ifndef DEBUG +#ifdef DEBUG + Fflag++; +#endif /* - * Set up standard environment by detaching from the parent. + * Set up standard environment by detaching from the parent + * if -F not specified */ - daemon(0, 0); -#endif + if (Fflag == 0) { + daemon(0, 0); + } openlog("lpd", LOG_PID, LOG_LPR); syslog(LOG_INFO, "lpd startup: logging=%d%s%s", lflag, socket_debug ? " dbg" : "", sflag ? " net-secure" : ""); (void) umask(0); /* * NB: This depends on O_NONBLOCK semantics doing the right thing; * i.e., applying only to the O_EXLOCK and not to the rest of the * open/creation. As of 1997-12-02, this is the case for commonly- * used filesystems. There are other places in this code which * make the same assumption. */ lfd = open(_PATH_MASTERLOCK, O_WRONLY|O_CREAT|O_EXLOCK|O_NONBLOCK, LOCK_FILE_MODE); if (lfd < 0) { if (errno == EWOULDBLOCK) /* active daemon present */ exit(0); syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK); exit(1); } fcntl(lfd, F_SETFL, 0); /* turn off non-blocking mode */ ftruncate(lfd, 0); /* * write process id for others to know */ sprintf(line, "%u\n", getpid()); f = strlen(line); if (write(lfd, line, f) != f) { syslog(LOG_ERR, "%s: %m", _PATH_MASTERLOCK); exit(1); } signal(SIGCHLD, reapchild); /* * Restart all the printers. */ startup(); (void) unlink(_PATH_SOCKETNAME); funix = socket(AF_UNIX, SOCK_STREAM, 0); if (funix < 0) { syslog(LOG_ERR, "socket: %m"); exit(1); } sigemptyset(&nmask); sigaddset(&nmask, SIGHUP); sigaddset(&nmask, SIGINT); sigaddset(&nmask, SIGQUIT); sigaddset(&nmask, SIGTERM); sigprocmask(SIG_BLOCK, &nmask, &omask); (void) umask(07); signal(SIGHUP, mcleanup); signal(SIGINT, mcleanup); signal(SIGQUIT, mcleanup); signal(SIGTERM, mcleanup); memset(&un, 0, sizeof(un)); un.sun_family = AF_UNIX; strcpy(un.sun_path, _PATH_SOCKETNAME); #ifndef SUN_LEN #define SUN_LEN(unp) (strlen((unp)->sun_path) + 2) #endif if (bind(funix, (struct sockaddr *)&un, SUN_LEN(&un)) < 0) { syslog(LOG_ERR, "ubind: %m"); exit(1); } (void) umask(0); sigprocmask(SIG_SETMASK, &omask, (sigset_t *)0); FD_ZERO(&defreadfds); FD_SET(funix, &defreadfds); listen(funix, 5); if (sflag == 0) { finet = socksetup(family, socket_debug); } else finet = NULL; /* pretend we couldn't open TCP socket. */ if (finet) { for (i = 1; i <= *finet; i++) { FD_SET(finet[i], &defreadfds); listen(finet[i], 5); } } /* * Main loop: accept, do a request, continue. */ memset(&frominet, 0, sizeof(frominet)); memset(&fromunix, 0, sizeof(fromunix)); if (lflag) syslog(LOG_INFO, "lpd startup: ready to accept requests"); /* * XXX - should be redone for multi-protocol */ for (;;) { int domain, nfds, s; fd_set readfds; FD_COPY(&defreadfds, &readfds); nfds = select(20, &readfds, 0, 0, 0); if (nfds <= 0) { if (nfds < 0 && errno != EINTR) syslog(LOG_WARNING, "select: %m"); continue; } domain = -1; /* avoid compile-time warning */ s = -1; /* avoid compile-time warning */ if (FD_ISSET(funix, &readfds)) { domain = AF_UNIX, fromlen = sizeof(fromunix); s = accept(funix, (struct sockaddr *)&fromunix, &fromlen); } else { for (i = 1; i <= *finet; i++) if (FD_ISSET(finet[i], &readfds)) { domain = AF_INET; fromlen = sizeof(frominet); s = accept(finet[i], (struct sockaddr *)&frominet, &fromlen); } } if (s < 0) { if (errno != EINTR) syslog(LOG_WARNING, "accept: %m"); continue; } if (fork() == 0) { /* * Note that printjob() also plays around with * signal-handling routines, and may need to be * changed when making changes to signal-handling. */ signal(SIGCHLD, SIG_DFL); signal(SIGHUP, SIG_IGN); signal(SIGINT, SIG_IGN); signal(SIGQUIT, SIG_IGN); signal(SIGTERM, SIG_IGN); (void) close(funix); if (sflag == 0 && finet) { for (i = 1; i <= *finet; i++) (void)close(finet[i]); } dup2(s, STDOUT_FILENO); (void) close(s); if (domain == AF_INET) { /* for both AF_INET and AF_INET6 */ from_remote = 1; chkhost((struct sockaddr *)&frominet, ch_options); } else from_remote = 0; doit(); exit(0); } (void) close(s); } } static void reapchild(int signo __unused) { int status; while (wait3(&status, WNOHANG, 0) > 0) ; } static void mcleanup(int signo) { /* * XXX syslog(3) is not signal-safe. */ if (lflag) { if (signo) syslog(LOG_INFO, "exiting on signal %d", signo); else syslog(LOG_INFO, "exiting"); } unlink(_PATH_SOCKETNAME); exit(0); } /* * Stuff for handling job specifications */ char *user[MAXUSERS]; /* users to process */ int users; /* # of users in user array */ int requ[MAXREQUESTS]; /* job number of spool entries */ int requests; /* # of spool requests */ char *person; /* name of person doing lprm */ /* buffer to hold the client's machine-name */ static char frombuf[MAXHOSTNAMELEN]; char cbuf[BUFSIZ]; /* command line buffer */ const char *cmdnames[] = { "null", "printjob", "recvjob", "displayq short", "displayq long", "rmjob" }; static void doit(void) { char *cp, *printer; int n; int status; struct printer myprinter, *pp = &myprinter; init_printer(&myprinter); for (;;) { cp = cbuf; do { if (cp >= &cbuf[sizeof(cbuf) - 1]) fatal(0, "Command line too long"); if ((n = read(STDOUT_FILENO, cp, 1)) != 1) { if (n < 0) fatal(0, "Lost connection"); return; } } while (*cp++ != '\n'); *--cp = '\0'; cp = cbuf; if (lflag) { if (*cp >= '\1' && *cp <= '\5') syslog(LOG_INFO, "%s requests %s %s", from_host, cmdnames[(u_char)*cp], cp+1); else syslog(LOG_INFO, "bad request (%d) from %s", *cp, from_host); } switch (*cp++) { case CMD_CHECK_QUE: /* check the queue, print any jobs there */ startprinting(cp); break; case CMD_TAKE_THIS: /* receive files to be queued */ if (!from_remote) { syslog(LOG_INFO, "illegal request (%d)", *cp); exit(1); } recvjob(cp); break; case CMD_SHOWQ_SHORT: /* display the queue (short form) */ case CMD_SHOWQ_LONG: /* display the queue (long form) */ /* XXX - this all needs to be redone. */ printer = cp; while (*cp) { if (*cp != ' ') { cp++; continue; } *cp++ = '\0'; while (isspace(*cp)) cp++; if (*cp == '\0') break; if (isdigit(*cp)) { if (requests >= MAXREQUESTS) fatal(0, "Too many requests"); requ[requests++] = atoi(cp); } else { if (users >= MAXUSERS) fatal(0, "Too many users"); user[users++] = cp; } } status = getprintcap(printer, pp); if (status < 0) fatal(pp, "%s", pcaperr(status)); displayq(pp, cbuf[0] == CMD_SHOWQ_LONG); exit(0); case CMD_RMJOB: /* remove a job from the queue */ if (!from_remote) { syslog(LOG_INFO, "illegal request (%d)", *cp); exit(1); } printer = cp; while (*cp && *cp != ' ') cp++; if (!*cp) break; *cp++ = '\0'; person = cp; while (*cp) { if (*cp != ' ') { cp++; continue; } *cp++ = '\0'; while (isspace(*cp)) cp++; if (*cp == '\0') break; if (isdigit(*cp)) { if (requests >= MAXREQUESTS) fatal(0, "Too many requests"); requ[requests++] = atoi(cp); } else { if (users >= MAXUSERS) fatal(0, "Too many users"); user[users++] = cp; } } rmjob(printer); break; } fatal(0, "Illegal service request"); } } /* * Make a pass through the printcap database and start printing any * files left from the last time the machine went down. */ static void startup(void) { int pid, status, more; struct printer myprinter, *pp = &myprinter; more = firstprinter(pp, &status); if (status) goto errloop; while (more) { if (ckqueue(pp) <= 0) { goto next; } if (lflag) syslog(LOG_INFO, "lpd startup: work for %s", pp->printer); if ((pid = fork()) < 0) { syslog(LOG_WARNING, "lpd startup: cannot fork for %s", pp->printer); mcleanup(0); } if (pid == 0) { lastprinter(); printjob(pp); /* NOTREACHED */ } do { next: more = nextprinter(pp, &status); errloop: if (status) syslog(LOG_WARNING, "lpd startup: printcap entry for %s has errors, skipping", pp->printer ? pp->printer : ""); } while (more && status); } } /* * Make sure there's some work to do before forking off a child */ static int ckqueue(struct printer *pp) { register struct dirent *d; DIR *dirp; char *spooldir; spooldir = pp->spool_dir; if ((dirp = opendir(spooldir)) == NULL) return (-1); while ((d = readdir(dirp)) != NULL) { if (d->d_name[0] != 'c' || d->d_name[1] != 'f') continue; /* daemon control files only */ closedir(dirp); return (1); /* found something */ } closedir(dirp); return (0); } #define DUMMY ":nobody::" /* * Check to see if the host connecting to this host has access to any * lpd services on this host. */ static void chkhost(struct sockaddr *f, int ch_opts) { struct addrinfo hints, *res, *r; register FILE *hostf; char hostbuf[NI_MAXHOST], ip[NI_MAXHOST]; char serv[NI_MAXSERV]; char *syserr, *usererr; int error, errsav, fpass, good; from_host = ".na."; /* Need real hostname for temporary filenames */ error = getnameinfo(f, f->sa_len, hostbuf, sizeof(hostbuf), NULL, 0, NI_NAMEREQD); if (error) { errsav = error; error = getnameinfo(f, f->sa_len, hostbuf, sizeof(hostbuf), NULL, 0, NI_NUMERICHOST); if (error) { asprintf(&syserr, "can not determine hostname for remote host (%d,%d)", errsav, error); asprintf(&usererr, "Host name for your address is not known"); fhosterr(ch_opts, syserr, usererr); /* NOTREACHED */ } asprintf(&syserr, "Host name for remote host (%s) not known (%d)", hostbuf, errsav); asprintf(&usererr, "Host name for your address (%s) is not known", hostbuf); fhosterr(ch_opts, syserr, usererr); /* NOTREACHED */ } strlcpy(frombuf, hostbuf, sizeof(frombuf)); from_host = frombuf; ch_opts |= LPD_ADDFROMLINE; /* Need address in stringform for comparison (no DNS lookup here) */ error = getnameinfo(f, f->sa_len, hostbuf, sizeof(hostbuf), NULL, 0, NI_NUMERICHOST); if (error) { asprintf(&syserr, "Cannot print IP address (error %d)", error); asprintf(&usererr, "Cannot print IP address for your host"); fhosterr(ch_opts, syserr, usererr); /* NOTREACHED */ } from_ip = strdup(hostbuf); /* Reject numeric addresses */ memset(&hints, 0, sizeof(hints)); hints.ai_family = family; hints.ai_socktype = SOCK_DGRAM; /*dummy*/ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; if (getaddrinfo(from_host, NULL, &hints, &res) == 0) { freeaddrinfo(res); /* This syslog message already includes from_host */ ch_opts &= ~LPD_ADDFROMLINE; asprintf(&syserr, "reverse lookup results in non-FQDN %s", from_host); /* same message to both syslog and remote user */ fhosterr(ch_opts, syserr, syserr); /* NOTREACHED */ } /* Check for spoof, ala rlogind */ memset(&hints, 0, sizeof(hints)); hints.ai_family = family; hints.ai_socktype = SOCK_DGRAM; /*dummy*/ error = getaddrinfo(from_host, NULL, &hints, &res); if (error) { asprintf(&syserr, "dns lookup for address %s failed: %s", from_ip, gai_strerror(error)); asprintf(&usererr, "hostname for your address (%s) unknown: %s", from_ip, gai_strerror(error)); fhosterr(ch_opts, syserr, usererr); /* NOTREACHED */ } good = 0; for (r = res; good == 0 && r; r = r->ai_next) { error = getnameinfo(r->ai_addr, r->ai_addrlen, ip, sizeof(ip), NULL, 0, NI_NUMERICHOST); if (!error && !strcmp(from_ip, ip)) good = 1; } if (res) freeaddrinfo(res); if (good == 0) { asprintf(&syserr, "address for remote host (%s) not matched", from_ip); asprintf(&usererr, "address for your hostname (%s) not matched", from_ip); fhosterr(ch_opts, syserr, usererr); /* NOTREACHED */ } fpass = 1; hostf = fopen(_PATH_HOSTSEQUIV, "r"); again: if (hostf) { if (__ivaliduser_sa(hostf, f, f->sa_len, DUMMY, DUMMY) == 0) { (void) fclose(hostf); goto foundhost; } (void) fclose(hostf); } if (fpass == 1) { fpass = 2; hostf = fopen(_PATH_HOSTSLPD, "r"); goto again; } /* This syslog message already includes from_host */ ch_opts &= ~LPD_ADDFROMLINE; asprintf(&syserr, "refused connection from %s, sip=%s", from_host, from_ip); asprintf(&usererr, "Print-services are not available to your host (%s).", from_host); fhosterr(ch_opts, syserr, usererr); /* NOTREACHED */ foundhost: if (ch_opts & LPD_NOPORTCHK) return; /* skip the reserved-port check */ error = getnameinfo(f, f->sa_len, NULL, 0, serv, sizeof(serv), NI_NUMERICSERV); if (error) { /* same message to both syslog and remote user */ asprintf(&syserr, "malformed from-address (%d)", error); fhosterr(ch_opts, syserr, syserr); /* NOTREACHED */ } if (atoi(serv) >= IPPORT_RESERVED) { /* same message to both syslog and remote user */ asprintf(&syserr, "connected from invalid port (%s)", serv); fhosterr(ch_opts, syserr, syserr); /* NOTREACHED */ } } /* * Handle fatal errors in chkhost. The first message will optionally be * sent to syslog, the second one is sent to the connecting host. * * The idea is that the syslog message is meant for an administrator of a * print server (the host receiving connections), while the usermsg is meant * for a remote user who may or may not be clueful, and may or may not be * doing something nefarious. Some remote users (eg, MS-Windows...) may not * even see whatever message is sent, which is why there's the option to * start 'lpd' with the connection-errors also sent to syslog. * * Given that hostnames can theoretically be fairly long (well, over 250 * bytes), it would probably be helpful to have the 'from_host' field at * the end of any error messages which include that info. * * These are Fatal host-connection errors, so this routine does not return. */ static void fhosterr(int ch_opts, char *sysmsg, char *usermsg) { /* * If lpd was started up to print connection errors, then write * the syslog message before the user message. * And for many of the syslog messages, it is helpful to first * write the from_host (if it is known) as a separate syslog * message, since the hostname may be so long. */ if (ch_opts & LPD_LOGCONNERR) { if (ch_opts & LPD_ADDFROMLINE) { syslog(LOG_WARNING, "for connection from %s:", from_host); } syslog(LOG_WARNING, "%s", sysmsg); } /* * Now send the error message to the remote host which is trying * to make the connection. */ printf("%s [@%s]: %s\n", progname, local_host, usermsg); fflush(stdout); /* * Add a minimal delay before exiting (and disconnecting from the * sending-host). This is just in case that machine responds by * INSTANTLY retrying (and instantly re-failing...). This may also * give the other side more time to read the error message. */ sleep(2); /* a paranoid throttling measure */ exit(1); } /* setup server socket for specified address family */ /* if af is PF_UNSPEC more than one socket may be returned */ /* the returned list is dynamically allocated, so caller needs to free it */ static int * socksetup(int af, int debuglvl) { struct addrinfo hints, *res, *r; int error, maxs, *s, *socks; const int on = 1; memset(&hints, 0, sizeof(hints)); hints.ai_flags = AI_PASSIVE; hints.ai_family = af; hints.ai_socktype = SOCK_STREAM; error = getaddrinfo(NULL, "printer", &hints, &res); if (error) { syslog(LOG_ERR, "%s", gai_strerror(error)); mcleanup(0); } /* Count max number of sockets we may open */ for (maxs = 0, r = res; r; r = r->ai_next, maxs++) ; socks = malloc((maxs + 1) * sizeof(int)); if (!socks) { syslog(LOG_ERR, "couldn't allocate memory for sockets"); mcleanup(0); } *socks = 0; /* num of sockets counter at start of array */ s = socks + 1; for (r = res; r; r = r->ai_next) { *s = socket(r->ai_family, r->ai_socktype, r->ai_protocol); if (*s < 0) { syslog(LOG_DEBUG, "socket(): %m"); continue; } if (setsockopt(*s, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) { syslog(LOG_ERR, "setsockopt(SO_REUSEADDR): %m"); close(*s); continue; } if (debuglvl) if (setsockopt(*s, SOL_SOCKET, SO_DEBUG, &debuglvl, sizeof(debuglvl)) < 0) { syslog(LOG_ERR, "setsockopt (SO_DEBUG): %m"); close(*s); continue; } if (r->ai_family == AF_INET6) { if (setsockopt(*s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0) { syslog(LOG_ERR, "setsockopt (IPV6_V6ONLY): %m"); close(*s); continue; } } if (bind(*s, r->ai_addr, r->ai_addrlen) < 0) { syslog(LOG_DEBUG, "bind(): %m"); close(*s); continue; } (*socks)++; s++; } if (res) freeaddrinfo(res); if (*socks == 0) { syslog(LOG_ERR, "Couldn't bind to any socket"); free(socks); mcleanup(0); } return(socks); } static void usage(void) { #ifdef INET6 - fprintf(stderr, "usage: lpd [-cdlsW46] [port#]\n"); + fprintf(stderr, "usage: lpd [-cdlsFW46] [port#]\n"); #else - fprintf(stderr, "usage: lpd [-cdlsW] [port#]\n"); + fprintf(stderr, "usage: lpd [-cdlsFW] [port#]\n"); #endif exit(EX_USAGE); }