[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[patch] .ident support for identd



The attached patch adds user-specified token support to identd.  It needs
to be applied in the source tree root (generally, /usr/src) like so:

patch -p0 < identd.patch

>From the man page:

-U      When replying with a user name or ID, first check for a file
        .ident in the user's home directory.  If this file is accessible,
        return the contents of the file instead of the normal USERID re-
        sponse.

I'm not on the list, please copy me in any response.

- Rob
Common subdirectories: libexec/identd.old/CVS and libexec/identd/CVS
diff -u libexec/identd.old/identd.8 libexec/identd/identd.8
--- libexec/identd.old/identd.8	Tue Apr  3 07:11:34 2001
+++ libexec/identd/identd.8	Tue Apr  3 07:14:51 2001
@@ -117,6 +117,14 @@
 switch to after binding itself to the
 .Tn TCP/IP
 port if running as a stand alone daemon.
+.It Fl U
+When replying with a user name or ID, first
+check for a file
+.Pa .ident
+in the user's home directory.
+If this file is accessible, return
+the contents of the file 
+instead of the normal USERID response.
 .It Fl g Ar gid
 Specify a group ID number or group name which the
 .Nm
@@ -204,7 +212,12 @@
 Since
 .Nm identd
 should typically not be run as a privileged user or group,
-.Pa .noident
+.Pa .ident
 files for use when running with the
-.Fl N
+.Fl U
 flag will need to be world accessible.
+The same applies for
+.Pa .noident
+files when running with the 
+.Fl N
+flag.
diff -u libexec/identd.old/identd.c libexec/identd/identd.c
--- libexec/identd.old/identd.c	Tue Apr  3 07:11:34 2001
+++ libexec/identd/identd.c	Tue Apr  3 06:56:33 2001
@@ -46,6 +46,7 @@
 int     number_flag = 0;
 int     noident_flag = 0;
 int	token_flag = 0;
+int	userident_flag = 0;
 
 int     lport = 0;
 int     fport = 0;
@@ -152,7 +153,7 @@
 	/*
 	 * Parse the command line arguments
 	 */
-	while ((ch = getopt(argc, argv, "hbwit:p:a:u:g:c:r:loenVvdmN")) != -1) {
+	while ((ch = getopt(argc, argv, "hbwit:p:a:u:g:c:r:loenVvdmNU")) != -1) {
 		switch (ch) {
 		case 'h':
 			token_flag = 1;
@@ -233,6 +234,9 @@
 			break;
 		case 'N':	/* Enable users ".noident" files */
 			noident_flag++;
+			break;
+		case 'U':	/* Enable user ".ident" files */
+			userident_flag++;
 			break;
 		default:
 			usage();
diff -u libexec/identd.old/identd.h libexec/identd/identd.h
--- libexec/identd.old/identd.h	Tue Apr  3 07:11:34 2001
+++ libexec/identd/identd.h	Tue Apr  3 06:56:33 2001
@@ -29,6 +29,7 @@
 extern int number_flag;
 extern int noident_flag;
 extern int token_flag;
+extern int userident_flag;
 
 extern char *charset_name;
 extern char *indirect_host;
diff -u libexec/identd.old/parse.c libexec/identd/parse.c
--- libexec/identd.old/parse.c	Tue Apr  3 07:11:34 2001
+++ libexec/identd/parse.c	Tue Apr  3 08:04:18 2001
@@ -36,7 +36,7 @@
 void gentoken __P((char *, int));
 
 /*
- * A small routine to check for the existance of the ".noident"
+ * A small routine to check for the existence of the ".noident"
  * file in a users home directory.
  */
 int
@@ -55,6 +55,49 @@
 	return 0;
 }
 
+/*
+ * A small routine to check for the existence of the ".ident"
+ * file in a users home directory, and return its contents.
+ */
+int
+getuserident(homedir, buf, len)
+	char *homedir, *buf;
+	int len;
+{
+	char   path[MAXPATHLEN];
+	struct stat st;
+	int    fd, nread;
+	char   *p;
+
+	if (len == 0)
+		return 0;
+	if (!homedir)
+		return 0;
+	if (snprintf(path, sizeof path, "%s/.ident", homedir) >= sizeof path)
+		return 0;
+	if (stat(path, &st) != 0)
+		return 0;
+
+	if ((fd = open(path, O_RDONLY|O_NOFOLLOW, 0)) < 0)
+		return 0;
+
+	p = buf;
+	if ((nread = read(fd, p, len-1)) < 1) {
+		close(fd);
+		return 0;
+	}
+
+	p += nread;
+	*p = '\0';
+
+	/* remove illegal characters */
+	if ((p = strpbrk(buf, "\r\n")))
+		*p = '\0';
+
+	close(fd);
+	return 1;
+}
+
 static char token0cnv[] = "abcdefghijklmnopqrstuvwxyz";
 static char tokencnv[] = "abcdefghijklmnopqrstuvwxyz0123456789";
 
@@ -268,6 +311,24 @@
 		return 0;
 	}
 
+	if (userident_flag) {
+                char token[21];
+                
+                if (getuserident(pw->pw_dir, token, sizeof token)) {
+	                syslog(LOG_NOTICE, "token \"%s\" == uid %u (%s)", token, uid, 
+				pw->pw_name);
+	                n = snprintf(buf, sizeof(buf),
+        	            "%d , %d : USERID : OTHER%s%s :%s\r\n",
+	                    lport, fport, charset_name ? " , " : "",
+	                    charset_name ? charset_name : "", token);
+	                if (timed_write(fd, buf, n, IO_TIMEOUT) != n && syslog_flag) {
+	                        syslog(LOG_NOTICE, "write to %s: %m", gethost(faddr));
+	                        return 1;
+	                }
+	                return 0;
+		}
+	}
+
 	if (token_flag) {
 		char token[21];
 
@@ -427,6 +488,24 @@
 			return 1;
 		}
 		return 0;
+	}
+
+	if (userident_flag) {
+                char token[21];
+                
+                if (getuserident(pw->pw_dir, token, sizeof token)) {
+	                syslog(LOG_NOTICE, "token \"%s\" == uid %u (%s)", token, uid, 
+				pw->pw_name);
+	                n = snprintf(buf, sizeof(buf),
+        	            "%d , %d : USERID : OTHER%s%s :%s\r\n",
+	                    lport, fport, charset_name ? " , " : "",
+	                    charset_name ? charset_name : "", token);
+	                if (timed_write(fd, buf, n, IO_TIMEOUT) != n && syslog_flag) {
+	                        syslog(LOG_NOTICE, "write to %s: %m", gethost6(faddr));
+	                        return 1;
+	                }
+	                return 0;
+		}
 	}
 
 	if (token_flag) {