1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18 package org.apache.commons.net.bsd;
19
20 import java.io.IOException;
21 import java.io.InputStream;
22 import java.net.BindException;
23 import java.net.InetAddress;
24 import java.net.ServerSocket;
25 import java.net.Socket;
26 import java.net.SocketException;
27 import java.net.UnknownHostException;
28 import java.nio.charset.StandardCharsets;
29
30 import org.apache.commons.net.io.SocketInputStream;
31
32 /**
33 * RCommandClient is very similar to {@link org.apache.commons.net.bsd.RExecClient}, from which it is derived, and implements the rcmd() facility that first
34 * appeared in 4.2BSD Unix. rcmd() is the facility used by the rsh (rshell) and other commands to execute a command on another machine from a trusted host
35 * without issuing a password. The trust relationship between two machines is established by the contents of a machine's /etc/hosts.equiv file and a user's
36 * .rhosts file. These files specify from which hosts and accounts on those hosts rcmd() requests will be accepted. The only additional measure for establishing
37 * trust is that all client connections must originate from a port between 512 and 1023. Consequently, there is an upper limit to the number of rcmd connections
38 * that can be running simultaneously. The required ports are reserved ports on Unix systems, and can only be bound by a process running with root permissions
39 * (to accomplish this rsh, rlogin, and related commands usualy have the suid bit set). Therefore, on a Unix system, you will only be able to successfully use
40 * the RCommandClient class if the process runs as root. However, there is no such restriction on Windows95 and some other systems. The security risks are
41 * obvious. However, when carefully used, rcmd() can be very useful when used behind a firewall.
42 * <p>
43 * As with virtually all the client classes in org.apache.commons.net, this class derives from SocketClient. But it overrides most of its connection methods
44 * so that the local Socket will originate from an acceptable rshell port. The way to use RCommandClient is to first connect to the server, call the
45 * {@link #rcommand rcommand() } method, and then fetch the connection's input, output, and optionally error streams. Interaction with the remote command is
46 * controlled entirely through the I/O streams. Once you have finished processing the streams, you should invoke
47 * {@link org.apache.commons.net.bsd.RExecClient#disconnect disconnect() } to clean up properly.
48 * </p>
49 * <p>
50 * By default, the standard output and standard error streams of the remote process are transmitted over the same connection, readable from the input stream
51 * returned by {@link org.apache.commons.net.bsd.RExecClient#getInputStream getInputStream() } . However, it is possible to tell the rshd daemon to return the
52 * standard error stream over a separate connection, readable from the input stream returned by {@link org.apache.commons.net.bsd.RExecClient#getErrorStream
53 * getErrorStream() } . You can specify that a separate connection should be created for standard error by setting the boolean
54 * <code> separateErrorStream </code> parameter of {@link #rcommand rcommand() } to <code> true </code>. The standard input of the remote process can be written
55 * to through the output stream returned by {@link org.apache.commons.net.bsd.RExecClient#getOutputStream getOutputStream() } .
56 * </p>
57 *
58 * @see org.apache.commons.net.SocketClient
59 * @see RExecClient
60 * @see RLoginClient
61 */
62 public class RCommandClient extends RExecClient {
63 /**
64 * The default rshell port. Set to 514 in BSD Unix.
65 */
66 public static final int DEFAULT_PORT = 514;
67
68 /**
69 * The smallest port number a rcmd client may use. By BSD convention this number is 512.
70 */
71 public static final int MIN_CLIENT_PORT = 512;
72
73 /**
74 * The largest port number a rcmd client may use. By BSD convention this number is 1023.
75 */
76 public static final int MAX_CLIENT_PORT = 1023;
77
78 /**
79 * The default RCommandClient constructor. Initializes the default port to <code> DEFAULT_PORT </code>.
80 */
81 public RCommandClient() {
82 setDefaultPort(DEFAULT_PORT);
83 }
84
85 /**
86 * Opens a Socket connected to a remote host at the specified port and originating from the current host at a port in a range acceptable to the BSD rshell
87 * daemon. Before returning, {@link org.apache.commons.net.SocketClient#_connectAction_ _connectAction_() } is called to perform connection initialization
88 * actions.
89 *
90 * @param host The remote host.
91 * @param port The port to connect to on the remote host.
92 * @throws SocketException If the socket timeout could not be set.
93 * @throws BindException If all acceptable rshell ports are in use.
94 * @throws IOException If the socket could not be opened. In most cases you will only want to catch IOException since SocketException is derived from
95 * it.
96 */
97 @Override
98 public void connect(final InetAddress host, final int port) throws SocketException, IOException {
99 connect(host, port, InetAddress.getLocalHost());
100 }
101
102 /**
103 * Opens a Socket connected to a remote host at the specified port and originating from the specified local address using a port in a range acceptable to
104 * the BSD rshell daemon. Before returning, {@link org.apache.commons.net.SocketClient#_connectAction_ _connectAction_() } is called to perform connection
105 * initialization actions.
106 *
107 * @param host The remote host.
108 * @param port The port to connect to on the remote host.
109 * @param localAddr The local address to use.
110 * @throws SocketException If the socket timeout could not be set.
111 * @throws BindException If all acceptable rshell ports are in use.
112 * @throws IOException If the socket could not be opened. In most cases you will only want to catch IOException since SocketException is derived from
113 * it.
114 */
115 public void connect(final InetAddress host, final int port, final InetAddress localAddr) throws SocketException, BindException, IOException {
116 int localPort;
117
118 for (localPort = MAX_CLIENT_PORT; localPort >= MIN_CLIENT_PORT; --localPort) {
119 try {
120 _socket_ = _socketFactory_.createSocket(host, port, localAddr, localPort);
121 } catch (final SocketException e) {
122 continue;
123 }
124 break;
125 }
126
127 if (localPort < MIN_CLIENT_PORT) {
128 throw new BindException("All ports in use or insufficient permssion.");
129 }
130
131 _connectAction_();
132 }
133
134 /**
135 * Opens a Socket connected to a remote host at the specified port and originating from the specified local address and port. The local port must lie
136 * between <code> MIN_CLIENT_PORT </code> and <code> MAX_CLIENT_PORT </code> or an IllegalArgumentException will be thrown. Before returning,
137 * {@link org.apache.commons.net.SocketClient#_connectAction_ _connectAction_() } is called to perform connection initialization actions.
138 *
139 * @param host The remote host.
140 * @param port The port to connect to on the remote host.
141 * @param localAddr The local address to use.
142 * @param localPort The local port to use.
143 * @throws SocketException If the socket timeout could not be set.
144 * @throws IOException If the socket could not be opened. In most cases you will only want to catch IOException since SocketException is
145 * derived from it.
146 * @throws IllegalArgumentException If an invalid local port number is specified.
147 */
148 @Override
149 public void connect(final InetAddress host, final int port, final InetAddress localAddr, final int localPort)
150 throws SocketException, IOException, IllegalArgumentException {
151 if (localPort < MIN_CLIENT_PORT || localPort > MAX_CLIENT_PORT) {
152 throw new IllegalArgumentException("Invalid port number " + localPort);
153 }
154 super.connect(host, port, localAddr, localPort);
155 }
156
157 /**
158 * Opens a Socket connected to a remote host at the specified port and originating from the current host at a port in a range acceptable to the BSD rshell
159 * daemon. Before returning, {@link org.apache.commons.net.SocketClient#_connectAction_ _connectAction_() } is called to perform connection initialization
160 * actions.
161 *
162 * @param hostname The name of the remote host.
163 * @param port The port to connect to on the remote host.
164 * @throws SocketException If the socket timeout could not be set.
165 * @throws BindException If all acceptable rshell ports are in use.
166 * @throws IOException If the socket could not be opened. In most cases you will only want to catch IOException since SocketException is derived
167 * from it.
168 * @throws UnknownHostException If the hostname cannot be resolved.
169 */
170 @Override
171 public void connect(final String hostname, final int port) throws SocketException, IOException, UnknownHostException {
172 connect(InetAddress.getByName(hostname), port, InetAddress.getLocalHost());
173 }
174
175 /**
176 * Opens a Socket connected to a remote host at the specified port and originating from the specified local address using a port in a range acceptable to
177 * the BSD rshell daemon. Before returning, {@link org.apache.commons.net.SocketClient#_connectAction_ _connectAction_() } is called to perform connection
178 * initialization actions.
179 *
180 * @param hostname The remote host.
181 * @param port The port to connect to on the remote host.
182 * @param localAddr The local address to use.
183 * @throws SocketException If the socket timeout could not be set.
184 * @throws BindException If all acceptable rshell ports are in use.
185 * @throws IOException If the socket could not be opened. In most cases you will only want to catch IOException since SocketException is derived from
186 * it.
187 */
188 public void connect(final String hostname, final int port, final InetAddress localAddr) throws SocketException, IOException {
189 connect(InetAddress.getByName(hostname), port, localAddr);
190 }
191
192 /**
193 * Opens a Socket connected to a remote host at the specified port and originating from the specified local address and port. The local port must lie
194 * between <code> MIN_CLIENT_PORT </code> and <code> MAX_CLIENT_PORT </code> or an IllegalArgumentException will be thrown. Before returning,
195 * {@link org.apache.commons.net.SocketClient#_connectAction_ _connectAction_() } is called to perform connection initialization actions.
196 *
197 * @param hostname The name of the remote host.
198 * @param port The port to connect to on the remote host.
199 * @param localAddr The local address to use.
200 * @param localPort The local port to use.
201 * @throws SocketException If the socket timeout could not be set.
202 * @throws IOException If the socket could not be opened. In most cases you will only want to catch IOException since SocketException is
203 * derived from it.
204 * @throws UnknownHostException If the hostname cannot be resolved.
205 * @throws IllegalArgumentException If an invalid local port number is specified.
206 */
207 @Override
208 public void connect(final String hostname, final int port, final InetAddress localAddr, final int localPort)
209 throws SocketException, IOException, IllegalArgumentException, UnknownHostException {
210 if (localPort < MIN_CLIENT_PORT || localPort > MAX_CLIENT_PORT) {
211 throw new IllegalArgumentException("Invalid port number " + localPort);
212 }
213 super.connect(hostname, port, localAddr, localPort);
214 }
215
216 // Overrides method in RExecClient in order to implement proper
217 // port number limitations.
218 @Override
219 InputStream createErrorStream() throws IOException {
220 final Socket socket;
221
222 try (ServerSocket server = createServer()) {
223 _output_.write(Integer.toString(server.getLocalPort()).getBytes(StandardCharsets.UTF_8));
224 _output_.write(NULL_CHAR);
225 _output_.flush();
226 socket = server.accept();
227 }
228
229 if (isRemoteVerificationEnabled() && !verifyRemote(socket)) {
230 socket.close();
231 throw new IOException("Security violation: unexpected connection attempt by " + socket.getInetAddress().getHostAddress());
232 }
233
234 return new SocketInputStream(socket, socket.getInputStream());
235 }
236
237 private ServerSocket createServer() throws IOException {
238 for (int localPort = MAX_CLIENT_PORT; localPort >= MIN_CLIENT_PORT; --localPort) {
239 try {
240 return _serverSocketFactory_.createServerSocket(localPort, 1, getLocalAddress());
241 } catch (final SocketException e) {
242 continue;
243 }
244 }
245 throw new BindException("All ports in use.");
246 }
247
248 /**
249 * Same as <code> rcommand(localUsername, remoteUsername, command, false); </code>
250 *
251 * @param localUser the local user
252 * @param remoteUser the remote user
253 * @param command the command
254 * @throws IOException on error
255 */
256 public void rcommand(final String localUser, final String remoteUser, final String command) throws IOException {
257 rcommand(localUser, remoteUser, command, false);
258 }
259
260 /**
261 * Remotely executes a command through the rshd daemon on the server to which the RCommandClient is connected. After calling this method, you may interact
262 * with the remote process through its standard input, output, and error streams. You will typically be able to detect the termination of the remote process
263 * after reaching end of file on its standard output (accessible through {@link #getInputStream getInputStream()}). Disconnecting from the server or closing
264 * the process streams before reaching end of file will not necessarily terminate the remote process.
265 * <p>
266 * If a separate error stream is requested, the remote server will connect to a local socket opened by RCommandClient, providing an independent stream
267 * through which standard error will be transmitted. The local socket must originate from a secure port (512 - 1023), and rcommand() ensures that this will
268 * be so. RCommandClient will also do a simple security check when it accepts a connection for this error stream. If the connection does not originate from
269 * the remote server, an IOException will be thrown. This serves as a simple protection against possible hijacking of the error stream by an attacker
270 * monitoring the rexec() negotiation. You may disable this behavior with {@link org.apache.commons.net.bsd.RExecClient#setRemoteVerificationEnabled
271 * setRemoteVerificationEnabled()} .
272 * </p>
273 *
274 * @param localUser The user account on the local machine that is requesting the command execution.
275 * @param remoteUser The account name on the server through which to execute the command.
276 * @param command The command, including any arguments, to execute.
277 * @param separateErrorStream True if you would like the standard error to be transmitted through a different stream than standard output. False if not.
278 * @throws IOException If the rcommand() attempt fails. The exception will contain a message indicating the nature of the failure.
279 */
280 public void rcommand(final String localUser, final String remoteUser, final String command, final boolean separateErrorStream) throws IOException {
281 rexec(localUser, remoteUser, command, separateErrorStream);
282 }
283
284 }