To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugbasedclient.c
- browse files at revision 13
- compare with another revision
- download diff
- download tarball
- view history from revision 13
- Committer: Björn Påhlsson
- Date: 2008-07-20 02:52:20 UTC
- Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
plugbasedclient.c
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
/*
3
* Mandos plugin runner - Run Mandos plugins
4
*
5
* Copyright © 2008-2013 Teddy Hogeborn
6
* Copyright © 2008-2013 Björn Påhlsson
7
*
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
12
*
13
* This program is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* General Public License for more details.
17
*
18
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
21
*
22
* Contact the authors at <mandos@recompile.se>.
23
*/
24
25
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
26
O_CLOEXEC */
27
#include <stddef.h> /* size_t, NULL */
28
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
29
realloc() */
30
#include <stdbool.h> /* bool, true, false */
31
#include <stdio.h> /* fileno(), fprintf(),
32
stderr, STDOUT_FILENO, fclose() */
33
#include <sys/types.h> /* DIR, fdopendir(), fstat(), struct
34
stat, waitpid(), WIFEXITED(),
35
WEXITSTATUS(), wait(), pid_t,
36
uid_t, gid_t, getuid(), getgid(),
37
dirfd() */
38
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
39
FD_SET(), FD_ISSET(), FD_CLR */
40
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
41
WEXITSTATUS(), WTERMSIG(),
42
WCOREDUMP() */
43
#include <sys/stat.h> /* struct stat, fstat(), S_ISREG() */
44
#include <iso646.h> /* and, or, not */
45
#include <dirent.h> /* DIR, struct dirent, fdopendir(),
46
readdir(), closedir(), dirfd() */
47
#include <unistd.h> /* fcntl(), F_GETFD, F_SETFD,
48
FD_CLOEXEC, write(), STDOUT_FILENO,
49
struct stat, fstat(), close(),
50
setgid(), setuid(), S_ISREG(),
51
faccessat() pipe(), fork(),
52
_exit(), dup2(), fexecve(), read()
53
*/
54
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
55
FD_CLOEXEC, openat() */
56
#include <string.h> /* strsep, strlen(), strsignal(),
57
strcmp(), strncmp() */
58
#include <errno.h> /* errno */
59
#include <argp.h> /* struct argp_option, struct
60
argp_state, struct argp,
61
argp_parse(), ARGP_ERR_UNKNOWN,
62
ARGP_KEY_END, ARGP_KEY_ARG,
63
error_t */
64
#include <signal.h> /* struct sigaction, sigemptyset(),
65
sigaddset(), sigaction(),
66
sigprocmask(), SIG_BLOCK, SIGCHLD,
67
SIG_UNBLOCK, kill(), sig_atomic_t
68
*/
69
#include <errno.h> /* errno, EBADF */
70
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
71
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
72
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
73
#include <errno.h> /* errno */
74
#include <error.h> /* error() */
75
#include <fnmatch.h> /* fnmatch() */
76
77
#define BUFFER_SIZE 256
78
79
#define PDIR "/lib/mandos/plugins.d"
80
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
81
82
const char *argp_program_version = "plugin-runner " VERSION;
83
const char *argp_program_bug_address = "<mandos@recompile.se>";
84
85
typedef struct plugin{
86
char *name; /* can be NULL or any plugin name */
87
char **argv;
88
int argc;
89
char **environ;
90
int envc;
91
bool disabled;
92
93
/* Variables used for running processes*/
1
#include <stdio.h> /* popen, fileno */
2
#include <iso646.h> /* and, or, not */
3
#include <sys/types.h> /* DIR, opendir, stat, struct stat, waitpid,
4
WIFEXITED, WEXITSTATUS, wait */
5
#include <sys/wait.h> /* wait */
6
#include <dirent.h> /* DIR, opendir */
7
#include <sys/stat.h> /* stat, struct stat */
8
#include <unistd.h> /* stat, struct stat, chdir */
9
#include <stdlib.h> /* EXIT_FAILURE */
10
#include <sys/select.h> /* fd_set, select, FD_ZERO, FD_SET, FD_ISSET */
11
#include <string.h> /* strlen, strcpy, strcat */
12
#include <stdbool.h> /* true */
13
#include <sys/wait.h> /* waitpid, WIFEXITED, WEXITSTATUS */
14
#include <errno.h> /* errno */
15
16
struct process;
17
18
typedef struct process{
94
19
pid_t pid;
95
20
int fd;
96
21
char *buffer;
97
size_t buffer_size;
98
size_t buffer_length;
99
bool eof;
100
volatile sig_atomic_t completed;
101
int status;
102
struct plugin *next;
103
} plugin;
104
105
static plugin *plugin_list = NULL;
106
107
/* Gets an existing plugin based on name,
108
or if none is found, creates a new one */
109
__attribute__((warn_unused_result))
110
static plugin *getplugin(char *name){
111
/* Check for existing plugin with that name */
112
for(plugin *p = plugin_list; p != NULL; p = p->next){
113
if((p->name == name)
114
or (p->name and name and (strcmp(p->name, name) == 0))){
115
return p;
116
}
117
}
118
/* Create a new plugin */
119
plugin *new_plugin = NULL;
120
do {
121
new_plugin = malloc(sizeof(plugin));
122
} while(new_plugin == NULL and errno == EINTR);
123
if(new_plugin == NULL){
124
return NULL;
125
}
126
char *copy_name = NULL;
127
if(name != NULL){
128
do {
129
copy_name = strdup(name);
130
} while(copy_name == NULL and errno == EINTR);
131
if(copy_name == NULL){
132
int e = errno;
133
free(new_plugin);
134
errno = e;
135
return NULL;
136
}
137
}
138
139
*new_plugin = (plugin){ .name = copy_name,
140
.argc = 1,
141
.disabled = false,
142
.next = plugin_list };
143
144
do {
145
new_plugin->argv = malloc(sizeof(char *) * 2);
146
} while(new_plugin->argv == NULL and errno == EINTR);
147
if(new_plugin->argv == NULL){
148
int e = errno;
149
free(copy_name);
150
free(new_plugin);
151
errno = e;
152
return NULL;
153
}
154
new_plugin->argv[0] = copy_name;
155
new_plugin->argv[1] = NULL;
156
157
do {
158
new_plugin->environ = malloc(sizeof(char *));
159
} while(new_plugin->environ == NULL and errno == EINTR);
160
if(new_plugin->environ == NULL){
161
int e = errno;
162
free(copy_name);
163
free(new_plugin->argv);
164
free(new_plugin);
165
errno = e;
166
return NULL;
167
}
168
new_plugin->environ[0] = NULL;
169
170
/* Append the new plugin to the list */
171
plugin_list = new_plugin;
172
return new_plugin;
173
}
174
175
/* Helper function for add_argument and add_environment */
176
__attribute__((nonnull, warn_unused_result))
177
static bool add_to_char_array(const char *new, char ***array,
178
int *len){
179
/* Resize the pointed-to array to hold one more pointer */
180
char **new_array = NULL;
181
do {
182
new_array = realloc(*array, sizeof(char *)
183
* (size_t) ((*len) + 2));
184
} while(new_array == NULL and errno == EINTR);
185
/* Malloc check */
186
if(new_array == NULL){
187
return false;
188
}
189
*array = new_array;
190
/* Make a copy of the new string */
191
char *copy;
192
do {
193
copy = strdup(new);
194
} while(copy == NULL and errno == EINTR);
195
if(copy == NULL){
196
return false;
197
}
198
/* Insert the copy */
199
(*array)[*len] = copy;
200
(*len)++;
201
/* Add a new terminating NULL pointer to the last element */
202
(*array)[*len] = NULL;
203
return true;
204
}
205
206
/* Add to a plugin's argument vector */
207
__attribute__((nonnull(2), warn_unused_result))
208
static bool add_argument(plugin *p, const char *arg){
209
if(p == NULL){
210
return false;
211
}
212
return add_to_char_array(arg, &(p->argv), &(p->argc));
213
}
214
215
/* Add to a plugin's environment */
216
__attribute__((nonnull(2), warn_unused_result))
217
static bool add_environment(plugin *p, const char *def, bool replace){
218
if(p == NULL){
219
return false;
220
}
221
/* namelen = length of name of environment variable */
222
size_t namelen = (size_t)(strchrnul(def, '=') - def);
223
/* Search for this environment variable */
224
for(char **envdef = p->environ; *envdef != NULL; envdef++){
225
if(strncmp(*envdef, def, namelen + 1) == 0){
226
/* It already exists */
227
if(replace){
228
char *new_envdef;
229
do {
230
new_envdef = realloc(*envdef, strlen(def) + 1);
231
} while(new_envdef == NULL and errno == EINTR);
232
if(new_envdef == NULL){
233
return false;
234
}
235
*envdef = new_envdef;
236
strcpy(*envdef, def);
237
}
238
return true;
239
}
240
}
241
return add_to_char_array(def, &(p->environ), &(p->envc));
242
}
243
244
/*
245
* Based on the example in the GNU LibC manual chapter 13.13 "File
246
* Descriptor Flags".
247
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
248
*/
249
__attribute__((warn_unused_result))
250
static int set_cloexec_flag(int fd){
251
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
252
/* If reading the flags failed, return error indication now. */
253
if(ret < 0){
254
return ret;
255
}
256
/* Store modified flag word in the descriptor. */
257
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
258
ret | FD_CLOEXEC));
259
}
260
261
262
/* Mark processes as completed when they exit, and save their exit
263
status. */
264
static void handle_sigchld(__attribute__((unused)) int sig){
265
int old_errno = errno;
266
while(true){
267
plugin *proc = plugin_list;
268
int status;
269
pid_t pid = waitpid(-1, &status, WNOHANG);
270
if(pid == 0){
271
/* Only still running child processes */
272
break;
273
}
274
if(pid == -1){
275
if(errno == ECHILD){
276
/* No child processes */
277
break;
278
}
279
error(0, errno, "waitpid");
280
}
281
282
/* A child exited, find it in process_list */
283
while(proc != NULL and proc->pid != pid){
284
proc = proc->next;
285
}
286
if(proc == NULL){
287
/* Process not found in process list */
288
continue;
289
}
290
proc->status = status;
291
proc->completed = 1;
292
}
293
errno = old_errno;
294
}
295
296
/* Prints out a password to stdout */
297
__attribute__((nonnull, warn_unused_result))
298
static bool print_out_password(const char *buffer, size_t length){
299
ssize_t ret;
300
for(size_t written = 0; written < length; written += (size_t)ret){
301
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
302
length - written));
303
if(ret < 0){
304
return false;
305
}
306
}
307
return true;
308
}
309
310
/* Removes and free a plugin from the plugin list */
311
__attribute__((nonnull))
312
static void free_plugin(plugin *plugin_node){
313
314
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
315
free(*arg);
316
}
317
free(plugin_node->argv);
318
for(char **env = plugin_node->environ; *env != NULL; env++){
319
free(*env);
320
}
321
free(plugin_node->environ);
322
free(plugin_node->buffer);
323
324
/* Removes the plugin from the singly-linked list */
325
if(plugin_node == plugin_list){
326
/* First one - simple */
327
plugin_list = plugin_list->next;
328
} else {
329
/* Second one or later */
330
for(plugin *p = plugin_list; p != NULL; p = p->next){
331
if(p->next == plugin_node){
332
p->next = plugin_node->next;
333
break;
334
}
335
}
336
}
337
338
free(plugin_node);
339
}
340
341
static void free_plugin_list(void){
342
while(plugin_list != NULL){
343
free_plugin(plugin_list);
344
}
345
}
22
int buffer_size;
23
int buffer_length;
24
struct process *next;
25
} process;
26
27
#define BUFFER_SIZE 256
346
28
347
29
int main(int argc, char *argv[]){
348
char *plugindir = NULL;
349
char *argfile = NULL;
350
FILE *conffp;
351
DIR *dir = NULL;
30
char plugindir[] = "plugins.d";
31
size_t d_name_len, plugindir_len = sizeof(plugindir)-1;
32
DIR *dir;
352
33
struct dirent *dirst;
353
34
struct stat st;
354
fd_set rfds_all;
35
fd_set rfds_orig;
355
36
int ret, maxfd = 0;
356
ssize_t sret;
357
uid_t uid = 65534;
358
gid_t gid = 65534;
359
bool debug = false;
360
int exitstatus = EXIT_SUCCESS;
361
struct sigaction old_sigchld_action;
362
struct sigaction sigchld_action = { .sa_handler = handle_sigchld,
363
.sa_flags = SA_NOCLDSTOP };
364
char **custom_argv = NULL;
365
int custom_argc = 0;
366
int dir_fd;
367
368
/* Establish a signal handler */
369
sigemptyset(&sigchld_action.sa_mask);
370
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
371
if(ret == -1){
372
error(0, errno, "sigaddset");
373
exitstatus = EX_OSERR;
374
goto fallback;
375
}
376
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
377
if(ret == -1){
378
error(0, errno, "sigaction");
379
exitstatus = EX_OSERR;
380
goto fallback;
381
}
382
383
/* The options we understand. */
384
struct argp_option options[] = {
385
{ .name = "global-options", .key = 'g',
386
.arg = "OPTION[,OPTION[,...]]",
387
.doc = "Options passed to all plugins" },
388
{ .name = "global-env", .key = 'G',
389
.arg = "VAR=value",
390
.doc = "Environment variable passed to all plugins" },
391
{ .name = "options-for", .key = 'o',
392
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
393
.doc = "Options passed only to specified plugin" },
394
{ .name = "env-for", .key = 'E',
395
.arg = "PLUGIN:ENV=value",
396
.doc = "Environment variable passed to specified plugin" },
397
{ .name = "disable", .key = 'd',
398
.arg = "PLUGIN",
399
.doc = "Disable a specific plugin", .group = 1 },
400
{ .name = "enable", .key = 'e',
401
.arg = "PLUGIN",
402
.doc = "Enable a specific plugin", .group = 1 },
403
{ .name = "plugin-dir", .key = 128,
404
.arg = "DIRECTORY",
405
.doc = "Specify a different plugin directory", .group = 2 },
406
{ .name = "config-file", .key = 129,
407
.arg = "FILE",
408
.doc = "Specify a different configuration file", .group = 2 },
409
{ .name = "userid", .key = 130,
410
.arg = "ID", .flags = 0,
411
.doc = "User ID the plugins will run as", .group = 3 },
412
{ .name = "groupid", .key = 131,
413
.arg = "ID", .flags = 0,
414
.doc = "Group ID the plugins will run as", .group = 3 },
415
{ .name = "debug", .key = 132,
416
.doc = "Debug mode", .group = 4 },
417
/*
418
* These reproduce what we would get without ARGP_NO_HELP
419
*/
420
{ .name = "help", .key = '?',
421
.doc = "Give this help list", .group = -1 },
422
{ .name = "usage", .key = -3,
423
.doc = "Give a short usage message", .group = -1 },
424
{ .name = "version", .key = 'V',
425
.doc = "Print program version", .group = -1 },
426
{ .name = NULL }
427
};
428
429
__attribute__((nonnull(3)))
430
error_t parse_opt(int key, char *arg, struct argp_state *state){
431
errno = 0;
432
switch(key){
433
char *tmp;
434
intmax_t tmp_id;
435
case 'g': /* --global-options */
436
{
437
char *plugin_option;
438
while((plugin_option = strsep(&arg, ",")) != NULL){
439
if(not add_argument(getplugin(NULL), plugin_option)){
440
break;
441
}
442
}
443
errno = 0;
444
}
445
break;
446
case 'G': /* --global-env */
447
if(add_environment(getplugin(NULL), arg, true)){
448
errno = 0;
449
}
450
break;
451
case 'o': /* --options-for */
452
{
453
char *option_list = strchr(arg, ':');
454
if(option_list == NULL){
455
argp_error(state, "No colon in \"%s\"", arg);
456
errno = EINVAL;
457
break;
458
}
459
*option_list = '\0';
460
option_list++;
461
if(arg[0] == '\0'){
462
argp_error(state, "Empty plugin name");
463
errno = EINVAL;
464
break;
465
}
466
char *option;
467
while((option = strsep(&option_list, ",")) != NULL){
468
if(not add_argument(getplugin(arg), option)){
469
break;
470
}
471
}
472
errno = 0;
473
}
474
break;
475
case 'E': /* --env-for */
476
{
477
char *envdef = strchr(arg, ':');
478
if(envdef == NULL){
479
argp_error(state, "No colon in \"%s\"", arg);
480
errno = EINVAL;
481
break;
482
}
483
*envdef = '\0';
484
envdef++;
485
if(arg[0] == '\0'){
486
argp_error(state, "Empty plugin name");
487
errno = EINVAL;
488
break;
489
}
490
if(add_environment(getplugin(arg), envdef, true)){
491
errno = 0;
492
}
493
}
494
break;
495
case 'd': /* --disable */
496
{
497
plugin *p = getplugin(arg);
498
if(p != NULL){
499
p->disabled = true;
500
errno = 0;
501
}
502
}
503
break;
504
case 'e': /* --enable */
505
{
506
plugin *p = getplugin(arg);
507
if(p != NULL){
508
p->disabled = false;
509
errno = 0;
510
}
511
}
512
break;
513
case 128: /* --plugin-dir */
514
free(plugindir);
515
plugindir = strdup(arg);
516
if(plugindir != NULL){
517
errno = 0;
518
}
519
break;
520
case 129: /* --config-file */
521
/* This is already done by parse_opt_config_file() */
522
break;
523
case 130: /* --userid */
524
tmp_id = strtoimax(arg, &tmp, 10);
525
if(errno != 0 or tmp == arg or *tmp != '\0'
526
or tmp_id != (uid_t)tmp_id){
527
argp_error(state, "Bad user ID number: \"%s\", using %"
528
PRIdMAX, arg, (intmax_t)uid);
529
break;
530
}
531
uid = (uid_t)tmp_id;
532
errno = 0;
533
break;
534
case 131: /* --groupid */
535
tmp_id = strtoimax(arg, &tmp, 10);
536
if(errno != 0 or tmp == arg or *tmp != '\0'
537
or tmp_id != (gid_t)tmp_id){
538
argp_error(state, "Bad group ID number: \"%s\", using %"
539
PRIdMAX, arg, (intmax_t)gid);
540
break;
541
}
542
gid = (gid_t)tmp_id;
543
errno = 0;
544
break;
545
case 132: /* --debug */
546
debug = true;
547
break;
548
/*
549
* These reproduce what we would get without ARGP_NO_HELP
550
*/
551
case '?': /* --help */
552
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
553
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
554
case -3: /* --usage */
555
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
556
argp_state_help(state, state->out_stream,
557
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
558
case 'V': /* --version */
559
fprintf(state->out_stream, "%s\n", argp_program_version);
560
exit(EXIT_SUCCESS);
561
break;
562
/*
563
* When adding more options before this line, remember to also add a
564
* "case" to the "parse_opt_config_file" function below.
565
*/
566
case ARGP_KEY_ARG:
567
/* Cryptsetup always passes an argument, which is an empty
568
string if "none" was specified in /etc/crypttab. So if
569
argument was empty, we ignore it silently. */
570
if(arg[0] == '\0'){
571
break;
572
}
573
default:
574
return ARGP_ERR_UNKNOWN;
575
}
576
return errno; /* Set to 0 at start */
577
}
578
579
/* This option parser is the same as parse_opt() above, except it
580
ignores everything but the --config-file option. */
581
error_t parse_opt_config_file(int key, char *arg,
582
__attribute__((unused))
583
struct argp_state *state){
584
errno = 0;
585
switch(key){
586
case 'g': /* --global-options */
587
case 'G': /* --global-env */
588
case 'o': /* --options-for */
589
case 'E': /* --env-for */
590
case 'd': /* --disable */
591
case 'e': /* --enable */
592
case 128: /* --plugin-dir */
593
break;
594
case 129: /* --config-file */
595
free(argfile);
596
argfile = strdup(arg);
597
if(argfile != NULL){
598
errno = 0;
599
}
600
break;
601
case 130: /* --userid */
602
case 131: /* --groupid */
603
case 132: /* --debug */
604
case '?': /* --help */
605
case -3: /* --usage */
606
case 'V': /* --version */
607
case ARGP_KEY_ARG:
608
break;
609
default:
610
return ARGP_ERR_UNKNOWN;
611
}
612
return errno;
613
}
614
615
struct argp argp = { .options = options,
616
.parser = parse_opt_config_file,
617
.args_doc = "",
618
.doc = "Mandos plugin runner -- Run plugins" };
619
620
/* Parse using parse_opt_config_file() in order to get the custom
621
config file location, if any. */
622
ret = argp_parse(&argp, argc, argv,
623
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
624
NULL, NULL);
625
switch(ret){
626
case 0:
627
break;
628
case ENOMEM:
629
default:
630
errno = ret;
631
error(0, errno, "argp_parse");
632
exitstatus = EX_OSERR;
633
goto fallback;
634
case EINVAL:
635
exitstatus = EX_USAGE;
636
goto fallback;
637
}
638
639
/* Reset to the normal argument parser */
640
argp.parser = parse_opt;
641
642
/* Open the configfile if available */
643
if(argfile == NULL){
644
conffp = fopen(AFILE, "r");
645
} else {
646
conffp = fopen(argfile, "r");
647
}
648
if(conffp != NULL){
649
char *org_line = NULL;
650
char *p, *arg, *new_arg, *line;
651
size_t size = 0;
652
const char whitespace_delims[] = " \r\t\f\v\n";
653
const char comment_delim[] = "#";
654
655
custom_argc = 1;
656
custom_argv = malloc(sizeof(char*) * 2);
657
if(custom_argv == NULL){
658
error(0, errno, "malloc");
659
exitstatus = EX_OSERR;
660
goto fallback;
661
}
662
custom_argv[0] = argv[0];
663
custom_argv[1] = NULL;
664
665
/* for each line in the config file, strip whitespace and ignore
666
commented text */
667
while(true){
668
sret = getline(&org_line, &size, conffp);
669
if(sret == -1){
670
break;
671
}
672
673
line = org_line;
674
arg = strsep(&line, comment_delim);
675
while((p = strsep(&arg, whitespace_delims)) != NULL){
676
if(p[0] == '\0'){
677
continue;
678
}
679
new_arg = strdup(p);
680
if(new_arg == NULL){
681
error(0, errno, "strdup");
682
exitstatus = EX_OSERR;
683
free(org_line);
684
goto fallback;
685
}
686
687
custom_argc += 1;
688
{
689
char **new_argv = realloc(custom_argv, sizeof(char *)
690
* ((unsigned int)
691
custom_argc + 1));
692
if(new_argv == NULL){
693
error(0, errno, "realloc");
694
exitstatus = EX_OSERR;
695
free(new_arg);
696
free(org_line);
697
goto fallback;
698
} else {
699
custom_argv = new_argv;
700
}
701
}
702
custom_argv[custom_argc-1] = new_arg;
703
custom_argv[custom_argc] = NULL;
704
}
705
}
706
do {
707
ret = fclose(conffp);
708
} while(ret == EOF and errno == EINTR);
709
if(ret == EOF){
710
error(0, errno, "fclose");
711
exitstatus = EX_IOERR;
712
goto fallback;
713
}
714
free(org_line);
715
} else {
716
/* Check for harmful errors and go to fallback. Other errors might
717
not affect opening plugins */
718
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
719
error(0, errno, "fopen");
720
exitstatus = EX_OSERR;
721
goto fallback;
722
}
723
}
724
/* If there were any arguments from the configuration file, pass
725
them to parser as command line arguments */
726
if(custom_argv != NULL){
727
ret = argp_parse(&argp, custom_argc, custom_argv,
728
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
729
NULL, NULL);
730
switch(ret){
731
case 0:
732
break;
733
case ENOMEM:
734
default:
735
errno = ret;
736
error(0, errno, "argp_parse");
737
exitstatus = EX_OSERR;
738
goto fallback;
739
case EINVAL:
740
exitstatus = EX_CONFIG;
741
goto fallback;
742
}
743
}
744
745
/* Parse actual command line arguments, to let them override the
746
config file */
747
ret = argp_parse(&argp, argc, argv,
748
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
749
NULL, NULL);
750
switch(ret){
751
case 0:
752
break;
753
case ENOMEM:
754
default:
755
errno = ret;
756
error(0, errno, "argp_parse");
757
exitstatus = EX_OSERR;
758
goto fallback;
759
case EINVAL:
760
exitstatus = EX_USAGE;
761
goto fallback;
762
}
763
764
if(debug){
765
for(plugin *p = plugin_list; p != NULL; p=p->next){
766
fprintf(stderr, "Plugin: %s has %d arguments\n",
767
p->name ? p->name : "Global", p->argc - 1);
768
for(char **a = p->argv; *a != NULL; a++){
769
fprintf(stderr, "\tArg: %s\n", *a);
770
}
771
fprintf(stderr, "...and %d environment variables\n", p->envc);
772
for(char **a = p->environ; *a != NULL; a++){
773
fprintf(stderr, "\t%s\n", *a);
774
}
775
}
776
}
777
778
if(getuid() == 0){
779
/* Work around Debian bug #633582:
780
<http://bugs.debian.org/633582> */
781
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
782
if(plugindir_fd == -1){
783
if(errno != ENOENT){
784
error(0, errno, "open(\"" PDIR "\")");
785
}
786
} else {
787
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
788
if(ret == -1){
789
error(0, errno, "fstat");
790
} else {
791
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
792
ret = fchown(plugindir_fd, uid, gid);
793
if(ret == -1){
794
error(0, errno, "fchown");
795
}
796
}
797
}
798
TEMP_FAILURE_RETRY(close(plugindir_fd));
799
}
800
}
801
802
/* Lower permissions */
803
ret = setgid(gid);
804
if(ret == -1){
805
error(0, errno, "setgid");
806
}
807
ret = setuid(uid);
808
if(ret == -1){
809
error(0, errno, "setuid");
810
}
811
812
/* Open plugin directory with close_on_exec flag */
813
{
814
dir_fd = open(plugindir != NULL ? plugindir : PDIR, O_RDONLY |
815
#ifdef O_CLOEXEC
816
O_CLOEXEC
817
#else /* not O_CLOEXEC */
818
0
819
#endif /* not O_CLOEXEC */
820
);
821
if(dir_fd == -1){
822
error(0, errno, "Could not open plugin dir");
823
exitstatus = EX_UNAVAILABLE;
824
goto fallback;
825
}
826
827
#ifndef O_CLOEXEC
828
/* Set the FD_CLOEXEC flag on the directory */
829
ret = set_cloexec_flag(dir_fd);
830
if(ret < 0){
831
error(0, errno, "set_cloexec_flag");
832
TEMP_FAILURE_RETRY(close(dir_fd));
833
exitstatus = EX_OSERR;
834
goto fallback;
835
}
836
#endif /* O_CLOEXEC */
837
838
dir = fdopendir(dir_fd);
839
if(dir == NULL){
840
error(0, errno, "Could not open plugin dir");
841
TEMP_FAILURE_RETRY(close(dir_fd));
842
exitstatus = EX_OSERR;
843
goto fallback;
844
}
845
}
846
847
FD_ZERO(&rfds_all);
848
849
/* Read and execute any executable in the plugin directory*/
37
process *process_list = NULL;
38
39
dir = opendir(plugindir);
40
41
if(dir == NULL){
42
fprintf(stderr, "Can not open directory\n");
43
return EXIT_FAILURE;
44
}
45
46
FD_ZERO(&rfds_orig);
47
850
48
while(true){
851
do {
852
dirst = readdir(dir);
853
} while(dirst == NULL and errno == EINTR);
49
dirst = readdir(dir);
854
50
855
/* All directory entries have been processed */
51
// All directory entries have been processed
856
52
if(dirst == NULL){
857
if(errno == EBADF){
858
error(0, errno, "readdir");
859
exitstatus = EX_IOERR;
860
goto fallback;
861
}
862
53
break;
863
54
}
864
55
865
/* Ignore dotfiles, backup files and other junk */
866
{
867
bool bad_name = false;
868
const char * const patterns[] = { ".*", "#*#", "*~",
869
"*.dpkg-new", "*.dpkg-old",
870
"*.dpkg-bak", "*.dpkg-divert",
871
NULL };
872
#ifdef __GNUC__
873
#pragma GCC diagnostic push
874
#pragma GCC diagnostic ignored "-Wcast-qual"
875
#endif
876
for(const char **pat = (const char **)patterns;
877
*pat != NULL; pat++){
878
#ifdef __GNUC__
879
#pragma GCC diagnostic pop
880
#endif
881
if(fnmatch(*pat, dirst->d_name,
882
FNM_FILE_NAME | FNM_PERIOD) != FNM_NOMATCH){
883
if(debug){
884
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
885
" matching pattern %s\n", dirst->d_name, *pat);
886
}
887
bad_name = true;
888
break;
889
}
890
}
891
if(bad_name){
892
continue;
893
}
894
}
895
896
int plugin_fd = openat(dir_fd, dirst->d_name, O_RDONLY |
897
#ifdef O_CLOEXEC
898
O_CLOEXEC
899
#else /* not O_CLOEXEC */
900
0
901
#endif /* not O_CLOEXEC */
902
);
903
if(plugin_fd == -1){
904
error(0, errno, "Could not open plugin");
905
continue;
906
}
907
#ifndef O_CLOEXEC
908
/* Set the FD_CLOEXEC flag on the plugin FD */
909
ret = set_cloexec_flag(plugin_fd);
910
if(ret < 0){
911
error(0, errno, "set_cloexec_flag");
912
TEMP_FAILURE_RETRY(close(plugin_fd));
913
continue;
914
}
915
#endif /* O_CLOEXEC */
916
ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
917
if(ret == -1){
918
error(0, errno, "stat");
919
TEMP_FAILURE_RETRY(close(plugin_fd));
920
continue;
921
}
922
923
/* Ignore non-executable files */
924
if(not S_ISREG(st.st_mode)
925
or (TEMP_FAILURE_RETRY(faccessat(dir_fd, dirst->d_name, X_OK,
926
0)) != 0)){
927
if(debug){
928
fprintf(stderr, "Ignoring plugin dir entry \"%s/%s\""
929
" with bad type or mode\n",
930
plugindir != NULL ? plugindir : PDIR, dirst->d_name);
931
}
932
TEMP_FAILURE_RETRY(close(plugin_fd));
933
continue;
934
}
935
936
plugin *p = getplugin(dirst->d_name);
937
if(p == NULL){
938
error(0, errno, "getplugin");
939
TEMP_FAILURE_RETRY(close(plugin_fd));
940
continue;
941
}
942
if(p->disabled){
943
if(debug){
944
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
945
dirst->d_name);
946
}
947
TEMP_FAILURE_RETRY(close(plugin_fd));
948
continue;
949
}
950
{
951
/* Add global arguments to argument list for this plugin */
952
plugin *g = getplugin(NULL);
953
if(g != NULL){
954
for(char **a = g->argv + 1; *a != NULL; a++){
955
if(not add_argument(p, *a)){
956
error(0, errno, "add_argument");
957
}
958
}
959
/* Add global environment variables */
960
for(char **e = g->environ; *e != NULL; e++){
961
if(not add_environment(p, *e, false)){
962
error(0, errno, "add_environment");
963
}
964
}
965
}
966
}
967
/* If this plugin has any environment variables, we need to
968
duplicate the environment from this process, too. */
969
if(p->environ[0] != NULL){
970
for(char **e = environ; *e != NULL; e++){
971
if(not add_environment(p, *e, false)){
972
error(0, errno, "add_environment");
973
}
974
}
975
}
976
977
int pipefd[2];
978
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
979
if(ret == -1){
980
error(0, errno, "pipe");
981
exitstatus = EX_OSERR;
982
goto fallback;
983
}
984
/* Ask OS to automatic close the pipe on exec */
985
ret = set_cloexec_flag(pipefd[0]);
986
if(ret < 0){
987
error(0, errno, "set_cloexec_flag");
988
exitstatus = EX_OSERR;
989
goto fallback;
990
}
991
ret = set_cloexec_flag(pipefd[1]);
992
if(ret < 0){
993
error(0, errno, "set_cloexec_flag");
994
exitstatus = EX_OSERR;
995
goto fallback;
996
}
997
/* Block SIGCHLD until process is safely in process list */
998
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
999
&sigchld_action.sa_mask,
1000
NULL));
1001
if(ret < 0){
1002
error(0, errno, "sigprocmask");
1003
exitstatus = EX_OSERR;
1004
goto fallback;
1005
}
1006
/* Starting a new process to be watched */
1007
pid_t pid;
1008
do {
1009
pid = fork();
1010
} while(pid == -1 and errno == EINTR);
1011
if(pid == -1){
1012
error(0, errno, "fork");
1013
exitstatus = EX_OSERR;
1014
goto fallback;
1015
}
1016
if(pid == 0){
1017
/* this is the child process */
1018
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1019
if(ret < 0){
1020
error(0, errno, "sigaction");
1021
_exit(EX_OSERR);
1022
}
1023
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1024
if(ret < 0){
1025
error(0, errno, "sigprocmask");
1026
_exit(EX_OSERR);
1027
}
1028
1029
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
1030
if(ret == -1){
1031
error(0, errno, "dup2");
1032
_exit(EX_OSERR);
1033
}
1034
1035
if(dirfd(dir) < 0){
1036
/* If dir has no file descriptor, we could not set FD_CLOEXEC
1037
above and must now close it manually here. */
56
d_name_len = strlen(dirst->d_name);
57
58
// Ignore dotfiles and backup files
59
if (dirst->d_name[0] == '.'
60
or dirst->d_name[d_name_len - 1] == '~'){
61
continue;
62
}
63
64
char *filename = malloc(d_name_len + plugindir_len + 1);
65
strcpy(filename, plugindir);
66
strcat(filename, "/");
67
strcat(filename, dirst->d_name);
68
69
stat(filename, &st);
70
71
if (S_ISREG(st.st_mode) and (access(filename, X_OK) == 0)){
72
// Starting a new process to be watched
73
process *new_process = malloc(sizeof(process));
74
int pipefd[2];
75
pipe(pipefd);
76
new_process->pid = fork();
77
if(new_process->pid == 0){
78
/* this is the child process */
1038
79
closedir(dir);
1039
}
1040
if(fexecve(plugin_fd, p->argv,
1041
(p->environ[0] != NULL) ? p->environ : environ) < 0){
1042
error(0, errno, "fexecve for %s/%s",
1043
plugindir != NULL ? plugindir : PDIR, dirst->d_name);
1044
_exit(EX_OSERR);
1045
}
1046
/* no return */
1047
}
1048
/* Parent process */
1049
TEMP_FAILURE_RETRY(close(pipefd[1])); /* Close unused write end of
1050
pipe */
1051
TEMP_FAILURE_RETRY(close(plugin_fd));
1052
plugin *new_plugin = getplugin(dirst->d_name);
1053
if(new_plugin == NULL){
1054
error(0, errno, "getplugin");
1055
ret = (int)(TEMP_FAILURE_RETRY
1056
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1057
NULL)));
1058
if(ret < 0){
1059
error(0, errno, "sigprocmask");
1060
}
1061
exitstatus = EX_OSERR;
1062
goto fallback;
1063
}
1064
1065
new_plugin->pid = pid;
1066
new_plugin->fd = pipefd[0];
1067
1068
/* Unblock SIGCHLD so signal handler can be run if this process
1069
has already completed */
1070
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1071
&sigchld_action.sa_mask,
1072
NULL));
1073
if(ret < 0){
1074
error(0, errno, "sigprocmask");
1075
exitstatus = EX_OSERR;
1076
goto fallback;
1077
}
1078
1079
#if defined (__GNUC__) and defined (__GLIBC__)
1080
#if not __GLIBC_PREREQ(2, 16)
1081
#pragma GCC diagnostic push
1082
#pragma GCC diagnostic ignored "-Wsign-conversion"
1083
#endif
1084
#endif
1085
FD_SET(new_plugin->fd, &rfds_all); /* Spurious warning from
1086
-Wconversion in GNU libc
1087
before 2.16 */
1088
#if defined (__GNUC__) and defined (__GLIBC__)
1089
#if not __GLIBC_PREREQ(2, 16)
1090
#pragma GCC diagnostic pop
1091
#endif
1092
#endif
1093
1094
if(maxfd < new_plugin->fd){
1095
maxfd = new_plugin->fd;
1096
}
1097
}
1098
1099
TEMP_FAILURE_RETRY(closedir(dir));
1100
dir = NULL;
1101
free_plugin(getplugin(NULL));
1102
1103
for(plugin *p = plugin_list; p != NULL; p = p->next){
1104
if(p->pid != 0){
80
close(pipefd[0]); /* close unused read end of pipe */
81
dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
82
/* create a new modified argument list */
83
char **new_argv = malloc(sizeof(char *) * argc + 1);
84
new_argv[0] = filename;
85
for(int i = 1; i < argc; i++){
86
new_argv[i] = argv[i];
87
}
88
new_argv[argc] = NULL;
89
if(execv(filename, new_argv) < 0){
90
perror(argv[0]);
91
close(pipefd[1]);
92
exit(EXIT_FAILURE);
93
}
94
/* no return */
95
}
96
close(pipefd[1]); /* close unused write end of pipe */
97
new_process->fd = pipefd[0];
98
new_process->buffer = malloc(BUFFER_SIZE);
99
if (new_process->buffer == NULL){
100
perror(argv[0]);
101
goto end;
102
}
103
new_process->buffer_size = BUFFER_SIZE;
104
new_process->buffer_length = 0;
105
FD_SET(new_process->fd, &rfds_orig);
106
107
if (maxfd < new_process->fd){
108
maxfd = new_process->fd;
109
}
110
111
//List handling
112
new_process->next = process_list;
113
process_list = new_process;
114
}
115
}
116
117
closedir(dir);
118
119
if (process_list != NULL){
120
while(true){
121
fd_set rfds = rfds_orig;
122
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
123
if (select_ret == -1){
124
perror(argv[0]);
125
goto end;
126
}else{
127
for(process *process_itr = process_list; process_itr != NULL;
128
process_itr = process_itr->next){
129
if(FD_ISSET(process_itr->fd, &rfds)){
130
if(process_itr->buffer_length + BUFFER_SIZE
131
> process_itr->buffer_size){
132
process_itr->buffer = realloc(process_itr->buffer,
133
process_itr->buffer_size
134
+ BUFFER_SIZE);
135
if (process_itr->buffer == NULL){
136
perror(argv[0]);
137
goto end;
138
}
139
process_itr->buffer_size += BUFFER_SIZE;
140
}
141
ret = read(process_itr->fd, process_itr->buffer
142
+ process_itr->buffer_length, BUFFER_SIZE);
143
process_itr->buffer_length+=ret;
144
if(ret == 0){
145
/* got EOF */
146
/* wait for process exit */
147
int status;
148
waitpid(process_itr->pid, &status, 0);
149
if(WIFEXITED(status) and WEXITSTATUS(status) == 0){
150
write(STDOUT_FILENO, process_itr->buffer,
151
process_itr->buffer_length);
152
goto end;
153
} else {
154
FD_CLR(process_itr->fd, &rfds_orig);
155
}
156
}
157
}
158
}
159
}
160
}
161
}
162
163
end:
164
for(process *process_itr = process_list; process_itr != NULL;
165
process_itr = process_itr->next){
166
close(process_itr->fd);
167
kill(process_itr->pid, SIGTERM);
168
free(process_itr->buffer);
169
}
170
171
while(true){
172
int status;
173
ret = wait(&status);
174
if (ret == -1){
175
if(errno != ECHILD){
176
perror("wait");
177
}
1105
178
break;
1106
179
}
1107
if(p->next == NULL){
1108
fprintf(stderr, "No plugin processes started. Incorrect plugin"
1109
" directory?\n");
1110
free_plugin_list();
1111
}
1112
}
1113
1114
/* Main loop while running plugins exist */
1115
while(plugin_list){
1116
fd_set rfds = rfds_all;
1117
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
1118
if(select_ret == -1 and errno != EINTR){
1119
error(0, errno, "select");
1120
exitstatus = EX_OSERR;
1121
goto fallback;
1122
}
1123
/* OK, now either a process completed, or something can be read
1124
from one of them */
1125
for(plugin *proc = plugin_list; proc != NULL;){
1126
/* Is this process completely done? */
1127
if(proc->completed and proc->eof){
1128
/* Only accept the plugin output if it exited cleanly */
1129
if(not WIFEXITED(proc->status)
1130
or WEXITSTATUS(proc->status) != 0){
1131
/* Bad exit by plugin */
1132
1133
if(debug){
1134
if(WIFEXITED(proc->status)){
1135
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1136
" status %d\n", proc->name,
1137
(intmax_t) (proc->pid),
1138
WEXITSTATUS(proc->status));
1139
} else if(WIFSIGNALED(proc->status)){
1140
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1141
" signal %d: %s\n", proc->name,
1142
(intmax_t) (proc->pid),
1143
WTERMSIG(proc->status),
1144
strsignal(WTERMSIG(proc->status)));
1145
} else if(WCOREDUMP(proc->status)){
1146
fprintf(stderr, "Plugin %s [%" PRIdMAX "] dumped"
1147
" core\n", proc->name, (intmax_t) (proc->pid));
1148
}
1149
}
1150
1151
/* Remove the plugin */
1152
#if defined (__GNUC__) and defined (__GLIBC__)
1153
#if not __GLIBC_PREREQ(2, 16)
1154
#pragma GCC diagnostic push
1155
#pragma GCC diagnostic ignored "-Wsign-conversion"
1156
#endif
1157
#endif
1158
FD_CLR(proc->fd, &rfds_all); /* Spurious warning from
1159
-Wconversion in GNU libc
1160
before 2.16 */
1161
#if defined (__GNUC__) and defined (__GLIBC__)
1162
#if not __GLIBC_PREREQ(2, 16)
1163
#pragma GCC diagnostic pop
1164
#endif
1165
#endif
1166
1167
/* Block signal while modifying process_list */
1168
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1169
(SIG_BLOCK,
1170
&sigchld_action.sa_mask,
1171
NULL));
1172
if(ret < 0){
1173
error(0, errno, "sigprocmask");
1174
exitstatus = EX_OSERR;
1175
goto fallback;
1176
}
1177
1178
plugin *next_plugin = proc->next;
1179
free_plugin(proc);
1180
proc = next_plugin;
1181
1182
/* We are done modifying process list, so unblock signal */
1183
ret = (int)(TEMP_FAILURE_RETRY
1184
(sigprocmask(SIG_UNBLOCK,
1185
&sigchld_action.sa_mask, NULL)));
1186
if(ret < 0){
1187
error(0, errno, "sigprocmask");
1188
exitstatus = EX_OSERR;
1189
goto fallback;
1190
}
1191
1192
if(plugin_list == NULL){
1193
break;
1194
}
1195
1196
continue;
1197
}
1198
1199
/* This process exited nicely, so print its buffer */
1200
1201
bool bret = print_out_password(proc->buffer,
1202
proc->buffer_length);
1203
if(not bret){
1204
error(0, errno, "print_out_password");
1205
exitstatus = EX_IOERR;
1206
}
1207
goto fallback;
1208
}
1209
1210
/* This process has not completed. Does it have any output? */
1211
#if defined (__GNUC__) and defined (__GLIBC__)
1212
#if not __GLIBC_PREREQ(2, 16)
1213
#pragma GCC diagnostic push
1214
#pragma GCC diagnostic ignored "-Wsign-conversion"
1215
#endif
1216
#endif
1217
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){ /* Spurious
1218
warning from
1219
-Wconversion
1220
in GNU libc
1221
before
1222
2.16 */
1223
#if defined (__GNUC__) and defined (__GLIBC__)
1224
#if not __GLIBC_PREREQ(2, 16)
1225
#pragma GCC diagnostic pop
1226
#endif
1227
#endif
1228
/* This process had nothing to say at this time */
1229
proc = proc->next;
1230
continue;
1231
}
1232
/* Before reading, make the process' data buffer large enough */
1233
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1234
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1235
+ (size_t) BUFFER_SIZE);
1236
if(new_buffer == NULL){
1237
error(0, errno, "malloc");
1238
exitstatus = EX_OSERR;
1239
goto fallback;
1240
}
1241
proc->buffer = new_buffer;
1242
proc->buffer_size += BUFFER_SIZE;
1243
}
1244
/* Read from the process */
1245
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1246
proc->buffer
1247
+ proc->buffer_length,
1248
BUFFER_SIZE));
1249
if(sret < 0){
1250
/* Read error from this process; ignore the error */
1251
proc = proc->next;
1252
continue;
1253
}
1254
if(sret == 0){
1255
/* got EOF */
1256
proc->eof = true;
1257
} else {
1258
proc->buffer_length += (size_t) sret;
1259
}
1260
}
1261
}
1262
1263
1264
fallback:
1265
1266
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1267
and exitstatus != EX_OK)){
1268
/* Fallback if all plugins failed, none are found or an error
1269
occured */
1270
bool bret;
1271
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
1272
char *passwordbuffer = getpass("Password: ");
1273
size_t len = strlen(passwordbuffer);
1274
/* Strip trailing newline */
1275
if(len > 0 and passwordbuffer[len-1] == '\n'){
1276
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1277
len--;
1278
}
1279
bret = print_out_password(passwordbuffer, len);
1280
if(not bret){
1281
error(0, errno, "print_out_password");
1282
exitstatus = EX_IOERR;
1283
}
1284
}
1285
1286
/* Restore old signal handler */
1287
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1288
if(ret == -1){
1289
error(0, errno, "sigaction");
1290
exitstatus = EX_OSERR;
1291
}
1292
1293
if(custom_argv != NULL){
1294
for(char **arg = custom_argv+1; *arg != NULL; arg++){
1295
free(*arg);
1296
}
1297
free(custom_argv);
1298
}
1299
1300
if(dir != NULL){
1301
closedir(dir);
1302
}
1303
1304
/* Kill the processes */
1305
for(plugin *p = plugin_list; p != NULL; p = p->next){
1306
if(p->pid != 0){
1307
close(p->fd);
1308
ret = kill(p->pid, SIGTERM);
1309
if(ret == -1 and errno != ESRCH){
1310
/* Set-uid proccesses might not get closed */
1311
error(0, errno, "kill");
1312
}
1313
}
1314
}
1315
1316
/* Wait for any remaining child processes to terminate */
1317
do {
1318
ret = wait(NULL);
1319
} while(ret >= 0);
1320
if(errno != ECHILD){
1321
error(0, errno, "wait");
1322
}
1323
1324
free_plugin_list();
1325
1326
free(plugindir);
1327
free(argfile);
1328
1329
return exitstatus;
180
}
181
return EXIT_SUCCESS;
1330
182
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0