To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugbasedclient.c
- browse files at revision 13
- compare with another revision
- download diff
- download tarball
- view history from revision 13
- Committer: Björn Påhlsson
- Date: 2008-07-20 02:52:20 UTC
- Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
plugbasedclient.c
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
/*
3
* Mandos plugin runner - Run Mandos plugins
4
*
5
* Copyright © 2008-2014 Teddy Hogeborn
6
* Copyright © 2008-2014 Björn Påhlsson
7
*
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
12
*
13
* This program is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* General Public License for more details.
17
*
18
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
21
*
22
* Contact the authors at <mandos@recompile.se>.
23
*/
24
25
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
26
O_CLOEXEC, pipe2() */
27
#include <stddef.h> /* size_t, NULL */
28
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
29
realloc() */
30
#include <stdbool.h> /* bool, true, false */
31
#include <stdio.h> /* fileno(), fprintf(),
32
stderr, STDOUT_FILENO, fclose() */
33
#include <sys/types.h> /* fstat(), struct stat, waitpid(),
34
WIFEXITED(), WEXITSTATUS(), wait(),
35
pid_t, uid_t, gid_t, getuid(),
36
getgid() */
37
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
38
FD_SET(), FD_ISSET(), FD_CLR */
39
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
40
WEXITSTATUS(), WTERMSIG(),
41
WCOREDUMP() */
42
#include <sys/stat.h> /* struct stat, fstat(), S_ISREG() */
43
#include <iso646.h> /* and, or, not */
44
#include <dirent.h> /* struct dirent, scandirat() */
45
#include <unistd.h> /* fcntl(), F_GETFD, F_SETFD,
46
FD_CLOEXEC, write(), STDOUT_FILENO,
47
struct stat, fstat(), close(),
48
setgid(), setuid(), S_ISREG(),
49
faccessat() pipe2(), fork(),
50
_exit(), dup2(), fexecve(), read()
51
*/
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
53
FD_CLOEXEC, openat(), scandirat(),
54
pipe2() */
55
#include <string.h> /* strsep, strlen(), strsignal(),
56
strcmp(), strncmp() */
57
#include <errno.h> /* errno */
58
#include <argp.h> /* struct argp_option, struct
59
argp_state, struct argp,
60
argp_parse(), ARGP_ERR_UNKNOWN,
61
ARGP_KEY_END, ARGP_KEY_ARG,
62
error_t */
63
#include <signal.h> /* struct sigaction, sigemptyset(),
64
sigaddset(), sigaction(),
65
sigprocmask(), SIG_BLOCK, SIGCHLD,
66
SIG_UNBLOCK, kill(), sig_atomic_t
67
*/
68
#include <errno.h> /* errno, EBADF */
69
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
70
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
71
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
72
#include <errno.h> /* errno */
73
#include <error.h> /* error() */
74
#include <fnmatch.h> /* fnmatch() */
75
76
#define BUFFER_SIZE 256
77
78
#define PDIR "/lib/mandos/plugins.d"
79
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
80
81
const char *argp_program_version = "plugin-runner " VERSION;
82
const char *argp_program_bug_address = "<mandos@recompile.se>";
83
84
typedef struct plugin{
85
char *name; /* can be NULL or any plugin name */
86
char **argv;
87
int argc;
88
char **environ;
89
int envc;
90
bool disabled;
91
92
/* Variables used for running processes*/
1
#include <stdio.h> /* popen, fileno */
2
#include <iso646.h> /* and, or, not */
3
#include <sys/types.h> /* DIR, opendir, stat, struct stat, waitpid,
4
WIFEXITED, WEXITSTATUS, wait */
5
#include <sys/wait.h> /* wait */
6
#include <dirent.h> /* DIR, opendir */
7
#include <sys/stat.h> /* stat, struct stat */
8
#include <unistd.h> /* stat, struct stat, chdir */
9
#include <stdlib.h> /* EXIT_FAILURE */
10
#include <sys/select.h> /* fd_set, select, FD_ZERO, FD_SET, FD_ISSET */
11
#include <string.h> /* strlen, strcpy, strcat */
12
#include <stdbool.h> /* true */
13
#include <sys/wait.h> /* waitpid, WIFEXITED, WEXITSTATUS */
14
#include <errno.h> /* errno */
15
16
struct process;
17
18
typedef struct process{
93
19
pid_t pid;
94
20
int fd;
95
21
char *buffer;
96
size_t buffer_size;
97
size_t buffer_length;
98
bool eof;
99
volatile sig_atomic_t completed;
100
int status;
101
struct plugin *next;
102
} plugin;
103
104
static plugin *plugin_list = NULL;
105
106
/* Gets an existing plugin based on name,
107
or if none is found, creates a new one */
108
__attribute__((warn_unused_result))
109
static plugin *getplugin(char *name){
110
/* Check for existing plugin with that name */
111
for(plugin *p = plugin_list; p != NULL; p = p->next){
112
if((p->name == name)
113
or (p->name and name and (strcmp(p->name, name) == 0))){
114
return p;
115
}
116
}
117
/* Create a new plugin */
118
plugin *new_plugin = NULL;
119
do {
120
new_plugin = malloc(sizeof(plugin));
121
} while(new_plugin == NULL and errno == EINTR);
122
if(new_plugin == NULL){
123
return NULL;
124
}
125
char *copy_name = NULL;
126
if(name != NULL){
127
do {
128
copy_name = strdup(name);
129
} while(copy_name == NULL and errno == EINTR);
130
if(copy_name == NULL){
131
int e = errno;
132
free(new_plugin);
133
errno = e;
134
return NULL;
135
}
136
}
137
138
*new_plugin = (plugin){ .name = copy_name,
139
.argc = 1,
140
.disabled = false,
141
.next = plugin_list };
142
143
do {
144
new_plugin->argv = malloc(sizeof(char *) * 2);
145
} while(new_plugin->argv == NULL and errno == EINTR);
146
if(new_plugin->argv == NULL){
147
int e = errno;
148
free(copy_name);
149
free(new_plugin);
150
errno = e;
151
return NULL;
152
}
153
new_plugin->argv[0] = copy_name;
154
new_plugin->argv[1] = NULL;
155
156
do {
157
new_plugin->environ = malloc(sizeof(char *));
158
} while(new_plugin->environ == NULL and errno == EINTR);
159
if(new_plugin->environ == NULL){
160
int e = errno;
161
free(copy_name);
162
free(new_plugin->argv);
163
free(new_plugin);
164
errno = e;
165
return NULL;
166
}
167
new_plugin->environ[0] = NULL;
168
169
/* Append the new plugin to the list */
170
plugin_list = new_plugin;
171
return new_plugin;
172
}
173
174
/* Helper function for add_argument and add_environment */
175
__attribute__((nonnull, warn_unused_result))
176
static bool add_to_char_array(const char *new, char ***array,
177
int *len){
178
/* Resize the pointed-to array to hold one more pointer */
179
char **new_array = NULL;
180
do {
181
new_array = realloc(*array, sizeof(char *)
182
* (size_t) ((*len) + 2));
183
} while(new_array == NULL and errno == EINTR);
184
/* Malloc check */
185
if(new_array == NULL){
186
return false;
187
}
188
*array = new_array;
189
/* Make a copy of the new string */
190
char *copy;
191
do {
192
copy = strdup(new);
193
} while(copy == NULL and errno == EINTR);
194
if(copy == NULL){
195
return false;
196
}
197
/* Insert the copy */
198
(*array)[*len] = copy;
199
(*len)++;
200
/* Add a new terminating NULL pointer to the last element */
201
(*array)[*len] = NULL;
202
return true;
203
}
204
205
/* Add to a plugin's argument vector */
206
__attribute__((nonnull(2), warn_unused_result))
207
static bool add_argument(plugin *p, const char *arg){
208
if(p == NULL){
209
return false;
210
}
211
return add_to_char_array(arg, &(p->argv), &(p->argc));
212
}
213
214
/* Add to a plugin's environment */
215
__attribute__((nonnull(2), warn_unused_result))
216
static bool add_environment(plugin *p, const char *def, bool replace){
217
if(p == NULL){
218
return false;
219
}
220
/* namelen = length of name of environment variable */
221
size_t namelen = (size_t)(strchrnul(def, '=') - def);
222
/* Search for this environment variable */
223
for(char **envdef = p->environ; *envdef != NULL; envdef++){
224
if(strncmp(*envdef, def, namelen + 1) == 0){
225
/* It already exists */
226
if(replace){
227
char *new_envdef;
228
do {
229
new_envdef = realloc(*envdef, strlen(def) + 1);
230
} while(new_envdef == NULL and errno == EINTR);
231
if(new_envdef == NULL){
232
return false;
233
}
234
*envdef = new_envdef;
235
strcpy(*envdef, def);
236
}
237
return true;
238
}
239
}
240
return add_to_char_array(def, &(p->environ), &(p->envc));
241
}
242
243
#ifndef O_CLOEXEC
244
/*
245
* Based on the example in the GNU LibC manual chapter 13.13 "File
246
* Descriptor Flags".
247
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
248
*/
249
__attribute__((warn_unused_result))
250
static int set_cloexec_flag(int fd){
251
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
252
/* If reading the flags failed, return error indication now. */
253
if(ret < 0){
254
return ret;
255
}
256
/* Store modified flag word in the descriptor. */
257
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
258
ret | FD_CLOEXEC));
259
}
260
#endif /* not O_CLOEXEC */
261
262
263
/* Mark processes as completed when they exit, and save their exit
264
status. */
265
static void handle_sigchld(__attribute__((unused)) int sig){
266
int old_errno = errno;
267
while(true){
268
plugin *proc = plugin_list;
269
int status;
270
pid_t pid = waitpid(-1, &status, WNOHANG);
271
if(pid == 0){
272
/* Only still running child processes */
273
break;
274
}
275
if(pid == -1){
276
if(errno == ECHILD){
277
/* No child processes */
278
break;
279
}
280
error(0, errno, "waitpid");
281
}
282
283
/* A child exited, find it in process_list */
284
while(proc != NULL and proc->pid != pid){
285
proc = proc->next;
286
}
287
if(proc == NULL){
288
/* Process not found in process list */
289
continue;
290
}
291
proc->status = status;
292
proc->completed = 1;
293
}
294
errno = old_errno;
295
}
296
297
/* Prints out a password to stdout */
298
__attribute__((nonnull, warn_unused_result))
299
static bool print_out_password(const char *buffer, size_t length){
300
ssize_t ret;
301
for(size_t written = 0; written < length; written += (size_t)ret){
302
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
303
length - written));
304
if(ret < 0){
305
return false;
306
}
307
}
308
return true;
309
}
310
311
/* Removes and free a plugin from the plugin list */
312
__attribute__((nonnull))
313
static void free_plugin(plugin *plugin_node){
314
315
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
316
free(*arg);
317
}
318
free(plugin_node->argv);
319
for(char **env = plugin_node->environ; *env != NULL; env++){
320
free(*env);
321
}
322
free(plugin_node->environ);
323
free(plugin_node->buffer);
324
325
/* Removes the plugin from the singly-linked list */
326
if(plugin_node == plugin_list){
327
/* First one - simple */
328
plugin_list = plugin_list->next;
329
} else {
330
/* Second one or later */
331
for(plugin *p = plugin_list; p != NULL; p = p->next){
332
if(p->next == plugin_node){
333
p->next = plugin_node->next;
334
break;
335
}
336
}
337
}
338
339
free(plugin_node);
340
}
341
342
static void free_plugin_list(void){
343
while(plugin_list != NULL){
344
free_plugin(plugin_list);
345
}
346
}
22
int buffer_size;
23
int buffer_length;
24
struct process *next;
25
} process;
26
27
#define BUFFER_SIZE 256
347
28
348
29
int main(int argc, char *argv[]){
349
char *plugindir = NULL;
350
char *argfile = NULL;
351
FILE *conffp;
352
struct dirent **direntries;
30
char plugindir[] = "plugins.d";
31
size_t d_name_len, plugindir_len = sizeof(plugindir)-1;
32
DIR *dir;
33
struct dirent *dirst;
353
34
struct stat st;
354
fd_set rfds_all;
35
fd_set rfds_orig;
355
36
int ret, maxfd = 0;
356
ssize_t sret;
357
uid_t uid = 65534;
358
gid_t gid = 65534;
359
bool debug = false;
360
int exitstatus = EXIT_SUCCESS;
361
struct sigaction old_sigchld_action;
362
struct sigaction sigchld_action = { .sa_handler = handle_sigchld,
363
.sa_flags = SA_NOCLDSTOP };
364
char **custom_argv = NULL;
365
int custom_argc = 0;
366
int dir_fd = -1;
367
368
/* Establish a signal handler */
369
sigemptyset(&sigchld_action.sa_mask);
370
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
371
if(ret == -1){
372
error(0, errno, "sigaddset");
373
exitstatus = EX_OSERR;
374
goto fallback;
375
}
376
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
377
if(ret == -1){
378
error(0, errno, "sigaction");
379
exitstatus = EX_OSERR;
380
goto fallback;
381
}
382
383
/* The options we understand. */
384
struct argp_option options[] = {
385
{ .name = "global-options", .key = 'g',
386
.arg = "OPTION[,OPTION[,...]]",
387
.doc = "Options passed to all plugins" },
388
{ .name = "global-env", .key = 'G',
389
.arg = "VAR=value",
390
.doc = "Environment variable passed to all plugins" },
391
{ .name = "options-for", .key = 'o',
392
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
393
.doc = "Options passed only to specified plugin" },
394
{ .name = "env-for", .key = 'E',
395
.arg = "PLUGIN:ENV=value",
396
.doc = "Environment variable passed to specified plugin" },
397
{ .name = "disable", .key = 'd',
398
.arg = "PLUGIN",
399
.doc = "Disable a specific plugin", .group = 1 },
400
{ .name = "enable", .key = 'e',
401
.arg = "PLUGIN",
402
.doc = "Enable a specific plugin", .group = 1 },
403
{ .name = "plugin-dir", .key = 128,
404
.arg = "DIRECTORY",
405
.doc = "Specify a different plugin directory", .group = 2 },
406
{ .name = "config-file", .key = 129,
407
.arg = "FILE",
408
.doc = "Specify a different configuration file", .group = 2 },
409
{ .name = "userid", .key = 130,
410
.arg = "ID", .flags = 0,
411
.doc = "User ID the plugins will run as", .group = 3 },
412
{ .name = "groupid", .key = 131,
413
.arg = "ID", .flags = 0,
414
.doc = "Group ID the plugins will run as", .group = 3 },
415
{ .name = "debug", .key = 132,
416
.doc = "Debug mode", .group = 4 },
417
/*
418
* These reproduce what we would get without ARGP_NO_HELP
419
*/
420
{ .name = "help", .key = '?',
421
.doc = "Give this help list", .group = -1 },
422
{ .name = "usage", .key = -3,
423
.doc = "Give a short usage message", .group = -1 },
424
{ .name = "version", .key = 'V',
425
.doc = "Print program version", .group = -1 },
426
{ .name = NULL }
427
};
428
429
__attribute__((nonnull(3)))
430
error_t parse_opt(int key, char *arg, struct argp_state *state){
431
errno = 0;
432
switch(key){
433
char *tmp;
434
intmax_t tmp_id;
435
case 'g': /* --global-options */
436
{
437
char *plugin_option;
438
while((plugin_option = strsep(&arg, ",")) != NULL){
439
if(not add_argument(getplugin(NULL), plugin_option)){
440
break;
441
}
442
}
443
errno = 0;
444
}
445
break;
446
case 'G': /* --global-env */
447
if(add_environment(getplugin(NULL), arg, true)){
448
errno = 0;
449
}
450
break;
451
case 'o': /* --options-for */
452
{
453
char *option_list = strchr(arg, ':');
454
if(option_list == NULL){
455
argp_error(state, "No colon in \"%s\"", arg);
456
errno = EINVAL;
457
break;
458
}
459
*option_list = '\0';
460
option_list++;
461
if(arg[0] == '\0'){
462
argp_error(state, "Empty plugin name");
463
errno = EINVAL;
464
break;
465
}
466
char *option;
467
while((option = strsep(&option_list, ",")) != NULL){
468
if(not add_argument(getplugin(arg), option)){
469
break;
470
}
471
}
472
errno = 0;
473
}
474
break;
475
case 'E': /* --env-for */
476
{
477
char *envdef = strchr(arg, ':');
478
if(envdef == NULL){
479
argp_error(state, "No colon in \"%s\"", arg);
480
errno = EINVAL;
481
break;
482
}
483
*envdef = '\0';
484
envdef++;
485
if(arg[0] == '\0'){
486
argp_error(state, "Empty plugin name");
487
errno = EINVAL;
488
break;
489
}
490
if(add_environment(getplugin(arg), envdef, true)){
491
errno = 0;
492
}
493
}
494
break;
495
case 'd': /* --disable */
496
{
497
plugin *p = getplugin(arg);
498
if(p != NULL){
499
p->disabled = true;
500
errno = 0;
501
}
502
}
503
break;
504
case 'e': /* --enable */
505
{
506
plugin *p = getplugin(arg);
507
if(p != NULL){
508
p->disabled = false;
509
errno = 0;
510
}
511
}
512
break;
513
case 128: /* --plugin-dir */
514
free(plugindir);
515
plugindir = strdup(arg);
516
if(plugindir != NULL){
517
errno = 0;
518
}
519
break;
520
case 129: /* --config-file */
521
/* This is already done by parse_opt_config_file() */
522
break;
523
case 130: /* --userid */
524
tmp_id = strtoimax(arg, &tmp, 10);
525
if(errno != 0 or tmp == arg or *tmp != '\0'
526
or tmp_id != (uid_t)tmp_id){
527
argp_error(state, "Bad user ID number: \"%s\", using %"
528
PRIdMAX, arg, (intmax_t)uid);
529
break;
530
}
531
uid = (uid_t)tmp_id;
532
errno = 0;
533
break;
534
case 131: /* --groupid */
535
tmp_id = strtoimax(arg, &tmp, 10);
536
if(errno != 0 or tmp == arg or *tmp != '\0'
537
or tmp_id != (gid_t)tmp_id){
538
argp_error(state, "Bad group ID number: \"%s\", using %"
539
PRIdMAX, arg, (intmax_t)gid);
540
break;
541
}
542
gid = (gid_t)tmp_id;
543
errno = 0;
544
break;
545
case 132: /* --debug */
546
debug = true;
547
break;
548
/*
549
* These reproduce what we would get without ARGP_NO_HELP
550
*/
551
case '?': /* --help */
552
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
553
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
554
case -3: /* --usage */
555
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
556
argp_state_help(state, state->out_stream,
557
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
558
case 'V': /* --version */
559
fprintf(state->out_stream, "%s\n", argp_program_version);
560
exit(EXIT_SUCCESS);
561
break;
562
/*
563
* When adding more options before this line, remember to also add a
564
* "case" to the "parse_opt_config_file" function below.
565
*/
566
case ARGP_KEY_ARG:
567
/* Cryptsetup always passes an argument, which is an empty
568
string if "none" was specified in /etc/crypttab. So if
569
argument was empty, we ignore it silently. */
570
if(arg[0] == '\0'){
571
break;
572
}
573
default:
574
return ARGP_ERR_UNKNOWN;
575
}
576
return errno; /* Set to 0 at start */
577
}
578
579
/* This option parser is the same as parse_opt() above, except it
580
ignores everything but the --config-file option. */
581
error_t parse_opt_config_file(int key, char *arg,
582
__attribute__((unused))
583
struct argp_state *state){
584
errno = 0;
585
switch(key){
586
case 'g': /* --global-options */
587
case 'G': /* --global-env */
588
case 'o': /* --options-for */
589
case 'E': /* --env-for */
590
case 'd': /* --disable */
591
case 'e': /* --enable */
592
case 128: /* --plugin-dir */
593
break;
594
case 129: /* --config-file */
595
free(argfile);
596
argfile = strdup(arg);
597
if(argfile != NULL){
598
errno = 0;
599
}
600
break;
601
case 130: /* --userid */
602
case 131: /* --groupid */
603
case 132: /* --debug */
604
case '?': /* --help */
605
case -3: /* --usage */
606
case 'V': /* --version */
607
case ARGP_KEY_ARG:
608
break;
609
default:
610
return ARGP_ERR_UNKNOWN;
611
}
612
return errno;
613
}
614
615
struct argp argp = { .options = options,
616
.parser = parse_opt_config_file,
617
.args_doc = "",
618
.doc = "Mandos plugin runner -- Run plugins" };
619
620
/* Parse using parse_opt_config_file() in order to get the custom
621
config file location, if any. */
622
ret = argp_parse(&argp, argc, argv,
623
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
624
NULL, NULL);
625
switch(ret){
626
case 0:
627
break;
628
case ENOMEM:
629
default:
630
errno = ret;
631
error(0, errno, "argp_parse");
632
exitstatus = EX_OSERR;
633
goto fallback;
634
case EINVAL:
635
exitstatus = EX_USAGE;
636
goto fallback;
637
}
638
639
/* Reset to the normal argument parser */
640
argp.parser = parse_opt;
641
642
/* Open the configfile if available */
643
if(argfile == NULL){
644
conffp = fopen(AFILE, "r");
645
} else {
646
conffp = fopen(argfile, "r");
647
}
648
if(conffp != NULL){
649
char *org_line = NULL;
650
char *p, *arg, *new_arg, *line;
651
size_t size = 0;
652
const char whitespace_delims[] = " \r\t\f\v\n";
653
const char comment_delim[] = "#";
654
655
custom_argc = 1;
656
custom_argv = malloc(sizeof(char*) * 2);
657
if(custom_argv == NULL){
658
error(0, errno, "malloc");
659
exitstatus = EX_OSERR;
660
goto fallback;
661
}
662
custom_argv[0] = argv[0];
663
custom_argv[1] = NULL;
664
665
/* for each line in the config file, strip whitespace and ignore
666
commented text */
37
process *process_list = NULL;
38
39
dir = opendir(plugindir);
40
41
if(dir == NULL){
42
fprintf(stderr, "Can not open directory\n");
43
return EXIT_FAILURE;
44
}
45
46
FD_ZERO(&rfds_orig);
47
48
while(true){
49
dirst = readdir(dir);
50
51
// All directory entries have been processed
52
if(dirst == NULL){
53
break;
54
}
55
56
d_name_len = strlen(dirst->d_name);
57
58
// Ignore dotfiles and backup files
59
if (dirst->d_name[0] == '.'
60
or dirst->d_name[d_name_len - 1] == '~'){
61
continue;
62
}
63
64
char *filename = malloc(d_name_len + plugindir_len + 1);
65
strcpy(filename, plugindir);
66
strcat(filename, "/");
67
strcat(filename, dirst->d_name);
68
69
stat(filename, &st);
70
71
if (S_ISREG(st.st_mode) and (access(filename, X_OK) == 0)){
72
// Starting a new process to be watched
73
process *new_process = malloc(sizeof(process));
74
int pipefd[2];
75
pipe(pipefd);
76
new_process->pid = fork();
77
if(new_process->pid == 0){
78
/* this is the child process */
79
closedir(dir);
80
close(pipefd[0]); /* close unused read end of pipe */
81
dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
82
/* create a new modified argument list */
83
char **new_argv = malloc(sizeof(char *) * argc + 1);
84
new_argv[0] = filename;
85
for(int i = 1; i < argc; i++){
86
new_argv[i] = argv[i];
87
}
88
new_argv[argc] = NULL;
89
if(execv(filename, new_argv) < 0){
90
perror(argv[0]);
91
close(pipefd[1]);
92
exit(EXIT_FAILURE);
93
}
94
/* no return */
95
}
96
close(pipefd[1]); /* close unused write end of pipe */
97
new_process->fd = pipefd[0];
98
new_process->buffer = malloc(BUFFER_SIZE);
99
if (new_process->buffer == NULL){
100
perror(argv[0]);
101
goto end;
102
}
103
new_process->buffer_size = BUFFER_SIZE;
104
new_process->buffer_length = 0;
105
FD_SET(new_process->fd, &rfds_orig);
106
107
if (maxfd < new_process->fd){
108
maxfd = new_process->fd;
109
}
110
111
//List handling
112
new_process->next = process_list;
113
process_list = new_process;
114
}
115
}
116
117
closedir(dir);
118
119
if (process_list != NULL){
667
120
while(true){
668
sret = getline(&org_line, &size, conffp);
669
if(sret == -1){
670
break;
671
}
672
673
line = org_line;
674
arg = strsep(&line, comment_delim);
675
while((p = strsep(&arg, whitespace_delims)) != NULL){
676
if(p[0] == '\0'){
677
continue;
678
}
679
new_arg = strdup(p);
680
if(new_arg == NULL){
681
error(0, errno, "strdup");
682
exitstatus = EX_OSERR;
683
free(org_line);
684
goto fallback;
685
}
686
687
custom_argc += 1;
688
{
689
char **new_argv = realloc(custom_argv, sizeof(char *)
690
* ((unsigned int)
691
custom_argc + 1));
692
if(new_argv == NULL){
693
error(0, errno, "realloc");
694
exitstatus = EX_OSERR;
695
free(new_arg);
696
free(org_line);
697
goto fallback;
698
} else {
699
custom_argv = new_argv;
700
}
701
}
702
custom_argv[custom_argc-1] = new_arg;
703
custom_argv[custom_argc] = NULL;
704
}
705
}
706
do {
707
ret = fclose(conffp);
708
} while(ret == EOF and errno == EINTR);
709
if(ret == EOF){
710
error(0, errno, "fclose");
711
exitstatus = EX_IOERR;
712
goto fallback;
713
}
714
free(org_line);
715
} else {
716
/* Check for harmful errors and go to fallback. Other errors might
717
not affect opening plugins */
718
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
719
error(0, errno, "fopen");
720
exitstatus = EX_OSERR;
721
goto fallback;
722
}
723
}
724
/* If there were any arguments from the configuration file, pass
725
them to parser as command line arguments */
726
if(custom_argv != NULL){
727
ret = argp_parse(&argp, custom_argc, custom_argv,
728
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
729
NULL, NULL);
730
switch(ret){
731
case 0:
732
break;
733
case ENOMEM:
734
default:
735
errno = ret;
736
error(0, errno, "argp_parse");
737
exitstatus = EX_OSERR;
738
goto fallback;
739
case EINVAL:
740
exitstatus = EX_CONFIG;
741
goto fallback;
742
}
743
}
744
745
/* Parse actual command line arguments, to let them override the
746
config file */
747
ret = argp_parse(&argp, argc, argv,
748
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
749
NULL, NULL);
750
switch(ret){
751
case 0:
752
break;
753
case ENOMEM:
754
default:
755
errno = ret;
756
error(0, errno, "argp_parse");
757
exitstatus = EX_OSERR;
758
goto fallback;
759
case EINVAL:
760
exitstatus = EX_USAGE;
761
goto fallback;
762
}
763
764
if(debug){
765
for(plugin *p = plugin_list; p != NULL; p=p->next){
766
fprintf(stderr, "Plugin: %s has %d arguments\n",
767
p->name ? p->name : "Global", p->argc - 1);
768
for(char **a = p->argv; *a != NULL; a++){
769
fprintf(stderr, "\tArg: %s\n", *a);
770
}
771
fprintf(stderr, "...and %d environment variables\n", p->envc);
772
for(char **a = p->environ; *a != NULL; a++){
773
fprintf(stderr, "\t%s\n", *a);
774
}
775
}
776
}
777
778
if(getuid() == 0){
779
/* Work around Debian bug #633582:
780
<http://bugs.debian.org/633582> */
781
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
782
if(plugindir_fd == -1){
783
if(errno != ENOENT){
784
error(0, errno, "open(\"" PDIR "\")");
785
}
786
} else {
787
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
788
if(ret == -1){
789
error(0, errno, "fstat");
790
} else {
791
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
792
ret = fchown(plugindir_fd, uid, gid);
793
if(ret == -1){
794
error(0, errno, "fchown");
795
}
796
}
797
}
798
TEMP_FAILURE_RETRY(close(plugindir_fd));
799
}
800
}
801
802
/* Lower permissions */
803
ret = setgid(gid);
804
if(ret == -1){
805
error(0, errno, "setgid");
806
}
807
ret = setuid(uid);
808
if(ret == -1){
809
error(0, errno, "setuid");
810
}
811
812
/* Open plugin directory with close_on_exec flag */
813
{
814
dir_fd = open(plugindir != NULL ? plugindir : PDIR, O_RDONLY |
815
#ifdef O_CLOEXEC
816
O_CLOEXEC
817
#else /* not O_CLOEXEC */
818
0
819
#endif /* not O_CLOEXEC */
820
);
821
if(dir_fd == -1){
822
error(0, errno, "Could not open plugin dir");
823
exitstatus = EX_UNAVAILABLE;
824
goto fallback;
825
}
826
827
#ifndef O_CLOEXEC
828
/* Set the FD_CLOEXEC flag on the directory */
829
ret = set_cloexec_flag(dir_fd);
830
if(ret < 0){
831
error(0, errno, "set_cloexec_flag");
832
TEMP_FAILURE_RETRY(close(dir_fd));
833
exitstatus = EX_OSERR;
834
goto fallback;
835
}
836
#endif /* O_CLOEXEC */
837
}
838
839
int good_name(const struct dirent * const dirent){
840
const char * const patterns[] = { ".*", "#*#", "*~", "*.dpkg-new",
841
"*.dpkg-old", "*.dpkg-bak",
842
"*.dpkg-divert", NULL };
843
#ifdef __GNUC__
844
#pragma GCC diagnostic push
845
#pragma GCC diagnostic ignored "-Wcast-qual"
846
#endif
847
for(const char **pat = (const char **)patterns;
848
*pat != NULL; pat++){
849
#ifdef __GNUC__
850
#pragma GCC diagnostic pop
851
#endif
852
if(fnmatch(*pat, dirent->d_name, FNM_FILE_NAME | FNM_PERIOD)
853
!= FNM_NOMATCH){
854
if(debug){
855
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
856
" matching pattern %s\n", dirent->d_name, *pat);
857
}
858
return 0;
859
}
860
}
861
return 1;
862
}
863
864
#ifdef __GLIBC__
865
#if __GLIBC_PREREQ(2, 15)
866
int numplugins = scandirat(dir_fd, ".", &direntries, good_name,
867
alphasort);
868
#else /* not __GLIBC_PREREQ(2, 15) */
869
int numplugins = scandir(plugindir != NULL ? plugindir : PDIR,
870
&direntries, good_name, alphasort);
871
#endif /* not __GLIBC_PREREQ(2, 15) */
872
#else /* not __GLIBC__ */
873
int numplugins = scandir(plugindir != NULL ? plugindir : PDIR,
874
&direntries, good_name, alphasort);
875
#endif /* not __GLIBC__ */
876
if(numplugins == -1){
877
error(0, errno, "Could not scan plugin dir");
878
TEMP_FAILURE_RETRY(close(dir_fd));
879
exitstatus = EX_OSERR;
880
goto fallback;
881
}
882
883
FD_ZERO(&rfds_all);
884
885
/* Read and execute any executable in the plugin directory*/
886
for(int i = 0; i < numplugins; i++){
887
888
int plugin_fd = openat(dir_fd, direntries[i]->d_name, O_RDONLY);
889
if(plugin_fd == -1){
890
error(0, errno, "Could not open plugin");
891
continue;
892
}
893
ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
894
if(ret == -1){
895
error(0, errno, "stat");
896
TEMP_FAILURE_RETRY(close(plugin_fd));
897
continue;
898
}
899
900
/* Ignore non-executable files */
901
if(not S_ISREG(st.st_mode)
902
or (TEMP_FAILURE_RETRY(faccessat(dir_fd, direntries[i]->d_name,
903
X_OK, 0)) != 0)){
904
if(debug){
905
fprintf(stderr, "Ignoring plugin dir entry \"%s/%s\""
906
" with bad type or mode\n",
907
plugindir != NULL ? plugindir : PDIR,
908
direntries[i]->d_name);
909
}
910
TEMP_FAILURE_RETRY(close(plugin_fd));
911
continue;
912
}
913
914
plugin *p = getplugin(direntries[i]->d_name);
915
if(p == NULL){
916
error(0, errno, "getplugin");
917
TEMP_FAILURE_RETRY(close(plugin_fd));
918
continue;
919
}
920
if(p->disabled){
921
if(debug){
922
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
923
direntries[i]->d_name);
924
}
925
TEMP_FAILURE_RETRY(close(plugin_fd));
926
continue;
927
}
928
{
929
/* Add global arguments to argument list for this plugin */
930
plugin *g = getplugin(NULL);
931
if(g != NULL){
932
for(char **a = g->argv + 1; *a != NULL; a++){
933
if(not add_argument(p, *a)){
934
error(0, errno, "add_argument");
935
}
936
}
937
/* Add global environment variables */
938
for(char **e = g->environ; *e != NULL; e++){
939
if(not add_environment(p, *e, false)){
940
error(0, errno, "add_environment");
941
}
942
}
943
}
944
}
945
/* If this plugin has any environment variables, we need to
946
duplicate the environment from this process, too. */
947
if(p->environ[0] != NULL){
948
for(char **e = environ; *e != NULL; e++){
949
if(not add_environment(p, *e, false)){
950
error(0, errno, "add_environment");
951
}
952
}
953
}
954
955
int pipefd[2];
956
#ifndef O_CLOEXEC
957
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
958
#else /* O_CLOEXEC */
959
ret = (int)TEMP_FAILURE_RETRY(pipe2(pipefd, O_CLOEXEC));
960
#endif /* O_CLOEXEC */
961
if(ret == -1){
962
error(0, errno, "pipe");
963
exitstatus = EX_OSERR;
964
goto fallback;
965
}
966
if(pipefd[0] >= FD_SETSIZE){
967
fprintf(stderr, "pipe()[0] (%d) >= FD_SETSIZE (%d)", pipefd[0],
968
FD_SETSIZE);
969
TEMP_FAILURE_RETRY(close(pipefd[0]));
970
TEMP_FAILURE_RETRY(close(pipefd[1]));
971
exitstatus = EX_OSERR;
972
goto fallback;
973
}
974
#ifndef O_CLOEXEC
975
/* Ask OS to automatic close the pipe on exec */
976
ret = set_cloexec_flag(pipefd[0]);
977
if(ret < 0){
978
error(0, errno, "set_cloexec_flag");
979
TEMP_FAILURE_RETRY(close(pipefd[0]));
980
TEMP_FAILURE_RETRY(close(pipefd[1]));
981
exitstatus = EX_OSERR;
982
goto fallback;
983
}
984
ret = set_cloexec_flag(pipefd[1]);
985
if(ret < 0){
986
error(0, errno, "set_cloexec_flag");
987
TEMP_FAILURE_RETRY(close(pipefd[0]));
988
TEMP_FAILURE_RETRY(close(pipefd[1]));
989
exitstatus = EX_OSERR;
990
goto fallback;
991
}
992
#endif /* not O_CLOEXEC */
993
/* Block SIGCHLD until process is safely in process list */
994
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
995
&sigchld_action.sa_mask,
996
NULL));
997
if(ret < 0){
998
error(0, errno, "sigprocmask");
999
exitstatus = EX_OSERR;
1000
goto fallback;
1001
}
1002
/* Starting a new process to be watched */
1003
pid_t pid;
1004
do {
1005
pid = fork();
1006
} while(pid == -1 and errno == EINTR);
1007
if(pid == -1){
1008
error(0, errno, "fork");
1009
TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1010
&sigchld_action.sa_mask, NULL));
1011
TEMP_FAILURE_RETRY(close(pipefd[0]));
1012
TEMP_FAILURE_RETRY(close(pipefd[1]));
1013
exitstatus = EX_OSERR;
1014
goto fallback;
1015
}
1016
if(pid == 0){
1017
/* this is the child process */
1018
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1019
if(ret < 0){
1020
error(0, errno, "sigaction");
1021
_exit(EX_OSERR);
1022
}
1023
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1024
if(ret < 0){
1025
error(0, errno, "sigprocmask");
1026
_exit(EX_OSERR);
1027
}
1028
1029
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
1030
if(ret == -1){
1031
error(0, errno, "dup2");
1032
_exit(EX_OSERR);
1033
}
1034
1035
if(fexecve(plugin_fd, p->argv,
1036
(p->environ[0] != NULL) ? p->environ : environ) < 0){
1037
error(0, errno, "fexecve for %s/%s",
1038
plugindir != NULL ? plugindir : PDIR,
1039
direntries[i]->d_name);
1040
_exit(EX_OSERR);
1041
}
1042
/* no return */
1043
}
1044
/* Parent process */
1045
TEMP_FAILURE_RETRY(close(pipefd[1])); /* Close unused write end of
1046
pipe */
1047
TEMP_FAILURE_RETRY(close(plugin_fd));
1048
plugin *new_plugin = getplugin(direntries[i]->d_name);
1049
if(new_plugin == NULL){
1050
error(0, errno, "getplugin");
1051
ret = (int)(TEMP_FAILURE_RETRY
1052
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1053
NULL)));
1054
if(ret < 0){
1055
error(0, errno, "sigprocmask");
1056
}
1057
exitstatus = EX_OSERR;
1058
goto fallback;
1059
}
1060
1061
new_plugin->pid = pid;
1062
new_plugin->fd = pipefd[0];
1063
1064
/* Unblock SIGCHLD so signal handler can be run if this process
1065
has already completed */
1066
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1067
&sigchld_action.sa_mask,
1068
NULL));
1069
if(ret < 0){
1070
error(0, errno, "sigprocmask");
1071
exitstatus = EX_OSERR;
1072
goto fallback;
1073
}
1074
1075
#if defined (__GNUC__) and defined (__GLIBC__)
1076
#if not __GLIBC_PREREQ(2, 16)
1077
#pragma GCC diagnostic push
1078
#pragma GCC diagnostic ignored "-Wsign-conversion"
1079
#endif
1080
#endif
1081
FD_SET(new_plugin->fd, &rfds_all); /* Spurious warning from
1082
-Wconversion in GNU libc
1083
before 2.16 */
1084
#if defined (__GNUC__) and defined (__GLIBC__)
1085
#if not __GLIBC_PREREQ(2, 16)
1086
#pragma GCC diagnostic pop
1087
#endif
1088
#endif
1089
1090
if(maxfd < new_plugin->fd){
1091
maxfd = new_plugin->fd;
1092
}
1093
}
1094
1095
TEMP_FAILURE_RETRY(close(dir_fd));
1096
free_plugin(getplugin(NULL));
1097
1098
for(plugin *p = plugin_list; p != NULL; p = p->next){
1099
if(p->pid != 0){
1100
break;
1101
}
1102
if(p->next == NULL){
1103
fprintf(stderr, "No plugin processes started. Incorrect plugin"
1104
" directory?\n");
1105
free_plugin_list();
1106
}
1107
}
1108
1109
/* Main loop while running plugins exist */
1110
while(plugin_list){
1111
fd_set rfds = rfds_all;
1112
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
1113
if(select_ret == -1 and errno != EINTR){
1114
error(0, errno, "select");
1115
exitstatus = EX_OSERR;
1116
goto fallback;
1117
}
1118
/* OK, now either a process completed, or something can be read
1119
from one of them */
1120
for(plugin *proc = plugin_list; proc != NULL;){
1121
/* Is this process completely done? */
1122
if(proc->completed and proc->eof){
1123
/* Only accept the plugin output if it exited cleanly */
1124
if(not WIFEXITED(proc->status)
1125
or WEXITSTATUS(proc->status) != 0){
1126
/* Bad exit by plugin */
1127
1128
if(debug){
1129
if(WIFEXITED(proc->status)){
1130
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1131
" status %d\n", proc->name,
1132
(intmax_t) (proc->pid),
1133
WEXITSTATUS(proc->status));
1134
} else if(WIFSIGNALED(proc->status)){
1135
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1136
" signal %d: %s\n", proc->name,
1137
(intmax_t) (proc->pid),
1138
WTERMSIG(proc->status),
1139
strsignal(WTERMSIG(proc->status)));
1140
} else if(WCOREDUMP(proc->status)){
1141
fprintf(stderr, "Plugin %s [%" PRIdMAX "] dumped"
1142
" core\n", proc->name, (intmax_t) (proc->pid));
1143
}
1144
}
1145
1146
/* Remove the plugin */
1147
#if defined (__GNUC__) and defined (__GLIBC__)
1148
#if not __GLIBC_PREREQ(2, 16)
1149
#pragma GCC diagnostic push
1150
#pragma GCC diagnostic ignored "-Wsign-conversion"
1151
#endif
1152
#endif
1153
FD_CLR(proc->fd, &rfds_all); /* Spurious warning from
1154
-Wconversion in GNU libc
1155
before 2.16 */
1156
#if defined (__GNUC__) and defined (__GLIBC__)
1157
#if not __GLIBC_PREREQ(2, 16)
1158
#pragma GCC diagnostic pop
1159
#endif
1160
#endif
1161
1162
/* Block signal while modifying process_list */
1163
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1164
(SIG_BLOCK,
1165
&sigchld_action.sa_mask,
1166
NULL));
1167
if(ret < 0){
1168
error(0, errno, "sigprocmask");
1169
exitstatus = EX_OSERR;
1170
goto fallback;
1171
}
1172
1173
plugin *next_plugin = proc->next;
1174
free_plugin(proc);
1175
proc = next_plugin;
1176
1177
/* We are done modifying process list, so unblock signal */
1178
ret = (int)(TEMP_FAILURE_RETRY
1179
(sigprocmask(SIG_UNBLOCK,
1180
&sigchld_action.sa_mask, NULL)));
1181
if(ret < 0){
1182
error(0, errno, "sigprocmask");
1183
exitstatus = EX_OSERR;
1184
goto fallback;
1185
}
1186
1187
if(plugin_list == NULL){
1188
break;
1189
}
1190
1191
continue;
1192
}
1193
1194
/* This process exited nicely, so print its buffer */
1195
1196
bool bret = print_out_password(proc->buffer,
1197
proc->buffer_length);
1198
if(not bret){
1199
error(0, errno, "print_out_password");
1200
exitstatus = EX_IOERR;
1201
}
1202
goto fallback;
1203
}
1204
1205
/* This process has not completed. Does it have any output? */
1206
#if defined (__GNUC__) and defined (__GLIBC__)
1207
#if not __GLIBC_PREREQ(2, 16)
1208
#pragma GCC diagnostic push
1209
#pragma GCC diagnostic ignored "-Wsign-conversion"
1210
#endif
1211
#endif
1212
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){ /* Spurious
1213
warning from
1214
-Wconversion
1215
in GNU libc
1216
before
1217
2.16 */
1218
#if defined (__GNUC__) and defined (__GLIBC__)
1219
#if not __GLIBC_PREREQ(2, 16)
1220
#pragma GCC diagnostic pop
1221
#endif
1222
#endif
1223
/* This process had nothing to say at this time */
1224
proc = proc->next;
1225
continue;
1226
}
1227
/* Before reading, make the process' data buffer large enough */
1228
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1229
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1230
+ (size_t) BUFFER_SIZE);
1231
if(new_buffer == NULL){
1232
error(0, errno, "malloc");
1233
exitstatus = EX_OSERR;
1234
goto fallback;
1235
}
1236
proc->buffer = new_buffer;
1237
proc->buffer_size += BUFFER_SIZE;
1238
}
1239
/* Read from the process */
1240
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1241
proc->buffer
1242
+ proc->buffer_length,
1243
BUFFER_SIZE));
1244
if(sret < 0){
1245
/* Read error from this process; ignore the error */
1246
proc = proc->next;
1247
continue;
1248
}
1249
if(sret == 0){
1250
/* got EOF */
1251
proc->eof = true;
1252
} else {
1253
proc->buffer_length += (size_t) sret;
1254
}
1255
}
1256
}
1257
1258
1259
fallback:
1260
1261
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1262
and exitstatus != EX_OK)){
1263
/* Fallback if all plugins failed, none are found or an error
1264
occured */
1265
bool bret;
1266
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
1267
char *passwordbuffer = getpass("Password: ");
1268
size_t len = strlen(passwordbuffer);
1269
/* Strip trailing newline */
1270
if(len > 0 and passwordbuffer[len-1] == '\n'){
1271
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1272
len--;
1273
}
1274
bret = print_out_password(passwordbuffer, len);
1275
if(not bret){
1276
error(0, errno, "print_out_password");
1277
exitstatus = EX_IOERR;
1278
}
1279
}
1280
1281
/* Restore old signal handler */
1282
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1283
if(ret == -1){
1284
error(0, errno, "sigaction");
1285
exitstatus = EX_OSERR;
1286
}
1287
1288
if(custom_argv != NULL){
1289
for(char **arg = custom_argv+1; *arg != NULL; arg++){
1290
free(*arg);
1291
}
1292
free(custom_argv);
1293
}
1294
1295
if(dir_fd != -1){
1296
TEMP_FAILURE_RETRY(close(dir_fd));
1297
}
1298
1299
/* Kill the processes */
1300
for(plugin *p = plugin_list; p != NULL; p = p->next){
1301
if(p->pid != 0){
1302
close(p->fd);
1303
ret = kill(p->pid, SIGTERM);
1304
if(ret == -1 and errno != ESRCH){
1305
/* Set-uid proccesses might not get closed */
1306
error(0, errno, "kill");
1307
}
1308
}
1309
}
1310
1311
/* Wait for any remaining child processes to terminate */
1312
do {
1313
ret = wait(NULL);
1314
} while(ret >= 0);
1315
if(errno != ECHILD){
1316
error(0, errno, "wait");
1317
}
1318
1319
free_plugin_list();
1320
1321
free(plugindir);
1322
free(argfile);
1323
1324
return exitstatus;
121
fd_set rfds = rfds_orig;
122
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
123
if (select_ret == -1){
124
perror(argv[0]);
125
goto end;
126
}else{
127
for(process *process_itr = process_list; process_itr != NULL;
128
process_itr = process_itr->next){
129
if(FD_ISSET(process_itr->fd, &rfds)){
130
if(process_itr->buffer_length + BUFFER_SIZE
131
> process_itr->buffer_size){
132
process_itr->buffer = realloc(process_itr->buffer,
133
process_itr->buffer_size
134
+ BUFFER_SIZE);
135
if (process_itr->buffer == NULL){
136
perror(argv[0]);
137
goto end;
138
}
139
process_itr->buffer_size += BUFFER_SIZE;
140
}
141
ret = read(process_itr->fd, process_itr->buffer
142
+ process_itr->buffer_length, BUFFER_SIZE);
143
process_itr->buffer_length+=ret;
144
if(ret == 0){
145
/* got EOF */
146
/* wait for process exit */
147
int status;
148
waitpid(process_itr->pid, &status, 0);
149
if(WIFEXITED(status) and WEXITSTATUS(status) == 0){
150
write(STDOUT_FILENO, process_itr->buffer,
151
process_itr->buffer_length);
152
goto end;
153
} else {
154
FD_CLR(process_itr->fd, &rfds_orig);
155
}
156
}
157
}
158
}
159
}
160
}
161
}
162
163
end:
164
for(process *process_itr = process_list; process_itr != NULL;
165
process_itr = process_itr->next){
166
close(process_itr->fd);
167
kill(process_itr->pid, SIGTERM);
168
free(process_itr->buffer);
169
}
170
171
while(true){
172
int status;
173
ret = wait(&status);
174
if (ret == -1){
175
if(errno != ECHILD){
176
perror("wait");
177
}
178
break;
179
}
180
}
181
return EXIT_SUCCESS;
1325
182
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0