/mandos/release : revision 237.2.132

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugin-runner.c

Committer: Teddy Hogeborn
Date: 2009-09-16 23:28:39 UTC
mto: (24.1.142 mandos) (237.12.2 mandos-persistent) (299.1.1 release) (300.1.1 release) (301.1.1 release)
mto: This revision was merged to the branch mainline in revision 264.
Revision ID: teddy@fukt.bsnet.se-20090916232839-3o7i8qmcdcz5j1ya

* init.d-mandos (Required-Start, Required-Stop): Bug fix: Added
                 "$syslog", thanks to Petter Reinholdtsen
                 <pere@hungry.com> (Debian bug #546928).

* initramfs-tools-script: Removed erroneous comment.

* plugins.d/askpass-fifo.c: Removed TEMP_FAILURE_RETRY since it is
                            not needed.

* plugins.d/mandos-client.c (main): Bug fix: Initialize
                                    "old_sigterm_action".

* plugins.d/splashy.c (main): Bug fix: really check return value from
                              "sigaddset".  Fix some warnings on
                              64-bit systems.

* plugins.d/usplash.c (termination_handler, main): Save received
                                                   signal and
                                                   re-raise it on
                                                   exit.
  (usplash_write): Do not close FIFO, instead, take an additional file
                   descriptor pointer to it and open only when needed
                   (all callers changed).  Abort immediately on EINTR.
                   Bug fix:  Add NUL byte on single-word commands.
                   Ignore "interrupted_by_signal".
  (makeprompt, find_usplash): New; broken out from "main()".
  (find_usplash): Bug fix: close /proc/<pid>/cmdline FD on error.
  (main): Reorganized to jump to a new "failure" label on any error.
          Bug fix: check return values from sigaddset.
          New variable "usplash_accessed" to flag if usplash(8) needs
          to be killed and restarted.  Removed the "an_error_occured"
          variable.

files modified:
TODO

debian/mandos-client.README.Debian

debian/mandos.README.Debian

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

mandos.xml

plugin-runner.c

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/password-prompt.c

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

plugin-runner.c

111

}

112

/* Create a new plugin */

113

plugin *new_plugin = NULL;

114

do{

114

do {

115

new_plugin = malloc(sizeof(plugin));

116

}while(new_plugin == NULL and errno == EINTR);

116

} while(new_plugin == NULL and errno == EINTR);

117

if(new_plugin == NULL){

118

return NULL;

119

}

120

char *copy_name = NULL;

121

if(name != NULL){

122

do{

122

do {

123

copy_name = strdup(name);

124

}while(copy_name == NULL and errno == EINTR);

124

} while(copy_name == NULL and errno == EINTR);

125

if(copy_name == NULL){

126

free(new_plugin);

127

return NULL;

133

.disabled = false,

134

.next = plugin_list };

135

136

do{

136

do {

137

new_plugin->argv = malloc(sizeof(char *) * 2);

138

}while(new_plugin->argv == NULL and errno == EINTR);

138

} while(new_plugin->argv == NULL and errno == EINTR);

139

if(new_plugin->argv == NULL){

140

free(copy_name);

141

free(new_plugin);

144

new_plugin->argv[0] = copy_name;

145

new_plugin->argv[1] = NULL;

146

147

do{

147

do {

148

new_plugin->environ = malloc(sizeof(char *));

149

}while(new_plugin->environ == NULL and errno == EINTR);

149

} while(new_plugin->environ == NULL and errno == EINTR);

150

if(new_plugin->environ == NULL){

151

free(copy_name);

152

free(new_plugin->argv);

164

static bool add_to_char_array(const char *new, char ***array,

165

int *len){

166

/* Resize the pointed-to array to hold one more pointer */

167

do{

167

do {

168

*array = realloc(*array, sizeof(char *)

169

* (size_t) ((*len) + 2));

170

}while(*array == NULL and errno == EINTR);

170

} while(*array == NULL and errno == EINTR);

171

/* Malloc check */

172

if(*array == NULL){

173

return false;

174

}

175

/* Make a copy of the new string */

176

char *copy;

177

do{

177

do {

178

copy = strdup(new);

179

}while(copy == NULL and errno == EINTR);

179

} while(copy == NULL and errno == EINTR);

180

if(copy == NULL){

181

return false;

182

}

209

/* It already exists */

210

if(replace){

211

char *new;

212

do{

212

do {

213

new = realloc(*e, strlen(def) + 1);

214

}while(new == NULL and errno == EINTR);

214

} while(new == NULL and errno == EINTR);

215

if(new == NULL){

216

return false;

217

}

230

| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |

231

232

static int set_cloexec_flag(int fd){

233

int ret = TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));

233

int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));

234

/* If reading the flags failed, return error indication now. */

235

if(ret < 0){

236

return ret;

237

}

238

/* Store modified flag word in the descriptor. */

239

return TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD, ret | FD_CLOEXEC));

239

return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,

240

ret | FD_CLOEXEC));

240

241

}

241

242

243

634

635

custom_argv[custom_argc] = NULL;

635

636

}

636

637

}

637

do{

638

do {

638

639

ret = fclose(conffp);

639

}while(ret == EOF and errno == EINTR);

640

} while(ret == EOF and errno == EINTR);

640

641

if(ret == EOF){

641

642

perror("fclose");

642

643

exitstatus = EXIT_FAILURE;

726

727

728

/* Read and execute any executable in the plugin directory*/

728

729

while(true){

729

do{

730

do {

730

731

dirst = readdir(dir);

731

}while(dirst == NULL and errno == EINTR);

732

} while(dirst == NULL and errno == EINTR);

732

733

734

/* All directory entries have been processed */

734

735

if(dirst == NULL){

788

789

790

char *filename;

790

791

if(plugindir == NULL){

791

ret = TEMP_FAILURE_RETRY(asprintf(&filename, PDIR "/%s",

792

dirst->d_name));

792

ret = (int)TEMP_FAILURE_RETRY(asprintf(&filename, PDIR "/%s",

793

dirst->d_name));

793

794

} else {

794

ret = TEMP_FAILURE_RETRY(asprintf(&filename, "%s/%s", plugindir,

795

dirst->d_name));

795

ret = (int)TEMP_FAILURE_RETRY(asprintf(&filename, "%s/%s",

796

plugindir,

797

dirst->d_name));

796

798

}

797

799

if(ret < 0){

798

800

perror("asprintf");

799

801

continue;

800

802

}

801

803

802

ret = TEMP_FAILURE_RETRY(stat(filename, &st));

804

ret = (int)TEMP_FAILURE_RETRY(stat(filename, &st));

803

805

if(ret == -1){

804

806

perror("stat");

805

807

free(filename);

860

862

}

861

863

862

864

int pipefd[2];

863

ret = TEMP_FAILURE_RETRY(pipe(pipefd));

865

ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));

864

866

if(ret == -1){

865

867

perror("pipe");

866

868

exitstatus = EXIT_FAILURE;

880

882

goto fallback;

881

883

}

882

884

/* Block SIGCHLD until process is safely in process list */

883

ret = TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,

884

&sigchld_action.sa_mask,

885

NULL));

885

ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,

886

&sigchld_action.sa_mask,

887

NULL));

886

888

if(ret < 0){

887

889

perror("sigprocmask");

888

890

exitstatus = EXIT_FAILURE;

890

892

}

891

893

/* Starting a new process to be watched */

892

894

pid_t pid;

893

do{

895

do {

894

896

pid = fork();

895

}while(pid == -1 and errno == EINTR);

897

} while(pid == -1 and errno == EINTR);

896

898

if(pid == -1){

897

899

perror("fork");

898

900

exitstatus = EXIT_FAILURE;

942

944

plugin *new_plugin = getplugin(dirst->d_name);

943

945

if(new_plugin == NULL){

944

946

perror("getplugin");

945

ret = TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,

946

&sigchld_action.sa_mask,

947

NULL));

947

ret = (int)(TEMP_FAILURE_RETRY

948

(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,

949

NULL)));

948

950

if(ret < 0){

949

951

perror("sigprocmask");

950

952

}

957

959

958

960

/* Unblock SIGCHLD so signal handler can be run if this process

959

961

has already completed */

960

ret = TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,

961

&sigchld_action.sa_mask,

962

NULL));

962

ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,

963

&sigchld_action.sa_mask,

964

NULL));

963

965

if(ret < 0){

964

966

perror("sigprocmask");

965

967

exitstatus = EXIT_FAILURE;

1029

1031

FD_CLR(proc->fd, &rfds_all);

1030

1032

1031

1033

/* Block signal while modifying process_list */

1032

ret = TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,

1033

&sigchld_action.sa_mask,

1034

NULL));

1034

ret = (int)TEMP_FAILURE_RETRY(sigprocmask

1035

(SIG_BLOCK,

1036

&sigchld_action.sa_mask,

1037

NULL));

1035

1038

if(ret < 0){

1036

1039

perror("sigprocmask");

1037

1040

exitstatus = EXIT_FAILURE;

1043

1046

proc = next_plugin;

1044

1047

1045

1048

/* We are done modifying process list, so unblock signal */

1046

ret = TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,

1047

&sigchld_action.sa_mask,

1048

NULL));

1049

ret = (int)(TEMP_FAILURE_RETRY

1050

(sigprocmask(SIG_UNBLOCK,

1051

&sigchld_action.sa_mask, NULL)));

1049

1052

if(ret < 0){

1050

1053

perror("sigprocmask");

1051

1054

exitstatus = EXIT_FAILURE;

1159

1162

}

1160

1163

1161

1164

/* Wait for any remaining child processes to terminate */

1162

do{

1165

do {

1163

1166

ret = wait(NULL);

1164

1167

} while(ret >= 0);

1165

1168

if(errno != ECHILD){

Older »