/mandos/release : revision 237.2.27

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/usplash.c

Committer: Teddy Hogeborn
Date: 2009-01-13 01:36:46 UTC
mto: (24.1.123 mandos) (237.4.2 mandos-pipe-ipc) (299.1.1 release) (300.1.1 release) (301.1.1 release)
mto: This revision was merged to the branch mainline in revision 245.
Revision ID: teddy@fukt.bsnet.se-20090113013646-1u21ie2oaotcekdz

* plugin-runner.c (main): Use "sscanf" instead of "strtol"; using the
                          correct type instead of casting.
* plugins.d/mandos-cliend.c (main): Detect an empty string when
                                    parsing DH bits and port number.
* plugins.d/splashy.c (main): Use "sscanf" instead of "strtoul"; using
                              the correct type instead of casting.
* plugins.d/usplash.c (main): - '' -

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos-keygen

mandos-keygen.xml

mandos-list

mandos-options.xml

mandos.lsm

overview.xml

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files removed:
network-protocol.txt

files renamed:
mandos-client.c => plugin-runner.c

mandos-client.xml => plugin-runner.xml

plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
Makefile

TODO

clients.conf

mandos

mandos-clients.conf.xml

mandos.conf

mandos.conf.xml

mandos.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

plugins.d/usplash.c

/* -*- coding: utf-8 -*- */

* Usplash - Read a password from usplash and output it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and

* <https://www.fukt.bsnet.se/~teddy/>.

#define _GNU_SOURCE /* asprintf() */

#include <signal.h> /* sig_atomic_t, struct sigaction,

sigemptyset(), sigaddset(), SIGINT,

SIGHUP, SIGTERM, sigaction(),

SIG_IGN, kill(), SIGKILL */

#include <stdbool.h> /* bool, false, true */

#include <fcntl.h> /* open(), O_WRONLY, O_RDONLY */

#include <iso646.h> /* and, or, not*/

#include <errno.h> /* errno, EINTR */

#include <sys/types.h> /* size_t, ssize_t, pid_t, DIR, struct

dirent */

#include <stddef.h> /* NULL */

#include <string.h> /* strlen(), memcmp() */

#include <stdio.h> /* asprintf(), perror(), sscanf() */

#include <unistd.h> /* close(), write(), readlink(),

read(), STDOUT_FILENO, sleep(),

fork(), setuid(), geteuid(),

setsid(), chdir(), dup2(),

STDERR_FILENO, execv() */

#include <stdlib.h> /* free(), EXIT_FAILURE, realloc(),

EXIT_SUCCESS, malloc(), _exit() */

#include <stdlib.h> /* getenv() */

#include <dirent.h> /* opendir(), readdir(), closedir() */

#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */

sig_atomic_t interrupted_by_signal = 0;

static void termination_handler(__attribute__((unused))int signum){

interrupted_by_signal = 1;

}

static bool usplash_write(const char *cmd, const char *arg){

* usplash_write("TIMEOUT", "15") will write "TIMEOUT 15\0"

* usplash_write("PULSATE", NULL) will write "PULSATE\0"

* SEE ALSO

* usplash_write(8)

int ret;

int fifo_fd;

do{

fifo_fd = open("/dev/.initramfs/usplash_fifo", O_WRONLY);

if(fifo_fd == -1 and (errno != EINTR or interrupted_by_signal)){

return false;

}

}while(fifo_fd == -1);

const char *cmd_line;

size_t cmd_line_len;

char *cmd_line_alloc = NULL;

if(arg == NULL){

cmd_line = cmd;

cmd_line_len = strlen(cmd);

}else{

do{

ret = asprintf(&cmd_line_alloc, "%s %s", cmd, arg);

if(ret == -1 and (errno != EINTR or interrupted_by_signal)){

int e = errno;

close(fifo_fd);

errno = e;

return false;

}

}while(ret == -1);

cmd_line = cmd_line_alloc;

cmd_line_len = (size_t)ret + 1;

}

size_t written = 0;

ssize_t sret = 0;

while(not interrupted_by_signal and written < cmd_line_len){

sret = write(fifo_fd, cmd_line + written,

cmd_line_len - written);

if(sret == -1){

if(errno != EINTR or interrupted_by_signal){

100

int e = errno;

101

close(fifo_fd);

102

free(cmd_line_alloc);

103

errno = e;

104

return false;

105

} else {

106

continue;

107

}

108

}

109

written += (size_t)sret;

110

}

111

free(cmd_line_alloc);

112

do{

113

ret = close(fifo_fd);

114

if(ret == -1 and (errno != EINTR or interrupted_by_signal)){

115

return false;

116

}

117

}while(ret == -1);

118

if(interrupted_by_signal){

119

return false;

120

}

121

return true;

122

}

123

124

int main(__attribute__((unused))int argc,

125

__attribute__((unused))char **argv){

126

int ret = 0;

127

ssize_t sret;

128

bool an_error_occured = false;

129

130

/* Create prompt string */

131

char *prompt = NULL;

132

{

133

const char *const cryptsource = getenv("cryptsource");

134

const char *const crypttarget = getenv("crypttarget");

135

const char prompt_start[] = "Enter passphrase to unlock the disk";

136

137

if(cryptsource == NULL){

138

if(crypttarget == NULL){

139

ret = asprintf(&prompt, "%s: ", prompt_start);

140

} else {

141

ret = asprintf(&prompt, "%s (%s): ", prompt_start,

142

crypttarget);

143

}

144

} else {

145

if(crypttarget == NULL){

146

ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);

147

} else {

148

ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,

149

cryptsource, crypttarget);

150

}

151

}

152

if(ret == -1){

153

return EXIT_FAILURE;

154

}

155

}

156

157

/* Find usplash process */

158

pid_t usplash_pid = 0;

159

char *cmdline = NULL;

160

size_t cmdline_len = 0;

161

const char usplash_name[] = "/sbin/usplash";

162

{

163

DIR *proc_dir = opendir("/proc");

164

if(proc_dir == NULL){

165

free(prompt);

166

perror("opendir");

167

return EXIT_FAILURE;

168

}

169

for(struct dirent *proc_ent = readdir(proc_dir);

170

proc_ent != NULL;

171

proc_ent = readdir(proc_dir)){

172

pid_t pid;

173

/* In the GNU C library, pid_t is always int */

174

ret = sscanf(proc_ent->d_name, "%d", &pid);

175

if(ret != 1){

176

/* Not a process */

177

continue;

178

}

179

/* Find the executable name by doing readlink() on the

180

/proc/<pid>/exe link */

181

char exe_target[sizeof(usplash_name)];

182

{

183

/* create file name string */

184

char *exe_link;

185

ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);

186

if(ret == -1){

187

perror("asprintf");

188

free(prompt);

189

closedir(proc_dir);

190

return EXIT_FAILURE;

191

}

192

193

/* Check that it refers to a symlink owned by root:root */

194

struct stat exe_stat;

195

ret = lstat(exe_link, &exe_stat);

196

if(ret == -1){

197

if(errno == ENOENT){

198

free(exe_link);

199

continue;

200

}

201

perror("lstat");

202

free(exe_link);

203

free(prompt);

204

closedir(proc_dir);

205

return EXIT_FAILURE;

206

}

207

if(not S_ISLNK(exe_stat.st_mode)

208

or exe_stat.st_uid != 0

209

or exe_stat.st_gid != 0){

210

free(exe_link);

211

continue;

212

}

213

214

sret = readlink(exe_link, exe_target, sizeof(exe_target));

215

free(exe_link);

216

}

217

if((sret == ((ssize_t)sizeof(exe_target)-1))

218

and (memcmp(usplash_name, exe_target,

219

sizeof(exe_target)-1) == 0)){

220

usplash_pid = pid;

221

/* Read and save the command line of usplash in "cmdline" */

222

{

223

/* Open /proc/<pid>/cmdline */

224

int cl_fd;

225

{

226

char *cmdline_filename;

227

ret = asprintf(&cmdline_filename, "/proc/%s/cmdline",

228

proc_ent->d_name);

229

if(ret == -1){

230

perror("asprintf");

231

free(prompt);

232

closedir(proc_dir);

233

return EXIT_FAILURE;

234

}

235

cl_fd = open(cmdline_filename, O_RDONLY);

236

if(cl_fd == -1){

237

perror("open");

238

free(cmdline_filename);

239

free(prompt);

240

closedir(proc_dir);

241

return EXIT_FAILURE;

242

}

243

free(cmdline_filename);

244

}

245

size_t cmdline_allocated = 0;

246

char *tmp;

247

const size_t blocksize = 1024;

248

do{

249

if(cmdline_len + blocksize > cmdline_allocated){

250

tmp = realloc(cmdline, cmdline_allocated + blocksize);

251

if(tmp == NULL){

252

perror("realloc");

253

free(cmdline);

254

free(prompt);

255

closedir(proc_dir);

256

return EXIT_FAILURE;

257

}

258

cmdline = tmp;

259

cmdline_allocated += blocksize;

260

}

261

sret = read(cl_fd, cmdline + cmdline_len,

262

cmdline_allocated - cmdline_len);

263

if(sret == -1){

264

perror("read");

265

free(cmdline);

266

free(prompt);

267

closedir(proc_dir);

268

return EXIT_FAILURE;

269

}

270

cmdline_len += (size_t)sret;

271

} while(sret != 0);

272

close(cl_fd);

273

}

274

break;

275

}

276

}

277

closedir(proc_dir);

278

}

279

if(usplash_pid == 0){

280

free(prompt);

281

return EXIT_FAILURE;

282

}

283

284

/* Set up the signal handler */

285

{

286

struct sigaction old_action,

287

new_action = { .sa_handler = termination_handler,

288

.sa_flags = 0 };

289

sigemptyset(&new_action.sa_mask);

290

sigaddset(&new_action.sa_mask, SIGINT);

291

sigaddset(&new_action.sa_mask, SIGHUP);

292

sigaddset(&new_action.sa_mask, SIGTERM);

293

ret = sigaction(SIGINT, NULL, &old_action);

294

if(ret == -1){

295

perror("sigaction");

296

free(prompt);

297

return EXIT_FAILURE;

298

}

299

if(old_action.sa_handler != SIG_IGN){

300

ret = sigaction(SIGINT, &new_action, NULL);

301

if(ret == -1){

302

perror("sigaction");

303

free(prompt);

304

return EXIT_FAILURE;

305

}

306

}

307

ret = sigaction(SIGHUP, NULL, &old_action);

308

if(ret == -1){

309

perror("sigaction");

310

free(prompt);

311

return EXIT_FAILURE;

312

}

313

if(old_action.sa_handler != SIG_IGN){

314

ret = sigaction(SIGHUP, &new_action, NULL);

315

if(ret == -1){

316

perror("sigaction");

317

free(prompt);

318

return EXIT_FAILURE;

319

}

320

}

321

ret = sigaction(SIGTERM, NULL, &old_action);

322

if(ret == -1){

323

perror("sigaction");

324

free(prompt);

325

return EXIT_FAILURE;

326

}

327

if(old_action.sa_handler != SIG_IGN){

328

ret = sigaction(SIGTERM, &new_action, NULL);

329

if(ret == -1){

330

perror("sigaction");

331

free(prompt);

332

return EXIT_FAILURE;

333

}

334

}

335

}

336

337

/* Write command to FIFO */

338

if(not interrupted_by_signal){

339

if(not usplash_write("TIMEOUT", "0")

340

and (errno != EINTR)){

341

perror("usplash_write");

342

an_error_occured = true;

343

}

344

}

345

if(not interrupted_by_signal and not an_error_occured){

346

if(not usplash_write("INPUTQUIET", prompt)

347

and (errno != EINTR)){

348

perror("usplash_write");

349

an_error_occured = true;

350

}

351

}

352

free(prompt);

353

354

/* This is not really a loop; while() is used to be able to "break"

355

out of it; those breaks are marked "Big" */

356

while(not interrupted_by_signal and not an_error_occured){

357

char *buf = NULL;

358

size_t buf_len = 0;

359

360

/* Open FIFO */

361

int fifo_fd;

362

do{

363

fifo_fd = open("/dev/.initramfs/usplash_outfifo", O_RDONLY);

364

if(fifo_fd == -1){

365

if(errno != EINTR){

366

perror("open");

367

an_error_occured = true;

368

break;

369

}

370

if(interrupted_by_signal){

371

break;

372

}

373

}

374

}while(fifo_fd == -1);

375

if(interrupted_by_signal or an_error_occured){

376

break; /* Big */

377

}

378

379

/* Read from FIFO */

380

size_t buf_allocated = 0;

381

const size_t blocksize = 1024;

382

do{

383

if(buf_len + blocksize > buf_allocated){

384

char *tmp = realloc(buf, buf_allocated + blocksize);

385

if(tmp == NULL){

386

perror("realloc");

387

an_error_occured = true;

388

break;

389

}

390

buf = tmp;

391

buf_allocated += blocksize;

392

}

393

do{

394

sret = read(fifo_fd, buf + buf_len, buf_allocated - buf_len);

395

if(sret == -1){

396

if(errno != EINTR){

397

perror("read");

398

an_error_occured = true;

399

break;

400

}

401

if(interrupted_by_signal){

402

break;

403

}

404

}

405

}while(sret == -1);

406

if(interrupted_by_signal or an_error_occured){

407

break;

408

}

409

410

buf_len += (size_t)sret;

411

}while(sret != 0);

412

close(fifo_fd);

413

if(interrupted_by_signal or an_error_occured){

414

break; /* Big */

415

}

416

417

if(not usplash_write("TIMEOUT", "15")

418

and (errno != EINTR)){

419

perror("usplash_write");

420

an_error_occured = true;

421

}

422

if(interrupted_by_signal or an_error_occured){

423

break; /* Big */

424

}

425

426

/* Print password to stdout */

427

size_t written = 0;

428

while(written < buf_len){

429

do{

430

sret = write(STDOUT_FILENO, buf + written, buf_len - written);

431

if(sret == -1){

432

if(errno != EINTR){

433

perror("write");

434

an_error_occured = true;

435

break;

436

}

437

if(interrupted_by_signal){

438

break;

439

}

440

}

441

}while(sret == -1);

442

if(interrupted_by_signal or an_error_occured){

443

break;

444

}

445

written += (size_t)sret;

446

}

447

free(buf);

448

if(not interrupted_by_signal and not an_error_occured){

449

free(cmdline);

450

return EXIT_SUCCESS;

451

}

452

break; /* Big */

453

} /* end of non-loop while() */

454

455

/* If we got here, an error or interrupt must have happened */

456

457

/* Create argc and argv for new usplash*/

458

int cmdline_argc = 0;

459

char **cmdline_argv = malloc(sizeof(char *));

460

{

461

size_t position = 0;

462

while(position < cmdline_len){

463

char **tmp = realloc(cmdline_argv,

464

(sizeof(char *)

465

* (size_t)(cmdline_argc + 2)));

466

if(tmp == NULL){

467

perror("realloc");

468

free(cmdline_argv);

469

return EXIT_FAILURE;

470

}

471

cmdline_argv = tmp;

472

cmdline_argv[cmdline_argc] = cmdline + position;

473

cmdline_argc++;

474

position += strlen(cmdline + position) + 1;

475

}

476

cmdline_argv[cmdline_argc] = NULL;

477

}

478

/* Kill old usplash */

479

kill(usplash_pid, SIGTERM);

480

sleep(2);

481

while(kill(usplash_pid, 0) == 0){

482

kill(usplash_pid, SIGKILL);

483

sleep(1);

484

}

485

pid_t new_usplash_pid = fork();

486

if(new_usplash_pid == 0){

487

/* Child; will become new usplash process */

488

489

/* Make the effective user ID (root) the only user ID instead of

490

the real user ID (mandos) */

491

ret = setuid(geteuid());

492

if(ret == -1){

493

perror("setuid");

494

}

495

496

setsid();

497

ret = chdir("/");

498

/* if(fork() != 0){ */

499

/* _exit(EXIT_SUCCESS); */

500

/* } */

501

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

502

if(ret == -1){

503

perror("dup2");

504

_exit(EXIT_FAILURE);

505

}

506

507

execv(usplash_name, cmdline_argv);

508

if(not interrupted_by_signal){

509

perror("execv");

510

}

511

free(cmdline);

512

free(cmdline_argv);

513

_exit(EXIT_FAILURE);

514

}

515

free(cmdline);

516

free(cmdline_argv);

517

sleep(2);

518

if(not usplash_write("PULSATE", NULL)

519

and (errno != EINTR)){

520

perror("usplash_write");

521

}

522

523

return EXIT_FAILURE;

524

}

Older »