To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugin-runner.c
- browse files at revision 237.7.289
- compare with another revision
- download diff
- download tarball
- view history from revision 237.7.289
- Committer: Teddy Hogeborn
- Date: 2015-01-25 00:02:51 UTC
- mto: (237.7.304 trunk)
- mto: This revision was merged to the branch mainline in revision 325.
- Revision ID: teddy@recompile.se-20150125000251-j2bw50gfq9smqyxe
mandos.xml (SEE ALSO): Update links.
Update link to GnuPG home page, change reference from TLS 1.1 to TLS
1.2, and change to latest RFC for using OpenPGP keys with TLS (and use
its correct title).
Update link to GnuPG home page, change reference from TLS 1.1 to TLS
1.2, and change to latest RFC for using OpenPGP keys with TLS (and use
its correct title).
- files added:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- files removed:
- plugins.d/usplash
- files renamed:
- plugins.d/password-request.c => plugins.d/mandos-client.c
- plugins.d/password-request.xml => plugins.d/mandos-client.xml
- files modified:
- .bzrignore
added
removed
plugin-runner.c
1
/* -*- coding: utf-8 -*- */
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
2
/*
3
3
* Mandos plugin runner - Run Mandos plugins
4
4
*
5
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
5
* Copyright © 2008-2014 Teddy Hogeborn
6
* Copyright © 2008-2014 Björn Påhlsson
6
7
*
7
8
* This program is free software: you can redistribute it and/or
8
9
* modify it under the terms of the GNU General Public License as
18
19
* along with this program. If not, see
19
20
* <http://www.gnu.org/licenses/>.
20
21
*
21
* Contact the authors at <mandos@fukt.bsnet.se>.
22
* Contact the authors at <mandos@recompile.se>.
22
23
*/
23
24
24
25
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
25
asprintf() */
26
O_CLOEXEC, pipe2() */
26
27
#include <stddef.h> /* size_t, NULL */
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
28
EXIT_SUCCESS, realloc() */
28
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
29
realloc() */
29
30
#include <stdbool.h> /* bool, true, false */
30
#include <stdio.h> /* perror, popen(), fileno(),
31
fprintf(), stderr, STDOUT_FILENO */
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
33
stat, waitpid(), WIFEXITED(),
34
WEXITSTATUS(), wait(), pid_t,
35
uid_t, gid_t, getuid(), getgid(),
36
dirfd() */
31
#include <stdio.h> /* fileno(), fprintf(),
32
stderr, STDOUT_FILENO, fclose() */
33
#include <sys/types.h> /* fstat(), struct stat, waitpid(),
34
WIFEXITED(), WEXITSTATUS(), wait(),
35
pid_t, uid_t, gid_t, getuid(),
36
getgid() */
37
37
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
38
38
FD_SET(), FD_ISSET(), FD_CLR */
39
39
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
40
WEXITSTATUS() */
41
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
40
WEXITSTATUS(), WTERMSIG(),
41
WCOREDUMP() */
42
#include <sys/stat.h> /* struct stat, fstat(), S_ISREG() */
42
43
#include <iso646.h> /* and, or, not */
43
#include <dirent.h> /* DIR, struct dirent, opendir(),
44
readdir(), closedir(), dirfd() */
45
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
46
fcntl(), setuid(), setgid(),
47
F_GETFD, F_SETFD, FD_CLOEXEC,
48
access(), pipe(), fork(), close()
49
dup2, STDOUT_FILENO, _exit(),
50
execv(), write(), read(),
51
close() */
44
#include <dirent.h> /* struct dirent, scandirat() */
45
#include <unistd.h> /* fcntl(), F_GETFD, F_SETFD,
46
FD_CLOEXEC, write(), STDOUT_FILENO,
47
struct stat, fstat(), close(),
48
setgid(), setuid(), S_ISREG(),
49
faccessat() pipe2(), fork(),
50
_exit(), dup2(), fexecve(), read()
51
*/
52
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
53
FD_CLOEXEC */
54
#include <string.h> /* strsep, strlen(), asprintf() */
53
FD_CLOEXEC, openat(), scandirat(),
54
pipe2() */
55
#include <string.h> /* strsep, strlen(), strsignal(),
56
strcmp(), strncmp() */
55
57
#include <errno.h> /* errno */
56
58
#include <argp.h> /* struct argp_option, struct
57
59
argp_state, struct argp,
61
63
#include <signal.h> /* struct sigaction, sigemptyset(),
62
64
sigaddset(), sigaction(),
63
65
sigprocmask(), SIG_BLOCK, SIGCHLD,
64
SIG_UNBLOCK, kill() */
66
SIG_UNBLOCK, kill(), sig_atomic_t
67
*/
65
68
#include <errno.h> /* errno, EBADF */
69
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
70
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
71
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
72
#include <errno.h> /* errno */
73
#include <error.h> /* error() */
74
#include <fnmatch.h> /* fnmatch() */
66
75
67
76
#define BUFFER_SIZE 256
68
77
69
78
#define PDIR "/lib/mandos/plugins.d"
70
79
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
71
80
72
const char *argp_program_version = "plugin-runner 1.0";
73
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
74
75
struct plugin;
81
const char *argp_program_version = "plugin-runner " VERSION;
82
const char *argp_program_bug_address = "<mandos@recompile.se>";
76
83
77
84
typedef struct plugin{
78
85
char *name; /* can be NULL or any plugin name */
81
88
char **environ;
82
89
int envc;
83
90
bool disabled;
84
91
85
92
/* Variables used for running processes*/
86
93
pid_t pid;
87
94
int fd;
89
96
size_t buffer_size;
90
97
size_t buffer_length;
91
98
bool eof;
92
volatile bool completed;
93
volatile int status;
99
volatile sig_atomic_t completed;
100
int status;
94
101
struct plugin *next;
95
102
} plugin;
96
103
97
104
static plugin *plugin_list = NULL;
98
105
99
/* Gets a existing plugin based on name,
106
/* Gets an existing plugin based on name,
100
107
or if none is found, creates a new one */
108
__attribute__((warn_unused_result))
101
109
static plugin *getplugin(char *name){
102
/* Check for exiting plugin with that name */
103
for (plugin *p = plugin_list; p != NULL; p = p->next){
104
if ((p->name == name)
105
or (p->name and name and (strcmp(p->name, name) == 0))){
110
/* Check for existing plugin with that name */
111
for(plugin *p = plugin_list; p != NULL; p = p->next){
112
if((p->name == name)
113
or (p->name and name and (strcmp(p->name, name) == 0))){
106
114
return p;
107
115
}
108
116
}
109
117
/* Create a new plugin */
110
plugin *new_plugin = malloc(sizeof(plugin));
111
if (new_plugin == NULL){
118
plugin *new_plugin = NULL;
119
do {
120
new_plugin = malloc(sizeof(plugin));
121
} while(new_plugin == NULL and errno == EINTR);
122
if(new_plugin == NULL){
112
123
return NULL;
113
124
}
114
125
char *copy_name = NULL;
115
126
if(name != NULL){
116
copy_name = strdup(name);
127
do {
128
copy_name = strdup(name);
129
} while(copy_name == NULL and errno == EINTR);
117
130
if(copy_name == NULL){
131
int e = errno;
132
free(new_plugin);
133
errno = e;
118
134
return NULL;
119
135
}
120
136
}
121
122
*new_plugin = (plugin) { .name = copy_name,
123
.argc = 1,
124
.disabled = false,
125
.next = plugin_list };
126
127
new_plugin->argv = malloc(sizeof(char *) * 2);
128
if (new_plugin->argv == NULL){
137
138
*new_plugin = (plugin){ .name = copy_name,
139
.argc = 1,
140
.disabled = false,
141
.next = plugin_list };
142
143
do {
144
new_plugin->argv = malloc(sizeof(char *) * 2);
145
} while(new_plugin->argv == NULL and errno == EINTR);
146
if(new_plugin->argv == NULL){
147
int e = errno;
129
148
free(copy_name);
130
149
free(new_plugin);
150
errno = e;
131
151
return NULL;
132
152
}
133
153
new_plugin->argv[0] = copy_name;
134
154
new_plugin->argv[1] = NULL;
135
136
new_plugin->environ = malloc(sizeof(char *));
155
156
do {
157
new_plugin->environ = malloc(sizeof(char *));
158
} while(new_plugin->environ == NULL and errno == EINTR);
137
159
if(new_plugin->environ == NULL){
160
int e = errno;
138
161
free(copy_name);
139
162
free(new_plugin->argv);
140
163
free(new_plugin);
164
errno = e;
141
165
return NULL;
142
166
}
143
167
new_plugin->environ[0] = NULL;
144
168
145
169
/* Append the new plugin to the list */
146
170
plugin_list = new_plugin;
147
171
return new_plugin;
148
172
}
149
173
150
174
/* Helper function for add_argument and add_environment */
175
__attribute__((nonnull, warn_unused_result))
151
176
static bool add_to_char_array(const char *new, char ***array,
152
177
int *len){
153
178
/* Resize the pointed-to array to hold one more pointer */
154
*array = realloc(*array, sizeof(char *)
155
* (size_t) ((*len) + 2));
179
char **new_array = NULL;
180
do {
181
new_array = realloc(*array, sizeof(char *)
182
* (size_t) ((*len) + 2));
183
} while(new_array == NULL and errno == EINTR);
156
184
/* Malloc check */
157
if(*array == NULL){
185
if(new_array == NULL){
158
186
return false;
159
187
}
188
*array = new_array;
160
189
/* Make a copy of the new string */
161
char *copy = strdup(new);
190
char *copy;
191
do {
192
copy = strdup(new);
193
} while(copy == NULL and errno == EINTR);
162
194
if(copy == NULL){
163
195
return false;
164
196
}
171
203
}
172
204
173
205
/* Add to a plugin's argument vector */
206
__attribute__((nonnull(2), warn_unused_result))
174
207
static bool add_argument(plugin *p, const char *arg){
175
208
if(p == NULL){
176
209
return false;
179
212
}
180
213
181
214
/* Add to a plugin's environment */
182
static bool add_environment(plugin *p, const char *def){
215
__attribute__((nonnull(2), warn_unused_result))
216
static bool add_environment(plugin *p, const char *def, bool replace){
183
217
if(p == NULL){
184
218
return false;
185
219
}
220
/* namelen = length of name of environment variable */
221
size_t namelen = (size_t)(strchrnul(def, '=') - def);
222
/* Search for this environment variable */
223
for(char **envdef = p->environ; *envdef != NULL; envdef++){
224
if(strncmp(*envdef, def, namelen + 1) == 0){
225
/* It already exists */
226
if(replace){
227
char *new_envdef;
228
do {
229
new_envdef = realloc(*envdef, strlen(def) + 1);
230
} while(new_envdef == NULL and errno == EINTR);
231
if(new_envdef == NULL){
232
return false;
233
}
234
*envdef = new_envdef;
235
strcpy(*envdef, def);
236
}
237
return true;
238
}
239
}
186
240
return add_to_char_array(def, &(p->environ), &(p->envc));
187
241
}
188
242
243
#ifndef O_CLOEXEC
189
244
/*
190
245
* Based on the example in the GNU LibC manual chapter 13.13 "File
191
246
* Descriptor Flags".
192
* *Note File Descriptor Flags:(libc)Descriptor Flags.
247
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
193
248
*/
194
static int set_cloexec_flag(int fd)
195
{
196
int ret = fcntl(fd, F_GETFD, 0);
249
__attribute__((warn_unused_result))
250
static int set_cloexec_flag(int fd){
251
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
197
252
/* If reading the flags failed, return error indication now. */
198
253
if(ret < 0){
199
254
return ret;
200
255
}
201
256
/* Store modified flag word in the descriptor. */
202
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
257
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
258
ret | FD_CLOEXEC));
203
259
}
260
#endif /* not O_CLOEXEC */
204
261
205
262
206
263
/* Mark processes as completed when they exit, and save their exit
207
264
status. */
208
void handle_sigchld(__attribute__((unused)) int sig){
265
static void handle_sigchld(__attribute__((unused)) int sig){
266
int old_errno = errno;
209
267
while(true){
210
268
plugin *proc = plugin_list;
211
269
int status;
215
273
break;
216
274
}
217
275
if(pid == -1){
218
if (errno != ECHILD){
219
perror("waitpid");
276
if(errno == ECHILD){
277
/* No child processes */
278
break;
220
279
}
221
/* No child processes */
222
break;
280
error(0, errno, "waitpid");
223
281
}
224
282
225
283
/* A child exited, find it in process_list */
226
284
while(proc != NULL and proc->pid != pid){
227
285
proc = proc->next;
231
289
continue;
232
290
}
233
291
proc->status = status;
234
proc->completed = true;
292
proc->completed = 1;
235
293
}
294
errno = old_errno;
236
295
}
237
296
238
297
/* Prints out a password to stdout */
239
bool print_out_password(const char *buffer, size_t length){
298
__attribute__((nonnull, warn_unused_result))
299
static bool print_out_password(const char *buffer, size_t length){
240
300
ssize_t ret;
241
if(length>0 and buffer[length-1] == '\n'){
242
length--;
243
}
244
301
for(size_t written = 0; written < length; written += (size_t)ret){
245
302
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
246
303
length - written));
252
309
}
253
310
254
311
/* Removes and free a plugin from the plugin list */
312
__attribute__((nonnull))
255
313
static void free_plugin(plugin *plugin_node){
256
314
257
315
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
263
321
}
264
322
free(plugin_node->environ);
265
323
free(plugin_node->buffer);
266
324
267
325
/* Removes the plugin from the singly-linked list */
268
326
if(plugin_node == plugin_list){
269
327
/* First one - simple */
291
349
char *plugindir = NULL;
292
350
char *argfile = NULL;
293
351
FILE *conffp;
294
size_t d_name_len;
295
DIR *dir = NULL;
296
struct dirent *dirst;
352
struct dirent **direntries = NULL;
297
353
struct stat st;
298
354
fd_set rfds_all;
299
355
int ret, maxfd = 0;
356
ssize_t sret;
300
357
uid_t uid = 65534;
301
358
gid_t gid = 65534;
302
359
bool debug = false;
306
363
.sa_flags = SA_NOCLDSTOP };
307
364
char **custom_argv = NULL;
308
365
int custom_argc = 0;
366
int dir_fd = -1;
309
367
310
368
/* Establish a signal handler */
311
369
sigemptyset(&sigchld_action.sa_mask);
312
370
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
313
371
if(ret == -1){
314
perror("sigaddset");
315
exitstatus = EXIT_FAILURE;
372
error(0, errno, "sigaddset");
373
exitstatus = EX_OSERR;
316
374
goto fallback;
317
375
}
318
376
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
319
377
if(ret == -1){
320
perror("sigaction");
321
exitstatus = EXIT_FAILURE;
378
error(0, errno, "sigaction");
379
exitstatus = EX_OSERR;
322
380
goto fallback;
323
381
}
324
382
327
385
{ .name = "global-options", .key = 'g',
328
386
.arg = "OPTION[,OPTION[,...]]",
329
387
.doc = "Options passed to all plugins" },
330
{ .name = "global-envs", .key = 'e',
388
{ .name = "global-env", .key = 'G',
331
389
.arg = "VAR=value",
332
390
.doc = "Environment variable passed to all plugins" },
333
391
{ .name = "options-for", .key = 'o',
334
392
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
335
393
.doc = "Options passed only to specified plugin" },
336
{ .name = "envs-for", .key = 'f',
394
{ .name = "env-for", .key = 'E',
337
395
.arg = "PLUGIN:ENV=value",
338
396
.doc = "Environment variable passed to specified plugin" },
339
397
{ .name = "disable", .key = 'd',
340
398
.arg = "PLUGIN",
341
399
.doc = "Disable a specific plugin", .group = 1 },
400
{ .name = "enable", .key = 'e',
401
.arg = "PLUGIN",
402
.doc = "Enable a specific plugin", .group = 1 },
342
403
{ .name = "plugin-dir", .key = 128,
343
404
.arg = "DIRECTORY",
344
405
.doc = "Specify a different plugin directory", .group = 2 },
353
414
.doc = "Group ID the plugins will run as", .group = 3 },
354
415
{ .name = "debug", .key = 132,
355
416
.doc = "Debug mode", .group = 4 },
417
/*
418
* These reproduce what we would get without ARGP_NO_HELP
419
*/
420
{ .name = "help", .key = '?',
421
.doc = "Give this help list", .group = -1 },
422
{ .name = "usage", .key = -3,
423
.doc = "Give a short usage message", .group = -1 },
424
{ .name = "version", .key = 'V',
425
.doc = "Print program version", .group = -1 },
356
426
{ .name = NULL }
357
427
};
358
428
359
error_t parse_opt (int key, char *arg, __attribute__((unused)) struct argp_state *state) {
360
/* Get the INPUT argument from `argp_parse', which we know is a
361
pointer to our plugin list pointer. */
362
switch (key) {
429
__attribute__((nonnull(3)))
430
error_t parse_opt(int key, char *arg, struct argp_state *state){
431
errno = 0;
432
switch(key){
433
char *tmp;
434
intmax_t tmp_id;
363
435
case 'g': /* --global-options */
364
if (arg != NULL){
365
char *p;
366
while((p = strsep(&arg, ",")) != NULL){
367
if(p[0] == '\0'){
368
continue;
369
}
370
if(not add_argument(getplugin(NULL), p)){
371
perror("add_argument");
372
return ARGP_ERR_UNKNOWN;
373
}
374
}
375
}
376
break;
377
case 'e': /* --global-envs */
378
if(arg == NULL){
379
break;
380
}
381
436
{
382
char *envdef = strdup(arg);
383
if(envdef == NULL){
384
break;
385
}
386
if(not add_environment(getplugin(NULL), envdef)){
387
perror("add_environment");
388
}
437
char *plugin_option;
438
while((plugin_option = strsep(&arg, ",")) != NULL){
439
if(not add_argument(getplugin(NULL), plugin_option)){
440
break;
441
}
442
}
443
errno = 0;
444
}
445
break;
446
case 'G': /* --global-env */
447
if(add_environment(getplugin(NULL), arg, true)){
448
errno = 0;
389
449
}
390
450
break;
391
451
case 'o': /* --options-for */
392
if (arg != NULL){
393
char *p_name = strsep(&arg, ":");
394
if(p_name[0] == '\0'){
395
break;
396
}
397
char *opt = strsep(&arg, ":");
398
if(opt[0] == '\0'){
399
break;
400
}
401
if(opt != NULL){
402
char *p;
403
while((p = strsep(&opt, ",")) != NULL){
404
if(p[0] == '\0'){
405
continue;
406
}
407
if(not add_argument(getplugin(p_name), p)){
408
perror("add_argument");
409
return ARGP_ERR_UNKNOWN;
410
}
452
{
453
char *option_list = strchr(arg, ':');
454
if(option_list == NULL){
455
argp_error(state, "No colon in \"%s\"", arg);
456
errno = EINVAL;
457
break;
458
}
459
*option_list = '\0';
460
option_list++;
461
if(arg[0] == '\0'){
462
argp_error(state, "Empty plugin name");
463
errno = EINVAL;
464
break;
465
}
466
char *option;
467
while((option = strsep(&option_list, ",")) != NULL){
468
if(not add_argument(getplugin(arg), option)){
469
break;
411
470
}
412
471
}
472
errno = 0;
413
473
}
414
474
break;
415
case 'f': /* --envs-for */
416
if(arg == NULL){
417
break;
418
}
475
case 'E': /* --env-for */
419
476
{
420
477
char *envdef = strchr(arg, ':');
421
478
if(envdef == NULL){
422
break;
423
}
424
char *p_name = strndup(arg, (size_t) (envdef-arg));
425
if(p_name == NULL){
426
break;
427
}
479
argp_error(state, "No colon in \"%s\"", arg);
480
errno = EINVAL;
481
break;
482
}
483
*envdef = '\0';
428
484
envdef++;
429
if(not add_environment(getplugin(p_name), envdef)){
430
perror("add_environment");
485
if(arg[0] == '\0'){
486
argp_error(state, "Empty plugin name");
487
errno = EINVAL;
488
break;
489
}
490
if(add_environment(getplugin(arg), envdef, true)){
491
errno = 0;
431
492
}
432
493
}
433
494
break;
434
495
case 'd': /* --disable */
435
if (arg != NULL){
436
plugin *p = getplugin(arg);
437
if(p == NULL){
438
return ARGP_ERR_UNKNOWN;
439
}
440
p->disabled = true;
496
{
497
plugin *p = getplugin(arg);
498
if(p != NULL){
499
p->disabled = true;
500
errno = 0;
501
}
502
}
503
break;
504
case 'e': /* --enable */
505
{
506
plugin *p = getplugin(arg);
507
if(p != NULL){
508
p->disabled = false;
509
errno = 0;
510
}
441
511
}
442
512
break;
443
513
case 128: /* --plugin-dir */
514
free(plugindir);
444
515
plugindir = strdup(arg);
445
if(plugindir == NULL){
446
perror("strdup");
447
}
448
break;
449
case 129: /* --config-file */
516
if(plugindir != NULL){
517
errno = 0;
518
}
519
break;
520
case 129: /* --config-file */
521
/* This is already done by parse_opt_config_file() */
522
break;
523
case 130: /* --userid */
524
tmp_id = strtoimax(arg, &tmp, 10);
525
if(errno != 0 or tmp == arg or *tmp != '\0'
526
or tmp_id != (uid_t)tmp_id){
527
argp_error(state, "Bad user ID number: \"%s\", using %"
528
PRIdMAX, arg, (intmax_t)uid);
529
break;
530
}
531
uid = (uid_t)tmp_id;
532
errno = 0;
533
break;
534
case 131: /* --groupid */
535
tmp_id = strtoimax(arg, &tmp, 10);
536
if(errno != 0 or tmp == arg or *tmp != '\0'
537
or tmp_id != (gid_t)tmp_id){
538
argp_error(state, "Bad group ID number: \"%s\", using %"
539
PRIdMAX, arg, (intmax_t)gid);
540
break;
541
}
542
gid = (gid_t)tmp_id;
543
errno = 0;
544
break;
545
case 132: /* --debug */
546
debug = true;
547
break;
548
/*
549
* These reproduce what we would get without ARGP_NO_HELP
550
*/
551
case '?': /* --help */
552
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
553
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
554
case -3: /* --usage */
555
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
556
argp_state_help(state, state->out_stream,
557
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
558
case 'V': /* --version */
559
fprintf(state->out_stream, "%s\n", argp_program_version);
560
exit(EXIT_SUCCESS);
561
break;
562
/*
563
* When adding more options before this line, remember to also add a
564
* "case" to the "parse_opt_config_file" function below.
565
*/
566
case ARGP_KEY_ARG:
567
/* Cryptsetup always passes an argument, which is an empty
568
string if "none" was specified in /etc/crypttab. So if
569
argument was empty, we ignore it silently. */
570
if(arg[0] == '\0'){
571
break;
572
}
573
default:
574
return ARGP_ERR_UNKNOWN;
575
}
576
return errno; /* Set to 0 at start */
577
}
578
579
/* This option parser is the same as parse_opt() above, except it
580
ignores everything but the --config-file option. */
581
error_t parse_opt_config_file(int key, char *arg,
582
__attribute__((unused))
583
struct argp_state *state){
584
errno = 0;
585
switch(key){
586
case 'g': /* --global-options */
587
case 'G': /* --global-env */
588
case 'o': /* --options-for */
589
case 'E': /* --env-for */
590
case 'd': /* --disable */
591
case 'e': /* --enable */
592
case 128: /* --plugin-dir */
593
break;
594
case 129: /* --config-file */
595
free(argfile);
450
596
argfile = strdup(arg);
451
if(argfile == NULL){
452
perror("strdup");
597
if(argfile != NULL){
598
errno = 0;
453
599
}
454
break;
600
break;
455
601
case 130: /* --userid */
456
uid = (uid_t)strtol(arg, NULL, 10);
457
break;
458
602
case 131: /* --groupid */
459
gid = (gid_t)strtol(arg, NULL, 10);
460
break;
461
603
case 132: /* --debug */
462
debug = true;
463
break;
604
case '?': /* --help */
605
case -3: /* --usage */
606
case 'V': /* --version */
464
607
case ARGP_KEY_ARG:
465
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
466
break;
467
case ARGP_KEY_END:
468
608
break;
469
609
default:
470
610
return ARGP_ERR_UNKNOWN;
471
611
}
472
return 0;
612
return errno;
473
613
}
474
614
475
struct argp argp = { .options = options, .parser = parse_opt,
476
.args_doc = "[+PLUS_SEPARATED_OPTIONS]",
615
struct argp argp = { .options = options,
616
.parser = parse_opt_config_file,
617
.args_doc = "",
477
618
.doc = "Mandos plugin runner -- Run plugins" };
478
619
479
ret = argp_parse (&argp, argc, argv, 0, 0, NULL);
480
if (ret == ARGP_ERR_UNKNOWN){
481
fprintf(stderr, "Unknown error while parsing arguments\n");
482
exitstatus = EXIT_FAILURE;
620
/* Parse using parse_opt_config_file() in order to get the custom
621
config file location, if any. */
622
ret = argp_parse(&argp, argc, argv,
623
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
624
NULL, NULL);
625
switch(ret){
626
case 0:
627
break;
628
case ENOMEM:
629
default:
630
errno = ret;
631
error(0, errno, "argp_parse");
632
exitstatus = EX_OSERR;
633
goto fallback;
634
case EINVAL:
635
exitstatus = EX_USAGE;
483
636
goto fallback;
484
637
}
485
486
/* Opens the configfile if aviable */
487
if (argfile == NULL){
638
639
/* Reset to the normal argument parser */
640
argp.parser = parse_opt;
641
642
/* Open the configfile if available */
643
if(argfile == NULL){
488
644
conffp = fopen(AFILE, "r");
489
645
} else {
490
646
conffp = fopen(argfile, "r");
491
}
647
}
492
648
if(conffp != NULL){
493
649
char *org_line = NULL;
494
650
char *p, *arg, *new_arg, *line;
495
651
size_t size = 0;
496
ssize_t sret;
497
652
const char whitespace_delims[] = " \r\t\f\v\n";
498
653
const char comment_delim[] = "#";
499
654
500
655
custom_argc = 1;
501
656
custom_argv = malloc(sizeof(char*) * 2);
502
657
if(custom_argv == NULL){
503
perror("malloc");
504
exitstatus = EXIT_FAILURE;
658
error(0, errno, "malloc");
659
exitstatus = EX_OSERR;
505
660
goto fallback;
506
661
}
507
662
custom_argv[0] = argv[0];
508
663
custom_argv[1] = NULL;
509
510
/* for each line in the config file, strip whitespace and ignore commented text */
664
665
/* for each line in the config file, strip whitespace and ignore
666
commented text */
511
667
while(true){
512
668
sret = getline(&org_line, &size, conffp);
513
669
if(sret == -1){
514
670
break;
515
671
}
516
672
517
673
line = org_line;
518
674
arg = strsep(&line, comment_delim);
519
675
while((p = strsep(&arg, whitespace_delims)) != NULL){
522
678
}
523
679
new_arg = strdup(p);
524
680
if(new_arg == NULL){
525
perror("strdup");
526
exitstatus = EXIT_FAILURE;
681
error(0, errno, "strdup");
682
exitstatus = EX_OSERR;
527
683
free(org_line);
528
684
goto fallback;
529
685
}
530
686
531
687
custom_argc += 1;
532
custom_argv = realloc(custom_argv, sizeof(char *)
533
* ((unsigned int) custom_argc + 1));
534
if(custom_argv == NULL){
535
perror("realloc");
536
exitstatus = EXIT_FAILURE;
537
free(org_line);
538
goto fallback;
688
{
689
char **new_argv = realloc(custom_argv, sizeof(char *)
690
* ((unsigned int)
691
custom_argc + 1));
692
if(new_argv == NULL){
693
error(0, errno, "realloc");
694
exitstatus = EX_OSERR;
695
free(new_arg);
696
free(org_line);
697
goto fallback;
698
} else {
699
custom_argv = new_argv;
700
}
539
701
}
540
702
custom_argv[custom_argc-1] = new_arg;
541
custom_argv[custom_argc] = NULL;
703
custom_argv[custom_argc] = NULL;
542
704
}
543
705
}
706
do {
707
ret = fclose(conffp);
708
} while(ret == EOF and errno == EINTR);
709
if(ret == EOF){
710
error(0, errno, "fclose");
711
exitstatus = EX_IOERR;
712
goto fallback;
713
}
544
714
free(org_line);
545
} else{
715
} else {
546
716
/* Check for harmful errors and go to fallback. Other errors might
547
717
not affect opening plugins */
548
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
549
perror("fopen");
550
exitstatus = EXIT_FAILURE;
718
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
719
error(0, errno, "fopen");
720
exitstatus = EX_OSERR;
551
721
goto fallback;
552
722
}
553
723
}
554
/* If there was any arguments from configuration file,
555
pass them to parser as command arguments */
724
/* If there were any arguments from the configuration file, pass
725
them to parser as command line arguments */
556
726
if(custom_argv != NULL){
557
ret = argp_parse (&argp, custom_argc, custom_argv, 0, 0, NULL);
558
if (ret == ARGP_ERR_UNKNOWN){
559
fprintf(stderr, "Unknown error while parsing arguments\n");
560
exitstatus = EXIT_FAILURE;
727
ret = argp_parse(&argp, custom_argc, custom_argv,
728
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
729
NULL, NULL);
730
switch(ret){
731
case 0:
732
break;
733
case ENOMEM:
734
default:
735
errno = ret;
736
error(0, errno, "argp_parse");
737
exitstatus = EX_OSERR;
738
goto fallback;
739
case EINVAL:
740
exitstatus = EX_CONFIG;
561
741
goto fallback;
562
742
}
563
743
}
564
744
745
/* Parse actual command line arguments, to let them override the
746
config file */
747
ret = argp_parse(&argp, argc, argv,
748
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
749
NULL, NULL);
750
switch(ret){
751
case 0:
752
break;
753
case ENOMEM:
754
default:
755
errno = ret;
756
error(0, errno, "argp_parse");
757
exitstatus = EX_OSERR;
758
goto fallback;
759
case EINVAL:
760
exitstatus = EX_USAGE;
761
goto fallback;
762
}
763
565
764
if(debug){
566
765
for(plugin *p = plugin_list; p != NULL; p=p->next){
567
766
fprintf(stderr, "Plugin: %s has %d arguments\n",
569
768
for(char **a = p->argv; *a != NULL; a++){
570
769
fprintf(stderr, "\tArg: %s\n", *a);
571
770
}
572
fprintf(stderr, "...and %u environment variables\n", p->envc);
771
fprintf(stderr, "...and %d environment variables\n", p->envc);
573
772
for(char **a = p->environ; *a != NULL; a++){
574
773
fprintf(stderr, "\t%s\n", *a);
575
774
}
576
775
}
577
776
}
578
579
/* Strip permissions down to nobody */
777
778
if(getuid() == 0){
779
/* Work around Debian bug #633582:
780
<http://bugs.debian.org/633582> */
781
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
782
if(plugindir_fd == -1){
783
if(errno != ENOENT){
784
error(0, errno, "open(\"" PDIR "\")");
785
}
786
} else {
787
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
788
if(ret == -1){
789
error(0, errno, "fstat");
790
} else {
791
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
792
ret = fchown(plugindir_fd, uid, gid);
793
if(ret == -1){
794
error(0, errno, "fchown");
795
}
796
}
797
}
798
TEMP_FAILURE_RETRY(close(plugindir_fd));
799
}
800
}
801
802
/* Lower permissions */
803
ret = setgid(gid);
804
if(ret == -1){
805
error(0, errno, "setgid");
806
}
580
807
ret = setuid(uid);
581
if (ret == -1){
582
perror("setuid");
583
}
584
setgid(gid);
585
if (ret == -1){
586
perror("setgid");
587
}
588
589
if (plugindir == NULL){
590
dir = opendir(PDIR);
591
} else {
592
dir = opendir(plugindir);
593
}
594
595
if(dir == NULL){
596
perror("Could not open plugin dir");
597
exitstatus = EXIT_FAILURE;
598
goto fallback;
599
}
600
601
/* Set the FD_CLOEXEC flag on the directory, if possible */
808
if(ret == -1){
809
error(0, errno, "setuid");
810
}
811
812
/* Open plugin directory with close_on_exec flag */
602
813
{
603
int dir_fd = dirfd(dir);
604
if(dir_fd >= 0){
605
ret = set_cloexec_flag(dir_fd);
606
if(ret < 0){
607
perror("set_cloexec_flag");
608
exitstatus = EXIT_FAILURE;
609
goto fallback;
814
dir_fd = open(plugindir != NULL ? plugindir : PDIR, O_RDONLY |
815
#ifdef O_CLOEXEC
816
O_CLOEXEC
817
#else /* not O_CLOEXEC */
818
0
819
#endif /* not O_CLOEXEC */
820
);
821
if(dir_fd == -1){
822
error(0, errno, "Could not open plugin dir");
823
exitstatus = EX_UNAVAILABLE;
824
goto fallback;
825
}
826
827
#ifndef O_CLOEXEC
828
/* Set the FD_CLOEXEC flag on the directory */
829
ret = set_cloexec_flag(dir_fd);
830
if(ret < 0){
831
error(0, errno, "set_cloexec_flag");
832
exitstatus = EX_OSERR;
833
goto fallback;
834
}
835
#endif /* O_CLOEXEC */
836
}
837
838
int good_name(const struct dirent * const dirent){
839
const char * const patterns[] = { ".*", "#*#", "*~", "*.dpkg-new",
840
"*.dpkg-old", "*.dpkg-bak",
841
"*.dpkg-divert", NULL };
842
#ifdef __GNUC__
843
#pragma GCC diagnostic push
844
#pragma GCC diagnostic ignored "-Wcast-qual"
845
#endif
846
for(const char **pat = (const char **)patterns;
847
*pat != NULL; pat++){
848
#ifdef __GNUC__
849
#pragma GCC diagnostic pop
850
#endif
851
if(fnmatch(*pat, dirent->d_name, FNM_FILE_NAME | FNM_PERIOD)
852
!= FNM_NOMATCH){
853
if(debug){
854
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
855
" matching pattern %s\n", dirent->d_name, *pat);
856
}
857
return 0;
610
858
}
611
859
}
860
return 1;
861
}
862
863
#ifdef __GLIBC__
864
#if __GLIBC_PREREQ(2, 15)
865
int numplugins = scandirat(dir_fd, ".", &direntries, good_name,
866
alphasort);
867
#else /* not __GLIBC_PREREQ(2, 15) */
868
int numplugins = scandir(plugindir != NULL ? plugindir : PDIR,
869
&direntries, good_name, alphasort);
870
#endif /* not __GLIBC_PREREQ(2, 15) */
871
#else /* not __GLIBC__ */
872
int numplugins = scandir(plugindir != NULL ? plugindir : PDIR,
873
&direntries, good_name, alphasort);
874
#endif /* not __GLIBC__ */
875
if(numplugins == -1){
876
error(0, errno, "Could not scan plugin dir");
877
direntries = NULL;
878
exitstatus = EX_OSERR;
879
goto fallback;
612
880
}
613
881
614
882
FD_ZERO(&rfds_all);
615
883
616
884
/* Read and execute any executable in the plugin directory*/
617
while(true){
618
dirst = readdir(dir);
619
620
// All directory entries have been processed
621
if(dirst == NULL){
622
if (errno == EBADF){
623
perror("readdir");
624
exitstatus = EXIT_FAILURE;
625
goto fallback;
626
}
627
break;
628
}
629
630
d_name_len = strlen(dirst->d_name);
631
632
// Ignore dotfiles, backup files and other junk
633
{
634
bool bad_name = false;
635
636
const char const *bad_prefixes[] = { ".", "#", NULL };
637
638
const char const *bad_suffixes[] = { "~", "#", ".dpkg-new",
639
".dpkg-old",
640
".dpkg-divert", NULL };
641
for(const char **pre = bad_prefixes; *pre != NULL; pre++){
642
size_t pre_len = strlen(*pre);
643
if((d_name_len >= pre_len)
644
and strncmp((dirst->d_name), *pre, pre_len) == 0){
645
if(debug){
646
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
647
" with bad prefix %s\n", dirst->d_name, *pre);
648
}
649
bad_name = true;
650
break;
651
}
652
}
653
if(bad_name){
654
continue;
655
}
656
for(const char **suf = bad_suffixes; *suf != NULL; suf++){
657
size_t suf_len = strlen(*suf);
658
if((d_name_len >= suf_len)
659
and (strcmp((dirst->d_name)+d_name_len-suf_len, *suf)
660
== 0)){
661
if(debug){
662
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
663
" with bad suffix %s\n", dirst->d_name, *suf);
664
}
665
bad_name = true;
666
break;
667
}
668
}
669
670
if(bad_name){
671
continue;
672
}
673
}
674
675
char *filename;
676
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name);
677
if(ret < 0){
678
perror("asprintf");
679
continue;
680
}
681
682
ret = stat(filename, &st);
683
if (ret == -1){
684
perror("stat");
685
free(filename);
686
continue;
687
}
688
885
for(int i = 0; i < numplugins; i++){
886
887
int plugin_fd = openat(dir_fd, direntries[i]->d_name, O_RDONLY);
888
if(plugin_fd == -1){
889
error(0, errno, "Could not open plugin");
890
free(direntries[i]);
891
continue;
892
}
893
ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
894
if(ret == -1){
895
error(0, errno, "stat");
896
TEMP_FAILURE_RETRY(close(plugin_fd));
897
free(direntries[i]);
898
continue;
899
}
900
689
901
/* Ignore non-executable files */
690
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){
902
if(not S_ISREG(st.st_mode)
903
or (TEMP_FAILURE_RETRY(faccessat(dir_fd, direntries[i]->d_name,
904
X_OK, 0)) != 0)){
691
905
if(debug){
692
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
693
" with bad type or mode\n", filename);
906
fprintf(stderr, "Ignoring plugin dir entry \"%s/%s\""
907
" with bad type or mode\n",
908
plugindir != NULL ? plugindir : PDIR,
909
direntries[i]->d_name);
694
910
}
695
free(filename);
911
TEMP_FAILURE_RETRY(close(plugin_fd));
912
free(direntries[i]);
696
913
continue;
697
914
}
698
915
699
plugin *p = getplugin(dirst->d_name);
916
plugin *p = getplugin(direntries[i]->d_name);
700
917
if(p == NULL){
701
perror("getplugin");
702
free(filename);
918
error(0, errno, "getplugin");
919
TEMP_FAILURE_RETRY(close(plugin_fd));
920
free(direntries[i]);
703
921
continue;
704
922
}
705
923
if(p->disabled){
706
924
if(debug){
707
925
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
708
dirst->d_name);
926
direntries[i]->d_name);
709
927
}
710
free(filename);
928
TEMP_FAILURE_RETRY(close(plugin_fd));
929
free(direntries[i]);
711
930
continue;
712
931
}
713
932
{
716
935
if(g != NULL){
717
936
for(char **a = g->argv + 1; *a != NULL; a++){
718
937
if(not add_argument(p, *a)){
719
perror("add_argument");
938
error(0, errno, "add_argument");
720
939
}
721
940
}
722
941
/* Add global environment variables */
723
942
for(char **e = g->environ; *e != NULL; e++){
724
if(not add_environment(p, *e)){
725
perror("add_environment");
943
if(not add_environment(p, *e, false)){
944
error(0, errno, "add_environment");
726
945
}
727
946
}
728
947
}
729
948
}
730
/* If this plugin has any environment variables, we will call
731
using execve and need to duplicate the environment from this
732
process, too. */
949
/* If this plugin has any environment variables, we need to
950
duplicate the environment from this process, too. */
733
951
if(p->environ[0] != NULL){
734
952
for(char **e = environ; *e != NULL; e++){
735
char *copy = strdup(*e);
736
if(copy == NULL){
737
perror("strdup");
738
continue;
739
}
740
if(not add_environment(p, copy)){
741
perror("add_environment");
953
if(not add_environment(p, *e, false)){
954
error(0, errno, "add_environment");
742
955
}
743
956
}
744
957
}
745
958
746
959
int pipefd[2];
747
ret = pipe(pipefd);
748
if (ret == -1){
749
perror("pipe");
750
exitstatus = EXIT_FAILURE;
751
goto fallback;
752
}
960
#ifndef O_CLOEXEC
961
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
962
#else /* O_CLOEXEC */
963
ret = (int)TEMP_FAILURE_RETRY(pipe2(pipefd, O_CLOEXEC));
964
#endif /* O_CLOEXEC */
965
if(ret == -1){
966
error(0, errno, "pipe");
967
exitstatus = EX_OSERR;
968
free(direntries[i]);
969
goto fallback;
970
}
971
if(pipefd[0] >= FD_SETSIZE){
972
fprintf(stderr, "pipe()[0] (%d) >= FD_SETSIZE (%d)", pipefd[0],
973
FD_SETSIZE);
974
TEMP_FAILURE_RETRY(close(pipefd[0]));
975
TEMP_FAILURE_RETRY(close(pipefd[1]));
976
exitstatus = EX_OSERR;
977
free(direntries[i]);
978
goto fallback;
979
}
980
#ifndef O_CLOEXEC
753
981
/* Ask OS to automatic close the pipe on exec */
754
982
ret = set_cloexec_flag(pipefd[0]);
755
983
if(ret < 0){
756
perror("set_cloexec_flag");
757
exitstatus = EXIT_FAILURE;
984
error(0, errno, "set_cloexec_flag");
985
TEMP_FAILURE_RETRY(close(pipefd[0]));
986
TEMP_FAILURE_RETRY(close(pipefd[1]));
987
exitstatus = EX_OSERR;
988
free(direntries[i]);
758
989
goto fallback;
759
990
}
760
991
ret = set_cloexec_flag(pipefd[1]);
761
992
if(ret < 0){
762
perror("set_cloexec_flag");
763
exitstatus = EXIT_FAILURE;
993
error(0, errno, "set_cloexec_flag");
994
TEMP_FAILURE_RETRY(close(pipefd[0]));
995
TEMP_FAILURE_RETRY(close(pipefd[1]));
996
exitstatus = EX_OSERR;
997
free(direntries[i]);
764
998
goto fallback;
765
999
}
1000
#endif /* not O_CLOEXEC */
766
1001
/* Block SIGCHLD until process is safely in process list */
767
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1002
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
1003
&sigchld_action.sa_mask,
1004
NULL));
768
1005
if(ret < 0){
769
perror("sigprocmask");
770
exitstatus = EXIT_FAILURE;
1006
error(0, errno, "sigprocmask");
1007
exitstatus = EX_OSERR;
1008
free(direntries[i]);
771
1009
goto fallback;
772
1010
}
773
// Starting a new process to be watched
774
pid_t pid = fork();
1011
/* Starting a new process to be watched */
1012
pid_t pid;
1013
do {
1014
pid = fork();
1015
} while(pid == -1 and errno == EINTR);
775
1016
if(pid == -1){
776
perror("fork");
777
exitstatus = EXIT_FAILURE;
1017
error(0, errno, "fork");
1018
TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1019
&sigchld_action.sa_mask, NULL));
1020
TEMP_FAILURE_RETRY(close(pipefd[0]));
1021
TEMP_FAILURE_RETRY(close(pipefd[1]));
1022
exitstatus = EX_OSERR;
1023
free(direntries[i]);
778
1024
goto fallback;
779
1025
}
780
1026
if(pid == 0){
781
1027
/* this is the child process */
782
1028
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
783
1029
if(ret < 0){
784
perror("sigaction");
785
_exit(EXIT_FAILURE);
1030
error(0, errno, "sigaction");
1031
_exit(EX_OSERR);
786
1032
}
787
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1033
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
788
1034
if(ret < 0){
789
perror("sigprocmask");
790
_exit(EXIT_FAILURE);
1035
error(0, errno, "sigprocmask");
1036
_exit(EX_OSERR);
791
1037
}
792
1038
793
1039
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
794
1040
if(ret == -1){
795
perror("dup2");
796
_exit(EXIT_FAILURE);
1041
error(0, errno, "dup2");
1042
_exit(EX_OSERR);
797
1043
}
798
1044
799
if(dirfd(dir) < 0){
800
/* If dir has no file descriptor, we could not set FD_CLOEXEC
801
above and must now close it manually here. */
802
closedir(dir);
803
}
804
if(p->environ[0] == NULL){
805
if(execv(filename, p->argv) < 0){
806
perror("execv");
807
_exit(EXIT_FAILURE);
808
}
809
} else {
810
if(execve(filename, p->argv, p->environ) < 0){
811
perror("execve");
812
_exit(EXIT_FAILURE);
813
}
1045
if(fexecve(plugin_fd, p->argv,
1046
(p->environ[0] != NULL) ? p->environ : environ) < 0){
1047
error(0, errno, "fexecve for %s/%s",
1048
plugindir != NULL ? plugindir : PDIR,
1049
direntries[i]->d_name);
1050
_exit(EX_OSERR);
814
1051
}
815
1052
/* no return */
816
1053
}
817
1054
/* Parent process */
818
close(pipefd[1]); /* Close unused write end of pipe */
819
free(filename);
820
plugin *new_plugin = getplugin(dirst->d_name);
821
if (new_plugin == NULL){
822
perror("getplugin");
823
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1055
TEMP_FAILURE_RETRY(close(pipefd[1])); /* Close unused write end of
1056
pipe */
1057
TEMP_FAILURE_RETRY(close(plugin_fd));
1058
plugin *new_plugin = getplugin(direntries[i]->d_name);
1059
if(new_plugin == NULL){
1060
error(0, errno, "getplugin");
1061
ret = (int)(TEMP_FAILURE_RETRY
1062
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1063
NULL)));
824
1064
if(ret < 0){
825
perror("sigprocmask");
1065
error(0, errno, "sigprocmask");
826
1066
}
827
exitstatus = EXIT_FAILURE;
1067
exitstatus = EX_OSERR;
1068
free(direntries[i]);
828
1069
goto fallback;
829
1070
}
1071
free(direntries[i]);
830
1072
831
1073
new_plugin->pid = pid;
832
1074
new_plugin->fd = pipefd[0];
833
1075
834
1076
/* Unblock SIGCHLD so signal handler can be run if this process
835
1077
has already completed */
836
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1078
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1079
&sigchld_action.sa_mask,
1080
NULL));
837
1081
if(ret < 0){
838
perror("sigprocmask");
839
exitstatus = EXIT_FAILURE;
1082
error(0, errno, "sigprocmask");
1083
exitstatus = EX_OSERR;
840
1084
goto fallback;
841
1085
}
842
1086
843
FD_SET(new_plugin->fd, &rfds_all);
1087
#if defined (__GNUC__) and defined (__GLIBC__)
1088
#if not __GLIBC_PREREQ(2, 16)
1089
#pragma GCC diagnostic push
1090
#pragma GCC diagnostic ignored "-Wsign-conversion"
1091
#endif
1092
#endif
1093
FD_SET(new_plugin->fd, &rfds_all); /* Spurious warning from
1094
-Wconversion in GNU libc
1095
before 2.16 */
1096
#if defined (__GNUC__) and defined (__GLIBC__)
1097
#if not __GLIBC_PREREQ(2, 16)
1098
#pragma GCC diagnostic pop
1099
#endif
1100
#endif
844
1101
845
if (maxfd < new_plugin->fd){
1102
if(maxfd < new_plugin->fd){
846
1103
maxfd = new_plugin->fd;
847
1104
}
848
849
1105
}
850
1106
851
closedir(dir);
852
dir = NULL;
853
1107
free(direntries);
1108
direntries = NULL;
1109
TEMP_FAILURE_RETRY(close(dir_fd));
1110
dir_fd = -1;
1111
free_plugin(getplugin(NULL));
1112
854
1113
for(plugin *p = plugin_list; p != NULL; p = p->next){
855
1114
if(p->pid != 0){
856
1115
break;
861
1120
free_plugin_list();
862
1121
}
863
1122
}
864
1123
865
1124
/* Main loop while running plugins exist */
866
1125
while(plugin_list){
867
1126
fd_set rfds = rfds_all;
868
1127
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
869
if (select_ret == -1){
870
perror("select");
871
exitstatus = EXIT_FAILURE;
1128
if(select_ret == -1 and errno != EINTR){
1129
error(0, errno, "select");
1130
exitstatus = EX_OSERR;
872
1131
goto fallback;
873
1132
}
874
1133
/* OK, now either a process completed, or something can be read
875
1134
from one of them */
876
for(plugin *proc = plugin_list; proc != NULL; proc = proc->next){
1135
for(plugin *proc = plugin_list; proc != NULL;){
877
1136
/* Is this process completely done? */
878
if(proc->eof and proc->completed){
1137
if(proc->completed and proc->eof){
879
1138
/* Only accept the plugin output if it exited cleanly */
880
1139
if(not WIFEXITED(proc->status)
881
1140
or WEXITSTATUS(proc->status) != 0){
882
1141
/* Bad exit by plugin */
883
1142
884
1143
if(debug){
885
1144
if(WIFEXITED(proc->status)){
886
fprintf(stderr, "Plugin %u exited with status %d\n",
887
(unsigned int) (proc->pid),
1145
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1146
" status %d\n", proc->name,
1147
(intmax_t) (proc->pid),
888
1148
WEXITSTATUS(proc->status));
889
} else if(WIFSIGNALED(proc->status)) {
890
fprintf(stderr, "Plugin %u killed by signal %d\n",
891
(unsigned int) (proc->pid),
892
WTERMSIG(proc->status));
1149
} else if(WIFSIGNALED(proc->status)){
1150
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1151
" signal %d: %s\n", proc->name,
1152
(intmax_t) (proc->pid),
1153
WTERMSIG(proc->status),
1154
strsignal(WTERMSIG(proc->status)));
893
1155
} else if(WCOREDUMP(proc->status)){
894
fprintf(stderr, "Plugin %d dumped core\n",
895
(unsigned int) (proc->pid));
1156
fprintf(stderr, "Plugin %s [%" PRIdMAX "] dumped"
1157
" core\n", proc->name, (intmax_t) (proc->pid));
896
1158
}
897
1159
}
898
1160
899
1161
/* Remove the plugin */
900
FD_CLR(proc->fd, &rfds_all);
901
1162
#if defined (__GNUC__) and defined (__GLIBC__)
1163
#if not __GLIBC_PREREQ(2, 16)
1164
#pragma GCC diagnostic push
1165
#pragma GCC diagnostic ignored "-Wsign-conversion"
1166
#endif
1167
#endif
1168
FD_CLR(proc->fd, &rfds_all); /* Spurious warning from
1169
-Wconversion in GNU libc
1170
before 2.16 */
1171
#if defined (__GNUC__) and defined (__GLIBC__)
1172
#if not __GLIBC_PREREQ(2, 16)
1173
#pragma GCC diagnostic pop
1174
#endif
1175
#endif
1176
902
1177
/* Block signal while modifying process_list */
903
ret = sigprocmask(SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1178
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1179
(SIG_BLOCK,
1180
&sigchld_action.sa_mask,
1181
NULL));
904
1182
if(ret < 0){
905
perror("sigprocmask");
906
exitstatus = EXIT_FAILURE;
1183
error(0, errno, "sigprocmask");
1184
exitstatus = EX_OSERR;
907
1185
goto fallback;
908
1186
}
1187
1188
plugin *next_plugin = proc->next;
909
1189
free_plugin(proc);
1190
proc = next_plugin;
1191
910
1192
/* We are done modifying process list, so unblock signal */
911
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask,
912
NULL);
1193
ret = (int)(TEMP_FAILURE_RETRY
1194
(sigprocmask(SIG_UNBLOCK,
1195
&sigchld_action.sa_mask, NULL)));
913
1196
if(ret < 0){
914
perror("sigprocmask");
915
exitstatus = EXIT_FAILURE;
1197
error(0, errno, "sigprocmask");
1198
exitstatus = EX_OSERR;
916
1199
goto fallback;
917
1200
}
918
1201
919
1202
if(plugin_list == NULL){
920
1203
break;
921
1204
}
1205
922
1206
continue;
923
1207
}
924
1208
925
1209
/* This process exited nicely, so print its buffer */
926
1210
927
1211
bool bret = print_out_password(proc->buffer,
928
1212
proc->buffer_length);
929
1213
if(not bret){
930
perror("print_out_password");
931
exitstatus = EXIT_FAILURE;
1214
error(0, errno, "print_out_password");
1215
exitstatus = EX_IOERR;
932
1216
}
933
1217
goto fallback;
934
1218
}
935
1219
936
1220
/* This process has not completed. Does it have any output? */
937
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){
1221
#if defined (__GNUC__) and defined (__GLIBC__)
1222
#if not __GLIBC_PREREQ(2, 16)
1223
#pragma GCC diagnostic push
1224
#pragma GCC diagnostic ignored "-Wsign-conversion"
1225
#endif
1226
#endif
1227
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){ /* Spurious
1228
warning from
1229
-Wconversion
1230
in GNU libc
1231
before
1232
2.16 */
1233
#if defined (__GNUC__) and defined (__GLIBC__)
1234
#if not __GLIBC_PREREQ(2, 16)
1235
#pragma GCC diagnostic pop
1236
#endif
1237
#endif
938
1238
/* This process had nothing to say at this time */
1239
proc = proc->next;
939
1240
continue;
940
1241
}
941
1242
/* Before reading, make the process' data buffer large enough */
942
1243
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
943
proc->buffer = realloc(proc->buffer, proc->buffer_size
944
+ (size_t) BUFFER_SIZE);
945
if (proc->buffer == NULL){
946
perror("malloc");
947
exitstatus = EXIT_FAILURE;
1244
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1245
+ (size_t) BUFFER_SIZE);
1246
if(new_buffer == NULL){
1247
error(0, errno, "malloc");
1248
exitstatus = EX_OSERR;
948
1249
goto fallback;
949
1250
}
1251
proc->buffer = new_buffer;
950
1252
proc->buffer_size += BUFFER_SIZE;
951
1253
}
952
1254
/* Read from the process */
953
ret = read(proc->fd, proc->buffer + proc->buffer_length,
954
BUFFER_SIZE);
955
if(ret < 0){
1255
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1256
proc->buffer
1257
+ proc->buffer_length,
1258
BUFFER_SIZE));
1259
if(sret < 0){
956
1260
/* Read error from this process; ignore the error */
1261
proc = proc->next;
957
1262
continue;
958
1263
}
959
if(ret == 0){
1264
if(sret == 0){
960
1265
/* got EOF */
961
1266
proc->eof = true;
962
1267
} else {
963
proc->buffer_length += (size_t) ret;
1268
proc->buffer_length += (size_t) sret;
964
1269
}
965
1270
}
966
1271
}
967
968
1272
1273
969
1274
fallback:
970
1275
971
if(plugin_list == NULL or exitstatus != EXIT_SUCCESS){
1276
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1277
and exitstatus != EX_OK)){
972
1278
/* Fallback if all plugins failed, none are found or an error
973
1279
occured */
974
1280
bool bret;
975
1281
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
976
1282
char *passwordbuffer = getpass("Password: ");
977
bret = print_out_password(passwordbuffer, strlen(passwordbuffer));
1283
size_t len = strlen(passwordbuffer);
1284
/* Strip trailing newline */
1285
if(len > 0 and passwordbuffer[len-1] == '\n'){
1286
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1287
len--;
1288
}
1289
bret = print_out_password(passwordbuffer, len);
978
1290
if(not bret){
979
perror("print_out_password");
980
exitstatus = EXIT_FAILURE;
1291
error(0, errno, "print_out_password");
1292
exitstatus = EX_IOERR;
981
1293
}
982
1294
}
983
1295
984
1296
/* Restore old signal handler */
985
1297
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
986
1298
if(ret == -1){
987
perror("sigaction");
988
exitstatus = EXIT_FAILURE;
1299
error(0, errno, "sigaction");
1300
exitstatus = EX_OSERR;
989
1301
}
990
1302
991
1303
if(custom_argv != NULL){
992
1304
for(char **arg = custom_argv+1; *arg != NULL; arg++){
993
1305
free(*arg);
995
1307
free(custom_argv);
996
1308
}
997
1309
998
if(dir != NULL){
999
closedir(dir);
1310
free(direntries);
1311
1312
if(dir_fd != -1){
1313
TEMP_FAILURE_RETRY(close(dir_fd));
1000
1314
}
1001
1315
1002
/* Free the process list and kill the processes */
1316
/* Kill the processes */
1003
1317
for(plugin *p = plugin_list; p != NULL; p = p->next){
1004
1318
if(p->pid != 0){
1005
1319
close(p->fd);
1006
1320
ret = kill(p->pid, SIGTERM);
1007
1321
if(ret == -1 and errno != ESRCH){
1008
1322
/* Set-uid proccesses might not get closed */
1009
perror("kill");
1323
error(0, errno, "kill");
1010
1324
}
1011
1325
}
1012
1326
}
1013
1327
1014
1328
/* Wait for any remaining child processes to terminate */
1015
do{
1329
do {
1016
1330
ret = wait(NULL);
1017
1331
} while(ret >= 0);
1018
1332
if(errno != ECHILD){
1019
perror("wait");
1333
error(0, errno, "wait");
1020
1334
}
1021
1335
1022
1336
free_plugin_list();
1023
1337
1024
1338
free(plugindir);
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0