To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to plugin-runner.c
- browse files at revision 237.7.634
- compare with another revision
- download diff
- download tarball
- view history from revision 237.7.634
- Committer: Teddy Hogeborn
- Date: 2019-03-18 22:29:25 UTC
- mto: This revision was merged to the branch mainline in revision 382.
- Revision ID: teddy@recompile.se-20190318222925-jvhek84dgcfgj6g3
mandos-ctl: Refactor tests
* mandos-ctl: Where the clients names "foo" and "barbar" do not refer
to the actual mock clients in the TestCommand class,
change all occurrences of these names to "client1" and
"client2" (or just "client" when only one is used) .
Also change all test doubles to use correct terminology;
some things called mocks are actually stubs or spies,
and rename all true mocks to have "mock" in their names.
Also eliminate duplicate values in tests; derive values
from previously defined values whenever possible.
* mandos-ctl: Where the clients names "foo" and "barbar" do not refer
to the actual mock clients in the TestCommand class,
change all occurrences of these names to "client1" and
"client2" (or just "client" when only one is used) .
Also change all test doubles to use correct terminology;
some things called mocks are actually stubs or spies,
and rename all true mocks to have "mock" in their names.
Also eliminate duplicate values in tests; derive values
from previously defined values whenever possible.
- files added:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- plugin-helpers
- files removed:
- initramfs-tools-hook-conf
- files renamed:
- plugins.d/password-request.c => plugins.d/mandos-client.c
- plugins.d/password-request.xml => plugins.d/mandos-client.xml
- files modified:
- Makefile
added
removed
plugin-runner.c
1
/* -*- coding: utf-8 -*- */
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
2
/*
3
3
* Mandos plugin runner - Run Mandos plugins
4
4
*
5
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
6
*
7
* This program is free software: you can redistribute it and/or
8
* modify it under the terms of the GNU General Public License as
9
* published by the Free Software Foundation, either version 3 of the
10
* License, or (at your option) any later version.
11
*
12
* This program is distributed in the hope that it will be useful, but
5
* Copyright © 2008-2018 Teddy Hogeborn
6
* Copyright © 2008-2018 Björn Påhlsson
7
*
8
* This file is part of Mandos.
9
*
10
* Mandos is free software: you can redistribute it and/or modify it
11
* under the terms of the GNU General Public License as published by
12
* the Free Software Foundation, either version 3 of the License, or
13
* (at your option) any later version.
14
*
15
* Mandos is distributed in the hope that it will be useful, but
13
16
* WITHOUT ANY WARRANTY; without even the implied warranty of
14
17
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15
18
* General Public License for more details.
16
19
*
17
20
* You should have received a copy of the GNU General Public License
18
* along with this program. If not, see
19
* <http://www.gnu.org/licenses/>.
21
* along with Mandos. If not, see <http://www.gnu.org/licenses/>.
20
22
*
21
* Contact the authors at <mandos@fukt.bsnet.se>.
23
* Contact the authors at <mandos@recompile.se>.
22
24
*/
23
25
24
26
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
25
asprintf() */
27
O_CLOEXEC, pipe2() */
26
28
#include <stddef.h> /* size_t, NULL */
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
28
EXIT_SUCCESS, realloc() */
29
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
30
realloc() */
29
31
#include <stdbool.h> /* bool, true, false */
30
#include <stdio.h> /* perror, popen(), fileno(),
31
fprintf(), stderr, STDOUT_FILENO */
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
33
stat, waitpid(), WIFEXITED(),
34
WEXITSTATUS(), wait(), pid_t,
35
uid_t, gid_t, getuid(), getgid(),
36
dirfd() */
32
#include <stdio.h> /* fileno(), fprintf(),
33
stderr, STDOUT_FILENO, fclose() */
34
#include <sys/types.h> /* fstat(), struct stat, waitpid(),
35
WIFEXITED(), WEXITSTATUS(), wait(),
36
pid_t, uid_t, gid_t, getuid(),
37
getgid() */
37
38
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
38
39
FD_SET(), FD_ISSET(), FD_CLR */
39
40
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
40
WEXITSTATUS() */
41
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
41
WEXITSTATUS(), WTERMSIG() */
42
#include <sys/stat.h> /* struct stat, fstat(), S_ISREG() */
42
43
#include <iso646.h> /* and, or, not */
43
#include <dirent.h> /* DIR, struct dirent, opendir(),
44
readdir(), closedir(), dirfd() */
45
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
46
fcntl(), setuid(), setgid(),
47
F_GETFD, F_SETFD, FD_CLOEXEC,
48
access(), pipe(), fork(), close()
49
dup2, STDOUT_FILENO, _exit(),
50
execv(), write(), read(),
51
close() */
44
#include <dirent.h> /* struct dirent, scandirat() */
45
#include <unistd.h> /* fcntl(), F_GETFD, F_SETFD,
46
FD_CLOEXEC, write(), STDOUT_FILENO,
47
struct stat, fstat(), close(),
48
setgid(), setuid(), S_ISREG(),
49
faccessat() pipe2(), fork(),
50
_exit(), dup2(), fexecve(), read()
51
*/
52
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
53
FD_CLOEXEC */
54
#include <string.h> /* strsep, strlen(), asprintf() */
53
FD_CLOEXEC, openat(), scandirat(),
54
pipe2() */
55
#include <string.h> /* strsep, strlen(), strsignal(),
56
strcmp(), strncmp() */
55
57
#include <errno.h> /* errno */
56
58
#include <argp.h> /* struct argp_option, struct
57
59
argp_state, struct argp,
58
60
argp_parse(), ARGP_ERR_UNKNOWN,
59
ARGP_KEY_END, ARGP_KEY_ARG, error_t */
61
ARGP_KEY_END, ARGP_KEY_ARG,
62
error_t */
60
63
#include <signal.h> /* struct sigaction, sigemptyset(),
61
64
sigaddset(), sigaction(),
62
65
sigprocmask(), SIG_BLOCK, SIGCHLD,
63
SIG_UNBLOCK, kill() */
66
SIG_UNBLOCK, kill(), sig_atomic_t
67
*/
64
68
#include <errno.h> /* errno, EBADF */
69
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
70
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
71
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
72
#include <errno.h> /* errno */
73
#include <error.h> /* error() */
74
#include <fnmatch.h> /* fnmatch() */
65
75
66
76
#define BUFFER_SIZE 256
67
#define ARGFILE "/conf/conf.d/mandos/plugin-runner.conf"
68
69
const char *argp_program_version = "plugin-runner 1.0";
70
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
71
72
struct process;
73
74
typedef struct process{
75
pid_t pid;
76
int fd;
77
char *buffer;
78
size_t buffer_size;
79
size_t buffer_length;
80
bool eof;
81
bool completed;
82
int status;
83
struct process *next;
84
} process;
77
78
#define PDIR "/lib/mandos/plugins.d"
79
#define PHDIR "/lib/mandos/plugin-helpers"
80
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
81
82
const char *argp_program_version = "plugin-runner " VERSION;
83
const char *argp_program_bug_address = "<mandos@recompile.se>";
85
84
86
85
typedef struct plugin{
87
86
char *name; /* can be NULL or any plugin name */
90
89
char **environ;
91
90
int envc;
92
91
bool disabled;
92
93
/* Variables used for running processes*/
94
pid_t pid;
95
int fd;
96
char *buffer;
97
size_t buffer_size;
98
size_t buffer_length;
99
bool eof;
100
volatile sig_atomic_t completed;
101
int status;
93
102
struct plugin *next;
94
103
} plugin;
95
104
96
static plugin *getplugin(char *name, plugin **plugin_list){
97
for (plugin *p = *plugin_list; p != NULL; p = p->next){
98
if ((p->name == name)
99
or (p->name and name and (strcmp(p->name, name) == 0))){
105
static plugin *plugin_list = NULL;
106
107
/* Gets an existing plugin based on name,
108
or if none is found, creates a new one */
109
__attribute__((warn_unused_result))
110
static plugin *getplugin(char *name){
111
/* Check for existing plugin with that name */
112
for(plugin *p = plugin_list; p != NULL; p = p->next){
113
if((p->name == name)
114
or (p->name and name and (strcmp(p->name, name) == 0))){
100
115
return p;
101
116
}
102
117
}
103
118
/* Create a new plugin */
104
plugin *new_plugin = malloc(sizeof(plugin));
105
if (new_plugin == NULL){
119
plugin *new_plugin = NULL;
120
do {
121
new_plugin = malloc(sizeof(plugin));
122
} while(new_plugin == NULL and errno == EINTR);
123
if(new_plugin == NULL){
106
124
return NULL;
107
125
}
108
126
char *copy_name = NULL;
109
127
if(name != NULL){
110
copy_name = strdup(name);
111
}
112
if(copy_name == NULL){
113
return NULL;
114
}
115
116
*new_plugin = (plugin) { .name = copy_name,
117
.argc = 1,
118
.envc = 0,
119
.disabled = false,
120
.next = *plugin_list };
121
122
new_plugin->argv = malloc(sizeof(char *) * 2);
123
if (new_plugin->argv == NULL){
128
do {
129
copy_name = strdup(name);
130
} while(copy_name == NULL and errno == EINTR);
131
if(copy_name == NULL){
132
int e = errno;
133
free(new_plugin);
134
errno = e;
135
return NULL;
136
}
137
}
138
139
*new_plugin = (plugin){ .name = copy_name,
140
.argc = 1,
141
.disabled = false,
142
.next = plugin_list };
143
144
do {
145
new_plugin->argv = malloc(sizeof(char *) * 2);
146
} while(new_plugin->argv == NULL and errno == EINTR);
147
if(new_plugin->argv == NULL){
148
int e = errno;
124
149
free(copy_name);
125
150
free(new_plugin);
151
errno = e;
126
152
return NULL;
127
153
}
128
154
new_plugin->argv[0] = copy_name;
129
155
new_plugin->argv[1] = NULL;
130
131
new_plugin->environ = malloc(sizeof(char *));
156
157
do {
158
new_plugin->environ = malloc(sizeof(char *));
159
} while(new_plugin->environ == NULL and errno == EINTR);
132
160
if(new_plugin->environ == NULL){
161
int e = errno;
133
162
free(copy_name);
134
163
free(new_plugin->argv);
135
164
free(new_plugin);
165
errno = e;
136
166
return NULL;
137
167
}
138
168
new_plugin->environ[0] = NULL;
169
139
170
/* Append the new plugin to the list */
140
*plugin_list = new_plugin;
171
plugin_list = new_plugin;
141
172
return new_plugin;
142
173
}
143
174
144
175
/* Helper function for add_argument and add_environment */
176
__attribute__((nonnull, warn_unused_result))
145
177
static bool add_to_char_array(const char *new, char ***array,
146
178
int *len){
147
179
/* Resize the pointed-to array to hold one more pointer */
148
*array = realloc(*array, sizeof(char *)
149
* (size_t) ((*len) + 2));
180
char **new_array = NULL;
181
do {
182
new_array = realloc(*array, sizeof(char *)
183
* (size_t) ((*len) + 2));
184
} while(new_array == NULL and errno == EINTR);
150
185
/* Malloc check */
151
if(*array == NULL){
186
if(new_array == NULL){
152
187
return false;
153
188
}
189
*array = new_array;
154
190
/* Make a copy of the new string */
155
char *copy = strdup(new);
191
char *copy;
192
do {
193
copy = strdup(new);
194
} while(copy == NULL and errno == EINTR);
156
195
if(copy == NULL){
157
196
return false;
158
197
}
165
204
}
166
205
167
206
/* Add to a plugin's argument vector */
207
__attribute__((nonnull(2), warn_unused_result))
168
208
static bool add_argument(plugin *p, const char *arg){
169
209
if(p == NULL){
170
210
return false;
173
213
}
174
214
175
215
/* Add to a plugin's environment */
176
static bool add_environment(plugin *p, const char *def){
216
__attribute__((nonnull(2), warn_unused_result))
217
static bool add_environment(plugin *p, const char *def, bool replace){
177
218
if(p == NULL){
178
219
return false;
179
220
}
221
/* namelen = length of name of environment variable */
222
size_t namelen = (size_t)(strchrnul(def, '=') - def);
223
/* Search for this environment variable */
224
for(char **envdef = p->environ; *envdef != NULL; envdef++){
225
if(strncmp(*envdef, def, namelen + 1) == 0){
226
/* It already exists */
227
if(replace){
228
char *new_envdef;
229
do {
230
new_envdef = realloc(*envdef, strlen(def) + 1);
231
} while(new_envdef == NULL and errno == EINTR);
232
if(new_envdef == NULL){
233
return false;
234
}
235
*envdef = new_envdef;
236
strcpy(*envdef, def);
237
}
238
return true;
239
}
240
}
180
241
return add_to_char_array(def, &(p->environ), &(p->envc));
181
242
}
182
243
183
244
#ifndef O_CLOEXEC
184
245
/*
185
246
* Based on the example in the GNU LibC manual chapter 13.13 "File
186
247
* Descriptor Flags".
187
* *Note File Descriptor Flags:(libc)Descriptor Flags.
248
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
188
249
*/
189
static int set_cloexec_flag(int fd)
190
{
191
int ret = fcntl(fd, F_GETFD, 0);
250
__attribute__((warn_unused_result))
251
static int set_cloexec_flag(int fd){
252
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
192
253
/* If reading the flags failed, return error indication now. */
193
254
if(ret < 0){
194
255
return ret;
195
256
}
196
257
/* Store modified flag word in the descriptor. */
197
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
258
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
259
ret | FD_CLOEXEC));
198
260
}
199
200
process *process_list = NULL;
201
202
/* Mark a process as completed when it exits, and save its exit
261
#endif /* not O_CLOEXEC */
262
263
264
/* Mark processes as completed when they exit, and save their exit
203
265
status. */
204
void handle_sigchld(__attribute__((unused)) int sig){
205
process *proc = process_list;
206
int status;
207
pid_t pid = wait(&status);
208
if(pid == -1){
209
perror("wait");
210
return;
211
}
212
while(proc != NULL and proc->pid != pid){
213
proc = proc->next;
214
}
215
if(proc == NULL){
216
/* Process not found in process list */
217
return;
218
}
219
proc->status = status;
220
proc->completed = true;
266
static void handle_sigchld(__attribute__((unused)) int sig){
267
int old_errno = errno;
268
while(true){
269
plugin *proc = plugin_list;
270
int status;
271
pid_t pid = waitpid(-1, &status, WNOHANG);
272
if(pid == 0){
273
/* Only still running child processes */
274
break;
275
}
276
if(pid == -1){
277
if(errno == ECHILD){
278
/* No child processes */
279
break;
280
}
281
error(0, errno, "waitpid");
282
}
283
284
/* A child exited, find it in process_list */
285
while(proc != NULL and proc->pid != pid){
286
proc = proc->next;
287
}
288
if(proc == NULL){
289
/* Process not found in process list */
290
continue;
291
}
292
proc->status = status;
293
proc->completed = 1;
294
}
295
errno = old_errno;
221
296
}
222
297
223
bool print_out_password(const char *buffer, size_t length){
298
/* Prints out a password to stdout */
299
__attribute__((nonnull, warn_unused_result))
300
static bool print_out_password(const char *buffer, size_t length){
224
301
ssize_t ret;
225
if(length>0 and buffer[length-1] == '\n'){
226
length--;
227
}
228
302
for(size_t written = 0; written < length; written += (size_t)ret){
229
303
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
230
304
length - written));
235
309
return true;
236
310
}
237
311
238
char **add_to_argv(char **argv, int *argc, char *arg){
239
if (argv == NULL){
240
*argc = 1;
241
argv = malloc(sizeof(char*) * 2);
242
if(argv == NULL){
243
return NULL;
312
/* Removes and free a plugin from the plugin list */
313
__attribute__((nonnull))
314
static void free_plugin(plugin *plugin_node){
315
316
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
317
free(*arg);
318
}
319
free(plugin_node->argv);
320
for(char **env = plugin_node->environ; *env != NULL; env++){
321
free(*env);
322
}
323
free(plugin_node->environ);
324
free(plugin_node->buffer);
325
326
/* Removes the plugin from the singly-linked list */
327
if(plugin_node == plugin_list){
328
/* First one - simple */
329
plugin_list = plugin_list->next;
330
} else {
331
/* Second one or later */
332
for(plugin *p = plugin_list; p != NULL; p = p->next){
333
if(p->next == plugin_node){
334
p->next = plugin_node->next;
335
break;
336
}
244
337
}
245
argv[0] = NULL; /* Will be set to argv[0] in main before parsing */
246
argv[1] = NULL;
247
}
248
*argc += 1;
249
argv = realloc(argv, sizeof(char *)
250
* ((unsigned int) *argc + 1));
251
if(argv == NULL){
252
return NULL;
253
}
254
argv[*argc-1] = arg;
255
argv[*argc] = NULL;
256
return argv;
338
}
339
340
free(plugin_node);
257
341
}
258
342
259
static void free_plugin_list(plugin *plugin_list){
260
for(plugin *next = plugin_list; plugin_list != NULL; plugin_list = next){
261
next = plugin_list->next;
262
free(plugin_list->name);
263
for(char **arg = plugin_list->argv; *arg != NULL; arg++){
264
free(*arg);
265
}
266
free(plugin_list->argv);
267
for(char **env = plugin_list->environ; *env != NULL; env++){
268
free(*env);
269
}
270
free(plugin_list->environ);
271
free(plugin_list);
272
}
343
static void free_plugin_list(void){
344
while(plugin_list != NULL){
345
free_plugin(plugin_list);
346
}
273
347
}
274
348
275
349
int main(int argc, char *argv[]){
276
const char *plugindir = "/lib/mandos/plugins.d";
277
const char *argfile = ARGFILE;
350
char *plugindir = NULL;
351
char *pluginhelperdir = NULL;
352
char *argfile = NULL;
278
353
FILE *conffp;
279
size_t d_name_len;
280
DIR *dir = NULL;
281
struct dirent *dirst;
354
struct dirent **direntries = NULL;
282
355
struct stat st;
283
356
fd_set rfds_all;
284
357
int ret, maxfd = 0;
358
ssize_t sret;
285
359
uid_t uid = 65534;
286
360
gid_t gid = 65534;
287
361
bool debug = false;
291
365
.sa_flags = SA_NOCLDSTOP };
292
366
char **custom_argv = NULL;
293
367
int custom_argc = 0;
368
int dir_fd = -1;
294
369
295
370
/* Establish a signal handler */
296
371
sigemptyset(&sigchld_action.sa_mask);
297
372
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
298
373
if(ret == -1){
299
perror("sigaddset");
300
exitstatus = EXIT_FAILURE;
374
error(0, errno, "sigaddset");
375
exitstatus = EX_OSERR;
301
376
goto fallback;
302
377
}
303
378
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
304
379
if(ret == -1){
305
perror("sigaction");
306
exitstatus = EXIT_FAILURE;
380
error(0, errno, "sigaction");
381
exitstatus = EX_OSERR;
307
382
goto fallback;
308
383
}
309
384
312
387
{ .name = "global-options", .key = 'g',
313
388
.arg = "OPTION[,OPTION[,...]]",
314
389
.doc = "Options passed to all plugins" },
315
{ .name = "global-envs", .key = 'e',
390
{ .name = "global-env", .key = 'G',
316
391
.arg = "VAR=value",
317
392
.doc = "Environment variable passed to all plugins" },
318
393
{ .name = "options-for", .key = 'o',
319
394
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
320
395
.doc = "Options passed only to specified plugin" },
321
{ .name = "envs-for", .key = 'f',
396
{ .name = "env-for", .key = 'E',
322
397
.arg = "PLUGIN:ENV=value",
323
398
.doc = "Environment variable passed to specified plugin" },
324
399
{ .name = "disable", .key = 'd',
325
400
.arg = "PLUGIN",
326
401
.doc = "Disable a specific plugin", .group = 1 },
402
{ .name = "enable", .key = 'e',
403
.arg = "PLUGIN",
404
.doc = "Enable a specific plugin", .group = 1 },
327
405
{ .name = "plugin-dir", .key = 128,
328
406
.arg = "DIRECTORY",
329
407
.doc = "Specify a different plugin directory", .group = 2 },
330
{ .name = "userid", .key = 129,
331
.arg = "ID", .flags = 0,
332
.doc = "User ID the plugins will run as", .group = 2 },
333
{ .name = "groupid", .key = 130,
334
.arg = "ID", .flags = 0,
335
.doc = "Group ID the plugins will run as", .group = 2 },
336
{ .name = "debug", .key = 131,
337
.doc = "Debug mode", .group = 3 },
408
{ .name = "config-file", .key = 129,
409
.arg = "FILE",
410
.doc = "Specify a different configuration file", .group = 2 },
411
{ .name = "userid", .key = 130,
412
.arg = "ID", .flags = 0,
413
.doc = "User ID the plugins will run as", .group = 3 },
414
{ .name = "groupid", .key = 131,
415
.arg = "ID", .flags = 0,
416
.doc = "Group ID the plugins will run as", .group = 3 },
417
{ .name = "debug", .key = 132,
418
.doc = "Debug mode", .group = 4 },
419
{ .name = "plugin-helper-dir", .key = 133,
420
.arg = "DIRECTORY",
421
.doc = "Specify a different plugin helper directory",
422
.group = 2 },
423
/*
424
* These reproduce what we would get without ARGP_NO_HELP
425
*/
426
{ .name = "help", .key = '?',
427
.doc = "Give this help list", .group = -1 },
428
{ .name = "usage", .key = -3,
429
.doc = "Give a short usage message", .group = -1 },
430
{ .name = "version", .key = 'V',
431
.doc = "Print program version", .group = -1 },
338
432
{ .name = NULL }
339
433
};
340
434
341
error_t parse_opt (int key, char *arg, struct argp_state *state) {
342
/* Get the INPUT argument from `argp_parse', which we know is a
343
pointer to our plugin list pointer. */
344
plugin **plugins = state->input;
345
switch (key) {
346
case 'g':
347
if (arg != NULL){
348
char *p;
349
while((p = strsep(&arg, ",")) != NULL){
350
if(p[0] == '\0'){
351
continue;
352
}
353
if(not add_argument(getplugin(NULL, plugins), p)){
354
perror("add_argument");
355
return ARGP_ERR_UNKNOWN;
356
}
357
}
358
}
359
break;
360
case 'e':
361
if(arg == NULL){
362
break;
363
}
364
{
365
char *envdef = strdup(arg);
366
if(envdef == NULL){
367
break;
368
}
369
if(not add_environment(getplugin(NULL, plugins), envdef)){
370
perror("add_environment");
371
}
372
}
373
break;
374
case 'o':
375
if (arg != NULL){
376
char *p_name = strsep(&arg, ":");
377
if(p_name[0] == '\0'){
378
break;
379
}
380
char *opt = strsep(&arg, ":");
381
if(opt[0] == '\0'){
382
break;
383
}
384
if(opt != NULL){
385
char *p;
386
while((p = strsep(&opt, ",")) != NULL){
387
if(p[0] == '\0'){
388
continue;
389
}
390
if(not add_argument(getplugin(p_name, plugins), p)){
391
perror("add_argument");
392
return ARGP_ERR_UNKNOWN;
393
}
394
}
395
}
396
}
397
break;
398
case 'f':
399
if(arg == NULL){
400
break;
401
}
435
__attribute__((nonnull(3)))
436
error_t parse_opt(int key, char *arg, struct argp_state *state){
437
errno = 0;
438
switch(key){
439
char *tmp;
440
intmax_t tmp_id;
441
case 'g': /* --global-options */
442
{
443
char *plugin_option;
444
while((plugin_option = strsep(&arg, ",")) != NULL){
445
if(not add_argument(getplugin(NULL), plugin_option)){
446
break;
447
}
448
}
449
errno = 0;
450
}
451
break;
452
case 'G': /* --global-env */
453
if(add_environment(getplugin(NULL), arg, true)){
454
errno = 0;
455
}
456
break;
457
case 'o': /* --options-for */
458
{
459
char *option_list = strchr(arg, ':');
460
if(option_list == NULL){
461
argp_error(state, "No colon in \"%s\"", arg);
462
errno = EINVAL;
463
break;
464
}
465
*option_list = '\0';
466
option_list++;
467
if(arg[0] == '\0'){
468
argp_error(state, "Empty plugin name");
469
errno = EINVAL;
470
break;
471
}
472
char *option;
473
while((option = strsep(&option_list, ",")) != NULL){
474
if(not add_argument(getplugin(arg), option)){
475
break;
476
}
477
}
478
errno = 0;
479
}
480
break;
481
case 'E': /* --env-for */
402
482
{
403
483
char *envdef = strchr(arg, ':');
404
484
if(envdef == NULL){
405
break;
406
}
407
char *p_name = strndup(arg, (size_t) (envdef-arg));
408
if(p_name == NULL){
409
break;
410
}
485
argp_error(state, "No colon in \"%s\"", arg);
486
errno = EINVAL;
487
break;
488
}
489
*envdef = '\0';
411
490
envdef++;
412
if(not add_environment(getplugin(p_name, plugins), envdef)){
413
perror("add_environment");
414
}
415
}
416
break;
417
case 'd':
418
if (arg != NULL){
419
plugin *p = getplugin(arg, plugins);
420
if(p == NULL){
421
return ARGP_ERR_UNKNOWN;
422
}
423
p->disabled = true;
424
}
425
break;
426
case 128:
427
plugindir = arg;
428
break;
429
case 129:
430
uid = (uid_t)strtol(arg, NULL, 10);
431
break;
432
case 130:
433
gid = (gid_t)strtol(arg, NULL, 10);
434
break;
435
case 131:
491
if(arg[0] == '\0'){
492
argp_error(state, "Empty plugin name");
493
errno = EINVAL;
494
break;
495
}
496
if(add_environment(getplugin(arg), envdef, true)){
497
errno = 0;
498
}
499
}
500
break;
501
case 'd': /* --disable */
502
{
503
plugin *p = getplugin(arg);
504
if(p != NULL){
505
p->disabled = true;
506
errno = 0;
507
}
508
}
509
break;
510
case 'e': /* --enable */
511
{
512
plugin *p = getplugin(arg);
513
if(p != NULL){
514
p->disabled = false;
515
errno = 0;
516
}
517
}
518
break;
519
case 128: /* --plugin-dir */
520
free(plugindir);
521
plugindir = strdup(arg);
522
if(plugindir != NULL){
523
errno = 0;
524
}
525
break;
526
case 129: /* --config-file */
527
/* This is already done by parse_opt_config_file() */
528
break;
529
case 130: /* --userid */
530
tmp_id = strtoimax(arg, &tmp, 10);
531
if(errno != 0 or tmp == arg or *tmp != '\0'
532
or tmp_id != (uid_t)tmp_id){
533
argp_error(state, "Bad user ID number: \"%s\", using %"
534
PRIdMAX, arg, (intmax_t)uid);
535
break;
536
}
537
uid = (uid_t)tmp_id;
538
errno = 0;
539
break;
540
case 131: /* --groupid */
541
tmp_id = strtoimax(arg, &tmp, 10);
542
if(errno != 0 or tmp == arg or *tmp != '\0'
543
or tmp_id != (gid_t)tmp_id){
544
argp_error(state, "Bad group ID number: \"%s\", using %"
545
PRIdMAX, arg, (intmax_t)gid);
546
break;
547
}
548
gid = (gid_t)tmp_id;
549
errno = 0;
550
break;
551
case 132: /* --debug */
436
552
debug = true;
437
553
break;
438
case ARGP_KEY_ARG:
439
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
440
break;
441
case ARGP_KEY_END:
442
break;
443
default:
444
return ARGP_ERR_UNKNOWN;
445
}
446
return 0;
447
}
448
449
plugin *plugin_list = NULL;
450
451
struct argp argp = { .options = options, .parser = parse_opt,
452
.args_doc = "[+PLUS_SEPARATED_OPTIONS]",
554
case 133: /* --plugin-helper-dir */
555
free(pluginhelperdir);
556
pluginhelperdir = strdup(arg);
557
if(pluginhelperdir != NULL){
558
errno = 0;
559
}
560
break;
561
/*
562
* These reproduce what we would get without ARGP_NO_HELP
563
*/
564
case '?': /* --help */
565
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
566
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
567
__builtin_unreachable();
568
case -3: /* --usage */
569
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
570
argp_state_help(state, state->out_stream,
571
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
572
__builtin_unreachable();
573
case 'V': /* --version */
574
fprintf(state->out_stream, "%s\n", argp_program_version);
575
exit(EXIT_SUCCESS);
576
break;
577
/*
578
* When adding more options before this line, remember to also add a
579
* "case" to the "parse_opt_config_file" function below.
580
*/
581
case ARGP_KEY_ARG:
582
/* Cryptsetup always passes an argument, which is an empty
583
string if "none" was specified in /etc/crypttab. So if
584
argument was empty, we ignore it silently. */
585
if(arg[0] == '\0'){
586
break;
587
}
588
/* FALLTHROUGH */
589
default:
590
return ARGP_ERR_UNKNOWN;
591
}
592
return errno; /* Set to 0 at start */
593
}
594
595
/* This option parser is the same as parse_opt() above, except it
596
ignores everything but the --config-file option. */
597
error_t parse_opt_config_file(int key, char *arg,
598
__attribute__((unused))
599
struct argp_state *state){
600
errno = 0;
601
switch(key){
602
case 'g': /* --global-options */
603
case 'G': /* --global-env */
604
case 'o': /* --options-for */
605
case 'E': /* --env-for */
606
case 'd': /* --disable */
607
case 'e': /* --enable */
608
case 128: /* --plugin-dir */
609
break;
610
case 129: /* --config-file */
611
free(argfile);
612
argfile = strdup(arg);
613
if(argfile != NULL){
614
errno = 0;
615
}
616
break;
617
case 130: /* --userid */
618
case 131: /* --groupid */
619
case 132: /* --debug */
620
case 133: /* --plugin-helper-dir */
621
case '?': /* --help */
622
case -3: /* --usage */
623
case 'V': /* --version */
624
case ARGP_KEY_ARG:
625
break;
626
default:
627
return ARGP_ERR_UNKNOWN;
628
}
629
return errno;
630
}
631
632
struct argp argp = { .options = options,
633
.parser = parse_opt_config_file,
634
.args_doc = "",
453
635
.doc = "Mandos plugin runner -- Run plugins" };
454
636
455
ret = argp_parse (&argp, argc, argv, 0, 0, &plugin_list);
456
if (ret == ARGP_ERR_UNKNOWN){
457
fprintf(stderr, "Unknown error while parsing arguments\n");
458
exitstatus = EXIT_FAILURE;
459
goto fallback;
460
}
461
462
conffp = fopen(argfile, "r");
637
/* Parse using parse_opt_config_file() in order to get the custom
638
config file location, if any. */
639
ret = argp_parse(&argp, argc, argv,
640
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
641
NULL, NULL);
642
switch(ret){
643
case 0:
644
break;
645
case ENOMEM:
646
default:
647
errno = ret;
648
error(0, errno, "argp_parse");
649
exitstatus = EX_OSERR;
650
goto fallback;
651
case EINVAL:
652
exitstatus = EX_USAGE;
653
goto fallback;
654
}
655
656
/* Reset to the normal argument parser */
657
argp.parser = parse_opt;
658
659
/* Open the configfile if available */
660
if(argfile == NULL){
661
conffp = fopen(AFILE, "r");
662
} else {
663
conffp = fopen(argfile, "r");
664
}
463
665
if(conffp != NULL){
464
666
char *org_line = NULL;
465
667
char *p, *arg, *new_arg, *line;
466
668
size_t size = 0;
467
ssize_t sret;
468
669
const char whitespace_delims[] = " \r\t\f\v\n";
469
670
const char comment_delim[] = "#";
470
671
672
custom_argc = 1;
673
custom_argv = malloc(sizeof(char*) * 2);
674
if(custom_argv == NULL){
675
error(0, errno, "malloc");
676
exitstatus = EX_OSERR;
677
goto fallback;
678
}
679
custom_argv[0] = argv[0];
680
custom_argv[1] = NULL;
681
682
/* for each line in the config file, strip whitespace and ignore
683
commented text */
471
684
while(true){
472
685
sret = getline(&org_line, &size, conffp);
473
686
if(sret == -1){
474
687
break;
475
688
}
476
689
477
690
line = org_line;
478
691
arg = strsep(&line, comment_delim);
479
692
while((p = strsep(&arg, whitespace_delims)) != NULL){
481
694
continue;
482
695
}
483
696
new_arg = strdup(p);
484
custom_argv = add_to_argv(custom_argv, &custom_argc, new_arg);
485
if (custom_argv == NULL){
486
perror("add_to_argv");
487
exitstatus = EXIT_FAILURE;
697
if(new_arg == NULL){
698
error(0, errno, "strdup");
699
exitstatus = EX_OSERR;
700
free(org_line);
488
701
goto fallback;
489
702
}
703
704
custom_argc += 1;
705
{
706
char **new_argv = realloc(custom_argv, sizeof(char *)
707
* ((size_t)custom_argc + 1));
708
if(new_argv == NULL){
709
error(0, errno, "realloc");
710
exitstatus = EX_OSERR;
711
free(new_arg);
712
free(org_line);
713
goto fallback;
714
} else {
715
custom_argv = new_argv;
716
}
717
}
718
custom_argv[custom_argc-1] = new_arg;
719
custom_argv[custom_argc] = NULL;
490
720
}
491
721
}
722
do {
723
ret = fclose(conffp);
724
} while(ret == EOF and errno == EINTR);
725
if(ret == EOF){
726
error(0, errno, "fclose");
727
exitstatus = EX_IOERR;
728
goto fallback;
729
}
492
730
free(org_line);
493
} else{
731
} else {
494
732
/* Check for harmful errors and go to fallback. Other errors might
495
733
not affect opening plugins */
496
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
497
perror("fopen");
498
exitstatus = EXIT_FAILURE;
734
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
735
error(0, errno, "fopen");
736
exitstatus = EX_OSERR;
499
737
goto fallback;
500
738
}
501
739
}
502
740
/* If there were any arguments from the configuration file, pass
741
them to parser as command line arguments */
503
742
if(custom_argv != NULL){
504
custom_argv[0] = argv[0];
505
ret = argp_parse (&argp, custom_argc, custom_argv, 0, 0, &plugin_list);
506
if (ret == ARGP_ERR_UNKNOWN){
507
fprintf(stderr, "Unknown error while parsing arguments\n");
508
exitstatus = EXIT_FAILURE;
509
goto fallback;
743
ret = argp_parse(&argp, custom_argc, custom_argv,
744
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
745
NULL, NULL);
746
switch(ret){
747
case 0:
748
break;
749
case ENOMEM:
750
default:
751
errno = ret;
752
error(0, errno, "argp_parse");
753
exitstatus = EX_OSERR;
754
goto fallback;
755
case EINVAL:
756
exitstatus = EX_CONFIG;
757
goto fallback;
758
}
759
}
760
761
/* Parse actual command line arguments, to let them override the
762
config file */
763
ret = argp_parse(&argp, argc, argv,
764
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
765
NULL, NULL);
766
switch(ret){
767
case 0:
768
break;
769
case ENOMEM:
770
default:
771
errno = ret;
772
error(0, errno, "argp_parse");
773
exitstatus = EX_OSERR;
774
goto fallback;
775
case EINVAL:
776
exitstatus = EX_USAGE;
777
goto fallback;
778
}
779
780
{
781
char *pluginhelperenv;
782
bool bret = true;
783
ret = asprintf(&pluginhelperenv, "MANDOSPLUGINHELPERDIR=%s",
784
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
785
if(ret != -1){
786
bret = add_environment(getplugin(NULL), pluginhelperenv, true);
787
}
788
if(ret == -1 or not bret){
789
error(0, errno, "Failed to set MANDOSPLUGINHELPERDIR"
790
" environment variable to \"%s\" for all plugins\n",
791
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
792
}
793
if(ret != -1){
794
free(pluginhelperenv);
510
795
}
511
796
}
512
797
513
798
if(debug){
514
for(plugin *p = plugin_list; p != NULL; p=p->next){
799
for(plugin *p = plugin_list; p != NULL; p = p->next){
515
800
fprintf(stderr, "Plugin: %s has %d arguments\n",
516
801
p->name ? p->name : "Global", p->argc - 1);
517
802
for(char **a = p->argv; *a != NULL; a++){
518
803
fprintf(stderr, "\tArg: %s\n", *a);
519
804
}
520
fprintf(stderr, "...and %u environment variables\n", p->envc);
805
fprintf(stderr, "...and %d environment variables\n", p->envc);
521
806
for(char **a = p->environ; *a != NULL; a++){
522
807
fprintf(stderr, "\t%s\n", *a);
523
808
}
524
809
}
525
810
}
526
811
812
if(getuid() == 0){
813
/* Work around Debian bug #633582:
814
<https://bugs.debian.org/633582> */
815
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
816
if(plugindir_fd == -1){
817
if(errno != ENOENT){
818
error(0, errno, "open(\"" PDIR "\")");
819
}
820
} else {
821
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
822
if(ret == -1){
823
error(0, errno, "fstat");
824
} else {
825
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
826
ret = fchown(plugindir_fd, uid, gid);
827
if(ret == -1){
828
error(0, errno, "fchown");
829
}
830
}
831
}
832
close(plugindir_fd);
833
}
834
}
835
836
/* Lower permissions */
837
ret = setgid(gid);
838
if(ret == -1){
839
error(0, errno, "setgid");
840
}
527
841
ret = setuid(uid);
528
if (ret == -1){
529
perror("setuid");
530
}
531
532
setgid(gid);
533
if (ret == -1){
534
perror("setgid");
535
}
536
537
dir = opendir(plugindir);
538
if(dir == NULL){
539
perror("Could not open plugin dir");
540
exitstatus = EXIT_FAILURE;
541
goto fallback;
542
}
543
544
/* Set the FD_CLOEXEC flag on the directory, if possible */
842
if(ret == -1){
843
error(0, errno, "setuid");
844
}
845
846
/* Open plugin directory with close_on_exec flag */
545
847
{
546
int dir_fd = dirfd(dir);
547
if(dir_fd >= 0){
548
ret = set_cloexec_flag(dir_fd);
549
if(ret < 0){
550
perror("set_cloexec_flag");
551
exitstatus = EXIT_FAILURE;
552
goto fallback;
848
dir_fd = open(plugindir != NULL ? plugindir : PDIR, O_RDONLY |
849
#ifdef O_CLOEXEC
850
O_CLOEXEC
851
#else /* not O_CLOEXEC */
852
0
853
#endif /* not O_CLOEXEC */
854
);
855
if(dir_fd == -1){
856
error(0, errno, "Could not open plugin dir");
857
exitstatus = EX_UNAVAILABLE;
858
goto fallback;
859
}
860
861
#ifndef O_CLOEXEC
862
/* Set the FD_CLOEXEC flag on the directory */
863
ret = set_cloexec_flag(dir_fd);
864
if(ret < 0){
865
error(0, errno, "set_cloexec_flag");
866
exitstatus = EX_OSERR;
867
goto fallback;
868
}
869
#endif /* O_CLOEXEC */
870
}
871
872
int good_name(const struct dirent * const dirent){
873
const char * const patterns[] = { ".*", "#*#", "*~", "*.dpkg-new",
874
"*.dpkg-old", "*.dpkg-bak",
875
"*.dpkg-divert", NULL };
876
#ifdef __GNUC__
877
#pragma GCC diagnostic push
878
#pragma GCC diagnostic ignored "-Wcast-qual"
879
#endif
880
for(const char **pat = (const char **)patterns;
881
*pat != NULL; pat++){
882
#ifdef __GNUC__
883
#pragma GCC diagnostic pop
884
#endif
885
if(fnmatch(*pat, dirent->d_name, FNM_FILE_NAME | FNM_PERIOD)
886
!= FNM_NOMATCH){
887
if(debug){
888
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
889
" matching pattern %s\n", dirent->d_name, *pat);
890
}
891
return 0;
553
892
}
554
893
}
894
return 1;
895
}
896
897
int numplugins = scandirat(dir_fd, ".", &direntries, good_name,
898
alphasort);
899
if(numplugins == -1){
900
error(0, errno, "Could not scan plugin dir");
901
direntries = NULL;
902
exitstatus = EX_OSERR;
903
goto fallback;
555
904
}
556
905
557
906
FD_ZERO(&rfds_all);
558
907
559
while(true){
560
dirst = readdir(dir);
561
562
// All directory entries have been processed
563
if(dirst == NULL){
564
if (errno == EBADF){
565
perror("readdir");
566
exitstatus = EXIT_FAILURE;
567
goto fallback;
568
}
569
break;
570
}
571
572
d_name_len = strlen(dirst->d_name);
573
574
// Ignore dotfiles, backup files and other junk
575
{
576
bool bad_name = false;
577
578
const char const *bad_prefixes[] = { ".", "#", NULL };
579
580
const char const *bad_suffixes[] = { "~", "#", ".dpkg-new",
581
".dpkg-old",
582
".dpkg-divert", NULL };
583
for(const char **pre = bad_prefixes; *pre != NULL; pre++){
584
size_t pre_len = strlen(*pre);
585
if((d_name_len >= pre_len)
586
and strncmp((dirst->d_name), *pre, pre_len) == 0){
587
if(debug){
588
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
589
" with bad prefix %s\n", dirst->d_name, *pre);
590
}
591
bad_name = true;
592
break;
593
}
594
}
595
596
if(bad_name){
597
continue;
598
}
599
600
for(const char **suf = bad_suffixes; *suf != NULL; suf++){
601
size_t suf_len = strlen(*suf);
602
if((d_name_len >= suf_len)
603
and (strcmp((dirst->d_name)+d_name_len-suf_len, *suf)
604
== 0)){
605
if(debug){
606
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
607
" with bad suffix %s\n", dirst->d_name, *suf);
608
}
609
bad_name = true;
610
break;
611
}
612
}
613
614
if(bad_name){
615
continue;
616
}
617
}
618
619
char *filename;
620
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name);
621
if(ret < 0){
622
perror("asprintf");
623
continue;
624
}
625
626
ret = stat(filename, &st);
627
if (ret == -1){
628
perror("stat");
629
free(filename);
630
continue;
631
}
632
633
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){
908
/* Read and execute any executable in the plugin directory*/
909
for(int i = 0; i < numplugins; i++){
910
911
int plugin_fd = openat(dir_fd, direntries[i]->d_name, O_RDONLY);
912
if(plugin_fd == -1){
913
error(0, errno, "Could not open plugin");
914
free(direntries[i]);
915
continue;
916
}
917
ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
918
if(ret == -1){
919
error(0, errno, "stat");
920
close(plugin_fd);
921
free(direntries[i]);
922
continue;
923
}
924
925
/* Ignore non-executable files */
926
if(not S_ISREG(st.st_mode)
927
or (TEMP_FAILURE_RETRY(faccessat(dir_fd, direntries[i]->d_name,
928
X_OK, 0)) != 0)){
634
929
if(debug){
635
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
636
" with bad type or mode\n", filename);
930
fprintf(stderr, "Ignoring plugin dir entry \"%s/%s\""
931
" with bad type or mode\n",
932
plugindir != NULL ? plugindir : PDIR,
933
direntries[i]->d_name);
637
934
}
638
free(filename);
935
close(plugin_fd);
936
free(direntries[i]);
639
937
continue;
640
938
}
641
plugin *p = getplugin(dirst->d_name, &plugin_list);
939
940
plugin *p = getplugin(direntries[i]->d_name);
642
941
if(p == NULL){
643
perror("getplugin");
644
free(filename);
942
error(0, errno, "getplugin");
943
close(plugin_fd);
944
free(direntries[i]);
645
945
continue;
646
946
}
647
947
if(p->disabled){
648
948
if(debug){
649
949
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
650
dirst->d_name);
950
direntries[i]->d_name);
651
951
}
652
free(filename);
952
close(plugin_fd);
953
free(direntries[i]);
653
954
continue;
654
955
}
655
956
{
656
957
/* Add global arguments to argument list for this plugin */
657
plugin *g = getplugin(NULL, &plugin_list);
958
plugin *g = getplugin(NULL);
658
959
if(g != NULL){
659
960
for(char **a = g->argv + 1; *a != NULL; a++){
660
961
if(not add_argument(p, *a)){
661
perror("add_argument");
962
error(0, errno, "add_argument");
662
963
}
663
964
}
664
965
/* Add global environment variables */
665
966
for(char **e = g->environ; *e != NULL; e++){
666
if(not add_environment(p, *e)){
667
perror("add_environment");
967
if(not add_environment(p, *e, false)){
968
error(0, errno, "add_environment");
668
969
}
669
970
}
670
971
}
671
972
}
672
/* If this plugin has any environment variables, we will call
673
using execve and need to duplicate the environment from this
674
process, too. */
973
/* If this plugin has any environment variables, we need to
974
duplicate the environment from this process, too. */
675
975
if(p->environ[0] != NULL){
676
976
for(char **e = environ; *e != NULL; e++){
677
char *copy = strdup(*e);
678
if(copy == NULL){
679
perror("strdup");
680
continue;
681
}
682
if(not add_environment(p, copy)){
683
perror("add_environment");
977
if(not add_environment(p, *e, false)){
978
error(0, errno, "add_environment");
684
979
}
685
980
}
686
981
}
687
982
688
int pipefd[2];
689
ret = pipe(pipefd);
690
if (ret == -1){
691
perror("pipe");
692
exitstatus = EXIT_FAILURE;
693
goto fallback;
694
}
983
int pipefd[2];
984
#ifndef O_CLOEXEC
985
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
986
#else /* O_CLOEXEC */
987
ret = (int)TEMP_FAILURE_RETRY(pipe2(pipefd, O_CLOEXEC));
988
#endif /* O_CLOEXEC */
989
if(ret == -1){
990
error(0, errno, "pipe");
991
exitstatus = EX_OSERR;
992
free(direntries[i]);
993
goto fallback;
994
}
995
if(pipefd[0] >= FD_SETSIZE){
996
fprintf(stderr, "pipe()[0] (%d) >= FD_SETSIZE (%d)", pipefd[0],
997
FD_SETSIZE);
998
close(pipefd[0]);
999
close(pipefd[1]);
1000
exitstatus = EX_OSERR;
1001
free(direntries[i]);
1002
goto fallback;
1003
}
1004
#ifndef O_CLOEXEC
1005
/* Ask OS to automatic close the pipe on exec */
695
1006
ret = set_cloexec_flag(pipefd[0]);
696
1007
if(ret < 0){
697
perror("set_cloexec_flag");
698
exitstatus = EXIT_FAILURE;
1008
error(0, errno, "set_cloexec_flag");
1009
close(pipefd[0]);
1010
close(pipefd[1]);
1011
exitstatus = EX_OSERR;
1012
free(direntries[i]);
699
1013
goto fallback;
700
1014
}
701
1015
ret = set_cloexec_flag(pipefd[1]);
702
1016
if(ret < 0){
703
perror("set_cloexec_flag");
704
exitstatus = EXIT_FAILURE;
1017
error(0, errno, "set_cloexec_flag");
1018
close(pipefd[0]);
1019
close(pipefd[1]);
1020
exitstatus = EX_OSERR;
1021
free(direntries[i]);
705
1022
goto fallback;
706
1023
}
1024
#endif /* not O_CLOEXEC */
707
1025
/* Block SIGCHLD until process is safely in process list */
708
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1026
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
1027
&sigchld_action.sa_mask,
1028
NULL));
709
1029
if(ret < 0){
710
perror("sigprocmask");
711
exitstatus = EXIT_FAILURE;
1030
error(0, errno, "sigprocmask");
1031
exitstatus = EX_OSERR;
1032
free(direntries[i]);
712
1033
goto fallback;
713
1034
}
714
// Starting a new process to be watched
715
pid_t pid = fork();
1035
/* Starting a new process to be watched */
1036
pid_t pid;
1037
do {
1038
pid = fork();
1039
} while(pid == -1 and errno == EINTR);
716
1040
if(pid == -1){
717
perror("fork");
718
exitstatus = EXIT_FAILURE;
1041
error(0, errno, "fork");
1042
TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1043
&sigchld_action.sa_mask, NULL));
1044
close(pipefd[0]);
1045
close(pipefd[1]);
1046
exitstatus = EX_OSERR;
1047
free(direntries[i]);
719
1048
goto fallback;
720
1049
}
721
1050
if(pid == 0){
722
1051
/* this is the child process */
723
1052
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
724
1053
if(ret < 0){
725
perror("sigaction");
726
_exit(EXIT_FAILURE);
1054
error(0, errno, "sigaction");
1055
_exit(EX_OSERR);
727
1056
}
728
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1057
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
729
1058
if(ret < 0){
730
perror("sigprocmask");
731
_exit(EXIT_FAILURE);
1059
error(0, errno, "sigprocmask");
1060
_exit(EX_OSERR);
732
1061
}
733
1062
734
1063
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
735
1064
if(ret == -1){
736
perror("dup2");
737
_exit(EXIT_FAILURE);
1065
error(0, errno, "dup2");
1066
_exit(EX_OSERR);
738
1067
}
739
1068
740
if(dirfd(dir) < 0){
741
/* If dir has no file descriptor, we could not set FD_CLOEXEC
742
above and must now close it manually here. */
743
closedir(dir);
744
}
745
if(p->environ[0] == NULL){
746
if(execv(filename, p->argv) < 0){
747
perror("execv");
748
_exit(EXIT_FAILURE);
749
}
750
} else {
751
if(execve(filename, p->argv, p->environ) < 0){
752
perror("execve");
753
_exit(EXIT_FAILURE);
754
}
1069
if(fexecve(plugin_fd, p->argv,
1070
(p->environ[0] != NULL) ? p->environ : environ) < 0){
1071
error(0, errno, "fexecve for %s/%s",
1072
plugindir != NULL ? plugindir : PDIR,
1073
direntries[i]->d_name);
1074
_exit(EX_OSERR);
755
1075
}
756
1076
/* no return */
757
1077
}
758
/* parent process */
759
free(filename);
760
close(pipefd[1]); /* close unused write end of pipe */
761
process *new_process = malloc(sizeof(process));
762
if (new_process == NULL){
763
perror("malloc");
764
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1078
/* Parent process */
1079
close(pipefd[1]); /* Close unused write end of pipe */
1080
close(plugin_fd);
1081
plugin *new_plugin = getplugin(direntries[i]->d_name);
1082
if(new_plugin == NULL){
1083
error(0, errno, "getplugin");
1084
ret = (int)(TEMP_FAILURE_RETRY
1085
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1086
NULL)));
765
1087
if(ret < 0){
766
perror("sigprocmask");
1088
error(0, errno, "sigprocmask");
767
1089
}
768
exitstatus = EXIT_FAILURE;
1090
exitstatus = EX_OSERR;
1091
free(direntries[i]);
769
1092
goto fallback;
770
1093
}
1094
free(direntries[i]);
771
1095
772
*new_process = (struct process){ .pid = pid,
773
.fd = pipefd[0],
774
.next = process_list };
775
// List handling
776
process_list = new_process;
1096
new_plugin->pid = pid;
1097
new_plugin->fd = pipefd[0];
1098
1099
if(debug){
1100
fprintf(stderr, "Plugin %s started (PID %" PRIdMAX ")\n",
1101
new_plugin->name, (intmax_t) (new_plugin->pid));
1102
}
1103
777
1104
/* Unblock SIGCHLD so signal handler can be run if this process
778
1105
has already completed */
779
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1106
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1107
&sigchld_action.sa_mask,
1108
NULL));
780
1109
if(ret < 0){
781
perror("sigprocmask");
782
exitstatus = EXIT_FAILURE;
1110
error(0, errno, "sigprocmask");
1111
exitstatus = EX_OSERR;
783
1112
goto fallback;
784
1113
}
785
1114
786
FD_SET(new_process->fd, &rfds_all);
787
788
if (maxfd < new_process->fd){
789
maxfd = new_process->fd;
790
}
791
792
}
793
794
free_plugin_list(plugin_list);
795
796
closedir(dir);
797
dir = NULL;
798
799
if (process_list == NULL){
800
fprintf(stderr, "No plugin processes started. Incorrect plugin"
801
" directory?\n");
802
process_list = NULL;
803
}
804
while(process_list){
1115
FD_SET(new_plugin->fd, &rfds_all);
1116
1117
if(maxfd < new_plugin->fd){
1118
maxfd = new_plugin->fd;
1119
}
1120
}
1121
1122
free(direntries);
1123
direntries = NULL;
1124
close(dir_fd);
1125
dir_fd = -1;
1126
free_plugin(getplugin(NULL));
1127
1128
for(plugin *p = plugin_list; p != NULL; p = p->next){
1129
if(p->pid != 0){
1130
break;
1131
}
1132
if(p->next == NULL){
1133
fprintf(stderr, "No plugin processes started. Incorrect plugin"
1134
" directory?\n");
1135
free_plugin_list();
1136
}
1137
}
1138
1139
/* Main loop while running plugins exist */
1140
while(plugin_list){
805
1141
fd_set rfds = rfds_all;
806
1142
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
807
if (select_ret == -1){
808
perror("select");
809
exitstatus = EXIT_FAILURE;
1143
if(select_ret == -1 and errno != EINTR){
1144
error(0, errno, "select");
1145
exitstatus = EX_OSERR;
810
1146
goto fallback;
811
1147
}
812
1148
/* OK, now either a process completed, or something can be read
813
1149
from one of them */
814
for(process *proc = process_list; proc ; proc = proc->next){
1150
for(plugin *proc = plugin_list; proc != NULL;){
815
1151
/* Is this process completely done? */
816
if(proc->eof and proc->completed){
1152
if(proc->completed and proc->eof){
817
1153
/* Only accept the plugin output if it exited cleanly */
818
1154
if(not WIFEXITED(proc->status)
819
1155
or WEXITSTATUS(proc->status) != 0){
820
1156
/* Bad exit by plugin */
1157
821
1158
if(debug){
822
1159
if(WIFEXITED(proc->status)){
823
fprintf(stderr, "Plugin %u exited with status %d\n",
824
(unsigned int) (proc->pid),
1160
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1161
" status %d\n", proc->name,
1162
(intmax_t) (proc->pid),
825
1163
WEXITSTATUS(proc->status));
826
} else if(WIFSIGNALED(proc->status)) {
827
fprintf(stderr, "Plugin %u killed by signal %d\n",
828
(unsigned int) (proc->pid),
829
WTERMSIG(proc->status));
830
} else if(WCOREDUMP(proc->status)){
831
fprintf(stderr, "Plugin %d dumped core\n",
832
(unsigned int) (proc->pid));
1164
} else if(WIFSIGNALED(proc->status)){
1165
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1166
" signal %d: %s\n", proc->name,
1167
(intmax_t) (proc->pid),
1168
WTERMSIG(proc->status),
1169
strsignal(WTERMSIG(proc->status)));
833
1170
}
834
1171
}
1172
835
1173
/* Remove the plugin */
836
1174
FD_CLR(proc->fd, &rfds_all);
1175
837
1176
/* Block signal while modifying process_list */
838
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1177
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1178
(SIG_BLOCK,
1179
&sigchld_action.sa_mask,
1180
NULL));
839
1181
if(ret < 0){
840
perror("sigprocmask");
841
exitstatus = EXIT_FAILURE;
1182
error(0, errno, "sigprocmask");
1183
exitstatus = EX_OSERR;
842
1184
goto fallback;
843
1185
}
844
/* Delete this process entry from the list */
845
if(process_list == proc){
846
/* First one - simple */
847
process_list = proc->next;
848
} else {
849
/* Second one or later */
850
for(process *p = process_list; p != NULL; p = p->next){
851
if(p->next == proc){
852
p->next = proc->next;
853
break;
854
}
855
}
856
}
1186
1187
plugin *next_plugin = proc->next;
1188
free_plugin(proc);
1189
proc = next_plugin;
1190
857
1191
/* We are done modifying process list, so unblock signal */
858
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask,
859
NULL);
1192
ret = (int)(TEMP_FAILURE_RETRY
1193
(sigprocmask(SIG_UNBLOCK,
1194
&sigchld_action.sa_mask, NULL)));
860
1195
if(ret < 0){
861
perror("sigprocmask");
862
}
863
free(proc->buffer);
864
free(proc);
865
/* We deleted this process from the list, so we can't go
866
proc->next. Therefore, start over from the beginning of
867
the process list */
868
break;
1196
error(0, errno, "sigprocmask");
1197
exitstatus = EX_OSERR;
1198
goto fallback;
1199
}
1200
1201
if(plugin_list == NULL){
1202
break;
1203
}
1204
1205
continue;
869
1206
}
1207
870
1208
/* This process exited nicely, so print its buffer */
871
872
bool bret = print_out_password(proc->buffer, proc->buffer_length);
1209
1210
bool bret = print_out_password(proc->buffer,
1211
proc->buffer_length);
873
1212
if(not bret){
874
perror("print_out_password");
875
exitstatus = EXIT_FAILURE;
1213
error(0, errno, "print_out_password");
1214
exitstatus = EX_IOERR;
876
1215
}
877
1216
goto fallback;
878
1217
}
1218
879
1219
/* This process has not completed. Does it have any output? */
880
1220
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){
881
1221
/* This process had nothing to say at this time */
1222
proc = proc->next;
882
1223
continue;
883
1224
}
884
1225
/* Before reading, make the process' data buffer large enough */
885
1226
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
886
proc->buffer = realloc(proc->buffer, proc->buffer_size
887
+ (size_t) BUFFER_SIZE);
888
if (proc->buffer == NULL){
889
perror("malloc");
890
exitstatus = EXIT_FAILURE;
1227
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1228
+ (size_t) BUFFER_SIZE);
1229
if(new_buffer == NULL){
1230
error(0, errno, "malloc");
1231
exitstatus = EX_OSERR;
891
1232
goto fallback;
892
1233
}
1234
proc->buffer = new_buffer;
893
1235
proc->buffer_size += BUFFER_SIZE;
894
1236
}
895
1237
/* Read from the process */
896
ret = read(proc->fd, proc->buffer + proc->buffer_length,
897
BUFFER_SIZE);
898
if(ret < 0){
1238
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1239
proc->buffer
1240
+ proc->buffer_length,
1241
BUFFER_SIZE));
1242
if(sret < 0){
899
1243
/* Read error from this process; ignore the error */
1244
proc = proc->next;
900
1245
continue;
901
1246
}
902
if(ret == 0){
1247
if(sret == 0){
903
1248
/* got EOF */
904
1249
proc->eof = true;
905
1250
} else {
906
proc->buffer_length += (size_t) ret;
1251
proc->buffer_length += (size_t) sret;
907
1252
}
908
1253
}
909
1254
}
910
911
1255
1256
912
1257
fallback:
913
1258
914
if(process_list == NULL or exitstatus != EXIT_SUCCESS){
915
/* Fallback if all plugins failed, none are found or an error occured */
1259
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1260
and exitstatus != EX_OK)){
1261
/* Fallback if all plugins failed, none are found or an error
1262
occured */
916
1263
bool bret;
917
1264
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
918
1265
char *passwordbuffer = getpass("Password: ");
919
bret = print_out_password(passwordbuffer, strlen(passwordbuffer));
1266
size_t len = strlen(passwordbuffer);
1267
/* Strip trailing newline */
1268
if(len > 0 and passwordbuffer[len-1] == '\n'){
1269
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1270
len--;
1271
}
1272
bret = print_out_password(passwordbuffer, len);
920
1273
if(not bret){
921
perror("print_out_password");
922
exitstatus = EXIT_FAILURE;
1274
error(0, errno, "print_out_password");
1275
exitstatus = EX_IOERR;
923
1276
}
924
1277
}
925
1278
926
1279
/* Restore old signal handler */
927
1280
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
928
1281
if(ret == -1){
929
perror("sigaction");
930
exitstatus = EXIT_FAILURE;
1282
error(0, errno, "sigaction");
1283
exitstatus = EX_OSERR;
931
1284
}
932
1285
933
1286
if(custom_argv != NULL){
934
for(char **arg = custom_argv; *arg != NULL; arg++){
1287
for(char **arg = custom_argv+1; *arg != NULL; arg++){
935
1288
free(*arg);
936
1289
}
937
1290
free(custom_argv);
938
1291
}
939
free_plugin_list(plugin_list);
940
941
if(dir != NULL){
942
closedir(dir);
1292
1293
free(direntries);
1294
1295
if(dir_fd != -1){
1296
close(dir_fd);
943
1297
}
944
1298
945
/* Free the process list and kill the processes */
946
for(process *next; process_list != NULL; process_list = next){
947
next = process_list->next;
948
close(process_list->fd);
949
ret = kill(process_list->pid, SIGTERM);
950
if(ret == -1 and errno != ESRCH){
951
/* set-uid proccesses migth not get closed */
952
perror("kill");
1299
/* Kill the processes */
1300
for(plugin *p = plugin_list; p != NULL; p = p->next){
1301
if(p->pid != 0){
1302
close(p->fd);
1303
ret = kill(p->pid, SIGTERM);
1304
if(ret == -1 and errno != ESRCH){
1305
/* Set-uid proccesses might not get closed */
1306
error(0, errno, "kill");
1307
}
953
1308
}
954
free(process_list->buffer);
955
free(process_list);
956
1309
}
957
1310
958
1311
/* Wait for any remaining child processes to terminate */
959
do{
1312
do {
960
1313
ret = wait(NULL);
961
1314
} while(ret >= 0);
962
1315
if(errno != ECHILD){
963
perror("wait");
1316
error(0, errno, "wait");
964
1317
}
965
1318
1319
free_plugin_list();
1320
1321
free(plugindir);
1322
free(pluginhelperdir);
1323
free(argfile);
1324
966
1325
return exitstatus;
967
1326
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0