1
/* -*- coding: utf-8; lexical-binding: t -*- */
1
/* -*- mode: c; coding: utf-8; after-save-hook: (lambda () (let* ((find-build-directory (lambda (try-directory &optional base-directory) (let ((base-directory (or base-directory try-directory))) (cond ((equal try-directory "/") base-directory) ((file-readable-p (concat (file-name-as-directory try-directory) "Makefile")) try-directory) ((funcall find-build-directory (directory-file-name (file-name-directory try-directory)) base-directory)))))) (build-directory (funcall find-build-directory (buffer-file-name))) (local-build-directory (if (fboundp 'file-local-name) (file-local-name build-directory) (or (file-remote-p build-directory 'localname) build-directory))) (command (file-relative-name (file-name-sans-extension (buffer-file-name)) build-directory))) (pcase (progn (if (get-buffer "*Test*") (kill-buffer "*Test*")) (process-file-shell-command (let ((qbdir (shell-quote-argument local-build-directory)) (qcmd (shell-quote-argument command))) (format "cd %s && CFLAGS=-Werror make --silent %s && %s --test --verbose" qbdir qcmd qcmd)) nil "*Test*")) (0 (let ((w (get-buffer-window "*Test*"))) (if w (delete-window w)))) (_ (with-current-buffer "*Test*" (compilation-mode) (cd-absolute build-directory)) (display-buffer "*Test*" '(display-buffer-in-side-window)))))); -*- */
3
3
* Mandos password agent - Simple password agent to run Mandos client
5
* Copyright © 2019-2022 Teddy Hogeborn
6
* Copyright © 2019-2022 Björn Påhlsson
5
* Copyright © 2019-2020 Teddy Hogeborn
6
* Copyright © 2019-2020 Björn Påhlsson
8
8
* This file is part of Mandos.
23
23
* Contact the authors at <mandos@recompile.se>.
26
#define _GNU_SOURCE /* pipe2(), O_CLOEXEC, setresgid(),
27
setresuid(), asprintf(), getline(),
29
#include <inttypes.h> /* uintmax_t, strtoumax(), PRIuMAX,
30
PRIdMAX, intmax_t, uint32_t,
31
SCNx32, SCNuMAX, SCNxMAX */
32
#include <stddef.h> /* size_t, NULL */
27
#include <inttypes.h> /* uintmax_t, PRIuMAX, PRIdMAX,
28
intmax_t, uint32_t, SCNx32,
30
#include <stddef.h> /* size_t */
33
31
#include <sys/types.h> /* pid_t, uid_t, gid_t, getuid(),
35
33
#include <stdbool.h> /* bool, true, false */
42
40
NSIG, sigismember(), SA_ONSTACK,
43
41
SIG_DFL, SIG_IGN, SIGINT, SIGQUIT,
44
42
SIGHUP, SIGSTOP, SIG_UNBLOCK */
45
#include <unistd.h> /* uid_t, gid_t, close(), pipe2(),
46
fork(), _exit(), dup2(),
47
STDOUT_FILENO, setresgid(),
48
setresuid(), execv(), ssize_t,
49
read(), dup3(), getuid(), dup(),
50
STDERR_FILENO, pause(), write(),
51
rmdir(), unlink(), getpid() */
52
43
#include <stdlib.h> /* EXIT_SUCCESS, EXIT_FAILURE,
53
malloc(), free(), realloc(),
54
setenv(), calloc(), mkdtemp(),
44
malloc(), free(), strtoumax(),
45
realloc(), setenv(), calloc(),
46
mkdtemp(), mkostemp() */
56
47
#include <iso646.h> /* not, or, and, xor */
57
48
#include <error.h> /* error() */
58
49
#include <sysexits.h> /* EX_USAGE, EX_OSERR, EX_OSFILE */
66
57
#include <string.h> /* strdup(), memcpy(),
67
58
explicit_bzero(), memset(),
68
59
strcmp(), strlen(), strncpy(),
69
memcmp(), basename(), strerror() */
60
memcmp(), basename() */
70
61
#include <argz.h> /* argz_create(), argz_count(),
71
62
argz_extract(), argz_next(),
82
73
ARGP_ERR_UNKNOWN, ARGP_KEY_ARGS,
83
74
struct argp, argp_parse(),
85
#include <stdint.h> /* SIZE_MAX, uint32_t */
76
#include <stdint.h> /* SIZE_MAX */
77
#include <unistd.h> /* uid_t, gid_t, close(), pipe2(),
78
fork(), _exit(), dup2(),
79
STDOUT_FILENO, setresgid(),
80
setresuid(), execv(), ssize_t,
81
read(), dup3(), getuid(), dup(),
82
STDERR_FILENO, pause(), write(),
83
rmdir(), unlink(), getpid() */
86
84
#include <sys/mman.h> /* munlock(), mlock() */
87
85
#include <fcntl.h> /* O_CLOEXEC, O_NONBLOCK, fcntl(),
88
86
F_GETFD, F_GETFL, FD_CLOEXEC,
112
110
g_assert_null(), g_assert_false(),
113
111
g_assert_cmpint(), g_assert_cmpuint(),
114
112
g_test_skip(), g_assert_cmpstr(),
115
g_test_message(), g_test_init(), g_test_add(),
116
g_test_run(), GOptionContext,
117
g_option_context_new(),
113
g_test_init(), g_test_add(), g_test_run(),
114
GOptionContext, g_option_context_new(),
118
115
g_option_context_set_help_enabled(), FALSE,
119
116
g_option_context_set_ignore_unknown_options(),
120
117
gboolean, GOptionEntry, G_OPTION_ARG_NONE,
1098
1095
} ievent_buffer;
1099
1096
struct inotify_event *const ievent = &ievent_buffer.event;
1101
#if defined(__GNUC__) and __GNUC__ >= 7
1102
#pragma GCC diagnostic push
1103
/* ievent is pointing into a struct which is of sufficient size */
1104
#pragma GCC diagnostic ignored "-Wstringop-overflow"
1106
1098
const ssize_t read_length = read(fd, ievent, ievent_size);
1107
#if defined(__GNUC__) and __GNUC__ >= 7
1108
#pragma GCC diagnostic pop
1110
1099
if(read_length == 0){ /* EOF */
1111
1100
error(0, 0, "Got EOF from inotify fd for directory %s", filename);
1112
1101
*quit_now = true;
1488
1477
if(send_buffer == NULL){
1489
1478
error(0, errno, "Failed to allocate send_buffer");
1491
#if defined(__GNUC__) and __GNUC__ >= 5
1492
#pragma GCC diagnostic push
1493
/* mlock() does not access the memory */
1494
#pragma GCC diagnostic ignored "-Wmaybe-uninitialized"
1496
1480
if(mlock(send_buffer, send_buffer_length) != 0){
1497
#if defined(__GNUC__) and __GNUC__ >= 5
1498
#pragma GCC diagnostic pop
1500
1481
/* Warn but do not treat as fatal error */
1501
1482
if(errno != EPERM and errno != ENOMEM){
1502
1483
error(0, errno, "Failed to lock memory for password"
2669
2650
bool password_is_read = false;
2670
2651
const char helper_directory[] = "/nonexistent";
2671
2652
const char *const argv[] = { "/bin/sh", "-c",
2672
"printf %s \"${MANDOSPLUGINHELPERDIR}\"", NULL };
2653
"echo -n ${MANDOSPLUGINHELPERDIR}", NULL };
2674
2655
const bool success = start_mandos_client(queue, epoll_fd,
2675
2656
&mandos_client_exited,
4198
4179
memcpy(ievent->name, dummy_file_name, sizeof(dummy_file_name));
4199
4180
const size_t ievent_size = (sizeof(struct inotify_event)
4200
4181
+ sizeof(dummy_file_name));
4201
#if defined(__GNUC__) and __GNUC__ >= 11
4202
#pragma GCC diagnostic push
4203
/* ievent is pointing into a struct which is of sufficient size */
4204
#pragma GCC diagnostic ignored "-Wstringop-overread"
4206
4182
g_assert_cmpint(write(pipefds[1], (char *)ievent, ievent_size),
4207
4183
==, ievent_size);
4208
#if defined(__GNUC__) and __GNUC__ >= 11
4209
#pragma GCC diagnostic pop
4211
4184
g_assert_cmpint(close(pipefds[1]), ==, 0);
4213
4186
bool quit_now = false;
4301
4274
memcpy(ievent->name, dummy_file_name, sizeof(dummy_file_name));
4302
4275
const size_t ievent_size = (sizeof(struct inotify_event)
4303
4276
+ sizeof(dummy_file_name));
4304
#if defined(__GNUC__) and __GNUC__ >= 11
4305
#pragma GCC diagnostic push
4306
/* ievent is pointing into a struct which is of sufficient size */
4307
#pragma GCC diagnostic ignored "-Wstringop-overread"
4309
4277
g_assert_cmpint(write(pipefds[1], (char *)ievent, ievent_size),
4310
4278
==, ievent_size);
4311
#if defined(__GNUC__) and __GNUC__ >= 11
4312
#pragma GCC diagnostic pop
4314
4279
g_assert_cmpint(close(pipefds[1]), ==, 0);
4316
4281
bool quit_now = false;
4406
4371
memcpy(ievent->name, dummy_file_name, sizeof(dummy_file_name));
4407
4372
const size_t ievent_size = (sizeof(struct inotify_event)
4408
4373
+ sizeof(dummy_file_name));
4409
#if defined(__GNUC__) and __GNUC__ >= 11
4410
#pragma GCC diagnostic push
4411
/* ievent is pointing into a struct which is of sufficient size */
4412
#pragma GCC diagnostic ignored "-Wstringop-overread"
4414
4374
g_assert_cmpint(write(pipefds[1], (char *)ievent, ievent_size),
4415
4375
==, ievent_size);
4416
#if defined(__GNUC__) and __GNUC__ >= 11
4417
#pragma GCC diagnostic pop
4419
4376
g_assert_cmpint(close(pipefds[1]), ==, 0);
4421
4378
bool quit_now = false;
4499
4456
memcpy(ievent->name, dummy_file_name, sizeof(dummy_file_name));
4500
4457
const size_t ievent_size = (sizeof(struct inotify_event)
4501
4458
+ sizeof(dummy_file_name));
4502
#if defined(__GNUC__) and __GNUC__ >= 11
4503
#pragma GCC diagnostic push
4504
/* ievent is pointing into a struct which is of sufficient size */
4505
#pragma GCC diagnostic ignored "-Wstringop-overread"
4507
4459
g_assert_cmpint(write(pipefds[1], (char *)ievent, ievent_size),
4508
4460
==, ievent_size);
4509
#if defined(__GNUC__) and __GNUC__ >= 11
4510
#pragma GCC diagnostic pop
4512
4461
g_assert_cmpint(close(pipefds[1]), ==, 0);
4514
4463
bool quit_now = false;
4591
4540
memcpy(ievent->name, dummy_file_name, sizeof(dummy_file_name));
4592
4541
const size_t ievent_size = (sizeof(struct inotify_event)
4593
4542
+ sizeof(dummy_file_name));
4594
#if defined(__GNUC__) and __GNUC__ >= 11
4595
#pragma GCC diagnostic push
4596
/* ievent is pointing into a struct which is of sufficient size */
4597
#pragma GCC diagnostic ignored "-Wstringop-overread"
4599
4543
g_assert_cmpint(write(pipefds[1], (char *)ievent, ievent_size),
4600
4544
==, ievent_size);
4601
#if defined(__GNUC__) and __GNUC__ >= 11
4602
#pragma GCC diagnostic pop
4604
4545
g_assert_cmpint(close(pipefds[1]), ==, 0);
4606
4547
bool quit_now = false;
4675
4616
memcpy(ievent->name, dummy_file_name, sizeof(dummy_file_name));
4676
4617
const size_t ievent_size = (sizeof(struct inotify_event)
4677
4618
+ sizeof(dummy_file_name));
4678
#if defined(__GNUC__) and __GNUC__ >= 11
4679
#pragma GCC diagnostic push
4680
/* ievent is pointing into a struct which is of sufficient size */
4681
#pragma GCC diagnostic ignored "-Wstringop-overread"
4683
4619
g_assert_cmpint(write(pipefds[1], (char *)ievent, ievent_size),
4684
4620
==, ievent_size);
4685
#if defined(__GNUC__) and __GNUC__ >= 11
4686
#pragma GCC diagnostic pop
4688
4621
g_assert_cmpint(close(pipefds[1]), ==, 0);
4690
4623
bool quit_now = false;
4762
4695
memcpy(ievent->name, dummy_file_name, sizeof(dummy_file_name));
4763
4696
const size_t ievent_size = (sizeof(struct inotify_event)
4764
4697
+ sizeof(dummy_file_name));
4765
#if defined(__GNUC__) and __GNUC__ >= 11
4766
#pragma GCC diagnostic push
4767
/* ievent is pointing into a struct which is of sufficient size */
4768
#pragma GCC diagnostic ignored "-Wstringop-overread"
4770
4698
g_assert_cmpint(write(pipefds[1], (char *)ievent, ievent_size),
4771
4699
==, ievent_size);
4772
#if defined(__GNUC__) and __GNUC__ >= 11
4773
#pragma GCC diagnostic pop
4775
4700
g_assert_cmpint(close(pipefds[1]), ==, 0);
4777
4702
bool quit_now = false;
4855
4780
memcpy(ievent->name, dummy_file_name, sizeof(dummy_file_name));
4856
4781
const size_t ievent_size = (sizeof(struct inotify_event)
4857
4782
+ sizeof(dummy_file_name));
4858
#if defined(__GNUC__) and __GNUC__ >= 11
4859
#pragma GCC diagnostic push
4860
/* ievent is pointing into a struct which is of sufficient size */
4861
#pragma GCC diagnostic ignored "-Wstringop-overread"
4863
4783
g_assert_cmpint(write(pipefds[1], (char *)ievent, ievent_size),
4864
4784
==, ievent_size);
4865
#if defined(__GNUC__) and __GNUC__ >= 11
4866
#pragma GCC diagnostic pop
4868
4785
g_assert_cmpint(close(pipefds[1]), ==, 0);
4870
4787
bool quit_now = false;
6061
5978
g_test_skip("Skipping EMSGSIZE test: Will not try 1GiB");
6064
message_buffer = realloc(message_buffer, message_size);
5981
free(message_buffer);
5982
message_buffer = malloc(message_size);
6065
5983
if(message_buffer == NULL){
6066
5984
g_test_skip("Skipping EMSGSIZE test");
6067
5985
g_test_message("Failed to malloc() %" PRIuMAX " bytes",
8275
8191
g_option_context_free(context);
8276
8192
return should_run_tests != FALSE;
8283
(if (not (funcall run-tests-in-test-buffer default-directory))
8284
(funcall show-test-buffer-in-test-window)
8285
(funcall remove-test-window)))
8286
run-tests-in-test-buffer:
8288
(with-current-buffer (get-buffer-create "*Test*")
8289
(setq buffer-read-only nil
8290
default-directory dir)
8293
(let ((process-result
8294
(let ((inhibit-read-only t))
8295
(process-file-shell-command
8296
(funcall get-command-line) nil "*Test*"))))
8297
(and (numberp process-result)
8298
(= process-result 0))))
8303
(funcall find-build-directory (buffer-file-name)))
8304
(local-build-directory
8305
(if (fboundp 'file-local-name)
8306
(file-local-name build-directory)
8307
(or (file-remote-p build-directory 'localname)
8310
(file-relative-name (file-name-sans-extension
8311
(buffer-file-name)) build-directory))
8312
(qbdir (shell-quote-argument local-build-directory))
8313
(qcmd (shell-quote-argument command)))
8314
(format (concat "cd %s && CFLAGS=-Werror make --silent %s"
8315
" && %s --test --verbose") qbdir qcmd qcmd)))
8316
find-build-directory:
8317
(lambda (try-directory &optional base-directory)
8318
(let ((base-directory (or base-directory try-directory)))
8319
(cond ((equal try-directory "/") base-directory)
8321
(concat (file-name-as-directory try-directory)
8322
"Makefile")) try-directory)
8323
((funcall find-build-directory
8324
(directory-file-name (file-name-directory
8327
show-test-buffer-in-test-window:
8329
(when (not (get-buffer-window-list "*Test*"))
8330
(setq next-error-last-buffer (get-buffer "*Test*"))
8331
(let* ((side (if (>= (window-width) 146) 'right 'bottom))
8332
(display-buffer-overriding-action
8333
`((display-buffer-in-side-window) (side . ,side)
8334
(window-height . fit-window-to-buffer)
8335
(window-width . fit-window-to-buffer))))
8336
(display-buffer "*Test*"))))
8339
(let ((test-window (get-buffer-window "*Test*")))
8340
(if test-window (delete-window test-window))))
8341
eval: (add-hook 'after-save-hook run-tests 90 t)