bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
1 |
/* -*- coding: utf-8 -*- */
|
2 |
/*
|
|
3 |
* Mandos plugin runner - Run Mandos plugins
|
|
4 |
*
|
|
|
28
by Teddy Hogeborn
* server.conf: New file. |
5 |
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
|
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
6 |
*
|
7 |
* This program is free software: you can redistribute it and/or
|
|
8 |
* modify it under the terms of the GNU General Public License as
|
|
9 |
* published by the Free Software Foundation, either version 3 of the
|
|
10 |
* License, or (at your option) any later version.
|
|
11 |
*
|
|
12 |
* This program is distributed in the hope that it will be useful, but
|
|
13 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
14 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
15 |
* General Public License for more details.
|
|
16 |
*
|
|
17 |
* You should have received a copy of the GNU General Public License
|
|
18 |
* along with this program. If not, see
|
|
19 |
* <http://www.gnu.org/licenses/>.
|
|
20 |
*
|
|
|
28
by Teddy Hogeborn
* server.conf: New file. |
21 |
* Contact the authors at <mandos@fukt.bsnet.se>.
|
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
22 |
*/
|
23 |
||
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
24 |
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(), |
25 |
asprintf() */
|
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
26 |
#include <stddef.h> /* size_t, NULL */ |
27 |
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE, |
|
28 |
EXIT_SUCCESS, realloc() */ |
|
29 |
#include <stdbool.h> /* bool, true, false */ |
|
30 |
#include <stdio.h> /* perror, popen(), fileno(), |
|
31 |
fprintf(), stderr, STDOUT_FILENO */ |
|
32 |
#include <sys/types.h> /* DIR, opendir(), stat(), struct |
|
33 |
stat, waitpid(), WIFEXITED(), |
|
34 |
WEXITSTATUS(), wait(), pid_t, |
|
35 |
uid_t, gid_t, getuid(), getgid(), |
|
36 |
dirfd() */ |
|
37 |
#include <sys/select.h> /* fd_set, select(), FD_ZERO(), |
|
38 |
FD_SET(), FD_ISSET(), FD_CLR */ |
|
39 |
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(), |
|
40 |
WEXITSTATUS() */ |
|
41 |
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */ |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
42 |
#include <iso646.h> /* and, or, not */ |
43 |
#include <dirent.h> /* DIR, struct dirent, opendir(), |
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
44 |
readdir(), closedir(), dirfd() */ |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
45 |
#include <unistd.h> /* struct stat, stat(), S_ISREG(), |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
46 |
fcntl(), setuid(), setgid(), |
47 |
F_GETFD, F_SETFD, FD_CLOEXEC, |
|
48 |
access(), pipe(), fork(), close() |
|
49 |
dup2, STDOUT_FILENO, _exit(), |
|
50 |
execv(), write(), read(), |
|
51 |
close() */ |
|
52 |
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD, |
|
53 |
FD_CLOEXEC */ |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
54 |
#include <string.h> /* strsep, strlen(), asprintf() */ |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
55 |
#include <errno.h> /* errno */ |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
56 |
#include <argp.h> /* struct argp_option, struct |
57 |
argp_state, struct argp, |
|
58 |
argp_parse(), ARGP_ERR_UNKNOWN, |
|
59 |
ARGP_KEY_END, ARGP_KEY_ARG, error_t */ |
|
60 |
#include <signal.h> /* struct sigaction, sigemptyset(), |
|
61 |
sigaddset(), sigaction(), |
|
62 |
sigprocmask(), SIG_BLOCK, SIGCHLD, |
|
63 |
SIG_UNBLOCK, kill() */ |
|
64 |
#include <errno.h> /* errno, EBADF */ |
|
|
13
by Björn Påhlsson
Added following support: |
65 |
|
|
37
by Teddy Hogeborn
Non-tested commit for merge purposes. |
66 |
#define BUFFER_SIZE 256
|
|
77
by Teddy Hogeborn
Merge. |
67 |
#define ARGFILE "/conf/conf.d/mandos/plugin-runner.conf"
|
|
37
by Teddy Hogeborn
Non-tested commit for merge purposes. |
68 |
|
|
74
by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New. |
69 |
const char *argp_program_version = "plugin-runner 1.0"; |
|
24.1.35
by Björn Påhlsson
version 1.0 |
70 |
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>"; |
71 |
||
|
13
by Björn Påhlsson
Added following support: |
72 |
struct process; |
73 |
||
74 |
typedef struct process{ |
|
75 |
pid_t pid; |
|
76 |
int fd; |
|
77 |
char *buffer; |
|
|
21
by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and |
78 |
size_t buffer_size; |
79 |
size_t buffer_length; |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
80 |
bool eof; |
81 |
bool completed; |
|
82 |
int status; |
|
|
13
by Björn Påhlsson
Added following support: |
83 |
struct process *next; |
84 |
} process; |
|
85 |
||
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
86 |
typedef struct plugin{ |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
87 |
char *name; /* can be NULL or any plugin name */ |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
88 |
char **argv; |
89 |
int argc; |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
90 |
char **environ; |
91 |
int envc; |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
92 |
bool disabled; |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
93 |
struct plugin *next; |
94 |
} plugin; |
|
95 |
||
|
37
by Teddy Hogeborn
Non-tested commit for merge purposes. |
96 |
static plugin *getplugin(char *name, plugin **plugin_list){ |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
97 |
for (plugin *p = *plugin_list; p != NULL; p = p->next){ |
98 |
if ((p->name == name) |
|
99 |
or (p->name and name and (strcmp(p->name, name) == 0))){ |
|
100 |
return p; |
|
101 |
} |
|
102 |
} |
|
103 |
/* Create a new plugin */ |
|
104 |
plugin *new_plugin = malloc(sizeof(plugin)); |
|
105 |
if (new_plugin == NULL){ |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
106 |
return NULL; |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
107 |
} |
|
24.1.54
by Björn Påhlsson
plugin-runner |
108 |
char *copy_name = strdup(name); |
109 |
if(copy_name == NULL){ |
|
110 |
return NULL; |
|
111 |
} |
|
112 |
|
|
113 |
*new_plugin = (plugin) { .name = copy_name, |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
114 |
.argc = 1, |
115 |
.envc = 0, |
|
116 |
.disabled = false, |
|
117 |
.next = *plugin_list }; |
|
118 |
|
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
119 |
new_plugin->argv = malloc(sizeof(char *) * 2); |
120 |
if (new_plugin->argv == NULL){ |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
121 |
free(new_plugin); |
122 |
return NULL; |
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
123 |
} |
|
24.1.54
by Björn Påhlsson
plugin-runner |
124 |
new_plugin->argv[0] = copy_name; |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
125 |
new_plugin->argv[1] = NULL; |
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
126 |
|
127 |
new_plugin->environ = malloc(sizeof(char *)); |
|
128 |
if(new_plugin->environ == NULL){ |
|
129 |
free(new_plugin->argv); |
|
130 |
free(new_plugin); |
|
131 |
return NULL; |
|
132 |
} |
|
133 |
new_plugin->environ[0] = NULL; |
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
134 |
/* Append the new plugin to the list */ |
135 |
*plugin_list = new_plugin; |
|
136 |
return new_plugin; |
|
137 |
}
|
|
138 |
||
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
139 |
/* Helper function for add_argument and add_environment */
|
140 |
static bool add_to_char_array(const char *new, char ***array, |
|
141 |
int *len){ |
|
142 |
/* Resize the pointed-to array to hold one more pointer */ |
|
143 |
*array = realloc(*array, sizeof(char *) |
|
144 |
* (size_t) ((*len) + 2)); |
|
145 |
/* Malloc check */ |
|
146 |
if(*array == NULL){ |
|
147 |
return false; |
|
148 |
} |
|
149 |
/* Make a copy of the new string */ |
|
150 |
char *copy = strdup(new); |
|
151 |
if(copy == NULL){ |
|
152 |
return false; |
|
153 |
} |
|
154 |
/* Insert the copy */ |
|
155 |
(*array)[*len] = copy; |
|
156 |
(*len)++; |
|
157 |
/* Add a new terminating NULL pointer to the last element */ |
|
158 |
(*array)[*len] = NULL; |
|
159 |
return true; |
|
160 |
}
|
|
161 |
||
162 |
/* Add to a plugin's argument vector */
|
|
163 |
static bool add_argument(plugin *p, const char *arg){ |
|
164 |
if(p == NULL){ |
|
165 |
return false; |
|
166 |
} |
|
167 |
return add_to_char_array(arg, &(p->argv), &(p->argc)); |
|
168 |
}
|
|
169 |
||
170 |
/* Add to a plugin's environment */
|
|
171 |
static bool add_environment(plugin *p, const char *def){ |
|
172 |
if(p == NULL){ |
|
173 |
return false; |
|
174 |
} |
|
175 |
return add_to_char_array(def, &(p->environ), &(p->envc)); |
|
176 |
}
|
|
177 |
||
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
178 |
|
|
32
by Teddy Hogeborn
* plugins.d/plugbasedclient.c (set_cloexec_flag): New function. |
179 |
/*
|
180 |
* Based on the example in the GNU LibC manual chapter 13.13 "File
|
|
181 |
* Descriptor Flags".
|
|
182 |
* *Note File Descriptor Flags:(libc)Descriptor Flags.
|
|
183 |
*/
|
|
|
37
by Teddy Hogeborn
Non-tested commit for merge purposes. |
184 |
static int set_cloexec_flag(int fd) |
|
32
by Teddy Hogeborn
* plugins.d/plugbasedclient.c (set_cloexec_flag): New function. |
185 |
{
|
186 |
int ret = fcntl(fd, F_GETFD, 0); |
|
187 |
/* If reading the flags failed, return error indication now. */ |
|
188 |
if(ret < 0){ |
|
189 |
return ret; |
|
190 |
} |
|
191 |
/* Store modified flag word in the descriptor. */ |
|
192 |
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC); |
|
193 |
}
|
|
194 |
||
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
195 |
process *process_list = NULL; |
196 |
||
197 |
/* Mark a process as completed when it exits, and save its exit
|
|
198 |
status. */
|
|
199 |
void handle_sigchld(__attribute__((unused)) int sig){ |
|
200 |
process *proc = process_list; |
|
201 |
int status; |
|
202 |
pid_t pid = wait(&status); |
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
203 |
if(pid == -1){ |
204 |
perror("wait"); |
|
205 |
return; |
|
206 |
} |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
207 |
while(proc != NULL and proc->pid != pid){ |
|
24.1.8
by Björn Påhlsson
plugbasedclient |
208 |
proc = proc->next; |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
209 |
} |
210 |
if(proc == NULL){ |
|
211 |
/* Process not found in process list */ |
|
212 |
return; |
|
213 |
} |
|
214 |
proc->status = status; |
|
215 |
proc->completed = true; |
|
216 |
}
|
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
217 |
|
|
24.1.42
by Björn Påhlsson
Added fallback to mandos-client |
218 |
bool print_out_password(const char *buffer, size_t length){ |
|
64
by Teddy Hogeborn
* mandos-client.c (print_out_password): Strip trailing '\n'. |
219 |
ssize_t ret; |
220 |
if(length>0 and buffer[length-1] == '\n'){ |
|
221 |
length--; |
|
222 |
} |
|
223 |
for(size_t written = 0; written < length; written += (size_t)ret){ |
|
|
24.1.42
by Björn Påhlsson
Added fallback to mandos-client |
224 |
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written, |
225 |
length - written)); |
|
226 |
if(ret < 0){ |
|
227 |
return false; |
|
228 |
} |
|
229 |
} |
|
230 |
return true; |
|
231 |
}
|
|
232 |
||
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
233 |
char **add_to_argv(char **argv, int *argc, char *arg){ |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
234 |
if (argv == NULL){ |
235 |
*argc = 1; |
|
236 |
argv = malloc(sizeof(char*) * 2); |
|
237 |
if(argv == NULL){ |
|
238 |
return NULL; |
|
239 |
} |
|
240 |
argv[0] = NULL; /* Will be set to argv[0] in main before parsing */ |
|
241 |
argv[1] = NULL; |
|
242 |
} |
|
243 |
*argc += 1; |
|
244 |
argv = realloc(argv, sizeof(char *) |
|
245 |
* ((unsigned int) *argc + 1)); |
|
246 |
if(argv == NULL){ |
|
247 |
return NULL; |
|
248 |
} |
|
249 |
argv[*argc-1] = arg; |
|
250 |
argv[*argc] = NULL; |
|
251 |
return argv; |
|
252 |
}
|
|
253 |
||
|
24.1.54
by Björn Påhlsson
plugin-runner |
254 |
static void free_plugin_list(plugin *plugin_list){ |
255 |
for(plugin *next = plugin_list; plugin_list != NULL; plugin_list = next){ |
|
256 |
next = plugin_list->next; |
|
257 |
free(plugin_list->name); |
|
258 |
for(char **arg = plugin_list->argv; *arg != NULL; arg++){ |
|
259 |
free(*arg); |
|
260 |
} |
|
261 |
free(plugin_list->argv); |
|
262 |
for(char **env = plugin_list->environ; *env != NULL; env++){ |
|
263 |
free(*env); |
|
264 |
} |
|
265 |
free(plugin_list->environ); |
|
266 |
free(plugin_list); |
|
267 |
} |
|
268 |
}
|
|
269 |
||
|
13
by Björn Påhlsson
Added following support: |
270 |
int main(int argc, char *argv[]){ |
|
74
by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New. |
271 |
const char *plugindir = "/lib/mandos/plugins.d"; |
|
24.1.52
by Björn Påhlsson
merge + minor adjustments |
272 |
const char *argfile = ARGFILE; |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
273 |
FILE *conffp; |
|
24.1.5
by Björn Påhlsson
plugbasedclient: |
274 |
size_t d_name_len; |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
275 |
DIR *dir = NULL; |
|
13
by Björn Påhlsson
Added following support: |
276 |
struct dirent *dirst; |
277 |
struct stat st; |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
278 |
fd_set rfds_all; |
|
13
by Björn Påhlsson
Added following support: |
279 |
int ret, maxfd = 0; |
|
24.1.6
by Björn Påhlsson
plugbasedclient |
280 |
uid_t uid = 65534; |
281 |
gid_t gid = 65534; |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
282 |
bool debug = false; |
283 |
int exitstatus = EXIT_SUCCESS; |
|
|
24.1.7
by Björn Påhlsson
merge |
284 |
struct sigaction old_sigchld_action; |
285 |
struct sigaction sigchld_action = { .sa_handler = handle_sigchld, |
|
286 |
.sa_flags = SA_NOCLDSTOP }; |
|
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
287 |
char **custom_argv = NULL; |
288 |
int custom_argc = 0; |
|
289 |
|
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
290 |
/* Establish a signal handler */ |
291 |
sigemptyset(&sigchld_action.sa_mask); |
|
292 |
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD); |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
293 |
if(ret == -1){ |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
294 |
perror("sigaddset"); |
|
24.1.54
by Björn Påhlsson
plugin-runner |
295 |
exitstatus = EXIT_FAILURE; |
296 |
goto fallback; |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
297 |
} |
298 |
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action); |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
299 |
if(ret == -1){ |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
300 |
perror("sigaction"); |
|
24.1.54
by Björn Påhlsson
plugin-runner |
301 |
exitstatus = EXIT_FAILURE; |
302 |
goto fallback; |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
303 |
} |
304 |
|
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
305 |
/* The options we understand. */ |
306 |
struct argp_option options[] = { |
|
307 |
{ .name = "global-options", .key = 'g', |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
308 |
.arg = "OPTION[,OPTION[,...]]", |
309 |
.doc = "Options passed to all plugins" }, |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
310 |
{ .name = "global-envs", .key = 'e', |
311 |
.arg = "VAR=value", |
|
312 |
.doc = "Environment variable passed to all plugins" }, |
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
313 |
{ .name = "options-for", .key = 'o', |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
314 |
.arg = "PLUGIN:OPTION[,OPTION[,...]]", |
315 |
.doc = "Options passed only to specified plugin" }, |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
316 |
{ .name = "envs-for", .key = 'f', |
317 |
.arg = "PLUGIN:ENV=value", |
|
318 |
.doc = "Environment variable passed to specified plugin" }, |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
319 |
{ .name = "disable", .key = 'd', |
320 |
.arg = "PLUGIN", |
|
321 |
.doc = "Disable a specific plugin", .group = 1 }, |
|
|
24.1.5
by Björn Påhlsson
plugbasedclient: |
322 |
{ .name = "plugin-dir", .key = 128, |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
323 |
.arg = "DIRECTORY", |
324 |
.doc = "Specify a different plugin directory", .group = 2 }, |
|
|
24.1.6
by Björn Påhlsson
plugbasedclient |
325 |
{ .name = "userid", .key = 129, |
|
24.1.7
by Björn Påhlsson
merge |
326 |
.arg = "ID", .flags = 0, |
327 |
.doc = "User ID the plugins will run as", .group = 2 }, |
|
|
24.1.6
by Björn Påhlsson
plugbasedclient |
328 |
{ .name = "groupid", .key = 130, |
|
24.1.7
by Björn Påhlsson
merge |
329 |
.arg = "ID", .flags = 0, |
330 |
.doc = "Group ID the plugins will run as", .group = 2 }, |
|
331 |
{ .name = "debug", .key = 131, |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
332 |
.doc = "Debug mode", .group = 3 }, |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
333 |
{ .name = NULL } |
334 |
}; |
|
335 |
|
|
336 |
error_t parse_opt (int key, char *arg, struct argp_state *state) { |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
337 |
/* Get the INPUT argument from `argp_parse', which we know is a |
338 |
pointer to our plugin list pointer. */
|
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
339 |
plugin **plugins = state->input; |
340 |
switch (key) { |
|
341 |
case 'g': |
|
342 |
if (arg != NULL){ |
|
|
24.1.50
by Björn Påhlsson
changed from using strtok to strsep |
343 |
char *p; |
344 |
while((p = strsep(&arg, ",")) != NULL){ |
|
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
345 |
if(p[0] == '\0'){ |
|
24.1.50
by Björn Påhlsson
changed from using strtok to strsep |
346 |
continue; |
347 |
} |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
348 |
if(not add_argument(getplugin(NULL, plugins), p)){ |
349 |
perror("add_argument"); |
|
350 |
return ARGP_ERR_UNKNOWN; |
|
351 |
} |
|
352 |
} |
|
353 |
} |
|
354 |
break; |
|
355 |
case 'e': |
|
356 |
if(arg == NULL){ |
|
357 |
break; |
|
358 |
} |
|
359 |
{ |
|
360 |
char *envdef = strdup(arg); |
|
361 |
if(envdef == NULL){ |
|
362 |
break; |
|
363 |
} |
|
364 |
if(not add_environment(getplugin(NULL, plugins), envdef)){ |
|
365 |
perror("add_environment"); |
|
|
24.1.50
by Björn Påhlsson
changed from using strtok to strsep |
366 |
} |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
367 |
} |
368 |
break; |
|
369 |
case 'o': |
|
370 |
if (arg != NULL){ |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
371 |
char *p_name = strsep(&arg, ":"); |
372 |
if(p_name[0] == '\0'){ |
|
|
24.1.50
by Björn Påhlsson
changed from using strtok to strsep |
373 |
break; |
374 |
} |
|
375 |
char *opt = strsep(&arg, ":"); |
|
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
376 |
if(opt[0] == '\0'){ |
|
24.1.50
by Björn Påhlsson
changed from using strtok to strsep |
377 |
break; |
378 |
} |
|
379 |
if(opt != NULL){ |
|
380 |
char *p; |
|
381 |
while((p = strsep(&opt, ",")) != NULL){ |
|
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
382 |
if(p[0] == '\0'){ |
|
24.1.50
by Björn Påhlsson
changed from using strtok to strsep |
383 |
continue; |
384 |
} |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
385 |
if(not add_argument(getplugin(p_name, plugins), p)){ |
386 |
perror("add_argument"); |
|
387 |
return ARGP_ERR_UNKNOWN; |
|
388 |
} |
|
|
24.1.50
by Björn Påhlsson
changed from using strtok to strsep |
389 |
} |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
390 |
} |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
391 |
} |
392 |
break; |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
393 |
case 'f': |
394 |
if(arg == NULL){ |
|
395 |
break; |
|
396 |
} |
|
397 |
{ |
|
398 |
char *envdef = strchr(arg, ':'); |
|
399 |
if(envdef == NULL){ |
|
400 |
break; |
|
401 |
} |
|
402 |
char *p_name = strndup(arg, (size_t) (envdef-arg)); |
|
403 |
if(p_name == NULL){ |
|
404 |
break; |
|
405 |
} |
|
406 |
envdef++; |
|
407 |
if(not add_environment(getplugin(p_name, plugins), envdef)){ |
|
408 |
perror("add_environment"); |
|
409 |
} |
|
410 |
} |
|
411 |
break; |
|
|
24.1.5
by Björn Påhlsson
plugbasedclient: |
412 |
case 'd': |
413 |
if (arg != NULL){ |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
414 |
plugin *p = getplugin(arg, plugins); |
415 |
if(p == NULL){ |
|
416 |
return ARGP_ERR_UNKNOWN; |
|
417 |
} |
|
418 |
p->disabled = true; |
|
|
24.1.5
by Björn Påhlsson
plugbasedclient: |
419 |
} |
420 |
break; |
|
421 |
case 128: |
|
422 |
plugindir = arg; |
|
423 |
break; |
|
|
24.1.6
by Björn Påhlsson
plugbasedclient |
424 |
case 129: |
425 |
uid = (uid_t)strtol(arg, NULL, 10); |
|
426 |
break; |
|
427 |
case 130: |
|
428 |
gid = (gid_t)strtol(arg, NULL, 10); |
|
429 |
break; |
|
|
24.1.7
by Björn Påhlsson
merge |
430 |
case 131: |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
431 |
debug = true; |
432 |
break; |
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
433 |
case ARGP_KEY_ARG: |
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
434 |
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg); |
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
435 |
break; |
436 |
case ARGP_KEY_END: |
|
437 |
break; |
|
438 |
default: |
|
439 |
return ARGP_ERR_UNKNOWN; |
|
440 |
} |
|
441 |
return 0; |
|
442 |
} |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
443 |
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
444 |
plugin *plugin_list = NULL; |
445 |
|
|
446 |
struct argp argp = { .options = options, .parser = parse_opt, |
|
|
24.1.8
by Björn Påhlsson
plugbasedclient |
447 |
.args_doc = "[+PLUS_SEPARATED_OPTIONS]", |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
448 |
.doc = "Mandos plugin runner -- Run plugins" }; |
449 |
|
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
450 |
ret = argp_parse (&argp, argc, argv, 0, 0, &plugin_list); |
451 |
if (ret == ARGP_ERR_UNKNOWN){ |
|
|
64
by Teddy Hogeborn
* mandos-client.c (print_out_password): Strip trailing '\n'. |
452 |
fprintf(stderr, "Unknown error while parsing arguments\n"); |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
453 |
exitstatus = EXIT_FAILURE; |
|
24.1.54
by Björn Påhlsson
plugin-runner |
454 |
goto fallback; |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
455 |
} |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
456 |
|
|
24.1.52
by Björn Påhlsson
merge + minor adjustments |
457 |
conffp = fopen(argfile, "r"); |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
458 |
if(conffp != NULL){ |
459 |
char *org_line = NULL; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
460 |
char *p, *arg, *new_arg, *line; |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
461 |
size_t size = 0; |
462 |
ssize_t sret; |
|
463 |
const char whitespace_delims[] = " \r\t\f\v\n"; |
|
464 |
const char comment_delim[] = "#"; |
|
465 |
||
466 |
while(true){ |
|
467 |
sret = getline(&org_line, &size, conffp); |
|
468 |
if(sret == -1){ |
|
469 |
break; |
|
470 |
} |
|
471 |
||
472 |
line = org_line; |
|
473 |
arg = strsep(&line, comment_delim); |
|
474 |
while((p = strsep(&arg, whitespace_delims)) != NULL){ |
|
475 |
if(p[0] == '\0'){ |
|
476 |
continue; |
|
477 |
} |
|
478 |
new_arg = strdup(p); |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
479 |
custom_argv = add_to_argv(custom_argv, &custom_argc, new_arg); |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
480 |
if (custom_argv == NULL){ |
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
481 |
perror("add_to_argv"); |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
482 |
exitstatus = EXIT_FAILURE; |
|
24.1.54
by Björn Påhlsson
plugin-runner |
483 |
goto fallback; |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
484 |
} |
485 |
} |
|
486 |
} |
|
487 |
free(org_line); |
|
488 |
} else{ |
|
|
24.1.52
by Björn Påhlsson
merge + minor adjustments |
489 |
/* Check for harmful errors and go to fallback. Other errors might |
490 |
not affect opening plugins */
|
|
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
491 |
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){ |
492 |
perror("fopen"); |
|
|
24.1.8
by Björn Påhlsson
plugbasedclient |
493 |
exitstatus = EXIT_FAILURE; |
|
24.1.54
by Björn Påhlsson
plugin-runner |
494 |
goto fallback; |
|
24.1.8
by Björn Påhlsson
plugbasedclient |
495 |
} |
|
24.1.51
by Björn Påhlsson
Added configuration files support for mandos-client |
496 |
} |
497 |
||
498 |
if(custom_argv != NULL){ |
|
499 |
custom_argv[0] = argv[0]; |
|
500 |
ret = argp_parse (&argp, custom_argc, custom_argv, 0, 0, &plugin_list); |
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
501 |
if (ret == ARGP_ERR_UNKNOWN){ |
|
64
by Teddy Hogeborn
* mandos-client.c (print_out_password): Strip trailing '\n'. |
502 |
fprintf(stderr, "Unknown error while parsing arguments\n"); |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
503 |
exitstatus = EXIT_FAILURE; |
|
24.1.54
by Björn Påhlsson
plugin-runner |
504 |
goto fallback; |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
505 |
} |
|
24.1.8
by Björn Påhlsson
plugbasedclient |
506 |
} |
507 |
|
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
508 |
if(debug){ |
509 |
for(plugin *p = plugin_list; p != NULL; p=p->next){ |
|
510 |
fprintf(stderr, "Plugin: %s has %d arguments\n", |
|
|
32
by Teddy Hogeborn
* plugins.d/plugbasedclient.c (set_cloexec_flag): New function. |
511 |
p->name ? p->name : "Global", p->argc - 1); |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
512 |
for(char **a = p->argv; *a != NULL; a++){ |
513 |
fprintf(stderr, "\tArg: %s\n", *a); |
|
514 |
} |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
515 |
fprintf(stderr, "...and %u environment variables\n", p->envc); |
516 |
for(char **a = p->environ; *a != NULL; a++){ |
|
517 |
fprintf(stderr, "\t%s\n", *a); |
|
518 |
} |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
519 |
} |
520 |
} |
|
|
24.1.8
by Björn Påhlsson
plugbasedclient |
521 |
|
|
24.1.6
by Björn Påhlsson
plugbasedclient |
522 |
ret = setuid(uid); |
523 |
if (ret == -1){ |
|
524 |
perror("setuid"); |
|
525 |
} |
|
|
24.1.7
by Björn Påhlsson
merge |
526 |
|
|
24.1.6
by Björn Påhlsson
plugbasedclient |
527 |
setgid(gid); |
528 |
if (ret == -1){ |
|
|
39
by Teddy Hogeborn
* plugins.d/mandosclient.c (pgp_packet_decrypt): Renamed variables. |
529 |
perror("setgid"); |
|
24.1.6
by Björn Påhlsson
plugbasedclient |
530 |
} |
531 |
|
|
|
13
by Björn Påhlsson
Added following support: |
532 |
dir = opendir(plugindir); |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
533 |
if(dir == NULL){ |
534 |
perror("Could not open plugin dir"); |
|
535 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
536 |
goto fallback; |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
537 |
} |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
538 |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
539 |
/* Set the FD_CLOEXEC flag on the directory, if possible */ |
540 |
{ |
|
541 |
int dir_fd = dirfd(dir); |
|
542 |
if(dir_fd >= 0){ |
|
543 |
ret = set_cloexec_flag(dir_fd); |
|
544 |
if(ret < 0){ |
|
545 |
perror("set_cloexec_flag"); |
|
546 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
547 |
goto fallback; |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
548 |
} |
549 |
} |
|
550 |
} |
|
|
24.1.1
by Björn Påhlsson
Added syntax and support for plugbasedclient arguments and how they |
551 |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
552 |
FD_ZERO(&rfds_all); |
|
13
by Björn Påhlsson
Added following support: |
553 |
|
554 |
while(true){ |
|
555 |
dirst = readdir(dir); |
|
556 |
|
|
557 |
// All directory entries have been processed |
|
558 |
if(dirst == NULL){ |
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
559 |
if (errno == EBADF){ |
560 |
perror("readdir"); |
|
561 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
562 |
goto fallback; |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
563 |
} |
|
13
by Björn Påhlsson
Added following support: |
564 |
break; |
565 |
} |
|
566 |
|
|
567 |
d_name_len = strlen(dirst->d_name); |
|
568 |
|
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
569 |
// Ignore dotfiles, backup files and other junk |
570 |
{ |
|
571 |
bool bad_name = false; |
|
572 |
|
|
573 |
const char const *bad_prefixes[] = { ".", "#", NULL }; |
|
574 |
|
|
575 |
const char const *bad_suffixes[] = { "~", "#", ".dpkg-new", |
|
576 |
".dpkg-old", |
|
577 |
".dpkg-divert", NULL }; |
|
578 |
for(const char **pre = bad_prefixes; *pre != NULL; pre++){ |
|
579 |
size_t pre_len = strlen(*pre); |
|
580 |
if((d_name_len >= pre_len) |
|
581 |
and strncmp((dirst->d_name), *pre, pre_len) == 0){ |
|
582 |
if(debug){ |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
583 |
fprintf(stderr, "Ignoring plugin dir entry \"%s\"" |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
584 |
" with bad prefix %s\n", dirst->d_name, *pre); |
585 |
} |
|
586 |
bad_name = true; |
|
587 |
break; |
|
588 |
} |
|
589 |
} |
|
590 |
|
|
591 |
if(bad_name){ |
|
592 |
continue; |
|
593 |
} |
|
594 |
|
|
595 |
for(const char **suf = bad_suffixes; *suf != NULL; suf++){ |
|
596 |
size_t suf_len = strlen(*suf); |
|
597 |
if((d_name_len >= suf_len) |
|
598 |
and (strcmp((dirst->d_name)+d_name_len-suf_len, *suf) |
|
599 |
== 0)){ |
|
600 |
if(debug){ |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
601 |
fprintf(stderr, "Ignoring plugin dir entry \"%s\"" |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
602 |
" with bad suffix %s\n", dirst->d_name, *suf); |
603 |
} |
|
604 |
bad_name = true; |
|
605 |
break; |
|
606 |
} |
|
607 |
} |
|
608 |
|
|
609 |
if(bad_name){ |
|
610 |
continue; |
|
611 |
} |
|
|
13
by Björn Påhlsson
Added following support: |
612 |
} |
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
613 |
|
614 |
char *filename; |
|
615 |
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name); |
|
616 |
if(ret < 0){ |
|
617 |
perror("asprintf"); |
|
|
24.1.46
by Björn Påhlsson
mandos-client |
618 |
continue; |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
619 |
} |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
620 |
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
621 |
ret = stat(filename, &st); |
622 |
if (ret == -1){ |
|
623 |
perror("stat"); |
|
|
24.1.46
by Björn Påhlsson
mandos-client |
624 |
free(filename); |
625 |
continue; |
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
626 |
} |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
627 |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
628 |
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){ |
629 |
if(debug){ |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
630 |
fprintf(stderr, "Ignoring plugin dir entry \"%s\"" |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
631 |
" with bad type or mode\n", filename); |
632 |
} |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
633 |
free(filename); |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
634 |
continue; |
635 |
} |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
636 |
plugin *p = getplugin(dirst->d_name, &plugin_list); |
637 |
if(p == NULL){ |
|
638 |
perror("getplugin"); |
|
639 |
free(filename); |
|
640 |
continue; |
|
641 |
} |
|
642 |
if(p->disabled){ |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
643 |
if(debug){ |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
644 |
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n", |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
645 |
dirst->d_name); |
646 |
} |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
647 |
free(filename); |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
648 |
continue; |
649 |
} |
|
|
32
by Teddy Hogeborn
* plugins.d/plugbasedclient.c (set_cloexec_flag): New function. |
650 |
{ |
651 |
/* Add global arguments to argument list for this plugin */ |
|
652 |
plugin *g = getplugin(NULL, &plugin_list); |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
653 |
if(g != NULL){ |
654 |
for(char **a = g->argv + 1; *a != NULL; a++){ |
|
655 |
if(not add_argument(p, *a)){ |
|
656 |
perror("add_argument"); |
|
657 |
} |
|
658 |
} |
|
659 |
/* Add global environment variables */ |
|
660 |
for(char **e = g->environ; *e != NULL; e++){ |
|
661 |
if(not add_environment(p, *e)){ |
|
662 |
perror("add_environment"); |
|
663 |
} |
|
664 |
} |
|
665 |
} |
|
666 |
} |
|
667 |
/* If this plugin has any environment variables, we will call |
|
668 |
using execve and need to duplicate the environment from this
|
|
669 |
process, too. */
|
|
670 |
if(p->environ[0] != NULL){ |
|
671 |
for(char **e = environ; *e != NULL; e++){ |
|
672 |
char *copy = strdup(*e); |
|
673 |
if(copy == NULL){ |
|
674 |
perror("strdup"); |
|
675 |
continue; |
|
676 |
} |
|
677 |
if(not add_environment(p, copy)){ |
|
678 |
perror("add_environment"); |
|
679 |
} |
|
680 |
} |
|
681 |
} |
|
682 |
|
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
683 |
int pipefd[2]; |
684 |
ret = pipe(pipefd); |
|
685 |
if (ret == -1){ |
|
686 |
perror("pipe"); |
|
687 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
688 |
goto fallback; |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
689 |
} |
690 |
ret = set_cloexec_flag(pipefd[0]); |
|
691 |
if(ret < 0){ |
|
692 |
perror("set_cloexec_flag"); |
|
693 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
694 |
goto fallback; |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
695 |
} |
696 |
ret = set_cloexec_flag(pipefd[1]); |
|
697 |
if(ret < 0){ |
|
698 |
perror("set_cloexec_flag"); |
|
699 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
700 |
goto fallback; |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
701 |
} |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
702 |
/* Block SIGCHLD until process is safely in process list */ |
703 |
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL); |
|
704 |
if(ret < 0){ |
|
705 |
perror("sigprocmask"); |
|
706 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
707 |
goto fallback; |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
708 |
} |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
709 |
// Starting a new process to be watched |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
710 |
pid_t pid = fork(); |
|
24.1.46
by Björn Påhlsson
mandos-client |
711 |
if(pid == -1){ |
712 |
perror("fork"); |
|
713 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
714 |
goto fallback; |
|
24.1.46
by Björn Påhlsson
mandos-client |
715 |
} |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
716 |
if(pid == 0){ |
717 |
/* this is the child process */ |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
718 |
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL); |
719 |
if(ret < 0){ |
|
720 |
perror("sigaction"); |
|
721 |
_exit(EXIT_FAILURE); |
|
722 |
} |
|
723 |
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL); |
|
724 |
if(ret < 0){ |
|
725 |
perror("sigprocmask"); |
|
726 |
_exit(EXIT_FAILURE); |
|
727 |
} |
|
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
728 |
|
729 |
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */ |
|
730 |
if(ret == -1){ |
|
731 |
perror("dup2"); |
|
732 |
_exit(EXIT_FAILURE); |
|
733 |
} |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
734 |
|
735 |
if(dirfd(dir) < 0){ |
|
736 |
/* If dir has no file descriptor, we could not set FD_CLOEXEC |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
737 |
above and must now close it manually here. */
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
738 |
closedir(dir); |
|
33
by Teddy Hogeborn
* plugins.d/plugbasedclient.c (main): Close the pipe fd after dup2:ing |
739 |
} |
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
740 |
if(p->environ[0] == NULL){ |
741 |
if(execv(filename, p->argv) < 0){ |
|
742 |
perror("execv"); |
|
743 |
_exit(EXIT_FAILURE); |
|
744 |
} |
|
745 |
} else { |
|
746 |
if(execve(filename, p->argv, p->environ) < 0){ |
|
747 |
perror("execve"); |
|
748 |
_exit(EXIT_FAILURE); |
|
749 |
} |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
750 |
} |
751 |
/* no return */ |
|
752 |
} |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
753 |
/* parent process */ |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
754 |
free(filename); |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
755 |
close(pipefd[1]); /* close unused write end of pipe */ |
756 |
process *new_process = malloc(sizeof(process)); |
|
757 |
if (new_process == NULL){ |
|
758 |
perror("malloc"); |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
759 |
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL); |
760 |
if(ret < 0){ |
|
761 |
perror("sigprocmask"); |
|
762 |
} |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
763 |
exitstatus = EXIT_FAILURE; |
|
24.1.54
by Björn Påhlsson
plugin-runner |
764 |
goto fallback; |
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
765 |
} |
766 |
|
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
767 |
*new_process = (struct process){ .pid = pid, |
768 |
.fd = pipefd[0], |
|
769 |
.next = process_list }; |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
770 |
// List handling |
771 |
process_list = new_process; |
|
772 |
/* Unblock SIGCHLD so signal handler can be run if this process |
|
773 |
has already completed */
|
|
774 |
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL); |
|
775 |
if(ret < 0){ |
|
776 |
perror("sigprocmask"); |
|
777 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
778 |
goto fallback; |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
779 |
} |
780 |
|
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
781 |
FD_SET(new_process->fd, &rfds_all); |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
782 |
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
783 |
if (maxfd < new_process->fd){ |
784 |
maxfd = new_process->fd; |
|
785 |
} |
|
786 |
|
|
|
13
by Björn Påhlsson
Added following support: |
787 |
} |
788 |
|
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
789 |
free_plugin_list(plugin_list); |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
790 |
|
|
13
by Björn Påhlsson
Added following support: |
791 |
closedir(dir); |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
792 |
dir = NULL; |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
793 |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
794 |
if (process_list == NULL){ |
|
24.1.42
by Björn Påhlsson
Added fallback to mandos-client |
795 |
fprintf(stderr, "No plugin processes started. Incorrect plugin" |
796 |
" directory?\n"); |
|
797 |
process_list = NULL; |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
798 |
} |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
799 |
while(process_list){ |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
800 |
fd_set rfds = rfds_all; |
801 |
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL); |
|
802 |
if (select_ret == -1){ |
|
803 |
perror("select"); |
|
804 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
805 |
goto fallback; |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
806 |
} |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
807 |
/* OK, now either a process completed, or something can be read |
808 |
from one of them */
|
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
809 |
for(process *proc = process_list; proc ; proc = proc->next){ |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
810 |
/* Is this process completely done? */ |
811 |
if(proc->eof and proc->completed){ |
|
812 |
/* Only accept the plugin output if it exited cleanly */ |
|
813 |
if(not WIFEXITED(proc->status) |
|
814 |
or WEXITSTATUS(proc->status) != 0){ |
|
815 |
/* Bad exit by plugin */ |
|
816 |
if(debug){ |
|
817 |
if(WIFEXITED(proc->status)){ |
|
|
60
by Teddy Hogeborn
* mandos-client.c (main): Cast pid_t to unsigned int before printing. |
818 |
fprintf(stderr, "Plugin %u exited with status %d\n", |
819 |
(unsigned int) (proc->pid), |
|
820 |
WEXITSTATUS(proc->status)); |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
821 |
} else if(WIFSIGNALED(proc->status)) { |
|
60
by Teddy Hogeborn
* mandos-client.c (main): Cast pid_t to unsigned int before printing. |
822 |
fprintf(stderr, "Plugin %u killed by signal %d\n", |
823 |
(unsigned int) (proc->pid), |
|
824 |
WTERMSIG(proc->status)); |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
825 |
} else if(WCOREDUMP(proc->status)){ |
|
60
by Teddy Hogeborn
* mandos-client.c (main): Cast pid_t to unsigned int before printing. |
826 |
fprintf(stderr, "Plugin %d dumped core\n", |
827 |
(unsigned int) (proc->pid)); |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
828 |
} |
829 |
} |
|
830 |
/* Remove the plugin */ |
|
831 |
FD_CLR(proc->fd, &rfds_all); |
|
832 |
/* Block signal while modifying process_list */ |
|
833 |
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL); |
|
834 |
if(ret < 0){ |
|
835 |
perror("sigprocmask"); |
|
836 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
837 |
goto fallback; |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
838 |
} |
839 |
/* Delete this process entry from the list */ |
|
840 |
if(process_list == proc){ |
|
841 |
/* First one - simple */ |
|
842 |
process_list = proc->next; |
|
843 |
} else { |
|
844 |
/* Second one or later */ |
|
845 |
for(process *p = process_list; p != NULL; p = p->next){ |
|
846 |
if(p->next == proc){ |
|
847 |
p->next = proc->next; |
|
848 |
break; |
|
849 |
} |
|
850 |
} |
|
851 |
} |
|
852 |
/* We are done modifying process list, so unblock signal */ |
|
853 |
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, |
|
854 |
NULL); |
|
855 |
if(ret < 0){ |
|
856 |
perror("sigprocmask"); |
|
857 |
} |
|
858 |
free(proc->buffer); |
|
859 |
free(proc); |
|
860 |
/* We deleted this process from the list, so we can't go |
|
861 |
proc->next. Therefore, start over from the beginning of
|
|
862 |
the process list */
|
|
863 |
break; |
|
864 |
} |
|
865 |
/* This process exited nicely, so print its buffer */ |
|
|
24.1.42
by Björn Påhlsson
Added fallback to mandos-client |
866 |
|
867 |
bool bret = print_out_password(proc->buffer, proc->buffer_length); |
|
868 |
if(not bret){ |
|
869 |
perror("print_out_password"); |
|
870 |
exitstatus = EXIT_FAILURE; |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
871 |
} |
|
24.1.54
by Björn Påhlsson
plugin-runner |
872 |
goto fallback; |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
873 |
} |
874 |
/* This process has not completed. Does it have any output? */ |
|
875 |
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){ |
|
876 |
/* This process had nothing to say at this time */ |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
877 |
continue; |
878 |
} |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
879 |
/* Before reading, make the process' data buffer large enough */ |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
880 |
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){ |
881 |
proc->buffer = realloc(proc->buffer, proc->buffer_size |
|
882 |
+ (size_t) BUFFER_SIZE); |
|
883 |
if (proc->buffer == NULL){ |
|
884 |
perror("malloc"); |
|
885 |
exitstatus = EXIT_FAILURE; |
|
|
24.1.54
by Björn Påhlsson
plugin-runner |
886 |
goto fallback; |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
887 |
} |
888 |
proc->buffer_size += BUFFER_SIZE; |
|
889 |
} |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
890 |
/* Read from the process */ |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
891 |
ret = read(proc->fd, proc->buffer + proc->buffer_length, |
892 |
BUFFER_SIZE); |
|
893 |
if(ret < 0){ |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
894 |
/* Read error from this process; ignore the error */ |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
895 |
continue; |
896 |
} |
|
897 |
if(ret == 0){ |
|
898 |
/* got EOF */ |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
899 |
proc->eof = true; |
900 |
} else { |
|
901 |
proc->buffer_length += (size_t) ret; |
|
|
13
by Björn Påhlsson
Added following support: |
902 |
} |
903 |
} |
|
904 |
} |
|
|
24.1.45
by Björn Påhlsson
Fixed fallback on error in mandos-client |
905 |
|
906 |
||
|
24.1.54
by Björn Påhlsson
plugin-runner |
907 |
fallback: |
|
24.1.42
by Björn Påhlsson
Added fallback to mandos-client |
908 |
|
|
24.1.45
by Björn Påhlsson
Fixed fallback on error in mandos-client |
909 |
if(process_list == NULL or exitstatus != EXIT_SUCCESS){ |
|
24.1.46
by Björn Påhlsson
mandos-client |
910 |
/* Fallback if all plugins failed, none are found or an error occured */ |
|
24.1.42
by Björn Påhlsson
Added fallback to mandos-client |
911 |
bool bret; |
912 |
fprintf(stderr, "Going to fallback mode using getpass(3)\n"); |
|
913 |
char *passwordbuffer = getpass("Password: "); |
|
914 |
bret = print_out_password(passwordbuffer, strlen(passwordbuffer)); |
|
915 |
if(not bret){ |
|
916 |
perror("print_out_password"); |
|
917 |
exitstatus = EXIT_FAILURE; |
|
918 |
} |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
919 |
} |
|
24.1.42
by Björn Påhlsson
Added fallback to mandos-client |
920 |
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
921 |
/* Restore old signal handler */ |
|
24.1.54
by Björn Påhlsson
plugin-runner |
922 |
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL); |
923 |
if(ret == -1){ |
|
924 |
perror("sigaction"); |
|
925 |
exitstatus = EXIT_FAILURE; |
|
926 |
} |
|
927 |
||
928 |
if(custom_argv != NULL){ |
|
929 |
for(char **arg = custom_argv; *arg != NULL; arg++){ |
|
930 |
free(*arg); |
|
|
78
by Teddy Hogeborn
Add feature to specify custom environment variables for plugins. |
931 |
} |
|
24.1.54
by Björn Påhlsson
plugin-runner |
932 |
free(custom_argv); |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
933 |
} |
|
24.1.54
by Björn Påhlsson
plugin-runner |
934 |
free_plugin_list(plugin_list); |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
935 |
|
936 |
if(dir != NULL){ |
|
937 |
closedir(dir); |
|
938 |
} |
|
939 |
|
|
940 |
/* Free the process list and kill the processes */ |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
941 |
for(process *next; process_list != NULL; process_list = next){ |
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
942 |
next = process_list->next; |
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
943 |
close(process_list->fd); |
|
24.1.26
by Björn Påhlsson
tally count of used symbols |
944 |
ret = kill(process_list->pid, SIGTERM); |
945 |
if(ret == -1 and errno != ESRCH){ |
|
946 |
/* set-uid proccesses migth not get closed */ |
|
947 |
perror("kill"); |
|
948 |
} |
|
|
34
by Teddy Hogeborn
* plugbasedclient.c (main): Check if plugin dir could be opened. Set |
949 |
free(process_list->buffer); |
950 |
free(process_list); |
|
|
13
by Björn Påhlsson
Added following support: |
951 |
} |
952 |
|
|
|
35
by Teddy Hogeborn
* plugbasedclient.c (struct process): New fields "eof", "completed", |
953 |
/* Wait for any remaining child processes to terminate */ |
954 |
do{ |
|
955 |
ret = wait(NULL); |
|
956 |
} while(ret >= 0); |
|
957 |
if(errno != ECHILD){ |
|
958 |
perror("wait"); |
|
959 |
} |
|
960 |
|
|
|
31
by Teddy Hogeborn
* plugins.d/plugbasedclient.c: Update include file comments. |
961 |
return exitstatus; |
|
13
by Björn Påhlsson
Added following support: |
962 |
}
|