28
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
29
28
EXIT_SUCCESS, realloc() */
30
29
#include <stdbool.h> /* bool, true, false */
31
#include <stdio.h> /* perror, fileno(), fprintf(),
32
stderr, STDOUT_FILENO */
30
#include <stdio.h> /* perror, popen(), fileno(),
31
fprintf(), stderr, STDOUT_FILENO */
33
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
34
33
stat, waitpid(), WIFEXITED(),
35
34
WEXITSTATUS(), wait(), pid_t,
48
46
fcntl(), setuid(), setgid(),
49
47
F_GETFD, F_SETFD, FD_CLOEXEC,
50
48
access(), pipe(), fork(), close()
51
dup2(), STDOUT_FILENO, _exit(),
49
dup2, STDOUT_FILENO, _exit(),
52
50
execv(), write(), read(),
54
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
56
#include <string.h> /* strsep, strlen(), asprintf(),
57
strsignal(), strcmp(), strncmp() */
54
#include <string.h> /* strsep, strlen(), asprintf() */
58
55
#include <errno.h> /* errno */
59
56
#include <argp.h> /* struct argp_option, struct
60
57
argp_state, struct argp,
64
61
#include <signal.h> /* struct sigaction, sigemptyset(),
65
62
sigaddset(), sigaction(),
66
63
sigprocmask(), SIG_BLOCK, SIGCHLD,
67
SIG_UNBLOCK, kill(), sig_atomic_t
64
SIG_UNBLOCK, kill() */
69
65
#include <errno.h> /* errno, EBADF */
70
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
72
67
#define BUFFER_SIZE 256
74
69
#define PDIR "/lib/mandos/plugins.d"
75
70
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
77
const char *argp_program_version = "plugin-runner " VERSION;
72
const char *argp_program_version = "plugin-runner 1.0";
78
73
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
77
typedef struct process{
84
volatile bool completed;
80
89
typedef struct plugin{
81
90
char *name; /* can be NULL or any plugin name */
88
/* Variables used for running processes*/
95
volatile sig_atomic_t completed;
97
96
struct plugin *next;
100
static plugin *plugin_list = NULL;
102
/* Gets an existing plugin based on name,
103
or if none is found, creates a new one */
104
static plugin *getplugin(char *name){
105
/* Check for exiting plugin with that name */
106
for(plugin *p = plugin_list; p != NULL; p = p->next){
108
or (p->name and name and (strcmp(p->name, name) == 0))){
99
static plugin *getplugin(char *name, plugin **plugin_list){
100
for (plugin *p = *plugin_list; p != NULL; p = p->next){
101
if ((p->name == name)
102
or (p->name and name and (strcmp(p->name, name) == 0))){
112
106
/* Create a new plugin */
113
plugin *new_plugin = NULL;
115
new_plugin = malloc(sizeof(plugin));
116
} while(new_plugin == NULL and errno == EINTR);
117
if(new_plugin == NULL){
107
plugin *new_plugin = malloc(sizeof(plugin));
108
if (new_plugin == NULL){
120
111
char *copy_name = NULL;
121
112
if(name != NULL){
123
copy_name = strdup(name);
124
} while(copy_name == NULL and errno == EINTR);
113
copy_name = strdup(name);
125
114
if(copy_name == NULL){
131
*new_plugin = (plugin){ .name = copy_name,
134
.next = plugin_list };
119
*new_plugin = (plugin) { .name = copy_name,
123
.next = *plugin_list };
137
new_plugin->argv = malloc(sizeof(char *) * 2);
138
} while(new_plugin->argv == NULL and errno == EINTR);
139
if(new_plugin->argv == NULL){
125
new_plugin->argv = malloc(sizeof(char *) * 2);
126
if (new_plugin->argv == NULL){
141
128
free(new_plugin);
144
131
new_plugin->argv[0] = copy_name;
145
132
new_plugin->argv[1] = NULL;
148
new_plugin->environ = malloc(sizeof(char *));
149
} while(new_plugin->environ == NULL and errno == EINTR);
134
new_plugin->environ = malloc(sizeof(char *));
150
135
if(new_plugin->environ == NULL){
152
137
free(new_plugin->argv);
199
178
/* Add to a plugin's environment */
200
static bool add_environment(plugin *p, const char *def, bool replace){
179
static bool add_environment(plugin *p, const char *def){
204
/* namelen = length of name of environment variable */
205
size_t namelen = (size_t)(strchrnul(def, '=') - def);
206
/* Search for this environment variable */
207
for(char **e = p->environ; *e != NULL; e++){
208
if(strncmp(*e, def, namelen + 1) == 0){
209
/* It already exists */
213
new = realloc(*e, strlen(def) + 1);
214
} while(new == NULL and errno == EINTR);
224
183
return add_to_char_array(def, &(p->environ), &(p->envc));
228
188
* Based on the example in the GNU LibC manual chapter 13.13 "File
229
189
* Descriptor Flags".
230
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
190
* *Note File Descriptor Flags:(libc)Descriptor Flags.
232
static int set_cloexec_flag(int fd){
233
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
192
static int set_cloexec_flag(int fd)
194
int ret = fcntl(fd, F_GETFD, 0);
234
195
/* If reading the flags failed, return error indication now. */
238
199
/* Store modified flag word in the descriptor. */
239
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
200
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
203
process *process_list = NULL;
244
205
/* Mark processes as completed when they exit, and save their exit
246
static void handle_sigchld(__attribute__((unused)) int sig){
247
int old_errno = errno;
207
void handle_sigchld(__attribute__((unused)) int sig){
249
plugin *proc = plugin_list;
209
process *proc = process_list;
251
211
pid_t pid = waitpid(-1, &status, WNOHANG);
291
/* Removes and free a plugin from the plugin list */
292
static void free_plugin(plugin *plugin_node){
294
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
297
free(plugin_node->argv);
298
for(char **env = plugin_node->environ; *env != NULL; env++){
301
free(plugin_node->environ);
302
free(plugin_node->buffer);
304
/* Removes the plugin from the singly-linked list */
305
if(plugin_node == plugin_list){
306
/* First one - simple */
307
plugin_list = plugin_list->next;
309
/* Second one or later */
310
for(plugin *p = plugin_list; p != NULL; p = p->next){
311
if(p->next == plugin_node){
312
p->next = plugin_node->next;
321
static void free_plugin_list(void){
322
while(plugin_list != NULL){
323
free_plugin(plugin_list);
252
static void free_plugin_list(plugin *plugin_list){
253
for(plugin *next; plugin_list != NULL; plugin_list = next){
254
next = plugin_list->next;
255
for(char **arg = plugin_list->argv; *arg != NULL; arg++){
258
free(plugin_list->argv);
259
for(char **env = plugin_list->environ; *env != NULL; env++){
262
free(plugin_list->environ);
365
304
{ .name = "global-options", .key = 'g',
366
305
.arg = "OPTION[,OPTION[,...]]",
367
306
.doc = "Options passed to all plugins" },
368
{ .name = "global-env", .key = 'G',
307
{ .name = "global-envs", .key = 'e',
369
308
.arg = "VAR=value",
370
309
.doc = "Environment variable passed to all plugins" },
371
310
{ .name = "options-for", .key = 'o',
372
311
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
373
312
.doc = "Options passed only to specified plugin" },
374
{ .name = "env-for", .key = 'E',
313
{ .name = "envs-for", .key = 'f',
375
314
.arg = "PLUGIN:ENV=value",
376
315
.doc = "Environment variable passed to specified plugin" },
377
316
{ .name = "disable", .key = 'd',
379
318
.doc = "Disable a specific plugin", .group = 1 },
380
{ .name = "enable", .key = 'e',
382
.doc = "Enable a specific plugin", .group = 1 },
383
319
{ .name = "plugin-dir", .key = 128,
384
320
.arg = "DIRECTORY",
385
321
.doc = "Specify a different plugin directory", .group = 2 },
400
error_t parse_opt(int key, char *arg, __attribute__((unused))
401
struct argp_state *state){
405
case 'g': /* --global-options */
408
while((plugin_option = strsep(&arg, ",")) != NULL){
409
if(plugin_option[0] == '\0'){
336
error_t parse_opt (int key, char *arg, struct argp_state *state) {
337
/* Get the INPUT argument from `argp_parse', which we know is a
338
pointer to our plugin list pointer. */
339
plugin **plugins = state->input;
344
while((p = strsep(&arg, ",")) != NULL){
412
if(not add_argument(getplugin(NULL), plugin_option)){
348
if(not add_argument(getplugin(NULL, plugins), p)){
413
349
perror("add_argument");
414
350
return ARGP_ERR_UNKNOWN;
419
case 'G': /* --global-env */
423
if(not add_environment(getplugin(NULL), arg, true)){
424
perror("add_environment");
360
char *envdef = strdup(arg);
364
if(not add_environment(getplugin(NULL, plugins), envdef)){
365
perror("add_environment");
427
case 'o': /* --options-for */
429
char *plugin_name = strsep(&arg, ":");
430
if(plugin_name[0] == '\0'){
434
while((plugin_option = strsep(&arg, ",")) != NULL){
435
if(not add_argument(getplugin(plugin_name), plugin_option)){
436
perror("add_argument");
437
return ARGP_ERR_UNKNOWN;
371
char *p_name = strsep(&arg, ":");
372
if(p_name[0] == '\0'){
375
char *opt = strsep(&arg, ":");
381
while((p = strsep(&opt, ",")) != NULL){
385
if(not add_argument(getplugin(p_name, plugins), p)){
386
perror("add_argument");
387
return ARGP_ERR_UNKNOWN;
442
case 'E': /* --env-for */
448
399
if(envdef == NULL){
452
if(not add_environment(getplugin(arg), envdef+1, true)){
402
char *p_name = strndup(arg, (size_t) (envdef-arg));
407
if(not add_environment(getplugin(p_name, plugins), envdef)){
453
408
perror("add_environment");
457
case 'd': /* --disable */
459
plugin *p = getplugin(arg);
414
plugin *p = getplugin(arg, plugins);
461
416
return ARGP_ERR_UNKNOWN;
463
418
p->disabled = true;
466
case 'e': /* --enable */
468
plugin *p = getplugin(arg);
470
return ARGP_ERR_UNKNOWN;
475
case 128: /* --plugin-dir */
477
422
plugindir = strdup(arg);
478
423
if(plugindir == NULL){
479
424
perror("strdup");
482
case 129: /* --config-file */
483
/* This is already done by parse_opt_config_file() */
485
case 130: /* --userid */
487
tmpmax = strtoimax(arg, &tmp, 10);
488
if(errno != 0 or tmp == arg or *tmp != '\0'
489
or tmpmax != (uid_t)tmpmax){
490
fprintf(stderr, "Bad user ID number: \"%s\", using %"
491
PRIdMAX "\n", arg, (intmax_t)uid);
496
case 131: /* --groupid */
498
tmpmax = strtoimax(arg, &tmp, 10);
499
if(errno != 0 or tmp == arg or *tmp != '\0'
500
or tmpmax != (gid_t)tmpmax){
501
fprintf(stderr, "Bad group ID number: \"%s\", using %"
502
PRIdMAX "\n", arg, (intmax_t)gid);
507
case 132: /* --debug */
511
* When adding more options before this line, remember to also add a
512
* "case" to the "parse_opt_config_file" function below.
515
/* Cryptsetup always passes an argument, which is an empty
516
string if "none" was specified in /etc/crypttab. So if
517
argument was empty, we ignore it silently. */
519
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
525
return ARGP_ERR_UNKNOWN;
530
/* This option parser is the same as parse_opt() above, except it
531
ignores everything but the --config-file option. */
532
error_t parse_opt_config_file(int key, char *arg,
533
__attribute__((unused))
534
struct argp_state *state){
536
case 'g': /* --global-options */
537
case 'G': /* --global-env */
538
case 'o': /* --options-for */
539
case 'E': /* --env-for */
540
case 'd': /* --disable */
541
case 'e': /* --enable */
542
case 128: /* --plugin-dir */
544
case 129: /* --config-file */
546
428
argfile = strdup(arg);
547
429
if(argfile == NULL){
548
430
perror("strdup");
551
case 130: /* --userid */
552
case 131: /* --groupid */
553
case 132: /* --debug */
434
uid = (uid_t)strtol(arg, NULL, 10);
437
gid = (gid_t)strtol(arg, NULL, 10);
554
442
case ARGP_KEY_ARG:
443
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
555
445
case ARGP_KEY_END:
563
struct argp argp = { .options = options,
564
.parser = parse_opt_config_file,
453
plugin *plugin_list = NULL;
455
struct argp argp = { .options = options, .parser = parse_opt,
456
.args_doc = "[+PLUS_SEPARATED_OPTIONS]",
566
457
.doc = "Mandos plugin runner -- Run plugins" };
568
/* Parse using parse_opt_config_file() in order to get the custom
569
config file location, if any. */
570
ret = argp_parse(&argp, argc, argv, ARGP_IN_ORDER, 0, NULL);
571
if(ret == ARGP_ERR_UNKNOWN){
459
ret = argp_parse (&argp, argc, argv, 0, 0, &plugin_list);
460
if (ret == ARGP_ERR_UNKNOWN){
572
461
fprintf(stderr, "Unknown error while parsing arguments\n");
573
462
exitstatus = EXIT_FAILURE;
577
/* Reset to the normal argument parser */
578
argp.parser = parse_opt;
580
/* Open the configfile if available */
466
if (argfile == NULL){
582
467
conffp = fopen(AFILE, "r");
584
469
conffp = fopen(argfile, "r");
586
472
if(conffp != NULL){
587
473
char *org_line = NULL;
588
474
char *p, *arg, *new_arg, *line;
590
477
const char whitespace_delims[] = " \r\t\f\v\n";
591
478
const char comment_delim[] = "#";
594
481
custom_argv = malloc(sizeof(char*) * 2);
595
482
if(custom_argv == NULL){
634
519
custom_argv[custom_argc-1] = new_arg;
635
custom_argv[custom_argc] = NULL;
520
custom_argv[custom_argc] = NULL;
639
ret = fclose(conffp);
640
} while(ret == EOF and errno == EINTR);
643
exitstatus = EXIT_FAILURE;
648
525
/* Check for harmful errors and go to fallback. Other errors might
649
526
not affect opening plugins */
650
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
527
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
652
529
exitstatus = EXIT_FAILURE;
656
/* If there was any arguments from configuration file,
657
pass them to parser as command arguments */
658
534
if(custom_argv != NULL){
659
ret = argp_parse(&argp, custom_argc, custom_argv, ARGP_IN_ORDER,
661
if(ret == ARGP_ERR_UNKNOWN){
535
ret = argp_parse (&argp, custom_argc, custom_argv, 0, 0, &plugin_list);
536
if (ret == ARGP_ERR_UNKNOWN){
662
537
fprintf(stderr, "Unknown error while parsing arguments\n");
663
538
exitstatus = EXIT_FAILURE;
668
/* Parse actual command line arguments, to let them override the
670
ret = argp_parse(&argp, argc, argv, ARGP_IN_ORDER, 0, NULL);
671
if(ret == ARGP_ERR_UNKNOWN){
672
fprintf(stderr, "Unknown error while parsing arguments\n");
673
exitstatus = EXIT_FAILURE;
678
544
for(plugin *p = plugin_list; p != NULL; p=p->next){
679
545
fprintf(stderr, "Plugin: %s has %d arguments\n",
941
TEMP_FAILURE_RETRY(close(pipefd[1])); /* Close unused write end of
944
plugin *new_plugin = getplugin(dirst->d_name);
945
if(new_plugin == NULL){
947
ret = (int)(TEMP_FAILURE_RETRY
948
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
795
close(pipefd[1]); /* close unused write end of pipe */
796
process *new_process = malloc(sizeof(process));
797
if (new_process == NULL){
799
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
951
perror("sigprocmask");
801
perror("sigprocmask");
953
803
exitstatus = EXIT_FAILURE;
957
new_plugin->pid = pid;
958
new_plugin->fd = pipefd[0];
807
*new_process = (struct process){ .pid = pid,
809
.next = process_list };
811
process_list = new_process;
960
812
/* Unblock SIGCHLD so signal handler can be run if this process
961
813
has already completed */
962
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
963
&sigchld_action.sa_mask,
814
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
966
816
perror("sigprocmask");
967
817
exitstatus = EXIT_FAILURE;
971
FD_SET(new_plugin->fd, &rfds_all); /* Spurious warning from
821
FD_SET(new_process->fd, &rfds_all);
974
if(maxfd < new_plugin->fd){
975
maxfd = new_plugin->fd;
823
if (maxfd < new_process->fd){
824
maxfd = new_process->fd;
829
free_plugin_list(plugin_list);
979
TEMP_FAILURE_RETRY(closedir(dir));
981
free_plugin(getplugin(NULL));
983
for(plugin *p = plugin_list; p != NULL; p = p->next){
988
fprintf(stderr, "No plugin processes started. Incorrect plugin"
835
if (process_list == NULL){
836
fprintf(stderr, "No plugin processes started. Incorrect plugin"
994
/* Main loop while running plugins exist */
996
841
fd_set rfds = rfds_all;
997
842
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
998
if(select_ret == -1 and errno != EINTR){
843
if (select_ret == -1){
999
844
perror("select");
1000
845
exitstatus = EXIT_FAILURE;
1003
848
/* OK, now either a process completed, or something can be read
1004
849
from one of them */
1005
for(plugin *proc = plugin_list; proc != NULL;){
850
for(process *proc = process_list; proc ; proc = proc->next){
1006
851
/* Is this process completely done? */
1007
if(proc->completed and proc->eof){
852
if(proc->eof and proc->completed){
1008
853
/* Only accept the plugin output if it exited cleanly */
1009
854
if(not WIFEXITED(proc->status)
1010
855
or WEXITSTATUS(proc->status) != 0){
1011
856
/* Bad exit by plugin */
1014
858
if(WIFEXITED(proc->status)){
1015
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1016
" status %d\n", proc->name,
1017
(intmax_t) (proc->pid),
859
fprintf(stderr, "Plugin %u exited with status %d\n",
860
(unsigned int) (proc->pid),
1018
861
WEXITSTATUS(proc->status));
1019
} else if(WIFSIGNALED(proc->status)){
1020
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1021
" signal %d: %s\n", proc->name,
1022
(intmax_t) (proc->pid),
1023
WTERMSIG(proc->status),
1024
strsignal(WTERMSIG(proc->status)));
862
} else if(WIFSIGNALED(proc->status)) {
863
fprintf(stderr, "Plugin %u killed by signal %d\n",
864
(unsigned int) (proc->pid),
865
WTERMSIG(proc->status));
1025
866
} else if(WCOREDUMP(proc->status)){
1026
fprintf(stderr, "Plugin %s [%" PRIdMAX "] dumped"
1027
" core\n", proc->name, (intmax_t) (proc->pid));
867
fprintf(stderr, "Plugin %d dumped core\n",
868
(unsigned int) (proc->pid));
1031
871
/* Remove the plugin */
1032
FD_CLR(proc->fd, &rfds_all); /* Spurious warning from
872
FD_CLR(proc->fd, &rfds_all);
1035
873
/* Block signal while modifying process_list */
1036
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1038
&sigchld_action.sa_mask,
874
ret = sigprocmask(SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1041
876
perror("sigprocmask");
1042
877
exitstatus = EXIT_FAILURE;
1046
plugin *next_plugin = proc->next;
880
/* Delete this process entry from the list */
881
if(process_list == proc){
882
/* First one - simple */
883
process_list = proc->next;
885
/* Second one or later */
886
for(process *p = process_list; p != NULL; p = p->next){
888
p->next = proc->next;
1050
893
/* We are done modifying process list, so unblock signal */
1051
ret = (int)(TEMP_FAILURE_RETRY
1052
(sigprocmask(SIG_UNBLOCK,
1053
&sigchld_action.sa_mask, NULL)));
894
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask,
1055
897
perror("sigprocmask");
1056
exitstatus = EXIT_FAILURE;
1060
if(plugin_list == NULL){
901
/* We deleted this process from the list, so we can't go
902
proc->next. Therefore, start over from the beginning of
1067
906
/* This process exited nicely, so print its buffer */
1069
908
bool bret = print_out_password(proc->buffer,
1070
909
proc->buffer_length);
1095
930
proc->buffer_size += BUFFER_SIZE;
1097
932
/* Read from the process */
1098
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1100
+ proc->buffer_length,
933
ret = read(proc->fd, proc->buffer + proc->buffer_length,
1103
936
/* Read error from this process; ignore the error */
1109
941
proc->eof = true;
1111
proc->buffer_length += (size_t) sret;
943
proc->buffer_length += (size_t) ret;
1119
if(plugin_list == NULL or exitstatus != EXIT_SUCCESS){
951
if(process_list == NULL or exitstatus != EXIT_SUCCESS){
1120
952
/* Fallback if all plugins failed, none are found or an error
1123
955
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
1124
956
char *passwordbuffer = getpass("Password: ");
1125
size_t len = strlen(passwordbuffer);
1126
/* Strip trailing newline */
1127
if(len > 0 and passwordbuffer[len-1] == '\n'){
1128
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1131
bret = print_out_password(passwordbuffer, len);
957
bret = print_out_password(passwordbuffer, strlen(passwordbuffer));
1133
959
perror("print_out_password");
1134
960
exitstatus = EXIT_FAILURE;