To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugin-runner.c
- browse files at revision 110
- compare with another revision
- download diff
- download tarball
- view history from revision 110
- Committer: Teddy Hogeborn
- Date: 2008-08-29 05:53:59 UTC
- Revision ID: teddy@fukt.bsnet.se-20080829055359-wkdasnyxtylmnxus
* mandos.xml (EXAMPLE): Replaced all occurences of command name with
"&COMMANDNAME;".
* plugins.d/password-prompt.c (main): Improved some documentation
strings. Do perror() of
tcgetattr() fails. Add debug
output if interrupted by signal.
Loop over write() instead of
using fwrite() when outputting
password. Add debug output if
getline() returns 0, unless it
was caused by a signal. Add
exit status code to debug
output.
* plugins.d/password-prompt.xml: Changed all single quotes to double
quotes for consistency. Removed
<?xml-stylesheet>.
(ENTITY TIMESTAMP): New. Automatically updated by Emacs time-stamp
by using Emacs local variables.
(/refentry/refentryinfo/title): Changed to "Mandos Manual".
(/refentry/refentryinfo/productname): Changed to "Mandos".
(/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
(/refentry/refentryinfo/copyright): Split copyright holders.
(/refentry/refnamediv/refpurpose): Improved wording.
(SYNOPSIS): Fix to use correct markup. Add short options.
(DESCRIPTION, OPTIONS): Improved wording.
(OPTIONS): Improved wording. Use more correct markup. Document
short options.
(EXIT STATUS): Add text.
(ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
(FILES): REMOVED.
(BUGS): Add text.
(EXAMPLE): Added some examples.
(SECURITY): Added text.
(SEE ALSO): Remove reference to mandos(8). Add reference to
crypttab(5).
"&COMMANDNAME;".
* plugins.d/password-prompt.c (main): Improved some documentation
strings. Do perror() of
tcgetattr() fails. Add debug
output if interrupted by signal.
Loop over write() instead of
using fwrite() when outputting
password. Add debug output if
getline() returns 0, unless it
was caused by a signal. Add
exit status code to debug
output.
* plugins.d/password-prompt.xml: Changed all single quotes to double
quotes for consistency. Removed
<?xml-stylesheet>.
(ENTITY TIMESTAMP): New. Automatically updated by Emacs time-stamp
by using Emacs local variables.
(/refentry/refentryinfo/title): Changed to "Mandos Manual".
(/refentry/refentryinfo/productname): Changed to "Mandos".
(/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
(/refentry/refentryinfo/copyright): Split copyright holders.
(/refentry/refnamediv/refpurpose): Improved wording.
(SYNOPSIS): Fix to use correct markup. Add short options.
(DESCRIPTION, OPTIONS): Improved wording.
(OPTIONS): Improved wording. Use more correct markup. Document
short options.
(EXIT STATUS): Add text.
(ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
(FILES): REMOVED.
(BUGS): Add text.
(EXAMPLE): Added some examples.
(SECURITY): Added text.
(SEE ALSO): Remove reference to mandos(8). Add reference to
crypttab(5).
- files added:
- .bzrignore
- files removed:
- ca.pem
- files renamed:
- server.py => mandos
- server.conf => mandos.conf
- plugbasedclient.c => plugin-runner.c
- plugins.d/passprompt.c => plugins.d/password-prompt.c
- plugins.d/mandosclient.c => plugins.d/password-request.c
- files modified:
- Makefile
added
removed
plugin-runner.c
21
21
* Contact the authors at <mandos@fukt.bsnet.se>.
22
22
*/
23
23
24
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY() */
25
26
#include <stdio.h> /* popen(), fileno(), fprintf(),
27
stderr, STDOUT_FILENO */
24
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
25
asprintf() */
26
#include <stddef.h> /* size_t, NULL */
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
28
EXIT_SUCCESS, realloc() */
29
#include <stdbool.h> /* bool, true, false */
30
#include <stdio.h> /* perror, popen(), fileno(),
31
fprintf(), stderr, STDOUT_FILENO */
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
33
stat, waitpid(), WIFEXITED(),
34
WEXITSTATUS(), wait(), pid_t,
35
uid_t, gid_t, getuid(), getgid(),
36
dirfd() */
37
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
38
FD_SET(), FD_ISSET(), FD_CLR */
39
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
40
WEXITSTATUS() */
41
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
28
42
#include <iso646.h> /* and, or, not */
29
#include <sys/types.h> /* DIR, opendir(), stat(),
30
struct stat, waitpid(),
31
WIFEXITED(), WEXITSTATUS(),
32
wait() */
33
#include <sys/wait.h> /* wait() */
34
43
#include <dirent.h> /* DIR, struct dirent, opendir(),
35
readdir(), closedir() */
36
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
44
readdir(), closedir(), dirfd() */
37
45
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
38
fcntl() */
39
#include <fcntl.h> /* fcntl() */
40
#include <stddef.h> /* NULL */
41
#include <stdlib.h> /* EXIT_FAILURE */
42
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
43
FD_SET(), FD_ISSET() */
44
#include <string.h> /* strlen(), strcpy(), strcat() */
45
#include <stdbool.h> /* true */
46
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
47
WEXITSTATUS() */
46
fcntl(), setuid(), setgid(),
47
F_GETFD, F_SETFD, FD_CLOEXEC,
48
access(), pipe(), fork(), close()
49
dup2, STDOUT_FILENO, _exit(),
50
execv(), write(), read(),
51
close() */
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
53
FD_CLOEXEC */
54
#include <string.h> /* strsep, strlen(), asprintf() */
48
55
#include <errno.h> /* errno */
49
#include <argp.h> /* struct argp_option,
50
struct argp_state, struct argp,
51
argp_parse() */
56
#include <argp.h> /* struct argp_option, struct
57
argp_state, struct argp,
58
argp_parse(), ARGP_ERR_UNKNOWN,
59
ARGP_KEY_END, ARGP_KEY_ARG,
60
error_t */
61
#include <signal.h> /* struct sigaction, sigemptyset(),
62
sigaddset(), sigaction(),
63
sigprocmask(), SIG_BLOCK, SIGCHLD,
64
SIG_UNBLOCK, kill() */
65
#include <errno.h> /* errno, EBADF */
52
66
53
67
#define BUFFER_SIZE 256
54
68
69
#define PDIR "/lib/mandos/plugins.d"
70
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
71
72
const char *argp_program_version = "plugin-runner 1.0";
73
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
74
55
75
struct process;
56
76
57
77
typedef struct process{
61
81
size_t buffer_size;
62
82
size_t buffer_length;
63
83
bool eof;
64
bool completed;
65
int status;
84
volatile bool completed;
85
volatile int status;
66
86
struct process *next;
67
87
} process;
68
88
70
90
char *name; /* can be NULL or any plugin name */
71
91
char **argv;
72
92
int argc;
93
char **environ;
94
int envc;
73
95
bool disabled;
74
96
struct plugin *next;
75
97
} plugin;
84
106
/* Create a new plugin */
85
107
plugin *new_plugin = malloc(sizeof(plugin));
86
108
if (new_plugin == NULL){
87
perror("malloc");
88
exit(EXIT_FAILURE);
89
}
90
new_plugin->name = name;
109
return NULL;
110
}
111
char *copy_name = NULL;
112
if(name != NULL){
113
copy_name = strdup(name);
114
if(copy_name == NULL){
115
return NULL;
116
}
117
}
118
119
*new_plugin = (plugin) { .name = copy_name,
120
.argc = 1,
121
.envc = 0,
122
.disabled = false,
123
.next = *plugin_list };
124
91
125
new_plugin->argv = malloc(sizeof(char *) * 2);
92
126
if (new_plugin->argv == NULL){
93
perror("malloc");
94
exit(EXIT_FAILURE);
127
free(copy_name);
128
free(new_plugin);
129
return NULL;
95
130
}
96
new_plugin->argv[0] = name;
131
new_plugin->argv[0] = copy_name;
97
132
new_plugin->argv[1] = NULL;
98
new_plugin->argc = 1;
99
new_plugin->disabled = false;
100
new_plugin->next = *plugin_list;
133
134
new_plugin->environ = malloc(sizeof(char *));
135
if(new_plugin->environ == NULL){
136
free(copy_name);
137
free(new_plugin->argv);
138
free(new_plugin);
139
return NULL;
140
}
141
new_plugin->environ[0] = NULL;
101
142
/* Append the new plugin to the list */
102
143
*plugin_list = new_plugin;
103
144
return new_plugin;
104
145
}
105
146
106
static void addargument(plugin *p, char *arg){
107
p->argv[p->argc] = arg;
108
p->argv = realloc(p->argv, sizeof(char *) * (size_t)(p->argc + 2));
109
if (p->argv == NULL){
110
perror("malloc");
111
exit(EXIT_FAILURE);
112
}
113
p->argc++;
114
p->argv[p->argc] = NULL;
115
}
147
/* Helper function for add_argument and add_environment */
148
static bool add_to_char_array(const char *new, char ***array,
149
int *len){
150
/* Resize the pointed-to array to hold one more pointer */
151
*array = realloc(*array, sizeof(char *)
152
* (size_t) ((*len) + 2));
153
/* Malloc check */
154
if(*array == NULL){
155
return false;
156
}
157
/* Make a copy of the new string */
158
char *copy = strdup(new);
159
if(copy == NULL){
160
return false;
161
}
162
/* Insert the copy */
163
(*array)[*len] = copy;
164
(*len)++;
165
/* Add a new terminating NULL pointer to the last element */
166
(*array)[*len] = NULL;
167
return true;
168
}
169
170
/* Add to a plugin's argument vector */
171
static bool add_argument(plugin *p, const char *arg){
172
if(p == NULL){
173
return false;
174
}
175
return add_to_char_array(arg, &(p->argv), &(p->argc));
176
}
177
178
/* Add to a plugin's environment */
179
static bool add_environment(plugin *p, const char *def){
180
if(p == NULL){
181
return false;
182
}
183
return add_to_char_array(def, &(p->environ), &(p->envc));
184
}
185
116
186
117
187
/*
118
188
* Based on the example in the GNU LibC manual chapter 13.13 "File
130
200
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
131
201
}
132
202
133
const char *argp_program_version = "plugbasedclient 0.9";
134
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
135
136
203
process *process_list = NULL;
137
204
138
/* Mark a process as completed when it exits, and save its exit
205
/* Mark processes as completed when they exit, and save their exit
139
206
status. */
140
207
void handle_sigchld(__attribute__((unused)) int sig){
141
process *proc = process_list;
142
int status;
143
pid_t pid = wait(&status);
144
while(proc != NULL and proc->pid != pid){
145
proc = proc->next;
146
}
147
if(proc == NULL){
148
/* Process not found in process list */
149
return;
150
}
151
proc->status = status;
152
proc->completed = true;
208
while(true){
209
process *proc = process_list;
210
int status;
211
pid_t pid = waitpid(-1, &status, WNOHANG);
212
if(pid == 0){
213
/* Only still running child processes */
214
break;
215
}
216
if(pid == -1){
217
if (errno != ECHILD){
218
perror("waitpid");
219
}
220
/* No child processes */
221
break;
222
}
223
224
/* A child exited, find it in process_list */
225
while(proc != NULL and proc->pid != pid){
226
proc = proc->next;
227
}
228
if(proc == NULL){
229
/* Process not found in process list */
230
continue;
231
}
232
proc->status = status;
233
proc->completed = true;
234
}
235
}
236
237
bool print_out_password(const char *buffer, size_t length){
238
ssize_t ret;
239
if(length>0 and buffer[length-1] == '\n'){
240
length--;
241
}
242
for(size_t written = 0; written < length; written += (size_t)ret){
243
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
244
length - written));
245
if(ret < 0){
246
return false;
247
}
248
}
249
return true;
250
}
251
252
static void free_plugin_list(plugin *plugin_list){
253
for(plugin *next; plugin_list != NULL; plugin_list = next){
254
next = plugin_list->next;
255
for(char **arg = plugin_list->argv; *arg != NULL; arg++){
256
free(*arg);
257
}
258
free(plugin_list->argv);
259
for(char **env = plugin_list->environ; *env != NULL; env++){
260
free(*env);
261
}
262
free(plugin_list->environ);
263
free(plugin_list);
264
}
153
265
}
154
266
155
267
int main(int argc, char *argv[]){
156
const char *plugindir = "/conf/conf.d/mandos/plugins.d";
268
char *plugindir = NULL;
269
char *argfile = NULL;
270
FILE *conffp;
157
271
size_t d_name_len;
158
272
DIR *dir = NULL;
159
273
struct dirent *dirst;
160
274
struct stat st;
161
275
fd_set rfds_all;
162
276
int ret, maxfd = 0;
277
uid_t uid = 65534;
278
gid_t gid = 65534;
163
279
bool debug = false;
164
280
int exitstatus = EXIT_SUCCESS;
281
struct sigaction old_sigchld_action;
282
struct sigaction sigchld_action = { .sa_handler = handle_sigchld,
283
.sa_flags = SA_NOCLDSTOP };
284
char **custom_argv = NULL;
285
int custom_argc = 0;
165
286
166
287
/* Establish a signal handler */
167
struct sigaction old_sigchld_action,
168
sigchld_action = { .sa_handler = handle_sigchld,
169
.sa_flags = SA_NOCLDSTOP };
170
288
sigemptyset(&sigchld_action.sa_mask);
171
289
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
172
if(ret < 0){
290
if(ret == -1){
173
291
perror("sigaddset");
174
exit(EXIT_FAILURE);
292
exitstatus = EXIT_FAILURE;
293
goto fallback;
175
294
}
176
295
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
177
if(ret < 0){
296
if(ret == -1){
178
297
perror("sigaction");
179
exit(EXIT_FAILURE);
298
exitstatus = EXIT_FAILURE;
299
goto fallback;
180
300
}
181
301
182
302
/* The options we understand. */
184
304
{ .name = "global-options", .key = 'g',
185
305
.arg = "OPTION[,OPTION[,...]]",
186
306
.doc = "Options passed to all plugins" },
307
{ .name = "global-envs", .key = 'e',
308
.arg = "VAR=value",
309
.doc = "Environment variable passed to all plugins" },
187
310
{ .name = "options-for", .key = 'o',
188
311
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
189
312
.doc = "Options passed only to specified plugin" },
313
{ .name = "envs-for", .key = 'f',
314
.arg = "PLUGIN:ENV=value",
315
.doc = "Environment variable passed to specified plugin" },
190
316
{ .name = "disable", .key = 'd',
191
317
.arg = "PLUGIN",
192
318
.doc = "Disable a specific plugin", .group = 1 },
193
319
{ .name = "plugin-dir", .key = 128,
194
320
.arg = "DIRECTORY",
195
321
.doc = "Specify a different plugin directory", .group = 2 },
196
{ .name = "debug", .key = 129,
197
.doc = "Debug mode", .group = 3 },
322
{ .name = "config-file", .key = 129,
323
.arg = "FILE",
324
.doc = "Specify a different configuration file", .group = 2 },
325
{ .name = "userid", .key = 130,
326
.arg = "ID", .flags = 0,
327
.doc = "User ID the plugins will run as", .group = 3 },
328
{ .name = "groupid", .key = 131,
329
.arg = "ID", .flags = 0,
330
.doc = "Group ID the plugins will run as", .group = 3 },
331
{ .name = "debug", .key = 132,
332
.doc = "Debug mode", .group = 4 },
198
333
{ .name = NULL }
199
334
};
200
335
205
340
switch (key) {
206
341
case 'g':
207
342
if (arg != NULL){
208
char *p = strtok(arg, ",");
209
do{
210
addargument(getplugin(NULL, plugins), p);
211
p = strtok(NULL, ",");
212
} while (p);
343
char *p;
344
while((p = strsep(&arg, ",")) != NULL){
345
if(p[0] == '\0'){
346
continue;
347
}
348
if(not add_argument(getplugin(NULL, plugins), p)){
349
perror("add_argument");
350
return ARGP_ERR_UNKNOWN;
351
}
352
}
353
}
354
break;
355
case 'e':
356
if(arg == NULL){
357
break;
358
}
359
{
360
char *envdef = strdup(arg);
361
if(envdef == NULL){
362
break;
363
}
364
if(not add_environment(getplugin(NULL, plugins), envdef)){
365
perror("add_environment");
366
}
213
367
}
214
368
break;
215
369
case 'o':
216
370
if (arg != NULL){
217
char *name = strtok(arg, ":");
218
char *p = strtok(NULL, ":");
219
if(p){
220
p = strtok(p, ",");
221
do{
222
addargument(getplugin(name, plugins), p);
223
p = strtok(NULL, ",");
224
} while (p);
371
char *p_name = strsep(&arg, ":");
372
if(p_name[0] == '\0'){
373
break;
374
}
375
char *opt = strsep(&arg, ":");
376
if(opt[0] == '\0'){
377
break;
378
}
379
if(opt != NULL){
380
char *p;
381
while((p = strsep(&opt, ",")) != NULL){
382
if(p[0] == '\0'){
383
continue;
384
}
385
if(not add_argument(getplugin(p_name, plugins), p)){
386
perror("add_argument");
387
return ARGP_ERR_UNKNOWN;
388
}
389
}
390
}
391
}
392
break;
393
case 'f':
394
if(arg == NULL){
395
break;
396
}
397
{
398
char *envdef = strchr(arg, ':');
399
if(envdef == NULL){
400
break;
401
}
402
char *p_name = strndup(arg, (size_t) (envdef-arg));
403
if(p_name == NULL){
404
break;
405
}
406
envdef++;
407
if(not add_environment(getplugin(p_name, plugins), envdef)){
408
perror("add_environment");
225
409
}
226
410
}
227
411
break;
228
412
case 'd':
229
413
if (arg != NULL){
230
getplugin(arg, plugins)->disabled = true;
414
plugin *p = getplugin(arg, plugins);
415
if(p == NULL){
416
return ARGP_ERR_UNKNOWN;
417
}
418
p->disabled = true;
231
419
}
232
420
break;
233
421
case 128:
234
plugindir = arg;
422
plugindir = strdup(arg);
423
if(plugindir == NULL){
424
perror("strdup");
425
}
235
426
break;
236
427
case 129:
428
argfile = strdup(arg);
429
if(argfile == NULL){
430
perror("strdup");
431
}
432
break;
433
case 130:
434
uid = (uid_t)strtol(arg, NULL, 10);
435
break;
436
case 131:
437
gid = (gid_t)strtol(arg, NULL, 10);
438
break;
439
case 132:
237
440
debug = true;
238
441
break;
239
442
case ARGP_KEY_ARG:
240
argp_usage (state);
443
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
241
444
break;
242
445
case ARGP_KEY_END:
243
446
break;
250
453
plugin *plugin_list = NULL;
251
454
252
455
struct argp argp = { .options = options, .parser = parse_opt,
253
.args_doc = "",
456
.args_doc = "[+PLUS_SEPARATED_OPTIONS]",
254
457
.doc = "Mandos plugin runner -- Run plugins" };
255
458
256
argp_parse (&argp, argc, argv, 0, 0, &plugin_list);
459
ret = argp_parse (&argp, argc, argv, 0, 0, &plugin_list);
460
if (ret == ARGP_ERR_UNKNOWN){
461
fprintf(stderr, "Unknown error while parsing arguments\n");
462
exitstatus = EXIT_FAILURE;
463
goto fallback;
464
}
465
466
if (argfile == NULL){
467
conffp = fopen(AFILE, "r");
468
} else {
469
conffp = fopen(argfile, "r");
470
}
471
472
if(conffp != NULL){
473
char *org_line = NULL;
474
char *p, *arg, *new_arg, *line;
475
size_t size = 0;
476
ssize_t sret;
477
const char whitespace_delims[] = " \r\t\f\v\n";
478
const char comment_delim[] = "#";
479
480
custom_argc = 1;
481
custom_argv = malloc(sizeof(char*) * 2);
482
if(custom_argv == NULL){
483
perror("malloc");
484
exitstatus = EXIT_FAILURE;
485
goto fallback;
486
}
487
custom_argv[0] = argv[0];
488
custom_argv[1] = NULL;
489
490
while(true){
491
sret = getline(&org_line, &size, conffp);
492
if(sret == -1){
493
break;
494
}
495
496
line = org_line;
497
arg = strsep(&line, comment_delim);
498
while((p = strsep(&arg, whitespace_delims)) != NULL){
499
if(p[0] == '\0'){
500
continue;
501
}
502
new_arg = strdup(p);
503
if(new_arg == NULL){
504
perror("strdup");
505
exitstatus = EXIT_FAILURE;
506
free(org_line);
507
goto fallback;
508
}
509
510
custom_argc += 1;
511
custom_argv = realloc(custom_argv, sizeof(char *)
512
* ((unsigned int) custom_argc + 1));
513
if(custom_argv == NULL){
514
perror("realloc");
515
exitstatus = EXIT_FAILURE;
516
free(org_line);
517
goto fallback;
518
}
519
custom_argv[custom_argc-1] = new_arg;
520
custom_argv[custom_argc] = NULL;
521
}
522
}
523
free(org_line);
524
} else{
525
/* Check for harmful errors and go to fallback. Other errors might
526
not affect opening plugins */
527
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
528
perror("fopen");
529
exitstatus = EXIT_FAILURE;
530
goto fallback;
531
}
532
}
533
534
if(custom_argv != NULL){
535
ret = argp_parse (&argp, custom_argc, custom_argv, 0, 0, &plugin_list);
536
if (ret == ARGP_ERR_UNKNOWN){
537
fprintf(stderr, "Unknown error while parsing arguments\n");
538
exitstatus = EXIT_FAILURE;
539
goto fallback;
540
}
541
}
257
542
258
543
if(debug){
259
544
for(plugin *p = plugin_list; p != NULL; p=p->next){
262
547
for(char **a = p->argv; *a != NULL; a++){
263
548
fprintf(stderr, "\tArg: %s\n", *a);
264
549
}
550
fprintf(stderr, "...and %u environment variables\n", p->envc);
551
for(char **a = p->environ; *a != NULL; a++){
552
fprintf(stderr, "\t%s\n", *a);
553
}
265
554
}
266
555
}
267
556
268
dir = opendir(plugindir);
557
ret = setuid(uid);
558
if (ret == -1){
559
perror("setuid");
560
}
561
562
setgid(gid);
563
if (ret == -1){
564
perror("setgid");
565
}
566
567
if (plugindir == NULL){
568
dir = opendir(PDIR);
569
} else {
570
dir = opendir(plugindir);
571
}
572
269
573
if(dir == NULL){
270
574
perror("Could not open plugin dir");
271
575
exitstatus = EXIT_FAILURE;
272
goto end;
576
goto fallback;
273
577
}
274
578
275
579
/* Set the FD_CLOEXEC flag on the directory, if possible */
280
584
if(ret < 0){
281
585
perror("set_cloexec_flag");
282
586
exitstatus = EXIT_FAILURE;
283
goto end;
587
goto fallback;
284
588
}
285
589
}
286
590
}
292
596
293
597
// All directory entries have been processed
294
598
if(dirst == NULL){
599
if (errno == EBADF){
600
perror("readdir");
601
exitstatus = EXIT_FAILURE;
602
goto fallback;
603
}
295
604
break;
296
605
}
297
606
341
650
continue;
342
651
}
343
652
}
344
345
char *filename = malloc(d_name_len + strlen(plugindir) + 2);
346
if (filename == NULL){
347
perror("malloc");
348
exitstatus = EXIT_FAILURE;
349
goto end;
350
}
351
strcpy(filename, plugindir); /* Spurious warning */
352
strcat(filename, "/"); /* Spurious warning */
353
strcat(filename, dirst->d_name); /* Spurious warning */
354
355
stat(filename, &st);
653
654
char *filename;
655
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name);
656
if(ret < 0){
657
perror("asprintf");
658
continue;
659
}
660
661
ret = stat(filename, &st);
662
if (ret == -1){
663
perror("stat");
664
free(filename);
665
continue;
666
}
356
667
357
668
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){
358
669
if(debug){
362
673
free(filename);
363
674
continue;
364
675
}
365
if(getplugin(dirst->d_name, &plugin_list)->disabled){
676
plugin *p = getplugin(dirst->d_name, &plugin_list);
677
if(p == NULL){
678
perror("getplugin");
679
free(filename);
680
continue;
681
}
682
if(p->disabled){
366
683
if(debug){
367
684
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
368
685
dirst->d_name);
370
687
free(filename);
371
688
continue;
372
689
}
373
plugin *p = getplugin(dirst->d_name, &plugin_list);
374
690
{
375
691
/* Add global arguments to argument list for this plugin */
376
692
plugin *g = getplugin(NULL, &plugin_list);
377
for(char **a = g->argv + 1; *a != NULL; a++){
378
addargument(p, *a);
379
}
380
}
381
int pipefd[2];
693
if(g != NULL){
694
for(char **a = g->argv + 1; *a != NULL; a++){
695
if(not add_argument(p, *a)){
696
perror("add_argument");
697
}
698
}
699
/* Add global environment variables */
700
for(char **e = g->environ; *e != NULL; e++){
701
if(not add_environment(p, *e)){
702
perror("add_environment");
703
}
704
}
705
}
706
}
707
/* If this plugin has any environment variables, we will call
708
using execve and need to duplicate the environment from this
709
process, too. */
710
if(p->environ[0] != NULL){
711
for(char **e = environ; *e != NULL; e++){
712
char *copy = strdup(*e);
713
if(copy == NULL){
714
perror("strdup");
715
continue;
716
}
717
if(not add_environment(p, copy)){
718
perror("add_environment");
719
}
720
}
721
}
722
723
int pipefd[2];
382
724
ret = pipe(pipefd);
383
725
if (ret == -1){
384
726
perror("pipe");
385
727
exitstatus = EXIT_FAILURE;
386
goto end;
728
goto fallback;
387
729
}
388
730
ret = set_cloexec_flag(pipefd[0]);
389
731
if(ret < 0){
390
732
perror("set_cloexec_flag");
391
733
exitstatus = EXIT_FAILURE;
392
goto end;
734
goto fallback;
393
735
}
394
736
ret = set_cloexec_flag(pipefd[1]);
395
737
if(ret < 0){
396
738
perror("set_cloexec_flag");
397
739
exitstatus = EXIT_FAILURE;
398
goto end;
740
goto fallback;
399
741
}
400
742
/* Block SIGCHLD until process is safely in process list */
401
743
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
402
744
if(ret < 0){
403
745
perror("sigprocmask");
404
746
exitstatus = EXIT_FAILURE;
405
goto end;
747
goto fallback;
406
748
}
407
749
// Starting a new process to be watched
408
750
pid_t pid = fork();
751
if(pid == -1){
752
perror("fork");
753
exitstatus = EXIT_FAILURE;
754
goto fallback;
755
}
409
756
if(pid == 0){
410
757
/* this is the child process */
411
758
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
418
765
perror("sigprocmask");
419
766
_exit(EXIT_FAILURE);
420
767
}
421
dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
768
769
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
770
if(ret == -1){
771
perror("dup2");
772
_exit(EXIT_FAILURE);
773
}
422
774
423
775
if(dirfd(dir) < 0){
424
776
/* If dir has no file descriptor, we could not set FD_CLOEXEC
425
777
above and must now close it manually here. */
426
778
closedir(dir);
427
779
}
428
if(execv(filename, p->argv) < 0){
429
perror("execv");
430
_exit(EXIT_FAILURE);
780
if(p->environ[0] == NULL){
781
if(execv(filename, p->argv) < 0){
782
perror("execv");
783
_exit(EXIT_FAILURE);
784
}
785
} else {
786
if(execve(filename, p->argv, p->environ) < 0){
787
perror("execve");
788
_exit(EXIT_FAILURE);
789
}
431
790
}
432
791
/* no return */
433
792
}
442
801
perror("sigprocmask");
443
802
}
444
803
exitstatus = EXIT_FAILURE;
445
goto end;
804
goto fallback;
446
805
}
447
806
448
807
*new_process = (struct process){ .pid = pid,
456
815
if(ret < 0){
457
816
perror("sigprocmask");
458
817
exitstatus = EXIT_FAILURE;
459
goto end;
818
goto fallback;
460
819
}
461
820
462
821
FD_SET(new_process->fd, &rfds_all);
466
825
}
467
826
468
827
}
469
470
/* Free the plugin list */
471
for(plugin *next; plugin_list != NULL; plugin_list = next){
472
next = plugin_list->next;
473
free(plugin_list->argv);
474
free(plugin_list);
475
}
828
829
free_plugin_list(plugin_list);
830
plugin_list = NULL;
476
831
477
832
closedir(dir);
478
833
dir = NULL;
479
834
480
835
if (process_list == NULL){
481
fprintf(stderr, "No plugin processes started, exiting\n");
482
exitstatus = EXIT_FAILURE;
483
goto end;
836
fprintf(stderr, "No plugin processes started. Incorrect plugin"
837
" directory?\n");
838
process_list = NULL;
484
839
}
485
840
while(process_list){
486
841
fd_set rfds = rfds_all;
488
843
if (select_ret == -1){
489
844
perror("select");
490
845
exitstatus = EXIT_FAILURE;
491
goto end;
846
goto fallback;
492
847
}
493
848
/* OK, now either a process completed, or something can be read
494
849
from one of them */
501
856
/* Bad exit by plugin */
502
857
if(debug){
503
858
if(WIFEXITED(proc->status)){
504
fprintf(stderr, "Plugin %d exited with status %d\n",
505
proc->pid, WEXITSTATUS(proc->status));
859
fprintf(stderr, "Plugin %u exited with status %d\n",
860
(unsigned int) (proc->pid),
861
WEXITSTATUS(proc->status));
506
862
} else if(WIFSIGNALED(proc->status)) {
507
fprintf(stderr, "Plugin %d killed by signal %d\n",
508
proc->pid, WTERMSIG(proc->status));
863
fprintf(stderr, "Plugin %u killed by signal %d\n",
864
(unsigned int) (proc->pid),
865
WTERMSIG(proc->status));
509
866
} else if(WCOREDUMP(proc->status)){
510
fprintf(stderr, "Plugin %d dumped core\n", proc->pid);
867
fprintf(stderr, "Plugin %d dumped core\n",
868
(unsigned int) (proc->pid));
511
869
}
512
870
}
513
871
/* Remove the plugin */
514
872
FD_CLR(proc->fd, &rfds_all);
515
873
/* Block signal while modifying process_list */
516
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
874
ret = sigprocmask(SIG_BLOCK, &sigchld_action.sa_mask, NULL);
517
875
if(ret < 0){
518
876
perror("sigprocmask");
519
877
exitstatus = EXIT_FAILURE;
520
goto end;
878
goto fallback;
521
879
}
522
880
/* Delete this process entry from the list */
523
881
if(process_list == proc){
546
904
break;
547
905
}
548
906
/* This process exited nicely, so print its buffer */
549
for(size_t written = 0; written < proc->buffer_length;
550
written += (size_t)ret){
551
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO,
552
proc->buffer + written,
553
proc->buffer_length
554
- written));
555
if(ret < 0){
556
perror("write");
557
exitstatus = EXIT_FAILURE;
558
goto end;
559
}
907
908
bool bret = print_out_password(proc->buffer,
909
proc->buffer_length);
910
if(not bret){
911
perror("print_out_password");
912
exitstatus = EXIT_FAILURE;
560
913
}
561
goto end;
914
goto fallback;
562
915
}
563
916
/* This process has not completed. Does it have any output? */
564
917
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){
572
925
if (proc->buffer == NULL){
573
926
perror("malloc");
574
927
exitstatus = EXIT_FAILURE;
575
goto end;
928
goto fallback;
576
929
}
577
930
proc->buffer_size += BUFFER_SIZE;
578
931
}
591
944
}
592
945
}
593
946
}
594
if(process_list == NULL){
595
fprintf(stderr, "All plugin processes failed, exiting\n");
596
exitstatus = EXIT_FAILURE;
947
948
949
fallback:
950
951
if(process_list == NULL or exitstatus != EXIT_SUCCESS){
952
/* Fallback if all plugins failed, none are found or an error
953
occured */
954
bool bret;
955
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
956
char *passwordbuffer = getpass("Password: ");
957
bret = print_out_password(passwordbuffer, strlen(passwordbuffer));
958
if(not bret){
959
perror("print_out_password");
960
exitstatus = EXIT_FAILURE;
961
}
597
962
}
598
963
599
end:
600
964
/* Restore old signal handler */
601
sigaction(SIGCHLD, &old_sigchld_action, NULL);
602
603
/* Free the plugin list */
604
for(plugin *next; plugin_list != NULL; plugin_list = next){
605
next = plugin_list->next;
606
free(plugin_list->argv);
607
free(plugin_list);
608
}
965
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
966
if(ret == -1){
967
perror("sigaction");
968
exitstatus = EXIT_FAILURE;
969
}
970
971
if(custom_argv != NULL){
972
for(char **arg = custom_argv+1; *arg != NULL; arg++){
973
free(*arg);
974
}
975
free(custom_argv);
976
}
977
free_plugin_list(plugin_list);
609
978
610
979
if(dir != NULL){
611
980
closedir(dir);
615
984
for(process *next; process_list != NULL; process_list = next){
616
985
next = process_list->next;
617
986
close(process_list->fd);
618
kill(process_list->pid, SIGTERM);
987
ret = kill(process_list->pid, SIGTERM);
988
if(ret == -1 and errno != ESRCH){
989
/* set-uid proccesses migth not get closed */
990
perror("kill");
991
}
619
992
free(process_list->buffer);
620
993
free(process_list);
621
994
}
627
1000
if(errno != ECHILD){
628
1001
perror("wait");
629
1002
}
1003
1004
free(plugindir);
1005
free(argfile);
630
1006
631
1007
return exitstatus;
632
1008
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0