To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugin-runner.c
- browse files at revision 110
- compare with another revision
- download diff
- download tarball
- view history from revision 110
- Committer: Teddy Hogeborn
- Date: 2008-08-29 05:53:59 UTC
- Revision ID: teddy@fukt.bsnet.se-20080829055359-wkdasnyxtylmnxus
* mandos.xml (EXAMPLE): Replaced all occurences of command name with
"&COMMANDNAME;".
* plugins.d/password-prompt.c (main): Improved some documentation
strings. Do perror() of
tcgetattr() fails. Add debug
output if interrupted by signal.
Loop over write() instead of
using fwrite() when outputting
password. Add debug output if
getline() returns 0, unless it
was caused by a signal. Add
exit status code to debug
output.
* plugins.d/password-prompt.xml: Changed all single quotes to double
quotes for consistency. Removed
<?xml-stylesheet>.
(ENTITY TIMESTAMP): New. Automatically updated by Emacs time-stamp
by using Emacs local variables.
(/refentry/refentryinfo/title): Changed to "Mandos Manual".
(/refentry/refentryinfo/productname): Changed to "Mandos".
(/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
(/refentry/refentryinfo/copyright): Split copyright holders.
(/refentry/refnamediv/refpurpose): Improved wording.
(SYNOPSIS): Fix to use correct markup. Add short options.
(DESCRIPTION, OPTIONS): Improved wording.
(OPTIONS): Improved wording. Use more correct markup. Document
short options.
(EXIT STATUS): Add text.
(ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
(FILES): REMOVED.
(BUGS): Add text.
(EXAMPLE): Added some examples.
(SECURITY): Added text.
(SEE ALSO): Remove reference to mandos(8). Add reference to
crypttab(5).
"&COMMANDNAME;".
* plugins.d/password-prompt.c (main): Improved some documentation
strings. Do perror() of
tcgetattr() fails. Add debug
output if interrupted by signal.
Loop over write() instead of
using fwrite() when outputting
password. Add debug output if
getline() returns 0, unless it
was caused by a signal. Add
exit status code to debug
output.
* plugins.d/password-prompt.xml: Changed all single quotes to double
quotes for consistency. Removed
<?xml-stylesheet>.
(ENTITY TIMESTAMP): New. Automatically updated by Emacs time-stamp
by using Emacs local variables.
(/refentry/refentryinfo/title): Changed to "Mandos Manual".
(/refentry/refentryinfo/productname): Changed to "Mandos".
(/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
(/refentry/refentryinfo/copyright): Split copyright holders.
(/refentry/refnamediv/refpurpose): Improved wording.
(SYNOPSIS): Fix to use correct markup. Add short options.
(DESCRIPTION, OPTIONS): Improved wording.
(OPTIONS): Improved wording. Use more correct markup. Document
short options.
(EXIT STATUS): Add text.
(ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
(FILES): REMOVED.
(BUGS): Add text.
(EXAMPLE): Added some examples.
(SECURITY): Added text.
(SEE ALSO): Remove reference to mandos(8). Add reference to
crypttab(5).
- files added:
- .bzrignore
- files removed:
- network-protocol.txt
- files renamed:
- mandos-client.c => plugin-runner.c
- mandos-client.xml => plugin-runner.xml
- files modified:
- Makefile
added
removed
plugin-runner.c
21
21
* Contact the authors at <mandos@fukt.bsnet.se>.
22
22
*/
23
23
24
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY() */
25
26
#include <stdio.h> /* popen(), fileno(), fprintf(),
27
stderr, STDOUT_FILENO */
24
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
25
asprintf() */
26
#include <stddef.h> /* size_t, NULL */
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
28
EXIT_SUCCESS, realloc() */
29
#include <stdbool.h> /* bool, true, false */
30
#include <stdio.h> /* perror, popen(), fileno(),
31
fprintf(), stderr, STDOUT_FILENO */
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
33
stat, waitpid(), WIFEXITED(),
34
WEXITSTATUS(), wait(), pid_t,
35
uid_t, gid_t, getuid(), getgid(),
36
dirfd() */
37
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
38
FD_SET(), FD_ISSET(), FD_CLR */
39
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
40
WEXITSTATUS() */
41
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
28
42
#include <iso646.h> /* and, or, not */
29
#include <sys/types.h> /* DIR, opendir(), stat(),
30
struct stat, waitpid(),
31
WIFEXITED(), WEXITSTATUS(),
32
wait() */
33
#include <sys/wait.h> /* wait() */
34
43
#include <dirent.h> /* DIR, struct dirent, opendir(),
35
readdir(), closedir() */
36
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
44
readdir(), closedir(), dirfd() */
37
45
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
38
fcntl() */
39
#include <fcntl.h> /* fcntl() */
40
#include <stddef.h> /* NULL */
41
#include <stdlib.h> /* EXIT_FAILURE */
42
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
43
FD_SET(), FD_ISSET() */
44
#include <string.h> /* strlen(), strcpy(), strcat() */
45
#include <stdbool.h> /* true */
46
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
47
WEXITSTATUS() */
46
fcntl(), setuid(), setgid(),
47
F_GETFD, F_SETFD, FD_CLOEXEC,
48
access(), pipe(), fork(), close()
49
dup2, STDOUT_FILENO, _exit(),
50
execv(), write(), read(),
51
close() */
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
53
FD_CLOEXEC */
54
#include <string.h> /* strsep, strlen(), asprintf() */
48
55
#include <errno.h> /* errno */
49
#include <argp.h> /* struct argp_option,
50
struct argp_state, struct argp,
51
argp_parse() */
56
#include <argp.h> /* struct argp_option, struct
57
argp_state, struct argp,
58
argp_parse(), ARGP_ERR_UNKNOWN,
59
ARGP_KEY_END, ARGP_KEY_ARG,
60
error_t */
61
#include <signal.h> /* struct sigaction, sigemptyset(),
62
sigaddset(), sigaction(),
63
sigprocmask(), SIG_BLOCK, SIGCHLD,
64
SIG_UNBLOCK, kill() */
65
#include <errno.h> /* errno, EBADF */
52
66
53
67
#define BUFFER_SIZE 256
54
68
69
#define PDIR "/lib/mandos/plugins.d"
70
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
71
72
const char *argp_program_version = "plugin-runner 1.0";
73
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
74
55
75
struct process;
56
76
57
77
typedef struct process{
61
81
size_t buffer_size;
62
82
size_t buffer_length;
63
83
bool eof;
64
bool completed;
65
int status;
84
volatile bool completed;
85
volatile int status;
66
86
struct process *next;
67
87
} process;
68
88
70
90
char *name; /* can be NULL or any plugin name */
71
91
char **argv;
72
92
int argc;
93
char **environ;
94
int envc;
73
95
bool disabled;
74
96
struct plugin *next;
75
97
} plugin;
84
106
/* Create a new plugin */
85
107
plugin *new_plugin = malloc(sizeof(plugin));
86
108
if (new_plugin == NULL){
87
perror("malloc");
88
exit(EXIT_FAILURE);
89
}
90
new_plugin->name = name;
109
return NULL;
110
}
111
char *copy_name = NULL;
112
if(name != NULL){
113
copy_name = strdup(name);
114
if(copy_name == NULL){
115
return NULL;
116
}
117
}
118
119
*new_plugin = (plugin) { .name = copy_name,
120
.argc = 1,
121
.envc = 0,
122
.disabled = false,
123
.next = *plugin_list };
124
91
125
new_plugin->argv = malloc(sizeof(char *) * 2);
92
126
if (new_plugin->argv == NULL){
93
perror("malloc");
94
exit(EXIT_FAILURE);
127
free(copy_name);
128
free(new_plugin);
129
return NULL;
95
130
}
96
new_plugin->argv[0] = name;
131
new_plugin->argv[0] = copy_name;
97
132
new_plugin->argv[1] = NULL;
98
new_plugin->argc = 1;
99
new_plugin->disabled = false;
100
new_plugin->next = *plugin_list;
133
134
new_plugin->environ = malloc(sizeof(char *));
135
if(new_plugin->environ == NULL){
136
free(copy_name);
137
free(new_plugin->argv);
138
free(new_plugin);
139
return NULL;
140
}
141
new_plugin->environ[0] = NULL;
101
142
/* Append the new plugin to the list */
102
143
*plugin_list = new_plugin;
103
144
return new_plugin;
104
145
}
105
146
106
static void addargument(plugin *p, char *arg){
107
p->argv[p->argc] = arg;
108
p->argv = realloc(p->argv, sizeof(char *) * (size_t)(p->argc + 2));
109
if (p->argv == NULL){
110
perror("malloc");
111
exit(EXIT_FAILURE);
112
}
113
p->argc++;
114
p->argv[p->argc] = NULL;
115
}
147
/* Helper function for add_argument and add_environment */
148
static bool add_to_char_array(const char *new, char ***array,
149
int *len){
150
/* Resize the pointed-to array to hold one more pointer */
151
*array = realloc(*array, sizeof(char *)
152
* (size_t) ((*len) + 2));
153
/* Malloc check */
154
if(*array == NULL){
155
return false;
156
}
157
/* Make a copy of the new string */
158
char *copy = strdup(new);
159
if(copy == NULL){
160
return false;
161
}
162
/* Insert the copy */
163
(*array)[*len] = copy;
164
(*len)++;
165
/* Add a new terminating NULL pointer to the last element */
166
(*array)[*len] = NULL;
167
return true;
168
}
169
170
/* Add to a plugin's argument vector */
171
static bool add_argument(plugin *p, const char *arg){
172
if(p == NULL){
173
return false;
174
}
175
return add_to_char_array(arg, &(p->argv), &(p->argc));
176
}
177
178
/* Add to a plugin's environment */
179
static bool add_environment(plugin *p, const char *def){
180
if(p == NULL){
181
return false;
182
}
183
return add_to_char_array(def, &(p->environ), &(p->envc));
184
}
185
116
186
117
187
/*
118
188
* Based on the example in the GNU LibC manual chapter 13.13 "File
130
200
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
131
201
}
132
202
133
const char *argp_program_version = "plugbasedclient 0.9";
134
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
135
136
203
process *process_list = NULL;
137
204
138
/* Mark a process as completed when it exits, and save its exit
205
/* Mark processes as completed when they exit, and save their exit
139
206
status. */
140
207
void handle_sigchld(__attribute__((unused)) int sig){
141
process *proc = process_list;
142
int status;
143
pid_t pid = wait(&status);
144
while(proc != NULL and proc->pid != pid){
145
proc = proc->next;
146
}
147
if(proc == NULL){
148
/* Process not found in process list */
149
return;
150
}
151
proc->status = status;
152
proc->completed = true;
208
while(true){
209
process *proc = process_list;
210
int status;
211
pid_t pid = waitpid(-1, &status, WNOHANG);
212
if(pid == 0){
213
/* Only still running child processes */
214
break;
215
}
216
if(pid == -1){
217
if (errno != ECHILD){
218
perror("waitpid");
219
}
220
/* No child processes */
221
break;
222
}
223
224
/* A child exited, find it in process_list */
225
while(proc != NULL and proc->pid != pid){
226
proc = proc->next;
227
}
228
if(proc == NULL){
229
/* Process not found in process list */
230
continue;
231
}
232
proc->status = status;
233
proc->completed = true;
234
}
235
}
236
237
bool print_out_password(const char *buffer, size_t length){
238
ssize_t ret;
239
if(length>0 and buffer[length-1] == '\n'){
240
length--;
241
}
242
for(size_t written = 0; written < length; written += (size_t)ret){
243
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
244
length - written));
245
if(ret < 0){
246
return false;
247
}
248
}
249
return true;
250
}
251
252
static void free_plugin_list(plugin *plugin_list){
253
for(plugin *next; plugin_list != NULL; plugin_list = next){
254
next = plugin_list->next;
255
for(char **arg = plugin_list->argv; *arg != NULL; arg++){
256
free(*arg);
257
}
258
free(plugin_list->argv);
259
for(char **env = plugin_list->environ; *env != NULL; env++){
260
free(*env);
261
}
262
free(plugin_list->environ);
263
free(plugin_list);
264
}
153
265
}
154
266
155
267
int main(int argc, char *argv[]){
156
const char *plugindir = "/conf/conf.d/mandos/plugins.d";
268
char *plugindir = NULL;
269
char *argfile = NULL;
270
FILE *conffp;
157
271
size_t d_name_len;
158
272
DIR *dir = NULL;
159
273
struct dirent *dirst;
167
281
struct sigaction old_sigchld_action;
168
282
struct sigaction sigchld_action = { .sa_handler = handle_sigchld,
169
283
.sa_flags = SA_NOCLDSTOP };
170
char *plus_options = NULL;
171
char **plus_argv = NULL;
284
char **custom_argv = NULL;
285
int custom_argc = 0;
172
286
173
287
/* Establish a signal handler */
174
288
sigemptyset(&sigchld_action.sa_mask);
175
289
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
176
if(ret < 0){
290
if(ret == -1){
177
291
perror("sigaddset");
178
exit(EXIT_FAILURE);
292
exitstatus = EXIT_FAILURE;
293
goto fallback;
179
294
}
180
295
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
181
if(ret < 0){
296
if(ret == -1){
182
297
perror("sigaction");
183
exit(EXIT_FAILURE);
298
exitstatus = EXIT_FAILURE;
299
goto fallback;
184
300
}
185
301
186
302
/* The options we understand. */
188
304
{ .name = "global-options", .key = 'g',
189
305
.arg = "OPTION[,OPTION[,...]]",
190
306
.doc = "Options passed to all plugins" },
307
{ .name = "global-envs", .key = 'e',
308
.arg = "VAR=value",
309
.doc = "Environment variable passed to all plugins" },
191
310
{ .name = "options-for", .key = 'o',
192
311
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
193
312
.doc = "Options passed only to specified plugin" },
313
{ .name = "envs-for", .key = 'f',
314
.arg = "PLUGIN:ENV=value",
315
.doc = "Environment variable passed to specified plugin" },
194
316
{ .name = "disable", .key = 'd',
195
317
.arg = "PLUGIN",
196
318
.doc = "Disable a specific plugin", .group = 1 },
197
319
{ .name = "plugin-dir", .key = 128,
198
320
.arg = "DIRECTORY",
199
321
.doc = "Specify a different plugin directory", .group = 2 },
200
{ .name = "userid", .key = 129,
201
.arg = "ID", .flags = 0,
202
.doc = "User ID the plugins will run as", .group = 2 },
203
{ .name = "groupid", .key = 130,
204
.arg = "ID", .flags = 0,
205
.doc = "Group ID the plugins will run as", .group = 2 },
206
{ .name = "debug", .key = 131,
207
.doc = "Debug mode", .group = 3 },
322
{ .name = "config-file", .key = 129,
323
.arg = "FILE",
324
.doc = "Specify a different configuration file", .group = 2 },
325
{ .name = "userid", .key = 130,
326
.arg = "ID", .flags = 0,
327
.doc = "User ID the plugins will run as", .group = 3 },
328
{ .name = "groupid", .key = 131,
329
.arg = "ID", .flags = 0,
330
.doc = "Group ID the plugins will run as", .group = 3 },
331
{ .name = "debug", .key = 132,
332
.doc = "Debug mode", .group = 4 },
208
333
{ .name = NULL }
209
334
};
210
335
215
340
switch (key) {
216
341
case 'g':
217
342
if (arg != NULL){
218
char *p = strtok(arg, ",");
219
do{
220
addargument(getplugin(NULL, plugins), p);
221
p = strtok(NULL, ",");
222
} while (p != NULL);
343
char *p;
344
while((p = strsep(&arg, ",")) != NULL){
345
if(p[0] == '\0'){
346
continue;
347
}
348
if(not add_argument(getplugin(NULL, plugins), p)){
349
perror("add_argument");
350
return ARGP_ERR_UNKNOWN;
351
}
352
}
353
}
354
break;
355
case 'e':
356
if(arg == NULL){
357
break;
358
}
359
{
360
char *envdef = strdup(arg);
361
if(envdef == NULL){
362
break;
363
}
364
if(not add_environment(getplugin(NULL, plugins), envdef)){
365
perror("add_environment");
366
}
223
367
}
224
368
break;
225
369
case 'o':
226
370
if (arg != NULL){
227
char *name = strtok(arg, ":");
228
char *p = strtok(NULL, ":");
229
if(p != NULL){
230
p = strtok(p, ",");
231
do{
232
addargument(getplugin(name, plugins), p);
233
p = strtok(NULL, ",");
234
} while (p != NULL);
371
char *p_name = strsep(&arg, ":");
372
if(p_name[0] == '\0'){
373
break;
374
}
375
char *opt = strsep(&arg, ":");
376
if(opt[0] == '\0'){
377
break;
378
}
379
if(opt != NULL){
380
char *p;
381
while((p = strsep(&opt, ",")) != NULL){
382
if(p[0] == '\0'){
383
continue;
384
}
385
if(not add_argument(getplugin(p_name, plugins), p)){
386
perror("add_argument");
387
return ARGP_ERR_UNKNOWN;
388
}
389
}
390
}
391
}
392
break;
393
case 'f':
394
if(arg == NULL){
395
break;
396
}
397
{
398
char *envdef = strchr(arg, ':');
399
if(envdef == NULL){
400
break;
401
}
402
char *p_name = strndup(arg, (size_t) (envdef-arg));
403
if(p_name == NULL){
404
break;
405
}
406
envdef++;
407
if(not add_environment(getplugin(p_name, plugins), envdef)){
408
perror("add_environment");
235
409
}
236
410
}
237
411
break;
238
412
case 'd':
239
413
if (arg != NULL){
240
getplugin(arg, plugins)->disabled = true;
414
plugin *p = getplugin(arg, plugins);
415
if(p == NULL){
416
return ARGP_ERR_UNKNOWN;
417
}
418
p->disabled = true;
241
419
}
242
420
break;
243
421
case 128:
244
plugindir = arg;
422
plugindir = strdup(arg);
423
if(plugindir == NULL){
424
perror("strdup");
425
}
245
426
break;
246
427
case 129:
428
argfile = strdup(arg);
429
if(argfile == NULL){
430
perror("strdup");
431
}
432
break;
433
case 130:
247
434
uid = (uid_t)strtol(arg, NULL, 10);
248
435
break;
249
case 130:
436
case 131:
250
437
gid = (gid_t)strtol(arg, NULL, 10);
251
438
break;
252
case 131:
439
case 132:
253
440
debug = true;
254
441
break;
255
442
case ARGP_KEY_ARG:
256
if(plus_options != NULL or arg == NULL or arg[0] != '+'){
257
argp_usage (state);
258
}
259
plus_options = arg;
443
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
260
444
break;
261
445
case ARGP_KEY_END:
262
446
break;
272
456
.args_doc = "[+PLUS_SEPARATED_OPTIONS]",
273
457
.doc = "Mandos plugin runner -- Run plugins" };
274
458
275
argp_parse (&argp, argc, argv, 0, 0, &plugin_list);
459
ret = argp_parse (&argp, argc, argv, 0, 0, &plugin_list);
460
if (ret == ARGP_ERR_UNKNOWN){
461
fprintf(stderr, "Unknown error while parsing arguments\n");
462
exitstatus = EXIT_FAILURE;
463
goto fallback;
464
}
465
466
if (argfile == NULL){
467
conffp = fopen(AFILE, "r");
468
} else {
469
conffp = fopen(argfile, "r");
470
}
276
471
277
if(plus_options){
278
/* This is a mangled argument in the form of
279
"+--option+--other-option=parameter+--yet-another-option", etc */
280
/* Make new argc and argv vars, and call argp_parse() again. */
281
plus_options++; /* skip the first '+' character */
282
const char delims[] = "+";
283
char *arg;
284
int new_argc = 1;
285
plus_argv = malloc(sizeof(char*) * 2);
286
if(plus_argv == NULL){
472
if(conffp != NULL){
473
char *org_line = NULL;
474
char *p, *arg, *new_arg, *line;
475
size_t size = 0;
476
ssize_t sret;
477
const char whitespace_delims[] = " \r\t\f\v\n";
478
const char comment_delim[] = "#";
479
480
custom_argc = 1;
481
custom_argv = malloc(sizeof(char*) * 2);
482
if(custom_argv == NULL){
287
483
perror("malloc");
288
484
exitstatus = EXIT_FAILURE;
289
goto end;
290
}
291
plus_argv[0] = argv[0];
292
plus_argv[1] = NULL;
293
arg = strtok(plus_options, delims); /* Get first argument */
294
while(arg != NULL){
295
new_argc++;
296
plus_argv = realloc(plus_argv, sizeof(char *)
297
* ((unsigned int) new_argc + 1));
298
if(plus_argv == NULL){
299
perror("malloc");
300
exitstatus = EXIT_FAILURE;
301
goto end;
302
}
303
plus_argv[new_argc-1] = arg;
304
plus_argv[new_argc] = NULL;
305
arg = strtok(NULL, delims); /* Get next argument */
306
}
307
argp_parse (&argp, new_argc, plus_argv, 0, 0, &plugin_list);
485
goto fallback;
486
}
487
custom_argv[0] = argv[0];
488
custom_argv[1] = NULL;
489
490
while(true){
491
sret = getline(&org_line, &size, conffp);
492
if(sret == -1){
493
break;
494
}
495
496
line = org_line;
497
arg = strsep(&line, comment_delim);
498
while((p = strsep(&arg, whitespace_delims)) != NULL){
499
if(p[0] == '\0'){
500
continue;
501
}
502
new_arg = strdup(p);
503
if(new_arg == NULL){
504
perror("strdup");
505
exitstatus = EXIT_FAILURE;
506
free(org_line);
507
goto fallback;
508
}
509
510
custom_argc += 1;
511
custom_argv = realloc(custom_argv, sizeof(char *)
512
* ((unsigned int) custom_argc + 1));
513
if(custom_argv == NULL){
514
perror("realloc");
515
exitstatus = EXIT_FAILURE;
516
free(org_line);
517
goto fallback;
518
}
519
custom_argv[custom_argc-1] = new_arg;
520
custom_argv[custom_argc] = NULL;
521
}
522
}
523
free(org_line);
524
} else{
525
/* Check for harmful errors and go to fallback. Other errors might
526
not affect opening plugins */
527
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
528
perror("fopen");
529
exitstatus = EXIT_FAILURE;
530
goto fallback;
531
}
532
}
533
534
if(custom_argv != NULL){
535
ret = argp_parse (&argp, custom_argc, custom_argv, 0, 0, &plugin_list);
536
if (ret == ARGP_ERR_UNKNOWN){
537
fprintf(stderr, "Unknown error while parsing arguments\n");
538
exitstatus = EXIT_FAILURE;
539
goto fallback;
540
}
308
541
}
309
542
310
543
if(debug){
314
547
for(char **a = p->argv; *a != NULL; a++){
315
548
fprintf(stderr, "\tArg: %s\n", *a);
316
549
}
550
fprintf(stderr, "...and %u environment variables\n", p->envc);
551
for(char **a = p->environ; *a != NULL; a++){
552
fprintf(stderr, "\t%s\n", *a);
553
}
317
554
}
318
555
}
319
556
326
563
if (ret == -1){
327
564
perror("setgid");
328
565
}
566
567
if (plugindir == NULL){
568
dir = opendir(PDIR);
569
} else {
570
dir = opendir(plugindir);
571
}
329
572
330
dir = opendir(plugindir);
331
573
if(dir == NULL){
332
574
perror("Could not open plugin dir");
333
575
exitstatus = EXIT_FAILURE;
334
goto end;
576
goto fallback;
335
577
}
336
578
337
579
/* Set the FD_CLOEXEC flag on the directory, if possible */
342
584
if(ret < 0){
343
585
perror("set_cloexec_flag");
344
586
exitstatus = EXIT_FAILURE;
345
goto end;
587
goto fallback;
346
588
}
347
589
}
348
590
}
354
596
355
597
// All directory entries have been processed
356
598
if(dirst == NULL){
599
if (errno == EBADF){
600
perror("readdir");
601
exitstatus = EXIT_FAILURE;
602
goto fallback;
603
}
357
604
break;
358
605
}
359
606
403
650
continue;
404
651
}
405
652
}
406
407
char *filename = malloc(d_name_len + strlen(plugindir) + 2);
408
if (filename == NULL){
409
perror("malloc");
410
exitstatus = EXIT_FAILURE;
411
goto end;
412
}
413
strcpy(filename, plugindir); /* Spurious warning */
414
strcat(filename, "/"); /* Spurious warning */
415
strcat(filename, dirst->d_name); /* Spurious warning */
416
417
stat(filename, &st);
653
654
char *filename;
655
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name);
656
if(ret < 0){
657
perror("asprintf");
658
continue;
659
}
660
661
ret = stat(filename, &st);
662
if (ret == -1){
663
perror("stat");
664
free(filename);
665
continue;
666
}
418
667
419
668
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){
420
669
if(debug){
424
673
free(filename);
425
674
continue;
426
675
}
427
if(getplugin(dirst->d_name, &plugin_list)->disabled){
676
plugin *p = getplugin(dirst->d_name, &plugin_list);
677
if(p == NULL){
678
perror("getplugin");
679
free(filename);
680
continue;
681
}
682
if(p->disabled){
428
683
if(debug){
429
684
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
430
685
dirst->d_name);
432
687
free(filename);
433
688
continue;
434
689
}
435
plugin *p = getplugin(dirst->d_name, &plugin_list);
436
690
{
437
691
/* Add global arguments to argument list for this plugin */
438
692
plugin *g = getplugin(NULL, &plugin_list);
439
for(char **a = g->argv + 1; *a != NULL; a++){
440
addargument(p, *a);
441
}
442
}
443
int pipefd[2];
693
if(g != NULL){
694
for(char **a = g->argv + 1; *a != NULL; a++){
695
if(not add_argument(p, *a)){
696
perror("add_argument");
697
}
698
}
699
/* Add global environment variables */
700
for(char **e = g->environ; *e != NULL; e++){
701
if(not add_environment(p, *e)){
702
perror("add_environment");
703
}
704
}
705
}
706
}
707
/* If this plugin has any environment variables, we will call
708
using execve and need to duplicate the environment from this
709
process, too. */
710
if(p->environ[0] != NULL){
711
for(char **e = environ; *e != NULL; e++){
712
char *copy = strdup(*e);
713
if(copy == NULL){
714
perror("strdup");
715
continue;
716
}
717
if(not add_environment(p, copy)){
718
perror("add_environment");
719
}
720
}
721
}
722
723
int pipefd[2];
444
724
ret = pipe(pipefd);
445
725
if (ret == -1){
446
726
perror("pipe");
447
727
exitstatus = EXIT_FAILURE;
448
goto end;
728
goto fallback;
449
729
}
450
730
ret = set_cloexec_flag(pipefd[0]);
451
731
if(ret < 0){
452
732
perror("set_cloexec_flag");
453
733
exitstatus = EXIT_FAILURE;
454
goto end;
734
goto fallback;
455
735
}
456
736
ret = set_cloexec_flag(pipefd[1]);
457
737
if(ret < 0){
458
738
perror("set_cloexec_flag");
459
739
exitstatus = EXIT_FAILURE;
460
goto end;
740
goto fallback;
461
741
}
462
742
/* Block SIGCHLD until process is safely in process list */
463
743
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
464
744
if(ret < 0){
465
745
perror("sigprocmask");
466
746
exitstatus = EXIT_FAILURE;
467
goto end;
747
goto fallback;
468
748
}
469
749
// Starting a new process to be watched
470
750
pid_t pid = fork();
751
if(pid == -1){
752
perror("fork");
753
exitstatus = EXIT_FAILURE;
754
goto fallback;
755
}
471
756
if(pid == 0){
472
757
/* this is the child process */
473
758
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
480
765
perror("sigprocmask");
481
766
_exit(EXIT_FAILURE);
482
767
}
483
dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
768
769
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
770
if(ret == -1){
771
perror("dup2");
772
_exit(EXIT_FAILURE);
773
}
484
774
485
775
if(dirfd(dir) < 0){
486
776
/* If dir has no file descriptor, we could not set FD_CLOEXEC
487
777
above and must now close it manually here. */
488
778
closedir(dir);
489
779
}
490
if(execv(filename, p->argv) < 0){
491
perror("execv");
492
_exit(EXIT_FAILURE);
780
if(p->environ[0] == NULL){
781
if(execv(filename, p->argv) < 0){
782
perror("execv");
783
_exit(EXIT_FAILURE);
784
}
785
} else {
786
if(execve(filename, p->argv, p->environ) < 0){
787
perror("execve");
788
_exit(EXIT_FAILURE);
789
}
493
790
}
494
791
/* no return */
495
792
}
504
801
perror("sigprocmask");
505
802
}
506
803
exitstatus = EXIT_FAILURE;
507
goto end;
804
goto fallback;
508
805
}
509
806
510
807
*new_process = (struct process){ .pid = pid,
518
815
if(ret < 0){
519
816
perror("sigprocmask");
520
817
exitstatus = EXIT_FAILURE;
521
goto end;
818
goto fallback;
522
819
}
523
820
524
821
FD_SET(new_process->fd, &rfds_all);
528
825
}
529
826
530
827
}
531
532
/* Free the plugin list */
533
for(plugin *next; plugin_list != NULL; plugin_list = next){
534
next = plugin_list->next;
535
free(plugin_list->argv);
536
free(plugin_list);
537
}
828
829
free_plugin_list(plugin_list);
830
plugin_list = NULL;
538
831
539
832
closedir(dir);
540
833
dir = NULL;
541
834
542
835
if (process_list == NULL){
543
fprintf(stderr, "No plugin processes started, exiting\n");
544
exitstatus = EXIT_FAILURE;
545
goto end;
836
fprintf(stderr, "No plugin processes started. Incorrect plugin"
837
" directory?\n");
838
process_list = NULL;
546
839
}
547
840
while(process_list){
548
841
fd_set rfds = rfds_all;
550
843
if (select_ret == -1){
551
844
perror("select");
552
845
exitstatus = EXIT_FAILURE;
553
goto end;
846
goto fallback;
554
847
}
555
848
/* OK, now either a process completed, or something can be read
556
849
from one of them */
563
856
/* Bad exit by plugin */
564
857
if(debug){
565
858
if(WIFEXITED(proc->status)){
566
fprintf(stderr, "Plugin %d exited with status %d\n",
567
proc->pid, WEXITSTATUS(proc->status));
859
fprintf(stderr, "Plugin %u exited with status %d\n",
860
(unsigned int) (proc->pid),
861
WEXITSTATUS(proc->status));
568
862
} else if(WIFSIGNALED(proc->status)) {
569
fprintf(stderr, "Plugin %d killed by signal %d\n",
570
proc->pid, WTERMSIG(proc->status));
863
fprintf(stderr, "Plugin %u killed by signal %d\n",
864
(unsigned int) (proc->pid),
865
WTERMSIG(proc->status));
571
866
} else if(WCOREDUMP(proc->status)){
572
fprintf(stderr, "Plugin %d dumped core\n", proc->pid);
867
fprintf(stderr, "Plugin %d dumped core\n",
868
(unsigned int) (proc->pid));
573
869
}
574
870
}
575
871
/* Remove the plugin */
576
872
FD_CLR(proc->fd, &rfds_all);
577
873
/* Block signal while modifying process_list */
578
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
874
ret = sigprocmask(SIG_BLOCK, &sigchld_action.sa_mask, NULL);
579
875
if(ret < 0){
580
876
perror("sigprocmask");
581
877
exitstatus = EXIT_FAILURE;
582
goto end;
878
goto fallback;
583
879
}
584
880
/* Delete this process entry from the list */
585
881
if(process_list == proc){
608
904
break;
609
905
}
610
906
/* This process exited nicely, so print its buffer */
611
for(size_t written = 0; written < proc->buffer_length;
612
written += (size_t)ret){
613
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO,
614
proc->buffer + written,
615
proc->buffer_length
616
- written));
617
if(ret < 0){
618
perror("write");
619
exitstatus = EXIT_FAILURE;
620
goto end;
621
}
907
908
bool bret = print_out_password(proc->buffer,
909
proc->buffer_length);
910
if(not bret){
911
perror("print_out_password");
912
exitstatus = EXIT_FAILURE;
622
913
}
623
goto end;
914
goto fallback;
624
915
}
625
916
/* This process has not completed. Does it have any output? */
626
917
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){
634
925
if (proc->buffer == NULL){
635
926
perror("malloc");
636
927
exitstatus = EXIT_FAILURE;
637
goto end;
928
goto fallback;
638
929
}
639
930
proc->buffer_size += BUFFER_SIZE;
640
931
}
653
944
}
654
945
}
655
946
}
656
if(process_list == NULL){
657
fprintf(stderr, "All plugin processes failed, exiting\n");
658
exitstatus = EXIT_FAILURE;
947
948
949
fallback:
950
951
if(process_list == NULL or exitstatus != EXIT_SUCCESS){
952
/* Fallback if all plugins failed, none are found or an error
953
occured */
954
bool bret;
955
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
956
char *passwordbuffer = getpass("Password: ");
957
bret = print_out_password(passwordbuffer, strlen(passwordbuffer));
958
if(not bret){
959
perror("print_out_password");
960
exitstatus = EXIT_FAILURE;
961
}
659
962
}
660
963
661
end:
662
964
/* Restore old signal handler */
663
sigaction(SIGCHLD, &old_sigchld_action, NULL);
664
665
free(plus_argv);
666
667
/* Free the plugin list */
668
for(plugin *next; plugin_list != NULL; plugin_list = next){
669
next = plugin_list->next;
670
free(plugin_list->argv);
671
free(plugin_list);
672
}
965
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
966
if(ret == -1){
967
perror("sigaction");
968
exitstatus = EXIT_FAILURE;
969
}
970
971
if(custom_argv != NULL){
972
for(char **arg = custom_argv+1; *arg != NULL; arg++){
973
free(*arg);
974
}
975
free(custom_argv);
976
}
977
free_plugin_list(plugin_list);
673
978
674
979
if(dir != NULL){
675
980
closedir(dir);
679
984
for(process *next; process_list != NULL; process_list = next){
680
985
next = process_list->next;
681
986
close(process_list->fd);
682
kill(process_list->pid, SIGTERM);
987
ret = kill(process_list->pid, SIGTERM);
988
if(ret == -1 and errno != ESRCH){
989
/* set-uid proccesses migth not get closed */
990
perror("kill");
991
}
683
992
free(process_list->buffer);
684
993
free(process_list);
685
994
}
691
1000
if(errno != ECHILD){
692
1001
perror("wait");
693
1002
}
1003
1004
free(plugindir);
1005
free(argfile);
694
1006
695
1007
return exitstatus;
696
1008
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0