/mandos/trunk : revision 110

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/usplash.c

Committer: Teddy Hogeborn
Date: 2008-08-29 05:53:59 UTC
Revision ID: teddy@fukt.bsnet.se-20080829055359-wkdasnyxtylmnxus

* mandos.xml (EXAMPLE): Replaced all occurences of command name with
                        "&COMMANDNAME;".

* plugins.d/password-prompt.c (main): Improved some documentation
                                      strings.  Do perror() of
                                      tcgetattr() fails.  Add debug
                                      output if interrupted by signal.
                                      Loop over write() instead of
                                      using fwrite() when outputting
                                      password.  Add debug output if
                                      getline() returns 0, unless it
                                      was caused by a signal.  Add
                                      exit status code to debug
                                      output.

* plugins.d/password-prompt.xml: Changed all single quotes to double
                                 quotes for consistency.  Removed
                                 <?xml-stylesheet>.
  (ENTITY TIMESTAMP): New.  Automatically updated by Emacs time-stamp
                      by using Emacs local variables.
  (/refentry/refentryinfo/title): Changed to "Mandos Manual".
  (/refentry/refentryinfo/productname): Changed to "Mandos".
  (/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
  (/refentry/refentryinfo/copyright): Split copyright holders.
  (/refentry/refnamediv/refpurpose): Improved wording.
  (SYNOPSIS): Fix to use correct markup.  Add short options.
  (DESCRIPTION, OPTIONS): Improved wording.
  (OPTIONS): Improved wording.  Use more correct markup.  Document
             short options.
  (EXIT STATUS): Add text.
  (ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
  (FILES): REMOVED.
  (BUGS): Add text.
  (EXAMPLE): Added some examples.
  (SECURITY): Added text.
  (SEE ALSO): Remove reference to mandos(8).  Add reference to
              crypttab(5).

files added:
plugins.d/usplash

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

INSTALL

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.config

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.config

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/sv.po

debian/rules

default-mandos

init.d-mandos

legalnotice.xml

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/splashy.c

plugins.d/usplash.c

files renamed:
plugins.d/mandos-client.c => plugins.d/password-request.c

plugins.d/mandos-client.xml => plugins.d/password-request.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

plugins.d/usplash.c

#define _GNU_SOURCE /* asprintf() */

#include <signal.h> /* sig_atomic_t, struct sigaction,

sigemptyset(), sigaddset(), SIGINT,

SIGHUP, SIGTERM, sigaction(),

SIG_IGN, kill(), SIGKILL */

#include <stdbool.h> /* bool, false, true */

#include <fcntl.h> /* open(), O_WRONLY, O_RDONLY */

#include <iso646.h> /* and, or, not*/

#include <errno.h> /* errno, EINTR */

#include <sys/types.h> /* size_t, ssize_t, pid_t, DIR, struct

dirent */

#include <stddef.h> /* NULL */

#include <string.h> /* strlen(), memcmp() */

#include <stdio.h> /* asprintf(), perror() */

#include <unistd.h> /* close(), write(), readlink(),

read(), STDOUT_FILENO, sleep(),

fork(), setuid(), geteuid(),

setsid(), chdir(), dup2(),

STDERR_FILENO, execv() */

#include <stdlib.h> /* free(), EXIT_FAILURE, strtoul(),

realloc(), EXIT_SUCCESS, malloc(),

_exit() */

#include <stdlib.h> /* getenv() */

#include <dirent.h> /* opendir(), readdir(), closedir() */

#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */

sig_atomic_t interrupted_by_signal = 0;

static void termination_handler(__attribute__((unused))int signum){

interrupted_by_signal = 1;

}

static bool usplash_write(const char *cmd, const char *arg){

* usplash_write("TIMEOUT", "15") will write "TIMEOUT 15\0"

* usplash_write("PULSATE", NULL) will write "PULSATE\0"

* SEE ALSO

* usplash_write(8)

int ret;

int fifo_fd;

do{

fifo_fd = open("/dev/.initramfs/usplash_fifo", O_WRONLY);

if(fifo_fd == -1 and (errno != EINTR or interrupted_by_signal)){

return false;

}

}while(fifo_fd == -1);

const char *cmd_line;

size_t cmd_line_len;

char *cmd_line_alloc = NULL;

if(arg == NULL){

cmd_line = cmd;

cmd_line_len = strlen(cmd);

}else{

do{

ret = asprintf(&cmd_line_alloc, "%s %s", cmd, arg);

if(ret == -1 and (errno != EINTR or interrupted_by_signal)){

int e = errno;

close(fifo_fd);

errno = e;

return false;

}

}while(ret == -1);

cmd_line = cmd_line_alloc;

cmd_line_len = (size_t)ret + 1;

}

size_t written = 0;

while(not interrupted_by_signal and written < cmd_line_len){

ret = write(fifo_fd, cmd_line + written,

cmd_line_len - written);

if(ret == -1){

if(errno != EINTR or interrupted_by_signal){

int e = errno;

close(fifo_fd);

free(cmd_line_alloc);

errno = e;

return false;

} else {

continue;

}

written += (size_t)ret;

}

free(cmd_line_alloc);

do{

ret = close(fifo_fd);

if(ret == -1 and (errno != EINTR or interrupted_by_signal)){

return false;

}

}while(ret == -1);

if(interrupted_by_signal){

return false;

}

return true;

}

int main(__attribute__((unused))int argc,

100

__attribute__((unused))char **argv){

101

int ret = 0;

102

ssize_t sret;

103

bool an_error_occured = false;

104

105

/* Create prompt string */

106

char *prompt = NULL;

107

{

108

const char *const cryptsource = getenv("cryptsource");

109

const char *const crypttarget = getenv("crypttarget");

110

const char prompt_start[] = "Enter passphrase to unlock the disk";

111

112

if(cryptsource == NULL){

113

if(crypttarget == NULL){

114

ret = asprintf(&prompt, "%s: ", prompt_start);

115

} else {

116

ret = asprintf(&prompt, "%s (%s): ", prompt_start,

117

crypttarget);

118

}

119

} else {

120

if(crypttarget == NULL){

121

ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);

122

} else {

123

ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,

124

cryptsource, crypttarget);

125

}

126

}

127

if(ret == -1){

128

return EXIT_FAILURE;

129

}

130

}

131

132

/* Find usplash process */

133

pid_t usplash_pid = 0;

134

char *cmdline = NULL;

135

size_t cmdline_len = 0;

136

const char usplash_name[] = "/sbin/usplash";

137

{

138

DIR *proc_dir = opendir("/proc");

139

if(proc_dir == NULL){

140

free(prompt);

141

perror("opendir");

142

return EXIT_FAILURE;

143

}

144

for(struct dirent *proc_ent = readdir(proc_dir);

145

proc_ent != NULL;

146

proc_ent = readdir(proc_dir)){

147

pid_t pid = (pid_t) strtoul(proc_ent->d_name, NULL, 10);

148

if(pid == 0){

149

/* Not a process */

150

continue;

151

}

152

/* Find the executable name by doing readlink() on the

153

/proc/<pid>/exe link */

154

char exe_target[sizeof(usplash_name)];

155

{

156

/* create file name string */

157

char *exe_link;

158

ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);

159

if(ret == -1){

160

perror("asprintf");

161

free(prompt);

162

closedir(proc_dir);

163

return EXIT_FAILURE;

164

}

165

166

/* Check that it refers to a symlink owned by root:root */

167

struct stat exe_stat;

168

ret = lstat(exe_link, &exe_stat);

169

if(ret == -1){

170

perror("lstat");

171

free(exe_link);

172

free(prompt);

173

closedir(proc_dir);

174

return EXIT_FAILURE;

175

}

176

if(not S_ISLNK(exe_stat.st_mode)

177

or exe_stat.st_uid != 0

178

or exe_stat.st_gid != 0){

179

free(exe_link);

180

continue;

181

}

182

183

sret = readlink(exe_link, exe_target, sizeof(exe_target));

184

free(exe_link);

185

if(sret == -1){

186

continue;

187

}

188

}

189

if((sret == ((ssize_t)sizeof(exe_target)-1))

190

and (memcmp(usplash_name, exe_target,

191

sizeof(exe_target)-1) == 0)){

192

usplash_pid = pid;

193

/* Read and save the command line of usplash in "cmdline" */

194

{

195

/* Open /proc/<pid>/cmdline */

196

int cl_fd;

197

{

198

char *cmdline_filename;

199

ret = asprintf(&cmdline_filename, "/proc/%s/cmdline",

200

proc_ent->d_name);

201

if(ret == -1){

202

perror("asprintf");

203

free(prompt);

204

closedir(proc_dir);

205

return EXIT_FAILURE;

206

}

207

cl_fd = open(cmdline_filename, O_RDONLY);

208

if(cl_fd == -1){

209

perror("open");

210

free(cmdline_filename);

211

free(prompt);

212

closedir(proc_dir);

213

return EXIT_FAILURE;

214

}

215

free(cmdline_filename);

216

}

217

size_t cmdline_allocated = 0;

218

char *tmp;

219

const size_t blocksize = 1024;

220

do{

221

if(cmdline_len + blocksize > cmdline_allocated){

222

tmp = realloc(cmdline, cmdline_allocated + blocksize);

223

if(tmp == NULL){

224

perror("realloc");

225

free(cmdline);

226

free(prompt);

227

closedir(proc_dir);

228

return EXIT_FAILURE;

229

}

230

cmdline = tmp;

231

cmdline_allocated += blocksize;

232

}

233

sret = read(cl_fd, cmdline + cmdline_len,

234

cmdline_allocated - cmdline_len);

235

if(sret == -1){

236

perror("read");

237

free(cmdline);

238

free(prompt);

239

closedir(proc_dir);

240

return EXIT_FAILURE;

241

}

242

cmdline_len += (size_t)sret;

243

} while(sret != 0);

244

close(cl_fd);

245

}

246

break;

247

}

248

}

249

closedir(proc_dir);

250

}

251

if(usplash_pid == 0){

252

free(prompt);

253

return EXIT_FAILURE;

254

}

255

256

/* Set up the signal handler */

257

{

258

struct sigaction old_action,

259

new_action = { .sa_handler = termination_handler,

260

.sa_flags = 0 };

261

sigemptyset(&new_action.sa_mask);

262

sigaddset(&new_action.sa_mask, SIGINT);

263

sigaddset(&new_action.sa_mask, SIGHUP);

264

sigaddset(&new_action.sa_mask, SIGTERM);

265

ret = sigaction(SIGINT, NULL, &old_action);

266

if(ret == -1){

267

perror("sigaction");

268

free(prompt);

269

return EXIT_FAILURE;

270

}

271

if(old_action.sa_handler != SIG_IGN){

272

ret = sigaction(SIGINT, &new_action, NULL);

273

if(ret == -1){

274

perror("sigaction");

275

free(prompt);

276

return EXIT_FAILURE;

277

}

278

}

279

ret = sigaction(SIGHUP, NULL, &old_action);

280

if(ret == -1){

281

perror("sigaction");

282

free(prompt);

283

return EXIT_FAILURE;

284

}

285

if(old_action.sa_handler != SIG_IGN){

286

ret = sigaction(SIGHUP, &new_action, NULL);

287

if(ret == -1){

288

perror("sigaction");

289

free(prompt);

290

return EXIT_FAILURE;

291

}

292

}

293

ret = sigaction(SIGTERM, NULL, &old_action);

294

if(ret == -1){

295

perror("sigaction");

296

free(prompt);

297

return EXIT_FAILURE;

298

}

299

if(old_action.sa_handler != SIG_IGN){

300

ret = sigaction(SIGTERM, &new_action, NULL);

301

if(ret == -1){

302

perror("sigaction");

303

free(prompt);

304

return EXIT_FAILURE;

305

}

306

}

307

}

308

309

/* Write command to FIFO */

310

if(not interrupted_by_signal){

311

if(not usplash_write("TIMEOUT", "0")

312

and (errno != EINTR)){

313

perror("usplash_write");

314

an_error_occured = true;

315

}

316

}

317

if(not interrupted_by_signal and not an_error_occured){

318

if(not usplash_write("INPUTQUIET", prompt)

319

and (errno != EINTR)){

320

perror("usplash_write");

321

an_error_occured = true;

322

}

323

}

324

free(prompt);

325

326

/* This is not really a loop; while() is used to be able to "break"

327

out of it; those breaks are marked "Big" */

328

while(not interrupted_by_signal and not an_error_occured){

329

char *buf = NULL;

330

size_t buf_len = 0;

331

332

/* Open FIFO */

333

int fifo_fd;

334

do{

335

fifo_fd = open("/dev/.initramfs/usplash_outfifo", O_RDONLY);

336

if(fifo_fd == -1){

337

if(errno != EINTR){

338

perror("open");

339

an_error_occured = true;

340

break;

341

}

342

if(interrupted_by_signal){

343

break;

344

}

345

}

346

}while(fifo_fd == -1);

347

if(interrupted_by_signal or an_error_occured){

348

break; /* Big */

349

}

350

351

/* Read from FIFO */

352

size_t buf_allocated = 0;

353

const size_t blocksize = 1024;

354

do{

355

if(buf_len + blocksize > buf_allocated){

356

char *tmp = realloc(buf, buf_allocated + blocksize);

357

if(tmp == NULL){

358

perror("realloc");

359

an_error_occured = true;

360

break;

361

}

362

buf = tmp;

363

buf_allocated += blocksize;

364

}

365

do{

366

sret = read(fifo_fd, buf + buf_len, buf_allocated - buf_len);

367

if(sret == -1){

368

if(errno != EINTR){

369

perror("read");

370

an_error_occured = true;

371

break;

372

}

373

if(interrupted_by_signal){

374

break;

375

}

376

}

377

}while(sret == -1);

378

if(interrupted_by_signal or an_error_occured){

379

break;

380

}

381

382

buf_len += (size_t)sret;

383

}while(sret != 0);

384

close(fifo_fd);

385

if(interrupted_by_signal or an_error_occured){

386

break; /* Big */

387

}

388

389

if(not usplash_write("TIMEOUT", "15")

390

and (errno != EINTR)){

391

perror("usplash_write");

392

an_error_occured = true;

393

}

394

if(interrupted_by_signal or an_error_occured){

395

break; /* Big */

396

}

397

398

/* Print password to stdout */

399

size_t written = 0;

400

while(written < buf_len){

401

do{

402

sret = write(STDOUT_FILENO, buf + written, buf_len - written);

403

if(sret == -1){

404

if(errno != EINTR){

405

perror("write");

406

an_error_occured = true;

407

break;

408

}

409

if(interrupted_by_signal){

410

break;

411

}

412

}

413

}while(sret == -1);

414

if(interrupted_by_signal or an_error_occured){

415

break;

416

}

417

written += (size_t)sret;

418

}

419

free(buf);

420

if(not interrupted_by_signal and not an_error_occured){

421

free(cmdline);

422

return EXIT_SUCCESS;

423

}

424

break; /* Big */

425

} /* end of non-loop while() */

426

427

/* If we got here, an error or interrupt must have happened */

428

429

/* Create argc and argv for new usplash*/

430

int cmdline_argc = 0;

431

char **cmdline_argv = malloc(sizeof(char *));

432

{

433

size_t position = 0;

434

while(position < cmdline_len){

435

char **tmp = realloc(cmdline_argv,

436

(sizeof(char *)

437

* (size_t)(cmdline_argc + 2)));

438

if(tmp == NULL){

439

perror("realloc");

440

free(cmdline_argv);

441

return EXIT_FAILURE;

442

}

443

cmdline_argv = tmp;

444

cmdline_argv[cmdline_argc] = cmdline + position;

445

cmdline_argc++;

446

position += strlen(cmdline + position) + 1;

447

}

448

cmdline_argv[cmdline_argc] = NULL;

449

}

450

/* Kill old usplash */

451

kill(usplash_pid, SIGTERM);

452

sleep(2);

453

while(kill(usplash_pid, 0) == 0){

454

kill(usplash_pid, SIGKILL);

455

sleep(1);

456

}

457

pid_t new_usplash_pid = fork();

458

if(new_usplash_pid == 0){

459

/* Child; will become new usplash process */

460

461

/* Make the effective user ID (root) the only user ID instead of

462

the real user ID (mandos) */

463

ret = setuid(geteuid());

464

if(ret == -1){

465

perror("setuid");

466

}

467

468

setsid();

469

ret = chdir("/");

470

/* if(fork() != 0){ */

471

/* _exit(EXIT_SUCCESS); */

472

/* } */

473

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

474

if(ret == -1){

475

perror("dup2");

476

_exit(EXIT_FAILURE);

477

}

478

479

execv(usplash_name, cmdline_argv);

480

if(not interrupted_by_signal){

481

perror("execv");

482

}

483

free(cmdline);

484

free(cmdline_argv);

485

_exit(EXIT_FAILURE);

486

}

487

free(cmdline);

488

free(cmdline_argv);

489

sleep(2);

490

if(not usplash_write("PULSATE", NULL)

491

and (errno != EINTR)){

492

perror("usplash_write");

493

}

494

495

return EXIT_FAILURE;

496

}

Older »