/mandos/trunk : revision 1232

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugin-runner.c

Committer: Teddy Hogeborn
Date: 2021-02-01 19:30:45 UTC
Revision ID: teddy@recompile.se-20210201193045-lpg6aprpc4srem6k

Fix issue with french translation

Initial white space was missing in both msgid and msgstr of the french
translation, leading to checking tools reporing an incomplete
translation. The string is a raw command line command, and therefore
did not need translation, so this was never a user-visible issue.

* debian/po/fr.po: Add missing whitespace to the id and translation
for msgid " mandos-keygen -F/dev/null|grep ^key_id".

files added:
debian/mandos-client.templates

debian/mandos.templates

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/sv.po

debian/po/templates.pot

debian/source/lintian-overrides

debian/tests

debian/tests/control

debian/upstream/metadata

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

mandos-to-cryptroot-unlock

sysusers.d-mandos.conf

files removed:
initramfs-tools-hook-conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.dirs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

initramfs-unpack

intro.xml

legalnotice.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

network-hooks.d/bridge

network-hooks.d/openvpn

network-hooks.d/wireless

overview.xml

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

plugin-runner.c

* Mandos plugin runner - Run Mandos plugins

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* This file is part of Mandos.

* Mandos is free software: you can redistribute it and/or modify it

* under the terms of the GNU General Public License as published by

* the Free Software Foundation, either version 3 of the License, or

* (at your option) any later version.

* Mandos is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* along with Mandos. If not, see <http://www.gnu.org/licenses/>.

* Contact the authors at <mandos@recompile.se>.

#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),

O_CLOEXEC, pipe2() */

#include <stddef.h> /* size_t, NULL */

#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,

realloc() */

#include <stdlib.h> /* malloc(), reallocarray(), realloc(),

EXIT_SUCCESS, exit() */

#include <stdbool.h> /* bool, true, false */

#include <stdio.h> /* fileno(), fprintf(),

stderr, STDOUT_FILENO, fclose() */

struct stat, fstat(), close(),

setgid(), setuid(), S_ISREG(),

faccessat() pipe2(), fork(),

_exit(), dup2(), fexecve(), read()

_exit(), dup2(), fexecve(), read(),

lstat(), symlink() */

#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,

FD_CLOEXEC, openat(), scandirat(),

pipe2() */

178

179

/* Resize the pointed-to array to hold one more pointer */

179

180

char **new_array = NULL;

180

181

do {

181

new_array = realloc(*array, sizeof(char *)

182

* (size_t) ((*len) + 2));

182

#if defined(__GLIBC_PREREQ) and __GLIBC_PREREQ(2, 26)

183

new_array = reallocarray(*array, (size_t)((*len) + 2),

184

sizeof(char *));

185

#else

186

if(((size_t)((*len) + 2)) > (SIZE_MAX / sizeof(char *))){

187

/* overflow */

188

new_array = NULL;

189

errno = ENOMEM;

190

} else {

191

new_array = realloc(*array, (size_t)((*len) + 2)

192

* sizeof(char *));

193

}

194

#endif

183

195

} while(new_array == NULL and errno == EINTR);

184

196

/* Malloc check */

185

197

if(new_array == NULL){

312

324

__attribute__((nonnull))

313

325

static void free_plugin(plugin *plugin_node){

314

326

315

for(char **arg = plugin_node->argv; *arg != NULL; arg++){

327

for(char **arg = (plugin_node->argv)+1; *arg != NULL; arg++){

316

328

free(*arg);

317

329

}

330

free(plugin_node->name);

318

331

free(plugin_node->argv);

319

332

for(char **env = plugin_node->environ; *env != NULL; env++){

320

333

free(*env);

563

576

case '?': /* --help */

564

577

state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */

565

578

argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);

579

__builtin_unreachable();

566

580

case -3: /* --usage */

567

581

state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */

568

582

argp_state_help(state, state->out_stream,

569

583

ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);

584

__builtin_unreachable();

570

585

case 'V': /* --version */

571

586

fprintf(state->out_stream, "%s\n", argp_program_version);

572

587

exit(EXIT_SUCCESS);

582

597

if(arg[0] == '\0'){

583

598

break;

584

599

}

600

#if __GNUC__ >= 7

601

__attribute__((fallthrough));

602

#else

603

/* FALLTHROUGH */

604

#endif

585

605

default:

586

606

return ARGP_ERR_UNKNOWN;

587

607

}

699

719

700

720

custom_argc += 1;

701

721

{

702

char **new_argv = realloc(custom_argv, sizeof(char *)

703

* ((size_t)custom_argc + 1));

722

#if defined(__GLIBC_PREREQ) and __GLIBC_PREREQ(2, 26)

723

char **new_argv = reallocarray(custom_argv, (size_t)custom_argc + 1,

724

sizeof(char *));

725

#else

726

char **new_argv = NULL;

727

if(((size_t)custom_argc + 1) > (SIZE_MAX / sizeof(char *))){

728

/* overflow */

729

errno = ENOMEM;

730

} else {

731

new_argv = realloc(custom_argv, ((size_t)custom_argc + 1)

732

* sizeof(char *));

733

}

734

#endif

704

735

if(new_argv == NULL){

705

error(0, errno, "realloc");

736

error(0, errno, "reallocarray");

706

737

exitstatus = EX_OSERR;

707

738

free(new_arg);

708

739

free(org_line);

792

823

}

793

824

794

825

if(debug){

795

for(plugin *p = plugin_list; p != NULL; p=p->next){

826

for(plugin *p = plugin_list; p != NULL; p = p->next){

796

827

fprintf(stderr, "Plugin: %s has %d arguments\n",

797

828

p->name ? p->name : "Global", p->argc - 1);

798

829

for(char **a = p->argv; *a != NULL; a++){

807

838

808

839

if(getuid() == 0){

809

840

/* Work around Debian bug #633582:

810

<http://bugs.debian.org/633582> */

841

<https://bugs.debian.org/633582> */

811

842

int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);

812

843

if(plugindir_fd == -1){

813

844

if(errno != ENOENT){

827

858

}

828

859

close(plugindir_fd);

829

860

}

861

862

/* Work around Debian bug #981302

863

<https://bugs.debian.org/981302> */

864

if(lstat("/dev/fd", &st) != 0 and errno == ENOENT){

865

ret = symlink("/proc/self/fd", "/dev/fd");

866

if(ret == -1){

867

error(0, errno, "Failed to create /dev/fd symlink");

868

}

869

}

830

870

}

831

871

832

872

/* Lower permissions */

1091

1131

1092

1132

new_plugin->pid = pid;

1093

1133

new_plugin->fd = pipefd[0];

1094

1134

1135

if(debug){

1136

fprintf(stderr, "Plugin %s started (PID %" PRIdMAX ")\n",

1137

new_plugin->name, (intmax_t) (new_plugin->pid));

1138

}

1139

1095

1140

/* Unblock SIGCHLD so signal handler can be run if this process

1096

1141

has already completed */

1097

1142

ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,

Older »