To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/usplash.c
- browse files at revision 1237
- compare with another revision
- download diff
- download tarball
- view history from revision 1237
- Committer: Teddy Hogeborn
- Date: 2021-02-03 23:10:42 UTC
- Revision ID: teddy@recompile.se-20210203231042-2z3egrvpo1zt7nej
mandos-ctl: Fix bad test for command.Remove and related minor issues
The test for command.Remove removes all clients from the spy server,
and then loops over all clients, looking for the corresponding Remove
command as recorded by the spy server. But since since there aren't
any clients left after they were removed, no assertions are made, and
the test therefore does nothing. Fix this.
In tests for command.Approve and command.Deny, add checks that clients
were not somehow removed by the command (in which case, likewise, no
assertions are made).
Add related checks to TestPropertySetterCmd.runTest; i.e. test that a
sequence is not empty before looping over it and making assertions.
* mandos-ctl (TestBaseCommands.test_Remove): Save a copy of the
original "clients" dict, and loop over those instead. Add assertion
that all clients were indeed removed. Also fix the code which looks
for the Remove command, which now needs to actually work.
(TestBaseCommands.test_Approve, TestBaseCommands.test_Deny): Add
assertion that there are still clients before looping over them.
(TestPropertySetterCmd.runTest): Add assertion that the list of
values to get is not empty before looping over them. Also add check
that there are still clients before looping over clients.
The test for command.Remove removes all clients from the spy server,
and then loops over all clients, looking for the corresponding Remove
command as recorded by the spy server. But since since there aren't
any clients left after they were removed, no assertions are made, and
the test therefore does nothing. Fix this.
In tests for command.Approve and command.Deny, add checks that clients
were not somehow removed by the command (in which case, likewise, no
assertions are made).
Add related checks to TestPropertySetterCmd.runTest; i.e. test that a
sequence is not empty before looping over it and making assertions.
* mandos-ctl (TestBaseCommands.test_Remove): Save a copy of the
original "clients" dict, and loop over those instead. Add assertion
that all clients were indeed removed. Also fix the code which looks
for the Remove command, which now needs to actually work.
(TestBaseCommands.test_Approve, TestBaseCommands.test_Deny): Add
assertion that there are still clients before looping over them.
(TestPropertySetterCmd.runTest): Add assertion that the list of
values to get is not empty before looping over them. Also add check
that there are still clients before looping over clients.
- files added:
- DBUS-API
- debian/source
- debian/tests
- debian/upstream
- dracut-module
- network-hooks.d
- plugin-helpers
- files removed:
- initramfs-tools-hook-conf
- files renamed:
- mandos-list => mandos-ctl
- files modified:
- .bzrignore
added
removed
plugins.d/usplash.c
2
2
/*
3
3
* Usplash - Read a password from usplash and output it
4
4
*
5
* Copyright © 2008,2009 Teddy Hogeborn
6
* Copyright © 2008,2009 Björn Påhlsson
7
*
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
12
*
13
* This program is distributed in the hope that it will be useful, but
5
* Copyright © 2008-2018, 2021 Teddy Hogeborn
6
* Copyright © 2008-2018, 2021 Björn Påhlsson
7
*
8
* This file is part of Mandos.
9
*
10
* Mandos is free software: you can redistribute it and/or modify it
11
* under the terms of the GNU General Public License as published by
12
* the Free Software Foundation, either version 3 of the License, or
13
* (at your option) any later version.
14
*
15
* Mandos is distributed in the hope that it will be useful, but
14
16
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
17
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
18
* General Public License for more details.
17
19
*
18
20
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
21
* along with Mandos. If not, see <http://www.gnu.org/licenses/>.
21
22
*
22
* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
23
* <https://www.fukt.bsnet.se/~teddy/>.
23
* Contact the authors at <mandos@recompile.se>.
24
24
*/
25
25
26
#define _GNU_SOURCE /* asprintf() */
27
#include <signal.h> /* sig_atomic_t, struct sigaction,
28
sigemptyset(), sigaddset(), SIGINT,
29
SIGHUP, SIGTERM, sigaction(),
30
SIG_IGN, kill(), SIGKILL */
26
#define _GNU_SOURCE /* vasprintf(),
27
program_invocation_short_name,
28
asprintf(), TEMP_FAILURE_RETRY() */
29
#include <sys/types.h> /* sig_atomic_t, pid_t, setuid(),
30
geteuid(), setsid() */
31
#include <stdarg.h> /* va_list, va_start(), vfprintf() */
32
#include <stdio.h> /* vasprintf(), fprintf(), stderr,
33
vfprintf(), asprintf() */
34
#include <errno.h> /* program_invocation_short_name,
35
errno, ENOENT, EINTR */
36
#include <string.h> /* strerror(), strlen(), memcmp() */
37
#include <error.h> /* error() */
38
#include <stdlib.h> /* free(), getenv(), realloc(),
39
EXIT_FAILURE, EXIT_SUCCESS,
40
malloc(), abort() */
31
41
#include <stdbool.h> /* bool, false, true */
32
42
#include <fcntl.h> /* open(), O_WRONLY, O_RDONLY */
33
#include <iso646.h> /* and, or, not*/
34
#include <errno.h> /* errno, EINTR */
35
#include <sys/types.h> /* size_t, ssize_t, pid_t, DIR, struct
36
dirent */
37
#include <stddef.h> /* NULL */
38
#include <string.h> /* strlen(), memcmp() */
39
#include <stdio.h> /* asprintf(), perror(), sscanf() */
40
#include <unistd.h> /* close(), write(), readlink(),
41
read(), STDOUT_FILENO, sleep(),
42
fork(), setuid(), geteuid(),
43
setsid(), chdir(), dup2(),
44
STDERR_FILENO, execv() */
45
#include <stdlib.h> /* free(), EXIT_FAILURE, realloc(),
46
EXIT_SUCCESS, malloc(), _exit() */
47
#include <stdlib.h> /* getenv() */
48
#include <dirent.h> /* opendir(), readdir(), closedir() */
49
#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */
43
#include <stddef.h> /* size_t, NULL */
44
#include <unistd.h> /* close(), ssize_t, write(),
45
readlink(), read(), STDOUT_FILENO,
46
sleep(), fork(), setuid(),
47
geteuid(), setsid(), chdir(),
48
_exit(), dup2(), STDERR_FILENO,
49
execv(), TEMP_FAILURE_RETRY(),
50
pause() */
51
#include <dirent.h> /* DIR, opendir(), struct dirent,
52
readdir(), closedir() */
53
#include <inttypes.h> /* intmax_t, strtoimax() */
54
#include <iso646.h> /* or, not, and */
55
#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK() */
56
#include <sysexits.h> /* EX_OSERR, EX_UNAVAILABLE */
57
#include <signal.h> /* struct sigaction, sigemptyset(),
58
sigaddset(), SIGINT, SIGHUP,
59
SIGTERM, SIG_IGN, kill(), SIGKILL,
60
SIG_DFL, raise() */
61
#include <argz.h> /* argz_count(), argz_extract() */
50
62
51
63
sig_atomic_t interrupted_by_signal = 0;
52
53
static void termination_handler(__attribute__((unused))int signum){
64
int signal_received;
65
const char usplash_name[] = "/sbin/usplash";
66
67
/* Function to use when printing errors */
68
__attribute__((format (gnu_printf, 3, 4)))
69
void error_plus(int status, int errnum, const char *formatstring,
70
...){
71
va_list ap;
72
char *text;
73
int ret;
74
75
va_start(ap, formatstring);
76
ret = vasprintf(&text, formatstring, ap);
77
if(ret == -1){
78
fprintf(stderr, "Mandos plugin %s: ",
79
program_invocation_short_name);
80
vfprintf(stderr, formatstring, ap);
81
fprintf(stderr, ": ");
82
fprintf(stderr, "%s\n", strerror(errnum));
83
error(status, errno, "vasprintf while printing error");
84
return;
85
}
86
fprintf(stderr, "Mandos plugin ");
87
error(status, errnum, "%s", text);
88
free(text);
89
}
90
91
static void termination_handler(int signum){
92
if(interrupted_by_signal){
93
return;
94
}
54
95
interrupted_by_signal = 1;
96
signal_received = signum;
55
97
}
56
98
57
static bool usplash_write(const char *cmd, const char *arg){
99
static bool usplash_write(int *fifo_fd_r,
100
const char *cmd, const char *arg){
58
101
/*
59
* usplash_write("TIMEOUT", "15") will write "TIMEOUT 15\0"
60
* usplash_write("PULSATE", NULL) will write "PULSATE\0"
102
* usplash_write(&fd, "TIMEOUT", "15") will write "TIMEOUT 15\0"
103
* usplash_write(&fd, "PULSATE", NULL) will write "PULSATE\0"
61
104
* SEE ALSO
62
105
* usplash_write(8)
63
106
*/
64
107
int ret;
65
int fifo_fd;
66
do{
67
fifo_fd = open("/dev/.initramfs/usplash_fifo", O_WRONLY);
68
if(fifo_fd == -1 and (errno != EINTR or interrupted_by_signal)){
108
if(*fifo_fd_r == -1){
109
ret = open("/dev/.initramfs/usplash_fifo", O_WRONLY);
110
if(ret == -1){
69
111
return false;
70
112
}
71
}while(fifo_fd == -1);
113
*fifo_fd_r = ret;
114
}
72
115
73
116
const char *cmd_line;
74
117
size_t cmd_line_len;
75
118
char *cmd_line_alloc = NULL;
76
119
if(arg == NULL){
77
120
cmd_line = cmd;
78
cmd_line_len = strlen(cmd);
79
}else{
80
do{
121
cmd_line_len = strlen(cmd) + 1;
122
} else {
123
do {
81
124
ret = asprintf(&cmd_line_alloc, "%s %s", cmd, arg);
82
if(ret == -1 and (errno != EINTR or interrupted_by_signal)){
125
if(ret == -1){
83
126
int e = errno;
84
close(fifo_fd);
127
close(*fifo_fd_r);
85
128
errno = e;
86
129
return false;
87
130
}
88
}while(ret == -1);
131
} while(ret == -1);
89
132
cmd_line = cmd_line_alloc;
90
133
cmd_line_len = (size_t)ret + 1;
91
134
}
92
135
93
136
size_t written = 0;
94
137
ssize_t sret = 0;
95
while(not interrupted_by_signal and written < cmd_line_len){
96
sret = write(fifo_fd, cmd_line + written,
138
while(written < cmd_line_len){
139
sret = write(*fifo_fd_r, cmd_line + written,
97
140
cmd_line_len - written);
98
141
if(sret == -1){
99
if(errno != EINTR or interrupted_by_signal){
100
int e = errno;
101
close(fifo_fd);
102
free(cmd_line_alloc);
103
errno = e;
104
return false;
105
} else {
106
continue;
107
}
142
int e = errno;
143
close(*fifo_fd_r);
144
free(cmd_line_alloc);
145
errno = e;
146
return false;
108
147
}
109
148
written += (size_t)sret;
110
149
}
111
150
free(cmd_line_alloc);
112
do{
113
ret = close(fifo_fd);
114
if(ret == -1 and (errno != EINTR or interrupted_by_signal)){
115
return false;
116
}
117
}while(ret == -1);
118
if(interrupted_by_signal){
119
return false;
120
}
151
121
152
return true;
122
153
}
123
154
155
/* Create prompt string */
156
char *makeprompt(void){
157
int ret = 0;
158
char *prompt;
159
const char *const cryptsource = getenv("cryptsource");
160
const char *const crypttarget = getenv("crypttarget");
161
const char prompt_start[] = "Enter passphrase to unlock the disk";
162
163
if(cryptsource == NULL){
164
if(crypttarget == NULL){
165
ret = asprintf(&prompt, "%s: ", prompt_start);
166
} else {
167
ret = asprintf(&prompt, "%s (%s): ", prompt_start,
168
crypttarget);
169
}
170
} else {
171
if(crypttarget == NULL){
172
ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);
173
} else {
174
ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,
175
cryptsource, crypttarget);
176
}
177
}
178
if(ret == -1){
179
return NULL;
180
}
181
return prompt;
182
}
183
184
pid_t find_usplash(char **cmdline_r, size_t *cmdline_len_r){
185
int ret = 0;
186
ssize_t sret = 0;
187
char *cmdline = NULL;
188
size_t cmdline_len = 0;
189
DIR *proc_dir = opendir("/proc");
190
if(proc_dir == NULL){
191
error_plus(0, errno, "opendir");
192
return -1;
193
}
194
errno = 0;
195
for(struct dirent *proc_ent = readdir(proc_dir);
196
proc_ent != NULL;
197
proc_ent = readdir(proc_dir)){
198
pid_t pid;
199
{
200
intmax_t tmpmax;
201
char *tmp;
202
tmpmax = strtoimax(proc_ent->d_name, &tmp, 10);
203
if(errno != 0 or tmp == proc_ent->d_name or *tmp != '\0'
204
or tmpmax != (pid_t)tmpmax){
205
/* Not a process */
206
errno = 0;
207
continue;
208
}
209
pid = (pid_t)tmpmax;
210
}
211
/* Find the executable name by doing readlink() on the
212
/proc/<pid>/exe link */
213
char exe_target[sizeof(usplash_name)];
214
{
215
/* create file name string */
216
char *exe_link;
217
ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);
218
if(ret == -1){
219
error_plus(0, errno, "asprintf");
220
goto fail_find_usplash;
221
}
222
223
/* Check that it refers to a symlink owned by root:root */
224
struct stat exe_stat;
225
ret = lstat(exe_link, &exe_stat);
226
if(ret == -1){
227
if(errno == ENOENT){
228
free(exe_link);
229
continue;
230
}
231
error_plus(0, errno, "lstat");
232
free(exe_link);
233
goto fail_find_usplash;
234
}
235
if(not S_ISLNK(exe_stat.st_mode)
236
or exe_stat.st_uid != 0
237
or exe_stat.st_gid != 0){
238
free(exe_link);
239
continue;
240
}
241
242
sret = readlink(exe_link, exe_target, sizeof(exe_target));
243
free(exe_link);
244
}
245
/* Compare executable name */
246
if((sret != ((ssize_t)sizeof(exe_target)-1))
247
or (memcmp(usplash_name, exe_target,
248
sizeof(exe_target)-1) != 0)){
249
/* Not it */
250
continue;
251
}
252
/* Found usplash */
253
/* Read and save the command line of usplash in "cmdline" */
254
{
255
/* Open /proc/<pid>/cmdline */
256
int cl_fd;
257
{
258
char *cmdline_filename;
259
ret = asprintf(&cmdline_filename, "/proc/%s/cmdline",
260
proc_ent->d_name);
261
if(ret == -1){
262
error_plus(0, errno, "asprintf");
263
goto fail_find_usplash;
264
}
265
cl_fd = open(cmdline_filename, O_RDONLY);
266
free(cmdline_filename);
267
if(cl_fd == -1){
268
error_plus(0, errno, "open");
269
goto fail_find_usplash;
270
}
271
}
272
size_t cmdline_allocated = 0;
273
char *tmp;
274
const size_t blocksize = 1024;
275
do {
276
/* Allocate more space? */
277
if(cmdline_len + blocksize > cmdline_allocated){
278
tmp = realloc(cmdline, cmdline_allocated + blocksize);
279
if(tmp == NULL){
280
error_plus(0, errno, "realloc");
281
close(cl_fd);
282
goto fail_find_usplash;
283
}
284
cmdline = tmp;
285
cmdline_allocated += blocksize;
286
}
287
/* Read data */
288
sret = read(cl_fd, cmdline + cmdline_len,
289
cmdline_allocated - cmdline_len);
290
if(sret == -1){
291
error_plus(0, errno, "read");
292
close(cl_fd);
293
goto fail_find_usplash;
294
}
295
cmdline_len += (size_t)sret;
296
} while(sret != 0);
297
ret = close(cl_fd);
298
if(ret == -1){
299
error_plus(0, errno, "close");
300
goto fail_find_usplash;
301
}
302
}
303
/* Close directory */
304
ret = closedir(proc_dir);
305
if(ret == -1){
306
error_plus(0, errno, "closedir");
307
goto fail_find_usplash;
308
}
309
/* Success */
310
*cmdline_r = cmdline;
311
*cmdline_len_r = cmdline_len;
312
return pid;
313
}
314
315
fail_find_usplash:
316
317
free(cmdline);
318
if(proc_dir != NULL){
319
int e = errno;
320
closedir(proc_dir);
321
errno = e;
322
}
323
return 0;
324
}
325
124
326
int main(__attribute__((unused))int argc,
125
327
__attribute__((unused))char **argv){
126
328
int ret = 0;
127
329
ssize_t sret;
128
bool an_error_occured = false;
330
int fifo_fd = -1;
331
int outfifo_fd = -1;
332
char *buf = NULL;
333
size_t buf_len = 0;
334
pid_t usplash_pid = -1;
335
bool usplash_accessed = false;
336
int status = EXIT_FAILURE; /* Default failure exit status */
129
337
130
/* Create prompt string */
131
char *prompt = NULL;
132
{
133
const char *const cryptsource = getenv("cryptsource");
134
const char *const crypttarget = getenv("crypttarget");
135
const char prompt_start[] = "Enter passphrase to unlock the disk";
136
137
if(cryptsource == NULL){
138
if(crypttarget == NULL){
139
ret = asprintf(&prompt, "%s: ", prompt_start);
140
} else {
141
ret = asprintf(&prompt, "%s (%s): ", prompt_start,
142
crypttarget);
143
}
144
} else {
145
if(crypttarget == NULL){
146
ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);
147
} else {
148
ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,
149
cryptsource, crypttarget);
150
}
151
}
152
if(ret == -1){
153
return EXIT_FAILURE;
154
}
338
char *prompt = makeprompt();
339
if(prompt == NULL){
340
status = EX_OSERR;
341
goto failure;
155
342
}
156
343
157
344
/* Find usplash process */
158
pid_t usplash_pid = 0;
159
345
char *cmdline = NULL;
160
346
size_t cmdline_len = 0;
161
const char usplash_name[] = "/sbin/usplash";
162
{
163
DIR *proc_dir = opendir("/proc");
164
if(proc_dir == NULL){
165
free(prompt);
166
perror("opendir");
167
return EXIT_FAILURE;
168
}
169
for(struct dirent *proc_ent = readdir(proc_dir);
170
proc_ent != NULL;
171
proc_ent = readdir(proc_dir)){
172
pid_t pid;
173
/* In the GNU C library, pid_t is always int */
174
ret = sscanf(proc_ent->d_name, "%d", &pid);
175
if(ret != 1){
176
/* Not a process */
177
continue;
178
}
179
/* Find the executable name by doing readlink() on the
180
/proc/<pid>/exe link */
181
char exe_target[sizeof(usplash_name)];
182
{
183
/* create file name string */
184
char *exe_link;
185
ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);
186
if(ret == -1){
187
perror("asprintf");
188
free(prompt);
189
closedir(proc_dir);
190
return EXIT_FAILURE;
191
}
192
193
/* Check that it refers to a symlink owned by root:root */
194
struct stat exe_stat;
195
ret = lstat(exe_link, &exe_stat);
196
if(ret == -1){
197
if(errno == ENOENT){
198
free(exe_link);
199
continue;
200
}
201
perror("lstat");
202
free(exe_link);
203
free(prompt);
204
closedir(proc_dir);
205
return EXIT_FAILURE;
206
}
207
if(not S_ISLNK(exe_stat.st_mode)
208
or exe_stat.st_uid != 0
209
or exe_stat.st_gid != 0){
210
free(exe_link);
211
continue;
212
}
213
214
sret = readlink(exe_link, exe_target, sizeof(exe_target));
215
free(exe_link);
216
}
217
if((sret == ((ssize_t)sizeof(exe_target)-1))
218
and (memcmp(usplash_name, exe_target,
219
sizeof(exe_target)-1) == 0)){
220
usplash_pid = pid;
221
/* Read and save the command line of usplash in "cmdline" */
222
{
223
/* Open /proc/<pid>/cmdline */
224
int cl_fd;
225
{
226
char *cmdline_filename;
227
ret = asprintf(&cmdline_filename, "/proc/%s/cmdline",
228
proc_ent->d_name);
229
if(ret == -1){
230
perror("asprintf");
231
free(prompt);
232
closedir(proc_dir);
233
return EXIT_FAILURE;
234
}
235
cl_fd = open(cmdline_filename, O_RDONLY);
236
if(cl_fd == -1){
237
perror("open");
238
free(cmdline_filename);
239
free(prompt);
240
closedir(proc_dir);
241
return EXIT_FAILURE;
242
}
243
free(cmdline_filename);
244
}
245
size_t cmdline_allocated = 0;
246
char *tmp;
247
const size_t blocksize = 1024;
248
do{
249
if(cmdline_len + blocksize > cmdline_allocated){
250
tmp = realloc(cmdline, cmdline_allocated + blocksize);
251
if(tmp == NULL){
252
perror("realloc");
253
free(cmdline);
254
free(prompt);
255
closedir(proc_dir);
256
return EXIT_FAILURE;
257
}
258
cmdline = tmp;
259
cmdline_allocated += blocksize;
260
}
261
sret = read(cl_fd, cmdline + cmdline_len,
262
cmdline_allocated - cmdline_len);
263
if(sret == -1){
264
perror("read");
265
free(cmdline);
266
free(prompt);
267
closedir(proc_dir);
268
return EXIT_FAILURE;
269
}
270
cmdline_len += (size_t)sret;
271
} while(sret != 0);
272
close(cl_fd);
273
}
274
break;
275
}
276
}
277
closedir(proc_dir);
278
}
347
usplash_pid = find_usplash(&cmdline, &cmdline_len);
279
348
if(usplash_pid == 0){
280
free(prompt);
281
return EXIT_FAILURE;
349
status = EX_UNAVAILABLE;
350
goto failure;
282
351
}
283
352
284
353
/* Set up the signal handler */
287
356
new_action = { .sa_handler = termination_handler,
288
357
.sa_flags = 0 };
289
358
sigemptyset(&new_action.sa_mask);
290
sigaddset(&new_action.sa_mask, SIGINT);
291
sigaddset(&new_action.sa_mask, SIGHUP);
292
sigaddset(&new_action.sa_mask, SIGTERM);
359
ret = sigaddset(&new_action.sa_mask, SIGINT);
360
if(ret == -1){
361
error_plus(0, errno, "sigaddset");
362
status = EX_OSERR;
363
goto failure;
364
}
365
ret = sigaddset(&new_action.sa_mask, SIGHUP);
366
if(ret == -1){
367
error_plus(0, errno, "sigaddset");
368
status = EX_OSERR;
369
goto failure;
370
}
371
ret = sigaddset(&new_action.sa_mask, SIGTERM);
372
if(ret == -1){
373
error_plus(0, errno, "sigaddset");
374
status = EX_OSERR;
375
goto failure;
376
}
293
377
ret = sigaction(SIGINT, NULL, &old_action);
294
378
if(ret == -1){
295
perror("sigaction");
296
free(prompt);
297
return EXIT_FAILURE;
379
if(errno != EINTR){
380
error_plus(0, errno, "sigaction");
381
status = EX_OSERR;
382
}
383
goto failure;
298
384
}
299
385
if(old_action.sa_handler != SIG_IGN){
300
386
ret = sigaction(SIGINT, &new_action, NULL);
301
387
if(ret == -1){
302
perror("sigaction");
303
free(prompt);
304
return EXIT_FAILURE;
388
if(errno != EINTR){
389
error_plus(0, errno, "sigaction");
390
status = EX_OSERR;
391
}
392
goto failure;
305
393
}
306
394
}
307
395
ret = sigaction(SIGHUP, NULL, &old_action);
308
396
if(ret == -1){
309
perror("sigaction");
310
free(prompt);
311
return EXIT_FAILURE;
397
if(errno != EINTR){
398
error_plus(0, errno, "sigaction");
399
status = EX_OSERR;
400
}
401
goto failure;
312
402
}
313
403
if(old_action.sa_handler != SIG_IGN){
314
404
ret = sigaction(SIGHUP, &new_action, NULL);
315
405
if(ret == -1){
316
perror("sigaction");
317
free(prompt);
318
return EXIT_FAILURE;
406
if(errno != EINTR){
407
error_plus(0, errno, "sigaction");
408
status = EX_OSERR;
409
}
410
goto failure;
319
411
}
320
412
}
321
413
ret = sigaction(SIGTERM, NULL, &old_action);
322
414
if(ret == -1){
323
perror("sigaction");
324
free(prompt);
325
return EXIT_FAILURE;
415
if(errno != EINTR){
416
error_plus(0, errno, "sigaction");
417
status = EX_OSERR;
418
}
419
goto failure;
326
420
}
327
421
if(old_action.sa_handler != SIG_IGN){
328
422
ret = sigaction(SIGTERM, &new_action, NULL);
329
423
if(ret == -1){
330
perror("sigaction");
331
free(prompt);
332
return EXIT_FAILURE;
424
if(errno != EINTR){
425
error_plus(0, errno, "sigaction");
426
status = EX_OSERR;
427
}
428
goto failure;
333
429
}
334
430
}
335
431
}
336
432
433
usplash_accessed = true;
337
434
/* Write command to FIFO */
338
if(not interrupted_by_signal){
339
if(not usplash_write("TIMEOUT", "0")
340
and (errno != EINTR)){
341
perror("usplash_write");
342
an_error_occured = true;
343
}
344
}
345
if(not interrupted_by_signal and not an_error_occured){
346
if(not usplash_write("INPUTQUIET", prompt)
347
and (errno != EINTR)){
348
perror("usplash_write");
349
an_error_occured = true;
350
}
351
}
435
if(not usplash_write(&fifo_fd, "TIMEOUT", "0")){
436
if(errno != EINTR){
437
error_plus(0, errno, "usplash_write");
438
status = EX_OSERR;
439
}
440
goto failure;
441
}
442
443
if(interrupted_by_signal){
444
goto failure;
445
}
446
447
if(not usplash_write(&fifo_fd, "INPUTQUIET", prompt)){
448
if(errno != EINTR){
449
error_plus(0, errno, "usplash_write");
450
status = EX_OSERR;
451
}
452
goto failure;
453
}
454
455
if(interrupted_by_signal){
456
goto failure;
457
}
458
352
459
free(prompt);
353
354
/* This is not really a loop; while() is used to be able to "break"
355
out of it; those breaks are marked "Big" */
356
while(not interrupted_by_signal and not an_error_occured){
357
char *buf = NULL;
358
size_t buf_len = 0;
359
360
/* Open FIFO */
361
int fifo_fd;
362
do{
363
fifo_fd = open("/dev/.initramfs/usplash_outfifo", O_RDONLY);
364
if(fifo_fd == -1){
365
if(errno != EINTR){
366
perror("open");
367
an_error_occured = true;
368
break;
369
}
370
if(interrupted_by_signal){
371
break;
372
}
373
}
374
}while(fifo_fd == -1);
375
if(interrupted_by_signal or an_error_occured){
376
break; /* Big */
377
}
378
379
/* Read from FIFO */
380
size_t buf_allocated = 0;
381
const size_t blocksize = 1024;
382
do{
383
if(buf_len + blocksize > buf_allocated){
384
char *tmp = realloc(buf, buf_allocated + blocksize);
385
if(tmp == NULL){
386
perror("realloc");
387
an_error_occured = true;
388
break;
389
}
390
buf = tmp;
391
buf_allocated += blocksize;
392
}
393
do{
394
sret = read(fifo_fd, buf + buf_len, buf_allocated - buf_len);
395
if(sret == -1){
396
if(errno != EINTR){
397
perror("read");
398
an_error_occured = true;
399
break;
400
}
401
if(interrupted_by_signal){
402
break;
403
}
404
}
405
}while(sret == -1);
406
if(interrupted_by_signal or an_error_occured){
407
break;
408
}
409
410
buf_len += (size_t)sret;
411
}while(sret != 0);
412
close(fifo_fd);
413
if(interrupted_by_signal or an_error_occured){
414
break; /* Big */
415
}
416
417
if(not usplash_write("TIMEOUT", "15")
418
and (errno != EINTR)){
419
perror("usplash_write");
420
an_error_occured = true;
421
}
422
if(interrupted_by_signal or an_error_occured){
423
break; /* Big */
424
}
425
426
/* Print password to stdout */
427
size_t written = 0;
428
while(written < buf_len){
429
do{
430
sret = write(STDOUT_FILENO, buf + written, buf_len - written);
431
if(sret == -1){
432
if(errno != EINTR){
433
perror("write");
434
an_error_occured = true;
435
break;
436
}
437
if(interrupted_by_signal){
438
break;
439
}
440
}
441
}while(sret == -1);
442
if(interrupted_by_signal or an_error_occured){
443
break;
444
}
445
written += (size_t)sret;
446
}
447
free(buf);
448
if(not interrupted_by_signal and not an_error_occured){
449
free(cmdline);
450
return EXIT_SUCCESS;
451
}
452
break; /* Big */
453
} /* end of non-loop while() */
454
455
/* If we got here, an error or interrupt must have happened */
456
457
/* Create argc and argv for new usplash*/
458
int cmdline_argc = 0;
459
char **cmdline_argv = malloc(sizeof(char *));
460
{
461
size_t position = 0;
462
while(position < cmdline_len){
463
char **tmp = realloc(cmdline_argv,
464
(sizeof(char *)
465
* (size_t)(cmdline_argc + 2)));
460
prompt = NULL;
461
462
/* Read reply from usplash */
463
/* Open FIFO */
464
outfifo_fd = open("/dev/.initramfs/usplash_outfifo", O_RDONLY);
465
if(outfifo_fd == -1){
466
if(errno != EINTR){
467
error_plus(0, errno, "open");
468
status = EX_OSERR;
469
}
470
goto failure;
471
}
472
473
if(interrupted_by_signal){
474
goto failure;
475
}
476
477
/* Read from FIFO */
478
size_t buf_allocated = 0;
479
const size_t blocksize = 1024;
480
do {
481
/* Allocate more space */
482
if(buf_len + blocksize > buf_allocated){
483
char *tmp = realloc(buf, buf_allocated + blocksize);
466
484
if(tmp == NULL){
467
perror("realloc");
468
free(cmdline_argv);
469
return EXIT_FAILURE;
470
}
471
cmdline_argv = tmp;
472
cmdline_argv[cmdline_argc] = cmdline + position;
473
cmdline_argc++;
474
position += strlen(cmdline + position) + 1;
475
}
476
cmdline_argv[cmdline_argc] = NULL;
477
}
485
if(errno != EINTR){
486
error_plus(0, errno, "realloc");
487
status = EX_OSERR;
488
}
489
goto failure;
490
}
491
buf = tmp;
492
buf_allocated += blocksize;
493
}
494
sret = read(outfifo_fd, buf + buf_len,
495
buf_allocated - buf_len);
496
if(sret == -1){
497
if(errno != EINTR){
498
error_plus(0, errno, "read");
499
status = EX_OSERR;
500
}
501
close(outfifo_fd);
502
goto failure;
503
}
504
if(interrupted_by_signal){
505
break;
506
}
507
508
buf_len += (size_t)sret;
509
} while(sret != 0);
510
ret = close(outfifo_fd);
511
if(ret == -1){
512
if(errno != EINTR){
513
error_plus(0, errno, "close");
514
status = EX_OSERR;
515
}
516
goto failure;
517
}
518
outfifo_fd = -1;
519
520
if(interrupted_by_signal){
521
goto failure;
522
}
523
524
if(not usplash_write(&fifo_fd, "TIMEOUT", "15")){
525
if(errno != EINTR){
526
error_plus(0, errno, "usplash_write");
527
status = EX_OSERR;
528
}
529
goto failure;
530
}
531
532
if(interrupted_by_signal){
533
goto failure;
534
}
535
536
ret = close(fifo_fd);
537
if(ret == -1){
538
if(errno != EINTR){
539
error_plus(0, errno, "close");
540
status = EX_OSERR;
541
}
542
goto failure;
543
}
544
fifo_fd = -1;
545
546
/* Print password to stdout */
547
size_t written = 0;
548
while(written < buf_len){
549
do {
550
sret = write(STDOUT_FILENO, buf + written, buf_len - written);
551
if(sret == -1){
552
if(errno != EINTR){
553
error_plus(0, errno, "write");
554
status = EX_OSERR;
555
}
556
goto failure;
557
}
558
} while(sret == -1);
559
560
if(interrupted_by_signal){
561
goto failure;
562
}
563
written += (size_t)sret;
564
}
565
free(buf);
566
buf = NULL;
567
568
if(interrupted_by_signal){
569
goto failure;
570
}
571
572
free(cmdline);
573
return EXIT_SUCCESS;
574
575
failure:
576
577
free(buf);
578
579
free(prompt);
580
581
/* If usplash was never accessed, we can stop now */
582
if(not usplash_accessed){
583
return status;
584
}
585
586
/* Close FIFO */
587
if(fifo_fd != -1){
588
ret = close(fifo_fd);
589
if(ret == -1 and errno != EINTR){
590
error_plus(0, errno, "close");
591
}
592
fifo_fd = -1;
593
}
594
595
/* Close output FIFO */
596
if(outfifo_fd != -1){
597
ret = close(outfifo_fd);
598
if(ret == -1){
599
error_plus(0, errno, "close");
600
}
601
}
602
603
/* Create argv for new usplash*/
604
char **cmdline_argv = malloc((argz_count(cmdline, cmdline_len) + 1)
605
* sizeof(char *)); /* Count args */
606
if(cmdline_argv == NULL){
607
error_plus(0, errno, "malloc");
608
return status;
609
}
610
argz_extract(cmdline, cmdline_len, cmdline_argv); /* Create argv */
611
478
612
/* Kill old usplash */
479
613
kill(usplash_pid, SIGTERM);
480
614
sleep(2);
482
616
kill(usplash_pid, SIGKILL);
483
617
sleep(1);
484
618
}
619
485
620
pid_t new_usplash_pid = fork();
486
621
if(new_usplash_pid == 0){
487
622
/* Child; will become new usplash process */
488
623
489
624
/* Make the effective user ID (root) the only user ID instead of
490
the real user ID (mandos) */
625
the real user ID (_mandos) */
491
626
ret = setuid(geteuid());
492
627
if(ret == -1){
493
perror("setuid");
628
error_plus(0, errno, "setuid");
494
629
}
495
630
496
631
setsid();
497
632
ret = chdir("/");
633
if(ret == -1){
634
error_plus(0, errno, "chdir");
635
_exit(EX_OSERR);
636
}
498
637
/* if(fork() != 0){ */
499
638
/* _exit(EXIT_SUCCESS); */
500
639
/* } */
501
640
ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */
502
641
if(ret == -1){
503
perror("dup2");
504
_exit(EXIT_FAILURE);
642
error_plus(0, errno, "dup2");
643
_exit(EX_OSERR);
505
644
}
506
645
507
646
execv(usplash_name, cmdline_argv);
508
647
if(not interrupted_by_signal){
509
perror("execv");
648
error_plus(0, errno, "execv");
510
649
}
511
650
free(cmdline);
512
651
free(cmdline_argv);
513
_exit(EXIT_FAILURE);
652
_exit(EX_OSERR);
514
653
}
515
654
free(cmdline);
516
655
free(cmdline_argv);
517
656
sleep(2);
518
if(not usplash_write("PULSATE", NULL)
519
and (errno != EINTR)){
520
perror("usplash_write");
521
}
522
523
return EXIT_FAILURE;
657
if(not usplash_write(&fifo_fd, "PULSATE", NULL)){
658
if(errno != EINTR){
659
error_plus(0, errno, "usplash_write");
660
}
661
}
662
663
/* Close FIFO (again) */
664
if(fifo_fd != -1){
665
ret = close(fifo_fd);
666
if(ret == -1 and errno != EINTR){
667
error_plus(0, errno, "close");
668
}
669
fifo_fd = -1;
670
}
671
672
if(interrupted_by_signal){
673
struct sigaction signal_action = { .sa_handler = SIG_DFL };
674
sigemptyset(&signal_action.sa_mask);
675
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
676
&signal_action, NULL));
677
if(ret == -1){
678
error_plus(0, errno, "sigaction");
679
}
680
do {
681
ret = raise(signal_received);
682
} while(ret != 0 and errno == EINTR);
683
if(ret != 0){
684
error_plus(0, errno, "raise");
685
abort();
686
}
687
TEMP_FAILURE_RETRY(pause());
688
}
689
690
return status;
524
691
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0