To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugbasedclient.c
- browse files at revision 13
- compare with another revision
- download diff
- download tarball
- view history from revision 13
- Committer: Björn Påhlsson
- Date: 2008-07-20 02:52:20 UTC
- Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- network-hooks.d
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
plugbasedclient.c
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
/*
3
* Mandos plugin runner - Run Mandos plugins
4
*
5
* Copyright © 2008-2013 Teddy Hogeborn
6
* Copyright © 2008-2013 Björn Påhlsson
7
*
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
12
*
13
* This program is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* General Public License for more details.
17
*
18
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
21
*
22
* Contact the authors at <mandos@recompile.se>.
23
*/
24
25
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
26
asprintf(), O_CLOEXEC */
27
#include <stddef.h> /* size_t, NULL */
28
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
29
realloc() */
30
#include <stdbool.h> /* bool, true, false */
31
#include <stdio.h> /* fileno(), fprintf(),
32
stderr, STDOUT_FILENO */
33
#include <sys/types.h> /* DIR, fdopendir(), stat(), struct
34
stat, waitpid(), WIFEXITED(),
35
WEXITSTATUS(), wait(), pid_t,
36
uid_t, gid_t, getuid(), getgid(),
37
dirfd() */
38
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
39
FD_SET(), FD_ISSET(), FD_CLR */
40
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
41
WEXITSTATUS(), WTERMSIG(),
42
WCOREDUMP() */
43
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
44
#include <iso646.h> /* and, or, not */
45
#include <dirent.h> /* DIR, struct dirent, fdopendir(),
46
readdir(), closedir(), dirfd() */
47
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
48
fcntl(), setuid(), setgid(),
49
F_GETFD, F_SETFD, FD_CLOEXEC,
50
access(), pipe(), fork(), close()
51
dup2(), STDOUT_FILENO, _exit(),
52
execv(), write(), read(),
53
close() */
54
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
55
FD_CLOEXEC */
56
#include <string.h> /* strsep, strlen(), asprintf(),
57
strsignal(), strcmp(), strncmp() */
58
#include <errno.h> /* errno */
59
#include <argp.h> /* struct argp_option, struct
60
argp_state, struct argp,
61
argp_parse(), ARGP_ERR_UNKNOWN,
62
ARGP_KEY_END, ARGP_KEY_ARG,
63
error_t */
64
#include <signal.h> /* struct sigaction, sigemptyset(),
65
sigaddset(), sigaction(),
66
sigprocmask(), SIG_BLOCK, SIGCHLD,
67
SIG_UNBLOCK, kill(), sig_atomic_t
68
*/
69
#include <errno.h> /* errno, EBADF */
70
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
71
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
72
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
73
#include <errno.h> /* errno */
74
#include <error.h> /* error() */
75
76
#define BUFFER_SIZE 256
77
78
#define PDIR "/lib/mandos/plugins.d"
79
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
80
81
const char *argp_program_version = "plugin-runner " VERSION;
82
const char *argp_program_bug_address = "<mandos@recompile.se>";
83
84
typedef struct plugin{
85
char *name; /* can be NULL or any plugin name */
86
char **argv;
87
int argc;
88
char **environ;
89
int envc;
90
bool disabled;
91
92
/* Variables used for running processes*/
1
#include <stdio.h> /* popen, fileno */
2
#include <iso646.h> /* and, or, not */
3
#include <sys/types.h> /* DIR, opendir, stat, struct stat, waitpid,
4
WIFEXITED, WEXITSTATUS, wait */
5
#include <sys/wait.h> /* wait */
6
#include <dirent.h> /* DIR, opendir */
7
#include <sys/stat.h> /* stat, struct stat */
8
#include <unistd.h> /* stat, struct stat, chdir */
9
#include <stdlib.h> /* EXIT_FAILURE */
10
#include <sys/select.h> /* fd_set, select, FD_ZERO, FD_SET, FD_ISSET */
11
#include <string.h> /* strlen, strcpy, strcat */
12
#include <stdbool.h> /* true */
13
#include <sys/wait.h> /* waitpid, WIFEXITED, WEXITSTATUS */
14
#include <errno.h> /* errno */
15
16
struct process;
17
18
typedef struct process{
93
19
pid_t pid;
94
20
int fd;
95
21
char *buffer;
96
size_t buffer_size;
97
size_t buffer_length;
98
bool eof;
99
volatile sig_atomic_t completed;
100
int status;
101
struct plugin *next;
102
} plugin;
103
104
static plugin *plugin_list = NULL;
105
106
/* Gets an existing plugin based on name,
107
or if none is found, creates a new one */
108
static plugin *getplugin(char *name){
109
/* Check for existing plugin with that name */
110
for(plugin *p = plugin_list; p != NULL; p = p->next){
111
if((p->name == name)
112
or (p->name and name and (strcmp(p->name, name) == 0))){
113
return p;
114
}
115
}
116
/* Create a new plugin */
117
plugin *new_plugin = NULL;
118
do {
119
new_plugin = malloc(sizeof(plugin));
120
} while(new_plugin == NULL and errno == EINTR);
121
if(new_plugin == NULL){
122
return NULL;
123
}
124
char *copy_name = NULL;
125
if(name != NULL){
126
do {
127
copy_name = strdup(name);
128
} while(copy_name == NULL and errno == EINTR);
129
if(copy_name == NULL){
130
int e = errno;
131
free(new_plugin);
132
errno = e;
133
return NULL;
134
}
135
}
136
137
*new_plugin = (plugin){ .name = copy_name,
138
.argc = 1,
139
.disabled = false,
140
.next = plugin_list };
141
142
do {
143
new_plugin->argv = malloc(sizeof(char *) * 2);
144
} while(new_plugin->argv == NULL and errno == EINTR);
145
if(new_plugin->argv == NULL){
146
int e = errno;
147
free(copy_name);
148
free(new_plugin);
149
errno = e;
150
return NULL;
151
}
152
new_plugin->argv[0] = copy_name;
153
new_plugin->argv[1] = NULL;
154
155
do {
156
new_plugin->environ = malloc(sizeof(char *));
157
} while(new_plugin->environ == NULL and errno == EINTR);
158
if(new_plugin->environ == NULL){
159
int e = errno;
160
free(copy_name);
161
free(new_plugin->argv);
162
free(new_plugin);
163
errno = e;
164
return NULL;
165
}
166
new_plugin->environ[0] = NULL;
167
168
/* Append the new plugin to the list */
169
plugin_list = new_plugin;
170
return new_plugin;
171
}
172
173
/* Helper function for add_argument and add_environment */
174
__attribute__((nonnull))
175
static bool add_to_char_array(const char *new, char ***array,
176
int *len){
177
/* Resize the pointed-to array to hold one more pointer */
178
do {
179
*array = realloc(*array, sizeof(char *)
180
* (size_t) ((*len) + 2));
181
} while(*array == NULL and errno == EINTR);
182
/* Malloc check */
183
if(*array == NULL){
184
return false;
185
}
186
/* Make a copy of the new string */
187
char *copy;
188
do {
189
copy = strdup(new);
190
} while(copy == NULL and errno == EINTR);
191
if(copy == NULL){
192
return false;
193
}
194
/* Insert the copy */
195
(*array)[*len] = copy;
196
(*len)++;
197
/* Add a new terminating NULL pointer to the last element */
198
(*array)[*len] = NULL;
199
return true;
200
}
201
202
/* Add to a plugin's argument vector */
203
__attribute__((nonnull(2)))
204
static bool add_argument(plugin *p, const char *arg){
205
if(p == NULL){
206
return false;
207
}
208
return add_to_char_array(arg, &(p->argv), &(p->argc));
209
}
210
211
/* Add to a plugin's environment */
212
__attribute__((nonnull(2)))
213
static bool add_environment(plugin *p, const char *def, bool replace){
214
if(p == NULL){
215
return false;
216
}
217
/* namelen = length of name of environment variable */
218
size_t namelen = (size_t)(strchrnul(def, '=') - def);
219
/* Search for this environment variable */
220
for(char **e = p->environ; *e != NULL; e++){
221
if(strncmp(*e, def, namelen + 1) == 0){
222
/* It already exists */
223
if(replace){
224
char *new;
225
do {
226
new = realloc(*e, strlen(def) + 1);
227
} while(new == NULL and errno == EINTR);
228
if(new == NULL){
229
return false;
230
}
231
*e = new;
232
strcpy(*e, def);
233
}
234
return true;
235
}
236
}
237
return add_to_char_array(def, &(p->environ), &(p->envc));
238
}
239
240
/*
241
* Based on the example in the GNU LibC manual chapter 13.13 "File
242
* Descriptor Flags".
243
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
244
*/
245
static int set_cloexec_flag(int fd){
246
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
247
/* If reading the flags failed, return error indication now. */
248
if(ret < 0){
249
return ret;
250
}
251
/* Store modified flag word in the descriptor. */
252
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
253
ret | FD_CLOEXEC));
254
}
255
256
257
/* Mark processes as completed when they exit, and save their exit
258
status. */
259
static void handle_sigchld(__attribute__((unused)) int sig){
260
int old_errno = errno;
261
while(true){
262
plugin *proc = plugin_list;
263
int status;
264
pid_t pid = waitpid(-1, &status, WNOHANG);
265
if(pid == 0){
266
/* Only still running child processes */
267
break;
268
}
269
if(pid == -1){
270
if(errno == ECHILD){
271
/* No child processes */
272
break;
273
}
274
error(0, errno, "waitpid");
275
}
276
277
/* A child exited, find it in process_list */
278
while(proc != NULL and proc->pid != pid){
279
proc = proc->next;
280
}
281
if(proc == NULL){
282
/* Process not found in process list */
283
continue;
284
}
285
proc->status = status;
286
proc->completed = 1;
287
}
288
errno = old_errno;
289
}
290
291
/* Prints out a password to stdout */
292
__attribute__((nonnull))
293
static bool print_out_password(const char *buffer, size_t length){
294
ssize_t ret;
295
for(size_t written = 0; written < length; written += (size_t)ret){
296
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
297
length - written));
298
if(ret < 0){
299
return false;
300
}
301
}
302
return true;
303
}
304
305
/* Removes and free a plugin from the plugin list */
306
__attribute__((nonnull))
307
static void free_plugin(plugin *plugin_node){
308
309
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
310
free(*arg);
311
}
312
free(plugin_node->argv);
313
for(char **env = plugin_node->environ; *env != NULL; env++){
314
free(*env);
315
}
316
free(plugin_node->environ);
317
free(plugin_node->buffer);
318
319
/* Removes the plugin from the singly-linked list */
320
if(plugin_node == plugin_list){
321
/* First one - simple */
322
plugin_list = plugin_list->next;
323
} else {
324
/* Second one or later */
325
for(plugin *p = plugin_list; p != NULL; p = p->next){
326
if(p->next == plugin_node){
327
p->next = plugin_node->next;
328
break;
329
}
330
}
331
}
332
333
free(plugin_node);
334
}
335
336
static void free_plugin_list(void){
337
while(plugin_list != NULL){
338
free_plugin(plugin_list);
339
}
340
}
22
int buffer_size;
23
int buffer_length;
24
struct process *next;
25
} process;
26
27
#define BUFFER_SIZE 256
341
28
342
29
int main(int argc, char *argv[]){
343
char *plugindir = NULL;
344
char *argfile = NULL;
345
FILE *conffp;
346
size_t d_name_len;
347
DIR *dir = NULL;
30
char plugindir[] = "plugins.d";
31
size_t d_name_len, plugindir_len = sizeof(plugindir)-1;
32
DIR *dir;
348
33
struct dirent *dirst;
349
34
struct stat st;
350
fd_set rfds_all;
35
fd_set rfds_orig;
351
36
int ret, maxfd = 0;
352
ssize_t sret;
353
uid_t uid = 65534;
354
gid_t gid = 65534;
355
bool debug = false;
356
int exitstatus = EXIT_SUCCESS;
357
struct sigaction old_sigchld_action;
358
struct sigaction sigchld_action = { .sa_handler = handle_sigchld,
359
.sa_flags = SA_NOCLDSTOP };
360
char **custom_argv = NULL;
361
int custom_argc = 0;
362
363
/* Establish a signal handler */
364
sigemptyset(&sigchld_action.sa_mask);
365
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
366
if(ret == -1){
367
error(0, errno, "sigaddset");
368
exitstatus = EX_OSERR;
369
goto fallback;
370
}
371
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
372
if(ret == -1){
373
error(0, errno, "sigaction");
374
exitstatus = EX_OSERR;
375
goto fallback;
376
}
377
378
/* The options we understand. */
379
struct argp_option options[] = {
380
{ .name = "global-options", .key = 'g',
381
.arg = "OPTION[,OPTION[,...]]",
382
.doc = "Options passed to all plugins" },
383
{ .name = "global-env", .key = 'G',
384
.arg = "VAR=value",
385
.doc = "Environment variable passed to all plugins" },
386
{ .name = "options-for", .key = 'o',
387
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
388
.doc = "Options passed only to specified plugin" },
389
{ .name = "env-for", .key = 'E',
390
.arg = "PLUGIN:ENV=value",
391
.doc = "Environment variable passed to specified plugin" },
392
{ .name = "disable", .key = 'd',
393
.arg = "PLUGIN",
394
.doc = "Disable a specific plugin", .group = 1 },
395
{ .name = "enable", .key = 'e',
396
.arg = "PLUGIN",
397
.doc = "Enable a specific plugin", .group = 1 },
398
{ .name = "plugin-dir", .key = 128,
399
.arg = "DIRECTORY",
400
.doc = "Specify a different plugin directory", .group = 2 },
401
{ .name = "config-file", .key = 129,
402
.arg = "FILE",
403
.doc = "Specify a different configuration file", .group = 2 },
404
{ .name = "userid", .key = 130,
405
.arg = "ID", .flags = 0,
406
.doc = "User ID the plugins will run as", .group = 3 },
407
{ .name = "groupid", .key = 131,
408
.arg = "ID", .flags = 0,
409
.doc = "Group ID the plugins will run as", .group = 3 },
410
{ .name = "debug", .key = 132,
411
.doc = "Debug mode", .group = 4 },
412
/*
413
* These reproduce what we would get without ARGP_NO_HELP
414
*/
415
{ .name = "help", .key = '?',
416
.doc = "Give this help list", .group = -1 },
417
{ .name = "usage", .key = -3,
418
.doc = "Give a short usage message", .group = -1 },
419
{ .name = "version", .key = 'V',
420
.doc = "Print program version", .group = -1 },
421
{ .name = NULL }
422
};
423
424
__attribute__((nonnull(3)))
425
error_t parse_opt(int key, char *arg, struct argp_state *state){
426
errno = 0;
427
switch(key){
428
char *tmp;
429
intmax_t tmp_id;
430
case 'g': /* --global-options */
431
{
432
char *plugin_option;
433
while((plugin_option = strsep(&arg, ",")) != NULL){
434
if(not add_argument(getplugin(NULL), plugin_option)){
435
break;
436
}
437
}
438
}
439
break;
440
case 'G': /* --global-env */
441
add_environment(getplugin(NULL), arg, true);
442
break;
443
case 'o': /* --options-for */
444
{
445
char *option_list = strchr(arg, ':');
446
if(option_list == NULL){
447
argp_error(state, "No colon in \"%s\"", arg);
448
errno = EINVAL;
449
break;
450
}
451
*option_list = '\0';
452
option_list++;
453
if(arg[0] == '\0'){
454
argp_error(state, "Empty plugin name");
455
errno = EINVAL;
456
break;
457
}
458
char *option;
459
while((option = strsep(&option_list, ",")) != NULL){
460
if(not add_argument(getplugin(arg), option)){
461
break;
462
}
463
}
464
}
465
break;
466
case 'E': /* --env-for */
467
{
468
char *envdef = strchr(arg, ':');
469
if(envdef == NULL){
470
argp_error(state, "No colon in \"%s\"", arg);
471
errno = EINVAL;
472
break;
473
}
474
*envdef = '\0';
475
envdef++;
476
if(arg[0] == '\0'){
477
argp_error(state, "Empty plugin name");
478
errno = EINVAL;
479
break;
480
}
481
add_environment(getplugin(arg), envdef, true);
482
}
483
break;
484
case 'd': /* --disable */
485
{
486
plugin *p = getplugin(arg);
487
if(p != NULL){
488
p->disabled = true;
489
}
490
}
491
break;
492
case 'e': /* --enable */
493
{
494
plugin *p = getplugin(arg);
495
if(p != NULL){
496
p->disabled = false;
497
}
498
}
499
break;
500
case 128: /* --plugin-dir */
501
free(plugindir);
502
plugindir = strdup(arg);
503
break;
504
case 129: /* --config-file */
505
/* This is already done by parse_opt_config_file() */
506
break;
507
case 130: /* --userid */
508
tmp_id = strtoimax(arg, &tmp, 10);
509
if(errno != 0 or tmp == arg or *tmp != '\0'
510
or tmp_id != (uid_t)tmp_id){
511
argp_error(state, "Bad user ID number: \"%s\", using %"
512
PRIdMAX, arg, (intmax_t)uid);
513
break;
514
}
515
uid = (uid_t)tmp_id;
516
break;
517
case 131: /* --groupid */
518
tmp_id = strtoimax(arg, &tmp, 10);
519
if(errno != 0 or tmp == arg or *tmp != '\0'
520
or tmp_id != (gid_t)tmp_id){
521
argp_error(state, "Bad group ID number: \"%s\", using %"
522
PRIdMAX, arg, (intmax_t)gid);
523
break;
524
}
525
gid = (gid_t)tmp_id;
526
break;
527
case 132: /* --debug */
528
debug = true;
529
break;
530
/*
531
* These reproduce what we would get without ARGP_NO_HELP
532
*/
533
case '?': /* --help */
534
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
535
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
536
case -3: /* --usage */
537
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
538
argp_state_help(state, state->out_stream,
539
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
540
case 'V': /* --version */
541
fprintf(state->out_stream, "%s\n", argp_program_version);
542
exit(EXIT_SUCCESS);
543
break;
544
/*
545
* When adding more options before this line, remember to also add a
546
* "case" to the "parse_opt_config_file" function below.
547
*/
548
case ARGP_KEY_ARG:
549
/* Cryptsetup always passes an argument, which is an empty
550
string if "none" was specified in /etc/crypttab. So if
551
argument was empty, we ignore it silently. */
552
if(arg[0] == '\0'){
553
break;
554
}
555
default:
556
return ARGP_ERR_UNKNOWN;
557
}
558
return errno; /* Set to 0 at start */
559
}
560
561
/* This option parser is the same as parse_opt() above, except it
562
ignores everything but the --config-file option. */
563
error_t parse_opt_config_file(int key, char *arg,
564
__attribute__((unused))
565
struct argp_state *state){
566
errno = 0;
567
switch(key){
568
case 'g': /* --global-options */
569
case 'G': /* --global-env */
570
case 'o': /* --options-for */
571
case 'E': /* --env-for */
572
case 'd': /* --disable */
573
case 'e': /* --enable */
574
case 128: /* --plugin-dir */
575
break;
576
case 129: /* --config-file */
577
free(argfile);
578
argfile = strdup(arg);
579
break;
580
case 130: /* --userid */
581
case 131: /* --groupid */
582
case 132: /* --debug */
583
case '?': /* --help */
584
case -3: /* --usage */
585
case 'V': /* --version */
586
case ARGP_KEY_ARG:
587
break;
588
default:
589
return ARGP_ERR_UNKNOWN;
590
}
591
return errno;
592
}
593
594
struct argp argp = { .options = options,
595
.parser = parse_opt_config_file,
596
.args_doc = "",
597
.doc = "Mandos plugin runner -- Run plugins" };
598
599
/* Parse using parse_opt_config_file() in order to get the custom
600
config file location, if any. */
601
ret = argp_parse(&argp, argc, argv,
602
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
603
NULL, NULL);
604
switch(ret){
605
case 0:
606
break;
607
case ENOMEM:
608
default:
609
errno = ret;
610
error(0, errno, "argp_parse");
611
exitstatus = EX_OSERR;
612
goto fallback;
613
case EINVAL:
614
exitstatus = EX_USAGE;
615
goto fallback;
616
}
617
618
/* Reset to the normal argument parser */
619
argp.parser = parse_opt;
620
621
/* Open the configfile if available */
622
if(argfile == NULL){
623
conffp = fopen(AFILE, "r");
624
} else {
625
conffp = fopen(argfile, "r");
626
}
627
if(conffp != NULL){
628
char *org_line = NULL;
629
char *p, *arg, *new_arg, *line;
630
size_t size = 0;
631
const char whitespace_delims[] = " \r\t\f\v\n";
632
const char comment_delim[] = "#";
633
634
custom_argc = 1;
635
custom_argv = malloc(sizeof(char*) * 2);
636
if(custom_argv == NULL){
637
error(0, errno, "malloc");
638
exitstatus = EX_OSERR;
639
goto fallback;
640
}
641
custom_argv[0] = argv[0];
642
custom_argv[1] = NULL;
643
644
/* for each line in the config file, strip whitespace and ignore
645
commented text */
646
while(true){
647
sret = getline(&org_line, &size, conffp);
648
if(sret == -1){
649
break;
650
}
651
652
line = org_line;
653
arg = strsep(&line, comment_delim);
654
while((p = strsep(&arg, whitespace_delims)) != NULL){
655
if(p[0] == '\0'){
656
continue;
657
}
658
new_arg = strdup(p);
659
if(new_arg == NULL){
660
error(0, errno, "strdup");
661
exitstatus = EX_OSERR;
662
free(org_line);
663
goto fallback;
664
}
665
666
custom_argc += 1;
667
custom_argv = realloc(custom_argv, sizeof(char *)
668
* ((unsigned int) custom_argc + 1));
669
if(custom_argv == NULL){
670
error(0, errno, "realloc");
671
exitstatus = EX_OSERR;
672
free(org_line);
673
goto fallback;
674
}
675
custom_argv[custom_argc-1] = new_arg;
676
custom_argv[custom_argc] = NULL;
677
}
678
}
679
do {
680
ret = fclose(conffp);
681
} while(ret == EOF and errno == EINTR);
682
if(ret == EOF){
683
error(0, errno, "fclose");
684
exitstatus = EX_IOERR;
685
goto fallback;
686
}
687
free(org_line);
688
} else {
689
/* Check for harmful errors and go to fallback. Other errors might
690
not affect opening plugins */
691
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
692
error(0, errno, "fopen");
693
exitstatus = EX_OSERR;
694
goto fallback;
695
}
696
}
697
/* If there were any arguments from the configuration file, pass
698
them to parser as command line arguments */
699
if(custom_argv != NULL){
700
ret = argp_parse(&argp, custom_argc, custom_argv,
701
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
702
NULL, NULL);
703
switch(ret){
704
case 0:
705
break;
706
case ENOMEM:
707
default:
708
errno = ret;
709
error(0, errno, "argp_parse");
710
exitstatus = EX_OSERR;
711
goto fallback;
712
case EINVAL:
713
exitstatus = EX_CONFIG;
714
goto fallback;
715
}
716
}
717
718
/* Parse actual command line arguments, to let them override the
719
config file */
720
ret = argp_parse(&argp, argc, argv,
721
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
722
NULL, NULL);
723
switch(ret){
724
case 0:
725
break;
726
case ENOMEM:
727
default:
728
errno = ret;
729
error(0, errno, "argp_parse");
730
exitstatus = EX_OSERR;
731
goto fallback;
732
case EINVAL:
733
exitstatus = EX_USAGE;
734
goto fallback;
735
}
736
737
if(debug){
738
for(plugin *p = plugin_list; p != NULL; p=p->next){
739
fprintf(stderr, "Plugin: %s has %d arguments\n",
740
p->name ? p->name : "Global", p->argc - 1);
741
for(char **a = p->argv; *a != NULL; a++){
742
fprintf(stderr, "\tArg: %s\n", *a);
743
}
744
fprintf(stderr, "...and %d environment variables\n", p->envc);
745
for(char **a = p->environ; *a != NULL; a++){
746
fprintf(stderr, "\t%s\n", *a);
747
}
748
}
749
}
750
751
if(getuid() == 0){
752
/* Work around Debian bug #633582:
753
<http://bugs.debian.org/633582> */
754
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
755
if(plugindir_fd == -1){
756
error(0, errno, "open");
757
} else {
758
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
759
if(ret == -1){
760
error(0, errno, "fstat");
761
} else {
762
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
763
ret = fchown(plugindir_fd, uid, gid);
764
if(ret == -1){
765
error(0, errno, "fchown");
766
}
767
}
768
}
769
TEMP_FAILURE_RETRY(close(plugindir_fd));
770
}
771
}
772
773
/* Lower permissions */
774
ret = setgid(gid);
775
if(ret == -1){
776
error(0, errno, "setgid");
777
}
778
ret = setuid(uid);
779
if(ret == -1){
780
error(0, errno, "setuid");
781
}
782
783
/* Open plugin directory with close_on_exec flag */
784
{
785
int dir_fd = -1;
786
if(plugindir == NULL){
787
dir_fd = open(PDIR, O_RDONLY |
788
#ifdef O_CLOEXEC
789
O_CLOEXEC
790
#else /* not O_CLOEXEC */
791
0
792
#endif /* not O_CLOEXEC */
793
);
794
} else {
795
dir_fd = open(plugindir, O_RDONLY |
796
#ifdef O_CLOEXEC
797
O_CLOEXEC
798
#else /* not O_CLOEXEC */
799
0
800
#endif /* not O_CLOEXEC */
801
);
802
}
803
if(dir_fd == -1){
804
error(0, errno, "Could not open plugin dir");
805
exitstatus = EX_UNAVAILABLE;
806
goto fallback;
807
}
808
809
#ifndef O_CLOEXEC
810
/* Set the FD_CLOEXEC flag on the directory */
811
ret = set_cloexec_flag(dir_fd);
812
if(ret < 0){
813
error(0, errno, "set_cloexec_flag");
814
TEMP_FAILURE_RETRY(close(dir_fd));
815
exitstatus = EX_OSERR;
816
goto fallback;
817
}
818
#endif /* O_CLOEXEC */
819
820
dir = fdopendir(dir_fd);
821
if(dir == NULL){
822
error(0, errno, "Could not open plugin dir");
823
TEMP_FAILURE_RETRY(close(dir_fd));
824
exitstatus = EX_OSERR;
825
goto fallback;
826
}
827
}
828
829
FD_ZERO(&rfds_all);
830
831
/* Read and execute any executable in the plugin directory*/
37
process *process_list = NULL;
38
39
dir = opendir(plugindir);
40
41
if(dir == NULL){
42
fprintf(stderr, "Can not open directory\n");
43
return EXIT_FAILURE;
44
}
45
46
FD_ZERO(&rfds_orig);
47
832
48
while(true){
833
do {
834
dirst = readdir(dir);
835
} while(dirst == NULL and errno == EINTR);
49
dirst = readdir(dir);
836
50
837
/* All directory entries have been processed */
51
// All directory entries have been processed
838
52
if(dirst == NULL){
839
if(errno == EBADF){
840
error(0, errno, "readdir");
841
exitstatus = EX_IOERR;
842
goto fallback;
843
}
844
53
break;
845
54
}
846
55
847
56
d_name_len = strlen(dirst->d_name);
848
57
849
/* Ignore dotfiles, backup files and other junk */
850
{
851
bool bad_name = false;
852
853
const char * const bad_prefixes[] = { ".", "#", NULL };
854
855
const char * const bad_suffixes[] = { "~", "#", ".dpkg-new",
856
".dpkg-old",
857
".dpkg-bak",
858
".dpkg-divert", NULL };
859
#pragma GCC diagnostic push
860
#pragma GCC diagnostic ignored "-Wcast-qual"
861
for(const char **pre = (const char **)bad_prefixes;
862
*pre != NULL; pre++){
863
#pragma GCC diagnostic pop
864
size_t pre_len = strlen(*pre);
865
if((d_name_len >= pre_len)
866
and strncmp((dirst->d_name), *pre, pre_len) == 0){
867
if(debug){
868
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
869
" with bad prefix %s\n", dirst->d_name, *pre);
870
}
871
bad_name = true;
872
break;
873
}
874
}
875
if(bad_name){
876
continue;
877
}
878
#pragma GCC diagnostic push
879
#pragma GCC diagnostic ignored "-Wcast-qual"
880
for(const char **suf = (const char **)bad_suffixes;
881
*suf != NULL; suf++){
882
#pragma GCC diagnostic pop
883
size_t suf_len = strlen(*suf);
884
if((d_name_len >= suf_len)
885
and (strcmp((dirst->d_name) + d_name_len-suf_len, *suf)
886
== 0)){
887
if(debug){
888
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
889
" with bad suffix %s\n", dirst->d_name, *suf);
890
}
891
bad_name = true;
892
break;
893
}
894
}
895
896
if(bad_name){
897
continue;
898
}
899
}
900
901
char *filename;
902
if(plugindir == NULL){
903
ret = (int)TEMP_FAILURE_RETRY(asprintf(&filename, PDIR "/%s",
904
dirst->d_name));
905
} else {
906
ret = (int)TEMP_FAILURE_RETRY(asprintf(&filename, "%s/%s",
907
plugindir,
908
dirst->d_name));
909
}
910
if(ret < 0){
911
error(0, errno, "asprintf");
912
continue;
913
}
914
915
ret = (int)TEMP_FAILURE_RETRY(stat(filename, &st));
916
if(ret == -1){
917
error(0, errno, "stat");
918
free(filename);
919
continue;
920
}
921
922
/* Ignore non-executable files */
923
if(not S_ISREG(st.st_mode)
924
or (TEMP_FAILURE_RETRY(access(filename, X_OK)) != 0)){
925
if(debug){
926
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
927
" with bad type or mode\n", filename);
928
}
929
free(filename);
930
continue;
931
}
932
933
plugin *p = getplugin(dirst->d_name);
934
if(p == NULL){
935
error(0, errno, "getplugin");
936
free(filename);
937
continue;
938
}
939
if(p->disabled){
940
if(debug){
941
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
942
dirst->d_name);
943
}
944
free(filename);
945
continue;
946
}
947
{
948
/* Add global arguments to argument list for this plugin */
949
plugin *g = getplugin(NULL);
950
if(g != NULL){
951
for(char **a = g->argv + 1; *a != NULL; a++){
952
if(not add_argument(p, *a)){
953
error(0, errno, "add_argument");
954
}
955
}
956
/* Add global environment variables */
957
for(char **e = g->environ; *e != NULL; e++){
958
if(not add_environment(p, *e, false)){
959
error(0, errno, "add_environment");
960
}
961
}
962
}
963
}
964
/* If this plugin has any environment variables, we will call
965
using execve and need to duplicate the environment from this
966
process, too. */
967
if(p->environ[0] != NULL){
968
for(char **e = environ; *e != NULL; e++){
969
if(not add_environment(p, *e, false)){
970
error(0, errno, "add_environment");
971
}
972
}
973
}
974
975
int pipefd[2];
976
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
977
if(ret == -1){
978
error(0, errno, "pipe");
979
exitstatus = EX_OSERR;
980
goto fallback;
981
}
982
/* Ask OS to automatic close the pipe on exec */
983
ret = set_cloexec_flag(pipefd[0]);
984
if(ret < 0){
985
error(0, errno, "set_cloexec_flag");
986
exitstatus = EX_OSERR;
987
goto fallback;
988
}
989
ret = set_cloexec_flag(pipefd[1]);
990
if(ret < 0){
991
error(0, errno, "set_cloexec_flag");
992
exitstatus = EX_OSERR;
993
goto fallback;
994
}
995
/* Block SIGCHLD until process is safely in process list */
996
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
997
&sigchld_action.sa_mask,
998
NULL));
999
if(ret < 0){
1000
error(0, errno, "sigprocmask");
1001
exitstatus = EX_OSERR;
1002
goto fallback;
1003
}
1004
/* Starting a new process to be watched */
1005
pid_t pid;
1006
do {
1007
pid = fork();
1008
} while(pid == -1 and errno == EINTR);
1009
if(pid == -1){
1010
error(0, errno, "fork");
1011
exitstatus = EX_OSERR;
1012
goto fallback;
1013
}
1014
if(pid == 0){
1015
/* this is the child process */
1016
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1017
if(ret < 0){
1018
error(0, errno, "sigaction");
1019
_exit(EX_OSERR);
1020
}
1021
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1022
if(ret < 0){
1023
error(0, errno, "sigprocmask");
1024
_exit(EX_OSERR);
1025
}
1026
1027
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
1028
if(ret == -1){
1029
error(0, errno, "dup2");
1030
_exit(EX_OSERR);
1031
}
1032
1033
if(dirfd(dir) < 0){
1034
/* If dir has no file descriptor, we could not set FD_CLOEXEC
1035
above and must now close it manually here. */
58
// Ignore dotfiles and backup files
59
if (dirst->d_name[0] == '.'
60
or dirst->d_name[d_name_len - 1] == '~'){
61
continue;
62
}
63
64
char *filename = malloc(d_name_len + plugindir_len + 1);
65
strcpy(filename, plugindir);
66
strcat(filename, "/");
67
strcat(filename, dirst->d_name);
68
69
stat(filename, &st);
70
71
if (S_ISREG(st.st_mode) and (access(filename, X_OK) == 0)){
72
// Starting a new process to be watched
73
process *new_process = malloc(sizeof(process));
74
int pipefd[2];
75
pipe(pipefd);
76
new_process->pid = fork();
77
if(new_process->pid == 0){
78
/* this is the child process */
1036
79
closedir(dir);
1037
}
1038
if(p->environ[0] == NULL){
1039
if(execv(filename, p->argv) < 0){
1040
error(0, errno, "execv for %s", filename);
1041
_exit(EX_OSERR);
1042
}
1043
} else {
1044
if(execve(filename, p->argv, p->environ) < 0){
1045
error(0, errno, "execve for %s", filename);
1046
_exit(EX_OSERR);
1047
}
1048
}
1049
/* no return */
1050
}
1051
/* Parent process */
1052
TEMP_FAILURE_RETRY(close(pipefd[1])); /* Close unused write end of
1053
pipe */
1054
free(filename);
1055
plugin *new_plugin = getplugin(dirst->d_name);
1056
if(new_plugin == NULL){
1057
error(0, errno, "getplugin");
1058
ret = (int)(TEMP_FAILURE_RETRY
1059
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1060
NULL)));
1061
if(ret < 0){
1062
error(0, errno, "sigprocmask");
1063
}
1064
exitstatus = EX_OSERR;
1065
goto fallback;
1066
}
1067
1068
new_plugin->pid = pid;
1069
new_plugin->fd = pipefd[0];
1070
1071
/* Unblock SIGCHLD so signal handler can be run if this process
1072
has already completed */
1073
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1074
&sigchld_action.sa_mask,
1075
NULL));
1076
if(ret < 0){
1077
error(0, errno, "sigprocmask");
1078
exitstatus = EX_OSERR;
1079
goto fallback;
1080
}
1081
1082
#if defined (__GNUC__) and defined (__GLIBC__)
1083
#if not __GLIBC_PREREQ(2, 16)
1084
#pragma GCC diagnostic push
1085
#pragma GCC diagnostic ignored "-Wsign-conversion"
1086
#endif
1087
#endif
1088
FD_SET(new_plugin->fd, &rfds_all); /* Spurious warning from
1089
-Wconversion in GNU libc
1090
before 2.16 */
1091
#if defined (__GNUC__) and defined (__GLIBC__)
1092
#if not __GLIBC_PREREQ(2, 16)
1093
#pragma GCC diagnostic pop
1094
#endif
1095
#endif
1096
1097
if(maxfd < new_plugin->fd){
1098
maxfd = new_plugin->fd;
1099
}
1100
}
1101
1102
TEMP_FAILURE_RETRY(closedir(dir));
1103
dir = NULL;
1104
free_plugin(getplugin(NULL));
1105
1106
for(plugin *p = plugin_list; p != NULL; p = p->next){
1107
if(p->pid != 0){
80
close(pipefd[0]); /* close unused read end of pipe */
81
dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
82
/* create a new modified argument list */
83
char **new_argv = malloc(sizeof(char *) * argc + 1);
84
new_argv[0] = filename;
85
for(int i = 1; i < argc; i++){
86
new_argv[i] = argv[i];
87
}
88
new_argv[argc] = NULL;
89
if(execv(filename, new_argv) < 0){
90
perror(argv[0]);
91
close(pipefd[1]);
92
exit(EXIT_FAILURE);
93
}
94
/* no return */
95
}
96
close(pipefd[1]); /* close unused write end of pipe */
97
new_process->fd = pipefd[0];
98
new_process->buffer = malloc(BUFFER_SIZE);
99
if (new_process->buffer == NULL){
100
perror(argv[0]);
101
goto end;
102
}
103
new_process->buffer_size = BUFFER_SIZE;
104
new_process->buffer_length = 0;
105
FD_SET(new_process->fd, &rfds_orig);
106
107
if (maxfd < new_process->fd){
108
maxfd = new_process->fd;
109
}
110
111
//List handling
112
new_process->next = process_list;
113
process_list = new_process;
114
}
115
}
116
117
closedir(dir);
118
119
if (process_list != NULL){
120
while(true){
121
fd_set rfds = rfds_orig;
122
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
123
if (select_ret == -1){
124
perror(argv[0]);
125
goto end;
126
}else{
127
for(process *process_itr = process_list; process_itr != NULL;
128
process_itr = process_itr->next){
129
if(FD_ISSET(process_itr->fd, &rfds)){
130
if(process_itr->buffer_length + BUFFER_SIZE
131
> process_itr->buffer_size){
132
process_itr->buffer = realloc(process_itr->buffer,
133
process_itr->buffer_size
134
+ BUFFER_SIZE);
135
if (process_itr->buffer == NULL){
136
perror(argv[0]);
137
goto end;
138
}
139
process_itr->buffer_size += BUFFER_SIZE;
140
}
141
ret = read(process_itr->fd, process_itr->buffer
142
+ process_itr->buffer_length, BUFFER_SIZE);
143
process_itr->buffer_length+=ret;
144
if(ret == 0){
145
/* got EOF */
146
/* wait for process exit */
147
int status;
148
waitpid(process_itr->pid, &status, 0);
149
if(WIFEXITED(status) and WEXITSTATUS(status) == 0){
150
write(STDOUT_FILENO, process_itr->buffer,
151
process_itr->buffer_length);
152
goto end;
153
} else {
154
FD_CLR(process_itr->fd, &rfds_orig);
155
}
156
}
157
}
158
}
159
}
160
}
161
}
162
163
end:
164
for(process *process_itr = process_list; process_itr != NULL;
165
process_itr = process_itr->next){
166
close(process_itr->fd);
167
kill(process_itr->pid, SIGTERM);
168
free(process_itr->buffer);
169
}
170
171
while(true){
172
int status;
173
ret = wait(&status);
174
if (ret == -1){
175
if(errno != ECHILD){
176
perror("wait");
177
}
1108
178
break;
1109
179
}
1110
if(p->next == NULL){
1111
fprintf(stderr, "No plugin processes started. Incorrect plugin"
1112
" directory?\n");
1113
free_plugin_list();
1114
}
1115
}
1116
1117
/* Main loop while running plugins exist */
1118
while(plugin_list){
1119
fd_set rfds = rfds_all;
1120
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
1121
if(select_ret == -1 and errno != EINTR){
1122
error(0, errno, "select");
1123
exitstatus = EX_OSERR;
1124
goto fallback;
1125
}
1126
/* OK, now either a process completed, or something can be read
1127
from one of them */
1128
for(plugin *proc = plugin_list; proc != NULL;){
1129
/* Is this process completely done? */
1130
if(proc->completed and proc->eof){
1131
/* Only accept the plugin output if it exited cleanly */
1132
if(not WIFEXITED(proc->status)
1133
or WEXITSTATUS(proc->status) != 0){
1134
/* Bad exit by plugin */
1135
1136
if(debug){
1137
if(WIFEXITED(proc->status)){
1138
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1139
" status %d\n", proc->name,
1140
(intmax_t) (proc->pid),
1141
WEXITSTATUS(proc->status));
1142
} else if(WIFSIGNALED(proc->status)){
1143
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1144
" signal %d: %s\n", proc->name,
1145
(intmax_t) (proc->pid),
1146
WTERMSIG(proc->status),
1147
strsignal(WTERMSIG(proc->status)));
1148
} else if(WCOREDUMP(proc->status)){
1149
fprintf(stderr, "Plugin %s [%" PRIdMAX "] dumped"
1150
" core\n", proc->name, (intmax_t) (proc->pid));
1151
}
1152
}
1153
1154
/* Remove the plugin */
1155
#if defined (__GNUC__) and defined (__GLIBC__)
1156
#if not __GLIBC_PREREQ(2, 16)
1157
#pragma GCC diagnostic push
1158
#pragma GCC diagnostic ignored "-Wsign-conversion"
1159
#endif
1160
#endif
1161
FD_CLR(proc->fd, &rfds_all); /* Spurious warning from
1162
-Wconversion in GNU libc
1163
before 2.16 */
1164
#if defined (__GNUC__) and defined (__GLIBC__)
1165
#if not __GLIBC_PREREQ(2, 16)
1166
#pragma GCC diagnostic pop
1167
#endif
1168
#endif
1169
1170
/* Block signal while modifying process_list */
1171
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1172
(SIG_BLOCK,
1173
&sigchld_action.sa_mask,
1174
NULL));
1175
if(ret < 0){
1176
error(0, errno, "sigprocmask");
1177
exitstatus = EX_OSERR;
1178
goto fallback;
1179
}
1180
1181
plugin *next_plugin = proc->next;
1182
free_plugin(proc);
1183
proc = next_plugin;
1184
1185
/* We are done modifying process list, so unblock signal */
1186
ret = (int)(TEMP_FAILURE_RETRY
1187
(sigprocmask(SIG_UNBLOCK,
1188
&sigchld_action.sa_mask, NULL)));
1189
if(ret < 0){
1190
error(0, errno, "sigprocmask");
1191
exitstatus = EX_OSERR;
1192
goto fallback;
1193
}
1194
1195
if(plugin_list == NULL){
1196
break;
1197
}
1198
1199
continue;
1200
}
1201
1202
/* This process exited nicely, so print its buffer */
1203
1204
bool bret = print_out_password(proc->buffer,
1205
proc->buffer_length);
1206
if(not bret){
1207
error(0, errno, "print_out_password");
1208
exitstatus = EX_IOERR;
1209
}
1210
goto fallback;
1211
}
1212
1213
/* This process has not completed. Does it have any output? */
1214
#if defined (__GNUC__) and defined (__GLIBC__)
1215
#if not __GLIBC_PREREQ(2, 16)
1216
#pragma GCC diagnostic push
1217
#pragma GCC diagnostic ignored "-Wsign-conversion"
1218
#endif
1219
#endif
1220
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){ /* Spurious
1221
warning from
1222
-Wconversion
1223
in GNU libc
1224
before
1225
2.16 */
1226
#if defined (__GNUC__) and defined (__GLIBC__)
1227
#if not __GLIBC_PREREQ(2, 16)
1228
#pragma GCC diagnostic pop
1229
#endif
1230
#endif
1231
/* This process had nothing to say at this time */
1232
proc = proc->next;
1233
continue;
1234
}
1235
/* Before reading, make the process' data buffer large enough */
1236
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1237
proc->buffer = realloc(proc->buffer, proc->buffer_size
1238
+ (size_t) BUFFER_SIZE);
1239
if(proc->buffer == NULL){
1240
error(0, errno, "malloc");
1241
exitstatus = EX_OSERR;
1242
goto fallback;
1243
}
1244
proc->buffer_size += BUFFER_SIZE;
1245
}
1246
/* Read from the process */
1247
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1248
proc->buffer
1249
+ proc->buffer_length,
1250
BUFFER_SIZE));
1251
if(sret < 0){
1252
/* Read error from this process; ignore the error */
1253
proc = proc->next;
1254
continue;
1255
}
1256
if(sret == 0){
1257
/* got EOF */
1258
proc->eof = true;
1259
} else {
1260
proc->buffer_length += (size_t) sret;
1261
}
1262
}
1263
}
1264
1265
1266
fallback:
1267
1268
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1269
and exitstatus != EX_OK)){
1270
/* Fallback if all plugins failed, none are found or an error
1271
occured */
1272
bool bret;
1273
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
1274
char *passwordbuffer = getpass("Password: ");
1275
size_t len = strlen(passwordbuffer);
1276
/* Strip trailing newline */
1277
if(len > 0 and passwordbuffer[len-1] == '\n'){
1278
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1279
len--;
1280
}
1281
bret = print_out_password(passwordbuffer, len);
1282
if(not bret){
1283
error(0, errno, "print_out_password");
1284
exitstatus = EX_IOERR;
1285
}
1286
}
1287
1288
/* Restore old signal handler */
1289
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1290
if(ret == -1){
1291
error(0, errno, "sigaction");
1292
exitstatus = EX_OSERR;
1293
}
1294
1295
if(custom_argv != NULL){
1296
for(char **arg = custom_argv+1; *arg != NULL; arg++){
1297
free(*arg);
1298
}
1299
free(custom_argv);
1300
}
1301
1302
if(dir != NULL){
1303
closedir(dir);
1304
}
1305
1306
/* Kill the processes */
1307
for(plugin *p = plugin_list; p != NULL; p = p->next){
1308
if(p->pid != 0){
1309
close(p->fd);
1310
ret = kill(p->pid, SIGTERM);
1311
if(ret == -1 and errno != ESRCH){
1312
/* Set-uid proccesses might not get closed */
1313
error(0, errno, "kill");
1314
}
1315
}
1316
}
1317
1318
/* Wait for any remaining child processes to terminate */
1319
do {
1320
ret = wait(NULL);
1321
} while(ret >= 0);
1322
if(errno != ECHILD){
1323
error(0, errno, "wait");
1324
}
1325
1326
free_plugin_list();
1327
1328
free(plugindir);
1329
free(argfile);
1330
1331
return exitstatus;
180
}
181
return EXIT_SUCCESS;
1332
182
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0