To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugbasedclient.c
- browse files at revision 13
- compare with another revision
- download diff
- download tarball
- view history from revision 13
- Committer: Björn Påhlsson
- Date: 2008-07-20 02:52:20 UTC
- Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- network-hooks.d
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
plugbasedclient.c
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
/*
3
* Mandos plugin runner - Run Mandos plugins
4
*
5
* Copyright © 2008-2013 Teddy Hogeborn
6
* Copyright © 2008-2013 Björn Påhlsson
7
*
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
12
*
13
* This program is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* General Public License for more details.
17
*
18
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
21
*
22
* Contact the authors at <mandos@recompile.se>.
23
*/
24
25
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
26
asprintf(), O_CLOEXEC */
27
#include <stddef.h> /* size_t, NULL */
28
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
29
realloc() */
30
#include <stdbool.h> /* bool, true, false */
31
#include <stdio.h> /* fileno(), fprintf(),
32
stderr, STDOUT_FILENO */
33
#include <sys/types.h> /* DIR, fdopendir(), stat(), struct
34
stat, waitpid(), WIFEXITED(),
35
WEXITSTATUS(), wait(), pid_t,
36
uid_t, gid_t, getuid(), getgid(),
37
dirfd() */
38
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
39
FD_SET(), FD_ISSET(), FD_CLR */
40
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
41
WEXITSTATUS(), WTERMSIG(),
42
WCOREDUMP() */
43
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
44
#include <iso646.h> /* and, or, not */
45
#include <dirent.h> /* DIR, struct dirent, fdopendir(),
46
readdir(), closedir(), dirfd() */
47
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
48
fcntl(), setuid(), setgid(),
49
F_GETFD, F_SETFD, FD_CLOEXEC,
50
access(), pipe(), fork(), close()
51
dup2(), STDOUT_FILENO, _exit(),
52
execv(), write(), read(),
53
close() */
54
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
55
FD_CLOEXEC */
56
#include <string.h> /* strsep, strlen(), asprintf(),
57
strsignal(), strcmp(), strncmp() */
58
#include <errno.h> /* errno */
59
#include <argp.h> /* struct argp_option, struct
60
argp_state, struct argp,
61
argp_parse(), ARGP_ERR_UNKNOWN,
62
ARGP_KEY_END, ARGP_KEY_ARG,
63
error_t */
64
#include <signal.h> /* struct sigaction, sigemptyset(),
65
sigaddset(), sigaction(),
66
sigprocmask(), SIG_BLOCK, SIGCHLD,
67
SIG_UNBLOCK, kill(), sig_atomic_t
68
*/
69
#include <errno.h> /* errno, EBADF */
70
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
71
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
72
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
73
#include <errno.h> /* errno */
74
#include <error.h> /* error() */
75
76
#define BUFFER_SIZE 256
77
78
#define PDIR "/lib/mandos/plugins.d"
79
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
80
81
const char *argp_program_version = "plugin-runner " VERSION;
82
const char *argp_program_bug_address = "<mandos@recompile.se>";
83
84
typedef struct plugin{
85
char *name; /* can be NULL or any plugin name */
86
char **argv;
87
int argc;
88
char **environ;
89
int envc;
90
bool disabled;
91
92
/* Variables used for running processes*/
1
#include <stdio.h> /* popen, fileno */
2
#include <iso646.h> /* and, or, not */
3
#include <sys/types.h> /* DIR, opendir, stat, struct stat, waitpid,
4
WIFEXITED, WEXITSTATUS, wait */
5
#include <sys/wait.h> /* wait */
6
#include <dirent.h> /* DIR, opendir */
7
#include <sys/stat.h> /* stat, struct stat */
8
#include <unistd.h> /* stat, struct stat, chdir */
9
#include <stdlib.h> /* EXIT_FAILURE */
10
#include <sys/select.h> /* fd_set, select, FD_ZERO, FD_SET, FD_ISSET */
11
#include <string.h> /* strlen, strcpy, strcat */
12
#include <stdbool.h> /* true */
13
#include <sys/wait.h> /* waitpid, WIFEXITED, WEXITSTATUS */
14
#include <errno.h> /* errno */
15
16
struct process;
17
18
typedef struct process{
93
19
pid_t pid;
94
20
int fd;
95
21
char *buffer;
96
size_t buffer_size;
97
size_t buffer_length;
98
bool eof;
99
volatile sig_atomic_t completed;
100
int status;
101
struct plugin *next;
102
} plugin;
103
104
static plugin *plugin_list = NULL;
105
106
/* Gets an existing plugin based on name,
107
or if none is found, creates a new one */
108
static plugin *getplugin(char *name){
109
/* Check for existing plugin with that name */
110
for(plugin *p = plugin_list; p != NULL; p = p->next){
111
if((p->name == name)
112
or (p->name and name and (strcmp(p->name, name) == 0))){
113
return p;
114
}
115
}
116
/* Create a new plugin */
117
plugin *new_plugin = NULL;
118
do {
119
new_plugin = malloc(sizeof(plugin));
120
} while(new_plugin == NULL and errno == EINTR);
121
if(new_plugin == NULL){
122
return NULL;
123
}
124
char *copy_name = NULL;
125
if(name != NULL){
126
do {
127
copy_name = strdup(name);
128
} while(copy_name == NULL and errno == EINTR);
129
if(copy_name == NULL){
130
int e = errno;
131
free(new_plugin);
132
errno = e;
133
return NULL;
134
}
135
}
136
137
*new_plugin = (plugin){ .name = copy_name,
138
.argc = 1,
139
.disabled = false,
140
.next = plugin_list };
141
142
do {
143
new_plugin->argv = malloc(sizeof(char *) * 2);
144
} while(new_plugin->argv == NULL and errno == EINTR);
145
if(new_plugin->argv == NULL){
146
int e = errno;
147
free(copy_name);
148
free(new_plugin);
149
errno = e;
150
return NULL;
151
}
152
new_plugin->argv[0] = copy_name;
153
new_plugin->argv[1] = NULL;
154
155
do {
156
new_plugin->environ = malloc(sizeof(char *));
157
} while(new_plugin->environ == NULL and errno == EINTR);
158
if(new_plugin->environ == NULL){
159
int e = errno;
160
free(copy_name);
161
free(new_plugin->argv);
162
free(new_plugin);
163
errno = e;
164
return NULL;
165
}
166
new_plugin->environ[0] = NULL;
167
168
/* Append the new plugin to the list */
169
plugin_list = new_plugin;
170
return new_plugin;
171
}
172
173
/* Helper function for add_argument and add_environment */
174
__attribute__((nonnull))
175
static bool add_to_char_array(const char *new, char ***array,
176
int *len){
177
/* Resize the pointed-to array to hold one more pointer */
178
char **new_array = NULL;
179
do {
180
new_array = realloc(*array, sizeof(char *)
181
* (size_t) ((*len) + 2));
182
} while(new_array == NULL and errno == EINTR);
183
/* Malloc check */
184
if(new_array == NULL){
185
return false;
186
}
187
*array = new_array;
188
/* Make a copy of the new string */
189
char *copy;
190
do {
191
copy = strdup(new);
192
} while(copy == NULL and errno == EINTR);
193
if(copy == NULL){
194
return false;
195
}
196
/* Insert the copy */
197
(*array)[*len] = copy;
198
(*len)++;
199
/* Add a new terminating NULL pointer to the last element */
200
(*array)[*len] = NULL;
201
return true;
202
}
203
204
/* Add to a plugin's argument vector */
205
__attribute__((nonnull(2)))
206
static bool add_argument(plugin *p, const char *arg){
207
if(p == NULL){
208
return false;
209
}
210
return add_to_char_array(arg, &(p->argv), &(p->argc));
211
}
212
213
/* Add to a plugin's environment */
214
__attribute__((nonnull(2)))
215
static bool add_environment(plugin *p, const char *def, bool replace){
216
if(p == NULL){
217
return false;
218
}
219
/* namelen = length of name of environment variable */
220
size_t namelen = (size_t)(strchrnul(def, '=') - def);
221
/* Search for this environment variable */
222
for(char **envdef = p->environ; *envdef != NULL; envdef++){
223
if(strncmp(*envdef, def, namelen + 1) == 0){
224
/* It already exists */
225
if(replace){
226
char *new_envdef;
227
do {
228
new_envdef = realloc(*envdef, strlen(def) + 1);
229
} while(new_envdef == NULL and errno == EINTR);
230
if(new_envdef == NULL){
231
return false;
232
}
233
*envdef = new_envdef;
234
strcpy(*envdef, def);
235
}
236
return true;
237
}
238
}
239
return add_to_char_array(def, &(p->environ), &(p->envc));
240
}
241
242
/*
243
* Based on the example in the GNU LibC manual chapter 13.13 "File
244
* Descriptor Flags".
245
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
246
*/
247
static int set_cloexec_flag(int fd){
248
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
249
/* If reading the flags failed, return error indication now. */
250
if(ret < 0){
251
return ret;
252
}
253
/* Store modified flag word in the descriptor. */
254
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
255
ret | FD_CLOEXEC));
256
}
257
258
259
/* Mark processes as completed when they exit, and save their exit
260
status. */
261
static void handle_sigchld(__attribute__((unused)) int sig){
262
int old_errno = errno;
263
while(true){
264
plugin *proc = plugin_list;
265
int status;
266
pid_t pid = waitpid(-1, &status, WNOHANG);
267
if(pid == 0){
268
/* Only still running child processes */
269
break;
270
}
271
if(pid == -1){
272
if(errno == ECHILD){
273
/* No child processes */
274
break;
275
}
276
error(0, errno, "waitpid");
277
}
278
279
/* A child exited, find it in process_list */
280
while(proc != NULL and proc->pid != pid){
281
proc = proc->next;
282
}
283
if(proc == NULL){
284
/* Process not found in process list */
285
continue;
286
}
287
proc->status = status;
288
proc->completed = 1;
289
}
290
errno = old_errno;
291
}
292
293
/* Prints out a password to stdout */
294
__attribute__((nonnull))
295
static bool print_out_password(const char *buffer, size_t length){
296
ssize_t ret;
297
for(size_t written = 0; written < length; written += (size_t)ret){
298
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
299
length - written));
300
if(ret < 0){
301
return false;
302
}
303
}
304
return true;
305
}
306
307
/* Removes and free a plugin from the plugin list */
308
__attribute__((nonnull))
309
static void free_plugin(plugin *plugin_node){
310
311
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
312
free(*arg);
313
}
314
free(plugin_node->argv);
315
for(char **env = plugin_node->environ; *env != NULL; env++){
316
free(*env);
317
}
318
free(plugin_node->environ);
319
free(plugin_node->buffer);
320
321
/* Removes the plugin from the singly-linked list */
322
if(plugin_node == plugin_list){
323
/* First one - simple */
324
plugin_list = plugin_list->next;
325
} else {
326
/* Second one or later */
327
for(plugin *p = plugin_list; p != NULL; p = p->next){
328
if(p->next == plugin_node){
329
p->next = plugin_node->next;
330
break;
331
}
332
}
333
}
334
335
free(plugin_node);
336
}
337
338
static void free_plugin_list(void){
339
while(plugin_list != NULL){
340
free_plugin(plugin_list);
341
}
342
}
22
int buffer_size;
23
int buffer_length;
24
struct process *next;
25
} process;
26
27
#define BUFFER_SIZE 256
343
28
344
29
int main(int argc, char *argv[]){
345
char *plugindir = NULL;
346
char *argfile = NULL;
347
FILE *conffp;
348
size_t d_name_len;
349
DIR *dir = NULL;
30
char plugindir[] = "plugins.d";
31
size_t d_name_len, plugindir_len = sizeof(plugindir)-1;
32
DIR *dir;
350
33
struct dirent *dirst;
351
34
struct stat st;
352
fd_set rfds_all;
35
fd_set rfds_orig;
353
36
int ret, maxfd = 0;
354
ssize_t sret;
355
uid_t uid = 65534;
356
gid_t gid = 65534;
357
bool debug = false;
358
int exitstatus = EXIT_SUCCESS;
359
struct sigaction old_sigchld_action;
360
struct sigaction sigchld_action = { .sa_handler = handle_sigchld,
361
.sa_flags = SA_NOCLDSTOP };
362
char **custom_argv = NULL;
363
int custom_argc = 0;
364
365
/* Establish a signal handler */
366
sigemptyset(&sigchld_action.sa_mask);
367
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
368
if(ret == -1){
369
error(0, errno, "sigaddset");
370
exitstatus = EX_OSERR;
371
goto fallback;
372
}
373
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
374
if(ret == -1){
375
error(0, errno, "sigaction");
376
exitstatus = EX_OSERR;
377
goto fallback;
378
}
379
380
/* The options we understand. */
381
struct argp_option options[] = {
382
{ .name = "global-options", .key = 'g',
383
.arg = "OPTION[,OPTION[,...]]",
384
.doc = "Options passed to all plugins" },
385
{ .name = "global-env", .key = 'G',
386
.arg = "VAR=value",
387
.doc = "Environment variable passed to all plugins" },
388
{ .name = "options-for", .key = 'o',
389
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
390
.doc = "Options passed only to specified plugin" },
391
{ .name = "env-for", .key = 'E',
392
.arg = "PLUGIN:ENV=value",
393
.doc = "Environment variable passed to specified plugin" },
394
{ .name = "disable", .key = 'd',
395
.arg = "PLUGIN",
396
.doc = "Disable a specific plugin", .group = 1 },
397
{ .name = "enable", .key = 'e',
398
.arg = "PLUGIN",
399
.doc = "Enable a specific plugin", .group = 1 },
400
{ .name = "plugin-dir", .key = 128,
401
.arg = "DIRECTORY",
402
.doc = "Specify a different plugin directory", .group = 2 },
403
{ .name = "config-file", .key = 129,
404
.arg = "FILE",
405
.doc = "Specify a different configuration file", .group = 2 },
406
{ .name = "userid", .key = 130,
407
.arg = "ID", .flags = 0,
408
.doc = "User ID the plugins will run as", .group = 3 },
409
{ .name = "groupid", .key = 131,
410
.arg = "ID", .flags = 0,
411
.doc = "Group ID the plugins will run as", .group = 3 },
412
{ .name = "debug", .key = 132,
413
.doc = "Debug mode", .group = 4 },
414
/*
415
* These reproduce what we would get without ARGP_NO_HELP
416
*/
417
{ .name = "help", .key = '?',
418
.doc = "Give this help list", .group = -1 },
419
{ .name = "usage", .key = -3,
420
.doc = "Give a short usage message", .group = -1 },
421
{ .name = "version", .key = 'V',
422
.doc = "Print program version", .group = -1 },
423
{ .name = NULL }
424
};
425
426
__attribute__((nonnull(3)))
427
error_t parse_opt(int key, char *arg, struct argp_state *state){
428
errno = 0;
429
switch(key){
430
char *tmp;
431
intmax_t tmp_id;
432
case 'g': /* --global-options */
433
{
434
char *plugin_option;
435
while((plugin_option = strsep(&arg, ",")) != NULL){
436
if(not add_argument(getplugin(NULL), plugin_option)){
437
break;
438
}
439
}
440
}
441
break;
442
case 'G': /* --global-env */
443
add_environment(getplugin(NULL), arg, true);
444
break;
445
case 'o': /* --options-for */
446
{
447
char *option_list = strchr(arg, ':');
448
if(option_list == NULL){
449
argp_error(state, "No colon in \"%s\"", arg);
450
errno = EINVAL;
451
break;
452
}
453
*option_list = '\0';
454
option_list++;
455
if(arg[0] == '\0'){
456
argp_error(state, "Empty plugin name");
457
errno = EINVAL;
458
break;
459
}
460
char *option;
461
while((option = strsep(&option_list, ",")) != NULL){
462
if(not add_argument(getplugin(arg), option)){
463
break;
464
}
465
}
466
}
467
break;
468
case 'E': /* --env-for */
469
{
470
char *envdef = strchr(arg, ':');
471
if(envdef == NULL){
472
argp_error(state, "No colon in \"%s\"", arg);
473
errno = EINVAL;
474
break;
475
}
476
*envdef = '\0';
477
envdef++;
478
if(arg[0] == '\0'){
479
argp_error(state, "Empty plugin name");
480
errno = EINVAL;
481
break;
482
}
483
add_environment(getplugin(arg), envdef, true);
484
}
485
break;
486
case 'd': /* --disable */
487
{
488
plugin *p = getplugin(arg);
489
if(p != NULL){
490
p->disabled = true;
491
}
492
}
493
break;
494
case 'e': /* --enable */
495
{
496
plugin *p = getplugin(arg);
497
if(p != NULL){
498
p->disabled = false;
499
}
500
}
501
break;
502
case 128: /* --plugin-dir */
503
free(plugindir);
504
plugindir = strdup(arg);
505
break;
506
case 129: /* --config-file */
507
/* This is already done by parse_opt_config_file() */
508
break;
509
case 130: /* --userid */
510
tmp_id = strtoimax(arg, &tmp, 10);
511
if(errno != 0 or tmp == arg or *tmp != '\0'
512
or tmp_id != (uid_t)tmp_id){
513
argp_error(state, "Bad user ID number: \"%s\", using %"
514
PRIdMAX, arg, (intmax_t)uid);
515
break;
516
}
517
uid = (uid_t)tmp_id;
518
break;
519
case 131: /* --groupid */
520
tmp_id = strtoimax(arg, &tmp, 10);
521
if(errno != 0 or tmp == arg or *tmp != '\0'
522
or tmp_id != (gid_t)tmp_id){
523
argp_error(state, "Bad group ID number: \"%s\", using %"
524
PRIdMAX, arg, (intmax_t)gid);
525
break;
526
}
527
gid = (gid_t)tmp_id;
528
break;
529
case 132: /* --debug */
530
debug = true;
531
break;
532
/*
533
* These reproduce what we would get without ARGP_NO_HELP
534
*/
535
case '?': /* --help */
536
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
537
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
538
case -3: /* --usage */
539
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
540
argp_state_help(state, state->out_stream,
541
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
542
case 'V': /* --version */
543
fprintf(state->out_stream, "%s\n", argp_program_version);
544
exit(EXIT_SUCCESS);
545
break;
546
/*
547
* When adding more options before this line, remember to also add a
548
* "case" to the "parse_opt_config_file" function below.
549
*/
550
case ARGP_KEY_ARG:
551
/* Cryptsetup always passes an argument, which is an empty
552
string if "none" was specified in /etc/crypttab. So if
553
argument was empty, we ignore it silently. */
554
if(arg[0] == '\0'){
555
break;
556
}
557
default:
558
return ARGP_ERR_UNKNOWN;
559
}
560
return errno; /* Set to 0 at start */
561
}
562
563
/* This option parser is the same as parse_opt() above, except it
564
ignores everything but the --config-file option. */
565
error_t parse_opt_config_file(int key, char *arg,
566
__attribute__((unused))
567
struct argp_state *state){
568
errno = 0;
569
switch(key){
570
case 'g': /* --global-options */
571
case 'G': /* --global-env */
572
case 'o': /* --options-for */
573
case 'E': /* --env-for */
574
case 'd': /* --disable */
575
case 'e': /* --enable */
576
case 128: /* --plugin-dir */
577
break;
578
case 129: /* --config-file */
579
free(argfile);
580
argfile = strdup(arg);
581
break;
582
case 130: /* --userid */
583
case 131: /* --groupid */
584
case 132: /* --debug */
585
case '?': /* --help */
586
case -3: /* --usage */
587
case 'V': /* --version */
588
case ARGP_KEY_ARG:
589
break;
590
default:
591
return ARGP_ERR_UNKNOWN;
592
}
593
return errno;
594
}
595
596
struct argp argp = { .options = options,
597
.parser = parse_opt_config_file,
598
.args_doc = "",
599
.doc = "Mandos plugin runner -- Run plugins" };
600
601
/* Parse using parse_opt_config_file() in order to get the custom
602
config file location, if any. */
603
ret = argp_parse(&argp, argc, argv,
604
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
605
NULL, NULL);
606
switch(ret){
607
case 0:
608
break;
609
case ENOMEM:
610
default:
611
errno = ret;
612
error(0, errno, "argp_parse");
613
exitstatus = EX_OSERR;
614
goto fallback;
615
case EINVAL:
616
exitstatus = EX_USAGE;
617
goto fallback;
618
}
619
620
/* Reset to the normal argument parser */
621
argp.parser = parse_opt;
622
623
/* Open the configfile if available */
624
if(argfile == NULL){
625
conffp = fopen(AFILE, "r");
626
} else {
627
conffp = fopen(argfile, "r");
628
}
629
if(conffp != NULL){
630
char *org_line = NULL;
631
char *p, *arg, *new_arg, *line;
632
size_t size = 0;
633
const char whitespace_delims[] = " \r\t\f\v\n";
634
const char comment_delim[] = "#";
635
636
custom_argc = 1;
637
custom_argv = malloc(sizeof(char*) * 2);
638
if(custom_argv == NULL){
639
error(0, errno, "malloc");
640
exitstatus = EX_OSERR;
641
goto fallback;
642
}
643
custom_argv[0] = argv[0];
644
custom_argv[1] = NULL;
645
646
/* for each line in the config file, strip whitespace and ignore
647
commented text */
648
while(true){
649
sret = getline(&org_line, &size, conffp);
650
if(sret == -1){
651
break;
652
}
653
654
line = org_line;
655
arg = strsep(&line, comment_delim);
656
while((p = strsep(&arg, whitespace_delims)) != NULL){
657
if(p[0] == '\0'){
658
continue;
659
}
660
new_arg = strdup(p);
661
if(new_arg == NULL){
662
error(0, errno, "strdup");
663
exitstatus = EX_OSERR;
664
free(org_line);
665
goto fallback;
666
}
667
668
custom_argc += 1;
669
{
670
char **new_argv = realloc(custom_argv, sizeof(char *)
671
* ((unsigned int)
672
custom_argc + 1));
673
if(new_argv == NULL){
674
error(0, errno, "realloc");
675
exitstatus = EX_OSERR;
676
free(new_arg);
677
free(org_line);
678
goto fallback;
679
} else {
680
custom_argv = new_argv;
681
}
682
}
683
custom_argv[custom_argc-1] = new_arg;
684
custom_argv[custom_argc] = NULL;
685
}
686
}
687
do {
688
ret = fclose(conffp);
689
} while(ret == EOF and errno == EINTR);
690
if(ret == EOF){
691
error(0, errno, "fclose");
692
exitstatus = EX_IOERR;
693
goto fallback;
694
}
695
free(org_line);
696
} else {
697
/* Check for harmful errors and go to fallback. Other errors might
698
not affect opening plugins */
699
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
700
error(0, errno, "fopen");
701
exitstatus = EX_OSERR;
702
goto fallback;
703
}
704
}
705
/* If there were any arguments from the configuration file, pass
706
them to parser as command line arguments */
707
if(custom_argv != NULL){
708
ret = argp_parse(&argp, custom_argc, custom_argv,
709
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
710
NULL, NULL);
711
switch(ret){
712
case 0:
713
break;
714
case ENOMEM:
715
default:
716
errno = ret;
717
error(0, errno, "argp_parse");
718
exitstatus = EX_OSERR;
719
goto fallback;
720
case EINVAL:
721
exitstatus = EX_CONFIG;
722
goto fallback;
723
}
724
}
725
726
/* Parse actual command line arguments, to let them override the
727
config file */
728
ret = argp_parse(&argp, argc, argv,
729
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
730
NULL, NULL);
731
switch(ret){
732
case 0:
733
break;
734
case ENOMEM:
735
default:
736
errno = ret;
737
error(0, errno, "argp_parse");
738
exitstatus = EX_OSERR;
739
goto fallback;
740
case EINVAL:
741
exitstatus = EX_USAGE;
742
goto fallback;
743
}
744
745
if(debug){
746
for(plugin *p = plugin_list; p != NULL; p=p->next){
747
fprintf(stderr, "Plugin: %s has %d arguments\n",
748
p->name ? p->name : "Global", p->argc - 1);
749
for(char **a = p->argv; *a != NULL; a++){
750
fprintf(stderr, "\tArg: %s\n", *a);
751
}
752
fprintf(stderr, "...and %d environment variables\n", p->envc);
753
for(char **a = p->environ; *a != NULL; a++){
754
fprintf(stderr, "\t%s\n", *a);
755
}
756
}
757
}
758
759
if(getuid() == 0){
760
/* Work around Debian bug #633582:
761
<http://bugs.debian.org/633582> */
762
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
763
if(plugindir_fd == -1){
764
error(0, errno, "open");
765
} else {
766
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
767
if(ret == -1){
768
error(0, errno, "fstat");
769
} else {
770
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
771
ret = fchown(plugindir_fd, uid, gid);
772
if(ret == -1){
773
error(0, errno, "fchown");
774
}
775
}
776
}
777
TEMP_FAILURE_RETRY(close(plugindir_fd));
778
}
779
}
780
781
/* Lower permissions */
782
ret = setgid(gid);
783
if(ret == -1){
784
error(0, errno, "setgid");
785
}
786
ret = setuid(uid);
787
if(ret == -1){
788
error(0, errno, "setuid");
789
}
790
791
/* Open plugin directory with close_on_exec flag */
792
{
793
int dir_fd = -1;
794
if(plugindir == NULL){
795
dir_fd = open(PDIR, O_RDONLY |
796
#ifdef O_CLOEXEC
797
O_CLOEXEC
798
#else /* not O_CLOEXEC */
799
0
800
#endif /* not O_CLOEXEC */
801
);
802
} else {
803
dir_fd = open(plugindir, O_RDONLY |
804
#ifdef O_CLOEXEC
805
O_CLOEXEC
806
#else /* not O_CLOEXEC */
807
0
808
#endif /* not O_CLOEXEC */
809
);
810
}
811
if(dir_fd == -1){
812
error(0, errno, "Could not open plugin dir");
813
exitstatus = EX_UNAVAILABLE;
814
goto fallback;
815
}
816
817
#ifndef O_CLOEXEC
818
/* Set the FD_CLOEXEC flag on the directory */
819
ret = set_cloexec_flag(dir_fd);
820
if(ret < 0){
821
error(0, errno, "set_cloexec_flag");
822
TEMP_FAILURE_RETRY(close(dir_fd));
823
exitstatus = EX_OSERR;
824
goto fallback;
825
}
826
#endif /* O_CLOEXEC */
827
828
dir = fdopendir(dir_fd);
829
if(dir == NULL){
830
error(0, errno, "Could not open plugin dir");
831
TEMP_FAILURE_RETRY(close(dir_fd));
832
exitstatus = EX_OSERR;
833
goto fallback;
834
}
835
}
836
837
FD_ZERO(&rfds_all);
838
839
/* Read and execute any executable in the plugin directory*/
37
process *process_list = NULL;
38
39
dir = opendir(plugindir);
40
41
if(dir == NULL){
42
fprintf(stderr, "Can not open directory\n");
43
return EXIT_FAILURE;
44
}
45
46
FD_ZERO(&rfds_orig);
47
840
48
while(true){
841
do {
842
dirst = readdir(dir);
843
} while(dirst == NULL and errno == EINTR);
49
dirst = readdir(dir);
844
50
845
/* All directory entries have been processed */
51
// All directory entries have been processed
846
52
if(dirst == NULL){
847
if(errno == EBADF){
848
error(0, errno, "readdir");
849
exitstatus = EX_IOERR;
850
goto fallback;
851
}
852
53
break;
853
54
}
854
55
855
56
d_name_len = strlen(dirst->d_name);
856
57
857
/* Ignore dotfiles, backup files and other junk */
858
{
859
bool bad_name = false;
860
861
const char * const bad_prefixes[] = { ".", "#", NULL };
862
863
const char * const bad_suffixes[] = { "~", "#", ".dpkg-new",
864
".dpkg-old",
865
".dpkg-bak",
866
".dpkg-divert", NULL };
867
#ifdef __GNUC__
868
#pragma GCC diagnostic push
869
#pragma GCC diagnostic ignored "-Wcast-qual"
870
#endif
871
for(const char **pre = (const char **)bad_prefixes;
872
*pre != NULL; pre++){
873
#ifdef __GNUC__
874
#pragma GCC diagnostic pop
875
#endif
876
size_t pre_len = strlen(*pre);
877
if((d_name_len >= pre_len)
878
and strncmp((dirst->d_name), *pre, pre_len) == 0){
879
if(debug){
880
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
881
" with bad prefix %s\n", dirst->d_name, *pre);
882
}
883
bad_name = true;
884
break;
885
}
886
}
887
if(bad_name){
888
continue;
889
}
890
#ifdef __GNUC__
891
#pragma GCC diagnostic push
892
#pragma GCC diagnostic ignored "-Wcast-qual"
893
#endif
894
for(const char **suf = (const char **)bad_suffixes;
895
*suf != NULL; suf++){
896
#ifdef __GNUC__
897
#pragma GCC diagnostic pop
898
#endif
899
size_t suf_len = strlen(*suf);
900
if((d_name_len >= suf_len)
901
and (strcmp((dirst->d_name) + d_name_len-suf_len, *suf)
902
== 0)){
903
if(debug){
904
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
905
" with bad suffix %s\n", dirst->d_name, *suf);
906
}
907
bad_name = true;
908
break;
909
}
910
}
911
912
if(bad_name){
913
continue;
914
}
915
}
916
917
char *filename;
918
if(plugindir == NULL){
919
ret = (int)TEMP_FAILURE_RETRY(asprintf(&filename, PDIR "/%s",
920
dirst->d_name));
921
} else {
922
ret = (int)TEMP_FAILURE_RETRY(asprintf(&filename, "%s/%s",
923
plugindir,
924
dirst->d_name));
925
}
926
if(ret < 0){
927
error(0, errno, "asprintf");
928
continue;
929
}
930
931
ret = (int)TEMP_FAILURE_RETRY(stat(filename, &st));
932
if(ret == -1){
933
error(0, errno, "stat");
934
free(filename);
935
continue;
936
}
937
938
/* Ignore non-executable files */
939
if(not S_ISREG(st.st_mode)
940
or (TEMP_FAILURE_RETRY(access(filename, X_OK)) != 0)){
941
if(debug){
942
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
943
" with bad type or mode\n", filename);
944
}
945
free(filename);
946
continue;
947
}
948
949
plugin *p = getplugin(dirst->d_name);
950
if(p == NULL){
951
error(0, errno, "getplugin");
952
free(filename);
953
continue;
954
}
955
if(p->disabled){
956
if(debug){
957
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
958
dirst->d_name);
959
}
960
free(filename);
961
continue;
962
}
963
{
964
/* Add global arguments to argument list for this plugin */
965
plugin *g = getplugin(NULL);
966
if(g != NULL){
967
for(char **a = g->argv + 1; *a != NULL; a++){
968
if(not add_argument(p, *a)){
969
error(0, errno, "add_argument");
970
}
971
}
972
/* Add global environment variables */
973
for(char **e = g->environ; *e != NULL; e++){
974
if(not add_environment(p, *e, false)){
975
error(0, errno, "add_environment");
976
}
977
}
978
}
979
}
980
/* If this plugin has any environment variables, we will call
981
using execve and need to duplicate the environment from this
982
process, too. */
983
if(p->environ[0] != NULL){
984
for(char **e = environ; *e != NULL; e++){
985
if(not add_environment(p, *e, false)){
986
error(0, errno, "add_environment");
987
}
988
}
989
}
990
991
int pipefd[2];
992
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
993
if(ret == -1){
994
error(0, errno, "pipe");
995
exitstatus = EX_OSERR;
996
goto fallback;
997
}
998
/* Ask OS to automatic close the pipe on exec */
999
ret = set_cloexec_flag(pipefd[0]);
1000
if(ret < 0){
1001
error(0, errno, "set_cloexec_flag");
1002
exitstatus = EX_OSERR;
1003
goto fallback;
1004
}
1005
ret = set_cloexec_flag(pipefd[1]);
1006
if(ret < 0){
1007
error(0, errno, "set_cloexec_flag");
1008
exitstatus = EX_OSERR;
1009
goto fallback;
1010
}
1011
/* Block SIGCHLD until process is safely in process list */
1012
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
1013
&sigchld_action.sa_mask,
1014
NULL));
1015
if(ret < 0){
1016
error(0, errno, "sigprocmask");
1017
exitstatus = EX_OSERR;
1018
goto fallback;
1019
}
1020
/* Starting a new process to be watched */
1021
pid_t pid;
1022
do {
1023
pid = fork();
1024
} while(pid == -1 and errno == EINTR);
1025
if(pid == -1){
1026
error(0, errno, "fork");
1027
exitstatus = EX_OSERR;
1028
goto fallback;
1029
}
1030
if(pid == 0){
1031
/* this is the child process */
1032
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1033
if(ret < 0){
1034
error(0, errno, "sigaction");
1035
_exit(EX_OSERR);
1036
}
1037
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1038
if(ret < 0){
1039
error(0, errno, "sigprocmask");
1040
_exit(EX_OSERR);
1041
}
1042
1043
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
1044
if(ret == -1){
1045
error(0, errno, "dup2");
1046
_exit(EX_OSERR);
1047
}
1048
1049
if(dirfd(dir) < 0){
1050
/* If dir has no file descriptor, we could not set FD_CLOEXEC
1051
above and must now close it manually here. */
58
// Ignore dotfiles and backup files
59
if (dirst->d_name[0] == '.'
60
or dirst->d_name[d_name_len - 1] == '~'){
61
continue;
62
}
63
64
char *filename = malloc(d_name_len + plugindir_len + 1);
65
strcpy(filename, plugindir);
66
strcat(filename, "/");
67
strcat(filename, dirst->d_name);
68
69
stat(filename, &st);
70
71
if (S_ISREG(st.st_mode) and (access(filename, X_OK) == 0)){
72
// Starting a new process to be watched
73
process *new_process = malloc(sizeof(process));
74
int pipefd[2];
75
pipe(pipefd);
76
new_process->pid = fork();
77
if(new_process->pid == 0){
78
/* this is the child process */
1052
79
closedir(dir);
1053
}
1054
if(p->environ[0] == NULL){
1055
if(execv(filename, p->argv) < 0){
1056
error(0, errno, "execv for %s", filename);
1057
_exit(EX_OSERR);
1058
}
1059
} else {
1060
if(execve(filename, p->argv, p->environ) < 0){
1061
error(0, errno, "execve for %s", filename);
1062
_exit(EX_OSERR);
1063
}
1064
}
1065
/* no return */
1066
}
1067
/* Parent process */
1068
TEMP_FAILURE_RETRY(close(pipefd[1])); /* Close unused write end of
1069
pipe */
1070
free(filename);
1071
plugin *new_plugin = getplugin(dirst->d_name);
1072
if(new_plugin == NULL){
1073
error(0, errno, "getplugin");
1074
ret = (int)(TEMP_FAILURE_RETRY
1075
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1076
NULL)));
1077
if(ret < 0){
1078
error(0, errno, "sigprocmask");
1079
}
1080
exitstatus = EX_OSERR;
1081
goto fallback;
1082
}
1083
1084
new_plugin->pid = pid;
1085
new_plugin->fd = pipefd[0];
1086
1087
/* Unblock SIGCHLD so signal handler can be run if this process
1088
has already completed */
1089
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1090
&sigchld_action.sa_mask,
1091
NULL));
1092
if(ret < 0){
1093
error(0, errno, "sigprocmask");
1094
exitstatus = EX_OSERR;
1095
goto fallback;
1096
}
1097
1098
#if defined (__GNUC__) and defined (__GLIBC__)
1099
#if not __GLIBC_PREREQ(2, 16)
1100
#pragma GCC diagnostic push
1101
#pragma GCC diagnostic ignored "-Wsign-conversion"
1102
#endif
1103
#endif
1104
FD_SET(new_plugin->fd, &rfds_all); /* Spurious warning from
1105
-Wconversion in GNU libc
1106
before 2.16 */
1107
#if defined (__GNUC__) and defined (__GLIBC__)
1108
#if not __GLIBC_PREREQ(2, 16)
1109
#pragma GCC diagnostic pop
1110
#endif
1111
#endif
1112
1113
if(maxfd < new_plugin->fd){
1114
maxfd = new_plugin->fd;
1115
}
1116
}
1117
1118
TEMP_FAILURE_RETRY(closedir(dir));
1119
dir = NULL;
1120
free_plugin(getplugin(NULL));
1121
1122
for(plugin *p = plugin_list; p != NULL; p = p->next){
1123
if(p->pid != 0){
80
close(pipefd[0]); /* close unused read end of pipe */
81
dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
82
/* create a new modified argument list */
83
char **new_argv = malloc(sizeof(char *) * argc + 1);
84
new_argv[0] = filename;
85
for(int i = 1; i < argc; i++){
86
new_argv[i] = argv[i];
87
}
88
new_argv[argc] = NULL;
89
if(execv(filename, new_argv) < 0){
90
perror(argv[0]);
91
close(pipefd[1]);
92
exit(EXIT_FAILURE);
93
}
94
/* no return */
95
}
96
close(pipefd[1]); /* close unused write end of pipe */
97
new_process->fd = pipefd[0];
98
new_process->buffer = malloc(BUFFER_SIZE);
99
if (new_process->buffer == NULL){
100
perror(argv[0]);
101
goto end;
102
}
103
new_process->buffer_size = BUFFER_SIZE;
104
new_process->buffer_length = 0;
105
FD_SET(new_process->fd, &rfds_orig);
106
107
if (maxfd < new_process->fd){
108
maxfd = new_process->fd;
109
}
110
111
//List handling
112
new_process->next = process_list;
113
process_list = new_process;
114
}
115
}
116
117
closedir(dir);
118
119
if (process_list != NULL){
120
while(true){
121
fd_set rfds = rfds_orig;
122
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
123
if (select_ret == -1){
124
perror(argv[0]);
125
goto end;
126
}else{
127
for(process *process_itr = process_list; process_itr != NULL;
128
process_itr = process_itr->next){
129
if(FD_ISSET(process_itr->fd, &rfds)){
130
if(process_itr->buffer_length + BUFFER_SIZE
131
> process_itr->buffer_size){
132
process_itr->buffer = realloc(process_itr->buffer,
133
process_itr->buffer_size
134
+ BUFFER_SIZE);
135
if (process_itr->buffer == NULL){
136
perror(argv[0]);
137
goto end;
138
}
139
process_itr->buffer_size += BUFFER_SIZE;
140
}
141
ret = read(process_itr->fd, process_itr->buffer
142
+ process_itr->buffer_length, BUFFER_SIZE);
143
process_itr->buffer_length+=ret;
144
if(ret == 0){
145
/* got EOF */
146
/* wait for process exit */
147
int status;
148
waitpid(process_itr->pid, &status, 0);
149
if(WIFEXITED(status) and WEXITSTATUS(status) == 0){
150
write(STDOUT_FILENO, process_itr->buffer,
151
process_itr->buffer_length);
152
goto end;
153
} else {
154
FD_CLR(process_itr->fd, &rfds_orig);
155
}
156
}
157
}
158
}
159
}
160
}
161
}
162
163
end:
164
for(process *process_itr = process_list; process_itr != NULL;
165
process_itr = process_itr->next){
166
close(process_itr->fd);
167
kill(process_itr->pid, SIGTERM);
168
free(process_itr->buffer);
169
}
170
171
while(true){
172
int status;
173
ret = wait(&status);
174
if (ret == -1){
175
if(errno != ECHILD){
176
perror("wait");
177
}
1124
178
break;
1125
179
}
1126
if(p->next == NULL){
1127
fprintf(stderr, "No plugin processes started. Incorrect plugin"
1128
" directory?\n");
1129
free_plugin_list();
1130
}
1131
}
1132
1133
/* Main loop while running plugins exist */
1134
while(plugin_list){
1135
fd_set rfds = rfds_all;
1136
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
1137
if(select_ret == -1 and errno != EINTR){
1138
error(0, errno, "select");
1139
exitstatus = EX_OSERR;
1140
goto fallback;
1141
}
1142
/* OK, now either a process completed, or something can be read
1143
from one of them */
1144
for(plugin *proc = plugin_list; proc != NULL;){
1145
/* Is this process completely done? */
1146
if(proc->completed and proc->eof){
1147
/* Only accept the plugin output if it exited cleanly */
1148
if(not WIFEXITED(proc->status)
1149
or WEXITSTATUS(proc->status) != 0){
1150
/* Bad exit by plugin */
1151
1152
if(debug){
1153
if(WIFEXITED(proc->status)){
1154
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1155
" status %d\n", proc->name,
1156
(intmax_t) (proc->pid),
1157
WEXITSTATUS(proc->status));
1158
} else if(WIFSIGNALED(proc->status)){
1159
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1160
" signal %d: %s\n", proc->name,
1161
(intmax_t) (proc->pid),
1162
WTERMSIG(proc->status),
1163
strsignal(WTERMSIG(proc->status)));
1164
} else if(WCOREDUMP(proc->status)){
1165
fprintf(stderr, "Plugin %s [%" PRIdMAX "] dumped"
1166
" core\n", proc->name, (intmax_t) (proc->pid));
1167
}
1168
}
1169
1170
/* Remove the plugin */
1171
#if defined (__GNUC__) and defined (__GLIBC__)
1172
#if not __GLIBC_PREREQ(2, 16)
1173
#pragma GCC diagnostic push
1174
#pragma GCC diagnostic ignored "-Wsign-conversion"
1175
#endif
1176
#endif
1177
FD_CLR(proc->fd, &rfds_all); /* Spurious warning from
1178
-Wconversion in GNU libc
1179
before 2.16 */
1180
#if defined (__GNUC__) and defined (__GLIBC__)
1181
#if not __GLIBC_PREREQ(2, 16)
1182
#pragma GCC diagnostic pop
1183
#endif
1184
#endif
1185
1186
/* Block signal while modifying process_list */
1187
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1188
(SIG_BLOCK,
1189
&sigchld_action.sa_mask,
1190
NULL));
1191
if(ret < 0){
1192
error(0, errno, "sigprocmask");
1193
exitstatus = EX_OSERR;
1194
goto fallback;
1195
}
1196
1197
plugin *next_plugin = proc->next;
1198
free_plugin(proc);
1199
proc = next_plugin;
1200
1201
/* We are done modifying process list, so unblock signal */
1202
ret = (int)(TEMP_FAILURE_RETRY
1203
(sigprocmask(SIG_UNBLOCK,
1204
&sigchld_action.sa_mask, NULL)));
1205
if(ret < 0){
1206
error(0, errno, "sigprocmask");
1207
exitstatus = EX_OSERR;
1208
goto fallback;
1209
}
1210
1211
if(plugin_list == NULL){
1212
break;
1213
}
1214
1215
continue;
1216
}
1217
1218
/* This process exited nicely, so print its buffer */
1219
1220
bool bret = print_out_password(proc->buffer,
1221
proc->buffer_length);
1222
if(not bret){
1223
error(0, errno, "print_out_password");
1224
exitstatus = EX_IOERR;
1225
}
1226
goto fallback;
1227
}
1228
1229
/* This process has not completed. Does it have any output? */
1230
#if defined (__GNUC__) and defined (__GLIBC__)
1231
#if not __GLIBC_PREREQ(2, 16)
1232
#pragma GCC diagnostic push
1233
#pragma GCC diagnostic ignored "-Wsign-conversion"
1234
#endif
1235
#endif
1236
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){ /* Spurious
1237
warning from
1238
-Wconversion
1239
in GNU libc
1240
before
1241
2.16 */
1242
#if defined (__GNUC__) and defined (__GLIBC__)
1243
#if not __GLIBC_PREREQ(2, 16)
1244
#pragma GCC diagnostic pop
1245
#endif
1246
#endif
1247
/* This process had nothing to say at this time */
1248
proc = proc->next;
1249
continue;
1250
}
1251
/* Before reading, make the process' data buffer large enough */
1252
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1253
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1254
+ (size_t) BUFFER_SIZE);
1255
if(new_buffer == NULL){
1256
error(0, errno, "malloc");
1257
exitstatus = EX_OSERR;
1258
goto fallback;
1259
}
1260
proc->buffer = new_buffer;
1261
proc->buffer_size += BUFFER_SIZE;
1262
}
1263
/* Read from the process */
1264
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1265
proc->buffer
1266
+ proc->buffer_length,
1267
BUFFER_SIZE));
1268
if(sret < 0){
1269
/* Read error from this process; ignore the error */
1270
proc = proc->next;
1271
continue;
1272
}
1273
if(sret == 0){
1274
/* got EOF */
1275
proc->eof = true;
1276
} else {
1277
proc->buffer_length += (size_t) sret;
1278
}
1279
}
1280
}
1281
1282
1283
fallback:
1284
1285
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1286
and exitstatus != EX_OK)){
1287
/* Fallback if all plugins failed, none are found or an error
1288
occured */
1289
bool bret;
1290
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
1291
char *passwordbuffer = getpass("Password: ");
1292
size_t len = strlen(passwordbuffer);
1293
/* Strip trailing newline */
1294
if(len > 0 and passwordbuffer[len-1] == '\n'){
1295
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1296
len--;
1297
}
1298
bret = print_out_password(passwordbuffer, len);
1299
if(not bret){
1300
error(0, errno, "print_out_password");
1301
exitstatus = EX_IOERR;
1302
}
1303
}
1304
1305
/* Restore old signal handler */
1306
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1307
if(ret == -1){
1308
error(0, errno, "sigaction");
1309
exitstatus = EX_OSERR;
1310
}
1311
1312
if(custom_argv != NULL){
1313
for(char **arg = custom_argv+1; *arg != NULL; arg++){
1314
free(*arg);
1315
}
1316
free(custom_argv);
1317
}
1318
1319
if(dir != NULL){
1320
closedir(dir);
1321
}
1322
1323
/* Kill the processes */
1324
for(plugin *p = plugin_list; p != NULL; p = p->next){
1325
if(p->pid != 0){
1326
close(p->fd);
1327
ret = kill(p->pid, SIGTERM);
1328
if(ret == -1 and errno != ESRCH){
1329
/* Set-uid proccesses might not get closed */
1330
error(0, errno, "kill");
1331
}
1332
}
1333
}
1334
1335
/* Wait for any remaining child processes to terminate */
1336
do {
1337
ret = wait(NULL);
1338
} while(ret >= 0);
1339
if(errno != ECHILD){
1340
error(0, errno, "wait");
1341
}
1342
1343
free_plugin_list();
1344
1345
free(plugindir);
1346
free(argfile);
1347
1348
return exitstatus;
180
}
181
return EXIT_SUCCESS;
1349
182
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0