/mandos/trunk : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/splashy.c

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-list

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

overview.xml

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.xml

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/mandos-client.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

plugins.d/splashy.c

/* -*- coding: utf-8 -*- */

* Splashy - Read a password from splashy and output it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and

* <https://www.fukt.bsnet.se/~teddy/>.

#define _GNU_SOURCE /* asprintf() */

#include <signal.h> /* sig_atomic_t, struct sigaction,

sigemptyset(), sigaddset(), SIGINT,

SIGHUP, SIGTERM, sigaction,

SIG_IGN, kill(), SIGKILL */

#include <stddef.h> /* NULL */

#include <stdlib.h> /* getenv() */

#include <stdio.h> /* asprintf(), perror(), sscanf() */

#include <stdlib.h> /* EXIT_FAILURE, free(),

EXIT_SUCCESS */

#include <sys/types.h> /* pid_t, DIR, struct dirent,

ssize_t */

#include <dirent.h> /* opendir(), readdir(), closedir() */

#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */

#include <iso646.h> /* not, or, and */

#include <unistd.h> /* readlink(), fork(), execl(),

sleep(), dup2() STDERR_FILENO,

STDOUT_FILENO, _exit() */

#include <string.h> /* memcmp() */

#include <errno.h> /* errno */

#include <sys/wait.h> /* waitpid(), WIFEXITED(),

WEXITSTATUS() */

sig_atomic_t interrupted_by_signal = 0;

static void termination_handler(__attribute__((unused))int signum){

interrupted_by_signal = 1;

}

int main(__attribute__((unused))int argc,

__attribute__((unused))char **argv){

int ret = 0;

/* Create prompt string */

char *prompt = NULL;

{

const char *const cryptsource = getenv("cryptsource");

const char *const crypttarget = getenv("crypttarget");

const char *const prompt_start = "getpass "

"Enter passphrase to unlock the disk";

if(cryptsource == NULL){

if(crypttarget == NULL){

ret = asprintf(&prompt, "%s: ", prompt_start);

} else {

ret = asprintf(&prompt, "%s (%s): ", prompt_start,

crypttarget);

}

} else {

if(crypttarget == NULL){

ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);

} else {

ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,

cryptsource, crypttarget);

}

if(ret == -1){

return EXIT_FAILURE;

}

/* Find splashy process */

pid_t splashy_pid = 0;

{

const char splashy_name[] = "/sbin/splashy";

DIR *proc_dir = opendir("/proc");

if(proc_dir == NULL){

free(prompt);

perror("opendir");

return EXIT_FAILURE;

}

for(struct dirent *proc_ent = readdir(proc_dir);

proc_ent != NULL;

proc_ent = readdir(proc_dir)){

100

pid_t pid;

101

/* In the GNU C library, pid_t is always int */

102

ret = sscanf(proc_ent->d_name, "%d", &pid);

103

if(ret != 1){

104

/* Not a process */

105

continue;

106

}

107

/* Find the executable name by doing readlink() on the

108

/proc/<pid>/exe link */

109

char exe_target[sizeof(splashy_name)];

110

ssize_t sret;

111

{

112

char *exe_link;

113

ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);

114

if(ret == -1){

115

perror("asprintf");

116

free(prompt);

117

closedir(proc_dir);

118

return EXIT_FAILURE;

119

}

120

121

/* Check that it refers to a symlink owned by root:root */

122

struct stat exe_stat;

123

ret = lstat(exe_link, &exe_stat);

124

if(ret == -1){

125

if(errno == ENOENT){

126

free(exe_link);

127

continue;

128

}

129

perror("lstat");

130

free(exe_link);

131

free(prompt);

132

closedir(proc_dir);

133

return EXIT_FAILURE;

134

}

135

if(not S_ISLNK(exe_stat.st_mode)

136

or exe_stat.st_uid != 0

137

or exe_stat.st_gid != 0){

138

free(exe_link);

139

continue;

140

}

141

142

sret = readlink(exe_link, exe_target, sizeof(exe_target));

143

free(exe_link);

144

}

145

if((sret == ((ssize_t)sizeof(exe_target)-1))

146

and (memcmp(splashy_name, exe_target,

147

sizeof(exe_target)-1) == 0)){

148

splashy_pid = pid;

149

break;

150

}

151

}

152

closedir(proc_dir);

153

}

154

if(splashy_pid == 0){

155

free(prompt);

156

return EXIT_FAILURE;

157

}

158

159

/* Set up the signal handler */

160

{

161

struct sigaction old_action,

162

new_action = { .sa_handler = termination_handler,

163

.sa_flags = 0 };

164

sigemptyset(&new_action.sa_mask);

165

sigaddset(&new_action.sa_mask, SIGINT);

166

sigaddset(&new_action.sa_mask, SIGHUP);

167

sigaddset(&new_action.sa_mask, SIGTERM);

168

ret = sigaction(SIGINT, NULL, &old_action);

169

if(ret == -1){

170

perror("sigaction");

171

free(prompt);

172

return EXIT_FAILURE;

173

}

174

if(old_action.sa_handler != SIG_IGN){

175

ret = sigaction(SIGINT, &new_action, NULL);

176

if(ret == -1){

177

perror("sigaction");

178

free(prompt);

179

return EXIT_FAILURE;

180

}

181

}

182

ret = sigaction(SIGHUP, NULL, &old_action);

183

if(ret == -1){

184

perror("sigaction");

185

free(prompt);

186

return EXIT_FAILURE;

187

}

188

if(old_action.sa_handler != SIG_IGN){

189

ret = sigaction(SIGHUP, &new_action, NULL);

190

if(ret == -1){

191

perror("sigaction");

192

free(prompt);

193

return EXIT_FAILURE;

194

}

195

}

196

ret = sigaction(SIGTERM, NULL, &old_action);

197

if(ret == -1){

198

perror("sigaction");

199

free(prompt);

200

return EXIT_FAILURE;

201

}

202

if(old_action.sa_handler != SIG_IGN){

203

ret = sigaction(SIGTERM, &new_action, NULL);

204

if(ret == -1){

205

perror("sigaction");

206

free(prompt);

207

return EXIT_FAILURE;

208

}

209

}

210

}

211

212

/* Fork off the splashy command to prompt for password */

213

pid_t splashy_command_pid = 0;

214

if(not interrupted_by_signal){

215

splashy_command_pid = fork();

216

if(splashy_command_pid == -1){

217

if(not interrupted_by_signal){

218

perror("fork");

219

}

220

return EXIT_FAILURE;

221

}

222

/* Child */

223

if(splashy_command_pid == 0){

224

const char splashy_command[] = "/sbin/splashy_update";

225

ret = execl(splashy_command, splashy_command, prompt,

226

(char *)NULL);

227

if(not interrupted_by_signal){

228

perror("execl");

229

}

230

free(prompt);

231

_exit(EXIT_FAILURE);

232

}

233

}

234

235

/* Parent */

236

free(prompt);

237

238

/* Wait for command to complete */

239

if(not interrupted_by_signal and splashy_command_pid != 0){

240

int status;

241

ret = waitpid(splashy_command_pid, &status, 0);

242

if(ret == -1){

243

if(errno != EINTR){

244

perror("waitpid");

245

}

246

if(errno == ECHILD){

247

splashy_command_pid = 0;

248

}

249

} else {

250

/* The child process has exited */

251

splashy_command_pid = 0;

252

if(not interrupted_by_signal and WIFEXITED(status)

253

and WEXITSTATUS(status)==0){

254

return EXIT_SUCCESS;

255

}

256

}

257

}

258

kill(splashy_pid, SIGTERM);

259

if(interrupted_by_signal and splashy_command_pid != 0){

260

kill(splashy_command_pid, SIGTERM);

261

}

262

sleep(2);

263

while(kill(splashy_pid, 0) == 0){

264

kill(splashy_pid, SIGKILL);

265

sleep(1);

266

}

267

pid_t new_splashy_pid = fork();

268

if(new_splashy_pid == 0){

269

/* Child; will become new splashy process */

270

271

/* Make the effective user ID (root) the only user ID instead of

272

the real user ID (_mandos) */

273

ret = setuid(geteuid());

274

if(ret == -1){

275

perror("setuid");

276

}

277

278

setsid();

279

ret = chdir("/");

280

/* if(fork() != 0){ */

281

/* _exit(EXIT_SUCCESS); */

282

/* } */

283

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

284

if(ret == -1){

285

perror("dup2");

286

_exit(EXIT_FAILURE);

287

}

288

289

execl("/sbin/splashy", "/sbin/splashy", "boot", (char *)NULL);

290

if(not interrupted_by_signal){

291

perror("execl");

292

}

293

_exit(EXIT_FAILURE);

294

}

295

296

return EXIT_FAILURE;

297

}

Older »