/mandos/trunk : revision 15

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/passprompt.c

Committer: Teddy Hogeborn
Date: 2008-07-20 06:33:48 UTC
Revision ID: teddy@fukt.bsnet.se-20080720063348-jscgy5p0itrgvlo8

* mandos-clients.conf ([foo]): Uncommented.
  ([foo]/secret): New.
  ([foo]/secfile): Commented out.
  ([foo]/checker): Changed to "fping -q -- %%(fqdn)s".
  ([foo]/timeout): New.

* server.py: New modeline for Python and Emacs.  Set a logging format.
  (Client.__init__): Bug fix: Choose either the value from the options
                     object or pass the argument through string_to_delta
                     for both "timeout" and "interval".
  (Client.checker_callback): Bug fix: Do not log spurious "Checker for
                             <foo> failed" messages.
  (Client.start_checker): Moved "Starting checker" log message down to
                          just before actually starting the subprocess.
                          Do not redirect the subprocesses' stdout to a
                          pipe.
  (peer_certificate, fingerprint): Added docstrings.
  (entry_group_state_changed): Call "killme()" instead of
                               "main_loop.quit()".
  (daemon, killme): New functions.
  (exitstatus, main_loop_started): New global variables.
  (__main__): Removed the "--cert", "--key", "--ca", and "--crl"
              options.  Removed the sleep command from the default
              checker.  Add a console logger in debug mode.  Call
              "killme()" instead of "main_loop.quit()" when there are no
              more clients.  Call "daemon()" if not in debug mode.
              Register "cleanup()" to run at exit.  Ignore some
              signals.  Catch DBusException to detect another running
              server and exit cleanly.  Exit with "exitstatus".
  (cleanup): New function.

files added:
plugins.d/Makefile

files removed:
server.conf

files renamed:
clients.conf => mandos-clients.conf

files modified:
Makefile

TODO

plugbasedclient.c

plugins.d/mandosclient.c

plugins.d/passprompt.c

server.py

Show diffs side-by-side

added added

removed removed

plugins.d/passprompt.c

/* -*- coding: utf-8 -*- */

* Passprompt - Read a password from the terminal and print it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and

* <https://www.fukt.bsnet.se/~teddy/>.

#define _GNU_SOURCE /* getline() */

#define _FORTIFY_SOURCE 2

#include <termios.h> /* struct termios, tcsetattr(),

TCSAFLUSH, tcgetattr(), ECHO */

#include <unistd.h> /* struct termios, tcsetattr(),

SIGQUIT, SIGHUP, SIGTERM */

#include <stddef.h> /* NULL, size_t */

#include <sys/types.h> /* ssize_t */

#include <stdlib.h> /* EXIT_SUCCESS, EXIT_FAILURE,

getopt_long */

#include <stdlib.h> /* EXIT_SUCCESS, EXIT_FAILURE */

#include <stdio.h> /* fprintf(), stderr, getline(),

stdin, feof(), perror(), fputc(),

stdout, getopt_long */

stdout */

#include <errno.h> /* errno, EINVAL */

#include <iso646.h> /* or, not */

#include <stdbool.h> /* bool, false, true */

#include <string.h> /* strlen, rindex, strncmp, strcmp */

#include <getopt.h> /* getopt_long */

volatile bool quit_now = false;

bool debug = false;

static void termination_handler(__attribute__((unused))int signum){

void termination_handler(int signum){

quit_now = true;

}

int main(int argc, char **argv){

ssize_t ret;

ssize_t ret = -1;

size_t n;

struct termios t_new, t_old;

char *buffer = NULL;

char *prefix = NULL;

int status = EXIT_SUCCESS;

struct sigaction old_action,

new_action = { .sa_handler = termination_handler,

.sa_flags = 0 };

while (true){

static struct option long_options[] = {

{"debug", no_argument, (int *)&debug, 1},

{"prefix", required_argument, 0, 'p'},

{0, 0, 0, 0} };

int option_index = 0;

ret = getopt_long (argc, argv, "p:", long_options, &option_index);

if (ret == -1){

break;

}

switch(ret){

case 0:

break;

case 'p':

prefix = optarg;

break;

default:

fprintf(stderr, "bad arguments\n");

exit(EXIT_FAILURE);

}

if (debug){

fprintf(stderr, "Starting %s\n", argv[0]);

}

if (debug){

fprintf(stderr, "Storing current terminal attributes\n");

}

if (tcgetattr(STDIN_FILENO, &t_old) != 0){

100

return EXIT_FAILURE;

102

103

sigemptyset(&new_action.sa_mask);

104

sigaddset(&new_action.sa_mask, SIGINT);

sigaddset(&new_action.sa_mask, SIGQUIT);

105

sigaddset(&new_action.sa_mask, SIGHUP);

106

sigaddset(&new_action.sa_mask, SIGTERM);

107

sigaction(SIGINT, NULL, &old_action);

108

if (old_action.sa_handler != SIG_IGN)

109

sigaction(SIGINT, &new_action, NULL);

sigaction(SIGQUIT, NULL, &old_action);

if (old_action.sa_handler != SIG_IGN)

sigaction(SIGQUIT, &new_action, NULL);

110

sigaction(SIGHUP, NULL, &old_action);

111

if (old_action.sa_handler != SIG_IGN)

112

sigaction(SIGHUP, &new_action, NULL);

113

sigaction(SIGTERM, NULL, &old_action);

114

if (old_action.sa_handler != SIG_IGN)

115

sigaction(SIGTERM, &new_action, NULL);

116

117

118

if (debug){

119

fprintf(stderr, "Removing echo flag from terminal attributes\n");

120

}

121

122

t_new = t_old;

123

t_new.c_lflag &= ~ECHO;

125

perror("tcsetattr-echo");

126

return EXIT_FAILURE;

127

}

128

129

if (debug){

130

fprintf(stderr, "Waiting for input from stdin \n");

131

}

132

while(true){

133

if (quit_now){

134

status = EXIT_FAILURE;

135

break;

136

}

137

138

if(prefix){

139

fprintf(stderr, "%s Password: ", prefix);

140

} else {

141

fprintf(stderr, "Password: ");

142

}

fprintf(stderr, "Password: ");

143

ret = getline(&buffer, &n, stdin);

144

if (ret > 0){

145

fprintf(stdout, "%s", buffer);

146

status = EXIT_SUCCESS;

147

break;

148

}

// ret == 0 makes no other sence than to retry to read from stdin

149

if (ret < 0){

150

if (errno != EINTR and not feof(stdin)){

151

perror("getline");

153

break;

154

}

155

}

156

/* if(ret == 0), then the only sensible thing to do is to retry to

157

read from stdin */

158

fputc('\n', stderr);

159

}

160

161

if (debug){

162

fprintf(stderr, "Restoring terminal attributes\n");

163

}

164

if (tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_old) != 0){

165

perror("tcsetattr+echo");

166

}

167

168

if (debug){

169

fprintf(stderr, "%s is exiting\n", argv[0]);

170

}

171

172

return status;

173

}

Older »