/mandos/trunk : revision 199

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/usplash.c

Committer: Teddy Hogeborn
Date: 2008-09-21 04:22:50 UTC
Revision ID: teddy@fukt.bsnet.se-20080921042250-r0qqjsbz2ulfo5le

* Makefile: Bug fix: fix syntax error.

* debian/control: Depend on "po-debconf".
  (mandos, mandos-client): Add "${misc:Depends}", used by
                           dh_installdebconf.

* debian/mandos-client.config: New; show note.
* debian/mandos-client.template: New.

* debian/mandos.README.Debian: New.

* debian/mandos.config: New; show note.
* debian/mandos.prerm: New; stop daemon.
* debian/mandos.template: New.

* debian/po/POTFILES.in: New.
* debian/po/sv.po: New.

* debian/rules (clean): Added "debconf-updatepo" as suggested by
                        po-debconf(7).
  (binary-common): Added "dh_installdebconf" to use "debian/*.config"
                   and "debian/*.template" files.

files added:
debian/mandos-client.config

debian/mandos-client.templates

debian/mandos.config

debian/mandos.templates

debian/po/POTFILES.in

debian/po/sv.po

plugins.d/usplash

files removed:
NEWS

common.ent

debian/watch

mandos-ctl

mandos.lsm

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files modified:
.bzrignore

INSTALL

Makefile

README

TODO

clients.conf

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/rules

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

plugins.d/usplash.c

/* -*- coding: utf-8 -*- */

* Usplash - Read a password from usplash and output it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <mandos@fukt.bsnet.se>.

#define _GNU_SOURCE /* asprintf() */

#include <signal.h> /* sig_atomic_t, struct sigaction,

sigemptyset(), sigaddset(), SIGINT,

SIGHUP, SIGTERM, sigaction(),

SIG_IGN, kill(), SIGKILL */

#include <stdbool.h> /* bool, false, true */

#include <fcntl.h> /* open(), O_WRONLY, O_RDONLY */

#include <iso646.h> /* and, or, not*/

#include <errno.h> /* errno, EINTR */

#include <sys/types.h> /* size_t, ssize_t, pid_t, DIR, struct

dirent */

#include <stddef.h> /* NULL */

#include <string.h> /* strlen(), memcmp() */

#include <stdio.h> /* asprintf(), perror() */

#include <unistd.h> /* close(), write(), readlink(),

read(), STDOUT_FILENO, sleep(),

fork(), setuid(), geteuid(),

setsid(), chdir(), dup2(),

STDERR_FILENO, execv() */

#include <stdlib.h> /* free(), EXIT_FAILURE, realloc(),

EXIT_SUCCESS, malloc(), _exit() */

#include <stdlib.h> /* getenv() */

#include <dirent.h> /* opendir(), readdir(), closedir() */

#include <inttypes.h> /* intmax_t, strtoimax() */

#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */

sig_atomic_t interrupted_by_signal = 0;

static void termination_handler(__attribute__((unused))int signum){

interrupted_by_signal = 1;

}

static bool usplash_write(const char *cmd, const char *arg){

* usplash_write("TIMEOUT", "15") will write "TIMEOUT 15\0"

* usplash_write("PULSATE", NULL) will write "PULSATE\0"

* SEE ALSO

* usplash_write(8)

int ret;

int fifo_fd;

do {

fifo_fd = open("/dev/.initramfs/usplash_fifo", O_WRONLY);

if((fifo_fd == -1) and (errno != EINTR or interrupted_by_signal)){

return false;

}

} while(fifo_fd == -1);

const char *cmd_line;

size_t cmd_line_len;

char *cmd_line_alloc = NULL;

if(arg == NULL){

cmd_line = cmd;

cmd_line_len = strlen(cmd);

} else {

do {

ret = asprintf(&cmd_line_alloc, "%s %s", cmd, arg);

if(ret == -1 and (errno != EINTR or interrupted_by_signal)){

int e = errno;

close(fifo_fd);

errno = e;

return false;

}

} while(ret == -1);

cmd_line = cmd_line_alloc;

cmd_line_len = (size_t)ret + 1;

}

size_t written = 0;

ssize_t sret = 0;

while(not interrupted_by_signal and written < cmd_line_len){

sret = write(fifo_fd, cmd_line + written,

cmd_line_len - written);

if(sret == -1){

if(errno != EINTR or interrupted_by_signal){

100

int e = errno;

101

close(fifo_fd);

102

free(cmd_line_alloc);

103

errno = e;

104

return false;

105

} else {

106

continue;

107

}

108

}

109

written += (size_t)sret;

110

}

111

free(cmd_line_alloc);

112

do {

113

ret = close(fifo_fd);

114

if(ret == -1 and (errno != EINTR or interrupted_by_signal)){

115

return false;

116

}

117

} while(ret == -1);

118

if(interrupted_by_signal){

119

return false;

120

}

121

return true;

122

}

123

124

int main(__attribute__((unused))int argc,

125

__attribute__((unused))char **argv){

126

int ret = 0;

127

ssize_t sret;

128

bool an_error_occured = false;

129

130

/* Create prompt string */

131

char *prompt = NULL;

132

{

133

const char *const cryptsource = getenv("cryptsource");

134

const char *const crypttarget = getenv("crypttarget");

135

const char prompt_start[] = "Enter passphrase to unlock the disk";

136

137

if(cryptsource == NULL){

138

if(crypttarget == NULL){

139

ret = asprintf(&prompt, "%s: ", prompt_start);

140

} else {

141

ret = asprintf(&prompt, "%s (%s): ", prompt_start,

142

crypttarget);

143

}

144

} else {

145

if(crypttarget == NULL){

146

ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);

147

} else {

148

ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,

149

cryptsource, crypttarget);

150

}

151

}

152

if(ret == -1){

153

return EXIT_FAILURE;

154

}

155

}

156

157

/* Find usplash process */

158

pid_t usplash_pid = 0;

159

char *cmdline = NULL;

160

size_t cmdline_len = 0;

161

const char usplash_name[] = "/sbin/usplash";

162

{

163

DIR *proc_dir = opendir("/proc");

164

if(proc_dir == NULL){

165

free(prompt);

166

perror("opendir");

167

return EXIT_FAILURE;

168

}

169

for(struct dirent *proc_ent = readdir(proc_dir);

170

proc_ent != NULL;

171

proc_ent = readdir(proc_dir)){

172

pid_t pid;

173

{

174

intmax_t tmpmax;

175

char *tmp;

176

errno = 0;

177

tmpmax = strtoimax(proc_ent->d_name, &tmp, 10);

178

if(errno != 0 or tmp == proc_ent->d_name or *tmp != '\0'

179

or tmpmax != (pid_t)tmpmax){

180

/* Not a process */

181

continue;

182

}

183

pid = (pid_t)tmpmax;

184

}

185

/* Find the executable name by doing readlink() on the

186

/proc/<pid>/exe link */

187

char exe_target[sizeof(usplash_name)];

188

{

189

/* create file name string */

190

char *exe_link;

191

ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);

192

if(ret == -1){

193

perror("asprintf");

194

free(prompt);

195

closedir(proc_dir);

196

return EXIT_FAILURE;

197

}

198

199

/* Check that it refers to a symlink owned by root:root */

200

struct stat exe_stat;

201

ret = lstat(exe_link, &exe_stat);

202

if(ret == -1){

203

if(errno == ENOENT){

204

free(exe_link);

205

continue;

206

}

207

perror("lstat");

208

free(exe_link);

209

free(prompt);

210

closedir(proc_dir);

211

return EXIT_FAILURE;

212

}

213

if(not S_ISLNK(exe_stat.st_mode)

214

or exe_stat.st_uid != 0

215

or exe_stat.st_gid != 0){

216

free(exe_link);

217

continue;

218

}

219

220

sret = readlink(exe_link, exe_target, sizeof(exe_target));

221

free(exe_link);

222

}

223

if((sret == ((ssize_t)sizeof(exe_target)-1))

224

and (memcmp(usplash_name, exe_target,

225

sizeof(exe_target)-1) == 0)){

226

usplash_pid = pid;

227

/* Read and save the command line of usplash in "cmdline" */

228

{

229

/* Open /proc/<pid>/cmdline */

230

int cl_fd;

231

{

232

char *cmdline_filename;

233

ret = asprintf(&cmdline_filename, "/proc/%s/cmdline",

234

proc_ent->d_name);

235

if(ret == -1){

236

perror("asprintf");

237

free(prompt);

238

closedir(proc_dir);

239

return EXIT_FAILURE;

240

}

241

cl_fd = open(cmdline_filename, O_RDONLY);

242

if(cl_fd == -1){

243

perror("open");

244

free(cmdline_filename);

245

free(prompt);

246

closedir(proc_dir);

247

return EXIT_FAILURE;

248

}

249

free(cmdline_filename);

250

}

251

size_t cmdline_allocated = 0;

252

char *tmp;

253

const size_t blocksize = 1024;

254

do {

255

if(cmdline_len + blocksize > cmdline_allocated){

256

tmp = realloc(cmdline, cmdline_allocated + blocksize);

257

if(tmp == NULL){

258

perror("realloc");

259

free(cmdline);

260

free(prompt);

261

closedir(proc_dir);

262

return EXIT_FAILURE;

263

}

264

cmdline = tmp;

265

cmdline_allocated += blocksize;

266

}

267

sret = read(cl_fd, cmdline + cmdline_len,

268

cmdline_allocated - cmdline_len);

269

if(sret == -1){

270

perror("read");

271

free(cmdline);

272

free(prompt);

273

closedir(proc_dir);

274

return EXIT_FAILURE;

275

}

276

cmdline_len += (size_t)sret;

277

} while(sret != 0);

278

close(cl_fd);

279

}

280

break;

281

}

282

}

283

closedir(proc_dir);

284

}

285

if(usplash_pid == 0){

286

free(prompt);

287

return EXIT_FAILURE;

288

}

289

290

/* Set up the signal handler */

291

{

292

struct sigaction old_action,

293

new_action = { .sa_handler = termination_handler,

294

.sa_flags = 0 };

295

sigemptyset(&new_action.sa_mask);

296

sigaddset(&new_action.sa_mask, SIGINT);

297

sigaddset(&new_action.sa_mask, SIGHUP);

298

sigaddset(&new_action.sa_mask, SIGTERM);

299

ret = sigaction(SIGINT, NULL, &old_action);

300

if(ret == -1){

301

perror("sigaction");

302

free(prompt);

303

return EXIT_FAILURE;

304

}

305

if(old_action.sa_handler != SIG_IGN){

306

ret = sigaction(SIGINT, &new_action, NULL);

307

if(ret == -1){

308

perror("sigaction");

309

free(prompt);

310

return EXIT_FAILURE;

311

}

312

}

313

ret = sigaction(SIGHUP, NULL, &old_action);

314

if(ret == -1){

315

perror("sigaction");

316

free(prompt);

317

return EXIT_FAILURE;

318

}

319

if(old_action.sa_handler != SIG_IGN){

320

ret = sigaction(SIGHUP, &new_action, NULL);

321

if(ret == -1){

322

perror("sigaction");

323

free(prompt);

324

return EXIT_FAILURE;

325

}

326

}

327

ret = sigaction(SIGTERM, NULL, &old_action);

328

if(ret == -1){

329

perror("sigaction");

330

free(prompt);

331

return EXIT_FAILURE;

332

}

333

if(old_action.sa_handler != SIG_IGN){

334

ret = sigaction(SIGTERM, &new_action, NULL);

335

if(ret == -1){

336

perror("sigaction");

337

free(prompt);

338

return EXIT_FAILURE;

339

}

340

}

341

}

342

343

/* Write command to FIFO */

344

if(not interrupted_by_signal){

345

if(not usplash_write("TIMEOUT", "0")

346

and (errno != EINTR)){

347

perror("usplash_write");

348

an_error_occured = true;

349

}

350

}

351

if(not interrupted_by_signal and not an_error_occured){

352

if(not usplash_write("INPUTQUIET", prompt)

353

and (errno != EINTR)){

354

perror("usplash_write");

355

an_error_occured = true;

356

}

357

}

358

free(prompt);

359

360

/* This is not really a loop; while() is used to be able to "break"

361

out of it; those breaks are marked "Big" */

362

while(not interrupted_by_signal and not an_error_occured){

363

char *buf = NULL;

364

size_t buf_len = 0;

365

366

/* Open FIFO */

367

int fifo_fd;

368

do {

369

fifo_fd = open("/dev/.initramfs/usplash_outfifo", O_RDONLY);

370

if(fifo_fd == -1){

371

if(errno != EINTR){

372

perror("open");

373

an_error_occured = true;

374

break;

375

}

376

if(interrupted_by_signal){

377

break;

378

}

379

}

380

} while(fifo_fd == -1);

381

if(interrupted_by_signal or an_error_occured){

382

break; /* Big */

383

}

384

385

/* Read from FIFO */

386

size_t buf_allocated = 0;

387

const size_t blocksize = 1024;

388

do {

389

if(buf_len + blocksize > buf_allocated){

390

char *tmp = realloc(buf, buf_allocated + blocksize);

391

if(tmp == NULL){

392

perror("realloc");

393

an_error_occured = true;

394

break;

395

}

396

buf = tmp;

397

buf_allocated += blocksize;

398

}

399

do {

400

sret = read(fifo_fd, buf + buf_len, buf_allocated - buf_len);

401

if(sret == -1){

402

if(errno != EINTR){

403

perror("read");

404

an_error_occured = true;

405

break;

406

}

407

if(interrupted_by_signal){

408

break;

409

}

410

}

411

} while(sret == -1);

412

if(interrupted_by_signal or an_error_occured){

413

break;

414

}

415

416

buf_len += (size_t)sret;

417

} while(sret != 0);

418

close(fifo_fd);

419

if(interrupted_by_signal or an_error_occured){

420

break; /* Big */

421

}

422

423

if(not usplash_write("TIMEOUT", "15")

424

and (errno != EINTR)){

425

perror("usplash_write");

426

an_error_occured = true;

427

}

428

if(interrupted_by_signal or an_error_occured){

429

break; /* Big */

430

}

431

432

/* Print password to stdout */

433

size_t written = 0;

434

while(written < buf_len){

435

do {

436

sret = write(STDOUT_FILENO, buf + written, buf_len - written);

437

if(sret == -1){

438

if(errno != EINTR){

439

perror("write");

440

an_error_occured = true;

441

break;

442

}

443

if(interrupted_by_signal){

444

break;

445

}

446

}

447

} while(sret == -1);

448

if(interrupted_by_signal or an_error_occured){

449

break;

450

}

451

written += (size_t)sret;

452

}

453

free(buf);

454

if(not interrupted_by_signal and not an_error_occured){

455

free(cmdline);

456

return EXIT_SUCCESS;

457

}

458

break; /* Big */

459

} /* end of non-loop while() */

460

461

/* If we got here, an error or interrupt must have happened */

462

463

/* Create argc and argv for new usplash*/

464

int cmdline_argc = 0;

465

char **cmdline_argv = malloc(sizeof(char *));

466

{

467

size_t position = 0;

468

while(position < cmdline_len){

469

char **tmp = realloc(cmdline_argv,

470

(sizeof(char *)

471

* (size_t)(cmdline_argc + 2)));

472

if(tmp == NULL){

473

perror("realloc");

474

free(cmdline_argv);

475

return EXIT_FAILURE;

476

}

477

cmdline_argv = tmp;

478

cmdline_argv[cmdline_argc] = cmdline + position;

479

cmdline_argc++;

480

position += strlen(cmdline + position) + 1;

481

}

482

cmdline_argv[cmdline_argc] = NULL;

483

}

484

/* Kill old usplash */

485

kill(usplash_pid, SIGTERM);

486

sleep(2);

487

while(kill(usplash_pid, 0) == 0){

488

kill(usplash_pid, SIGKILL);

489

sleep(1);

490

}

491

pid_t new_usplash_pid = fork();

492

if(new_usplash_pid == 0){

493

/* Child; will become new usplash process */

494

495

/* Make the effective user ID (root) the only user ID instead of

496

the real user ID (_mandos) */

497

ret = setuid(geteuid());

498

if(ret == -1){

499

perror("setuid");

500

}

501

502

setsid();

503

ret = chdir("/");

504

/* if(fork() != 0){ */

505

/* _exit(EXIT_SUCCESS); */

506

/* } */

507

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

508

if(ret == -1){

509

perror("dup2");

510

_exit(EXIT_FAILURE);

511

}

512

513

execv(usplash_name, cmdline_argv);

514

if(not interrupted_by_signal){

515

perror("execv");

516

}

517

free(cmdline);

518

free(cmdline_argv);

519

_exit(EXIT_FAILURE);

520

}

521

free(cmdline);

522

free(cmdline_argv);

523

sleep(2);

524

if(not usplash_write("PULSATE", NULL)

525

and (errno != EINTR)){

526

perror("usplash_write");

527

}

528

529

return EXIT_FAILURE;

530

}

Older »