To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/usplash.c
- browse files at revision 211
- compare with another revision
- download diff
- download tarball
- view history from revision 211
- Committer: Teddy Hogeborn
- Date: 2008-09-26 05:04:15 UTC
- Revision ID: teddy@fukt.bsnet.se-20080926050415-20l2y561cgyaq97i
* .bzrignore: Added "plugins/splashy", "plugins/usplash", and a couple
of intermediate files in "debian/po".
of intermediate files in "debian/po".
- files added:
- debian/mandos-client.config
- debian/po
- files removed:
- etc-plugins.d-README
- files modified:
- .bzrignore
added
removed
plugins.d/usplash.c
1
#define _GNU_SOURCE /* asprintf() */
2
#include <signal.h> /* sig_atomic_t, struct sigaction,
3
sigemptyset(), sigaddset(),
4
sigaction, SIGINT, SIG_IGN, SIGHUP,
5
SIGTERM, kill(), SIGKILL */
6
#include <stddef.h> /* NULL */
7
#include <stdlib.h> /* getenv() */
8
#include <stdio.h> /* asprintf(), perror() */
9
#include <stdlib.h> /* EXIT_FAILURE, EXIT_SUCCESS,
10
strtoul(), free() */
11
#include <sys/types.h> /* pid_t, DIR, struct dirent,
12
ssize_t */
13
#include <dirent.h> /* opendir(), readdir(), closedir() */
14
#include <unistd.h> /* readlink(), fork(), execl(),
15
_exit */
16
#include <string.h> /* memcmp() */
17
#include <iso646.h> /* and */
18
#include <stdbool.h> /* bool, false, true */
19
#include <errno.h> /* errno */
20
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
21
WEXITSTATUS() */
22
#include <fcntl.h> /* open(), O_RDONLY */
23
24
sig_atomic_t interrupted_by_signal = 0;
25
26
static void termination_handler(__attribute__((unused))int signum){
27
interrupted_by_signal = 1;
28
}
29
30
static bool usplash_write(const char *cmd, const char *arg){
31
/*
32
* usplash_write("TIMEOUT", "15"); -> "TIMEOUT 15\0"
33
* usplash_write("PULSATE", NULL); -> "PULSATE\0"
34
* SEE ALSO
35
* usplash_write(8)
36
*/
37
int ret;
38
int fifo_fd;
39
do{
40
fifo_fd = open("/dev/.initramfs/usplash_fifo", O_WRONLY);
41
if(fifo_fd == -1 and (errno != EINTR or interrupted_by_signal)){
42
return false;
43
}
44
}while(fifo_fd == -1);
45
46
const char *cmd_line;
47
char *cmd_line_alloc = NULL;
48
if(arg == NULL){
49
cmd_line = cmd;
50
ret = (int)strlen(cmd);
51
}else{
52
do{
53
ret = asprintf(&cmd_line_alloc, "%s %s", cmd, arg);
54
if(ret == -1 and (errno != EINTR or interrupted_by_signal)){
55
int e = errno;
56
close(fifo_fd);
57
errno = e;
58
return false;
59
}
60
}while(ret == -1);
61
cmd_line = cmd_line_alloc;
62
}
63
64
size_t cmd_line_len = (size_t)ret + 1;
65
size_t written = 0;
66
while(not interrupted_by_signal and written < cmd_line_len){
67
ret = write(fifo_fd, cmd_line + written,
68
cmd_line_len - written);
69
if(ret == -1){
70
if(errno != EINTR or interrupted_by_signal){
71
int e = errno;
72
close(fifo_fd);
73
free(cmd_line_alloc);
74
errno = e;
75
return false;
76
} else {
77
continue;
78
}
79
}
80
written += (size_t)ret;
81
}
82
free(cmd_line_alloc);
83
do{
84
ret = close(fifo_fd);
85
if(ret == -1 and (errno != EINTR or interrupted_by_signal)){
86
return false;
87
}
88
}while(ret == -1);
89
if(interrupted_by_signal){
90
return false;
91
}
92
return true;
93
}
94
95
int main(__attribute__((unused))int argc,
96
__attribute__((unused))char **argv){
97
int ret = 0;
98
ssize_t sret;
99
bool an_error_occured = false;
100
101
/* Create prompt string */
102
char *prompt = NULL;
103
{
104
const char *const cryptsource = getenv("cryptsource");
105
const char *const crypttarget = getenv("crypttarget");
106
const char *const prompt_start = "Enter passphrase to unlock the disk";
107
108
if(cryptsource == NULL){
109
if(crypttarget == NULL){
110
ret = asprintf(&prompt, "%s: ", prompt_start);
111
} else {
112
ret = asprintf(&prompt, "%s (%s): ", prompt_start,
113
crypttarget);
114
}
115
} else {
116
if(crypttarget == NULL){
117
ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);
118
} else {
119
ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,
120
cryptsource, crypttarget);
121
}
122
}
123
if(ret == -1){
124
return EXIT_FAILURE;
125
}
126
}
127
128
/* Find usplash process */
129
pid_t usplash_pid = 0;
130
char *cmdline = NULL;
131
size_t cmdline_len = 0;
132
const char usplash_name[] = "/sbin/usplash";
133
{
134
DIR *proc_dir = opendir("/proc");
135
if(proc_dir == NULL){
136
free(prompt);
137
perror("opendir");
138
return EXIT_FAILURE;
139
}
140
for(struct dirent *proc_ent = readdir(proc_dir);
141
proc_ent != NULL;
142
proc_ent = readdir(proc_dir)){
143
pid_t pid = (pid_t) strtoul(proc_ent->d_name, NULL, 10);
144
if(pid == 0){
145
/* Not a process */
146
continue;
147
}
148
/* Find the executable name by doing readlink() on the
149
/proc/<pid>/exe link */
150
char exe_target[sizeof(usplash_name)];
151
{
152
char *exe_link;
153
ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);
154
if(ret == -1){
155
perror("asprintf");
156
free(prompt);
157
closedir(proc_dir);
158
return EXIT_FAILURE;
159
}
160
sret = readlink(exe_link, exe_target, sizeof(exe_target));
161
free(exe_link);
162
}
163
if((sret == ((ssize_t)sizeof(exe_target)-1))
164
and (memcmp(usplash_name, exe_target,
165
sizeof(exe_target)-1) == 0)){
166
usplash_pid = pid;
167
/* Read and save the command line of usplash in "cmdline" */
168
{
169
/* Open /proc/<pid>/cmdline */
170
int cl_fd;
171
{
172
char *cmdline_filename;
173
ret = asprintf(&cmdline_filename, "/proc/%s/cmdline",
174
proc_ent->d_name);
175
if(ret == -1){
176
perror("asprintf");
177
free(prompt);
178
closedir(proc_dir);
179
return EXIT_FAILURE;
180
}
181
cl_fd = open(cmdline_filename, O_RDONLY);
182
if(cl_fd == -1){
183
perror("open");
184
free(cmdline_filename);
185
free(prompt);
186
closedir(proc_dir);
187
return EXIT_FAILURE;
188
}
189
free(cmdline_filename);
190
}
191
size_t cmdline_allocated = 0;
192
char *tmp;
193
const size_t blocksize = 1024;
194
do{
195
if(cmdline_len + blocksize > cmdline_allocated){
196
tmp = realloc(cmdline, cmdline_allocated + blocksize);
197
if(tmp == NULL){
198
perror("realloc");
199
free(cmdline);
200
free(prompt);
201
closedir(proc_dir);
202
return EXIT_FAILURE;
203
}
204
cmdline = tmp;
205
cmdline_allocated += blocksize;
206
}
207
sret = read(cl_fd, cmdline + cmdline_len,
208
cmdline_allocated - cmdline_len);
209
if(sret == -1){
210
perror("read");
211
free(cmdline);
212
free(prompt);
213
closedir(proc_dir);
214
return EXIT_FAILURE;
215
}
216
cmdline_len += (size_t)sret;
217
} while(sret != 0);
218
close(cl_fd);
219
}
220
break;
221
}
222
}
223
closedir(proc_dir);
224
}
225
if(usplash_pid == 0){
226
free(prompt);
227
return EXIT_FAILURE;
228
}
229
230
/* Set up the signal handler */
231
{
232
struct sigaction old_action,
233
new_action = { .sa_handler = termination_handler,
234
.sa_flags = 0 };
235
sigemptyset(&new_action.sa_mask);
236
sigaddset(&new_action.sa_mask, SIGINT);
237
sigaddset(&new_action.sa_mask, SIGHUP);
238
sigaddset(&new_action.sa_mask, SIGTERM);
239
ret = sigaction(SIGINT, NULL, &old_action);
240
if(ret == -1){
241
perror("sigaction");
242
free(prompt);
243
return EXIT_FAILURE;
244
}
245
if (old_action.sa_handler != SIG_IGN){
246
ret = sigaction(SIGINT, &new_action, NULL);
247
if(ret == -1){
248
perror("sigaction");
249
free(prompt);
250
return EXIT_FAILURE;
251
}
252
}
253
ret = sigaction(SIGHUP, NULL, &old_action);
254
if(ret == -1){
255
perror("sigaction");
256
free(prompt);
257
return EXIT_FAILURE;
258
}
259
if (old_action.sa_handler != SIG_IGN){
260
ret = sigaction(SIGHUP, &new_action, NULL);
261
if(ret == -1){
262
perror("sigaction");
263
free(prompt);
264
return EXIT_FAILURE;
265
}
266
}
267
ret = sigaction(SIGTERM, NULL, &old_action);
268
if(ret == -1){
269
perror("sigaction");
270
free(prompt);
271
return EXIT_FAILURE;
272
}
273
if (old_action.sa_handler != SIG_IGN){
274
ret = sigaction(SIGTERM, &new_action, NULL);
275
if(ret == -1){
276
perror("sigaction");
277
free(prompt);
278
return EXIT_FAILURE;
279
}
280
}
281
}
282
283
/* Write command to FIFO */
284
if(not interrupted_by_signal){
285
if(not usplash_write("TIMEOUT", "0")
286
and (errno != EINTR)){
287
perror("usplash_write");
288
an_error_occured = true;
289
}
290
}
291
if(not interrupted_by_signal and not an_error_occured){
292
if(not usplash_write("INPUTQUIET", prompt)
293
and (errno != EINTR)){
294
perror("usplash_write");
295
an_error_occured = true;
296
}
297
}
298
free(prompt);
299
300
/* This is not really a loop; while() is used to be able to "break"
301
out of it; those breaks are marked "Big" */
302
while(not interrupted_by_signal and not an_error_occured){
303
char *buf = NULL;
304
size_t buf_len = 0;
305
306
/* Open FIFO */
307
int fifo_fd;
308
do{
309
fifo_fd = open("/dev/.initramfs/usplash_outfifo", O_RDONLY);
310
if(fifo_fd == -1){
311
if(errno != EINTR){
312
perror("open");
313
an_error_occured = true;
314
break;
315
}
316
if(interrupted_by_signal){
317
break;
318
}
319
}
320
}while(fifo_fd == -1);
321
if(interrupted_by_signal or an_error_occured){
322
break; /* Big */
323
}
324
325
/* Read from FIFO */
326
size_t buf_allocated = 0;
327
const size_t blocksize = 1024;
328
do{
329
if(buf_len + blocksize > buf_allocated){
330
char *tmp = realloc(buf, buf_allocated + blocksize);
331
if(tmp == NULL){
332
perror("realloc");
333
an_error_occured = true;
334
break;
335
}
336
buf = tmp;
337
buf_allocated += blocksize;
338
}
339
do{
340
sret = read(fifo_fd, buf + buf_len, buf_allocated - buf_len);
341
if(sret == -1){
342
if(errno != EINTR){
343
perror("read");
344
an_error_occured = true;
345
break;
346
}
347
if(interrupted_by_signal){
348
break;
349
}
350
}
351
}while(sret == -1);
352
if(interrupted_by_signal or an_error_occured){
353
break;
354
}
355
356
buf_len += (size_t)sret;
357
}while(sret != 0);
358
close(fifo_fd);
359
if(interrupted_by_signal or an_error_occured){
360
break; /* Big */
361
}
362
363
if(not usplash_write("TIMEOUT", "15")
364
and (errno != EINTR)){
365
perror("usplash_write");
366
an_error_occured = true;
367
}
368
if(interrupted_by_signal or an_error_occured){
369
break; /* Big */
370
}
371
372
/* Print password to stdout */
373
size_t written = 0;
374
do{
375
do{
376
sret = write(STDOUT_FILENO, buf + written, buf_len - written);
377
if(sret == -1){
378
if(errno != EINTR){
379
perror("write");
380
an_error_occured = true;
381
break;
382
}
383
if(interrupted_by_signal){
384
break;
385
}
386
}
387
}while(sret == -1);
388
if(interrupted_by_signal or an_error_occured){
389
break;
390
}
391
392
written += (size_t)sret;
393
}while(written < buf_len);
394
if(not interrupted_by_signal and not an_error_occured){
395
return EXIT_SUCCESS;
396
}
397
break; /* Big */
398
}
399
400
/* If we got here, an error or interrupt must have happened */
401
402
int cmdline_argc = 0;
403
char **cmdline_argv = malloc(sizeof(char *));
404
/* Create argv and argc for new usplash*/
405
{
406
size_t position = 0;
407
while(position < cmdline_len){
408
char **tmp = realloc(cmdline_argv,
409
(sizeof(char *) * (size_t)(cmdline_argc + 2)));
410
if(tmp == NULL){
411
perror("realloc");
412
free(cmdline_argv);
413
return EXIT_FAILURE;
414
}
415
cmdline_argv = tmp;
416
cmdline_argv[cmdline_argc] = cmdline + position;
417
cmdline_argc++;
418
position += strlen(cmdline + position) + 1;
419
}
420
cmdline_argv[cmdline_argc] = NULL;
421
}
422
/* Kill old usplash */
423
kill(usplash_pid, SIGTERM);
424
sleep(2);
425
while(kill(usplash_pid, 0) == 0){
426
kill(usplash_pid, SIGKILL);
427
sleep(1);
428
}
429
pid_t new_usplash_pid = fork();
430
if(new_usplash_pid == 0){
431
/* Child; will become new usplash process */
432
433
/* Make the effective user ID (root) the only user ID instead of
434
the real user ID (mandos) */
435
ret = setuid(geteuid());
436
if (ret == -1){
437
perror("setuid");
438
}
439
440
setsid();
441
ret = chdir("/");
442
/* if(fork() != 0){ */
443
/* _exit(EXIT_SUCCESS); */
444
/* } */
445
ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */
446
if(ret == -1){
447
perror("dup2");
448
_exit(EXIT_FAILURE);
449
}
450
451
execv(usplash_name, cmdline_argv);
452
}
453
sleep(2);
454
if(not usplash_write("PULSATE", NULL)
455
and (errno != EINTR)){
456
perror("usplash_write");
457
}
458
459
return EXIT_FAILURE;
460
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0