/mandos/trunk : revision 265

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/splashy.c

Committer: Teddy Hogeborn
Date: 2009-01-13 04:29:35 UTC
Revision ID: teddy@fukt.bsnet.se-20090113042935-ztxe47n42q5z767b

* plugin-runner.c (main): Bug fix; do not accept a "d" character after
                          user ID or group ID numbers.  Bug fix: use
                          "%u" when printing PID of coredumped plugin,
                          not "%d".
* plugins.d/password-prompt.c (main): Remove comment which was copied
                                      from another program by mistake.
* plugins.d/splashy.c: Only comment changes.
* plugins.d/usplash.c: - '' -

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

default-mandos

init.d-mandos

legalnotice.xml

mandos-list

mandos-options.xml

mandos.lsm

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files removed:
plugins.d/usplash

files renamed:
plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

plugins.d/splashy.c

/* -*- coding: utf-8 -*- */

* Splashy - Read a password from splashy and output it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and

* <https://www.fukt.bsnet.se/~teddy/>.

#define _GNU_SOURCE /* asprintf() */

#include <signal.h> /* sig_atomic_t, struct sigaction,

sigemptyset(), sigaddset(), SIGINT,

SIGHUP, SIGTERM, sigaction,

SIG_IGN, kill(), SIGKILL */

#include <stddef.h> /* NULL */

#include <stdlib.h> /* getenv() */

#include <stdio.h> /* asprintf(), perror(), sscanf() */

#include <stdlib.h> /* EXIT_FAILURE, free(),

EXIT_SUCCESS */

#include <sys/types.h> /* pid_t, DIR, struct dirent,

ssize_t */

#include <dirent.h> /* opendir(), readdir(), closedir() */

#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */

#include <iso646.h> /* not, or, and */

#include <unistd.h> /* readlink(), fork(), execl(),

sleep(), dup2() STDERR_FILENO,

STDOUT_FILENO, _exit() */

#include <string.h> /* memcmp() */

#include <errno.h> /* errno */

#include <sys/wait.h> /* waitpid(), WIFEXITED(),

WEXITSTATUS() */

sig_atomic_t interrupted_by_signal = 0;

static void termination_handler(__attribute__((unused))int signum){

interrupted_by_signal = 1;

}

int main(__attribute__((unused))int argc,

__attribute__((unused))char **argv){

int ret = 0;

/* Create prompt string */

char *prompt = NULL;

{

const char *const cryptsource = getenv("cryptsource");

const char *const crypttarget = getenv("crypttarget");

const char *const prompt_start = "getpass "

"Enter passphrase to unlock the disk";

if(cryptsource == NULL){

if(crypttarget == NULL){

ret = asprintf(&prompt, "%s: ", prompt_start);

} else {

ret = asprintf(&prompt, "%s (%s): ", prompt_start,

crypttarget);

}

} else {

if(crypttarget == NULL){

ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);

} else {

ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,

cryptsource, crypttarget);

}

if(ret == -1){

return EXIT_FAILURE;

}

/* Find splashy process */

pid_t splashy_pid = 0;

{

const char splashy_name[] = "/sbin/splashy";

DIR *proc_dir = opendir("/proc");

if(proc_dir == NULL){

free(prompt);

perror("opendir");

return EXIT_FAILURE;

}

for(struct dirent *proc_ent = readdir(proc_dir);

proc_ent != NULL;

proc_ent = readdir(proc_dir)){

100

pid_t pid;

101

/* In the GNU C library, pid_t is always int */

102

ret = sscanf(proc_ent->d_name, "%d", &pid);

103

if(ret != 1){

104

/* Not a process */

105

continue;

106

}

107

/* Find the executable name by doing readlink() on the

108

/proc/<pid>/exe link */

109

char exe_target[sizeof(splashy_name)];

110

ssize_t sret;

111

{

112

char *exe_link;

113

ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);

114

if(ret == -1){

115

perror("asprintf");

116

free(prompt);

117

closedir(proc_dir);

118

return EXIT_FAILURE;

119

}

120

121

/* Check that it refers to a symlink owned by root:root */

122

struct stat exe_stat;

123

ret = lstat(exe_link, &exe_stat);

124

if(ret == -1){

125

if(errno == ENOENT){

126

free(exe_link);

127

continue;

128

}

129

perror("lstat");

130

free(exe_link);

131

free(prompt);

132

closedir(proc_dir);

133

return EXIT_FAILURE;

134

}

135

if(not S_ISLNK(exe_stat.st_mode)

136

or exe_stat.st_uid != 0

137

or exe_stat.st_gid != 0){

138

free(exe_link);

139

continue;

140

}

141

142

sret = readlink(exe_link, exe_target, sizeof(exe_target));

143

free(exe_link);

144

}

145

if((sret == ((ssize_t)sizeof(exe_target)-1))

146

and (memcmp(splashy_name, exe_target,

147

sizeof(exe_target)-1) == 0)){

148

splashy_pid = pid;

149

break;

150

}

151

}

152

closedir(proc_dir);

153

}

154

if(splashy_pid == 0){

155

free(prompt);

156

return EXIT_FAILURE;

157

}

158

159

/* Set up the signal handler */

160

{

161

struct sigaction old_action,

162

new_action = { .sa_handler = termination_handler,

163

.sa_flags = 0 };

164

sigemptyset(&new_action.sa_mask);

165

sigaddset(&new_action.sa_mask, SIGINT);

166

sigaddset(&new_action.sa_mask, SIGHUP);

167

sigaddset(&new_action.sa_mask, SIGTERM);

168

ret = sigaction(SIGINT, NULL, &old_action);

169

if(ret == -1){

170

perror("sigaction");

171

free(prompt);

172

return EXIT_FAILURE;

173

}

174

if(old_action.sa_handler != SIG_IGN){

175

ret = sigaction(SIGINT, &new_action, NULL);

176

if(ret == -1){

177

perror("sigaction");

178

free(prompt);

179

return EXIT_FAILURE;

180

}

181

}

182

ret = sigaction(SIGHUP, NULL, &old_action);

183

if(ret == -1){

184

perror("sigaction");

185

free(prompt);

186

return EXIT_FAILURE;

187

}

188

if(old_action.sa_handler != SIG_IGN){

189

ret = sigaction(SIGHUP, &new_action, NULL);

190

if(ret == -1){

191

perror("sigaction");

192

free(prompt);

193

return EXIT_FAILURE;

194

}

195

}

196

ret = sigaction(SIGTERM, NULL, &old_action);

197

if(ret == -1){

198

perror("sigaction");

199

free(prompt);

200

return EXIT_FAILURE;

201

}

202

if(old_action.sa_handler != SIG_IGN){

203

ret = sigaction(SIGTERM, &new_action, NULL);

204

if(ret == -1){

205

perror("sigaction");

206

free(prompt);

207

return EXIT_FAILURE;

208

}

209

}

210

}

211

212

/* Fork off the splashy command to prompt for password */

213

pid_t splashy_command_pid = 0;

214

if(not interrupted_by_signal){

215

splashy_command_pid = fork();

216

if(splashy_command_pid == -1){

217

if(not interrupted_by_signal){

218

perror("fork");

219

}

220

return EXIT_FAILURE;

221

}

222

/* Child */

223

if(splashy_command_pid == 0){

224

const char splashy_command[] = "/sbin/splashy_update";

225

ret = execl(splashy_command, splashy_command, prompt,

226

(char *)NULL);

227

if(not interrupted_by_signal){

228

perror("execl");

229

}

230

free(prompt);

231

_exit(EXIT_FAILURE);

232

}

233

}

234

235

/* Parent */

236

free(prompt);

237

238

/* Wait for command to complete */

239

if(not interrupted_by_signal and splashy_command_pid != 0){

240

int status;

241

ret = waitpid(splashy_command_pid, &status, 0);

242

if(ret == -1){

243

if(errno != EINTR){

244

perror("waitpid");

245

}

246

if(errno == ECHILD){

247

splashy_command_pid = 0;

248

}

249

} else {

250

/* The child process has exited */

251

splashy_command_pid = 0;

252

if(not interrupted_by_signal and WIFEXITED(status)

253

and WEXITSTATUS(status)==0){

254

return EXIT_SUCCESS;

255

}

256

}

257

}

258

kill(splashy_pid, SIGTERM);

259

if(interrupted_by_signal and splashy_command_pid != 0){

260

kill(splashy_command_pid, SIGTERM);

261

}

262

sleep(2);

263

while(kill(splashy_pid, 0) == 0){

264

kill(splashy_pid, SIGKILL);

265

sleep(1);

266

}

267

pid_t new_splashy_pid = fork();

268

if(new_splashy_pid == 0){

269

/* Child; will become new splashy process */

270

271

/* Make the effective user ID (root) the only user ID instead of

272

the real user ID (_mandos) */

273

ret = setuid(geteuid());

274

if(ret == -1){

275

perror("setuid");

276

}

277

278

setsid();

279

ret = chdir("/");

280

/* if(fork() != 0){ */

281

/* _exit(EXIT_SUCCESS); */

282

/* } */

283

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

284

if(ret == -1){

285

perror("dup2");

286

_exit(EXIT_FAILURE);

287

}

288

289

execl("/sbin/splashy", "/sbin/splashy", "boot", (char *)NULL);

290

if(not interrupted_by_signal){

291

perror("execl");

292

}

293

_exit(EXIT_FAILURE);

294

}

295

296

return EXIT_FAILURE;

297

}

Older »