/mandos/trunk : revision 268

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/splashy.c

Committer: Teddy Hogeborn
Date: 2009-01-14 14:20:17 UTC
Revision ID: teddy@fukt.bsnet.se-20090114142017-84t4kfw56bsftjlo

Fixes for sscanf usage:

* plugin-runner.c (main): Parse numbers correctly and portably using
                          an intermediate "intmax_t".  Cast "pid_t" to
                          "intmax_t" before passing it to "printf()".
* plugins.d/mandos-client.c (main): Parse numbers correctly and
                                    portably using an intermediate
                                    "intmax_t".  Bug fix: cast
                                    "AvahiIfIndex" to "intmax_t" and
                                    use "PRIdMAX" instead of using
                                    "PRIu16", and use "PRIu16" to
                                    format port number.
* plugins.d/splashy.c (main): Parse numbers correctly and portably
                              using an intermediate "intmax_t".
* plugins.d/usplash.c (main): - '' -

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos-keygen

mandos-keygen.xml

mandos-list

mandos-options.xml

mandos.lsm

overview.xml

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files removed:
network-protocol.txt

files renamed:
mandos-client.c => plugin-runner.c

mandos-client.xml => plugin-runner.xml

plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
Makefile

TODO

clients.conf

mandos

mandos-clients.conf.xml

mandos.conf

mandos.conf.xml

mandos.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

plugins.d/splashy.c

/* -*- coding: utf-8 -*- */

* Splashy - Read a password from splashy and output it

* This program is free software: you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation, either version 3 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program. If not, see

* <http://www.gnu.org/licenses/>.

* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and

* <https://www.fukt.bsnet.se/~teddy/>.

#define _GNU_SOURCE /* asprintf() */

#include <signal.h> /* sig_atomic_t, struct sigaction,

sigemptyset(), sigaddset(), SIGINT,

SIGHUP, SIGTERM, sigaction,

SIG_IGN, kill(), SIGKILL */

#include <stddef.h> /* NULL */

#include <stdlib.h> /* getenv() */

#include <stdio.h> /* asprintf(), perror(), sscanf() */

#include <stdlib.h> /* EXIT_FAILURE, free(),

EXIT_SUCCESS */

#include <sys/types.h> /* pid_t, DIR, struct dirent,

ssize_t */

#include <dirent.h> /* opendir(), readdir(), closedir() */

#include <inttypes.h> /* intmax_t, SCNdMAX */

#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */

#include <iso646.h> /* not, or, and */

#include <unistd.h> /* readlink(), fork(), execl(),

sleep(), dup2() STDERR_FILENO,

STDOUT_FILENO, _exit() */

#include <string.h> /* memcmp() */

#include <errno.h> /* errno */

#include <sys/wait.h> /* waitpid(), WIFEXITED(),

WEXITSTATUS() */

sig_atomic_t interrupted_by_signal = 0;

static void termination_handler(__attribute__((unused))int signum){

interrupted_by_signal = 1;

}

int main(__attribute__((unused))int argc,

__attribute__((unused))char **argv){

int ret = 0;

/* Create prompt string */

char *prompt = NULL;

{

const char *const cryptsource = getenv("cryptsource");

const char *const crypttarget = getenv("crypttarget");

const char *const prompt_start = "getpass "

"Enter passphrase to unlock the disk";

if(cryptsource == NULL){

if(crypttarget == NULL){

ret = asprintf(&prompt, "%s: ", prompt_start);

} else {

ret = asprintf(&prompt, "%s (%s): ", prompt_start,

crypttarget);

}

} else {

if(crypttarget == NULL){

ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);

} else {

ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,

cryptsource, crypttarget);

}

if(ret == -1){

return EXIT_FAILURE;

}

/* Find splashy process */

pid_t splashy_pid = 0;

{

const char splashy_name[] = "/sbin/splashy";

DIR *proc_dir = opendir("/proc");

if(proc_dir == NULL){

free(prompt);

perror("opendir");

return EXIT_FAILURE;

}

for(struct dirent *proc_ent = readdir(proc_dir);

proc_ent != NULL;

100

proc_ent = readdir(proc_dir)){

101

pid_t pid;

102

{

103

intmax_t tmpmax;

104

int numchars;

105

ret = sscanf(proc_ent->d_name, "%" SCNdMAX "%n", &tmpmax,

106

&numchars);

107

if(ret < 1 or tmpmax != (pid_t)tmpmax

108

or proc_ent->d_name[numchars] != '\0'){

109

/* Not a process */

110

continue;

111

}

112

pid = (pid_t)tmpmax;

113

}

114

/* Find the executable name by doing readlink() on the

115

/proc/<pid>/exe link */

116

char exe_target[sizeof(splashy_name)];

117

ssize_t sret;

118

{

119

char *exe_link;

120

ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);

121

if(ret == -1){

122

perror("asprintf");

123

free(prompt);

124

closedir(proc_dir);

125

return EXIT_FAILURE;

126

}

127

128

/* Check that it refers to a symlink owned by root:root */

129

struct stat exe_stat;

130

ret = lstat(exe_link, &exe_stat);

131

if(ret == -1){

132

if(errno == ENOENT){

133

free(exe_link);

134

continue;

135

}

136

perror("lstat");

137

free(exe_link);

138

free(prompt);

139

closedir(proc_dir);

140

return EXIT_FAILURE;

141

}

142

if(not S_ISLNK(exe_stat.st_mode)

143

or exe_stat.st_uid != 0

144

or exe_stat.st_gid != 0){

145

free(exe_link);

146

continue;

147

}

148

149

sret = readlink(exe_link, exe_target, sizeof(exe_target));

150

free(exe_link);

151

}

152

if((sret == ((ssize_t)sizeof(exe_target)-1))

153

and (memcmp(splashy_name, exe_target,

154

sizeof(exe_target)-1) == 0)){

155

splashy_pid = pid;

156

break;

157

}

158

}

159

closedir(proc_dir);

160

}

161

if(splashy_pid == 0){

162

free(prompt);

163

return EXIT_FAILURE;

164

}

165

166

/* Set up the signal handler */

167

{

168

struct sigaction old_action,

169

new_action = { .sa_handler = termination_handler,

170

.sa_flags = 0 };

171

sigemptyset(&new_action.sa_mask);

172

sigaddset(&new_action.sa_mask, SIGINT);

173

sigaddset(&new_action.sa_mask, SIGHUP);

174

sigaddset(&new_action.sa_mask, SIGTERM);

175

ret = sigaction(SIGINT, NULL, &old_action);

176

if(ret == -1){

177

perror("sigaction");

178

free(prompt);

179

return EXIT_FAILURE;

180

}

181

if(old_action.sa_handler != SIG_IGN){

182

ret = sigaction(SIGINT, &new_action, NULL);

183

if(ret == -1){

184

perror("sigaction");

185

free(prompt);

186

return EXIT_FAILURE;

187

}

188

}

189

ret = sigaction(SIGHUP, NULL, &old_action);

190

if(ret == -1){

191

perror("sigaction");

192

free(prompt);

193

return EXIT_FAILURE;

194

}

195

if(old_action.sa_handler != SIG_IGN){

196

ret = sigaction(SIGHUP, &new_action, NULL);

197

if(ret == -1){

198

perror("sigaction");

199

free(prompt);

200

return EXIT_FAILURE;

201

}

202

}

203

ret = sigaction(SIGTERM, NULL, &old_action);

204

if(ret == -1){

205

perror("sigaction");

206

free(prompt);

207

return EXIT_FAILURE;

208

}

209

if(old_action.sa_handler != SIG_IGN){

210

ret = sigaction(SIGTERM, &new_action, NULL);

211

if(ret == -1){

212

perror("sigaction");

213

free(prompt);

214

return EXIT_FAILURE;

215

}

216

}

217

}

218

219

/* Fork off the splashy command to prompt for password */

220

pid_t splashy_command_pid = 0;

221

if(not interrupted_by_signal){

222

splashy_command_pid = fork();

223

if(splashy_command_pid == -1){

224

if(not interrupted_by_signal){

225

perror("fork");

226

}

227

return EXIT_FAILURE;

228

}

229

/* Child */

230

if(splashy_command_pid == 0){

231

const char splashy_command[] = "/sbin/splashy_update";

232

ret = execl(splashy_command, splashy_command, prompt,

233

(char *)NULL);

234

if(not interrupted_by_signal){

235

perror("execl");

236

}

237

free(prompt);

238

_exit(EXIT_FAILURE);

239

}

240

}

241

242

/* Parent */

243

free(prompt);

244

245

/* Wait for command to complete */

246

if(not interrupted_by_signal and splashy_command_pid != 0){

247

int status;

248

ret = waitpid(splashy_command_pid, &status, 0);

249

if(ret == -1){

250

if(errno != EINTR){

251

perror("waitpid");

252

}

253

if(errno == ECHILD){

254

splashy_command_pid = 0;

255

}

256

} else {

257

/* The child process has exited */

258

splashy_command_pid = 0;

259

if(not interrupted_by_signal and WIFEXITED(status)

260

and WEXITSTATUS(status)==0){

261

return EXIT_SUCCESS;

262

}

263

}

264

}

265

kill(splashy_pid, SIGTERM);

266

if(interrupted_by_signal and splashy_command_pid != 0){

267

kill(splashy_command_pid, SIGTERM);

268

}

269

sleep(2);

270

while(kill(splashy_pid, 0) == 0){

271

kill(splashy_pid, SIGKILL);

272

sleep(1);

273

}

274

pid_t new_splashy_pid = fork();

275

if(new_splashy_pid == 0){

276

/* Child; will become new splashy process */

277

278

/* Make the effective user ID (root) the only user ID instead of

279

the real user ID (_mandos) */

280

ret = setuid(geteuid());

281

if(ret == -1){

282

perror("setuid");

283

}

284

285

setsid();

286

ret = chdir("/");

287

/* if(fork() != 0){ */

288

/* _exit(EXIT_SUCCESS); */

289

/* } */

290

ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */

291

if(ret == -1){

292

perror("dup2");

293

_exit(EXIT_FAILURE);

294

}

295

296

execl("/sbin/splashy", "/sbin/splashy", "boot", (char *)NULL);

297

if(not interrupted_by_signal){

298

perror("execl");

299

}

300

_exit(EXIT_FAILURE);

301

}

302

303

return EXIT_FAILURE;

304

}

Older »