1
/* -*- coding: utf-8 -*- */
3
* Splashy - Read a password from splashy and output it
5
* Copyright © 2008,2009 Teddy Hogeborn
6
* Copyright © 2008,2009 Björn Påhlsson
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
13
* This program is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* General Public License for more details.
18
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
22
* Contact the authors at <https://www.fukt.bsnet.se/~belorn/> and
23
* <https://www.fukt.bsnet.se/~teddy/>.
26
#define _GNU_SOURCE /* asprintf() */
27
#include <signal.h> /* sig_atomic_t, struct sigaction,
28
sigemptyset(), sigaddset(), SIGINT,
29
SIGHUP, SIGTERM, sigaction,
30
SIG_IGN, kill(), SIGKILL */
31
#include <stddef.h> /* NULL */
32
#include <stdlib.h> /* getenv() */
33
#include <stdio.h> /* asprintf(), perror() */
34
#include <stdlib.h> /* EXIT_FAILURE, free(),
36
#include <sys/types.h> /* pid_t, DIR, struct dirent,
38
#include <dirent.h> /* opendir(), readdir(), closedir() */
39
#include <inttypes.h> /* intmax_t, strtoimax() */
40
#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */
41
#include <iso646.h> /* not, or, and */
42
#include <unistd.h> /* readlink(), fork(), execl(),
43
sleep(), dup2() STDERR_FILENO,
44
STDOUT_FILENO, _exit() */
45
#include <string.h> /* memcmp() */
46
#include <errno.h> /* errno */
47
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
50
sig_atomic_t interrupted_by_signal = 0;
53
static void termination_handler(int signum){
54
if(interrupted_by_signal){
57
interrupted_by_signal = 1;
58
signal_received = signum;
61
int main(__attribute__((unused))int argc,
62
__attribute__((unused))char **argv){
65
/* Create prompt string */
68
const char *const cryptsource = getenv("cryptsource");
69
const char *const crypttarget = getenv("crypttarget");
70
const char *const prompt_start = "getpass "
71
"Enter passphrase to unlock the disk";
73
if(cryptsource == NULL){
74
if(crypttarget == NULL){
75
ret = asprintf(&prompt, "%s: ", prompt_start);
77
ret = asprintf(&prompt, "%s (%s): ", prompt_start,
81
if(crypttarget == NULL){
82
ret = asprintf(&prompt, "%s %s: ", prompt_start, cryptsource);
84
ret = asprintf(&prompt, "%s %s (%s): ", prompt_start,
85
cryptsource, crypttarget);
93
/* Find splashy process */
94
pid_t splashy_pid = 0;
96
const char splashy_name[] = "/sbin/splashy";
97
DIR *proc_dir = opendir("/proc");
103
for(struct dirent *proc_ent = readdir(proc_dir);
105
proc_ent = readdir(proc_dir)){
111
tmpmax = strtoimax(proc_ent->d_name, &tmp, 10);
112
if(errno != 0 or tmp == proc_ent->d_name or *tmp != '\0'
113
or tmpmax != (pid_t)tmpmax){
119
/* Find the executable name by doing readlink() on the
120
/proc/<pid>/exe link */
121
char exe_target[sizeof(splashy_name)];
125
ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);
133
/* Check that it refers to a symlink owned by root:root */
134
struct stat exe_stat;
135
ret = lstat(exe_link, &exe_stat);
147
if(not S_ISLNK(exe_stat.st_mode)
148
or exe_stat.st_uid != 0
149
or exe_stat.st_gid != 0){
154
sret = readlink(exe_link, exe_target, sizeof(exe_target));
157
if((sret == ((ssize_t)sizeof(exe_target)-1))
158
and (memcmp(splashy_name, exe_target,
159
sizeof(exe_target)-1) == 0)){
166
if(splashy_pid == 0){
171
/* Set up the signal handler */
173
struct sigaction old_action,
174
new_action = { .sa_handler = termination_handler,
176
sigemptyset(&new_action.sa_mask);
177
sigaddset(&new_action.sa_mask, SIGINT);
183
sigaddset(&new_action.sa_mask, SIGHUP);
189
sigaddset(&new_action.sa_mask, SIGTERM);
195
ret = sigaction(SIGINT, NULL, &old_action);
201
if(old_action.sa_handler != SIG_IGN){
202
ret = sigaction(SIGINT, &new_action, NULL);
209
ret = sigaction(SIGHUP, NULL, &old_action);
215
if(old_action.sa_handler != SIG_IGN){
216
ret = sigaction(SIGHUP, &new_action, NULL);
223
ret = sigaction(SIGTERM, NULL, &old_action);
229
if(old_action.sa_handler != SIG_IGN){
230
ret = sigaction(SIGTERM, &new_action, NULL);
239
/* Fork off the splashy command to prompt for password */
240
pid_t splashy_command_pid = 0;
241
if(not interrupted_by_signal){
242
splashy_command_pid = fork();
243
if(splashy_command_pid == -1){
244
if(not interrupted_by_signal){
250
if(splashy_command_pid == 0){
251
const char splashy_command[] = "/sbin/splashy_update";
252
ret = execl(splashy_command, splashy_command, prompt,
254
if(not interrupted_by_signal){
265
/* Wait for command to complete */
266
if(not interrupted_by_signal and splashy_command_pid != 0){
268
ret = waitpid(splashy_command_pid, &status, 0);
274
splashy_command_pid = 0;
277
/* The child process has exited */
278
splashy_command_pid = 0;
279
if(not interrupted_by_signal and WIFEXITED(status)
280
and WEXITSTATUS(status)==0){
285
kill(splashy_pid, SIGTERM);
286
if(interrupted_by_signal and splashy_command_pid != 0){
287
kill(splashy_command_pid, SIGTERM);
290
while(kill(splashy_pid, 0) == 0){
291
kill(splashy_pid, SIGKILL);
294
pid_t new_splashy_pid = fork();
295
if(new_splashy_pid == 0){
296
/* Child; will become new splashy process */
298
/* Make the effective user ID (root) the only user ID instead of
299
the real user ID (_mandos) */
300
ret = setuid(geteuid());
307
/* if(fork() != 0){ */
308
/* _exit(EXIT_SUCCESS); */
310
ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */
316
execl("/sbin/splashy", "/sbin/splashy", "boot", (char *)NULL);
317
if(not interrupted_by_signal){
added
removed
plugins.d/splashy.c
