To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugins.d/splashy.c
- browse files at revision 375
- compare with another revision
- download diff
- download tarball
- view history from revision 375
- Committer: Teddy Hogeborn
- Date: 2009-09-17 11:42:12 UTC
- Revision ID: teddy@fukt.bsnet.se-20090917114212-bmb2eq0c3modtgme
* TODO: Updated.
- files added:
- NEWS
- files removed:
- debian/mandos-client.config
- files modified:
- .bzrignore
added
removed
plugins.d/splashy.c
1
#define _GNU_SOURCE /* asprintf() */
1
/* -*- coding: utf-8 -*- */
2
/*
3
* Splashy - Read a password from splashy and output it
4
*
5
* Copyright © 2008,2009 Teddy Hogeborn
6
* Copyright © 2008,2009 Björn Påhlsson
7
*
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
12
*
13
* This program is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* General Public License for more details.
17
*
18
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
21
*
22
* Contact the authors at <mandos@fukt.bsnet.se>.
23
*/
24
25
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), asprintf() */
2
26
#include <signal.h> /* sig_atomic_t, struct sigaction,
3
sigemptyset(), sigaddset(),
4
sigaction, SIGINT, SIG_IGN, SIGHUP,
5
SIGTERM, kill(), SIGKILL */
27
sigemptyset(), sigaddset(), SIGINT,
28
SIGHUP, SIGTERM, sigaction,
29
SIG_IGN, kill(), SIGKILL */
6
30
#include <stddef.h> /* NULL */
7
31
#include <stdlib.h> /* getenv() */
8
32
#include <stdio.h> /* asprintf(), perror() */
9
#include <stdlib.h> /* EXIT_FAILURE, EXIT_SUCCESS,
10
strtoul(), free() */
33
#include <stdlib.h> /* EXIT_FAILURE, free(),
34
EXIT_SUCCESS */
11
35
#include <sys/types.h> /* pid_t, DIR, struct dirent,
12
36
ssize_t */
13
37
#include <dirent.h> /* opendir(), readdir(), closedir() */
38
#include <inttypes.h> /* intmax_t, strtoimax() */
39
#include <sys/stat.h> /* struct stat, lstat(), S_ISLNK */
40
#include <iso646.h> /* not, or, and */
14
41
#include <unistd.h> /* readlink(), fork(), execl(),
15
_exit */
42
sleep(), dup2() STDERR_FILENO,
43
STDOUT_FILENO, _exit(),
44
pause() */
16
45
#include <string.h> /* memcmp() */
17
#include <iso646.h> /* and */
18
46
#include <errno.h> /* errno */
19
47
#include <sys/wait.h> /* waitpid(), WIFEXITED(),
20
48
WEXITSTATUS() */
21
49
22
50
sig_atomic_t interrupted_by_signal = 0;
51
int signal_received;
23
52
24
static void termination_handler(__attribute__((unused))int signum){
53
static void termination_handler(int signum){
54
if(interrupted_by_signal){
55
return;
56
}
25
57
interrupted_by_signal = 1;
58
signal_received = signum;
26
59
}
27
60
28
int main(__attribute__((unused))int argc, char **argv){
61
int main(__attribute__((unused))int argc,
62
__attribute__((unused))char **argv){
29
63
int ret = 0;
64
char *prompt = NULL;
65
DIR *proc_dir = NULL;
66
pid_t splashy_pid = 0;
67
pid_t splashy_command_pid = 0;
30
68
31
69
/* Create prompt string */
32
char *prompt = NULL;
33
70
{
34
71
const char *const cryptsource = getenv("cryptsource");
35
72
const char *const crypttarget = getenv("crypttarget");
52
89
}
53
90
}
54
91
if(ret == -1){
55
return EXIT_FAILURE;
92
prompt = NULL;
93
goto failure;
56
94
}
57
95
}
58
96
59
97
/* Find splashy process */
60
pid_t splashy_pid = 0;
61
98
{
62
99
const char splashy_name[] = "/sbin/splashy";
63
DIR *proc_dir = opendir("/proc");
100
proc_dir = opendir("/proc");
64
101
if(proc_dir == NULL){
65
free(prompt);
66
102
perror("opendir");
67
return EXIT_FAILURE;
103
goto failure;
68
104
}
69
105
for(struct dirent *proc_ent = readdir(proc_dir);
70
106
proc_ent != NULL;
71
107
proc_ent = readdir(proc_dir)){
72
pid_t pid = (pid_t) strtoul(proc_ent->d_name, NULL, 10);
73
if(pid == 0){
74
/* Not a process */
75
continue;
108
pid_t pid;
109
{
110
intmax_t tmpmax;
111
char *tmp;
112
errno = 0;
113
tmpmax = strtoimax(proc_ent->d_name, &tmp, 10);
114
if(errno != 0 or tmp == proc_ent->d_name or *tmp != '\0'
115
or tmpmax != (pid_t)tmpmax){
116
/* Not a process */
117
continue;
118
}
119
pid = (pid_t)tmpmax;
76
120
}
77
121
/* Find the executable name by doing readlink() on the
78
122
/proc/<pid>/exe link */
79
char *exe_link;
80
ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);
81
if(ret == -1){
82
perror("asprintf");
83
free(prompt);
84
closedir(proc_dir);
85
return EXIT_FAILURE;
86
}
87
123
char exe_target[sizeof(splashy_name)];
88
ssize_t sret = readlink(exe_link, exe_target,
89
sizeof(exe_target));
124
ssize_t sret;
125
{
126
char *exe_link;
127
ret = asprintf(&exe_link, "/proc/%s/exe", proc_ent->d_name);
128
if(ret == -1){
129
perror("asprintf");
130
goto failure;
131
}
132
133
/* Check that it refers to a symlink owned by root:root */
134
struct stat exe_stat;
135
ret = lstat(exe_link, &exe_stat);
136
if(ret == -1){
137
if(errno == ENOENT){
138
free(exe_link);
139
continue;
140
}
141
perror("lstat");
142
free(exe_link);
143
goto failure;
144
}
145
if(not S_ISLNK(exe_stat.st_mode)
146
or exe_stat.st_uid != 0
147
or exe_stat.st_gid != 0){
148
free(exe_link);
149
continue;
150
}
151
152
sret = readlink(exe_link, exe_target, sizeof(exe_target));
153
free(exe_link);
154
}
90
155
if((sret == ((ssize_t)sizeof(exe_target)-1))
91
156
and (memcmp(splashy_name, exe_target,
92
157
sizeof(exe_target)-1) == 0)){
95
160
}
96
161
}
97
162
closedir(proc_dir);
163
proc_dir = NULL;
98
164
}
99
165
if(splashy_pid == 0){
100
free(prompt);
101
return EXIT_FAILURE;
166
goto failure;
102
167
}
103
168
104
169
/* Set up the signal handler */
107
172
new_action = { .sa_handler = termination_handler,
108
173
.sa_flags = 0 };
109
174
sigemptyset(&new_action.sa_mask);
110
sigaddset(&new_action.sa_mask, SIGINT);
111
sigaddset(&new_action.sa_mask, SIGHUP);
112
sigaddset(&new_action.sa_mask, SIGTERM);
175
ret = sigaddset(&new_action.sa_mask, SIGINT);
176
if(ret == -1){
177
perror("sigaddset");
178
goto failure;
179
}
180
ret = sigaddset(&new_action.sa_mask, SIGHUP);
181
if(ret == -1){
182
perror("sigaddset");
183
goto failure;
184
}
185
ret = sigaddset(&new_action.sa_mask, SIGTERM);
186
if(ret == -1){
187
perror("sigaddset");
188
goto failure;
189
}
113
190
ret = sigaction(SIGINT, NULL, &old_action);
114
191
if(ret == -1){
115
192
perror("sigaction");
116
free(prompt);
117
return EXIT_FAILURE;
193
goto failure;
118
194
}
119
if (old_action.sa_handler != SIG_IGN){
195
if(old_action.sa_handler != SIG_IGN){
120
196
ret = sigaction(SIGINT, &new_action, NULL);
121
197
if(ret == -1){
122
198
perror("sigaction");
123
free(prompt);
124
return EXIT_FAILURE;
199
goto failure;
125
200
}
126
201
}
127
202
ret = sigaction(SIGHUP, NULL, &old_action);
128
203
if(ret == -1){
129
204
perror("sigaction");
130
free(prompt);
131
return EXIT_FAILURE;
205
goto failure;
132
206
}
133
if (old_action.sa_handler != SIG_IGN){
207
if(old_action.sa_handler != SIG_IGN){
134
208
ret = sigaction(SIGHUP, &new_action, NULL);
135
209
if(ret == -1){
136
210
perror("sigaction");
137
free(prompt);
138
return EXIT_FAILURE;
211
goto failure;
139
212
}
140
213
}
141
214
ret = sigaction(SIGTERM, NULL, &old_action);
142
215
if(ret == -1){
143
216
perror("sigaction");
144
free(prompt);
145
return EXIT_FAILURE;
217
goto failure;
146
218
}
147
if (old_action.sa_handler != SIG_IGN){
219
if(old_action.sa_handler != SIG_IGN){
148
220
ret = sigaction(SIGTERM, &new_action, NULL);
149
221
if(ret == -1){
150
222
perror("sigaction");
151
free(prompt);
152
return EXIT_FAILURE;
223
goto failure;
153
224
}
154
225
}
155
226
}
156
227
228
if(interrupted_by_signal){
229
goto failure;
230
}
231
157
232
/* Fork off the splashy command to prompt for password */
158
pid_t splashy_command_pid = 0;
159
if(not interrupted_by_signal){
160
splashy_command_pid = fork();
161
if(splashy_command_pid == -1){
162
if(not interrupted_by_signal){
163
perror("fork");
164
}
165
return EXIT_FAILURE;
166
}
167
/* Child */
168
if(splashy_command_pid == 0){
233
splashy_command_pid = fork();
234
if(splashy_command_pid != 0 and interrupted_by_signal){
235
goto failure;
236
}
237
if(splashy_command_pid == -1){
238
perror("fork");
239
goto failure;
240
}
241
/* Child */
242
if(splashy_command_pid == 0){
243
if(not interrupted_by_signal){
169
244
const char splashy_command[] = "/sbin/splashy_update";
170
ret = execl(splashy_command, splashy_command, prompt,
171
(char *)NULL);
172
if(not interrupted_by_signal and errno != ENOENT){
173
/* Don't report "File not found", since splashy might not be
174
installed. */
175
perror("execl");
176
}
177
free(prompt);
178
return EXIT_FAILURE;
245
execl(splashy_command, splashy_command, prompt, (char *)NULL);
246
perror("execl");
179
247
}
248
free(prompt);
249
_exit(EXIT_FAILURE);
180
250
}
181
251
182
252
/* Parent */
183
253
free(prompt);
254
prompt = NULL;
255
256
if(interrupted_by_signal){
257
goto failure;
258
}
184
259
185
260
/* Wait for command to complete */
186
int status;
187
while(not interrupted_by_signal){
188
waitpid(splashy_command_pid, &status, 0);
189
if(not interrupted_by_signal
190
and WIFEXITED(status) and WEXITSTATUS(status)==0){
191
return EXIT_SUCCESS;
192
}
193
}
194
kill(splashy_pid, SIGTERM);
195
if(interrupted_by_signal){
196
kill(splashy_command_pid, SIGTERM);
197
}
198
199
pid_t new_splashy_pid = fork();
200
if(new_splashy_pid == 0){
201
while(kill(splashy_pid, 0)){
202
sleep(2);
203
kill(splashy_pid, SIGKILL);
261
{
262
int status;
263
do {
264
ret = waitpid(splashy_command_pid, &status, 0);
265
} while(ret == -1 and errno == EINTR
266
and not interrupted_by_signal);
267
if(interrupted_by_signal){
268
goto failure;
269
}
270
if(ret == -1){
271
perror("waitpid");
272
if(errno == ECHILD){
273
splashy_command_pid = 0;
274
}
275
} else {
276
/* The child process has exited */
277
splashy_command_pid = 0;
278
if(WIFEXITED(status) and WEXITSTATUS(status) == 0){
279
return EXIT_SUCCESS;
280
}
281
}
282
}
283
284
failure:
285
286
free(prompt);
287
288
if(proc_dir != NULL){
289
TEMP_FAILURE_RETRY(closedir(proc_dir));
290
}
291
292
if(splashy_command_pid != 0){
293
TEMP_FAILURE_RETRY(kill(splashy_command_pid, SIGTERM));
294
295
TEMP_FAILURE_RETRY(kill(splashy_pid, SIGTERM));
296
sleep(2);
297
while(TEMP_FAILURE_RETRY(kill(splashy_pid, 0)) == 0){
298
TEMP_FAILURE_RETRY(kill(splashy_pid, SIGKILL));
204
299
sleep(1);
205
300
}
206
ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace our stdout */
207
if(ret == -1){
208
perror("dup2");
301
pid_t new_splashy_pid = (pid_t)TEMP_FAILURE_RETRY(fork());
302
if(new_splashy_pid == 0){
303
/* Child; will become new splashy process */
304
305
/* Make the effective user ID (root) the only user ID instead of
306
the real user ID (_mandos) */
307
ret = setuid(geteuid());
308
if(ret == -1){
309
perror("setuid");
310
}
311
312
setsid();
313
ret = chdir("/");
314
if(ret == -1){
315
perror("chdir");
316
}
317
/* if(fork() != 0){ */
318
/* _exit(EXIT_SUCCESS); */
319
/* } */
320
ret = dup2(STDERR_FILENO, STDOUT_FILENO); /* replace stdout */
321
if(ret == -1){
322
perror("dup2");
323
_exit(EXIT_FAILURE);
324
}
325
326
execl("/sbin/splashy", "/sbin/splashy", "boot", (char *)NULL);
327
perror("execl");
209
328
_exit(EXIT_FAILURE);
210
329
}
211
execl("/sbin/splashy", "/sbin/splashy", "boot", (char *)NULL);
330
}
331
332
if(interrupted_by_signal){
333
struct sigaction signal_action;
334
sigemptyset(&signal_action.sa_mask);
335
signal_action.sa_handler = SIG_DFL;
336
ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
337
&signal_action, NULL));
338
if(ret == -1){
339
perror("sigaction");
340
}
341
do {
342
ret = raise(signal_received);
343
} while(ret != 0 and errno == EINTR);
344
if(ret != 0){
345
perror("raise");
346
abort();
347
}
348
TEMP_FAILURE_RETRY(pause());
212
349
}
213
350
214
351
return EXIT_FAILURE;
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0