/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugin-runner.c

  • Committer: Teddy Hogeborn
  • Date: 2014-08-06 20:45:04 UTC
  • Revision ID: teddy@recompile.se-20140806204504-lf39wk4ffo9s0ua3
Bug fix for mandos-keygen: Unquote escaped hostname in SSH checker.

%%(host)s is already escaped by re.escape(), and should not be quoted.

* mandos-keygen (password): When printing SSH key fingerprinting
                            checker command of the client config
                            section, do not quote %%(host)s.

Show diffs side-by-side

added added

removed removed

Lines of Context:
349
349
  char *plugindir = NULL;
350
350
  char *argfile = NULL;
351
351
  FILE *conffp;
352
 
  struct dirent **direntries;
 
352
  struct dirent **direntries = NULL;
353
353
  struct stat st;
354
354
  fd_set rfds_all;
355
355
  int ret, maxfd = 0;
829
829
    ret = set_cloexec_flag(dir_fd);
830
830
    if(ret < 0){
831
831
      error(0, errno, "set_cloexec_flag");
832
 
      TEMP_FAILURE_RETRY(close(dir_fd));
833
832
      exitstatus = EX_OSERR;
834
833
      goto fallback;
835
834
    }
875
874
#endif  /* not __GLIBC__ */
876
875
  if(numplugins == -1){
877
876
    error(0, errno, "Could not scan plugin dir");
878
 
    TEMP_FAILURE_RETRY(close(dir_fd));
 
877
    direntries = NULL;
879
878
    exitstatus = EX_OSERR;
880
879
    goto fallback;
881
880
  }
888
887
    int plugin_fd = openat(dir_fd, direntries[i]->d_name, O_RDONLY);
889
888
    if(plugin_fd == -1){
890
889
      error(0, errno, "Could not open plugin");
 
890
      free(direntries[i]);
891
891
      continue;
892
892
    }
893
893
    ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
894
894
    if(ret == -1){
895
895
      error(0, errno, "stat");
896
896
      TEMP_FAILURE_RETRY(close(plugin_fd));
 
897
      free(direntries[i]);
897
898
      continue;
898
899
    }
899
900
    
908
909
                direntries[i]->d_name);
909
910
      }
910
911
      TEMP_FAILURE_RETRY(close(plugin_fd));
 
912
      free(direntries[i]);
911
913
      continue;
912
914
    }
913
915
    
915
917
    if(p == NULL){
916
918
      error(0, errno, "getplugin");
917
919
      TEMP_FAILURE_RETRY(close(plugin_fd));
 
920
      free(direntries[i]);
918
921
      continue;
919
922
    }
920
923
    if(p->disabled){
923
926
                direntries[i]->d_name);
924
927
      }
925
928
      TEMP_FAILURE_RETRY(close(plugin_fd));
 
929
      free(direntries[i]);
926
930
      continue;
927
931
    }
928
932
    {
961
965
    if(ret == -1){
962
966
      error(0, errno, "pipe");
963
967
      exitstatus = EX_OSERR;
 
968
      free(direntries[i]);
964
969
      goto fallback;
965
970
    }
966
971
    if(pipefd[0] >= FD_SETSIZE){
969
974
      TEMP_FAILURE_RETRY(close(pipefd[0]));
970
975
      TEMP_FAILURE_RETRY(close(pipefd[1]));
971
976
      exitstatus = EX_OSERR;
 
977
      free(direntries[i]);
972
978
      goto fallback;
973
979
    }
974
980
#ifndef O_CLOEXEC
979
985
      TEMP_FAILURE_RETRY(close(pipefd[0]));
980
986
      TEMP_FAILURE_RETRY(close(pipefd[1]));
981
987
      exitstatus = EX_OSERR;
 
988
      free(direntries[i]);
982
989
      goto fallback;
983
990
    }
984
991
    ret = set_cloexec_flag(pipefd[1]);
987
994
      TEMP_FAILURE_RETRY(close(pipefd[0]));
988
995
      TEMP_FAILURE_RETRY(close(pipefd[1]));
989
996
      exitstatus = EX_OSERR;
 
997
      free(direntries[i]);
990
998
      goto fallback;
991
999
    }
992
1000
#endif  /* not O_CLOEXEC */
997
1005
    if(ret < 0){
998
1006
      error(0, errno, "sigprocmask");
999
1007
      exitstatus = EX_OSERR;
 
1008
      free(direntries[i]);
1000
1009
      goto fallback;
1001
1010
    }
1002
1011
    /* Starting a new process to be watched */
1011
1020
      TEMP_FAILURE_RETRY(close(pipefd[0]));
1012
1021
      TEMP_FAILURE_RETRY(close(pipefd[1]));
1013
1022
      exitstatus = EX_OSERR;
 
1023
      free(direntries[i]);
1014
1024
      goto fallback;
1015
1025
    }
1016
1026
    if(pid == 0){
1055
1065
        error(0, errno, "sigprocmask");
1056
1066
      }
1057
1067
      exitstatus = EX_OSERR;
 
1068
      free(direntries[i]);
1058
1069
      goto fallback;
1059
1070
    }
 
1071
    free(direntries[i]);
1060
1072
    
1061
1073
    new_plugin->pid = pid;
1062
1074
    new_plugin->fd = pipefd[0];
1092
1104
    }
1093
1105
  }
1094
1106
  
 
1107
  free(direntries);
 
1108
  direntries = NULL;
1095
1109
  TEMP_FAILURE_RETRY(close(dir_fd));
 
1110
  dir_fd = -1;
1096
1111
  free_plugin(getplugin(NULL));
1097
1112
  
1098
1113
  for(plugin *p = plugin_list; p != NULL; p = p->next){
1292
1307
    free(custom_argv);
1293
1308
  }
1294
1309
  
 
1310
  free(direntries);
 
1311
  
1295
1312
  if(dir_fd != -1){
1296
1313
    TEMP_FAILURE_RETRY(close(dir_fd));
1297
1314
  }