To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugin-runner.c
- browse files at revision 78
- compare with another revision
- download diff
- download tarball
- view history from revision 78
- Committer: Teddy Hogeborn
- Date: 2008-08-16 03:29:08 UTC
- Revision ID: teddy@fukt.bsnet.se-20080816032908-ihw7c05r2mnyk389
Add feature to specify custom environment variables for plugins.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
- files added:
- initramfs-tools-hook-conf
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/tests
- debian/upstream
- dracut-module
- network-hooks.d
- plugin-helpers
- files renamed:
- plugins.d/mandos-client.c => plugins.d/password-request.c
- plugins.d/mandos-client.xml => plugins.d/password-request.xml
- files modified:
- Makefile
added
removed
plugin-runner.c
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
1
/* -*- coding: utf-8 -*- */
2
2
/*
3
3
* Mandos plugin runner - Run Mandos plugins
4
4
*
5
* Copyright © 2008-2021 Teddy Hogeborn
6
* Copyright © 2008-2021 Björn Påhlsson
7
*
8
* This file is part of Mandos.
9
*
10
* Mandos is free software: you can redistribute it and/or modify it
11
* under the terms of the GNU General Public License as published by
12
* the Free Software Foundation, either version 3 of the License, or
13
* (at your option) any later version.
14
*
15
* Mandos is distributed in the hope that it will be useful, but
5
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
6
*
7
* This program is free software: you can redistribute it and/or
8
* modify it under the terms of the GNU General Public License as
9
* published by the Free Software Foundation, either version 3 of the
10
* License, or (at your option) any later version.
11
*
12
* This program is distributed in the hope that it will be useful, but
16
13
* WITHOUT ANY WARRANTY; without even the implied warranty of
17
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18
15
* General Public License for more details.
19
16
*
20
17
* You should have received a copy of the GNU General Public License
21
* along with Mandos. If not, see <http://www.gnu.org/licenses/>.
18
* along with this program. If not, see
19
* <http://www.gnu.org/licenses/>.
22
20
*
23
* Contact the authors at <mandos@recompile.se>.
21
* Contact the authors at <mandos@fukt.bsnet.se>.
24
22
*/
25
23
26
#define _GNU_SOURCE /* strchrnul(), TEMP_FAILURE_RETRY(),
27
getline(), asprintf(), O_CLOEXEC,
28
scandirat(), pipe2() */
29
#include <argp.h> /* argp_program_version,
30
argp_program_bug_address,
31
struct argp_option,
32
struct argp_state, argp_error(),
33
ARGP_NO_EXIT, argp_state_help,
34
ARGP_HELP_STD_HELP,
35
ARGP_HELP_USAGE, ARGP_HELP_EXIT_OK,
36
ARGP_KEY_ARG, ARGP_ERR_UNKNOWN,
37
struct argp, argp_parse(),
38
ARGP_IN_ORDER, ARGP_NO_HELP */
39
#include <stdbool.h> /* bool, false, true */
40
#include <sys/types.h> /* pid_t, sig_atomic_t, uid_t, gid_t,
41
getuid(), setgid(), setuid() */
24
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
25
asprintf() */
42
26
#include <stddef.h> /* size_t, NULL */
43
#include <iso646.h> /* or, and, not */
44
#include <string.h> /* strcmp(), strdup(), strchrnul(),
45
strncmp(), strlen(), strcpy(),
46
strsep(), strchr(), strsignal() */
47
#include <stdlib.h> /* malloc(), free(), reallocarray(),
48
realloc(), EXIT_SUCCESS */
49
#include <errno.h> /* errno, EINTR, ENOMEM, ECHILD,
50
error_t, EINVAL, EMFILE, ENFILE,
51
ENOENT, ESRCH */
52
#include <stdint.h> /* SIZE_MAX */
53
#define _GNU_SOURCE /* strchrnul(), TEMP_FAILURE_RETRY(),
54
getline(), asprintf(), O_CLOEXEC,
55
scandirat(), pipe2() */
56
#include <unistd.h> /* TEMP_FAILURE_RETRY(), ssize_t,
57
write(), STDOUT_FILENO, uid_t,
58
gid_t, getuid(), fchown(), close(),
59
symlink(), setgid(), setuid(),
60
faccessat(), X_OK, pipe(), pipe2(),
61
fork(), _exit(), dup2(), fexecve(),
62
read(), getpass() */
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
28
EXIT_SUCCESS, realloc() */
29
#include <stdbool.h> /* bool, true, false */
30
#include <stdio.h> /* perror, popen(), fileno(),
31
fprintf(), stderr, STDOUT_FILENO */
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
33
stat, waitpid(), WIFEXITED(),
34
WEXITSTATUS(), wait(), pid_t,
35
uid_t, gid_t, getuid(), getgid(),
36
dirfd() */
37
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
38
FD_SET(), FD_ISSET(), FD_CLR */
39
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
40
WEXITSTATUS() */
41
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
42
#include <iso646.h> /* and, or, not */
43
#include <dirent.h> /* DIR, struct dirent, opendir(),
44
readdir(), closedir(), dirfd() */
45
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
46
fcntl(), setuid(), setgid(),
47
F_GETFD, F_SETFD, FD_CLOEXEC,
48
access(), pipe(), fork(), close()
49
dup2, STDOUT_FILENO, _exit(),
50
execv(), write(), read(),
51
close() */
63
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
64
FD_CLOEXEC, open(), O_RDONLY,
65
O_CLOEXEC, openat() */
66
#include <sys/wait.h> /* waitpid(), WNOHANG, WIFEXITED(),
67
WEXITSTATUS(), WIFSIGNALED(),
68
WTERMSIG(), wait() */
69
#include <error.h> /* error() */
70
#include <stdio.h> /* FILE, fprintf(), fopen(),
71
getline(), fclose(), EOF,
72
asprintf(), stderr */
73
#include <dirent.h> /* struct dirent, scandirat(),
74
alphasort() */
75
#include <sys/stat.h> /* struct stat, fstat(), S_ISDIR(),
76
lstat(), S_ISREG() */
77
#include <sys/select.h> /* fd_set, FD_ZERO(), FD_SETSIZE,
78
FD_SET(), select(), FD_CLR(),
79
FD_ISSET() */
80
#include <signal.h> /* struct sigaction, SA_NOCLDSTOP,
81
sigemptyset(), sigaddset(),
82
SIGCHLD, sigprocmask(), SIG_BLOCK,
83
SIG_UNBLOCK, kill(), SIGTERM */
84
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
85
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
86
#include <inttypes.h> /* intmax_t, strtoimax(), PRIdMAX */
87
#include <fnmatch.h> /* fnmatch(), FNM_FILE_NAME,
88
FNM_PERIOD, FNM_NOMATCH */
53
FD_CLOEXEC */
54
#include <string.h> /* strsep, strlen(), asprintf() */
55
#include <errno.h> /* errno */
56
#include <argp.h> /* struct argp_option, struct
57
argp_state, struct argp,
58
argp_parse(), ARGP_ERR_UNKNOWN,
59
ARGP_KEY_END, ARGP_KEY_ARG, error_t */
60
#include <signal.h> /* struct sigaction, sigemptyset(),
61
sigaddset(), sigaction(),
62
sigprocmask(), SIG_BLOCK, SIGCHLD,
63
SIG_UNBLOCK, kill() */
64
#include <errno.h> /* errno, EBADF */
89
65
90
66
#define BUFFER_SIZE 256
91
92
#define PDIR "/lib/mandos/plugins.d"
93
#define PHDIR "/lib/mandos/plugin-helpers"
94
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
95
96
const char *argp_program_version = "plugin-runner " VERSION;
97
const char *argp_program_bug_address = "<mandos@recompile.se>";
67
#define ARGFILE "/conf/conf.d/mandos/plugin-runner.conf"
68
69
const char *argp_program_version = "plugin-runner 1.0";
70
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
71
72
struct process;
73
74
typedef struct process{
75
pid_t pid;
76
int fd;
77
char *buffer;
78
size_t buffer_size;
79
size_t buffer_length;
80
bool eof;
81
bool completed;
82
int status;
83
struct process *next;
84
} process;
98
85
99
86
typedef struct plugin{
100
87
char *name; /* can be NULL or any plugin name */
103
90
char **environ;
104
91
int envc;
105
92
bool disabled;
106
107
/* Variables used for running processes*/
108
pid_t pid;
109
int fd;
110
char *buffer;
111
size_t buffer_size;
112
size_t buffer_length;
113
bool eof;
114
volatile sig_atomic_t completed;
115
int status;
116
93
struct plugin *next;
117
94
} plugin;
118
95
119
static plugin *plugin_list = NULL;
120
121
/* Gets an existing plugin based on name,
122
or if none is found, creates a new one */
123
__attribute__((warn_unused_result))
124
static plugin *getplugin(char *name){
125
/* Check for existing plugin with that name */
126
for(plugin *p = plugin_list; p != NULL; p = p->next){
127
if((p->name == name)
128
or (p->name and name and (strcmp(p->name, name) == 0))){
96
static plugin *getplugin(char *name, plugin **plugin_list){
97
for (plugin *p = *plugin_list; p != NULL; p = p->next){
98
if ((p->name == name)
99
or (p->name and name and (strcmp(p->name, name) == 0))){
129
100
return p;
130
101
}
131
102
}
132
103
/* Create a new plugin */
133
plugin *new_plugin = NULL;
134
do {
135
new_plugin = malloc(sizeof(plugin));
136
} while(new_plugin == NULL and errno == EINTR);
137
if(new_plugin == NULL){
104
plugin *new_plugin = malloc(sizeof(plugin));
105
if (new_plugin == NULL){
138
106
return NULL;
139
107
}
140
char *copy_name = NULL;
141
if(name != NULL){
142
do {
143
copy_name = strdup(name);
144
} while(copy_name == NULL and errno == EINTR);
145
if(copy_name == NULL){
146
int e = errno;
147
free(new_plugin);
148
errno = e;
149
return NULL;
150
}
151
}
152
153
*new_plugin = (plugin){ .name = copy_name,
154
.argc = 1,
155
.disabled = false,
156
.next = plugin_list };
157
158
do {
159
new_plugin->argv = malloc(sizeof(char *) * 2);
160
} while(new_plugin->argv == NULL and errno == EINTR);
161
if(new_plugin->argv == NULL){
162
int e = errno;
163
free(copy_name);
108
*new_plugin = (plugin) { .name = name,
109
.argc = 1,
110
.envc = 0,
111
.disabled = false,
112
.next = *plugin_list };
113
114
new_plugin->argv = malloc(sizeof(char *) * 2);
115
if (new_plugin->argv == NULL){
164
116
free(new_plugin);
165
errno = e;
166
117
return NULL;
167
118
}
168
new_plugin->argv[0] = copy_name;
119
new_plugin->argv[0] = name;
169
120
new_plugin->argv[1] = NULL;
170
171
do {
172
new_plugin->environ = malloc(sizeof(char *));
173
} while(new_plugin->environ == NULL and errno == EINTR);
121
122
new_plugin->environ = malloc(sizeof(char *));
174
123
if(new_plugin->environ == NULL){
175
int e = errno;
176
free(copy_name);
177
124
free(new_plugin->argv);
178
125
free(new_plugin);
179
errno = e;
180
126
return NULL;
181
127
}
182
128
new_plugin->environ[0] = NULL;
183
184
129
/* Append the new plugin to the list */
185
plugin_list = new_plugin;
130
*plugin_list = new_plugin;
186
131
return new_plugin;
187
132
}
188
133
189
134
/* Helper function for add_argument and add_environment */
190
__attribute__((nonnull, warn_unused_result))
191
135
static bool add_to_char_array(const char *new, char ***array,
192
136
int *len){
193
137
/* Resize the pointed-to array to hold one more pointer */
194
char **new_array = NULL;
195
do {
196
#if defined(__GLIBC_PREREQ) and __GLIBC_PREREQ(2, 26)
197
new_array = reallocarray(*array, (size_t)((*len) + 2),
198
sizeof(char *));
199
#else
200
if(((size_t)((*len) + 2)) > (SIZE_MAX / sizeof(char *))){
201
/* overflow */
202
new_array = NULL;
203
errno = ENOMEM;
204
} else {
205
new_array = realloc(*array, (size_t)((*len) + 2)
206
* sizeof(char *));
207
}
208
#endif
209
} while(new_array == NULL and errno == EINTR);
138
*array = realloc(*array, sizeof(char *)
139
* (size_t) ((*len) + 2));
210
140
/* Malloc check */
211
if(new_array == NULL){
141
if(*array == NULL){
212
142
return false;
213
143
}
214
*array = new_array;
215
144
/* Make a copy of the new string */
216
char *copy;
217
do {
218
copy = strdup(new);
219
} while(copy == NULL and errno == EINTR);
145
char *copy = strdup(new);
220
146
if(copy == NULL){
221
147
return false;
222
148
}
229
155
}
230
156
231
157
/* Add to a plugin's argument vector */
232
__attribute__((nonnull(2), warn_unused_result))
233
158
static bool add_argument(plugin *p, const char *arg){
234
159
if(p == NULL){
235
160
return false;
238
163
}
239
164
240
165
/* Add to a plugin's environment */
241
__attribute__((nonnull(2), warn_unused_result))
242
static bool add_environment(plugin *p, const char *def, bool replace){
166
static bool add_environment(plugin *p, const char *def){
243
167
if(p == NULL){
244
168
return false;
245
169
}
246
/* namelen = length of name of environment variable */
247
size_t namelen = (size_t)(strchrnul(def, '=') - def);
248
/* Search for this environment variable */
249
for(char **envdef = p->environ; *envdef != NULL; envdef++){
250
if(strncmp(*envdef, def, namelen + 1) == 0){
251
/* It already exists */
252
if(replace){
253
char *new_envdef;
254
do {
255
new_envdef = realloc(*envdef, strlen(def) + 1);
256
} while(new_envdef == NULL and errno == EINTR);
257
if(new_envdef == NULL){
258
return false;
259
}
260
*envdef = new_envdef;
261
strcpy(*envdef, def);
262
}
263
return true;
264
}
265
}
266
170
return add_to_char_array(def, &(p->environ), &(p->envc));
267
171
}
268
172
269
#ifndef O_CLOEXEC
173
270
174
/*
271
175
* Based on the example in the GNU LibC manual chapter 13.13 "File
272
176
* Descriptor Flags".
273
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
177
* *Note File Descriptor Flags:(libc)Descriptor Flags.
274
178
*/
275
__attribute__((warn_unused_result))
276
static int set_cloexec_flag(int fd){
277
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
179
static int set_cloexec_flag(int fd)
180
{
181
int ret = fcntl(fd, F_GETFD, 0);
278
182
/* If reading the flags failed, return error indication now. */
279
183
if(ret < 0){
280
184
return ret;
281
185
}
282
186
/* Store modified flag word in the descriptor. */
283
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
284
ret | FD_CLOEXEC));
187
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
285
188
}
286
#endif /* not O_CLOEXEC */
287
288
289
/* Mark processes as completed when they exit, and save their exit
189
190
process *process_list = NULL;
191
192
/* Mark a process as completed when it exits, and save its exit
290
193
status. */
291
static void handle_sigchld(__attribute__((unused)) int sig){
292
int old_errno = errno;
293
while(true){
294
plugin *proc = plugin_list;
295
int status;
296
pid_t pid = waitpid(-1, &status, WNOHANG);
297
if(pid == 0){
298
/* Only still running child processes */
299
break;
300
}
301
if(pid == -1){
302
if(errno == ECHILD){
303
/* No child processes */
304
break;
305
}
306
error(0, errno, "waitpid");
307
}
308
309
/* A child exited, find it in process_list */
310
while(proc != NULL and proc->pid != pid){
311
proc = proc->next;
312
}
313
if(proc == NULL){
314
/* Process not found in process list */
315
continue;
316
}
317
proc->status = status;
318
proc->completed = 1;
319
}
320
errno = old_errno;
194
void handle_sigchld(__attribute__((unused)) int sig){
195
process *proc = process_list;
196
int status;
197
pid_t pid = wait(&status);
198
if(pid == -1){
199
perror("wait");
200
return;
201
}
202
while(proc != NULL and proc->pid != pid){
203
proc = proc->next;
204
}
205
if(proc == NULL){
206
/* Process not found in process list */
207
return;
208
}
209
proc->status = status;
210
proc->completed = true;
321
211
}
322
212
323
/* Prints out a password to stdout */
324
__attribute__((nonnull, warn_unused_result))
325
static bool print_out_password(const char *buffer, size_t length){
213
bool print_out_password(const char *buffer, size_t length){
326
214
ssize_t ret;
215
if(length>0 and buffer[length-1] == '\n'){
216
length--;
217
}
327
218
for(size_t written = 0; written < length; written += (size_t)ret){
328
219
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
329
220
length - written));
334
225
return true;
335
226
}
336
227
337
/* Removes and free a plugin from the plugin list */
338
__attribute__((nonnull))
339
static void free_plugin(plugin *plugin_node){
340
341
for(char **arg = (plugin_node->argv)+1; *arg != NULL; arg++){
342
free(*arg);
343
}
344
free(plugin_node->name);
345
free(plugin_node->argv);
346
for(char **env = plugin_node->environ; *env != NULL; env++){
347
free(*env);
348
}
349
free(plugin_node->environ);
350
free(plugin_node->buffer);
351
352
/* Removes the plugin from the singly-linked list */
353
if(plugin_node == plugin_list){
354
/* First one - simple */
355
plugin_list = plugin_list->next;
356
} else {
357
/* Second one or later */
358
for(plugin *p = plugin_list; p != NULL; p = p->next){
359
if(p->next == plugin_node){
360
p->next = plugin_node->next;
361
break;
362
}
228
char **add_to_argv(char **argv, int *argc, char *arg){
229
if (argv == NULL){
230
*argc = 1;
231
argv = malloc(sizeof(char*) * 2);
232
if(argv == NULL){
233
return NULL;
363
234
}
364
}
365
366
free(plugin_node);
367
}
368
369
static void free_plugin_list(void){
370
while(plugin_list != NULL){
371
free_plugin(plugin_list);
372
}
235
argv[0] = NULL; /* Will be set to argv[0] in main before parsing */
236
argv[1] = NULL;
237
}
238
*argc += 1;
239
argv = realloc(argv, sizeof(char *)
240
* ((unsigned int) *argc + 1));
241
if(argv == NULL){
242
return NULL;
243
}
244
argv[*argc-1] = arg;
245
argv[*argc] = NULL;
246
return argv;
373
247
}
374
248
375
249
int main(int argc, char *argv[]){
376
char *plugindir = NULL;
377
char *pluginhelperdir = NULL;
378
char *argfile = NULL;
250
const char *plugindir = "/lib/mandos/plugins.d";
251
const char *argfile = ARGFILE;
379
252
FILE *conffp;
380
struct dirent **direntries = NULL;
253
size_t d_name_len;
254
DIR *dir = NULL;
255
struct dirent *dirst;
381
256
struct stat st;
382
257
fd_set rfds_all;
383
258
int ret, maxfd = 0;
384
ssize_t sret;
385
259
uid_t uid = 65534;
386
260
gid_t gid = 65534;
387
261
bool debug = false;
391
265
.sa_flags = SA_NOCLDSTOP };
392
266
char **custom_argv = NULL;
393
267
int custom_argc = 0;
394
int dir_fd = -1;
395
268
396
269
/* Establish a signal handler */
397
270
sigemptyset(&sigchld_action.sa_mask);
398
271
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
399
if(ret == -1){
400
error(0, errno, "sigaddset");
401
exitstatus = EX_OSERR;
402
goto fallback;
272
if(ret < 0){
273
perror("sigaddset");
274
exit(EXIT_FAILURE);
403
275
}
404
276
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
405
if(ret == -1){
406
error(0, errno, "sigaction");
407
exitstatus = EX_OSERR;
408
goto fallback;
277
if(ret < 0){
278
perror("sigaction");
279
exit(EXIT_FAILURE);
409
280
}
410
281
411
282
/* The options we understand. */
413
284
{ .name = "global-options", .key = 'g',
414
285
.arg = "OPTION[,OPTION[,...]]",
415
286
.doc = "Options passed to all plugins" },
416
{ .name = "global-env", .key = 'G',
287
{ .name = "global-envs", .key = 'e',
417
288
.arg = "VAR=value",
418
289
.doc = "Environment variable passed to all plugins" },
419
290
{ .name = "options-for", .key = 'o',
420
291
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
421
292
.doc = "Options passed only to specified plugin" },
422
{ .name = "env-for", .key = 'E',
293
{ .name = "envs-for", .key = 'f',
423
294
.arg = "PLUGIN:ENV=value",
424
295
.doc = "Environment variable passed to specified plugin" },
425
296
{ .name = "disable", .key = 'd',
426
297
.arg = "PLUGIN",
427
298
.doc = "Disable a specific plugin", .group = 1 },
428
{ .name = "enable", .key = 'e',
429
.arg = "PLUGIN",
430
.doc = "Enable a specific plugin", .group = 1 },
431
299
{ .name = "plugin-dir", .key = 128,
432
300
.arg = "DIRECTORY",
433
301
.doc = "Specify a different plugin directory", .group = 2 },
434
{ .name = "config-file", .key = 129,
435
.arg = "FILE",
436
.doc = "Specify a different configuration file", .group = 2 },
437
{ .name = "userid", .key = 130,
438
.arg = "ID", .flags = 0,
439
.doc = "User ID the plugins will run as", .group = 3 },
440
{ .name = "groupid", .key = 131,
441
.arg = "ID", .flags = 0,
442
.doc = "Group ID the plugins will run as", .group = 3 },
443
{ .name = "debug", .key = 132,
444
.doc = "Debug mode", .group = 4 },
445
{ .name = "plugin-helper-dir", .key = 133,
446
.arg = "DIRECTORY",
447
.doc = "Specify a different plugin helper directory",
448
.group = 2 },
449
/*
450
* These reproduce what we would get without ARGP_NO_HELP
451
*/
452
{ .name = "help", .key = '?',
453
.doc = "Give this help list", .group = -1 },
454
{ .name = "usage", .key = -3,
455
.doc = "Give a short usage message", .group = -1 },
456
{ .name = "version", .key = 'V',
457
.doc = "Print program version", .group = -1 },
302
{ .name = "userid", .key = 129,
303
.arg = "ID", .flags = 0,
304
.doc = "User ID the plugins will run as", .group = 2 },
305
{ .name = "groupid", .key = 130,
306
.arg = "ID", .flags = 0,
307
.doc = "Group ID the plugins will run as", .group = 2 },
308
{ .name = "debug", .key = 131,
309
.doc = "Debug mode", .group = 3 },
458
310
{ .name = NULL }
459
311
};
460
312
461
__attribute__((nonnull(3)))
462
error_t parse_opt(int key, char *arg, struct argp_state *state){
463
errno = 0;
464
switch(key){
465
char *tmp;
466
intmax_t tmp_id;
467
case 'g': /* --global-options */
468
{
469
char *plugin_option;
470
while((plugin_option = strsep(&arg, ",")) != NULL){
471
if(not add_argument(getplugin(NULL), plugin_option)){
472
break;
473
}
474
}
475
errno = 0;
476
}
477
break;
478
case 'G': /* --global-env */
479
if(add_environment(getplugin(NULL), arg, true)){
480
errno = 0;
481
}
482
break;
483
case 'o': /* --options-for */
484
{
485
char *option_list = strchr(arg, ':');
486
if(option_list == NULL){
487
argp_error(state, "No colon in \"%s\"", arg);
488
errno = EINVAL;
489
break;
490
}
491
*option_list = '\0';
492
option_list++;
493
if(arg[0] == '\0'){
494
argp_error(state, "Empty plugin name");
495
errno = EINVAL;
496
break;
497
}
498
char *option;
499
while((option = strsep(&option_list, ",")) != NULL){
500
if(not add_argument(getplugin(arg), option)){
501
break;
502
}
503
}
504
errno = 0;
505
}
506
break;
507
case 'E': /* --env-for */
313
error_t parse_opt (int key, char *arg, struct argp_state *state) {
314
/* Get the INPUT argument from `argp_parse', which we know is a
315
pointer to our plugin list pointer. */
316
plugin **plugins = state->input;
317
switch (key) {
318
case 'g':
319
if (arg != NULL){
320
char *p;
321
while((p = strsep(&arg, ",")) != NULL){
322
if(p[0] == '\0'){
323
continue;
324
}
325
if(not add_argument(getplugin(NULL, plugins), p)){
326
perror("add_argument");
327
return ARGP_ERR_UNKNOWN;
328
}
329
}
330
}
331
break;
332
case 'e':
333
if(arg == NULL){
334
break;
335
}
336
{
337
char *envdef = strdup(arg);
338
if(envdef == NULL){
339
break;
340
}
341
if(not add_environment(getplugin(NULL, plugins), envdef)){
342
perror("add_environment");
343
}
344
}
345
break;
346
case 'o':
347
if (arg != NULL){
348
char *p_name = strsep(&arg, ":");
349
if(p_name[0] == '\0'){
350
break;
351
}
352
char *opt = strsep(&arg, ":");
353
if(opt[0] == '\0'){
354
break;
355
}
356
if(opt != NULL){
357
char *p;
358
while((p = strsep(&opt, ",")) != NULL){
359
if(p[0] == '\0'){
360
continue;
361
}
362
if(not add_argument(getplugin(p_name, plugins), p)){
363
perror("add_argument");
364
return ARGP_ERR_UNKNOWN;
365
}
366
}
367
}
368
}
369
break;
370
case 'f':
371
if(arg == NULL){
372
break;
373
}
508
374
{
509
375
char *envdef = strchr(arg, ':');
510
376
if(envdef == NULL){
511
argp_error(state, "No colon in \"%s\"", arg);
512
errno = EINVAL;
513
break;
514
}
515
*envdef = '\0';
377
break;
378
}
379
char *p_name = strndup(arg, (size_t) (envdef-arg));
380
if(p_name == NULL){
381
break;
382
}
516
383
envdef++;
517
if(arg[0] == '\0'){
518
argp_error(state, "Empty plugin name");
519
errno = EINVAL;
520
break;
521
}
522
if(add_environment(getplugin(arg), envdef, true)){
523
errno = 0;
524
}
525
}
526
break;
527
case 'd': /* --disable */
528
{
529
plugin *p = getplugin(arg);
530
if(p != NULL){
531
p->disabled = true;
532
errno = 0;
533
}
534
}
535
break;
536
case 'e': /* --enable */
537
{
538
plugin *p = getplugin(arg);
539
if(p != NULL){
540
p->disabled = false;
541
errno = 0;
542
}
543
}
544
break;
545
case 128: /* --plugin-dir */
546
free(plugindir);
547
plugindir = strdup(arg);
548
if(plugindir != NULL){
549
errno = 0;
550
}
551
break;
552
case 129: /* --config-file */
553
/* This is already done by parse_opt_config_file() */
554
break;
555
case 130: /* --userid */
556
tmp_id = strtoimax(arg, &tmp, 10);
557
if(errno != 0 or tmp == arg or *tmp != '\0'
558
or tmp_id != (uid_t)tmp_id){
559
argp_error(state, "Bad user ID number: \"%s\", using %"
560
PRIdMAX, arg, (intmax_t)uid);
561
break;
562
}
563
uid = (uid_t)tmp_id;
564
errno = 0;
565
break;
566
case 131: /* --groupid */
567
tmp_id = strtoimax(arg, &tmp, 10);
568
if(errno != 0 or tmp == arg or *tmp != '\0'
569
or tmp_id != (gid_t)tmp_id){
570
argp_error(state, "Bad group ID number: \"%s\", using %"
571
PRIdMAX, arg, (intmax_t)gid);
572
break;
573
}
574
gid = (gid_t)tmp_id;
575
errno = 0;
576
break;
577
case 132: /* --debug */
384
if(not add_environment(getplugin(p_name, plugins), envdef)){
385
perror("add_environment");
386
}
387
}
388
break;
389
case 'd':
390
if (arg != NULL){
391
plugin *p = getplugin(arg, plugins);
392
if(p == NULL){
393
return ARGP_ERR_UNKNOWN;
394
}
395
p->disabled = true;
396
}
397
break;
398
case 128:
399
plugindir = arg;
400
break;
401
case 129:
402
uid = (uid_t)strtol(arg, NULL, 10);
403
break;
404
case 130:
405
gid = (gid_t)strtol(arg, NULL, 10);
406
break;
407
case 131:
578
408
debug = true;
579
409
break;
580
case 133: /* --plugin-helper-dir */
581
free(pluginhelperdir);
582
pluginhelperdir = strdup(arg);
583
if(pluginhelperdir != NULL){
584
errno = 0;
585
}
586
break;
587
/*
588
* These reproduce what we would get without ARGP_NO_HELP
589
*/
590
case '?': /* --help */
591
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
592
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
593
__builtin_unreachable();
594
case -3: /* --usage */
595
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
596
argp_state_help(state, state->out_stream,
597
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
598
__builtin_unreachable();
599
case 'V': /* --version */
600
fprintf(state->out_stream, "%s\n", argp_program_version);
601
exit(EXIT_SUCCESS);
602
break;
603
/*
604
* When adding more options before this line, remember to also add a
605
* "case" to the "parse_opt_config_file" function below.
606
*/
607
case ARGP_KEY_ARG:
608
/* Cryptsetup always passes an argument, which is an empty
609
string if "none" was specified in /etc/crypttab. So if
610
argument was empty, we ignore it silently. */
611
if(arg[0] == '\0'){
612
break;
613
}
614
#if __GNUC__ >= 7
615
__attribute__((fallthrough));
616
#else
617
/* FALLTHROUGH */
618
#endif
619
default:
620
return ARGP_ERR_UNKNOWN;
621
}
622
return errno; /* Set to 0 at start */
623
}
624
625
/* This option parser is the same as parse_opt() above, except it
626
ignores everything but the --config-file option. */
627
error_t parse_opt_config_file(int key, char *arg,
628
__attribute__((unused))
629
struct argp_state *state){
630
errno = 0;
631
switch(key){
632
case 'g': /* --global-options */
633
case 'G': /* --global-env */
634
case 'o': /* --options-for */
635
case 'E': /* --env-for */
636
case 'd': /* --disable */
637
case 'e': /* --enable */
638
case 128: /* --plugin-dir */
639
break;
640
case 129: /* --config-file */
641
free(argfile);
642
argfile = strdup(arg);
643
if(argfile != NULL){
644
errno = 0;
645
}
646
break;
647
case 130: /* --userid */
648
case 131: /* --groupid */
649
case 132: /* --debug */
650
case 133: /* --plugin-helper-dir */
651
case '?': /* --help */
652
case -3: /* --usage */
653
case 'V': /* --version */
654
case ARGP_KEY_ARG:
655
break;
656
default:
657
return ARGP_ERR_UNKNOWN;
658
}
659
return errno;
660
}
661
662
struct argp argp = { .options = options,
663
.parser = parse_opt_config_file,
664
.args_doc = "",
410
case ARGP_KEY_ARG:
411
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
412
break;
413
case ARGP_KEY_END:
414
break;
415
default:
416
return ARGP_ERR_UNKNOWN;
417
}
418
return 0;
419
}
420
421
plugin *plugin_list = NULL;
422
423
struct argp argp = { .options = options, .parser = parse_opt,
424
.args_doc = "[+PLUS_SEPARATED_OPTIONS]",
665
425
.doc = "Mandos plugin runner -- Run plugins" };
666
426
667
/* Parse using parse_opt_config_file() in order to get the custom
668
config file location, if any. */
669
ret = argp_parse(&argp, argc, argv,
670
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
671
NULL, NULL);
672
switch(ret){
673
case 0:
674
break;
675
case ENOMEM:
676
default:
677
errno = ret;
678
error(0, errno, "argp_parse");
679
exitstatus = EX_OSERR;
680
goto fallback;
681
case EINVAL:
682
exitstatus = EX_USAGE;
683
goto fallback;
684
}
685
686
/* Reset to the normal argument parser */
687
argp.parser = parse_opt;
688
689
/* Open the configfile if available */
690
if(argfile == NULL){
691
conffp = fopen(AFILE, "r");
692
} else {
693
conffp = fopen(argfile, "r");
694
}
427
ret = argp_parse (&argp, argc, argv, 0, 0, &plugin_list);
428
if (ret == ARGP_ERR_UNKNOWN){
429
fprintf(stderr, "Unknown error while parsing arguments\n");
430
exitstatus = EXIT_FAILURE;
431
goto end;
432
}
433
434
conffp = fopen(argfile, "r");
695
435
if(conffp != NULL){
696
436
char *org_line = NULL;
437
size_t size = 0;
438
ssize_t sret;
697
439
char *p, *arg, *new_arg, *line;
698
size_t size = 0;
699
440
const char whitespace_delims[] = " \r\t\f\v\n";
700
441
const char comment_delim[] = "#";
701
702
custom_argc = 1;
703
custom_argv = malloc(sizeof(char*) * 2);
704
if(custom_argv == NULL){
705
error(0, errno, "malloc");
706
exitstatus = EX_OSERR;
707
goto fallback;
708
}
709
custom_argv[0] = argv[0];
710
custom_argv[1] = NULL;
711
712
/* for each line in the config file, strip whitespace and ignore
713
commented text */
442
714
443
while(true){
715
444
sret = getline(&org_line, &size, conffp);
716
445
if(sret == -1){
717
446
break;
718
447
}
719
448
720
449
line = org_line;
721
450
arg = strsep(&line, comment_delim);
722
451
while((p = strsep(&arg, whitespace_delims)) != NULL){
724
453
continue;
725
454
}
726
455
new_arg = strdup(p);
727
if(new_arg == NULL){
728
error(0, errno, "strdup");
729
exitstatus = EX_OSERR;
730
free(org_line);
731
goto fallback;
732
}
733
734
custom_argc += 1;
735
{
736
#if defined(__GLIBC_PREREQ) and __GLIBC_PREREQ(2, 26)
737
char **new_argv = reallocarray(custom_argv, (size_t)custom_argc + 1,
738
sizeof(char *));
739
#else
740
char **new_argv = NULL;
741
if(((size_t)custom_argc + 1) > (SIZE_MAX / sizeof(char *))){
742
/* overflow */
743
errno = ENOMEM;
744
} else {
745
new_argv = realloc(custom_argv, ((size_t)custom_argc + 1)
746
* sizeof(char *));
747
}
748
#endif
749
if(new_argv == NULL){
750
error(0, errno, "reallocarray");
751
exitstatus = EX_OSERR;
752
free(new_arg);
753
free(org_line);
754
goto fallback;
755
} else {
756
custom_argv = new_argv;
757
}
758
}
759
custom_argv[custom_argc-1] = new_arg;
760
custom_argv[custom_argc] = NULL;
456
custom_argv = add_to_argv(custom_argv, &custom_argc, new_arg);
457
if (custom_argv == NULL){
458
perror("add_to_argv");
459
exitstatus = EXIT_FAILURE;
460
goto end;
461
}
761
462
}
762
463
}
763
do {
764
ret = fclose(conffp);
765
} while(ret == EOF and errno == EINTR);
766
if(ret == EOF){
767
error(0, errno, "fclose");
768
exitstatus = EX_IOERR;
769
goto fallback;
770
}
771
464
free(org_line);
772
} else {
465
} else{
773
466
/* Check for harmful errors and go to fallback. Other errors might
774
467
not affect opening plugins */
775
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
776
error(0, errno, "fopen");
777
exitstatus = EX_OSERR;
778
goto fallback;
468
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
469
perror("fopen");
470
exitstatus = EXIT_FAILURE;
471
goto end;
779
472
}
780
473
}
781
/* If there were any arguments from the configuration file, pass
782
them to parser as command line arguments */
474
783
475
if(custom_argv != NULL){
784
ret = argp_parse(&argp, custom_argc, custom_argv,
785
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
786
NULL, NULL);
787
switch(ret){
788
case 0:
789
break;
790
case ENOMEM:
791
default:
792
errno = ret;
793
error(0, errno, "argp_parse");
794
exitstatus = EX_OSERR;
795
goto fallback;
796
case EINVAL:
797
exitstatus = EX_CONFIG;
798
goto fallback;
799
}
800
}
801
802
/* Parse actual command line arguments, to let them override the
803
config file */
804
ret = argp_parse(&argp, argc, argv,
805
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
806
NULL, NULL);
807
switch(ret){
808
case 0:
809
break;
810
case ENOMEM:
811
default:
812
errno = ret;
813
error(0, errno, "argp_parse");
814
exitstatus = EX_OSERR;
815
goto fallback;
816
case EINVAL:
817
exitstatus = EX_USAGE;
818
goto fallback;
819
}
820
821
{
822
char *pluginhelperenv;
823
bool bret = true;
824
ret = asprintf(&pluginhelperenv, "MANDOSPLUGINHELPERDIR=%s",
825
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
826
if(ret != -1){
827
bret = add_environment(getplugin(NULL), pluginhelperenv, true);
828
}
829
if(ret == -1 or not bret){
830
error(0, errno, "Failed to set MANDOSPLUGINHELPERDIR"
831
" environment variable to \"%s\" for all plugins\n",
832
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
833
}
834
if(ret != -1){
835
free(pluginhelperenv);
476
custom_argv[0] = argv[0];
477
ret = argp_parse (&argp, custom_argc, custom_argv, 0, 0, &plugin_list);
478
if (ret == ARGP_ERR_UNKNOWN){
479
fprintf(stderr, "Unknown error while parsing arguments\n");
480
exitstatus = EXIT_FAILURE;
481
goto end;
836
482
}
837
483
}
838
484
839
485
if(debug){
840
for(plugin *p = plugin_list; p != NULL; p = p->next){
486
for(plugin *p = plugin_list; p != NULL; p=p->next){
841
487
fprintf(stderr, "Plugin: %s has %d arguments\n",
842
488
p->name ? p->name : "Global", p->argc - 1);
843
489
for(char **a = p->argv; *a != NULL; a++){
844
490
fprintf(stderr, "\tArg: %s\n", *a);
845
491
}
846
fprintf(stderr, "...and %d environment variables\n", p->envc);
492
fprintf(stderr, "...and %u environment variables\n", p->envc);
847
493
for(char **a = p->environ; *a != NULL; a++){
848
494
fprintf(stderr, "\t%s\n", *a);
849
495
}
850
496
}
851
497
}
852
498
853
if(getuid() == 0){
854
/* Work around Debian bug #633582:
855
<https://bugs.debian.org/633582> */
856
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
857
if(plugindir_fd == -1){
858
if(errno != ENOENT){
859
error(0, errno, "open(\"" PDIR "\")");
860
}
861
} else {
862
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
863
if(ret == -1){
864
error(0, errno, "fstat");
865
} else {
866
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
867
ret = fchown(plugindir_fd, uid, gid);
868
if(ret == -1){
869
error(0, errno, "fchown");
870
}
871
}
872
}
873
close(plugindir_fd);
874
}
875
876
/* Work around Debian bug #981302
877
<https://bugs.debian.org/981302> */
878
if(lstat("/dev/fd", &st) != 0 and errno == ENOENT){
879
ret = symlink("/proc/self/fd", "/dev/fd");
880
if(ret == -1){
881
error(0, errno, "Failed to create /dev/fd symlink");
882
}
883
}
884
}
885
886
/* Lower permissions */
887
ret = setgid(gid);
888
if(ret == -1){
889
error(0, errno, "setgid");
890
}
891
499
ret = setuid(uid);
892
if(ret == -1){
893
error(0, errno, "setuid");
894
}
895
896
/* Open plugin directory with close_on_exec flag */
500
if (ret == -1){
501
perror("setuid");
502
}
503
504
setgid(gid);
505
if (ret == -1){
506
perror("setgid");
507
}
508
509
dir = opendir(plugindir);
510
if(dir == NULL){
511
perror("Could not open plugin dir");
512
exitstatus = EXIT_FAILURE;
513
goto end;
514
}
515
516
/* Set the FD_CLOEXEC flag on the directory, if possible */
897
517
{
898
dir_fd = open(plugindir != NULL ? plugindir : PDIR, O_RDONLY |
899
#ifdef O_CLOEXEC
900
O_CLOEXEC
901
#else /* not O_CLOEXEC */
902
0
903
#endif /* not O_CLOEXEC */
904
);
905
if(dir_fd == -1){
906
error(0, errno, "Could not open plugin dir");
907
exitstatus = EX_UNAVAILABLE;
908
goto fallback;
909
}
910
911
#ifndef O_CLOEXEC
912
/* Set the FD_CLOEXEC flag on the directory */
913
ret = set_cloexec_flag(dir_fd);
914
if(ret < 0){
915
error(0, errno, "set_cloexec_flag");
916
exitstatus = EX_OSERR;
917
goto fallback;
918
}
919
#endif /* O_CLOEXEC */
920
}
921
922
int good_name(const struct dirent * const dirent){
923
const char * const patterns[] = { ".*", "#*#", "*~", "*.dpkg-new",
924
"*.dpkg-old", "*.dpkg-bak",
925
"*.dpkg-divert", NULL };
926
#ifdef __GNUC__
927
#pragma GCC diagnostic push
928
#pragma GCC diagnostic ignored "-Wcast-qual"
929
#endif
930
for(const char **pat = (const char **)patterns;
931
*pat != NULL; pat++){
932
#ifdef __GNUC__
933
#pragma GCC diagnostic pop
934
#endif
935
if(fnmatch(*pat, dirent->d_name, FNM_FILE_NAME | FNM_PERIOD)
936
!= FNM_NOMATCH){
937
if(debug){
938
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
939
" matching pattern %s\n", dirent->d_name, *pat);
940
}
941
return 0;
518
int dir_fd = dirfd(dir);
519
if(dir_fd >= 0){
520
ret = set_cloexec_flag(dir_fd);
521
if(ret < 0){
522
perror("set_cloexec_flag");
523
exitstatus = EXIT_FAILURE;
524
goto end;
942
525
}
943
526
}
944
return 1;
945
}
946
947
int numplugins = scandirat(dir_fd, ".", &direntries, good_name,
948
alphasort);
949
if(numplugins == -1){
950
error(0, errno, "Could not scan plugin dir");
951
direntries = NULL;
952
exitstatus = EX_OSERR;
953
goto fallback;
954
527
}
955
528
956
529
FD_ZERO(&rfds_all);
957
530
958
/* Read and execute any executable in the plugin directory*/
959
for(int i = 0; i < numplugins; i++){
960
961
int plugin_fd = openat(dir_fd, direntries[i]->d_name, O_RDONLY);
962
if(plugin_fd == -1){
963
error(0, errno, "Could not open plugin");
964
free(direntries[i]);
965
continue;
966
}
967
ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
968
if(ret == -1){
969
error(0, errno, "stat");
970
close(plugin_fd);
971
free(direntries[i]);
972
continue;
973
}
974
975
/* Ignore non-executable files */
976
if(not S_ISREG(st.st_mode)
977
or (TEMP_FAILURE_RETRY(faccessat(dir_fd, direntries[i]->d_name,
978
X_OK, 0)) != 0)){
531
while(true){
532
dirst = readdir(dir);
533
534
// All directory entries have been processed
535
if(dirst == NULL){
536
if (errno == EBADF){
537
perror("readdir");
538
exitstatus = EXIT_FAILURE;
539
goto end;
540
}
541
break;
542
}
543
544
d_name_len = strlen(dirst->d_name);
545
546
// Ignore dotfiles, backup files and other junk
547
{
548
bool bad_name = false;
549
550
const char const *bad_prefixes[] = { ".", "#", NULL };
551
552
const char const *bad_suffixes[] = { "~", "#", ".dpkg-new",
553
".dpkg-old",
554
".dpkg-divert", NULL };
555
for(const char **pre = bad_prefixes; *pre != NULL; pre++){
556
size_t pre_len = strlen(*pre);
557
if((d_name_len >= pre_len)
558
and strncmp((dirst->d_name), *pre, pre_len) == 0){
559
if(debug){
560
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
561
" with bad prefix %s\n", dirst->d_name, *pre);
562
}
563
bad_name = true;
564
break;
565
}
566
}
567
568
if(bad_name){
569
continue;
570
}
571
572
for(const char **suf = bad_suffixes; *suf != NULL; suf++){
573
size_t suf_len = strlen(*suf);
574
if((d_name_len >= suf_len)
575
and (strcmp((dirst->d_name)+d_name_len-suf_len, *suf)
576
== 0)){
577
if(debug){
578
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
579
" with bad suffix %s\n", dirst->d_name, *suf);
580
}
581
bad_name = true;
582
break;
583
}
584
}
585
586
if(bad_name){
587
continue;
588
}
589
}
590
591
char *filename;
592
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name);
593
if(ret < 0){
594
perror("asprintf");
595
continue;
596
}
597
598
ret = stat(filename, &st);
599
if (ret == -1){
600
perror("stat");
601
free(filename);
602
continue;
603
}
604
605
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){
979
606
if(debug){
980
fprintf(stderr, "Ignoring plugin dir entry \"%s/%s\""
981
" with bad type or mode\n",
982
plugindir != NULL ? plugindir : PDIR,
983
direntries[i]->d_name);
607
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
608
" with bad type or mode\n", filename);
984
609
}
985
close(plugin_fd);
986
free(direntries[i]);
610
free(filename);
987
611
continue;
988
612
}
989
990
plugin *p = getplugin(direntries[i]->d_name);
613
plugin *p = getplugin(dirst->d_name, &plugin_list);
991
614
if(p == NULL){
992
error(0, errno, "getplugin");
993
close(plugin_fd);
994
free(direntries[i]);
615
perror("getplugin");
616
free(filename);
995
617
continue;
996
618
}
997
619
if(p->disabled){
998
620
if(debug){
999
621
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
1000
direntries[i]->d_name);
622
dirst->d_name);
1001
623
}
1002
close(plugin_fd);
1003
free(direntries[i]);
624
free(filename);
1004
625
continue;
1005
626
}
1006
627
{
1007
628
/* Add global arguments to argument list for this plugin */
1008
plugin *g = getplugin(NULL);
629
plugin *g = getplugin(NULL, &plugin_list);
1009
630
if(g != NULL){
1010
631
for(char **a = g->argv + 1; *a != NULL; a++){
1011
632
if(not add_argument(p, *a)){
1012
error(0, errno, "add_argument");
633
perror("add_argument");
1013
634
}
1014
635
}
1015
636
/* Add global environment variables */
1016
637
for(char **e = g->environ; *e != NULL; e++){
1017
if(not add_environment(p, *e, false)){
1018
error(0, errno, "add_environment");
638
if(not add_environment(p, *e)){
639
perror("add_environment");
1019
640
}
1020
641
}
1021
642
}
1022
643
}
1023
/* If this plugin has any environment variables, we need to
1024
duplicate the environment from this process, too. */
644
/* If this plugin has any environment variables, we will call
645
using execve and need to duplicate the environment from this
646
process, too. */
1025
647
if(p->environ[0] != NULL){
1026
648
for(char **e = environ; *e != NULL; e++){
1027
if(not add_environment(p, *e, false)){
1028
error(0, errno, "add_environment");
649
char *copy = strdup(*e);
650
if(copy == NULL){
651
perror("strdup");
652
continue;
653
}
654
if(not add_environment(p, copy)){
655
perror("add_environment");
1029
656
}
1030
657
}
1031
658
}
1032
659
1033
int pipefd[2];
1034
#ifndef O_CLOEXEC
1035
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
1036
#else /* O_CLOEXEC */
1037
ret = (int)TEMP_FAILURE_RETRY(pipe2(pipefd, O_CLOEXEC));
1038
#endif /* O_CLOEXEC */
1039
if(ret == -1){
1040
error(0, errno, "pipe");
1041
exitstatus = EX_OSERR;
1042
free(direntries[i]);
1043
goto fallback;
1044
}
1045
if(pipefd[0] >= FD_SETSIZE){
1046
fprintf(stderr, "pipe()[0] (%d) >= FD_SETSIZE (%d)", pipefd[0],
1047
FD_SETSIZE);
1048
close(pipefd[0]);
1049
close(pipefd[1]);
1050
exitstatus = EX_OSERR;
1051
free(direntries[i]);
1052
goto fallback;
1053
}
1054
#ifndef O_CLOEXEC
1055
/* Ask OS to automatic close the pipe on exec */
660
int pipefd[2];
661
ret = pipe(pipefd);
662
if (ret == -1){
663
perror("pipe");
664
exitstatus = EXIT_FAILURE;
665
goto end;
666
}
1056
667
ret = set_cloexec_flag(pipefd[0]);
1057
668
if(ret < 0){
1058
error(0, errno, "set_cloexec_flag");
1059
close(pipefd[0]);
1060
close(pipefd[1]);
1061
exitstatus = EX_OSERR;
1062
free(direntries[i]);
1063
goto fallback;
669
perror("set_cloexec_flag");
670
exitstatus = EXIT_FAILURE;
671
goto end;
1064
672
}
1065
673
ret = set_cloexec_flag(pipefd[1]);
1066
674
if(ret < 0){
1067
error(0, errno, "set_cloexec_flag");
1068
close(pipefd[0]);
1069
close(pipefd[1]);
1070
exitstatus = EX_OSERR;
1071
free(direntries[i]);
1072
goto fallback;
675
perror("set_cloexec_flag");
676
exitstatus = EXIT_FAILURE;
677
goto end;
1073
678
}
1074
#endif /* not O_CLOEXEC */
1075
679
/* Block SIGCHLD until process is safely in process list */
1076
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
1077
&sigchld_action.sa_mask,
1078
NULL));
680
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1079
681
if(ret < 0){
1080
error(0, errno, "sigprocmask");
1081
exitstatus = EX_OSERR;
1082
free(direntries[i]);
1083
goto fallback;
682
perror("sigprocmask");
683
exitstatus = EXIT_FAILURE;
684
goto end;
1084
685
}
1085
/* Starting a new process to be watched */
1086
pid_t pid;
1087
do {
1088
pid = fork();
1089
} while(pid == -1 and errno == EINTR);
686
// Starting a new process to be watched
687
pid_t pid = fork();
1090
688
if(pid == -1){
1091
error(0, errno, "fork");
1092
TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1093
&sigchld_action.sa_mask, NULL));
1094
close(pipefd[0]);
1095
close(pipefd[1]);
1096
exitstatus = EX_OSERR;
1097
free(direntries[i]);
1098
goto fallback;
689
perror("fork");
690
exitstatus = EXIT_FAILURE;
691
goto end;
1099
692
}
1100
693
if(pid == 0){
1101
694
/* this is the child process */
1102
695
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1103
696
if(ret < 0){
1104
error(0, errno, "sigaction");
1105
_exit(EX_OSERR);
697
perror("sigaction");
698
_exit(EXIT_FAILURE);
1106
699
}
1107
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
700
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1108
701
if(ret < 0){
1109
error(0, errno, "sigprocmask");
1110
_exit(EX_OSERR);
702
perror("sigprocmask");
703
_exit(EXIT_FAILURE);
1111
704
}
1112
705
1113
706
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
1114
707
if(ret == -1){
1115
error(0, errno, "dup2");
1116
_exit(EX_OSERR);
708
perror("dup2");
709
_exit(EXIT_FAILURE);
1117
710
}
1118
711
1119
if(fexecve(plugin_fd, p->argv,
1120
(p->environ[0] != NULL) ? p->environ : environ) < 0){
1121
error(0, errno, "fexecve for %s/%s",
1122
plugindir != NULL ? plugindir : PDIR,
1123
direntries[i]->d_name);
1124
_exit(EX_OSERR);
712
if(dirfd(dir) < 0){
713
/* If dir has no file descriptor, we could not set FD_CLOEXEC
714
above and must now close it manually here. */
715
closedir(dir);
716
}
717
if(p->environ[0] == NULL){
718
if(execv(filename, p->argv) < 0){
719
perror("execv");
720
_exit(EXIT_FAILURE);
721
}
722
} else {
723
if(execve(filename, p->argv, p->environ) < 0){
724
perror("execve");
725
_exit(EXIT_FAILURE);
726
}
1125
727
}
1126
728
/* no return */
1127
729
}
1128
/* Parent process */
1129
close(pipefd[1]); /* Close unused write end of pipe */
1130
close(plugin_fd);
1131
plugin *new_plugin = getplugin(direntries[i]->d_name);
1132
if(new_plugin == NULL){
1133
error(0, errno, "getplugin");
1134
ret = (int)(TEMP_FAILURE_RETRY
1135
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1136
NULL)));
730
/* parent process */
731
free(filename);
732
close(pipefd[1]); /* close unused write end of pipe */
733
process *new_process = malloc(sizeof(process));
734
if (new_process == NULL){
735
perror("malloc");
736
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1137
737
if(ret < 0){
1138
error(0, errno, "sigprocmask");
738
perror("sigprocmask");
1139
739
}
1140
exitstatus = EX_OSERR;
1141
free(direntries[i]);
1142
goto fallback;
740
exitstatus = EXIT_FAILURE;
741
goto end;
1143
742
}
1144
free(direntries[i]);
1145
743
1146
new_plugin->pid = pid;
1147
new_plugin->fd = pipefd[0];
1148
1149
if(debug){
1150
fprintf(stderr, "Plugin %s started (PID %" PRIdMAX ")\n",
1151
new_plugin->name, (intmax_t) (new_plugin->pid));
1152
}
1153
744
*new_process = (struct process){ .pid = pid,
745
.fd = pipefd[0],
746
.next = process_list };
747
// List handling
748
process_list = new_process;
1154
749
/* Unblock SIGCHLD so signal handler can be run if this process
1155
750
has already completed */
1156
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1157
&sigchld_action.sa_mask,
1158
NULL));
751
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1159
752
if(ret < 0){
1160
error(0, errno, "sigprocmask");
1161
exitstatus = EX_OSERR;
1162
goto fallback;
1163
}
1164
1165
FD_SET(new_plugin->fd, &rfds_all);
1166
1167
if(maxfd < new_plugin->fd){
1168
maxfd = new_plugin->fd;
1169
}
1170
}
1171
1172
free(direntries);
1173
direntries = NULL;
1174
close(dir_fd);
1175
dir_fd = -1;
1176
free_plugin(getplugin(NULL));
1177
1178
for(plugin *p = plugin_list; p != NULL; p = p->next){
1179
if(p->pid != 0){
1180
break;
1181
}
1182
if(p->next == NULL){
1183
fprintf(stderr, "No plugin processes started. Incorrect plugin"
1184
" directory?\n");
1185
free_plugin_list();
1186
}
1187
}
1188
1189
/* Main loop while running plugins exist */
1190
while(plugin_list){
753
perror("sigprocmask");
754
exitstatus = EXIT_FAILURE;
755
goto end;
756
}
757
758
FD_SET(new_process->fd, &rfds_all);
759
760
if (maxfd < new_process->fd){
761
maxfd = new_process->fd;
762
}
763
764
}
765
766
/* Free the plugin list */
767
for(plugin *next; plugin_list != NULL; plugin_list = next){
768
next = plugin_list->next;
769
free(plugin_list->argv);
770
if(plugin_list->environ[0] != NULL){
771
for(char **e = plugin_list->environ; *e != NULL; e++){
772
free(*e);
773
}
774
}
775
free(plugin_list);
776
}
777
778
closedir(dir);
779
dir = NULL;
780
781
if (process_list == NULL){
782
fprintf(stderr, "No plugin processes started. Incorrect plugin"
783
" directory?\n");
784
process_list = NULL;
785
}
786
while(process_list){
1191
787
fd_set rfds = rfds_all;
1192
788
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
1193
if(select_ret == -1 and errno != EINTR){
1194
error(0, errno, "select");
1195
exitstatus = EX_OSERR;
1196
goto fallback;
789
if (select_ret == -1){
790
perror("select");
791
exitstatus = EXIT_FAILURE;
792
goto end;
1197
793
}
1198
794
/* OK, now either a process completed, or something can be read
1199
795
from one of them */
1200
for(plugin *proc = plugin_list; proc != NULL;){
796
for(process *proc = process_list; proc ; proc = proc->next){
1201
797
/* Is this process completely done? */
1202
if(proc->completed and proc->eof){
798
if(proc->eof and proc->completed){
1203
799
/* Only accept the plugin output if it exited cleanly */
1204
800
if(not WIFEXITED(proc->status)
1205
801
or WEXITSTATUS(proc->status) != 0){
1206
802
/* Bad exit by plugin */
1207
1208
803
if(debug){
1209
804
if(WIFEXITED(proc->status)){
1210
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1211
" status %d\n", proc->name,
1212
(intmax_t) (proc->pid),
805
fprintf(stderr, "Plugin %u exited with status %d\n",
806
(unsigned int) (proc->pid),
1213
807
WEXITSTATUS(proc->status));
1214
} else if(WIFSIGNALED(proc->status)){
1215
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1216
" signal %d: %s\n", proc->name,
1217
(intmax_t) (proc->pid),
1218
WTERMSIG(proc->status),
1219
strsignal(WTERMSIG(proc->status)));
808
} else if(WIFSIGNALED(proc->status)) {
809
fprintf(stderr, "Plugin %u killed by signal %d\n",
810
(unsigned int) (proc->pid),
811
WTERMSIG(proc->status));
812
} else if(WCOREDUMP(proc->status)){
813
fprintf(stderr, "Plugin %d dumped core\n",
814
(unsigned int) (proc->pid));
1220
815
}
1221
816
}
1222
1223
817
/* Remove the plugin */
1224
818
FD_CLR(proc->fd, &rfds_all);
1225
1226
819
/* Block signal while modifying process_list */
1227
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1228
(SIG_BLOCK,
1229
&sigchld_action.sa_mask,
1230
NULL));
820
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1231
821
if(ret < 0){
1232
error(0, errno, "sigprocmask");
1233
exitstatus = EX_OSERR;
1234
goto fallback;
1235
}
1236
1237
plugin *next_plugin = proc->next;
1238
free_plugin(proc);
1239
proc = next_plugin;
1240
822
perror("sigprocmask");
823
exitstatus = EXIT_FAILURE;
824
goto end;
825
}
826
/* Delete this process entry from the list */
827
if(process_list == proc){
828
/* First one - simple */
829
process_list = proc->next;
830
} else {
831
/* Second one or later */
832
for(process *p = process_list; p != NULL; p = p->next){
833
if(p->next == proc){
834
p->next = proc->next;
835
break;
836
}
837
}
838
}
1241
839
/* We are done modifying process list, so unblock signal */
1242
ret = (int)(TEMP_FAILURE_RETRY
1243
(sigprocmask(SIG_UNBLOCK,
1244
&sigchld_action.sa_mask, NULL)));
840
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask,
841
NULL);
1245
842
if(ret < 0){
1246
error(0, errno, "sigprocmask");
1247
exitstatus = EX_OSERR;
1248
goto fallback;
1249
}
1250
1251
if(plugin_list == NULL){
1252
break;
1253
}
1254
1255
continue;
843
perror("sigprocmask");
844
}
845
free(proc->buffer);
846
free(proc);
847
/* We deleted this process from the list, so we can't go
848
proc->next. Therefore, start over from the beginning of
849
the process list */
850
break;
1256
851
}
1257
1258
852
/* This process exited nicely, so print its buffer */
1259
1260
bool bret = print_out_password(proc->buffer,
1261
proc->buffer_length);
853
854
bool bret = print_out_password(proc->buffer, proc->buffer_length);
1262
855
if(not bret){
1263
error(0, errno, "print_out_password");
1264
exitstatus = EX_IOERR;
856
perror("print_out_password");
857
exitstatus = EXIT_FAILURE;
1265
858
}
1266
goto fallback;
859
goto end;
1267
860
}
1268
1269
861
/* This process has not completed. Does it have any output? */
1270
862
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){
1271
863
/* This process had nothing to say at this time */
1272
proc = proc->next;
1273
864
continue;
1274
865
}
1275
866
/* Before reading, make the process' data buffer large enough */
1276
867
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1277
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1278
+ (size_t) BUFFER_SIZE);
1279
if(new_buffer == NULL){
1280
error(0, errno, "malloc");
1281
exitstatus = EX_OSERR;
1282
goto fallback;
868
proc->buffer = realloc(proc->buffer, proc->buffer_size
869
+ (size_t) BUFFER_SIZE);
870
if (proc->buffer == NULL){
871
perror("malloc");
872
exitstatus = EXIT_FAILURE;
873
goto end;
1283
874
}
1284
proc->buffer = new_buffer;
1285
875
proc->buffer_size += BUFFER_SIZE;
1286
876
}
1287
877
/* Read from the process */
1288
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1289
proc->buffer
1290
+ proc->buffer_length,
1291
BUFFER_SIZE));
1292
if(sret < 0){
878
ret = read(proc->fd, proc->buffer + proc->buffer_length,
879
BUFFER_SIZE);
880
if(ret < 0){
1293
881
/* Read error from this process; ignore the error */
1294
proc = proc->next;
1295
882
continue;
1296
883
}
1297
if(sret == 0){
884
if(ret == 0){
1298
885
/* got EOF */
1299
886
proc->eof = true;
1300
887
} else {
1301
proc->buffer_length += (size_t) sret;
888
proc->buffer_length += (size_t) ret;
1302
889
}
1303
890
}
1304
891
}
1305
1306
1307
fallback:
1308
1309
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1310
and exitstatus != EX_OK)){
1311
/* Fallback if all plugins failed, none are found or an error
1312
occured */
892
893
894
end:
895
896
if(process_list == NULL or exitstatus != EXIT_SUCCESS){
897
/* Fallback if all plugins failed, none are found or an error occured */
1313
898
bool bret;
1314
899
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
1315
900
char *passwordbuffer = getpass("Password: ");
1316
size_t len = strlen(passwordbuffer);
1317
/* Strip trailing newline */
1318
if(len > 0 and passwordbuffer[len-1] == '\n'){
1319
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1320
len--;
1321
}
1322
bret = print_out_password(passwordbuffer, len);
901
bret = print_out_password(passwordbuffer, strlen(passwordbuffer));
1323
902
if(not bret){
1324
error(0, errno, "print_out_password");
1325
exitstatus = EX_IOERR;
903
perror("print_out_password");
904
exitstatus = EXIT_FAILURE;
905
goto end;
1326
906
}
1327
907
}
1328
908
1329
909
/* Restore old signal handler */
1330
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1331
if(ret == -1){
1332
error(0, errno, "sigaction");
1333
exitstatus = EX_OSERR;
1334
}
1335
1336
if(custom_argv != NULL){
1337
for(char **arg = custom_argv+1; *arg != NULL; arg++){
1338
free(*arg);
1339
}
1340
free(custom_argv);
1341
}
1342
1343
free(direntries);
1344
1345
if(dir_fd != -1){
1346
close(dir_fd);
1347
}
1348
1349
/* Kill the processes */
1350
for(plugin *p = plugin_list; p != NULL; p = p->next){
1351
if(p->pid != 0){
1352
close(p->fd);
1353
ret = kill(p->pid, SIGTERM);
1354
if(ret == -1 and errno != ESRCH){
1355
/* Set-uid proccesses might not get closed */
1356
error(0, errno, "kill");
910
sigaction(SIGCHLD, &old_sigchld_action, NULL);
911
912
free(custom_argv);
913
914
/* Free the plugin list */
915
for(plugin *next; plugin_list != NULL; plugin_list = next){
916
next = plugin_list->next;
917
free(plugin_list->argv);
918
if(plugin_list->environ[0] != NULL){
919
for(char **e = plugin_list->environ; *e != NULL; e++){
920
free(*e);
1357
921
}
1358
922
}
923
free(plugin_list->environ);
924
free(plugin_list);
925
}
926
927
if(dir != NULL){
928
closedir(dir);
929
}
930
931
/* Free the process list and kill the processes */
932
for(process *next; process_list != NULL; process_list = next){
933
next = process_list->next;
934
close(process_list->fd);
935
ret = kill(process_list->pid, SIGTERM);
936
if(ret == -1 and errno != ESRCH){
937
/* set-uid proccesses migth not get closed */
938
perror("kill");
939
}
940
free(process_list->buffer);
941
free(process_list);
1359
942
}
1360
943
1361
944
/* Wait for any remaining child processes to terminate */
1362
do {
945
do{
1363
946
ret = wait(NULL);
1364
947
} while(ret >= 0);
1365
948
if(errno != ECHILD){
1366
error(0, errno, "wait");
949
perror("wait");
1367
950
}
1368
951
1369
free_plugin_list();
1370
1371
free(plugindir);
1372
free(pluginhelperdir);
1373
free(argfile);
1374
1375
952
return exitstatus;
1376
953
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0