To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugin-runner.c
- browse files at revision 78
- compare with another revision
- download diff
- download tarball
- view history from revision 78
- Committer: Teddy Hogeborn
- Date: 2008-08-16 03:29:08 UTC
- Revision ID: teddy@fukt.bsnet.se-20080816032908-ihw7c05r2mnyk389
Add feature to specify custom environment variables for plugins.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
* plugin-runner.c (plugin): New members "environ" and "envc" to
contain possible custom environment.
(getplugin): Return NULL on failure instead of doing exit(); all
callers changed.
(add_to_char_array): New helper function for "add_argument" and
"add_environment".
(addargument): Renamed to "add_argument". Return bool. Call
"add_to_char_array" to actually do things.
(add_environment): New; analogous to "add_argument".
(addcustomargument): Renamed to "add_to_argv" to avoid confusion
with "add_argument".
(main): New options "--global-envs" and "--envs-for" to specify
custom environment for plugins. Print environment for
plugins in debug mode. Use asprintf instead of strcpy and
strcat. Use execve() for plugins with custom environments.
Free environment for plugin when freeing plugin list.
- files added:
- initramfs-tools-hook-conf
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/tests
- debian/upstream
- dracut-module
- network-hooks.d
- plugin-helpers
- files renamed:
- plugins.d/mandos-client.c => plugins.d/password-request.c
- plugins.d/mandos-client.xml => plugins.d/password-request.xml
- files modified:
- Makefile
added
removed
plugin-runner.c
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
1
/* -*- coding: utf-8 -*- */
2
2
/*
3
3
* Mandos plugin runner - Run Mandos plugins
4
4
*
5
* Copyright © 2008-2020 Teddy Hogeborn
6
* Copyright © 2008-2020 Björn Påhlsson
7
*
8
* This file is part of Mandos.
9
*
10
* Mandos is free software: you can redistribute it and/or modify it
11
* under the terms of the GNU General Public License as published by
12
* the Free Software Foundation, either version 3 of the License, or
13
* (at your option) any later version.
14
*
15
* Mandos is distributed in the hope that it will be useful, but
5
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
6
*
7
* This program is free software: you can redistribute it and/or
8
* modify it under the terms of the GNU General Public License as
9
* published by the Free Software Foundation, either version 3 of the
10
* License, or (at your option) any later version.
11
*
12
* This program is distributed in the hope that it will be useful, but
16
13
* WITHOUT ANY WARRANTY; without even the implied warranty of
17
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18
15
* General Public License for more details.
19
16
*
20
17
* You should have received a copy of the GNU General Public License
21
* along with Mandos. If not, see <http://www.gnu.org/licenses/>.
18
* along with this program. If not, see
19
* <http://www.gnu.org/licenses/>.
22
20
*
23
* Contact the authors at <mandos@recompile.se>.
21
* Contact the authors at <mandos@fukt.bsnet.se>.
24
22
*/
25
23
26
24
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
27
O_CLOEXEC, pipe2() */
25
asprintf() */
28
26
#include <stddef.h> /* size_t, NULL */
29
#include <stdlib.h> /* malloc(), reallocarray(), realloc(),
30
EXIT_SUCCESS, exit() */
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
28
EXIT_SUCCESS, realloc() */
31
29
#include <stdbool.h> /* bool, true, false */
32
#include <stdio.h> /* fileno(), fprintf(),
33
stderr, STDOUT_FILENO, fclose() */
34
#include <sys/types.h> /* fstat(), struct stat, waitpid(),
35
WIFEXITED(), WEXITSTATUS(), wait(),
36
pid_t, uid_t, gid_t, getuid(),
37
getgid() */
30
#include <stdio.h> /* perror, popen(), fileno(),
31
fprintf(), stderr, STDOUT_FILENO */
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
33
stat, waitpid(), WIFEXITED(),
34
WEXITSTATUS(), wait(), pid_t,
35
uid_t, gid_t, getuid(), getgid(),
36
dirfd() */
38
37
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
39
38
FD_SET(), FD_ISSET(), FD_CLR */
40
39
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
41
WEXITSTATUS(), WTERMSIG() */
42
#include <sys/stat.h> /* struct stat, fstat(), S_ISREG() */
40
WEXITSTATUS() */
41
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
43
42
#include <iso646.h> /* and, or, not */
44
#include <dirent.h> /* struct dirent, scandirat() */
45
#include <unistd.h> /* fcntl(), F_GETFD, F_SETFD,
46
FD_CLOEXEC, write(), STDOUT_FILENO,
47
struct stat, fstat(), close(),
48
setgid(), setuid(), S_ISREG(),
49
faccessat() pipe2(), fork(),
50
_exit(), dup2(), fexecve(), read()
51
*/
43
#include <dirent.h> /* DIR, struct dirent, opendir(),
44
readdir(), closedir(), dirfd() */
45
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
46
fcntl(), setuid(), setgid(),
47
F_GETFD, F_SETFD, FD_CLOEXEC,
48
access(), pipe(), fork(), close()
49
dup2, STDOUT_FILENO, _exit(),
50
execv(), write(), read(),
51
close() */
52
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
53
FD_CLOEXEC, openat(), scandirat(),
54
pipe2() */
55
#include <string.h> /* strsep, strlen(), strsignal(),
56
strcmp(), strncmp() */
53
FD_CLOEXEC */
54
#include <string.h> /* strsep, strlen(), asprintf() */
57
55
#include <errno.h> /* errno */
58
56
#include <argp.h> /* struct argp_option, struct
59
57
argp_state, struct argp,
60
58
argp_parse(), ARGP_ERR_UNKNOWN,
61
ARGP_KEY_END, ARGP_KEY_ARG,
62
error_t */
59
ARGP_KEY_END, ARGP_KEY_ARG, error_t */
63
60
#include <signal.h> /* struct sigaction, sigemptyset(),
64
61
sigaddset(), sigaction(),
65
62
sigprocmask(), SIG_BLOCK, SIGCHLD,
66
SIG_UNBLOCK, kill(), sig_atomic_t
67
*/
63
SIG_UNBLOCK, kill() */
68
64
#include <errno.h> /* errno, EBADF */
69
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
70
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
71
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
72
#include <errno.h> /* errno */
73
#include <error.h> /* error() */
74
#include <fnmatch.h> /* fnmatch() */
75
65
76
66
#define BUFFER_SIZE 256
77
78
#define PDIR "/lib/mandos/plugins.d"
79
#define PHDIR "/lib/mandos/plugin-helpers"
80
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
81
82
const char *argp_program_version = "plugin-runner " VERSION;
83
const char *argp_program_bug_address = "<mandos@recompile.se>";
67
#define ARGFILE "/conf/conf.d/mandos/plugin-runner.conf"
68
69
const char *argp_program_version = "plugin-runner 1.0";
70
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
71
72
struct process;
73
74
typedef struct process{
75
pid_t pid;
76
int fd;
77
char *buffer;
78
size_t buffer_size;
79
size_t buffer_length;
80
bool eof;
81
bool completed;
82
int status;
83
struct process *next;
84
} process;
84
85
85
86
typedef struct plugin{
86
87
char *name; /* can be NULL or any plugin name */
89
90
char **environ;
90
91
int envc;
91
92
bool disabled;
92
93
/* Variables used for running processes*/
94
pid_t pid;
95
int fd;
96
char *buffer;
97
size_t buffer_size;
98
size_t buffer_length;
99
bool eof;
100
volatile sig_atomic_t completed;
101
int status;
102
93
struct plugin *next;
103
94
} plugin;
104
95
105
static plugin *plugin_list = NULL;
106
107
/* Gets an existing plugin based on name,
108
or if none is found, creates a new one */
109
__attribute__((warn_unused_result))
110
static plugin *getplugin(char *name){
111
/* Check for existing plugin with that name */
112
for(plugin *p = plugin_list; p != NULL; p = p->next){
113
if((p->name == name)
114
or (p->name and name and (strcmp(p->name, name) == 0))){
96
static plugin *getplugin(char *name, plugin **plugin_list){
97
for (plugin *p = *plugin_list; p != NULL; p = p->next){
98
if ((p->name == name)
99
or (p->name and name and (strcmp(p->name, name) == 0))){
115
100
return p;
116
101
}
117
102
}
118
103
/* Create a new plugin */
119
plugin *new_plugin = NULL;
120
do {
121
new_plugin = malloc(sizeof(plugin));
122
} while(new_plugin == NULL and errno == EINTR);
123
if(new_plugin == NULL){
104
plugin *new_plugin = malloc(sizeof(plugin));
105
if (new_plugin == NULL){
124
106
return NULL;
125
107
}
126
char *copy_name = NULL;
127
if(name != NULL){
128
do {
129
copy_name = strdup(name);
130
} while(copy_name == NULL and errno == EINTR);
131
if(copy_name == NULL){
132
int e = errno;
133
free(new_plugin);
134
errno = e;
135
return NULL;
136
}
137
}
138
139
*new_plugin = (plugin){ .name = copy_name,
140
.argc = 1,
141
.disabled = false,
142
.next = plugin_list };
143
144
do {
145
new_plugin->argv = malloc(sizeof(char *) * 2);
146
} while(new_plugin->argv == NULL and errno == EINTR);
147
if(new_plugin->argv == NULL){
148
int e = errno;
149
free(copy_name);
108
*new_plugin = (plugin) { .name = name,
109
.argc = 1,
110
.envc = 0,
111
.disabled = false,
112
.next = *plugin_list };
113
114
new_plugin->argv = malloc(sizeof(char *) * 2);
115
if (new_plugin->argv == NULL){
150
116
free(new_plugin);
151
errno = e;
152
117
return NULL;
153
118
}
154
new_plugin->argv[0] = copy_name;
119
new_plugin->argv[0] = name;
155
120
new_plugin->argv[1] = NULL;
156
157
do {
158
new_plugin->environ = malloc(sizeof(char *));
159
} while(new_plugin->environ == NULL and errno == EINTR);
121
122
new_plugin->environ = malloc(sizeof(char *));
160
123
if(new_plugin->environ == NULL){
161
int e = errno;
162
free(copy_name);
163
124
free(new_plugin->argv);
164
125
free(new_plugin);
165
errno = e;
166
126
return NULL;
167
127
}
168
128
new_plugin->environ[0] = NULL;
169
170
129
/* Append the new plugin to the list */
171
plugin_list = new_plugin;
130
*plugin_list = new_plugin;
172
131
return new_plugin;
173
132
}
174
133
175
134
/* Helper function for add_argument and add_environment */
176
__attribute__((nonnull, warn_unused_result))
177
135
static bool add_to_char_array(const char *new, char ***array,
178
136
int *len){
179
137
/* Resize the pointed-to array to hold one more pointer */
180
char **new_array = NULL;
181
do {
182
#if defined(__GLIBC_PREREQ) and __GLIBC_PREREQ(2, 26)
183
new_array = reallocarray(*array, (size_t)((*len) + 2),
184
sizeof(char *));
185
#else
186
if(((size_t)((*len) + 2)) > (SIZE_MAX / sizeof(char *))){
187
/* overflow */
188
new_array = NULL;
189
errno = ENOMEM;
190
} else {
191
new_array = realloc(*array, (size_t)((*len) + 2)
192
* sizeof(char *));
193
}
194
#endif
195
} while(new_array == NULL and errno == EINTR);
138
*array = realloc(*array, sizeof(char *)
139
* (size_t) ((*len) + 2));
196
140
/* Malloc check */
197
if(new_array == NULL){
141
if(*array == NULL){
198
142
return false;
199
143
}
200
*array = new_array;
201
144
/* Make a copy of the new string */
202
char *copy;
203
do {
204
copy = strdup(new);
205
} while(copy == NULL and errno == EINTR);
145
char *copy = strdup(new);
206
146
if(copy == NULL){
207
147
return false;
208
148
}
215
155
}
216
156
217
157
/* Add to a plugin's argument vector */
218
__attribute__((nonnull(2), warn_unused_result))
219
158
static bool add_argument(plugin *p, const char *arg){
220
159
if(p == NULL){
221
160
return false;
224
163
}
225
164
226
165
/* Add to a plugin's environment */
227
__attribute__((nonnull(2), warn_unused_result))
228
static bool add_environment(plugin *p, const char *def, bool replace){
166
static bool add_environment(plugin *p, const char *def){
229
167
if(p == NULL){
230
168
return false;
231
169
}
232
/* namelen = length of name of environment variable */
233
size_t namelen = (size_t)(strchrnul(def, '=') - def);
234
/* Search for this environment variable */
235
for(char **envdef = p->environ; *envdef != NULL; envdef++){
236
if(strncmp(*envdef, def, namelen + 1) == 0){
237
/* It already exists */
238
if(replace){
239
char *new_envdef;
240
do {
241
new_envdef = realloc(*envdef, strlen(def) + 1);
242
} while(new_envdef == NULL and errno == EINTR);
243
if(new_envdef == NULL){
244
return false;
245
}
246
*envdef = new_envdef;
247
strcpy(*envdef, def);
248
}
249
return true;
250
}
251
}
252
170
return add_to_char_array(def, &(p->environ), &(p->envc));
253
171
}
254
172
255
#ifndef O_CLOEXEC
173
256
174
/*
257
175
* Based on the example in the GNU LibC manual chapter 13.13 "File
258
176
* Descriptor Flags".
259
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
177
* *Note File Descriptor Flags:(libc)Descriptor Flags.
260
178
*/
261
__attribute__((warn_unused_result))
262
static int set_cloexec_flag(int fd){
263
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
179
static int set_cloexec_flag(int fd)
180
{
181
int ret = fcntl(fd, F_GETFD, 0);
264
182
/* If reading the flags failed, return error indication now. */
265
183
if(ret < 0){
266
184
return ret;
267
185
}
268
186
/* Store modified flag word in the descriptor. */
269
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
270
ret | FD_CLOEXEC));
187
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
271
188
}
272
#endif /* not O_CLOEXEC */
273
274
275
/* Mark processes as completed when they exit, and save their exit
189
190
process *process_list = NULL;
191
192
/* Mark a process as completed when it exits, and save its exit
276
193
status. */
277
static void handle_sigchld(__attribute__((unused)) int sig){
278
int old_errno = errno;
279
while(true){
280
plugin *proc = plugin_list;
281
int status;
282
pid_t pid = waitpid(-1, &status, WNOHANG);
283
if(pid == 0){
284
/* Only still running child processes */
285
break;
286
}
287
if(pid == -1){
288
if(errno == ECHILD){
289
/* No child processes */
290
break;
291
}
292
error(0, errno, "waitpid");
293
}
294
295
/* A child exited, find it in process_list */
296
while(proc != NULL and proc->pid != pid){
297
proc = proc->next;
298
}
299
if(proc == NULL){
300
/* Process not found in process list */
301
continue;
302
}
303
proc->status = status;
304
proc->completed = 1;
305
}
306
errno = old_errno;
194
void handle_sigchld(__attribute__((unused)) int sig){
195
process *proc = process_list;
196
int status;
197
pid_t pid = wait(&status);
198
if(pid == -1){
199
perror("wait");
200
return;
201
}
202
while(proc != NULL and proc->pid != pid){
203
proc = proc->next;
204
}
205
if(proc == NULL){
206
/* Process not found in process list */
207
return;
208
}
209
proc->status = status;
210
proc->completed = true;
307
211
}
308
212
309
/* Prints out a password to stdout */
310
__attribute__((nonnull, warn_unused_result))
311
static bool print_out_password(const char *buffer, size_t length){
213
bool print_out_password(const char *buffer, size_t length){
312
214
ssize_t ret;
215
if(length>0 and buffer[length-1] == '\n'){
216
length--;
217
}
313
218
for(size_t written = 0; written < length; written += (size_t)ret){
314
219
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
315
220
length - written));
320
225
return true;
321
226
}
322
227
323
/* Removes and free a plugin from the plugin list */
324
__attribute__((nonnull))
325
static void free_plugin(plugin *plugin_node){
326
327
for(char **arg = (plugin_node->argv)+1; *arg != NULL; arg++){
328
free(*arg);
329
}
330
free(plugin_node->name);
331
free(plugin_node->argv);
332
for(char **env = plugin_node->environ; *env != NULL; env++){
333
free(*env);
334
}
335
free(plugin_node->environ);
336
free(plugin_node->buffer);
337
338
/* Removes the plugin from the singly-linked list */
339
if(plugin_node == plugin_list){
340
/* First one - simple */
341
plugin_list = plugin_list->next;
342
} else {
343
/* Second one or later */
344
for(plugin *p = plugin_list; p != NULL; p = p->next){
345
if(p->next == plugin_node){
346
p->next = plugin_node->next;
347
break;
348
}
228
char **add_to_argv(char **argv, int *argc, char *arg){
229
if (argv == NULL){
230
*argc = 1;
231
argv = malloc(sizeof(char*) * 2);
232
if(argv == NULL){
233
return NULL;
349
234
}
350
}
351
352
free(plugin_node);
353
}
354
355
static void free_plugin_list(void){
356
while(plugin_list != NULL){
357
free_plugin(plugin_list);
358
}
235
argv[0] = NULL; /* Will be set to argv[0] in main before parsing */
236
argv[1] = NULL;
237
}
238
*argc += 1;
239
argv = realloc(argv, sizeof(char *)
240
* ((unsigned int) *argc + 1));
241
if(argv == NULL){
242
return NULL;
243
}
244
argv[*argc-1] = arg;
245
argv[*argc] = NULL;
246
return argv;
359
247
}
360
248
361
249
int main(int argc, char *argv[]){
362
char *plugindir = NULL;
363
char *pluginhelperdir = NULL;
364
char *argfile = NULL;
250
const char *plugindir = "/lib/mandos/plugins.d";
251
const char *argfile = ARGFILE;
365
252
FILE *conffp;
366
struct dirent **direntries = NULL;
253
size_t d_name_len;
254
DIR *dir = NULL;
255
struct dirent *dirst;
367
256
struct stat st;
368
257
fd_set rfds_all;
369
258
int ret, maxfd = 0;
370
ssize_t sret;
371
259
uid_t uid = 65534;
372
260
gid_t gid = 65534;
373
261
bool debug = false;
377
265
.sa_flags = SA_NOCLDSTOP };
378
266
char **custom_argv = NULL;
379
267
int custom_argc = 0;
380
int dir_fd = -1;
381
268
382
269
/* Establish a signal handler */
383
270
sigemptyset(&sigchld_action.sa_mask);
384
271
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
385
if(ret == -1){
386
error(0, errno, "sigaddset");
387
exitstatus = EX_OSERR;
388
goto fallback;
272
if(ret < 0){
273
perror("sigaddset");
274
exit(EXIT_FAILURE);
389
275
}
390
276
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
391
if(ret == -1){
392
error(0, errno, "sigaction");
393
exitstatus = EX_OSERR;
394
goto fallback;
277
if(ret < 0){
278
perror("sigaction");
279
exit(EXIT_FAILURE);
395
280
}
396
281
397
282
/* The options we understand. */
399
284
{ .name = "global-options", .key = 'g',
400
285
.arg = "OPTION[,OPTION[,...]]",
401
286
.doc = "Options passed to all plugins" },
402
{ .name = "global-env", .key = 'G',
287
{ .name = "global-envs", .key = 'e',
403
288
.arg = "VAR=value",
404
289
.doc = "Environment variable passed to all plugins" },
405
290
{ .name = "options-for", .key = 'o',
406
291
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
407
292
.doc = "Options passed only to specified plugin" },
408
{ .name = "env-for", .key = 'E',
293
{ .name = "envs-for", .key = 'f',
409
294
.arg = "PLUGIN:ENV=value",
410
295
.doc = "Environment variable passed to specified plugin" },
411
296
{ .name = "disable", .key = 'd',
412
297
.arg = "PLUGIN",
413
298
.doc = "Disable a specific plugin", .group = 1 },
414
{ .name = "enable", .key = 'e',
415
.arg = "PLUGIN",
416
.doc = "Enable a specific plugin", .group = 1 },
417
299
{ .name = "plugin-dir", .key = 128,
418
300
.arg = "DIRECTORY",
419
301
.doc = "Specify a different plugin directory", .group = 2 },
420
{ .name = "config-file", .key = 129,
421
.arg = "FILE",
422
.doc = "Specify a different configuration file", .group = 2 },
423
{ .name = "userid", .key = 130,
424
.arg = "ID", .flags = 0,
425
.doc = "User ID the plugins will run as", .group = 3 },
426
{ .name = "groupid", .key = 131,
427
.arg = "ID", .flags = 0,
428
.doc = "Group ID the plugins will run as", .group = 3 },
429
{ .name = "debug", .key = 132,
430
.doc = "Debug mode", .group = 4 },
431
{ .name = "plugin-helper-dir", .key = 133,
432
.arg = "DIRECTORY",
433
.doc = "Specify a different plugin helper directory",
434
.group = 2 },
435
/*
436
* These reproduce what we would get without ARGP_NO_HELP
437
*/
438
{ .name = "help", .key = '?',
439
.doc = "Give this help list", .group = -1 },
440
{ .name = "usage", .key = -3,
441
.doc = "Give a short usage message", .group = -1 },
442
{ .name = "version", .key = 'V',
443
.doc = "Print program version", .group = -1 },
302
{ .name = "userid", .key = 129,
303
.arg = "ID", .flags = 0,
304
.doc = "User ID the plugins will run as", .group = 2 },
305
{ .name = "groupid", .key = 130,
306
.arg = "ID", .flags = 0,
307
.doc = "Group ID the plugins will run as", .group = 2 },
308
{ .name = "debug", .key = 131,
309
.doc = "Debug mode", .group = 3 },
444
310
{ .name = NULL }
445
311
};
446
312
447
__attribute__((nonnull(3)))
448
error_t parse_opt(int key, char *arg, struct argp_state *state){
449
errno = 0;
450
switch(key){
451
char *tmp;
452
intmax_t tmp_id;
453
case 'g': /* --global-options */
454
{
455
char *plugin_option;
456
while((plugin_option = strsep(&arg, ",")) != NULL){
457
if(not add_argument(getplugin(NULL), plugin_option)){
458
break;
459
}
460
}
461
errno = 0;
462
}
463
break;
464
case 'G': /* --global-env */
465
if(add_environment(getplugin(NULL), arg, true)){
466
errno = 0;
467
}
468
break;
469
case 'o': /* --options-for */
470
{
471
char *option_list = strchr(arg, ':');
472
if(option_list == NULL){
473
argp_error(state, "No colon in \"%s\"", arg);
474
errno = EINVAL;
475
break;
476
}
477
*option_list = '\0';
478
option_list++;
479
if(arg[0] == '\0'){
480
argp_error(state, "Empty plugin name");
481
errno = EINVAL;
482
break;
483
}
484
char *option;
485
while((option = strsep(&option_list, ",")) != NULL){
486
if(not add_argument(getplugin(arg), option)){
487
break;
488
}
489
}
490
errno = 0;
491
}
492
break;
493
case 'E': /* --env-for */
313
error_t parse_opt (int key, char *arg, struct argp_state *state) {
314
/* Get the INPUT argument from `argp_parse', which we know is a
315
pointer to our plugin list pointer. */
316
plugin **plugins = state->input;
317
switch (key) {
318
case 'g':
319
if (arg != NULL){
320
char *p;
321
while((p = strsep(&arg, ",")) != NULL){
322
if(p[0] == '\0'){
323
continue;
324
}
325
if(not add_argument(getplugin(NULL, plugins), p)){
326
perror("add_argument");
327
return ARGP_ERR_UNKNOWN;
328
}
329
}
330
}
331
break;
332
case 'e':
333
if(arg == NULL){
334
break;
335
}
336
{
337
char *envdef = strdup(arg);
338
if(envdef == NULL){
339
break;
340
}
341
if(not add_environment(getplugin(NULL, plugins), envdef)){
342
perror("add_environment");
343
}
344
}
345
break;
346
case 'o':
347
if (arg != NULL){
348
char *p_name = strsep(&arg, ":");
349
if(p_name[0] == '\0'){
350
break;
351
}
352
char *opt = strsep(&arg, ":");
353
if(opt[0] == '\0'){
354
break;
355
}
356
if(opt != NULL){
357
char *p;
358
while((p = strsep(&opt, ",")) != NULL){
359
if(p[0] == '\0'){
360
continue;
361
}
362
if(not add_argument(getplugin(p_name, plugins), p)){
363
perror("add_argument");
364
return ARGP_ERR_UNKNOWN;
365
}
366
}
367
}
368
}
369
break;
370
case 'f':
371
if(arg == NULL){
372
break;
373
}
494
374
{
495
375
char *envdef = strchr(arg, ':');
496
376
if(envdef == NULL){
497
argp_error(state, "No colon in \"%s\"", arg);
498
errno = EINVAL;
499
break;
500
}
501
*envdef = '\0';
377
break;
378
}
379
char *p_name = strndup(arg, (size_t) (envdef-arg));
380
if(p_name == NULL){
381
break;
382
}
502
383
envdef++;
503
if(arg[0] == '\0'){
504
argp_error(state, "Empty plugin name");
505
errno = EINVAL;
506
break;
507
}
508
if(add_environment(getplugin(arg), envdef, true)){
509
errno = 0;
510
}
511
}
512
break;
513
case 'd': /* --disable */
514
{
515
plugin *p = getplugin(arg);
516
if(p != NULL){
517
p->disabled = true;
518
errno = 0;
519
}
520
}
521
break;
522
case 'e': /* --enable */
523
{
524
plugin *p = getplugin(arg);
525
if(p != NULL){
526
p->disabled = false;
527
errno = 0;
528
}
529
}
530
break;
531
case 128: /* --plugin-dir */
532
free(plugindir);
533
plugindir = strdup(arg);
534
if(plugindir != NULL){
535
errno = 0;
536
}
537
break;
538
case 129: /* --config-file */
539
/* This is already done by parse_opt_config_file() */
540
break;
541
case 130: /* --userid */
542
tmp_id = strtoimax(arg, &tmp, 10);
543
if(errno != 0 or tmp == arg or *tmp != '\0'
544
or tmp_id != (uid_t)tmp_id){
545
argp_error(state, "Bad user ID number: \"%s\", using %"
546
PRIdMAX, arg, (intmax_t)uid);
547
break;
548
}
549
uid = (uid_t)tmp_id;
550
errno = 0;
551
break;
552
case 131: /* --groupid */
553
tmp_id = strtoimax(arg, &tmp, 10);
554
if(errno != 0 or tmp == arg or *tmp != '\0'
555
or tmp_id != (gid_t)tmp_id){
556
argp_error(state, "Bad group ID number: \"%s\", using %"
557
PRIdMAX, arg, (intmax_t)gid);
558
break;
559
}
560
gid = (gid_t)tmp_id;
561
errno = 0;
562
break;
563
case 132: /* --debug */
384
if(not add_environment(getplugin(p_name, plugins), envdef)){
385
perror("add_environment");
386
}
387
}
388
break;
389
case 'd':
390
if (arg != NULL){
391
plugin *p = getplugin(arg, plugins);
392
if(p == NULL){
393
return ARGP_ERR_UNKNOWN;
394
}
395
p->disabled = true;
396
}
397
break;
398
case 128:
399
plugindir = arg;
400
break;
401
case 129:
402
uid = (uid_t)strtol(arg, NULL, 10);
403
break;
404
case 130:
405
gid = (gid_t)strtol(arg, NULL, 10);
406
break;
407
case 131:
564
408
debug = true;
565
409
break;
566
case 133: /* --plugin-helper-dir */
567
free(pluginhelperdir);
568
pluginhelperdir = strdup(arg);
569
if(pluginhelperdir != NULL){
570
errno = 0;
571
}
572
break;
573
/*
574
* These reproduce what we would get without ARGP_NO_HELP
575
*/
576
case '?': /* --help */
577
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
578
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
579
__builtin_unreachable();
580
case -3: /* --usage */
581
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
582
argp_state_help(state, state->out_stream,
583
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
584
__builtin_unreachable();
585
case 'V': /* --version */
586
fprintf(state->out_stream, "%s\n", argp_program_version);
587
exit(EXIT_SUCCESS);
588
break;
589
/*
590
* When adding more options before this line, remember to also add a
591
* "case" to the "parse_opt_config_file" function below.
592
*/
593
case ARGP_KEY_ARG:
594
/* Cryptsetup always passes an argument, which is an empty
595
string if "none" was specified in /etc/crypttab. So if
596
argument was empty, we ignore it silently. */
597
if(arg[0] == '\0'){
598
break;
599
}
600
#if __GNUC__ >= 7
601
__attribute__((fallthrough));
602
#else
603
/* FALLTHROUGH */
604
#endif
605
default:
606
return ARGP_ERR_UNKNOWN;
607
}
608
return errno; /* Set to 0 at start */
609
}
610
611
/* This option parser is the same as parse_opt() above, except it
612
ignores everything but the --config-file option. */
613
error_t parse_opt_config_file(int key, char *arg,
614
__attribute__((unused))
615
struct argp_state *state){
616
errno = 0;
617
switch(key){
618
case 'g': /* --global-options */
619
case 'G': /* --global-env */
620
case 'o': /* --options-for */
621
case 'E': /* --env-for */
622
case 'd': /* --disable */
623
case 'e': /* --enable */
624
case 128: /* --plugin-dir */
625
break;
626
case 129: /* --config-file */
627
free(argfile);
628
argfile = strdup(arg);
629
if(argfile != NULL){
630
errno = 0;
631
}
632
break;
633
case 130: /* --userid */
634
case 131: /* --groupid */
635
case 132: /* --debug */
636
case 133: /* --plugin-helper-dir */
637
case '?': /* --help */
638
case -3: /* --usage */
639
case 'V': /* --version */
640
case ARGP_KEY_ARG:
641
break;
642
default:
643
return ARGP_ERR_UNKNOWN;
644
}
645
return errno;
646
}
647
648
struct argp argp = { .options = options,
649
.parser = parse_opt_config_file,
650
.args_doc = "",
410
case ARGP_KEY_ARG:
411
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
412
break;
413
case ARGP_KEY_END:
414
break;
415
default:
416
return ARGP_ERR_UNKNOWN;
417
}
418
return 0;
419
}
420
421
plugin *plugin_list = NULL;
422
423
struct argp argp = { .options = options, .parser = parse_opt,
424
.args_doc = "[+PLUS_SEPARATED_OPTIONS]",
651
425
.doc = "Mandos plugin runner -- Run plugins" };
652
426
653
/* Parse using parse_opt_config_file() in order to get the custom
654
config file location, if any. */
655
ret = argp_parse(&argp, argc, argv,
656
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
657
NULL, NULL);
658
switch(ret){
659
case 0:
660
break;
661
case ENOMEM:
662
default:
663
errno = ret;
664
error(0, errno, "argp_parse");
665
exitstatus = EX_OSERR;
666
goto fallback;
667
case EINVAL:
668
exitstatus = EX_USAGE;
669
goto fallback;
670
}
671
672
/* Reset to the normal argument parser */
673
argp.parser = parse_opt;
674
675
/* Open the configfile if available */
676
if(argfile == NULL){
677
conffp = fopen(AFILE, "r");
678
} else {
679
conffp = fopen(argfile, "r");
680
}
427
ret = argp_parse (&argp, argc, argv, 0, 0, &plugin_list);
428
if (ret == ARGP_ERR_UNKNOWN){
429
fprintf(stderr, "Unknown error while parsing arguments\n");
430
exitstatus = EXIT_FAILURE;
431
goto end;
432
}
433
434
conffp = fopen(argfile, "r");
681
435
if(conffp != NULL){
682
436
char *org_line = NULL;
437
size_t size = 0;
438
ssize_t sret;
683
439
char *p, *arg, *new_arg, *line;
684
size_t size = 0;
685
440
const char whitespace_delims[] = " \r\t\f\v\n";
686
441
const char comment_delim[] = "#";
687
688
custom_argc = 1;
689
custom_argv = malloc(sizeof(char*) * 2);
690
if(custom_argv == NULL){
691
error(0, errno, "malloc");
692
exitstatus = EX_OSERR;
693
goto fallback;
694
}
695
custom_argv[0] = argv[0];
696
custom_argv[1] = NULL;
697
698
/* for each line in the config file, strip whitespace and ignore
699
commented text */
442
700
443
while(true){
701
444
sret = getline(&org_line, &size, conffp);
702
445
if(sret == -1){
703
446
break;
704
447
}
705
448
706
449
line = org_line;
707
450
arg = strsep(&line, comment_delim);
708
451
while((p = strsep(&arg, whitespace_delims)) != NULL){
710
453
continue;
711
454
}
712
455
new_arg = strdup(p);
713
if(new_arg == NULL){
714
error(0, errno, "strdup");
715
exitstatus = EX_OSERR;
716
free(org_line);
717
goto fallback;
718
}
719
720
custom_argc += 1;
721
{
722
#if defined(__GLIBC_PREREQ) and __GLIBC_PREREQ(2, 26)
723
char **new_argv = reallocarray(custom_argv, (size_t)custom_argc + 1,
724
sizeof(char *));
725
#else
726
char **new_argv = NULL;
727
if(((size_t)custom_argc + 1) > (SIZE_MAX / sizeof(char *))){
728
/* overflow */
729
errno = ENOMEM;
730
} else {
731
new_argv = realloc(custom_argv, ((size_t)custom_argc + 1)
732
* sizeof(char *));
733
}
734
#endif
735
if(new_argv == NULL){
736
error(0, errno, "reallocarray");
737
exitstatus = EX_OSERR;
738
free(new_arg);
739
free(org_line);
740
goto fallback;
741
} else {
742
custom_argv = new_argv;
743
}
744
}
745
custom_argv[custom_argc-1] = new_arg;
746
custom_argv[custom_argc] = NULL;
456
custom_argv = add_to_argv(custom_argv, &custom_argc, new_arg);
457
if (custom_argv == NULL){
458
perror("add_to_argv");
459
exitstatus = EXIT_FAILURE;
460
goto end;
461
}
747
462
}
748
463
}
749
do {
750
ret = fclose(conffp);
751
} while(ret == EOF and errno == EINTR);
752
if(ret == EOF){
753
error(0, errno, "fclose");
754
exitstatus = EX_IOERR;
755
goto fallback;
756
}
757
464
free(org_line);
758
} else {
465
} else{
759
466
/* Check for harmful errors and go to fallback. Other errors might
760
467
not affect opening plugins */
761
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
762
error(0, errno, "fopen");
763
exitstatus = EX_OSERR;
764
goto fallback;
468
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
469
perror("fopen");
470
exitstatus = EXIT_FAILURE;
471
goto end;
765
472
}
766
473
}
767
/* If there were any arguments from the configuration file, pass
768
them to parser as command line arguments */
474
769
475
if(custom_argv != NULL){
770
ret = argp_parse(&argp, custom_argc, custom_argv,
771
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
772
NULL, NULL);
773
switch(ret){
774
case 0:
775
break;
776
case ENOMEM:
777
default:
778
errno = ret;
779
error(0, errno, "argp_parse");
780
exitstatus = EX_OSERR;
781
goto fallback;
782
case EINVAL:
783
exitstatus = EX_CONFIG;
784
goto fallback;
785
}
786
}
787
788
/* Parse actual command line arguments, to let them override the
789
config file */
790
ret = argp_parse(&argp, argc, argv,
791
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
792
NULL, NULL);
793
switch(ret){
794
case 0:
795
break;
796
case ENOMEM:
797
default:
798
errno = ret;
799
error(0, errno, "argp_parse");
800
exitstatus = EX_OSERR;
801
goto fallback;
802
case EINVAL:
803
exitstatus = EX_USAGE;
804
goto fallback;
805
}
806
807
{
808
char *pluginhelperenv;
809
bool bret = true;
810
ret = asprintf(&pluginhelperenv, "MANDOSPLUGINHELPERDIR=%s",
811
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
812
if(ret != -1){
813
bret = add_environment(getplugin(NULL), pluginhelperenv, true);
814
}
815
if(ret == -1 or not bret){
816
error(0, errno, "Failed to set MANDOSPLUGINHELPERDIR"
817
" environment variable to \"%s\" for all plugins\n",
818
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
819
}
820
if(ret != -1){
821
free(pluginhelperenv);
476
custom_argv[0] = argv[0];
477
ret = argp_parse (&argp, custom_argc, custom_argv, 0, 0, &plugin_list);
478
if (ret == ARGP_ERR_UNKNOWN){
479
fprintf(stderr, "Unknown error while parsing arguments\n");
480
exitstatus = EXIT_FAILURE;
481
goto end;
822
482
}
823
483
}
824
484
825
485
if(debug){
826
for(plugin *p = plugin_list; p != NULL; p = p->next){
486
for(plugin *p = plugin_list; p != NULL; p=p->next){
827
487
fprintf(stderr, "Plugin: %s has %d arguments\n",
828
488
p->name ? p->name : "Global", p->argc - 1);
829
489
for(char **a = p->argv; *a != NULL; a++){
830
490
fprintf(stderr, "\tArg: %s\n", *a);
831
491
}
832
fprintf(stderr, "...and %d environment variables\n", p->envc);
492
fprintf(stderr, "...and %u environment variables\n", p->envc);
833
493
for(char **a = p->environ; *a != NULL; a++){
834
494
fprintf(stderr, "\t%s\n", *a);
835
495
}
836
496
}
837
497
}
838
498
839
if(getuid() == 0){
840
/* Work around Debian bug #633582:
841
<https://bugs.debian.org/633582> */
842
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
843
if(plugindir_fd == -1){
844
if(errno != ENOENT){
845
error(0, errno, "open(\"" PDIR "\")");
846
}
847
} else {
848
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
849
if(ret == -1){
850
error(0, errno, "fstat");
851
} else {
852
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
853
ret = fchown(plugindir_fd, uid, gid);
854
if(ret == -1){
855
error(0, errno, "fchown");
856
}
857
}
858
}
859
close(plugindir_fd);
860
}
861
}
862
863
/* Lower permissions */
864
ret = setgid(gid);
865
if(ret == -1){
866
error(0, errno, "setgid");
867
}
868
499
ret = setuid(uid);
869
if(ret == -1){
870
error(0, errno, "setuid");
871
}
872
873
/* Open plugin directory with close_on_exec flag */
500
if (ret == -1){
501
perror("setuid");
502
}
503
504
setgid(gid);
505
if (ret == -1){
506
perror("setgid");
507
}
508
509
dir = opendir(plugindir);
510
if(dir == NULL){
511
perror("Could not open plugin dir");
512
exitstatus = EXIT_FAILURE;
513
goto end;
514
}
515
516
/* Set the FD_CLOEXEC flag on the directory, if possible */
874
517
{
875
dir_fd = open(plugindir != NULL ? plugindir : PDIR, O_RDONLY |
876
#ifdef O_CLOEXEC
877
O_CLOEXEC
878
#else /* not O_CLOEXEC */
879
0
880
#endif /* not O_CLOEXEC */
881
);
882
if(dir_fd == -1){
883
error(0, errno, "Could not open plugin dir");
884
exitstatus = EX_UNAVAILABLE;
885
goto fallback;
886
}
887
888
#ifndef O_CLOEXEC
889
/* Set the FD_CLOEXEC flag on the directory */
890
ret = set_cloexec_flag(dir_fd);
891
if(ret < 0){
892
error(0, errno, "set_cloexec_flag");
893
exitstatus = EX_OSERR;
894
goto fallback;
895
}
896
#endif /* O_CLOEXEC */
897
}
898
899
int good_name(const struct dirent * const dirent){
900
const char * const patterns[] = { ".*", "#*#", "*~", "*.dpkg-new",
901
"*.dpkg-old", "*.dpkg-bak",
902
"*.dpkg-divert", NULL };
903
#ifdef __GNUC__
904
#pragma GCC diagnostic push
905
#pragma GCC diagnostic ignored "-Wcast-qual"
906
#endif
907
for(const char **pat = (const char **)patterns;
908
*pat != NULL; pat++){
909
#ifdef __GNUC__
910
#pragma GCC diagnostic pop
911
#endif
912
if(fnmatch(*pat, dirent->d_name, FNM_FILE_NAME | FNM_PERIOD)
913
!= FNM_NOMATCH){
914
if(debug){
915
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
916
" matching pattern %s\n", dirent->d_name, *pat);
917
}
918
return 0;
518
int dir_fd = dirfd(dir);
519
if(dir_fd >= 0){
520
ret = set_cloexec_flag(dir_fd);
521
if(ret < 0){
522
perror("set_cloexec_flag");
523
exitstatus = EXIT_FAILURE;
524
goto end;
919
525
}
920
526
}
921
return 1;
922
}
923
924
int numplugins = scandirat(dir_fd, ".", &direntries, good_name,
925
alphasort);
926
if(numplugins == -1){
927
error(0, errno, "Could not scan plugin dir");
928
direntries = NULL;
929
exitstatus = EX_OSERR;
930
goto fallback;
931
527
}
932
528
933
529
FD_ZERO(&rfds_all);
934
530
935
/* Read and execute any executable in the plugin directory*/
936
for(int i = 0; i < numplugins; i++){
937
938
int plugin_fd = openat(dir_fd, direntries[i]->d_name, O_RDONLY);
939
if(plugin_fd == -1){
940
error(0, errno, "Could not open plugin");
941
free(direntries[i]);
942
continue;
943
}
944
ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
945
if(ret == -1){
946
error(0, errno, "stat");
947
close(plugin_fd);
948
free(direntries[i]);
949
continue;
950
}
951
952
/* Ignore non-executable files */
953
if(not S_ISREG(st.st_mode)
954
or (TEMP_FAILURE_RETRY(faccessat(dir_fd, direntries[i]->d_name,
955
X_OK, 0)) != 0)){
531
while(true){
532
dirst = readdir(dir);
533
534
// All directory entries have been processed
535
if(dirst == NULL){
536
if (errno == EBADF){
537
perror("readdir");
538
exitstatus = EXIT_FAILURE;
539
goto end;
540
}
541
break;
542
}
543
544
d_name_len = strlen(dirst->d_name);
545
546
// Ignore dotfiles, backup files and other junk
547
{
548
bool bad_name = false;
549
550
const char const *bad_prefixes[] = { ".", "#", NULL };
551
552
const char const *bad_suffixes[] = { "~", "#", ".dpkg-new",
553
".dpkg-old",
554
".dpkg-divert", NULL };
555
for(const char **pre = bad_prefixes; *pre != NULL; pre++){
556
size_t pre_len = strlen(*pre);
557
if((d_name_len >= pre_len)
558
and strncmp((dirst->d_name), *pre, pre_len) == 0){
559
if(debug){
560
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
561
" with bad prefix %s\n", dirst->d_name, *pre);
562
}
563
bad_name = true;
564
break;
565
}
566
}
567
568
if(bad_name){
569
continue;
570
}
571
572
for(const char **suf = bad_suffixes; *suf != NULL; suf++){
573
size_t suf_len = strlen(*suf);
574
if((d_name_len >= suf_len)
575
and (strcmp((dirst->d_name)+d_name_len-suf_len, *suf)
576
== 0)){
577
if(debug){
578
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
579
" with bad suffix %s\n", dirst->d_name, *suf);
580
}
581
bad_name = true;
582
break;
583
}
584
}
585
586
if(bad_name){
587
continue;
588
}
589
}
590
591
char *filename;
592
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name);
593
if(ret < 0){
594
perror("asprintf");
595
continue;
596
}
597
598
ret = stat(filename, &st);
599
if (ret == -1){
600
perror("stat");
601
free(filename);
602
continue;
603
}
604
605
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){
956
606
if(debug){
957
fprintf(stderr, "Ignoring plugin dir entry \"%s/%s\""
958
" with bad type or mode\n",
959
plugindir != NULL ? plugindir : PDIR,
960
direntries[i]->d_name);
607
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
608
" with bad type or mode\n", filename);
961
609
}
962
close(plugin_fd);
963
free(direntries[i]);
610
free(filename);
964
611
continue;
965
612
}
966
967
plugin *p = getplugin(direntries[i]->d_name);
613
plugin *p = getplugin(dirst->d_name, &plugin_list);
968
614
if(p == NULL){
969
error(0, errno, "getplugin");
970
close(plugin_fd);
971
free(direntries[i]);
615
perror("getplugin");
616
free(filename);
972
617
continue;
973
618
}
974
619
if(p->disabled){
975
620
if(debug){
976
621
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
977
direntries[i]->d_name);
622
dirst->d_name);
978
623
}
979
close(plugin_fd);
980
free(direntries[i]);
624
free(filename);
981
625
continue;
982
626
}
983
627
{
984
628
/* Add global arguments to argument list for this plugin */
985
plugin *g = getplugin(NULL);
629
plugin *g = getplugin(NULL, &plugin_list);
986
630
if(g != NULL){
987
631
for(char **a = g->argv + 1; *a != NULL; a++){
988
632
if(not add_argument(p, *a)){
989
error(0, errno, "add_argument");
633
perror("add_argument");
990
634
}
991
635
}
992
636
/* Add global environment variables */
993
637
for(char **e = g->environ; *e != NULL; e++){
994
if(not add_environment(p, *e, false)){
995
error(0, errno, "add_environment");
638
if(not add_environment(p, *e)){
639
perror("add_environment");
996
640
}
997
641
}
998
642
}
999
643
}
1000
/* If this plugin has any environment variables, we need to
1001
duplicate the environment from this process, too. */
644
/* If this plugin has any environment variables, we will call
645
using execve and need to duplicate the environment from this
646
process, too. */
1002
647
if(p->environ[0] != NULL){
1003
648
for(char **e = environ; *e != NULL; e++){
1004
if(not add_environment(p, *e, false)){
1005
error(0, errno, "add_environment");
649
char *copy = strdup(*e);
650
if(copy == NULL){
651
perror("strdup");
652
continue;
653
}
654
if(not add_environment(p, copy)){
655
perror("add_environment");
1006
656
}
1007
657
}
1008
658
}
1009
659
1010
int pipefd[2];
1011
#ifndef O_CLOEXEC
1012
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
1013
#else /* O_CLOEXEC */
1014
ret = (int)TEMP_FAILURE_RETRY(pipe2(pipefd, O_CLOEXEC));
1015
#endif /* O_CLOEXEC */
1016
if(ret == -1){
1017
error(0, errno, "pipe");
1018
exitstatus = EX_OSERR;
1019
free(direntries[i]);
1020
goto fallback;
1021
}
1022
if(pipefd[0] >= FD_SETSIZE){
1023
fprintf(stderr, "pipe()[0] (%d) >= FD_SETSIZE (%d)", pipefd[0],
1024
FD_SETSIZE);
1025
close(pipefd[0]);
1026
close(pipefd[1]);
1027
exitstatus = EX_OSERR;
1028
free(direntries[i]);
1029
goto fallback;
1030
}
1031
#ifndef O_CLOEXEC
1032
/* Ask OS to automatic close the pipe on exec */
660
int pipefd[2];
661
ret = pipe(pipefd);
662
if (ret == -1){
663
perror("pipe");
664
exitstatus = EXIT_FAILURE;
665
goto end;
666
}
1033
667
ret = set_cloexec_flag(pipefd[0]);
1034
668
if(ret < 0){
1035
error(0, errno, "set_cloexec_flag");
1036
close(pipefd[0]);
1037
close(pipefd[1]);
1038
exitstatus = EX_OSERR;
1039
free(direntries[i]);
1040
goto fallback;
669
perror("set_cloexec_flag");
670
exitstatus = EXIT_FAILURE;
671
goto end;
1041
672
}
1042
673
ret = set_cloexec_flag(pipefd[1]);
1043
674
if(ret < 0){
1044
error(0, errno, "set_cloexec_flag");
1045
close(pipefd[0]);
1046
close(pipefd[1]);
1047
exitstatus = EX_OSERR;
1048
free(direntries[i]);
1049
goto fallback;
675
perror("set_cloexec_flag");
676
exitstatus = EXIT_FAILURE;
677
goto end;
1050
678
}
1051
#endif /* not O_CLOEXEC */
1052
679
/* Block SIGCHLD until process is safely in process list */
1053
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
1054
&sigchld_action.sa_mask,
1055
NULL));
680
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1056
681
if(ret < 0){
1057
error(0, errno, "sigprocmask");
1058
exitstatus = EX_OSERR;
1059
free(direntries[i]);
1060
goto fallback;
682
perror("sigprocmask");
683
exitstatus = EXIT_FAILURE;
684
goto end;
1061
685
}
1062
/* Starting a new process to be watched */
1063
pid_t pid;
1064
do {
1065
pid = fork();
1066
} while(pid == -1 and errno == EINTR);
686
// Starting a new process to be watched
687
pid_t pid = fork();
1067
688
if(pid == -1){
1068
error(0, errno, "fork");
1069
TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1070
&sigchld_action.sa_mask, NULL));
1071
close(pipefd[0]);
1072
close(pipefd[1]);
1073
exitstatus = EX_OSERR;
1074
free(direntries[i]);
1075
goto fallback;
689
perror("fork");
690
exitstatus = EXIT_FAILURE;
691
goto end;
1076
692
}
1077
693
if(pid == 0){
1078
694
/* this is the child process */
1079
695
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1080
696
if(ret < 0){
1081
error(0, errno, "sigaction");
1082
_exit(EX_OSERR);
697
perror("sigaction");
698
_exit(EXIT_FAILURE);
1083
699
}
1084
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
700
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1085
701
if(ret < 0){
1086
error(0, errno, "sigprocmask");
1087
_exit(EX_OSERR);
702
perror("sigprocmask");
703
_exit(EXIT_FAILURE);
1088
704
}
1089
705
1090
706
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
1091
707
if(ret == -1){
1092
error(0, errno, "dup2");
1093
_exit(EX_OSERR);
708
perror("dup2");
709
_exit(EXIT_FAILURE);
1094
710
}
1095
711
1096
if(fexecve(plugin_fd, p->argv,
1097
(p->environ[0] != NULL) ? p->environ : environ) < 0){
1098
error(0, errno, "fexecve for %s/%s",
1099
plugindir != NULL ? plugindir : PDIR,
1100
direntries[i]->d_name);
1101
_exit(EX_OSERR);
712
if(dirfd(dir) < 0){
713
/* If dir has no file descriptor, we could not set FD_CLOEXEC
714
above and must now close it manually here. */
715
closedir(dir);
716
}
717
if(p->environ[0] == NULL){
718
if(execv(filename, p->argv) < 0){
719
perror("execv");
720
_exit(EXIT_FAILURE);
721
}
722
} else {
723
if(execve(filename, p->argv, p->environ) < 0){
724
perror("execve");
725
_exit(EXIT_FAILURE);
726
}
1102
727
}
1103
728
/* no return */
1104
729
}
1105
/* Parent process */
1106
close(pipefd[1]); /* Close unused write end of pipe */
1107
close(plugin_fd);
1108
plugin *new_plugin = getplugin(direntries[i]->d_name);
1109
if(new_plugin == NULL){
1110
error(0, errno, "getplugin");
1111
ret = (int)(TEMP_FAILURE_RETRY
1112
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1113
NULL)));
730
/* parent process */
731
free(filename);
732
close(pipefd[1]); /* close unused write end of pipe */
733
process *new_process = malloc(sizeof(process));
734
if (new_process == NULL){
735
perror("malloc");
736
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1114
737
if(ret < 0){
1115
error(0, errno, "sigprocmask");
738
perror("sigprocmask");
1116
739
}
1117
exitstatus = EX_OSERR;
1118
free(direntries[i]);
1119
goto fallback;
740
exitstatus = EXIT_FAILURE;
741
goto end;
1120
742
}
1121
free(direntries[i]);
1122
743
1123
new_plugin->pid = pid;
1124
new_plugin->fd = pipefd[0];
1125
1126
if(debug){
1127
fprintf(stderr, "Plugin %s started (PID %" PRIdMAX ")\n",
1128
new_plugin->name, (intmax_t) (new_plugin->pid));
1129
}
1130
744
*new_process = (struct process){ .pid = pid,
745
.fd = pipefd[0],
746
.next = process_list };
747
// List handling
748
process_list = new_process;
1131
749
/* Unblock SIGCHLD so signal handler can be run if this process
1132
750
has already completed */
1133
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1134
&sigchld_action.sa_mask,
1135
NULL));
751
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1136
752
if(ret < 0){
1137
error(0, errno, "sigprocmask");
1138
exitstatus = EX_OSERR;
1139
goto fallback;
1140
}
1141
1142
FD_SET(new_plugin->fd, &rfds_all);
1143
1144
if(maxfd < new_plugin->fd){
1145
maxfd = new_plugin->fd;
1146
}
1147
}
1148
1149
free(direntries);
1150
direntries = NULL;
1151
close(dir_fd);
1152
dir_fd = -1;
1153
free_plugin(getplugin(NULL));
1154
1155
for(plugin *p = plugin_list; p != NULL; p = p->next){
1156
if(p->pid != 0){
1157
break;
1158
}
1159
if(p->next == NULL){
1160
fprintf(stderr, "No plugin processes started. Incorrect plugin"
1161
" directory?\n");
1162
free_plugin_list();
1163
}
1164
}
1165
1166
/* Main loop while running plugins exist */
1167
while(plugin_list){
753
perror("sigprocmask");
754
exitstatus = EXIT_FAILURE;
755
goto end;
756
}
757
758
FD_SET(new_process->fd, &rfds_all);
759
760
if (maxfd < new_process->fd){
761
maxfd = new_process->fd;
762
}
763
764
}
765
766
/* Free the plugin list */
767
for(plugin *next; plugin_list != NULL; plugin_list = next){
768
next = plugin_list->next;
769
free(plugin_list->argv);
770
if(plugin_list->environ[0] != NULL){
771
for(char **e = plugin_list->environ; *e != NULL; e++){
772
free(*e);
773
}
774
}
775
free(plugin_list);
776
}
777
778
closedir(dir);
779
dir = NULL;
780
781
if (process_list == NULL){
782
fprintf(stderr, "No plugin processes started. Incorrect plugin"
783
" directory?\n");
784
process_list = NULL;
785
}
786
while(process_list){
1168
787
fd_set rfds = rfds_all;
1169
788
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
1170
if(select_ret == -1 and errno != EINTR){
1171
error(0, errno, "select");
1172
exitstatus = EX_OSERR;
1173
goto fallback;
789
if (select_ret == -1){
790
perror("select");
791
exitstatus = EXIT_FAILURE;
792
goto end;
1174
793
}
1175
794
/* OK, now either a process completed, or something can be read
1176
795
from one of them */
1177
for(plugin *proc = plugin_list; proc != NULL;){
796
for(process *proc = process_list; proc ; proc = proc->next){
1178
797
/* Is this process completely done? */
1179
if(proc->completed and proc->eof){
798
if(proc->eof and proc->completed){
1180
799
/* Only accept the plugin output if it exited cleanly */
1181
800
if(not WIFEXITED(proc->status)
1182
801
or WEXITSTATUS(proc->status) != 0){
1183
802
/* Bad exit by plugin */
1184
1185
803
if(debug){
1186
804
if(WIFEXITED(proc->status)){
1187
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1188
" status %d\n", proc->name,
1189
(intmax_t) (proc->pid),
805
fprintf(stderr, "Plugin %u exited with status %d\n",
806
(unsigned int) (proc->pid),
1190
807
WEXITSTATUS(proc->status));
1191
} else if(WIFSIGNALED(proc->status)){
1192
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1193
" signal %d: %s\n", proc->name,
1194
(intmax_t) (proc->pid),
1195
WTERMSIG(proc->status),
1196
strsignal(WTERMSIG(proc->status)));
808
} else if(WIFSIGNALED(proc->status)) {
809
fprintf(stderr, "Plugin %u killed by signal %d\n",
810
(unsigned int) (proc->pid),
811
WTERMSIG(proc->status));
812
} else if(WCOREDUMP(proc->status)){
813
fprintf(stderr, "Plugin %d dumped core\n",
814
(unsigned int) (proc->pid));
1197
815
}
1198
816
}
1199
1200
817
/* Remove the plugin */
1201
818
FD_CLR(proc->fd, &rfds_all);
1202
1203
819
/* Block signal while modifying process_list */
1204
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1205
(SIG_BLOCK,
1206
&sigchld_action.sa_mask,
1207
NULL));
820
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1208
821
if(ret < 0){
1209
error(0, errno, "sigprocmask");
1210
exitstatus = EX_OSERR;
1211
goto fallback;
1212
}
1213
1214
plugin *next_plugin = proc->next;
1215
free_plugin(proc);
1216
proc = next_plugin;
1217
822
perror("sigprocmask");
823
exitstatus = EXIT_FAILURE;
824
goto end;
825
}
826
/* Delete this process entry from the list */
827
if(process_list == proc){
828
/* First one - simple */
829
process_list = proc->next;
830
} else {
831
/* Second one or later */
832
for(process *p = process_list; p != NULL; p = p->next){
833
if(p->next == proc){
834
p->next = proc->next;
835
break;
836
}
837
}
838
}
1218
839
/* We are done modifying process list, so unblock signal */
1219
ret = (int)(TEMP_FAILURE_RETRY
1220
(sigprocmask(SIG_UNBLOCK,
1221
&sigchld_action.sa_mask, NULL)));
840
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask,
841
NULL);
1222
842
if(ret < 0){
1223
error(0, errno, "sigprocmask");
1224
exitstatus = EX_OSERR;
1225
goto fallback;
1226
}
1227
1228
if(plugin_list == NULL){
1229
break;
1230
}
1231
1232
continue;
843
perror("sigprocmask");
844
}
845
free(proc->buffer);
846
free(proc);
847
/* We deleted this process from the list, so we can't go
848
proc->next. Therefore, start over from the beginning of
849
the process list */
850
break;
1233
851
}
1234
1235
852
/* This process exited nicely, so print its buffer */
1236
1237
bool bret = print_out_password(proc->buffer,
1238
proc->buffer_length);
853
854
bool bret = print_out_password(proc->buffer, proc->buffer_length);
1239
855
if(not bret){
1240
error(0, errno, "print_out_password");
1241
exitstatus = EX_IOERR;
856
perror("print_out_password");
857
exitstatus = EXIT_FAILURE;
1242
858
}
1243
goto fallback;
859
goto end;
1244
860
}
1245
1246
861
/* This process has not completed. Does it have any output? */
1247
862
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){
1248
863
/* This process had nothing to say at this time */
1249
proc = proc->next;
1250
864
continue;
1251
865
}
1252
866
/* Before reading, make the process' data buffer large enough */
1253
867
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1254
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1255
+ (size_t) BUFFER_SIZE);
1256
if(new_buffer == NULL){
1257
error(0, errno, "malloc");
1258
exitstatus = EX_OSERR;
1259
goto fallback;
868
proc->buffer = realloc(proc->buffer, proc->buffer_size
869
+ (size_t) BUFFER_SIZE);
870
if (proc->buffer == NULL){
871
perror("malloc");
872
exitstatus = EXIT_FAILURE;
873
goto end;
1260
874
}
1261
proc->buffer = new_buffer;
1262
875
proc->buffer_size += BUFFER_SIZE;
1263
876
}
1264
877
/* Read from the process */
1265
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1266
proc->buffer
1267
+ proc->buffer_length,
1268
BUFFER_SIZE));
1269
if(sret < 0){
878
ret = read(proc->fd, proc->buffer + proc->buffer_length,
879
BUFFER_SIZE);
880
if(ret < 0){
1270
881
/* Read error from this process; ignore the error */
1271
proc = proc->next;
1272
882
continue;
1273
883
}
1274
if(sret == 0){
884
if(ret == 0){
1275
885
/* got EOF */
1276
886
proc->eof = true;
1277
887
} else {
1278
proc->buffer_length += (size_t) sret;
888
proc->buffer_length += (size_t) ret;
1279
889
}
1280
890
}
1281
891
}
1282
1283
1284
fallback:
1285
1286
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1287
and exitstatus != EX_OK)){
1288
/* Fallback if all plugins failed, none are found or an error
1289
occured */
892
893
894
end:
895
896
if(process_list == NULL or exitstatus != EXIT_SUCCESS){
897
/* Fallback if all plugins failed, none are found or an error occured */
1290
898
bool bret;
1291
899
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
1292
900
char *passwordbuffer = getpass("Password: ");
1293
size_t len = strlen(passwordbuffer);
1294
/* Strip trailing newline */
1295
if(len > 0 and passwordbuffer[len-1] == '\n'){
1296
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1297
len--;
1298
}
1299
bret = print_out_password(passwordbuffer, len);
901
bret = print_out_password(passwordbuffer, strlen(passwordbuffer));
1300
902
if(not bret){
1301
error(0, errno, "print_out_password");
1302
exitstatus = EX_IOERR;
903
perror("print_out_password");
904
exitstatus = EXIT_FAILURE;
905
goto end;
1303
906
}
1304
907
}
1305
908
1306
909
/* Restore old signal handler */
1307
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1308
if(ret == -1){
1309
error(0, errno, "sigaction");
1310
exitstatus = EX_OSERR;
1311
}
1312
1313
if(custom_argv != NULL){
1314
for(char **arg = custom_argv+1; *arg != NULL; arg++){
1315
free(*arg);
1316
}
1317
free(custom_argv);
1318
}
1319
1320
free(direntries);
1321
1322
if(dir_fd != -1){
1323
close(dir_fd);
1324
}
1325
1326
/* Kill the processes */
1327
for(plugin *p = plugin_list; p != NULL; p = p->next){
1328
if(p->pid != 0){
1329
close(p->fd);
1330
ret = kill(p->pid, SIGTERM);
1331
if(ret == -1 and errno != ESRCH){
1332
/* Set-uid proccesses might not get closed */
1333
error(0, errno, "kill");
910
sigaction(SIGCHLD, &old_sigchld_action, NULL);
911
912
free(custom_argv);
913
914
/* Free the plugin list */
915
for(plugin *next; plugin_list != NULL; plugin_list = next){
916
next = plugin_list->next;
917
free(plugin_list->argv);
918
if(plugin_list->environ[0] != NULL){
919
for(char **e = plugin_list->environ; *e != NULL; e++){
920
free(*e);
1334
921
}
1335
922
}
923
free(plugin_list->environ);
924
free(plugin_list);
925
}
926
927
if(dir != NULL){
928
closedir(dir);
929
}
930
931
/* Free the process list and kill the processes */
932
for(process *next; process_list != NULL; process_list = next){
933
next = process_list->next;
934
close(process_list->fd);
935
ret = kill(process_list->pid, SIGTERM);
936
if(ret == -1 and errno != ESRCH){
937
/* set-uid proccesses migth not get closed */
938
perror("kill");
939
}
940
free(process_list->buffer);
941
free(process_list);
1336
942
}
1337
943
1338
944
/* Wait for any remaining child processes to terminate */
1339
do {
945
do{
1340
946
ret = wait(NULL);
1341
947
} while(ret >= 0);
1342
948
if(errno != ECHILD){
1343
error(0, errno, "wait");
949
perror("wait");
1344
950
}
1345
951
1346
free_plugin_list();
1347
1348
free(plugindir);
1349
free(pluginhelperdir);
1350
free(argfile);
1351
1352
952
return exitstatus;
1353
953
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0