To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugin-runner.c
- browse files at revision 833
- compare with another revision
- download diff
- download tarball
- view history from revision 833
- Committer: Teddy Hogeborn
- Date: 2016-03-17 20:40:55 UTC
- Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.
Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2. This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.
* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
allocating new_argv. Also tolerate a zero-length argv.
Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2. This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.
* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
allocating new_argv. Also tolerate a zero-length argv.
- files added:
- DBUS-API
- debian/po
- debian/source
- debian/upstream
- network-hooks.d
- plugin-helpers
- files removed:
- etc-plugins.d-README
- files modified:
- .bzrignore
added
removed
plugin-runner.c
1
/* -*- coding: utf-8 -*- */
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
2
/*
3
3
* Mandos plugin runner - Run Mandos plugins
4
4
*
5
* Copyright © 2007-2008 Teddy Hogeborn & Björn Påhlsson
5
* Copyright © 2008-2016 Teddy Hogeborn
6
* Copyright © 2008-2016 Björn Påhlsson
6
7
*
7
8
* This program is free software: you can redistribute it and/or
8
9
* modify it under the terms of the GNU General Public License as
18
19
* along with this program. If not, see
19
20
* <http://www.gnu.org/licenses/>.
20
21
*
21
* Contact the authors at <mandos@fukt.bsnet.se>.
22
* Contact the authors at <mandos@recompile.se>.
22
23
*/
23
24
24
25
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
25
asprintf() */
26
O_CLOEXEC, pipe2() */
26
27
#include <stddef.h> /* size_t, NULL */
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
28
EXIT_SUCCESS, realloc() */
28
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
29
realloc() */
29
30
#include <stdbool.h> /* bool, true, false */
30
#include <stdio.h> /* perror, popen(), fileno(),
31
fprintf(), stderr, STDOUT_FILENO */
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
33
stat, waitpid(), WIFEXITED(),
34
WEXITSTATUS(), wait(), pid_t,
35
uid_t, gid_t, getuid(), getgid(),
36
dirfd() */
31
#include <stdio.h> /* fileno(), fprintf(),
32
stderr, STDOUT_FILENO, fclose() */
33
#include <sys/types.h> /* fstat(), struct stat, waitpid(),
34
WIFEXITED(), WEXITSTATUS(), wait(),
35
pid_t, uid_t, gid_t, getuid(),
36
getgid() */
37
37
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
38
38
FD_SET(), FD_ISSET(), FD_CLR */
39
39
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
40
WEXITSTATUS() */
41
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
40
WEXITSTATUS(), WTERMSIG(),
41
WCOREDUMP() */
42
#include <sys/stat.h> /* struct stat, fstat(), S_ISREG() */
42
43
#include <iso646.h> /* and, or, not */
43
#include <dirent.h> /* DIR, struct dirent, opendir(),
44
readdir(), closedir(), dirfd() */
45
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
46
fcntl(), setuid(), setgid(),
47
F_GETFD, F_SETFD, FD_CLOEXEC,
48
access(), pipe(), fork(), close()
49
dup2, STDOUT_FILENO, _exit(),
50
execv(), write(), read(),
51
close() */
44
#include <dirent.h> /* struct dirent, scandirat() */
45
#include <unistd.h> /* fcntl(), F_GETFD, F_SETFD,
46
FD_CLOEXEC, write(), STDOUT_FILENO,
47
struct stat, fstat(), close(),
48
setgid(), setuid(), S_ISREG(),
49
faccessat() pipe2(), fork(),
50
_exit(), dup2(), fexecve(), read()
51
*/
52
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
53
FD_CLOEXEC */
54
#include <string.h> /* strsep, strlen(), asprintf() */
53
FD_CLOEXEC, openat(), scandirat(),
54
pipe2() */
55
#include <string.h> /* strsep, strlen(), strsignal(),
56
strcmp(), strncmp() */
55
57
#include <errno.h> /* errno */
56
58
#include <argp.h> /* struct argp_option, struct
57
59
argp_state, struct argp,
61
63
#include <signal.h> /* struct sigaction, sigemptyset(),
62
64
sigaddset(), sigaction(),
63
65
sigprocmask(), SIG_BLOCK, SIGCHLD,
64
SIG_UNBLOCK, kill() */
66
SIG_UNBLOCK, kill(), sig_atomic_t
67
*/
65
68
#include <errno.h> /* errno, EBADF */
69
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
70
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
71
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
72
#include <errno.h> /* errno */
73
#include <error.h> /* error() */
74
#include <fnmatch.h> /* fnmatch() */
66
75
67
76
#define BUFFER_SIZE 256
68
77
69
78
#define PDIR "/lib/mandos/plugins.d"
79
#define PHDIR "/lib/mandos/plugin-helpers"
70
80
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
71
81
72
const char *argp_program_version = "plugin-runner 1.0";
73
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
82
const char *argp_program_version = "plugin-runner " VERSION;
83
const char *argp_program_bug_address = "<mandos@recompile.se>";
74
84
75
85
typedef struct plugin{
76
86
char *name; /* can be NULL or any plugin name */
79
89
char **environ;
80
90
int envc;
81
91
bool disabled;
82
92
83
93
/* Variables used for running processes*/
84
94
pid_t pid;
85
95
int fd;
87
97
size_t buffer_size;
88
98
size_t buffer_length;
89
99
bool eof;
90
volatile bool completed;
91
volatile int status;
100
volatile sig_atomic_t completed;
101
int status;
92
102
struct plugin *next;
93
103
} plugin;
94
104
96
106
97
107
/* Gets an existing plugin based on name,
98
108
or if none is found, creates a new one */
109
__attribute__((warn_unused_result))
99
110
static plugin *getplugin(char *name){
100
/* Check for exiting plugin with that name */
101
for (plugin *p = plugin_list; p != NULL; p = p->next){
102
if ((p->name == name)
103
or (p->name and name and (strcmp(p->name, name) == 0))){
111
/* Check for existing plugin with that name */
112
for(plugin *p = plugin_list; p != NULL; p = p->next){
113
if((p->name == name)
114
or (p->name and name and (strcmp(p->name, name) == 0))){
104
115
return p;
105
116
}
106
117
}
107
118
/* Create a new plugin */
108
plugin *new_plugin = malloc(sizeof(plugin));
109
if (new_plugin == NULL){
119
plugin *new_plugin = NULL;
120
do {
121
new_plugin = malloc(sizeof(plugin));
122
} while(new_plugin == NULL and errno == EINTR);
123
if(new_plugin == NULL){
110
124
return NULL;
111
125
}
112
126
char *copy_name = NULL;
113
127
if(name != NULL){
114
copy_name = strdup(name);
128
do {
129
copy_name = strdup(name);
130
} while(copy_name == NULL and errno == EINTR);
115
131
if(copy_name == NULL){
132
int e = errno;
133
free(new_plugin);
134
errno = e;
116
135
return NULL;
117
136
}
118
137
}
119
138
120
*new_plugin = (plugin) { .name = copy_name,
121
.argc = 1,
122
.disabled = false,
123
.next = plugin_list };
139
*new_plugin = (plugin){ .name = copy_name,
140
.argc = 1,
141
.disabled = false,
142
.next = plugin_list };
124
143
125
new_plugin->argv = malloc(sizeof(char *) * 2);
126
if (new_plugin->argv == NULL){
144
do {
145
new_plugin->argv = malloc(sizeof(char *) * 2);
146
} while(new_plugin->argv == NULL and errno == EINTR);
147
if(new_plugin->argv == NULL){
148
int e = errno;
127
149
free(copy_name);
128
150
free(new_plugin);
151
errno = e;
129
152
return NULL;
130
153
}
131
154
new_plugin->argv[0] = copy_name;
132
155
new_plugin->argv[1] = NULL;
133
156
134
new_plugin->environ = malloc(sizeof(char *));
157
do {
158
new_plugin->environ = malloc(sizeof(char *));
159
} while(new_plugin->environ == NULL and errno == EINTR);
135
160
if(new_plugin->environ == NULL){
161
int e = errno;
136
162
free(copy_name);
137
163
free(new_plugin->argv);
138
164
free(new_plugin);
165
errno = e;
139
166
return NULL;
140
167
}
141
168
new_plugin->environ[0] = NULL;
146
173
}
147
174
148
175
/* Helper function for add_argument and add_environment */
176
__attribute__((nonnull, warn_unused_result))
149
177
static bool add_to_char_array(const char *new, char ***array,
150
178
int *len){
151
179
/* Resize the pointed-to array to hold one more pointer */
152
*array = realloc(*array, sizeof(char *)
153
* (size_t) ((*len) + 2));
180
char **new_array = NULL;
181
do {
182
new_array = realloc(*array, sizeof(char *)
183
* (size_t) ((*len) + 2));
184
} while(new_array == NULL and errno == EINTR);
154
185
/* Malloc check */
155
if(*array == NULL){
186
if(new_array == NULL){
156
187
return false;
157
188
}
189
*array = new_array;
158
190
/* Make a copy of the new string */
159
char *copy = strdup(new);
191
char *copy;
192
do {
193
copy = strdup(new);
194
} while(copy == NULL and errno == EINTR);
160
195
if(copy == NULL){
161
196
return false;
162
197
}
169
204
}
170
205
171
206
/* Add to a plugin's argument vector */
207
__attribute__((nonnull(2), warn_unused_result))
172
208
static bool add_argument(plugin *p, const char *arg){
173
209
if(p == NULL){
174
210
return false;
177
213
}
178
214
179
215
/* Add to a plugin's environment */
216
__attribute__((nonnull(2), warn_unused_result))
180
217
static bool add_environment(plugin *p, const char *def, bool replace){
181
218
if(p == NULL){
182
219
return false;
184
221
/* namelen = length of name of environment variable */
185
222
size_t namelen = (size_t)(strchrnul(def, '=') - def);
186
223
/* Search for this environment variable */
187
for(char **e = p->environ; *e != NULL; e++){
188
if(strncmp(*e, def, namelen + 1) == 0){
224
for(char **envdef = p->environ; *envdef != NULL; envdef++){
225
if(strncmp(*envdef, def, namelen + 1) == 0){
189
226
/* It already exists */
190
227
if(replace){
191
char *new = realloc(*e, strlen(def) + 1);
192
if(new == NULL){
228
char *new_envdef;
229
do {
230
new_envdef = realloc(*envdef, strlen(def) + 1);
231
} while(new_envdef == NULL and errno == EINTR);
232
if(new_envdef == NULL){
193
233
return false;
194
234
}
195
*e = new;
196
strcpy(*e, def);
235
*envdef = new_envdef;
236
strcpy(*envdef, def);
197
237
}
198
238
return true;
199
239
}
201
241
return add_to_char_array(def, &(p->environ), &(p->envc));
202
242
}
203
243
244
#ifndef O_CLOEXEC
204
245
/*
205
246
* Based on the example in the GNU LibC manual chapter 13.13 "File
206
247
* Descriptor Flags".
207
* *Note File Descriptor Flags:(libc)Descriptor Flags.
248
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
208
249
*/
250
__attribute__((warn_unused_result))
209
251
static int set_cloexec_flag(int fd){
210
int ret = fcntl(fd, F_GETFD, 0);
252
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
211
253
/* If reading the flags failed, return error indication now. */
212
254
if(ret < 0){
213
255
return ret;
214
256
}
215
257
/* Store modified flag word in the descriptor. */
216
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
258
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
259
ret | FD_CLOEXEC));
217
260
}
261
#endif /* not O_CLOEXEC */
218
262
219
263
220
264
/* Mark processes as completed when they exit, and save their exit
221
265
status. */
222
266
static void handle_sigchld(__attribute__((unused)) int sig){
267
int old_errno = errno;
223
268
while(true){
224
269
plugin *proc = plugin_list;
225
270
int status;
229
274
break;
230
275
}
231
276
if(pid == -1){
232
if (errno != ECHILD){
233
perror("waitpid");
277
if(errno == ECHILD){
278
/* No child processes */
279
break;
234
280
}
235
/* No child processes */
236
break;
281
error(0, errno, "waitpid");
237
282
}
238
283
239
284
/* A child exited, find it in process_list */
245
290
continue;
246
291
}
247
292
proc->status = status;
248
proc->completed = true;
293
proc->completed = 1;
249
294
}
295
errno = old_errno;
250
296
}
251
297
252
298
/* Prints out a password to stdout */
299
__attribute__((nonnull, warn_unused_result))
253
300
static bool print_out_password(const char *buffer, size_t length){
254
301
ssize_t ret;
255
302
for(size_t written = 0; written < length; written += (size_t)ret){
263
310
}
264
311
265
312
/* Removes and free a plugin from the plugin list */
313
__attribute__((nonnull))
266
314
static void free_plugin(plugin *plugin_node){
267
315
268
316
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
274
322
}
275
323
free(plugin_node->environ);
276
324
free(plugin_node->buffer);
277
325
278
326
/* Removes the plugin from the singly-linked list */
279
327
if(plugin_node == plugin_list){
280
328
/* First one - simple */
300
348
301
349
int main(int argc, char *argv[]){
302
350
char *plugindir = NULL;
351
char *pluginhelperdir = NULL;
303
352
char *argfile = NULL;
304
353
FILE *conffp;
305
size_t d_name_len;
306
DIR *dir = NULL;
307
struct dirent *dirst;
354
struct dirent **direntries = NULL;
308
355
struct stat st;
309
356
fd_set rfds_all;
310
357
int ret, maxfd = 0;
358
ssize_t sret;
311
359
uid_t uid = 65534;
312
360
gid_t gid = 65534;
313
361
bool debug = false;
317
365
.sa_flags = SA_NOCLDSTOP };
318
366
char **custom_argv = NULL;
319
367
int custom_argc = 0;
368
int dir_fd = -1;
320
369
321
370
/* Establish a signal handler */
322
371
sigemptyset(&sigchld_action.sa_mask);
323
372
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
324
373
if(ret == -1){
325
perror("sigaddset");
326
exitstatus = EXIT_FAILURE;
374
error(0, errno, "sigaddset");
375
exitstatus = EX_OSERR;
327
376
goto fallback;
328
377
}
329
378
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
330
379
if(ret == -1){
331
perror("sigaction");
332
exitstatus = EXIT_FAILURE;
380
error(0, errno, "sigaction");
381
exitstatus = EX_OSERR;
333
382
goto fallback;
334
383
}
335
384
367
416
.doc = "Group ID the plugins will run as", .group = 3 },
368
417
{ .name = "debug", .key = 132,
369
418
.doc = "Debug mode", .group = 4 },
419
{ .name = "plugin-helper-dir", .key = 133,
420
.arg = "DIRECTORY",
421
.doc = "Specify a different plugin helper directory",
422
.group = 2 },
423
/*
424
* These reproduce what we would get without ARGP_NO_HELP
425
*/
426
{ .name = "help", .key = '?',
427
.doc = "Give this help list", .group = -1 },
428
{ .name = "usage", .key = -3,
429
.doc = "Give a short usage message", .group = -1 },
430
{ .name = "version", .key = 'V',
431
.doc = "Print program version", .group = -1 },
370
432
{ .name = NULL }
371
433
};
372
434
373
error_t parse_opt (int key, char *arg, __attribute__((unused))
374
struct argp_state *state) {
375
switch (key) {
435
__attribute__((nonnull(3)))
436
error_t parse_opt(int key, char *arg, struct argp_state *state){
437
errno = 0;
438
switch(key){
439
char *tmp;
440
intmax_t tmp_id;
376
441
case 'g': /* --global-options */
377
if (arg != NULL){
378
char *p;
379
while((p = strsep(&arg, ",")) != NULL){
380
if(p[0] == '\0'){
381
continue;
382
}
383
if(not add_argument(getplugin(NULL), p)){
384
perror("add_argument");
385
return ARGP_ERR_UNKNOWN;
442
{
443
char *plugin_option;
444
while((plugin_option = strsep(&arg, ",")) != NULL){
445
if(not add_argument(getplugin(NULL), plugin_option)){
446
break;
386
447
}
387
448
}
449
errno = 0;
388
450
}
389
451
break;
390
452
case 'G': /* --global-env */
391
if(arg == NULL){
392
break;
393
}
394
if(not add_environment(getplugin(NULL), arg, true)){
395
perror("add_environment");
453
if(add_environment(getplugin(NULL), arg, true)){
454
errno = 0;
396
455
}
397
456
break;
398
457
case 'o': /* --options-for */
399
if (arg != NULL){
400
char *p_name = strsep(&arg, ":");
401
if(p_name[0] == '\0' or arg == NULL){
402
break;
403
}
404
char *opt = strsep(&arg, ":");
405
if(opt[0] == '\0' or opt == NULL){
406
break;
407
}
408
char *p;
409
while((p = strsep(&opt, ",")) != NULL){
410
if(p[0] == '\0'){
411
continue;
412
}
413
if(not add_argument(getplugin(p_name), p)){
414
perror("add_argument");
415
return ARGP_ERR_UNKNOWN;
416
}
417
}
458
{
459
char *option_list = strchr(arg, ':');
460
if(option_list == NULL){
461
argp_error(state, "No colon in \"%s\"", arg);
462
errno = EINVAL;
463
break;
464
}
465
*option_list = '\0';
466
option_list++;
467
if(arg[0] == '\0'){
468
argp_error(state, "Empty plugin name");
469
errno = EINVAL;
470
break;
471
}
472
char *option;
473
while((option = strsep(&option_list, ",")) != NULL){
474
if(not add_argument(getplugin(arg), option)){
475
break;
476
}
477
}
478
errno = 0;
418
479
}
419
480
break;
420
481
case 'E': /* --env-for */
421
if(arg == NULL){
422
break;
423
}
424
482
{
425
483
char *envdef = strchr(arg, ':');
426
484
if(envdef == NULL){
485
argp_error(state, "No colon in \"%s\"", arg);
486
errno = EINVAL;
427
487
break;
428
488
}
429
489
*envdef = '\0';
430
if(not add_environment(getplugin(arg), envdef+1, true)){
431
perror("add_environment");
490
envdef++;
491
if(arg[0] == '\0'){
492
argp_error(state, "Empty plugin name");
493
errno = EINVAL;
494
break;
495
}
496
if(add_environment(getplugin(arg), envdef, true)){
497
errno = 0;
432
498
}
433
499
}
434
500
break;
435
501
case 'd': /* --disable */
436
if (arg != NULL){
502
{
437
503
plugin *p = getplugin(arg);
438
if(p == NULL){
439
return ARGP_ERR_UNKNOWN;
504
if(p != NULL){
505
p->disabled = true;
506
errno = 0;
440
507
}
441
p->disabled = true;
442
508
}
443
509
break;
444
510
case 'e': /* --enable */
445
if (arg != NULL){
511
{
446
512
plugin *p = getplugin(arg);
447
if(p == NULL){
448
return ARGP_ERR_UNKNOWN;
513
if(p != NULL){
514
p->disabled = false;
515
errno = 0;
449
516
}
450
p->disabled = false;
451
517
}
452
518
break;
453
519
case 128: /* --plugin-dir */
454
520
free(plugindir);
455
521
plugindir = strdup(arg);
456
if(plugindir == NULL){
457
perror("strdup");
458
}
522
if(plugindir != NULL){
523
errno = 0;
524
}
459
525
break;
460
526
case 129: /* --config-file */
461
527
/* This is already done by parse_opt_config_file() */
462
528
break;
463
529
case 130: /* --userid */
464
uid = (uid_t)strtol(arg, NULL, 10);
530
tmp_id = strtoimax(arg, &tmp, 10);
531
if(errno != 0 or tmp == arg or *tmp != '\0'
532
or tmp_id != (uid_t)tmp_id){
533
argp_error(state, "Bad user ID number: \"%s\", using %"
534
PRIdMAX, arg, (intmax_t)uid);
535
break;
536
}
537
uid = (uid_t)tmp_id;
538
errno = 0;
465
539
break;
466
540
case 131: /* --groupid */
467
gid = (gid_t)strtol(arg, NULL, 10);
541
tmp_id = strtoimax(arg, &tmp, 10);
542
if(errno != 0 or tmp == arg or *tmp != '\0'
543
or tmp_id != (gid_t)tmp_id){
544
argp_error(state, "Bad group ID number: \"%s\", using %"
545
PRIdMAX, arg, (intmax_t)gid);
546
break;
547
}
548
gid = (gid_t)tmp_id;
549
errno = 0;
468
550
break;
469
551
case 132: /* --debug */
470
552
debug = true;
471
553
break;
554
case 133: /* --plugin-helper-dir */
555
free(pluginhelperdir);
556
pluginhelperdir = strdup(arg);
557
if(pluginhelperdir != NULL){
558
errno = 0;
559
}
560
break;
561
/*
562
* These reproduce what we would get without ARGP_NO_HELP
563
*/
564
case '?': /* --help */
565
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
566
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
567
case -3: /* --usage */
568
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
569
argp_state_help(state, state->out_stream,
570
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
571
case 'V': /* --version */
572
fprintf(state->out_stream, "%s\n", argp_program_version);
573
exit(EXIT_SUCCESS);
574
break;
575
/*
576
* When adding more options before this line, remember to also add a
577
* "case" to the "parse_opt_config_file" function below.
578
*/
472
579
case ARGP_KEY_ARG:
473
580
/* Cryptsetup always passes an argument, which is an empty
474
581
string if "none" was specified in /etc/crypttab. So if
475
582
argument was empty, we ignore it silently. */
476
if(arg[0] != '\0'){
477
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
583
if(arg[0] == '\0'){
584
break;
478
585
}
479
break;
480
case ARGP_KEY_END:
481
break;
482
586
default:
483
587
return ARGP_ERR_UNKNOWN;
484
588
}
485
return 0;
589
return errno; /* Set to 0 at start */
486
590
}
487
591
488
592
/* This option parser is the same as parse_opt() above, except it
489
593
ignores everything but the --config-file option. */
490
error_t parse_opt_config_file (int key, char *arg,
491
__attribute__((unused))
492
struct argp_state *state) {
493
switch (key) {
594
error_t parse_opt_config_file(int key, char *arg,
595
__attribute__((unused))
596
struct argp_state *state){
597
errno = 0;
598
switch(key){
494
599
case 'g': /* --global-options */
495
600
case 'G': /* --global-env */
496
601
case 'o': /* --options-for */
502
607
case 129: /* --config-file */
503
608
free(argfile);
504
609
argfile = strdup(arg);
505
if(argfile == NULL){
506
perror("strdup");
610
if(argfile != NULL){
611
errno = 0;
507
612
}
508
break;
613
break;
509
614
case 130: /* --userid */
510
615
case 131: /* --groupid */
511
616
case 132: /* --debug */
617
case 133: /* --plugin-helper-dir */
618
case '?': /* --help */
619
case -3: /* --usage */
620
case 'V': /* --version */
512
621
case ARGP_KEY_ARG:
513
case ARGP_KEY_END:
514
622
break;
515
623
default:
516
624
return ARGP_ERR_UNKNOWN;
517
625
}
518
return 0;
626
return errno;
519
627
}
520
628
521
629
struct argp argp = { .options = options,
523
631
.args_doc = "",
524
632
.doc = "Mandos plugin runner -- Run plugins" };
525
633
526
/* Parse using the parse_opt_config_file in order to get the custom
634
/* Parse using parse_opt_config_file() in order to get the custom
527
635
config file location, if any. */
528
ret = argp_parse (&argp, argc, argv, ARGP_IN_ORDER, 0, NULL);
529
if (ret == ARGP_ERR_UNKNOWN){
530
fprintf(stderr, "Unknown error while parsing arguments\n");
531
exitstatus = EXIT_FAILURE;
636
ret = argp_parse(&argp, argc, argv,
637
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
638
NULL, NULL);
639
switch(ret){
640
case 0:
641
break;
642
case ENOMEM:
643
default:
644
errno = ret;
645
error(0, errno, "argp_parse");
646
exitstatus = EX_OSERR;
647
goto fallback;
648
case EINVAL:
649
exitstatus = EX_USAGE;
532
650
goto fallback;
533
651
}
534
652
536
654
argp.parser = parse_opt;
537
655
538
656
/* Open the configfile if available */
539
if (argfile == NULL){
657
if(argfile == NULL){
540
658
conffp = fopen(AFILE, "r");
541
659
} else {
542
660
conffp = fopen(argfile, "r");
543
}
661
}
544
662
if(conffp != NULL){
545
663
char *org_line = NULL;
546
664
char *p, *arg, *new_arg, *line;
547
665
size_t size = 0;
548
ssize_t sret;
549
666
const char whitespace_delims[] = " \r\t\f\v\n";
550
667
const char comment_delim[] = "#";
551
668
552
669
custom_argc = 1;
553
670
custom_argv = malloc(sizeof(char*) * 2);
554
671
if(custom_argv == NULL){
555
perror("malloc");
556
exitstatus = EXIT_FAILURE;
672
error(0, errno, "malloc");
673
exitstatus = EX_OSERR;
557
674
goto fallback;
558
675
}
559
676
custom_argv[0] = argv[0];
560
677
custom_argv[1] = NULL;
561
678
562
679
/* for each line in the config file, strip whitespace and ignore
563
680
commented text */
564
681
while(true){
566
683
if(sret == -1){
567
684
break;
568
685
}
569
686
570
687
line = org_line;
571
688
arg = strsep(&line, comment_delim);
572
689
while((p = strsep(&arg, whitespace_delims)) != NULL){
575
692
}
576
693
new_arg = strdup(p);
577
694
if(new_arg == NULL){
578
perror("strdup");
579
exitstatus = EXIT_FAILURE;
695
error(0, errno, "strdup");
696
exitstatus = EX_OSERR;
580
697
free(org_line);
581
698
goto fallback;
582
699
}
583
700
584
701
custom_argc += 1;
585
custom_argv = realloc(custom_argv, sizeof(char *)
586
* ((unsigned int) custom_argc + 1));
587
if(custom_argv == NULL){
588
perror("realloc");
589
exitstatus = EXIT_FAILURE;
590
free(org_line);
591
goto fallback;
702
{
703
char **new_argv = realloc(custom_argv, sizeof(char *)
704
* ((size_t)custom_argc + 1));
705
if(new_argv == NULL){
706
error(0, errno, "realloc");
707
exitstatus = EX_OSERR;
708
free(new_arg);
709
free(org_line);
710
goto fallback;
711
} else {
712
custom_argv = new_argv;
713
}
592
714
}
593
715
custom_argv[custom_argc-1] = new_arg;
594
custom_argv[custom_argc] = NULL;
716
custom_argv[custom_argc] = NULL;
595
717
}
596
718
}
719
do {
720
ret = fclose(conffp);
721
} while(ret == EOF and errno == EINTR);
722
if(ret == EOF){
723
error(0, errno, "fclose");
724
exitstatus = EX_IOERR;
725
goto fallback;
726
}
597
727
free(org_line);
598
728
} else {
599
729
/* Check for harmful errors and go to fallback. Other errors might
600
730
not affect opening plugins */
601
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
602
perror("fopen");
603
exitstatus = EXIT_FAILURE;
731
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
732
error(0, errno, "fopen");
733
exitstatus = EX_OSERR;
604
734
goto fallback;
605
735
}
606
736
}
607
/* If there was any arguments from configuration file,
608
pass them to parser as command arguments */
737
/* If there were any arguments from the configuration file, pass
738
them to parser as command line arguments */
609
739
if(custom_argv != NULL){
610
ret = argp_parse (&argp, custom_argc, custom_argv, ARGP_IN_ORDER,
611
0, NULL);
612
if (ret == ARGP_ERR_UNKNOWN){
613
fprintf(stderr, "Unknown error while parsing arguments\n");
614
exitstatus = EXIT_FAILURE;
740
ret = argp_parse(&argp, custom_argc, custom_argv,
741
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
742
NULL, NULL);
743
switch(ret){
744
case 0:
745
break;
746
case ENOMEM:
747
default:
748
errno = ret;
749
error(0, errno, "argp_parse");
750
exitstatus = EX_OSERR;
751
goto fallback;
752
case EINVAL:
753
exitstatus = EX_CONFIG;
615
754
goto fallback;
616
755
}
617
756
}
618
757
619
758
/* Parse actual command line arguments, to let them override the
620
759
config file */
621
ret = argp_parse (&argp, argc, argv, ARGP_IN_ORDER, 0, NULL);
622
if (ret == ARGP_ERR_UNKNOWN){
623
fprintf(stderr, "Unknown error while parsing arguments\n");
624
exitstatus = EXIT_FAILURE;
625
goto fallback;
760
ret = argp_parse(&argp, argc, argv,
761
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
762
NULL, NULL);
763
switch(ret){
764
case 0:
765
break;
766
case ENOMEM:
767
default:
768
errno = ret;
769
error(0, errno, "argp_parse");
770
exitstatus = EX_OSERR;
771
goto fallback;
772
case EINVAL:
773
exitstatus = EX_USAGE;
774
goto fallback;
775
}
776
777
{
778
char *pluginhelperenv;
779
bool bret = true;
780
ret = asprintf(&pluginhelperenv, "MANDOSPLUGINHELPERDIR=%s",
781
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
782
if(ret != -1){
783
bret = add_environment(getplugin(NULL), pluginhelperenv, true);
784
}
785
if(ret == -1 or not bret){
786
error(0, errno, "Failed to set MANDOSPLUGINHELPERDIR"
787
" environment variable to \"%s\" for all plugins\n",
788
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
789
}
790
if(ret != -1){
791
free(pluginhelperenv);
792
}
626
793
}
627
794
628
795
if(debug){
632
799
for(char **a = p->argv; *a != NULL; a++){
633
800
fprintf(stderr, "\tArg: %s\n", *a);
634
801
}
635
fprintf(stderr, "...and %u environment variables\n", p->envc);
802
fprintf(stderr, "...and %d environment variables\n", p->envc);
636
803
for(char **a = p->environ; *a != NULL; a++){
637
804
fprintf(stderr, "\t%s\n", *a);
638
805
}
639
806
}
640
807
}
641
808
642
/* Strip permissions down to nobody */
809
if(getuid() == 0){
810
/* Work around Debian bug #633582:
811
<http://bugs.debian.org/633582> */
812
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
813
if(plugindir_fd == -1){
814
if(errno != ENOENT){
815
error(0, errno, "open(\"" PDIR "\")");
816
}
817
} else {
818
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
819
if(ret == -1){
820
error(0, errno, "fstat");
821
} else {
822
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
823
ret = fchown(plugindir_fd, uid, gid);
824
if(ret == -1){
825
error(0, errno, "fchown");
826
}
827
}
828
}
829
close(plugindir_fd);
830
}
831
}
832
833
/* Lower permissions */
834
ret = setgid(gid);
835
if(ret == -1){
836
error(0, errno, "setgid");
837
}
643
838
ret = setuid(uid);
644
if (ret == -1){
645
perror("setuid");
646
}
647
setgid(gid);
648
if (ret == -1){
649
perror("setgid");
650
}
651
652
if (plugindir == NULL){
653
dir = opendir(PDIR);
654
} else {
655
dir = opendir(plugindir);
656
}
657
658
if(dir == NULL){
659
perror("Could not open plugin dir");
660
exitstatus = EXIT_FAILURE;
661
goto fallback;
662
}
663
664
/* Set the FD_CLOEXEC flag on the directory, if possible */
839
if(ret == -1){
840
error(0, errno, "setuid");
841
}
842
843
/* Open plugin directory with close_on_exec flag */
665
844
{
666
int dir_fd = dirfd(dir);
667
if(dir_fd >= 0){
668
ret = set_cloexec_flag(dir_fd);
669
if(ret < 0){
670
perror("set_cloexec_flag");
671
exitstatus = EXIT_FAILURE;
672
goto fallback;
845
dir_fd = open(plugindir != NULL ? plugindir : PDIR, O_RDONLY |
846
#ifdef O_CLOEXEC
847
O_CLOEXEC
848
#else /* not O_CLOEXEC */
849
0
850
#endif /* not O_CLOEXEC */
851
);
852
if(dir_fd == -1){
853
error(0, errno, "Could not open plugin dir");
854
exitstatus = EX_UNAVAILABLE;
855
goto fallback;
856
}
857
858
#ifndef O_CLOEXEC
859
/* Set the FD_CLOEXEC flag on the directory */
860
ret = set_cloexec_flag(dir_fd);
861
if(ret < 0){
862
error(0, errno, "set_cloexec_flag");
863
exitstatus = EX_OSERR;
864
goto fallback;
865
}
866
#endif /* O_CLOEXEC */
867
}
868
869
int good_name(const struct dirent * const dirent){
870
const char * const patterns[] = { ".*", "#*#", "*~", "*.dpkg-new",
871
"*.dpkg-old", "*.dpkg-bak",
872
"*.dpkg-divert", NULL };
873
#ifdef __GNUC__
874
#pragma GCC diagnostic push
875
#pragma GCC diagnostic ignored "-Wcast-qual"
876
#endif
877
for(const char **pat = (const char **)patterns;
878
*pat != NULL; pat++){
879
#ifdef __GNUC__
880
#pragma GCC diagnostic pop
881
#endif
882
if(fnmatch(*pat, dirent->d_name, FNM_FILE_NAME | FNM_PERIOD)
883
!= FNM_NOMATCH){
884
if(debug){
885
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
886
" matching pattern %s\n", dirent->d_name, *pat);
887
}
888
return 0;
673
889
}
674
890
}
891
return 1;
892
}
893
894
int numplugins = scandirat(dir_fd, ".", &direntries, good_name,
895
alphasort);
896
if(numplugins == -1){
897
error(0, errno, "Could not scan plugin dir");
898
direntries = NULL;
899
exitstatus = EX_OSERR;
900
goto fallback;
675
901
}
676
902
677
903
FD_ZERO(&rfds_all);
678
904
679
905
/* Read and execute any executable in the plugin directory*/
680
while(true){
681
dirst = readdir(dir);
682
683
/* All directory entries have been processed */
684
if(dirst == NULL){
685
if (errno == EBADF){
686
perror("readdir");
687
exitstatus = EXIT_FAILURE;
688
goto fallback;
689
}
690
break;
691
}
692
693
d_name_len = strlen(dirst->d_name);
694
695
/* Ignore dotfiles, backup files and other junk */
696
{
697
bool bad_name = false;
698
699
const char const *bad_prefixes[] = { ".", "#", NULL };
700
701
const char const *bad_suffixes[] = { "~", "#", ".dpkg-new",
702
".dpkg-old",
703
".dpkg-divert", NULL };
704
for(const char **pre = bad_prefixes; *pre != NULL; pre++){
705
size_t pre_len = strlen(*pre);
706
if((d_name_len >= pre_len)
707
and strncmp((dirst->d_name), *pre, pre_len) == 0){
708
if(debug){
709
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
710
" with bad prefix %s\n", dirst->d_name, *pre);
711
}
712
bad_name = true;
713
break;
714
}
715
}
716
if(bad_name){
717
continue;
718
}
719
for(const char **suf = bad_suffixes; *suf != NULL; suf++){
720
size_t suf_len = strlen(*suf);
721
if((d_name_len >= suf_len)
722
and (strcmp((dirst->d_name)+d_name_len-suf_len, *suf)
723
== 0)){
724
if(debug){
725
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
726
" with bad suffix %s\n", dirst->d_name, *suf);
727
}
728
bad_name = true;
729
break;
730
}
731
}
732
733
if(bad_name){
734
continue;
735
}
736
}
737
738
char *filename;
739
if(plugindir == NULL){
740
ret = asprintf(&filename, PDIR "/%s", dirst->d_name);
741
} else {
742
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name);
743
}
744
if(ret < 0){
745
perror("asprintf");
746
continue;
747
}
748
749
ret = stat(filename, &st);
750
if (ret == -1){
751
perror("stat");
752
free(filename);
753
continue;
754
}
755
906
for(int i = 0; i < numplugins; i++){
907
908
int plugin_fd = openat(dir_fd, direntries[i]->d_name, O_RDONLY);
909
if(plugin_fd == -1){
910
error(0, errno, "Could not open plugin");
911
free(direntries[i]);
912
continue;
913
}
914
ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
915
if(ret == -1){
916
error(0, errno, "stat");
917
close(plugin_fd);
918
free(direntries[i]);
919
continue;
920
}
921
756
922
/* Ignore non-executable files */
757
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){
923
if(not S_ISREG(st.st_mode)
924
or (TEMP_FAILURE_RETRY(faccessat(dir_fd, direntries[i]->d_name,
925
X_OK, 0)) != 0)){
758
926
if(debug){
759
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
760
" with bad type or mode\n", filename);
927
fprintf(stderr, "Ignoring plugin dir entry \"%s/%s\""
928
" with bad type or mode\n",
929
plugindir != NULL ? plugindir : PDIR,
930
direntries[i]->d_name);
761
931
}
762
free(filename);
932
close(plugin_fd);
933
free(direntries[i]);
763
934
continue;
764
935
}
765
936
766
plugin *p = getplugin(dirst->d_name);
937
plugin *p = getplugin(direntries[i]->d_name);
767
938
if(p == NULL){
768
perror("getplugin");
769
free(filename);
939
error(0, errno, "getplugin");
940
close(plugin_fd);
941
free(direntries[i]);
770
942
continue;
771
943
}
772
944
if(p->disabled){
773
945
if(debug){
774
946
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
775
dirst->d_name);
947
direntries[i]->d_name);
776
948
}
777
free(filename);
949
close(plugin_fd);
950
free(direntries[i]);
778
951
continue;
779
952
}
780
953
{
783
956
if(g != NULL){
784
957
for(char **a = g->argv + 1; *a != NULL; a++){
785
958
if(not add_argument(p, *a)){
786
perror("add_argument");
959
error(0, errno, "add_argument");
787
960
}
788
961
}
789
962
/* Add global environment variables */
790
963
for(char **e = g->environ; *e != NULL; e++){
791
964
if(not add_environment(p, *e, false)){
792
perror("add_environment");
965
error(0, errno, "add_environment");
793
966
}
794
967
}
795
968
}
796
969
}
797
/* If this plugin has any environment variables, we will call
798
using execve and need to duplicate the environment from this
799
process, too. */
970
/* If this plugin has any environment variables, we need to
971
duplicate the environment from this process, too. */
800
972
if(p->environ[0] != NULL){
801
973
for(char **e = environ; *e != NULL; e++){
802
974
if(not add_environment(p, *e, false)){
803
perror("add_environment");
975
error(0, errno, "add_environment");
804
976
}
805
977
}
806
978
}
807
979
808
980
int pipefd[2];
809
ret = pipe(pipefd);
810
if (ret == -1){
811
perror("pipe");
812
exitstatus = EXIT_FAILURE;
813
goto fallback;
814
}
981
#ifndef O_CLOEXEC
982
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
983
#else /* O_CLOEXEC */
984
ret = (int)TEMP_FAILURE_RETRY(pipe2(pipefd, O_CLOEXEC));
985
#endif /* O_CLOEXEC */
986
if(ret == -1){
987
error(0, errno, "pipe");
988
exitstatus = EX_OSERR;
989
free(direntries[i]);
990
goto fallback;
991
}
992
if(pipefd[0] >= FD_SETSIZE){
993
fprintf(stderr, "pipe()[0] (%d) >= FD_SETSIZE (%d)", pipefd[0],
994
FD_SETSIZE);
995
close(pipefd[0]);
996
close(pipefd[1]);
997
exitstatus = EX_OSERR;
998
free(direntries[i]);
999
goto fallback;
1000
}
1001
#ifndef O_CLOEXEC
815
1002
/* Ask OS to automatic close the pipe on exec */
816
1003
ret = set_cloexec_flag(pipefd[0]);
817
1004
if(ret < 0){
818
perror("set_cloexec_flag");
819
exitstatus = EXIT_FAILURE;
1005
error(0, errno, "set_cloexec_flag");
1006
close(pipefd[0]);
1007
close(pipefd[1]);
1008
exitstatus = EX_OSERR;
1009
free(direntries[i]);
820
1010
goto fallback;
821
1011
}
822
1012
ret = set_cloexec_flag(pipefd[1]);
823
1013
if(ret < 0){
824
perror("set_cloexec_flag");
825
exitstatus = EXIT_FAILURE;
1014
error(0, errno, "set_cloexec_flag");
1015
close(pipefd[0]);
1016
close(pipefd[1]);
1017
exitstatus = EX_OSERR;
1018
free(direntries[i]);
826
1019
goto fallback;
827
1020
}
1021
#endif /* not O_CLOEXEC */
828
1022
/* Block SIGCHLD until process is safely in process list */
829
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1023
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
1024
&sigchld_action.sa_mask,
1025
NULL));
830
1026
if(ret < 0){
831
perror("sigprocmask");
832
exitstatus = EXIT_FAILURE;
1027
error(0, errno, "sigprocmask");
1028
exitstatus = EX_OSERR;
1029
free(direntries[i]);
833
1030
goto fallback;
834
1031
}
835
1032
/* Starting a new process to be watched */
836
pid_t pid = fork();
1033
pid_t pid;
1034
do {
1035
pid = fork();
1036
} while(pid == -1 and errno == EINTR);
837
1037
if(pid == -1){
838
perror("fork");
839
exitstatus = EXIT_FAILURE;
1038
error(0, errno, "fork");
1039
TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1040
&sigchld_action.sa_mask, NULL));
1041
close(pipefd[0]);
1042
close(pipefd[1]);
1043
exitstatus = EX_OSERR;
1044
free(direntries[i]);
840
1045
goto fallback;
841
1046
}
842
1047
if(pid == 0){
843
1048
/* this is the child process */
844
1049
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
845
1050
if(ret < 0){
846
perror("sigaction");
847
_exit(EXIT_FAILURE);
1051
error(0, errno, "sigaction");
1052
_exit(EX_OSERR);
848
1053
}
849
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1054
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
850
1055
if(ret < 0){
851
perror("sigprocmask");
852
_exit(EXIT_FAILURE);
1056
error(0, errno, "sigprocmask");
1057
_exit(EX_OSERR);
853
1058
}
854
1059
855
1060
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
856
1061
if(ret == -1){
857
perror("dup2");
858
_exit(EXIT_FAILURE);
1062
error(0, errno, "dup2");
1063
_exit(EX_OSERR);
859
1064
}
860
1065
861
if(dirfd(dir) < 0){
862
/* If dir has no file descriptor, we could not set FD_CLOEXEC
863
above and must now close it manually here. */
864
closedir(dir);
865
}
866
if(p->environ[0] == NULL){
867
if(execv(filename, p->argv) < 0){
868
perror("execv");
869
_exit(EXIT_FAILURE);
870
}
871
} else {
872
if(execve(filename, p->argv, p->environ) < 0){
873
perror("execve");
874
_exit(EXIT_FAILURE);
875
}
1066
if(fexecve(plugin_fd, p->argv,
1067
(p->environ[0] != NULL) ? p->environ : environ) < 0){
1068
error(0, errno, "fexecve for %s/%s",
1069
plugindir != NULL ? plugindir : PDIR,
1070
direntries[i]->d_name);
1071
_exit(EX_OSERR);
876
1072
}
877
1073
/* no return */
878
1074
}
879
1075
/* Parent process */
880
1076
close(pipefd[1]); /* Close unused write end of pipe */
881
free(filename);
882
plugin *new_plugin = getplugin(dirst->d_name);
883
if (new_plugin == NULL){
884
perror("getplugin");
885
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1077
close(plugin_fd);
1078
plugin *new_plugin = getplugin(direntries[i]->d_name);
1079
if(new_plugin == NULL){
1080
error(0, errno, "getplugin");
1081
ret = (int)(TEMP_FAILURE_RETRY
1082
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1083
NULL)));
886
1084
if(ret < 0){
887
perror("sigprocmask");
1085
error(0, errno, "sigprocmask");
888
1086
}
889
exitstatus = EXIT_FAILURE;
1087
exitstatus = EX_OSERR;
1088
free(direntries[i]);
890
1089
goto fallback;
891
1090
}
1091
free(direntries[i]);
892
1092
893
1093
new_plugin->pid = pid;
894
1094
new_plugin->fd = pipefd[0];
895
1095
896
1096
/* Unblock SIGCHLD so signal handler can be run if this process
897
1097
has already completed */
898
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1098
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1099
&sigchld_action.sa_mask,
1100
NULL));
899
1101
if(ret < 0){
900
perror("sigprocmask");
901
exitstatus = EXIT_FAILURE;
1102
error(0, errno, "sigprocmask");
1103
exitstatus = EX_OSERR;
902
1104
goto fallback;
903
1105
}
904
1106
905
1107
FD_SET(new_plugin->fd, &rfds_all);
906
1108
907
if (maxfd < new_plugin->fd){
1109
if(maxfd < new_plugin->fd){
908
1110
maxfd = new_plugin->fd;
909
1111
}
910
911
1112
}
912
1113
913
closedir(dir);
914
dir = NULL;
915
1114
free(direntries);
1115
direntries = NULL;
1116
close(dir_fd);
1117
dir_fd = -1;
1118
free_plugin(getplugin(NULL));
1119
916
1120
for(plugin *p = plugin_list; p != NULL; p = p->next){
917
1121
if(p->pid != 0){
918
1122
break;
923
1127
free_plugin_list();
924
1128
}
925
1129
}
926
1130
927
1131
/* Main loop while running plugins exist */
928
1132
while(plugin_list){
929
1133
fd_set rfds = rfds_all;
930
1134
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
931
if (select_ret == -1){
932
perror("select");
933
exitstatus = EXIT_FAILURE;
1135
if(select_ret == -1 and errno != EINTR){
1136
error(0, errno, "select");
1137
exitstatus = EX_OSERR;
934
1138
goto fallback;
935
1139
}
936
1140
/* OK, now either a process completed, or something can be read
937
1141
from one of them */
938
1142
for(plugin *proc = plugin_list; proc != NULL;){
939
1143
/* Is this process completely done? */
940
if(proc->eof and proc->completed){
1144
if(proc->completed and proc->eof){
941
1145
/* Only accept the plugin output if it exited cleanly */
942
1146
if(not WIFEXITED(proc->status)
943
1147
or WEXITSTATUS(proc->status) != 0){
944
1148
/* Bad exit by plugin */
945
1149
946
1150
if(debug){
947
1151
if(WIFEXITED(proc->status)){
948
fprintf(stderr, "Plugin %u exited with status %d\n",
949
(unsigned int) (proc->pid),
1152
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1153
" status %d\n", proc->name,
1154
(intmax_t) (proc->pid),
950
1155
WEXITSTATUS(proc->status));
951
} else if(WIFSIGNALED(proc->status)) {
952
fprintf(stderr, "Plugin %u killed by signal %d\n",
953
(unsigned int) (proc->pid),
954
WTERMSIG(proc->status));
1156
} else if(WIFSIGNALED(proc->status)){
1157
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1158
" signal %d: %s\n", proc->name,
1159
(intmax_t) (proc->pid),
1160
WTERMSIG(proc->status),
1161
strsignal(WTERMSIG(proc->status)));
955
1162
} else if(WCOREDUMP(proc->status)){
956
fprintf(stderr, "Plugin %d dumped core\n",
957
(unsigned int) (proc->pid));
1163
fprintf(stderr, "Plugin %s [%" PRIdMAX "] dumped"
1164
" core\n", proc->name, (intmax_t) (proc->pid));
958
1165
}
959
1166
}
960
1167
961
1168
/* Remove the plugin */
962
1169
FD_CLR(proc->fd, &rfds_all);
963
1170
964
1171
/* Block signal while modifying process_list */
965
ret = sigprocmask(SIG_BLOCK, &sigchld_action.sa_mask, NULL);
966
if(ret < 0){
967
perror("sigprocmask");
968
exitstatus = EXIT_FAILURE;
969
goto fallback;
970
}
971
972
/* We are done modifying process list, so unblock signal */
973
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask,
974
NULL);
975
if(ret < 0){
976
perror("sigprocmask");
977
exitstatus = EXIT_FAILURE;
978
goto fallback;
979
}
980
981
if(plugin_list == NULL){
982
break;
1172
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1173
(SIG_BLOCK,
1174
&sigchld_action.sa_mask,
1175
NULL));
1176
if(ret < 0){
1177
error(0, errno, "sigprocmask");
1178
exitstatus = EX_OSERR;
1179
goto fallback;
983
1180
}
984
1181
985
1182
plugin *next_plugin = proc->next;
986
1183
free_plugin(proc);
987
1184
proc = next_plugin;
1185
1186
/* We are done modifying process list, so unblock signal */
1187
ret = (int)(TEMP_FAILURE_RETRY
1188
(sigprocmask(SIG_UNBLOCK,
1189
&sigchld_action.sa_mask, NULL)));
1190
if(ret < 0){
1191
error(0, errno, "sigprocmask");
1192
exitstatus = EX_OSERR;
1193
goto fallback;
1194
}
1195
1196
if(plugin_list == NULL){
1197
break;
1198
}
1199
988
1200
continue;
989
1201
}
990
1202
991
1203
/* This process exited nicely, so print its buffer */
992
1204
993
1205
bool bret = print_out_password(proc->buffer,
994
1206
proc->buffer_length);
995
1207
if(not bret){
996
perror("print_out_password");
997
exitstatus = EXIT_FAILURE;
1208
error(0, errno, "print_out_password");
1209
exitstatus = EX_IOERR;
998
1210
}
999
1211
goto fallback;
1000
1212
}
1007
1219
}
1008
1220
/* Before reading, make the process' data buffer large enough */
1009
1221
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1010
proc->buffer = realloc(proc->buffer, proc->buffer_size
1011
+ (size_t) BUFFER_SIZE);
1012
if (proc->buffer == NULL){
1013
perror("malloc");
1014
exitstatus = EXIT_FAILURE;
1222
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1223
+ (size_t) BUFFER_SIZE);
1224
if(new_buffer == NULL){
1225
error(0, errno, "malloc");
1226
exitstatus = EX_OSERR;
1015
1227
goto fallback;
1016
1228
}
1229
proc->buffer = new_buffer;
1017
1230
proc->buffer_size += BUFFER_SIZE;
1018
1231
}
1019
1232
/* Read from the process */
1020
ret = read(proc->fd, proc->buffer + proc->buffer_length,
1021
BUFFER_SIZE);
1022
if(ret < 0){
1233
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1234
proc->buffer
1235
+ proc->buffer_length,
1236
BUFFER_SIZE));
1237
if(sret < 0){
1023
1238
/* Read error from this process; ignore the error */
1024
1239
proc = proc->next;
1025
1240
continue;
1026
1241
}
1027
if(ret == 0){
1242
if(sret == 0){
1028
1243
/* got EOF */
1029
1244
proc->eof = true;
1030
1245
} else {
1031
proc->buffer_length += (size_t) ret;
1246
proc->buffer_length += (size_t) sret;
1032
1247
}
1033
1248
}
1034
1249
}
1035
1036
1250
1251
1037
1252
fallback:
1038
1253
1039
if(plugin_list == NULL or exitstatus != EXIT_SUCCESS){
1254
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1255
and exitstatus != EX_OK)){
1040
1256
/* Fallback if all plugins failed, none are found or an error
1041
1257
occured */
1042
1258
bool bret;
1050
1266
}
1051
1267
bret = print_out_password(passwordbuffer, len);
1052
1268
if(not bret){
1053
perror("print_out_password");
1054
exitstatus = EXIT_FAILURE;
1269
error(0, errno, "print_out_password");
1270
exitstatus = EX_IOERR;
1055
1271
}
1056
1272
}
1057
1273
1058
1274
/* Restore old signal handler */
1059
1275
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1060
1276
if(ret == -1){
1061
perror("sigaction");
1062
exitstatus = EXIT_FAILURE;
1277
error(0, errno, "sigaction");
1278
exitstatus = EX_OSERR;
1063
1279
}
1064
1280
1065
1281
if(custom_argv != NULL){
1066
1282
for(char **arg = custom_argv+1; *arg != NULL; arg++){
1067
1283
free(*arg);
1069
1285
free(custom_argv);
1070
1286
}
1071
1287
1072
if(dir != NULL){
1073
closedir(dir);
1288
free(direntries);
1289
1290
if(dir_fd != -1){
1291
close(dir_fd);
1074
1292
}
1075
1293
1076
/* Free the process list and kill the processes */
1294
/* Kill the processes */
1077
1295
for(plugin *p = plugin_list; p != NULL; p = p->next){
1078
1296
if(p->pid != 0){
1079
1297
close(p->fd);
1080
1298
ret = kill(p->pid, SIGTERM);
1081
1299
if(ret == -1 and errno != ESRCH){
1082
1300
/* Set-uid proccesses might not get closed */
1083
perror("kill");
1301
error(0, errno, "kill");
1084
1302
}
1085
1303
}
1086
1304
}
1087
1305
1088
1306
/* Wait for any remaining child processes to terminate */
1089
do{
1307
do {
1090
1308
ret = wait(NULL);
1091
1309
} while(ret >= 0);
1092
1310
if(errno != ECHILD){
1093
perror("wait");
1311
error(0, errno, "wait");
1094
1312
}
1095
1313
1096
1314
free_plugin_list();
1097
1315
1098
1316
free(plugindir);
1317
free(pluginhelperdir);
1099
1318
free(argfile);
1100
1319
1101
1320
return exitstatus;
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0