To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugin-runner.c
- browse files at revision 967
- compare with another revision
- download diff
- download tarball
- view history from revision 967
- Committer: Teddy Hogeborn
- Date: 2019-02-10 03:50:20 UTC
- Revision ID: teddy@recompile.se-20190210035020-nttr1tybgwwixueu
Show debconf note about new TLS key IDs
If mandos-client did not see TLS keys and had to create them, or if
mandos sees GnuTLS version 3.6.6 or later, show an important notice on
package installation about the importance of adding the new key_id
options to clients.conf on the Mandos server.
* debian/control (Package: mandos, Package: mandos-client): Depend on
debconf.
* debian/mandos-client.lintian-overrides: Override warnings.
* debian/mandos-client.postinst (create_keys): Show notice if new TLS
key files were created.
* debian/mandos-client.templates: New.
* debian/mandos.lintian-overrides: Override warnings.
* debian/mandos.postinst (configure): If GnuTLS 3.6.6 or later is
detected, show an important
notice (once) about the new
key_id option required in
clients.conf.
* debian/mandos.templates: New.
If mandos-client did not see TLS keys and had to create them, or if
mandos sees GnuTLS version 3.6.6 or later, show an important notice on
package installation about the importance of adding the new key_id
options to clients.conf on the Mandos server.
* debian/control (Package: mandos, Package: mandos-client): Depend on
debconf.
* debian/mandos-client.lintian-overrides: Override warnings.
* debian/mandos-client.postinst (create_keys): Show notice if new TLS
key files were created.
* debian/mandos-client.templates: New.
* debian/mandos.lintian-overrides: Override warnings.
* debian/mandos.postinst (configure): If GnuTLS 3.6.6 or later is
detected, show an important
notice (once) about the new
key_id option required in
clients.conf.
* debian/mandos.templates: New.
- files added:
- DBUS-API
- debian/source
- debian/upstream
- network-hooks.d
- plugin-helpers
- files removed:
- debian/mandos-client.config
- files modified:
- .bzrignore
added
removed
plugin-runner.c
1
/* -*- coding: utf-8 -*- */
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
2
/*
3
3
* Mandos plugin runner - Run Mandos plugins
4
4
*
5
* Copyright © 2008 Teddy Hogeborn & Björn Påhlsson
6
*
7
* This program is free software: you can redistribute it and/or
8
* modify it under the terms of the GNU General Public License as
9
* published by the Free Software Foundation, either version 3 of the
10
* License, or (at your option) any later version.
11
*
12
* This program is distributed in the hope that it will be useful, but
5
* Copyright © 2008-2018 Teddy Hogeborn
6
* Copyright © 2008-2018 Björn Påhlsson
7
*
8
* This file is part of Mandos.
9
*
10
* Mandos is free software: you can redistribute it and/or modify it
11
* under the terms of the GNU General Public License as published by
12
* the Free Software Foundation, either version 3 of the License, or
13
* (at your option) any later version.
14
*
15
* Mandos is distributed in the hope that it will be useful, but
13
16
* WITHOUT ANY WARRANTY; without even the implied warranty of
14
17
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15
18
* General Public License for more details.
16
19
*
17
20
* You should have received a copy of the GNU General Public License
18
* along with this program. If not, see
19
* <http://www.gnu.org/licenses/>.
21
* along with Mandos. If not, see <http://www.gnu.org/licenses/>.
20
22
*
21
* Contact the authors at <mandos@fukt.bsnet.se>.
23
* Contact the authors at <mandos@recompile.se>.
22
24
*/
23
25
24
26
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
25
asprintf() */
27
O_CLOEXEC, pipe2() */
26
28
#include <stddef.h> /* size_t, NULL */
27
#include <stdlib.h> /* malloc(), exit(), EXIT_FAILURE,
28
EXIT_SUCCESS, realloc() */
29
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
30
realloc() */
29
31
#include <stdbool.h> /* bool, true, false */
30
#include <stdio.h> /* perror, fileno(), fprintf(),
31
stderr, STDOUT_FILENO */
32
#include <sys/types.h> /* DIR, opendir(), stat(), struct
33
stat, waitpid(), WIFEXITED(),
34
WEXITSTATUS(), wait(), pid_t,
35
uid_t, gid_t, getuid(), getgid(),
36
dirfd() */
32
#include <stdio.h> /* fileno(), fprintf(),
33
stderr, STDOUT_FILENO, fclose() */
34
#include <sys/types.h> /* fstat(), struct stat, waitpid(),
35
WIFEXITED(), WEXITSTATUS(), wait(),
36
pid_t, uid_t, gid_t, getuid(),
37
getgid() */
37
38
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
38
39
FD_SET(), FD_ISSET(), FD_CLR */
39
40
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
40
WEXITSTATUS() */
41
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
41
WEXITSTATUS(), WTERMSIG() */
42
#include <sys/stat.h> /* struct stat, fstat(), S_ISREG() */
42
43
#include <iso646.h> /* and, or, not */
43
#include <dirent.h> /* DIR, struct dirent, opendir(),
44
readdir(), closedir(), dirfd() */
45
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
46
fcntl(), setuid(), setgid(),
47
F_GETFD, F_SETFD, FD_CLOEXEC,
48
access(), pipe(), fork(), close()
49
dup2(), STDOUT_FILENO, _exit(),
50
execv(), write(), read(),
51
close() */
44
#include <dirent.h> /* struct dirent, scandirat() */
45
#include <unistd.h> /* fcntl(), F_GETFD, F_SETFD,
46
FD_CLOEXEC, write(), STDOUT_FILENO,
47
struct stat, fstat(), close(),
48
setgid(), setuid(), S_ISREG(),
49
faccessat() pipe2(), fork(),
50
_exit(), dup2(), fexecve(), read()
51
*/
52
52
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
53
FD_CLOEXEC */
54
#include <string.h> /* strsep, strlen(), asprintf() */
53
FD_CLOEXEC, openat(), scandirat(),
54
pipe2() */
55
#include <string.h> /* strsep, strlen(), strsignal(),
56
strcmp(), strncmp() */
55
57
#include <errno.h> /* errno */
56
58
#include <argp.h> /* struct argp_option, struct
57
59
argp_state, struct argp,
61
63
#include <signal.h> /* struct sigaction, sigemptyset(),
62
64
sigaddset(), sigaction(),
63
65
sigprocmask(), SIG_BLOCK, SIGCHLD,
64
SIG_UNBLOCK, kill() */
66
SIG_UNBLOCK, kill(), sig_atomic_t
67
*/
65
68
#include <errno.h> /* errno, EBADF */
69
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
70
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
71
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
72
#include <errno.h> /* errno */
73
#include <error.h> /* error() */
74
#include <fnmatch.h> /* fnmatch() */
66
75
67
76
#define BUFFER_SIZE 256
68
77
69
78
#define PDIR "/lib/mandos/plugins.d"
79
#define PHDIR "/lib/mandos/plugin-helpers"
70
80
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
71
81
72
82
const char *argp_program_version = "plugin-runner " VERSION;
73
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
83
const char *argp_program_bug_address = "<mandos@recompile.se>";
74
84
75
85
typedef struct plugin{
76
86
char *name; /* can be NULL or any plugin name */
79
89
char **environ;
80
90
int envc;
81
91
bool disabled;
82
92
83
93
/* Variables used for running processes*/
84
94
pid_t pid;
85
95
int fd;
87
97
size_t buffer_size;
88
98
size_t buffer_length;
89
99
bool eof;
90
volatile bool completed;
91
volatile int status;
100
volatile sig_atomic_t completed;
101
int status;
92
102
struct plugin *next;
93
103
} plugin;
94
104
96
106
97
107
/* Gets an existing plugin based on name,
98
108
or if none is found, creates a new one */
109
__attribute__((warn_unused_result))
99
110
static plugin *getplugin(char *name){
100
/* Check for exiting plugin with that name */
101
for (plugin *p = plugin_list; p != NULL; p = p->next){
102
if ((p->name == name)
103
or (p->name and name and (strcmp(p->name, name) == 0))){
111
/* Check for existing plugin with that name */
112
for(plugin *p = plugin_list; p != NULL; p = p->next){
113
if((p->name == name)
114
or (p->name and name and (strcmp(p->name, name) == 0))){
104
115
return p;
105
116
}
106
117
}
107
118
/* Create a new plugin */
108
plugin *new_plugin = malloc(sizeof(plugin));
109
if (new_plugin == NULL){
119
plugin *new_plugin = NULL;
120
do {
121
new_plugin = malloc(sizeof(plugin));
122
} while(new_plugin == NULL and errno == EINTR);
123
if(new_plugin == NULL){
110
124
return NULL;
111
125
}
112
126
char *copy_name = NULL;
113
127
if(name != NULL){
114
copy_name = strdup(name);
128
do {
129
copy_name = strdup(name);
130
} while(copy_name == NULL and errno == EINTR);
115
131
if(copy_name == NULL){
132
int e = errno;
133
free(new_plugin);
134
errno = e;
116
135
return NULL;
117
136
}
118
137
}
119
138
120
*new_plugin = (plugin) { .name = copy_name,
121
.argc = 1,
122
.disabled = false,
123
.next = plugin_list };
139
*new_plugin = (plugin){ .name = copy_name,
140
.argc = 1,
141
.disabled = false,
142
.next = plugin_list };
124
143
125
new_plugin->argv = malloc(sizeof(char *) * 2);
126
if (new_plugin->argv == NULL){
144
do {
145
new_plugin->argv = malloc(sizeof(char *) * 2);
146
} while(new_plugin->argv == NULL and errno == EINTR);
147
if(new_plugin->argv == NULL){
148
int e = errno;
127
149
free(copy_name);
128
150
free(new_plugin);
151
errno = e;
129
152
return NULL;
130
153
}
131
154
new_plugin->argv[0] = copy_name;
132
155
new_plugin->argv[1] = NULL;
133
156
134
new_plugin->environ = malloc(sizeof(char *));
157
do {
158
new_plugin->environ = malloc(sizeof(char *));
159
} while(new_plugin->environ == NULL and errno == EINTR);
135
160
if(new_plugin->environ == NULL){
161
int e = errno;
136
162
free(copy_name);
137
163
free(new_plugin->argv);
138
164
free(new_plugin);
165
errno = e;
139
166
return NULL;
140
167
}
141
168
new_plugin->environ[0] = NULL;
146
173
}
147
174
148
175
/* Helper function for add_argument and add_environment */
176
__attribute__((nonnull, warn_unused_result))
149
177
static bool add_to_char_array(const char *new, char ***array,
150
178
int *len){
151
179
/* Resize the pointed-to array to hold one more pointer */
152
*array = realloc(*array, sizeof(char *)
153
* (size_t) ((*len) + 2));
180
char **new_array = NULL;
181
do {
182
new_array = realloc(*array, sizeof(char *)
183
* (size_t) ((*len) + 2));
184
} while(new_array == NULL and errno == EINTR);
154
185
/* Malloc check */
155
if(*array == NULL){
186
if(new_array == NULL){
156
187
return false;
157
188
}
189
*array = new_array;
158
190
/* Make a copy of the new string */
159
char *copy = strdup(new);
191
char *copy;
192
do {
193
copy = strdup(new);
194
} while(copy == NULL and errno == EINTR);
160
195
if(copy == NULL){
161
196
return false;
162
197
}
169
204
}
170
205
171
206
/* Add to a plugin's argument vector */
207
__attribute__((nonnull(2), warn_unused_result))
172
208
static bool add_argument(plugin *p, const char *arg){
173
209
if(p == NULL){
174
210
return false;
177
213
}
178
214
179
215
/* Add to a plugin's environment */
216
__attribute__((nonnull(2), warn_unused_result))
180
217
static bool add_environment(plugin *p, const char *def, bool replace){
181
218
if(p == NULL){
182
219
return false;
184
221
/* namelen = length of name of environment variable */
185
222
size_t namelen = (size_t)(strchrnul(def, '=') - def);
186
223
/* Search for this environment variable */
187
for(char **e = p->environ; *e != NULL; e++){
188
if(strncmp(*e, def, namelen + 1) == 0){
224
for(char **envdef = p->environ; *envdef != NULL; envdef++){
225
if(strncmp(*envdef, def, namelen + 1) == 0){
189
226
/* It already exists */
190
227
if(replace){
191
char *new = realloc(*e, strlen(def) + 1);
192
if(new == NULL){
228
char *new_envdef;
229
do {
230
new_envdef = realloc(*envdef, strlen(def) + 1);
231
} while(new_envdef == NULL and errno == EINTR);
232
if(new_envdef == NULL){
193
233
return false;
194
234
}
195
*e = new;
196
strcpy(*e, def);
235
*envdef = new_envdef;
236
strcpy(*envdef, def);
197
237
}
198
238
return true;
199
239
}
201
241
return add_to_char_array(def, &(p->environ), &(p->envc));
202
242
}
203
243
244
#ifndef O_CLOEXEC
204
245
/*
205
246
* Based on the example in the GNU LibC manual chapter 13.13 "File
206
247
* Descriptor Flags".
207
* *Note File Descriptor Flags:(libc)Descriptor Flags.
248
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
208
249
*/
250
__attribute__((warn_unused_result))
209
251
static int set_cloexec_flag(int fd){
210
int ret = fcntl(fd, F_GETFD, 0);
252
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
211
253
/* If reading the flags failed, return error indication now. */
212
254
if(ret < 0){
213
255
return ret;
214
256
}
215
257
/* Store modified flag word in the descriptor. */
216
return fcntl(fd, F_SETFD, ret | FD_CLOEXEC);
258
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
259
ret | FD_CLOEXEC));
217
260
}
261
#endif /* not O_CLOEXEC */
218
262
219
263
220
264
/* Mark processes as completed when they exit, and save their exit
221
265
status. */
222
266
static void handle_sigchld(__attribute__((unused)) int sig){
267
int old_errno = errno;
223
268
while(true){
224
269
plugin *proc = plugin_list;
225
270
int status;
229
274
break;
230
275
}
231
276
if(pid == -1){
232
if (errno != ECHILD){
233
perror("waitpid");
277
if(errno == ECHILD){
278
/* No child processes */
279
break;
234
280
}
235
/* No child processes */
236
break;
281
error(0, errno, "waitpid");
237
282
}
238
283
239
284
/* A child exited, find it in process_list */
245
290
continue;
246
291
}
247
292
proc->status = status;
248
proc->completed = true;
293
proc->completed = 1;
249
294
}
295
errno = old_errno;
250
296
}
251
297
252
298
/* Prints out a password to stdout */
299
__attribute__((nonnull, warn_unused_result))
253
300
static bool print_out_password(const char *buffer, size_t length){
254
301
ssize_t ret;
255
302
for(size_t written = 0; written < length; written += (size_t)ret){
263
310
}
264
311
265
312
/* Removes and free a plugin from the plugin list */
313
__attribute__((nonnull))
266
314
static void free_plugin(plugin *plugin_node){
267
315
268
316
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
274
322
}
275
323
free(plugin_node->environ);
276
324
free(plugin_node->buffer);
277
325
278
326
/* Removes the plugin from the singly-linked list */
279
327
if(plugin_node == plugin_list){
280
328
/* First one - simple */
300
348
301
349
int main(int argc, char *argv[]){
302
350
char *plugindir = NULL;
351
char *pluginhelperdir = NULL;
303
352
char *argfile = NULL;
304
353
FILE *conffp;
305
size_t d_name_len;
306
DIR *dir = NULL;
307
struct dirent *dirst;
354
struct dirent **direntries = NULL;
308
355
struct stat st;
309
356
fd_set rfds_all;
310
357
int ret, maxfd = 0;
358
ssize_t sret;
311
359
uid_t uid = 65534;
312
360
gid_t gid = 65534;
313
361
bool debug = false;
317
365
.sa_flags = SA_NOCLDSTOP };
318
366
char **custom_argv = NULL;
319
367
int custom_argc = 0;
368
int dir_fd = -1;
320
369
321
370
/* Establish a signal handler */
322
371
sigemptyset(&sigchld_action.sa_mask);
323
372
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
324
373
if(ret == -1){
325
perror("sigaddset");
326
exitstatus = EXIT_FAILURE;
374
error(0, errno, "sigaddset");
375
exitstatus = EX_OSERR;
327
376
goto fallback;
328
377
}
329
378
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
330
379
if(ret == -1){
331
perror("sigaction");
332
exitstatus = EXIT_FAILURE;
380
error(0, errno, "sigaction");
381
exitstatus = EX_OSERR;
333
382
goto fallback;
334
383
}
335
384
367
416
.doc = "Group ID the plugins will run as", .group = 3 },
368
417
{ .name = "debug", .key = 132,
369
418
.doc = "Debug mode", .group = 4 },
419
{ .name = "plugin-helper-dir", .key = 133,
420
.arg = "DIRECTORY",
421
.doc = "Specify a different plugin helper directory",
422
.group = 2 },
423
/*
424
* These reproduce what we would get without ARGP_NO_HELP
425
*/
426
{ .name = "help", .key = '?',
427
.doc = "Give this help list", .group = -1 },
428
{ .name = "usage", .key = -3,
429
.doc = "Give a short usage message", .group = -1 },
430
{ .name = "version", .key = 'V',
431
.doc = "Print program version", .group = -1 },
370
432
{ .name = NULL }
371
433
};
372
434
373
error_t parse_opt (int key, char *arg, __attribute__((unused))
374
struct argp_state *state) {
375
switch (key) {
435
__attribute__((nonnull(3)))
436
error_t parse_opt(int key, char *arg, struct argp_state *state){
437
errno = 0;
438
switch(key){
439
char *tmp;
440
intmax_t tmp_id;
376
441
case 'g': /* --global-options */
377
if (arg != NULL){
378
char *p;
379
while((p = strsep(&arg, ",")) != NULL){
380
if(p[0] == '\0'){
381
continue;
382
}
383
if(not add_argument(getplugin(NULL), p)){
384
perror("add_argument");
385
return ARGP_ERR_UNKNOWN;
442
{
443
char *plugin_option;
444
while((plugin_option = strsep(&arg, ",")) != NULL){
445
if(not add_argument(getplugin(NULL), plugin_option)){
446
break;
386
447
}
387
448
}
449
errno = 0;
388
450
}
389
451
break;
390
452
case 'G': /* --global-env */
391
if(arg == NULL){
392
break;
393
}
394
if(not add_environment(getplugin(NULL), arg, true)){
395
perror("add_environment");
453
if(add_environment(getplugin(NULL), arg, true)){
454
errno = 0;
396
455
}
397
456
break;
398
457
case 'o': /* --options-for */
399
if (arg != NULL){
400
char *p_name = strsep(&arg, ":");
401
if(p_name[0] == '\0' or arg == NULL){
402
break;
403
}
404
char *opt = strsep(&arg, ":");
405
if(opt[0] == '\0' or opt == NULL){
406
break;
407
}
408
char *p;
409
while((p = strsep(&opt, ",")) != NULL){
410
if(p[0] == '\0'){
411
continue;
412
}
413
if(not add_argument(getplugin(p_name), p)){
414
perror("add_argument");
415
return ARGP_ERR_UNKNOWN;
416
}
417
}
458
{
459
char *option_list = strchr(arg, ':');
460
if(option_list == NULL){
461
argp_error(state, "No colon in \"%s\"", arg);
462
errno = EINVAL;
463
break;
464
}
465
*option_list = '\0';
466
option_list++;
467
if(arg[0] == '\0'){
468
argp_error(state, "Empty plugin name");
469
errno = EINVAL;
470
break;
471
}
472
char *option;
473
while((option = strsep(&option_list, ",")) != NULL){
474
if(not add_argument(getplugin(arg), option)){
475
break;
476
}
477
}
478
errno = 0;
418
479
}
419
480
break;
420
481
case 'E': /* --env-for */
421
if(arg == NULL){
422
break;
423
}
424
482
{
425
483
char *envdef = strchr(arg, ':');
426
484
if(envdef == NULL){
485
argp_error(state, "No colon in \"%s\"", arg);
486
errno = EINVAL;
427
487
break;
428
488
}
429
489
*envdef = '\0';
430
if(not add_environment(getplugin(arg), envdef+1, true)){
431
perror("add_environment");
490
envdef++;
491
if(arg[0] == '\0'){
492
argp_error(state, "Empty plugin name");
493
errno = EINVAL;
494
break;
495
}
496
if(add_environment(getplugin(arg), envdef, true)){
497
errno = 0;
432
498
}
433
499
}
434
500
break;
435
501
case 'd': /* --disable */
436
if (arg != NULL){
502
{
437
503
plugin *p = getplugin(arg);
438
if(p == NULL){
439
return ARGP_ERR_UNKNOWN;
504
if(p != NULL){
505
p->disabled = true;
506
errno = 0;
440
507
}
441
p->disabled = true;
442
508
}
443
509
break;
444
510
case 'e': /* --enable */
445
if (arg != NULL){
511
{
446
512
plugin *p = getplugin(arg);
447
if(p == NULL){
448
return ARGP_ERR_UNKNOWN;
513
if(p != NULL){
514
p->disabled = false;
515
errno = 0;
449
516
}
450
p->disabled = false;
451
517
}
452
518
break;
453
519
case 128: /* --plugin-dir */
454
520
free(plugindir);
455
521
plugindir = strdup(arg);
456
if(plugindir == NULL){
457
perror("strdup");
458
}
522
if(plugindir != NULL){
523
errno = 0;
524
}
459
525
break;
460
526
case 129: /* --config-file */
461
527
/* This is already done by parse_opt_config_file() */
462
528
break;
463
529
case 130: /* --userid */
464
uid = (uid_t)strtol(arg, NULL, 10);
530
tmp_id = strtoimax(arg, &tmp, 10);
531
if(errno != 0 or tmp == arg or *tmp != '\0'
532
or tmp_id != (uid_t)tmp_id){
533
argp_error(state, "Bad user ID number: \"%s\", using %"
534
PRIdMAX, arg, (intmax_t)uid);
535
break;
536
}
537
uid = (uid_t)tmp_id;
538
errno = 0;
465
539
break;
466
540
case 131: /* --groupid */
467
gid = (gid_t)strtol(arg, NULL, 10);
541
tmp_id = strtoimax(arg, &tmp, 10);
542
if(errno != 0 or tmp == arg or *tmp != '\0'
543
or tmp_id != (gid_t)tmp_id){
544
argp_error(state, "Bad group ID number: \"%s\", using %"
545
PRIdMAX, arg, (intmax_t)gid);
546
break;
547
}
548
gid = (gid_t)tmp_id;
549
errno = 0;
468
550
break;
469
551
case 132: /* --debug */
470
552
debug = true;
471
553
break;
554
case 133: /* --plugin-helper-dir */
555
free(pluginhelperdir);
556
pluginhelperdir = strdup(arg);
557
if(pluginhelperdir != NULL){
558
errno = 0;
559
}
560
break;
561
/*
562
* These reproduce what we would get without ARGP_NO_HELP
563
*/
564
case '?': /* --help */
565
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
566
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
567
case -3: /* --usage */
568
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
569
argp_state_help(state, state->out_stream,
570
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
571
case 'V': /* --version */
572
fprintf(state->out_stream, "%s\n", argp_program_version);
573
exit(EXIT_SUCCESS);
574
break;
575
/*
576
* When adding more options before this line, remember to also add a
577
* "case" to the "parse_opt_config_file" function below.
578
*/
472
579
case ARGP_KEY_ARG:
473
580
/* Cryptsetup always passes an argument, which is an empty
474
581
string if "none" was specified in /etc/crypttab. So if
475
582
argument was empty, we ignore it silently. */
476
if(arg[0] != '\0'){
477
fprintf(stderr, "Ignoring unknown argument \"%s\"\n", arg);
583
if(arg[0] == '\0'){
584
break;
478
585
}
479
break;
480
case ARGP_KEY_END:
481
break;
586
/* FALLTHROUGH */
482
587
default:
483
588
return ARGP_ERR_UNKNOWN;
484
589
}
485
return 0;
590
return errno; /* Set to 0 at start */
486
591
}
487
592
488
593
/* This option parser is the same as parse_opt() above, except it
489
594
ignores everything but the --config-file option. */
490
error_t parse_opt_config_file (int key, char *arg,
491
__attribute__((unused))
492
struct argp_state *state) {
493
switch (key) {
595
error_t parse_opt_config_file(int key, char *arg,
596
__attribute__((unused))
597
struct argp_state *state){
598
errno = 0;
599
switch(key){
494
600
case 'g': /* --global-options */
495
601
case 'G': /* --global-env */
496
602
case 'o': /* --options-for */
502
608
case 129: /* --config-file */
503
609
free(argfile);
504
610
argfile = strdup(arg);
505
if(argfile == NULL){
506
perror("strdup");
611
if(argfile != NULL){
612
errno = 0;
507
613
}
508
break;
614
break;
509
615
case 130: /* --userid */
510
616
case 131: /* --groupid */
511
617
case 132: /* --debug */
618
case 133: /* --plugin-helper-dir */
619
case '?': /* --help */
620
case -3: /* --usage */
621
case 'V': /* --version */
512
622
case ARGP_KEY_ARG:
513
case ARGP_KEY_END:
514
623
break;
515
624
default:
516
625
return ARGP_ERR_UNKNOWN;
517
626
}
518
return 0;
627
return errno;
519
628
}
520
629
521
630
struct argp argp = { .options = options,
523
632
.args_doc = "",
524
633
.doc = "Mandos plugin runner -- Run plugins" };
525
634
526
/* Parse using the parse_opt_config_file in order to get the custom
635
/* Parse using parse_opt_config_file() in order to get the custom
527
636
config file location, if any. */
528
ret = argp_parse (&argp, argc, argv, ARGP_IN_ORDER, 0, NULL);
529
if (ret == ARGP_ERR_UNKNOWN){
530
fprintf(stderr, "Unknown error while parsing arguments\n");
531
exitstatus = EXIT_FAILURE;
637
ret = argp_parse(&argp, argc, argv,
638
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
639
NULL, NULL);
640
switch(ret){
641
case 0:
642
break;
643
case ENOMEM:
644
default:
645
errno = ret;
646
error(0, errno, "argp_parse");
647
exitstatus = EX_OSERR;
648
goto fallback;
649
case EINVAL:
650
exitstatus = EX_USAGE;
532
651
goto fallback;
533
652
}
534
653
536
655
argp.parser = parse_opt;
537
656
538
657
/* Open the configfile if available */
539
if (argfile == NULL){
658
if(argfile == NULL){
540
659
conffp = fopen(AFILE, "r");
541
660
} else {
542
661
conffp = fopen(argfile, "r");
543
}
662
}
544
663
if(conffp != NULL){
545
664
char *org_line = NULL;
546
665
char *p, *arg, *new_arg, *line;
547
666
size_t size = 0;
548
ssize_t sret;
549
667
const char whitespace_delims[] = " \r\t\f\v\n";
550
668
const char comment_delim[] = "#";
551
669
552
670
custom_argc = 1;
553
671
custom_argv = malloc(sizeof(char*) * 2);
554
672
if(custom_argv == NULL){
555
perror("malloc");
556
exitstatus = EXIT_FAILURE;
673
error(0, errno, "malloc");
674
exitstatus = EX_OSERR;
557
675
goto fallback;
558
676
}
559
677
custom_argv[0] = argv[0];
560
678
custom_argv[1] = NULL;
561
679
562
680
/* for each line in the config file, strip whitespace and ignore
563
681
commented text */
564
682
while(true){
566
684
if(sret == -1){
567
685
break;
568
686
}
569
687
570
688
line = org_line;
571
689
arg = strsep(&line, comment_delim);
572
690
while((p = strsep(&arg, whitespace_delims)) != NULL){
575
693
}
576
694
new_arg = strdup(p);
577
695
if(new_arg == NULL){
578
perror("strdup");
579
exitstatus = EXIT_FAILURE;
696
error(0, errno, "strdup");
697
exitstatus = EX_OSERR;
580
698
free(org_line);
581
699
goto fallback;
582
700
}
583
701
584
702
custom_argc += 1;
585
custom_argv = realloc(custom_argv, sizeof(char *)
586
* ((unsigned int) custom_argc + 1));
587
if(custom_argv == NULL){
588
perror("realloc");
589
exitstatus = EXIT_FAILURE;
590
free(org_line);
591
goto fallback;
703
{
704
char **new_argv = realloc(custom_argv, sizeof(char *)
705
* ((size_t)custom_argc + 1));
706
if(new_argv == NULL){
707
error(0, errno, "realloc");
708
exitstatus = EX_OSERR;
709
free(new_arg);
710
free(org_line);
711
goto fallback;
712
} else {
713
custom_argv = new_argv;
714
}
592
715
}
593
716
custom_argv[custom_argc-1] = new_arg;
594
custom_argv[custom_argc] = NULL;
717
custom_argv[custom_argc] = NULL;
595
718
}
596
719
}
720
do {
721
ret = fclose(conffp);
722
} while(ret == EOF and errno == EINTR);
723
if(ret == EOF){
724
error(0, errno, "fclose");
725
exitstatus = EX_IOERR;
726
goto fallback;
727
}
597
728
free(org_line);
598
729
} else {
599
730
/* Check for harmful errors and go to fallback. Other errors might
600
731
not affect opening plugins */
601
if (errno == EMFILE or errno == ENFILE or errno == ENOMEM){
602
perror("fopen");
603
exitstatus = EXIT_FAILURE;
732
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
733
error(0, errno, "fopen");
734
exitstatus = EX_OSERR;
604
735
goto fallback;
605
736
}
606
737
}
607
/* If there was any arguments from configuration file,
608
pass them to parser as command arguments */
738
/* If there were any arguments from the configuration file, pass
739
them to parser as command line arguments */
609
740
if(custom_argv != NULL){
610
ret = argp_parse (&argp, custom_argc, custom_argv, ARGP_IN_ORDER,
611
0, NULL);
612
if (ret == ARGP_ERR_UNKNOWN){
613
fprintf(stderr, "Unknown error while parsing arguments\n");
614
exitstatus = EXIT_FAILURE;
741
ret = argp_parse(&argp, custom_argc, custom_argv,
742
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
743
NULL, NULL);
744
switch(ret){
745
case 0:
746
break;
747
case ENOMEM:
748
default:
749
errno = ret;
750
error(0, errno, "argp_parse");
751
exitstatus = EX_OSERR;
752
goto fallback;
753
case EINVAL:
754
exitstatus = EX_CONFIG;
615
755
goto fallback;
616
756
}
617
757
}
618
758
619
759
/* Parse actual command line arguments, to let them override the
620
760
config file */
621
ret = argp_parse (&argp, argc, argv, ARGP_IN_ORDER, 0, NULL);
622
if (ret == ARGP_ERR_UNKNOWN){
623
fprintf(stderr, "Unknown error while parsing arguments\n");
624
exitstatus = EXIT_FAILURE;
625
goto fallback;
761
ret = argp_parse(&argp, argc, argv,
762
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
763
NULL, NULL);
764
switch(ret){
765
case 0:
766
break;
767
case ENOMEM:
768
default:
769
errno = ret;
770
error(0, errno, "argp_parse");
771
exitstatus = EX_OSERR;
772
goto fallback;
773
case EINVAL:
774
exitstatus = EX_USAGE;
775
goto fallback;
776
}
777
778
{
779
char *pluginhelperenv;
780
bool bret = true;
781
ret = asprintf(&pluginhelperenv, "MANDOSPLUGINHELPERDIR=%s",
782
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
783
if(ret != -1){
784
bret = add_environment(getplugin(NULL), pluginhelperenv, true);
785
}
786
if(ret == -1 or not bret){
787
error(0, errno, "Failed to set MANDOSPLUGINHELPERDIR"
788
" environment variable to \"%s\" for all plugins\n",
789
pluginhelperdir != NULL ? pluginhelperdir : PHDIR);
790
}
791
if(ret != -1){
792
free(pluginhelperenv);
793
}
626
794
}
627
795
628
796
if(debug){
629
for(plugin *p = plugin_list; p != NULL; p=p->next){
797
for(plugin *p = plugin_list; p != NULL; p = p->next){
630
798
fprintf(stderr, "Plugin: %s has %d arguments\n",
631
799
p->name ? p->name : "Global", p->argc - 1);
632
800
for(char **a = p->argv; *a != NULL; a++){
633
801
fprintf(stderr, "\tArg: %s\n", *a);
634
802
}
635
fprintf(stderr, "...and %u environment variables\n", p->envc);
803
fprintf(stderr, "...and %d environment variables\n", p->envc);
636
804
for(char **a = p->environ; *a != NULL; a++){
637
805
fprintf(stderr, "\t%s\n", *a);
638
806
}
639
807
}
640
808
}
641
809
642
/* Strip permissions down to nobody */
810
if(getuid() == 0){
811
/* Work around Debian bug #633582:
812
<https://bugs.debian.org/633582> */
813
int plugindir_fd = open(/* plugindir or */ PDIR, O_RDONLY);
814
if(plugindir_fd == -1){
815
if(errno != ENOENT){
816
error(0, errno, "open(\"" PDIR "\")");
817
}
818
} else {
819
ret = (int)TEMP_FAILURE_RETRY(fstat(plugindir_fd, &st));
820
if(ret == -1){
821
error(0, errno, "fstat");
822
} else {
823
if(S_ISDIR(st.st_mode) and st.st_uid == 0 and st.st_gid == 0){
824
ret = fchown(plugindir_fd, uid, gid);
825
if(ret == -1){
826
error(0, errno, "fchown");
827
}
828
}
829
}
830
close(plugindir_fd);
831
}
832
}
833
834
/* Lower permissions */
835
ret = setgid(gid);
836
if(ret == -1){
837
error(0, errno, "setgid");
838
}
643
839
ret = setuid(uid);
644
if (ret == -1){
645
perror("setuid");
646
}
647
setgid(gid);
648
if (ret == -1){
649
perror("setgid");
650
}
651
652
if (plugindir == NULL){
653
dir = opendir(PDIR);
654
} else {
655
dir = opendir(plugindir);
656
}
657
658
if(dir == NULL){
659
perror("Could not open plugin dir");
660
exitstatus = EXIT_FAILURE;
661
goto fallback;
662
}
663
664
/* Set the FD_CLOEXEC flag on the directory, if possible */
840
if(ret == -1){
841
error(0, errno, "setuid");
842
}
843
844
/* Open plugin directory with close_on_exec flag */
665
845
{
666
int dir_fd = dirfd(dir);
667
if(dir_fd >= 0){
668
ret = set_cloexec_flag(dir_fd);
669
if(ret < 0){
670
perror("set_cloexec_flag");
671
exitstatus = EXIT_FAILURE;
672
goto fallback;
846
dir_fd = open(plugindir != NULL ? plugindir : PDIR, O_RDONLY |
847
#ifdef O_CLOEXEC
848
O_CLOEXEC
849
#else /* not O_CLOEXEC */
850
0
851
#endif /* not O_CLOEXEC */
852
);
853
if(dir_fd == -1){
854
error(0, errno, "Could not open plugin dir");
855
exitstatus = EX_UNAVAILABLE;
856
goto fallback;
857
}
858
859
#ifndef O_CLOEXEC
860
/* Set the FD_CLOEXEC flag on the directory */
861
ret = set_cloexec_flag(dir_fd);
862
if(ret < 0){
863
error(0, errno, "set_cloexec_flag");
864
exitstatus = EX_OSERR;
865
goto fallback;
866
}
867
#endif /* O_CLOEXEC */
868
}
869
870
int good_name(const struct dirent * const dirent){
871
const char * const patterns[] = { ".*", "#*#", "*~", "*.dpkg-new",
872
"*.dpkg-old", "*.dpkg-bak",
873
"*.dpkg-divert", NULL };
874
#ifdef __GNUC__
875
#pragma GCC diagnostic push
876
#pragma GCC diagnostic ignored "-Wcast-qual"
877
#endif
878
for(const char **pat = (const char **)patterns;
879
*pat != NULL; pat++){
880
#ifdef __GNUC__
881
#pragma GCC diagnostic pop
882
#endif
883
if(fnmatch(*pat, dirent->d_name, FNM_FILE_NAME | FNM_PERIOD)
884
!= FNM_NOMATCH){
885
if(debug){
886
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
887
" matching pattern %s\n", dirent->d_name, *pat);
888
}
889
return 0;
673
890
}
674
891
}
892
return 1;
893
}
894
895
int numplugins = scandirat(dir_fd, ".", &direntries, good_name,
896
alphasort);
897
if(numplugins == -1){
898
error(0, errno, "Could not scan plugin dir");
899
direntries = NULL;
900
exitstatus = EX_OSERR;
901
goto fallback;
675
902
}
676
903
677
904
FD_ZERO(&rfds_all);
678
905
679
906
/* Read and execute any executable in the plugin directory*/
680
while(true){
681
dirst = readdir(dir);
682
683
/* All directory entries have been processed */
684
if(dirst == NULL){
685
if (errno == EBADF){
686
perror("readdir");
687
exitstatus = EXIT_FAILURE;
688
goto fallback;
689
}
690
break;
691
}
692
693
d_name_len = strlen(dirst->d_name);
694
695
/* Ignore dotfiles, backup files and other junk */
696
{
697
bool bad_name = false;
698
699
const char const *bad_prefixes[] = { ".", "#", NULL };
700
701
const char const *bad_suffixes[] = { "~", "#", ".dpkg-new",
702
".dpkg-old",
703
".dpkg-bak",
704
".dpkg-divert", NULL };
705
for(const char **pre = bad_prefixes; *pre != NULL; pre++){
706
size_t pre_len = strlen(*pre);
707
if((d_name_len >= pre_len)
708
and strncmp((dirst->d_name), *pre, pre_len) == 0){
709
if(debug){
710
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
711
" with bad prefix %s\n", dirst->d_name, *pre);
712
}
713
bad_name = true;
714
break;
715
}
716
}
717
if(bad_name){
718
continue;
719
}
720
for(const char **suf = bad_suffixes; *suf != NULL; suf++){
721
size_t suf_len = strlen(*suf);
722
if((d_name_len >= suf_len)
723
and (strcmp((dirst->d_name)+d_name_len-suf_len, *suf)
724
== 0)){
725
if(debug){
726
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
727
" with bad suffix %s\n", dirst->d_name, *suf);
728
}
729
bad_name = true;
730
break;
731
}
732
}
733
734
if(bad_name){
735
continue;
736
}
737
}
738
739
char *filename;
740
if(plugindir == NULL){
741
ret = asprintf(&filename, PDIR "/%s", dirst->d_name);
742
} else {
743
ret = asprintf(&filename, "%s/%s", plugindir, dirst->d_name);
744
}
745
if(ret < 0){
746
perror("asprintf");
747
continue;
748
}
749
750
ret = stat(filename, &st);
751
if (ret == -1){
752
perror("stat");
753
free(filename);
754
continue;
755
}
756
907
for(int i = 0; i < numplugins; i++){
908
909
int plugin_fd = openat(dir_fd, direntries[i]->d_name, O_RDONLY);
910
if(plugin_fd == -1){
911
error(0, errno, "Could not open plugin");
912
free(direntries[i]);
913
continue;
914
}
915
ret = (int)TEMP_FAILURE_RETRY(fstat(plugin_fd, &st));
916
if(ret == -1){
917
error(0, errno, "stat");
918
close(plugin_fd);
919
free(direntries[i]);
920
continue;
921
}
922
757
923
/* Ignore non-executable files */
758
if (not S_ISREG(st.st_mode) or (access(filename, X_OK) != 0)){
924
if(not S_ISREG(st.st_mode)
925
or (TEMP_FAILURE_RETRY(faccessat(dir_fd, direntries[i]->d_name,
926
X_OK, 0)) != 0)){
759
927
if(debug){
760
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
761
" with bad type or mode\n", filename);
928
fprintf(stderr, "Ignoring plugin dir entry \"%s/%s\""
929
" with bad type or mode\n",
930
plugindir != NULL ? plugindir : PDIR,
931
direntries[i]->d_name);
762
932
}
763
free(filename);
933
close(plugin_fd);
934
free(direntries[i]);
764
935
continue;
765
936
}
766
937
767
plugin *p = getplugin(dirst->d_name);
938
plugin *p = getplugin(direntries[i]->d_name);
768
939
if(p == NULL){
769
perror("getplugin");
770
free(filename);
940
error(0, errno, "getplugin");
941
close(plugin_fd);
942
free(direntries[i]);
771
943
continue;
772
944
}
773
945
if(p->disabled){
774
946
if(debug){
775
947
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
776
dirst->d_name);
948
direntries[i]->d_name);
777
949
}
778
free(filename);
950
close(plugin_fd);
951
free(direntries[i]);
779
952
continue;
780
953
}
781
954
{
784
957
if(g != NULL){
785
958
for(char **a = g->argv + 1; *a != NULL; a++){
786
959
if(not add_argument(p, *a)){
787
perror("add_argument");
960
error(0, errno, "add_argument");
788
961
}
789
962
}
790
963
/* Add global environment variables */
791
964
for(char **e = g->environ; *e != NULL; e++){
792
965
if(not add_environment(p, *e, false)){
793
perror("add_environment");
966
error(0, errno, "add_environment");
794
967
}
795
968
}
796
969
}
797
970
}
798
/* If this plugin has any environment variables, we will call
799
using execve and need to duplicate the environment from this
800
process, too. */
971
/* If this plugin has any environment variables, we need to
972
duplicate the environment from this process, too. */
801
973
if(p->environ[0] != NULL){
802
974
for(char **e = environ; *e != NULL; e++){
803
975
if(not add_environment(p, *e, false)){
804
perror("add_environment");
976
error(0, errno, "add_environment");
805
977
}
806
978
}
807
979
}
808
980
809
981
int pipefd[2];
810
ret = pipe(pipefd);
811
if (ret == -1){
812
perror("pipe");
813
exitstatus = EXIT_FAILURE;
814
goto fallback;
815
}
982
#ifndef O_CLOEXEC
983
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
984
#else /* O_CLOEXEC */
985
ret = (int)TEMP_FAILURE_RETRY(pipe2(pipefd, O_CLOEXEC));
986
#endif /* O_CLOEXEC */
987
if(ret == -1){
988
error(0, errno, "pipe");
989
exitstatus = EX_OSERR;
990
free(direntries[i]);
991
goto fallback;
992
}
993
if(pipefd[0] >= FD_SETSIZE){
994
fprintf(stderr, "pipe()[0] (%d) >= FD_SETSIZE (%d)", pipefd[0],
995
FD_SETSIZE);
996
close(pipefd[0]);
997
close(pipefd[1]);
998
exitstatus = EX_OSERR;
999
free(direntries[i]);
1000
goto fallback;
1001
}
1002
#ifndef O_CLOEXEC
816
1003
/* Ask OS to automatic close the pipe on exec */
817
1004
ret = set_cloexec_flag(pipefd[0]);
818
1005
if(ret < 0){
819
perror("set_cloexec_flag");
820
exitstatus = EXIT_FAILURE;
1006
error(0, errno, "set_cloexec_flag");
1007
close(pipefd[0]);
1008
close(pipefd[1]);
1009
exitstatus = EX_OSERR;
1010
free(direntries[i]);
821
1011
goto fallback;
822
1012
}
823
1013
ret = set_cloexec_flag(pipefd[1]);
824
1014
if(ret < 0){
825
perror("set_cloexec_flag");
826
exitstatus = EXIT_FAILURE;
1015
error(0, errno, "set_cloexec_flag");
1016
close(pipefd[0]);
1017
close(pipefd[1]);
1018
exitstatus = EX_OSERR;
1019
free(direntries[i]);
827
1020
goto fallback;
828
1021
}
1022
#endif /* not O_CLOEXEC */
829
1023
/* Block SIGCHLD until process is safely in process list */
830
ret = sigprocmask (SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1024
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
1025
&sigchld_action.sa_mask,
1026
NULL));
831
1027
if(ret < 0){
832
perror("sigprocmask");
833
exitstatus = EXIT_FAILURE;
1028
error(0, errno, "sigprocmask");
1029
exitstatus = EX_OSERR;
1030
free(direntries[i]);
834
1031
goto fallback;
835
1032
}
836
1033
/* Starting a new process to be watched */
837
pid_t pid = fork();
1034
pid_t pid;
1035
do {
1036
pid = fork();
1037
} while(pid == -1 and errno == EINTR);
838
1038
if(pid == -1){
839
perror("fork");
840
exitstatus = EXIT_FAILURE;
1039
error(0, errno, "fork");
1040
TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1041
&sigchld_action.sa_mask, NULL));
1042
close(pipefd[0]);
1043
close(pipefd[1]);
1044
exitstatus = EX_OSERR;
1045
free(direntries[i]);
841
1046
goto fallback;
842
1047
}
843
1048
if(pid == 0){
844
1049
/* this is the child process */
845
1050
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
846
1051
if(ret < 0){
847
perror("sigaction");
848
_exit(EXIT_FAILURE);
1052
error(0, errno, "sigaction");
1053
_exit(EX_OSERR);
849
1054
}
850
1055
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
851
1056
if(ret < 0){
852
perror("sigprocmask");
853
_exit(EXIT_FAILURE);
1057
error(0, errno, "sigprocmask");
1058
_exit(EX_OSERR);
854
1059
}
855
1060
856
1061
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
857
1062
if(ret == -1){
858
perror("dup2");
859
_exit(EXIT_FAILURE);
1063
error(0, errno, "dup2");
1064
_exit(EX_OSERR);
860
1065
}
861
1066
862
if(dirfd(dir) < 0){
863
/* If dir has no file descriptor, we could not set FD_CLOEXEC
864
above and must now close it manually here. */
865
closedir(dir);
866
}
867
if(p->environ[0] == NULL){
868
if(execv(filename, p->argv) < 0){
869
perror("execv");
870
_exit(EXIT_FAILURE);
871
}
872
} else {
873
if(execve(filename, p->argv, p->environ) < 0){
874
perror("execve");
875
_exit(EXIT_FAILURE);
876
}
1067
if(fexecve(plugin_fd, p->argv,
1068
(p->environ[0] != NULL) ? p->environ : environ) < 0){
1069
error(0, errno, "fexecve for %s/%s",
1070
plugindir != NULL ? plugindir : PDIR,
1071
direntries[i]->d_name);
1072
_exit(EX_OSERR);
877
1073
}
878
1074
/* no return */
879
1075
}
880
1076
/* Parent process */
881
1077
close(pipefd[1]); /* Close unused write end of pipe */
882
free(filename);
883
plugin *new_plugin = getplugin(dirst->d_name);
884
if (new_plugin == NULL){
885
perror("getplugin");
886
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1078
close(plugin_fd);
1079
plugin *new_plugin = getplugin(direntries[i]->d_name);
1080
if(new_plugin == NULL){
1081
error(0, errno, "getplugin");
1082
ret = (int)(TEMP_FAILURE_RETRY
1083
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1084
NULL)));
887
1085
if(ret < 0){
888
perror("sigprocmask");
1086
error(0, errno, "sigprocmask");
889
1087
}
890
exitstatus = EXIT_FAILURE;
1088
exitstatus = EX_OSERR;
1089
free(direntries[i]);
891
1090
goto fallback;
892
1091
}
1092
free(direntries[i]);
893
1093
894
1094
new_plugin->pid = pid;
895
1095
new_plugin->fd = pipefd[0];
896
1096
1097
if(debug){
1098
fprintf(stderr, "Plugin %s started (PID %" PRIdMAX ")\n",
1099
new_plugin->name, (intmax_t) (new_plugin->pid));
1100
}
1101
897
1102
/* Unblock SIGCHLD so signal handler can be run if this process
898
1103
has already completed */
899
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
1104
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1105
&sigchld_action.sa_mask,
1106
NULL));
900
1107
if(ret < 0){
901
perror("sigprocmask");
902
exitstatus = EXIT_FAILURE;
1108
error(0, errno, "sigprocmask");
1109
exitstatus = EX_OSERR;
903
1110
goto fallback;
904
1111
}
905
1112
906
1113
FD_SET(new_plugin->fd, &rfds_all);
907
1114
908
if (maxfd < new_plugin->fd){
1115
if(maxfd < new_plugin->fd){
909
1116
maxfd = new_plugin->fd;
910
1117
}
911
1118
}
912
1119
913
closedir(dir);
914
dir = NULL;
1120
free(direntries);
1121
direntries = NULL;
1122
close(dir_fd);
1123
dir_fd = -1;
1124
free_plugin(getplugin(NULL));
915
1125
916
1126
for(plugin *p = plugin_list; p != NULL; p = p->next){
917
1127
if(p->pid != 0){
928
1138
while(plugin_list){
929
1139
fd_set rfds = rfds_all;
930
1140
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
931
if (select_ret == -1){
932
perror("select");
933
exitstatus = EXIT_FAILURE;
1141
if(select_ret == -1 and errno != EINTR){
1142
error(0, errno, "select");
1143
exitstatus = EX_OSERR;
934
1144
goto fallback;
935
1145
}
936
1146
/* OK, now either a process completed, or something can be read
937
1147
from one of them */
938
1148
for(plugin *proc = plugin_list; proc != NULL;){
939
1149
/* Is this process completely done? */
940
if(proc->eof and proc->completed){
1150
if(proc->completed and proc->eof){
941
1151
/* Only accept the plugin output if it exited cleanly */
942
1152
if(not WIFEXITED(proc->status)
943
1153
or WEXITSTATUS(proc->status) != 0){
944
1154
/* Bad exit by plugin */
945
1155
946
1156
if(debug){
947
1157
if(WIFEXITED(proc->status)){
948
fprintf(stderr, "Plugin %u exited with status %d\n",
949
(unsigned int) (proc->pid),
1158
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1159
" status %d\n", proc->name,
1160
(intmax_t) (proc->pid),
950
1161
WEXITSTATUS(proc->status));
951
} else if(WIFSIGNALED(proc->status)) {
952
fprintf(stderr, "Plugin %u killed by signal %d\n",
953
(unsigned int) (proc->pid),
954
WTERMSIG(proc->status));
955
} else if(WCOREDUMP(proc->status)){
956
fprintf(stderr, "Plugin %d dumped core\n",
957
(unsigned int) (proc->pid));
1162
} else if(WIFSIGNALED(proc->status)){
1163
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1164
" signal %d: %s\n", proc->name,
1165
(intmax_t) (proc->pid),
1166
WTERMSIG(proc->status),
1167
strsignal(WTERMSIG(proc->status)));
958
1168
}
959
1169
}
960
1170
961
1171
/* Remove the plugin */
962
1172
FD_CLR(proc->fd, &rfds_all);
963
1173
964
1174
/* Block signal while modifying process_list */
965
ret = sigprocmask(SIG_BLOCK, &sigchld_action.sa_mask, NULL);
1175
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1176
(SIG_BLOCK,
1177
&sigchld_action.sa_mask,
1178
NULL));
966
1179
if(ret < 0){
967
perror("sigprocmask");
968
exitstatus = EXIT_FAILURE;
1180
error(0, errno, "sigprocmask");
1181
exitstatus = EX_OSERR;
969
1182
goto fallback;
970
1183
}
971
1184
974
1187
proc = next_plugin;
975
1188
976
1189
/* We are done modifying process list, so unblock signal */
977
ret = sigprocmask (SIG_UNBLOCK, &sigchld_action.sa_mask,
978
NULL);
1190
ret = (int)(TEMP_FAILURE_RETRY
1191
(sigprocmask(SIG_UNBLOCK,
1192
&sigchld_action.sa_mask, NULL)));
979
1193
if(ret < 0){
980
perror("sigprocmask");
981
exitstatus = EXIT_FAILURE;
1194
error(0, errno, "sigprocmask");
1195
exitstatus = EX_OSERR;
982
1196
goto fallback;
983
1197
}
984
1198
994
1208
bool bret = print_out_password(proc->buffer,
995
1209
proc->buffer_length);
996
1210
if(not bret){
997
perror("print_out_password");
998
exitstatus = EXIT_FAILURE;
1211
error(0, errno, "print_out_password");
1212
exitstatus = EX_IOERR;
999
1213
}
1000
1214
goto fallback;
1001
1215
}
1008
1222
}
1009
1223
/* Before reading, make the process' data buffer large enough */
1010
1224
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1011
proc->buffer = realloc(proc->buffer, proc->buffer_size
1012
+ (size_t) BUFFER_SIZE);
1013
if (proc->buffer == NULL){
1014
perror("malloc");
1015
exitstatus = EXIT_FAILURE;
1225
char *new_buffer = realloc(proc->buffer, proc->buffer_size
1226
+ (size_t) BUFFER_SIZE);
1227
if(new_buffer == NULL){
1228
error(0, errno, "malloc");
1229
exitstatus = EX_OSERR;
1016
1230
goto fallback;
1017
1231
}
1232
proc->buffer = new_buffer;
1018
1233
proc->buffer_size += BUFFER_SIZE;
1019
1234
}
1020
1235
/* Read from the process */
1021
ret = read(proc->fd, proc->buffer + proc->buffer_length,
1022
BUFFER_SIZE);
1023
if(ret < 0){
1236
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1237
proc->buffer
1238
+ proc->buffer_length,
1239
BUFFER_SIZE));
1240
if(sret < 0){
1024
1241
/* Read error from this process; ignore the error */
1025
1242
proc = proc->next;
1026
1243
continue;
1027
1244
}
1028
if(ret == 0){
1245
if(sret == 0){
1029
1246
/* got EOF */
1030
1247
proc->eof = true;
1031
1248
} else {
1032
proc->buffer_length += (size_t) ret;
1249
proc->buffer_length += (size_t) sret;
1033
1250
}
1034
1251
}
1035
1252
}
1036
1037
1253
1254
1038
1255
fallback:
1039
1256
1040
if(plugin_list == NULL or exitstatus != EXIT_SUCCESS){
1257
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1258
and exitstatus != EX_OK)){
1041
1259
/* Fallback if all plugins failed, none are found or an error
1042
1260
occured */
1043
1261
bool bret;
1051
1269
}
1052
1270
bret = print_out_password(passwordbuffer, len);
1053
1271
if(not bret){
1054
perror("print_out_password");
1055
exitstatus = EXIT_FAILURE;
1272
error(0, errno, "print_out_password");
1273
exitstatus = EX_IOERR;
1056
1274
}
1057
1275
}
1058
1276
1059
1277
/* Restore old signal handler */
1060
1278
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1061
1279
if(ret == -1){
1062
perror("sigaction");
1063
exitstatus = EXIT_FAILURE;
1280
error(0, errno, "sigaction");
1281
exitstatus = EX_OSERR;
1064
1282
}
1065
1283
1066
1284
if(custom_argv != NULL){
1070
1288
free(custom_argv);
1071
1289
}
1072
1290
1073
if(dir != NULL){
1074
closedir(dir);
1291
free(direntries);
1292
1293
if(dir_fd != -1){
1294
close(dir_fd);
1075
1295
}
1076
1296
1077
1297
/* Kill the processes */
1081
1301
ret = kill(p->pid, SIGTERM);
1082
1302
if(ret == -1 and errno != ESRCH){
1083
1303
/* Set-uid proccesses might not get closed */
1084
perror("kill");
1304
error(0, errno, "kill");
1085
1305
}
1086
1306
}
1087
1307
}
1088
1308
1089
1309
/* Wait for any remaining child processes to terminate */
1090
do{
1310
do {
1091
1311
ret = wait(NULL);
1092
1312
} while(ret >= 0);
1093
1313
if(errno != ECHILD){
1094
perror("wait");
1314
error(0, errno, "wait");
1095
1315
}
1096
1316
1097
1317
free_plugin_list();
1098
1318
1099
1319
free(plugindir);
1320
free(pluginhelperdir);
1100
1321
free(argfile);
1101
1322
1102
1323
return exitstatus;
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0