3
3
* Password-prompt - Read a password from the terminal and print it
5
* Copyright © 2008-2010 Teddy Hogeborn
6
* Copyright © 2008-2010 Björn Påhlsson
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
13
* This program is distributed in the hope that it will be useful, but
5
* Copyright © 2008-2018 Teddy Hogeborn
6
* Copyright © 2008-2018 Björn Påhlsson
8
* This file is part of Mandos.
10
* Mandos is free software: you can redistribute it and/or modify it
11
* under the terms of the GNU General Public License as published by
12
* the Free Software Foundation, either version 3 of the License, or
13
* (at your option) any later version.
15
* Mandos is distributed in the hope that it will be useful, but
14
16
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
17
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
18
* General Public License for more details.
18
20
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
21
* along with Mandos. If not, see <http://www.gnu.org/licenses/>.
22
* Contact the authors at <mandos@fukt.bsnet.se>.
23
* Contact the authors at <mandos@recompile.se>.
25
26
#define _GNU_SOURCE /* getline(), asprintf() */
41
42
getenv(), free() */
42
43
#include <dirent.h> /* scandir(), alphasort() */
43
44
#include <stdio.h> /* fprintf(), stderr, getline(),
44
stdin, feof(), fputc()
45
stdin, feof(), fputc(), vfprintf(),
46
47
#include <errno.h> /* errno, EBADF, ENOTTY, EINVAL,
47
48
EFAULT, EFBIG, EIO, ENOSPC, EINTR
51
52
#include <stdbool.h> /* bool, false, true */
52
53
#include <inttypes.h> /* strtoumax() */
53
54
#include <sys/stat.h> /* struct stat, lstat(), open() */
54
#include <string.h> /* strlen, rindex, memcmp */
55
#include <string.h> /* strlen, rindex, memcmp, strerror()
55
57
#include <argp.h> /* struct argp_option, struct
56
58
argp_state, struct argp,
57
59
argp_parse(), error_t,
60
62
#include <sysexits.h> /* EX_SOFTWARE, EX_OSERR,
61
63
EX_UNAVAILABLE, EX_IOERR, EX_OK */
62
64
#include <fcntl.h> /* open() */
65
#include <stdarg.h> /* va_list, va_start(), ... */
64
67
volatile sig_atomic_t quit_now = 0;
65
68
int signal_received;
66
69
bool debug = false;
67
70
const char *argp_program_version = "password-prompt " VERSION;
68
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
71
const char *argp_program_bug_address = "<mandos@recompile.se>";
70
73
/* Needed for conflict resolution */
71
74
const char plymouth_name[] = "plymouthd";
72
const char plymouth_alt_name[] = "plymouthd";
76
/* Function to use when printing errors */
77
__attribute__((format (gnu_printf, 3, 4)))
78
void error_plus(int status, int errnum, const char *formatstring,
84
va_start(ap, formatstring);
85
ret = vasprintf(&text, formatstring, ap);
87
fprintf(stderr, "Mandos plugin %s: ",
88
program_invocation_short_name);
89
vfprintf(stderr, formatstring, ap);
90
fprintf(stderr, ": %s\n", strerror(errnum));
91
error(status, errno, "vasprintf while printing error");
94
fprintf(stderr, "Mandos plugin ");
95
error(status, errnum, "%s", text);
75
99
static void termination_handler(int signum){
86
110
from the terminal. Password-prompt will exit if it detects
87
111
plymouth since plymouth performs the same functionality.
113
__attribute__((nonnull))
89
114
int is_plymouth(const struct dirent *proc_entry){
96
maxvalue = strtoumax(proc_entry->d_name, &tmp, 10);
121
proc_id = strtoumax(proc_entry->d_name, &tmp, 10);
98
123
if(errno != 0 or *tmp != '\0'
99
or maxvalue != (uintmax_t)((pid_t)maxvalue)){
124
or proc_id != (uintmax_t)((pid_t)proc_id)){
105
130
ret = asprintf(&cmdline_filename, "/proc/%s/cmdline",
106
131
proc_entry->d_name);
108
error(0, errno, "asprintf");
133
error_plus(0, errno, "asprintf");
129
156
if(cmdline_len + blocksize + 1 > cmdline_allocated){
130
157
tmp = realloc(cmdline, cmdline_allocated + blocksize + 1);
132
error(0, errno, "realloc");
159
error_plus(0, errno, "realloc");
142
169
sret = read(cl_fd, cmdline + cmdline_len,
143
170
cmdline_allocated - cmdline_len);
145
error(0, errno, "read");
172
error_plus(0, errno, "read");
167
194
cmdline_base = cmdline;
170
if((strcmp(cmdline_base, plymouth_name) != 0)
171
and (strcmp(cmdline_base, plymouth_alt_name) != 0)){
197
if(strcmp(cmdline_base, plymouth_name) != 0){
173
fprintf(stderr, "\"%s\" is not \"%s\" or \"%s\"\n",
174
cmdline_base, plymouth_name, plymouth_alt_name);
199
fprintf(stderr, "\"%s\" is not \"%s\"\n", cmdline_base,
179
fprintf(stderr, "\"%s\" equals \"%s\" or \"%s\"\n",
180
cmdline_base, plymouth_name, plymouth_alt_name);
206
fprintf(stderr, "\"%s\" equals \"%s\"\n", cmdline_base,
185
struct dirent **direntries;
213
struct dirent **direntries = NULL;
187
215
ret = scandir("/proc", &direntries, is_plymouth, alphasort);
189
error(1, errno, "scandir");
217
error_plus(1, errno, "scandir");
274
310
fprintf(stderr, "Starting %s\n", argv[0]);
277
if (conflict_detection()){
313
if(conflict_detection()){
279
315
fprintf(stderr, "Stopping %s because of conflict\n", argv[0]);
288
324
if(tcgetattr(STDIN_FILENO, &t_old) != 0){
290
error(0, errno, "tcgetattr");
326
error_plus(0, errno, "tcgetattr");
300
336
sigemptyset(&new_action.sa_mask);
301
337
ret = sigaddset(&new_action.sa_mask, SIGINT);
303
error(0, errno, "sigaddset");
339
error_plus(0, errno, "sigaddset");
306
342
ret = sigaddset(&new_action.sa_mask, SIGHUP);
308
error(0, errno, "sigaddset");
344
error_plus(0, errno, "sigaddset");
311
347
ret = sigaddset(&new_action.sa_mask, SIGTERM);
313
error(0, errno, "sigaddset");
349
error_plus(0, errno, "sigaddset");
316
352
/* Need to check if the handler is SIG_IGN before handling:
320
356
ret = sigaction(SIGINT, NULL, &old_action);
322
error(0, errno, "sigaction");
358
error_plus(0, errno, "sigaction");
325
361
if(old_action.sa_handler != SIG_IGN){
326
362
ret = sigaction(SIGINT, &new_action, NULL);
328
error(0, errno, "sigaction");
364
error_plus(0, errno, "sigaction");
332
368
ret = sigaction(SIGHUP, NULL, &old_action);
334
error(0, errno, "sigaction");
370
error_plus(0, errno, "sigaction");
337
373
if(old_action.sa_handler != SIG_IGN){
338
374
ret = sigaction(SIGHUP, &new_action, NULL);
340
error(0, errno, "sigaction");
376
error_plus(0, errno, "sigaction");
344
380
ret = sigaction(SIGTERM, NULL, &old_action);
346
error(0, errno, "sigaction");
382
error_plus(0, errno, "sigaction");
349
385
if(old_action.sa_handler != SIG_IGN){
350
386
ret = sigaction(SIGTERM, &new_action, NULL);
352
error(0, errno, "sigaction");
388
error_plus(0, errno, "sigaction");
363
399
t_new.c_lflag &= ~(tcflag_t)ECHO;
364
400
if(tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_new) != 0){
366
error(0, errno, "tcsetattr-echo");
402
error_plus(0, errno, "tcsetattr-echo");
433
469
sret = write(STDOUT_FILENO, buffer + written, n - written);
436
error(0, errno, "write");
472
error_plus(0, errno, "write");
455
491
sret = close(STDOUT_FILENO);
458
error(0, errno, "close");
494
error_plus(0, errno, "close");
461
497
status = EX_OSFILE;
473
509
if(errno != EINTR and not feof(stdin)){
474
error(0, errno, "getline");
510
error_plus(0, errno, "getline");
477
513
status = EX_UNAVAILABLE;
500
537
fprintf(stderr, "Restoring terminal attributes\n");
502
539
if(tcsetattr(STDIN_FILENO, TCSAFLUSH, &t_old) != 0){
503
error(0, errno, "tcsetattr+echo");
540
error_plus(0, errno, "tcsetattr+echo");
508
545
old_action.sa_handler = SIG_DFL;
509
546
ret = sigaction(signal_received, &old_action, NULL);
511
error(0, errno, "sigaction");
548
error_plus(0, errno, "sigaction");
513
550
raise(signal_received);
added
removed
plugins.d/password-prompt.c
