To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to plugbasedclient.c
- browse files at revision 13
- compare with another revision
- download diff
- download tarball
- view history from revision 13
- Committer: Björn Påhlsson
- Date: 2008-07-20 02:52:20 UTC
- Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server
- files added:
- ca.pem
- files removed:
- .bzr-builddeb
- debian
- debian/po
- files renamed:
- clients.conf => mandos-clients.conf
- plugin-runner.c => plugbasedclient.c
- plugins.d/mandos-client.c => plugins.d/mandosclient.c
- plugins.d/password-prompt.c => plugins.d/passprompt.c
- mandos => server.py
- files modified:
- Makefile
added
removed
plugbasedclient.c
1
/* -*- coding: utf-8; mode: c; mode: orgtbl -*- */
2
/*
3
* Mandos plugin runner - Run Mandos plugins
4
*
5
* Copyright © 2008,2009 Teddy Hogeborn
6
* Copyright © 2008,2009 Björn Påhlsson
7
*
8
* This program is free software: you can redistribute it and/or
9
* modify it under the terms of the GNU General Public License as
10
* published by the Free Software Foundation, either version 3 of the
11
* License, or (at your option) any later version.
12
*
13
* This program is distributed in the hope that it will be useful, but
14
* WITHOUT ANY WARRANTY; without even the implied warranty of
15
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16
* General Public License for more details.
17
*
18
* You should have received a copy of the GNU General Public License
19
* along with this program. If not, see
20
* <http://www.gnu.org/licenses/>.
21
*
22
* Contact the authors at <mandos@fukt.bsnet.se>.
23
*/
24
25
#define _GNU_SOURCE /* TEMP_FAILURE_RETRY(), getline(),
26
asprintf(), O_CLOEXEC */
27
#include <stddef.h> /* size_t, NULL */
28
#include <stdlib.h> /* malloc(), exit(), EXIT_SUCCESS,
29
realloc() */
30
#include <stdbool.h> /* bool, true, false */
31
#include <stdio.h> /* fileno(), fprintf(),
32
stderr, STDOUT_FILENO */
33
#include <sys/types.h> /* DIR, fdopendir(), stat(), struct
34
stat, waitpid(), WIFEXITED(),
35
WEXITSTATUS(), wait(), pid_t,
36
uid_t, gid_t, getuid(), getgid(),
37
dirfd() */
38
#include <sys/select.h> /* fd_set, select(), FD_ZERO(),
39
FD_SET(), FD_ISSET(), FD_CLR */
40
#include <sys/wait.h> /* wait(), waitpid(), WIFEXITED(),
41
WEXITSTATUS(), WTERMSIG(),
42
WCOREDUMP() */
43
#include <sys/stat.h> /* struct stat, stat(), S_ISREG() */
44
#include <iso646.h> /* and, or, not */
45
#include <dirent.h> /* DIR, struct dirent, fdopendir(),
46
readdir(), closedir(), dirfd() */
47
#include <unistd.h> /* struct stat, stat(), S_ISREG(),
48
fcntl(), setuid(), setgid(),
49
F_GETFD, F_SETFD, FD_CLOEXEC,
50
access(), pipe(), fork(), close()
51
dup2(), STDOUT_FILENO, _exit(),
52
execv(), write(), read(),
53
close() */
54
#include <fcntl.h> /* fcntl(), F_GETFD, F_SETFD,
55
FD_CLOEXEC */
56
#include <string.h> /* strsep, strlen(), asprintf(),
57
strsignal(), strcmp(), strncmp() */
58
#include <errno.h> /* errno */
59
#include <argp.h> /* struct argp_option, struct
60
argp_state, struct argp,
61
argp_parse(), ARGP_ERR_UNKNOWN,
62
ARGP_KEY_END, ARGP_KEY_ARG,
63
error_t */
64
#include <signal.h> /* struct sigaction, sigemptyset(),
65
sigaddset(), sigaction(),
66
sigprocmask(), SIG_BLOCK, SIGCHLD,
67
SIG_UNBLOCK, kill(), sig_atomic_t
68
*/
69
#include <errno.h> /* errno, EBADF */
70
#include <inttypes.h> /* intmax_t, PRIdMAX, strtoimax() */
71
#include <sysexits.h> /* EX_OSERR, EX_USAGE, EX_IOERR,
72
EX_CONFIG, EX_UNAVAILABLE, EX_OK */
73
#include <errno.h> /* errno */
74
#include <error.h> /* error() */
75
76
#define BUFFER_SIZE 256
77
78
#define PDIR "/lib/mandos/plugins.d"
79
#define AFILE "/conf/conf.d/mandos/plugin-runner.conf"
80
81
const char *argp_program_version = "plugin-runner " VERSION;
82
const char *argp_program_bug_address = "<mandos@fukt.bsnet.se>";
83
84
typedef struct plugin{
85
char *name; /* can be NULL or any plugin name */
86
char **argv;
87
int argc;
88
char **environ;
89
int envc;
90
bool disabled;
91
92
/* Variables used for running processes*/
1
#include <stdio.h> /* popen, fileno */
2
#include <iso646.h> /* and, or, not */
3
#include <sys/types.h> /* DIR, opendir, stat, struct stat, waitpid,
4
WIFEXITED, WEXITSTATUS, wait */
5
#include <sys/wait.h> /* wait */
6
#include <dirent.h> /* DIR, opendir */
7
#include <sys/stat.h> /* stat, struct stat */
8
#include <unistd.h> /* stat, struct stat, chdir */
9
#include <stdlib.h> /* EXIT_FAILURE */
10
#include <sys/select.h> /* fd_set, select, FD_ZERO, FD_SET, FD_ISSET */
11
#include <string.h> /* strlen, strcpy, strcat */
12
#include <stdbool.h> /* true */
13
#include <sys/wait.h> /* waitpid, WIFEXITED, WEXITSTATUS */
14
#include <errno.h> /* errno */
15
16
struct process;
17
18
typedef struct process{
93
19
pid_t pid;
94
20
int fd;
95
21
char *buffer;
96
size_t buffer_size;
97
size_t buffer_length;
98
bool eof;
99
volatile sig_atomic_t completed;
100
int status;
101
struct plugin *next;
102
} plugin;
103
104
static plugin *plugin_list = NULL;
105
106
/* Gets an existing plugin based on name,
107
or if none is found, creates a new one */
108
static plugin *getplugin(char *name){
109
/* Check for existing plugin with that name */
110
for(plugin *p = plugin_list; p != NULL; p = p->next){
111
if((p->name == name)
112
or (p->name and name and (strcmp(p->name, name) == 0))){
113
return p;
114
}
115
}
116
/* Create a new plugin */
117
plugin *new_plugin = NULL;
118
do {
119
new_plugin = malloc(sizeof(plugin));
120
} while(new_plugin == NULL and errno == EINTR);
121
if(new_plugin == NULL){
122
return NULL;
123
}
124
char *copy_name = NULL;
125
if(name != NULL){
126
do {
127
copy_name = strdup(name);
128
} while(copy_name == NULL and errno == EINTR);
129
if(copy_name == NULL){
130
int e = errno;
131
free(new_plugin);
132
errno = e;
133
return NULL;
134
}
135
}
136
137
*new_plugin = (plugin){ .name = copy_name,
138
.argc = 1,
139
.disabled = false,
140
.next = plugin_list };
141
142
do {
143
new_plugin->argv = malloc(sizeof(char *) * 2);
144
} while(new_plugin->argv == NULL and errno == EINTR);
145
if(new_plugin->argv == NULL){
146
int e = errno;
147
free(copy_name);
148
free(new_plugin);
149
errno = e;
150
return NULL;
151
}
152
new_plugin->argv[0] = copy_name;
153
new_plugin->argv[1] = NULL;
154
155
do {
156
new_plugin->environ = malloc(sizeof(char *));
157
} while(new_plugin->environ == NULL and errno == EINTR);
158
if(new_plugin->environ == NULL){
159
int e = errno;
160
free(copy_name);
161
free(new_plugin->argv);
162
free(new_plugin);
163
errno = e;
164
return NULL;
165
}
166
new_plugin->environ[0] = NULL;
167
168
/* Append the new plugin to the list */
169
plugin_list = new_plugin;
170
return new_plugin;
171
}
172
173
/* Helper function for add_argument and add_environment */
174
static bool add_to_char_array(const char *new, char ***array,
175
int *len){
176
/* Resize the pointed-to array to hold one more pointer */
177
do {
178
*array = realloc(*array, sizeof(char *)
179
* (size_t) ((*len) + 2));
180
} while(*array == NULL and errno == EINTR);
181
/* Malloc check */
182
if(*array == NULL){
183
return false;
184
}
185
/* Make a copy of the new string */
186
char *copy;
187
do {
188
copy = strdup(new);
189
} while(copy == NULL and errno == EINTR);
190
if(copy == NULL){
191
return false;
192
}
193
/* Insert the copy */
194
(*array)[*len] = copy;
195
(*len)++;
196
/* Add a new terminating NULL pointer to the last element */
197
(*array)[*len] = NULL;
198
return true;
199
}
200
201
/* Add to a plugin's argument vector */
202
static bool add_argument(plugin *p, const char *arg){
203
if(p == NULL){
204
return false;
205
}
206
return add_to_char_array(arg, &(p->argv), &(p->argc));
207
}
208
209
/* Add to a plugin's environment */
210
static bool add_environment(plugin *p, const char *def, bool replace){
211
if(p == NULL){
212
return false;
213
}
214
/* namelen = length of name of environment variable */
215
size_t namelen = (size_t)(strchrnul(def, '=') - def);
216
/* Search for this environment variable */
217
for(char **e = p->environ; *e != NULL; e++){
218
if(strncmp(*e, def, namelen + 1) == 0){
219
/* It already exists */
220
if(replace){
221
char *new;
222
do {
223
new = realloc(*e, strlen(def) + 1);
224
} while(new == NULL and errno == EINTR);
225
if(new == NULL){
226
return false;
227
}
228
*e = new;
229
strcpy(*e, def);
230
}
231
return true;
232
}
233
}
234
return add_to_char_array(def, &(p->environ), &(p->envc));
235
}
236
237
/*
238
* Based on the example in the GNU LibC manual chapter 13.13 "File
239
* Descriptor Flags".
240
| [[info:libc:Descriptor%20Flags][File Descriptor Flags]] |
241
*/
242
static int set_cloexec_flag(int fd){
243
int ret = (int)TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
244
/* If reading the flags failed, return error indication now. */
245
if(ret < 0){
246
return ret;
247
}
248
/* Store modified flag word in the descriptor. */
249
return (int)TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD,
250
ret | FD_CLOEXEC));
251
}
252
253
254
/* Mark processes as completed when they exit, and save their exit
255
status. */
256
static void handle_sigchld(__attribute__((unused)) int sig){
257
int old_errno = errno;
258
while(true){
259
plugin *proc = plugin_list;
260
int status;
261
pid_t pid = waitpid(-1, &status, WNOHANG);
262
if(pid == 0){
263
/* Only still running child processes */
264
break;
265
}
266
if(pid == -1){
267
if(errno == ECHILD){
268
/* No child processes */
269
break;
270
}
271
error(0, errno, "waitpid");
272
}
273
274
/* A child exited, find it in process_list */
275
while(proc != NULL and proc->pid != pid){
276
proc = proc->next;
277
}
278
if(proc == NULL){
279
/* Process not found in process list */
280
continue;
281
}
282
proc->status = status;
283
proc->completed = 1;
284
}
285
errno = old_errno;
286
}
287
288
/* Prints out a password to stdout */
289
static bool print_out_password(const char *buffer, size_t length){
290
ssize_t ret;
291
for(size_t written = 0; written < length; written += (size_t)ret){
292
ret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buffer + written,
293
length - written));
294
if(ret < 0){
295
return false;
296
}
297
}
298
return true;
299
}
300
301
/* Removes and free a plugin from the plugin list */
302
static void free_plugin(plugin *plugin_node){
303
304
for(char **arg = plugin_node->argv; *arg != NULL; arg++){
305
free(*arg);
306
}
307
free(plugin_node->argv);
308
for(char **env = plugin_node->environ; *env != NULL; env++){
309
free(*env);
310
}
311
free(plugin_node->environ);
312
free(plugin_node->buffer);
313
314
/* Removes the plugin from the singly-linked list */
315
if(plugin_node == plugin_list){
316
/* First one - simple */
317
plugin_list = plugin_list->next;
318
} else {
319
/* Second one or later */
320
for(plugin *p = plugin_list; p != NULL; p = p->next){
321
if(p->next == plugin_node){
322
p->next = plugin_node->next;
323
break;
324
}
325
}
326
}
327
328
free(plugin_node);
329
}
330
331
static void free_plugin_list(void){
332
while(plugin_list != NULL){
333
free_plugin(plugin_list);
334
}
335
}
22
int buffer_size;
23
int buffer_length;
24
struct process *next;
25
} process;
26
27
#define BUFFER_SIZE 256
336
28
337
29
int main(int argc, char *argv[]){
338
char *plugindir = NULL;
339
char *argfile = NULL;
340
FILE *conffp;
341
size_t d_name_len;
342
DIR *dir = NULL;
30
char plugindir[] = "plugins.d";
31
size_t d_name_len, plugindir_len = sizeof(plugindir)-1;
32
DIR *dir;
343
33
struct dirent *dirst;
344
34
struct stat st;
345
fd_set rfds_all;
35
fd_set rfds_orig;
346
36
int ret, maxfd = 0;
347
ssize_t sret;
348
uid_t uid = 65534;
349
gid_t gid = 65534;
350
bool debug = false;
351
int exitstatus = EXIT_SUCCESS;
352
struct sigaction old_sigchld_action;
353
struct sigaction sigchld_action = { .sa_handler = handle_sigchld,
354
.sa_flags = SA_NOCLDSTOP };
355
char **custom_argv = NULL;
356
int custom_argc = 0;
357
358
/* Establish a signal handler */
359
sigemptyset(&sigchld_action.sa_mask);
360
ret = sigaddset(&sigchld_action.sa_mask, SIGCHLD);
361
if(ret == -1){
362
error(0, errno, "sigaddset");
363
exitstatus = EX_OSERR;
364
goto fallback;
365
}
366
ret = sigaction(SIGCHLD, &sigchld_action, &old_sigchld_action);
367
if(ret == -1){
368
error(0, errno, "sigaction");
369
exitstatus = EX_OSERR;
370
goto fallback;
371
}
372
373
/* The options we understand. */
374
struct argp_option options[] = {
375
{ .name = "global-options", .key = 'g',
376
.arg = "OPTION[,OPTION[,...]]",
377
.doc = "Options passed to all plugins" },
378
{ .name = "global-env", .key = 'G',
379
.arg = "VAR=value",
380
.doc = "Environment variable passed to all plugins" },
381
{ .name = "options-for", .key = 'o',
382
.arg = "PLUGIN:OPTION[,OPTION[,...]]",
383
.doc = "Options passed only to specified plugin" },
384
{ .name = "env-for", .key = 'E',
385
.arg = "PLUGIN:ENV=value",
386
.doc = "Environment variable passed to specified plugin" },
387
{ .name = "disable", .key = 'd',
388
.arg = "PLUGIN",
389
.doc = "Disable a specific plugin", .group = 1 },
390
{ .name = "enable", .key = 'e',
391
.arg = "PLUGIN",
392
.doc = "Enable a specific plugin", .group = 1 },
393
{ .name = "plugin-dir", .key = 128,
394
.arg = "DIRECTORY",
395
.doc = "Specify a different plugin directory", .group = 2 },
396
{ .name = "config-file", .key = 129,
397
.arg = "FILE",
398
.doc = "Specify a different configuration file", .group = 2 },
399
{ .name = "userid", .key = 130,
400
.arg = "ID", .flags = 0,
401
.doc = "User ID the plugins will run as", .group = 3 },
402
{ .name = "groupid", .key = 131,
403
.arg = "ID", .flags = 0,
404
.doc = "Group ID the plugins will run as", .group = 3 },
405
{ .name = "debug", .key = 132,
406
.doc = "Debug mode", .group = 4 },
407
/*
408
* These reproduce what we would get without ARGP_NO_HELP
409
*/
410
{ .name = "help", .key = '?',
411
.doc = "Give this help list", .group = -1 },
412
{ .name = "usage", .key = -3,
413
.doc = "Give a short usage message", .group = -1 },
414
{ .name = "version", .key = 'V',
415
.doc = "Print program version", .group = -1 },
416
{ .name = NULL }
417
};
418
419
error_t parse_opt(int key, char *arg, struct argp_state *state){
420
errno = 0;
421
switch(key){
422
char *tmp;
423
intmax_t tmpmax;
424
case 'g': /* --global-options */
425
{
426
char *plugin_option;
427
while((plugin_option = strsep(&arg, ",")) != NULL){
428
if(not add_argument(getplugin(NULL), plugin_option)){
429
break;
430
}
431
}
432
}
433
break;
434
case 'G': /* --global-env */
435
add_environment(getplugin(NULL), arg, true);
436
break;
437
case 'o': /* --options-for */
438
{
439
char *option_list = strchr(arg, ':');
440
if(option_list == NULL){
441
argp_error(state, "No colon in \"%s\"", arg);
442
errno = EINVAL;
443
break;
444
}
445
*option_list = '\0';
446
option_list++;
447
if(arg[0] == '\0'){
448
argp_error(state, "Empty plugin name");
449
errno = EINVAL;
450
break;
451
}
452
char *option;
453
while((option = strsep(&option_list, ",")) != NULL){
454
if(not add_argument(getplugin(arg), option)){
455
break;
456
}
457
}
458
}
459
break;
460
case 'E': /* --env-for */
461
{
462
char *envdef = strchr(arg, ':');
463
if(envdef == NULL){
464
argp_error(state, "No colon in \"%s\"", arg);
465
errno = EINVAL;
466
break;
467
}
468
*envdef = '\0';
469
envdef++;
470
if(arg[0] == '\0'){
471
argp_error(state, "Empty plugin name");
472
errno = EINVAL;
473
break;
474
}
475
add_environment(getplugin(arg), envdef, true);
476
}
477
break;
478
case 'd': /* --disable */
479
{
480
plugin *p = getplugin(arg);
481
if(p != NULL){
482
p->disabled = true;
483
}
484
}
485
break;
486
case 'e': /* --enable */
487
{
488
plugin *p = getplugin(arg);
489
if(p != NULL){
490
p->disabled = false;
491
}
492
}
493
break;
494
case 128: /* --plugin-dir */
495
free(plugindir);
496
plugindir = strdup(arg);
497
break;
498
case 129: /* --config-file */
499
/* This is already done by parse_opt_config_file() */
500
break;
501
case 130: /* --userid */
502
tmpmax = strtoimax(arg, &tmp, 10);
503
if(errno != 0 or tmp == arg or *tmp != '\0'
504
or tmpmax != (uid_t)tmpmax){
505
argp_error(state, "Bad user ID number: \"%s\", using %"
506
PRIdMAX, arg, (intmax_t)uid);
507
break;
508
}
509
uid = (uid_t)tmpmax;
510
break;
511
case 131: /* --groupid */
512
tmpmax = strtoimax(arg, &tmp, 10);
513
if(errno != 0 or tmp == arg or *tmp != '\0'
514
or tmpmax != (gid_t)tmpmax){
515
argp_error(state, "Bad group ID number: \"%s\", using %"
516
PRIdMAX, arg, (intmax_t)gid);
517
break;
518
}
519
gid = (gid_t)tmpmax;
520
break;
521
case 132: /* --debug */
522
debug = true;
523
break;
524
/*
525
* These reproduce what we would get without ARGP_NO_HELP
526
*/
527
case '?': /* --help */
528
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
529
argp_state_help(state, state->out_stream, ARGP_HELP_STD_HELP);
530
case -3: /* --usage */
531
state->flags &= ~(unsigned int)ARGP_NO_EXIT; /* force exit */
532
argp_state_help(state, state->out_stream,
533
ARGP_HELP_USAGE | ARGP_HELP_EXIT_OK);
534
case 'V': /* --version */
535
fprintf(state->out_stream, "%s\n", argp_program_version);
536
exit(EXIT_SUCCESS);
537
break;
538
/*
539
* When adding more options before this line, remember to also add a
540
* "case" to the "parse_opt_config_file" function below.
541
*/
542
case ARGP_KEY_ARG:
543
/* Cryptsetup always passes an argument, which is an empty
544
string if "none" was specified in /etc/crypttab. So if
545
argument was empty, we ignore it silently. */
546
if(arg[0] == '\0'){
547
break;
548
}
549
default:
550
return ARGP_ERR_UNKNOWN;
551
}
552
return errno; /* Set to 0 at start */
553
}
554
555
/* This option parser is the same as parse_opt() above, except it
556
ignores everything but the --config-file option. */
557
error_t parse_opt_config_file(int key, char *arg,
558
__attribute__((unused))
559
struct argp_state *state){
560
errno = 0;
561
switch(key){
562
case 'g': /* --global-options */
563
case 'G': /* --global-env */
564
case 'o': /* --options-for */
565
case 'E': /* --env-for */
566
case 'd': /* --disable */
567
case 'e': /* --enable */
568
case 128: /* --plugin-dir */
569
break;
570
case 129: /* --config-file */
571
free(argfile);
572
argfile = strdup(arg);
573
break;
574
case 130: /* --userid */
575
case 131: /* --groupid */
576
case 132: /* --debug */
577
case '?': /* --help */
578
case -3: /* --usage */
579
case 'V': /* --version */
580
case ARGP_KEY_ARG:
581
break;
582
default:
583
return ARGP_ERR_UNKNOWN;
584
}
585
return errno;
586
}
587
588
struct argp argp = { .options = options,
589
.parser = parse_opt_config_file,
590
.args_doc = "",
591
.doc = "Mandos plugin runner -- Run plugins" };
592
593
/* Parse using parse_opt_config_file() in order to get the custom
594
config file location, if any. */
595
ret = argp_parse(&argp, argc, argv,
596
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
597
NULL, NULL);
598
switch(ret){
599
case 0:
600
break;
601
case ENOMEM:
602
default:
603
errno = ret;
604
error(0, errno, "argp_parse");
605
exitstatus = EX_OSERR;
606
goto fallback;
607
case EINVAL:
608
exitstatus = EX_USAGE;
609
goto fallback;
610
}
611
612
/* Reset to the normal argument parser */
613
argp.parser = parse_opt;
614
615
/* Open the configfile if available */
616
if(argfile == NULL){
617
conffp = fopen(AFILE, "r");
618
} else {
619
conffp = fopen(argfile, "r");
620
}
621
if(conffp != NULL){
622
char *org_line = NULL;
623
char *p, *arg, *new_arg, *line;
624
size_t size = 0;
625
const char whitespace_delims[] = " \r\t\f\v\n";
626
const char comment_delim[] = "#";
627
628
custom_argc = 1;
629
custom_argv = malloc(sizeof(char*) * 2);
630
if(custom_argv == NULL){
631
error(0, errno, "malloc");
632
exitstatus = EX_OSERR;
633
goto fallback;
634
}
635
custom_argv[0] = argv[0];
636
custom_argv[1] = NULL;
637
638
/* for each line in the config file, strip whitespace and ignore
639
commented text */
640
while(true){
641
sret = getline(&org_line, &size, conffp);
642
if(sret == -1){
643
break;
644
}
645
646
line = org_line;
647
arg = strsep(&line, comment_delim);
648
while((p = strsep(&arg, whitespace_delims)) != NULL){
649
if(p[0] == '\0'){
650
continue;
651
}
652
new_arg = strdup(p);
653
if(new_arg == NULL){
654
error(0, errno, "strdup");
655
exitstatus = EX_OSERR;
656
free(org_line);
657
goto fallback;
658
}
659
660
custom_argc += 1;
661
custom_argv = realloc(custom_argv, sizeof(char *)
662
* ((unsigned int) custom_argc + 1));
663
if(custom_argv == NULL){
664
error(0, errno, "realloc");
665
exitstatus = EX_OSERR;
666
free(org_line);
667
goto fallback;
668
}
669
custom_argv[custom_argc-1] = new_arg;
670
custom_argv[custom_argc] = NULL;
671
}
672
}
673
do {
674
ret = fclose(conffp);
675
} while(ret == EOF and errno == EINTR);
676
if(ret == EOF){
677
error(0, errno, "fclose");
678
exitstatus = EX_IOERR;
679
goto fallback;
680
}
681
free(org_line);
682
} else {
683
/* Check for harmful errors and go to fallback. Other errors might
684
not affect opening plugins */
685
if(errno == EMFILE or errno == ENFILE or errno == ENOMEM){
686
error(0, errno, "fopen");
687
exitstatus = EX_OSERR;
688
goto fallback;
689
}
690
}
691
/* If there were any arguments from the configuration file, pass
692
them to parser as command line arguments */
693
if(custom_argv != NULL){
694
ret = argp_parse(&argp, custom_argc, custom_argv,
695
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
696
NULL, NULL);
697
switch(ret){
698
case 0:
699
break;
700
case ENOMEM:
701
default:
702
errno = ret;
703
error(0, errno, "argp_parse");
704
exitstatus = EX_OSERR;
705
goto fallback;
706
case EINVAL:
707
exitstatus = EX_CONFIG;
708
goto fallback;
709
}
710
}
711
712
/* Parse actual command line arguments, to let them override the
713
config file */
714
ret = argp_parse(&argp, argc, argv,
715
ARGP_IN_ORDER | ARGP_NO_EXIT | ARGP_NO_HELP,
716
NULL, NULL);
717
switch(ret){
718
case 0:
719
break;
720
case ENOMEM:
721
default:
722
errno = ret;
723
error(0, errno, "argp_parse");
724
exitstatus = EX_OSERR;
725
goto fallback;
726
case EINVAL:
727
exitstatus = EX_USAGE;
728
goto fallback;
729
}
730
731
if(debug){
732
for(plugin *p = plugin_list; p != NULL; p=p->next){
733
fprintf(stderr, "Plugin: %s has %d arguments\n",
734
p->name ? p->name : "Global", p->argc - 1);
735
for(char **a = p->argv; *a != NULL; a++){
736
fprintf(stderr, "\tArg: %s\n", *a);
737
}
738
fprintf(stderr, "...and %d environment variables\n", p->envc);
739
for(char **a = p->environ; *a != NULL; a++){
740
fprintf(stderr, "\t%s\n", *a);
741
}
742
}
743
}
744
745
/* Strip permissions down to nobody */
746
setgid(gid);
747
if(ret == -1){
748
error(0, errno, "setgid");
749
}
750
ret = setuid(uid);
751
if(ret == -1){
752
error(0, errno, "setuid");
753
}
754
755
/* Open plugin directory with close_on_exec flag */
756
{
757
int dir_fd = -1;
758
if(plugindir == NULL){
759
dir_fd = open(PDIR, O_RDONLY |
760
#ifdef O_CLOEXEC
761
O_CLOEXEC
762
#else /* not O_CLOEXEC */
763
0
764
#endif /* not O_CLOEXEC */
765
);
766
} else {
767
dir_fd = open(plugindir, O_RDONLY |
768
#ifdef O_CLOEXEC
769
O_CLOEXEC
770
#else /* not O_CLOEXEC */
771
0
772
#endif /* not O_CLOEXEC */
773
);
774
}
775
if(dir_fd == -1){
776
error(0, errno, "Could not open plugin dir");
777
exitstatus = EX_UNAVAILABLE;
778
goto fallback;
779
}
780
781
#ifndef O_CLOEXEC
782
/* Set the FD_CLOEXEC flag on the directory */
783
ret = set_cloexec_flag(dir_fd);
784
if(ret < 0){
785
error(0, errno, "set_cloexec_flag");
786
TEMP_FAILURE_RETRY(close(dir_fd));
787
exitstatus = EX_OSERR;
788
goto fallback;
789
}
790
#endif /* O_CLOEXEC */
791
792
dir = fdopendir(dir_fd);
793
if(dir == NULL){
794
error(0, errno, "Could not open plugin dir");
795
TEMP_FAILURE_RETRY(close(dir_fd));
796
exitstatus = EX_OSERR;
797
goto fallback;
798
}
799
}
800
801
FD_ZERO(&rfds_all);
802
803
/* Read and execute any executable in the plugin directory*/
37
process *process_list = NULL;
38
39
dir = opendir(plugindir);
40
41
if(dir == NULL){
42
fprintf(stderr, "Can not open directory\n");
43
return EXIT_FAILURE;
44
}
45
46
FD_ZERO(&rfds_orig);
47
804
48
while(true){
805
do {
806
dirst = readdir(dir);
807
} while(dirst == NULL and errno == EINTR);
49
dirst = readdir(dir);
808
50
809
/* All directory entries have been processed */
51
// All directory entries have been processed
810
52
if(dirst == NULL){
811
if(errno == EBADF){
812
error(0, errno, "readdir");
813
exitstatus = EX_IOERR;
814
goto fallback;
815
}
816
53
break;
817
54
}
818
55
819
56
d_name_len = strlen(dirst->d_name);
820
57
821
/* Ignore dotfiles, backup files and other junk */
822
{
823
bool bad_name = false;
824
825
const char const *bad_prefixes[] = { ".", "#", NULL };
826
827
const char const *bad_suffixes[] = { "~", "#", ".dpkg-new",
828
".dpkg-old",
829
".dpkg-bak",
830
".dpkg-divert", NULL };
831
for(const char **pre = bad_prefixes; *pre != NULL; pre++){
832
size_t pre_len = strlen(*pre);
833
if((d_name_len >= pre_len)
834
and strncmp((dirst->d_name), *pre, pre_len) == 0){
835
if(debug){
836
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
837
" with bad prefix %s\n", dirst->d_name, *pre);
838
}
839
bad_name = true;
840
break;
841
}
842
}
843
if(bad_name){
844
continue;
845
}
846
for(const char **suf = bad_suffixes; *suf != NULL; suf++){
847
size_t suf_len = strlen(*suf);
848
if((d_name_len >= suf_len)
849
and (strcmp((dirst->d_name) + d_name_len-suf_len, *suf)
850
== 0)){
851
if(debug){
852
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
853
" with bad suffix %s\n", dirst->d_name, *suf);
854
}
855
bad_name = true;
856
break;
857
}
858
}
859
860
if(bad_name){
861
continue;
862
}
863
}
864
865
char *filename;
866
if(plugindir == NULL){
867
ret = (int)TEMP_FAILURE_RETRY(asprintf(&filename, PDIR "/%s",
868
dirst->d_name));
869
} else {
870
ret = (int)TEMP_FAILURE_RETRY(asprintf(&filename, "%s/%s",
871
plugindir,
872
dirst->d_name));
873
}
874
if(ret < 0){
875
error(0, errno, "asprintf");
876
continue;
877
}
878
879
ret = (int)TEMP_FAILURE_RETRY(stat(filename, &st));
880
if(ret == -1){
881
error(0, errno, "stat");
882
free(filename);
883
continue;
884
}
885
886
/* Ignore non-executable files */
887
if(not S_ISREG(st.st_mode)
888
or (TEMP_FAILURE_RETRY(access(filename, X_OK)) != 0)){
889
if(debug){
890
fprintf(stderr, "Ignoring plugin dir entry \"%s\""
891
" with bad type or mode\n", filename);
892
}
893
free(filename);
894
continue;
895
}
896
897
plugin *p = getplugin(dirst->d_name);
898
if(p == NULL){
899
error(0, errno, "getplugin");
900
free(filename);
901
continue;
902
}
903
if(p->disabled){
904
if(debug){
905
fprintf(stderr, "Ignoring disabled plugin \"%s\"\n",
906
dirst->d_name);
907
}
908
free(filename);
909
continue;
910
}
911
{
912
/* Add global arguments to argument list for this plugin */
913
plugin *g = getplugin(NULL);
914
if(g != NULL){
915
for(char **a = g->argv + 1; *a != NULL; a++){
916
if(not add_argument(p, *a)){
917
error(0, errno, "add_argument");
918
}
919
}
920
/* Add global environment variables */
921
for(char **e = g->environ; *e != NULL; e++){
922
if(not add_environment(p, *e, false)){
923
error(0, errno, "add_environment");
924
}
925
}
926
}
927
}
928
/* If this plugin has any environment variables, we will call
929
using execve and need to duplicate the environment from this
930
process, too. */
931
if(p->environ[0] != NULL){
932
for(char **e = environ; *e != NULL; e++){
933
if(not add_environment(p, *e, false)){
934
error(0, errno, "add_environment");
935
}
936
}
937
}
938
939
int pipefd[2];
940
ret = (int)TEMP_FAILURE_RETRY(pipe(pipefd));
941
if(ret == -1){
942
error(0, errno, "pipe");
943
exitstatus = EX_OSERR;
944
goto fallback;
945
}
946
/* Ask OS to automatic close the pipe on exec */
947
ret = set_cloexec_flag(pipefd[0]);
948
if(ret < 0){
949
error(0, errno, "set_cloexec_flag");
950
exitstatus = EX_OSERR;
951
goto fallback;
952
}
953
ret = set_cloexec_flag(pipefd[1]);
954
if(ret < 0){
955
error(0, errno, "set_cloexec_flag");
956
exitstatus = EX_OSERR;
957
goto fallback;
958
}
959
/* Block SIGCHLD until process is safely in process list */
960
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_BLOCK,
961
&sigchld_action.sa_mask,
962
NULL));
963
if(ret < 0){
964
error(0, errno, "sigprocmask");
965
exitstatus = EX_OSERR;
966
goto fallback;
967
}
968
/* Starting a new process to be watched */
969
pid_t pid;
970
do {
971
pid = fork();
972
} while(pid == -1 and errno == EINTR);
973
if(pid == -1){
974
error(0, errno, "fork");
975
exitstatus = EX_OSERR;
976
goto fallback;
977
}
978
if(pid == 0){
979
/* this is the child process */
980
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
981
if(ret < 0){
982
error(0, errno, "sigaction");
983
_exit(EX_OSERR);
984
}
985
ret = sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask, NULL);
986
if(ret < 0){
987
error(0, errno, "sigprocmask");
988
_exit(EX_OSERR);
989
}
990
991
ret = dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
992
if(ret == -1){
993
error(0, errno, "dup2");
994
_exit(EX_OSERR);
995
}
996
997
if(dirfd(dir) < 0){
998
/* If dir has no file descriptor, we could not set FD_CLOEXEC
999
above and must now close it manually here. */
58
// Ignore dotfiles and backup files
59
if (dirst->d_name[0] == '.'
60
or dirst->d_name[d_name_len - 1] == '~'){
61
continue;
62
}
63
64
char *filename = malloc(d_name_len + plugindir_len + 1);
65
strcpy(filename, plugindir);
66
strcat(filename, "/");
67
strcat(filename, dirst->d_name);
68
69
stat(filename, &st);
70
71
if (S_ISREG(st.st_mode) and (access(filename, X_OK) == 0)){
72
// Starting a new process to be watched
73
process *new_process = malloc(sizeof(process));
74
int pipefd[2];
75
pipe(pipefd);
76
new_process->pid = fork();
77
if(new_process->pid == 0){
78
/* this is the child process */
1000
79
closedir(dir);
1001
}
1002
if(p->environ[0] == NULL){
1003
if(execv(filename, p->argv) < 0){
1004
error(0, errno, "execv for %s", filename);
1005
_exit(EX_OSERR);
1006
}
1007
} else {
1008
if(execve(filename, p->argv, p->environ) < 0){
1009
error(0, errno, "execve for %s", filename);
1010
_exit(EX_OSERR);
1011
}
1012
}
1013
/* no return */
1014
}
1015
/* Parent process */
1016
TEMP_FAILURE_RETRY(close(pipefd[1])); /* Close unused write end of
1017
pipe */
1018
free(filename);
1019
plugin *new_plugin = getplugin(dirst->d_name);
1020
if(new_plugin == NULL){
1021
error(0, errno, "getplugin");
1022
ret = (int)(TEMP_FAILURE_RETRY
1023
(sigprocmask(SIG_UNBLOCK, &sigchld_action.sa_mask,
1024
NULL)));
1025
if(ret < 0){
1026
error(0, errno, "sigprocmask");
1027
}
1028
exitstatus = EX_OSERR;
1029
goto fallback;
1030
}
1031
1032
new_plugin->pid = pid;
1033
new_plugin->fd = pipefd[0];
1034
1035
/* Unblock SIGCHLD so signal handler can be run if this process
1036
has already completed */
1037
ret = (int)TEMP_FAILURE_RETRY(sigprocmask(SIG_UNBLOCK,
1038
&sigchld_action.sa_mask,
1039
NULL));
1040
if(ret < 0){
1041
error(0, errno, "sigprocmask");
1042
exitstatus = EX_OSERR;
1043
goto fallback;
1044
}
1045
1046
FD_SET(new_plugin->fd, &rfds_all); /* Spurious warning from
1047
-Wconversion */
1048
1049
if(maxfd < new_plugin->fd){
1050
maxfd = new_plugin->fd;
1051
}
1052
}
1053
1054
TEMP_FAILURE_RETRY(closedir(dir));
1055
dir = NULL;
1056
free_plugin(getplugin(NULL));
1057
1058
for(plugin *p = plugin_list; p != NULL; p = p->next){
1059
if(p->pid != 0){
80
close(pipefd[0]); /* close unused read end of pipe */
81
dup2(pipefd[1], STDOUT_FILENO); /* replace our stdout */
82
/* create a new modified argument list */
83
char **new_argv = malloc(sizeof(char *) * argc + 1);
84
new_argv[0] = filename;
85
for(int i = 1; i < argc; i++){
86
new_argv[i] = argv[i];
87
}
88
new_argv[argc] = NULL;
89
if(execv(filename, new_argv) < 0){
90
perror(argv[0]);
91
close(pipefd[1]);
92
exit(EXIT_FAILURE);
93
}
94
/* no return */
95
}
96
close(pipefd[1]); /* close unused write end of pipe */
97
new_process->fd = pipefd[0];
98
new_process->buffer = malloc(BUFFER_SIZE);
99
if (new_process->buffer == NULL){
100
perror(argv[0]);
101
goto end;
102
}
103
new_process->buffer_size = BUFFER_SIZE;
104
new_process->buffer_length = 0;
105
FD_SET(new_process->fd, &rfds_orig);
106
107
if (maxfd < new_process->fd){
108
maxfd = new_process->fd;
109
}
110
111
//List handling
112
new_process->next = process_list;
113
process_list = new_process;
114
}
115
}
116
117
closedir(dir);
118
119
if (process_list != NULL){
120
while(true){
121
fd_set rfds = rfds_orig;
122
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
123
if (select_ret == -1){
124
perror(argv[0]);
125
goto end;
126
}else{
127
for(process *process_itr = process_list; process_itr != NULL;
128
process_itr = process_itr->next){
129
if(FD_ISSET(process_itr->fd, &rfds)){
130
if(process_itr->buffer_length + BUFFER_SIZE
131
> process_itr->buffer_size){
132
process_itr->buffer = realloc(process_itr->buffer,
133
process_itr->buffer_size
134
+ BUFFER_SIZE);
135
if (process_itr->buffer == NULL){
136
perror(argv[0]);
137
goto end;
138
}
139
process_itr->buffer_size += BUFFER_SIZE;
140
}
141
ret = read(process_itr->fd, process_itr->buffer
142
+ process_itr->buffer_length, BUFFER_SIZE);
143
process_itr->buffer_length+=ret;
144
if(ret == 0){
145
/* got EOF */
146
/* wait for process exit */
147
int status;
148
waitpid(process_itr->pid, &status, 0);
149
if(WIFEXITED(status) and WEXITSTATUS(status) == 0){
150
write(STDOUT_FILENO, process_itr->buffer,
151
process_itr->buffer_length);
152
goto end;
153
} else {
154
FD_CLR(process_itr->fd, &rfds_orig);
155
}
156
}
157
}
158
}
159
}
160
}
161
}
162
163
end:
164
for(process *process_itr = process_list; process_itr != NULL;
165
process_itr = process_itr->next){
166
close(process_itr->fd);
167
kill(process_itr->pid, SIGTERM);
168
free(process_itr->buffer);
169
}
170
171
while(true){
172
int status;
173
ret = wait(&status);
174
if (ret == -1){
175
if(errno != ECHILD){
176
perror("wait");
177
}
1060
178
break;
1061
179
}
1062
if(p->next == NULL){
1063
fprintf(stderr, "No plugin processes started. Incorrect plugin"
1064
" directory?\n");
1065
free_plugin_list();
1066
}
1067
}
1068
1069
/* Main loop while running plugins exist */
1070
while(plugin_list){
1071
fd_set rfds = rfds_all;
1072
int select_ret = select(maxfd+1, &rfds, NULL, NULL, NULL);
1073
if(select_ret == -1 and errno != EINTR){
1074
error(0, errno, "select");
1075
exitstatus = EX_OSERR;
1076
goto fallback;
1077
}
1078
/* OK, now either a process completed, or something can be read
1079
from one of them */
1080
for(plugin *proc = plugin_list; proc != NULL;){
1081
/* Is this process completely done? */
1082
if(proc->completed and proc->eof){
1083
/* Only accept the plugin output if it exited cleanly */
1084
if(not WIFEXITED(proc->status)
1085
or WEXITSTATUS(proc->status) != 0){
1086
/* Bad exit by plugin */
1087
1088
if(debug){
1089
if(WIFEXITED(proc->status)){
1090
fprintf(stderr, "Plugin %s [%" PRIdMAX "] exited with"
1091
" status %d\n", proc->name,
1092
(intmax_t) (proc->pid),
1093
WEXITSTATUS(proc->status));
1094
} else if(WIFSIGNALED(proc->status)){
1095
fprintf(stderr, "Plugin %s [%" PRIdMAX "] killed by"
1096
" signal %d: %s\n", proc->name,
1097
(intmax_t) (proc->pid),
1098
WTERMSIG(proc->status),
1099
strsignal(WTERMSIG(proc->status)));
1100
} else if(WCOREDUMP(proc->status)){
1101
fprintf(stderr, "Plugin %s [%" PRIdMAX "] dumped"
1102
" core\n", proc->name, (intmax_t) (proc->pid));
1103
}
1104
}
1105
1106
/* Remove the plugin */
1107
FD_CLR(proc->fd, &rfds_all); /* Spurious warning from
1108
-Wconversion */
1109
1110
/* Block signal while modifying process_list */
1111
ret = (int)TEMP_FAILURE_RETRY(sigprocmask
1112
(SIG_BLOCK,
1113
&sigchld_action.sa_mask,
1114
NULL));
1115
if(ret < 0){
1116
error(0, errno, "sigprocmask");
1117
exitstatus = EX_OSERR;
1118
goto fallback;
1119
}
1120
1121
plugin *next_plugin = proc->next;
1122
free_plugin(proc);
1123
proc = next_plugin;
1124
1125
/* We are done modifying process list, so unblock signal */
1126
ret = (int)(TEMP_FAILURE_RETRY
1127
(sigprocmask(SIG_UNBLOCK,
1128
&sigchld_action.sa_mask, NULL)));
1129
if(ret < 0){
1130
error(0, errno, "sigprocmask");
1131
exitstatus = EX_OSERR;
1132
goto fallback;
1133
}
1134
1135
if(plugin_list == NULL){
1136
break;
1137
}
1138
1139
continue;
1140
}
1141
1142
/* This process exited nicely, so print its buffer */
1143
1144
bool bret = print_out_password(proc->buffer,
1145
proc->buffer_length);
1146
if(not bret){
1147
error(0, errno, "print_out_password");
1148
exitstatus = EX_IOERR;
1149
}
1150
goto fallback;
1151
}
1152
1153
/* This process has not completed. Does it have any output? */
1154
if(proc->eof or not FD_ISSET(proc->fd, &rfds)){ /* Spurious
1155
warning from
1156
-Wconversion */
1157
/* This process had nothing to say at this time */
1158
proc = proc->next;
1159
continue;
1160
}
1161
/* Before reading, make the process' data buffer large enough */
1162
if(proc->buffer_length + BUFFER_SIZE > proc->buffer_size){
1163
proc->buffer = realloc(proc->buffer, proc->buffer_size
1164
+ (size_t) BUFFER_SIZE);
1165
if(proc->buffer == NULL){
1166
error(0, errno, "malloc");
1167
exitstatus = EX_OSERR;
1168
goto fallback;
1169
}
1170
proc->buffer_size += BUFFER_SIZE;
1171
}
1172
/* Read from the process */
1173
sret = TEMP_FAILURE_RETRY(read(proc->fd,
1174
proc->buffer
1175
+ proc->buffer_length,
1176
BUFFER_SIZE));
1177
if(sret < 0){
1178
/* Read error from this process; ignore the error */
1179
proc = proc->next;
1180
continue;
1181
}
1182
if(sret == 0){
1183
/* got EOF */
1184
proc->eof = true;
1185
} else {
1186
proc->buffer_length += (size_t) sret;
1187
}
1188
}
1189
}
1190
1191
1192
fallback:
1193
1194
if(plugin_list == NULL or (exitstatus != EXIT_SUCCESS
1195
and exitstatus != EX_OK)){
1196
/* Fallback if all plugins failed, none are found or an error
1197
occured */
1198
bool bret;
1199
fprintf(stderr, "Going to fallback mode using getpass(3)\n");
1200
char *passwordbuffer = getpass("Password: ");
1201
size_t len = strlen(passwordbuffer);
1202
/* Strip trailing newline */
1203
if(len > 0 and passwordbuffer[len-1] == '\n'){
1204
passwordbuffer[len-1] = '\0'; /* not strictly necessary */
1205
len--;
1206
}
1207
bret = print_out_password(passwordbuffer, len);
1208
if(not bret){
1209
error(0, errno, "print_out_password");
1210
exitstatus = EX_IOERR;
1211
}
1212
}
1213
1214
/* Restore old signal handler */
1215
ret = sigaction(SIGCHLD, &old_sigchld_action, NULL);
1216
if(ret == -1){
1217
error(0, errno, "sigaction");
1218
exitstatus = EX_OSERR;
1219
}
1220
1221
if(custom_argv != NULL){
1222
for(char **arg = custom_argv+1; *arg != NULL; arg++){
1223
free(*arg);
1224
}
1225
free(custom_argv);
1226
}
1227
1228
if(dir != NULL){
1229
closedir(dir);
1230
}
1231
1232
/* Kill the processes */
1233
for(plugin *p = plugin_list; p != NULL; p = p->next){
1234
if(p->pid != 0){
1235
close(p->fd);
1236
ret = kill(p->pid, SIGTERM);
1237
if(ret == -1 and errno != ESRCH){
1238
/* Set-uid proccesses might not get closed */
1239
error(0, errno, "kill");
1240
}
1241
}
1242
}
1243
1244
/* Wait for any remaining child processes to terminate */
1245
do {
1246
ret = wait(NULL);
1247
} while(ret >= 0);
1248
if(errno != ECHILD){
1249
error(0, errno, "wait");
1250
}
1251
1252
free_plugin_list();
1253
1254
free(plugindir);
1255
free(argfile);
1256
1257
return exitstatus;
180
}
181
return EXIT_SUCCESS;
1258
182
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0