/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

  • Committer: Teddy Hogeborn
  • Date: 2014-06-07 21:59:20 UTC
  • Revision ID: teddy@recompile.se-20140607215920-r4qkj7ktnjyqmrn5
Make mandos-client use fexecve().

* plugins.d/mandos-client.d (run_network_hooks): Use fexecve().

Show diffs side-by-side

added added

removed removed

Lines of Context:
plugins.d/mandos-client.c
1589
1589
  int devnull = open("/dev/null", O_RDONLY);
1590
1590
  for(int i = 0; i < numhooks; i++){
1591
1591
    direntry = direntries[i];
1592
 
    char *fullname = NULL;
1593
 
    ret = asprintf(&fullname, "%s/%s", hookdir, direntry->d_name);
1594
 
    if(ret < 0){
1595
 
      perror_plus("asprintf");
1596
 
      continue;
1597
 
    }
1598
1592
    if(debug){
1599
1593
      fprintf_plus(stderr, "Running network hook \"%s\"\n",
1600
1594
                   direntry->d_name);
1676
1670
          _exit(EX_OSERR);
1677
1671
        }
1678
1672
      }
1679
 
      if(execl(fullname, direntry->d_name, mode, NULL) == -1){
1680
 
        perror_plus("execl");
 
1673
      if(fexecve(hookdir_fd, (char *const [])
 
1674
                 { direntry->d_name, NULL }, environ) == -1){
 
1675
        perror_plus("fexecve");
1681
1676
        _exit(EXIT_FAILURE);
1682
1677
      }
1683
1678
    } else {
1684
1679
      int status;
1685
1680
      if(TEMP_FAILURE_RETRY(waitpid(hook_pid, &status, 0)) == -1){
1686
1681
        perror_plus("waitpid");
1687
 
        free(fullname);
1688
1682
        continue;
1689
1683
      }
1690
1684
      if(WIFEXITED(status)){
1692
1686
          fprintf_plus(stderr, "Warning: network hook \"%s\" exited"
1693
1687
                       " with status %d\n", direntry->d_name,
1694
1688
                       WEXITSTATUS(status));
1695
 
          free(fullname);
1696
1689
          continue;
1697
1690
        }
1698
1691
      } else if(WIFSIGNALED(status)){
1699
1692
        fprintf_plus(stderr, "Warning: network hook \"%s\" died by"
1700
1693
                     " signal %d\n", direntry->d_name,
1701
1694
                     WTERMSIG(status));
1702
 
        free(fullname);
1703
1695
        continue;
1704
1696
      } else {
1705
1697
        fprintf_plus(stderr, "Warning: network hook \"%s\""
1706
1698
                     " crashed\n", direntry->d_name);
1707
 
        free(fullname);
1708
1699
        continue;
1709
1700
      }
1710
1701
    }
1711
 
    free(fullname);
1712
1702
    if(debug){
1713
1703
      fprintf_plus(stderr, "Network hook \"%s\" ran successfully\n",
1714
1704
                   direntry->d_name);