ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/libptytty/src/ptytty.C
(Generate patch)

Comparing libptytty/src/ptytty.C (file contents):
Revision 1.3 by root, Sat Jan 21 22:06:16 2006 UTC vs.
Revision 1.17 by root, Mon Jan 23 11:22:52 2006 UTC

1// This file is part of libptytty. Do not make local modifications.
2// http://software.schmorp.de/pkg/libptytty
3
1/*--------------------------------*-C-*---------------------------------* 4/*----------------------------------------------------------------------*
2 * File: ptytty.C 5 * File: ptytty.C
3 *----------------------------------------------------------------------* 6 *----------------------------------------------------------------------*
4 * 7 *
5 * All portions of code are copyright by their respective author/s. 8 * All portions of code are copyright by their respective author/s.
6 * Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com> 9 * Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com>
7 * Copyright (c) 2004-2006 Marc Lehmann <pcg@goof.com> 10 * Copyright (c) 2004-2006 Marc Lehmann <pcg@goof.com>
11 * Copyright (c) 2006 Emanuele Giaquinta <e.giaquinta@glauco.it>
8 * 12 *
9 * This program is free software; you can redistribute it and/or modify 13 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by 14 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or 15 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version. 16 * (at your option) any later version.
19 * You should have received a copy of the GNU General Public License 23 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software 24 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 25 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 *---------------------------------------------------------------------*/ 26 *---------------------------------------------------------------------*/
23 27
24#include "../config.h" /* NECESSARY */ 28#include "../config.h"
25 29
26#include "fdpass.h"
27#include "ptytty.h" 30#include "ptytty.h"
28 31
29#include <cstdlib> 32#include <cstdlib>
30#include <cstring> 33#include <cstring>
31 34
232 235
233 ioctl (fd_tty, TIOCSCTTY, NULL); 236 ioctl (fd_tty, TIOCSCTTY, NULL);
234 237
235 int fd = open ("/dev/tty", O_WRONLY); 238 int fd = open ("/dev/tty", O_WRONLY);
236 if (fd < 0) 239 if (fd < 0)
237 return -1; /* fatal */ 240 return -1; /* fatal */
238 241
239 close (fd); 242 close (fd);
240 243
241 return 0; 244 return 0;
242} 245}
243 246
244void 247void
245rxvt_ptytty::close_tty () 248ptytty::close_tty ()
246{ 249{
247 if (tty < 0) 250 if (tty < 0)
248 return; 251 return;
249 252
250 close (tty); 253 close (tty);
251 tty = -1; 254 tty = -1;
252} 255}
253 256
254bool 257bool
255rxvt_ptytty::make_controlling_tty () 258ptytty::make_controlling_tty ()
256{ 259{
257 return control_tty (tty) >= 0; 260 return control_tty (tty) >= 0;
258} 261}
259 262
260void 263void
261rxvt_ptytty::set_utf8_mode (bool on) 264ptytty::set_utf8_mode (bool on)
262{ 265{
263#ifdef IUTF8 266#ifdef IUTF8
264 if (pty < 0) 267 if (pty < 0)
265 return; 268 return;
266 269
305 gid = 0; 308 gid = 0;
306 } 309 }
307 } 310 }
308} ttyconf; 311} ttyconf;
309 312
310rxvt_ptytty_unix::rxvt_ptytty_unix () 313ptytty_unix::ptytty_unix ()
311{ 314{
312 name = 0; 315 name = 0;
313#if UTMP_SUPPORT 316#if UTMP_SUPPORT
314 cmd_pid = 0; 317 cmd_pid = 0;
315#endif 318#endif
316} 319}
317 320
318rxvt_ptytty_unix::~rxvt_ptytty_unix () 321ptytty_unix::~ptytty_unix ()
319{ 322{
320#if UTMP_SUPPORT 323#if UTMP_SUPPORT
321 logout (); 324 logout ();
322#endif 325#endif
323 put (); 326 put ();
324} 327}
325 328
326void 329void
327rxvt_ptytty_unix::put () 330ptytty_unix::put ()
328{ 331{
329 chmod (name, RESTORE_TTY_MODE); 332 chmod (name, RESTORE_TTY_MODE);
330 chown (name, 0, ttyconf.gid); 333 chown (name, 0, ttyconf.gid);
331 334
332 close_tty (); 335 close_tty ();
339 pty = tty = -1; 342 pty = tty = -1;
340 name = 0; 343 name = 0;
341} 344}
342 345
343bool 346bool
344rxvt_ptytty_unix::get () 347ptytty_unix::get ()
345{ 348{
346 /* get master (pty) */ 349 /* get master (pty) */
347 if ((pty = get_pty (&tty, &name)) < 0) 350 if ((pty = get_pty (&tty, &name)) < 0)
348 return false; 351 return false;
349 352
368 } 371 }
369 372
370 return true; 373 return true;
371} 374}
372 375
376/////////////////////////////////////////////////////////////////////////////
377// helper/proxy support
378
373#if PTYTTY_HELPER 379#if PTYTTY_HELPER
374 380
375static int sock_fd; 381static int sock_fd = -1;
376static int pid; 382static int helper_pid, owner_pid;
377 383
378struct command 384struct command
379{ 385{
380 enum { get, login, destroy } type; 386 enum { get, login, destroy } type;
381 387
382 rxvt_ptytty *id; 388 ptytty *id;
383 389
384 bool login_shell; 390 bool login_shell;
385 int cmd_pid; 391 int cmd_pid;
386 char hostname[512]; // arbitrary, but should be plenty 392 char hostname[512]; // arbitrary, but should be plenty
387}; 393};
388 394
389struct rxvt_ptytty_proxy : zero_initialized, rxvt_ptytty 395struct ptytty_proxy : ptytty
390{ 396{
391 rxvt_ptytty *id; 397 ptytty *id;
392 398
399 ptytty_proxy ()
400 : id(0)
401 {
402 }
403
393 ~rxvt_ptytty_proxy (); 404 ~ptytty_proxy ();
394 405
395 bool get (); 406 bool get ();
396 void login (int cmd_pid, bool login_shell, const char *hostname); 407 void login (int cmd_pid, bool login_shell, const char *hostname);
397}; 408};
398 409
399bool 410bool
400rxvt_ptytty_proxy::get () 411ptytty_proxy::get ()
401{ 412{
402 command cmd; 413 command cmd;
403 414
404 cmd.type = command::get; 415 cmd.type = command::get;
405 416
406 write (sock_fd, &cmd, sizeof (cmd)); 417 write (sock_fd, &cmd, sizeof (cmd));
407 418
408 if (read (sock_fd, &id, sizeof (id)) != sizeof (id)) 419 if (read (sock_fd, &id, sizeof (id)) != sizeof (id))
409 rxvt_fatal ("protocol error while creating pty using helper process, aborting.\n"); 420 ptytty_fatal ("protocol error while creating pty using helper process, aborting.\n");
410 421
411 if (!id) 422 if (!id)
412 return false; 423 return false;
413 424
414 if ((pty = rxvt_recv_fd (sock_fd)) < 0 425 if ((pty = recv_fd (sock_fd)) < 0
415 || (tty = rxvt_recv_fd (sock_fd)) < 0) 426 || (tty = recv_fd (sock_fd)) < 0)
416 rxvt_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n"); 427 ptytty_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n");
417 428
418 return true; 429 return true;
419} 430}
420 431
421void 432void
422rxvt_ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname) 433ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname)
423{ 434{
424 command cmd; 435 command cmd;
425 436
426 cmd.type = command::login; 437 cmd.type = command::login;
427 cmd.id = id; 438 cmd.id = id;
430 strncpy (cmd.hostname, hostname, sizeof (cmd.hostname)); 441 strncpy (cmd.hostname, hostname, sizeof (cmd.hostname));
431 442
432 write (sock_fd, &cmd, sizeof (cmd)); 443 write (sock_fd, &cmd, sizeof (cmd));
433} 444}
434 445
435rxvt_ptytty_proxy::~rxvt_ptytty_proxy () 446ptytty_proxy::~ptytty_proxy ()
436{ 447{
448 if (id)
449 {
437 command cmd; 450 command cmd;
438 451
439 cmd.type = command::destroy; 452 cmd.type = command::destroy;
440 cmd.id = id; 453 cmd.id = id;
441 454
442 write (sock_fd, &cmd, sizeof (cmd)); 455 write (sock_fd, &cmd, sizeof (cmd));
456 }
443} 457}
444 458
445static 459static
446void serve () 460void serve ()
447{ 461{
448 command cmd; 462 command cmd;
449 vector<rxvt_ptytty *> ptys; 463 vector<ptytty *> ptys;
450 464
451 while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command)) 465 while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command))
452 { 466 {
453 if (cmd.type == command::get) 467 if (cmd.type == command::get)
454 { 468 {
455 // -> id ptyfd ttyfd 469 // -> id ptyfd ttyfd
456 cmd.id = new rxvt_ptytty_unix; 470 cmd.id = new ptytty_unix;
457 471
458 if (cmd.id->get ()) 472 if (cmd.id->get ())
459 { 473 {
460 write (sock_fd, &cmd.id, sizeof (cmd.id)); 474 write (sock_fd, &cmd.id, sizeof (cmd.id));
461 ptys.push_back (cmd.id); 475 ptys.push_back (cmd.id);
462 476
463 rxvt_send_fd (sock_fd, cmd.id->pty); 477 ptytty::send_fd (sock_fd, cmd.id->pty);
464 rxvt_send_fd (sock_fd, cmd.id->tty); 478 ptytty::send_fd (sock_fd, cmd.id->tty);
465 } 479 }
466 else 480 else
467 { 481 {
468 delete cmd.id; 482 delete cmd.id;
469 cmd.id = 0; 483 cmd.id = 0;
471 } 485 }
472 } 486 }
473 else if (cmd.type == command::login) 487 else if (cmd.type == command::login)
474 { 488 {
475#if UTMP_SUPPORT 489#if UTMP_SUPPORT
476 if (find (ptys.begin (), ptys.end (), cmd.id)) 490 if (find (ptys.begin (), ptys.end (), cmd.id) != ptys.end ())
477 { 491 {
478 cmd.hostname[sizeof (cmd.hostname) - 1] = 0; 492 cmd.hostname[sizeof (cmd.hostname) - 1] = 0;
479 cmd.id->login (cmd.cmd_pid, cmd.login_shell, cmd.hostname); 493 cmd.id->login (cmd.cmd_pid, cmd.login_shell, cmd.hostname);
480 } 494 }
481#endif 495#endif
482 } 496 }
483 else if (cmd.type == command::destroy) 497 else if (cmd.type == command::destroy)
484 { 498 {
485 rxvt_ptytty **pty = find (ptys.begin (), ptys.end (), cmd.id); 499 vector<ptytty *>::iterator pty = find (ptys.begin (), ptys.end (), cmd.id);
486 500
487 if (pty) 501 if (pty != ptys.end ())
488 { 502 {
489 delete *pty; 503 delete *pty;
490 ptys.erase (pty); 504 ptys.erase (pty);
491 } 505 }
492 } 506 }
493 else 507 else
494 break; 508 break;
495 } 509 }
496 510
497 // destroy all ptys 511 // destroy all ptys
498 for (rxvt_ptytty **i = ptys.end (); i-- > ptys.begin (); ) 512 for (vector<ptytty *>::iterator i = ptys.end (); i-- > ptys.begin (); )
499 delete *i; 513 delete *i;
500} 514}
501 515
502void rxvt_ptytty_server () 516void
517ptytty::use_helper ()
503{ 518{
519 int pid = getpid ();
520
521 if (sock_fd >= 0 && pid == owner_pid)
522 return;
523
524 owner_pid = pid;
525
504 int sv[2]; 526 int sv[2];
505 527
506 if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv)) 528 if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv))
507 rxvt_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n"); 529 ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n");
508 530
509 pid = fork (); 531 helper_pid = fork ();
510 532
511 if (pid < 0) 533 if (helper_pid < 0)
512 rxvt_fatal ("could not create pty/sessiondb helper process, aborting.\n"); 534 ptytty_fatal ("could not create pty/sessiondb helper process, aborting.\n");
513 535
514 if (pid) 536 if (helper_pid)
515 { 537 {
516 // client, urxvt 538 // client, process
517 sock_fd = sv[0]; 539 sock_fd = sv[0];
518 close (sv[1]); 540 close (sv[1]);
519 fcntl (sock_fd, F_SETFD, FD_CLOEXEC); 541 fcntl (sock_fd, F_SETFD, FD_CLOEXEC);
520 } 542 }
521 else 543 else
522 { 544 {
523 // server, pty-helper 545 // server, pty-helper
524 sock_fd = sv[1]; 546 sock_fd = sv[1];
525 547
548 chdir ("/");
549
526 for (int fd = 0; fd < 1023; fd++) 550 for (int fd = 0; fd < 1023; fd++)
527 if (fd != sock_fd) 551 if (fd != sock_fd)
528 close (fd); 552 close (fd);
529 553
530 serve (); 554 serve ();
532 } 556 }
533} 557}
534 558
535#endif 559#endif
536 560
537// a "factory" *g*
538rxvt_ptytty * 561ptytty *
539rxvt_new_ptytty () 562ptytty::create ()
540{ 563{
541#if PTYTTY_HELPER 564#if PTYTTY_HELPER
542 if (pid > 0) 565 if (helper_pid && getpid () == owner_pid)
543 // use helper process 566 // use helper process
544 return new rxvt_ptytty_proxy; 567 return new ptytty_proxy;
545 else 568 else
546#endif 569#endif
547 return new rxvt_ptytty_unix; 570 return new ptytty_unix;
548} 571}
549 572
550/*----------------------- end-of-file (C source) -----------------------*/ 573void
574ptytty::init ()
575{
576 uid_t uid = getuid ();
577 gid_t gid = getgid ();
578
579 // before doing anything else, check for setuid/setgid operation,
580 // start the helper process and drop privileges
581 if (uid != geteuid ()
582 || gid != getegid ())
583 {
584#if PTYTTY_HELPER
585 use_helper ();
586#else
587 ptytty_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n");
588#endif
551 589
590 drop_privileges ();
591 }
592}
593
594void
595ptytty::drop_privileges ()
596{
597 uid_t uid = getuid ();
598 gid_t gid = getgid ();
599
600 // drop privileges
601#if HAVE_SETRESUID
602 setresgid (gid, gid, gid);
603 setresuid (uid, uid, uid);
604#elif HAVE_SETREUID
605 setregid (gid, gid);
606 setreuid (uid, uid);
607#elif HAVE_SETUID
608 setgid (gid);
609 setuid (uid);
610#endif
611
612 if (uid != geteuid ()
613 || gid != getegid ())
614 ptytty_fatal ("unable to drop privileges, aborting.\n");
615}
616
617/////////////////////////////////////////////////////////////////////////////
618// C API
619
620#ifndef NO_C_API
621
622#define DEFINE_METHOD(retval, name, args1, args2) \
623extern "C" retval ptytty_ ## name args1 \
624{ return ((struct ptytty *)ptytty)->name args2; }
625
626DEFINE_METHOD(int,pty,(void *ptytty),)
627DEFINE_METHOD(int,tty,(void *ptytty),)
628DEFINE_METHOD(int,get,(void *ptytty),())
629DEFINE_METHOD(void,login,(void *ptytty, int cmd_pid, bool login_shell, const char *hostname),(cmd_pid,login_shell,hostname))
630
631DEFINE_METHOD(void,close_tty,(void *ptytty),())
632DEFINE_METHOD(int,make_controlling_tty,(void *ptytty),())
633DEFINE_METHOD(void,set_utf8_mode,(void *ptytty, int on),(on))
634
635#define DEFINE_STATIC(retval, name, args) \
636 retval ptytty_ ## name args \
637{ return ptytty::name args; }
638
639DEFINE_STATIC(void,drop_privileges,())
640DEFINE_STATIC(void,use_helper,())
641DEFINE_STATIC(void,init,())
642
643DEFINE_STATIC(void *,create,())
644
645void ptytty_delete (void *ptytty)
646{
647 delete (struct ptytty *)ptytty;
648}
649
650// send_fd, recv_fd not exposed
651
652#endif

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines