--- rxvt-unicode/src/ptytty.C	2006/01/22 00:48:13	1.54
+++ rxvt-unicode/src/ptytty.C	2006/01/23 12:37:59	1.60
@@ -1,10 +1,14 @@
-/*--------------------------------*-C-*---------------------------------*
+// This file is part of libptytty. Do not make local modifications.
+// http://software.schmorp.de/pkg/libptytty
+
+/*----------------------------------------------------------------------*
  * File:	ptytty.C
  *----------------------------------------------------------------------*
  *
  * All portions of code are copyright by their respective author/s.
  * Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com>
  * Copyright (c) 2004-2006 Marc Lehmann <pcg@goof.com>
+ * Copyright (c) 2006      Emanuele Giaquinta <e.giaquinta@glauco.it>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -21,13 +25,13 @@
  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  *---------------------------------------------------------------------*/
 
-#include "../config.h"		/* NECESSARY */
+#include "../config.h"
 
-#include "fdpass.h"
 #include "ptytty.h"
 
 #include <cstdlib>
 #include <cstring>
+#include <csignal>
 
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -234,7 +238,7 @@
 
   int fd = open ("/dev/tty", O_WRONLY);
   if (fd < 0)
-    return -1;		/* fatal */
+    return -1; /* fatal */
 
   close (fd);
 
@@ -370,10 +374,13 @@
   return true;
 }
 
+/////////////////////////////////////////////////////////////////////////////
+// helper/proxy support
+
 #if PTYTTY_HELPER
 
-static int sock_fd;
-static int pid;
+static int sock_fd = -1, lock_fd = -1;
+static int helper_pid, owner_pid;
 
 struct command
 {
@@ -401,9 +408,19 @@
   void login (int cmd_pid, bool login_shell, const char *hostname);
 };
 
+#if PTYTTY_REENTRANT
+# define NEED_TOKEN do { char ch; read  (lock_fd, &ch, 1); } while (0)
+# define GIVE_TOKEN do { char ch; write (lock_fd, &ch, 1); } while (0)
+#else
+# define NEED_TOKEN (void)0
+# define GIVE_TOKEN (void)0
+#endif
+
 bool
 ptytty_proxy::get ()
 {
+  NEED_TOKEN;
+
   command cmd;
 
   cmd.type = command::get;
@@ -411,21 +428,27 @@
   write (sock_fd, &cmd, sizeof (cmd));
 
   if (read (sock_fd, &id, sizeof (id)) != sizeof (id))
-    fatal ("protocol error while creating pty using helper process, aborting.\n");
+    ptytty_fatal ("protocol error while creating pty using helper process, aborting.\n");
 
   if (!id)
-    return false;
+    {
+      GIVE_TOKEN;
+      return false;
+    }
 
-  if ((pty = ptytty_recv_fd (sock_fd)) < 0
-      || (tty = ptytty_recv_fd (sock_fd)) < 0)
-    fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n");
+  if ((pty = recv_fd (sock_fd)) < 0
+      || (tty = recv_fd (sock_fd)) < 0)
+    ptytty_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n");
 
+  GIVE_TOKEN;
   return true;
 }
 
 void
 ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname)
 {
+  NEED_TOKEN;
+
   command cmd;
 
   cmd.type = command::login;
@@ -435,18 +458,24 @@
   strncpy (cmd.hostname, hostname, sizeof (cmd.hostname));
 
   write (sock_fd, &cmd, sizeof (cmd));
+
+  GIVE_TOKEN;
 }
 
 ptytty_proxy::~ptytty_proxy ()
 {
   if (id)
     {
+      NEED_TOKEN;
+
       command cmd;
 
       cmd.type = command::destroy;
       cmd.id = id;
 
       write (sock_fd, &cmd, sizeof (cmd));
+
+      GIVE_TOKEN;
     }
 }
 
@@ -456,8 +485,13 @@
   command cmd;
   vector<ptytty *> ptys;
 
-  while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command))
+  for (;;)
     {
+      GIVE_TOKEN;
+
+      if (read (sock_fd, &cmd, sizeof (command)) != sizeof (command))
+        break;
+
       if (cmd.type == command::get)
         {
           // -> id ptyfd ttyfd
@@ -468,8 +502,8 @@
               write (sock_fd, &cmd.id, sizeof (cmd.id));
               ptys.push_back (cmd.id);
 
-              ptytty_send_fd (sock_fd, cmd.id->pty);
-              ptytty_send_fd (sock_fd, cmd.id->tty);
+              ptytty::send_fd (sock_fd, cmd.id->pty);
+              ptytty::send_fd (sock_fd, cmd.id->tty);
             }
           else
             {
@@ -481,7 +515,7 @@
       else if (cmd.type == command::login)
         {
 #if UTMP_SUPPORT
-          if (find (ptys.begin (), ptys.end (), cmd.id))
+          if (find (ptys.begin (), ptys.end (), cmd.id) != ptys.end ())
             {
               cmd.hostname[sizeof (cmd.hostname) - 1] = 0;
               cmd.id->login (cmd.cmd_pid, cmd.login_shell, cmd.hostname);
@@ -490,9 +524,9 @@
         }
       else if (cmd.type == command::destroy)
         {
-          ptytty **pty = find (ptys.begin (), ptys.end (), cmd.id);
+          vector<ptytty *>::iterator pty = find (ptys.begin (), ptys.end (), cmd.id);
 
-          if (pty)
+          if (pty != ptys.end ())
             {
               delete *pty;
               ptys.erase (pty);
@@ -500,39 +534,79 @@
         }
       else
         break;
+
+      NEED_TOKEN;
     }
 
   // destroy all ptys
-  for (ptytty **i = ptys.end (); i-- > ptys.begin (); )
+  for (vector<ptytty *>::iterator i = ptys.end (); i-- > ptys.begin (); )
     delete *i;
 }
 
-void ptytty_server ()
+void
+ptytty::use_helper ()
 {
+#ifndef PTYTTY_NO_PID_CHECK
+  int pid = getpid ();
+#endif
+
+  if (sock_fd >= 0
+#ifndef PTYTTY_NO_PID_CHECK
+      && pid == owner_pid
+#endif
+      )
+    return;
+
+#ifndef PTYTTY_NO_PID_CHECK
+  owner_pid = pid;
+#endif
+
   int sv[2];
 
   if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv))
-    fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n");
+    ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n");
+
+#ifdef PTYTTY_REENTRANT
+  int lv[2];
+
+  if (socketpair (AF_UNIX, SOCK_STREAM, 0, lv))
+    ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n");
+#endif
 
-  pid = fork ();
+  helper_pid = fork ();
 
-  if (pid < 0)
-    fatal ("could not create pty/sessiondb helper process, aborting.\n");
+  if (helper_pid < 0)
+    ptytty_fatal ("could not create pty/sessiondb helper process, aborting.\n");
 
-  if (pid)
+  if (helper_pid)
     {
       // client, process
       sock_fd = sv[0];
       close (sv[1]);
       fcntl (sock_fd, F_SETFD, FD_CLOEXEC);
+#ifdef PTYTTY_REENTRANT
+      lock_fd = lv[0];
+      close (lv[1]);
+      fcntl (lock_fd, F_SETFD, FD_CLOEXEC);
+#endif
     }
   else
     {
       // server, pty-helper
       sock_fd = sv[1];
+#ifdef PTYTTY_REENTRANT
+      lock_fd = lv[1];
+#endif
+
+      chdir ("/");
+
+      signal (SIGHUP,  SIG_IGN);
+      signal (SIGTERM, SIG_IGN);
+      signal (SIGINT,  SIG_IGN);
+      signal (SIGPIPE, SIG_IGN);
 
       for (int fd = 0; fd < 1023; fd++)
-        if (fd != sock_fd)
+        if (fd != sock_fd && fd != lock_fd)
           close (fd);
 
       serve ();
@@ -542,12 +616,15 @@
 
 #endif
 
-// a "factory" *g*
 ptytty *
-new_ptytty ()
+ptytty::create ()
 {
 #if PTYTTY_HELPER
-  if (pid > 0)
+  if (helper_pid
+# ifndef PTYTTY_NO_PID_CHECK
+      && getpid () == owner_pid
+# endif
+      )
     // use helper process
     return new ptytty_proxy;
   else
@@ -555,5 +632,85 @@
     return new ptytty_unix;
 }
 
-/*----------------------- end-of-file (C source) -----------------------*/
+void
+ptytty::init ()
+{
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+      
+  // before doing anything else, check for setuid/setgid operation,
+  // start the helper process and drop privileges
+  if (uid != geteuid ()
+      || gid != getegid ())
+    {
+#if PTYTTY_HELPER
+      use_helper ();
+#else
+      ptytty_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n");
+#endif
+
+      drop_privileges ();
+    }
+}
+
+void
+ptytty::drop_privileges ()
+{
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+
+  // drop privileges
+#if HAVE_SETRESUID
+  setresgid (gid, gid, gid);
+  setresuid (uid, uid, uid);
+#elif HAVE_SETREUID
+  setregid (gid, gid);
+  setreuid (uid, uid);
+#elif HAVE_SETUID
+  setgid (gid);
+  setuid (uid);
+#endif
+
+  if (uid != geteuid ()
+      || gid != getegid ())
+    ptytty_fatal ("unable to drop privileges, aborting.\n");
+}
 
+/////////////////////////////////////////////////////////////////////////////
+// C API
+
+#ifndef PTYTTY_NO_C_API
+
+typedef void *PTYTTY;
+
+#define DEFINE_METHOD(retval, name, args1, args2) \
+extern "C" retval ptytty_ ## name args1           \
+{ return ((struct ptytty *)ptytty)->name args2; }
+
+DEFINE_METHOD(int,pty,(PTYTTY ptytty),)
+DEFINE_METHOD(int,tty,(PTYTTY ptytty),)
+DEFINE_METHOD(int,get,(PTYTTY ptytty),())
+DEFINE_METHOD(void,login,(PTYTTY ptytty, int cmd_pid, bool login_shell, const char *hostname),(cmd_pid,login_shell,hostname))
+
+DEFINE_METHOD(void,close_tty,(PTYTTY ptytty),())
+DEFINE_METHOD(int,make_controlling_tty,(PTYTTY ptytty),())
+DEFINE_METHOD(void,set_utf8_mode,(PTYTTY ptytty, int on),(on))
+
+#define DEFINE_STATIC(retval, name, args) \
+extern "C" retval ptytty_ ## name args           \
+{ return ptytty::name args; }
+
+DEFINE_STATIC(void,drop_privileges,())
+DEFINE_STATIC(void,use_helper,())
+DEFINE_STATIC(void,init,())
+
+DEFINE_STATIC(PTYTTY ,create,())
+
+void ptytty_delete (PTYTTY ptytty)
+{
+  delete (struct ptytty *)ptytty;
+}
+
+// send_fd, recv_fd not exposed
+
+#endif