1 |
// This file is part of libptytty. Do not make local modifications. |
2 |
// http://software.schmorp.de/pkg/libptytty |
3 |
|
4 |
/*----------------------------------------------------------------------* |
5 |
* File: ptytty.C |
6 |
*----------------------------------------------------------------------* |
7 |
* |
8 |
* All portions of code are copyright by their respective author/s. |
9 |
* Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com> |
10 |
* Copyright (c) 2004-2006 Marc Lehmann <pcg@goof.com> |
11 |
* |
12 |
* This program is free software; you can redistribute it and/or modify |
13 |
* it under the terms of the GNU General Public License as published by |
14 |
* the Free Software Foundation; either version 2 of the License, or |
15 |
* (at your option) any later version. |
16 |
* |
17 |
* This program is distributed in the hope that it will be useful, |
18 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
19 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
20 |
* GNU General Public License for more details. |
21 |
* |
22 |
* You should have received a copy of the GNU General Public License |
23 |
* along with this program; if not, write to the Free Software |
24 |
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
25 |
*---------------------------------------------------------------------*/ |
26 |
|
27 |
#include "../config.h" |
28 |
|
29 |
#include "ptytty.h" |
30 |
|
31 |
#include <cstdlib> |
32 |
#include <cstring> |
33 |
|
34 |
#include <sys/types.h> |
35 |
#include <sys/socket.h> |
36 |
#include <unistd.h> |
37 |
#include <fcntl.h> |
38 |
|
39 |
#ifdef HAVE_SYS_IOCTL_H |
40 |
# include <sys/ioctl.h> |
41 |
#endif |
42 |
#if defined(HAVE_DEV_PTMX) && defined(HAVE_SYS_STROPTS_H) |
43 |
# include <sys/stropts.h> /* for I_PUSH */ |
44 |
#endif |
45 |
#ifdef HAVE_ISASTREAM |
46 |
# include <stropts.h> |
47 |
#endif |
48 |
#if defined(HAVE_PTY_H) |
49 |
# include <pty.h> |
50 |
#elif defined(HAVE_LIBUTIL_H) |
51 |
# include <libutil.h> |
52 |
#elif defined(HAVE_UTIL_H) |
53 |
# include <util.h> |
54 |
#endif |
55 |
#ifdef TTY_GID_SUPPORT |
56 |
#include <grp.h> |
57 |
#endif |
58 |
|
59 |
#include <cstdio> |
60 |
|
61 |
///////////////////////////////////////////////////////////////////////////// |
62 |
|
63 |
/* ------------------------------------------------------------------------- * |
64 |
* GET PSEUDO TELETYPE - MASTER AND SLAVE * |
65 |
* ------------------------------------------------------------------------- */ |
66 |
/* |
67 |
* Returns pty file descriptor, or -1 on failure |
68 |
* If successful, ttydev is set to the name of the slave device. |
69 |
* fd_tty _may_ also be set to an open fd to the slave device |
70 |
*/ |
71 |
#if defined(UNIX98_PTY) |
72 |
static int |
73 |
get_pty (int *fd_tty, char **ttydev) |
74 |
{ |
75 |
int pfd; |
76 |
|
77 |
# if defined(HAVE_GETPT) |
78 |
pfd = getpt(); |
79 |
# elif defined(HAVE_POSIX_OPENPT) |
80 |
pfd = posix_openpt (O_RDWR); |
81 |
# else |
82 |
pfd = open (CLONE_DEVICE, O_RDWR | O_NOCTTY, 0); |
83 |
# endif |
84 |
if (pfd >= 0) |
85 |
{ |
86 |
if (grantpt (pfd) == 0 /* change slave permissions */ |
87 |
&& unlockpt (pfd) == 0) |
88 |
{ /* slave now unlocked */ |
89 |
*ttydev = strdup (ptsname (pfd)); /* get slave's name */ |
90 |
return pfd; |
91 |
} |
92 |
|
93 |
close (pfd); |
94 |
} |
95 |
|
96 |
return -1; |
97 |
} |
98 |
#elif defined(HAVE_OPENPTY) |
99 |
static int |
100 |
get_pty (int *fd_tty, char **ttydev) |
101 |
{ |
102 |
int pfd; |
103 |
int res; |
104 |
char tty_name[32]; |
105 |
|
106 |
res = openpty (&pfd, fd_tty, tty_name, NULL, NULL); |
107 |
if (res != -1) |
108 |
{ |
109 |
*ttydev = strdup (tty_name); |
110 |
return pfd; |
111 |
} |
112 |
|
113 |
return -1; |
114 |
} |
115 |
#elif defined(HAVE__GETPTY) |
116 |
static int |
117 |
get_pty (int *fd_tty, char **ttydev) |
118 |
{ |
119 |
int pfd; |
120 |
|
121 |
*ttydev = _getpty (&pfd, O_RDWR | O_NONBLOCK | O_NOCTTY, 0622, 0); |
122 |
if (*ttydev != NULL) |
123 |
return pfd; |
124 |
|
125 |
return -1; |
126 |
} |
127 |
#elif defined(HAVE_DEV_PTC) |
128 |
static int |
129 |
get_pty (int *fd_tty, char **ttydev) |
130 |
{ |
131 |
int pfd; |
132 |
|
133 |
if ((pfd = open ("/dev/ptc", O_RDWR | O_NOCTTY, 0)) >= 0) |
134 |
{ |
135 |
*ttydev = strdup (ttyname (pfd)); |
136 |
return pfd; |
137 |
} |
138 |
|
139 |
return -1; |
140 |
} |
141 |
#elif defined(HAVE_DEV_CLONE) |
142 |
static int |
143 |
get_pty (int *fd_tty, char **ttydev) |
144 |
{ |
145 |
int pfd; |
146 |
|
147 |
if ((pfd = open ("/dev/ptym/clone", O_RDWR | O_NOCTTY, 0)) >= 0) |
148 |
{ |
149 |
*ttydev = strdup (ptsname (pfd)); |
150 |
return pfd; |
151 |
} |
152 |
|
153 |
return -1; |
154 |
} |
155 |
#else |
156 |
/* Based on the code in openssh/openbsd-compat/bsd-openpty.c */ |
157 |
static int |
158 |
get_pty (int *fd_tty, char **ttydev) |
159 |
{ |
160 |
int pfd; |
161 |
int i; |
162 |
char pty_name[32]; |
163 |
char tty_name[32]; |
164 |
const char *majors = "pqrstuvwxyzabcde"; |
165 |
const char *minors = "0123456789abcdef"; |
166 |
for (i = 0; i < 256; i++) |
167 |
{ |
168 |
snprintf(pty_name, 32, "/dev/pty%c%c", majors[i / 16], minors[i % 16]); |
169 |
snprintf(tty_name, 32, "/dev/tty%c%c", majors[i / 16], minors[i % 16]); |
170 |
if ((pfd = open (pty_name, O_RDWR | O_NOCTTY, 0)) == -1) |
171 |
{ |
172 |
snprintf(pty_name, 32, "/dev/ptyp%d", i); |
173 |
snprintf(tty_name, 32, "/dev/ttyp%d", i); |
174 |
if ((pfd = open (pty_name, O_RDWR | O_NOCTTY, 0)) == -1) |
175 |
continue; |
176 |
} |
177 |
if (access (tty_name, R_OK | W_OK) == 0) |
178 |
{ |
179 |
*ttydev = strdup (tty_name); |
180 |
return pfd; |
181 |
} |
182 |
|
183 |
close (pfd); |
184 |
} |
185 |
} |
186 |
#endif |
187 |
|
188 |
/*----------------------------------------------------------------------*/ |
189 |
/* |
190 |
* Returns tty file descriptor, or -1 on failure |
191 |
*/ |
192 |
static int |
193 |
get_tty (char *ttydev) |
194 |
{ |
195 |
return open (ttydev, O_RDWR | O_NOCTTY, 0); |
196 |
} |
197 |
|
198 |
/*----------------------------------------------------------------------*/ |
199 |
/* |
200 |
* Make our tty a controlling tty so that /dev/tty points to us |
201 |
*/ |
202 |
static int |
203 |
control_tty (int fd_tty) |
204 |
{ |
205 |
setsid (); |
206 |
|
207 |
#if defined(HAVE_DEV_PTMX) && defined(I_PUSH) |
208 |
/* |
209 |
* Push STREAMS modules: |
210 |
* ptem: pseudo-terminal hardware emulation module. |
211 |
* ldterm: standard terminal line discipline. |
212 |
* ttcompat: V7, 4BSD and XENIX STREAMS compatibility module. |
213 |
* |
214 |
* After we push the STREAMS modules, the first open () on the slave side |
215 |
* (i.e. the next section between the dashes giving us "tty opened OK") |
216 |
* should make the "ptem" (or "ldterm" depending upon either which OS |
217 |
* version or which set of manual pages you have) module give us a |
218 |
* controlling terminal. We must already have close ()d the master side |
219 |
* fd in this child process before we push STREAMS modules on because the |
220 |
* documentation is really unclear about whether it is any close () on |
221 |
* the master side or the last close () - i.e. a proper STREAMS dismantling |
222 |
* close () - on the master side which causes a hang up to be sent |
223 |
* through - Geoff Wing |
224 |
*/ |
225 |
# ifdef HAVE_ISASTREAM |
226 |
if (isastream (fd_tty) == 1) |
227 |
# endif |
228 |
{ |
229 |
ioctl (fd_tty, I_PUSH, "ptem"); |
230 |
ioctl (fd_tty, I_PUSH, "ldterm"); |
231 |
ioctl (fd_tty, I_PUSH, "ttcompat"); |
232 |
} |
233 |
#endif |
234 |
|
235 |
ioctl (fd_tty, TIOCSCTTY, NULL); |
236 |
|
237 |
int fd = open ("/dev/tty", O_WRONLY); |
238 |
if (fd < 0) |
239 |
return -1; /* fatal */ |
240 |
|
241 |
close (fd); |
242 |
|
243 |
return 0; |
244 |
} |
245 |
|
246 |
void |
247 |
ptytty::close_tty () |
248 |
{ |
249 |
if (tty < 0) |
250 |
return; |
251 |
|
252 |
close (tty); |
253 |
tty = -1; |
254 |
} |
255 |
|
256 |
bool |
257 |
ptytty::make_controlling_tty () |
258 |
{ |
259 |
return control_tty (tty) >= 0; |
260 |
} |
261 |
|
262 |
void |
263 |
ptytty::set_utf8_mode (bool on) |
264 |
{ |
265 |
#ifdef IUTF8 |
266 |
if (pty < 0) |
267 |
return; |
268 |
|
269 |
struct termios tio; |
270 |
|
271 |
if (tcgetattr (pty, &tio) != -1) |
272 |
{ |
273 |
tcflag_t new_cflag = tio.c_iflag; |
274 |
|
275 |
if (on) |
276 |
new_cflag |= IUTF8; |
277 |
else |
278 |
new_cflag &= ~IUTF8; |
279 |
|
280 |
if (new_cflag != tio.c_iflag) |
281 |
{ |
282 |
tio.c_iflag = new_cflag; |
283 |
tcsetattr (pty, TCSANOW, &tio); |
284 |
} |
285 |
} |
286 |
#endif |
287 |
} |
288 |
|
289 |
static struct ttyconf { |
290 |
gid_t gid; |
291 |
mode_t mode; |
292 |
|
293 |
ttyconf () |
294 |
{ |
295 |
#ifdef TTY_GID_SUPPORT |
296 |
struct group *gr = getgrnam ("tty"); |
297 |
|
298 |
if (gr) |
299 |
{ /* change group ownership of tty to "tty" */ |
300 |
mode = S_IRUSR | S_IWUSR | S_IWGRP; |
301 |
gid = gr->gr_gid; |
302 |
} |
303 |
else |
304 |
#endif /* TTY_GID_SUPPORT */ |
305 |
{ |
306 |
mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH; |
307 |
gid = 0; |
308 |
} |
309 |
} |
310 |
} ttyconf; |
311 |
|
312 |
ptytty_unix::ptytty_unix () |
313 |
{ |
314 |
name = 0; |
315 |
#if UTMP_SUPPORT |
316 |
cmd_pid = 0; |
317 |
#endif |
318 |
} |
319 |
|
320 |
ptytty_unix::~ptytty_unix () |
321 |
{ |
322 |
#if UTMP_SUPPORT |
323 |
logout (); |
324 |
#endif |
325 |
put (); |
326 |
} |
327 |
|
328 |
void |
329 |
ptytty_unix::put () |
330 |
{ |
331 |
chmod (name, RESTORE_TTY_MODE); |
332 |
chown (name, 0, ttyconf.gid); |
333 |
|
334 |
close_tty (); |
335 |
|
336 |
if (pty >= 0) |
337 |
close (pty); |
338 |
|
339 |
free (name); |
340 |
|
341 |
pty = tty = -1; |
342 |
name = 0; |
343 |
} |
344 |
|
345 |
bool |
346 |
ptytty_unix::get () |
347 |
{ |
348 |
/* get master (pty) */ |
349 |
if ((pty = get_pty (&tty, &name)) < 0) |
350 |
return false; |
351 |
|
352 |
fcntl (pty, F_SETFL, O_NONBLOCK); |
353 |
|
354 |
/* get slave (tty) */ |
355 |
if (tty < 0) |
356 |
{ |
357 |
#ifndef NO_SETOWNER_TTYDEV |
358 |
chown (name, getuid (), ttyconf.gid); /* fail silently */ |
359 |
chmod (name, ttyconf.mode); |
360 |
# ifdef HAVE_REVOKE |
361 |
revoke (name); |
362 |
# endif |
363 |
#endif |
364 |
|
365 |
if ((tty = get_tty (name)) < 0) |
366 |
{ |
367 |
put (); |
368 |
return false; |
369 |
} |
370 |
} |
371 |
|
372 |
return true; |
373 |
} |
374 |
|
375 |
#if PTYTTY_HELPER |
376 |
|
377 |
static int sock_fd = -1; |
378 |
static int helper_pid, owner_pid; |
379 |
|
380 |
struct command |
381 |
{ |
382 |
enum { get, login, destroy } type; |
383 |
|
384 |
ptytty *id; |
385 |
|
386 |
bool login_shell; |
387 |
int cmd_pid; |
388 |
char hostname[512]; // arbitrary, but should be plenty |
389 |
}; |
390 |
|
391 |
struct ptytty_proxy : ptytty |
392 |
{ |
393 |
ptytty *id; |
394 |
|
395 |
ptytty_proxy () |
396 |
: id(0) |
397 |
{ |
398 |
} |
399 |
|
400 |
~ptytty_proxy (); |
401 |
|
402 |
bool get (); |
403 |
void login (int cmd_pid, bool login_shell, const char *hostname); |
404 |
}; |
405 |
|
406 |
bool |
407 |
ptytty_proxy::get () |
408 |
{ |
409 |
command cmd; |
410 |
|
411 |
cmd.type = command::get; |
412 |
|
413 |
write (sock_fd, &cmd, sizeof (cmd)); |
414 |
|
415 |
if (read (sock_fd, &id, sizeof (id)) != sizeof (id)) |
416 |
ptytty_fatal ("protocol error while creating pty using helper process, aborting.\n"); |
417 |
|
418 |
if (!id) |
419 |
return false; |
420 |
|
421 |
if ((pty = recv_fd (sock_fd)) < 0 |
422 |
|| (tty = recv_fd (sock_fd)) < 0) |
423 |
ptytty_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n"); |
424 |
|
425 |
return true; |
426 |
} |
427 |
|
428 |
void |
429 |
ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname) |
430 |
{ |
431 |
command cmd; |
432 |
|
433 |
cmd.type = command::login; |
434 |
cmd.id = id; |
435 |
cmd.cmd_pid = cmd_pid; |
436 |
cmd.login_shell = login_shell; |
437 |
strncpy (cmd.hostname, hostname, sizeof (cmd.hostname)); |
438 |
|
439 |
write (sock_fd, &cmd, sizeof (cmd)); |
440 |
} |
441 |
|
442 |
ptytty_proxy::~ptytty_proxy () |
443 |
{ |
444 |
if (id) |
445 |
{ |
446 |
command cmd; |
447 |
|
448 |
cmd.type = command::destroy; |
449 |
cmd.id = id; |
450 |
|
451 |
write (sock_fd, &cmd, sizeof (cmd)); |
452 |
} |
453 |
} |
454 |
|
455 |
static |
456 |
void serve () |
457 |
{ |
458 |
command cmd; |
459 |
vector<ptytty *> ptys; |
460 |
|
461 |
while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command)) |
462 |
{ |
463 |
if (cmd.type == command::get) |
464 |
{ |
465 |
// -> id ptyfd ttyfd |
466 |
cmd.id = new ptytty_unix; |
467 |
|
468 |
if (cmd.id->get ()) |
469 |
{ |
470 |
write (sock_fd, &cmd.id, sizeof (cmd.id)); |
471 |
ptys.push_back (cmd.id); |
472 |
|
473 |
ptytty::send_fd (sock_fd, cmd.id->pty); |
474 |
ptytty::send_fd (sock_fd, cmd.id->tty); |
475 |
} |
476 |
else |
477 |
{ |
478 |
delete cmd.id; |
479 |
cmd.id = 0; |
480 |
write (sock_fd, &cmd.id, sizeof (cmd.id)); |
481 |
} |
482 |
} |
483 |
else if (cmd.type == command::login) |
484 |
{ |
485 |
#if UTMP_SUPPORT |
486 |
if (find (ptys.begin (), ptys.end (), cmd.id)) |
487 |
{ |
488 |
cmd.hostname[sizeof (cmd.hostname) - 1] = 0; |
489 |
cmd.id->login (cmd.cmd_pid, cmd.login_shell, cmd.hostname); |
490 |
} |
491 |
#endif |
492 |
} |
493 |
else if (cmd.type == command::destroy) |
494 |
{ |
495 |
vector<ptytty *>::iterator pty = find (ptys.begin (), ptys.end (), cmd.id); |
496 |
|
497 |
if (pty != ptys.end ()) |
498 |
{ |
499 |
delete *pty; |
500 |
ptys.erase (pty); |
501 |
} |
502 |
} |
503 |
else |
504 |
break; |
505 |
} |
506 |
|
507 |
// destroy all ptys |
508 |
for (vector<ptytty *>::iterator i = ptys.end (); i-- > ptys.begin (); ) |
509 |
delete *i; |
510 |
} |
511 |
|
512 |
void |
513 |
ptytty::use_helper () |
514 |
{ |
515 |
int pid = getpid (); |
516 |
|
517 |
if (sock_fd >= 0 && pid == owner_pid) |
518 |
return; |
519 |
|
520 |
owner_pid = pid; |
521 |
|
522 |
int sv[2]; |
523 |
|
524 |
if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv)) |
525 |
ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n"); |
526 |
|
527 |
helper_pid = fork (); |
528 |
|
529 |
if (helper_pid < 0) |
530 |
ptytty_fatal ("could not create pty/sessiondb helper process, aborting.\n"); |
531 |
|
532 |
if (helper_pid) |
533 |
{ |
534 |
// client, process |
535 |
sock_fd = sv[0]; |
536 |
close (sv[1]); |
537 |
fcntl (sock_fd, F_SETFD, FD_CLOEXEC); |
538 |
} |
539 |
else |
540 |
{ |
541 |
// server, pty-helper |
542 |
sock_fd = sv[1]; |
543 |
|
544 |
chdir ("/"); |
545 |
|
546 |
for (int fd = 0; fd < 1023; fd++) |
547 |
if (fd != sock_fd) |
548 |
close (fd); |
549 |
|
550 |
serve (); |
551 |
_exit (EXIT_SUCCESS); |
552 |
} |
553 |
} |
554 |
|
555 |
#endif |
556 |
|
557 |
ptytty * |
558 |
ptytty::create () |
559 |
{ |
560 |
#if PTYTTY_HELPER |
561 |
if (helper_pid && getpid () == owner_pid) |
562 |
// use helper process |
563 |
return new ptytty_proxy; |
564 |
else |
565 |
#endif |
566 |
return new ptytty_unix; |
567 |
} |
568 |
|
569 |
void |
570 |
ptytty::init () |
571 |
{ |
572 |
uid_t uid = getuid (); |
573 |
gid_t gid = getgid (); |
574 |
|
575 |
// before doing anything else, check for setuid/setgid operation, |
576 |
// start the helper process and drop privileges |
577 |
if (uid != geteuid () |
578 |
|| gid != getegid ()) |
579 |
{ |
580 |
#if PTYTTY_HELPER |
581 |
use_helper (); |
582 |
#else |
583 |
ptytty_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n"); |
584 |
#endif |
585 |
|
586 |
drop_privileges (); |
587 |
} |
588 |
} |
589 |
|
590 |
void |
591 |
ptytty::drop_privileges () |
592 |
{ |
593 |
uid_t uid = getuid (); |
594 |
gid_t gid = getgid (); |
595 |
|
596 |
// drop privileges |
597 |
#if HAVE_SETRESUID |
598 |
setresgid (gid, gid, gid); |
599 |
setresuid (uid, uid, uid); |
600 |
#elif HAVE_SETREUID |
601 |
setregid (gid, gid); |
602 |
setreuid (uid, uid); |
603 |
#elif HAVE_SETUID |
604 |
setgid (gid); |
605 |
setuid (uid); |
606 |
#endif |
607 |
|
608 |
if (uid != geteuid () |
609 |
|| gid != getegid ()) |
610 |
ptytty_fatal ("unable to drop privileges, aborting.\n"); |
611 |
} |
612 |
|