… | |
… | |
6 | *----------------------------------------------------------------------* |
6 | *----------------------------------------------------------------------* |
7 | * |
7 | * |
8 | * All portions of code are copyright by their respective author/s. |
8 | * All portions of code are copyright by their respective author/s. |
9 | * Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com> |
9 | * Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com> |
10 | * Copyright (c) 2004-2006 Marc Lehmann <pcg@goof.com> |
10 | * Copyright (c) 2004-2006 Marc Lehmann <pcg@goof.com> |
11 | * Copyright (c) 2006 Emanuele Giaquinta <e.giaquinta@glauco.it> |
11 | * Copyright (c) 2006 Emanuele Giaquinta <e.giaquinta@glauco.it> |
12 | * |
12 | * |
13 | * This program is free software; you can redistribute it and/or modify |
13 | * This program is free software; you can redistribute it and/or modify |
14 | * it under the terms of the GNU General Public License as published by |
14 | * it under the terms of the GNU General Public License as published by |
15 | * the Free Software Foundation; either version 2 of the License, or |
15 | * the Free Software Foundation; either version 2 of the License, or |
16 | * (at your option) any later version. |
16 | * (at your option) any later version. |
… | |
… | |
29 | |
29 | |
30 | #include "ptytty.h" |
30 | #include "ptytty.h" |
31 | |
31 | |
32 | #include <cstdlib> |
32 | #include <cstdlib> |
33 | #include <cstring> |
33 | #include <cstring> |
|
|
34 | #include <csignal> |
34 | |
35 | |
35 | #include <sys/types.h> |
36 | #include <sys/types.h> |
36 | #include <sys/socket.h> |
37 | #include <sys/socket.h> |
37 | #include <unistd.h> |
38 | #include <unistd.h> |
38 | #include <fcntl.h> |
39 | #include <fcntl.h> |
… | |
… | |
371 | } |
372 | } |
372 | |
373 | |
373 | return true; |
374 | return true; |
374 | } |
375 | } |
375 | |
376 | |
|
|
377 | ///////////////////////////////////////////////////////////////////////////// |
|
|
378 | // helper/proxy support |
|
|
379 | |
376 | #if PTYTTY_HELPER |
380 | #if PTYTTY_HELPER |
377 | |
381 | |
378 | static int sock_fd = -1; |
382 | static int sock_fd = -1, lock_fd = -1; |
379 | static int helper_pid, owner_pid; |
383 | static int helper_pid, owner_pid; |
380 | |
384 | |
381 | struct command |
385 | struct command |
382 | { |
386 | { |
383 | enum { get, login, destroy } type; |
387 | enum { get, login, destroy } type; |
… | |
… | |
402 | |
406 | |
403 | bool get (); |
407 | bool get (); |
404 | void login (int cmd_pid, bool login_shell, const char *hostname); |
408 | void login (int cmd_pid, bool login_shell, const char *hostname); |
405 | }; |
409 | }; |
406 | |
410 | |
|
|
411 | #if PTYTTY_REENTRANT |
|
|
412 | # define NEED_TOKEN do { char ch; read (lock_fd, &ch, 1); } while (0) |
|
|
413 | # define GIVE_TOKEN do { char ch; write (lock_fd, &ch, 1); } while (0) |
|
|
414 | #else |
|
|
415 | # define NEED_TOKEN (void)0 |
|
|
416 | # define GIVE_TOKEN (void)0 |
|
|
417 | #endif |
|
|
418 | |
407 | bool |
419 | bool |
408 | ptytty_proxy::get () |
420 | ptytty_proxy::get () |
409 | { |
421 | { |
|
|
422 | NEED_TOKEN; |
|
|
423 | |
410 | command cmd; |
424 | command cmd; |
411 | |
425 | |
412 | cmd.type = command::get; |
426 | cmd.type = command::get; |
413 | |
427 | |
414 | write (sock_fd, &cmd, sizeof (cmd)); |
428 | write (sock_fd, &cmd, sizeof (cmd)); |
415 | |
429 | |
416 | if (read (sock_fd, &id, sizeof (id)) != sizeof (id)) |
430 | if (read (sock_fd, &id, sizeof (id)) != sizeof (id)) |
417 | ptytty_fatal ("protocol error while creating pty using helper process, aborting.\n"); |
431 | ptytty_fatal ("protocol error while creating pty using helper process, aborting.\n"); |
418 | |
432 | |
419 | if (!id) |
433 | if (!id) |
|
|
434 | { |
|
|
435 | GIVE_TOKEN; |
420 | return false; |
436 | return false; |
|
|
437 | } |
421 | |
438 | |
422 | if ((pty = recv_fd (sock_fd)) < 0 |
439 | if ((pty = recv_fd (sock_fd)) < 0 |
423 | || (tty = recv_fd (sock_fd)) < 0) |
440 | || (tty = recv_fd (sock_fd)) < 0) |
424 | ptytty_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n"); |
441 | ptytty_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n"); |
425 | |
442 | |
|
|
443 | GIVE_TOKEN; |
426 | return true; |
444 | return true; |
427 | } |
445 | } |
428 | |
446 | |
429 | void |
447 | void |
430 | ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname) |
448 | ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname) |
431 | { |
449 | { |
|
|
450 | NEED_TOKEN; |
|
|
451 | |
432 | command cmd; |
452 | command cmd; |
433 | |
453 | |
434 | cmd.type = command::login; |
454 | cmd.type = command::login; |
435 | cmd.id = id; |
455 | cmd.id = id; |
436 | cmd.cmd_pid = cmd_pid; |
456 | cmd.cmd_pid = cmd_pid; |
437 | cmd.login_shell = login_shell; |
457 | cmd.login_shell = login_shell; |
438 | strncpy (cmd.hostname, hostname, sizeof (cmd.hostname)); |
458 | strncpy (cmd.hostname, hostname, sizeof (cmd.hostname)); |
439 | |
459 | |
440 | write (sock_fd, &cmd, sizeof (cmd)); |
460 | write (sock_fd, &cmd, sizeof (cmd)); |
|
|
461 | |
|
|
462 | GIVE_TOKEN; |
441 | } |
463 | } |
442 | |
464 | |
443 | ptytty_proxy::~ptytty_proxy () |
465 | ptytty_proxy::~ptytty_proxy () |
444 | { |
466 | { |
445 | if (id) |
467 | if (id) |
446 | { |
468 | { |
|
|
469 | NEED_TOKEN; |
|
|
470 | |
447 | command cmd; |
471 | command cmd; |
448 | |
472 | |
449 | cmd.type = command::destroy; |
473 | cmd.type = command::destroy; |
450 | cmd.id = id; |
474 | cmd.id = id; |
451 | |
475 | |
452 | write (sock_fd, &cmd, sizeof (cmd)); |
476 | write (sock_fd, &cmd, sizeof (cmd)); |
|
|
477 | |
|
|
478 | GIVE_TOKEN; |
453 | } |
479 | } |
454 | } |
480 | } |
455 | |
481 | |
456 | static |
482 | static |
457 | void serve () |
483 | void serve () |
458 | { |
484 | { |
459 | command cmd; |
485 | command cmd; |
460 | vector<ptytty *> ptys; |
486 | vector<ptytty *> ptys; |
461 | |
487 | |
|
|
488 | for (;;) |
|
|
489 | { |
|
|
490 | GIVE_TOKEN; |
|
|
491 | |
462 | while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command)) |
492 | if (read (sock_fd, &cmd, sizeof (command)) != sizeof (command)) |
463 | { |
493 | break; |
|
|
494 | |
464 | if (cmd.type == command::get) |
495 | if (cmd.type == command::get) |
465 | { |
496 | { |
466 | // -> id ptyfd ttyfd |
497 | // -> id ptyfd ttyfd |
467 | cmd.id = new ptytty_unix; |
498 | cmd.id = new ptytty_unix; |
468 | |
499 | |
… | |
… | |
482 | } |
513 | } |
483 | } |
514 | } |
484 | else if (cmd.type == command::login) |
515 | else if (cmd.type == command::login) |
485 | { |
516 | { |
486 | #if UTMP_SUPPORT |
517 | #if UTMP_SUPPORT |
487 | if (find (ptys.begin (), ptys.end (), cmd.id)) |
518 | if (find (ptys.begin (), ptys.end (), cmd.id) != ptys.end ()) |
488 | { |
519 | { |
489 | cmd.hostname[sizeof (cmd.hostname) - 1] = 0; |
520 | cmd.hostname[sizeof (cmd.hostname) - 1] = 0; |
490 | cmd.id->login (cmd.cmd_pid, cmd.login_shell, cmd.hostname); |
521 | cmd.id->login (cmd.cmd_pid, cmd.login_shell, cmd.hostname); |
491 | } |
522 | } |
492 | #endif |
523 | #endif |
… | |
… | |
501 | ptys.erase (pty); |
532 | ptys.erase (pty); |
502 | } |
533 | } |
503 | } |
534 | } |
504 | else |
535 | else |
505 | break; |
536 | break; |
|
|
537 | |
|
|
538 | NEED_TOKEN; |
506 | } |
539 | } |
507 | |
540 | |
508 | // destroy all ptys |
541 | // destroy all ptys |
509 | for (vector<ptytty *>::iterator i = ptys.end (); i-- > ptys.begin (); ) |
542 | for (vector<ptytty *>::iterator i = ptys.end (); i-- > ptys.begin (); ) |
510 | delete *i; |
543 | delete *i; |
511 | } |
544 | } |
512 | |
545 | |
513 | void |
546 | void |
514 | ptytty::use_helper () |
547 | ptytty::use_helper () |
515 | { |
548 | { |
|
|
549 | #ifndef PTYTTY_NO_PID_CHECK |
516 | int pid = getpid (); |
550 | int pid = getpid (); |
|
|
551 | #endif |
517 | |
552 | |
518 | if (sock_fd >= 0 && pid == owner_pid) |
553 | if (sock_fd >= 0 |
|
|
554 | #ifndef PTYTTY_NO_PID_CHECK |
|
|
555 | && pid == owner_pid |
|
|
556 | #endif |
|
|
557 | ) |
519 | return; |
558 | return; |
520 | |
559 | |
|
|
560 | #ifndef PTYTTY_NO_PID_CHECK |
521 | owner_pid = pid; |
561 | owner_pid = pid; |
|
|
562 | #endif |
522 | |
563 | |
523 | int sv[2]; |
564 | int sv[2]; |
524 | |
565 | |
525 | if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv)) |
566 | if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv)) |
526 | ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n"); |
567 | ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n"); |
|
|
568 | |
|
|
569 | #ifdef PTYTTY_REENTRANT |
|
|
570 | int lv[2]; |
|
|
571 | |
|
|
572 | if (socketpair (AF_UNIX, SOCK_STREAM, 0, lv)) |
|
|
573 | ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n"); |
|
|
574 | #endif |
527 | |
575 | |
528 | helper_pid = fork (); |
576 | helper_pid = fork (); |
529 | |
577 | |
530 | if (helper_pid < 0) |
578 | if (helper_pid < 0) |
531 | ptytty_fatal ("could not create pty/sessiondb helper process, aborting.\n"); |
579 | ptytty_fatal ("could not create pty/sessiondb helper process, aborting.\n"); |
… | |
… | |
534 | { |
582 | { |
535 | // client, process |
583 | // client, process |
536 | sock_fd = sv[0]; |
584 | sock_fd = sv[0]; |
537 | close (sv[1]); |
585 | close (sv[1]); |
538 | fcntl (sock_fd, F_SETFD, FD_CLOEXEC); |
586 | fcntl (sock_fd, F_SETFD, FD_CLOEXEC); |
|
|
587 | #ifdef PTYTTY_REENTRANT |
|
|
588 | lock_fd = lv[0]; |
|
|
589 | close (lv[1]); |
|
|
590 | fcntl (lock_fd, F_SETFD, FD_CLOEXEC); |
|
|
591 | #endif |
539 | } |
592 | } |
540 | else |
593 | else |
541 | { |
594 | { |
542 | // server, pty-helper |
595 | // server, pty-helper |
543 | sock_fd = sv[1]; |
596 | sock_fd = sv[1]; |
|
|
597 | #ifdef PTYTTY_REENTRANT |
|
|
598 | lock_fd = lv[1]; |
|
|
599 | #endif |
544 | |
600 | |
545 | chdir ("/"); |
601 | chdir ("/"); |
546 | |
602 | |
|
|
603 | signal (SIGHUP, SIG_IGN); |
|
|
604 | signal (SIGTERM, SIG_IGN); |
|
|
605 | signal (SIGINT, SIG_IGN); |
|
|
606 | signal (SIGPIPE, SIG_IGN); |
|
|
607 | |
547 | for (int fd = 0; fd < 1023; fd++) |
608 | for (int fd = 0; fd < 1023; fd++) |
548 | if (fd != sock_fd) |
609 | if (fd != sock_fd && fd != lock_fd) |
549 | close (fd); |
610 | close (fd); |
550 | |
611 | |
551 | serve (); |
612 | serve (); |
552 | _exit (EXIT_SUCCESS); |
613 | _exit (EXIT_SUCCESS); |
553 | } |
614 | } |
… | |
… | |
557 | |
618 | |
558 | ptytty * |
619 | ptytty * |
559 | ptytty::create () |
620 | ptytty::create () |
560 | { |
621 | { |
561 | #if PTYTTY_HELPER |
622 | #if PTYTTY_HELPER |
|
|
623 | if (helper_pid |
|
|
624 | # ifndef PTYTTY_NO_PID_CHECK |
562 | if (helper_pid && getpid () == owner_pid) |
625 | && getpid () == owner_pid |
|
|
626 | # endif |
|
|
627 | ) |
563 | // use helper process |
628 | // use helper process |
564 | return new ptytty_proxy; |
629 | return new ptytty_proxy; |
565 | else |
630 | else |
566 | #endif |
631 | #endif |
567 | return new ptytty_unix; |
632 | return new ptytty_unix; |
… | |
… | |
609 | if (uid != geteuid () |
674 | if (uid != geteuid () |
610 | || gid != getegid ()) |
675 | || gid != getegid ()) |
611 | ptytty_fatal ("unable to drop privileges, aborting.\n"); |
676 | ptytty_fatal ("unable to drop privileges, aborting.\n"); |
612 | } |
677 | } |
613 | |
678 | |
|
|
679 | ///////////////////////////////////////////////////////////////////////////// |
|
|
680 | // C API |
|
|
681 | |
|
|
682 | #ifndef PTYTTY_NO_C_API |
|
|
683 | |
|
|
684 | #define DEFINE_METHOD(retval, name, args1, args2) \ |
|
|
685 | extern "C" retval ptytty_ ## name args1 \ |
|
|
686 | { return ((struct ptytty *)ptytty)->name args2; } |
|
|
687 | |
|
|
688 | DEFINE_METHOD(int,pty,(void *ptytty),) |
|
|
689 | DEFINE_METHOD(int,tty,(void *ptytty),) |
|
|
690 | DEFINE_METHOD(int,get,(void *ptytty),()) |
|
|
691 | DEFINE_METHOD(void,login,(void *ptytty, int cmd_pid, bool login_shell, const char *hostname),(cmd_pid,login_shell,hostname)) |
|
|
692 | |
|
|
693 | DEFINE_METHOD(void,close_tty,(void *ptytty),()) |
|
|
694 | DEFINE_METHOD(int,make_controlling_tty,(void *ptytty),()) |
|
|
695 | DEFINE_METHOD(void,set_utf8_mode,(void *ptytty, int on),(on)) |
|
|
696 | |
|
|
697 | #define DEFINE_STATIC(retval, name, args) \ |
|
|
698 | extern "C" retval ptytty_ ## name args \ |
|
|
699 | { return ptytty::name args; } |
|
|
700 | |
|
|
701 | DEFINE_STATIC(void,drop_privileges,()) |
|
|
702 | DEFINE_STATIC(void,use_helper,()) |
|
|
703 | DEFINE_STATIC(void,init,()) |
|
|
704 | |
|
|
705 | DEFINE_STATIC(void *,create,()) |
|
|
706 | |
|
|
707 | void ptytty_delete (void *ptytty) |
|
|
708 | { |
|
|
709 | delete (struct ptytty *)ptytty; |
|
|
710 | } |
|
|
711 | |
|
|
712 | // send_fd, recv_fd not exposed |
|
|
713 | |
|
|
714 | #endif |