|
|
1 | // This file is part of libptytty. Do not make local modifications. |
|
|
2 | // http://software.schmorp.de/pkg/libptytty |
|
|
3 | |
1 | /*--------------------------------*-C-*---------------------------------* |
4 | /*----------------------------------------------------------------------* |
2 | * File: ptytty.C |
5 | * File: ptytty.C |
3 | *----------------------------------------------------------------------* |
6 | *----------------------------------------------------------------------* |
4 | * |
7 | * |
5 | * All portions of code are copyright by their respective author/s. |
8 | * All portions of code are copyright by their respective author/s. |
6 | * Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com> |
9 | * Copyright (c) 1999-2001 Geoff Wing <gcw@pobox.com> |
… | |
… | |
19 | * You should have received a copy of the GNU General Public License |
22 | * You should have received a copy of the GNU General Public License |
20 | * along with this program; if not, write to the Free Software |
23 | * along with this program; if not, write to the Free Software |
21 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
24 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
22 | *---------------------------------------------------------------------*/ |
25 | *---------------------------------------------------------------------*/ |
23 | |
26 | |
24 | #include "../config.h" /* NECESSARY */ |
27 | #include "../config.h" |
|
|
28 | |
25 | #include "rxvt.h" |
29 | #include "ptytty.h" |
26 | |
30 | |
27 | #include <cstdlib> |
31 | #include <cstdlib> |
28 | #include <cstring> |
32 | #include <cstring> |
29 | |
33 | |
30 | #include <sys/types.h> |
34 | #include <sys/types.h> |
… | |
… | |
51 | #ifdef TTY_GID_SUPPORT |
55 | #ifdef TTY_GID_SUPPORT |
52 | #include <grp.h> |
56 | #include <grp.h> |
53 | #endif |
57 | #endif |
54 | |
58 | |
55 | #include <cstdio> |
59 | #include <cstdio> |
56 | |
|
|
57 | #include "rxvtutil.h" |
|
|
58 | #include "fdpass.h" |
|
|
59 | #include "ptytty.h" |
|
|
60 | |
60 | |
61 | ///////////////////////////////////////////////////////////////////////////// |
61 | ///////////////////////////////////////////////////////////////////////////// |
62 | |
62 | |
63 | /* ------------------------------------------------------------------------- * |
63 | /* ------------------------------------------------------------------------- * |
64 | * GET PSEUDO TELETYPE - MASTER AND SLAVE * |
64 | * GET PSEUDO TELETYPE - MASTER AND SLAVE * |
… | |
… | |
234 | |
234 | |
235 | ioctl (fd_tty, TIOCSCTTY, NULL); |
235 | ioctl (fd_tty, TIOCSCTTY, NULL); |
236 | |
236 | |
237 | int fd = open ("/dev/tty", O_WRONLY); |
237 | int fd = open ("/dev/tty", O_WRONLY); |
238 | if (fd < 0) |
238 | if (fd < 0) |
239 | return -1; /* fatal */ |
239 | return -1; /* fatal */ |
240 | |
240 | |
241 | close (fd); |
241 | close (fd); |
242 | |
242 | |
243 | return 0; |
243 | return 0; |
244 | } |
244 | } |
245 | |
245 | |
246 | void |
246 | void |
247 | rxvt_ptytty::close_tty () |
247 | ptytty::close_tty () |
248 | { |
248 | { |
249 | if (tty < 0) |
249 | if (tty < 0) |
250 | return; |
250 | return; |
251 | |
251 | |
252 | close (tty); |
252 | close (tty); |
253 | tty = -1; |
253 | tty = -1; |
254 | } |
254 | } |
255 | |
255 | |
256 | bool |
256 | bool |
257 | rxvt_ptytty::make_controlling_tty () |
257 | ptytty::make_controlling_tty () |
258 | { |
258 | { |
259 | return control_tty (tty) >= 0; |
259 | return control_tty (tty) >= 0; |
260 | } |
260 | } |
261 | |
261 | |
262 | void |
262 | void |
263 | rxvt_ptytty::set_utf8_mode (bool on) |
263 | ptytty::set_utf8_mode (bool on) |
264 | { |
264 | { |
265 | #ifdef IUTF8 |
265 | #ifdef IUTF8 |
266 | if (pty < 0) |
266 | if (pty < 0) |
267 | return; |
267 | return; |
268 | |
268 | |
… | |
… | |
307 | gid = 0; |
307 | gid = 0; |
308 | } |
308 | } |
309 | } |
309 | } |
310 | } ttyconf; |
310 | } ttyconf; |
311 | |
311 | |
312 | rxvt_ptytty_unix::rxvt_ptytty_unix () |
312 | ptytty_unix::ptytty_unix () |
313 | { |
313 | { |
314 | name = 0; |
314 | name = 0; |
315 | #if UTMP_SUPPORT |
315 | #if UTMP_SUPPORT |
316 | cmd_pid = 0; |
316 | cmd_pid = 0; |
317 | #endif |
317 | #endif |
318 | } |
318 | } |
319 | |
319 | |
320 | rxvt_ptytty_unix::~rxvt_ptytty_unix () |
320 | ptytty_unix::~ptytty_unix () |
321 | { |
321 | { |
322 | #if UTMP_SUPPORT |
322 | #if UTMP_SUPPORT |
323 | logout (); |
323 | logout (); |
324 | #endif |
324 | #endif |
325 | put (); |
325 | put (); |
326 | } |
326 | } |
327 | |
327 | |
328 | void |
328 | void |
329 | rxvt_ptytty_unix::put () |
329 | ptytty_unix::put () |
330 | { |
330 | { |
331 | chmod (name, RESTORE_TTY_MODE); |
331 | chmod (name, RESTORE_TTY_MODE); |
332 | chown (name, 0, ttyconf.gid); |
332 | chown (name, 0, ttyconf.gid); |
333 | |
333 | |
334 | close_tty (); |
334 | close_tty (); |
… | |
… | |
341 | pty = tty = -1; |
341 | pty = tty = -1; |
342 | name = 0; |
342 | name = 0; |
343 | } |
343 | } |
344 | |
344 | |
345 | bool |
345 | bool |
346 | rxvt_ptytty_unix::get () |
346 | ptytty_unix::get () |
347 | { |
347 | { |
348 | /* get master (pty) */ |
348 | /* get master (pty) */ |
349 | if ((pty = get_pty (&tty, &name)) < 0) |
349 | if ((pty = get_pty (&tty, &name)) < 0) |
350 | return false; |
350 | return false; |
351 | |
351 | |
… | |
… | |
372 | return true; |
372 | return true; |
373 | } |
373 | } |
374 | |
374 | |
375 | #if PTYTTY_HELPER |
375 | #if PTYTTY_HELPER |
376 | |
376 | |
377 | static int sock_fd; |
377 | static int sock_fd = -1; |
378 | static int pid; |
378 | static int helper_pid, owner_pid; |
379 | |
379 | |
380 | struct command |
380 | struct command |
381 | { |
381 | { |
382 | enum { get, login, destroy } type; |
382 | enum { get, login, destroy } type; |
383 | |
383 | |
384 | rxvt_ptytty *id; |
384 | ptytty *id; |
385 | |
385 | |
386 | bool login_shell; |
386 | bool login_shell; |
387 | int cmd_pid; |
387 | int cmd_pid; |
388 | char hostname[512]; // arbitrary, but should be plenty |
388 | char hostname[512]; // arbitrary, but should be plenty |
389 | }; |
389 | }; |
390 | |
390 | |
391 | struct rxvt_ptytty_proxy : zero_initialized, rxvt_ptytty |
391 | struct ptytty_proxy : ptytty |
392 | { |
392 | { |
393 | rxvt_ptytty *id; |
393 | ptytty *id; |
394 | |
394 | |
|
|
395 | ptytty_proxy () |
|
|
396 | : id(0) |
|
|
397 | { |
|
|
398 | } |
|
|
399 | |
395 | ~rxvt_ptytty_proxy (); |
400 | ~ptytty_proxy (); |
396 | |
401 | |
397 | bool get (); |
402 | bool get (); |
398 | void login (int cmd_pid, bool login_shell, const char *hostname); |
403 | void login (int cmd_pid, bool login_shell, const char *hostname); |
399 | }; |
404 | }; |
400 | |
405 | |
401 | bool |
406 | bool |
402 | rxvt_ptytty_proxy::get () |
407 | ptytty_proxy::get () |
403 | { |
408 | { |
404 | command cmd; |
409 | command cmd; |
405 | |
410 | |
406 | cmd.type = command::get; |
411 | cmd.type = command::get; |
407 | |
412 | |
408 | write (sock_fd, &cmd, sizeof (cmd)); |
413 | write (sock_fd, &cmd, sizeof (cmd)); |
409 | |
414 | |
410 | if (read (sock_fd, &id, sizeof (id)) != sizeof (id)) |
415 | if (read (sock_fd, &id, sizeof (id)) != sizeof (id)) |
411 | rxvt_fatal ("protocol error while creating pty using helper process, aborting.\n"); |
416 | ptytty_fatal ("protocol error while creating pty using helper process, aborting.\n"); |
412 | |
417 | |
413 | if (!id) |
418 | if (!id) |
414 | return false; |
419 | return false; |
415 | |
420 | |
416 | if ((pty = rxvt_recv_fd (sock_fd)) < 0 |
421 | if ((pty = recv_fd (sock_fd)) < 0 |
417 | || (tty = rxvt_recv_fd (sock_fd)) < 0) |
422 | || (tty = recv_fd (sock_fd)) < 0) |
418 | rxvt_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n"); |
423 | ptytty_fatal ("protocol error while reading pty/tty fds from helper process, aborting.\n"); |
419 | |
424 | |
420 | return true; |
425 | return true; |
421 | } |
426 | } |
422 | |
427 | |
423 | void |
428 | void |
424 | rxvt_ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname) |
429 | ptytty_proxy::login (int cmd_pid, bool login_shell, const char *hostname) |
425 | { |
430 | { |
426 | command cmd; |
431 | command cmd; |
427 | |
432 | |
428 | cmd.type = command::login; |
433 | cmd.type = command::login; |
429 | cmd.id = id; |
434 | cmd.id = id; |
… | |
… | |
432 | strncpy (cmd.hostname, hostname, sizeof (cmd.hostname)); |
437 | strncpy (cmd.hostname, hostname, sizeof (cmd.hostname)); |
433 | |
438 | |
434 | write (sock_fd, &cmd, sizeof (cmd)); |
439 | write (sock_fd, &cmd, sizeof (cmd)); |
435 | } |
440 | } |
436 | |
441 | |
437 | rxvt_ptytty_proxy::~rxvt_ptytty_proxy () |
442 | ptytty_proxy::~ptytty_proxy () |
438 | { |
443 | { |
|
|
444 | if (id) |
|
|
445 | { |
439 | command cmd; |
446 | command cmd; |
440 | |
447 | |
441 | cmd.type = command::destroy; |
448 | cmd.type = command::destroy; |
442 | cmd.id = id; |
449 | cmd.id = id; |
443 | |
450 | |
444 | write (sock_fd, &cmd, sizeof (cmd)); |
451 | write (sock_fd, &cmd, sizeof (cmd)); |
|
|
452 | } |
445 | } |
453 | } |
446 | |
454 | |
447 | static |
455 | static |
448 | void serve () |
456 | void serve () |
449 | { |
457 | { |
450 | command cmd; |
458 | command cmd; |
451 | vector<rxvt_ptytty *> ptys; |
459 | vector<ptytty *> ptys; |
452 | |
460 | |
453 | while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command)) |
461 | while (read (sock_fd, &cmd, sizeof (command)) == sizeof (command)) |
454 | { |
462 | { |
455 | if (cmd.type == command::get) |
463 | if (cmd.type == command::get) |
456 | { |
464 | { |
457 | // -> id ptyfd ttyfd |
465 | // -> id ptyfd ttyfd |
458 | cmd.id = new rxvt_ptytty_unix; |
466 | cmd.id = new ptytty_unix; |
459 | |
467 | |
460 | if (cmd.id->get ()) |
468 | if (cmd.id->get ()) |
461 | { |
469 | { |
462 | write (sock_fd, &cmd.id, sizeof (cmd.id)); |
470 | write (sock_fd, &cmd.id, sizeof (cmd.id)); |
463 | ptys.push_back (cmd.id); |
471 | ptys.push_back (cmd.id); |
464 | |
472 | |
465 | rxvt_send_fd (sock_fd, cmd.id->pty); |
473 | ptytty::send_fd (sock_fd, cmd.id->pty); |
466 | rxvt_send_fd (sock_fd, cmd.id->tty); |
474 | ptytty::send_fd (sock_fd, cmd.id->tty); |
467 | } |
475 | } |
468 | else |
476 | else |
469 | { |
477 | { |
470 | delete cmd.id; |
478 | delete cmd.id; |
471 | cmd.id = 0; |
479 | cmd.id = 0; |
… | |
… | |
482 | } |
490 | } |
483 | #endif |
491 | #endif |
484 | } |
492 | } |
485 | else if (cmd.type == command::destroy) |
493 | else if (cmd.type == command::destroy) |
486 | { |
494 | { |
487 | rxvt_ptytty **pty = find (ptys.begin (), ptys.end (), cmd.id); |
495 | vector<ptytty *>::iterator pty = find (ptys.begin (), ptys.end (), cmd.id); |
488 | |
496 | |
489 | if (pty) |
497 | if (pty != ptys.end ()) |
490 | { |
498 | { |
491 | delete *pty; |
499 | delete *pty; |
492 | ptys.erase (pty); |
500 | ptys.erase (pty); |
493 | } |
501 | } |
494 | } |
502 | } |
495 | else |
503 | else |
496 | break; |
504 | break; |
497 | } |
505 | } |
498 | |
506 | |
499 | // destroy all ptys |
507 | // destroy all ptys |
500 | for (rxvt_ptytty **i = ptys.end (); i-- > ptys.begin (); ) |
508 | for (vector<ptytty *>::iterator i = ptys.end (); i-- > ptys.begin (); ) |
501 | delete *i; |
509 | delete *i; |
502 | } |
510 | } |
503 | |
511 | |
504 | void rxvt_ptytty_server () |
512 | void |
|
|
513 | ptytty::use_helper () |
505 | { |
514 | { |
|
|
515 | int pid = getpid (); |
|
|
516 | |
|
|
517 | if (sock_fd >= 0 && pid == owner_pid) |
|
|
518 | return; |
|
|
519 | |
|
|
520 | owner_pid = pid; |
|
|
521 | |
506 | int sv[2]; |
522 | int sv[2]; |
507 | |
523 | |
508 | if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv)) |
524 | if (socketpair (AF_UNIX, SOCK_STREAM, 0, sv)) |
509 | rxvt_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n"); |
525 | ptytty_fatal ("could not create socket to communicate with pty/sessiondb helper, aborting.\n"); |
510 | |
526 | |
511 | pid = fork (); |
527 | helper_pid = fork (); |
512 | |
528 | |
513 | if (pid < 0) |
529 | if (helper_pid < 0) |
514 | rxvt_fatal ("could not create pty/sessiondb helper process, aborting.\n"); |
530 | ptytty_fatal ("could not create pty/sessiondb helper process, aborting.\n"); |
515 | |
531 | |
516 | if (pid) |
532 | if (helper_pid) |
517 | { |
533 | { |
518 | // client, urxvt |
534 | // client, process |
519 | sock_fd = sv[0]; |
535 | sock_fd = sv[0]; |
520 | close (sv[1]); |
536 | close (sv[1]); |
521 | fcntl (sock_fd, F_SETFD, FD_CLOEXEC); |
537 | fcntl (sock_fd, F_SETFD, FD_CLOEXEC); |
522 | } |
538 | } |
523 | else |
539 | else |
524 | { |
540 | { |
525 | // server, pty-helper |
541 | // server, pty-helper |
526 | sock_fd = sv[1]; |
542 | sock_fd = sv[1]; |
527 | |
543 | |
|
|
544 | chdir ("/"); |
|
|
545 | |
528 | for (int fd = 0; fd < 1023; fd++) |
546 | for (int fd = 0; fd < 1023; fd++) |
529 | if (fd != sock_fd) |
547 | if (fd != sock_fd) |
530 | close (fd); |
548 | close (fd); |
531 | |
549 | |
532 | serve (); |
550 | serve (); |
… | |
… | |
534 | } |
552 | } |
535 | } |
553 | } |
536 | |
554 | |
537 | #endif |
555 | #endif |
538 | |
556 | |
539 | // a "factory" *g* |
|
|
540 | rxvt_ptytty * |
557 | ptytty * |
541 | rxvt_new_ptytty () |
558 | ptytty::create () |
542 | { |
559 | { |
543 | #if PTYTTY_HELPER |
560 | #if PTYTTY_HELPER |
544 | if (pid > 0) |
561 | if (helper_pid && getpid () == owner_pid) |
545 | // use helper process |
562 | // use helper process |
546 | return new rxvt_ptytty_proxy; |
563 | return new ptytty_proxy; |
547 | else |
564 | else |
548 | #endif |
565 | #endif |
549 | return new rxvt_ptytty_unix; |
566 | return new ptytty_unix; |
550 | } |
567 | } |
551 | |
568 | |
552 | /*----------------------- end-of-file (C source) -----------------------*/ |
569 | void |
|
|
570 | ptytty::init () |
|
|
571 | { |
|
|
572 | uid_t uid = getuid (); |
|
|
573 | gid_t gid = getgid (); |
|
|
574 | |
|
|
575 | // before doing anything else, check for setuid/setgid operation, |
|
|
576 | // start the helper process and drop privileges |
|
|
577 | if (uid != geteuid () |
|
|
578 | || gid != getegid ()) |
|
|
579 | { |
|
|
580 | #if PTYTTY_HELPER |
|
|
581 | use_helper (); |
|
|
582 | #else |
|
|
583 | ptytty_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n"); |
|
|
584 | #endif |
553 | |
585 | |
|
|
586 | drop_privileges (); |
|
|
587 | } |
|
|
588 | } |
|
|
589 | |
|
|
590 | void |
|
|
591 | ptytty::drop_privileges () |
|
|
592 | { |
|
|
593 | uid_t uid = getuid (); |
|
|
594 | gid_t gid = getgid (); |
|
|
595 | |
|
|
596 | // drop privileges |
|
|
597 | #if HAVE_SETRESUID |
|
|
598 | setresgid (gid, gid, gid); |
|
|
599 | setresuid (uid, uid, uid); |
|
|
600 | #elif HAVE_SETREUID |
|
|
601 | setregid (gid, gid); |
|
|
602 | setreuid (uid, uid); |
|
|
603 | #elif HAVE_SETUID |
|
|
604 | setgid (gid); |
|
|
605 | setuid (uid); |
|
|
606 | #endif |
|
|
607 | |
|
|
608 | if (uid != geteuid () |
|
|
609 | || gid != getegid ()) |
|
|
610 | ptytty_fatal ("unable to drop privileges, aborting.\n"); |
|
|
611 | } |
|
|
612 | |