version 1.1, 2012/02/21 16:23:02
|
version 1.1.1.5, 2013/10/14 07:56:35
|
Line 1
|
Line 1
|
/* |
/* |
* Copyright (c) 1996, 1998-2005, 2007-2011 | * Copyright (c) 1996, 1998-2005, 2007-2013 |
* Todd C. Miller <Todd.Miller@courtesan.com> |
* Todd C. Miller <Todd.Miller@courtesan.com> |
* |
* |
* Permission to use, copy, modify, and distribute this software for any |
* Permission to use, copy, modify, and distribute this software for any |
Line 26
|
Line 26
|
#include <config.h> |
#include <config.h> |
|
|
#include <sys/types.h> |
#include <sys/types.h> |
#include <sys/param.h> |
|
#include <stdio.h> |
#include <stdio.h> |
#ifdef STDC_HEADERS |
#ifdef STDC_HEADERS |
# include <stdlib.h> |
# include <stdlib.h> |
Line 54
|
Line 53
|
#include <fcntl.h> |
#include <fcntl.h> |
|
|
#include "sudo.h" |
#include "sudo.h" |
|
#include "sudo_plugin.h" |
|
|
static volatile sig_atomic_t signo[NSIG]; |
static volatile sig_atomic_t signo[NSIG]; |
|
|
static void handler(int); | static void tgetpass_handler(int); |
static char *getln(int, char *, size_t, int); |
static char *getln(int, char *, size_t, int); |
static char *sudo_askpass(const char *, const char *); |
static char *sudo_askpass(const char *, const char *); |
|
|
#ifdef _PATH_SUDO_ASKPASS |
|
const char *askpass_path = _PATH_SUDO_ASKPASS; |
|
#else |
|
const char *askpass_path; |
|
#endif |
|
|
|
/* |
/* |
* Like getpass(3) but with timeout and echo flags. |
* Like getpass(3) but with timeout and echo flags. |
*/ |
*/ |
Line 77 tgetpass(const char *prompt, int timeout, int flags)
|
Line 71 tgetpass(const char *prompt, int timeout, int flags)
|
sigaction_t savetstp, savettin, savettou, savepipe; |
sigaction_t savetstp, savettin, savettou, savepipe; |
char *pass; |
char *pass; |
static const char *askpass; |
static const char *askpass; |
static char buf[SUDO_PASS_MAX + 1]; | static char buf[SUDO_CONV_REPL_MAX + 1]; |
int i, input, output, save_errno, neednl = 0, need_restart; |
int i, input, output, save_errno, neednl = 0, need_restart; |
|
debug_decl(tgetpass, SUDO_DEBUG_CONV) |
|
|
(void) fflush(stdout); |
(void) fflush(stdout); |
|
|
if (askpass == NULL) { |
if (askpass == NULL) { |
askpass = getenv("SUDO_ASKPASS"); | askpass = getenv_unhooked("SUDO_ASKPASS"); |
if (askpass == NULL || *askpass == '\0') |
if (askpass == NULL || *askpass == '\0') |
askpass = askpass_path; | askpass = sudo_conf_askpass_path(); |
} |
} |
|
|
/* If no tty present and we need to disable echo, try askpass. */ |
/* If no tty present and we need to disable echo, try askpass. */ |
if (!ISSET(flags, TGP_STDIN|TGP_ECHO|TGP_ASKPASS|TGP_NOECHO_TRY) && |
if (!ISSET(flags, TGP_STDIN|TGP_ECHO|TGP_ASKPASS|TGP_NOECHO_TRY) && |
!tty_present()) { |
!tty_present()) { |
if (askpass == NULL || getenv("DISPLAY") == NULL) { | if (askpass == NULL || getenv_unhooked("DISPLAY") == NULL) { |
warningx(_("no tty present and no askpass program specified")); |
warningx(_("no tty present and no askpass program specified")); |
return NULL; | debug_return_str(NULL); |
} |
} |
SET(flags, TGP_ASKPASS); |
SET(flags, TGP_ASKPASS); |
} |
} |
Line 101 tgetpass(const char *prompt, int timeout, int flags)
|
Line 96 tgetpass(const char *prompt, int timeout, int flags)
|
/* If using a helper program to get the password, run it instead. */ |
/* If using a helper program to get the password, run it instead. */ |
if (ISSET(flags, TGP_ASKPASS)) { |
if (ISSET(flags, TGP_ASKPASS)) { |
if (askpass == NULL || *askpass == '\0') |
if (askpass == NULL || *askpass == '\0') |
errorx(1, _("no askpass program specified, try setting SUDO_ASKPASS")); | fatalx(_("no askpass program specified, try setting SUDO_ASKPASS")); |
return sudo_askpass(askpass, prompt); | debug_return_str_masked(sudo_askpass(askpass, prompt)); |
} |
} |
|
|
restart: |
restart: |
Line 133 restart:
|
Line 128 restart:
|
* Catch signals that would otherwise cause the user to end |
* Catch signals that would otherwise cause the user to end |
* up with echo turned off in the shell. |
* up with echo turned off in the shell. |
*/ |
*/ |
zero_bytes(&sa, sizeof(sa)); | memset(&sa, 0, sizeof(sa)); |
sigemptyset(&sa.sa_mask); |
sigemptyset(&sa.sa_mask); |
sa.sa_flags = SA_INTERRUPT; /* don't restart system calls */ |
sa.sa_flags = SA_INTERRUPT; /* don't restart system calls */ |
sa.sa_handler = handler; | sa.sa_handler = tgetpass_handler; |
(void) sigaction(SIGALRM, &sa, &savealrm); |
(void) sigaction(SIGALRM, &sa, &savealrm); |
(void) sigaction(SIGINT, &sa, &saveint); |
(void) sigaction(SIGINT, &sa, &saveint); |
(void) sigaction(SIGHUP, &sa, &savehup); |
(void) sigaction(SIGHUP, &sa, &savehup); |
Line 203 restore:
|
Line 198 restore:
|
|
|
if (save_errno) |
if (save_errno) |
errno = save_errno; |
errno = save_errno; |
return pass; | |
| debug_return_str_masked(pass); |
} |
} |
|
|
/* |
/* |
Line 212 restore:
|
Line 208 restore:
|
static char * |
static char * |
sudo_askpass(const char *askpass, const char *prompt) |
sudo_askpass(const char *askpass, const char *prompt) |
{ |
{ |
static char buf[SUDO_PASS_MAX + 1], *pass; | static char buf[SUDO_CONV_REPL_MAX + 1], *pass; |
sigaction_t sa, saved_sa_pipe; |
sigaction_t sa, saved_sa_pipe; |
int pfd[2]; |
int pfd[2]; |
pid_t pid; |
pid_t pid; |
|
debug_decl(sudo_askpass, SUDO_DEBUG_CONV) |
|
|
if (pipe(pfd) == -1) |
if (pipe(pfd) == -1) |
error(1, _("unable to create pipe")); | fatal(_("unable to create pipe")); |
|
|
if ((pid = fork()) == -1) |
if ((pid = fork()) == -1) |
error(1, _("unable to fork")); | fatal(_("unable to fork")); |
|
|
if (pid == 0) { |
if (pid == 0) { |
/* child, point stdout to output side of the pipe and exec askpass */ |
/* child, point stdout to output side of the pipe and exec askpass */ |
Line 229 sudo_askpass(const char *askpass, const char *prompt)
|
Line 226 sudo_askpass(const char *askpass, const char *prompt)
|
warning("dup2"); |
warning("dup2"); |
_exit(255); |
_exit(255); |
} |
} |
(void) setuid(ROOT_UID); | if (setuid(ROOT_UID) == -1) |
| warning("setuid(%d)", ROOT_UID); |
if (setgid(user_details.gid)) { |
if (setgid(user_details.gid)) { |
warning(_("unable to set gid to %u"), (unsigned int)user_details.gid); |
warning(_("unable to set gid to %u"), (unsigned int)user_details.gid); |
_exit(255); |
_exit(255); |
Line 245 sudo_askpass(const char *askpass, const char *prompt)
|
Line 243 sudo_askpass(const char *askpass, const char *prompt)
|
} |
} |
|
|
/* Ignore SIGPIPE in case child exits prematurely */ |
/* Ignore SIGPIPE in case child exits prematurely */ |
zero_bytes(&sa, sizeof(sa)); | memset(&sa, 0, sizeof(sa)); |
sigemptyset(&sa.sa_mask); |
sigemptyset(&sa.sa_mask); |
sa.sa_flags = SA_INTERRUPT; |
sa.sa_flags = SA_INTERRUPT; |
sa.sa_handler = SIG_IGN; |
sa.sa_handler = SIG_IGN; |
Line 257 sudo_askpass(const char *askpass, const char *prompt)
|
Line 255 sudo_askpass(const char *askpass, const char *prompt)
|
(void) close(pfd[0]); |
(void) close(pfd[0]); |
(void) sigaction(SIGPIPE, &saved_sa_pipe, NULL); |
(void) sigaction(SIGPIPE, &saved_sa_pipe, NULL); |
|
|
return pass; | if (pass == NULL) |
| errno = EINTR; /* make cancel button simulate ^C */ |
| |
| debug_return_str_masked(pass); |
} |
} |
|
|
extern int term_erase, term_kill; |
extern int term_erase, term_kill; |
Line 269 getln(int fd, char *buf, size_t bufsiz, int feedback)
|
Line 270 getln(int fd, char *buf, size_t bufsiz, int feedback)
|
ssize_t nr = -1; |
ssize_t nr = -1; |
char *cp = buf; |
char *cp = buf; |
char c = '\0'; |
char c = '\0'; |
|
debug_decl(getln, SUDO_DEBUG_CONV) |
|
|
if (left == 0) { |
if (left == 0) { |
errno = EINVAL; |
errno = EINVAL; |
return NULL; /* sanity */ | debug_return_str(NULL); /* sanity */ |
} |
} |
|
|
while (--left) { |
while (--left) { |
Line 297 getln(int fd, char *buf, size_t bufsiz, int feedback)
|
Line 299 getln(int fd, char *buf, size_t bufsiz, int feedback)
|
} |
} |
continue; |
continue; |
} |
} |
if (write(fd, "*", 1) == -1) | ignore_result(write(fd, "*", 1)); |
/* shut up glibc */; | |
} |
} |
*cp++ = c; |
*cp++ = c; |
} |
} |
Line 312 getln(int fd, char *buf, size_t bufsiz, int feedback)
|
Line 313 getln(int fd, char *buf, size_t bufsiz, int feedback)
|
} |
} |
} |
} |
|
|
return nr == 1 ? buf : NULL; | debug_return_str_masked(nr == 1 ? buf : NULL); |
} |
} |
|
|
static void |
static void |
handler(int s) | tgetpass_handler(int s) |
{ |
{ |
if (s != SIGALRM) |
if (s != SIGALRM) |
signo[s] = 1; |
signo[s] = 1; |
Line 326 int
|
Line 327 int
|
tty_present(void) |
tty_present(void) |
{ |
{ |
int fd; |
int fd; |
|
debug_decl(tty_present, SUDO_DEBUG_UTIL) |
|
|
if ((fd = open(_PATH_TTY, O_RDWR|O_NOCTTY)) != -1) |
if ((fd = open(_PATH_TTY, O_RDWR|O_NOCTTY)) != -1) |
close(fd); |
close(fd); |
return fd != -1; | debug_return_bool(fd != -1); |
} |
} |