* userv - client.c
* client code
*
- * Copyright (C)1996-1997 Ian Jackson
+ * Copyright (C)1996-1997,1999-2001,2003 Ian Jackson
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by
static gid_t mygid, spoofgid, *gidarray;
static int ngids;
static struct opening_msg opening_mbuf;
-static const char *logname;
+static const char *loginname;
static char *cwdbuf;
static size_t cwdbufsize;
static char *ovbuf;
exit(-1);
}
-static void NONRETURNPRINTFFORMAT(1,2) syscallerror(const char *fmt, ...) {
+static void NONRETURNPRINTFFORMAT(1,2) fsyscallerror(const char *fmt, ...) {
va_list al;
int e;
exit(-1);
}
+void syscallerror(const char *what) {
+ fsyscallerror("%s",what);
+}
+
static void NONRETURNING protoreaderror(FILE *file, const char *where) {
int e;
for (i=0; i<progress_r->data.errmsg.messagelen; i++) {
c= working_getc(file);
if (c==EOF) protoreaderror(file,"in error message");
- if (isprint(c)) putc(c,stderr);
+ if (ISCHAR(isprint,c)) putc(c,stderr);
else fprintf(stderr,"\\x%02x",(unsigned char)c);
}
putc('\n',stderr);
* the signal asynchronicity starts. They can do anything they like.
*/
-static void *xmalloc(size_t s) {
- void *p;
- p= malloc(s?s:1);
- if (!p) syscallerror("malloc (%lu bytes)",(unsigned long)s);
- return p;
-}
-
-static void *xrealloc(void *p, size_t s) {
- p= realloc(p,s);
- if (!p) syscallerror("realloc (%lu bytes)",(unsigned long)s);
- return p;
-}
+/* This includes xmalloc and xrealloc from both.c */
static void xfwritestring(const char *s, FILE *file) {
int l;
event_mbuf.type= et_disconnect;
r= fwrite(&event_mbuf,1,sizeof(event_mbuf),swfile);
if ((r != sizeof(event_mbuf) || fflush(swfile)) && errno != EPIPE)
- syscallerror("write to server when disconnecting\n");
+ syscallerror("write to server when disconnecting");
}
systemerror= 1;
}
optionfunction *fn;
};
-static void usage(void) {
+static void usage(FILE *stream) {
if (fputs(
"usage: userv <options> [--] <service-user> <service-name> [<argument> ...]\n"
"usage: userv <options> -B|--builtin [--] <builtin-service> [<info-argument> ...]\n"
" -t|--timeout <seconds>\n"
" -S|--signals <status>|number|number-nocore|highbit|stdout\n"
" -w|--fdwait <fd>=wait|nowait|close\n"
- " -P|--sigpipe -H|--hidecwd -h|--help --copyright\n"
+ " -P|--sigpipe -H|--hidecwd -h|--help|--version --copyright\n"
" --override <configuration-data> } available only\n"
" --override-file <filename> } to root\n"
" --spoof-user <username> } or same user\n"
"fdmodifiers: read write overwrite trunc[ate]\n"
- "(separate with commas) append sync excl[usive] creat[e] fd\n\n"
- "userv and uservd version " VERSION VEREXT "; copyright (C)1996-1997 Ian Jackson.\n"
+ "(separate with commas) append sync excl[usive] creat[e] fd\n"
+ "userv -B 'X' ... is same as userv --override 'execute-builtin X' - 'X' ...\n"
+ " for help, type `userv -B help'; remember to quote multi-word X\n"
+ "userv and uservd version " VERSION VEREXT "; copyright (C)1996-1999 Ian Jackson.\n"
"there is NO WARRANTY; type `userv --copyright' for details.\n",
- stderr) < 0)
- syscallerror("write usage to stderr");
+ stream) < 0)
+ syscallerror("write usage message");
}
static void NONRETURNPRINTFFORMAT(1,2) usageerror(const char *fmt, ...) {
fputs("userv: ",stderr);
vfprintf(stderr,fmt,al);
fputs("\n\n",stderr);
- usage();
+ usage(stderr);
exit(-1);
}
{ 0 }
};
-static void addfdmodifier(int fd, const char *key) {
+static void addfdmodifier(int fd, const char *key, size_t key_len) {
const struct fdmodifierinfo *fdmip;
if (!*key) return;
- for (fdmip= fdmodifierinfos; fdmip->string && strcmp(fdmip->string,key); fdmip++);
- if (!fdmip->string) usageerror("unknown fdmodifer `%s' for fd %d",key,fd);
+ for (fdmip= fdmodifierinfos;
+ fdmip->string &&
+ !(strlen(fdmip->string) == key_len &&
+ !memcmp(fdmip->string,key,key_len));
+ fdmip++);
+ if (!fdmip->string) usageerror("unknown fdmodifer `%.*s' for fd %d",
+ (int)key_len,key,fd);
if (fdmip->conflicts & fdsetup[fd].mods)
- usageerror("fdmodifier `%s' conflicts with another for fd %d",key,fd);
+ usageerror("fdmodifier `%.*s' conflicts with another for fd %d",
+ (int)key_len,key,fd);
fdsetup[fd].mods |= fdmip->implies;
fdsetup[fd].oflags |= fdmip->oflags;
}
-static int fdstdnumber(const char *string) {
- if (!strcmp(string,"stdin")) return 0;
- else if (!strcmp(string,"stdout")) return 1;
- else if (!strcmp(string,"stderr")) return 2;
- else return -1;
+static void addfdmodifier_fixed(int fd, const char *key) {
+ addfdmodifier(fd, key, strlen(key));
}
+static int fdstdnumber(const char *string, const char **delim_r) {
+#define FN(v,s) do{ \
+ if (!memcmp(string,s,sizeof(s)-1)) { \
+ *delim_r= string+sizeof(s)-1; \
+ return v; \
+ } \
+ }while(0)
+
+ FN(0,"stdin");
+ FN(1,"stdout");
+ FN(2,"stderr");
+
+ return -1;
+}
+
+static int strtofd(const char *string,
+ const char **mods_r /* 0: no modifiers, must go to end */,
+ const char *what) {
+ int fd;
+ unsigned long ul;
+ char *delim_v;
+ const char *mods;
+
+ fd= fdstdnumber(string,&mods);
+ if (fd>=0) {
+ if (*mods && *mods != ',')
+ usageerror("%s, when it is `stdin', `stdout' or `stderr',"
+ " must be delimited with a comma from any following"
+ " modifiers - `%s' is not permitted",
+ what, mods);
+ goto parsed;
+ }
+
+ errno= 0;
+ ul= strtoul(string,&delim_v,10);
+ if (errno || delim_v == string || ul > INT_MAX)
+ usageerror("%s must be must be numeric file descriptor"
+ " or `stdin', `stdout' or `stderr'"
+ " - `%s' is not recognized",
+ what, string);
+ mods= delim_v;
+ fd= ul;
+
+ parsed:
+ if (*mods==',')
+ mods++;
+
+ if (mods_r)
+ *mods_r= mods;
+ else if (*mods)
+ usageerror("%s must be must be only file descriptor"
+ " - trailing portion or modifiers `%s' not permitted",
+ what, mods);
+
+ if (fd > MAX_ALLOW_FD)
+ usageerror("%s file descriptor specified (%d)"
+ " is larger than maximum allowed (%d)",
+ what, fd, MAX_ALLOW_FD);
+
+ return fd;
+}
+
static void of_file(const struct optioninfo *oip, const char *value, char *key) {
unsigned long fd, copyfd;
struct stat stab;
int oldarraysize, r;
- char *delim;
-
- fd= strtoul(key,&delim,10);
- if (delim == key) {
- delim= strchr(key,',');
- if (delim) *delim++= 0;
- fd= fdstdnumber(key);
- if (fd<0) usageerror("first part of argument to -f or --file must be numeric "
- "file descriptor or `stdin', `stdout' or `stderr' - `%s' "
- "is not recognized",key);
- }
- if (fd > MAX_ALLOW_FD)
- usageerror("file descriptor specified (%lu) is larger than maximum allowed (%d)",
- fd,MAX_ALLOW_FD);
+ size_t mod_len;
+ const char *mods, *delim;
+
+ fd= strtofd(key,&mods,"first part of argument to -f or --file");
+
if (fd >= fdsetupsize) {
oldarraysize= fdsetupsize;
fdsetupsize+=2; fdsetupsize<<=1;
fdsetup[fd].oflags= 0;
fdsetup[fd].mods= 0;
fdsetup[fd].copyfd= -1;
- while (delim && *delim) {
- key= delim;
- delim= strchr(key,',');
- if (delim) *delim++= 0;
- addfdmodifier(fd,key);
+ while (mods && *mods) {
+ delim= strchr(mods,',');
+ mod_len= delim ? delim-mods : strlen(mods);
+ addfdmodifier(fd,mods,mod_len);
+ mods= delim ? delim+1 : 0;
}
if (!(fdsetup[fd].mods & (fdm_read|fdm_write))) {
if (fd == 0) {
- addfdmodifier(fd,"read");
+ addfdmodifier_fixed(fd,"read");
} else if (fdsetup[fd].mods & fdm_fd) {
- addfdmodifier(fd,"write");
+ addfdmodifier_fixed(fd,"write");
} else {
- addfdmodifier(fd,"overwrite");
+ addfdmodifier_fixed(fd,"overwrite");
}
}
if (fdsetup[fd].mods & fdm_fd) {
- copyfd= fdstdnumber(value);
- if (copyfd<0) {
- copyfd= strtoul(value,&delim,0);
- if (*delim)
- usageerror("value part of argument to --file with fd modifier must be "
- "numeric or fd name - `%s' is not recognised",value);
- else if (copyfd > MAX_ALLOW_FD)
- usageerror("file descriptor %lu named as target of file descriptor redirection"
- " (for file descriptor %lu) is larger than maximum allowed (%d)",
- copyfd,fd,MAX_ALLOW_FD);
- }
+ copyfd= strtofd(value,0,
+ "value part of argument to --file with fd modifier");
r= fstat(copyfd,&stab);
if (r) {
- if (oip) syscallerror("check filedescriptor %lu (named as target of file "
- "descriptor redirection for %lu)",copyfd,fd);
- else syscallerror("check basic filedescriptor %lu at program start",copyfd);
+ if (oip) fsyscallerror("check filedescriptor %lu (named as target of file "
+ "descriptor redirection for %lu)",copyfd,fd);
+ else fsyscallerror("check basic filedescriptor %lu at program start",copyfd);
}
fdsetup[fd].copyfd= copyfd;
}
static void of_fdwait(const struct optioninfo *oip, const char *value, char *key) {
const struct fdmodifierinfo *fdmip;
- unsigned long ul;
int fd;
- char *delim;
- fd= fdstdnumber(key);
- if (fd<0) {
- ul= strtoul(key,&delim,0);
- if (*delim) usageerror("first part of argument to --fdwait must be "
- "numeric or fd name - `%s' is not recognised",key);
- if (ul>MAX_ALLOW_FD) usageerror("first part of argument to --fdwait is too large");
- fd= ul;
- }
+ fd= strtofd(key,0,"first part of argument to --fdwait");
if (fd >= fdsetupsize || !fdsetup[fd].filename)
usageerror("file descriptor %d specified in --fdwait option is not open",fd);
for (fdmip= fdmodifierinfos; fdmip->string && strcmp(fdmip->string,value); fdmip++);
static void of_timeout(const struct optioninfo *oip, const char *value, char *key) {
char *endp;
unsigned long ul;
-
- ul= strtoul(value,&endp,0);
- if (*endp) usageerror("timeout value `%s' must be a plain decimal string",value);
+
+ errno= 0;
+ ul= strtoul(value,&endp,10);
+ if (errno || *endp)
+ usageerror("timeout value `%s' must be a plain decimal string",value);
if (ul>INT_MAX) usageerror("timeout value %lu too large",ul);
timeout= ul;
}
static void of_signals(const struct optioninfo *oip, const char *value, char *key) {
unsigned long numvalue;
char *endp;
-
- numvalue= strtoul(value,&endp,0);
- if (*endp) {
+
+ errno= 0;
+ numvalue= strtoul(value,&endp,10);
+ if (errno || *endp) {
if (!strcmp(value,"number")) signalsexit= se_number;
else if (!strcmp(value,"number-nocore")) signalsexit= se_numbernocore;
else if (!strcmp(value,"highbit")) signalsexit= se_highbit;
}
static void of_help(const struct optioninfo *oip, const char *value, char *key) {
- usage();
+ usage(stdout);
+ if (fclose(stdout)) syscallerror("fclose stdout after writing usage message");
+ exit(0);
+}
+
+static void of_version(const struct optioninfo *oip, const char *value, char *key) {
+ if (puts(VERSION VEREXT) == EOF || fclose(stdout))
+ syscallerror("write version number");
exit(0);
}
static void of_copyright(const struct optioninfo *oip, const char *value, char *key) {
if (fputs(
-" userv - user service daemon and client; copyright (C)1996-1997 Ian Jackson\n\n"
+" userv - user service daemon and client; copyright (C)1996-1999 Ian Jackson\n\n"
" This is free software; you can redistribute it and/or modify it under the\n"
" terms of the GNU General Public License as published by the Free Software\n"
" Foundation; either version 2 of the License, or (at your option) any\n"
" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General\n"
" Public License for more details.\n\n"
" You should have received a copy of the GNU General Public License along\n"
-" with userv; if not, write to Ian Jackson <ian@chiark.greenend.org.uk> or\n"
+" with userv; if not, write to Ian Jackson <ian@davenant.greenend.org.uk> or\n"
" to the Free Software Foundation, 59 Temple Place - Suite 330, Boston,\n"
" MA 02111-1307, USA.\n",
stdout) < 0) syscallerror("write usage to stderr");
{ 'H', "hidecwd", 0, of_hidecwd },
{ 'B', "builtin", 0, of_builtin },
{ 'h', "help", 0, of_help },
+ { 0, "version", 0, of_version },
{ 0, "copyright", 0, of_copyright },
{ 0, "override", 1, of_override },
{ 0, "override-file", 1, of_overridefile },
spoofuid= myuid;
spoofgid= mygid;
- logname= getenv("LOGNAME");
- if (!logname) logname= getenv("USER");
- if (logname) {
- pw= getpwnam(logname);
- if (!pw || pw->pw_uid != myuid) logname= 0;
+ loginname= getenv("LOGNAME");
+ if (!loginname) loginname= getenv("USER");
+ if (loginname) {
+ pw= getpwnam(loginname);
+ if (!pw || pw->pw_uid != myuid) loginname= 0;
}
- if (!logname) {
+ if (!loginname) {
pw= getpwuid(myuid); if (!pw) miscerror("cannot determine your login name");
- logname= pw->pw_name;
+ loginname= xstrsave(pw->pw_name);
}
- if (!strcmp(serviceuser,"-")) serviceuser= logname;
+ if (!strcmp(serviceuser,"-")) serviceuser= loginname;
pw= getpwnam(serviceuser);
if (!pw) miscerror("requested service user `%s' is not a user",serviceuser);
serviceuid= pw->pw_uid;
" the user who will be providing the service");
if (spoofuser) {
- logname= spoofuser;
- pw= getpwnam(logname);
- if (!pw) miscerror("spoofed login name `%s' is not valid",logname);
+ loginname= spoofuser;
+ pw= getpwnam(loginname);
+ if (!pw) miscerror("spoofed login name `%s' is not valid",loginname);
spoofuid= pw->pw_uid;
spoofgid= pw->pw_gid;
ngidssize= ngids; ngids= 0;
}
gidarray[ngids++]= spoofgid;
while ((gr= getgrent())) { /* ouch! getgrent has no error behaviour! */
- for (mem= gr->gr_mem; *mem && strcmp(*mem,logname); mem++);
+ for (mem= gr->gr_mem; *mem && strcmp(*mem,loginname); mem++);
if (!*mem) continue;
if (ngids>=ngidssize) {
if (ngids>=MAX_GIDS) miscerror("spoofed user is member of too many groups");
break;
case ot_file:
ovfile= fopen(overridevalue,"r");
- if (!ovfile) syscallerror("open overriding configuration file `%s'",overridevalue);
+ if (!ovfile) fsyscallerror("open overriding configuration file `%s'",overridevalue);
ovbuf= 0; ovavail= ovused= 0;
while ((c= getc(ovfile)) != EOF) {
if (!c) miscerror("overriding config file `%s' contains null(s)",overridevalue);
ovbuf[ovused++]= c;
}
if (ferror(ovfile) || fclose(ovfile))
- syscallerror("read overriding configuration file `%s'",overridevalue);
+ fsyscallerror("read overriding configuration file `%s'",overridevalue);
ovbuf= xrealloc(ovbuf,ovused+1);
ovbuf[ovused]= 0;
break;
if (errno == ECONNREFUSED || errno == ENOENT)
syscallerror("uservd daemon is not running - service not available");
if (errno != EINTR)
- syscallerror("unable to connect to uservd daemon: %m");
+ fsyscallerror("unable to connect to uservd daemon: %m");
}
return sfd;
assert(!pipepathbuf[PIPEPATHMAXLEN]);
priv_resume();
if (unlink(pipepathbuf) && errno != ENOENT)
- syscallerror("remove any old pipe `%s'",pipepathbuf);
+ fsyscallerror("remove any old pipe `%s'",pipepathbuf);
if (mkfifo(pipepathbuf,0600)) /* permissions are irrelevant */
- syscallerror("create pipe `%s'",pipepathbuf);
+ fsyscallerror("create pipe `%s'",pipepathbuf);
tempfd= open(pipepathbuf,O_RDWR);
- if (tempfd<0) syscallerror("prelim open pipe `%s' for read+write",pipepathbuf);
+ if (tempfd<0) fsyscallerror("prelim open pipe `%s' for read+write",pipepathbuf);
assert(fdsetup[fd].mods & (fdm_read|fdm_write));
fdsetup[fd].pipefd=
open(pipepathbuf, (fdsetup[fd].mods & fdm_read) ? O_WRONLY : O_RDONLY);
- if (fdsetup[fd].pipefd<0) syscallerror("real open pipe `%s'",pipepathbuf);
- if (close(tempfd)) syscallerror("close prelim fd onto pipe `%s'",pipepathbuf);
+ if (fdsetup[fd].pipefd<0) fsyscallerror("real open pipe `%s'",pipepathbuf);
+ if (close(tempfd)) fsyscallerror("close prelim fd onto pipe `%s'",pipepathbuf);
priv_suspend();
}
}
request_mbuf.clientpid= getpid();
request_mbuf.serviceuserlen= strlen(serviceuser);
request_mbuf.servicelen= strlen(argv[0]);
- request_mbuf.lognamelen= strlen(logname);
+ request_mbuf.loginnamelen= strlen(loginname);
request_mbuf.spoofed= spoofuser ? 1 : 0;
request_mbuf.cwdlen= cwdbufsize;
request_mbuf.callinguid= spoofuid;
xfwrite(&request_mbuf,sizeof(request_mbuf),swfile);
xfwrite(serviceuser,sizeof(*serviceuser)*request_mbuf.serviceuserlen,swfile);
xfwrite(argv[0],sizeof(*argv[0])*request_mbuf.servicelen,swfile);
- xfwrite(logname,sizeof(*logname)*request_mbuf.lognamelen,swfile);
+ xfwrite(loginname,sizeof(*loginname)*request_mbuf.loginnamelen,swfile);
xfwrite(cwdbuf,sizeof(*cwdbuf)*request_mbuf.cwdlen,swfile);
if (ovused>=0) xfwrite(ovbuf,sizeof(*ovbuf)*ovused,swfile);
xfwrite(&spoofgid,sizeof(gid_t),swfile);
if (alarm(timeout)<0) syscallerror("set up timeout alarm");
}
+
+static void close_unwanted_pipes(void) {
+ int fd;
+
+ for (fd=0; fd<fdsetupsize; fd++) {
+ if (!fdsetup[fd].filename) continue;
+ if (close(fdsetup[fd].pipefd)) fsyscallerror("close pipe fd for %d",fd);
+ if (fdsetup[fd].copyfd>2)
+ if (close(fdsetup[fd].copyfd))
+ if (errno != EBADF)
+ /* EBADF can be induced if cmd line specifies same fd twice */
+ fsyscallerror("close real fd for %d",fd);
+ }
+}
+
static void catdup(const char *which, int from, int to) {
if (dup2(from,to)<0) {
blocksignals(SIG_BLOCK);
fdsetup[fd].copyfd=
open(fdsetup[fd].filename,fdsetup[fd].oflags|O_NOCTTY,0777);
if (fdsetup[fd].copyfd<0)
- syscallerror("open file `%s' for fd %d",fdsetup[fd].filename,fd);
+ fsyscallerror("open file `%s' for fd %d",fdsetup[fd].filename,fd);
}
blocksignals(SIG_BLOCK);
child= fork();
fdsetup[fd].catpid= child;
blocksignals(SIG_UNBLOCK);
- if (child==-1) syscallerror("fork for cat for fd %d",fd);
+ if (child==-1) fsyscallerror("fork for cat for fd %d",fd);
if (!child) {
snprintf(catnamebuf,sizeof(catnamebuf),"cat fd%d",fd);
catnamebuf[sizeof(catnamebuf)-1]= 0;
reading= fdsetup[fd].mods & fdm_read;
catdup(catnamebuf, fdsetup[fd].copyfd, reading ? 0 : 1);
catdup(catnamebuf, fdsetup[fd].pipefd, reading ? 1 : 0);
+ close_unwanted_pipes();
execl("/bin/cat",catnamebuf,(char*)0);
fprintf(stderr,"userv: %s: cannot exec `cat': %s\n",catnamebuf,strerror(errno));
exit(-1);
}
- if (fdsetup[fd].copyfd>2)
- if (close(fdsetup[fd].copyfd)) syscallerror("close real fd for %d",fd);
- if (close(fdsetup[fd].pipefd)) syscallerror("close pipe fd for %d",fd);
}
+ close_unwanted_pipes();
}
static void server_sendconfirm(void) {
blocksignals(SIG_BLOCK);
for (fd=0; fd<fdsetupsize; fd++) {
if (!(fdsetup[fd].catpid!=-1 && (fdsetup[fd].mods & fdm_close))) continue;
- if (kill(fdsetup[fd].catpid,SIGKILL)) syscallerror("kill cat for %d",fd);
+ if (kill(fdsetup[fd].catpid,SIGKILL)) fsyscallerror("kill cat for %d",fd);
fdsetup[fd].killed= 1;
}
blocksignals(SIG_UNBLOCK);