X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=userv.git;a=blobdiff_plain;f=process.c;h=fa8302f93c4e8b41b3a979686c8a4c7b40e96dcd;hp=b091f4e5b8876b490f6159eb0a0f071eac07a51d;hb=HEAD;hpb=4544c87c6355037a095e296b5280ccb3ff25ac4b
diff --git a/process.c b/process.c
index b091f4e..2a2955e 100644
--- a/process.c
+++ b/process.c
@@ -2,11 +2,12 @@
* userv - process.c
* daemon code to process one request (is parent of service process)
*
- * Copyright (C)1996-1997 Ian Jackson
+ * userv is copyright Ian Jackson and other contributors.
+ * See README for full authorship information.
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
@@ -15,8 +16,7 @@
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with userv; if not, write to the Free Software
- * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * along with userv; if not, see .
*/
/*
@@ -49,17 +49,19 @@
#include
#include
#include
-#include
#include
+#include
#include
+#include
+#include
#include
-#include
#include
#include
#include
#include "config.h"
#include "common.h"
+#include "both.h"
#include "daemon.h"
#include "lib.h"
#include "tokens.h"
@@ -73,7 +75,7 @@ int fdarraysize, fdarrayused;
int restfdwantstate= tokv_word_rejectfd, restfdwantrw;
int service_ngids;
char **argarray;
-char *serviceuser, *service, *logname, *cwd;
+char *serviceuser, *service, *loginname, *cwd;
char *overridedata, *userrcfile;
char *serviceuser_dir, *serviceuser_shell, *callinguser_shell;
gid_t *calling_gids, *service_gids;
@@ -147,7 +149,7 @@ static void xfflush(FILE *file) {
static void xfread(void *p, size_t sz) {
size_t nr;
- nr= fread(p,1,sz,srfile); if (nr == sz) return;
+ nr= working_fread(p,sz,srfile); if (nr == sz) return;
if (ferror(srfile)) syscallerror("reading from client");
blocksignals();
assert(feof(srfile));
@@ -269,8 +271,18 @@ void NONRETURNING disconnect(int exitstatus) {
_exit(exitstatus);
}
-static void NONRETURNING sighandler_chld(int ignored) {
+static void reporttermination(int status) {
struct progress_msg progress_mbuf;
+
+ memset(&progress_mbuf,0,sizeof(progress_mbuf));
+ progress_mbuf.magic= PROGRESS_MAGIC;
+ progress_mbuf.type= pt_terminated;
+ progress_mbuf.data.terminated.status= status;
+ xfwrite(&progress_mbuf,sizeof(progress_mbuf),swfile);
+ xfflush(swfile);
+}
+
+static void NONRETURNING sighandler_chld(int ignored) {
int status;
pid_t returned;
@@ -280,13 +292,7 @@ static void NONRETURNING sighandler_chld(int ignored) {
if (returned!=child) syscallerror("spurious child process");
child= childtokill= -1;
- memset(&progress_mbuf,0,sizeof(progress_mbuf));
- progress_mbuf.magic= PROGRESS_MAGIC;
- progress_mbuf.type= pt_terminated;
- progress_mbuf.data.terminated.status= status;
- xfwrite(&progress_mbuf,sizeof(progress_mbuf),swfile);
- xfflush(swfile);
-
+ reporttermination(status);
syslog(LOG_INFO,"service completed (status %d %d)",(status>>8)&0x0ff,status&0x0ff);
_exit(0);
}
@@ -413,7 +419,7 @@ static void receive_request(void) {
serviceuser= xfreadsetstring(request_mbuf.serviceuserlen);
service= xfreadsetstring(request_mbuf.servicelen);
assert(request_mbuf.spoofed==0 || request_mbuf.spoofed==1);
- logname= xfreadsetstring(request_mbuf.lognamelen);
+ loginname= xfreadsetstring(request_mbuf.loginnamelen);
cwd= xfreadsetstring(request_mbuf.cwdlen);
if (request_mbuf.overridelen >= 0) {
assert(request_mbuf.overridelen <= MAX_OVERRIDE_LEN);
@@ -437,6 +443,8 @@ static void receive_request(void) {
assert(fdarray[fd].iswrite == -1);
fdarray[fd].iswrite= (i>=request_mbuf.nreadfds);
}
+ /* fdarray[].iswrite now set; rest is still blank
+ * (ie want reject read, no realfd holdfd). */
assert(request_mbuf.nargs <= MAX_ARGSDEFVAR);
argarray= xmalloc(sizeof(char*)*(request_mbuf.nargs));
@@ -476,6 +484,14 @@ static void establish_pipes(void) {
if (unlink(pipepathbuf)) syscallerror("unlink pipe");
if (close(tempfd)) syscallerror("close prelim fd onto pipe");
}
+ /* Now fdarray[].realfd is pipe end for service in case service
+ * wants it. If it's an input pipe, then .holdfd is the other
+ * (writing) end of the pipe - we keep it around so that the service
+ * doesn't get an apparently clean EOF if the caller disappears (eg
+ * due to a file read error) or the like (ie so that on disconnect
+ * we can guarantee to send the service SIGHUP before it gets EOF on
+ * the input fd). Otherwise, .holdfd=-1.
+ */
}
static void groupnames(int ngids, gid_t *gids, const char ***names_r) {
@@ -495,9 +511,9 @@ static void groupnames(int ngids, gid_t *gids, const char ***names_r) {
static void lookup_uidsgids(void) {
struct passwd *pw;
- pw= getpwnam(logname);
+ pw= getpwnam(loginname);
if (!pw) miscerror("look up calling user");
- assert(!strcmp(pw->pw_name,logname));
+ assert(!strcmp(pw->pw_name,loginname));
callinguser_shell= xstrsave(pw->pw_shell);
pw= getpwnam(serviceuser);
@@ -639,7 +655,6 @@ static void check_fds(void) {
case tokv_word_requirefd:
if (fdarray[fd].realfd == -1)
failure("file descriptor %d required but not provided",fd);
- assert(fdarray[fd].holdfd == -1);
/* fall through */
case tokv_word_allowfd:
if (fdarray[fd].realfd == -1) {
@@ -656,6 +671,10 @@ static void check_fds(void) {
}
}
}
+ /* Now fdarray[].realfd is exactly what service wants: pipe end or
+ * /dev/null or -1. If .realfd is not -1 then .holdfd may be the fd
+ * for the writing end of the corresponding pipe.
+ */
}
static void send_progress_ok(void) {
@@ -722,7 +741,7 @@ void servicerequest(int sfd) {
debug_dumprequest(mypid);
syslog(LOG_INFO,"%s %s -> %s %c %s",
request_mbuf.spoofed ? "spoof" : "user",
- logname, serviceuser, overridedata?'!':':', service);
+ loginname, serviceuser, overridedata?'!':':', service);
if (overridedata)
r= parse_string(TOPLEVEL_OVERRIDDEN_CONFIGURATION,
@@ -744,6 +763,18 @@ void servicerequest(int sfd) {
getevent(&event_mbuf);
assert(event_mbuf.type == et_confirm);
+ if (execbuiltin == bisexec_shutdown && !serviceuser_uid) {
+ /* The check for the uid is just so we can give a nice
+ * error message (in the actual code for bisexec_shutdown).
+ * If this is spoofed somehow then the unlink() will simply fail.
+ */
+ r= unlink(RENDEZVOUSPATH);
+ if (r) syscallfailure("remove rendezvous socket %s",RENDEZVOUSPATH);
+ syslog(LOG_NOTICE,"arranging for termination, due to client request");
+ reporttermination(0);
+ _exit(10);
+ }
+
fork_service_synch();
getevent(&event_mbuf);