src/ask-password.c

   1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
   2
   3 /***
   4   This file is part of systemd.
   5
   6   Copyright 2010 Lennart Poettering
   7
   8   systemd is free software; you can redistribute it and/or modify it
   9   under the terms of the GNU General Public License as published by
  10   the Free Software Foundation; either version 2 of the License, or
  11   (at your option) any later version.
  12
  13   systemd is distributed in the hope that it will be useful, but
  14   WITHOUT ANY WARRANTY; without even the implied warranty of
  15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  16   General Public License for more details.
  17
  18   You should have received a copy of the GNU General Public License
  19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
  20 ***/
  21
  22 #include <sys/socket.h>
  23 #include <sys/poll.h>
  24 #include <sys/types.h>
  25 #include <assert.h>
  26 #include <string.h>
  27 #include <errno.h>
  28 #include <unistd.h>
  29 #include <fcntl.h>
  30 #include <sys/un.h>
  31 #include <sys/stat.h>
  32 #include <sys/signalfd.h>
  33 #include <getopt.h>
  34
  35 #include "log.h"
  36 #include "macro.h"
  37 #include "util.h"
  38
  39 static const char *arg_icon = NULL;
  40 static const char *arg_message = NULL;
  41 static usec_t arg_timeout = 60 * USEC_PER_SEC;
  42
  43 static int create_socket(char **name) {
  44         int fd;
  45         union {
  46                 struct sockaddr sa;
  47                 struct sockaddr_un un;
  48         } sa;
  49         int one = 1, r;
  50         char *c;
  51
  52         assert(name);
  53
  54         if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0)) < 0) {
  55                 log_error("socket() failed: %m");
  56                 return -errno;
  57         }
  58
  59         zero(sa);
  60         sa.un.sun_family = AF_UNIX;
  61         snprintf(sa.un.sun_path+1, sizeof(sa.un.sun_path)-1, "/org/freedesktop/systemd1/ask-password/%llu", random_ull());
  62
  63         if (bind(fd, &sa.sa, sizeof(sa_family_t) + 1 + strlen(sa.un.sun_path+1)) < 0) {
  64                 r = -errno;
  65                 log_error("bind() failed: %m");
  66                 goto fail;
  67         }
  68
  69         if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0) {
  70                 r = -errno;
  71                 log_error("SO_PASSCRED failed: %m");
  72                 goto fail;
  73         }
  74
  75         if (!(c = strdup(sa.un.sun_path+1))) {
  76                 r = -ENOMEM;
  77                 log_error("Out of memory");
  78                 goto fail;
  79         }
  80
  81         *name = c;
  82         return fd;
  83
  84 fail:
  85         close_nointr_nofail(fd);
  86
  87         return r;
  88 }
  89
  90 static int help(void) {
  91
  92         printf("%s [OPTIONS...] MESSAGE\n\n"
  93                "Query the user for a passphrase.\n\n"
  94                "  -h --help         Show this help\n"
  95                "     --icon=NAME    Icon name\n"
  96                "     --timeout=USEC Timeout in usec\n",
  97                program_invocation_short_name);
  98
  99         return 0;
 100 }
 101
 102 static int parse_argv(int argc, char *argv[]) {
 103
 104         enum {
 105                 ARG_ICON = 0x100,
 106                 ARG_TIMEOUT
 107         };
 108
 109         static const struct option options[] = {
 110                 { "help",      no_argument,       NULL, 'h'         },
 111                 { "icon",      required_argument, NULL, ARG_ICON    },
 112                 { "timeout",   required_argument, NULL, ARG_TIMEOUT },
 113                 { NULL,        0,                 NULL, 0           }
 114         };
 115
 116         int c;
 117
 118         assert(argc >= 0);
 119         assert(argv);
 120
 121         while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0) {
 122
 123                 switch (c) {
 124
 125                 case 'h':
 126                         help();
 127                         return 0;
 128
 129                 case ARG_ICON:
 130                         arg_icon = optarg;
 131                         break;
 132
 133                 case ARG_TIMEOUT:
 134                         if (parse_usec(optarg, &arg_timeout) < 0 || arg_timeout <= 0) {
 135                                 log_error("Failed to parse --timeout parameter %s", optarg);
 136                                 return -EINVAL;
 137                         }
 138                         break;
 139
 140                 case '?':
 141                         return -EINVAL;
 142
 143                 default:
 144                         log_error("Unknown option code %c", c);
 145                         return -EINVAL;
 146                 }
 147         }
 148
 149         if (optind != argc-1) {
 150                 help();
 151                 return -EINVAL;
 152         }
 153
 154         arg_message = argv[optind];
 155         return 0;
 156 }
 157
 158 int main(int argc, char *argv[]) {
 159         char temp[] = "/dev/.systemd/ask-password/tmp.XXXXXX";
 160         char final[sizeof(temp)] = "";
 161         int fd = -1, r = EXIT_FAILURE, k;
 162         FILE *f = NULL;
 163         char *socket_name = NULL;
 164         int socket_fd, signal_fd;
 165         sigset_t mask;
 166         usec_t not_after;
 167
 168         log_parse_environment();
 169         log_open();
 170
 171         if ((k = parse_argv(argc, argv)) < 0) {
 172                 r = k < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
 173                 goto finish;
 174         }
 175
 176         if ((fd = mkostemp(temp, O_CLOEXEC|O_CREAT|O_WRONLY)) < 0) {
 177                 log_error("Failed to create password file: %m");
 178                 goto finish;
 179         }
 180
 181         fchmod(fd, 0644);
 182
 183         if (!(f = fdopen(fd, "w"))) {
 184                 log_error("Failed to allocate FILE: %m");
 185                 goto finish;
 186         }
 187
 188         fd = -1;
 189
 190         assert_se(sigemptyset(&mask) == 0);
 191         sigset_add_many(&mask, SIGINT, SIGTERM, -1);
 192         assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
 193
 194         if ((signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC)) < 0) {
 195                 log_error("signalfd(): %m");
 196                 goto finish;
 197         }
 198
 199         if ((socket_fd = create_socket(&socket_name)) < 0)
 200                 goto finish;
 201
 202         not_after = now(CLOCK_MONOTONIC) + arg_timeout;
 203
 204         fprintf(f,
 205                 "[Ask]\n"
 206                 "Socket=%s\n"
 207                 "NotAfter=%llu\n",
 208                 socket_name,
 209                 (unsigned long long) not_after);
 210
 211         if (arg_message)
 212                 fprintf(f, "Message=%s\n", arg_message);
 213
 214         if (arg_icon)
 215                 fprintf(f, "Icon=%s\n", arg_icon);
 216
 217         fflush(f);
 218
 219         if (ferror(f)) {
 220                 log_error("Failed to write query file: %m");
 221                 goto finish;
 222         }
 223
 224         memcpy(final, temp, sizeof(temp));
 225
 226         final[sizeof(final)-11] = 'a';
 227         final[sizeof(final)-10] = 's';
 228         final[sizeof(final)-9] = 'k';
 229
 230         if (rename(temp, final) < 0) {
 231                 log_error("Failed to rename query file: %m");
 232                 goto finish;
 233         }
 234
 235         for (;;) {
 236                 enum {
 237                         FD_SOCKET,
 238                         FD_SIGNAL,
 239                         _FD_MAX
 240                 };
 241
 242                 char passphrase[LINE_MAX+1];
 243                 struct msghdr msghdr;
 244                 struct iovec iovec;
 245                 struct ucred *ucred;
 246                 union {
 247                         struct cmsghdr cmsghdr;
 248                         uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
 249                 } control;
 250                 ssize_t n;
 251                 struct pollfd pollfd[_FD_MAX];
 252
 253                 zero(pollfd);
 254                 pollfd[FD_SOCKET].fd = socket_fd;
 255                 pollfd[FD_SOCKET].events = POLLIN;
 256                 pollfd[FD_SIGNAL].fd = signal_fd;
 257                 pollfd[FD_SIGNAL].events = POLLIN;
 258
 259                 if ((k = poll(pollfd, 2, arg_timeout/USEC_PER_MSEC)) < 0) {
 260
 261                         if (errno == EINTR)
 262                                 continue;
 263
 264                         log_error("poll() failed: %s", strerror(-r));
 265                         goto finish;
 266                 }
 267
 268                 if (k <= 0) {
 269                         log_notice("Timed out");
 270                         goto finish;
 271                 }
 272
 273                 if (pollfd[FD_SIGNAL].revents & POLLIN)
 274                         break;
 275
 276                 if (pollfd[FD_SOCKET].revents != POLLIN) {
 277                         log_error("Unexpected poll() event.");
 278                         goto finish;
 279                 }
 280
 281                 zero(iovec);
 282                 iovec.iov_base = passphrase;
 283                 iovec.iov_len = sizeof(passphrase)-1;
 284
 285                 zero(control);
 286                 zero(msghdr);
 287                 msghdr.msg_iov = &iovec;
 288                 msghdr.msg_iovlen = 1;
 289                 msghdr.msg_control = &control;
 290                 msghdr.msg_controllen = sizeof(control);
 291
 292                 if ((n = recvmsg(socket_fd, &msghdr, 0)) < 0) {
 293
 294                         if (errno == EAGAIN ||
 295                             errno == EINTR)
 296                                 continue;
 297
 298                         log_error("recvmsg() failed: %m");
 299                         goto finish;
 300                 }
 301
 302                 if (n <= 0) {
 303                         log_error("Message too short");
 304                         continue;
 305                 }
 306
 307                 if (msghdr.msg_controllen < CMSG_LEN(sizeof(struct ucred)) ||
 308                     control.cmsghdr.cmsg_level != SOL_SOCKET ||
 309                     control.cmsghdr.cmsg_type != SCM_CREDENTIALS ||
 310                     control.cmsghdr.cmsg_len != CMSG_LEN(sizeof(struct ucred))) {
 311                         log_warning("Received message without credentials. Ignoring.");
 312                         continue;
 313                 }
 314
 315                 ucred = (struct ucred*) CMSG_DATA(&control.cmsghdr);
 316                 if (ucred->uid != 0) {
 317                         log_warning("Got request from unprivileged user. Ignoring.");
 318                         continue;
 319                 }
 320
 321                 if (passphrase[0] == '+') {
 322                         passphrase[n] = 0;
 323                         fputs(passphrase+1, stdout);
 324                 } else if (passphrase[0] == '-')
 325                         goto finish;
 326                 else {
 327                         log_error("Invalid packet");
 328                         continue;
 329                 }
 330
 331                 break;
 332         }
 333
 334         r = EXIT_SUCCESS;
 335
 336 finish:
 337         if (fd >= 0)
 338                 close_nointr_nofail(fd);
 339
 340         if (socket_fd >= 0)
 341                 close_nointr_nofail(socket_fd);
 342
 343         if (f)
 344                 fclose(f);
 345
 346         unlink(temp);
 347
 348         if (final[0])
 349                 unlink(final);
 350
 351         return r;
 352 }