soccera/rdo
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: soccera:4aab1431ed6c63457bdf2b3cb5dfba46a8732e37
Branches Tags
soccera:master
..
compare: soccera:c3f0b728bac99091908bf2f311258cd0c91e1620
Branches Tags
soccera:master

No commits in common. "4aab1431ed6c63457bdf2b3cb5dfba46a8732e37" and "c3f0b728bac99091908bf2f311258cd0c91e1620" have entirely different histories.
4aab1431ed ... c3f0b728ba

3 changed files with 38 additions and 72 deletions
Show stats Expand all files Collapse all files

10
Makefile
View file

@ -15,15 +15,15 @@ debug: rdo.c
${CC} ${CFLAGS_DEBUG} rdo.c -o rdo ${LIBS}
install: rdo
cp rdo ${DESTDIR}/usr/local/bin/rdo
chown 0:0 ${DESTDIR}/usr/local/bin/rdo
chmod 755 ${DESTDIR}/usr/local/bin/rdo
chmod u+s ${DESTDIR}/usr/local/bin/rdo
cp rdo ${DESTDIR}/usr/bin/rdo
chown root:root ${DESTDIR}/usr/bin/rdo
chmod 755 ${DESTDIR}/usr/bin/rdo
chmod u+s ${DESTDIR}/usr/bin/rdo
cp rdo_sample.conf ${DESTDIR}/etc/rdo.conf
chmod 600 ${DESTDIR}/etc/rdo.conf
uninstall:
rm /usr/local/bin/rdo
rm /usr/bin/rdo
rm /etc/rdo.conf
clean:

24
rdo.c
View file

@ -1,6 +1,7 @@
#include <pwd.h>
#include <grp.h>
#include <err.h>
#include <crypt.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
@ -13,7 +14,7 @@
#include "readpassphrase.h"
#include "sessions.h"
#define VERSION "1.4.3"
#define VERSION "1.4.2"
char* getpwhash(struct passwd* pw) {
if (pw->pw_passwd[0] != 'x')
@ -33,23 +34,22 @@ char* getpwhash(struct passwd* pw) {
void getconf(FILE* fp, const char* entry, char* result, size_t len_result) {
char* line = NULL;
size_t len = 0;
size_t entry_len = strlen(entry);
fseek(fp, 0, SEEK_SET);
while (getline(&line, &len, fp) != -1) {
if (strncmp(line, entry, entry_len) == 0 &&
(line[entry_len] == '=')) {
char* value = line + entry_len + 1;
value[strcspn(value, "\n")] = 0;
strncpy(result, value, len_result);
result[len_result - 1] = '\0';
if (strncmp(entry, line, strlen(entry)) == 0) {
strtok(line, "=");
char* token = strtok(NULL, "=");
if (token) {
strncpy(result, token, len_result);
result[strcspn(result, "\n")] = 0;
free(line);
return;
}
}
}
free(line);
errx(1, "Could not get '%s' entry in config", entry);
}
@ -69,7 +69,7 @@ void runprog(char** program_argv) {
int main(int argc, char** argv) {
char groupname[64], wrong_pw_sleep[64], session_ttl[64], password[128];
int sleep_us, tries, ts_ttl;
unsigned int sleep_us, tries, ts_ttl;
int read_pw_from_stdin = 0;
if (argc > 1)
@ -101,7 +101,7 @@ int main(int argc, char** argv) {
fclose(fp);
if (getsession(ts_ttl) == 0 && !read_pw_from_stdin)
if (getsession(getppid(), ts_ttl, ruid) == 0 && !read_pw_from_stdin)
runprog(&argv[1]);
struct passwd* pw = getpwuid(ruid);
@ -147,7 +147,7 @@ int main(int argc, char** argv) {
if (strcmp(given_hashed_pw, user_hashed_pw) == 0) {
if (!read_pw_from_stdin)
setsession(ts_ttl);
setsession(getppid(), ts_ttl, ruid);
runprog(&argv[read_pw_from_stdin+1]);
}

72
sessions.h
View file

@ -4,7 +4,6 @@
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <fcntl.h>
#include <time.h>
@ -50,24 +49,24 @@ int getpstartts(int pid, unsigned long long* startts) {
int ensuredir() {
struct stat st;
int fd = open("/var/run/rdo", O_RDONLY, O_DIRECTORY | O_NOFOLLOW);
int fd = open("/run/rdo", O_RDONLY, O_DIRECTORY | O_NOFOLLOW);
if (fd < 0) {
if (errno == ENOENT) {
if (mkdir("/var/run/rdo", 0700) < 0)
err(1, "Could not create /var/run/rdo");
if (mkdir("/run/rdo", 0700) < 0)
err(1, "Could not create /run/rdo");
fd = open("/var/run/rdo", O_RDONLY, O_DIRECTORY | O_NOFOLLOW);
fd = open("/run/rdo", O_RDONLY, O_DIRECTORY | O_NOFOLLOW);
if (fd < 0)
err(1, "Could not open /var/run/rdo");
err(1, "Could not open /run/rdo");
}
else
err(1, "Could not open /var/run/rdo");
err(1, "Could not open /run/rdo");
}
if (fstat(fd, &st) < 0) {
close(fd);
err(1, "Could not fstat /var/run/rdo");
err(1, "Could not fstat /run/rdo");
}
close(fd);
@ -78,46 +77,17 @@ int ensuredir() {
return 0;
}
#ifdef __OpenBSD__
void setsession(int ts_ttl) {
if (ts_ttl <= 0)
return;
int ttyfd = open("/dev/tty", O_RDWR);
ioctl(ttyfd, TIOCSETVERAUTH, &ts_ttl);
close(ttyfd);
return;
}
int getsession(int ts_ttl) {
if (ts_ttl <= 0)
return -1;
int ttyfd = open("/dev/tty", O_RDWR);
int ret = ioctl(ttyfd, TIOCCHKVERAUTH);
close(ttyfd);
return ret;
}
#else
void setsession(int ts_ttl) {
if (ts_ttl <= 0)
return;
void setsession(int pid, unsigned int ts_ttl, int ruid) {
unsigned long long startts;
char path[1024], ts_str[32];
int ppid = getppid();
int ruid = getuid();
if (ts_ttl == 0)
return;
if (ensuredir() < 0 || getpstartts(ppid, &startts) < 0)
if (ensuredir() < 0 || getpstartts(pid, &startts) < 0)
return;
snprintf(path, sizeof(path), "/var/run/rdo/%d-%d-%llu", ruid, ppid, startts);
snprintf(path, sizeof(path), "/run/rdo/%d-%d-%llu", ruid, pid, startts);
int fd = open(path, O_CREAT | O_EXCL | O_WRONLY, 0700);
if (fd < 0) {
@ -134,23 +104,21 @@ void setsession(int ts_ttl) {
}
close(fd);
return;
}
int getsession(int ts_ttl) {
if (ts_ttl <= 0)
return -1;
int getsession(int pid, unsigned int ts_ttl, int ruid) {
unsigned long long startts, current;
char path[1024], ts_str[32];
int ppid = getppid();
int ruid = getuid();
if (ts_ttl == 0)
return -1;
if (ensuredir() < 0 || getpstartts(ppid, &startts) < 0)
if (ensuredir() < 0 || getpstartts(pid, &startts) < 0)
return -1;
snprintf(path, sizeof(path), "/var/run/rdo/%d-%d-%llu", ruid, ppid, startts);
snprintf(path, sizeof(path), "/run/rdo/%d-%d-%llu", ruid, pid, startts);
int fd = open(path, O_RDONLY);
if (fd < 0) {
@ -170,12 +138,10 @@ int getsession(int ts_ttl) {
startts = strtoull(ts_str, NULL, 10);
current = time(NULL);
if (current - startts > (unsigned int)ts_ttl) {
if (current - startts > ts_ttl) {
unlink(path);
return -1;
}
return 0;
}
#endif