1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
#include "log.h"
#include "common.h"
#include <stdio.h>
#include <string.h>
#include <signal.h>
#include <errno.h>
struct auth_env a_env;
struct proc_env p_env = {
.in = STDIN_FILENO,
.out = STDOUT_FILENO,
.err = STDERR_FILENO,
.vt = -1
};
static void interrupt_int(int signum) {
}
int main(int argc, char **argv) {
if (argc != 2 && argc != 3) {
fprintf(stderr, "Usage: %s consent|password|auth [prompt]\n",
argv[0]);
return 64;
}
if (!strcmp(argv[1], "consent")) {
a_env.mode = mode_consent;
} else if (!strcmp(argv[1], "password")) {
a_env.mode = mode_password;
} else if (!strcmp(argv[1], "auth")) {
a_env.mode = mode_auth;
} else {
fprintf(stderr, "Unknown mode: %s\n", argv[1]);
return 64;
}
if ((a_env.prompt = argv[2])) {
char *p = argv[2];
do {
if (*p != '\n' && (*p) < 32 || (*p) > 126) {
fprintf(stderr, "The given prompt is illegal.\n");
return 64;
}
} while (*(++ p));
}
a_env.pid = getppid();
a_env.usr = getuid();
ssize_t len;
snprintf(a_env.exe, sizeof(a_env.exe) - 1, "/proc/%d/exe", a_env.pid);
if ((len = readlink(a_env.exe, a_env.exe, sizeof(a_env.exe) - 1)) == -1) {
LOGFV("Read caller binary: %m.", errno);
return errno;
}
a_env.exe[len] = '\0';
/* Because we need to frequently dup(2). */
setbuf(stdout, NULL);
signal(SIGHUP, SIG_IGN);
struct sigaction sa = {
.sa_flags = 0,
.sa_handler = interrupt_int
};
sigemptyset(&sa.sa_mask);
/* Return EINTR on these signals to exit safely. */
sigaction(SIGINT, &sa, NULL);
sigaction(SIGTERM, &sa, NULL);
int r = sd_setup();
if (r == -1) {
sd_cleanup();
return 13;
}
if (r) {
sd_cleanup();
r = main_consent(0);
} else {
dprintf(p_env.err, "Complete authorization on TTY %d by running `chvt %d`.\n",
p_env.vt,
p_env.vt);
r = main_consent(1);
sd_cleanup();
}
return r;
}
|