common/sysutils.c

   1 /* sysutils.c -  system helpers
   2  * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
   3  *
   4  * This file is part of GnuPG.
   5  *
   6  * GnuPG is free software; you can redistribute it and/or modify
   7  * it under the terms of the GNU General Public License as published by
   8  * the Free Software Foundation; either version 2 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * GnuPG is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License
  17  * along with this program; if not, write to the Free Software
  18  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  19  */
  20
  21 #include <config.h>
  22 #include <stdio.h>
  23 #include <stdlib.h>
  24 #include <string.h>
  25 #include <unistd.h>
  26 #include <errno.h>
  27 #ifdef HAVE_STAT
  28 #include <sys/stat.h>
  29 #endif
  30 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
  31   #include <asm/sysinfo.h>
  32   #include <asm/unistd.h>
  33 #endif
  34 #ifdef HAVE_SETRLIMIT
  35   #include <time.h>
  36   #include <sys/time.h>
  37   #include <sys/resource.h>
  38 #endif
  39 #include "util.h"
  40 #include "i18n.h"
  41
  42 #include "sysutils.h"
  43
  44 #if defined(__linux__) && defined(__alpha__) && __GLIBC__ < 2
  45 #warning using trap_unaligned
  46 static int
  47 setsysinfo(unsigned long op, void *buffer, unsigned long size,
  48                      int *start, void *arg, unsigned long flag)
  49 {
  50     return syscall(__NR_osf_setsysinfo, op, buffer, size, start, arg, flag);
  51 }
  52
  53 void
  54 trap_unaligned(void)
  55 {
  56     unsigned int buf[2];
  57
  58     buf[0] = SSIN_UACPROC;
  59     buf[1] = UAC_SIGBUS | UAC_NOPRINT;
  60     setsysinfo(SSI_NVPAIRS, buf, 1, 0, 0, 0);
  61 }
  62 #else
  63 void
  64 trap_unaligned(void)
  65 {  /* dummy */
  66 }
  67 #endif
  68
  69
  70 int
  71 disable_core_dumps (void)
  72 {
  73 #ifdef HAVE_DOSISH_SYSTEM
  74     return 0;
  75 #else
  76 # ifdef HAVE_SETRLIMIT
  77     struct rlimit limit;
  78
  79     /* We only set the current limit unless we were not able to
  80        retrieve the old value. */
  81     if (getrlimit (RLIMIT_CORE, &limit))
  82       limit.rlim_max = 0;
  83     limit.rlim_cur = 0;
  84     if( !setrlimit (RLIMIT_CORE, &limit) )
  85         return 0;
  86     if( errno != EINVAL && errno != ENOSYS )
  87         log_fatal (_("can't disable core dumps: %s\n"), strerror(errno) );
  88 #endif
  89     return 1;
  90 #endif
  91 }
  92
  93 int
  94 enable_core_dumps (void)
  95 {
  96 #ifdef HAVE_DOSISH_SYSTEM
  97     return 0;
  98 #else
  99 # ifdef HAVE_SETRLIMIT
 100     struct rlimit limit;
 101
 102     if (getrlimit (RLIMIT_CORE, &limit))
 103       return 1;
 104     limit.rlim_cur = limit.rlim_max;
 105     setrlimit (RLIMIT_CORE, &limit);
 106     return 1; /* We always return true because trhis function is
 107                  merely a debugging aid. */
 108 # endif
 109     return 1;
 110 #endif
 111 }
 112
 113
 114
 115 /* Return a string which is used as a kind of process ID */
 116 const byte *
 117 get_session_marker( size_t *rlen )
 118 {
 119     static byte marker[SIZEOF_UNSIGNED_LONG*2];
 120     static int initialized;
 121
 122     if ( !initialized ) {
 123         volatile ulong aa, bb; /* we really want the uninitialized value */
 124         ulong a, b;
 125
 126         initialized = 1;
 127         /* also this marker is guessable it is not easy to use this
 128          * for a faked control packet because an attacker does not
 129          * have enough control about the time the verification does
 130          * take place.  Of course, we can add just more random but
 131          * than we need the random generator even for verification
 132          * tasks - which does not make sense. */
 133         a = aa ^ (ulong)getpid();
 134         b = bb ^ (ulong)time(NULL);
 135         memcpy( marker, &a, SIZEOF_UNSIGNED_LONG );
 136         memcpy( marker+SIZEOF_UNSIGNED_LONG, &b, SIZEOF_UNSIGNED_LONG );
 137     }
 138     *rlen = sizeof(marker);
 139     return marker;
 140 }
 141
 142
 143 #if 0 /* not yet needed - Note that this will require inclusion of
 144          cmacros.am in Makefile.am */
 145 int
 146 check_permissions(const char *path,int extension,int checkonly)
 147 {
 148 #if defined(HAVE_STAT) && !defined(HAVE_DOSISH_SYSTEM)
 149   char *tmppath;
 150   struct stat statbuf;
 151   int ret=1;
 152   int isdir=0;
 153
 154   if(opt.no_perm_warn)
 155     return 0;
 156
 157   if(extension && path[0]!=DIRSEP_C)
 158     {
 159       if(strchr(path,DIRSEP_C))
 160         tmppath=make_filename(path,NULL);
 161       else
 162         tmppath=make_filename(GNUPG_LIBDIR,path,NULL);
 163     }
 164   else
 165     tmppath=m_strdup(path);
 166
 167   /* It's okay if the file doesn't exist */
 168   if(stat(tmppath,&statbuf)!=0)
 169     {
 170       ret=0;
 171       goto end;
 172     }
 173
 174   isdir=S_ISDIR(statbuf.st_mode);
 175
 176   /* Per-user files must be owned by the user.  Extensions must be
 177      owned by the user or root. */
 178   if((!extension && statbuf.st_uid != getuid()) ||
 179      (extension && statbuf.st_uid!=0 && statbuf.st_uid!=getuid()))
 180     {
 181       if(!checkonly)
 182         log_info(_("Warning: unsafe ownership on %s \"%s\"\n"),
 183                  isdir?"directory":extension?"extension":"file",path);
 184       goto end;
 185     }
 186
 187   /* This works for both directories and files - basically, we don't
 188      care what the owner permissions are, so long as the group and
 189      other permissions are 0 for per-user files, and non-writable for
 190      extensions. */
 191   if((extension && (statbuf.st_mode & (S_IWGRP|S_IWOTH)) !=0) ||
 192      (!extension && (statbuf.st_mode & (S_IRWXG|S_IRWXO)) != 0))
 193     {
 194       char *dir;
 195
 196       /* However, if the directory the directory/file is in is owned
 197          by the user and is 700, then this is not a problem.
 198          Theoretically, we could walk this test up to the root
 199          directory /, but for the sake of sanity, I'm stopping at one
 200          level down. */
 201
 202       dir= make_dirname (tmppath);
 203       if(stat(dir,&statbuf)==0 && statbuf.st_uid==getuid() &&
 204          S_ISDIR(statbuf.st_mode) && (statbuf.st_mode & (S_IRWXG|S_IRWXO))==0)
 205         {
 206           xfree (dir);
 207           ret=0;
 208           goto end;
 209         }
 210
 211       m_free(dir);
 212
 213       if(!checkonly)
 214         log_info(_("Warning: unsafe permissions on %s \"%s\"\n"),
 215                  isdir?"directory":extension?"extension":"file",path);
 216       goto end;
 217     }
 218
 219   ret=0;
 220
 221  end:
 222   m_free(tmppath);
 223
 224   return ret;
 225
 226 #endif /* HAVE_STAT && !HAVE_DOSISH_SYSTEM */
 227
 228   return 0;
 229 }
 230 #endif