search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
delay a few things on startup, such as setting the visibility mode, which ensures...
[personal-kdebase.git] / runtime / kdesu / kdesud / handler.cpp
blob813097acae332e07c6f79ebc53f7a0e5601eed14
1 /*
2 * This file is part of the KDE project, module kdesu.
3 * Copyright (C) 1999,2000 Geert Jansen <jansen@kde.org>
4 *
5 * handler.cpp: A connection handler for kdesud.
6 */
7
8 #include "handler.h"
9
10 #include <stdlib.h>
11 #include <string.h>
12 #include <assert.h>
13 #include <unistd.h>
14 #include <signal.h>
15 #include <errno.h>
16
17 #include <sys/types.h>
18 #include <sys/socket.h>
19
20 #include <kdebug.h>
21 #include <kdesu/su.h>
22 #include <kdesu/ssh.h>
23
24 #include "repo.h"
25 #include "lexer.h"
26 #include "secure.h"
27
28 using namespace KDESu;
29
30
31 // Global repository
32 extern Repository *repo;
33 void kdesud_cleanup();
34
35 ConnectionHandler::ConnectionHandler(int fd)
36 : SocketSecurity(fd), m_exitCode(0), m_hasExitCode(false), m_needExitCode(false), m_pid(0)
37 {
38 m_Fd = fd;
39 m_Priority = 50;
40 m_Scheduler = SuProcess::SchedNormal;
41 }
42
43 ConnectionHandler::~ConnectionHandler()
44 {
45 m_Buf.fill('x');
46 m_Pass.fill('x');
47 close(m_Fd);
48 }
49
50 /*
51 * Handle a connection: make sure we don't block
52 */
53
54 int ConnectionHandler::handle()
55 {
56 int ret, nbytes;
57
58 // Add max 100 bytes to connection buffer
59
60 char tmpbuf[100];
61 nbytes = recv(m_Fd, tmpbuf, 99, 0);
62
63 if (nbytes < 0)
64 {
65 if (errno == EINTR)
66 return 0;
67 // read error
68 return -1;
69 } else if (nbytes == 0)
70 {
71 // eof
72 return -1;
73 }
74 tmpbuf[nbytes] = '\000';
75
76 if (m_Buf.length()+nbytes > 1024)
77 {
78 kWarning(1205) << "line too long";
79 return -1;
80 }
81
82 m_Buf.append(tmpbuf);
83 memset(tmpbuf, 'x', nbytes);
84
85 // Do we have a complete command yet?
86 int n;
87 QByteArray newbuf;
88 while ((n = m_Buf.indexOf('\n')) != -1)
89 {
90 newbuf = m_Buf.left(n+1);
91 m_Buf.fill('x', n+1);
92 m_Buf.remove(0, n+1);
93 ret = doCommand(newbuf);
94 if (ret < 0)
95 return ret;
96 }
97
98 return 0;
99 }
100
101 QByteArray ConnectionHandler::makeKey(int _namespace, const QByteArray &s1,
102 const QByteArray &s2, const QByteArray &s3) const
103 {
104 QByteArray res;
105 res.setNum(_namespace);
106 res += '*';
107 res += s1 + '*' + s2 + '*' + s3;
108 return res;
109 }
110
111 void ConnectionHandler::sendExitCode()
112 {
113 if (!m_needExitCode)
114 return;
115 QByteArray buf;
116 buf.setNum(m_exitCode);
117 buf.prepend("OK ");
118 buf.append("\n");
119
120 send(m_Fd, buf.data(), buf.length(), 0);
121 }
122
123 void ConnectionHandler::respond(int ok, const QByteArray &s)
124 {
125 QByteArray buf;
126
127 switch (ok) {
128 case Res_OK:
129 buf = "OK";
130 break;
131 case Res_NO:
132 default:
133 buf = "NO";
134 break;
135 }
136
137 if (!s.isEmpty())
138 {
139 buf += ' ';
140 buf += s;
141 }
142
143 buf += '\n';
144
145 send(m_Fd, buf.data(), buf.length(), 0);
146 }
147
148 /*
149 * Parse and do one command. On a parse error, return -1. This will
150 * close the socket in the main accept loop.
151 */
152
153 int ConnectionHandler::doCommand(QByteArray buf)
154 {
155 if ((uid_t) peerUid() != getuid())
156 {
157 kWarning(1205) << "Peer uid not equal to me\n";
158 kWarning(1205) << "Peer: " << peerUid() << " Me: " << getuid() ;
159 return -1;
160 }
161
162 QByteArray key, command, pass, name, user, value, env_check;
163 Data_entry data;
164
165 Lexer *l = new Lexer(buf);
166 int tok = l->lex();
167 switch (tok)
168 {
169 case Lexer::Tok_pass: // "PASS password:string timeout:int\n"
170 tok = l->lex();
171 if (tok != Lexer::Tok_str)
172 goto parse_error;
173 m_Pass.fill('x');
174 m_Pass = l->lval();
175 tok = l->lex();
176 if (tok != Lexer::Tok_num)
177 goto parse_error;
178 m_Timeout = l->lval().toInt();
179 if (l->lex() != '\n')
180 goto parse_error;
181 if (m_Pass.isNull())
182 m_Pass = "";
183 kDebug(1205) << "Password set!\n";
184 respond(Res_OK);
185 break;
186
187 case Lexer::Tok_host: // "HOST host:string\n"
188 tok = l->lex();
189 if (tok != Lexer::Tok_str)
190 goto parse_error;
191 m_Host = l->lval();
192 if (l->lex() != '\n')
193 goto parse_error;
194 kDebug(1205) << "Host set to " << m_Host;
195 respond(Res_OK);
196 break;
197
198 case Lexer::Tok_prio: // "PRIO priority:int\n"
199 tok = l->lex();
200 if (tok != Lexer::Tok_num)
201 goto parse_error;
202 m_Priority = l->lval().toInt();
203 if (l->lex() != '\n')
204 goto parse_error;
205 kDebug(1205) << "priority set to " << m_Priority;
206 respond(Res_OK);
207 break;
208
209 case Lexer::Tok_sched: // "SCHD scheduler:int\n"
210 tok = l->lex();
211 if (tok != Lexer::Tok_num)
212 goto parse_error;
213 m_Scheduler = l->lval().toInt();
214 if (l->lex() != '\n')
215 goto parse_error;
216 kDebug(1205) << "Scheduler set to " << m_Scheduler;
217 respond(Res_OK);
218 break;
219
220 case Lexer::Tok_exec: // "EXEC command:string user:string [options:string (env:string)*]\n"
221 {
222 QByteArray options;
223 QList<QByteArray> env;
224 tok = l->lex();
225 if (tok != Lexer::Tok_str)
226 goto parse_error;
227 command = l->lval();
228 tok = l->lex();
229 if (tok != Lexer::Tok_str)
230 goto parse_error;
231 user = l->lval();
232 tok = l->lex();
233 if (tok != '\n')
234 {
235 if (tok != Lexer::Tok_str)
236 goto parse_error;
237 options = l->lval();
238 tok = l->lex();
239 while (tok != '\n')
240 {
241 if (tok != Lexer::Tok_str)
242 goto parse_error;
243 QByteArray env_str = l->lval();
244 env.append(env_str);
245 if (strncmp(env_str, "DESKTOP_STARTUP_ID=", strlen("DESKTOP_STARTUP_ID=")) != 0)
246 env_check += '*'+env_str;
247 tok = l->lex();
248 }
249 }
250
251 QByteArray auth_user;
252 if ((m_Scheduler != SuProcess::SchedNormal) || (m_Priority > 50))
253 auth_user = "root";
254 else
255 auth_user = user;
256 key = makeKey(2, m_Host, auth_user, command);
257 // We only use the command if the environment is the same.
258 if (repo->find(key) == env_check)
259 {
260 key = makeKey(0, m_Host, auth_user, command);
261 pass = repo->find(key);
262 }
263 if (pass.isNull()) // isNull() means no password, isEmpty() can mean empty password
264 {
265 if (m_Pass.isNull())
266 {
267 respond(Res_NO);
268 break;
269 }
270 data.value = env_check;
271 data.timeout = m_Timeout;
272 key = makeKey(2, m_Host, auth_user, command);
273 repo->add(key, data);
274 data.value = m_Pass;
275 data.timeout = m_Timeout;
276 key = makeKey(0, m_Host, auth_user, command);
277 repo->add(key, data);
278 pass = m_Pass;
279 }
280
281 // Execute the command asynchronously
282 kDebug(1205) << "Executing command: " << command;
283 pid_t pid = fork();
284 if (pid < 0)
285 {
286 kDebug(1205) << "fork(): " << strerror(errno);
287 respond(Res_NO);
288 break;
289 } else if (pid > 0)
290 {
291 m_pid = pid;
292 respond(Res_OK);
293 break;
294 }
295
296 // Ignore SIGCHLD because "class SuProcess" needs waitpid()
297 signal(SIGCHLD, SIG_DFL);
298
299 int ret;
300 if (m_Host.isEmpty())
301 {
302 SuProcess proc;
303 proc.setCommand(command);
304 proc.setUser(user);
305 if (options.contains('x'))
306 proc.setXOnly(true);
307 proc.setPriority(m_Priority);
308 proc.setScheduler(m_Scheduler);
309 proc.setEnvironment(env);
310 ret = proc.exec(pass.data());
311 } else
312 {
313 SshProcess proc;
314 proc.setCommand(command);
315 proc.setUser(user);
316 proc.setHost(m_Host);
317 ret = proc.exec(pass.data());
318 }
319
320 kDebug(1205) << "Command completed: " << command;
321 _exit(ret);
322 }
323
324 case Lexer::Tok_delCmd: // "DEL command:string user:string\n"
325 tok = l->lex();
326 if (tok != Lexer::Tok_str)
327 goto parse_error;
328 command = l->lval();
329 tok = l->lex();
330 if (tok != Lexer::Tok_str)
331 goto parse_error;
332 user = l->lval();
333 if (l->lex() != '\n')
334 goto parse_error;
335 key = makeKey(0, m_Host, user, command);
336 if (repo->remove(key) < 0) {
337 kDebug(1205) << "Unknown command: " << command;
338 respond(Res_NO);
339 }
340 else {
341 kDebug(1205) << "Deleted command: " << command << ", user = "
342 << user << endl;
343 respond(Res_OK);
344 }
345 break;
346
347 case Lexer::Tok_delVar: // "DELV name:string \n"
348 {
349 tok = l->lex();
350 if (tok != Lexer::Tok_str)
351 goto parse_error;
352 name = l->lval();
353 tok = l->lex();
354 if (tok != '\n')
355 goto parse_error;
356 key = makeKey(1, name);
357 if (repo->remove(key) < 0)
358 {
359 kDebug(1205) << "Unknown name: " << name;
360 respond(Res_NO);
361 }
362 else {
363 kDebug(1205) << "Deleted name: " << name;
364 respond(Res_OK);
365 }
366 break;
367 }
368
369 case Lexer::Tok_delGroup: // "DELG group:string\n"
370 tok = l->lex();
371 if (tok != Lexer::Tok_str)
372 goto parse_error;
373 name = l->lval();
374 if (repo->removeGroup(name) < 0)
375 {
376 kDebug(1205) << "No keys found under group: " << name;
377 respond(Res_NO);
378 }
379 else
380 {
381 kDebug(1205) << "Removed all keys under group: " << name;
382 respond(Res_OK);
383 }
384 break;
385
386 case Lexer::Tok_delSpecialKey: // "DELS special_key:string\n"
387 tok = l->lex();
388 if (tok != Lexer::Tok_str)
389 goto parse_error;
390 name = l->lval();
391 if (repo->removeSpecialKey(name) < 0)
392 respond(Res_NO);
393 else
394 respond(Res_OK);
395 break;
396
397 case Lexer::Tok_set: // "SET name:string value:string group:string timeout:int\n"
398 tok = l->lex();
399 if (tok != Lexer::Tok_str)
400 goto parse_error;
401 name = l->lval();
402 tok = l->lex();
403 if (tok != Lexer::Tok_str)
404 goto parse_error;
405 data.value = l->lval();
406 tok = l->lex();
407 if (tok != Lexer::Tok_str)
408 goto parse_error;
409 data.group = l->lval();
410 tok = l->lex();
411 if (tok != Lexer::Tok_num)
412 goto parse_error;
413 data.timeout = l->lval().toInt();
414 if (l->lex() != '\n')
415 goto parse_error;
416 key = makeKey(1, name);
417 repo->add(key, data);
418 kDebug(1205) << "Stored key: " << key;
419 respond(Res_OK);
420 break;
421
422 case Lexer::Tok_get: // "GET name:string\n"
423 tok = l->lex();
424 if (tok != Lexer::Tok_str)
425 goto parse_error;
426 name = l->lval();
427 if (l->lex() != '\n')
428 goto parse_error;
429 key = makeKey(1, name);
430 kDebug(1205) << "Request for key: " << key;
431 value = repo->find(key);
432 if (!value.isEmpty())
433 respond(Res_OK, value);
434 else
435 respond(Res_NO);
436 break;
437
438 case Lexer::Tok_getKeys: // "GETK groupname:string\n"
439 tok = l->lex();
440 if (tok != Lexer::Tok_str)
441 goto parse_error;
442 name = l->lval();
443 if (l->lex() != '\n')
444 goto parse_error;
445 kDebug(1205) << "Request for group key: " << name;
446 value = repo->findKeys(name);
447 if (!value.isEmpty())
448 respond(Res_OK, value);
449 else
450 respond(Res_NO);
451 break;
452
453 case Lexer::Tok_chkGroup: // "CHKG groupname:string\n"
454 tok = l->lex();
455 if (tok != Lexer::Tok_str)
456 goto parse_error;
457 name = l->lval();
458 if (l->lex() != '\n')
459 goto parse_error;
460 kDebug(1205) << "Checking for group key: " << name;
461 if ( repo->hasGroup( name ) < 0 )
462 respond(Res_NO);
463 else
464 respond(Res_OK);
465 break;
466
467 case Lexer::Tok_ping: // "PING\n"
468 tok = l->lex();
469 if (tok != '\n')
470 goto parse_error;
471 respond(Res_OK);
472 break;
473
474 case Lexer::Tok_exit: // "EXIT\n"
475 tok = l->lex();
476 if (tok != '\n')
477 goto parse_error;
478 m_needExitCode = true;
479 if (m_hasExitCode)
480 sendExitCode();
481 break;
482
483 case Lexer::Tok_stop: // "STOP\n"
484 tok = l->lex();
485 if (tok != '\n')
486 goto parse_error;
487 kDebug(1205) << "Stopping by command";
488 respond(Res_OK);
489 kdesud_cleanup();
490 exit(0);
491
492 default:
493 kWarning(1205) << "Unknown command: " << l->lval() ;
494 respond(Res_NO);
495 goto parse_error;
496 }
497
498 delete l;
499 return 0;
500
501 parse_error:
502 kWarning(1205) << "Parse error" ;
503 delete l;
504 return -1;
505 }
506
507
508
My personal kdebase copy