int
main (int argc, char **argv)
{
FILE *froms_file;
from_t *from;
char *a_from;
char *dest;
char *res;
froms_file = fopen (argv[1], "r");
if (froms_file == NULL)
{
fprintf (stdout, "Failed to open %s file.\nUsage: tfrom froms.txt\n",
argv[1]);
exit (0);
}
a_from = (char *) smalloc (200);
res = fgets (a_from, 200, froms_file); /* lines are under 200 */
while (res != NULL)
{
int errcode;
/* remove the last '\n' before parsing */
strncpy (a_from + strlen (a_from) - 1, "\0", 1);
if (0 != strncmp (a_from, "#", 1))
{
/* allocate & init from */
from_init (&from);
printf ("=================================================\n");
printf ("FROM TO PARSE: |%s|\n", a_from);
errcode = from_parse (from, a_from);
if (errcode != -1)
{
if (from_2char (from, &dest) != -1)
{
printf ("result: |%s|\n", dest);
sfree (dest);
}
}
else
printf ("Bad from format: %s\n", a_from);
from_free (from), sfree (from);
printf ("=================================================\n");
}
res = fgets (a_from, 200, froms_file); /* lines are under 200 */
}
sfree (a_from);
return 0;
}
int main(int argc, char *argv[])
{
struct stat st;
static int socket_serv_fd = -1;
char buf[64], shell[PATH_MAX], *result, debuggable[PROPERTY_VALUE_MAX];
char enabled[PROPERTY_VALUE_MAX], build_type[PROPERTY_VALUE_MAX];
char root_settings[PROPERTY_VALUE_MAX];
int i, dballow;
mode_t orig_umask;
for (i = 1; i < argc; i++) {
if (!strcmp(argv[i], "-c") || !strcmp(argv[i], "--command")) {
if (++i < argc) {
su_to.command = argv[i];
} else {
usage();
}
} else if (!strcmp(argv[i], "-s") || !strcmp(argv[i], "--shell")) {
if (++i < argc) {
strncpy(shell, argv[i], sizeof(shell));
shell[sizeof(shell) - 1] = 0;
} else {
usage();
}
} else if (!strcmp(argv[i], "-v") || !strcmp(argv[i], "--version")) {
printf("%s\n", VERSION);
exit(EXIT_SUCCESS);
} else if (!strcmp(argv[i], "-V")) {
printf("%d\n", VERSION_CODE);
exit(EXIT_SUCCESS);
} else if (!strcmp(argv[i], "-h") || !strcmp(argv[i], "--help")) {
usage();
} else if (!strcmp(argv[i], "-") || !strcmp(argv[i], "-l") ||
!strcmp(argv[i], "--login")) {
++i;
break;
} else {
break;
}
}
if (i < argc-1) {
usage();
}
if (i == argc-1) {
struct passwd *pw;
pw = getpwnam(argv[i]);
if (!pw) {
su_to.uid = atoi(argv[i]);
} else {
su_to.uid = pw->pw_uid;
}
}
if (from_init(&su_from) < 0) {
deny();
}
property_get("ro.debuggable", debuggable, "0");
property_get(ROOT_ACCESS_PROPERTY, enabled, ROOT_ACCESS_DEFAULT);
property_get("ro.build.type", build_type, "");
property_get(ROOT_SETTINGS_PROPERTY, root_settings, "");
orig_umask = umask(027);
// Root Settings-specific behavior
if (strcmp("1", root_settings) == 0) {
// only allow su on debuggable builds
if (strcmp("1", debuggable) != 0) {
LOGE("Root access is disabled on non-debug builds");
deny();
}
// enforce persist.sys.root_access on non-eng builds
if (strcmp("eng", build_type) != 0 &&
(atoi(enabled) & 1) != 1 ) {
LOGE("Root access is disabled by system setting - enable it under settings -> developer options");
deny();
}
// disallow su in a shell if appropriate
if (su_from.uid == AID_SHELL && (atoi(enabled) == 1)) {
LOGE("Root access is disabled by a system setting - enable it under settings -> developer options");
deny();
}
}
if (su_from.uid == AID_ROOT || su_from.uid == AID_SHELL)
allow(shell, orig_umask);
if (stat(REQUESTOR_DATA_PATH, &st) < 0) {
PLOGE("stat");
deny();
}
if (st.st_gid != st.st_uid)
{
LOGE("Bad uid/gid %d/%d for Superuser Requestor application",
(int)st.st_uid, (int)st.st_gid);
deny();
}
if (mkdir(REQUESTOR_CACHE_PATH, 0770) >= 0) {
chown(REQUESTOR_CACHE_PATH, st.st_uid, st.st_gid);
}
setgroups(0, NULL);
setegid(st.st_gid);
seteuid(st.st_uid);
LOGE("sudb - Opening database");
db = database_init();
if (!db) {
LOGE("sudb - Could not open database, prompt user");
// if the database could not be opened, we can assume we need to
// prompt the user
dballow = DB_INTERACTIVE;
} else {
LOGE("sudb - Database opened");
dballow = database_check(db, &su_from, &su_to);
// Close the database, we're done with it. If it stays open,
// it will cause problems
sqlite3_close(db);
db = NULL;
LOGE("sudb - Database closed");
}
switch (dballow) {
case DB_DENY: deny();
case DB_ALLOW: allow(shell, orig_umask);
case DB_INTERACTIVE: break;
default: deny();
}
socket_serv_fd = socket_create_temp();
if (socket_serv_fd < 0) {
deny();
}
signal(SIGHUP, cleanup_signal);
signal(SIGPIPE, cleanup_signal);
signal(SIGTERM, cleanup_signal);
signal(SIGABRT, cleanup_signal);
atexit(cleanup);
if (send_intent(&su_from, &su_to, socket_path, -1, 0) < 0) {
deny();
}
if (socket_receive_result(socket_serv_fd, buf, sizeof(buf)) < 0) {
deny();
}
close(socket_serv_fd);
socket_cleanup();
result = buf;
if (!strcmp(result, "DENY")) {
deny();
} else if (!strcmp(result, "ALLOW")) {
allow(shell, orig_umask);
} else {
LOGE("unknown response from Superuser Requestor: %s", result);
deny();
}
deny();
return -1;
}
