int main(int argc, char **argv) { sanitize_environ(environ); const char *self = argv[0]; struct stat statself; if (stat(self, &statself) < 0) return perror(self), EX_IOERR; if (statself.st_mode & S_ISUID) { if (geteuid() != statself.st_uid) { /* OS ignored our setuid bit, */ execv(argv[0], argv); /* rerun self to get setuid back. */ return perror(argv[0]), EX_OSERR; } } arg_t arg = split_argv(argc, argv); int dashdash = find_dashdash(arg.c, arg.v, 2); if (dashdash < 0 || dashdash + 1 >= arg.c) return fputs(usage, stderr), EX_USAGE; const char *interp = arg.v[1], *script = arg.v[dashdash + 1]; /* access() checks permission using real uid and gid (set to the * invoking user) as opposed to the effective uid and gid (set to * the binary). */ if (access(interp, X_OK) < 0) return perror(interp), EX_NOPERM; if (access(script, X_OK | R_OK) < 0) return perror(script), EX_NOPERM; int fd = open(script, O_RDONLY); if (fd < 0) return perror(script), EX_NOPERM; char buf[16]; snprintf(buf, sizeof(buf), "/dev/fd/%d", fd); struct stat statbuf; if (fstat(fd, &statbuf) < 0) return perror(script), EX_IOERR; #define SETEXID(xid, S_ISXID) \ if (sete##xid(statbuf.st_mode & S_ISXID ? \ statbuf.st_##xid : get##xid()) < 0) \ return perror("sete" #xid), EX_NOPERM; /* set effective gid first, or we might not be able to do that after * setting effective uid away from root. */ SETEXID(gid, S_ISGID); SETEXID(uid, S_ISUID); #undef SETEXID arg.v[dashdash + 1] = buf; /* override script to fd */ execv(arg.v[1], arg.v + 1); /* normally should not return. */ return perror(arg.v[1]), EX_OSERR; }
int launch_client(int argc, char *argv[]) { int ret = 0; /* Error on processing arguments */ if ((config = process_args(argc, argv)) == NULL) return 1; /* Local compilation needed */ if (config->local) full_compilation(config->argc, config->argv); if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) { /* TODO : ERROR HANDLING */ } if (!config->file->input_file || !config->file->output_file) full_compilation(config->argc, config->argv); /* * Process the hosts list (use split argv because it uses * the same method) */ config->nb_server = split_argv(get_hosts(), &config->servers); for (int i = 0; i < config->nb_server; ++i) { if ((config->socket_fd = create_client_socket(config->servers[i], get_port())) < 0) { ERROR_MSG("[multi] Can not connect to %s\n", config->servers[i]); continue; } /* Process file with server */ ret = core_client(config); if (ret >= 0) return ret; } /* If this point is reached then no server found or available */ full_compilation(config->argc, config->argv); return 0; }
Mykytea::Mykytea(char* str) { const char* configs[MAX_LEN + 1]; char *cp = (char *)malloc(strlen(str) + 1); strcpy(cp, str); int len = split_argv(cp, configs); config = new KyteaConfig; config->setDebug(0); config->setOnTraining(false); config->parseRunCommandLine(len, configs); free(cp); kytea = new Kytea(config); kytea->readModel(config->getModelFile().c_str()); util = kytea->getStringUtil(); }
Mykytea::Mykytea(char* str) { const char* configs[MAX_LEN]; int len = split_argv(str, configs); //cout << len << endl; //for(int i = 0; i < len; i++) // cout << configs[i] << endl; KyteaConfig* _config = new KyteaConfig(); _config->parseRunCommandLine(len, configs); config = _config; Kytea* _kytea = new Kytea(_config); _kytea->readModel(_config->getModelFile().c_str()); kytea = _kytea; util = _kytea->getStringUtil(); }
/* * Checks whether key is allowed in output of command. * returns 1 if the key is allowed or 0 otherwise. */ static int user_key_command_allowed2(struct passwd *user_pw, Key *key) { FILE *f = NULL; int r, ok, found_key = 0; struct passwd *pw; int i, uid_swapped = 0, ac = 0; pid_t pid; char *username = NULL, *key_fp = NULL, *keytext = NULL; char *tmp, *command = NULL, **av = NULL; void (*osigchld)(int); if (options.authorized_keys_command == NULL) return 0; if (options.authorized_keys_command_user == NULL) { error("No user for AuthorizedKeysCommand specified, skipping"); return 0; } /* * NB. all returns later this function should go via "out" to * ensure the original SIGCHLD handler is restored properly. */ osigchld = signal(SIGCHLD, SIG_DFL); /* Prepare and verify the user for the command */ username = percent_expand(options.authorized_keys_command_user, "u", user_pw->pw_name, (char *)NULL); pw = getpwnam(username); if (pw == NULL) { error("AuthorizedKeysCommandUser \"%s\" not found: %s", username, strerror(errno)); goto out; } /* Prepare AuthorizedKeysCommand */ if ((key_fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) { error("%s: sshkey_fingerprint failed", __func__); goto out; } if ((r = sshkey_to_base64(key, &keytext)) != 0) { error("%s: sshkey_to_base64 failed: %s", __func__, ssh_err(r)); goto out; } /* Turn the command into an argument vector */ if (split_argv(options.authorized_keys_command, &ac, &av) != 0) { error("AuthorizedKeysCommand \"%s\" contains invalid quotes", command); goto out; } if (ac == 0) { error("AuthorizedKeysCommand \"%s\" yielded no arguments", command); goto out; } for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], "u", user_pw->pw_name, "h", user_pw->pw_dir, "t", sshkey_ssh_name(key), "f", key_fp, "k", keytext, (char *)NULL); if (tmp == NULL) fatal("%s: percent_expand failed", __func__); free(av[i]); av[i] = tmp; } /* Prepare a printable command for logs, etc. */ command = assemble_argv(ac, av); /* * If AuthorizedKeysCommand was run without arguments * then fall back to the old behaviour of passing the * target username as a single argument. */ if (ac == 1) { av = xreallocarray(av, ac + 2, sizeof(*av)); av[1] = xstrdup(user_pw->pw_name); av[2] = NULL; /* Fix up command too, since it is used in log messages */ free(command); xasprintf(&command, "%s %s", av[0], av[1]); } if ((pid = subprocess("AuthorizedKeysCommand", pw, command, ac, av, &f)) == 0) goto out; uid_swapped = 1; temporarily_use_uid(pw); ok = check_authkeys_file(f, options.authorized_keys_command, key, pw); fclose(f); f = NULL; if (exited_cleanly(pid, "AuthorizedKeysCommand", command) != 0) goto out; /* Read completed successfully */ found_key = ok; out: if (f != NULL) fclose(f); signal(SIGCHLD, osigchld); for (i = 0; i < ac; i++) free(av[i]); free(av); if (uid_swapped) restore_uid(); free(command); free(username); free(key_fp); free(keytext); return found_key; }
/* * Checks whether principal is allowed in output of command. * returns 1 if the principal is allowed or 0 otherwise. */ static int match_principals_command(struct passwd *user_pw, const struct sshkey *key) { const struct sshkey_cert *cert = key->cert; FILE *f = NULL; int r, ok, found_principal = 0; struct passwd *pw; int i, ac = 0, uid_swapped = 0; pid_t pid; char *tmp, *username = NULL, *command = NULL, **av = NULL; char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; char serial_s[16]; void (*osigchld)(int); if (options.authorized_principals_command == NULL) return 0; if (options.authorized_principals_command_user == NULL) { error("No user for AuthorizedPrincipalsCommand specified, " "skipping"); return 0; } /* * NB. all returns later this function should go via "out" to * ensure the original SIGCHLD handler is restored properly. */ osigchld = signal(SIGCHLD, SIG_DFL); /* Prepare and verify the user for the command */ username = percent_expand(options.authorized_principals_command_user, "u", user_pw->pw_name, (char *)NULL); pw = getpwnam(username); if (pw == NULL) { error("AuthorizedPrincipalsCommandUser \"%s\" not found: %s", username, strerror(errno)); goto out; } /* Turn the command into an argument vector */ if (split_argv(options.authorized_principals_command, &ac, &av) != 0) { error("AuthorizedPrincipalsCommand \"%s\" contains " "invalid quotes", command); goto out; } if (ac == 0) { error("AuthorizedPrincipalsCommand \"%s\" yielded no arguments", command); goto out; } if ((ca_fp = sshkey_fingerprint(cert->signature_key, options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) { error("%s: sshkey_fingerprint failed", __func__); goto out; } if ((key_fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) { error("%s: sshkey_fingerprint failed", __func__); goto out; } if ((r = sshkey_to_base64(cert->signature_key, &catext)) != 0) { error("%s: sshkey_to_base64 failed: %s", __func__, ssh_err(r)); goto out; } if ((r = sshkey_to_base64(key, &keytext)) != 0) { error("%s: sshkey_to_base64 failed: %s", __func__, ssh_err(r)); goto out; } snprintf(serial_s, sizeof(serial_s), "%llu", (unsigned long long)cert->serial); for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], "u", user_pw->pw_name, "h", user_pw->pw_dir, "t", sshkey_ssh_name(key), "T", sshkey_ssh_name(cert->signature_key), "f", key_fp, "F", ca_fp, "k", keytext, "K", catext, "i", cert->key_id, "s", serial_s, (char *)NULL); if (tmp == NULL) fatal("%s: percent_expand failed", __func__); free(av[i]); av[i] = tmp; } /* Prepare a printable command for logs, etc. */ command = assemble_argv(ac, av); if ((pid = subprocess("AuthorizedPrincipalsCommand", pw, command, ac, av, &f)) == 0) goto out; uid_swapped = 1; temporarily_use_uid(pw); ok = process_principals(f, NULL, pw, cert); fclose(f); f = NULL; if (exited_cleanly(pid, "AuthorizedPrincipalsCommand", command) != 0) goto out; /* Read completed successfully */ found_principal = ok; out: if (f != NULL) fclose(f); signal(SIGCHLD, osigchld); for (i = 0; i < ac; i++) free(av[i]); free(av); if (uid_swapped) restore_uid(); free(command); free(username); free(ca_fp); free(key_fp); free(catext); free(keytext); return found_principal; }
/* * Checks whether principal is allowed in output of command. * returns 1 if the principal is allowed or 0 otherwise. */ static int match_principals_command(struct passwd *user_pw, struct sshkey_cert *cert) { FILE *f = NULL; int ok, found_principal = 0; struct passwd *pw; int i, ac = 0, uid_swapped = 0; pid_t pid; char *tmp, *username = NULL, *command = NULL, **av = NULL; void (*osigchld)(int); if (options.authorized_principals_command == NULL) return 0; if (options.authorized_principals_command_user == NULL) { error("No user for AuthorizedPrincipalsCommand specified, " "skipping"); return 0; } /* * NB. all returns later this function should go via "out" to * ensure the original SIGCHLD handler is restored properly. */ #ifndef WIN32_FIXME // PRAGMA:TODO osigchld = signal(SIGCHLD, SIG_DFL); #endif /* Prepare and verify the user for the command */ username = percent_expand(options.authorized_principals_command_user, "u", user_pw->pw_name, (char *)NULL); pw = getpwnam(username); if (pw == NULL) { error("AuthorizedPrincipalsCommandUser \"%s\" not found: %s", username, strerror(errno)); goto out; } /* Turn the command into an argument vector */ if (split_argv(options.authorized_principals_command, &ac, &av) != 0) { error("AuthorizedPrincipalsCommand \"%s\" contains " "invalid quotes", command); goto out; } if (ac == 0) { error("AuthorizedPrincipalsCommand \"%s\" yielded no arguments", command); goto out; } for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], "u", user_pw->pw_name, "h", user_pw->pw_dir, (char *)NULL); if (tmp == NULL) fatal("%s: percent_expand failed", __func__); free(av[i]); av[i] = tmp; } /* Prepare a printable command for logs, etc. */ command = assemble_argv(ac, av); if ((pid = subprocess("AuthorizedPrincipalsCommand", pw, command, ac, av, &f)) == 0) goto out; uid_swapped = 1; temporarily_use_uid(pw); ok = process_principals(f, NULL, pw, cert); if (exited_cleanly(pid, "AuthorizedPrincipalsCommand", command) != 0) goto out; /* Read completed successfully */ found_principal = ok; out: if (f != NULL) fclose(f); signal(SIGCHLD, osigchld); for (i = 0; i < ac; i++) free(av[i]); free(av); if (uid_swapped) restore_uid(); free(command); free(username); return found_principal; }