diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/cerberus.c | 68 | ||||
| -rw-r--r-- | src/cerberus.h | 7 | ||||
| -rw-r--r-- | src/config.h | 54 | ||||
| -rw-r--r-- | src/login.c | 116 | ||||
| -rw-r--r-- | src/login.h | 49 | ||||
| -rw-r--r-- | src/passphrase.c | 11 | ||||
| -rw-r--r-- | src/passphrase.h | 13 | ||||
| -rw-r--r-- | src/quit.c | 5 | ||||
| -rw-r--r-- | src/quit.h | 15 | ||||
| -rw-r--r-- | src/security.c | 16 | ||||
| -rw-r--r-- | src/security.h | 25 | 
11 files changed, 272 insertions, 107 deletions
| diff --git a/src/cerberus.c b/src/cerberus.c index 49e9857..807db40 100644 --- a/src/cerberus.c +++ b/src/cerberus.c @@ -25,11 +25,6 @@  /** - * The environment variables - */ -extern char** environ; - -/**   * Mane method   *    * @param   argc  The number of command line arguments @@ -188,66 +183,9 @@ int main(int argc, char** argv)    /* TODO login */ -   -  /* Change directory */ -  if (chdir(entry->pw_dir)) -    { -      perror("chdir"); -      if (chdir(DEFAULT_HOME)) -	{ -	  perror("chdir"); -	  sleep(ERROR_SLEEP); -	  return 1; -	} -      entry->pw_dir = DEFAULT_HOME; -    } -   -  /* Make sure the shell to use is definied */ -  if ((entry->pw_shell && *(entry->pw_shell)) == 0) -    entry->pw_shell = DEFAULT_SHELL; -   -  /* Set environment variables */ -  { -    char* _term = getenv("TERM"); -    char* term = NULL; -    if (_term) -      { -	int n = 0, i; -	while (*(_term + n++)) -	  ; -	term = malloc(n * sizeof(char)); -	if (term == NULL) -	  { -	    perror("malloc"); -	    sleep(ERROR_SLEEP); -	    return 1; -	  } -	for (i = 0; i < n; i++) -	  *(term + i) = *(_term + i); -      } -     -    if (preserve_env == 0) -      { -	environ = malloc(sizeof(char*)); -	if (environ == NULL) -	  { -	    perror("malloc"); -	    sleep(ERROR_SLEEP); -	    return 1; -	  } -	*environ = NULL; -      } -     -    setenv("HOME", entry->pw_dir, 1); -    setenv("USER", entry->pw_name, 1); -    setenv("LOGUSER", entry->pw_name, 1); -    setenv("SHELL", entry->pw_shell, 1); -    setenv("TERM", term ?: DEFAULT_TERM, 1); -    setenv("PATH", entry->pw_uid ? PATH : PATH_ROOT, 1); -     -    if (term) -      free(term); -  } +  chdir_home(entry); +  ensure_shell(entry); +  set_environ(entry, preserve_env);    /* Reset terminal ownership and mode */ diff --git a/src/cerberus.h b/src/cerberus.h index acafddf..3f10bee 100644 --- a/src/cerberus.h +++ b/src/cerberus.h @@ -28,11 +28,8 @@  #include "passphrase.h"  #include "quit.h" +#include "login.h"  #include "security.h" +#include "login.h" -/* The number of seconds before the program times out */ -#ifndef TIMEOUT_SECONDS -#define TIMEOUT_SECONDS  60 -#endif - diff --git a/src/config.h b/src/config.h new file mode 100644 index 0000000..acf596c --- /dev/null +++ b/src/config.h @@ -0,0 +1,54 @@ +/** + * cerberus – Minimal login program + *  + * Copyright © 2013  Mattias Andrée (maandree@member.fsf.org) + *  + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + *  + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the + * GNU General Public License for more details. + *  + * You should have received a copy of the GNU General Public License + * along with this program.  If not, see <http://www.gnu.org/licenses/>. + */ +#ifndef __CONFIG_H__ +#define __CONFIG_H__ + + +/** + * Mode for TTY devices + */ +#ifndef TTY_PERM +#define TTY_PERM  0600 +#endif + +/** + * Number of seconds to sleep on login failure + */ +#ifndef FAILURE_SLEEP +#define FAILURE_SLEEP  5 +#endif + +/** + * Number of seconds to sleep on error, + * so the user has time to read the error message + */ +#ifndef ERROR_SLEEP +#define ERROR_SLEEP  2 +#endif + +/** + * Number of seconds before timeout when waiting for a passphrase + */ +#ifndef TIMEOUT_SECONDS +#define TIMEOUT_SECONDS  60 +#endif + + +#endif + diff --git a/src/login.c b/src/login.c new file mode 100644 index 0000000..5a97fb6 --- /dev/null +++ b/src/login.c @@ -0,0 +1,116 @@ +/** + * cerberus – Minimal login program + *  + * Copyright © 2013  Mattias Andrée (maandree@member.fsf.org) + *  + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + *  + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the + * GNU General Public License for more details. + *  + * You should have received a copy of the GNU General Public License + * along with this program.  If not, see <http://www.gnu.org/licenses/>. + */ +#include <pwd.h> +#include <stdlib.h> +#include <stdio.h> +#include <unistd.h> + +#include "config.h" + +#include "login.h" + + +/** + * The environment variables + */ +extern char** environ; + + +/** + * Change directory to the user's home directory + *  + * @param  entry  The user entry in the password file + */ +void chdir_home(struct passwd* entry) +{ +  if (chdir(entry->pw_dir)) +    { +      perror("chdir"); +      if (chdir(DEFAULT_HOME)) +	{ +	  perror("chdir"); +	  sleep(ERROR_SLEEP); +	  _exit(1); +	} +      entry->pw_dir = DEFAULT_HOME; +    } +} + + +/** + * Make sure the shell to use is definied + *  + * @param  entry  The user entry in the password file + */ +void ensure_shell(struct passwd* entry) +{ +  if ((entry->pw_shell && *(entry->pw_shell)) == 0) +    entry->pw_shell = DEFAULT_SHELL; +} + + +/** + * Set environment variables + *  + * @param  entry         The user entry in the password file + * @param  preserve_env  Whether to preserve the environment + */ +void set_environ(struct passwd* entry, char preserve_env) +{ +  char* _term = getenv("TERM"); +  char* term = NULL; +  if (_term) +    { +      int n = 0, i; +      while (*(_term + n++)) +	; +      term = malloc(n * sizeof(char)); +      if (term == NULL) +	{ +	  perror("malloc"); +	  sleep(ERROR_SLEEP); +	  _exit(1); +	} +      for (i = 0; i < n; i++) +	*(term + i) = *(_term + i); +    } +   +  if (preserve_env == 0) +    { +      environ = malloc(sizeof(char*)); +      if (environ == NULL) +	{ +	  perror("malloc"); +	  sleep(ERROR_SLEEP); +	  _exit(1); +	} +      *environ = NULL; +    } +   +  setenv("HOME", entry->pw_dir, 1); +  setenv("USER", entry->pw_name, 1); +  setenv("LOGUSER", entry->pw_name, 1); +  setenv("SHELL", entry->pw_shell, 1); +  setenv("TERM", term ?: DEFAULT_TERM, 1); +  setenv("PATH", entry->pw_uid ? PATH : PATH_ROOT, 1); +   +  if (term) +    free(term); +} + diff --git a/src/login.h b/src/login.h new file mode 100644 index 0000000..43cb302 --- /dev/null +++ b/src/login.h @@ -0,0 +1,49 @@ +/** + * cerberus – Minimal login program + *  + * Copyright © 2013  Mattias Andrée (maandree@member.fsf.org) + *  + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + *  + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the + * GNU General Public License for more details. + *  + * You should have received a copy of the GNU General Public License + * along with this program.  If not, see <http://www.gnu.org/licenses/>. + */ +#ifndef __LOGIN_H__ +#define __LOGIN_H__ + +#include <pwd.h> + + +/** + * Change directory to the user's home directory + *  + * @param  entry  The user entry in the password file + */ +void chdir_home(struct passwd* entry); + +/** + * Make sure the shell to use is definied + *  + * @param  entry  The user entry in the password file + */ +void ensure_shell(struct passwd* entry); + +/** + * Set environment variables + *  + * @param  entry         The user entry in the password file + * @param  preserve_env  Whether to preserve the environment + */ +void set_environ(struct passwd* entry, char preserve_env); + + +#endif + diff --git a/src/passphrase.c b/src/passphrase.c index 4b6af86..9482ba1 100644 --- a/src/passphrase.c +++ b/src/passphrase.c @@ -16,6 +16,13 @@   * You should have received a copy of the GNU General Public License   * along with this program.  If not, see <http://www.gnu.org/licenses/>.   */ +#include <stdlib.h> +#include <stdio.h> +#include <termios.h> +#include <unistd.h> + +#include "config.h" +  #include "passphrase.h" @@ -70,7 +77,7 @@ char* get_passphrase(void)  /**   * Disable echoing and do anything else to the terminal settnings `get_passphrase` requires   */ -void disable_echo() +void disable_echo(void)  {    struct termios stty; @@ -84,7 +91,7 @@ void disable_echo()  /**   * Undo the actions of `disable_echo`   */ -void reenable_echo() +void reenable_echo(void)  {    tcsetattr(STDIN_FILENO, TCSAFLUSH, &saved_stty);  } diff --git a/src/passphrase.h b/src/passphrase.h index 160e334..18b84ae 100644 --- a/src/passphrase.h +++ b/src/passphrase.h @@ -16,10 +16,8 @@   * You should have received a copy of the GNU General Public License   * along with this program.  If not, see <http://www.gnu.org/licenses/>.   */ -#include <stdlib.h> -#include <stdio.h> -#include <termios.h> -#include <unistd.h> +#ifndef __PASSPHRASE_H__ +#define __PASSPHRASE_H__  /** @@ -32,10 +30,13 @@ char* get_passphrase(void);  /**   * Disable echoing and do anything else to the terminal settnings `get_passphrase` requires   */ -void disable_echo(); +void disable_echo(void);  /**   * Undo the actions of `disable_echo`   */ -void reenable_echo(); +void reenable_echo(void); + + +#endif @@ -16,6 +16,11 @@   * You should have received a copy of the GNU General Public License   * along with this program.  If not, see <http://www.gnu.org/licenses/>.   */ +#include <stdio.h> +#include <unistd.h> + +#include "config.h" +#include "passphrase.h"  #include "quit.h" @@ -16,16 +16,8 @@   * You should have received a copy of the GNU General Public License   * along with this program.  If not, see <http://www.gnu.org/licenses/>.   */ -#include <stdio.h> -#include <unistd.h> - -#include "passphrase.h" - - -/* Number of seconds to sleep on error, so the user has time to read the error message */ -#ifndef ERROR_SLEEP -#define ERROR_SLEEP  2 -#endif +#ifndef __QUIT_H__ +#define __QUIT_H__  /** @@ -42,3 +34,6 @@ void timeout_quit(int signal);   */  void user_quit(int signal); + +#endif + diff --git a/src/security.c b/src/security.c index a273cf0..b645b32 100644 --- a/src/security.c +++ b/src/security.c @@ -16,6 +16,20 @@   * You should have received a copy of the GNU General Public License   * along with this program.  If not, see <http://www.gnu.org/licenses/>.   */ +#include <unistd.h> +#include <sys/stat.h> +#include <stdio.h> +#include <termios.h> +#include <fcntl.h> +#include <signal.h> +#include <stropts.h> +#if defined(OWN_VCSA) || defined(OWN_VCS) +#include <string.h> +#include <linux/vt.h> +#endif + +#include "config.h" +  #include "security.h" @@ -80,7 +94,7 @@ void secure_tty(gid_t group)   * @param  group      The group, -1 for unchanged   * @param  with_fail  Abort on failure   */ -void chown_tty(uid_t owner, gid_t group, int with_fail)  +void chown_tty(uid_t owner, gid_t group, char with_fail)   {    #if defined(OWN_VCSA) || defined(OWN_VCS)    struct vt_stat vtstat; diff --git a/src/security.h b/src/security.h index 5e291ff..3a218d9 100644 --- a/src/security.h +++ b/src/security.h @@ -16,24 +16,10 @@   * You should have received a copy of the GNU General Public License   * along with this program.  If not, see <http://www.gnu.org/licenses/>.   */ -#include <unistd.h> -#include <sys/stat.h> -#include <stdio.h> -#include <termios.h> -#include <fcntl.h> -#include <signal.h> -#include <string.h> -#include <stropts.h> -#include <linux/vt.h> +#ifndef __SECURITY_H__ +#define __SECURITY_H__ - -#ifndef TTY_PERM -#define TTY_PERM  0600 -#endif - -#ifndef FAILURE_SLEEP -#define FAILURE_SLEEP  5 -#endif +#include <sys/types.h>  /** @@ -50,5 +36,8 @@ void secure_tty(gid_t group);   * @param  group      The group, -1 for unchanged   * @param  with_fail  Abort on failure   */ -void chown_tty(uid_t owner, gid_t group, int with_fail); +void chown_tty(uid_t owner, gid_t group, char with_fail); + + +#endif | 
