X-Git-Url: https://ruderich.org/simon/gitweb/?p=ptyas%2Fptyas.git;a=blobdiff_plain;f=ptyas.c;h=dc5f3de85e5ba2646652d2440c1504f8c5a956a4;hp=d87ae34738e2f8321f6df618b81737db894d4365;hb=a340b52624733c23fe40d61d181916e4bd778945;hpb=0178c35881746d366a225b932f519f992035f24c
diff --git a/ptyas.c b/ptyas.c
index d87ae34..dc5f3de 100644
--- a/ptyas.c
+++ b/ptyas.c
@@ -2,20 +2,20 @@
* Run the login shell or command as the given user in a new pty to prevent
* terminal injection attacks.
*
- * Copyright (C) 2016-2018 Simon Ruderich
+ * Copyright (C) 2016-2019 Simon Ruderich
*
* This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
+ * it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
+ * GNU Affero General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see .
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
*/
#define _GNU_SOURCE
@@ -121,7 +121,7 @@ static void drop_privileges_or_die(uid_t uid, gid_t gid) {
die("setgroups");
}
if (getgroups(0, NULL) != 0) {
- die_fmt("failed to drop all supplementary groups");
+ die_fmt("failed to drop all supplementary groups\n");
}
/* Dropping groups may require privileges, do that first. */
@@ -145,12 +145,12 @@ static void drop_privileges_or_die(uid_t uid, gid_t gid) {
}
if ( uid != ruid || uid != euid || uid != suid
|| gid != rgid || gid != egid || gid != sgid) {
- die_fmt("failed to drop privileges");
+ die_fmt("failed to drop privileges\n");
}
}
/* Just to be safe. */
if (setuid(0) != -1) {
- die_fmt("failed to drop privileges (setuid)");
+ die_fmt("failed to drop privileges (setuid)\n");
}
}
@@ -286,6 +286,28 @@ static void sigchld_handler(int signal) {
}
}
+/*
+ * SIGWINCH handler to handle resizes of the outer terminal.
+ *
+ * Errors are ignored without message because printing in signal handlers is
+ * problematic (no FILE * usable due to locks) and there's not much we can do
+ * at this point.
+ */
+static int sigwinch_ctty = -1;
+static int sigwinch_slave = -1;
+
+static void sigwinch_handler(int signal) {
+ (void)signal;
+
+ struct winsize size;
+ if (ioctl(sigwinch_ctty, TIOCGWINSZ, &size) == -1) {
+ return;
+ }
+ if (ioctl(sigwinch_slave, TIOCSWINSZ, &size) == -1) {
+ return;
+ }
+}
+
int main(int argc, char **argv) {
char *exec_argv_shell[] = { NULL, NULL }; /* filled below */
@@ -422,7 +444,18 @@ int main(int argc, char **argv) {
}
quit_with_matching_code(status);
}
- close_or_die(pty_slave);
+ /* Don't close pty_slave here as it's used in sigwinch_handler(). */
+
+ sigwinch_ctty = ctty;
+ sigwinch_slave = pty_slave;
+
+ struct sigaction action_sigwinch = {
+ .sa_handler = sigwinch_handler,
+ };
+ sigemptyset(&action_sigwinch.sa_mask);
+ if (sigaction(SIGWINCH, &action_sigwinch, NULL) != 0) {
+ die("sigaction SIGWINCH");
+ }
pid_to_wait_for = pid;
struct sigaction action_sigchld = {