[u/mdw/putty] / unix / pty.c

#define _XOPEN_SOURCE
#define _XOPEN_SOURCE_EXTENDED
#include <features.h>

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
#include <termios.h>
#include <grp.h>
#include <utmp.h>
#include <pwd.h>
#include <time.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/ioctl.h>

#include "putty.h"

#ifndef FALSE
#define FALSE 0
#endif
#ifndef TRUE
#define TRUE 1
#endif

#ifndef UTMP_FILE
#define UTMP_FILE "/var/run/utmp"
#endif
#ifndef WTMP_FILE
#define WTMP_FILE "/var/log/wtmp"
#endif
#ifndef LASTLOG_FILE
#ifdef _PATH_LASTLOG
#define LASTLOG_FILE _PATH_LASTLOG
#else
#define LASTLOG_FILE "/var/log/lastlog"
#endif
#endif

/*
 * Set up a default for vaguely sane systems. The idea is that if
 * OMIT_UTMP is not defined, then at least one of the symbols which
 * enable particular forms of utmp processing should be, if only so
 * that a link error can warn you that you should have defined
 * OMIT_UTMP if you didn't want any. Currently HAVE_PUTUTLINE is
 * the only such symbol.
 */
#ifndef OMIT_UTMP
#if !defined HAVE_PUTUTLINE
#define HAVE_PUTUTLINE
#endif
#endif

int pty_master_fd;
static char pty_name[FILENAME_MAX];
static int pty_stamped_utmp = 0;
static int pty_child_pid;
static int pty_utmp_helper_pid, pty_utmp_helper_pipe;
static int pty_term_width, pty_term_height;
static sig_atomic_t pty_child_dead;
static int pty_exit_code;
#ifndef OMIT_UTMP
static struct utmp utmp_entry;
#endif
char **pty_argv;

static void setup_utmp(char *ttyname, char *location)
{
#ifndef OMIT_UTMP
#ifdef HAVE_LASTLOG
    struct lastlog lastlog_entry;
    FILE *lastlog;
#endif
    struct passwd *pw;
    FILE *wtmp;

    pw = getpwuid(getuid());
    memset(&utmp_entry, 0, sizeof(utmp_entry));
    utmp_entry.ut_type = USER_PROCESS;
    utmp_entry.ut_pid = getpid();
    strncpy(utmp_entry.ut_line, ttyname+5, lenof(utmp_entry.ut_line));
    strncpy(utmp_entry.ut_id, ttyname+8, lenof(utmp_entry.ut_id));
    strncpy(utmp_entry.ut_user, pw->pw_name, lenof(utmp_entry.ut_user));
    strncpy(utmp_entry.ut_host, location, lenof(utmp_entry.ut_host));
    time(&utmp_entry.ut_time);

#if defined HAVE_PUTUTLINE
    utmpname(UTMP_FILE);
    setutent();
    pututline(&utmp_entry);
    endutent();
#endif

    if ((wtmp = fopen(WTMP_FILE, "a")) != NULL) {
	fwrite(&utmp_entry, 1, sizeof(utmp_entry), wtmp);
	fclose(wtmp);
    }

#ifdef HAVE_LASTLOG
    memset(&lastlog_entry, 0, sizeof(lastlog_entry));
    strncpy(lastlog_entry.ll_line, ttyname+5, lenof(lastlog_entry.ll_line));
    strncpy(lastlog_entry.ll_host, location, lenof(lastlog_entry.ll_host));
    time(&lastlog_entry.ll_time);
    if ((lastlog = fopen(LASTLOG_FILE, "r+")) != NULL) {
	fseek(lastlog, sizeof(lastlog_entry) * getuid(), SEEK_SET);
	fwrite(&lastlog_entry, 1, sizeof(lastlog_entry), lastlog);
	fclose(lastlog);
    }
#endif

    pty_stamped_utmp = 1;

#endif
}

static void cleanup_utmp(void)
{
#ifndef OMIT_UTMP
    FILE *wtmp;

    if (!pty_stamped_utmp)
	return;

    utmp_entry.ut_type = DEAD_PROCESS;
    memset(utmp_entry.ut_user, 0, lenof(utmp_entry.ut_user));
    time(&utmp_entry.ut_time);

    if ((wtmp = fopen(WTMP_FILE, "a")) != NULL) {
	fwrite(&utmp_entry, 1, sizeof(utmp_entry), wtmp);
	fclose(wtmp);
    }

    memset(utmp_entry.ut_line, 0, lenof(utmp_entry.ut_line));
    utmp_entry.ut_time = 0;

#if defined HAVE_PUTUTLINE
    utmpname(UTMP_FILE);
    setutent();
    pututline(&utmp_entry);
    endutent();
#endif

    pty_stamped_utmp = 0;	       /* ensure we never double-cleanup */
#endif
}

static void sigchld_handler(int signum)
{
    pid_t pid;
    int status;
    pid = waitpid(-1, &status, WNOHANG);
    if (pid == pty_child_pid && (WIFEXITED(status) || WIFSIGNALED(status))) {
	pty_exit_code = status;
	pty_child_dead = TRUE;
    }
}

static void fatal_sig_handler(int signum)
{
    signal(signum, SIG_DFL);
    cleanup_utmp();
    setuid(getuid());
    raise(signum);
}

static void pty_open_master(void)
{
#ifdef BSD_PTYS
    const char chars1[] = "pqrstuvwxyz";
    const char chars2[] = "0123456789abcdef";
    const char *p1, *p2;
    char master_name[20];
    struct group *gp;

    for (p1 = chars1; *p1; p1++)
	for (p2 = chars2; *p2; p2++) {
	    sprintf(master_name, "/dev/pty%c%c", *p1, *p2);
	    pty_master_fd = open(master_name, O_RDWR);
	    if (pty_master_fd >= 0) {
		if (geteuid() == 0 ||
		    access(master_name, R_OK | W_OK) == 0)
		    goto got_one;
		close(pty_master_fd);
	    }
	}

    /* If we get here, we couldn't get a tty at all. */
    fprintf(stderr, "pterm: unable to open a pseudo-terminal device\n");
    exit(1);

    got_one:
    strcpy(pty_name, master_name);
    pty_name[5] = 't';		       /* /dev/ptyXX -> /dev/ttyXX */

    /* We need to chown/chmod the /dev/ttyXX device. */
    gp = getgrnam("tty");
    chown(pty_name, getuid(), gp ? gp->gr_gid : -1);
    chmod(pty_name, 0600);
#else
    pty_master_fd = open("/dev/ptmx", O_RDWR);

    if (pty_master_fd < 0) {
	perror("/dev/ptmx: open");
	exit(1);
    }

    if (grantpt(pty_master_fd) < 0) {
	perror("grantpt");
	exit(1);
    }
    
    if (unlockpt(pty_master_fd) < 0) {
	perror("unlockpt");
	exit(1);
    }

    pty_name[FILENAME_MAX-1] = '\0';
    strncpy(pty_name, ptsname(pty_master_fd), FILENAME_MAX-1);
#endif
}

/*
 * Pre-initialisation. This is here to get around the fact that GTK
 * doesn't like being run in setuid/setgid programs (probably
 * sensibly). So before we initialise GTK - and therefore before we
 * even process the command line - we check to see if we're running
 * set[ug]id. If so, we open our pty master _now_, chown it as
 * necessary, and drop privileges. We can always close it again
 * later. If we're potentially going to be doing utmp as well, we
 * also fork off a utmp helper process and communicate with it by
 * means of a pipe; the utmp helper will keep privileges in order
 * to clean up utmp when we exit (i.e. when its end of our pipe
 * closes).
 */
void pty_pre_init(void)
{
    pid_t pid;
    int pipefd[2];

    pty_master_fd = -1;

    if (geteuid() != getuid() || getegid() != getgid()) {
	pty_open_master();
    }

#ifndef OMIT_UTMP
    /*
     * Fork off the utmp helper.
     */
    if (pipe(pipefd) < 0) {
	perror("pterm: pipe");
	exit(1);
    }
    pid = fork();
    if (pid < 0) {
	perror("pterm: fork");
	exit(1);
    } else if (pid == 0) {
	char display[128], buffer[128];
	int dlen, ret;

	close(pipefd[1]);
	/*
	 * Now sit here until we receive a display name from the
	 * other end of the pipe, and then stamp utmp. Unstamp utmp
	 * again, and exit, when the pipe closes.
	 */

	dlen = 0;
	while (1) {
	    
	    ret = read(pipefd[0], buffer, lenof(buffer));
	    if (ret <= 0) {
		cleanup_utmp();
		exit(0);
	    } else if (!pty_stamped_utmp) {
		if (dlen < lenof(display))
		    memcpy(display+dlen, buffer,
			   min(ret, lenof(display)-dlen));
		if (buffer[ret-1] == '\0') {
		    /*
		     * Now we have a display name. NUL-terminate
		     * it, and stamp utmp.
		     */
		    display[lenof(display)-1] = '\0';
		    /*
		     * Trap as many fatal signals as we can in the
		     * hope of having the best possible chance to
		     * clean up utmp before termination. We are
		     * unfortunately unprotected against SIGKILL,
		     * but that's life.
		     */
		    signal(SIGHUP, fatal_sig_handler);
		    signal(SIGINT, fatal_sig_handler);
		    signal(SIGQUIT, fatal_sig_handler);
		    signal(SIGILL, fatal_sig_handler);
		    signal(SIGABRT, fatal_sig_handler);
		    signal(SIGFPE, fatal_sig_handler);
		    signal(SIGPIPE, fatal_sig_handler);
		    signal(SIGALRM, fatal_sig_handler);
		    signal(SIGTERM, fatal_sig_handler);
		    signal(SIGSEGV, fatal_sig_handler);
		    signal(SIGUSR1, fatal_sig_handler);
		    signal(SIGUSR2, fatal_sig_handler);
#ifdef SIGBUS
		    signal(SIGBUS, fatal_sig_handler);
#endif
#ifdef SIGPOLL
		    signal(SIGPOLL, fatal_sig_handler);
#endif
#ifdef SIGPROF
		    signal(SIGPROF, fatal_sig_handler);
#endif
#ifdef SIGSYS
		    signal(SIGSYS, fatal_sig_handler);
#endif
#ifdef SIGTRAP
		    signal(SIGTRAP, fatal_sig_handler);
#endif
#ifdef SIGVTALRM
		    signal(SIGVTALRM, fatal_sig_handler);
#endif
#ifdef SIGXCPU
		    signal(SIGXCPU, fatal_sig_handler);
#endif
#ifdef SIGXFSZ
		    signal(SIGXFSZ, fatal_sig_handler);
#endif
#ifdef SIGIO
		    signal(SIGIO, fatal_sig_handler);
#endif
		    /* Also clean up utmp on normal exit. */
		    atexit(cleanup_utmp);
		    setup_utmp(pty_name, display);
		}
	    }
	}
    } else {
	close(pipefd[0]);
	pty_utmp_helper_pid = pid;
	pty_utmp_helper_pipe = pipefd[1];
	signal(SIGCHLD, sigchld_handler);
    }
#endif

    /* Drop privs. */
    {
	int gid = getgid(), uid = getuid();
#ifndef HAVE_NO_SETRESUID
	int setresgid(gid_t, gid_t, gid_t);
	int setresuid(uid_t, uid_t, uid_t);
	setresgid(gid, gid, gid);
	setresuid(uid, uid, uid);
#else
	setgid(getgid());
	setuid(getuid());
#endif
    }
}

/*
 * Called to set up the pty.
 * 
 * Returns an error message, or NULL on success.
 *
 * Also places the canonical host name into `realhost'. It must be
 * freed by the caller.
 */
static char *pty_init(void *frontend,
		      char *host, int port, char **realhost, int nodelay)
{
    int slavefd;
    pid_t pid, pgrp;

    pty_term_width = cfg.width;
    pty_term_height = cfg.height;

    if (pty_master_fd < 0)
	pty_open_master();

    /*
     * Set the backspace character to be whichever of ^H and ^? is
     * specified by bksp_is_delete.
     */
    {
	struct termios attrs;
	tcgetattr(pty_master_fd, &attrs);
	attrs.c_cc[VERASE] = cfg.bksp_is_delete ? '\177' : '\010';
	tcsetattr(pty_master_fd, TCSANOW, &attrs);
    }

    /*
     * Stamp utmp (that is, tell the utmp helper process to do so),
     * or not.
     */
    if (!cfg.stamp_utmp)
	close(pty_utmp_helper_pipe);   /* just let the child process die */
    else {
	char *location = get_x_display();
	int len = strlen(location)+1, pos = 0;   /* +1 to include NUL */
	while (pos < len) {
	    int ret = write(pty_utmp_helper_pipe, location+pos, len - pos);
	    if (ret < 0) {
		perror("pterm: writing to utmp helper process");
		close(pty_utmp_helper_pipe);   /* arrgh, just give up */
		break;
	    }
	    pos += ret;
	}
    }

    /*
     * Fork and execute the command.
     */
    pid = fork();
    if (pid < 0) {
	perror("fork");
	exit(1);
    }

    if (pid == 0) {
	int i;
	/*
	 * We are the child.
	 */

	slavefd = open(pty_name, O_RDWR);
	if (slavefd < 0) {
	    perror("slave pty: open");
	    exit(1);
	}

	close(pty_master_fd);
	fcntl(slavefd, F_SETFD, 0);    /* don't close on exec */
	dup2(slavefd, 0);
	dup2(slavefd, 1);
	dup2(slavefd, 2);
	setsid();
	ioctl(slavefd, TIOCSCTTY, 1);
	pgrp = getpid();
	tcsetpgrp(slavefd, pgrp);
	setpgrp();
	close(open(pty_name, O_WRONLY, 0));
	setpgrp();
	/* Close everything _else_, for tidiness. */
	for (i = 3; i < 1024; i++)
	    close(i);
	{
	    char term_env_var[10 + sizeof(cfg.termtype)];
	    sprintf(term_env_var, "TERM=%s", cfg.termtype);
	    putenv(term_env_var);
	}
	/*
	 * SIGINT and SIGQUIT may have been set to ignored by our
	 * parent, particularly by things like sh -c 'pterm &' and
	 * some window managers. Reverse this for our child process.
	 */
	signal(SIGINT, SIG_DFL);
	signal(SIGQUIT, SIG_DFL);
	if (pty_argv)
	    execvp(pty_argv[0], pty_argv);
	else {
	    char *shell = getenv("SHELL");
	    char *shellname;
	    if (cfg.login_shell) {
		char *p = strrchr(shell, '/');
		shellname = smalloc(2+strlen(shell));
		p = p ? p+1 : shell;
		sprintf(shellname, "-%s", p);
	    } else
		shellname = shell;
	    execl(getenv("SHELL"), shellname, NULL);
	}

	/*
	 * If we're here, exec has gone badly foom.
	 */
	perror("exec");
	exit(127);
    } else {
	close(slavefd);
	pty_child_pid = pid;
	pty_child_dead = FALSE;
	signal(SIGCHLD, sigchld_handler);
    }

    return NULL;
}

/*
 * Called to send data down the pty.
 */
static int pty_send(char *buf, int len)
{
    if (pty_master_fd < 0)
	return 0;		       /* ignore all writes if fd closed */

    while (len > 0) {
	int ret = write(pty_master_fd, buf, len);
	if (ret < 0) {
	    perror("write pty master");
	    exit(1);
	}
	buf += ret;
	len -= ret;
    }
    return 0;
}

void pty_close(void)
{
    if (pty_master_fd >= 0) {
	close(pty_master_fd);
	pty_master_fd = -1;
    }
    close(pty_utmp_helper_pipe);       /* this causes utmp to be cleaned up */
}

/*
 * Called to query the current socket sendability status.
 */
static int pty_sendbuffer(void)
{
    return 0;
}

/*
 * Called to set the size of the window
 */
static void pty_size(int width, int height)
{
    struct winsize size;

    pty_term_width = width;
    pty_term_height = height;

    size.ws_row = (unsigned short)pty_term_height;
    size.ws_col = (unsigned short)pty_term_width;
    size.ws_xpixel = (unsigned short) pty_term_width * font_dimension(0);
    size.ws_ypixel = (unsigned short) pty_term_height * font_dimension(1);
    ioctl(pty_master_fd, TIOCSWINSZ, (void *)&size);
    return;
}

/*
 * Send special codes.
 */
static void pty_special(Telnet_Special code)
{
    /* Do nothing! */
    return;
}

static Socket pty_socket(void)
{
    return NULL;		       /* shouldn't ever be needed */
}

static int pty_sendok(void)
{
    return 1;
}

static void pty_unthrottle(int backlog)
{
    /* do nothing */
}

static int pty_ldisc(int option)
{
    return 0;			       /* neither editing nor echoing */
}

static int pty_exitcode(void)
{
    if (!pty_child_dead)
	return -1;		       /* not dead yet */
    else
	return pty_exit_code;
}

Backend pty_backend = {
    pty_init,
    pty_send,
    pty_sendbuffer,
    pty_size,
    pty_special,
    pty_socket,
    pty_exitcode,
    pty_sendok,
    pty_ldisc,
    pty_unthrottle,
    1
};
Commit	Line	Data
054d8535	1	#define _XOPEN_SOURCE
88e6b9ca	2	#define _XOPEN_SOURCE_EXTENDED
054d8535	3	#include <features.h>
054d8535	4
1709795f	5	#include <stdio.h>
1709795f	6	#include <stdlib.h>
054d8535	7	#include <string.h>
054d8535	8	#include <unistd.h>
a0e16eb1	9	#include <signal.h>
054d8535	10	#include <fcntl.h>
88e6b9ca	11	#include <termios.h>
be4f86de	12	#include <grp.h>
755a6d84	13	#include <utmp.h>
	14	#include <pwd.h>
	15	#include <time.h>
a0e16eb1	16	#include <sys/types.h>
a0e16eb1	17	#include <sys/wait.h>
88e6b9ca	18	#include <sys/ioctl.h>
1709795f	19
	20	#include "putty.h"
	21
	22	#ifndef FALSE
	23	#define FALSE 0
	24	#endif
	25	#ifndef TRUE
	26	#define TRUE 1
	27	#endif
	28
755a6d84	29	#ifndef UTMP_FILE
	30	#define UTMP_FILE "/var/run/utmp"
	31	#endif
	32	#ifndef WTMP_FILE
	33	#define WTMP_FILE "/var/log/wtmp"
	34	#endif
	35	#ifndef LASTLOG_FILE
	36	#ifdef _PATH_LASTLOG
	37	#define LASTLOG_FILE _PATH_LASTLOG
	38	#else
	39	#define LASTLOG_FILE "/var/log/lastlog"
	40	#endif
	41	#endif
	42
f51dc031	43	/*
	44	* Set up a default for vaguely sane systems. The idea is that if
	45	* OMIT_UTMP is not defined, then at least one of the symbols which
	46	* enable particular forms of utmp processing should be, if only so
	47	* that a link error can warn you that you should have defined
	48	* OMIT_UTMP if you didn't want any. Currently HAVE_PUTUTLINE is
	49	* the only such symbol.
	50	*/
	51	#ifndef OMIT_UTMP
	52	#if !defined HAVE_PUTUTLINE
	53	#define HAVE_PUTUTLINE
	54	#endif
	55	#endif
	56
054d8535	57	int pty_master_fd;
95c47834	58	static char pty_name[FILENAME_MAX];
f51dc031	59	static int pty_stamped_utmp = 0;
a0e16eb1	60	static int pty_child_pid;
95c47834	61	static int pty_utmp_helper_pid, pty_utmp_helper_pipe;
f278d6f8	62	static int pty_term_width, pty_term_height;
a0e16eb1	63	static sig_atomic_t pty_child_dead;
90cfd8f4	64	static int pty_exit_code;
755a6d84	65	#ifndef OMIT_UTMP
	66	static struct utmp utmp_entry;
	67	#endif
6169c758	68	char **pty_argv;
054d8535	69
95c47834	70	static void setup_utmp(char ttyname, char location)
755a6d84	71	{
	72	#ifndef OMIT_UTMP
	73	#ifdef HAVE_LASTLOG
	74	struct lastlog lastlog_entry;
	75	FILE *lastlog;
	76	#endif
	77	struct passwd *pw;
755a6d84	78	FILE *wtmp;
	79
	80	pw = getpwuid(getuid());
	81	memset(&utmp_entry, 0, sizeof(utmp_entry));
	82	utmp_entry.ut_type = USER_PROCESS;
	83	utmp_entry.ut_pid = getpid();
	84	strncpy(utmp_entry.ut_line, ttyname+5, lenof(utmp_entry.ut_line));
	85	strncpy(utmp_entry.ut_id, ttyname+8, lenof(utmp_entry.ut_id));
	86	strncpy(utmp_entry.ut_user, pw->pw_name, lenof(utmp_entry.ut_user));
	87	strncpy(utmp_entry.ut_host, location, lenof(utmp_entry.ut_host));
	88	time(&utmp_entry.ut_time);
	89
	90	#if defined HAVE_PUTUTLINE
	91	utmpname(UTMP_FILE);
	92	setutent();
	93	pututline(&utmp_entry);
	94	endutent();
	95	#endif
	96
	97	if ((wtmp = fopen(WTMP_FILE, "a")) != NULL) {
	98	fwrite(&utmp_entry, 1, sizeof(utmp_entry), wtmp);
	99	fclose(wtmp);
	100	}
	101
	102	#ifdef HAVE_LASTLOG
	103	memset(&lastlog_entry, 0, sizeof(lastlog_entry));
	104	strncpy(lastlog_entry.ll_line, ttyname+5, lenof(lastlog_entry.ll_line));
	105	strncpy(lastlog_entry.ll_host, location, lenof(lastlog_entry.ll_host));
	106	time(&lastlog_entry.ll_time);
	107	if ((lastlog = fopen(LASTLOG_FILE, "r+")) != NULL) {
	108	fseek(lastlog, sizeof(lastlog_entry) * getuid(), SEEK_SET);
	109	fwrite(&lastlog_entry, 1, sizeof(lastlog_entry), lastlog);
	110	fclose(lastlog);
	111	}
	112	#endif
	113
f51dc031	114	pty_stamped_utmp = 1;
f51dc031	115
755a6d84	116	#endif
	117	}
	118
	119	static void cleanup_utmp(void)
	120	{
	121	#ifndef OMIT_UTMP
	122	FILE *wtmp;
	123
95c47834	124	if (!pty_stamped_utmp)
f51dc031	125	return;
f51dc031	126
755a6d84	127	utmp_entry.ut_type = DEAD_PROCESS;
	128	memset(utmp_entry.ut_user, 0, lenof(utmp_entry.ut_user));
	129	time(&utmp_entry.ut_time);
	130
	131	if ((wtmp = fopen(WTMP_FILE, "a")) != NULL) {
	132	fwrite(&utmp_entry, 1, sizeof(utmp_entry), wtmp);
	133	fclose(wtmp);
	134	}
	135
	136	memset(utmp_entry.ut_line, 0, lenof(utmp_entry.ut_line));
	137	utmp_entry.ut_time = 0;
	138
	139	#if defined HAVE_PUTUTLINE
	140	utmpname(UTMP_FILE);
	141	setutent();
	142	pututline(&utmp_entry);
	143	endutent();
	144	#endif
	145
f51dc031	146	pty_stamped_utmp = 0; /* ensure we never double-cleanup */
755a6d84	147	#endif
	148	}
	149
a0e16eb1	150	static void sigchld_handler(int signum)
	151	{
	152	pid_t pid;
	153	int status;
	154	pid = waitpid(-1, &status, WNOHANG);
90cfd8f4	155	if (pid == pty_child_pid && (WIFEXITED(status) \|\| WIFSIGNALED(status))) {
	156	pty_exit_code = status;
	157	pty_child_dead = TRUE;
	158	}
a0e16eb1	159	}
a0e16eb1	160
755a6d84	161	static void fatal_sig_handler(int signum)
	162	{
	163	signal(signum, SIG_DFL);
	164	cleanup_utmp();
	165	setuid(getuid());
	166	raise(signum);
	167	}
	168
95c47834	169	static void pty_open_master(void)
1709795f	170	{
be4f86de	171	#ifdef BSD_PTYS
95c47834	172	const char chars1[] = "pqrstuvwxyz";
	173	const char chars2[] = "0123456789abcdef";
	174	const char p1, p2;
	175	char master_name[20];
	176	struct group *gp;
	177
	178	for (p1 = chars1; *p1; p1++)
	179	for (p2 = chars2; *p2; p2++) {
	180	sprintf(master_name, "/dev/pty%c%c", p1, p2);
	181	pty_master_fd = open(master_name, O_RDWR);
	182	if (pty_master_fd >= 0) {
	183	if (geteuid() == 0 \|\|
	184	access(master_name, R_OK \| W_OK) == 0)
	185	goto got_one;
	186	close(pty_master_fd);
be4f86de	187	}
95c47834	188	}
be4f86de	189
95c47834	190	/* If we get here, we couldn't get a tty at all. */
	191	fprintf(stderr, "pterm: unable to open a pseudo-terminal device\n");
	192	exit(1);
be4f86de	193
95c47834	194	got_one:
	195	strcpy(pty_name, master_name);
	196	pty_name[5] = 't'; /* /dev/ptyXX -> /dev/ttyXX */
	197
	198	/* We need to chown/chmod the /dev/ttyXX device. */
	199	gp = getgrnam("tty");
	200	chown(pty_name, getuid(), gp ? gp->gr_gid : -1);
	201	chmod(pty_name, 0600);
be4f86de	202	#else
054d8535	203	pty_master_fd = open("/dev/ptmx", O_RDWR);
	204
	205	if (pty_master_fd < 0) {
	206	perror("/dev/ptmx: open");
	207	exit(1);
	208	}
	209
	210	if (grantpt(pty_master_fd) < 0) {
	211	perror("grantpt");
	212	exit(1);
	213	}
	214
	215	if (unlockpt(pty_master_fd) < 0) {
	216	perror("unlockpt");
	217	exit(1);
	218	}
	219
95c47834	220	pty_name[FILENAME_MAX-1] = '\0';
95c47834	221	strncpy(pty_name, ptsname(pty_master_fd), FILENAME_MAX-1);
be4f86de	222	#endif
95c47834	223	}
054d8535	224
95c47834	225	/*
	226	* Pre-initialisation. This is here to get around the fact that GTK
	227	* doesn't like being run in setuid/setgid programs (probably
	228	* sensibly). So before we initialise GTK - and therefore before we
	229	* even process the command line - we check to see if we're running
	230	* set[ug]id. If so, we open our pty master _now_, chown it as
	231	* necessary, and drop privileges. We can always close it again
	232	* later. If we're potentially going to be doing utmp as well, we
	233	* also fork off a utmp helper process and communicate with it by
	234	* means of a pipe; the utmp helper will keep privileges in order
	235	* to clean up utmp when we exit (i.e. when its end of our pipe
	236	* closes).
	237	*/
	238	void pty_pre_init(void)
	239	{
	240	pid_t pid;
	241	int pipefd[2];
	242
	243	pty_master_fd = -1;
	244
	245	if (geteuid() != getuid() \|\| getegid() != getgid()) {
	246	pty_open_master();
39baeaa4	247	}
39baeaa4	248
95c47834	249	#ifndef OMIT_UTMP
39baeaa4	250	/*
95c47834	251	* Fork off the utmp helper.
755a6d84	252	*/
95c47834	253	if (pipe(pipefd) < 0) {
	254	perror("pterm: pipe");
	255	exit(1);
	256	}
	257	pid = fork();
	258	if (pid < 0) {
	259	perror("pterm: fork");
	260	exit(1);
	261	} else if (pid == 0) {
	262	char display[128], buffer[128];
	263	int dlen, ret;
	264
	265	close(pipefd[1]);
	266	/*
	267	* Now sit here until we receive a display name from the
	268	* other end of the pipe, and then stamp utmp. Unstamp utmp
	269	* again, and exit, when the pipe closes.
	270	*/
	271
	272	dlen = 0;
	273	while (1) {
	274
	275	ret = read(pipefd[0], buffer, lenof(buffer));
	276	if (ret <= 0) {
	277	cleanup_utmp();
	278	exit(0);
	279	} else if (!pty_stamped_utmp) {
	280	if (dlen < lenof(display))
	281	memcpy(display+dlen, buffer,
	282	min(ret, lenof(display)-dlen));
	283	if (buffer[ret-1] == '\0') {
	284	/*
	285	* Now we have a display name. NUL-terminate
	286	* it, and stamp utmp.
	287	*/
	288	display[lenof(display)-1] = '\0';
	289	/*
	290	* Trap as many fatal signals as we can in the
	291	* hope of having the best possible chance to
	292	* clean up utmp before termination. We are
	293	* unfortunately unprotected against SIGKILL,
	294	* but that's life.
	295	*/
	296	signal(SIGHUP, fatal_sig_handler);
	297	signal(SIGINT, fatal_sig_handler);
	298	signal(SIGQUIT, fatal_sig_handler);
	299	signal(SIGILL, fatal_sig_handler);
	300	signal(SIGABRT, fatal_sig_handler);
	301	signal(SIGFPE, fatal_sig_handler);
	302	signal(SIGPIPE, fatal_sig_handler);
	303	signal(SIGALRM, fatal_sig_handler);
	304	signal(SIGTERM, fatal_sig_handler);
	305	signal(SIGSEGV, fatal_sig_handler);
	306	signal(SIGUSR1, fatal_sig_handler);
	307	signal(SIGUSR2, fatal_sig_handler);
755a6d84	308	#ifdef SIGBUS
95c47834	309	signal(SIGBUS, fatal_sig_handler);
755a6d84	310	#endif
755a6d84	311	#ifdef SIGPOLL
95c47834	312	signal(SIGPOLL, fatal_sig_handler);
755a6d84	313	#endif
755a6d84	314	#ifdef SIGPROF
95c47834	315	signal(SIGPROF, fatal_sig_handler);
755a6d84	316	#endif
755a6d84	317	#ifdef SIGSYS
95c47834	318	signal(SIGSYS, fatal_sig_handler);
755a6d84	319	#endif
755a6d84	320	#ifdef SIGTRAP
95c47834	321	signal(SIGTRAP, fatal_sig_handler);
755a6d84	322	#endif
755a6d84	323	#ifdef SIGVTALRM
95c47834	324	signal(SIGVTALRM, fatal_sig_handler);
755a6d84	325	#endif
755a6d84	326	#ifdef SIGXCPU
95c47834	327	signal(SIGXCPU, fatal_sig_handler);
755a6d84	328	#endif
755a6d84	329	#ifdef SIGXFSZ
95c47834	330	signal(SIGXFSZ, fatal_sig_handler);
755a6d84	331	#endif
755a6d84	332	#ifdef SIGIO
95c47834	333	signal(SIGIO, fatal_sig_handler);
	334	#endif
	335	/* Also clean up utmp on normal exit. */
	336	atexit(cleanup_utmp);
	337	setup_utmp(pty_name, display);
	338	}
	339	}
	340	}
	341	} else {
	342	close(pipefd[0]);
	343	pty_utmp_helper_pid = pid;
	344	pty_utmp_helper_pipe = pipefd[1];
2747574c	345	signal(SIGCHLD, sigchld_handler);
95c47834	346	}
755a6d84	347	#endif
95c47834	348
	349	/* Drop privs. */
	350	{
	351	int gid = getgid(), uid = getuid();
	352	#ifndef HAVE_NO_SETRESUID
	353	int setresgid(gid_t, gid_t, gid_t);
	354	int setresuid(uid_t, uid_t, uid_t);
	355	setresgid(gid, gid, gid);
	356	setresuid(uid, uid, uid);
	357	#else
	358	setgid(getgid());
	359	setuid(getuid());
	360	#endif
	361	}
	362	}
	363
	364	/*
	365	* Called to set up the pty.
	366	*
	367	* Returns an error message, or NULL on success.
	368	*
	369	* Also places the canonical host name into `realhost'. It must be
	370	* freed by the caller.
	371	*/
887035a5	372	static char pty_init(void frontend,
887035a5	373	char host, int port, char *realhost, int nodelay)
95c47834	374	{
	375	int slavefd;
	376	pid_t pid, pgrp;
	377
f278d6f8	378	pty_term_width = cfg.width;
	379	pty_term_height = cfg.height;
	380
95c47834	381	if (pty_master_fd < 0)
	382	pty_open_master();
	383
	384	/*
	385	* Set the backspace character to be whichever of ^H and ^? is
	386	* specified by bksp_is_delete.
	387	*/
	388	{
	389	struct termios attrs;
	390	tcgetattr(pty_master_fd, &attrs);
	391	attrs.c_cc[VERASE] = cfg.bksp_is_delete ? '\177' : '\010';
	392	tcsetattr(pty_master_fd, TCSANOW, &attrs);
	393	}
	394
	395	/*
	396	* Stamp utmp (that is, tell the utmp helper process to do so),
	397	* or not.
	398	*/
	399	if (!cfg.stamp_utmp)
	400	close(pty_utmp_helper_pipe); /* just let the child process die */
	401	else {
	402	char *location = get_x_display();
	403	int len = strlen(location)+1, pos = 0; /* +1 to include NUL */
	404	while (pos < len) {
	405	int ret = write(pty_utmp_helper_pipe, location+pos, len - pos);
	406	if (ret < 0) {
	407	perror("pterm: writing to utmp helper process");
	408	close(pty_utmp_helper_pipe); /* arrgh, just give up */
	409	break;
	410	}
	411	pos += ret;
	412	}
	413	}
755a6d84	414
755a6d84	415	/*
054d8535	416	* Fork and execute the command.
	417	*/
	418	pid = fork();
	419	if (pid < 0) {
	420	perror("fork");
88e6b9ca	421	exit(1);
054d8535	422	}
	423
	424	if (pid == 0) {
	425	int i;
	426	/*
	427	* We are the child.
	428	*/
d37c2d81	429
95c47834	430	slavefd = open(pty_name, O_RDWR);
d37c2d81	431	if (slavefd < 0) {
	432	perror("slave pty: open");
	433	exit(1);
	434	}
	435
054d8535	436	close(pty_master_fd);
054d8535	437	fcntl(slavefd, F_SETFD, 0); /* don't close on exec */
	438	dup2(slavefd, 0);
	439	dup2(slavefd, 1);
	440	dup2(slavefd, 2);
	441	setsid();
d37c2d81	442	ioctl(slavefd, TIOCSCTTY, 1);
	443	pgrp = getpid();
	444	tcsetpgrp(slavefd, pgrp);
	445	setpgrp();
95c47834	446	close(open(pty_name, O_WRONLY, 0));
054d8535	447	setpgrp();
054d8535	448	/* Close everything _else_, for tidiness. */
	449	for (i = 3; i < 1024; i++)
	450	close(i);
fe9548aa	451	{
	452	char term_env_var[10 + sizeof(cfg.termtype)];
	453	sprintf(term_env_var, "TERM=%s", cfg.termtype);
	454	putenv(term_env_var);
	455	}
8bf5c419	456	/*
	457	* SIGINT and SIGQUIT may have been set to ignored by our
	458	* parent, particularly by things like sh -c 'pterm &' and
	459	* some window managers. Reverse this for our child process.
	460	*/
	461	signal(SIGINT, SIG_DFL);
	462	signal(SIGQUIT, SIG_DFL);
6169c758	463	if (pty_argv)
6169c758	464	execvp(pty_argv[0], pty_argv);
c8ee61b9	465	else {
	466	char *shell = getenv("SHELL");
	467	char *shellname;
	468	if (cfg.login_shell) {
	469	char *p = strrchr(shell, '/');
	470	shellname = smalloc(2+strlen(shell));
	471	p = p ? p+1 : shell;
	472	sprintf(shellname, "-%s", p);
	473	} else
	474	shellname = shell;
	475	execl(getenv("SHELL"), shellname, NULL);
	476	}
	477
054d8535	478	/*
	479	* If we're here, exec has gone badly foom.
	480	*/
	481	perror("exec");
	482	exit(127);
	483	} else {
	484	close(slavefd);
a0e16eb1	485	pty_child_pid = pid;
	486	pty_child_dead = FALSE;
	487	signal(SIGCHLD, sigchld_handler);
054d8535	488	}
054d8535	489
1709795f	490	return NULL;
	491	}
	492
	493	/*
	494	* Called to send data down the pty.
	495	*/
	496	static int pty_send(char *buf, int len)
	497	{
90cfd8f4	498	if (pty_master_fd < 0)
	499	return 0; /* ignore all writes if fd closed */
	500
054d8535	501	while (len > 0) {
	502	int ret = write(pty_master_fd, buf, len);
	503	if (ret < 0) {
	504	perror("write pty master");
	505	exit(1);
	506	}
	507	buf += ret;
	508	len -= ret;
	509	}
1709795f	510	return 0;
	511	}
	512
90cfd8f4	513	void pty_close(void)
	514	{
	515	if (pty_master_fd >= 0) {
	516	close(pty_master_fd);
	517	pty_master_fd = -1;
	518	}
	519	close(pty_utmp_helper_pipe); /* this causes utmp to be cleaned up */
	520	}
	521
1709795f	522	/*
	523	* Called to query the current socket sendability status.
	524	*/
	525	static int pty_sendbuffer(void)
	526	{
	527	return 0;
	528	}
	529
	530	/*
	531	* Called to set the size of the window
	532	*/
f278d6f8	533	static void pty_size(int width, int height)
1709795f	534	{
88e6b9ca	535	struct winsize size;
88e6b9ca	536
f278d6f8	537	pty_term_width = width;
	538	pty_term_height = height;
	539
	540	size.ws_row = (unsigned short)pty_term_height;
	541	size.ws_col = (unsigned short)pty_term_width;
	542	size.ws_xpixel = (unsigned short) pty_term_width * font_dimension(0);
	543	size.ws_ypixel = (unsigned short) pty_term_height * font_dimension(1);
88e6b9ca	544	ioctl(pty_master_fd, TIOCSWINSZ, (void *)&size);
1709795f	545	return;
	546	}
	547
	548	/*
	549	* Send special codes.
	550	*/
	551	static void pty_special(Telnet_Special code)
	552	{
	553	/* Do nothing! */
	554	return;
	555	}
	556
	557	static Socket pty_socket(void)
	558	{
	559	return NULL; /* shouldn't ever be needed */
	560	}
	561
	562	static int pty_sendok(void)
	563	{
	564	return 1;
	565	}
	566
	567	static void pty_unthrottle(int backlog)
	568	{
	569	/* do nothing */
	570	}
	571
	572	static int pty_ldisc(int option)
	573	{
	574	return 0; /* neither editing nor echoing */
	575	}
	576
	577	static int pty_exitcode(void)
	578	{
90cfd8f4	579	if (!pty_child_dead)
	580	return -1; /* not dead yet */
	581	else
	582	return pty_exit_code;
1709795f	583	}
	584
	585	Backend pty_backend = {
	586	pty_init,
	587	pty_send,
	588	pty_sendbuffer,
	589	pty_size,
	590	pty_special,
	591	pty_socket,
	592	pty_exitcode,
	593	pty_sendok,
	594	pty_ldisc,
	595	pty_unthrottle,
	596	1
	597	};