[u/mdw/putty] / unix / pty.c

#define _XOPEN_SOURCE
#define _XOPEN_SOURCE_EXTENDED
#include <features.h>

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
#include <termios.h>
#include <grp.h>
#include <utmp.h>
#include <pwd.h>
#include <time.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/ioctl.h>

#include "putty.h"

#ifndef FALSE
#define FALSE 0
#endif
#ifndef TRUE
#define TRUE 1
#endif

#ifndef UTMP_FILE
#define UTMP_FILE "/var/run/utmp"
#endif
#ifndef WTMP_FILE
#define WTMP_FILE "/var/log/wtmp"
#endif
#ifndef LASTLOG_FILE
#ifdef _PATH_LASTLOG
#define LASTLOG_FILE _PATH_LASTLOG
#else
#define LASTLOG_FILE "/var/log/lastlog"
#endif
#endif

/*
 * Set up a default for vaguely sane systems. The idea is that if
 * OMIT_UTMP is not defined, then at least one of the symbols which
 * enable particular forms of utmp processing should be, if only so
 * that a link error can warn you that you should have defined
 * OMIT_UTMP if you didn't want any. Currently HAVE_PUTUTLINE is
 * the only such symbol.
 */
#ifndef OMIT_UTMP
#if !defined HAVE_PUTUTLINE
#define HAVE_PUTUTLINE
#endif
#endif

int pty_master_fd;
static char pty_name[FILENAME_MAX];
static int pty_stamped_utmp = 0;
static int pty_child_pid;
static int pty_utmp_helper_pid, pty_utmp_helper_pipe;
static sig_atomic_t pty_child_dead;
#ifndef OMIT_UTMP
static struct utmp utmp_entry;
#endif
char **pty_argv;

int pty_child_is_dead(void)
{
    return pty_child_dead;
}

static void pty_size(void);

static void setup_utmp(char *ttyname, char *location)
{
#ifndef OMIT_UTMP
#ifdef HAVE_LASTLOG
    struct lastlog lastlog_entry;
    FILE *lastlog;
#endif
    struct passwd *pw;
    FILE *wtmp;

    pw = getpwuid(getuid());
    memset(&utmp_entry, 0, sizeof(utmp_entry));
    utmp_entry.ut_type = USER_PROCESS;
    utmp_entry.ut_pid = getpid();
    strncpy(utmp_entry.ut_line, ttyname+5, lenof(utmp_entry.ut_line));
    strncpy(utmp_entry.ut_id, ttyname+8, lenof(utmp_entry.ut_id));
    strncpy(utmp_entry.ut_user, pw->pw_name, lenof(utmp_entry.ut_user));
    strncpy(utmp_entry.ut_host, location, lenof(utmp_entry.ut_host));
    time(&utmp_entry.ut_time);

#if defined HAVE_PUTUTLINE
    utmpname(UTMP_FILE);
    setutent();
    pututline(&utmp_entry);
    endutent();
#endif

    if ((wtmp = fopen(WTMP_FILE, "a")) != NULL) {
	fwrite(&utmp_entry, 1, sizeof(utmp_entry), wtmp);
	fclose(wtmp);
    }

#ifdef HAVE_LASTLOG
    memset(&lastlog_entry, 0, sizeof(lastlog_entry));
    strncpy(lastlog_entry.ll_line, ttyname+5, lenof(lastlog_entry.ll_line));
    strncpy(lastlog_entry.ll_host, location, lenof(lastlog_entry.ll_host));
    time(&lastlog_entry.ll_time);
    if ((lastlog = fopen(LASTLOG_FILE, "r+")) != NULL) {
	fseek(lastlog, sizeof(lastlog_entry) * getuid(), SEEK_SET);
	fwrite(&lastlog_entry, 1, sizeof(lastlog_entry), lastlog);
	fclose(lastlog);
    }
#endif

    pty_stamped_utmp = 1;

#endif
}

static void cleanup_utmp(void)
{
#ifndef OMIT_UTMP
    FILE *wtmp;

    if (!pty_stamped_utmp)
	return;

    utmp_entry.ut_type = DEAD_PROCESS;
    memset(utmp_entry.ut_user, 0, lenof(utmp_entry.ut_user));
    time(&utmp_entry.ut_time);

    if ((wtmp = fopen(WTMP_FILE, "a")) != NULL) {
	fwrite(&utmp_entry, 1, sizeof(utmp_entry), wtmp);
	fclose(wtmp);
    }

    memset(utmp_entry.ut_line, 0, lenof(utmp_entry.ut_line));
    utmp_entry.ut_time = 0;

#if defined HAVE_PUTUTLINE
    utmpname(UTMP_FILE);
    setutent();
    pututline(&utmp_entry);
    endutent();
#endif

    pty_stamped_utmp = 0;	       /* ensure we never double-cleanup */
#endif
}

static void sigchld_handler(int signum)
{
    pid_t pid;
    int status;
    pid = waitpid(-1, &status, WNOHANG);
    if (pid == pty_child_pid && (WIFEXITED(status) || WIFSIGNALED(status)))
	pty_child_dead = TRUE;	
}

static void fatal_sig_handler(int signum)
{
    signal(signum, SIG_DFL);
    cleanup_utmp();
    setuid(getuid());
    raise(signum);
}

static void pty_open_master(void)
{
#ifdef BSD_PTYS
    const char chars1[] = "pqrstuvwxyz";
    const char chars2[] = "0123456789abcdef";
    const char *p1, *p2;
    char master_name[20];
    struct group *gp;

    for (p1 = chars1; *p1; p1++)
	for (p2 = chars2; *p2; p2++) {
	    sprintf(master_name, "/dev/pty%c%c", *p1, *p2);
	    pty_master_fd = open(master_name, O_RDWR);
	    if (pty_master_fd >= 0) {
		if (geteuid() == 0 ||
		    access(master_name, R_OK | W_OK) == 0)
		    goto got_one;
		close(pty_master_fd);
	    }
	}

    /* If we get here, we couldn't get a tty at all. */
    fprintf(stderr, "pterm: unable to open a pseudo-terminal device\n");
    exit(1);

    got_one:
    strcpy(pty_name, master_name);
    pty_name[5] = 't';		       /* /dev/ptyXX -> /dev/ttyXX */

    /* We need to chown/chmod the /dev/ttyXX device. */
    gp = getgrnam("tty");
    chown(pty_name, getuid(), gp ? gp->gr_gid : -1);
    chmod(pty_name, 0600);
#else
    pty_master_fd = open("/dev/ptmx", O_RDWR);

    if (pty_master_fd < 0) {
	perror("/dev/ptmx: open");
	exit(1);
    }

    if (grantpt(pty_master_fd) < 0) {
	perror("grantpt");
	exit(1);
    }
    
    if (unlockpt(pty_master_fd) < 0) {
	perror("unlockpt");
	exit(1);
    }

    pty_name[FILENAME_MAX-1] = '\0';
    strncpy(pty_name, ptsname(pty_master_fd), FILENAME_MAX-1);
#endif
}

/*
 * Pre-initialisation. This is here to get around the fact that GTK
 * doesn't like being run in setuid/setgid programs (probably
 * sensibly). So before we initialise GTK - and therefore before we
 * even process the command line - we check to see if we're running
 * set[ug]id. If so, we open our pty master _now_, chown it as
 * necessary, and drop privileges. We can always close it again
 * later. If we're potentially going to be doing utmp as well, we
 * also fork off a utmp helper process and communicate with it by
 * means of a pipe; the utmp helper will keep privileges in order
 * to clean up utmp when we exit (i.e. when its end of our pipe
 * closes).
 */
void pty_pre_init(void)
{
    pid_t pid;
    int pipefd[2];

    pty_master_fd = -1;

    if (geteuid() != getuid() || getegid() != getgid()) {
	pty_open_master();
    }

#ifndef OMIT_UTMP
    /*
     * Fork off the utmp helper.
     */
    if (pipe(pipefd) < 0) {
	perror("pterm: pipe");
	exit(1);
    }
    pid = fork();
    if (pid < 0) {
	perror("pterm: fork");
	exit(1);
    } else if (pid == 0) {
	char display[128], buffer[128];
	int dlen, ret;

	close(pipefd[1]);
	/*
	 * Now sit here until we receive a display name from the
	 * other end of the pipe, and then stamp utmp. Unstamp utmp
	 * again, and exit, when the pipe closes.
	 */

	dlen = 0;
	while (1) {
	    
	    ret = read(pipefd[0], buffer, lenof(buffer));
	    if (ret <= 0) {
		cleanup_utmp();
		exit(0);
	    } else if (!pty_stamped_utmp) {
		if (dlen < lenof(display))
		    memcpy(display+dlen, buffer,
			   min(ret, lenof(display)-dlen));
		if (buffer[ret-1] == '\0') {
		    /*
		     * Now we have a display name. NUL-terminate
		     * it, and stamp utmp.
		     */
		    display[lenof(display)-1] = '\0';
		    /*
		     * Trap as many fatal signals as we can in the
		     * hope of having the best possible chance to
		     * clean up utmp before termination. We are
		     * unfortunately unprotected against SIGKILL,
		     * but that's life.
		     */
		    signal(SIGHUP, fatal_sig_handler);
		    signal(SIGINT, fatal_sig_handler);
		    signal(SIGQUIT, fatal_sig_handler);
		    signal(SIGILL, fatal_sig_handler);
		    signal(SIGABRT, fatal_sig_handler);
		    signal(SIGFPE, fatal_sig_handler);
		    signal(SIGPIPE, fatal_sig_handler);
		    signal(SIGALRM, fatal_sig_handler);
		    signal(SIGTERM, fatal_sig_handler);
		    signal(SIGSEGV, fatal_sig_handler);
		    signal(SIGUSR1, fatal_sig_handler);
		    signal(SIGUSR2, fatal_sig_handler);
#ifdef SIGBUS
		    signal(SIGBUS, fatal_sig_handler);
#endif
#ifdef SIGPOLL
		    signal(SIGPOLL, fatal_sig_handler);
#endif
#ifdef SIGPROF
		    signal(SIGPROF, fatal_sig_handler);
#endif
#ifdef SIGSYS
		    signal(SIGSYS, fatal_sig_handler);
#endif
#ifdef SIGTRAP
		    signal(SIGTRAP, fatal_sig_handler);
#endif
#ifdef SIGVTALRM
		    signal(SIGVTALRM, fatal_sig_handler);
#endif
#ifdef SIGXCPU
		    signal(SIGXCPU, fatal_sig_handler);
#endif
#ifdef SIGXFSZ
		    signal(SIGXFSZ, fatal_sig_handler);
#endif
#ifdef SIGIO
		    signal(SIGIO, fatal_sig_handler);
#endif
		    /* Also clean up utmp on normal exit. */
		    atexit(cleanup_utmp);
		    setup_utmp(pty_name, display);
		}
	    }
	}
    } else {
	close(pipefd[0]);
	pty_utmp_helper_pid = pid;
	pty_utmp_helper_pipe = pipefd[1];
    }
#endif

    /* Drop privs. */
    {
	int gid = getgid(), uid = getuid();
#ifndef HAVE_NO_SETRESUID
	int setresgid(gid_t, gid_t, gid_t);
	int setresuid(uid_t, uid_t, uid_t);
	setresgid(gid, gid, gid);
	setresuid(uid, uid, uid);
#else
	setgid(getgid());
	setuid(getuid());
#endif
    }
}

/*
 * Called to set up the pty.
 * 
 * Returns an error message, or NULL on success.
 *
 * Also places the canonical host name into `realhost'. It must be
 * freed by the caller.
 */
static char *pty_init(char *host, int port, char **realhost, int nodelay)
{
    int slavefd;
    pid_t pid, pgrp;

    if (pty_master_fd < 0)
	pty_open_master();

    /*
     * Set the backspace character to be whichever of ^H and ^? is
     * specified by bksp_is_delete.
     */
    {
	struct termios attrs;
	tcgetattr(pty_master_fd, &attrs);
	attrs.c_cc[VERASE] = cfg.bksp_is_delete ? '\177' : '\010';
	tcsetattr(pty_master_fd, TCSANOW, &attrs);
    }

    /*
     * Stamp utmp (that is, tell the utmp helper process to do so),
     * or not.
     */
    if (!cfg.stamp_utmp)
	close(pty_utmp_helper_pipe);   /* just let the child process die */
    else {
	char *location = get_x_display();
	int len = strlen(location)+1, pos = 0;   /* +1 to include NUL */
	while (pos < len) {
	    int ret = write(pty_utmp_helper_pipe, location+pos, len - pos);
	    if (ret < 0) {
		perror("pterm: writing to utmp helper process");
		close(pty_utmp_helper_pipe);   /* arrgh, just give up */
		break;
	    }
	    pos += ret;
	}
    }

    /*
     * Fork and execute the command.
     */
    pid = fork();
    if (pid < 0) {
	perror("fork");
	exit(1);
    }

    if (pid == 0) {
	int i;
	/*
	 * We are the child.
	 */

	slavefd = open(pty_name, O_RDWR);
	if (slavefd < 0) {
	    perror("slave pty: open");
	    exit(1);
	}

	close(pty_master_fd);
	fcntl(slavefd, F_SETFD, 0);    /* don't close on exec */
	dup2(slavefd, 0);
	dup2(slavefd, 1);
	dup2(slavefd, 2);
	setsid();
	ioctl(slavefd, TIOCSCTTY, 1);
	pgrp = getpid();
	tcsetpgrp(slavefd, pgrp);
	setpgrp();
	close(open(pty_name, O_WRONLY, 0));
	setpgrp();
	/* Close everything _else_, for tidiness. */
	for (i = 3; i < 1024; i++)
	    close(i);
	{
	    char term_env_var[10 + sizeof(cfg.termtype)];
	    sprintf(term_env_var, "TERM=%s", cfg.termtype);
	    putenv(term_env_var);
	}
	if (pty_argv)
	    execvp(pty_argv[0], pty_argv);
	else {
	    char *shell = getenv("SHELL");
	    char *shellname;
	    if (cfg.login_shell) {
		char *p = strrchr(shell, '/');
		shellname = smalloc(2+strlen(shell));
		p = p ? p+1 : shell;
		sprintf(shellname, "-%s", p);
	    } else
		shellname = shell;
	    execl(getenv("SHELL"), shellname, NULL);
	}

	/*
	 * If we're here, exec has gone badly foom.
	 */
	perror("exec");
	exit(127);
    } else {
	close(slavefd);
	pty_child_pid = pid;
	pty_child_dead = FALSE;
	signal(SIGCHLD, sigchld_handler);
    }

    return NULL;
}

/*
 * Called to send data down the pty.
 */
static int pty_send(char *buf, int len)
{
    while (len > 0) {
	int ret = write(pty_master_fd, buf, len);
	if (ret < 0) {
	    perror("write pty master");
	    exit(1);
	}
	buf += ret;
	len -= ret;
    }
    return 0;
}

/*
 * Called to query the current socket sendability status.
 */
static int pty_sendbuffer(void)
{
    return 0;
}

/*
 * Called to set the size of the window
 */
static void pty_size(void)
{
    struct winsize size;

    size.ws_row = (unsigned short)rows;
    size.ws_col = (unsigned short)cols;
    size.ws_xpixel = (unsigned short) cols * font_dimension(0);
    size.ws_ypixel = (unsigned short) rows * font_dimension(1);
    ioctl(pty_master_fd, TIOCSWINSZ, (void *)&size);
    return;
}

/*
 * Send special codes.
 */
static void pty_special(Telnet_Special code)
{
    /* Do nothing! */
    return;
}

static Socket pty_socket(void)
{
    return NULL;		       /* shouldn't ever be needed */
}

static int pty_sendok(void)
{
    return 1;
}

static void pty_unthrottle(int backlog)
{
    /* do nothing */
}

static int pty_ldisc(int option)
{
    return 0;			       /* neither editing nor echoing */
}

static int pty_exitcode(void)
{
    /* Shouldn't ever be required */
    return 0;
}

Backend pty_backend = {
    pty_init,
    pty_send,
    pty_sendbuffer,
    pty_size,
    pty_special,
    pty_socket,
    pty_exitcode,
    pty_sendok,
    pty_ldisc,
    pty_unthrottle,
    1
};
Commit	Line	Data
054d8535	1	#define _XOPEN_SOURCE
88e6b9ca	2	#define _XOPEN_SOURCE_EXTENDED
054d8535	3	#include <features.h>
054d8535	4
1709795f	5	#include <stdio.h>
1709795f	6	#include <stdlib.h>
054d8535	7	#include <string.h>
054d8535	8	#include <unistd.h>
a0e16eb1	9	#include <signal.h>
054d8535	10	#include <fcntl.h>
88e6b9ca	11	#include <termios.h>
be4f86de	12	#include <grp.h>
755a6d84	13	#include <utmp.h>
	14	#include <pwd.h>
	15	#include <time.h>
a0e16eb1	16	#include <sys/types.h>
a0e16eb1	17	#include <sys/wait.h>
88e6b9ca	18	#include <sys/ioctl.h>
1709795f	19
	20	#include "putty.h"
	21
	22	#ifndef FALSE
	23	#define FALSE 0
	24	#endif
	25	#ifndef TRUE
	26	#define TRUE 1
	27	#endif
	28
755a6d84	29	#ifndef UTMP_FILE
	30	#define UTMP_FILE "/var/run/utmp"
	31	#endif
	32	#ifndef WTMP_FILE
	33	#define WTMP_FILE "/var/log/wtmp"
	34	#endif
	35	#ifndef LASTLOG_FILE
	36	#ifdef _PATH_LASTLOG
	37	#define LASTLOG_FILE _PATH_LASTLOG
	38	#else
	39	#define LASTLOG_FILE "/var/log/lastlog"
	40	#endif
	41	#endif
	42
f51dc031	43	/*
	44	* Set up a default for vaguely sane systems. The idea is that if
	45	* OMIT_UTMP is not defined, then at least one of the symbols which
	46	* enable particular forms of utmp processing should be, if only so
	47	* that a link error can warn you that you should have defined
	48	* OMIT_UTMP if you didn't want any. Currently HAVE_PUTUTLINE is
	49	* the only such symbol.
	50	*/
	51	#ifndef OMIT_UTMP
	52	#if !defined HAVE_PUTUTLINE
	53	#define HAVE_PUTUTLINE
	54	#endif
	55	#endif
	56
054d8535	57	int pty_master_fd;
95c47834	58	static char pty_name[FILENAME_MAX];
f51dc031	59	static int pty_stamped_utmp = 0;
a0e16eb1	60	static int pty_child_pid;
95c47834	61	static int pty_utmp_helper_pid, pty_utmp_helper_pipe;
a0e16eb1	62	static sig_atomic_t pty_child_dead;
755a6d84	63	#ifndef OMIT_UTMP
	64	static struct utmp utmp_entry;
	65	#endif
6169c758	66	char **pty_argv;
054d8535	67
a0e16eb1	68	int pty_child_is_dead(void)
	69	{
	70	return pty_child_dead;
	71	}
	72
1709795f	73	static void pty_size(void);
1709795f	74
95c47834	75	static void setup_utmp(char ttyname, char location)
755a6d84	76	{
	77	#ifndef OMIT_UTMP
	78	#ifdef HAVE_LASTLOG
	79	struct lastlog lastlog_entry;
	80	FILE *lastlog;
	81	#endif
	82	struct passwd *pw;
755a6d84	83	FILE *wtmp;
	84
	85	pw = getpwuid(getuid());
	86	memset(&utmp_entry, 0, sizeof(utmp_entry));
	87	utmp_entry.ut_type = USER_PROCESS;
	88	utmp_entry.ut_pid = getpid();
	89	strncpy(utmp_entry.ut_line, ttyname+5, lenof(utmp_entry.ut_line));
	90	strncpy(utmp_entry.ut_id, ttyname+8, lenof(utmp_entry.ut_id));
	91	strncpy(utmp_entry.ut_user, pw->pw_name, lenof(utmp_entry.ut_user));
	92	strncpy(utmp_entry.ut_host, location, lenof(utmp_entry.ut_host));
	93	time(&utmp_entry.ut_time);
	94
	95	#if defined HAVE_PUTUTLINE
	96	utmpname(UTMP_FILE);
	97	setutent();
	98	pututline(&utmp_entry);
	99	endutent();
	100	#endif
	101
	102	if ((wtmp = fopen(WTMP_FILE, "a")) != NULL) {
	103	fwrite(&utmp_entry, 1, sizeof(utmp_entry), wtmp);
	104	fclose(wtmp);
	105	}
	106
	107	#ifdef HAVE_LASTLOG
	108	memset(&lastlog_entry, 0, sizeof(lastlog_entry));
	109	strncpy(lastlog_entry.ll_line, ttyname+5, lenof(lastlog_entry.ll_line));
	110	strncpy(lastlog_entry.ll_host, location, lenof(lastlog_entry.ll_host));
	111	time(&lastlog_entry.ll_time);
	112	if ((lastlog = fopen(LASTLOG_FILE, "r+")) != NULL) {
	113	fseek(lastlog, sizeof(lastlog_entry) * getuid(), SEEK_SET);
	114	fwrite(&lastlog_entry, 1, sizeof(lastlog_entry), lastlog);
	115	fclose(lastlog);
	116	}
	117	#endif
	118
f51dc031	119	pty_stamped_utmp = 1;
f51dc031	120
755a6d84	121	#endif
	122	}
	123
	124	static void cleanup_utmp(void)
	125	{
	126	#ifndef OMIT_UTMP
	127	FILE *wtmp;
	128
95c47834	129	if (!pty_stamped_utmp)
f51dc031	130	return;
f51dc031	131
755a6d84	132	utmp_entry.ut_type = DEAD_PROCESS;
	133	memset(utmp_entry.ut_user, 0, lenof(utmp_entry.ut_user));
	134	time(&utmp_entry.ut_time);
	135
	136	if ((wtmp = fopen(WTMP_FILE, "a")) != NULL) {
	137	fwrite(&utmp_entry, 1, sizeof(utmp_entry), wtmp);
	138	fclose(wtmp);
	139	}
	140
	141	memset(utmp_entry.ut_line, 0, lenof(utmp_entry.ut_line));
	142	utmp_entry.ut_time = 0;
	143
	144	#if defined HAVE_PUTUTLINE
	145	utmpname(UTMP_FILE);
	146	setutent();
	147	pututline(&utmp_entry);
	148	endutent();
	149	#endif
	150
f51dc031	151	pty_stamped_utmp = 0; /* ensure we never double-cleanup */
755a6d84	152	#endif
	153	}
	154
a0e16eb1	155	static void sigchld_handler(int signum)
	156	{
	157	pid_t pid;
	158	int status;
	159	pid = waitpid(-1, &status, WNOHANG);
	160	if (pid == pty_child_pid && (WIFEXITED(status) \|\| WIFSIGNALED(status)))
	161	pty_child_dead = TRUE;
	162	}
	163
755a6d84	164	static void fatal_sig_handler(int signum)
	165	{
	166	signal(signum, SIG_DFL);
	167	cleanup_utmp();
	168	setuid(getuid());
	169	raise(signum);
	170	}
	171
95c47834	172	static void pty_open_master(void)
1709795f	173	{
be4f86de	174	#ifdef BSD_PTYS
95c47834	175	const char chars1[] = "pqrstuvwxyz";
	176	const char chars2[] = "0123456789abcdef";
	177	const char p1, p2;
	178	char master_name[20];
	179	struct group *gp;
	180
	181	for (p1 = chars1; *p1; p1++)
	182	for (p2 = chars2; *p2; p2++) {
	183	sprintf(master_name, "/dev/pty%c%c", p1, p2);
	184	pty_master_fd = open(master_name, O_RDWR);
	185	if (pty_master_fd >= 0) {
	186	if (geteuid() == 0 \|\|
	187	access(master_name, R_OK \| W_OK) == 0)
	188	goto got_one;
	189	close(pty_master_fd);
be4f86de	190	}
95c47834	191	}
be4f86de	192
95c47834	193	/* If we get here, we couldn't get a tty at all. */
	194	fprintf(stderr, "pterm: unable to open a pseudo-terminal device\n");
	195	exit(1);
be4f86de	196
95c47834	197	got_one:
	198	strcpy(pty_name, master_name);
	199	pty_name[5] = 't'; /* /dev/ptyXX -> /dev/ttyXX */
	200
	201	/* We need to chown/chmod the /dev/ttyXX device. */
	202	gp = getgrnam("tty");
	203	chown(pty_name, getuid(), gp ? gp->gr_gid : -1);
	204	chmod(pty_name, 0600);
be4f86de	205	#else
054d8535	206	pty_master_fd = open("/dev/ptmx", O_RDWR);
	207
	208	if (pty_master_fd < 0) {
	209	perror("/dev/ptmx: open");
	210	exit(1);
	211	}
	212
	213	if (grantpt(pty_master_fd) < 0) {
	214	perror("grantpt");
	215	exit(1);
	216	}
	217
	218	if (unlockpt(pty_master_fd) < 0) {
	219	perror("unlockpt");
	220	exit(1);
	221	}
	222
95c47834	223	pty_name[FILENAME_MAX-1] = '\0';
95c47834	224	strncpy(pty_name, ptsname(pty_master_fd), FILENAME_MAX-1);
be4f86de	225	#endif
95c47834	226	}
054d8535	227
95c47834	228	/*
	229	* Pre-initialisation. This is here to get around the fact that GTK
	230	* doesn't like being run in setuid/setgid programs (probably
	231	* sensibly). So before we initialise GTK - and therefore before we
	232	* even process the command line - we check to see if we're running
	233	* set[ug]id. If so, we open our pty master _now_, chown it as
	234	* necessary, and drop privileges. We can always close it again
	235	* later. If we're potentially going to be doing utmp as well, we
	236	* also fork off a utmp helper process and communicate with it by
	237	* means of a pipe; the utmp helper will keep privileges in order
	238	* to clean up utmp when we exit (i.e. when its end of our pipe
	239	* closes).
	240	*/
	241	void pty_pre_init(void)
	242	{
	243	pid_t pid;
	244	int pipefd[2];
	245
	246	pty_master_fd = -1;
	247
	248	if (geteuid() != getuid() \|\| getegid() != getgid()) {
	249	pty_open_master();
39baeaa4	250	}
39baeaa4	251
95c47834	252	#ifndef OMIT_UTMP
39baeaa4	253	/*
95c47834	254	* Fork off the utmp helper.
755a6d84	255	*/
95c47834	256	if (pipe(pipefd) < 0) {
	257	perror("pterm: pipe");
	258	exit(1);
	259	}
	260	pid = fork();
	261	if (pid < 0) {
	262	perror("pterm: fork");
	263	exit(1);
	264	} else if (pid == 0) {
	265	char display[128], buffer[128];
	266	int dlen, ret;
	267
	268	close(pipefd[1]);
	269	/*
	270	* Now sit here until we receive a display name from the
	271	* other end of the pipe, and then stamp utmp. Unstamp utmp
	272	* again, and exit, when the pipe closes.
	273	*/
	274
	275	dlen = 0;
	276	while (1) {
	277
	278	ret = read(pipefd[0], buffer, lenof(buffer));
	279	if (ret <= 0) {
	280	cleanup_utmp();
	281	exit(0);
	282	} else if (!pty_stamped_utmp) {
	283	if (dlen < lenof(display))
	284	memcpy(display+dlen, buffer,
	285	min(ret, lenof(display)-dlen));
	286	if (buffer[ret-1] == '\0') {
	287	/*
	288	* Now we have a display name. NUL-terminate
	289	* it, and stamp utmp.
	290	*/
	291	display[lenof(display)-1] = '\0';
	292	/*
	293	* Trap as many fatal signals as we can in the
	294	* hope of having the best possible chance to
	295	* clean up utmp before termination. We are
	296	* unfortunately unprotected against SIGKILL,
	297	* but that's life.
	298	*/
	299	signal(SIGHUP, fatal_sig_handler);
	300	signal(SIGINT, fatal_sig_handler);
	301	signal(SIGQUIT, fatal_sig_handler);
	302	signal(SIGILL, fatal_sig_handler);
	303	signal(SIGABRT, fatal_sig_handler);
	304	signal(SIGFPE, fatal_sig_handler);
	305	signal(SIGPIPE, fatal_sig_handler);
	306	signal(SIGALRM, fatal_sig_handler);
	307	signal(SIGTERM, fatal_sig_handler);
	308	signal(SIGSEGV, fatal_sig_handler);
	309	signal(SIGUSR1, fatal_sig_handler);
	310	signal(SIGUSR2, fatal_sig_handler);
755a6d84	311	#ifdef SIGBUS
95c47834	312	signal(SIGBUS, fatal_sig_handler);
755a6d84	313	#endif
755a6d84	314	#ifdef SIGPOLL
95c47834	315	signal(SIGPOLL, fatal_sig_handler);
755a6d84	316	#endif
755a6d84	317	#ifdef SIGPROF
95c47834	318	signal(SIGPROF, fatal_sig_handler);
755a6d84	319	#endif
755a6d84	320	#ifdef SIGSYS
95c47834	321	signal(SIGSYS, fatal_sig_handler);
755a6d84	322	#endif
755a6d84	323	#ifdef SIGTRAP
95c47834	324	signal(SIGTRAP, fatal_sig_handler);
755a6d84	325	#endif
755a6d84	326	#ifdef SIGVTALRM
95c47834	327	signal(SIGVTALRM, fatal_sig_handler);
755a6d84	328	#endif
755a6d84	329	#ifdef SIGXCPU
95c47834	330	signal(SIGXCPU, fatal_sig_handler);
755a6d84	331	#endif
755a6d84	332	#ifdef SIGXFSZ
95c47834	333	signal(SIGXFSZ, fatal_sig_handler);
755a6d84	334	#endif
755a6d84	335	#ifdef SIGIO
95c47834	336	signal(SIGIO, fatal_sig_handler);
	337	#endif
	338	/* Also clean up utmp on normal exit. */
	339	atexit(cleanup_utmp);
	340	setup_utmp(pty_name, display);
	341	}
	342	}
	343	}
	344	} else {
	345	close(pipefd[0]);
	346	pty_utmp_helper_pid = pid;
	347	pty_utmp_helper_pipe = pipefd[1];
	348	}
755a6d84	349	#endif
95c47834	350
	351	/* Drop privs. */
	352	{
	353	int gid = getgid(), uid = getuid();
	354	#ifndef HAVE_NO_SETRESUID
	355	int setresgid(gid_t, gid_t, gid_t);
	356	int setresuid(uid_t, uid_t, uid_t);
	357	setresgid(gid, gid, gid);
	358	setresuid(uid, uid, uid);
	359	#else
	360	setgid(getgid());
	361	setuid(getuid());
	362	#endif
	363	}
	364	}
	365
	366	/*
	367	* Called to set up the pty.
	368	*
	369	* Returns an error message, or NULL on success.
	370	*
	371	* Also places the canonical host name into `realhost'. It must be
	372	* freed by the caller.
	373	*/
	374	static char pty_init(char host, int port, char **realhost, int nodelay)
	375	{
	376	int slavefd;
	377	pid_t pid, pgrp;
	378
	379	if (pty_master_fd < 0)
	380	pty_open_master();
	381
	382	/*
	383	* Set the backspace character to be whichever of ^H and ^? is
	384	* specified by bksp_is_delete.
	385	*/
	386	{
	387	struct termios attrs;
	388	tcgetattr(pty_master_fd, &attrs);
	389	attrs.c_cc[VERASE] = cfg.bksp_is_delete ? '\177' : '\010';
	390	tcsetattr(pty_master_fd, TCSANOW, &attrs);
	391	}
	392
	393	/*
	394	* Stamp utmp (that is, tell the utmp helper process to do so),
	395	* or not.
	396	*/
	397	if (!cfg.stamp_utmp)
	398	close(pty_utmp_helper_pipe); /* just let the child process die */
	399	else {
	400	char *location = get_x_display();
	401	int len = strlen(location)+1, pos = 0; /* +1 to include NUL */
	402	while (pos < len) {
	403	int ret = write(pty_utmp_helper_pipe, location+pos, len - pos);
	404	if (ret < 0) {
	405	perror("pterm: writing to utmp helper process");
	406	close(pty_utmp_helper_pipe); /* arrgh, just give up */
	407	break;
	408	}
	409	pos += ret;
	410	}
	411	}
755a6d84	412
755a6d84	413	/*
054d8535	414	* Fork and execute the command.
	415	*/
	416	pid = fork();
	417	if (pid < 0) {
	418	perror("fork");
88e6b9ca	419	exit(1);
054d8535	420	}
	421
	422	if (pid == 0) {
	423	int i;
	424	/*
	425	* We are the child.
	426	*/
d37c2d81	427
95c47834	428	slavefd = open(pty_name, O_RDWR);
d37c2d81	429	if (slavefd < 0) {
	430	perror("slave pty: open");
	431	exit(1);
	432	}
	433
054d8535	434	close(pty_master_fd);
054d8535	435	fcntl(slavefd, F_SETFD, 0); /* don't close on exec */
	436	dup2(slavefd, 0);
	437	dup2(slavefd, 1);
	438	dup2(slavefd, 2);
	439	setsid();
d37c2d81	440	ioctl(slavefd, TIOCSCTTY, 1);
	441	pgrp = getpid();
	442	tcsetpgrp(slavefd, pgrp);
	443	setpgrp();
95c47834	444	close(open(pty_name, O_WRONLY, 0));
054d8535	445	setpgrp();
054d8535	446	/* Close everything _else_, for tidiness. */
	447	for (i = 3; i < 1024; i++)
	448	close(i);
fe9548aa	449	{
	450	char term_env_var[10 + sizeof(cfg.termtype)];
	451	sprintf(term_env_var, "TERM=%s", cfg.termtype);
	452	putenv(term_env_var);
	453	}
6169c758	454	if (pty_argv)
6169c758	455	execvp(pty_argv[0], pty_argv);
c8ee61b9	456	else {
	457	char *shell = getenv("SHELL");
	458	char *shellname;
	459	if (cfg.login_shell) {
	460	char *p = strrchr(shell, '/');
	461	shellname = smalloc(2+strlen(shell));
	462	p = p ? p+1 : shell;
	463	sprintf(shellname, "-%s", p);
	464	} else
	465	shellname = shell;
	466	execl(getenv("SHELL"), shellname, NULL);
	467	}
	468
054d8535	469	/*
	470	* If we're here, exec has gone badly foom.
	471	*/
	472	perror("exec");
	473	exit(127);
	474	} else {
	475	close(slavefd);
a0e16eb1	476	pty_child_pid = pid;
	477	pty_child_dead = FALSE;
	478	signal(SIGCHLD, sigchld_handler);
054d8535	479	}
054d8535	480
1709795f	481	return NULL;
	482	}
	483
	484	/*
	485	* Called to send data down the pty.
	486	*/
	487	static int pty_send(char *buf, int len)
	488	{
054d8535	489	while (len > 0) {
	490	int ret = write(pty_master_fd, buf, len);
	491	if (ret < 0) {
	492	perror("write pty master");
	493	exit(1);
	494	}
	495	buf += ret;
	496	len -= ret;
	497	}
1709795f	498	return 0;
	499	}
	500
	501	/*
	502	* Called to query the current socket sendability status.
	503	*/
	504	static int pty_sendbuffer(void)
	505	{
	506	return 0;
	507	}
	508
	509	/*
	510	* Called to set the size of the window
	511	*/
	512	static void pty_size(void)
	513	{
88e6b9ca	514	struct winsize size;
	515
	516	size.ws_row = (unsigned short)rows;
	517	size.ws_col = (unsigned short)cols;
e9aef757	518	size.ws_xpixel = (unsigned short) cols * font_dimension(0);
e9aef757	519	size.ws_ypixel = (unsigned short) rows * font_dimension(1);
88e6b9ca	520	ioctl(pty_master_fd, TIOCSWINSZ, (void *)&size);
1709795f	521	return;
	522	}
	523
	524	/*
	525	* Send special codes.
	526	*/
	527	static void pty_special(Telnet_Special code)
	528	{
	529	/* Do nothing! */
	530	return;
	531	}
	532
	533	static Socket pty_socket(void)
	534	{
	535	return NULL; /* shouldn't ever be needed */
	536	}
	537
	538	static int pty_sendok(void)
	539	{
	540	return 1;
	541	}
	542
	543	static void pty_unthrottle(int backlog)
	544	{
	545	/* do nothing */
	546	}
	547
	548	static int pty_ldisc(int option)
	549	{
	550	return 0; /* neither editing nor echoing */
	551	}
	552
	553	static int pty_exitcode(void)
	554	{
	555	/* Shouldn't ever be required */
	556	return 0;
	557	}
	558
	559	Backend pty_backend = {
	560	pty_init,
	561	pty_send,
	562	pty_sendbuffer,
	563	pty_size,
	564	pty_special,
	565	pty_socket,
	566	pty_exitcode,
	567	pty_sendok,
	568	pty_ldisc,
	569	pty_unthrottle,
	570	1
	571	};