| 1 | /* |
| 2 | * Pseudo-tty backend for pterm. |
| 3 | */ |
| 4 | |
| 5 | #define _GNU_SOURCE |
| 6 | |
| 7 | #include <stdio.h> |
| 8 | #include <stdlib.h> |
| 9 | #include <string.h> |
| 10 | #include <unistd.h> |
| 11 | #include <signal.h> |
| 12 | #include <assert.h> |
| 13 | #include <fcntl.h> |
| 14 | #include <termios.h> |
| 15 | #include <grp.h> |
| 16 | #include <utmp.h> |
| 17 | #include <pwd.h> |
| 18 | #include <time.h> |
| 19 | #include <sys/types.h> |
| 20 | #include <sys/stat.h> |
| 21 | #include <sys/wait.h> |
| 22 | #include <sys/ioctl.h> |
| 23 | #include <errno.h> |
| 24 | |
| 25 | #include "putty.h" |
| 26 | #include "tree234.h" |
| 27 | |
| 28 | #ifndef OMIT_UTMP |
| 29 | #include <utmpx.h> |
| 30 | #endif |
| 31 | |
| 32 | #ifndef FALSE |
| 33 | #define FALSE 0 |
| 34 | #endif |
| 35 | #ifndef TRUE |
| 36 | #define TRUE 1 |
| 37 | #endif |
| 38 | |
| 39 | /* updwtmpx() needs the name of the wtmp file. Try to find it. */ |
| 40 | #ifndef WTMPX_FILE |
| 41 | #ifdef _PATH_WTMPX |
| 42 | #define WTMPX_FILE _PATH_WTMPX |
| 43 | #else |
| 44 | #define WTMPX_FILE "/var/log/wtmpx" |
| 45 | #endif |
| 46 | #endif |
| 47 | |
| 48 | #ifndef LASTLOG_FILE |
| 49 | #ifdef _PATH_LASTLOG |
| 50 | #define LASTLOG_FILE _PATH_LASTLOG |
| 51 | #else |
| 52 | #define LASTLOG_FILE "/var/log/lastlog" |
| 53 | #endif |
| 54 | #endif |
| 55 | |
| 56 | /* |
| 57 | * Set up a default for vaguely sane systems. The idea is that if |
| 58 | * OMIT_UTMP is not defined, then at least one of the symbols which |
| 59 | * enable particular forms of utmp processing should be, if only so |
| 60 | * that a link error can warn you that you should have defined |
| 61 | * OMIT_UTMP if you didn't want any. Currently HAVE_PUTUTLINE is |
| 62 | * the only such symbol. |
| 63 | */ |
| 64 | #ifndef OMIT_UTMP |
| 65 | #if !defined HAVE_PUTUTLINE |
| 66 | #define HAVE_PUTUTLINE |
| 67 | #endif |
| 68 | #endif |
| 69 | |
| 70 | typedef struct pty_tag *Pty; |
| 71 | |
| 72 | /* |
| 73 | * The pty_signal_pipe, along with the SIGCHLD handler, must be |
| 74 | * process-global rather than session-specific. |
| 75 | */ |
| 76 | static int pty_signal_pipe[2] = { -1, -1 }; /* obviously bogus initial val */ |
| 77 | |
| 78 | struct pty_tag { |
| 79 | Conf *conf; |
| 80 | int master_fd, slave_fd; |
| 81 | void *frontend; |
| 82 | char name[FILENAME_MAX]; |
| 83 | pid_t child_pid; |
| 84 | int term_width, term_height; |
| 85 | int child_dead, finished; |
| 86 | int exit_code; |
| 87 | bufchain output_data; |
| 88 | }; |
| 89 | |
| 90 | /* |
| 91 | * We store our pty backends in a tree sorted by master fd, so that |
| 92 | * when we get an uxsel notification we know which backend instance |
| 93 | * is the owner of the pty that caused it. |
| 94 | */ |
| 95 | static int pty_compare_by_fd(void *av, void *bv) |
| 96 | { |
| 97 | Pty a = (Pty)av; |
| 98 | Pty b = (Pty)bv; |
| 99 | |
| 100 | if (a->master_fd < b->master_fd) |
| 101 | return -1; |
| 102 | else if (a->master_fd > b->master_fd) |
| 103 | return +1; |
| 104 | return 0; |
| 105 | } |
| 106 | |
| 107 | static int pty_find_by_fd(void *av, void *bv) |
| 108 | { |
| 109 | int a = *(int *)av; |
| 110 | Pty b = (Pty)bv; |
| 111 | |
| 112 | if (a < b->master_fd) |
| 113 | return -1; |
| 114 | else if (a > b->master_fd) |
| 115 | return +1; |
| 116 | return 0; |
| 117 | } |
| 118 | |
| 119 | static tree234 *ptys_by_fd = NULL; |
| 120 | |
| 121 | /* |
| 122 | * We also have a tree sorted by child pid, so that when we wait() |
| 123 | * in response to the signal we know which backend instance is the |
| 124 | * owner of the process that caused the signal. |
| 125 | */ |
| 126 | static int pty_compare_by_pid(void *av, void *bv) |
| 127 | { |
| 128 | Pty a = (Pty)av; |
| 129 | Pty b = (Pty)bv; |
| 130 | |
| 131 | if (a->child_pid < b->child_pid) |
| 132 | return -1; |
| 133 | else if (a->child_pid > b->child_pid) |
| 134 | return +1; |
| 135 | return 0; |
| 136 | } |
| 137 | |
| 138 | static int pty_find_by_pid(void *av, void *bv) |
| 139 | { |
| 140 | pid_t a = *(pid_t *)av; |
| 141 | Pty b = (Pty)bv; |
| 142 | |
| 143 | if (a < b->child_pid) |
| 144 | return -1; |
| 145 | else if (a > b->child_pid) |
| 146 | return +1; |
| 147 | return 0; |
| 148 | } |
| 149 | |
| 150 | static tree234 *ptys_by_pid = NULL; |
| 151 | |
| 152 | /* |
| 153 | * If we are using pty_pre_init(), it will need to have already |
| 154 | * allocated a pty structure, which we must then return from |
| 155 | * pty_init() rather than allocating a new one. Here we store that |
| 156 | * structure between allocation and use. |
| 157 | * |
| 158 | * Note that although most of this module is entirely capable of |
| 159 | * handling multiple ptys in a single process, pty_pre_init() is |
| 160 | * fundamentally _dependent_ on there being at most one pty per |
| 161 | * process, so the normal static-data constraints don't apply. |
| 162 | * |
| 163 | * Likewise, since utmp is only used via pty_pre_init, it too must |
| 164 | * be single-instance, so we can declare utmp-related variables |
| 165 | * here. |
| 166 | */ |
| 167 | static Pty single_pty = NULL; |
| 168 | |
| 169 | #ifndef OMIT_UTMP |
| 170 | static pid_t pty_utmp_helper_pid = -1; |
| 171 | static int pty_utmp_helper_pipe = -1; |
| 172 | static int pty_stamped_utmp; |
| 173 | static struct utmpx utmp_entry; |
| 174 | #endif |
| 175 | |
| 176 | /* |
| 177 | * pty_argv is a grievous hack to allow a proper argv to be passed |
| 178 | * through from the Unix command line. Again, it doesn't really |
| 179 | * make sense outside a one-pty-per-process setup. |
| 180 | */ |
| 181 | char **pty_argv; |
| 182 | |
| 183 | static void pty_close(Pty pty); |
| 184 | static void pty_try_write(Pty pty); |
| 185 | |
| 186 | #ifndef OMIT_UTMP |
| 187 | static void setup_utmp(char *ttyname, char *location) |
| 188 | { |
| 189 | #ifdef HAVE_LASTLOG |
| 190 | struct lastlog lastlog_entry; |
| 191 | FILE *lastlog; |
| 192 | #endif |
| 193 | struct passwd *pw; |
| 194 | struct timeval tv; |
| 195 | |
| 196 | pw = getpwuid(getuid()); |
| 197 | memset(&utmp_entry, 0, sizeof(utmp_entry)); |
| 198 | utmp_entry.ut_type = USER_PROCESS; |
| 199 | utmp_entry.ut_pid = getpid(); |
| 200 | strncpy(utmp_entry.ut_line, ttyname+5, lenof(utmp_entry.ut_line)); |
| 201 | strncpy(utmp_entry.ut_id, ttyname+8, lenof(utmp_entry.ut_id)); |
| 202 | strncpy(utmp_entry.ut_user, pw->pw_name, lenof(utmp_entry.ut_user)); |
| 203 | strncpy(utmp_entry.ut_host, location, lenof(utmp_entry.ut_host)); |
| 204 | /* |
| 205 | * Apparently there are some architectures where (struct |
| 206 | * utmpx).ut_tv is not essentially struct timeval (e.g. Linux |
| 207 | * amd64). Hence the temporary. |
| 208 | */ |
| 209 | gettimeofday(&tv, NULL); |
| 210 | utmp_entry.ut_tv.tv_sec = tv.tv_sec; |
| 211 | utmp_entry.ut_tv.tv_usec = tv.tv_usec; |
| 212 | |
| 213 | setutxent(); |
| 214 | pututxline(&utmp_entry); |
| 215 | endutxent(); |
| 216 | |
| 217 | updwtmpx(WTMPX_FILE, &utmp_entry); |
| 218 | |
| 219 | #ifdef HAVE_LASTLOG |
| 220 | memset(&lastlog_entry, 0, sizeof(lastlog_entry)); |
| 221 | strncpy(lastlog_entry.ll_line, ttyname+5, lenof(lastlog_entry.ll_line)); |
| 222 | strncpy(lastlog_entry.ll_host, location, lenof(lastlog_entry.ll_host)); |
| 223 | time(&lastlog_entry.ll_time); |
| 224 | if ((lastlog = fopen(LASTLOG_FILE, "r+")) != NULL) { |
| 225 | fseek(lastlog, sizeof(lastlog_entry) * getuid(), SEEK_SET); |
| 226 | fwrite(&lastlog_entry, 1, sizeof(lastlog_entry), lastlog); |
| 227 | fclose(lastlog); |
| 228 | } |
| 229 | #endif |
| 230 | |
| 231 | pty_stamped_utmp = 1; |
| 232 | |
| 233 | } |
| 234 | |
| 235 | static void cleanup_utmp(void) |
| 236 | { |
| 237 | struct timeval tv; |
| 238 | |
| 239 | if (!pty_stamped_utmp) |
| 240 | return; |
| 241 | |
| 242 | utmp_entry.ut_type = DEAD_PROCESS; |
| 243 | memset(utmp_entry.ut_user, 0, lenof(utmp_entry.ut_user)); |
| 244 | gettimeofday(&tv, NULL); |
| 245 | utmp_entry.ut_tv.tv_sec = tv.tv_sec; |
| 246 | utmp_entry.ut_tv.tv_usec = tv.tv_usec; |
| 247 | |
| 248 | updwtmpx(WTMPX_FILE, &utmp_entry); |
| 249 | |
| 250 | memset(utmp_entry.ut_line, 0, lenof(utmp_entry.ut_line)); |
| 251 | utmp_entry.ut_tv.tv_sec = 0; |
| 252 | utmp_entry.ut_tv.tv_usec = 0; |
| 253 | |
| 254 | setutxent(); |
| 255 | pututxline(&utmp_entry); |
| 256 | endutxent(); |
| 257 | |
| 258 | pty_stamped_utmp = 0; /* ensure we never double-cleanup */ |
| 259 | } |
| 260 | #endif |
| 261 | |
| 262 | static void sigchld_handler(int signum) |
| 263 | { |
| 264 | if (write(pty_signal_pipe[1], "x", 1) <= 0) |
| 265 | /* not much we can do about it */; |
| 266 | } |
| 267 | |
| 268 | #ifndef OMIT_UTMP |
| 269 | static void fatal_sig_handler(int signum) |
| 270 | { |
| 271 | putty_signal(signum, SIG_DFL); |
| 272 | cleanup_utmp(); |
| 273 | setuid(getuid()); |
| 274 | raise(signum); |
| 275 | } |
| 276 | #endif |
| 277 | |
| 278 | static int pty_open_slave(Pty pty) |
| 279 | { |
| 280 | if (pty->slave_fd < 0) { |
| 281 | pty->slave_fd = open(pty->name, O_RDWR); |
| 282 | cloexec(pty->slave_fd); |
| 283 | } |
| 284 | |
| 285 | return pty->slave_fd; |
| 286 | } |
| 287 | |
| 288 | static void pty_open_master(Pty pty) |
| 289 | { |
| 290 | #ifdef BSD_PTYS |
| 291 | const char chars1[] = "pqrstuvwxyz"; |
| 292 | const char chars2[] = "0123456789abcdef"; |
| 293 | const char *p1, *p2; |
| 294 | char master_name[20]; |
| 295 | struct group *gp; |
| 296 | |
| 297 | for (p1 = chars1; *p1; p1++) |
| 298 | for (p2 = chars2; *p2; p2++) { |
| 299 | sprintf(master_name, "/dev/pty%c%c", *p1, *p2); |
| 300 | pty->master_fd = open(master_name, O_RDWR); |
| 301 | if (pty->master_fd >= 0) { |
| 302 | if (geteuid() == 0 || |
| 303 | access(master_name, R_OK | W_OK) == 0) { |
| 304 | /* |
| 305 | * We must also check at this point that we are |
| 306 | * able to open the slave side of the pty. We |
| 307 | * wouldn't want to allocate the wrong master, |
| 308 | * get all the way down to forking, and _then_ |
| 309 | * find we're unable to open the slave. |
| 310 | */ |
| 311 | strcpy(pty->name, master_name); |
| 312 | pty->name[5] = 't'; /* /dev/ptyXX -> /dev/ttyXX */ |
| 313 | |
| 314 | cloexec(pty->master_fd); |
| 315 | |
| 316 | if (pty_open_slave(pty) >= 0 && |
| 317 | access(pty->name, R_OK | W_OK) == 0) |
| 318 | goto got_one; |
| 319 | if (pty->slave_fd > 0) |
| 320 | close(pty->slave_fd); |
| 321 | pty->slave_fd = -1; |
| 322 | } |
| 323 | close(pty->master_fd); |
| 324 | } |
| 325 | } |
| 326 | |
| 327 | /* If we get here, we couldn't get a tty at all. */ |
| 328 | fprintf(stderr, "pterm: unable to open a pseudo-terminal device\n"); |
| 329 | exit(1); |
| 330 | |
| 331 | got_one: |
| 332 | |
| 333 | /* We need to chown/chmod the /dev/ttyXX device. */ |
| 334 | gp = getgrnam("tty"); |
| 335 | chown(pty->name, getuid(), gp ? gp->gr_gid : -1); |
| 336 | chmod(pty->name, 0600); |
| 337 | #else |
| 338 | pty->master_fd = open("/dev/ptmx", O_RDWR); |
| 339 | |
| 340 | if (pty->master_fd < 0) { |
| 341 | perror("/dev/ptmx: open"); |
| 342 | exit(1); |
| 343 | } |
| 344 | |
| 345 | if (grantpt(pty->master_fd) < 0) { |
| 346 | perror("grantpt"); |
| 347 | exit(1); |
| 348 | } |
| 349 | |
| 350 | if (unlockpt(pty->master_fd) < 0) { |
| 351 | perror("unlockpt"); |
| 352 | exit(1); |
| 353 | } |
| 354 | |
| 355 | cloexec(pty->master_fd); |
| 356 | |
| 357 | pty->name[FILENAME_MAX-1] = '\0'; |
| 358 | strncpy(pty->name, ptsname(pty->master_fd), FILENAME_MAX-1); |
| 359 | #endif |
| 360 | |
| 361 | { |
| 362 | /* |
| 363 | * Set the pty master into non-blocking mode. |
| 364 | */ |
| 365 | int fl; |
| 366 | fl = fcntl(pty->master_fd, F_GETFL); |
| 367 | if (fl != -1 && !(fl & O_NONBLOCK)) |
| 368 | fcntl(pty->master_fd, F_SETFL, fl | O_NONBLOCK); |
| 369 | } |
| 370 | |
| 371 | if (!ptys_by_fd) |
| 372 | ptys_by_fd = newtree234(pty_compare_by_fd); |
| 373 | add234(ptys_by_fd, pty); |
| 374 | } |
| 375 | |
| 376 | /* |
| 377 | * Pre-initialisation. This is here to get around the fact that GTK |
| 378 | * doesn't like being run in setuid/setgid programs (probably |
| 379 | * sensibly). So before we initialise GTK - and therefore before we |
| 380 | * even process the command line - we check to see if we're running |
| 381 | * set[ug]id. If so, we open our pty master _now_, chown it as |
| 382 | * necessary, and drop privileges. We can always close it again |
| 383 | * later. If we're potentially going to be doing utmp as well, we |
| 384 | * also fork off a utmp helper process and communicate with it by |
| 385 | * means of a pipe; the utmp helper will keep privileges in order |
| 386 | * to clean up utmp when we exit (i.e. when its end of our pipe |
| 387 | * closes). |
| 388 | */ |
| 389 | void pty_pre_init(void) |
| 390 | { |
| 391 | Pty pty; |
| 392 | |
| 393 | #ifndef OMIT_UTMP |
| 394 | pid_t pid; |
| 395 | int pipefd[2]; |
| 396 | #endif |
| 397 | |
| 398 | pty = single_pty = snew(struct pty_tag); |
| 399 | bufchain_init(&pty->output_data); |
| 400 | |
| 401 | /* set the child signal handler straight away; it needs to be set |
| 402 | * before we ever fork. */ |
| 403 | putty_signal(SIGCHLD, sigchld_handler); |
| 404 | pty->master_fd = pty->slave_fd = -1; |
| 405 | #ifndef OMIT_UTMP |
| 406 | pty_stamped_utmp = FALSE; |
| 407 | #endif |
| 408 | |
| 409 | if (geteuid() != getuid() || getegid() != getgid()) { |
| 410 | pty_open_master(pty); |
| 411 | |
| 412 | #ifndef OMIT_UTMP |
| 413 | /* |
| 414 | * Fork off the utmp helper. |
| 415 | */ |
| 416 | if (pipe(pipefd) < 0) { |
| 417 | perror("pterm: pipe"); |
| 418 | exit(1); |
| 419 | } |
| 420 | cloexec(pipefd[0]); |
| 421 | cloexec(pipefd[1]); |
| 422 | pid = fork(); |
| 423 | if (pid < 0) { |
| 424 | perror("pterm: fork"); |
| 425 | exit(1); |
| 426 | } else if (pid == 0) { |
| 427 | char display[128], buffer[128]; |
| 428 | int dlen, ret; |
| 429 | |
| 430 | close(pipefd[1]); |
| 431 | /* |
| 432 | * Now sit here until we receive a display name from the |
| 433 | * other end of the pipe, and then stamp utmp. Unstamp utmp |
| 434 | * again, and exit, when the pipe closes. |
| 435 | */ |
| 436 | |
| 437 | dlen = 0; |
| 438 | while (1) { |
| 439 | |
| 440 | ret = read(pipefd[0], buffer, lenof(buffer)); |
| 441 | if (ret <= 0) { |
| 442 | cleanup_utmp(); |
| 443 | _exit(0); |
| 444 | } else if (!pty_stamped_utmp) { |
| 445 | if (dlen < lenof(display)) |
| 446 | memcpy(display+dlen, buffer, |
| 447 | min(ret, lenof(display)-dlen)); |
| 448 | if (buffer[ret-1] == '\0') { |
| 449 | /* |
| 450 | * Now we have a display name. NUL-terminate |
| 451 | * it, and stamp utmp. |
| 452 | */ |
| 453 | display[lenof(display)-1] = '\0'; |
| 454 | /* |
| 455 | * Trap as many fatal signals as we can in the |
| 456 | * hope of having the best possible chance to |
| 457 | * clean up utmp before termination. We are |
| 458 | * unfortunately unprotected against SIGKILL, |
| 459 | * but that's life. |
| 460 | */ |
| 461 | putty_signal(SIGHUP, fatal_sig_handler); |
| 462 | putty_signal(SIGINT, fatal_sig_handler); |
| 463 | putty_signal(SIGQUIT, fatal_sig_handler); |
| 464 | putty_signal(SIGILL, fatal_sig_handler); |
| 465 | putty_signal(SIGABRT, fatal_sig_handler); |
| 466 | putty_signal(SIGFPE, fatal_sig_handler); |
| 467 | putty_signal(SIGPIPE, fatal_sig_handler); |
| 468 | putty_signal(SIGALRM, fatal_sig_handler); |
| 469 | putty_signal(SIGTERM, fatal_sig_handler); |
| 470 | putty_signal(SIGSEGV, fatal_sig_handler); |
| 471 | putty_signal(SIGUSR1, fatal_sig_handler); |
| 472 | putty_signal(SIGUSR2, fatal_sig_handler); |
| 473 | #ifdef SIGBUS |
| 474 | putty_signal(SIGBUS, fatal_sig_handler); |
| 475 | #endif |
| 476 | #ifdef SIGPOLL |
| 477 | putty_signal(SIGPOLL, fatal_sig_handler); |
| 478 | #endif |
| 479 | #ifdef SIGPROF |
| 480 | putty_signal(SIGPROF, fatal_sig_handler); |
| 481 | #endif |
| 482 | #ifdef SIGSYS |
| 483 | putty_signal(SIGSYS, fatal_sig_handler); |
| 484 | #endif |
| 485 | #ifdef SIGTRAP |
| 486 | putty_signal(SIGTRAP, fatal_sig_handler); |
| 487 | #endif |
| 488 | #ifdef SIGVTALRM |
| 489 | putty_signal(SIGVTALRM, fatal_sig_handler); |
| 490 | #endif |
| 491 | #ifdef SIGXCPU |
| 492 | putty_signal(SIGXCPU, fatal_sig_handler); |
| 493 | #endif |
| 494 | #ifdef SIGXFSZ |
| 495 | putty_signal(SIGXFSZ, fatal_sig_handler); |
| 496 | #endif |
| 497 | #ifdef SIGIO |
| 498 | putty_signal(SIGIO, fatal_sig_handler); |
| 499 | #endif |
| 500 | setup_utmp(pty->name, display); |
| 501 | } |
| 502 | } |
| 503 | } |
| 504 | } else { |
| 505 | close(pipefd[0]); |
| 506 | pty_utmp_helper_pid = pid; |
| 507 | pty_utmp_helper_pipe = pipefd[1]; |
| 508 | } |
| 509 | #endif |
| 510 | } |
| 511 | |
| 512 | /* Drop privs. */ |
| 513 | { |
| 514 | #ifndef HAVE_NO_SETRESUID |
| 515 | int gid = getgid(), uid = getuid(); |
| 516 | int setresgid(gid_t, gid_t, gid_t); |
| 517 | int setresuid(uid_t, uid_t, uid_t); |
| 518 | setresgid(gid, gid, gid); |
| 519 | setresuid(uid, uid, uid); |
| 520 | #else |
| 521 | setgid(getgid()); |
| 522 | setuid(getuid()); |
| 523 | #endif |
| 524 | } |
| 525 | } |
| 526 | |
| 527 | int pty_real_select_result(Pty pty, int event, int status) |
| 528 | { |
| 529 | char buf[4096]; |
| 530 | int ret; |
| 531 | int finished = FALSE; |
| 532 | |
| 533 | if (event < 0) { |
| 534 | /* |
| 535 | * We've been called because our child process did |
| 536 | * something. `status' tells us what. |
| 537 | */ |
| 538 | if ((WIFEXITED(status) || WIFSIGNALED(status))) { |
| 539 | /* |
| 540 | * The primary child process died. We could keep |
| 541 | * the terminal open for remaining subprocesses to |
| 542 | * output to, but conventional wisdom seems to feel |
| 543 | * that that's the Wrong Thing for an xterm-alike, |
| 544 | * so we bail out now (though we don't necessarily |
| 545 | * _close_ the window, depending on the state of |
| 546 | * Close On Exit). This would be easy enough to |
| 547 | * change or make configurable if necessary. |
| 548 | */ |
| 549 | pty->exit_code = status; |
| 550 | pty->child_dead = TRUE; |
| 551 | del234(ptys_by_pid, pty); |
| 552 | finished = TRUE; |
| 553 | } |
| 554 | } else { |
| 555 | if (event == 1) { |
| 556 | |
| 557 | ret = read(pty->master_fd, buf, sizeof(buf)); |
| 558 | |
| 559 | /* |
| 560 | * Clean termination condition is that either ret == 0, or ret |
| 561 | * < 0 and errno == EIO. Not sure why the latter, but it seems |
| 562 | * to happen. Boo. |
| 563 | */ |
| 564 | if (ret == 0 || (ret < 0 && errno == EIO)) { |
| 565 | /* |
| 566 | * We assume a clean exit if the pty has closed but the |
| 567 | * actual child process hasn't. The only way I can |
| 568 | * imagine this happening is if it detaches itself from |
| 569 | * the pty and goes daemonic - in which case the |
| 570 | * expected usage model would precisely _not_ be for |
| 571 | * the pterm window to hang around! |
| 572 | */ |
| 573 | finished = TRUE; |
| 574 | if (!pty->child_dead) |
| 575 | pty->exit_code = 0; |
| 576 | } else if (ret < 0) { |
| 577 | perror("read pty master"); |
| 578 | exit(1); |
| 579 | } else if (ret > 0) { |
| 580 | from_backend(pty->frontend, 0, buf, ret); |
| 581 | } |
| 582 | } else if (event == 2) { |
| 583 | /* |
| 584 | * Attempt to send data down the pty. |
| 585 | */ |
| 586 | pty_try_write(pty); |
| 587 | } |
| 588 | } |
| 589 | |
| 590 | if (finished && !pty->finished) { |
| 591 | int close_on_exit; |
| 592 | |
| 593 | uxsel_del(pty->master_fd); |
| 594 | pty_close(pty); |
| 595 | pty->master_fd = -1; |
| 596 | |
| 597 | pty->finished = TRUE; |
| 598 | |
| 599 | /* |
| 600 | * This is a slight layering-violation sort of hack: only |
| 601 | * if we're not closing on exit (COE is set to Never, or to |
| 602 | * Only On Clean and it wasn't a clean exit) do we output a |
| 603 | * `terminated' message. |
| 604 | */ |
| 605 | close_on_exit = conf_get_int(pty->conf, CONF_close_on_exit); |
| 606 | if (close_on_exit == FORCE_OFF || |
| 607 | (close_on_exit == AUTO && pty->exit_code != 0)) { |
| 608 | char message[512]; |
| 609 | if (WIFEXITED(pty->exit_code)) |
| 610 | sprintf(message, "\r\n[pterm: process terminated with exit" |
| 611 | " code %d]\r\n", WEXITSTATUS(pty->exit_code)); |
| 612 | else if (WIFSIGNALED(pty->exit_code)) |
| 613 | #ifdef HAVE_NO_STRSIGNAL |
| 614 | sprintf(message, "\r\n[pterm: process terminated on signal" |
| 615 | " %d]\r\n", WTERMSIG(pty->exit_code)); |
| 616 | #else |
| 617 | sprintf(message, "\r\n[pterm: process terminated on signal" |
| 618 | " %d (%.400s)]\r\n", WTERMSIG(pty->exit_code), |
| 619 | strsignal(WTERMSIG(pty->exit_code))); |
| 620 | #endif |
| 621 | from_backend(pty->frontend, 0, message, strlen(message)); |
| 622 | } |
| 623 | |
| 624 | notify_remote_exit(pty->frontend); |
| 625 | } |
| 626 | |
| 627 | return !finished; |
| 628 | } |
| 629 | |
| 630 | int pty_select_result(int fd, int event) |
| 631 | { |
| 632 | int ret = TRUE; |
| 633 | Pty pty; |
| 634 | |
| 635 | if (fd == pty_signal_pipe[0]) { |
| 636 | pid_t pid; |
| 637 | int status; |
| 638 | char c[1]; |
| 639 | |
| 640 | if (read(pty_signal_pipe[0], c, 1) <= 0) |
| 641 | /* ignore error */; |
| 642 | /* ignore its value; it'll be `x' */ |
| 643 | |
| 644 | do { |
| 645 | pid = waitpid(-1, &status, WNOHANG); |
| 646 | |
| 647 | pty = find234(ptys_by_pid, &pid, pty_find_by_pid); |
| 648 | |
| 649 | if (pty) |
| 650 | ret = ret && pty_real_select_result(pty, -1, status); |
| 651 | } while (pid > 0); |
| 652 | } else { |
| 653 | pty = find234(ptys_by_fd, &fd, pty_find_by_fd); |
| 654 | |
| 655 | if (pty) |
| 656 | ret = ret && pty_real_select_result(pty, event, 0); |
| 657 | } |
| 658 | |
| 659 | return ret; |
| 660 | } |
| 661 | |
| 662 | static void pty_uxsel_setup(Pty pty) |
| 663 | { |
| 664 | int rwx; |
| 665 | |
| 666 | rwx = 1; /* always want to read from pty */ |
| 667 | if (bufchain_size(&pty->output_data)) |
| 668 | rwx |= 2; /* might also want to write to it */ |
| 669 | uxsel_set(pty->master_fd, rwx, pty_select_result); |
| 670 | |
| 671 | /* |
| 672 | * In principle this only needs calling once for all pty |
| 673 | * backend instances, but it's simplest just to call it every |
| 674 | * time; uxsel won't mind. |
| 675 | */ |
| 676 | uxsel_set(pty_signal_pipe[0], 1, pty_select_result); |
| 677 | } |
| 678 | |
| 679 | /* |
| 680 | * Called to set up the pty. |
| 681 | * |
| 682 | * Returns an error message, or NULL on success. |
| 683 | * |
| 684 | * Also places the canonical host name into `realhost'. It must be |
| 685 | * freed by the caller. |
| 686 | */ |
| 687 | static const char *pty_init(void *frontend, void **backend_handle, Conf *conf, |
| 688 | char *host, int port, char **realhost, int nodelay, |
| 689 | int keepalive) |
| 690 | { |
| 691 | int slavefd; |
| 692 | pid_t pid, pgrp; |
| 693 | #ifndef NOT_X_WINDOWS /* for Mac OS X native compilation */ |
| 694 | long windowid; |
| 695 | #endif |
| 696 | Pty pty; |
| 697 | |
| 698 | if (single_pty) { |
| 699 | pty = single_pty; |
| 700 | } else { |
| 701 | pty = snew(struct pty_tag); |
| 702 | pty->master_fd = pty->slave_fd = -1; |
| 703 | #ifndef OMIT_UTMP |
| 704 | pty_stamped_utmp = FALSE; |
| 705 | #endif |
| 706 | } |
| 707 | |
| 708 | pty->frontend = frontend; |
| 709 | *backend_handle = NULL; /* we can't sensibly use this, sadly */ |
| 710 | |
| 711 | pty->conf = conf_copy(conf); |
| 712 | pty->term_width = conf_get_int(conf, CONF_width); |
| 713 | pty->term_height = conf_get_int(conf, CONF_height); |
| 714 | |
| 715 | if (pty->master_fd < 0) |
| 716 | pty_open_master(pty); |
| 717 | |
| 718 | /* |
| 719 | * Set the backspace character to be whichever of ^H and ^? is |
| 720 | * specified by bksp_is_delete. |
| 721 | */ |
| 722 | { |
| 723 | struct termios attrs; |
| 724 | tcgetattr(pty->master_fd, &attrs); |
| 725 | attrs.c_cc[VERASE] = conf_get_int(conf, CONF_bksp_is_delete) |
| 726 | ? '\177' : '\010'; |
| 727 | tcsetattr(pty->master_fd, TCSANOW, &attrs); |
| 728 | } |
| 729 | |
| 730 | #ifndef OMIT_UTMP |
| 731 | /* |
| 732 | * Stamp utmp (that is, tell the utmp helper process to do so), |
| 733 | * or not. |
| 734 | */ |
| 735 | if (!conf_get_int(conf, CONF_stamp_utmp)) { |
| 736 | close(pty_utmp_helper_pipe); /* just let the child process die */ |
| 737 | pty_utmp_helper_pipe = -1; |
| 738 | } else if (pty_utmp_helper_pipe >= 0) { |
| 739 | char *location = get_x_display(pty->frontend); |
| 740 | int len = strlen(location)+1, pos = 0; /* +1 to include NUL */ |
| 741 | while (pos < len) { |
| 742 | int ret = write(pty_utmp_helper_pipe, location+pos, len - pos); |
| 743 | if (ret < 0) { |
| 744 | perror("pterm: writing to utmp helper process"); |
| 745 | close(pty_utmp_helper_pipe); /* arrgh, just give up */ |
| 746 | pty_utmp_helper_pipe = -1; |
| 747 | break; |
| 748 | } |
| 749 | pos += ret; |
| 750 | } |
| 751 | } |
| 752 | #endif |
| 753 | |
| 754 | #ifndef NOT_X_WINDOWS /* for Mac OS X native compilation */ |
| 755 | windowid = get_windowid(pty->frontend); |
| 756 | #endif |
| 757 | |
| 758 | /* |
| 759 | * Fork and execute the command. |
| 760 | */ |
| 761 | pid = fork(); |
| 762 | if (pid < 0) { |
| 763 | perror("fork"); |
| 764 | exit(1); |
| 765 | } |
| 766 | |
| 767 | if (pid == 0) { |
| 768 | /* |
| 769 | * We are the child. |
| 770 | */ |
| 771 | |
| 772 | slavefd = pty_open_slave(pty); |
| 773 | if (slavefd < 0) { |
| 774 | perror("slave pty: open"); |
| 775 | _exit(1); |
| 776 | } |
| 777 | |
| 778 | close(pty->master_fd); |
| 779 | fcntl(slavefd, F_SETFD, 0); /* don't close on exec */ |
| 780 | dup2(slavefd, 0); |
| 781 | dup2(slavefd, 1); |
| 782 | dup2(slavefd, 2); |
| 783 | close(slavefd); |
| 784 | setsid(); |
| 785 | #ifdef TIOCSCTTY |
| 786 | ioctl(0, TIOCSCTTY, 1); |
| 787 | #endif |
| 788 | pgrp = getpid(); |
| 789 | tcsetpgrp(0, pgrp); |
| 790 | setpgid(pgrp, pgrp); |
| 791 | close(open(pty->name, O_WRONLY, 0)); |
| 792 | setpgid(pgrp, pgrp); |
| 793 | { |
| 794 | char *term_env_var = dupprintf("TERM=%s", |
| 795 | conf_get_str(conf, CONF_termtype)); |
| 796 | putenv(term_env_var); |
| 797 | /* We mustn't free term_env_var, as putenv links it into the |
| 798 | * environment in place. |
| 799 | */ |
| 800 | } |
| 801 | #ifndef NOT_X_WINDOWS /* for Mac OS X native compilation */ |
| 802 | { |
| 803 | char *windowid_env_var = dupprintf("WINDOWID=%ld", windowid); |
| 804 | putenv(windowid_env_var); |
| 805 | /* We mustn't free windowid_env_var, as putenv links it into the |
| 806 | * environment in place. |
| 807 | */ |
| 808 | } |
| 809 | #endif |
| 810 | { |
| 811 | char *key, *val; |
| 812 | |
| 813 | for (val = conf_get_str_strs(conf, CONF_environmt, NULL, &key); |
| 814 | val != NULL; |
| 815 | val = conf_get_str_strs(conf, CONF_environmt, key, &key)) { |
| 816 | char *varval = dupcat(key, "=", val, NULL); |
| 817 | putenv(varval); |
| 818 | /* |
| 819 | * We must not free varval, since putenv links it |
| 820 | * into the environment _in place_. Weird, but |
| 821 | * there we go. Memory usage will be rationalised |
| 822 | * as soon as we exec anyway. |
| 823 | */ |
| 824 | } |
| 825 | } |
| 826 | |
| 827 | /* |
| 828 | * SIGINT, SIGQUIT and SIGPIPE may have been set to ignored by |
| 829 | * our parent, particularly by things like sh -c 'pterm &' and |
| 830 | * some window or session managers. SIGCHLD, meanwhile, was |
| 831 | * blocked during pt_main() startup. Reverse all this for our |
| 832 | * child process. |
| 833 | */ |
| 834 | putty_signal(SIGINT, SIG_DFL); |
| 835 | putty_signal(SIGQUIT, SIG_DFL); |
| 836 | putty_signal(SIGPIPE, SIG_DFL); |
| 837 | block_signal(SIGCHLD, 0); |
| 838 | if (pty_argv) { |
| 839 | /* |
| 840 | * Exec the exact argument list we were given. |
| 841 | */ |
| 842 | execvp(pty_argv[0], pty_argv); |
| 843 | /* |
| 844 | * If that fails, and if we had exactly one argument, pass |
| 845 | * that argument to $SHELL -c. |
| 846 | * |
| 847 | * This arranges that we can _either_ follow 'pterm -e' |
| 848 | * with a list of argv elements to be fed directly to |
| 849 | * exec, _or_ with a single argument containing a command |
| 850 | * to be parsed by a shell (but, in cases of doubt, the |
| 851 | * former is more reliable). |
| 852 | * |
| 853 | * A quick survey of other terminal emulators' -e options |
| 854 | * (as of Debian squeeze) suggests that: |
| 855 | * |
| 856 | * - xterm supports both modes, more or less like this |
| 857 | * - gnome-terminal will only accept a one-string shell command |
| 858 | * - Eterm, kterm and rxvt will only accept a list of |
| 859 | * argv elements (as did older versions of pterm). |
| 860 | * |
| 861 | * It therefore seems important to support both usage |
| 862 | * modes in order to be a drop-in replacement for either |
| 863 | * xterm or gnome-terminal, and hence for anyone's |
| 864 | * plausible uses of the Debian-style alias |
| 865 | * 'x-terminal-emulator'... |
| 866 | */ |
| 867 | if (pty_argv[1] == NULL) { |
| 868 | char *shell = getenv("SHELL"); |
| 869 | if (shell) |
| 870 | execl(shell, shell, "-c", pty_argv[0], (void *)NULL); |
| 871 | } |
| 872 | } else { |
| 873 | char *shell = getenv("SHELL"); |
| 874 | char *shellname; |
| 875 | if (conf_get_int(conf, CONF_login_shell)) { |
| 876 | char *p = strrchr(shell, '/'); |
| 877 | shellname = snewn(2+strlen(shell), char); |
| 878 | p = p ? p+1 : shell; |
| 879 | sprintf(shellname, "-%s", p); |
| 880 | } else |
| 881 | shellname = shell; |
| 882 | execl(getenv("SHELL"), shellname, (void *)NULL); |
| 883 | } |
| 884 | |
| 885 | /* |
| 886 | * If we're here, exec has gone badly foom. |
| 887 | */ |
| 888 | perror("exec"); |
| 889 | _exit(127); |
| 890 | } else { |
| 891 | pty->child_pid = pid; |
| 892 | pty->child_dead = FALSE; |
| 893 | pty->finished = FALSE; |
| 894 | if (pty->slave_fd > 0) |
| 895 | close(pty->slave_fd); |
| 896 | if (!ptys_by_pid) |
| 897 | ptys_by_pid = newtree234(pty_compare_by_pid); |
| 898 | add234(ptys_by_pid, pty); |
| 899 | } |
| 900 | |
| 901 | if (pty_signal_pipe[0] < 0) { |
| 902 | if (pipe(pty_signal_pipe) < 0) { |
| 903 | perror("pipe"); |
| 904 | exit(1); |
| 905 | } |
| 906 | cloexec(pty_signal_pipe[0]); |
| 907 | cloexec(pty_signal_pipe[1]); |
| 908 | } |
| 909 | pty_uxsel_setup(pty); |
| 910 | |
| 911 | *backend_handle = pty; |
| 912 | |
| 913 | *realhost = dupprintf("\0"); |
| 914 | |
| 915 | return NULL; |
| 916 | } |
| 917 | |
| 918 | static void pty_reconfig(void *handle, Conf *conf) |
| 919 | { |
| 920 | Pty pty = (Pty)handle; |
| 921 | /* |
| 922 | * We don't have much need to reconfigure this backend, but |
| 923 | * unfortunately we do need to pick up the setting of Close On |
| 924 | * Exit so we know whether to give a `terminated' message. |
| 925 | */ |
| 926 | conf_copy_into(pty->conf, conf); |
| 927 | } |
| 928 | |
| 929 | /* |
| 930 | * Stub routine (never called in pterm). |
| 931 | */ |
| 932 | static void pty_free(void *handle) |
| 933 | { |
| 934 | Pty pty = (Pty)handle; |
| 935 | |
| 936 | /* Either of these may fail `not found'. That's fine with us. */ |
| 937 | del234(ptys_by_pid, pty); |
| 938 | del234(ptys_by_fd, pty); |
| 939 | |
| 940 | sfree(pty); |
| 941 | } |
| 942 | |
| 943 | static void pty_try_write(Pty pty) |
| 944 | { |
| 945 | void *data; |
| 946 | int len, ret; |
| 947 | |
| 948 | assert(pty->master_fd >= 0); |
| 949 | |
| 950 | while (bufchain_size(&pty->output_data) > 0) { |
| 951 | bufchain_prefix(&pty->output_data, &data, &len); |
| 952 | ret = write(pty->master_fd, data, len); |
| 953 | |
| 954 | if (ret < 0 && (errno == EWOULDBLOCK)) { |
| 955 | /* |
| 956 | * We've sent all we can for the moment. |
| 957 | */ |
| 958 | break; |
| 959 | } |
| 960 | if (ret < 0) { |
| 961 | perror("write pty master"); |
| 962 | exit(1); |
| 963 | } |
| 964 | bufchain_consume(&pty->output_data, ret); |
| 965 | } |
| 966 | |
| 967 | pty_uxsel_setup(pty); |
| 968 | } |
| 969 | |
| 970 | /* |
| 971 | * Called to send data down the pty. |
| 972 | */ |
| 973 | static int pty_send(void *handle, char *buf, int len) |
| 974 | { |
| 975 | Pty pty = (Pty)handle; |
| 976 | |
| 977 | if (pty->master_fd < 0) |
| 978 | return 0; /* ignore all writes if fd closed */ |
| 979 | |
| 980 | bufchain_add(&pty->output_data, buf, len); |
| 981 | pty_try_write(pty); |
| 982 | |
| 983 | return bufchain_size(&pty->output_data); |
| 984 | } |
| 985 | |
| 986 | static void pty_close(Pty pty) |
| 987 | { |
| 988 | if (pty->master_fd >= 0) { |
| 989 | close(pty->master_fd); |
| 990 | pty->master_fd = -1; |
| 991 | } |
| 992 | #ifndef OMIT_UTMP |
| 993 | if (pty_utmp_helper_pipe >= 0) { |
| 994 | close(pty_utmp_helper_pipe); /* this causes utmp to be cleaned up */ |
| 995 | pty_utmp_helper_pipe = -1; |
| 996 | } |
| 997 | #endif |
| 998 | } |
| 999 | |
| 1000 | /* |
| 1001 | * Called to query the current socket sendability status. |
| 1002 | */ |
| 1003 | static int pty_sendbuffer(void *handle) |
| 1004 | { |
| 1005 | /* Pty pty = (Pty)handle; */ |
| 1006 | return 0; |
| 1007 | } |
| 1008 | |
| 1009 | /* |
| 1010 | * Called to set the size of the window |
| 1011 | */ |
| 1012 | static void pty_size(void *handle, int width, int height) |
| 1013 | { |
| 1014 | Pty pty = (Pty)handle; |
| 1015 | struct winsize size; |
| 1016 | |
| 1017 | pty->term_width = width; |
| 1018 | pty->term_height = height; |
| 1019 | |
| 1020 | size.ws_row = (unsigned short)pty->term_height; |
| 1021 | size.ws_col = (unsigned short)pty->term_width; |
| 1022 | size.ws_xpixel = (unsigned short) pty->term_width * |
| 1023 | font_dimension(pty->frontend, 0); |
| 1024 | size.ws_ypixel = (unsigned short) pty->term_height * |
| 1025 | font_dimension(pty->frontend, 1); |
| 1026 | ioctl(pty->master_fd, TIOCSWINSZ, (void *)&size); |
| 1027 | return; |
| 1028 | } |
| 1029 | |
| 1030 | /* |
| 1031 | * Send special codes. |
| 1032 | */ |
| 1033 | static void pty_special(void *handle, Telnet_Special code) |
| 1034 | { |
| 1035 | /* Pty pty = (Pty)handle; */ |
| 1036 | /* Do nothing! */ |
| 1037 | return; |
| 1038 | } |
| 1039 | |
| 1040 | /* |
| 1041 | * Return a list of the special codes that make sense in this |
| 1042 | * protocol. |
| 1043 | */ |
| 1044 | static const struct telnet_special *pty_get_specials(void *handle) |
| 1045 | { |
| 1046 | /* Pty pty = (Pty)handle; */ |
| 1047 | /* |
| 1048 | * Hmm. When I get round to having this actually usable, it |
| 1049 | * might be quite nice to have the ability to deliver a few |
| 1050 | * well chosen signals to the child process - SIGINT, SIGTERM, |
| 1051 | * SIGKILL at least. |
| 1052 | */ |
| 1053 | return NULL; |
| 1054 | } |
| 1055 | |
| 1056 | static int pty_connected(void *handle) |
| 1057 | { |
| 1058 | /* Pty pty = (Pty)handle; */ |
| 1059 | return TRUE; |
| 1060 | } |
| 1061 | |
| 1062 | static int pty_sendok(void *handle) |
| 1063 | { |
| 1064 | /* Pty pty = (Pty)handle; */ |
| 1065 | return 1; |
| 1066 | } |
| 1067 | |
| 1068 | static void pty_unthrottle(void *handle, int backlog) |
| 1069 | { |
| 1070 | /* Pty pty = (Pty)handle; */ |
| 1071 | /* do nothing */ |
| 1072 | } |
| 1073 | |
| 1074 | static int pty_ldisc(void *handle, int option) |
| 1075 | { |
| 1076 | /* Pty pty = (Pty)handle; */ |
| 1077 | return 0; /* neither editing nor echoing */ |
| 1078 | } |
| 1079 | |
| 1080 | static void pty_provide_ldisc(void *handle, void *ldisc) |
| 1081 | { |
| 1082 | /* Pty pty = (Pty)handle; */ |
| 1083 | /* This is a stub. */ |
| 1084 | } |
| 1085 | |
| 1086 | static void pty_provide_logctx(void *handle, void *logctx) |
| 1087 | { |
| 1088 | /* Pty pty = (Pty)handle; */ |
| 1089 | /* This is a stub. */ |
| 1090 | } |
| 1091 | |
| 1092 | static int pty_exitcode(void *handle) |
| 1093 | { |
| 1094 | Pty pty = (Pty)handle; |
| 1095 | if (!pty->finished) |
| 1096 | return -1; /* not dead yet */ |
| 1097 | else |
| 1098 | return pty->exit_code; |
| 1099 | } |
| 1100 | |
| 1101 | static int pty_cfg_info(void *handle) |
| 1102 | { |
| 1103 | /* Pty pty = (Pty)handle; */ |
| 1104 | return 0; |
| 1105 | } |
| 1106 | |
| 1107 | Backend pty_backend = { |
| 1108 | pty_init, |
| 1109 | pty_free, |
| 1110 | pty_reconfig, |
| 1111 | pty_send, |
| 1112 | pty_sendbuffer, |
| 1113 | pty_size, |
| 1114 | pty_special, |
| 1115 | pty_get_specials, |
| 1116 | pty_connected, |
| 1117 | pty_exitcode, |
| 1118 | pty_sendok, |
| 1119 | pty_ldisc, |
| 1120 | pty_provide_ldisc, |
| 1121 | pty_provide_logctx, |
| 1122 | pty_unthrottle, |
| 1123 | pty_cfg_info, |
| 1124 | "pty", |
| 1125 | -1, |
| 1126 | 0 |
| 1127 | }; |