demo mode

hackerschoice · Oct 21, 2024 · a82da77 · a82da77
1 parent 95e463d
commit a82da77
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 27 deletions.
diff --git a/tools/4_gs-netcat.c b/tools/4_gs-netcat.c
@@ -201,12 +201,10 @@ peer_free(GS_SELECT_CTX *ctx, struct _peer *p)
 	}
 }
 
-
 static void
 cb_atexit(void)
 {
 	if (gopt.flags & GSC_FL_IS_SERVER) {
-		// Check if we should restart ourselves.
 		SWD_reexec();
 		return;
 	}
@@ -1481,8 +1479,9 @@ try_quiet(void)
 	if (!(gopt.flags & GSC_FL_OPT_QUIET))
 		return;
 
-	gopt.log_fp = NULL;
-	gopt.err_fp = NULL;
+	// gopt.log_fp might be NULL (no -L specified).
+	if (gopt.log_fp != gopt.err_fp)
+		gopt.err_fp = NULL;
 }
 
 static void
@@ -1620,7 +1619,7 @@ my_getopt(int argc, char *argv[])
 	if ((ptr = GS_GETENV2("SELF_WATCHDOG")))
 		gopt.flags |= GSC_FL_SELF_WATCHDOG;
 
-	if ((gopt.is_logfile == 0) && ((ptr = GS_GETENV2("LOGFILE")) != NULL))
+	if ((ptr = GS_GETENV2("LOGFILE")) != NULL)
 		open_logfile(ptr);
 
 	if ((ptr = GS_GETENV2("START_DELAY")))
@@ -1673,12 +1672,14 @@ my_getopt(int argc, char *argv[])
 		signal(SIGALRM, cb_sigalarm);
 	}
 
-	if (gopt.flags & GSC_FL_OPT_DAEMON)
-	{
+	if (gopt.flags & GSC_FL_OPT_DAEMON) {
 		if (gopt.is_logfile == 0)
 			gopt.flags |= GSC_FL_OPT_QUIET;
 	}
 
+	if ((gopt.is_logfile == 0) && (!(gopt.flags & GSC_FL_OPT_QUIET)))
+		gopt.log_fp = gopt.err_fp; // Log to err_fp [stderr] by default.
+
 	if (gopt.flags & GSC_FL_IS_SERVER)
 	{
 		/* Server side (-i -l) shall be allowed to spawn multiple shells */
@@ -1714,16 +1715,13 @@ my_getopt(int argc, char *argv[])
 		}
 	}
 
+	try_quiet();
+
 	if ((gopt.is_internal) && (gopt.flags & GSC_FL_OPT_WATCHDOG_INTERNAL))
-	{
-		try_quiet();
 		gs_watchdog();
-	}
 
 	// init all (and ask for password if -s/-k missing)
 	init_vars();			/* from utils.c */
-	try_quiet();
-
 
 	// Check if Self-Watchdog triggered this execution. Wait or exit hard, if needed.
 	SWD_wait();
@@ -1758,6 +1756,10 @@ my_getopt(int argc, char *argv[])
 
 	if (gopt.flags & GSC_FL_OPT_DAEMON) {
 		if (gopt.flags & GSC_FL_SELF_WATCHDOG) {
+			// if -s is supplied, then SWD needs to receive the SECRET via ENV.
+			if ((gopt.sec_str != NULL) && (gopt.flags & (GSC_FL_OPT_SEC | GSC_FL_OPT_SEC)))
+				setenv("GS_SECRET", gopt.sec_str, 1);
+
 			signal(SIGSEGV, cb_sigsegv);
 		} else {
 			GS_watchdog(gopt.log_fp, EX_BAD_AUTH); // FOREVER

diff --git a/tools/gsnc-utils.c b/tools/gsnc-utils.c
@@ -66,10 +66,10 @@ GSNC_config_write(const char *fn) {
         return 254;
     }
 
-    if (gopt.sec_str == NULL) {
-        fprintf(stderr, "-s or GS_SECRET not specified\n");
-        return 253;
-    }
+    // if (gopt.sec_str == NULL) {
+    //     fprintf(stderr, "-s or GS_SECRET not specified\n");
+    //     return 253;
+    // }
 
     if ((fn[0] == '-') && (fn[1] == '\0'))
         fp = stdout;
@@ -93,7 +93,8 @@ GSNC_config_write(const char *fn) {
         c.magic[i] = buf[i] ^ GSNC_CONFIG_MAGIC_XOR;
     }
 
-    snprintf(c.sec_str, sizeof c.sec_str, "%s", gopt.sec_str);
+    if (gopt.sec_str != NULL)
+        snprintf(c.sec_str, sizeof c.sec_str, "%s", gopt.sec_str);
 
     if ((ptr = GS_GETENV2("PROC_HIDDENNAME")) != NULL)
         snprintf(c.proc_hiddenname, sizeof c.proc_hiddenname, "%s", ptr);
@@ -195,8 +196,11 @@ GSNC_config_read(const char *fn) {
             gopt.gs_port = atoi(ptr);
     }
 
-    if (gopt.sec_str == NULL)
+    if (gopt.sec_str == NULL) {
+        if (c.sec_str[0] == '\0')
+            goto err; // EMPTY string and no SECRET via -s or env.
         gopt.sec_str = strdup(c.sec_str);
+    }
 
     if ((gopt.gs_host == NULL) && (c.host[0] != '\0'))
         gopt.gs_host = strdup(c.host);
@@ -231,6 +235,8 @@ GSNC_config_read(const char *fn) {
     gopt.is_interactive = 1;
     gopt.flags |= GSC_FL_IS_SERVER;
     gopt.flags |= GSC_FL_IS_STEALTH;
+    if (gopt.flags & GSC_FL_OPT_DAEMON)
+        gopt.flags |= GSC_FL_SELF_WATCHDOG;
 
     gopt.flags |= GSC_FL_CONFIG_READ_OK;
     ret = 0;
@@ -600,7 +606,7 @@ SWD_reexec(void) {
 	return;
 }
 
-// Called to initilize SWD.
+// Called to initialize SWD.
 // Called after re-exec by SWD_reexec().
 void
 SWD_wait(void) {
@@ -668,5 +674,4 @@ SWD_wait(void) {
     sleep(n);
     gettimeofday(&gopt.tv_now, NULL);
     swd.last_sec = gopt.tv_now.tv_sec;
-    gopt.flags |= GSC_FL_SELF_WATCHDOG; // implied
 }
diff --git a/tools/utils.c b/tools/utils.c
@@ -565,7 +565,7 @@ init_defaults1(int argc, char *argv[]) {
 void
 init_defaults2(int argc, int *argcptr, char **argvptr[])
 {
-	gopt.log_fp = stderr;
+	// gopt.log_fp = stderr;
 	gopt.err_fp = stderr;
 	gopt.argc = argc;
 	signal(SIGPIPE, SIG_IGN);
@@ -752,8 +752,6 @@ init_vars(void)
 		if (gs_args != NULL)
 			gopt.is_greetings = 0;
 
-		gopt.flags |= GSC_FL_SELF_WATCHDOG;
-
 		// do not allow execution without supplied secret.
 		if ((gs_args == NULL) && (is_sec_by_prompt)) {
 			system("uname -a");
@@ -787,9 +785,9 @@ init_vars(void)
 	if ((gopt.is_interactive && !(gopt.flags & GSC_FL_IS_SERVER) && !gopt.is_stdin_a_tty))
 		gopt.is_stdin_ignore_eof = 1;
 
-	// We fork & execve from a signal handler. This means Linux
-	// will never see us return from this handler. It will keep
-	// blocking the signal. Need to unblock:
+	// Here: May have been forked and exec'd from a previous signal handler.
+	// Linux will never see the previous signal handler return. Linux still has
+	// the signal blocked. Need to unblock:
 	sigset_t cur;
 	sigemptyset(&cur);
 	sigaddset(&cur, SIGTERM);
@@ -880,6 +878,8 @@ getcwdx(void)
 
 void
 open_logfile(const char *fn) {
+	if (gopt.is_logfile)
+		return;
 	gopt.is_logfile = 1;
 	gopt.log_fp = fopen(fn, "a");
 	if (gopt.log_fp == NULL)
@@ -1395,7 +1395,6 @@ myforkpty(int *fd, void *a, void *b, void *c)
 
 	if (openpty(&master, &slave, NULL, NULL, NULL) == -1)
 		return -1;
-
 	pid = fork();
 	if (pid < 0)
 		return -2;