secret/postfix_src/vstream__popen_8c_source.html

 /*++

 /* NAME

 /*  vstream_popen 3

 /* SUMMARY

 /*  open stream to child process

 /* SYNOPSIS

 /*  #include <vstream.h>

 /*

 /*  VSTREAM *vstream_popen(flags, key, value, ...)

 /*  int flags;

 /*  int key;

 /*

 /*  int vstream_pclose(stream)

 /*  VSTREAM *stream;

 /* DESCRIPTION

 /*  vstream_popen() opens a one-way or two-way stream to a user-specified

 /*  command, which is executed by a child process. The \fIflags\fR

 /*  argument is as with vstream_fopen(). The child's standard input and

 /*  standard output are redirected to the stream, which is based on a

 /*  socketpair or other suitable local IPC. vstream_popen() takes a list

 /*  of macros with zero or more arguments, terminated by

 /*  CA_VSTREAM_POPEN_END.  The following is a listing of macros

 /*  with the expected argument type.

 /* .RS

 /* .IP "CA_VSTREAM_POPEN_COMMAND(const char *)"

 /*  Specifies the command to execute as a string. The string is

 /*  passed to the shell when it contains shell meta characters

 /*  or when it appears to be a shell built-in command, otherwise

 /*  the command is executed without invoking a shell.

 /*  One of CA_VSTREAM_POPEN_COMMAND or VSTREAM_POPEN_ARGV must be specified.

 /* .IP "CA_VSTREAM_POPEN_ARGV(char **)"

 /*  The command is specified as an argument vector. This vector is

 /*  passed without further inspection to the \fIexecvp\fR() routine.

 /*  One of CA_VSTREAM_POPEN_COMMAND or VSTREAM_POPEN_ARGV must be specified.

 /*  See also the CA_VSTREAM_POPEN_SHELL attribute below.

 /* .IP "CA_VSTREAM_POPEN_ENV(char **)"

 /*  Additional environment information, in the form of a null-terminated

 /*  list of name, value, name, value, ... elements. By default only the

 /*  command search path is initialized to _PATH_DEFPATH.

 /* .IP "CA_VSTREAM_POPEN_EXPORT(char **)"

 /*  This argument is passed to clean_env().

 /*  Null-terminated array of names of environment parameters

 /*  that can be exported. By default, everything is exported.

 /* .IP "CA_VSTREAM_POPEN_UID(uid_t)"

 /*  The user ID to execute the command as. The user ID must be non-zero.

 /* .IP "CA_VSTREAM_POPEN_GID(gid_t)"

 /*  The group ID to execute the command as. The group ID must be non-zero.

 /* .IP "CA_VSTREAM_POPEN_SHELL(const char *)"

 /*  The shell to use when executing the command specified with

 /*  CA_VSTREAM_POPEN_COMMAND. This shell is invoked regardless of the

 /*  command content.

 /* .IP "CA_VSTREAM_POPEN_WAITPID_FN(pid_t (*)(pid_t, WAIT_STATUS_T *, int))"

 /*  waitpid()-like function to reap the child exit status when

 /*  vstream_pclose() is called.

 /* .RE

 /* .PP

 /*  vstream_pclose() closes the named stream and returns the child

 /*  exit status. It is an error to specify a stream that was not

 /*  returned by vstream_popen() or that is no longer open.

 /* DIAGNOSTICS

 /*  Panics: interface violations. Fatal errors: out of memory.

 /*

 /*  vstream_popen() returns a null pointer in case of trouble.

 /*  The nature of the problem is specified via the \fIerrno\fR

 /*  global variable.

 /*

 /*  vstream_pclose() returns -1 in case of trouble.

 /*  The nature of the problem is specified via the \fIerrno\fR

 /*  global variable.

 /* SEE ALSO

 /*  vstream(3) light-weight buffered I/O

 /* BUGS

 /*  The interface, stolen from popen()/pclose(), ignores errors

 /*  returned when the stream is closed, and does not distinguish

 /*  between exit status codes and kill signals.

 /* LICENSE

 /* .ad

 /* .fi

 /*  The Secure Mailer license must be distributed with this software.

 /* AUTHOR(S)

 /*  Wietse Venema

 /*  IBM T.J. Watson Research

 /*  P.O. Box 704

 /*  Yorktown Heights, NY 10598, USA

 /*--*/


 /* System library. */


 #include <sys_defs.h>

 #include <sys/wait.h>

 #include <unistd.h>

 #include <stdlib.h>

 #include <errno.h>

 #ifdef USE_PATHS_H

 #include <paths.h>

 #endif

 #include <syslog.h>


 /* Utility library. */


 #include <msg.h>

 #include <exec_command.h>

 #include <vstream.h>

 #include <argv.h>

 #include <set_ugid.h>

 #include <clean_env.h>

 #include <iostuff.h>


 /* Application-specific. */


 typedef struct VSTREAM_POPEN_ARGS {

     char  **argv;

     char   *command;

     uid_t   uid;

     gid_t   gid;

     int     privileged;

     char  **env;

     char  **export;

     char   *shell;

     VSTREAM_WAITPID_FN waitpid_fn;

 } VSTREAM_POPEN_ARGS;


 /* vstream_parse_args - get arguments from variadic list */


 static void vstream_parse_args(VSTREAM_POPEN_ARGS *args, va_list ap)

 {

     const char *myname = "vstream_parse_args";

     int     key;


     /*

      * First, set the default values (on all non-zero entries)

      */

     args->argv = 0;

     args->command = 0;

     args->uid = 0;

     args->gid = 0;

     args->privileged = 0;

     args->env = 0;

     args->export = 0;

     args->shell = 0;

     args->waitpid_fn = 0;


     /*

      * Then, override the defaults with user-supplied inputs.

      */

     while ((key = va_arg(ap, int)) != VSTREAM_POPEN_END) {

     switch (key) {

     case VSTREAM_POPEN_ARGV:

         if (args->command != 0)

         msg_panic("%s: got VSTREAM_POPEN_ARGV and VSTREAM_POPEN_COMMAND", myname);

         args->argv = va_arg(ap, char **);

         break;

     case VSTREAM_POPEN_COMMAND:

         if (args->argv != 0)

         msg_panic("%s: got VSTREAM_POPEN_ARGV and VSTREAM_POPEN_COMMAND", myname);

         args->command = va_arg(ap, char *);

         break;

     case VSTREAM_POPEN_UID:

         args->privileged = 1;

         args->uid = va_arg(ap, uid_t);

         break;

     case VSTREAM_POPEN_GID:

         args->privileged = 1;

         args->gid = va_arg(ap, gid_t);

         break;

     case VSTREAM_POPEN_ENV:

         args->env = va_arg(ap, char **);

         break;

     case VSTREAM_POPEN_EXPORT:

         args->export = va_arg(ap, char **);

         break;

     case VSTREAM_POPEN_SHELL:

         args->shell = va_arg(ap, char *);

         break;

     case VSTREAM_POPEN_WAITPID_FN:

         args->waitpid_fn = va_arg(ap, VSTREAM_WAITPID_FN);

         break;

     default:

         msg_panic("%s: unknown key: %d", myname, key);

     }

     }


     if (args->command == 0 && args->argv == 0)

     msg_panic("%s: missing VSTREAM_POPEN_ARGV or VSTREAM_POPEN_COMMAND", myname);

     if (args->privileged != 0 && args->uid == 0)

     msg_panic("%s: privileged uid", myname);

     if (args->privileged != 0 && args->gid == 0)

     msg_panic("%s: privileged gid", myname);

 }


 /* vstream_popen - open stream to child process */


 VSTREAM *vstream_popen(int flags,...)

 {

     const char *myname = "vstream_popen";

     VSTREAM_POPEN_ARGS args;

     va_list ap;

     VSTREAM *stream;

     int     sockfd[2];

     int     pid;

     int     fd;

     ARGV   *argv;

     char  **cpp;


     va_start(ap, flags);

     vstream_parse_args(&args, ap);

     va_end(ap);


     if (args.command == 0)

     args.command = args.argv[0];


     if (duplex_pipe(sockfd) < 0)

     return (0);


     switch (pid = fork()) {

     case -1:                    /* error */

     (void) close(sockfd[0]);

     (void) close(sockfd[1]);

     return (0);

     case 0:                 /* child */

     (void) msg_cleanup((MSG_CLEANUP_FN) 0);

     if (close(sockfd[1]))

         msg_warn("close: %m");

     for (fd = 0; fd < 2; fd++)

         if (sockfd[0] != fd)

         if (DUP2(sockfd[0], fd) < 0)

             msg_fatal("dup2: %m");

     if (sockfd[0] >= 2 && close(sockfd[0]))

         msg_warn("close: %m");


     /*

      * Don't try to become someone else unless the user specified it.

      */

     if (args.privileged)

         set_ugid(args.uid, args.gid);


     /*

      * Environment plumbing. Always reset the command search path. XXX

      * That should probably be done by clean_env().

      */

     if (args.export)

         clean_env(args.export);

     if (setenv("PATH", _PATH_DEFPATH, 1))

         msg_fatal("%s: setenv: %m", myname);

     if (args.env)

         for (cpp = args.env; *cpp; cpp += 2)

         if (setenv(cpp[0], cpp[1], 1))

             msg_fatal("setenv: %m");


     /*

      * Process plumbing. If possible, avoid running a shell.

      */

     closelog();

     if (args.argv) {

         execvp(args.argv[0], args.argv);

         msg_fatal("%s: execvp %s: %m", myname, args.argv[0]);

     } else if (args.shell && *args.shell) {

         argv = argv_split(args.shell, CHARS_SPACE);

         argv_add(argv, args.command, (char *) 0);

         argv_terminate(argv);

         execvp(argv->argv[0], argv->argv);

         msg_fatal("%s: execvp %s: %m", myname, argv->argv[0]);

     } else {

         exec_command(args.command);

     }

     /* NOTREACHED */

     default:                    /* parent */

     if (close(sockfd[0]))

         msg_warn("close: %m");

     stream = vstream_fdopen(sockfd[1], flags);

     stream->waitpid_fn = args.waitpid_fn;

     stream->pid = pid;

     return (stream);

     }

 }


 /* vstream_pclose - close stream to child process */


 int     vstream_pclose(VSTREAM *stream)

 {

     pid_t   saved_pid = stream->pid;

     VSTREAM_WAITPID_FN saved_waitpid_fn = stream->waitpid_fn;

     pid_t   pid;

     WAIT_STATUS_T wait_status;


     /*

      * Close the pipe. Don't trigger an alarm in vstream_fclose().

      */

     if (saved_pid == 0)

     msg_panic("vstream_pclose: stream has no process");

     stream->pid = 0;

     vstream_fclose(stream);


     /*

      * Reap the child exit status.

      */

     do {

     if (saved_waitpid_fn != 0)

         pid = saved_waitpid_fn(saved_pid, &wait_status, 0);

     else

         pid = waitpid(saved_pid, &wait_status, 0);

     } while (pid == -1 && errno == EINTR);

     return (pid == -1 ? -1 :

         WIFSIGNALED(wait_status) ? WTERMSIG(wait_status) :

         WEXITSTATUS(wait_status));

 }


 #ifdef TEST


 #include <fcntl.h>

 #include <vstring.h>

 #include <vstring_vstream.h>


  /*

   * Test program. Run a command and copy lines one by one.

   */

 int     main(int argc, char **argv)

 {

     VSTRING *buf = vstring_alloc(100);

     VSTREAM *stream;

     int     status;


     /*

      * Sanity check.

      */

     if (argc < 2)

     msg_fatal("usage: %s 'command'", argv[0]);


     /*

      * Open stream to child process.

      */

     if ((stream = vstream_popen(O_RDWR,

                 VSTREAM_POPEN_ARGV, argv + 1,

                 VSTREAM_POPEN_END)) == 0)

     msg_fatal("vstream_popen: %m");


     /*

      * Copy loop, one line at a time.

      */

     while (vstring_fgets(buf, stream) != 0) {

     if (vstream_fwrite(VSTREAM_OUT, vstring_str(buf), VSTRING_LEN(buf))

         != VSTRING_LEN(buf))

         msg_fatal("vstream_fwrite: %m");

     if (vstream_fflush(VSTREAM_OUT) != 0)

         msg_fatal("vstream_fflush: %m");

     if (vstring_fgets(buf, VSTREAM_IN) == 0)

         break;

     if (vstream_fwrite(stream, vstring_str(buf), VSTRING_LEN(buf))

         != VSTRING_LEN(buf))

         msg_fatal("vstream_fwrite: %m");

     }


     /*

      * Cleanup.

      */

     vstring_free(buf);

     if ((status = vstream_pclose(stream)) != 0)

     msg_warn("exit status: %d", status);


     exit(status);

 }


 #endif

vstring_fgets
#define vstring_fgets(s, p)
Definition: vstring_vstream.h:33

VSTREAM_POPEN_ARGS::command
char * command
Definition: vstream_popen.c:113

VSTREAM_POPEN_ARGV
#define VSTREAM_POPEN_ARGV
Definition: vstream.h:193

VSTREAM
Definition: vstream.h:43

vstream_pclose
int vstream_pclose(VSTREAM *stream)
Definition: vstream_popen.c:279

VSTREAM_POPEN_ENV
#define VSTREAM_POPEN_ENV
Definition: vstream.h:196

VSTREAM_POPEN_ARGS::argv
char ** argv
Definition: vstream_popen.c:112

ARGV
Definition: argv.h:17

msg_panic
NORETURN msg_panic(const char *fmt,...)
Definition: msg.c:295

MSG_CLEANUP_FN
void(* MSG_CLEANUP_FN)(void)
Definition: msg.h:23

vstring_vstream.h

VSTREAM_POPEN_ARGS::shell
char * shell
Definition: vstream_popen.c:119

vstring_str
#define vstring_str(vp)
Definition: vstring.h:71

VSTREAM_OUT
#define VSTREAM_OUT
Definition: vstream.h:67

main
int main(int argc, char **argv)
Definition: anvil.c:1010

VSTREAM_POPEN_ARGS::env
char ** env
Definition: vstream_popen.c:117

iostuff.h

ARGV::argv
char ** argv
Definition: argv.h:20

argv_add
void argv_add(ARGV *argvp,...)
Definition: argv.c:197

VSTREAM_IN
#define VSTREAM_IN
Definition: vstream.h:66

VSTRING_LEN
#define VSTRING_LEN(vp)
Definition: vstring.h:72

VSTREAM::pid
pid_t pid
Definition: vstream.h:56

vstream_popen
VSTREAM * vstream_popen(int flags,...)
Definition: vstream_popen.c:193

VSTREAM_POPEN_COMMAND
#define VSTREAM_POPEN_COMMAND
Definition: vstream.h:192

clean_env
void clean_env(char **preserve_list)
Definition: clean_env.c:59

VSTREAM_POPEN_ARGS::gid
gid_t gid
Definition: vstream_popen.c:115

VSTREAM_POPEN_EXPORT
#define VSTREAM_POPEN_EXPORT
Definition: vstream.h:199

vstream_fclose
int vstream_fclose(VSTREAM *stream)
Definition: vstream.c:1268

VSTREAM_POPEN_SHELL
#define VSTREAM_POPEN_SHELL
Definition: vstream.h:197

msg.h

clean_env.h

msg_warn
void msg_warn(const char *fmt,...)
Definition: msg.c:215

vstring_alloc
VSTRING * vstring_alloc(ssize_t len)
Definition: vstring.c:353

CHARS_SPACE
#define CHARS_SPACE
Definition: sys_defs.h:1762

VSTRING
Definition: vstring.h:29

VSTREAM_POPEN_ARGS::export
char ** export
Definition: vstream_popen.c:118

vstring.h

VSTREAM_POPEN_WAITPID_FN
#define VSTREAM_POPEN_WAITPID_FN
Definition: vstream.h:198

exec_command.h

sys_defs.h

msg_fatal
NORETURN msg_fatal(const char *fmt,...)
Definition: msg.c:249

vstream_fflush
int vstream_fflush(VSTREAM *stream)
Definition: vstream.c:1257

VSTREAM_POPEN_ARGS
Definition: vstream_popen.c:111

argv_split
ARGV * argv_split(const char *, const char *)
Definition: argv_split.c:63

VSTREAM_POPEN_UID
#define VSTREAM_POPEN_UID
Definition: vstream.h:194

vstream_fwrite
#define vstream_fwrite(v, b, n)
Definition: vstream.h:105

VSTREAM_POPEN_ARGS::waitpid_fn
VSTREAM_WAITPID_FN waitpid_fn
Definition: vstream_popen.c:120

set_ugid
void set_ugid(uid_t uid, gid_t gid)
Definition: set_ugid.c:45

duplex_pipe
int duplex_pipe(int *fds)
Definition: duplex_pipe.c:41

VSTREAM_POPEN_ARGS
struct VSTREAM_POPEN_ARGS VSTREAM_POPEN_ARGS

vstream.h

vstring_free
VSTRING * vstring_free(VSTRING *vp)
Definition: vstring.c:380

VSTREAM::waitpid_fn
VSTREAM_WAITPID_FN waitpid_fn
Definition: vstream.h:57

VSTREAM_POPEN_ARGS::privileged
int privileged
Definition: vstream_popen.c:116

set_ugid.h

argv.h

exec_command
NORETURN exec_command(const char *command)
Definition: exec_command.c:51

VSTREAM_POPEN_GID
#define VSTREAM_POPEN_GID
Definition: vstream.h:195

VSTREAM_WAITPID_FN
pid_t(* VSTREAM_WAITPID_FN)(pid_t, WAIT_STATUS_T *, int)
Definition: vstream.h:35

VSTREAM_POPEN_ARGS::uid
uid_t uid
Definition: vstream_popen.c:114

WAIT_STATUS_T
int WAIT_STATUS_T
Definition: sys_defs.h:1436

msg_cleanup
MSG_CLEANUP_FN msg_cleanup(MSG_CLEANUP_FN cleanup_fn)
Definition: msg.c:317

DUP2
#define DUP2
Definition: sys_defs.h:1307

vstream_fdopen
VSTREAM * vstream_fdopen(int fd, int flags)
Definition: vstream.c:1204

VSTREAM_POPEN_END
#define VSTREAM_POPEN_END
Definition: vstream.h:191

argv_terminate
void argv_terminate(ARGV *argvp)
Definition: argv.c:242