#include #include #include #include #include #include #include #include #include #include #define BUFF_LEN_1 1000 #define BUFF_LEN_2 1025 #define BUFF_LEN_3 1024 #define DEFAULT_CHROOT "/var/gopher/" void display_file(const char *); void drop_privileges(const char *, const char *); void drop_privileges(const char *user, const char *path) { struct passwd *pw; char chroot_dir[BUFF_LEN_2]; strlcpy(chroot_dir, path, sizeof(chroot_dir)); /* * use chroot() if an user is specified requires root user to be * running the program to run chroot() and then drop privileges */ if (strlen(user) > 0) { /* is root? */ if (getuid() != 0) { syslog(LOG_DAEMON, "chroot requires program to be run as root"); errx(1, "chroot requires root user"); } /* search user uid from name */ if ((pw = getpwnam(user)) == NULL) { syslog(LOG_DAEMON, "the user %s can't be found on the system", user); err(1, "finding user"); } /* chroot worked? */ if (chroot(chroot_dir) != 0) { syslog(LOG_DAEMON, "the chroot_dir %s can't be used for chroot", chroot_dir); err(1, "chroot"); } if (chdir("/") == -1) { syslog(LOG_DAEMON, "failed to chdir(\"/\")"); err(1, "chdir"); } /* drop privileges */ if (setgroups(1, &pw->pw_gid) || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) { syslog(LOG_DAEMON, "dropping privileges to user %s (uid=%i) failed", user, pw->pw_uid); err(1, "Can't drop privileges"); } strlcpy(chroot_dir, "/", sizeof(chroot_dir)); } #ifdef __OpenBSD__ /* * prevent access to files other than the one in path */ if (unveil(chroot_dir, "r") == -1) { syslog(LOG_DAEMON, "unveil on %s failed", chroot_dir); err(1, "unveil"); } /* * prevent system calls other parsing queryfor fread file and * write to stdio */ if (pledge("stdio rpath", NULL) == -1) { syslog(LOG_DAEMON, "pledge call failed"); err(1, "pledge"); } #endif } void display_file(const char *path) { size_t buflen = BUFF_LEN_1; char *buffer[BUFF_LEN_1]; ssize_t nread; struct stat sb; FILE *fd; /* this is to check if path is a directory */ if (stat(path, &sb) == -1) goto err; /* open the file requested */ if ((fd = fopen(path, "r")) == NULL) goto err; /* check if directory */ if (S_ISDIR(sb.st_mode) == 1) goto err; /* read the file and write it to stdout */ while ((nread = fread(buffer, sizeof(char), buflen, fd)) != 0) fwrite(buffer, sizeof(char), nread, stdout); fclose(fd); syslog(LOG_DAEMON, "path served %s", path); return; err: /* return an error code and no content */ printf("resource not found for %s\n", path); syslog(LOG_DAEMON, "path invalid %s", path); } int main(int argc, char **argv) { char buffer [BUFF_LEN_2]; char request [BUFF_LEN_2]; char path [BUFF_LEN_2] = DEFAULT_CHROOT; char user [_SC_LOGIN_NAME_MAX] = ""; int option; int chroot = 0; char *pos; while ((option = getopt(argc, argv, ":d:u:")) != -1) { switch (option) { case 'd': strlcpy(path, optarg, sizeof(path)); break; case 'u': chroot = 1; strlcpy(user, optarg, sizeof(user)); break; } } /* * do chroot if an user is supplied run pledge/unveil if OpenBSD */ drop_privileges(user, path); if (chroot == 1) strlcpy(path, "/", sizeof(path)); /* * read 1024 chars from stdin * to get the request */ fgets(request, BUFF_LEN_3, stdin); /* remove \r\n at the end of string * replace \n first and then \r * because some client may only use * \n instead of \r\n */ pos = strchr(request, '\n'); if (pos != NULL) *pos = '\n'; pos = strchr(request, '\r'); if (pos != NULL) *pos = '\0'; syslog(LOG_DAEMON, "request %s", request); /* * look for the first / after the hostname * in order to split hostname and uri */ fprintf(stderr, "<%s %ld>\n", request, strlen(request)); if(strlen(request) == 0 || strcmp(request, "/") == 0) { fprintf(stderr, "<%s %ld>\n", request, strlen(request)); strlcpy(request, "/gophermap", sizeof(request)); } /* add the base dir to the file requested */ strlcat(path, request, sizeof(path)); /* open file and send it to stdout */ display_file(path); return (0); }