2 * exec.c Execute external programs.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Copyright 2000 The FreeRADIUS server project
21 * Copyright 2000 Michael J. Hartwick <hartwick@hartwick.com>
23 static const char rcsid[] = "$Id$";
36 # include <sys/wait.h>
39 # define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
42 # define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
46 #include "rad_assert.h"
48 #ifndef HAVE_PTHREAD_H
49 #define rad_fork(n) fork()
50 #define rad_waitpid waitpid
54 * Execute a program on successful authentication.
55 * Return 0 if exec_wait == 0.
56 * Return the exit code of the called program if exec_wait != 0.
57 * Return -1 on fork/other errors in the parent process.
59 int radius_exec_program(const char *cmd, REQUEST *request,
60 int exec_wait, const char **user_msg)
63 static char message[256];
75 * Open a pipe for child/parent communication, if
80 radlog(L_ERR|L_CONS, "Couldn't open pipe: %s",
87 * Do the translation (as the parent) of the command to
88 * execute. This MAY involve calling other modules, so
89 * we want to do it in the parent.
91 radius_xlat(answer, sizeof(answer), cmd, request, NULL);
95 * Log the command if we are debugging something
97 DEBUG("Exec-Program: %s", buf);
100 * Build vector list of arguments and execute.
102 * FIXME: This parsing gets excited over spaces in
103 * the translated strings, e.g. User-Name = "aa bb"
104 * is passed as two seperate arguments, instead of one.
106 * What we SHOULD do instead is to split the exec program
107 * buffer first, and then do the translation on every
110 p = strtok(buf, " \t");
113 p = strtok(NULL, " \t");
118 radlog(L_ERR, "Exec-Program: empty command line.");
122 if ((pid = rad_fork(exec_wait)) == 0) {
123 #define MAX_ENVP 1024
125 char *envp[MAX_ENVP];
132 * We try to be fail-safe here. So if ANYTHING
133 * goes wrong, we exit with status 1.
137 * Open STDIN to /dev/null
139 devnull = open("/dev/null", O_RDWR);
141 radlog(L_ERR|L_CONS, "Failed opening /dev/null: %s\n",
145 dup2(devnull, STDIN_FILENO);
148 * Only massage the pipe handles if the parent
153 * pd[0] is the FD the child will read from,
154 * which we don't want.
156 if (close(pd[0]) != 0) {
157 radlog(L_ERR|L_CONS, "Can't close pipe: %s",
163 * pd[1] is the FD that the child will write to,
164 * so we make it STDOUT.
166 if (dup2(pd[1], STDOUT_FILENO) != 1) {
167 radlog(L_ERR|L_CONS, "Can't dup stdout: %s",
172 } else { /* no pipe, STDOUT should be /dev/null */
173 dup2(devnull, STDOUT_FILENO);
177 * If we're not debugging, then we can't do
178 * anything with the error messages, so we throw
181 * If we are debugging, then we want the error
182 * messages to go to the STDERR of the server.
184 if (debug_flag == 0) {
185 dup2(devnull, STDERR_FILENO);
190 * The server may have MANY FD's open. We don't
191 * want to leave dangling FD's for the child process
192 * to play funky games with, so we close them.
194 for (i = 3; i < 256; i++) {
199 * Set up the environment variables.
200 * We're in the child, and it will exit in 4 lines
201 * anyhow, so memory allocation isn't an issue.
205 for (vp = request->packet->vps; vp->next; vp = vp->next) {
207 * Hmm... maybe we shouldn't pass the
208 * user's password in an environment
211 snprintf(buffer, sizeof(buffer), "%s=", vp->name);
212 for (p = buffer; *p != '='; p++) {
215 } else if (isalpha(*p)) {
221 vp_prints_value(buffer+n, sizeof(buffer) - n, vp, 1);
223 envp[envlen++] = strdup(buffer);
227 execve(argv[0], argv, envp);
229 radlog(L_ERR, "Exec-Program: FAILED to execute %s: %s",
230 argv[0], strerror(errno));
238 radlog(L_ERR|L_CONS, "Couldn't fork %s: %s",
239 argv[0], strerror(errno));
244 * We're not waiting, exit, and ignore any child's
252 * Close the FD to which the child writes it's data.
254 * If we can't close it, then we close pd[0], and return an
257 if (close(pd[1]) != 0) {
258 radlog(L_ERR|L_CONS, "Can't close pipe: %s", strerror(errno));
264 * Read from the pipe until we doesn't get any more or
265 * until the message is full.
268 left = sizeof(answer) - 1;
270 status = read(pd[0], answer + done, left);
272 * Nothing more to read: stop.
279 * Error: See if we have to continue.
283 * We were interrupted: continue reading.
285 if (errno == EINTR) {
290 * There was another error. Most likely
291 * The child process has finished, and
299 if (left <= 0) break;
304 * Make sure that the writer can't block while writing to
305 * a pipe that no one is reading from anymore.
310 * Parse the output, if any.
314 * For backwards compatibility, first check
315 * for plain text (user_msg).
318 n = userparse(answer, &vp);
324 radlog(L_DBG, "Exec-Program-Wait: plaintext: %s", answer);
326 strncpy(message, answer, sizeof(message));
327 message[sizeof(message) - 1] = 0;
332 * HACK: Replace '\n' with ',' so that
333 * userparse() can parse the buffer in
334 * one go (the proper way would be to
335 * fix userparse(), but oh well).
337 for (p = answer; *p; p++) {
339 *p = comma ? ' ' : ',';
343 if (*p == ',') comma++;
347 * Replace any trailing comma by a NUL.
349 if (answer[strlen(answer) - 1] == ',') {
350 answer[strlen(answer) - 1] = '\0';
353 radlog(L_DBG,"Exec-Program-Wait: value-pairs: %s", answer);
354 if (userparse(answer, &vp) < 0) {
355 radlog(L_ERR, "Exec-Program-Wait: %s: unparsable reply", cmd);
359 * Add the attributes to the reply.
361 pairmove(&request->reply->vps, &vp);
364 } /* else the answer was a set of VP's, not a text message */
365 } /* else we didn't read anything from the child. */
368 * Call rad_waitpid (should map to waitpid on non-threaded
369 * or single-server systems).
371 child_pid = rad_waitpid(pid, &status, 0);
372 if (child_pid == pid) {
373 if (WIFEXITED(status)) {
374 status = WEXITSTATUS(status);
375 radlog(L_DBG, "Exec-Program: returned: %d", status);
380 radlog(L_ERR|L_CONS, "Exec-Program: Abnormal child exit");