From f0c345c4cf48ef1f695dc20c2d6fe6a492ecc18c Mon Sep 17 00:00:00 2001 From: Wesley Schwengle Date: Wed, 3 Apr 2019 22:34:57 +0200 Subject: [PATCH 1/2] agent.c: Add _assert_socket_sun_path function --- agent.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/agent.c b/agent.c index 47a5fa28..fb098a09 100644 --- a/agent.c +++ b/agent.c @@ -136,6 +136,13 @@ static int agent_socket_get_cred(int fd, struct ucred *cred) } #endif +void _assert_socket_sun_path(struct sockaddr_un *sa, char *path) +{ + if (strlen(path) >= sizeof(sa->sun_path)) + die("Path too large for agent control socket."); +} + + static void agent_run(unsigned const char key[KDF_HASH_LEN]) { char *agent_timeout_str; @@ -158,8 +165,7 @@ static void agent_run(unsigned const char key[KDF_HASH_LEN]) alarm(agent_timeout); _cleanup_free_ char *path = agent_socket_path(); - if (strlen(path) >= sizeof(sa.sun_path)) - die("Path too large for agent control socket."); + _assert_socket_sun_path(&sa, path); fd = socket(AF_UNIX, SOCK_STREAM, 0); @@ -209,8 +215,7 @@ void agent_kill(void) int fd; _cleanup_free_ char *path = agent_socket_path(); - if (strlen(path) >= sizeof(sa.sun_path)) - die("Path too large for agent control socket."); + _assert_socket_sun_path(&sa, path); fd = socket(AF_UNIX, SOCK_STREAM, 0); @@ -243,8 +248,7 @@ bool agent_ask(unsigned char key[KDF_HASH_LEN]) bool ret = false; _cleanup_free_ char *path = agent_socket_path(); - if (strlen(path) >= sizeof(sa.sun_path)) - die("Path too large for agent control socket."); + _assert_socket_sun_path(&sa, path); fd = socket(AF_UNIX, SOCK_STREAM, 0); From afd66ad4df4aa7fd71652de52c2d3324c4358cab Mon Sep 17 00:00:00 2001 From: Wesley Schwengle Date: Wed, 3 Apr 2019 22:48:37 +0200 Subject: [PATCH 2/2] agent.c: create function _setup_agent_socket --- agent.c | 40 ++++++++++++++++++---------------------- 1 file changed, 18 insertions(+), 22 deletions(-) diff --git a/agent.c b/agent.c index fb098a09..e02a12d0 100644 --- a/agent.c +++ b/agent.c @@ -138,10 +138,23 @@ static int agent_socket_get_cred(int fd, struct ucred *cred) void _assert_socket_sun_path(struct sockaddr_un *sa, char *path) { - if (strlen(path) >= sizeof(sa->sun_path)) + if (strlen(path) >= sizeof(sa->sun_path)) { die("Path too large for agent control socket."); + } } +int _setup_agent_socket(struct sockaddr_un *sa, char *path) +{ + int fd; + + _assert_socket_sun_path(sa, path); + memset(sa, 0, sizeof(*sa)); + sa->sun_family = AF_UNIX; + strlcpy(sa->sun_path, path, sizeof(sa->sun_path)); + + fd = socket(AF_UNIX, SOCK_STREAM, 0); + return fd; +} static void agent_run(unsigned const char key[KDF_HASH_LEN]) { @@ -157,6 +170,7 @@ static void agent_run(unsigned const char key[KDF_HASH_LEN]) signal(SIGQUIT, agent_cleanup); signal(SIGTERM, agent_cleanup); signal(SIGALRM, agent_cleanup); + agent_timeout_str = getenv("LPASS_AGENT_TIMEOUT"); agent_timeout = 60 * 60; /* One hour by default. */ if (agent_timeout_str && strlen(agent_timeout_str)) @@ -165,13 +179,7 @@ static void agent_run(unsigned const char key[KDF_HASH_LEN]) alarm(agent_timeout); _cleanup_free_ char *path = agent_socket_path(); - _assert_socket_sun_path(&sa, path); - - fd = socket(AF_UNIX, SOCK_STREAM, 0); - - memset(&sa, 0, sizeof(sa)); - sa.sun_family = AF_UNIX; - strlcpy(sa.sun_path, path, sizeof(sa.sun_path)); + fd = _setup_agent_socket(&sa, path); unlink(path); @@ -215,13 +223,7 @@ void agent_kill(void) int fd; _cleanup_free_ char *path = agent_socket_path(); - _assert_socket_sun_path(&sa, path); - - fd = socket(AF_UNIX, SOCK_STREAM, 0); - - memset(&sa, 0, sizeof(sa)); - sa.sun_family = AF_UNIX; - strlcpy(sa.sun_path, path, sizeof(sa.sun_path)); + fd = _setup_agent_socket(&sa, path); if (connect(fd, (struct sockaddr *)&sa, SUN_LEN(&sa)) < 0) goto out; @@ -248,13 +250,7 @@ bool agent_ask(unsigned char key[KDF_HASH_LEN]) bool ret = false; _cleanup_free_ char *path = agent_socket_path(); - _assert_socket_sun_path(&sa, path); - - fd = socket(AF_UNIX, SOCK_STREAM, 0); - - memset(&sa, 0, sizeof(sa)); - sa.sun_family = AF_UNIX; - strlcpy(sa.sun_path, path, sizeof(sa.sun_path)); + fd = _setup_agent_socket(&sa, path); ret = connect(fd, (struct sockaddr *)&sa, SUN_LEN(&sa)) >= 0; if (!ret)