1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
#include <stdio.h>
#include <sys/types.h>
#include <sys/wait.h>
#include "capabilities.h"
#include "log.h"
#include "log_colored.h"
#include "utils.h"
#include "redirector.h"
#include "protocol_ssh.h"
#include "forward.h"
#include "jail.h"
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
int main(int argc, char *argv[])
{
const size_t rdr_siz = 3;
const size_t proto_siz = 2;
const size_t jail_siz = 2;
const char *rdr_ports[rdr_siz];
const char *proto_ports[proto_siz];
const char *jail_ports[jail_siz];
redirector_ctx *rdr[rdr_siz];
protocol_ctx *ssh_proto[proto_siz];
jail_ctx *jail[jail_siz];
event_ctx *rdr_event = NULL;
event_ctx *jail_event = NULL;
int proc_status;
pid_t daemon_pid, rdr_pid, jail_pid, child_pid;
(void) argc;
(void) argv;
arg0 = argv[0];
caps_default_filter();
LOG_SET_FUNCS_VA(LOG_COLORED_FUNCS);
N("%s (C) 2018 Toni Uhlig (%s)", PACKAGE_STRING, PACKAGE_BUGREPORT);
D("%s", "Forking into background/foreground");
daemon_pid = daemonize(1);
ABORT_ON_FATAL( daemon_pid > 0, "Forking" );
if (daemon_pid == 0) {
set_procname("[potd] main");
} else {
FATAL("Forking (fork returned %d)", daemon_pid);
}
D2("Master pid: %d", getpid());
memset(jail, 0, sizeof(jail));
jail_ports[0] = "33333";
jail_ports[1] = "33334";
for (size_t i = 0; i < jail_siz; ++i) {
D("Initialising jail service on port %s", jail_ports[i]);
jail_init_ctx(&jail[i], MAX_STACKSIZE);
//jail[i]->newroot = strdup("/home/lns/git/busybox/sysroot");
jail[i]->newroot = strdup("/home/toni/git/busybox/_install");
ABORT_ON_FATAL( jail_setup(jail[i], "127.0.0.1", jail_ports[i]),
"Jail daemon setup" );
ABORT_ON_FATAL( jail_validate_ctx(jail[i]),
"Jail validation" );
}
ABORT_ON_FATAL( jail_setup_event( jail, jail_siz, &jail_event ),
"Jail daemon epoll setup" );
jail_pid = jail_daemonize(&jail_event, jail, jail_siz);
ABORT_ON_FATAL( jail_pid < 1, "Jail daemon startup" );
memset(ssh_proto, 0, sizeof(proto_ports));
proto_ports[0] = "22222";
proto_ports[1] = "22223";
for (size_t i = 0; i < proto_siz; ++i) {
ABORT_ON_FATAL( proto_init_ctx(&ssh_proto[i], ssh_init_cb),
"SSH Protocol init" );
ABORT_ON_FATAL( proto_setup(ssh_proto[i], "127.0.0.1", proto_ports[i],
"127.0.0.1", jail_ports[i]), "SSH Protocol setup" );
ABORT_ON_FATAL( proto_validate_ctx(ssh_proto[i]),
"SSH validation" );
}
memset(rdr, 0, sizeof(rdr));
rdr_ports[0] = "2222";
rdr_ports[1] = "2223";
rdr_ports[2] = "22050";
for (size_t i = 0; i < rdr_siz; ++i) {
D("Initialising redirector service on port %s", rdr_ports[i]);
ABORT_ON_FATAL( redirector_init_ctx(&rdr[i]),
"Redirector init" );
ABORT_ON_FATAL( redirector_setup(rdr[i], NULL, rdr_ports[i],
"127.0.0.1", "22222"), "Redirector setup" );
ABORT_ON_FATAL( redirector_validate_ctx(rdr[i]),
"Redirector validation" );
}
D2("%s", "Redirector event setup");
ABORT_ON_FATAL( redirector_setup_event( rdr, rdr_siz, &rdr_event ),
"Redirector event setup" );
D2("Main process is dropping privileges to %s:%s", "nobody", "NULL");
ABORT_ON_FATAL( change_user_group("nobody", NULL),
"Main process dropping privileges" );
N("%s", "Redirector epoll mainloop");
rdr_pid = redirector_daemonize( rdr_event, rdr, rdr_siz );
ABORT_ON_FATAL( rdr_pid < 1, "Server epoll mainloop" );
while (1) {
child_pid = wait(&proc_status);
if (child_pid == jail_pid ||
child_pid == rdr_pid) {
E2("%s daemon with pid %d terminated, exiting",
(child_pid == jail_pid ? "Jail" : "Server"),
(child_pid == jail_pid ? jail_pid : rdr_pid));
break;
}
}
return 0;
}
|