X-Git-Url: https://git.cworth.org/git?p=fips;a=blobdiff_plain;f=execute.c;h=07fd30f4e26f2d282032e4702e42cdecb8ee910a;hp=3ed645a554a20dcedc4564ecb3e537ca2b4ef1ea;hb=da0ee5e7efab316635f59d212028844f848fa6ce;hpb=802014dde0c3b25a48a4c6e5b09d20f52fb94324 diff --git a/execute.c b/execute.c index 3ed645a..07fd30f 100644 --- a/execute.c +++ b/execute.c @@ -19,12 +19,8 @@ * THE SOFTWARE. */ -#include "config.h" +#include "fips.h" -#include -#include - -#include #include #include @@ -40,6 +36,7 @@ #include #include "execute.h" +#include "xmalloc.h" /* Terminate a string representing a filename at the final '/' to * eliminate the final filename component, (leaving only the directory @@ -81,20 +78,20 @@ get_bin_name (void *ctx) * of the filename being linked to). Go figure. */ int name_len = PATH_MAX + 1; - name = talloc_size (ctx, name_len - 1); + name = talloc_size (ctx, name_len); if (name == NULL) { fprintf (stderr, "Out of memory.\n"); exit (1); } - name_len = readlink (link, name, name_len); + name_len = readlink (link, name, name_len - 1); if (name_len < 0) { fprintf (stderr, "Failed to readlink %s: %s\n", link, strerror (errno)); exit (1); } - name[name_len + 1] = '\0'; + name[name_len] = '\0'; return name; } @@ -283,63 +280,22 @@ find_libfips_path (void *ctx, const char *program) "\t%s\n" "and\n" "\t%s/" BINDIR_TO_LIBFIPSDIR "\n", bin_path, bin_path); - exit (1); -} - -/* After forking, set LD_PRELOAD to preload libfips-{32,64}.so within - * child environment, then exec given arguments. - */ -static int -fork_exec_with_fips_preload_and_wait (char * const argv[]) -{ - pid_t pid; - int i, status; - - pid = fork (); - /* Child */ - if (pid == 0) { - void *ctx = talloc_new (NULL); - char *lib_path; - - lib_path = find_libfips_path (ctx, argv[0]); - - setenv ("LD_PRELOAD", lib_path, 1); - - talloc_free (ctx); - - execvp (argv[0], argv); - fprintf (stderr, "Failed to execute:"); - for (i = 0; argv[i]; i++) { - fprintf (stderr, " %s", argv[i]); - } - fprintf (stderr, "\n"); - exit (1); - } - - /* Parent */ - waitpid (pid, &status, 0); - if (WIFEXITED (status)) { - return (WEXITSTATUS (status)); - } - if (WIFSIGNALED (status)) { - fprintf (stderr, "Child terminated by signal %d\n", - WTERMSIG (status)); - } - return 1; + fprintf(stderr, "\nIt's possible fips was not compiled with support for %d-bit applications.\n", bits); + fprintf(stderr, "Perhaps you need to install gcc-multilib and re-compile fips?\n"); + exit (1); } int execute_with_fips_preload (int argc, char * const argv[]) { + void *ctx = talloc_new (NULL); + char *lib_path; + char *ld_preload_value; char **execvp_args; int i; - execvp_args = malloc((argc + 1) * sizeof(char *)); - if (execvp_args == NULL) { - fprintf (stderr, "Out of memory,\n"); - return 1; - } + execvp_args = xmalloc((argc + 1) * sizeof(char *)); for (i = 0; i < argc; i++) { execvp_args[i] = argv[i]; @@ -348,5 +304,27 @@ execute_with_fips_preload (int argc, char * const argv[]) /* execvp needs final NULL */ execvp_args[i] = NULL; - return fork_exec_with_fips_preload_and_wait (execvp_args); + lib_path = find_libfips_path (ctx, argv[0]); + + ld_preload_value = getenv ("LD_PRELOAD"); + + if (ld_preload_value) { + ld_preload_value = talloc_asprintf(ctx, "%s:%s", + ld_preload_value, + lib_path); + } else { + ld_preload_value = lib_path; + } + + setenv ("LD_PRELOAD", ld_preload_value, 1); + + talloc_free (ctx); + + execvp (argv[0], argv); + fprintf (stderr, "Failed to execute:"); + for (i = 0; argv[i]; i++) { + fprintf (stderr, " %s", argv[i]); + } + fprintf (stderr, "\n"); + exit (1); }