From 71d3d4aca6c9f2024f4ba84ba285705b4d74600d Mon Sep 17 00:00:00 2001 From: Ted Gould Date: Thu, 30 Aug 2012 11:34:13 -0500 Subject: Use the pipe to signal when the subprocess has gotten to a point where it can opperate. --- src/pam-freerdp.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'src/pam-freerdp.c') diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c index 9007a52..89c5d5d 100644 --- a/src/pam-freerdp.c +++ b/src/pam-freerdp.c @@ -33,6 +33,7 @@ #include #define PAM_TYPE_DOMAIN 1234 +#define ALL_GOOD_SIGNAL "Ar, ready to authenticate cap'n" static char * global_domain = NULL; /* FIXME? This is a work around to the fact that PAM seems to be clearing @@ -269,6 +270,9 @@ session_socket_handler (struct passwd * pwdent, int readypipe, const char * ruse /* Track write out */ int writedata = 0; + /* Track ready writing */ + int readywrite = 0; + if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 || setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) { /* Don't need to clean up yet */ @@ -337,6 +341,11 @@ session_socket_handler (struct passwd * pwdent, int readypipe, const char * ruse goto cleanup; } + readywrite = write(readypipe, ALL_GOOD_SIGNAL, strlen(ALL_GOOD_SIGNAL) + 1); + if (readywrite != strlen(ALL_GOOD_SIGNAL) + 1) { + goto cleanup; + } + connected_addr_size = sizeof(struct sockaddr_un); connectfd = accept(socketfd, (struct sockaddr *)&connected_addr, &connected_addr_size); if (connectfd < 0) { @@ -422,8 +431,18 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv retval = PAM_SYSTEM_ERR; } else { + char readbuffer[strlen(ALL_GOOD_SIGNAL) + 1]; + int readlen = 0; + + readlen = read(sessionready[0], readbuffer, strlen(ALL_GOOD_SIGNAL) + 1); + close(sessionready[0]); - session_pid = pid; + + if (readlen == strlen(ALL_GOOD_SIGNAL) + 1) { + session_pid = pid; + } else { + retval = PAM_SYSTEM_ERR; + } } done: -- cgit v1.2.3