diff --git a/MANIFEST b/MANIFEST index 2717ed17a..57f8f82ae 100644 --- a/MANIFEST +++ b/MANIFEST @@ -81,6 +81,7 @@ include/compat/nss_dbdefs.h include/compat/sha2.h include/compat/stdbool.h include/hostcheck.h +include/intercept.pb-c.h include/log_server.pb-c.h include/protobuf-c/protobuf-c.h include/sudo_compat.h @@ -1107,6 +1108,8 @@ src/exec_nopty.c src/exec_pty.c src/get_pty.c src/hooks.c +src/intercept.pb-c.c +src/intercept.proto src/limits.c src/load_plugins.c src/net_ifs.c diff --git a/include/intercept.pb-c.h b/include/intercept.pb-c.h new file mode 100644 index 000000000..de4f5d5be --- /dev/null +++ b/include/intercept.pb-c.h @@ -0,0 +1,283 @@ +/* Generated by the protocol buffer compiler. DO NOT EDIT! */ +/* Generated from: intercept.proto */ + +#ifndef PROTOBUF_C_intercept_2eproto__INCLUDED +#define PROTOBUF_C_intercept_2eproto__INCLUDED + +#include + +PROTOBUF_C__BEGIN_DECLS + +#if PROTOBUF_C_VERSION_NUMBER < 1003000 +# error This file was generated by a newer version of protoc-c which is incompatible with your libprotobuf-c headers. Please update your headers. +#elif 1003003 < PROTOBUF_C_MIN_COMPILER_VERSION +# error This file was generated by an older version of protoc-c which is incompatible with your libprotobuf-c headers. Please regenerate this file with a newer version of protoc-c. +#endif + + +typedef struct _InterceptMessage InterceptMessage; +typedef struct _PolicyCheckRequest PolicyCheckRequest; +typedef struct _PolicyAcceptMessage PolicyAcceptMessage; +typedef struct _PolicyRejectMessage PolicyRejectMessage; +typedef struct _PolicyErrorMessage PolicyErrorMessage; +typedef struct _PolicyCheckResult PolicyCheckResult; + + +/* --- enums --- */ + + +/* --- messages --- */ + +typedef enum { + INTERCEPT_MESSAGE__TYPE__NOT_SET = 0, + INTERCEPT_MESSAGE__TYPE_POLICY_CHECK_REQ = 1 + PROTOBUF_C__FORCE_ENUM_TO_BE_INT_SIZE(INTERCEPT_MESSAGE__TYPE) +} InterceptMessage__TypeCase; + +/* + * Intercept message from sudo_intercept.so. Messages on the + * wire are prefixed with a 32-bit size in network byte order. + */ +struct _InterceptMessage +{ + ProtobufCMessage base; + InterceptMessage__TypeCase type_case; + union { + PolicyCheckRequest *policy_check_req; + } u; +}; +#define INTERCEPT_MESSAGE__INIT \ + { PROTOBUF_C_MESSAGE_INIT (&intercept_message__descriptor) \ + , INTERCEPT_MESSAGE__TYPE__NOT_SET, {0} } + + +/* + * Policy check request from sudo_intercept.so. + * Note that the plugin API only currently supports passing + * the new environment in to the open() function. + */ +struct _PolicyCheckRequest +{ + ProtobufCMessage base; + char *command; + size_t n_argv; + char **argv; + size_t n_envp; + char **envp; +}; +#define POLICY_CHECK_REQUEST__INIT \ + { PROTOBUF_C_MESSAGE_INIT (&policy_check_request__descriptor) \ + , (char *)protobuf_c_empty_string, 0,NULL, 0,NULL } + + +struct _PolicyAcceptMessage +{ + ProtobufCMessage base; + char *run_command; + size_t n_run_argv; + char **run_argv; + size_t n_run_envp; + char **run_envp; +}; +#define POLICY_ACCEPT_MESSAGE__INIT \ + { PROTOBUF_C_MESSAGE_INIT (&policy_accept_message__descriptor) \ + , (char *)protobuf_c_empty_string, 0,NULL, 0,NULL } + + +struct _PolicyRejectMessage +{ + ProtobufCMessage base; + char *reject_message; +}; +#define POLICY_REJECT_MESSAGE__INIT \ + { PROTOBUF_C_MESSAGE_INIT (&policy_reject_message__descriptor) \ + , (char *)protobuf_c_empty_string } + + +struct _PolicyErrorMessage +{ + ProtobufCMessage base; + char *error_message; +}; +#define POLICY_ERROR_MESSAGE__INIT \ + { PROTOBUF_C_MESSAGE_INIT (&policy_error_message__descriptor) \ + , (char *)protobuf_c_empty_string } + + +typedef enum { + POLICY_CHECK_RESULT__TYPE__NOT_SET = 0, + POLICY_CHECK_RESULT__TYPE_ACCEPT_MSG = 1, + POLICY_CHECK_RESULT__TYPE_REJECT_MSG = 2, + POLICY_CHECK_RESULT__TYPE_ERROR_MSG = 3 + PROTOBUF_C__FORCE_ENUM_TO_BE_INT_SIZE(POLICY_CHECK_RESULT__TYPE) +} PolicyCheckResult__TypeCase; + +/* + * Policy check result sent back to sudo_intercept.so. + */ +struct _PolicyCheckResult +{ + ProtobufCMessage base; + PolicyCheckResult__TypeCase type_case; + union { + PolicyAcceptMessage *accept_msg; + PolicyRejectMessage *reject_msg; + PolicyErrorMessage *error_msg; + } u; +}; +#define POLICY_CHECK_RESULT__INIT \ + { PROTOBUF_C_MESSAGE_INIT (&policy_check_result__descriptor) \ + , POLICY_CHECK_RESULT__TYPE__NOT_SET, {0} } + + +/* InterceptMessage methods */ +void intercept_message__init + (InterceptMessage *message); +size_t intercept_message__get_packed_size + (const InterceptMessage *message); +size_t intercept_message__pack + (const InterceptMessage *message, + uint8_t *out); +size_t intercept_message__pack_to_buffer + (const InterceptMessage *message, + ProtobufCBuffer *buffer); +InterceptMessage * + intercept_message__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data); +void intercept_message__free_unpacked + (InterceptMessage *message, + ProtobufCAllocator *allocator); +/* PolicyCheckRequest methods */ +void policy_check_request__init + (PolicyCheckRequest *message); +size_t policy_check_request__get_packed_size + (const PolicyCheckRequest *message); +size_t policy_check_request__pack + (const PolicyCheckRequest *message, + uint8_t *out); +size_t policy_check_request__pack_to_buffer + (const PolicyCheckRequest *message, + ProtobufCBuffer *buffer); +PolicyCheckRequest * + policy_check_request__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data); +void policy_check_request__free_unpacked + (PolicyCheckRequest *message, + ProtobufCAllocator *allocator); +/* PolicyAcceptMessage methods */ +void policy_accept_message__init + (PolicyAcceptMessage *message); +size_t policy_accept_message__get_packed_size + (const PolicyAcceptMessage *message); +size_t policy_accept_message__pack + (const PolicyAcceptMessage *message, + uint8_t *out); +size_t policy_accept_message__pack_to_buffer + (const PolicyAcceptMessage *message, + ProtobufCBuffer *buffer); +PolicyAcceptMessage * + policy_accept_message__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data); +void policy_accept_message__free_unpacked + (PolicyAcceptMessage *message, + ProtobufCAllocator *allocator); +/* PolicyRejectMessage methods */ +void policy_reject_message__init + (PolicyRejectMessage *message); +size_t policy_reject_message__get_packed_size + (const PolicyRejectMessage *message); +size_t policy_reject_message__pack + (const PolicyRejectMessage *message, + uint8_t *out); +size_t policy_reject_message__pack_to_buffer + (const PolicyRejectMessage *message, + ProtobufCBuffer *buffer); +PolicyRejectMessage * + policy_reject_message__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data); +void policy_reject_message__free_unpacked + (PolicyRejectMessage *message, + ProtobufCAllocator *allocator); +/* PolicyErrorMessage methods */ +void policy_error_message__init + (PolicyErrorMessage *message); +size_t policy_error_message__get_packed_size + (const PolicyErrorMessage *message); +size_t policy_error_message__pack + (const PolicyErrorMessage *message, + uint8_t *out); +size_t policy_error_message__pack_to_buffer + (const PolicyErrorMessage *message, + ProtobufCBuffer *buffer); +PolicyErrorMessage * + policy_error_message__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data); +void policy_error_message__free_unpacked + (PolicyErrorMessage *message, + ProtobufCAllocator *allocator); +/* PolicyCheckResult methods */ +void policy_check_result__init + (PolicyCheckResult *message); +size_t policy_check_result__get_packed_size + (const PolicyCheckResult *message); +size_t policy_check_result__pack + (const PolicyCheckResult *message, + uint8_t *out); +size_t policy_check_result__pack_to_buffer + (const PolicyCheckResult *message, + ProtobufCBuffer *buffer); +PolicyCheckResult * + policy_check_result__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data); +void policy_check_result__free_unpacked + (PolicyCheckResult *message, + ProtobufCAllocator *allocator); +/* --- per-message closures --- */ + +typedef void (*InterceptMessage_Closure) + (const InterceptMessage *message, + void *closure_data); +typedef void (*PolicyCheckRequest_Closure) + (const PolicyCheckRequest *message, + void *closure_data); +typedef void (*PolicyAcceptMessage_Closure) + (const PolicyAcceptMessage *message, + void *closure_data); +typedef void (*PolicyRejectMessage_Closure) + (const PolicyRejectMessage *message, + void *closure_data); +typedef void (*PolicyErrorMessage_Closure) + (const PolicyErrorMessage *message, + void *closure_data); +typedef void (*PolicyCheckResult_Closure) + (const PolicyCheckResult *message, + void *closure_data); + +/* --- services --- */ + + +/* --- descriptors --- */ + +extern const ProtobufCMessageDescriptor intercept_message__descriptor; +extern const ProtobufCMessageDescriptor policy_check_request__descriptor; +extern const ProtobufCMessageDescriptor policy_accept_message__descriptor; +extern const ProtobufCMessageDescriptor policy_reject_message__descriptor; +extern const ProtobufCMessageDescriptor policy_error_message__descriptor; +extern const ProtobufCMessageDescriptor policy_check_result__descriptor; + +PROTOBUF_C__END_DECLS + + +#endif /* PROTOBUF_C_intercept_2eproto__INCLUDED */ diff --git a/src/Makefile.in b/src/Makefile.in index 72a156bf2..8594aaf0e 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -43,7 +43,8 @@ INSTALL_OWNER = -o $(install_uid) -g $(install_gid) INSTALL_BACKUP = @INSTALL_BACKUP@ # Libraries -LT_LIBS = $(top_builddir)/lib/util/libsudo_util.la +LT_LIBS = $(top_builddir)/lib/util/libsudo_util.la \ + $(top_builddir)/lib/protobuf-c/libprotobuf-c.la LIBS = @LIBS@ @SUDO_LIBS@ @GETGROUPS_LIB@ @NET_LIBS@ $(LT_LIBS) # C preprocessor defines @@ -121,6 +122,9 @@ TEST_PROGS = check_net_ifs @CHECK_NOEXEC@ check_ttyname TEST_LIBS = @LIBS@ $(LT_LIBS) TEST_LDFLAGS = @LDFLAGS@ +# Set to non-empty for development mode +DEVEL = @DEVEL@ + #### End of system configuration section. #### SHELL = @SHELL@ @@ -129,8 +133,8 @@ PROGS = @PROGS@ OBJS = conversation.o copy_file.o edit_open.o env_hooks.o exec.o \ exec_common.o exec_monitor.o exec_nopty.o exec_pty.o get_pty.o hooks.o \ - limits.o load_plugins.o net_ifs.o parse_args.o preserve_fds.o \ - signal.o sudo.o sudo_edit.o tcsetpgrp_nobg.o tgetpass.o \ + intercept.pb-c.o limits.o load_plugins.o net_ifs.o parse_args.o \ + preserve_fds.o signal.o sudo.o sudo_edit.o tcsetpgrp_nobg.o tgetpass.o \ ttyname.o utmp.o @SUDO_OBJS@ IOBJS = $(OBJS:.o=.i) sesh.i @@ -149,6 +153,8 @@ LIBOBJDIR = $(top_builddir)/@ac_config_libobj_dir@/ VERSION = @PACKAGE_VERSION@ +GENERATED = intercept.pb-c.h intercept.pb-c.c + all: $(PROGS) depend: @@ -176,6 +182,20 @@ Makefile: $(srcdir)/Makefile.in .i.plog: ifile=$<; rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $${ifile%i}c --i-file $< --output-file $@ +$(devdir)/intercept.pb-c.c: $(srcdir)/intercept.proto + @if [ -n "$(DEVEL)" ]; then \ + cmd='protoc-c --c_out=$(devdir) --proto_path=$(srcdir) $(srcdir)/intercept.proto'; \ + echo "$$cmd"; eval $$cmd; \ + cmd='$(scriptdir)/unanon $(devdir)/intercept.pb-c.h $(devdir)/intercept.pb-c.c'; \ + echo "$$cmd"; eval $$cmd; \ + if [ "$(devdir)" == "$(srcdir)" ]; then \ + cmd='mv -f $(devdir)/intercept.pb-c.h $(incdir)/intercept.pb-c.h'; \ + else \ + cmd='mv -f $(devdir)/intercept.pb-c.h $(top_builddir)/intercept.pb-c.h'; \ + fi; \ + echo "$$cmd"; eval $$cmd; \ + fi + sudo: $(OBJS) $(LT_LIBS) @STATIC_SUDOERS@ $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(OBJS) $(SUDO_LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @STATIC_SUDOERS@ @@ -298,6 +318,10 @@ mostlyclean: clean distclean: clean -rm -rf Makefile .libs sudo_usage.h + @if [ -n "$(DEVEL)" -a "$(devdir)" != "$(srcdir)" ]; then \ + cmd='rm -rf $(GENERATED)'; \ + echo "$$cmd"; eval $$cmd; \ + fi clobber: distclean @@ -556,6 +580,14 @@ hooks.i: $(srcdir)/hooks.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \ $(CC) -E -o $@ $(CPPFLAGS) $< hooks.plog: hooks.i rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/hooks.c --i-file $< --output-file $@ +intercept.pb-c.o: $(srcdir)/intercept.pb-c.c $(incdir)/intercept.pb-c.h \ + $(incdir)/protobuf-c/protobuf-c.h + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/intercept.pb-c.c +intercept.pb-c.i: $(srcdir)/intercept.pb-c.c $(incdir)/intercept.pb-c.h \ + $(incdir)/protobuf-c/protobuf-c.h + $(CC) -E -o $@ $(CPPFLAGS) $< +intercept.pb-c.plog: intercept.pb-c.i + rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/intercept.pb-c.c --i-file $< --output-file $@ limits.o: $(srcdir)/limits.c $(incdir)/compat/stdbool.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \ diff --git a/src/intercept.pb-c.c b/src/intercept.pb-c.c new file mode 100644 index 000000000..388141bc9 --- /dev/null +++ b/src/intercept.pb-c.c @@ -0,0 +1,585 @@ +/* Generated by the protocol buffer compiler. DO NOT EDIT! */ +/* Generated from: intercept.proto */ + +/* Do not generate deprecated warnings for self */ +#ifndef PROTOBUF_C__NO_DEPRECATED +#define PROTOBUF_C__NO_DEPRECATED +#endif + +#include "intercept.pb-c.h" +void intercept_message__init + (InterceptMessage *message) +{ + static const InterceptMessage init_value = INTERCEPT_MESSAGE__INIT; + *message = init_value; +} +size_t intercept_message__get_packed_size + (const InterceptMessage *message) +{ + assert(message->base.descriptor == &intercept_message__descriptor); + return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); +} +size_t intercept_message__pack + (const InterceptMessage *message, + uint8_t *out) +{ + assert(message->base.descriptor == &intercept_message__descriptor); + return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); +} +size_t intercept_message__pack_to_buffer + (const InterceptMessage *message, + ProtobufCBuffer *buffer) +{ + assert(message->base.descriptor == &intercept_message__descriptor); + return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); +} +InterceptMessage * + intercept_message__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data) +{ + return (InterceptMessage *) + protobuf_c_message_unpack (&intercept_message__descriptor, + allocator, len, data); +} +void intercept_message__free_unpacked + (InterceptMessage *message, + ProtobufCAllocator *allocator) +{ + if(!message) + return; + assert(message->base.descriptor == &intercept_message__descriptor); + protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); +} +void policy_check_request__init + (PolicyCheckRequest *message) +{ + static const PolicyCheckRequest init_value = POLICY_CHECK_REQUEST__INIT; + *message = init_value; +} +size_t policy_check_request__get_packed_size + (const PolicyCheckRequest *message) +{ + assert(message->base.descriptor == &policy_check_request__descriptor); + return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); +} +size_t policy_check_request__pack + (const PolicyCheckRequest *message, + uint8_t *out) +{ + assert(message->base.descriptor == &policy_check_request__descriptor); + return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); +} +size_t policy_check_request__pack_to_buffer + (const PolicyCheckRequest *message, + ProtobufCBuffer *buffer) +{ + assert(message->base.descriptor == &policy_check_request__descriptor); + return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); +} +PolicyCheckRequest * + policy_check_request__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data) +{ + return (PolicyCheckRequest *) + protobuf_c_message_unpack (&policy_check_request__descriptor, + allocator, len, data); +} +void policy_check_request__free_unpacked + (PolicyCheckRequest *message, + ProtobufCAllocator *allocator) +{ + if(!message) + return; + assert(message->base.descriptor == &policy_check_request__descriptor); + protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); +} +void policy_accept_message__init + (PolicyAcceptMessage *message) +{ + static const PolicyAcceptMessage init_value = POLICY_ACCEPT_MESSAGE__INIT; + *message = init_value; +} +size_t policy_accept_message__get_packed_size + (const PolicyAcceptMessage *message) +{ + assert(message->base.descriptor == &policy_accept_message__descriptor); + return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); +} +size_t policy_accept_message__pack + (const PolicyAcceptMessage *message, + uint8_t *out) +{ + assert(message->base.descriptor == &policy_accept_message__descriptor); + return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); +} +size_t policy_accept_message__pack_to_buffer + (const PolicyAcceptMessage *message, + ProtobufCBuffer *buffer) +{ + assert(message->base.descriptor == &policy_accept_message__descriptor); + return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); +} +PolicyAcceptMessage * + policy_accept_message__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data) +{ + return (PolicyAcceptMessage *) + protobuf_c_message_unpack (&policy_accept_message__descriptor, + allocator, len, data); +} +void policy_accept_message__free_unpacked + (PolicyAcceptMessage *message, + ProtobufCAllocator *allocator) +{ + if(!message) + return; + assert(message->base.descriptor == &policy_accept_message__descriptor); + protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); +} +void policy_reject_message__init + (PolicyRejectMessage *message) +{ + static const PolicyRejectMessage init_value = POLICY_REJECT_MESSAGE__INIT; + *message = init_value; +} +size_t policy_reject_message__get_packed_size + (const PolicyRejectMessage *message) +{ + assert(message->base.descriptor == &policy_reject_message__descriptor); + return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); +} +size_t policy_reject_message__pack + (const PolicyRejectMessage *message, + uint8_t *out) +{ + assert(message->base.descriptor == &policy_reject_message__descriptor); + return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); +} +size_t policy_reject_message__pack_to_buffer + (const PolicyRejectMessage *message, + ProtobufCBuffer *buffer) +{ + assert(message->base.descriptor == &policy_reject_message__descriptor); + return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); +} +PolicyRejectMessage * + policy_reject_message__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data) +{ + return (PolicyRejectMessage *) + protobuf_c_message_unpack (&policy_reject_message__descriptor, + allocator, len, data); +} +void policy_reject_message__free_unpacked + (PolicyRejectMessage *message, + ProtobufCAllocator *allocator) +{ + if(!message) + return; + assert(message->base.descriptor == &policy_reject_message__descriptor); + protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); +} +void policy_error_message__init + (PolicyErrorMessage *message) +{ + static const PolicyErrorMessage init_value = POLICY_ERROR_MESSAGE__INIT; + *message = init_value; +} +size_t policy_error_message__get_packed_size + (const PolicyErrorMessage *message) +{ + assert(message->base.descriptor == &policy_error_message__descriptor); + return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); +} +size_t policy_error_message__pack + (const PolicyErrorMessage *message, + uint8_t *out) +{ + assert(message->base.descriptor == &policy_error_message__descriptor); + return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); +} +size_t policy_error_message__pack_to_buffer + (const PolicyErrorMessage *message, + ProtobufCBuffer *buffer) +{ + assert(message->base.descriptor == &policy_error_message__descriptor); + return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); +} +PolicyErrorMessage * + policy_error_message__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data) +{ + return (PolicyErrorMessage *) + protobuf_c_message_unpack (&policy_error_message__descriptor, + allocator, len, data); +} +void policy_error_message__free_unpacked + (PolicyErrorMessage *message, + ProtobufCAllocator *allocator) +{ + if(!message) + return; + assert(message->base.descriptor == &policy_error_message__descriptor); + protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); +} +void policy_check_result__init + (PolicyCheckResult *message) +{ + static const PolicyCheckResult init_value = POLICY_CHECK_RESULT__INIT; + *message = init_value; +} +size_t policy_check_result__get_packed_size + (const PolicyCheckResult *message) +{ + assert(message->base.descriptor == &policy_check_result__descriptor); + return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); +} +size_t policy_check_result__pack + (const PolicyCheckResult *message, + uint8_t *out) +{ + assert(message->base.descriptor == &policy_check_result__descriptor); + return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); +} +size_t policy_check_result__pack_to_buffer + (const PolicyCheckResult *message, + ProtobufCBuffer *buffer) +{ + assert(message->base.descriptor == &policy_check_result__descriptor); + return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); +} +PolicyCheckResult * + policy_check_result__unpack + (ProtobufCAllocator *allocator, + size_t len, + const uint8_t *data) +{ + return (PolicyCheckResult *) + protobuf_c_message_unpack (&policy_check_result__descriptor, + allocator, len, data); +} +void policy_check_result__free_unpacked + (PolicyCheckResult *message, + ProtobufCAllocator *allocator) +{ + if(!message) + return; + assert(message->base.descriptor == &policy_check_result__descriptor); + protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); +} +static const ProtobufCFieldDescriptor intercept_message__field_descriptors[1] = +{ + { + "policy_check_req", + 1, + PROTOBUF_C_LABEL_NONE, + PROTOBUF_C_TYPE_MESSAGE, + offsetof(InterceptMessage, type_case), + offsetof(InterceptMessage, u.policy_check_req), + &policy_check_request__descriptor, + NULL, + 0 | PROTOBUF_C_FIELD_FLAG_ONEOF, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, +}; +static const unsigned intercept_message__field_indices_by_name[] = { + 0, /* field[0] = policy_check_req */ +}; +static const ProtobufCIntRange intercept_message__number_ranges[1 + 1] = +{ + { 1, 0 }, + { 0, 1 } +}; +const ProtobufCMessageDescriptor intercept_message__descriptor = +{ + PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC, + "InterceptMessage", + "InterceptMessage", + "InterceptMessage", + "", + sizeof(InterceptMessage), + 1, + intercept_message__field_descriptors, + intercept_message__field_indices_by_name, + 1, intercept_message__number_ranges, + (ProtobufCMessageInit) intercept_message__init, + NULL,NULL,NULL /* reserved[123] */ +}; +static const ProtobufCFieldDescriptor policy_check_request__field_descriptors[3] = +{ + { + "command", + 1, + PROTOBUF_C_LABEL_NONE, + PROTOBUF_C_TYPE_STRING, + 0, /* quantifier_offset */ + offsetof(PolicyCheckRequest, command), + NULL, + &protobuf_c_empty_string, + 0, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, + { + "argv", + 2, + PROTOBUF_C_LABEL_REPEATED, + PROTOBUF_C_TYPE_STRING, + offsetof(PolicyCheckRequest, n_argv), + offsetof(PolicyCheckRequest, argv), + NULL, + &protobuf_c_empty_string, + 0, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, + { + "envp", + 3, + PROTOBUF_C_LABEL_REPEATED, + PROTOBUF_C_TYPE_STRING, + offsetof(PolicyCheckRequest, n_envp), + offsetof(PolicyCheckRequest, envp), + NULL, + &protobuf_c_empty_string, + 0, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, +}; +static const unsigned policy_check_request__field_indices_by_name[] = { + 1, /* field[1] = argv */ + 0, /* field[0] = command */ + 2, /* field[2] = envp */ +}; +static const ProtobufCIntRange policy_check_request__number_ranges[1 + 1] = +{ + { 1, 0 }, + { 0, 3 } +}; +const ProtobufCMessageDescriptor policy_check_request__descriptor = +{ + PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC, + "PolicyCheckRequest", + "PolicyCheckRequest", + "PolicyCheckRequest", + "", + sizeof(PolicyCheckRequest), + 3, + policy_check_request__field_descriptors, + policy_check_request__field_indices_by_name, + 1, policy_check_request__number_ranges, + (ProtobufCMessageInit) policy_check_request__init, + NULL,NULL,NULL /* reserved[123] */ +}; +static const ProtobufCFieldDescriptor policy_accept_message__field_descriptors[3] = +{ + { + "run_command", + 1, + PROTOBUF_C_LABEL_NONE, + PROTOBUF_C_TYPE_STRING, + 0, /* quantifier_offset */ + offsetof(PolicyAcceptMessage, run_command), + NULL, + &protobuf_c_empty_string, + 0, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, + { + "run_argv", + 2, + PROTOBUF_C_LABEL_REPEATED, + PROTOBUF_C_TYPE_STRING, + offsetof(PolicyAcceptMessage, n_run_argv), + offsetof(PolicyAcceptMessage, run_argv), + NULL, + &protobuf_c_empty_string, + 0, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, + { + "run_envp", + 3, + PROTOBUF_C_LABEL_REPEATED, + PROTOBUF_C_TYPE_STRING, + offsetof(PolicyAcceptMessage, n_run_envp), + offsetof(PolicyAcceptMessage, run_envp), + NULL, + &protobuf_c_empty_string, + 0, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, +}; +static const unsigned policy_accept_message__field_indices_by_name[] = { + 1, /* field[1] = run_argv */ + 0, /* field[0] = run_command */ + 2, /* field[2] = run_envp */ +}; +static const ProtobufCIntRange policy_accept_message__number_ranges[1 + 1] = +{ + { 1, 0 }, + { 0, 3 } +}; +const ProtobufCMessageDescriptor policy_accept_message__descriptor = +{ + PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC, + "PolicyAcceptMessage", + "PolicyAcceptMessage", + "PolicyAcceptMessage", + "", + sizeof(PolicyAcceptMessage), + 3, + policy_accept_message__field_descriptors, + policy_accept_message__field_indices_by_name, + 1, policy_accept_message__number_ranges, + (ProtobufCMessageInit) policy_accept_message__init, + NULL,NULL,NULL /* reserved[123] */ +}; +static const ProtobufCFieldDescriptor policy_reject_message__field_descriptors[1] = +{ + { + "reject_message", + 1, + PROTOBUF_C_LABEL_NONE, + PROTOBUF_C_TYPE_STRING, + 0, /* quantifier_offset */ + offsetof(PolicyRejectMessage, reject_message), + NULL, + &protobuf_c_empty_string, + 0, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, +}; +static const unsigned policy_reject_message__field_indices_by_name[] = { + 0, /* field[0] = reject_message */ +}; +static const ProtobufCIntRange policy_reject_message__number_ranges[1 + 1] = +{ + { 1, 0 }, + { 0, 1 } +}; +const ProtobufCMessageDescriptor policy_reject_message__descriptor = +{ + PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC, + "PolicyRejectMessage", + "PolicyRejectMessage", + "PolicyRejectMessage", + "", + sizeof(PolicyRejectMessage), + 1, + policy_reject_message__field_descriptors, + policy_reject_message__field_indices_by_name, + 1, policy_reject_message__number_ranges, + (ProtobufCMessageInit) policy_reject_message__init, + NULL,NULL,NULL /* reserved[123] */ +}; +static const ProtobufCFieldDescriptor policy_error_message__field_descriptors[1] = +{ + { + "error_message", + 1, + PROTOBUF_C_LABEL_NONE, + PROTOBUF_C_TYPE_STRING, + 0, /* quantifier_offset */ + offsetof(PolicyErrorMessage, error_message), + NULL, + &protobuf_c_empty_string, + 0, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, +}; +static const unsigned policy_error_message__field_indices_by_name[] = { + 0, /* field[0] = error_message */ +}; +static const ProtobufCIntRange policy_error_message__number_ranges[1 + 1] = +{ + { 1, 0 }, + { 0, 1 } +}; +const ProtobufCMessageDescriptor policy_error_message__descriptor = +{ + PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC, + "PolicyErrorMessage", + "PolicyErrorMessage", + "PolicyErrorMessage", + "", + sizeof(PolicyErrorMessage), + 1, + policy_error_message__field_descriptors, + policy_error_message__field_indices_by_name, + 1, policy_error_message__number_ranges, + (ProtobufCMessageInit) policy_error_message__init, + NULL,NULL,NULL /* reserved[123] */ +}; +static const ProtobufCFieldDescriptor policy_check_result__field_descriptors[3] = +{ + { + "accept_msg", + 1, + PROTOBUF_C_LABEL_NONE, + PROTOBUF_C_TYPE_MESSAGE, + offsetof(PolicyCheckResult, type_case), + offsetof(PolicyCheckResult, u.accept_msg), + &policy_accept_message__descriptor, + NULL, + 0 | PROTOBUF_C_FIELD_FLAG_ONEOF, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, + { + "reject_msg", + 2, + PROTOBUF_C_LABEL_NONE, + PROTOBUF_C_TYPE_MESSAGE, + offsetof(PolicyCheckResult, type_case), + offsetof(PolicyCheckResult, u.reject_msg), + &policy_reject_message__descriptor, + NULL, + 0 | PROTOBUF_C_FIELD_FLAG_ONEOF, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, + { + "error_msg", + 3, + PROTOBUF_C_LABEL_NONE, + PROTOBUF_C_TYPE_MESSAGE, + offsetof(PolicyCheckResult, type_case), + offsetof(PolicyCheckResult, u.error_msg), + &policy_error_message__descriptor, + NULL, + 0 | PROTOBUF_C_FIELD_FLAG_ONEOF, /* flags */ + 0,NULL,NULL /* reserved1,reserved2, etc */ + }, +}; +static const unsigned policy_check_result__field_indices_by_name[] = { + 0, /* field[0] = accept_msg */ + 2, /* field[2] = error_msg */ + 1, /* field[1] = reject_msg */ +}; +static const ProtobufCIntRange policy_check_result__number_ranges[1 + 1] = +{ + { 1, 0 }, + { 0, 3 } +}; +const ProtobufCMessageDescriptor policy_check_result__descriptor = +{ + PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC, + "PolicyCheckResult", + "PolicyCheckResult", + "PolicyCheckResult", + "", + sizeof(PolicyCheckResult), + 3, + policy_check_result__field_descriptors, + policy_check_result__field_indices_by_name, + 1, policy_check_result__number_ranges, + (ProtobufCMessageInit) policy_check_result__init, + NULL,NULL,NULL /* reserved[123] */ +}; diff --git a/src/intercept.proto b/src/intercept.proto new file mode 100644 index 000000000..ff8dbbbd6 --- /dev/null +++ b/src/intercept.proto @@ -0,0 +1,47 @@ +syntax = "proto3"; + +/* + * Intercept message from sudo_intercept.so. Messages on the + * wire are prefixed with a 32-bit size in network byte order. + */ +message InterceptMessage { + oneof type { + PolicyCheckRequest policy_check_req = 1; + } +} + +/* + * Policy check request from sudo_intercept.so. + * Note that the plugin API only currently supports passing + * the new environment in to the open() function. + */ +message PolicyCheckRequest { + string command = 1; + repeated string argv = 2; + repeated string envp = 3; +} + +message PolicyAcceptMessage { + string run_command = 1; + repeated string run_argv = 2; + repeated string run_envp = 3; +} + +message PolicyRejectMessage { + string reject_message = 1; +} + +message PolicyErrorMessage { + string error_message = 1; +} + +/* + * Policy check result sent back to sudo_intercept.so. + */ +message PolicyCheckResult { + oneof type { + PolicyAcceptMessage accept_msg = 1; + PolicyRejectMessage reject_msg = 2; + PolicyErrorMessage error_msg = 3; + } +}