aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordec05eba <dec05eba@protonmail.com>2023-04-09 16:39:19 +0200
committerdec05eba <dec05eba@protonmail.com>2023-04-09 16:39:19 +0200
commitefea5741ca807be7924cacaf2e76ab3908524564 (patch)
tree3a6e702292b72d9b506f0977ac8d8a4df9368d4c
parent7dcf3a68cc8027bfa0d865e8a33566b4ae431618 (diff)
Put gsr kms socket in HOME (with random characters) to make sure it works in flatpak as well
-rw-r--r--kms/client/kms_client.c42
-rw-r--r--kms/client/kms_client.h2
2 files changed, 37 insertions, 7 deletions
diff --git a/kms/client/kms_client.c b/kms/client/kms_client.c
index 6730318..f0c6d3c 100644
--- a/kms/client/kms_client.c
+++ b/kms/client/kms_client.c
@@ -7,6 +7,7 @@
#include <signal.h>
#include <limits.h>
#include <stdbool.h>
+#include <fcntl.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/wait.h>
@@ -16,6 +17,28 @@ static bool is_inside_flatpak(void) {
return getenv("FLATPAK_ID") != NULL;
}
+static bool generate_random_characters(char *buffer, int buffer_size, const char *alphabet, size_t alphabet_size) {
+ int fd = open("/dev/urandom", O_RDONLY);
+ if(fd == -1) {
+ perror("/dev/urandom");
+ return false;
+ }
+
+ if(read(fd, buffer, buffer_size) < buffer_size) {
+ fprintf(stderr, "Failed to read %d bytes from /dev/urandom\n", buffer_size);
+ close(fd);
+ return false;
+ }
+
+ for(int i = 0; i < buffer_size; ++i) {
+ unsigned char c = *(unsigned char*)&buffer[i];
+ buffer[i] = alphabet[c % alphabet_size];
+ }
+
+ close(fd);
+ return true;
+}
+
static int send_msg_to_server(int server_fd, gsr_kms_request *request) {
struct iovec iov;
iov.iov_base = request;
@@ -72,6 +95,19 @@ int gsr_kms_client_init(gsr_kms_client *self, const char *card_path) {
struct sockaddr_un local_addr = {0};
struct sockaddr_un remote_addr = {0};
+ // Can't use /tmp because of flatpak
+ const char *home_path = getenv("HOME");
+ if(!home_path)
+ home_path = "/tmp";
+
+ char random_characters[11];
+ random_characters[10] = '\0';
+ if(!generate_random_characters(random_characters, 10, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", 62)) {
+ fprintf(stderr, "gsr error: gsr_kms_client_init: failed to create path to kms socket\n");
+ return -1;
+ }
+ snprintf(self->socket_path, sizeof(self->socket_path), "%s/.gsr-kms-socket-%s", home_path, random_characters);
+
// This doesn't work on nixos, but we dont want to use $PATH because we want to make this as safe as possible by running pkexec
// on a path that only root can modify. If we use "gsr-kms-server" instead then $PATH can be modified in ~/.bashrc for example
// which will overwrite the path to gsr-kms-server and the user can end up running a malicious program that pretends to be gsr-kms-server.
@@ -114,12 +150,6 @@ int gsr_kms_client_init(gsr_kms_client *self, const char *card_path) {
goto err;
}
- strcpy(self->socket_path, "/tmp/gsr-kms-socket-XXXXXX");
- if(!tmpnam(self->socket_path)) {
- fprintf(stderr, "gsr error: gsr_kms_client_init: mkstemp failed, error: %s\n", strerror(errno));
- goto err;
- }
-
self->socket_fd = socket(AF_UNIX, SOCK_STREAM, 0);
if(self->socket_fd == -1) {
fprintf(stderr, "gsr error: gsr_kms_client_init: socket failed, error: %s\n", strerror(errno));
diff --git a/kms/client/kms_client.h b/kms/client/kms_client.h
index a15d869..41de507 100644
--- a/kms/client/kms_client.h
+++ b/kms/client/kms_client.h
@@ -8,7 +8,7 @@ typedef struct {
pid_t kms_server_pid;
int socket_fd;
int client_fd;
- char socket_path[27];
+ char socket_path[255];
char *card_path;
} gsr_kms_client;