[mirror_frr.git] / vtysh / vtysh_main.c

// SPDX-License-Identifier: GPL-2.0-or-later
/* Virtual terminal interface shell.
 * Copyright (C) 2000 Kunihiro Ishiguro
 */

#include <zebra.h>

#include <sys/un.h>
#include <setjmp.h>
#include <sys/wait.h>
#include <pwd.h>
#include <sys/file.h>
#include <unistd.h>

/* readline carries some ancient definitions around */
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wstrict-prototypes"
#include <readline/readline.h>
#include <readline/history.h>
#pragma GCC diagnostic pop

/*
 * The append_history function only appears in newer versions
 * of the readline library it appears like.  Since we don't
 * need this just silently ignore the code on these
 * ancient platforms.
 */
#if !defined HAVE_APPEND_HISTORY
#define append_history(A, B)
#endif

#include <lib/version.h>
#include "getopt.h"
#include "command.h"
#include "memory.h"
#include "linklist.h"
#include "libfrr.h"
#include "ferr.h"
#include "lib_errors.h"

#include "vtysh/vtysh.h"
#include "vtysh/vtysh_user.h"

/* VTY shell program name. */
char *progname;

/* SUID mode */
static uid_t elevuid, realuid;
static gid_t elevgid, realgid;

#define VTYSH_CONFIG_NAME "vtysh.conf"
#define FRR_CONFIG_NAME "frr.conf"

/* Configuration file name and directory. */
static char vtysh_config[MAXPATHLEN * 3];
char frr_config[MAXPATHLEN * 3];
char vtydir[MAXPATHLEN];
static char history_file[MAXPATHLEN];

/* Flag for indicate executing child command. */
int execute_flag = 0;

/* Flag to indicate if in user/unprivileged mode. */
int user_mode;

/* Master of threads. */
struct thread_master *master;

/* Command logging */
FILE *logfile;

static void vtysh_rl_callback(char *line_read)
{
	HIST_ENTRY *last;

	rl_callback_handler_remove();

	if (!line_read) {
		vtysh_loop_exited = true;
		return;
	}

	/* If the line has any text in it, save it on the history. But only if
	 * last command in history isn't the same one.
	 */
	if (*line_read) {
		using_history();
		last = previous_history();
		if (!last || strcmp(last->line, line_read) != 0) {
			add_history(line_read);
			append_history(1, history_file);
		}
	}

	vtysh_execute(line_read);

	if (!vtysh_loop_exited)
		rl_callback_handler_install(vtysh_prompt(), vtysh_rl_callback);

	free(line_read);
}

/* SIGTSTP handler.  This function care user's ^Z input. */
static void sigtstp(int sig)
{
	rl_callback_handler_remove();

	/* Execute "end" command. */
	vtysh_execute("end");

	if (!vtysh_loop_exited)
		rl_callback_handler_install(vtysh_prompt(), vtysh_rl_callback);

	/* Initialize readline. */
	rl_initialize();
	printf("\n");
	rl_forced_update_display();
}

/* SIGINT handler.  This function care user's ^Z input.  */
static void sigint(int sig)
{
	/* Check this process is not child process. */
	if (!execute_flag) {
		rl_initialize();
		printf("\n");
		rl_forced_update_display();
	}
}

/* Signale wrapper for vtysh. We don't use sigevent because
 * vtysh doesn't use threads. TODO */
static void vtysh_signal_set(int signo, void (*func)(int))
{
	struct sigaction sig;
	struct sigaction osig;

	sig.sa_handler = func;
	sigemptyset(&sig.sa_mask);
	sig.sa_flags = 0;
#ifdef SA_RESTART
	sig.sa_flags |= SA_RESTART;
#endif /* SA_RESTART */

	sigaction(signo, &sig, &osig);
}

/* Initialization of signal handles. */
static void vtysh_signal_init(void)
{
	vtysh_signal_set(SIGINT, sigint);
	vtysh_signal_set(SIGTSTP, sigtstp);
	vtysh_signal_set(SIGPIPE, SIG_IGN);
}

/* Help information display. */
static void usage(int status)
{
	if (status != 0)
		fprintf(stderr, "Try `%s --help' for more information.\n",
			progname);
	else
		printf("Usage : %s [OPTION...]\n\n"
		       "Integrated shell for FRR (version " FRR_VERSION
		       "). \n"
		       "Configured with:\n    " FRR_CONFIG_ARGS
		       "\n\n"
		       "-b, --boot               Execute boot startup configuration\n"
		       "-c, --command            Execute argument as command\n"
		       "-d, --daemon             Connect only to the specified daemon\n"
		       "-f, --inputfile          Execute commands from specific file and exit\n"
		       "-E, --echo               Echo prompt and command in -c mode\n"
		       "-C, --dryrun             Check configuration for validity and exit\n"
		       "-m, --markfile           Mark input file with context end\n"
		       "    --vty_socket         Override vty socket path\n"
		       "    --config_dir         Override config directory path\n"
		       "-N  --pathspace          Insert prefix into config & socket paths\n"
		       "-u  --user               Run as an unprivileged user\n"
		       "-w, --writeconfig        Write integrated config (frr.conf) and exit\n"
		       "-H, --histfile           Override history file\n"
		       "-h, --help               Display this help and exit\n\n"
		       "Note that multiple commands may be executed from the command\n"
		       "line by passing multiple -c args, or by embedding linefeed\n"
		       "characters in one or more of the commands.\n\n"
		       "Report bugs to %s\n",
		       progname, FRR_BUG_ADDRESS);

	exit(status);
}

/* VTY shell options, we use GNU getopt library. */
#define OPTION_VTYSOCK 1000
#define OPTION_CONFDIR 1001
struct option longopts[] = {
	{"boot", no_argument, NULL, 'b'},
	/* For compatibility with older zebra/quagga versions */
	{"eval", required_argument, NULL, 'e'},
	{"command", required_argument, NULL, 'c'},
	{"daemon", required_argument, NULL, 'd'},
	{"vty_socket", required_argument, NULL, OPTION_VTYSOCK},
	{"config_dir", required_argument, NULL, OPTION_CONFDIR},
	{"inputfile", required_argument, NULL, 'f'},
	{"histfile", required_argument, NULL, 'H'},
	{"echo", no_argument, NULL, 'E'},
	{"dryrun", no_argument, NULL, 'C'},
	{"help", no_argument, NULL, 'h'},
	{"noerror", no_argument, NULL, 'n'},
	{"mark", no_argument, NULL, 'm'},
	{"writeconfig", no_argument, NULL, 'w'},
	{"pathspace", required_argument, NULL, 'N'},
	{"user", no_argument, NULL, 'u'},
	{"timestamp", no_argument, NULL, 't'},
	{0}};

bool vtysh_loop_exited;

static struct thread *vtysh_rl_read_thread;

static void vtysh_rl_read(struct thread *thread)
{
	thread_add_read(master, vtysh_rl_read, NULL, STDIN_FILENO,
			&vtysh_rl_read_thread);
	rl_callback_read_char();
}

/* Read a string, and return a pointer to it.  Returns NULL on EOF. */
static void vtysh_rl_run(void)
{
	struct thread thread;

	master = thread_master_create(NULL);

	rl_callback_handler_install(vtysh_prompt(), vtysh_rl_callback);
	thread_add_read(master, vtysh_rl_read, NULL, STDIN_FILENO,
			&vtysh_rl_read_thread);

	while (!vtysh_loop_exited && thread_fetch(master, &thread))
		thread_call(&thread);

	if (!vtysh_loop_exited)
		rl_callback_handler_remove();

	thread_master_free(master);
}

static void log_it(const char *line)
{
	time_t t = time(NULL);
	struct tm tmp;
	const char *user = getenv("USER");
	char tod[64];

	localtime_r(&t, &tmp);
	if (!user)
		user = "boot";

	strftime(tod, sizeof(tod), "%Y%m%d-%H:%M.%S", &tmp);

	fprintf(logfile, "%s:%s %s\n", tod, user, line);
}

static int flock_fd;

static void vtysh_flock_config(const char *flock_file)
{
	int count = 0;

	flock_fd = open(flock_file, O_RDONLY, 0644);
	if (flock_fd < 0) {
		fprintf(stderr, "Unable to create lock file: %s, %s\n",
			flock_file, safe_strerror(errno));
		return;
	}

	while (count < 400 && (flock(flock_fd, LOCK_EX | LOCK_NB) < 0)) {
		count++;
		usleep(500000);
	}

	if (count >= 400)
		fprintf(stderr,
			"Flock of %s failed, continuing this may cause issues\n",
			flock_file);
}

static void vtysh_unflock_config(void)
{
	flock(flock_fd, LOCK_UN);
	close(flock_fd);
}

void suid_on(void)
{
	if (elevuid != realuid && seteuid(elevuid)) {
		perror("seteuid(on)");
		exit(1);
	}
	if (elevgid != realgid && setegid(elevgid)) {
		perror("setegid(on)");
		exit(1);
	}
}

void suid_off(void)
{
	if (elevuid != realuid && seteuid(realuid)) {
		perror("seteuid(off)");
		exit(1);
	}
	if (elevgid != realgid && setegid(realgid)) {
		perror("setegid(off)");
		exit(1);
	}
}

/* VTY shell main routine. */
int main(int argc, char **argv, char **env)
{
	char *p;
	int opt;
	int dryrun = 0;
	int boot_flag = 0;
	bool ts_flag = false;
	const char *daemon_name = NULL;
	const char *inputfile = NULL;
	struct cmd_rec {
		char *line;
		struct cmd_rec *next;
	} *cmd = NULL;
	struct cmd_rec *tail = NULL;
	int echo_command = 0;
	int no_error = 0;
	int markfile = 0;
	int writeconfig = 0;
	int ret = 0;
	char *homedir = NULL;
	int ditch_suid = 0;
	char sysconfdir[MAXPATHLEN];
	const char *pathspace_arg = NULL;
	char pathspace[MAXPATHLEN] = "";
	const char *histfile = NULL;
	const char *histfile_env = getenv("VTYSH_HISTFILE");

	/* SUID: drop down to calling user & go back up when needed */
	elevuid = geteuid();
	elevgid = getegid();
	realuid = getuid();
	realgid = getgid();
	suid_off();

	user_mode = 0;		/* may be set in options processing */

	/* Preserve name of myself. */
	progname = ((p = strrchr(argv[0], '/')) ? ++p : argv[0]);

	strlcpy(sysconfdir, frr_sysconfdir, sizeof(sysconfdir));

	frr_init_vtydir();
	strlcpy(vtydir, frr_vtydir, sizeof(vtydir));

	/* Option handling. */
	while (1) {
		opt = getopt_long(argc, argv, "be:c:d:nf:H:mEhCwN:ut", longopts,
				  0);

		if (opt == EOF)
			break;

		switch (opt) {
		case 0:
			break;
		case 'b':
			boot_flag = 1;
			break;
		case 'e':
		case 'c': {
			struct cmd_rec *cr;
			cr = XMALLOC(MTYPE_TMP, sizeof(*cr));
			cr->line = optarg;
			cr->next = NULL;
			if (tail)
				tail->next = cr;
			else
				cmd = cr;
			tail = cr;
		} break;
		case OPTION_VTYSOCK:
			ditch_suid = 1; /* option disables SUID */
			strlcpy(vtydir, optarg, sizeof(vtydir));
			break;
		case OPTION_CONFDIR:
			ditch_suid = 1; /* option disables SUID */
			snprintf(sysconfdir, sizeof(sysconfdir), "%s/", optarg);
			break;
		case 'N':
			if (strchr(optarg, '/') || strchr(optarg, '.')) {
				fprintf(stderr,
					"slashes or dots are not permitted in the --pathspace option.\n");
				exit(1);
			}
			pathspace_arg = optarg;
			snprintf(pathspace, sizeof(pathspace), "%s/", optarg);
			break;
		case 'd':
			daemon_name = optarg;
			break;
		case 'f':
			inputfile = optarg;
			break;
		case 'm':
			markfile = 1;
			break;
		case 'n':
			no_error = 1;
			break;
		case 'E':
			echo_command = 1;
			break;
		case 'C':
			dryrun = 1;
			break;
		case 'u':
			user_mode = 1;
			break;
		case 't':
			ts_flag = true;
			break;
		case 'w':
			writeconfig = 1;
			break;
		case 'h':
			usage(0);
			break;
		case 'H':
			histfile = optarg;
			break;
		default:
			usage(1);
			break;
		}
	}

	if (ditch_suid) {
		elevuid = realuid;
		elevgid = realgid;
	}

	if (markfile + writeconfig + dryrun + boot_flag > 1) {
		fprintf(stderr,
			"Invalid combination of arguments.  Please specify at most one of:\n\t-b, -C, -m, -w\n");
		return 1;
	}
	if (inputfile && (writeconfig || boot_flag)) {
		fprintf(stderr,
			"WARNING: Combinining the -f option with -b or -w is NOT SUPPORTED since its\nresults are inconsistent!\n");
	}

	snprintf(vtysh_config, sizeof(vtysh_config), "%s%s%s", sysconfdir,
		 pathspace, VTYSH_CONFIG_NAME);
	snprintf(frr_config, sizeof(frr_config), "%s%s%s", sysconfdir,
		 pathspace, FRR_CONFIG_NAME);

	if (pathspace_arg) {
		strlcat(vtydir, "/", sizeof(vtydir));
		strlcat(vtydir, pathspace_arg, sizeof(vtydir));
	}

	/* Initialize user input buffer. */
	setlinebuf(stdout);

	/* Signal and others. */
	vtysh_signal_init();

	/* Make vty structure and register commands. */
	vtysh_init_vty();
	vtysh_init_cmd();
	vtysh_user_init();
	vtysh_config_init();

	vty_init_vtysh();

	if (!user_mode) {
		/* Read vtysh configuration file before connecting to daemons.
		 * (file may not be readable to calling user in SUID mode) */
		suid_on();
		vtysh_read_config(vtysh_config, dryrun);
		suid_off();
	}
	/* Error code library system */
	log_ref_init();
	lib_error_init();

	if (markfile) {
		if (!inputfile) {
			fprintf(stderr,
				"-f option MUST be specified with -m option\n");
			return 1;
		}
		return (vtysh_mark_file(inputfile));
	}

	/* Start execution only if not in dry-run mode */
	if (dryrun && !cmd) {
		if (inputfile) {
			ret = vtysh_read_config(inputfile, dryrun);
		} else {
			ret = vtysh_read_config(frr_config, dryrun);
		}

		exit(ret);
	}

	if (dryrun && cmd && cmd->line) {
		if (!user_mode)
			vtysh_execute("enable");
		while (cmd) {
			struct cmd_rec *cr;
			char *cmdnow = cmd->line, *next;
			do {
				next = strchr(cmdnow, '\n');
				if (next)
					*next++ = '\0';

				if (echo_command)
					printf("%s%s\n", vtysh_prompt(),
					       cmdnow);

				ret = vtysh_execute_no_pager(cmdnow);
				if (!no_error
				    && !(ret == CMD_SUCCESS
					 || ret == CMD_SUCCESS_DAEMON
					 || ret == CMD_WARNING))
					exit(1);
			} while ((cmdnow = next) != NULL);

			cr = cmd;
			cmd = cmd->next;
			XFREE(MTYPE_TMP, cr);
		}
		exit(ret);
	}

	/* Ignore error messages */
	if (no_error) {
		if (freopen("/dev/null", "w", stdout) == NULL) {
			fprintf(stderr,
				"Exiting: Failed to duplicate stdout with -n option");
			exit(1);
		}
	}

	/* SUID: go back up elevated privs */
	suid_on();

	/* Make sure we pass authentication before proceeding. */
	vtysh_auth();

	/* Do not connect until we have passed authentication. */
	if (vtysh_connect_all(daemon_name) <= 0) {
		fprintf(stderr, "Exiting: failed to connect to any daemons.\n");
		if (geteuid() != 0)
			fprintf(stderr,
				"Hint: if this seems wrong, try running me as a privileged user!\n");
		if (no_error)
			exit(0);
		else
			exit(1);
	}

	/* SUID: back down, don't need privs further on */
	suid_off();

	if (writeconfig) {
		if (user_mode) {
			fprintf(stderr,
				"writeconfig cannot be used when running as an unprivileged user.\n");
			if (no_error)
				exit(0);
			else
				exit(1);
		}
		vtysh_execute("enable");
		return vtysh_write_config_integrated();
	}

	if (inputfile) {
		vtysh_flock_config(inputfile);
		ret = vtysh_read_config(inputfile, dryrun);
		vtysh_unflock_config();
		exit(ret);
	}

	/*
	 * Setup history file for use by both -c and regular input
	 * If we can't find the home directory, then don't store
	 * the history information.
	 * VTYSH_HISTFILE is preferred over command line
	 * argument (-H/--histfile).
	 */
	if (histfile_env) {
		strlcpy(history_file, histfile_env, sizeof(history_file));
	} else if (histfile) {
		strlcpy(history_file, histfile, sizeof(history_file));
	} else {
		homedir = vtysh_get_home();
		if (homedir)
			snprintf(history_file, sizeof(history_file),
				 "%s/.history_frr", homedir);
	}

	if (strlen(history_file) > 0) {
		if (read_history(history_file) != 0) {
			int fp;

			fp = open(history_file, O_CREAT | O_EXCL,
				  S_IRUSR | S_IWUSR);
			if (fp != -1)
				close(fp);

			read_history(history_file);
		}
	}

	if (getenv("VTYSH_LOG")) {
		const char *logpath = getenv("VTYSH_LOG");

		logfile = fopen(logpath, "a");
		if (!logfile) {
			fprintf(stderr, "Failed to open logfile (%s): %s\n",
				logpath, strerror(errno));
			exit(1);
		}
	}

	/* If eval mode. */
	if (cmd && cmd->line) {
		/* Enter into enable node. */
		if (!user_mode)
			vtysh_execute("enable");

		vtysh_add_timestamp = ts_flag;

		while (cmd != NULL) {
			char *eol;

			while ((eol = strchr(cmd->line, '\n')) != NULL) {
				*eol = '\0';

				add_history(cmd->line);
				append_history(1, history_file);

				if (echo_command)
					printf("%s%s\n", vtysh_prompt(),
					       cmd->line);

				if (logfile)
					log_it(cmd->line);

				ret = vtysh_execute_no_pager(cmd->line);
				if (!no_error
				    && !(ret == CMD_SUCCESS
					 || ret == CMD_SUCCESS_DAEMON
					 || ret == CMD_WARNING))
					exit(1);

				cmd->line = eol + 1;
			}

			add_history(cmd->line);
			append_history(1, history_file);

			if (echo_command)
				printf("%s%s\n", vtysh_prompt(), cmd->line);

			if (logfile)
				log_it(cmd->line);

			/*
			 * Parsing logic for regular commands will be different
			 * than for those commands requiring further
			 * processing, such as cli instructions terminating
			 * with question-mark character.
			 */
			if (!vtysh_execute_command_questionmark(cmd->line))
				ret = CMD_SUCCESS;
			else
				ret = vtysh_execute_no_pager(cmd->line);

			if (!no_error
			    && !(ret == CMD_SUCCESS || ret == CMD_SUCCESS_DAEMON
				 || ret == CMD_WARNING))
				exit(1);

			{
				struct cmd_rec *cr;
				cr = cmd;
				cmd = cmd->next;
				XFREE(MTYPE_TMP, cr);
			}
		}

		history_truncate_file(history_file, 1000);
		exit(0);
	}

	/* Boot startup configuration file. */
	if (boot_flag) {
		vtysh_flock_config(frr_config);
		ret = vtysh_read_config(frr_config, dryrun);
		vtysh_unflock_config();
		if (ret) {
			fprintf(stderr,
				"Configuration file[%s] processing failure: %d\n",
				frr_config, ret);
			if (no_error)
				exit(0);
			else
				exit(ret);
		} else
			exit(0);
	}

	vtysh_readline_init();

	vty_hello(vty);

	/* Enter into enable node. */
	if (!user_mode)
		vtysh_execute("enable");

	vtysh_add_timestamp = ts_flag;

	/* Main command loop. */
	vtysh_rl_run();

	vtysh_uninit();

	history_truncate_file(history_file, 1000);
	printf("\n");

	/* Rest in peace. */
	exit(0);
}
Commit	Line	Data
acddc0ed	1	// SPDX-License-Identifier: GPL-2.0-or-later
718e3744	2	/* Virtual terminal interface shell.
718e3744	3	* Copyright (C) 2000 Kunihiro Ishiguro
718e3744	4	*/
	5
	6	#include <zebra.h>
	7
	8	#include <sys/un.h>
	9	#include <setjmp.h>
	10	#include <sys/wait.h>
	11	#include <pwd.h>
e43716f6 DS	12	#include <sys/file.h>
e43716f6 DS	13	#include <unistd.h>
718e3744	14
9c149084 DL	15	/* readline carries some ancient definitions around */
	16	#pragma GCC diagnostic push
	17	#pragma GCC diagnostic ignored "-Wstrict-prototypes"
718e3744	18	#include <readline/readline.h>
718e3744	19	#include <readline/history.h>
9c149084	20	#pragma GCC diagnostic pop
718e3744	21
8860ffdc DS	22	/*
	23	* The append_history function only appears in newer versions
	24	* of the readline library it appears like. Since we don't
	25	* need this just silently ignore the code on these
	26	* ancient platforms.
	27	*/
	28	#if !defined HAVE_APPEND_HISTORY
	29	#define append_history(A, B)
	30	#endif
	31
5e4fa164	32	#include <lib/version.h>
718e3744	33	#include "getopt.h"
718e3744	34	#include "command.h"
f366ad31	35	#include "memory.h"
4201dd11	36	#include "linklist.h"
eb05883f	37	#include "libfrr.h"
1f9128d6 QY	38	#include "ferr.h"
1f9128d6 QY	39	#include "lib_errors.h"
718e3744	40
	41	#include "vtysh/vtysh.h"
	42	#include "vtysh/vtysh_user.h"
b094d260	43
718e3744	44	/* VTY shell program name. */
	45	char *progname;
	46
32f3268f DL	47	/* SUID mode */
	48	static uid_t elevuid, realuid;
	49	static gid_t elevgid, realgid;
	50
9b8a8249 DL	51	#define VTYSH_CONFIG_NAME "vtysh.conf"
	52	#define FRR_CONFIG_NAME "frr.conf"
	53
67e29abc	54	/* Configuration file name and directory. */
ff44f570 DS	55	static char vtysh_config[MAXPATHLEN * 3];
ff44f570 DS	56	char frr_config[MAXPATHLEN * 3];
9b8a8249 DL	57	char vtydir[MAXPATHLEN];
9b8a8249 DL	58	static char history_file[MAXPATHLEN];
718e3744	59
718e3744	60	/* Flag for indicate executing child command. */
	61	int execute_flag = 0;
	62
86b28610	63	/* Flag to indicate if in user/unprivileged mode. */
186f6af2	64	int user_mode;
86b28610	65
718e3744	66	/* Master of threads. */
718e3744	67	struct thread_master *master;
b094d260	68
57fb9748 SH	69	/* Command logging */
	70	FILE *logfile;
	71
149a3fff DA	72	static void vtysh_rl_callback(char *line_read)
	73	{
	74	HIST_ENTRY *last;
	75
	76	rl_callback_handler_remove();
	77
	78	if (!line_read) {
	79	vtysh_loop_exited = true;
	80	return;
	81	}
	82
	83	/* If the line has any text in it, save it on the history. But only if
	84	* last command in history isn't the same one.
	85	*/
	86	if (*line_read) {
	87	using_history();
	88	last = previous_history();
	89	if (!last \|\| strcmp(last->line, line_read) != 0) {
	90	add_history(line_read);
	91	append_history(1, history_file);
	92	}
	93	}
	94
	95	vtysh_execute(line_read);
	96
	97	if (!vtysh_loop_exited)
	98	rl_callback_handler_install(vtysh_prompt(), vtysh_rl_callback);
5098d577 DS	99
5098d577 DS	100	free(line_read);
149a3fff DA	101	}
149a3fff DA	102
718e3744	103	/* SIGTSTP handler. This function care user's ^Z input. */
d62a17ae	104	static void sigtstp(int sig)
718e3744	105	{
149a3fff DA	106	rl_callback_handler_remove();
149a3fff DA	107
d62a17ae	108	/* Execute "end" command. */
d62a17ae	109	vtysh_execute("end");
718e3744	110
149a3fff DA	111	if (!vtysh_loop_exited)
	112	rl_callback_handler_install(vtysh_prompt(), vtysh_rl_callback);
	113
d62a17ae	114	/* Initialize readline. */
	115	rl_initialize();
	116	printf("\n");
149a3fff	117	rl_forced_update_display();
718e3744	118	}
	119
	120	/* SIGINT handler. This function care user's ^Z input. */
d62a17ae	121	static void sigint(int sig)
718e3744	122	{
d62a17ae	123	/* Check this process is not child process. */
	124	if (!execute_flag) {
	125	rl_initialize();
	126	printf("\n");
	127	rl_forced_update_display();
	128	}
718e3744	129	}
718e3744	130
e42f5a37	131	/* Signale wrapper for vtysh. We don't use sigevent because
e42f5a37	132	* vtysh doesn't use threads. TODO */
d62a17ae	133	static void vtysh_signal_set(int signo, void (*func)(int))
718e3744	134	{
d62a17ae	135	struct sigaction sig;
d62a17ae	136	struct sigaction osig;
718e3744	137
d62a17ae	138	sig.sa_handler = func;
	139	sigemptyset(&sig.sa_mask);
	140	sig.sa_flags = 0;
718e3744	141	#ifdef SA_RESTART
d62a17ae	142	sig.sa_flags \|= SA_RESTART;
718e3744	143	#endif /* SA_RESTART */
718e3744	144
d62a17ae	145	sigaction(signo, &sig, &osig);
718e3744	146	}
	147
	148	/* Initialization of signal handles. */
d62a17ae	149	static void vtysh_signal_init(void)
718e3744	150	{
d62a17ae	151	vtysh_signal_set(SIGINT, sigint);
	152	vtysh_signal_set(SIGTSTP, sigtstp);
	153	vtysh_signal_set(SIGPIPE, SIG_IGN);
718e3744	154	}
b094d260	155
718e3744	156	/* Help information display. */
d62a17ae	157	static void usage(int status)
718e3744	158	{
d62a17ae	159	if (status != 0)
	160	fprintf(stderr, "Try `%s --help' for more information.\n",
	161	progname);
	162	else
	163	printf("Usage : %s [OPTION...]\n\n"
69d4cc70 DA	164	"Integrated shell for FRR (version " FRR_VERSION
	165	"). \n"
	166	"Configured with:\n " FRR_CONFIG_ARGS
	167	"\n\n"
d62a17ae	168	"-b, --boot Execute boot startup configuration\n"
	169	"-c, --command Execute argument as command\n"
	170	"-d, --daemon Connect only to the specified daemon\n"
	171	"-f, --inputfile Execute commands from specific file and exit\n"
	172	"-E, --echo Echo prompt and command in -c mode\n"
	173	"-C, --dryrun Check configuration for validity and exit\n"
	174	"-m, --markfile Mark input file with context end\n"
	175	" --vty_socket Override vty socket path\n"
	176	" --config_dir Override config directory path\n"
8bd33a03	177	"-N --pathspace Insert prefix into config & socket paths\n"
86b28610	178	"-u --user Run as an unprivileged user\n"
d62a17ae	179	"-w, --writeconfig Write integrated config (frr.conf) and exit\n"
69d4cc70	180	"-H, --histfile Override history file\n"
d62a17ae	181	"-h, --help Display this help and exit\n\n"
	182	"Note that multiple commands may be executed from the command\n"
	183	"line by passing multiple -c args, or by embedding linefeed\n"
	184	"characters in one or more of the commands.\n\n"
	185	"Report bugs to %s\n",
	186	progname, FRR_BUG_ADDRESS);
	187
	188	exit(status);
718e3744	189	}
	190
	191	/* VTY shell options, we use GNU getopt library. */
87d79a9f	192	#define OPTION_VTYSOCK 1000
ce2e9ec3	193	#define OPTION_CONFDIR 1001
d62a17ae	194	struct option longopts[] = {
	195	{"boot", no_argument, NULL, 'b'},
	196	/* For compatibility with older zebra/quagga versions */
	197	{"eval", required_argument, NULL, 'e'},
	198	{"command", required_argument, NULL, 'c'},
	199	{"daemon", required_argument, NULL, 'd'},
	200	{"vty_socket", required_argument, NULL, OPTION_VTYSOCK},
	201	{"config_dir", required_argument, NULL, OPTION_CONFDIR},
	202	{"inputfile", required_argument, NULL, 'f'},
69d4cc70	203	{"histfile", required_argument, NULL, 'H'},
d62a17ae	204	{"echo", no_argument, NULL, 'E'},
	205	{"dryrun", no_argument, NULL, 'C'},
	206	{"help", no_argument, NULL, 'h'},
	207	{"noerror", no_argument, NULL, 'n'},
	208	{"mark", no_argument, NULL, 'm'},
	209	{"writeconfig", no_argument, NULL, 'w'},
bd29d463	210	{"pathspace", required_argument, NULL, 'N'},
86b28610	211	{"user", no_argument, NULL, 'u'},
744bc17d	212	{"timestamp", no_argument, NULL, 't'},
d62a17ae	213	{0}};
b094d260	214
4c92dd90 DL	215	bool vtysh_loop_exited;
4c92dd90 DL	216
4c92dd90 DL	217	static struct thread *vtysh_rl_read_thread;
	218
	219	static void vtysh_rl_read(struct thread *thread)
	220	{
	221	thread_add_read(master, vtysh_rl_read, NULL, STDIN_FILENO,
	222	&vtysh_rl_read_thread);
	223	rl_callback_read_char();
	224	}
	225
	226	/* Read a string, and return a pointer to it. Returns NULL on EOF. */
	227	static void vtysh_rl_run(void)
	228	{
	229	struct thread thread;
	230
	231	master = thread_master_create(NULL);
	232
	233	rl_callback_handler_install(vtysh_prompt(), vtysh_rl_callback);
	234	thread_add_read(master, vtysh_rl_read, NULL, STDIN_FILENO,
	235	&vtysh_rl_read_thread);
	236
	237	while (!vtysh_loop_exited && thread_fetch(master, &thread))
	238	thread_call(&thread);
	239
	240	if (!vtysh_loop_exited)
	241	rl_callback_handler_remove();
	242
	243	thread_master_free(master);
718e3744	244	}
b094d260	245
57fb9748 SH	246	static void log_it(const char *line)
57fb9748 SH	247	{
d62a17ae	248	time_t t = time(NULL);
a2700b50	249	struct tm tmp;
d62a17ae	250	const char *user = getenv("USER");
d62a17ae	251	char tod[64];
57fb9748	252
a2700b50	253	localtime_r(&t, &tmp);
d62a17ae	254	if (!user)
d62a17ae	255	user = "boot";
f03db93b	256
0d6f7fd6	257	strftime(tod, sizeof(tod), "%Y%m%d-%H:%M.%S", &tmp);
d62a17ae	258
d62a17ae	259	fprintf(logfile, "%s:%s %s\n", tod, user, line);
57fb9748 SH	260	}
57fb9748 SH	261
e43716f6 DS	262	static int flock_fd;
e43716f6 DS	263
d62a17ae	264	static void vtysh_flock_config(const char *flock_file)
e43716f6	265	{
d62a17ae	266	int count = 0;
	267
	268	flock_fd = open(flock_file, O_RDONLY, 0644);
	269	if (flock_fd < 0) {
	270	fprintf(stderr, "Unable to create lock file: %s, %s\n",
	271	flock_file, safe_strerror(errno));
	272	return;
	273	}
	274
	275	while (count < 400 && (flock(flock_fd, LOCK_EX \| LOCK_NB) < 0)) {
	276	count++;
	277	usleep(500000);
	278	}
	279
	280	if (count >= 400)
	281	fprintf(stderr,
	282	"Flock of %s failed, continuing this may cause issues\n",
	283	flock_file);
e43716f6 DS	284	}
e43716f6 DS	285
d62a17ae	286	static void vtysh_unflock_config(void)
e43716f6	287	{
d62a17ae	288	flock(flock_fd, LOCK_UN);
d62a17ae	289	close(flock_fd);
e43716f6 DS	290	}
e43716f6 DS	291
32f3268f DL	292	void suid_on(void)
	293	{
	294	if (elevuid != realuid && seteuid(elevuid)) {
	295	perror("seteuid(on)");
	296	exit(1);
	297	}
	298	if (elevgid != realgid && setegid(elevgid)) {
	299	perror("setegid(on)");
	300	exit(1);
	301	}
	302	}
	303
	304	void suid_off(void)
	305	{
	306	if (elevuid != realuid && seteuid(realuid)) {
	307	perror("seteuid(off)");
	308	exit(1);
	309	}
	310	if (elevgid != realgid && setegid(realgid)) {
	311	perror("setegid(off)");
	312	exit(1);
	313	}
	314	}
	315
718e3744	316	/* VTY shell main routine. */
d62a17ae	317	int main(int argc, char argv, char env)
718e3744	318	{
d62a17ae	319	char *p;
	320	int opt;
	321	int dryrun = 0;
	322	int boot_flag = 0;
744bc17d	323	bool ts_flag = false;
d62a17ae	324	const char *daemon_name = NULL;
d62a17ae	325	const char *inputfile = NULL;
d62a17ae	326	struct cmd_rec {
	327	char *line;
	328	struct cmd_rec *next;
	329	} *cmd = NULL;
	330	struct cmd_rec *tail = NULL;
	331	int echo_command = 0;
	332	int no_error = 0;
	333	int markfile = 0;
	334	int writeconfig = 0;
	335	int ret = 0;
	336	char *homedir = NULL;
32f3268f	337	int ditch_suid = 0;
9b8a8249	338	char sysconfdir[MAXPATHLEN];
1dede1f8	339	const char *pathspace_arg = NULL;
8bd33a03	340	char pathspace[MAXPATHLEN] = "";
69d4cc70	341	const char *histfile = NULL;
99a9f25c	342	const char *histfile_env = getenv("VTYSH_HISTFILE");
d62a17ae	343
32f3268f DL	344	/* SUID: drop down to calling user & go back up when needed */
	345	elevuid = geteuid();
	346	elevgid = getegid();
	347	realuid = getuid();
	348	realgid = getgid();
	349	suid_off();
d62a17ae	350
186f6af2 LB	351	user_mode = 0; /* may be set in options processing */
186f6af2 LB	352
d62a17ae	353	/* Preserve name of myself. */
	354	progname = ((p = strrchr(argv[0], '/')) ? ++p : argv[0]);
	355
9b8a8249	356	strlcpy(sysconfdir, frr_sysconfdir, sizeof(sysconfdir));
43e587c1 DS	357
43e587c1 DS	358	frr_init_vtydir();
9b8a8249 DL	359	strlcpy(vtydir, frr_vtydir, sizeof(vtydir));
9b8a8249 DL	360
d62a17ae	361	/* Option handling. */
d62a17ae	362	while (1) {
744bc17d	363	opt = getopt_long(argc, argv, "be:c:d:nf:H:mEhCwN:ut", longopts,
69d4cc70	364	0);
d62a17ae	365
	366	if (opt == EOF)
	367	break;
	368
	369	switch (opt) {
	370	case 0:
	371	break;
	372	case 'b':
	373	boot_flag = 1;
	374	break;
	375	case 'e':
	376	case 'c': {
	377	struct cmd_rec *cr;
	378	cr = XMALLOC(MTYPE_TMP, sizeof(*cr));
	379	cr->line = optarg;
	380	cr->next = NULL;
	381	if (tail)
	382	tail->next = cr;
	383	else
	384	cmd = cr;
	385	tail = cr;
	386	} break;
	387	case OPTION_VTYSOCK:
32f3268f	388	ditch_suid = 1; /* option disables SUID */
9b8a8249	389	strlcpy(vtydir, optarg, sizeof(vtydir));
d62a17ae	390	break;
d62a17ae	391	case OPTION_CONFDIR:
32f3268f	392	ditch_suid = 1; /* option disables SUID */
45d00587	393	snprintf(sysconfdir, sizeof(sysconfdir), "%s/", optarg);
d62a17ae	394	break;
8bd33a03 DL	395	case 'N':
	396	if (strchr(optarg, '/') \|\| strchr(optarg, '.')) {
	397	fprintf(stderr,
	398	"slashes or dots are not permitted in the --pathspace option.\n");
	399	exit(1);
	400	}
1dede1f8 CF	401	pathspace_arg = optarg;
1dede1f8 CF	402	snprintf(pathspace, sizeof(pathspace), "%s/", optarg);
8bd33a03	403	break;
d62a17ae	404	case 'd':
	405	daemon_name = optarg;
	406	break;
	407	case 'f':
	408	inputfile = optarg;
	409	break;
	410	case 'm':
	411	markfile = 1;
	412	break;
	413	case 'n':
	414	no_error = 1;
	415	break;
	416	case 'E':
	417	echo_command = 1;
	418	break;
	419	case 'C':
	420	dryrun = 1;
	421	break;
86b28610 LB	422	case 'u':
	423	user_mode = 1;
	424	break;
744bc17d CH	425	case 't':
	426	ts_flag = true;
	427	break;
d62a17ae	428	case 'w':
	429	writeconfig = 1;
	430	break;
	431	case 'h':
	432	usage(0);
	433	break;
69d4cc70 DA	434	case 'H':
	435	histfile = optarg;
	436	break;
d62a17ae	437	default:
	438	usage(1);
	439	break;
	440	}
	441	}
	442
32f3268f DL	443	if (ditch_suid) {
	444	elevuid = realuid;
	445	elevgid = realgid;
	446	}
	447
d62a17ae	448	if (markfile + writeconfig + dryrun + boot_flag > 1) {
d62a17ae	449	fprintf(stderr,
3efd0893	450	"Invalid combination of arguments. Please specify at most one of:\n\t-b, -C, -m, -w\n");
d62a17ae	451	return 1;
	452	}
	453	if (inputfile && (writeconfig \|\| boot_flag)) {
	454	fprintf(stderr,
3efd0893	455	"WARNING: Combinining the -f option with -b or -w is NOT SUPPORTED since its\nresults are inconsistent!\n");
d62a17ae	456	}
d62a17ae	457
e82314b1	458	snprintf(vtysh_config, sizeof(vtysh_config), "%s%s%s", sysconfdir,
60466a63	459	pathspace, VTYSH_CONFIG_NAME);
e82314b1	460	snprintf(frr_config, sizeof(frr_config), "%s%s%s", sysconfdir,
60466a63	461	pathspace, FRR_CONFIG_NAME);
1dede1f8 CF	462
	463	if (pathspace_arg) {
	464	strlcat(vtydir, "/", sizeof(vtydir));
	465	strlcat(vtydir, pathspace_arg, sizeof(vtydir));
	466	}
9b8a8249	467
d62a17ae	468	/* Initialize user input buffer. */
d62a17ae	469	setlinebuf(stdout);
	470
	471	/* Signal and others. */
	472	vtysh_signal_init();
	473
	474	/* Make vty structure and register commands. */
	475	vtysh_init_vty();
	476	vtysh_init_cmd();
	477	vtysh_user_init();
	478	vtysh_config_init();
	479
	480	vty_init_vtysh();
	481
86b28610 LB	482	if (!user_mode) {
	483	/* Read vtysh configuration file before connecting to daemons.
	484	* (file may not be readable to calling user in SUID mode) */
	485	suid_on();
77f7b4b0	486	vtysh_read_config(vtysh_config, dryrun);
86b28610 LB	487	suid_off();
86b28610 LB	488	}
1f9128d6 QY	489	/* Error code library system */
	490	log_ref_init();
	491	lib_error_init();
d62a17ae	492
	493	if (markfile) {
	494	if (!inputfile) {
	495	fprintf(stderr,
	496	"-f option MUST be specified with -m option\n");
95f7965d	497	return 1;
d62a17ae	498	}
	499	return (vtysh_mark_file(inputfile));
	500	}
	501
	502	/* Start execution only if not in dry-run mode */
	503	if (dryrun && !cmd) {
	504	if (inputfile) {
77f7b4b0	505	ret = vtysh_read_config(inputfile, dryrun);
d62a17ae	506	} else {
77f7b4b0	507	ret = vtysh_read_config(frr_config, dryrun);
d62a17ae	508	}
	509
	510	exit(ret);
718e3744	511	}
d62a17ae	512
47402c0f	513	if (dryrun && cmd && cmd->line) {
f205fcdb LB	514	if (!user_mode)
f205fcdb LB	515	vtysh_execute("enable");
d62a17ae	516	while (cmd) {
	517	struct cmd_rec *cr;
	518	char cmdnow = cmd->line, next;
	519	do {
	520	next = strchr(cmdnow, '\n');
	521	if (next)
	522	*next++ = '\0';
	523
	524	if (echo_command)
	525	printf("%s%s\n", vtysh_prompt(),
	526	cmdnow);
	527
	528	ret = vtysh_execute_no_pager(cmdnow);
	529	if (!no_error
	530	&& !(ret == CMD_SUCCESS
	531	\|\| ret == CMD_SUCCESS_DAEMON
	532	\|\| ret == CMD_WARNING))
	533	exit(1);
	534	} while ((cmdnow = next) != NULL);
	535
	536	cr = cmd;
	537	cmd = cmd->next;
	538	XFREE(MTYPE_TMP, cr);
	539	}
	540	exit(ret);
0846286b	541	}
d62a17ae	542
	543	/* Ignore error messages */
	544	if (no_error) {
	545	if (freopen("/dev/null", "w", stdout) == NULL) {
	546	fprintf(stderr,
	547	"Exiting: Failed to duplicate stdout with -n option");
	548	exit(1);
	549	}
0846286b	550	}
d62a17ae	551
32f3268f DL	552	/* SUID: go back up elevated privs */
	553	suid_on();
	554
d62a17ae	555	/* Make sure we pass authentication before proceeding. */
	556	vtysh_auth();
	557
	558	/* Do not connect until we have passed authentication. */
	559	if (vtysh_connect_all(daemon_name) <= 0) {
	560	fprintf(stderr, "Exiting: failed to connect to any daemons.\n");
14275475 QY	561	if (geteuid() != 0)
	562	fprintf(stderr,
	563	"Hint: if this seems wrong, try running me as a privileged user!\n");
d62a17ae	564	if (no_error)
	565	exit(0);
	566	else
	567	exit(1);
3221dca8	568	}
cd272640	569
32f3268f DL	570	/* SUID: back down, don't need privs further on */
	571	suid_off();
	572
d62a17ae	573	if (writeconfig) {
f205fcdb LB	574	if (user_mode) {
	575	fprintf(stderr,
	576	"writeconfig cannot be used when running as an unprivileged user.\n");
	577	if (no_error)
	578	exit(0);
	579	else
	580	exit(1);
	581	}
d62a17ae	582	vtysh_execute("enable");
d62a17ae	583	return vtysh_write_config_integrated();
7a49a5b5	584	}
d62a17ae	585
	586	if (inputfile) {
	587	vtysh_flock_config(inputfile);
77f7b4b0	588	ret = vtysh_read_config(inputfile, dryrun);
d62a17ae	589	vtysh_unflock_config();
d62a17ae	590	exit(ret);
fba55c8a	591	}
d62a17ae	592
	593	/*
	594	* Setup history file for use by both -c and regular input
	595	* If we can't find the home directory, then don't store
69d4cc70	596	* the history information.
11743d10	597	* VTYSH_HISTFILE is preferred over command line
69d4cc70	598	* argument (-H/--histfile).
d62a17ae	599	*/
99a9f25c DS	600	if (histfile_env) {
99a9f25c DS	601	strlcpy(history_file, histfile_env, sizeof(history_file));
69d4cc70 DA	602	} else if (histfile) {
	603	strlcpy(history_file, histfile, sizeof(history_file));
	604	} else {
	605	homedir = vtysh_get_home();
	606	if (homedir)
	607	snprintf(history_file, sizeof(history_file),
	608	"%s/.history_frr", homedir);
	609	}
	610
	611	if (strlen(history_file) > 0) {
d62a17ae	612	if (read_history(history_file) != 0) {
	613	int fp;
	614
	615	fp = open(history_file, O_CREAT \| O_EXCL,
	616	S_IRUSR \| S_IWUSR);
cbb65f5e	617	if (fp != -1)
d62a17ae	618	close(fp);
	619
	620	read_history(history_file);
	621	}
	622	}
	623
32f3268f DL	624	if (getenv("VTYSH_LOG")) {
	625	const char *logpath = getenv("VTYSH_LOG");
	626
	627	logfile = fopen(logpath, "a");
	628	if (!logfile) {
	629	fprintf(stderr, "Failed to open logfile (%s): %s\n",
	630	logpath, strerror(errno));
	631	exit(1);
	632	}
	633	}
	634
d62a17ae	635	/* If eval mode. */
47402c0f	636	if (cmd && cmd->line) {
d62a17ae	637	/* Enter into enable node. */
f205fcdb LB	638	if (!user_mode)
f205fcdb LB	639	vtysh_execute("enable");
d62a17ae	640
744bc17d CH	641	vtysh_add_timestamp = ts_flag;
744bc17d CH	642
d62a17ae	643	while (cmd != NULL) {
d62a17ae	644	char *eol;
	645
	646	while ((eol = strchr(cmd->line, '\n')) != NULL) {
	647	*eol = '\0';
	648
	649	add_history(cmd->line);
	650	append_history(1, history_file);
	651
	652	if (echo_command)
	653	printf("%s%s\n", vtysh_prompt(),
	654	cmd->line);
	655
	656	if (logfile)
	657	log_it(cmd->line);
	658
	659	ret = vtysh_execute_no_pager(cmd->line);
	660	if (!no_error
	661	&& !(ret == CMD_SUCCESS
	662	\|\| ret == CMD_SUCCESS_DAEMON
	663	\|\| ret == CMD_WARNING))
	664	exit(1);
	665
	666	cmd->line = eol + 1;
	667	}
	668
	669	add_history(cmd->line);
	670	append_history(1, history_file);
	671
	672	if (echo_command)
	673	printf("%s%s\n", vtysh_prompt(), cmd->line);
	674
	675	if (logfile)
	676	log_it(cmd->line);
	677
a4364a44	678	/*
76015847 QY	679	* Parsing logic for regular commands will be different
	680	* than for those commands requiring further
	681	* processing, such as cli instructions terminating
	682	* with question-mark character.
a4364a44 RM	683	*/
	684	if (!vtysh_execute_command_questionmark(cmd->line))
	685	ret = CMD_SUCCESS;
	686	else
	687	ret = vtysh_execute_no_pager(cmd->line);
	688
d62a17ae	689	if (!no_error
	690	&& !(ret == CMD_SUCCESS \|\| ret == CMD_SUCCESS_DAEMON
	691	\|\| ret == CMD_WARNING))
	692	exit(1);
	693
	694	{
	695	struct cmd_rec *cr;
	696	cr = cmd;
	697	cmd = cmd->next;
	698	XFREE(MTYPE_TMP, cr);
	699	}
	700	}
	701
	702	history_truncate_file(history_file, 1000);
	703	exit(0);
	704	}
	705
	706	/* Boot startup configuration file. */
	707	if (boot_flag) {
9b8a8249	708	vtysh_flock_config(frr_config);
77f7b4b0	709	ret = vtysh_read_config(frr_config, dryrun);
d62a17ae	710	vtysh_unflock_config();
	711	if (ret) {
	712	fprintf(stderr,
	713	"Configuration file[%s] processing failure: %d\n",
9b8a8249	714	frr_config, ret);
d62a17ae	715	if (no_error)
	716	exit(0);
	717	else
	718	exit(ret);
	719	} else
	720	exit(0);
e7168df4	721	}
718e3744	722
d62a17ae	723	vtysh_readline_init();
718e3744	724
d62a17ae	725	vty_hello(vty);
718e3744	726
d62a17ae	727	/* Enter into enable node. */
f205fcdb LB	728	if (!user_mode)
f205fcdb LB	729	vtysh_execute("enable");
e7168df4	730
744bc17d CH	731	vtysh_add_timestamp = ts_flag;
744bc17d CH	732
d62a17ae	733	/* Main command loop. */
4c92dd90	734	vtysh_rl_run();
718e3744	735
193a5a95 QY	736	vtysh_uninit();
193a5a95 QY	737
d62a17ae	738	history_truncate_file(history_file, 1000);
d62a17ae	739	printf("\n");
718e3744	740
d62a17ae	741	/* Rest in peace. */
d62a17ae	742	exit(0);
718e3744	743	}