#8/#39: Rework deny_remote / remove unknown_pts_as_local

Makefile

@@ -25,6 +25,7 @@ SRCS		:= src/conf.c \
 		   src/xpath.c \
 		   src/pad.c \
 		   src/volume.c \
+		   src/process.c \
 		   src/local.c \
 		   src/device.c
 OBJS		:= $(SRCS:.c=.o)

src/local.c

@@ -21,56 +21,31 @@
 #include <utmp.h>
 #include "log.h"
 #include "conf.h"
+#include "process.h"
 
 int pusb_local_login(t_pusb_options *opts, const char *user)
 {
-	struct utmp	utsearch;
-	struct utmp	*utent;
-	const char	*from;
-	int			i;
-
 	if (!opts->deny_remote)
 	{
 	  log_debug("deny_remote is disabled. Skipping local check.\n");
 	  return (1);
 	}
-	log_debug("Checking whether the caller is local or not...\n");
-	from = ttyname(STDIN_FILENO);
-	if (!from || !(*from))
-	{
-		if (!opts->unknown_pts_as_local) {
-			log_debug("Couldn't retrieve the tty name, aborting.\n");
-			return (0);
-		}
 
-		log_debug("Couldn't retrieve the tty name, assuming local pseudo terminal\n");
-		return (1);
-	}
-	if (!strncmp(from, "/dev/", strlen("/dev/")))
-		from += strlen("/dev/");
-	log_debug("Authentication request from tty %s\n", from);
-	strncpy(utsearch.ut_line, from, sizeof(utsearch.ut_line) - 1);
-	setutent();
-	utent = getutline(&utsearch);
-	endutent();
-	if (!utent)
-	{
-		if (!opts->unknown_pts_as_local) {
-			log_debug("No utmp entry found for tty \"%s\", assuming remote session\n", from);
-			return (0);
-		}
+	log_debug("Checking whether the caller is local or not...\n");
+
+	pid_t pid = getpid();
+	while (pid != 0) {
+		char name[BUFSIZ];
+		get_process_name(pid, name);
+		log_debug("    Checking pid %6d (%s)...\n", pid, name);
+		get_process_parent_id(pid, & pid);
 
-		log_debug("No utmp entry found for tty \"%s\", assuming local pseudo terminal\n", from);
-		return (1);
-	}
-	for (i = 0; i < 4; ++i)
-	{
-		if (utent->ut_addr_v6[i] != 0)
-		{
-			log_error("Remote authentication request: %s\n", utent->ut_host);
+		if (strstr(name, "sshd") != NULL || strstr(name, "telnetd") != NULL) {
+			log_error("One of the parent processes found to be a remote access daemon, denying.\n");
 			return (0);
 		}
 	}
-	log_debug("Caller is local.\n");
+
+	log_debug("No remote daemons found in parent process list, seems to be local request - allowing.\n");
 	return (1);
 }

src/process.c

@@ -0,0 +1,55 @@
+/**
+ * Source: https://gist.github.com/fclairamb/a16a4237c46440bdb172
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "process.h"
+
+/**
+ * Get a process name from its PID.
+ * @param pid PID of the process
+ * @param name Name of the process
+ * 
+ * Source: http://stackoverflow.com/questions/15545341/process-name-from-its-pid-in-linux
+ */
+void get_process_name(const pid_t pid, char * name) {
+	char procfile[BUFSIZ];
+	sprintf(procfile, "/proc/%d/cmdline", pid);
+	FILE* f = fopen(procfile, "r");
+	if (f) {
+		size_t size;
+		size = fread(name, sizeof (char), sizeof (procfile), f);
+		if (size > 0) {
+			if ('\n' == name[size - 1])
+				name[size - 1] = '\0';
+		}
+		fclose(f);
+	}
+}
+
+/**
+ * Get the parent PID from a PID
+ * @param pid pid
+ * @param ppid parent process id
+ * 
+ * Note: init is 1 and it has a parent id of 0.
+ */
+void get_process_parent_id(const pid_t pid, pid_t * ppid) {
+	char buffer[BUFSIZ];
+	sprintf(buffer, "/proc/%d/stat", pid);
+	FILE* fp = fopen(buffer, "r");
+	if (fp) {
+		size_t size = fread(buffer, sizeof (char), sizeof (buffer), fp);
+		if (size > 0) {
+			// See: http://man7.org/linux/man-pages/man5/proc.5.html section /proc/[pid]/stat
+			strtok(buffer, " "); // (1) pid  %d
+			strtok(NULL, " "); // (2) comm  %s
+			strtok(NULL, " "); // (3) state  %c
+			char * s_ppid = strtok(NULL, " "); // (4) ppid  %d
+			*ppid = atoi(s_ppid);
+		}
+		fclose(fp);
+	}
+}

src/process.h

@@ -0,0 +1,10 @@
+#ifndef PUSB_PROCESS_H_
+# define PUSB_PROCESS_H_
+
+#include <unistd.h>
+
+void get_process_name(const pid_t pid, char * name);
+
+void get_process_parent_id(const pid_t pid, pid_t * ppid);
+
+#endif /* !PUSB_PROCESS_H_ */