1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1988, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <sys/types.h>
33 #include <sys/capsicum.h>
34 #include <sys/queue.h>
35 #include <sys/socket.h>
36 #include <sys/stat.h>
37 #include <sys/un.h>
38
39 #include <capsicum_helpers.h>
40 #include <err.h>
41 #include <errno.h>
42 #include <fcntl.h>
43 #include <signal.h>
44 #include <stdio.h>
45 #include <stdlib.h>
46 #include <string.h>
47 #include <unistd.h>
48
49 struct entry {
50 int fd;
51 const char *name;
52 STAILQ_ENTRY(entry) entries;
53 };
54 static STAILQ_HEAD(, entry) head = STAILQ_HEAD_INITIALIZER(head);
55
56 static void add(int, const char *);
57 static int tee_open(const char *, int);
58 static void usage(void) __dead2;
59
60 int
main(int argc,char * argv[])61 main(int argc, char *argv[])
62 {
63 char *bp, *buf;
64 struct entry *p;
65 int append, ch, exitval, fd, n, oflags, rval, wval;
66 #define BSIZE (8 * 1024)
67
68 append = 0;
69 while ((ch = getopt(argc, argv, "ai")) != -1)
70 switch((char)ch) {
71 case 'a':
72 append = 1;
73 break;
74 case 'i':
75 (void)signal(SIGINT, SIG_IGN);
76 break;
77 case '?':
78 default:
79 usage();
80 }
81 argv += optind;
82 argc -= optind;
83
84 if ((buf = malloc(BSIZE)) == NULL)
85 err(1, "malloc");
86
87 if (caph_limit_stdin() == -1 || caph_limit_stderr() == -1)
88 err(EXIT_FAILURE, "unable to limit stdio");
89
90 add(STDOUT_FILENO, "stdout");
91
92 oflags = O_WRONLY | O_CREAT;
93 if (append)
94 oflags |= O_APPEND;
95 else
96 oflags |= O_TRUNC;
97
98 for (exitval = 0; *argv; ++argv) {
99 if ((fd = tee_open(*argv, oflags)) < 0) {
100 warn("%s", *argv);
101 exitval = 1;
102 } else {
103 add(fd, *argv);
104 }
105 }
106
107 if (caph_enter() < 0)
108 err(EXIT_FAILURE, "unable to enter capability mode");
109 while ((rval = read(STDIN_FILENO, buf, BSIZE)) > 0)
110 STAILQ_FOREACH(p, &head, entries) {
111 n = rval;
112 bp = buf;
113 do {
114 if ((wval = write(p->fd, bp, n)) == -1) {
115 warn("%s", p->name);
116 exitval = 1;
117 break;
118 }
119 bp += wval;
120 } while (n -= wval);
121 }
122 if (rval < 0)
123 err(1, "read");
124 exit(exitval);
125 }
126
127 static void
usage(void)128 usage(void)
129 {
130 (void)fprintf(stderr, "usage: tee [-ai] [file ...]\n");
131 exit(1);
132 }
133
134 static void
add(int fd,const char * name)135 add(int fd, const char *name)
136 {
137 struct entry *p;
138 cap_rights_t rights;
139
140 if (fd == STDOUT_FILENO) {
141 if (caph_limit_stdout() == -1)
142 err(EXIT_FAILURE, "unable to limit stdout");
143 } else {
144 cap_rights_init(&rights, CAP_WRITE, CAP_FSTAT);
145 if (caph_rights_limit(fd, &rights) < 0)
146 err(EXIT_FAILURE, "unable to limit rights");
147 }
148
149 if ((p = malloc(sizeof(struct entry))) == NULL)
150 err(1, "malloc");
151 p->fd = fd;
152 p->name = name;
153 STAILQ_INSERT_HEAD(&head, p, entries);
154 }
155
156 static int
tee_open(const char * path,int oflags)157 tee_open(const char *path, int oflags)
158 {
159 struct sockaddr_un sun = { .sun_family = AF_UNIX };
160 size_t pathlen;
161 int fd;
162
163 if ((fd = open(path, oflags, DEFFILEMODE)) >= 0)
164 return (fd);
165
166 if (errno != EOPNOTSUPP)
167 return (-1);
168
169 pathlen = strnlen(path, sizeof(sun.sun_path));
170 if (pathlen >= sizeof(sun.sun_path))
171 goto failed;
172
173 /*
174 * For EOPNOTSUPP, we'll try again as a unix(4) socket. Any errors here
175 * we'll just surface as the original EOPNOTSUPP since they may not have
176 * intended for this.
177 */
178 fd = socket(PF_UNIX, SOCK_STREAM, 0);
179 if (fd < 0)
180 goto failed;
181
182 (void)strlcpy(&sun.sun_path[0], path, sizeof(sun.sun_path));
183 sun.sun_len = SUN_LEN(&sun);
184
185 if (connect(fd, (const struct sockaddr *)&sun, sun.sun_len) == 0)
186 return (fd);
187
188 failed:
189 if (fd >= 0)
190 close(fd);
191 errno = EOPNOTSUPP;
192 return (-1);
193 }
194