1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/types.h> 33 #include <sys/capsicum.h> 34 #include <sys/queue.h> 35 #include <sys/socket.h> 36 #include <sys/stat.h> 37 #include <sys/un.h> 38 39 #include <capsicum_helpers.h> 40 #include <err.h> 41 #include <errno.h> 42 #include <fcntl.h> 43 #include <signal.h> 44 #include <stdio.h> 45 #include <stdlib.h> 46 #include <string.h> 47 #include <unistd.h> 48 49 struct entry { 50 int fd; 51 const char *name; 52 STAILQ_ENTRY(entry) entries; 53 }; 54 static STAILQ_HEAD(, entry) head = STAILQ_HEAD_INITIALIZER(head); 55 56 static void add(int, const char *); 57 static int tee_open(const char *, int); 58 static void usage(void) __dead2; 59 60 int 61 main(int argc, char *argv[]) 62 { 63 char *bp, *buf; 64 struct entry *p; 65 int append, ch, exitval, fd, n, oflags, rval, wval; 66 #define BSIZE (8 * 1024) 67 68 append = 0; 69 while ((ch = getopt(argc, argv, "ai")) != -1) 70 switch((char)ch) { 71 case 'a': 72 append = 1; 73 break; 74 case 'i': 75 (void)signal(SIGINT, SIG_IGN); 76 break; 77 case '?': 78 default: 79 usage(); 80 } 81 argv += optind; 82 argc -= optind; 83 84 if ((buf = malloc(BSIZE)) == NULL) 85 err(1, "malloc"); 86 87 if (caph_limit_stdin() == -1 || caph_limit_stderr() == -1) 88 err(EXIT_FAILURE, "unable to limit stdio"); 89 90 add(STDOUT_FILENO, "stdout"); 91 92 oflags = O_WRONLY | O_CREAT; 93 if (append) 94 oflags |= O_APPEND; 95 else 96 oflags |= O_TRUNC; 97 98 for (exitval = 0; *argv; ++argv) { 99 if ((fd = tee_open(*argv, oflags)) < 0) { 100 warn("%s", *argv); 101 exitval = 1; 102 } else { 103 add(fd, *argv); 104 } 105 } 106 107 if (caph_enter() < 0) 108 err(EXIT_FAILURE, "unable to enter capability mode"); 109 while ((rval = read(STDIN_FILENO, buf, BSIZE)) > 0) 110 STAILQ_FOREACH(p, &head, entries) { 111 n = rval; 112 bp = buf; 113 do { 114 if ((wval = write(p->fd, bp, n)) == -1) { 115 warn("%s", p->name); 116 exitval = 1; 117 break; 118 } 119 bp += wval; 120 } while (n -= wval); 121 } 122 if (rval < 0) 123 err(1, "read"); 124 exit(exitval); 125 } 126 127 static void 128 usage(void) 129 { 130 (void)fprintf(stderr, "usage: tee [-ai] [file ...]\n"); 131 exit(1); 132 } 133 134 static void 135 add(int fd, const char *name) 136 { 137 struct entry *p; 138 cap_rights_t rights; 139 140 if (fd == STDOUT_FILENO) { 141 if (caph_limit_stdout() == -1) 142 err(EXIT_FAILURE, "unable to limit stdout"); 143 } else { 144 cap_rights_init(&rights, CAP_WRITE, CAP_FSTAT); 145 if (caph_rights_limit(fd, &rights) < 0) 146 err(EXIT_FAILURE, "unable to limit rights"); 147 } 148 149 if ((p = malloc(sizeof(struct entry))) == NULL) 150 err(1, "malloc"); 151 p->fd = fd; 152 p->name = name; 153 STAILQ_INSERT_HEAD(&head, p, entries); 154 } 155 156 static int 157 tee_open(const char *path, int oflags) 158 { 159 struct sockaddr_un sun = { .sun_family = AF_UNIX }; 160 size_t pathlen; 161 int fd; 162 163 if ((fd = open(path, oflags, DEFFILEMODE)) >= 0) 164 return (fd); 165 166 if (errno != EOPNOTSUPP) 167 return (-1); 168 169 pathlen = strnlen(path, sizeof(sun.sun_path)); 170 if (pathlen >= sizeof(sun.sun_path)) 171 goto failed; 172 173 /* 174 * For EOPNOTSUPP, we'll try again as a unix(4) socket. Any errors here 175 * we'll just surface as the original EOPNOTSUPP since they may not have 176 * intended for this. 177 */ 178 fd = socket(PF_UNIX, SOCK_STREAM, 0); 179 if (fd < 0) 180 goto failed; 181 182 (void)strlcpy(&sun.sun_path[0], path, sizeof(sun.sun_path)); 183 sun.sun_len = SUN_LEN(&sun); 184 185 if (connect(fd, (const struct sockaddr *)&sun, sun.sun_len) == 0) 186 return (fd); 187 188 failed: 189 if (fd >= 0) 190 close(fd); 191 errno = EOPNOTSUPP; 192 return (-1); 193 } 194