1 | /* |
---|
2 | * Running commands. |
---|
3 | * |
---|
4 | * These are the functions for running external commands under remctld and |
---|
5 | * calling the appropriate protocol functions to deal with the output. |
---|
6 | * |
---|
7 | * Written by Russ Allbery <rra@stanford.edu> |
---|
8 | * Based on work by Anton Ushakov |
---|
9 | * Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 |
---|
10 | * Board of Trustees, Leland Stanford Jr. University |
---|
11 | * |
---|
12 | * See LICENSE for licensing terms. |
---|
13 | */ |
---|
14 | |
---|
15 | #include <config.h> |
---|
16 | #include <portable/system.h> |
---|
17 | #include <portable/uio.h> |
---|
18 | |
---|
19 | #include <errno.h> |
---|
20 | #include <fcntl.h> |
---|
21 | #ifdef HAVE_SYS_SELECT_H |
---|
22 | # include <sys/select.h> |
---|
23 | #endif |
---|
24 | #include <sys/time.h> |
---|
25 | #include <sys/wait.h> |
---|
26 | |
---|
27 | #include <server/internal.h> |
---|
28 | #include <util/util.h> |
---|
29 | |
---|
30 | /* Data structure used to hold details about a running process. */ |
---|
31 | struct process { |
---|
32 | bool reaped; /* Whether we've reaped the process. */ |
---|
33 | int fds[2]; /* Array of file descriptors for output. */ |
---|
34 | int stdin_fd; /* File descriptor for standard input. */ |
---|
35 | struct iovec *input; /* Data to pass on standard input. */ |
---|
36 | pid_t pid; /* Process ID of child. */ |
---|
37 | int status; /* Exit status. */ |
---|
38 | }; |
---|
39 | |
---|
40 | |
---|
41 | /* |
---|
42 | * Processes the input to and output from an external program. Takes the |
---|
43 | * client struct and a struct representing the running process. Feeds input |
---|
44 | * data to the process on standard input and reads from all the streams as |
---|
45 | * output is available, stopping when they all reach EOF. |
---|
46 | * |
---|
47 | * For protocol v2 and higher, we can send the output immediately as we get |
---|
48 | * it. For protocol v1, we instead accumulate the output in the buffer stored |
---|
49 | * in our client struct, and will send it out later in conjunction with the |
---|
50 | * exit status. |
---|
51 | * |
---|
52 | * Returns true on success, false on failure. |
---|
53 | */ |
---|
54 | static int |
---|
55 | server_process_output(struct client *client, struct process *process) |
---|
56 | { |
---|
57 | char junk[BUFSIZ]; |
---|
58 | char *p; |
---|
59 | size_t offset = 0; |
---|
60 | size_t left = MAXBUFFER; |
---|
61 | ssize_t status[2], instatus; |
---|
62 | int i, maxfd, fd, result; |
---|
63 | fd_set readfds, writefds; |
---|
64 | struct timeval timeout; |
---|
65 | |
---|
66 | /* If we haven't allocated an output buffer, do so now. */ |
---|
67 | if (client->output == NULL) |
---|
68 | client->output = xmalloc(MAXBUFFER); |
---|
69 | p = client->output; |
---|
70 | |
---|
71 | /* |
---|
72 | * Initialize read status for standard output and standard error and write |
---|
73 | * status for standard input to the process. Non-zero says that we keep |
---|
74 | * trying to read or write. |
---|
75 | */ |
---|
76 | status[0] = -1; |
---|
77 | status[1] = -1; |
---|
78 | instatus = (process->input != NULL ? -1 : 0); |
---|
79 | |
---|
80 | /* |
---|
81 | * Now, loop while we have input. We no longer have input if the return |
---|
82 | * status of read is 0 on all file descriptors. At that point, we break |
---|
83 | * out of the loop. |
---|
84 | * |
---|
85 | * Exceptionally, however, we want to catch the case where our child |
---|
86 | * process ran some other command that didn't close its inherited standard |
---|
87 | * output and error and then exited itself. This is not uncommon with |
---|
88 | * init scripts that start poorly-written daemons. Once our child process |
---|
89 | * is finished, we're done, even if standard output and error from the |
---|
90 | * child process aren't closed yet. To catch this case, call waitpid with |
---|
91 | * the WNOHANG flag each time through the select loop and decide we're |
---|
92 | * done as soon as our child has exited. |
---|
93 | * |
---|
94 | * Meanwhile, if we have input data, then as long as we've not gotten an |
---|
95 | * EPIPE error from sending input data to the process we keep writing |
---|
96 | * input data as select indicates the process can receive it. However, we |
---|
97 | * don't care if we've sent all input data before the process says it's |
---|
98 | * done and exits. |
---|
99 | */ |
---|
100 | while (!process->reaped) { |
---|
101 | FD_ZERO(&readfds); |
---|
102 | maxfd = -1; |
---|
103 | for (i = 0; i < 2; i++) { |
---|
104 | if (status[i] != 0) { |
---|
105 | if (process->fds[i] > maxfd) |
---|
106 | maxfd = process->fds[i]; |
---|
107 | FD_SET(process->fds[i], &readfds); |
---|
108 | } |
---|
109 | } |
---|
110 | if (instatus != 0) { |
---|
111 | FD_ZERO(&writefds); |
---|
112 | if (process->stdin_fd > maxfd) |
---|
113 | maxfd = process->stdin_fd; |
---|
114 | FD_SET(process->stdin_fd, &writefds); |
---|
115 | } |
---|
116 | if (maxfd == -1) |
---|
117 | break; |
---|
118 | |
---|
119 | /* |
---|
120 | * We want to wait until either our child exits or until we get data |
---|
121 | * on its output file descriptors. Normally, the SIGCHLD signal from |
---|
122 | * the child exiting would break us out of our select loop. However, |
---|
123 | * the child could exit between the waitpid call and the select call, |
---|
124 | * in which case select could block forever since there's nothing to |
---|
125 | * wake it up. |
---|
126 | * |
---|
127 | * The POSIX-correct way of doing this is to block SIGCHLD and then |
---|
128 | * use pselect instead of select with a signal mask that allows |
---|
129 | * SIGCHLD. This allows SIGCHLD from the exiting child process to |
---|
130 | * reliably interrupt pselect without race conditions from the child |
---|
131 | * exiting before pselect is called. |
---|
132 | * |
---|
133 | * Unfortunately, Linux didn't implement a proper pselect until 2.6.16 |
---|
134 | * and the glibc wrapper that emulates it leaves us open to exactly |
---|
135 | * the race condition we're trying to avoid. This unfortunately |
---|
136 | * leaves us with no choice but to set a timeout and wake up every |
---|
137 | * five seconds to see if our child died. (The wait time is arbitrary |
---|
138 | * but makes the test suite less annoying.) |
---|
139 | * |
---|
140 | * If we see that the child has already exited, do one final poll of |
---|
141 | * our output file descriptors and then call the command finished. |
---|
142 | */ |
---|
143 | timeout.tv_sec = 5; |
---|
144 | timeout.tv_usec = 0; |
---|
145 | if (waitpid(process->pid, &process->status, WNOHANG) > 0) { |
---|
146 | process->reaped = true; |
---|
147 | timeout.tv_sec = 0; |
---|
148 | } |
---|
149 | if (instatus != 0) |
---|
150 | result = select(maxfd + 1, &readfds, &writefds, NULL, &timeout); |
---|
151 | else |
---|
152 | result = select(maxfd + 1, &readfds, NULL, NULL, &timeout); |
---|
153 | if (result < 0 && errno != EINTR) { |
---|
154 | syswarn("select failed"); |
---|
155 | server_send_error(client, ERROR_INTERNAL, "Internal failure"); |
---|
156 | goto fail; |
---|
157 | } |
---|
158 | |
---|
159 | /* |
---|
160 | * If we can still write and our child selected for writing, send as |
---|
161 | * much data as we can. |
---|
162 | */ |
---|
163 | if (instatus != 0 && FD_ISSET(process->stdin_fd, &writefds)) { |
---|
164 | instatus = write(process->stdin_fd, |
---|
165 | (char *) process->input->iov_base + offset, |
---|
166 | process->input->iov_len - offset); |
---|
167 | if (instatus < 0) { |
---|
168 | if (errno == EPIPE) |
---|
169 | instatus = 0; |
---|
170 | else if (errno != EINTR && errno != EAGAIN) { |
---|
171 | syswarn("write failed"); |
---|
172 | server_send_error(client, ERROR_INTERNAL, |
---|
173 | "Internal failure"); |
---|
174 | goto fail; |
---|
175 | } |
---|
176 | } |
---|
177 | offset += instatus; |
---|
178 | if (offset >= process->input->iov_len) { |
---|
179 | close(process->stdin_fd); |
---|
180 | instatus = 0; |
---|
181 | } |
---|
182 | } |
---|
183 | |
---|
184 | /* |
---|
185 | * Iterate through each set file descriptor and read its output. If |
---|
186 | * we're using protocol version one, we append all the output together |
---|
187 | * into the buffer. Otherwise, we send an output token for each bit |
---|
188 | * of output as we see it. |
---|
189 | */ |
---|
190 | for (i = 0; i < 2; i++) { |
---|
191 | fd = process->fds[i]; |
---|
192 | if (!FD_ISSET(fd, &readfds)) |
---|
193 | continue; |
---|
194 | if (client->protocol == 1) { |
---|
195 | if (left > 0) { |
---|
196 | status[i] = read(fd, p, left); |
---|
197 | if (status[i] < 0 && (errno != EINTR && errno != EAGAIN)) |
---|
198 | goto readfail; |
---|
199 | else if (status[i] > 0) { |
---|
200 | p += status[i]; |
---|
201 | left -= status[i]; |
---|
202 | } |
---|
203 | } else { |
---|
204 | status[i] = read(fd, junk, sizeof(junk)); |
---|
205 | if (status[i] < 0 && (errno != EINTR && errno != EAGAIN)) |
---|
206 | goto readfail; |
---|
207 | } |
---|
208 | } else { |
---|
209 | status[i] = read(fd, client->output, MAXBUFFER); |
---|
210 | if (status[i] < 0 && (errno != EINTR && errno != EAGAIN)) |
---|
211 | goto readfail; |
---|
212 | if (status[i] > 0) { |
---|
213 | client->outlen = status[i]; |
---|
214 | if (!server_v2_send_output(client, i + 1)) |
---|
215 | goto fail; |
---|
216 | } |
---|
217 | } |
---|
218 | } |
---|
219 | } |
---|
220 | if (client->protocol == 1) |
---|
221 | client->outlen = p - client->output; |
---|
222 | return 1; |
---|
223 | |
---|
224 | readfail: |
---|
225 | syswarn("read failed"); |
---|
226 | server_send_error(client, ERROR_INTERNAL, "Internal failure"); |
---|
227 | fail: |
---|
228 | return 0; |
---|
229 | } |
---|
230 | |
---|
231 | |
---|
232 | /* |
---|
233 | * Process an incoming command. Check the configuration files and the ACL |
---|
234 | * file, and if appropriate, forks off the command. Takes the argument vector |
---|
235 | * and the user principal, and a buffer into which to put the output from the |
---|
236 | * executable or any error message. Returns 0 on success and a negative |
---|
237 | * integer on failure. |
---|
238 | * |
---|
239 | * Using the command and the subcommand, the following argument, a lookup in |
---|
240 | * the conf data structure is done to find the command executable and acl |
---|
241 | * file. If the conf file, and subsequently the conf data structure contains |
---|
242 | * an entry for this command with subcommand equal to "ALL", that is a |
---|
243 | * wildcard match for any given subcommand. The first argument is then |
---|
244 | * replaced with the actual program name to be executed. |
---|
245 | * |
---|
246 | * After checking the acl permissions, the process forks and the child execv's |
---|
247 | * the command with pipes arranged to gather output. The parent waits for the |
---|
248 | * return code and gathers stdout and stderr pipes. |
---|
249 | */ |
---|
250 | void |
---|
251 | server_run_command(struct client *client, struct config *config, |
---|
252 | struct iovec **argv) |
---|
253 | { |
---|
254 | char *program; |
---|
255 | char *path = NULL; |
---|
256 | char *command = NULL; |
---|
257 | char *subcommand = NULL; |
---|
258 | struct confline *cline = NULL; |
---|
259 | int stdin_pipe[2], stdout_pipe[2], stderr_pipe[2]; |
---|
260 | char **req_argv = NULL; |
---|
261 | size_t count, i, j, stdin_arg; |
---|
262 | bool ok; |
---|
263 | int fd; |
---|
264 | struct process process = { 0, { 0, 0 }, 0, NULL, -1, 0 }; |
---|
265 | const char *user = client->user; |
---|
266 | |
---|
267 | /* |
---|
268 | * We need at least one argument. This is also rejected earlier when |
---|
269 | * parsing the command and checking argc, but may as well be sure. |
---|
270 | */ |
---|
271 | if (argv[0] == NULL) { |
---|
272 | notice("empty command from user %s", user); |
---|
273 | server_send_error(client, ERROR_BAD_COMMAND, "Invalid command token"); |
---|
274 | goto done; |
---|
275 | } |
---|
276 | |
---|
277 | /* |
---|
278 | * Neither the command nor the subcommand may ever contain nuls. |
---|
279 | * Arguments may only contain nuls if they're the argument being passed on |
---|
280 | * standard input. |
---|
281 | */ |
---|
282 | for (i = 0; argv[i] != NULL && i < 2; i++) { |
---|
283 | if (memchr(argv[i]->iov_base, '\0', argv[i]->iov_len)) { |
---|
284 | notice("%s from user %s contains nul octet", |
---|
285 | (i == 0) ? "command" : "subcommand", user); |
---|
286 | server_send_error(client, ERROR_BAD_COMMAND, |
---|
287 | "Invalid command token"); |
---|
288 | goto done; |
---|
289 | } |
---|
290 | } |
---|
291 | |
---|
292 | /* We need the command and subcommand as nul-terminated strings. */ |
---|
293 | command = xstrndup(argv[0]->iov_base, argv[0]->iov_len); |
---|
294 | if (argv[1] != NULL) |
---|
295 | subcommand = xstrndup(argv[1]->iov_base, argv[1]->iov_len); |
---|
296 | |
---|
297 | /* |
---|
298 | * Look up the command and the ACL file from the conf file structure in |
---|
299 | * memory. Commands with no subcommand argument will only match lines |
---|
300 | * with the ALL wildcard. |
---|
301 | */ |
---|
302 | for (i = 0; i < config->count; i++) { |
---|
303 | cline = config->rules[i]; |
---|
304 | if (strcmp(cline->command, command) == 0) { |
---|
305 | if (strcmp(cline->subcommand, "ALL") == 0 |
---|
306 | || (subcommand != NULL |
---|
307 | && strcmp(cline->subcommand, subcommand) == 0)) { |
---|
308 | path = cline->program; |
---|
309 | break; |
---|
310 | } |
---|
311 | } |
---|
312 | } |
---|
313 | |
---|
314 | /* |
---|
315 | * Arguments may only contain nuls if they're the argument being passed on |
---|
316 | * standard input. |
---|
317 | */ |
---|
318 | for (i = 1; argv[i] != NULL; i++) { |
---|
319 | if ((long) i == cline->stdin_arg) |
---|
320 | continue; |
---|
321 | if (argv[i + 1] == NULL && cline->stdin_arg == -1) |
---|
322 | continue; |
---|
323 | if (memchr(argv[i]->iov_base, '\0', argv[i]->iov_len)) { |
---|
324 | notice("argument %d from user %s contains nul octet", i, user); |
---|
325 | server_send_error(client, ERROR_BAD_COMMAND, |
---|
326 | "Invalid command token"); |
---|
327 | goto done; |
---|
328 | } |
---|
329 | } |
---|
330 | |
---|
331 | /* Log after we look for command so we can get potentially get logmask. */ |
---|
332 | server_log_command(argv, path == NULL ? NULL : cline, user); |
---|
333 | |
---|
334 | /* |
---|
335 | * Check the command, aclfile, and the authorization of this client to |
---|
336 | * run this command. |
---|
337 | */ |
---|
338 | if (path == NULL) { |
---|
339 | notice("unknown command %s%s%s from user %s", command, |
---|
340 | (subcommand == NULL) ? "" : " ", |
---|
341 | (subcommand == NULL) ? "" : subcommand, user); |
---|
342 | server_send_error(client, ERROR_UNKNOWN_COMMAND, "Unknown command"); |
---|
343 | goto done; |
---|
344 | } |
---|
345 | if (!server_config_acl_permit(cline, user)) { |
---|
346 | notice("access denied: user %s, command %s%s%s", user, command, |
---|
347 | (subcommand == NULL) ? "" : " ", |
---|
348 | (subcommand == NULL) ? "" : subcommand); |
---|
349 | server_send_error(client, ERROR_ACCESS, "Access denied"); |
---|
350 | goto done; |
---|
351 | } |
---|
352 | |
---|
353 | /* Get ready to assemble the argv of the command. */ |
---|
354 | for (count = 0; argv[count] != NULL; count++) |
---|
355 | ; |
---|
356 | req_argv = xmalloc((count + 1) * sizeof(char *)); |
---|
357 | |
---|
358 | /* |
---|
359 | * Get the real program name, and use it as the first argument in argv |
---|
360 | * passed to the command. Then build the rest of the argv for the |
---|
361 | * command, splicing out the argument we're passing on stdin (if any). |
---|
362 | */ |
---|
363 | program = strrchr(path, '/'); |
---|
364 | if (program == NULL) |
---|
365 | program = path; |
---|
366 | else |
---|
367 | program++; |
---|
368 | req_argv[0] = program; |
---|
369 | if (cline->stdin_arg == -1) |
---|
370 | stdin_arg = count - 1; |
---|
371 | else |
---|
372 | stdin_arg = (size_t) cline->stdin_arg; |
---|
373 | for (i = 1, j = 1; i < count; i++) { |
---|
374 | if (i == stdin_arg) { |
---|
375 | process.input = argv[i]; |
---|
376 | continue; |
---|
377 | } |
---|
378 | if (argv[i]->iov_len == 0) |
---|
379 | req_argv[j] = xstrdup(""); |
---|
380 | else |
---|
381 | req_argv[j] = xstrndup(argv[i]->iov_base, argv[i]->iov_len); |
---|
382 | j++; |
---|
383 | } |
---|
384 | req_argv[j] = NULL; |
---|
385 | |
---|
386 | /* |
---|
387 | * These pipes are used for communication with the child process that |
---|
388 | * actually runs the command. |
---|
389 | */ |
---|
390 | if (pipe(stdout_pipe) != 0 || pipe(stderr_pipe) != 0) { |
---|
391 | syswarn("cannot create pipes"); |
---|
392 | server_send_error(client, ERROR_INTERNAL, "Internal failure"); |
---|
393 | goto done; |
---|
394 | } |
---|
395 | if (process.input != NULL && pipe(stdin_pipe) != 0) { |
---|
396 | syswarn("cannot create stdin pipe"); |
---|
397 | server_send_error(client, ERROR_INTERNAL, "Internal failure"); |
---|
398 | goto done; |
---|
399 | } |
---|
400 | |
---|
401 | /* |
---|
402 | * Flush output before forking, mostly in case -S was given and we've |
---|
403 | * therefore been writing log messages to standard output that may not |
---|
404 | * have been flushed yet. |
---|
405 | */ |
---|
406 | fflush(stdout); |
---|
407 | process.pid = fork(); |
---|
408 | switch (process.pid) { |
---|
409 | case -1: |
---|
410 | syswarn("cannot fork"); |
---|
411 | server_send_error(client, ERROR_INTERNAL, "Internal failure"); |
---|
412 | goto done; |
---|
413 | |
---|
414 | /* In the child. */ |
---|
415 | case 0: |
---|
416 | dup2(stdout_pipe[1], 1); |
---|
417 | close(stdout_pipe[0]); |
---|
418 | close(stdout_pipe[1]); |
---|
419 | dup2(stderr_pipe[1], 2); |
---|
420 | close(stderr_pipe[0]); |
---|
421 | close(stderr_pipe[1]); |
---|
422 | |
---|
423 | /* |
---|
424 | * Set up stdin pipe if we have input data. |
---|
425 | * |
---|
426 | * If we don't have input data, child doesn't need stdin at all, but |
---|
427 | * just closing it causes problems for puppet. Reopen on /dev/null |
---|
428 | * instead. Ignore failure here, since it probably won't matter and |
---|
429 | * worst case is that we leave stdin closed. |
---|
430 | */ |
---|
431 | if (process.input != NULL) { |
---|
432 | dup2(stdin_pipe[0], 0); |
---|
433 | close(stdin_pipe[0]); |
---|
434 | close(stdin_pipe[1]); |
---|
435 | } else { |
---|
436 | close(0); |
---|
437 | fd = open("/dev/null", O_RDONLY); |
---|
438 | if (fd > 0) { |
---|
439 | dup2(fd, 0); |
---|
440 | close(fd); |
---|
441 | } |
---|
442 | } |
---|
443 | |
---|
444 | /* |
---|
445 | * Older versions of MIT Kerberos left the replay cache file open |
---|
446 | * across exec. Newer versions correctly set it close-on-exec, but |
---|
447 | * close our low-numbered file descriptors anyway for older versions. |
---|
448 | * We're just trying to get the replay cache, so we don't have to go |
---|
449 | * very high. |
---|
450 | */ |
---|
451 | for (fd = 3; fd < 16; fd++) |
---|
452 | close(fd); |
---|
453 | |
---|
454 | /* |
---|
455 | * Put the authenticated principal and other connection information in |
---|
456 | * the environment. REMUSER is for backwards compatibility with |
---|
457 | * earlier versions of remctl. |
---|
458 | */ |
---|
459 | if (setenv("REMUSER", client->user, 1) < 0) { |
---|
460 | syswarn("cannot set REMUSER in environment"); |
---|
461 | exit(-1); |
---|
462 | } |
---|
463 | if (setenv("REMOTE_USER", client->user, 1) < 0) { |
---|
464 | syswarn("cannot set REMOTE_USER in environment"); |
---|
465 | exit(-1); |
---|
466 | } |
---|
467 | if (setenv("REMOTE_ADDR", client->ipaddress, 1) < 0) { |
---|
468 | syswarn("cannot set REMOTE_ADDR in environment"); |
---|
469 | exit(-1); |
---|
470 | } |
---|
471 | if (client->hostname != NULL) { |
---|
472 | if (setenv("REMOTE_HOST", client->hostname, 1) < 0) { |
---|
473 | syswarn("cannot set REMOTE_HOST in environment"); |
---|
474 | exit(-1); |
---|
475 | } |
---|
476 | } |
---|
477 | |
---|
478 | /* Run the command. */ |
---|
479 | execv(path, req_argv); |
---|
480 | |
---|
481 | /* |
---|
482 | * This happens only if the exec fails. Print out an error message to |
---|
483 | * the stderr pipe and fail; that's the best that we can do. |
---|
484 | */ |
---|
485 | fprintf(stderr, "Cannot execute: %s\n", strerror(errno)); |
---|
486 | exit(-1); |
---|
487 | |
---|
488 | /* In the parent. */ |
---|
489 | default: |
---|
490 | close(stdout_pipe[1]); |
---|
491 | close(stderr_pipe[1]); |
---|
492 | if (process.input != NULL) |
---|
493 | close(stdin_pipe[0]); |
---|
494 | |
---|
495 | /* |
---|
496 | * Unblock the read ends of the output pipes, to enable us to read |
---|
497 | * from both iteratively, and unblock the write end of the input pipe |
---|
498 | * if we have one so that we don't block when feeding data to our |
---|
499 | * child. |
---|
500 | */ |
---|
501 | fdflag_nonblocking(stdout_pipe[0], true); |
---|
502 | fdflag_nonblocking(stderr_pipe[0], true); |
---|
503 | if (process.input != NULL) |
---|
504 | fdflag_nonblocking(stdin_pipe[1], true); |
---|
505 | |
---|
506 | /* |
---|
507 | * This collects output from both pipes iteratively, while the child |
---|
508 | * is executing, and processes it. It also sends input data if we |
---|
509 | * have any. |
---|
510 | */ |
---|
511 | process.fds[0] = stdout_pipe[0]; |
---|
512 | process.fds[1] = stderr_pipe[0]; |
---|
513 | if (process.input != NULL) |
---|
514 | process.stdin_fd = stdin_pipe[1]; |
---|
515 | ok = server_process_output(client, &process); |
---|
516 | close(process.fds[0]); |
---|
517 | close(process.fds[1]); |
---|
518 | if (process.input != NULL) |
---|
519 | close(process.stdin_fd); |
---|
520 | if (!process.reaped) |
---|
521 | waitpid(process.pid, &process.status, 0); |
---|
522 | if (WIFEXITED(process.status)) |
---|
523 | process.status = (signed int) WEXITSTATUS(process.status); |
---|
524 | else |
---|
525 | process.status = -1; |
---|
526 | if (ok) { |
---|
527 | if (client->protocol == 1) |
---|
528 | server_v1_send_output(client, process.status); |
---|
529 | else |
---|
530 | server_v2_send_status(client, process.status); |
---|
531 | } |
---|
532 | } |
---|
533 | |
---|
534 | done: |
---|
535 | if (command != NULL) |
---|
536 | free(command); |
---|
537 | if (subcommand != NULL) |
---|
538 | free(subcommand); |
---|
539 | if (req_argv != NULL) { |
---|
540 | i = 1; |
---|
541 | while (req_argv[i] != NULL) { |
---|
542 | free(req_argv[i]); |
---|
543 | i++; |
---|
544 | } |
---|
545 | free(req_argv); |
---|
546 | } |
---|
547 | } |
---|
548 | |
---|
549 | |
---|
550 | /* |
---|
551 | * Free a command, represented as a NULL-terminated array of pointers to iovec |
---|
552 | * structs. |
---|
553 | */ |
---|
554 | void |
---|
555 | server_free_command(struct iovec **command) |
---|
556 | { |
---|
557 | struct iovec **arg; |
---|
558 | |
---|
559 | for (arg = command; *arg != NULL; arg++) { |
---|
560 | if ((*arg)->iov_base != NULL) |
---|
561 | free((*arg)->iov_base); |
---|
562 | free(*arg); |
---|
563 | } |
---|
564 | free(command); |
---|
565 | } |
---|