Browse Source

Finish draft implementation

Spawn a shell (or any command specified on the command line) once
the secret has been reconstituted and wait for the child process
to terminate, then delete the secret.
develop
Damien Goutte-Gattat 5 years ago
parent
commit
705618b705
  1. 42
      src/gfsec-use.c

42
src/gfsec-use.c

@ -25,6 +25,9 @@
#include <string.h>
#include <errno.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include <getopt.h>
#include <err.h>
@ -166,6 +169,7 @@ main(int argc, char **argv)
gfsec_secret_config_t *cfg;
gfsec_share_t *share;
unsigned have_shares, have_full;
pid_t pid;
struct option options[] = {
{ "help", 0, NULL, 'h' },
@ -281,6 +285,44 @@ main(int argc, char **argv)
else
errx(EXIT_FAILURE, "Not enough data to reconstitute secret");
if ( (pid = fork()) == -1 ) {
unlink(cfg->output_file);
err(EXIT_FAILURE, "Cannot fork");
}
else if ( pid == 0 ) {
gfsec_destroy_config(cfg);
if ( optind < argc ) {
execvp(argv[optind], &(argv[optind]));
}
else {
char *shell, *args[3];
if ( ! (shell = getenv("SHELL")) )
shell = "/bin/sh";
args[0] = shell;
args[1] = "-i";
args[2] = NULL;
putenv("PS1=gfsec> ");
execvp(shell, args);
}
err(EXIT_FAILURE, "Cannot exec");
}
else {
int status;
if ( waitpid(pid, &status, 0) == -1 )
warn("Cannot wait for child process");
printf("Removing secret.\n");
unlink(cfg->output_file);
}
gfsec_destroy_config(cfg);
return EXIT_SUCCESS;

Loading…
Cancel
Save