diff options
Diffstat (limited to 'src/Core/Unix/CoreUnix.cpp')
-rw-r--r-- | src/Core/Unix/CoreUnix.cpp | 126 |
1 files changed, 116 insertions, 10 deletions
diff --git a/src/Core/Unix/CoreUnix.cpp b/src/Core/Unix/CoreUnix.cpp index 499ea439..258979b9 100644 --- a/src/Core/Unix/CoreUnix.cpp +++ b/src/Core/Unix/CoreUnix.cpp @@ -24,6 +24,11 @@ namespace VeraCrypt { +#ifdef TC_LINUX + static string GetTmpUser (); + static bool SamePath (const string& path1, const string& path2); +#endif + CoreUnix::CoreUnix () { signal (SIGPIPE, SIG_IGN); @@ -73,10 +78,8 @@ namespace VeraCrypt if (stat("/usr/bin/konsole", &sb) == 0) { args.clear (); - args.push_back ("--title"); - args.push_back ("fsck"); - args.push_back ("--caption"); - args.push_back ("fsck"); + args.push_back ("-p"); + args.push_back ("tabtitle=fsck"); args.push_back ("-e"); args.push_back ("sh"); args.push_back ("-c"); @@ -86,8 +89,22 @@ namespace VeraCrypt Process::Execute ("konsole", args, 1000); } catch (TimeOut&) { } } + else if (stat("/usr/bin/gnome-terminal", &sb) == 0 && stat("/usr/bin/dbus-launch", &sb) == 0) + { + args.clear (); + args.push_back ("--title"); + args.push_back ("fsck"); + args.push_back ("--"); + args.push_back ("sh"); + args.push_back ("-c"); + args.push_back (xargs); + try + { + Process::Execute ("gnome-terminal", args, 1000); + } catch (TimeOut&) { } + } else - throw; + throw TerminalNotFound(); } #endif } @@ -355,10 +372,99 @@ namespace VeraCrypt string CoreUnix::GetTempDirectory () const { - char *envDir = getenv ("TMPDIR"); - return envDir ? envDir : "/tmp"; + const char *tmpdir = getenv ("TMPDIR"); + string envDir = tmpdir ? tmpdir : "/tmp"; + +#ifdef TC_LINUX + /* + * If pam_tmpdir.so is in use, a different temporary directory is + * allocated for each user ID. We need to mount to the directory used + * by the non-root user. + */ + if (getuid () == 0 && envDir.size () >= 2 + && envDir.substr (envDir.size () - 2) == "/0") { + string tmpuser = GetTmpUser (); + if (SamePath (envDir, tmpuser + "/0")) { + /* Substitute the sudo'ing user for 0 */ + char uid[40]; + FILE *fp = fopen ("/proc/self/loginuid", "r"); + if (fp != NULL) { + if (fgets (uid, sizeof (uid), fp) != nullptr) { + envDir = tmpuser + "/" + uid; + } + fclose (fp); + } + } + } +#endif + + return envDir; + } + +#ifdef TC_LINUX + static string GetTmpUser () + { + string tmpuser = "/tmp/user"; + FILE *fp = fopen ("/etc/security/tmpdir.conf", "r"); + if (fp == NULL) { + return tmpuser; + } + while (true) { + /* Parses the same way as pam_tmpdir */ + char line[1024]; + if (fgets (line, sizeof (line), fp) == nullptr) { + break; + } + if (line[0] == '#') { + continue; + } + size_t len = strlen (line); + if (len > 0 && line[len-1] == '\n') { + line[len-1] = '\0'; + } + char *eq = strchr (line, '='); + if (eq == nullptr) { + continue; + } + *eq = '\0'; + const char *key = line; + const char *value = eq + 1; + if (strcmp (key, "tmpdir") == 0) { + tmpuser = value; + break; + } + } + fclose (fp); + return tmpuser; } + static bool SamePath (const string& path1, const string& path2) + { + size_t i1 = 0; + size_t i2 = 0; + while (i1 < path1.size () && i2 < path2.size ()) { + if (path1[i1] != path2[i2]) { + return false; + } + /* Any two substrings consisting entirely of slashes compare equal */ + if (path1[i1] == '/') { + while (i1 < path1.size () && path1[i1] == '/') { + ++i1; + } + while (i2 < path2.size () && path2[i2] == '/') { + ++i2; + } + } + else + { + ++i1; + ++i2; + } + } + return (i1 == path1.size () && i2 == path2.size ()); + } +#endif + bool CoreUnix::IsMountPointAvailable (const DirectoryPath &mountPoint) const { return GetMountedFilesystems (DevicePath(), mountPoint).size() == 0; @@ -440,8 +546,8 @@ namespace VeraCrypt options.Password, options.Pim, options.Kdf, - options.TrueCryptMode, options.Keyfiles, + options.EMVSupportEnabled, options.Protection, options.ProtectionPassword, options.ProtectionPim, @@ -477,7 +583,7 @@ namespace VeraCrypt const uint32 devSectorSize = volume->GetFile()->GetDeviceSectorSize(); const size_t volSectorSize = volume->GetSectorSize(); if (devSectorSize != volSectorSize) - throw DeviceSectorSizeMismatch (SRC_POS, StringConverter::ToWide(devSectorSize) + L" != " + StringConverter::ToWide(volSectorSize)); + throw DeviceSectorSizeMismatch (SRC_POS, StringConverter::ToWide(devSectorSize) + L" != " + StringConverter::ToWide((uint32) volSectorSize)); } // Find a free mount point for FUSE service @@ -585,7 +691,7 @@ namespace VeraCrypt { try { - chown (mountPoint.c_str(), GetRealUserId(), GetRealGroupId()); + throw_sys_sub_if (chown (mountPoint.c_str(), GetRealUserId(), GetRealGroupId()) == -1, mountPoint); } catch (...) { } } } |