error codes

This commit is contained in:
tylermurphy534 2022-11-08 20:18:26 -05:00
parent fc7086a6bf
commit c003d1d030

View file

@ -8,45 +8,54 @@ use serde_json::Value;
extern crate time;
const ERROR_ARGS: u8 = 1;
const ERROR_CONFIG: u8 = 2;
const ERROR_NO_USER: u8 = 3;
const ERROR_NOT_AUTHORIZED: u8 = 4;
const ERROR_AUTH_FAILED: u8 = 5;
const ERROR_RUN_ROOT: u8 = 6;
const SUCCESS: u8 = 0;
fn main() -> ExitCode {
let args: Vec<String> = env::args().collect();
if args.len() < 2 {
eprintln!("Invalid argument count.");
return ExitCode::from(0);
return ExitCode::from(ERROR_ARGS);
}
let config = match config("/etc/crab.conf") {
Some(data) => data,
None => return ExitCode::from(1)
None => return ExitCode::from(ERROR_CONFIG)
};
let user = match Passwd::current_user() {
Some(data) => data,
None => {
eprintln!("You dont exist.");
return ExitCode::from(2);
return ExitCode::from(ERROR_NO_USER);
}
};
let persist = match allowed(&config, &user.name) {
Some(data) => data,
None => {
eprintln!("Operation Not Permitted. This incidence will be reported.");
return ExitCode::from(3);
return ExitCode::from(ERROR_NOT_AUTHORIZED);
}
};
if !validate(&user.name, persist) {
eprintln!("Authentication failed.");
return ExitCode::from(4);
return ExitCode::from(ERROR_AUTH_FAILED);
}
if !unistd::setuid(unistd::geteuid()).is_ok() || !unistd::setgid(unistd::getegid()).is_ok() {
eprintln!("Failed to set root permissions");
return ExitCode::from(5);
return ExitCode::from(ERROR_RUN_ROOT);
};
let err = exec::execvp(&args[1], &args[1..]);
println!("Error: {}", err);
ExitCode::from(0)
ExitCode::from(SUCCESS)
}
struct Config {
@ -57,8 +66,14 @@ fn validate(user: &str, persist: bool) -> bool {
if persist && get_persist(user) {
return true;
}
let input = rpassword::prompt_password(format!("crab ({}) password: ", user)).unwrap();
let mut auth = pam::Authenticator::with_password("crab").unwrap();
let input = match rpassword::prompt_password(format!("crab ({}) password: ", user)) {
Ok(data) => data,
Err(_) => return false
};
let mut auth = match pam::Authenticator::with_password("crab") {
Ok(data) => data,
Err(_) => return false
};
auth.get_handler().set_credentials(user.to_owned(), input);
if !auth.authenticate().is_ok() || !auth.open_session().is_ok() {
return false;