Logged, multi-user access to device consoles
Go to file
Jeff Moyer e4162a8a6d FileUnopen: always return a valid file descriptor
We have seen conserver crash due to a buffer overflow which was
tracked down to the following code in Spawn():

        if (pCLmall->fd != (CONSFILE *)0) {
            int fd;
            fd = FileUnopen(pCLmall->fd);
            pCLmall->fd = (CONSFILE *)0;
            CONDDEBUG((1, "Spawn(): closing Master() client fd %d", fd));
            close(fd);
*           FD_CLR(fd, &rinit);
            FD_CLR(fd, &winit);
        }

FileUnopen had returned -1 (which can happen for CONSFILEs of type
SSLSocket), and that was passed to FD_CLR, which essentially uses it
as an array index.

The signature of the crash is as follows:

*** buffer overflow detected ***: /usr/sbin/conserver terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x7facde1987a7]
/lib64/libc.so.6(+0x116922)[0x7facde196922]
/lib64/libc.so.6(+0x118707)[0x7facde198707]
/usr/sbin/conserver(+0x158d2)[0x558ddb5468d2]
/usr/sbin/conserver(+0x2581a)[0x558ddb55681a]
/usr/sbin/conserver(+0x1944f)[0x558ddb54a44f]
/usr/sbin/conserver(+0x78f8)[0x558ddb5388f8]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7facde0a2555]
/usr/sbin/conserver(+0x7c79)[0x558ddb538c79]

This happens after the server receives a HUP signal.

There are only two callers of FileUnopen, and the above call site is the
only one which uses the return value.  For that reason, I decided to
always return a valid file descriptor instead of changing the caller to
check for -1.  Note that FileUnopen() could still return -1 in theory:

    switch (cfp->ftype) {
...
        default:
            retval = -1;
            break;
    }

However, after auditing the code, I don't see how we would have a
CONSFILE that is not properly initialized with a type.  If I missed
such a case, then we would also need to modify the caller to check
for -1.

Signed-off-by: Jeff Moyer <jmoyer@redhat.com>
2023-11-10 17:33:15 -05:00
autologin format using gindent with personal options 2019-03-21 01:12:12 -07:00
conserver FileUnopen: always return a valid file descriptor 2023-11-10 17:33:15 -05:00
conserver.cf conserver: reflect that baud values have increased to 7 digits 2022-05-05 18:26:01 +00:00
console ran gindent to clean up formatting 2020-10-18 23:31:04 -07:00
contrib integrate contrib version bits to make-and-stage-release 2019-03-24 11:01:50 -07:00
package fixing links to github repo - from conserver to bstansell 2020-10-18 23:41:46 -07:00
test record updated test case output. 2022-05-05 18:30:19 +00:00
_config.yml Set theme jekyll-theme-cayman 2018-11-20 18:14:56 -08:00
.cirrus.yml move to freebsd-13-0 2022-07-07 17:42:34 -07:00
.gitignore adding .gitignore and not removing ~ files 2019-03-21 01:20:56 -07:00
CHANGES Release v8.2.7 2022-07-07 18:15:22 -07:00
compat.h Imported from conserver-8.2.0.tar.gz 2014-04-20 21:47:40 -07:00
configure.ac configure.ac: support libgssapi_krb5 2022-07-07 17:52:27 -07:00
FAQ removed the old rcs/cvs Id: tags 2018-05-28 09:34:15 -07:00
gen-version move get-version so it persists and autoreconf can be run with released version 2019-03-29 19:56:14 -07:00
INSTALL try and address license concerns with LICENSE.md 2020-05-25 14:53:00 -07:00
install-sh Imported from conserver-7.0.2.tar.gz 2001-06-15 17:44:07 -07:00
LICENSE Need to shuffle filenames for license detection 2018-03-21 20:28:10 -07:00
LICENSES another shuffle of names for license detection 2018-03-21 21:19:42 -07:00
LICENSES.md still not properly detecting - this will do it 2020-05-25 21:45:54 -07:00
Makefile.in Imported from conserver-8.1.19.tar.gz 2013-09-26 11:07:01 -07:00
PROTOCOL Correct typo 2019-03-13 13:21:36 -04:00
README.md fixing links to github repo - from conserver to bstansell 2020-10-18 23:41:46 -07:00
TODO removed the old rcs/cvs Id: tags 2018-05-28 09:34:15 -07:00

Conserver

Build Status

Conserver is an application that allows multiple users to watch a serial console at the same time. It can log the data, allows users to take write-access of a console (one at a time), and has a variety of bells and whistles to accentuate that basic functionality. The idea is that conserver will log all your serial traffic so you can go back and review why something crashed, look at changes (if done on the console), or tie the console logs into a monitoring system (just watch the logfiles it creates). With multi-user capabilities you can work on equipment with others, mentor, train, etc. It also does all that client-server stuff so that, assuming you have a network connection, you can interact with any of the equipment from home or wherever.

Documentation

See the INSTALL file for installation and the man pages for specifics.

Downloading

The latest version can be found on GitHub.

Contributions

Contributions distributed with the code can be found in the contrib subdirectory.