wg-quick: freebsd: work around security vulnerabilities in bash

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2018-05-23 16:33:14 +02:00
parent 86dd5587a9
commit c99e6beecb

View file

@ -4,8 +4,6 @@
# Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. # Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
# #
# TODO: Are bash process subsitutions acceptable in FreeBSD, or do they create insecure temporary files?
set -e -o pipefail set -e -o pipefail
shopt -s extglob shopt -s extglob
export LC_ALL=C export LC_ALL=C
@ -40,6 +38,26 @@ die() {
CONFIG_SEARCH_PATHS=( /etc/wireguard /usr/local/etc/wireguard ) CONFIG_SEARCH_PATHS=( /etc/wireguard /usr/local/etc/wireguard )
unset ORIGINAL_TMPDIR
make_temp() {
local old_umask
[[ -v ORIGINAL_TMPDIR ]] && TMPDIR="$ORIGINAL_TMPDIR"
ORIGINAL_TMPDIR="$TMPDIR"
old_umask="$(umask)"
umask 077
export TMPDIR="$(mktemp -d)"
umask "$old_umask"
[[ -d $TMPDIR ]] || die "Unable to create safe temporary directory"
CLEANUP_TMPDIR="$TMPDIR"
}
clean_temp() {
[[ -n $CLEANUP_TMPDIR ]] && rm -rf "$CLEANUP_TMPDIR"
}
parse_options() { parse_options() {
local interface_section=0 line key value stripped path local interface_section=0 line key value stripped path
CONFIG_FILE="$1" CONFIG_FILE="$1"
@ -235,7 +253,8 @@ set_endpoint_direct_route() {
monitor_daemon() { monitor_daemon() {
echo "[+] Backgrounding route monitor" >&2 echo "[+] Backgrounding route monitor" >&2
(trap 'del_routes; exit 0' INT TERM EXIT (make_temp
trap 'del_routes; clean_temp; exit 0' INT TERM EXIT
exec >/dev/null 2>&1 exec >/dev/null 2>&1
local event local event
# TODO: this should also check to see if the endpoint actually changes # TODO: this should also check to see if the endpoint actually changes
@ -317,11 +336,11 @@ save_config() {
old_umask="$(umask)" old_umask="$(umask)"
umask 077 umask 077
current_config="$(cmd wg showconf "$INTERFACE")" current_config="$(cmd wg showconf "$INTERFACE")"
trap 'rm -f "$CONFIG_FILE.tmp"; exit' INT TERM EXIT trap 'rm -f "$CONFIG_FILE.tmp"; clean_temp; exit' INT TERM EXIT
echo "${current_config/\[Interface\]$'\n'/$new_config}" > "$CONFIG_FILE.tmp" || die "Could not write configuration file" echo "${current_config/\[Interface\]$'\n'/$new_config}" > "$CONFIG_FILE.tmp" || die "Could not write configuration file"
sync "$CONFIG_FILE.tmp" sync "$CONFIG_FILE.tmp"
mv "$CONFIG_FILE.tmp" "$CONFIG_FILE" || die "Could not move configuration file" mv "$CONFIG_FILE.tmp" "$CONFIG_FILE" || die "Could not move configuration file"
trap - INT TERM EXIT trap 'clean_temp; exit' INT TERM EXIT
umask "$old_umask" umask "$old_umask"
} }
@ -366,7 +385,7 @@ cmd_usage() {
cmd_up() { cmd_up() {
local i local i
[[ -z $(ifconfig "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists" [[ -z $(ifconfig "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists"
trap 'del_if; del_routes; exit' INT TERM EXIT trap 'del_if; del_routes; clean_temp; exit' INT TERM EXIT
execute_hooks "${PRE_UP[@]}" execute_hooks "${PRE_UP[@]}"
add_if add_if
set_config set_config
@ -382,7 +401,7 @@ cmd_up() {
[[ $AUTO_ROUTE4 -eq 1 || $AUTO_ROUTE6 -eq 1 ]] && set_endpoint_direct_route [[ $AUTO_ROUTE4 -eq 1 || $AUTO_ROUTE6 -eq 1 ]] && set_endpoint_direct_route
monitor_daemon monitor_daemon
execute_hooks "${POST_UP[@]}" execute_hooks "${POST_UP[@]}"
trap - INT TERM EXIT trap 'clean_temp; exit' INT TERM EXIT
} }
cmd_down() { cmd_down() {
@ -401,6 +420,9 @@ cmd_save() {
# ~~ function override insertion point ~~ # ~~ function override insertion point ~~
make_temp
trap 'clean_temp; exit' INT TERM EXIT
if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then
cmd_usage cmd_usage
elif [[ $# -eq 2 && $1 == up ]]; then elif [[ $# -eq 2 && $1 == up ]]; then