Hello! I am porting a stupid program to OpenBSD and found a roadblock.
The program is a terminal game launcher. It is intended to serve roguelike games over telnet or SSH.The main project site is http://github.com/paxed/dgamelaunch. So far I have sanitized the autoconf config file to use OpenBSD and replaced the program's crypt() calls with OpenBSD's cryptools alternatives. The problem I am fazing now is that when I attempt to create a new user, the program gets stuck in an sqlite3_exec() call until I hit Enter. This is specially puzzling because the program is not supposed to be accepting user input at that point. And once Enter is hit, the sqlite3_exec() action is actually performed properly(!). If anybody is aware of any reason why sqlite_exec() would get stuck, I'd be glad to hear. How to reproduce (I recommend using a spare system, because this program is kinda intrusive): The program is intended to be suid, chroot into some directory and drop privileges. Prepare a directory for runnign a chroot in it. Download the current code: gopher://gopher.operationalsecurity.es/5/dgamelaunch-openbsd.tar Untar it somewhere. Configure a build environment (export CPATH=/usr/local/include, export LIBRARY_PATH=/usr/lical/lib, etc) Configure the build with ./autogen.sh --enable-sqlite --with-config-file=/path/of/chroot/etc/dgamelaunch.conf Make it with gmake. Edit example/dgamelaunch.conf in the source code folder to suit your needs. For a quick test, you only need to change the chroot=, shed_uid= and shed_guid= options. Edit dgl-create-chroot in the source code folder. The only important value to change is chroot=. Execute the dgl-create-chroot script as root, which will populate the chroot directory you have selected. Set the suid bit of the dgamelaunch binary and execute it. It will chroot into the directory and offer you a bunch of options. Registrate a new user (r) and go with the instructions. The bug is triggered after you enter your email address. The ncurses interface gets frozen and nothing gets written to the database. Then you hit enter while the interface is frozen, and it returns back to normal. I think the problem is triggered in the writefile function in dgamelaunch.c, where sqlite_exec() gets called. Help and suggestions are appreciated. AFAIK the main project is dead. -- OpenPGP Key Fingerprint: BB5A C2A2 2CAD ACB7 D50D C081 1DB9 6FC4 5AB7 92FA
