diff options
Diffstat (limited to 'src/socket.c')
| -rw-r--r-- | src/socket.c | 54 |
1 files changed, 28 insertions, 26 deletions
diff --git a/src/socket.c b/src/socket.c index aa01543..40c7aa7 100644 --- a/src/socket.c +++ b/src/socket.c @@ -23,13 +23,16 @@ switch_eids (uid_t *puid, gid_t *pgid, mode_t *pumask) uid_t ouid = geteuid (); gid_t ogid = getegid (); mode_t omask = umask (*pumask); - - if (setegid (*pgid)) - logmsg (LOG_ERR, _("cannot switch to EGID %lu: %s"), - (unsigned long) *pgid, strerror (errno)); - if (seteuid (*puid)) - logmsg (LOG_ERR, _("cannot switch to EUID %lu: %s"), - (unsigned long) *puid, strerror (errno)); + + if ((*puid && *puid != ouid) || (*pgid && *pgid != ogid)) + { + if (setegid (*pgid)) + logmsg (LOG_ERR, _("cannot switch to EGID %lu: %s"), + (unsigned long) *pgid, strerror (errno)); + if (seteuid (*puid)) + logmsg (LOG_ERR, _("cannot switch to EUID %lu: %s"), + (unsigned long) *puid, strerror (errno)); + } *puid = ouid; *pgid = ogid; *pumask = omask; @@ -51,14 +54,14 @@ create_socket (struct pies_url *url, int socket_type, uid_t uid = 0; gid_t gid = 0; int switch_back; - + if (strcmp (url->scheme, "unix") == 0 || strcmp (url->scheme, "file") == 0 || strcmp (url->scheme, "socket") == 0) { struct stat st; const char *group = NULL; - + user = url->user; if (url->argc) { @@ -99,7 +102,7 @@ create_socket (struct pies_url *url, int socket_type, } } } - + if (user) { struct passwd *pw = getpwnam (user); @@ -111,7 +114,7 @@ create_socket (struct pies_url *url, int socket_type, uid = pw->pw_uid; gid = pw->pw_gid; } - + if (group) { struct group *grp = getgrnam (group); @@ -122,7 +125,7 @@ create_socket (struct pies_url *url, int socket_type, } gid = grp->gr_gid; } - + if (strlen (url->path) > sizeof addr.s_un.sun_path) { errno = EINVAL; @@ -159,14 +162,14 @@ create_socket (struct pies_url *url, int socket_type, { const char *host = url->host; short port = url->port; - + uid = 0; gid = 0; umaskval = 0; addr.sa.sa_family = PF_INET; socklen = sizeof (addr.s_in); - + if (!host) addr.s_in.sin_addr.s_addr = INADDR_ANY; else @@ -185,7 +188,7 @@ create_socket (struct pies_url *url, int socket_type, memmove (&addr.s_in.sin_addr, hp->h_addr, 4); addr.s_in.sin_port = htons (port); break; - + default: logmsg (LOG_ERR, _("%s: unsupported address family"), url->string); @@ -198,7 +201,7 @@ create_socket (struct pies_url *url, int socket_type, logmsg (LOG_ERR, "%s: unknown scheme", url->string); return -1; } - + fd = socket (addr.sa.sa_family, socket_type, url->proto); if (fd == -1) { @@ -250,7 +253,7 @@ pass_fd0 (int fd, int payload) # ifndef CMSG_SPACE # define CMSG_SPACE(size) (sizeof(struct cmsghdr) + (size)) # endif /* ! CMSG_SPACE */ - + char control[CMSG_SPACE (sizeof (int))]; struct cmsghdr *cmptr; @@ -290,7 +293,7 @@ pass_fd (const char *socket_name, int fd, unsigned maxtime) int sockfd = -1; int res = -1; struct sockaddr_un addr; - + if (strlen (socket_name) > sizeof addr.sun_path) { logmsg (LOG_ERR, _("%s: UNIX socket name too long"), socket_name); @@ -298,7 +301,7 @@ pass_fd (const char *socket_name, int fd, unsigned maxtime) } addr.sun_family = AF_UNIX; strcpy (addr.sun_path, socket_name); - + for (;;) { time_t now = time (NULL); @@ -362,7 +365,7 @@ pass_fd (const char *socket_name, int fd, unsigned maxtime) int rc; fd_set fds; struct timeval tv; - + FD_ZERO (&fds); FD_SET (sockfd, &fds); tv.tv_usec = 0; @@ -430,7 +433,7 @@ calc_fd_max (void) } void * -register_socket (int fd, +register_socket (int fd, socket_handler_t rd, socket_handler_t wr, socket_handler_t ex, @@ -454,7 +457,7 @@ register_socket (int fd, FD_ZERO (&fdset[PIES_EVT_EX]); si_head = sip; } - + si_tail = sip; if (rd) FD_SET (fd, &fdset[PIES_EVT_RD]); @@ -493,7 +496,7 @@ delete_sockinst (struct sockinst *sp) if (sp->handler[PIES_EVT_EX]) FD_CLR (sp->fd, &fdset[PIES_EVT_EX]); fd_max = -1; - + if (sp->prev) sp->prev->next = sp->next; else @@ -572,7 +575,7 @@ pies_pause (void) { if (pies_pause_hook && pies_pause_hook ()) return; - + if (fd_max == -1) calc_fd_max (); @@ -581,7 +584,7 @@ pies_pause (void) fd_set rdset = fdset[PIES_EVT_RD]; fd_set wrset = fdset[PIES_EVT_WR]; fd_set exset = fdset[PIES_EVT_EX]; - + int rc = select (fd_max + 1, &rdset, &wrset, &exset, NULL); if (rc > 0) { @@ -637,4 +640,3 @@ pies_pause (void) } } } - |