aboutsummaryrefslogtreecommitdiff
path: root/src/socket.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/socket.c')
-rw-r--r--src/socket.c54
1 files changed, 28 insertions, 26 deletions
diff --git a/src/socket.c b/src/socket.c
index aa01543..40c7aa7 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -23,13 +23,16 @@ switch_eids (uid_t *puid, gid_t *pgid, mode_t *pumask)
23 uid_t ouid = geteuid (); 23 uid_t ouid = geteuid ();
24 gid_t ogid = getegid (); 24 gid_t ogid = getegid ();
25 mode_t omask = umask (*pumask); 25 mode_t omask = umask (*pumask);
26 26
27 if (setegid (*pgid)) 27 if ((*puid && *puid != ouid) || (*pgid && *pgid != ogid))
28 logmsg (LOG_ERR, _("cannot switch to EGID %lu: %s"), 28 {
29 (unsigned long) *pgid, strerror (errno)); 29 if (setegid (*pgid))
30 if (seteuid (*puid)) 30 logmsg (LOG_ERR, _("cannot switch to EGID %lu: %s"),
31 logmsg (LOG_ERR, _("cannot switch to EUID %lu: %s"), 31 (unsigned long) *pgid, strerror (errno));
32 (unsigned long) *puid, strerror (errno)); 32 if (seteuid (*puid))
33 logmsg (LOG_ERR, _("cannot switch to EUID %lu: %s"),
34 (unsigned long) *puid, strerror (errno));
35 }
33 *puid = ouid; 36 *puid = ouid;
34 *pgid = ogid; 37 *pgid = ogid;
35 *pumask = omask; 38 *pumask = omask;
@@ -51,14 +54,14 @@ create_socket (struct pies_url *url, int socket_type,
51 uid_t uid = 0; 54 uid_t uid = 0;
52 gid_t gid = 0; 55 gid_t gid = 0;
53 int switch_back; 56 int switch_back;
54 57
55 if (strcmp (url->scheme, "unix") == 0 58 if (strcmp (url->scheme, "unix") == 0
56 || strcmp (url->scheme, "file") == 0 59 || strcmp (url->scheme, "file") == 0
57 || strcmp (url->scheme, "socket") == 0) 60 || strcmp (url->scheme, "socket") == 0)
58 { 61 {
59 struct stat st; 62 struct stat st;
60 const char *group = NULL; 63 const char *group = NULL;
61 64
62 user = url->user; 65 user = url->user;
63 if (url->argc) 66 if (url->argc)
64 { 67 {
@@ -99,7 +102,7 @@ create_socket (struct pies_url *url, int socket_type,
99 } 102 }
100 } 103 }
101 } 104 }
102 105
103 if (user) 106 if (user)
104 { 107 {
105 struct passwd *pw = getpwnam (user); 108 struct passwd *pw = getpwnam (user);
@@ -111,7 +114,7 @@ create_socket (struct pies_url *url, int socket_type,
111 uid = pw->pw_uid; 114 uid = pw->pw_uid;
112 gid = pw->pw_gid; 115 gid = pw->pw_gid;
113 } 116 }
114 117
115 if (group) 118 if (group)
116 { 119 {
117 struct group *grp = getgrnam (group); 120 struct group *grp = getgrnam (group);
@@ -122,7 +125,7 @@ create_socket (struct pies_url *url, int socket_type,
122 } 125 }
123 gid = grp->gr_gid; 126 gid = grp->gr_gid;
124 } 127 }
125 128
126 if (strlen (url->path) > sizeof addr.s_un.sun_path) 129 if (strlen (url->path) > sizeof addr.s_un.sun_path)
127 { 130 {
128 errno = EINVAL; 131 errno = EINVAL;
@@ -159,14 +162,14 @@ create_socket (struct pies_url *url, int socket_type,
159 { 162 {
160 const char *host = url->host; 163 const char *host = url->host;
161 short port = url->port; 164 short port = url->port;
162 165
163 uid = 0; 166 uid = 0;
164 gid = 0; 167 gid = 0;
165 umaskval = 0; 168 umaskval = 0;
166 169
167 addr.sa.sa_family = PF_INET; 170 addr.sa.sa_family = PF_INET;
168 socklen = sizeof (addr.s_in); 171 socklen = sizeof (addr.s_in);
169 172
170 if (!host) 173 if (!host)
171 addr.s_in.sin_addr.s_addr = INADDR_ANY; 174 addr.s_in.sin_addr.s_addr = INADDR_ANY;
172 else 175 else
@@ -185,7 +188,7 @@ create_socket (struct pies_url *url, int socket_type,
185 memmove (&addr.s_in.sin_addr, hp->h_addr, 4); 188 memmove (&addr.s_in.sin_addr, hp->h_addr, 4);
186 addr.s_in.sin_port = htons (port); 189 addr.s_in.sin_port = htons (port);
187 break; 190 break;
188 191
189 default: 192 default:
190 logmsg (LOG_ERR, _("%s: unsupported address family"), 193 logmsg (LOG_ERR, _("%s: unsupported address family"),
191 url->string); 194 url->string);
@@ -198,7 +201,7 @@ create_socket (struct pies_url *url, int socket_type,
198 logmsg (LOG_ERR, "%s: unknown scheme", url->string); 201 logmsg (LOG_ERR, "%s: unknown scheme", url->string);
199 return -1; 202 return -1;
200 } 203 }
201 204
202 fd = socket (addr.sa.sa_family, socket_type, url->proto); 205 fd = socket (addr.sa.sa_family, socket_type, url->proto);
203 if (fd == -1) 206 if (fd == -1)
204 { 207 {
@@ -250,7 +253,7 @@ pass_fd0 (int fd, int payload)
250# ifndef CMSG_SPACE 253# ifndef CMSG_SPACE
251# define CMSG_SPACE(size) (sizeof(struct cmsghdr) + (size)) 254# define CMSG_SPACE(size) (sizeof(struct cmsghdr) + (size))
252# endif /* ! CMSG_SPACE */ 255# endif /* ! CMSG_SPACE */
253 256
254 char control[CMSG_SPACE (sizeof (int))]; 257 char control[CMSG_SPACE (sizeof (int))];
255 struct cmsghdr *cmptr; 258 struct cmsghdr *cmptr;
256 259
@@ -290,7 +293,7 @@ pass_fd (const char *socket_name, int fd, unsigned maxtime)
290 int sockfd = -1; 293 int sockfd = -1;
291 int res = -1; 294 int res = -1;
292 struct sockaddr_un addr; 295 struct sockaddr_un addr;
293 296
294 if (strlen (socket_name) > sizeof addr.sun_path) 297 if (strlen (socket_name) > sizeof addr.sun_path)
295 { 298 {
296 logmsg (LOG_ERR, _("%s: UNIX socket name too long"), socket_name); 299 logmsg (LOG_ERR, _("%s: UNIX socket name too long"), socket_name);
@@ -298,7 +301,7 @@ pass_fd (const char *socket_name, int fd, unsigned maxtime)
298 } 301 }
299 addr.sun_family = AF_UNIX; 302 addr.sun_family = AF_UNIX;
300 strcpy (addr.sun_path, socket_name); 303 strcpy (addr.sun_path, socket_name);
301 304
302 for (;;) 305 for (;;)
303 { 306 {
304 time_t now = time (NULL); 307 time_t now = time (NULL);
@@ -362,7 +365,7 @@ pass_fd (const char *socket_name, int fd, unsigned maxtime)
362 int rc; 365 int rc;
363 fd_set fds; 366 fd_set fds;
364 struct timeval tv; 367 struct timeval tv;
365 368
366 FD_ZERO (&fds); 369 FD_ZERO (&fds);
367 FD_SET (sockfd, &fds); 370 FD_SET (sockfd, &fds);
368 tv.tv_usec = 0; 371 tv.tv_usec = 0;
@@ -430,7 +433,7 @@ calc_fd_max (void)
430} 433}
431 434
432void * 435void *
433register_socket (int fd, 436register_socket (int fd,
434 socket_handler_t rd, 437 socket_handler_t rd,
435 socket_handler_t wr, 438 socket_handler_t wr,
436 socket_handler_t ex, 439 socket_handler_t ex,
@@ -454,7 +457,7 @@ register_socket (int fd,
454 FD_ZERO (&fdset[PIES_EVT_EX]); 457 FD_ZERO (&fdset[PIES_EVT_EX]);
455 si_head = sip; 458 si_head = sip;
456 } 459 }
457 460
458 si_tail = sip; 461 si_tail = sip;
459 if (rd) 462 if (rd)
460 FD_SET (fd, &fdset[PIES_EVT_RD]); 463 FD_SET (fd, &fdset[PIES_EVT_RD]);
@@ -493,7 +496,7 @@ delete_sockinst (struct sockinst *sp)
493 if (sp->handler[PIES_EVT_EX]) 496 if (sp->handler[PIES_EVT_EX])
494 FD_CLR (sp->fd, &fdset[PIES_EVT_EX]); 497 FD_CLR (sp->fd, &fdset[PIES_EVT_EX]);
495 fd_max = -1; 498 fd_max = -1;
496 499
497 if (sp->prev) 500 if (sp->prev)
498 sp->prev->next = sp->next; 501 sp->prev->next = sp->next;
499 else 502 else
@@ -572,7 +575,7 @@ pies_pause (void)
572{ 575{
573 if (pies_pause_hook && pies_pause_hook ()) 576 if (pies_pause_hook && pies_pause_hook ())
574 return; 577 return;
575 578
576 if (fd_max == -1) 579 if (fd_max == -1)
577 calc_fd_max (); 580 calc_fd_max ();
578 581
@@ -581,7 +584,7 @@ pies_pause (void)
581 fd_set rdset = fdset[PIES_EVT_RD]; 584 fd_set rdset = fdset[PIES_EVT_RD];
582 fd_set wrset = fdset[PIES_EVT_WR]; 585 fd_set wrset = fdset[PIES_EVT_WR];
583 fd_set exset = fdset[PIES_EVT_EX]; 586 fd_set exset = fdset[PIES_EVT_EX];
584 587
585 int rc = select (fd_max + 1, &rdset, &wrset, &exset, NULL); 588 int rc = select (fd_max + 1, &rdset, &wrset, &exset, NULL);
586 if (rc > 0) 589 if (rc > 0)
587 { 590 {
@@ -637,4 +640,3 @@ pies_pause (void)
637 } 640 }
638 } 641 }
639} 642}
640

Return to:

Send suggestions and report system problems to the System administrator.