diff options
author | Christian Fuchs <christian.fuchs@cfuchs.net> | 2013-04-15 12:36:37 +0000 |
---|---|---|
committer | Christian Fuchs <christian.fuchs@cfuchs.net> | 2013-04-15 12:36:37 +0000 |
commit | ad68ae150f17cf6e0b2c605c9331cf0aedfce1d0 (patch) | |
tree | 9079e9ce1b942683e45f2f5212fe2f9ce1bd5d56 /src/exit | |
parent | fbda84a3f00a667f4b149f00f9a7d330e5db54a8 (diff) | |
download | gnunet-ad68ae150f17cf6e0b2c605c9331cf0aedfce1d0.tar.gz gnunet-ad68ae150f17cf6e0b2c605c9331cf0aedfce1d0.zip |
extended the GNUNET_OS_check_helper_binary parameters to do previlege
checking in windows. To do so, tested binaries must still be supplied
with valid commandline arguments, but on windows gnunet will utilize the
-d flag to run the programs initialization phase or privileged
operations only. In these modes, a program will not enter its mainloop
or communicate with the outside.
updated relevant function calls gnunet-wide to meet the extended
function parameters.
Diffstat (limited to 'src/exit')
-rw-r--r-- | src/exit/gnunet-daemon-exit.c | 2 | ||||
-rw-r--r-- | src/exit/gnunet-helper-exit-windows.c | 17 |
2 files changed, 9 insertions, 10 deletions
diff --git a/src/exit/gnunet-daemon-exit.c b/src/exit/gnunet-daemon-exit.c index 877630fa8..2c5bb1ecd 100644 --- a/src/exit/gnunet-daemon-exit.c +++ b/src/exit/gnunet-daemon-exit.c | |||
@@ -3344,7 +3344,7 @@ run (void *cls, char *const *args GNUNET_UNUSED, | |||
3344 | { | 3344 | { |
3345 | binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit"); | 3345 | binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit"); |
3346 | if (GNUNET_YES != | 3346 | if (GNUNET_YES != |
3347 | GNUNET_OS_check_helper_binary (binary)) | 3347 | GNUNET_OS_check_helper_binary (binary, TRUE, NULL)) // FIXME: CF: add test-parameters |
3348 | { | 3348 | { |
3349 | GNUNET_free (binary); | 3349 | GNUNET_free (binary); |
3350 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 3350 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
diff --git a/src/exit/gnunet-helper-exit-windows.c b/src/exit/gnunet-helper-exit-windows.c index e6ade4ba3..dd6237bc6 100644 --- a/src/exit/gnunet-helper-exit-windows.c +++ b/src/exit/gnunet-helper-exit-windows.c | |||
@@ -63,9 +63,9 @@ | |||
63 | #endif | 63 | #endif |
64 | 64 | ||
65 | /** | 65 | /** |
66 | * Will this binary be run in dryrun-mode? | 66 | * Will this binary be run in permissions testing mode? |
67 | */ | 67 | */ |
68 | static BOOL dryrun = FALSE; | 68 | static boolean privilege_testing = FALSE; |
69 | 69 | ||
70 | /** | 70 | /** |
71 | * Maximum size of a GNUnet message (GNUNET_SERVER_MAX_MESSAGE_SIZE) | 71 | * Maximum size of a GNUnet message (GNUNET_SERVER_MAX_MESSAGE_SIZE) |
@@ -1357,9 +1357,9 @@ run (HANDLE tap_handle) | |||
1357 | * DHCP and such are all features we will never use in gnunet afaik. | 1357 | * DHCP and such are all features we will never use in gnunet afaik. |
1358 | * But for openvpn those are essential. | 1358 | * But for openvpn those are essential. |
1359 | */ | 1359 | */ |
1360 | if (! tun_up (tap_handle)) | 1360 | if ((privilege_testing) || (! tun_up (tap_handle) )) |
1361 | return; | 1361 | goto teardown_final; |
1362 | 1362 | ||
1363 | /* Initialize our overlapped IO structures*/ | 1363 | /* Initialize our overlapped IO structures*/ |
1364 | if (! (initialize_io_facility (&tap_read, IOSTATE_READY, FALSE) | 1364 | if (! (initialize_io_facility (&tap_read, IOSTATE_READY, FALSE) |
1365 | && initialize_io_facility (&tap_write, IOSTATE_WAITING, TRUE) | 1365 | && initialize_io_facility (&tap_write, IOSTATE_WAITING, TRUE) |
@@ -1412,8 +1412,6 @@ run (HANDLE tap_handle) | |||
1412 | goto teardown; | 1412 | goto teardown; |
1413 | } | 1413 | } |
1414 | #endif | 1414 | #endif |
1415 | if (dryrun) | ||
1416 | goto teardown; | ||
1417 | 1415 | ||
1418 | fprintf (stderr, "DEBUG: mainloop has begun\n"); | 1416 | fprintf (stderr, "DEBUG: mainloop has begun\n"); |
1419 | 1417 | ||
@@ -1471,11 +1469,12 @@ main (int argc, char **argv) | |||
1471 | BOOL have_nat44 = FALSE; | 1469 | BOOL have_nat44 = FALSE; |
1472 | 1470 | ||
1473 | if ( (1 < argc) && (0 != strcmp (argv[1], "-d"))){ | 1471 | if ( (1 < argc) && (0 != strcmp (argv[1], "-d"))){ |
1474 | dryrun = TRUE; | 1472 | privilege_testing = TRUE; |
1475 | fprintf (stderr, "DEBUG: Running binary in dryrun mode.", argv[0]); | 1473 | fprintf (stderr, "DEBUG: Running binary in privilege testing mode.", argv[0]); |
1476 | argv++; | 1474 | argv++; |
1477 | argc--; | 1475 | argc--; |
1478 | } | 1476 | } |
1477 | |||
1479 | if (6 != argc) | 1478 | if (6 != argc) |
1480 | { | 1479 | { |
1481 | fprintf (stderr, "FATAL: must supply 6 arguments\nUsage:\ngnunet-helper-exit [-d] <if name prefix> <uplink-interface name> <address6 or \"-\"> <netbits6> <address4 or \"-\"> <netmask4>\n", argv[0]); | 1480 | fprintf (stderr, "FATAL: must supply 6 arguments\nUsage:\ngnunet-helper-exit [-d] <if name prefix> <uplink-interface name> <address6 or \"-\"> <netbits6> <address4 or \"-\"> <netmask4>\n", argv[0]); |