diff options
author | Christian Grothoff <christian@grothoff.org> | 2011-07-07 16:02:57 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2011-07-07 16:02:57 +0000 |
commit | 9e7b81a3cbc81c555811c2a9386e340570612f36 (patch) | |
tree | dd0302e4a65278c26fc2f0d16853c254941d247d /src/nat/nat.c | |
parent | 1c5ace41aa144afd32221db565c6f627765afdd0 (diff) | |
download | gnunet-9e7b81a3cbc81c555811c2a9386e340570612f36.tar.gz gnunet-9e7b81a3cbc81c555811c2a9386e340570612f36.zip |
move SUID test code to util
Diffstat (limited to 'src/nat/nat.c')
-rw-r--r-- | src/nat/nat.c | 119 |
1 files changed, 2 insertions, 117 deletions
diff --git a/src/nat/nat.c b/src/nat/nat.c index 182697e2b..2f38998e5 100644 --- a/src/nat/nat.c +++ b/src/nat/nat.c | |||
@@ -675,121 +675,6 @@ process_interfaces (void *cls, | |||
675 | 675 | ||
676 | 676 | ||
677 | /** | 677 | /** |
678 | * Return the actual path to a file found in the current | ||
679 | * PATH environment variable. | ||
680 | * | ||
681 | * @param binary the name of the file to find | ||
682 | * @return path to binary, NULL if not found | ||
683 | */ | ||
684 | static char * | ||
685 | get_path_from_PATH (const char *binary) | ||
686 | { | ||
687 | char *path; | ||
688 | char *pos; | ||
689 | char *end; | ||
690 | char *buf; | ||
691 | const char *p; | ||
692 | |||
693 | p = getenv ("PATH"); | ||
694 | if (p == NULL) | ||
695 | { | ||
696 | GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR, | ||
697 | "tcp", | ||
698 | _("PATH environment variable is unset.\n")); | ||
699 | return NULL; | ||
700 | } | ||
701 | path = GNUNET_strdup (p); /* because we write on it */ | ||
702 | buf = GNUNET_malloc (strlen (path) + 20); | ||
703 | pos = path; | ||
704 | |||
705 | while (NULL != (end = strchr (pos, PATH_SEPARATOR))) | ||
706 | { | ||
707 | *end = '\0'; | ||
708 | sprintf (buf, "%s/%s", pos, binary); | ||
709 | if (GNUNET_DISK_file_test (buf) == GNUNET_YES) | ||
710 | { | ||
711 | GNUNET_free (path); | ||
712 | return buf; | ||
713 | } | ||
714 | pos = end + 1; | ||
715 | } | ||
716 | sprintf (buf, "%s/%s", pos, binary); | ||
717 | if (GNUNET_DISK_file_test (buf) == GNUNET_YES) | ||
718 | { | ||
719 | GNUNET_free (path); | ||
720 | return buf; | ||
721 | } | ||
722 | GNUNET_free (buf); | ||
723 | GNUNET_free (path); | ||
724 | return NULL; | ||
725 | } | ||
726 | |||
727 | |||
728 | /** | ||
729 | * Check whether the suid bit is set on a file. | ||
730 | * Attempts to find the file using the current | ||
731 | * PATH environment variable as a search path. | ||
732 | * | ||
733 | * @param binary the name of the file to check | ||
734 | * @return GNUNET_YES if the file is SUID, | ||
735 | * GNUNET_NO if not, | ||
736 | * GNUNET_SYSERR on error | ||
737 | */ | ||
738 | static int | ||
739 | check_gnunet_nat_binary (const char *binary) | ||
740 | { | ||
741 | struct stat statbuf; | ||
742 | char *p; | ||
743 | #ifdef MINGW | ||
744 | SOCKET rawsock; | ||
745 | char *binaryexe; | ||
746 | |||
747 | GNUNET_asprintf (&binaryexe, "%s.exe", binary); | ||
748 | p = get_path_from_PATH (binaryexe); | ||
749 | free (binaryexe); | ||
750 | #else | ||
751 | p = get_path_from_PATH (binary); | ||
752 | #endif | ||
753 | if (p == NULL) | ||
754 | { | ||
755 | GNUNET_log_from (GNUNET_ERROR_TYPE_ERROR, | ||
756 | "tcp", | ||
757 | _("Could not find binary `%s' in PATH!\n"), | ||
758 | binary); | ||
759 | return GNUNET_NO; | ||
760 | } | ||
761 | if (0 != STAT (p, &statbuf)) | ||
762 | { | ||
763 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
764 | _("stat (%s) failed: %s\n"), | ||
765 | p, | ||
766 | STRERROR (errno)); | ||
767 | GNUNET_free (p); | ||
768 | return GNUNET_SYSERR; | ||
769 | } | ||
770 | GNUNET_free (p); | ||
771 | #ifndef MINGW | ||
772 | if ( (0 != (statbuf.st_mode & S_ISUID)) && | ||
773 | (statbuf.st_uid == 0) ) | ||
774 | return GNUNET_YES; | ||
775 | return GNUNET_NO; | ||
776 | #else | ||
777 | rawsock = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP); | ||
778 | if (INVALID_SOCKET == rawsock) | ||
779 | { | ||
780 | DWORD err = GetLastError (); | ||
781 | GNUNET_log_from (GNUNET_ERROR_TYPE_WARNING, | ||
782 | "tcp", | ||
783 | "socket (AF_INET, SOCK_RAW, IPPROTO_ICMP) failed! GLE = %d\n", err); | ||
784 | return GNUNET_NO; /* not running as administrator */ | ||
785 | } | ||
786 | closesocket (rawsock); | ||
787 | return GNUNET_YES; | ||
788 | #endif | ||
789 | } | ||
790 | |||
791 | |||
792 | /** | ||
793 | * Task that restarts the gnunet-helper-nat-server process after a crash | 678 | * Task that restarts the gnunet-helper-nat-server process after a crash |
794 | * after a certain delay. | 679 | * after a certain delay. |
795 | * | 680 | * |
@@ -1251,7 +1136,7 @@ GNUNET_NAT_register (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
1251 | /* Test for SUID binaries */ | 1136 | /* Test for SUID binaries */ |
1252 | if ( (h->behind_nat == GNUNET_YES) && | 1137 | if ( (h->behind_nat == GNUNET_YES) && |
1253 | (GNUNET_YES == h->enable_nat_server) && | 1138 | (GNUNET_YES == h->enable_nat_server) && |
1254 | (GNUNET_YES != check_gnunet_nat_binary("gnunet-helper-nat-server")) ) | 1139 | (GNUNET_YES != GNUNET_OS_check_helper_binary("gnunet-helper-nat-server")) ) |
1255 | { | 1140 | { |
1256 | h->enable_nat_server = GNUNET_NO; | 1141 | h->enable_nat_server = GNUNET_NO; |
1257 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1142 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
@@ -1259,7 +1144,7 @@ GNUNET_NAT_register (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
1259 | "gnunet-helper-nat-server"); | 1144 | "gnunet-helper-nat-server"); |
1260 | } | 1145 | } |
1261 | if ( (GNUNET_YES == h->enable_nat_client) && | 1146 | if ( (GNUNET_YES == h->enable_nat_client) && |
1262 | (GNUNET_YES != check_gnunet_nat_binary("gnunet-helper-nat-client")) ) | 1147 | (GNUNET_YES != GNUNET_OS_check_helper_binary("gnunet-helper-nat-client")) ) |
1263 | { | 1148 | { |
1264 | h->enable_nat_client = GNUNET_NO; | 1149 | h->enable_nat_client = GNUNET_NO; |
1265 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1150 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |