diff options
author | lurchi <lurchi@strangeplace.net> | 2018-11-26 19:04:02 +0100 |
---|---|---|
committer | lurchi <lurchi@strangeplace.net> | 2019-06-27 18:22:24 +0200 |
commit | 7aba81537bfb410ab71db1702dbf2f1104b5d39f (patch) | |
tree | 8b99ed390080ec22b4ab8958f74a05a61591abd0 /src/vpn | |
parent | e9a48fc54a426debfac840e5b1c228047133ef10 (diff) | |
download | gnunet-7aba81537bfb410ab71db1702dbf2f1104b5d39f.tar.gz gnunet-7aba81537bfb410ab71db1702dbf2f1104b5d39f.zip |
consider HELPER_PATH for setuid binaries
Diffstat (limited to 'src/vpn')
-rw-r--r-- | src/vpn/gnunet-service-vpn.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/src/vpn/gnunet-service-vpn.c b/src/vpn/gnunet-service-vpn.c index 91bc13fd8..7f9209b67 100644 --- a/src/vpn/gnunet-service-vpn.c +++ b/src/vpn/gnunet-service-vpn.c | |||
@@ -2934,10 +2934,17 @@ run (void *cls, | |||
2934 | char *ipv4mask; | 2934 | char *ipv4mask; |
2935 | struct in_addr v4; | 2935 | struct in_addr v4; |
2936 | struct in6_addr v6; | 2936 | struct in6_addr v6; |
2937 | char *helper_path; | ||
2937 | char *binary; | 2938 | char *binary; |
2938 | 2939 | ||
2939 | binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn"); | 2940 | cfg = cfg_; |
2940 | 2941 | helper_path = NULL; | |
2942 | GNUNET_CONFIGURATION_get_value_string (cfg, | ||
2943 | "VPN", | ||
2944 | "HELPER_PATH", | ||
2945 | &helper_path); | ||
2946 | binary = GNUNET_OS_get_binary_path ("gnunet-helper-vpn", helper_path); | ||
2947 | GNUNET_free_non_null (helper_path); | ||
2941 | if (GNUNET_YES != | 2948 | if (GNUNET_YES != |
2942 | GNUNET_OS_check_helper_binary (binary, | 2949 | GNUNET_OS_check_helper_binary (binary, |
2943 | GNUNET_YES, | 2950 | GNUNET_YES, |
@@ -2953,8 +2960,6 @@ run (void *cls, | |||
2953 | anything either */ | 2960 | anything either */ |
2954 | return; | 2961 | return; |
2955 | } | 2962 | } |
2956 | GNUNET_free (binary); | ||
2957 | cfg = cfg_; | ||
2958 | stats = GNUNET_STATISTICS_create ("vpn", cfg); | 2963 | stats = GNUNET_STATISTICS_create ("vpn", cfg); |
2959 | if (GNUNET_OK != | 2964 | if (GNUNET_OK != |
2960 | GNUNET_CONFIGURATION_get_value_number (cfg, | 2965 | GNUNET_CONFIGURATION_get_value_number (cfg, |
@@ -2980,6 +2985,7 @@ run (void *cls, | |||
2980 | GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IFNAME", &ifname)) | 2985 | GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IFNAME", &ifname)) |
2981 | { | 2986 | { |
2982 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IFNAME"); | 2987 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IFNAME"); |
2988 | GNUNET_free (binary); | ||
2983 | GNUNET_SCHEDULER_shutdown (); | 2989 | GNUNET_SCHEDULER_shutdown (); |
2984 | return; | 2990 | return; |
2985 | } | 2991 | } |
@@ -2995,6 +3001,7 @@ run (void *cls, | |||
2995 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6ADDR", | 3001 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6ADDR", |
2996 | _("Must specify valid IPv6 address")); | 3002 | _("Must specify valid IPv6 address")); |
2997 | GNUNET_SCHEDULER_shutdown (); | 3003 | GNUNET_SCHEDULER_shutdown (); |
3004 | GNUNET_free (binary); | ||
2998 | GNUNET_free_non_null (ipv6addr); | 3005 | GNUNET_free_non_null (ipv6addr); |
2999 | return; | 3006 | return; |
3000 | } | 3007 | } |
@@ -3006,6 +3013,7 @@ run (void *cls, | |||
3006 | { | 3013 | { |
3007 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6PREFIX"); | 3014 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6PREFIX"); |
3008 | GNUNET_SCHEDULER_shutdown (); | 3015 | GNUNET_SCHEDULER_shutdown (); |
3016 | GNUNET_free (binary); | ||
3009 | GNUNET_free_non_null (ipv6prefix_s); | 3017 | GNUNET_free_non_null (ipv6prefix_s); |
3010 | return; | 3018 | return; |
3011 | } | 3019 | } |
@@ -3018,6 +3026,7 @@ run (void *cls, | |||
3018 | { | 3026 | { |
3019 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4MASK", | 3027 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4MASK", |
3020 | _("Must specify valid IPv6 mask")); | 3028 | _("Must specify valid IPv6 mask")); |
3029 | GNUNET_free (binary); | ||
3021 | GNUNET_SCHEDULER_shutdown (); | 3030 | GNUNET_SCHEDULER_shutdown (); |
3022 | return; | 3031 | return; |
3023 | } | 3032 | } |
@@ -3039,6 +3048,7 @@ run (void *cls, | |||
3039 | { | 3048 | { |
3040 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4ADDR", | 3049 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4ADDR", |
3041 | _("Must specify valid IPv4 address")); | 3050 | _("Must specify valid IPv4 address")); |
3051 | GNUNET_free (binary); | ||
3042 | GNUNET_SCHEDULER_shutdown (); | 3052 | GNUNET_SCHEDULER_shutdown (); |
3043 | GNUNET_free_non_null (ipv4addr); | 3053 | GNUNET_free_non_null (ipv4addr); |
3044 | return; | 3054 | return; |
@@ -3053,6 +3063,7 @@ run (void *cls, | |||
3053 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4MASK", | 3063 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV4MASK", |
3054 | _("Must specify valid IPv4 mask")); | 3064 | _("Must specify valid IPv4 mask")); |
3055 | GNUNET_SCHEDULER_shutdown (); | 3065 | GNUNET_SCHEDULER_shutdown (); |
3066 | GNUNET_free (binary); | ||
3056 | GNUNET_free_non_null (ipv4mask); | 3067 | GNUNET_free_non_null (ipv4mask); |
3057 | return; | 3068 | return; |
3058 | } | 3069 | } |
@@ -3070,8 +3081,9 @@ run (void *cls, | |||
3070 | cadet_handle = GNUNET_CADET_connect (cfg_); | 3081 | cadet_handle = GNUNET_CADET_connect (cfg_); |
3071 | // FIXME never opens ports??? | 3082 | // FIXME never opens ports??? |
3072 | helper_handle = GNUNET_HELPER_start (GNUNET_NO, | 3083 | helper_handle = GNUNET_HELPER_start (GNUNET_NO, |
3073 | "gnunet-helper-vpn", vpn_argv, | 3084 | binary, vpn_argv, |
3074 | &message_token, NULL, NULL); | 3085 | &message_token, NULL, NULL); |
3086 | GNUNET_free (binary); | ||
3075 | GNUNET_SCHEDULER_add_shutdown (&cleanup, | 3087 | GNUNET_SCHEDULER_add_shutdown (&cleanup, |
3076 | NULL); | 3088 | NULL); |
3077 | } | 3089 | } |