mirror of
https://github.com/sheumann/hush.git
synced 2025-01-03 00:31:16 +00:00
tcpsvd,udpsvd: fix uid/gid printing when run with -u
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
parent
3ed181b7ac
commit
d6513cff17
@ -184,6 +184,7 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
int sock;
|
int sock;
|
||||||
int conn;
|
int conn;
|
||||||
unsigned backlog = 20;
|
unsigned backlog = 20;
|
||||||
|
unsigned opts;
|
||||||
|
|
||||||
INIT_G();
|
INIT_G();
|
||||||
|
|
||||||
@ -192,18 +193,18 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
/* 3+ args, -i at most once, -p implies -h, -v is counter, -b N, -c N */
|
/* 3+ args, -i at most once, -p implies -h, -v is counter, -b N, -c N */
|
||||||
opt_complementary = "-3:i--i:ph:vv:b+:c+";
|
opt_complementary = "-3:i--i:ph:vv:b+:c+";
|
||||||
#ifdef SSLSVD
|
#ifdef SSLSVD
|
||||||
getopt32(argv, "+c:C:i:x:u:l:Eb:hpt:vU:/:Z:K:",
|
opts = getopt32(argv, "+c:C:i:x:u:l:Eb:hpt:vU:/:Z:K:",
|
||||||
&cmax, &str_C, &instructs, &instructs, &user, &preset_local_hostname,
|
&cmax, &str_C, &instructs, &instructs, &user, &preset_local_hostname,
|
||||||
&backlog, &str_t, &ssluser, &root, &cert, &key, &verbose
|
&backlog, &str_t, &ssluser, &root, &cert, &key, &verbose
|
||||||
);
|
);
|
||||||
#else
|
#else
|
||||||
/* "+": stop on first non-option */
|
/* "+": stop on first non-option */
|
||||||
getopt32(argv, "+c:C:i:x:u:l:Eb:hpt:v",
|
opts = getopt32(argv, "+c:C:i:x:u:l:Eb:hpt:v",
|
||||||
&cmax, &str_C, &instructs, &instructs, &user, &preset_local_hostname,
|
&cmax, &str_C, &instructs, &instructs, &user, &preset_local_hostname,
|
||||||
&backlog, &str_t, &verbose
|
&backlog, &str_t, &verbose
|
||||||
);
|
);
|
||||||
#endif
|
#endif
|
||||||
if (option_mask32 & OPT_C) { /* -C n[:message] */
|
if (opts & OPT_C) { /* -C n[:message] */
|
||||||
max_per_host = bb_strtou(str_C, &str_C, 10);
|
max_per_host = bb_strtou(str_C, &str_C, 10);
|
||||||
if (str_C[0]) {
|
if (str_C[0]) {
|
||||||
if (str_C[0] != ':')
|
if (str_C[0] != ':')
|
||||||
@ -214,14 +215,14 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
}
|
}
|
||||||
if (max_per_host > cmax)
|
if (max_per_host > cmax)
|
||||||
max_per_host = cmax;
|
max_per_host = cmax;
|
||||||
if (option_mask32 & OPT_u) {
|
if (opts & OPT_u) {
|
||||||
xget_uidgid(&ugid, user);
|
xget_uidgid(&ugid, user);
|
||||||
}
|
}
|
||||||
#ifdef SSLSVD
|
#ifdef SSLSVD
|
||||||
if (option_mask32 & OPT_U) ssluser = optarg;
|
if (opts & OPT_U) ssluser = optarg;
|
||||||
if (option_mask32 & OPT_slash) root = optarg;
|
if (opts & OPT_slash) root = optarg;
|
||||||
if (option_mask32 & OPT_Z) cert = optarg;
|
if (opts & OPT_Z) cert = optarg;
|
||||||
if (option_mask32 & OPT_K) key = optarg;
|
if (opts & OPT_K) key = optarg;
|
||||||
#endif
|
#endif
|
||||||
argv += optind;
|
argv += optind;
|
||||||
if (!argv[0][0] || LONE_CHAR(argv[0], '0'))
|
if (!argv[0][0] || LONE_CHAR(argv[0], '0'))
|
||||||
@ -236,11 +237,11 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
#ifdef SSLSVD
|
#ifdef SSLSVD
|
||||||
sslser = user;
|
sslser = user;
|
||||||
client = 0;
|
client = 0;
|
||||||
if ((getuid() == 0) && !(option_mask32 & OPT_u)) {
|
if ((getuid() == 0) && !(opts & OPT_u)) {
|
||||||
xfunc_exitcode = 100;
|
xfunc_exitcode = 100;
|
||||||
bb_error_msg_and_die("-U ssluser must be set when running as root");
|
bb_error_msg_and_die("-U ssluser must be set when running as root");
|
||||||
}
|
}
|
||||||
if (option_mask32 & OPT_u)
|
if (opts & OPT_u)
|
||||||
if (!uidgid_get(&sslugid, ssluser, 1)) {
|
if (!uidgid_get(&sslugid, ssluser, 1)) {
|
||||||
if (errno) {
|
if (errno) {
|
||||||
bb_perror_msg_and_die("can't get user/group: %s", ssluser);
|
bb_perror_msg_and_die("can't get user/group: %s", ssluser);
|
||||||
@ -285,7 +286,7 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
/* ndelay_off(sock); - it is the default I think? */
|
/* ndelay_off(sock); - it is the default I think? */
|
||||||
|
|
||||||
#ifndef SSLSVD
|
#ifndef SSLSVD
|
||||||
if (option_mask32 & OPT_u) {
|
if (opts & OPT_u) {
|
||||||
/* drop permissions */
|
/* drop permissions */
|
||||||
xsetgid(ugid.gid);
|
xsetgid(ugid.gid);
|
||||||
xsetuid(ugid.uid);
|
xsetuid(ugid.uid);
|
||||||
@ -294,13 +295,12 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
|
|
||||||
if (verbose) {
|
if (verbose) {
|
||||||
char *addr = xmalloc_sockaddr2dotted(&lsa->u.sa);
|
char *addr = xmalloc_sockaddr2dotted(&lsa->u.sa);
|
||||||
bb_error_msg("listening on %s, starting", addr);
|
if (opts & OPT_u)
|
||||||
free(addr);
|
bb_error_msg("listening on %s, starting, uid %u, gid %u", addr,
|
||||||
#ifndef SSLSVD
|
|
||||||
if (option_mask32 & OPT_u)
|
|
||||||
printf(", uid %u, gid %u",
|
|
||||||
(unsigned)ugid.uid, (unsigned)ugid.gid);
|
(unsigned)ugid.uid, (unsigned)ugid.gid);
|
||||||
#endif
|
else
|
||||||
|
bb_error_msg("listening on %s, starting", addr);
|
||||||
|
free(addr);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Main accept() loop */
|
/* Main accept() loop */
|
||||||
@ -419,10 +419,10 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
char *free_me1 = NULL;
|
char *free_me1 = NULL;
|
||||||
char *free_me2 = NULL;
|
char *free_me2 = NULL;
|
||||||
|
|
||||||
if (verbose || !(option_mask32 & OPT_E)) {
|
if (verbose || !(opts & OPT_E)) {
|
||||||
if (!max_per_host) /* remote_addr is not yet known */
|
if (!max_per_host) /* remote_addr is not yet known */
|
||||||
free_me0 = remote_addr = xmalloc_sockaddr2dotted(&remote.u.sa);
|
free_me0 = remote_addr = xmalloc_sockaddr2dotted(&remote.u.sa);
|
||||||
if (option_mask32 & OPT_h) {
|
if (opts & OPT_h) {
|
||||||
free_me1 = remote_hostname = xmalloc_sockaddr2host_noport(&remote.u.sa);
|
free_me1 = remote_hostname = xmalloc_sockaddr2host_noport(&remote.u.sa);
|
||||||
if (!remote_hostname) {
|
if (!remote_hostname) {
|
||||||
bb_error_msg("cannot look up hostname for %s", remote_addr);
|
bb_error_msg("cannot look up hostname for %s", remote_addr);
|
||||||
@ -436,7 +436,7 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
getsockname(0, &local.u.sa, &local.len);
|
getsockname(0, &local.u.sa, &local.len);
|
||||||
/* else: for UDP it is done earlier by parent */
|
/* else: for UDP it is done earlier by parent */
|
||||||
local_addr = xmalloc_sockaddr2dotted(&local.u.sa);
|
local_addr = xmalloc_sockaddr2dotted(&local.u.sa);
|
||||||
if (option_mask32 & OPT_h) {
|
if (opts & OPT_h) {
|
||||||
local_hostname = preset_local_hostname;
|
local_hostname = preset_local_hostname;
|
||||||
if (!local_hostname) {
|
if (!local_hostname) {
|
||||||
free_me2 = local_hostname = xmalloc_sockaddr2host_noport(&local.u.sa);
|
free_me2 = local_hostname = xmalloc_sockaddr2host_noport(&local.u.sa);
|
||||||
@ -453,7 +453,7 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
remote_addr,
|
remote_addr,
|
||||||
cur_per_host, max_per_host);
|
cur_per_host, max_per_host);
|
||||||
}
|
}
|
||||||
bb_error_msg((option_mask32 & OPT_h)
|
bb_error_msg((opts & OPT_h)
|
||||||
? "start %u %s-%s (%s-%s)"
|
? "start %u %s-%s (%s-%s)"
|
||||||
: "start %u %s-%s",
|
: "start %u %s-%s",
|
||||||
pid,
|
pid,
|
||||||
@ -461,7 +461,7 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
local_hostname, remote_hostname);
|
local_hostname, remote_hostname);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!(option_mask32 & OPT_E)) {
|
if (!(opts & OPT_E)) {
|
||||||
/* setup ucspi env */
|
/* setup ucspi env */
|
||||||
const char *proto = tcp ? "TCP" : "UDP";
|
const char *proto = tcp ? "TCP" : "UDP";
|
||||||
|
|
||||||
@ -477,7 +477,7 @@ int tcpudpsvd_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
xsetenv_plain("PROTO", proto);
|
xsetenv_plain("PROTO", proto);
|
||||||
xsetenv_proto(proto, "LOCALADDR", local_addr);
|
xsetenv_proto(proto, "LOCALADDR", local_addr);
|
||||||
xsetenv_proto(proto, "REMOTEADDR", remote_addr);
|
xsetenv_proto(proto, "REMOTEADDR", remote_addr);
|
||||||
if (option_mask32 & OPT_h) {
|
if (opts & OPT_h) {
|
||||||
xsetenv_proto(proto, "LOCALHOST", local_hostname);
|
xsetenv_proto(proto, "LOCALHOST", local_hostname);
|
||||||
xsetenv_proto(proto, "REMOTEHOST", remote_hostname);
|
xsetenv_proto(proto, "REMOTEHOST", remote_hostname);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user