#include <avahi-common/llist.h>
#include <avahi-common/malloc.h>
+#ifndef IFLA_RTA
+#include <linux/if_addr.h>
+#define IFLA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifinfomsg))))
+#endif
+
+#ifndef IFA_RTA
+#include <linux/if_addr.h>
+#define IFA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrmsg))))
+#endif
+
#include "iface.h"
static int fd = -1;
int iface_init(int i) {
struct sockaddr_nl addr;
+ int on = 1;
if ((fd = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE)) < 0) {
daemon_log(LOG_ERR, "socket(PF_NETLINK): %s", strerror(errno));
daemon_log(LOG_ERR, "bind(): %s", strerror(errno));
goto fail;
}
+
+ if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) {
+ daemon_log(LOG_ERR, "SO_PASSCRED: %s", strerror(errno));
+ goto fail;
+ }
ifindex = i;
struct ifinfomsg *ifi;
ifi = NLMSG_DATA(n);
- if (ifi->ifi_family != AF_UNSPEC || ifi->ifi_index != ifindex)
+ if (ifi->ifi_family != AF_UNSPEC || (int) ifi->ifi_index != ifindex)
return 0;
if (n->nlmsg_type == RTM_DELLINK) {
if ((ifi->ifi_flags & IFF_LOOPBACK) ||
(ifi->ifi_flags & IFF_NOARP) ||
- !(ifi->ifi_flags & IFF_UP) ||
ifi->ifi_type != ARPHRD_ETHER) {
daemon_log(LOG_ERR, "Interface not suitable.");
return -1;
int l;
uint32_t address = 0;
Address *i;
- char buf[32];
ifa = NLMSG_DATA(n);
- if (ifa->ifa_family != AF_INET || ifa->ifa_index != ifindex)
+ if (ifa->ifa_family != AF_INET || (int) ifa->ifa_index != ifindex)
return 0;
l = NLMSG_PAYLOAD(n, sizeof(*ifa));
a = RTA_NEXT(a, l);
}
- daemon_log(LOG_INFO, "%s", inet_ntop(AF_INET, &address, buf, sizeof(buf)));
-
if (!address || is_ll_address(address))
return 0;
do {
size_t bytes;
ssize_t r;
- char replybuf[2048];
+ char replybuf[8*1024];
+ char cred_msg[CMSG_SPACE(sizeof(struct ucred))];
+ struct msghdr msghdr;
+ struct cmsghdr *cmsghdr;
+ struct ucred *ucred;
+ struct iovec iov;
struct nlmsghdr *p = (struct nlmsghdr *) replybuf;
+
+ memset(&iov, 0, sizeof(iov));
+ iov.iov_base = replybuf;
+ iov.iov_len = sizeof(replybuf);
+
+ memset(&msghdr, 0, sizeof(msghdr));
+ msghdr.msg_name = (void*) NULL;
+ msghdr.msg_namelen = 0;
+ msghdr.msg_iov = &iov;
+ msghdr.msg_iovlen = 1;
+ msghdr.msg_control = cred_msg;
+ msghdr.msg_controllen = sizeof(cred_msg);
+ msghdr.msg_flags = 0;
+
+ if ((r = recvmsg(fd, &msghdr, 0)) < 0) {
+ daemon_log(LOG_ERR, "recvmsg() failed: %s", strerror(errno));
+ return -1;
+ }
- if ((r = recv(fd, replybuf, sizeof(replybuf), 0)) < 0) {
- daemon_log(LOG_ERR, "recv() failed: %s", strerror(errno));
+ if (!(cmsghdr = CMSG_FIRSTHDR(&msghdr)) || cmsghdr->cmsg_type != SCM_CREDENTIALS) {
+ daemon_log(LOG_WARNING, "No sender credentials received, ignoring data.");
return -1;
}
+ ucred = (struct ucred*) CMSG_DATA(cmsghdr);
+
+ if (ucred->uid != 0)
+ return -1;
+
bytes = (size_t) r;
for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) {
return -1;
}
- if (p->nlmsg_type == NLMSG_DONE && wait_for_done && p->nlmsg_seq == seq)
+ if (p->nlmsg_type == NLMSG_DONE && wait_for_done && p->nlmsg_seq == seq && (pid_t) p->nlmsg_pid == getpid())
return 0;
if (p->nlmsg_type == NLMSG_ERROR) {
}
}
- if ((pid_t) p->nlmsg_pid != getpid())
- continue;
-
if (process_nlmsg(p) < 0)
return -1;
}
if (process_response(0, 0) < 0)
return -1;
- if (b && !!addresses)
+ if (b && !addresses)
*event = EVENT_ROUTABLE_ADDR_UNCONFIGURED;
else if (!b && addresses)
*event = EVENT_ROUTABLE_ADDR_CONFIGURED;
projects / catta / blobdiff