X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=avahi-autoipd%2Fiface-linux.c;h=bd3fd575ad5166503d21155b22e22c9593554291;hb=0e1ff7b80d77fa1fb0a3ccb3c4b047e25c04afdd;hp=c2f24df7b8692a44b2b2abc4e8fa663c48506733;hpb=12874f5d761b4b80ac27c1fc758a93b69d92c34c;p=catta diff --git a/avahi-autoipd/iface-linux.c b/avahi-autoipd/iface-linux.c index c2f24df..bd3fd57 100644 --- a/avahi-autoipd/iface-linux.c +++ b/avahi-autoipd/iface-linux.c @@ -40,6 +40,16 @@ #include #include +#ifndef IFLA_RTA +#include +#define IFLA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifinfomsg)))) +#endif + +#ifndef IFA_RTA +#include +#define IFA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrmsg)))) +#endif + #include "iface.h" static int fd = -1; @@ -56,6 +66,7 @@ AVAHI_LLIST_HEAD(Address, addresses) = NULL; int iface_init(int i) { struct sockaddr_nl addr; + int on = 1; if ((fd = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE)) < 0) { daemon_log(LOG_ERR, "socket(PF_NETLINK): %s", strerror(errno)); @@ -71,6 +82,11 @@ int iface_init(int i) { daemon_log(LOG_ERR, "bind(): %s", strerror(errno)); goto fail; } + + if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) { + daemon_log(LOG_ERR, "SO_PASSCRED: %s", strerror(errno)); + goto fail; + } ifindex = i; @@ -106,7 +122,6 @@ static int process_nlmsg(struct nlmsghdr *n) { if ((ifi->ifi_flags & IFF_LOOPBACK) || (ifi->ifi_flags & IFF_NOARP) || - !(ifi->ifi_flags & IFF_UP) || ifi->ifi_type != ARPHRD_ETHER) { daemon_log(LOG_ERR, "Interface not suitable."); return -1; @@ -121,7 +136,6 @@ static int process_nlmsg(struct nlmsghdr *n) { int l; uint32_t address = 0; Address *i; - char buf[32]; ifa = NLMSG_DATA(n); @@ -144,8 +158,6 @@ static int process_nlmsg(struct nlmsghdr *n) { a = RTA_NEXT(a, l); } - daemon_log(LOG_INFO, "%s", inet_ntop(AF_INET, &address, buf, sizeof(buf))); - if (!address || is_ll_address(address)) return 0; @@ -172,14 +184,42 @@ static int process_response(int wait_for_done, unsigned seq) { do { size_t bytes; ssize_t r; - char replybuf[2048]; + char replybuf[8*1024]; + char cred_msg[CMSG_SPACE(sizeof(struct ucred))]; + struct msghdr msghdr; + struct cmsghdr *cmsghdr; + struct ucred *ucred; + struct iovec iov; struct nlmsghdr *p = (struct nlmsghdr *) replybuf; + + memset(&iov, 0, sizeof(iov)); + iov.iov_base = replybuf; + iov.iov_len = sizeof(replybuf); + + memset(&msghdr, 0, sizeof(msghdr)); + msghdr.msg_name = (void*) NULL; + msghdr.msg_namelen = 0; + msghdr.msg_iov = &iov; + msghdr.msg_iovlen = 1; + msghdr.msg_control = cred_msg; + msghdr.msg_controllen = sizeof(cred_msg); + msghdr.msg_flags = 0; + + if ((r = recvmsg(fd, &msghdr, 0)) < 0) { + daemon_log(LOG_ERR, "recvmsg() failed: %s", strerror(errno)); + return -1; + } - if ((r = recv(fd, replybuf, sizeof(replybuf), 0)) < 0) { - daemon_log(LOG_ERR, "recv() failed: %s", strerror(errno)); + if (!(cmsghdr = CMSG_FIRSTHDR(&msghdr)) || cmsghdr->cmsg_type != SCM_CREDENTIALS) { + daemon_log(LOG_WARNING, "No sender credentials received, ignoring data."); return -1; } + ucred = (struct ucred*) CMSG_DATA(cmsghdr); + + if (ucred->uid != 0) + return -1; + bytes = (size_t) r; for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) { @@ -189,7 +229,7 @@ static int process_response(int wait_for_done, unsigned seq) { return -1; } - if (p->nlmsg_type == NLMSG_DONE && wait_for_done && p->nlmsg_seq == seq) + if (p->nlmsg_type == NLMSG_DONE && wait_for_done && p->nlmsg_seq == seq && (pid_t) p->nlmsg_pid == getpid()) return 0; if (p->nlmsg_type == NLMSG_ERROR) { @@ -201,9 +241,6 @@ static int process_response(int wait_for_done, unsigned seq) { } } - if ((pid_t) p->nlmsg_pid != getpid()) - continue; - if (process_nlmsg(p) < 0) return -1; } @@ -272,7 +309,7 @@ int iface_process(Event *event) { if (process_response(0, 0) < 0) return -1; - if (b && !!addresses) + if (b && !addresses) *event = EVENT_ROUTABLE_ADDR_UNCONFIGURED; else if (!b && addresses) *event = EVENT_ROUTABLE_ADDR_CONFIGURED;