X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=avahi-autoipd%2Fiface-linux.c;h=fc27829d43c9fbd989f7142d27fa90b9b12292a0;hb=22d4df25cb5093a878dca5132b316c27ba47bd83;hp=2ad8a61ab53b0992205aab915a4d7db29a58c0cf;hpb=ef98a3da45ebbc3bbf9601a3eef1a4eb65fb9a84;p=catta diff --git a/avahi-autoipd/iface-linux.c b/avahi-autoipd/iface-linux.c index 2ad8a61..fc27829 100644 --- a/avahi-autoipd/iface-linux.c +++ b/avahi-autoipd/iface-linux.c @@ -1,18 +1,16 @@ -/* $Id$ */ - /*** This file is part of avahi. - + avahi is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. - + avahi is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. - + You should have received a copy of the GNU Lesser General Public License along with avahi; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 @@ -66,7 +64,8 @@ AVAHI_LLIST_HEAD(Address, addresses) = NULL; int iface_init(int i) { struct sockaddr_nl addr; - + int on = 1; + if ((fd = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE)) < 0) { daemon_log(LOG_ERR, "socket(PF_NETLINK): %s", strerror(errno)); goto fail; @@ -82,16 +81,21 @@ int iface_init(int i) { goto fail; } + if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) { + daemon_log(LOG_ERR, "SO_PASSCRED: %s", strerror(errno)); + goto fail; + } + ifindex = i; - + return fd; - + fail: if (fd >= 0) { close(fd); fd = -1; } - + return -1; } @@ -104,16 +108,16 @@ static int process_nlmsg(struct nlmsghdr *n) { struct ifinfomsg *ifi; ifi = NLMSG_DATA(n); - if (ifi->ifi_family != AF_UNSPEC || ifi->ifi_index != ifindex) + if (ifi->ifi_family != AF_UNSPEC || (int) ifi->ifi_index != ifindex) return 0; - + if (n->nlmsg_type == RTM_DELLINK) { daemon_log(LOG_ERR, "Interface vanished."); return -1; } assert(n->nlmsg_type == RTM_NEWLINK); - + if ((ifi->ifi_flags & IFF_LOOPBACK) || (ifi->ifi_flags & IFF_NOARP) || ifi->ifi_type != ARPHRD_ETHER) { @@ -130,10 +134,10 @@ static int process_nlmsg(struct nlmsghdr *n) { int l; uint32_t address = 0; Address *i; - + ifa = NLMSG_DATA(n); - if (ifa->ifa_family != AF_INET || ifa->ifa_index != ifindex) + if (ifa->ifa_family != AF_INET || (int) ifa->ifa_index != ifindex) return 0; l = NLMSG_PAYLOAD(n, sizeof(*ifa)); @@ -148,7 +152,7 @@ static int process_nlmsg(struct nlmsghdr *n) { memcpy(&address, RTA_DATA(a), sizeof(uint32_t)); break; } - + a = RTA_NEXT(a, l); } @@ -174,20 +178,48 @@ static int process_nlmsg(struct nlmsghdr *n) { static int process_response(int wait_for_done, unsigned seq) { assert(fd >= 0); - + do { size_t bytes; ssize_t r; - char replybuf[2048]; + char replybuf[8*1024]; + char cred_msg[CMSG_SPACE(sizeof(struct ucred))]; + struct msghdr msghdr; + struct cmsghdr *cmsghdr; + struct ucred *ucred; + struct iovec iov; struct nlmsghdr *p = (struct nlmsghdr *) replybuf; - if ((r = recv(fd, replybuf, sizeof(replybuf), 0)) < 0) { - daemon_log(LOG_ERR, "recv() failed: %s", strerror(errno)); + memset(&iov, 0, sizeof(iov)); + iov.iov_base = replybuf; + iov.iov_len = sizeof(replybuf); + + memset(&msghdr, 0, sizeof(msghdr)); + msghdr.msg_name = (void*) NULL; + msghdr.msg_namelen = 0; + msghdr.msg_iov = &iov; + msghdr.msg_iovlen = 1; + msghdr.msg_control = cred_msg; + msghdr.msg_controllen = sizeof(cred_msg); + msghdr.msg_flags = 0; + + if ((r = recvmsg(fd, &msghdr, 0)) < 0) { + daemon_log(LOG_ERR, "recvmsg() failed: %s", strerror(errno)); + return -1; + } + + if (!(cmsghdr = CMSG_FIRSTHDR(&msghdr)) || cmsghdr->cmsg_type != SCM_CREDENTIALS) { + daemon_log(LOG_WARNING, "No sender credentials received, ignoring data."); return -1; } + ucred = (struct ucred*) CMSG_DATA(cmsghdr); + + if (ucred->uid != 0) + return -1; + bytes = (size_t) r; - + for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) { if (!NLMSG_OK(p, bytes) || bytes < sizeof(struct nlmsghdr) || bytes < p->nlmsg_len) { @@ -224,7 +256,7 @@ int iface_get_initial_state(State *state) { assert(fd >= 0); assert(state); - + memset(&req, 0, sizeof(req)); n = (struct nlmsghdr*) req; n->nlmsg_len = NLMSG_LENGTH(sizeof(*ifi)); @@ -244,7 +276,7 @@ int iface_get_initial_state(State *state) { if (process_response(1, 0) < 0) return -1; - + n->nlmsg_type = RTM_GETADDR; n->nlmsg_len = NLMSG_LENGTH(sizeof(*ifa)); n->nlmsg_seq = ++seq; @@ -252,7 +284,7 @@ int iface_get_initial_state(State *state) { ifa = NLMSG_DATA(n); ifa->ifa_family = AF_INET; ifa->ifa_index = ifindex; - + if (send(fd, n, n->nlmsg_len, 0) < 0) { daemon_log(LOG_ERR, "send(): %s", strerror(errno)); return -1; @@ -262,7 +294,7 @@ int iface_get_initial_state(State *state) { return -1; *state = addresses ? STATE_SLEEPING : STATE_START; - + return 0; } @@ -271,7 +303,7 @@ int iface_process(Event *event) { assert(fd >= 0); b = !!addresses; - + if (process_response(0, 0) < 0) return -1; @@ -279,13 +311,13 @@ int iface_process(Event *event) { *event = EVENT_ROUTABLE_ADDR_UNCONFIGURED; else if (!b && addresses) *event = EVENT_ROUTABLE_ADDR_CONFIGURED; - + return 0; } void iface_done(void) { Address *a; - + if (fd >= 0) { close(fd); fd = -1;