X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=avahi-core%2Fnetlink.c;h=acea6968a88592e1b7f34ad069252ba341998280;hb=9c0f9c65093cfa53d45f9b68782321eb8063a032;hp=c5afde90df5b1b15978993f0e3ca68bf17543293;hpb=fcc9b0efe1accdb0edcb3143a8e15782e69383db;p=catta diff --git a/avahi-core/netlink.c b/avahi-core/netlink.c index c5afde9..acea696 100644 --- a/avahi-core/netlink.c +++ b/avahi-core/netlink.c @@ -1,18 +1,16 @@ -/* $Id$ */ - /*** This file is part of avahi. - + avahi is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. - + avahi is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. - + You should have received a copy of the GNU Lesser General Public License along with avahi; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 @@ -46,44 +44,64 @@ struct AvahiNetlink { }; int avahi_netlink_work(AvahiNetlink *nl, int block) { + ssize_t bytes; + struct msghdr smsg; + struct cmsghdr *cmsg; + struct ucred *cred; + struct iovec iov; + struct nlmsghdr *p; + char cred_msg[CMSG_SPACE(sizeof(struct ucred))]; + assert(nl); - for (;;) { - ssize_t bytes; - struct nlmsghdr *p; + iov.iov_base = nl->buffer; + iov.iov_len = nl->buffer_length; - for (;;) { - if ((bytes = recv(nl->fd, nl->buffer, nl->buffer_length, block ? 0 : MSG_DONTWAIT)) < 0) { + smsg.msg_name = NULL; + smsg.msg_namelen = 0; + smsg.msg_iov = &iov; + smsg.msg_iovlen = 1; + smsg.msg_control = cred_msg; + smsg.msg_controllen = sizeof(cred_msg); + smsg.msg_flags = (block ? 0 : MSG_DONTWAIT); - if (errno == EAGAIN || errno == EINTR) - return 1; - - avahi_log_error(__FILE__": recv() failed: %s", strerror(errno)); - return 0; - } + if ((bytes = recvmsg(nl->fd, &smsg, 0)) < 0) { + if (errno == EAGAIN || errno == EINTR) + return 0; - break; - } + avahi_log_error(__FILE__": recvmsg() failed: %s", strerror(errno)); + return -1; + } + + cmsg = CMSG_FIRSTHDR(&smsg); + + if (!cmsg || cmsg->cmsg_type != SCM_CREDENTIALS) { + avahi_log_warn("No sender credentials received, ignoring data."); + return -1; + } + + cred = (struct ucred*) CMSG_DATA(cmsg); - p = (struct nlmsghdr *) nl->buffer; - - if (nl->callback) { - for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) { - if (!NLMSG_OK(p, (size_t) bytes)) { - avahi_log_warn(__FILE__": packet truncated"); - return 0; - } - - nl->callback(nl, p, nl->userdata); - } + if (cred->uid != 0) + return -1; + + p = (struct nlmsghdr *) nl->buffer; + + assert(nl->callback); + + for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) { + if (!NLMSG_OK(p, (size_t) bytes)) { + avahi_log_warn(__FILE__": packet truncated"); + return -1; } - if (block) - return 1; + nl->callback(nl, p, nl->userdata); } + + return 0; } -static void socket_event(AvahiWatch *w, int fd, AvahiWatchEvent event, void *userdata) { +static void socket_event(AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent event, void *userdata) { AvahiNetlink *nl = userdata; assert(w); @@ -95,6 +113,7 @@ static void socket_event(AvahiWatch *w, int fd, AvahiWatchEvent event, void *use AvahiNetlink *avahi_netlink_new(const AvahiPoll *poll_api, uint32_t groups, void (*cb) (AvahiNetlink *nl, struct nlmsghdr *n, void* userdata), void* userdata) { int fd = -1; + const int on = 1; struct sockaddr_nl addr; AvahiNetlink *nl = NULL; @@ -105,17 +124,22 @@ AvahiNetlink *avahi_netlink_new(const AvahiPoll *poll_api, uint32_t groups, void avahi_log_error(__FILE__": socket(PF_NETLINK): %s", strerror(errno)); return NULL; } - + memset(&addr, 0, sizeof(addr)); addr.nl_family = AF_NETLINK; addr.nl_groups = groups; - addr.nl_pid = getpid(); + addr.nl_pid = 0; // use 0 instead of getpid() to allow multiple instances of avahi in one process if (bind(fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) { avahi_log_error(__FILE__": bind(): %s", strerror(errno)); goto fail; } + if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) { + avahi_log_error(__FILE__": SO_PASSCRED: %s", strerror(errno)); + goto fail; + } + if (!(nl = avahi_new(AvahiNetlink, 1))) { avahi_log_error(__FILE__": avahi_new() failed."); goto fail; @@ -136,7 +160,7 @@ AvahiNetlink *avahi_netlink_new(const AvahiPoll *poll_api, uint32_t groups, void avahi_log_error(__FILE__": Failed to create watch."); goto fail; } - + return nl; fail: @@ -145,9 +169,7 @@ fail: close(fd); if (nl) { - if (nl->buffer) - avahi_free(nl); - + avahi_free(nl->buffer); avahi_free(nl); } @@ -162,7 +184,7 @@ void avahi_netlink_free(AvahiNetlink *nl) { if (nl->fd >= 0) close(nl->fd); - + avahi_free(nl->buffer); avahi_free(nl); } @@ -170,12 +192,12 @@ void avahi_netlink_free(AvahiNetlink *nl) { int avahi_netlink_send(AvahiNetlink *nl, struct nlmsghdr *m, unsigned *ret_seq) { assert(nl); assert(m); - + m->nlmsg_seq = nl->seq++; m->nlmsg_flags |= NLM_F_ACK; if (send(nl->fd, m, m->nlmsg_len, 0) < 0) { - avahi_log_error(__FILE__": send(): %s\n", strerror(errno)); + avahi_log_error(__FILE__": send(): %s", strerror(errno)); return -1; }