ORBit2 r2078 - in trunk: . linc2 linc2/include/linc linc2/src src/orb/GIOP

From: michael svn gnome org
To: svn-commits-list gnome org
Subject: ORBit2 r2078 - in trunk: . linc2 linc2/include/linc linc2/src src/orb/GIOP
Date: Mon, 11 Aug 2008 16:25:57 +0000 (UTC)
Author: michael
Date: Mon Aug 11 16:25:57 2008
New Revision: 2078
URL: http://svn.gnome.org/viewvc/ORBit2?rev=2078&view=rev

Log:
2008-08-11  Mike Gorse  <mgorse novell com>
        
        * src/orb/GIOP/giop.c (giop_tmpdir_init): use ORBIT_SOCKETDIR
        to propagate the socket dir to children wherever possible: has
        two benefits: speeds up ORBit2 launch, and allows root owned
        apps to talk to the user's AT.

2008-08-11  Michael Meeks  <michael meeks novell com>

        * src/linc-protocols.c (get_first_non_local_ipaddr): 
        remove bogus return bits; re-order linc-protocols array
        to maintain binary compat.

2008-08-11  Mike Gorse  <mgorse novell com>

        * src/linc-protocols.c (link_protocol_post_create_unix),
        * src/linc-server.c (link_server_setup): add and call
        * post_create
        method to allow root user to create sockets in ORBIT_SOCKETDIR,
        to allow user owned ATs to talk to a root owned app.



Modified:
   trunk/ChangeLog
   trunk/linc2/ChangeLog
   trunk/linc2/include/linc/linc-protocol.h
   trunk/linc2/src/linc-connection.c
   trunk/linc2/src/linc-protocols.c
   trunk/linc2/src/linc-server.c
   trunk/src/orb/GIOP/giop.c

Modified: trunk/linc2/include/linc/linc-protocol.h
==============================================================================
--- trunk/linc2/include/linc/linc-protocol.h	(original)
+++ trunk/linc2/include/linc/linc-protocol.h	Mon Aug 11 16:25:57 2008
@@ -50,6 +50,9 @@
 						 gchar                 **hostname,
 						 gchar                 **service);
 
+typedef void (*LinkProtocolPostCreateFunc) (int fd,
+					    struct sockaddr *sockaddr);
+
 typedef gboolean (*LinkProtocolIsLocal)         (const LinkProtocolInfo *proto,
 						 const struct sockaddr  *sockaddr,
 						 LinkSockLen             saddr_len);
@@ -66,8 +69,9 @@
 	LinkProtocolGetSockAddrFunc get_sockaddr;
 	LinkProtocolGetSockInfoFunc get_sockinfo;
 	LinkProtocolIsLocal         is_local;
+	LinkProtocolPostCreateFunc  post_create;
 	/* This structure is private and may be extended in future */
-	gpointer                    dummy[8];
+	gpointer                    dummy[7];
 };
 
 typedef enum {

Modified: trunk/linc2/src/linc-connection.c
==============================================================================
--- trunk/linc2/src/linc-connection.c	(original)
+++ trunk/linc2/src/linc-connection.c	Mon Aug 11 16:25:57 2008
@@ -548,6 +548,25 @@
 	CNX_UNLOCK (cnx);
 }
 
+#ifndef G_OS_WIN32
+static void
+fix_permissions (const char *filename)
+{
+	char *tmp_dir = g_strdup (filename);
+	char *p;
+	struct stat stat_buf;
+
+	if (!tmp_dir)
+		return;
+	p = strrchr (tmp_dir, '/');
+	if (p) {
+		*p = '\0';
+		stat (tmp_dir, &stat_buf);
+		chown (filename, stat_buf.st_uid, -1);
+	}
+}
+#endif
+
 static gboolean
 link_connection_do_initiate (LinkConnection        *cnx,
 			     const char            *proto_name,
@@ -627,6 +646,12 @@
 	}
 #endif	
 
+#ifndef G_OS_WIN32
+	if (!strcmp (proto_name, "UNIX") && getuid() == 0) {
+		fix_permissions (service);
+	}
+#endif
+
 	LINK_TEMP_FAILURE_RETRY_SOCKET (connect (fd, saddr, saddr_len), rv);
 #ifdef HAVE_WINSOCK2_H
 	if (rv == SOCKET_ERROR) {

Modified: trunk/linc2/src/linc-protocols.c
==============================================================================
--- trunk/linc2/src/linc-protocols.c	(original)
+++ trunk/linc2/src/linc-protocols.c	Mon Aug 11 16:25:57 2008
@@ -63,7 +63,7 @@
 				g_error ("Can not stat %s\n", dirname);
 
 #if !defined (__CYGWIN__) && !defined(_WIN32)
-			if (statbuf.st_uid != getuid ())
+			if (getuid() != 0 && statbuf.st_uid != getuid ())
 				g_error ("Owner of %s is not the current user\n", dirname);
 
 			if ((statbuf.st_mode & (S_IRWXG|S_IRWXO)) ||
@@ -140,7 +140,7 @@
 #if defined(AF_INET) || defined(AF_INET6) || defined (AF_UNIX)
 
 #ifndef G_OS_WIN32
-static char *
+static void
 get_first_non_local_ipaddr(char *buf, 
 			   size_t len)
 {
@@ -177,8 +177,6 @@
 
 	if (-1 != sock)
 		close(sock);
-
-	return buf;
 }
 #endif
 
@@ -996,6 +994,28 @@
 
 	return TRUE;
 }
+
+/*
+ * link_protocol_post_create_unix:
+ * @fd: the file descriptor.
+ * @sockaddr: a #sockaddr_un structure describing the socket.
+ *
+ * For a user running a program as root, set the owner of the socket to
+ * the original user.
+ */
+static void
+link_protocol_post_create_unix (int fd, struct sockaddr *saddr)
+{
+#ifndef G_OS_WIN32
+  struct sockaddr_un *saddr_un = (struct sockaddr_un *)saddr;
+
+	if (getuid() == 0) {
+		struct stat stat_buf;
+		if (!stat (link_tmpdir, &stat_buf))
+			fchown (fd, stat_buf.st_uid, -1);
+	}
+#endif
+}
 #endif /* AF_UNIX */
 
 /*
@@ -1133,7 +1153,8 @@
 	NULL, 				/* destroy */
 	link_protocol_get_sockaddr_ipv4,/* get_sockaddr */
 	link_protocol_get_sockinfo_ipv4,/* get_sockinfo */
-	link_protocol_is_local_ipv46    /* is_local */
+	link_protocol_is_local_ipv46,   /* is_local */
+	NULL				/* post_create */
 	},
 #endif
 #if defined(AF_INET6)
@@ -1147,7 +1168,8 @@
 	NULL, 				/* destroy */
 	link_protocol_get_sockaddr_ipv6,/* get_sockaddr */
 	link_protocol_get_sockinfo_ipv6,/* get_sockinfo */
-	link_protocol_is_local_ipv46    /* is_local */
+	link_protocol_is_local_ipv46,   /* is_local */
+	NULL				/* post_create */
 	},
 #endif
 #ifdef AF_UNIX
@@ -1161,7 +1183,8 @@
 	link_protocol_unix_destroy,  			/* destroy */
 	link_protocol_get_sockaddr_unix, 		/* get_sockaddr */
 	link_protocol_get_sockinfo_unix, 		/* get_sockinfo */
-	link_protocol_unix_is_local                     /* is_local */
+	link_protocol_unix_is_local,                     /* is_local */
+	link_protocol_post_create_unix			/* post_create */
 	},
 #endif
 	{ NULL /* name */ }

Modified: trunk/linc2/src/linc-server.c
==============================================================================
--- trunk/linc2/src/linc-server.c	(original)
+++ trunk/linc2/src/linc-server.c	Mon Aug 11 16:25:57 2008
@@ -385,6 +385,9 @@
 	if ((proto->flags & LINK_PROTOCOL_NEEDS_BIND) || local_serv_info)
 		n = bind (fd, saddr, saddr_len);
 
+	if (proto->post_create)
+		(*proto->post_create) (fd, saddr);
+
 #ifdef HAVE_WINSOCK2_H
 	if (n == SOCKET_ERROR) {
 		n = -1;

Modified: trunk/src/orb/GIOP/giop.c
==============================================================================
--- trunk/src/orb/GIOP/giop.c	(original)
+++ trunk/src/orb/GIOP/giop.c	Mon Aug 11 16:25:57 2008
@@ -48,7 +48,7 @@
 	}
 	
 #ifndef G_PLATFORM_WIN32
-	if (statbuf.st_uid != getuid ()) {
+	if (getuid() != 0 && statbuf.st_uid != getuid ()) {
 		S_PRINT (("Owner of %s is not the current user\n", dirname));
 		return FALSE;
 	}
@@ -126,12 +126,21 @@
 	char *dirname;
 	char *safe_dir = NULL;
 	long iteration = 0;
+	const gchar *env_dir;
 	static gboolean inited = FALSE;
 
 	if (inited)
 		return;
 	inited = TRUE;
 
+#ifndef G_OS_WIN32
+	env_dir = g_getenv("ORBIT_SOCKETDIR");
+	if (env_dir && test_safe_socket_dir (env_dir)) {
+		link_set_tmpdir (env_dir);
+		return;
+	}
+#endif
+
 	tmp_root = g_get_tmp_dir ();
 	dirname = g_strdup_printf ("orbit-%s",
 				   g_get_user_name ());
@@ -205,6 +214,9 @@
 			g_error ("Cannot find a safe socket path in '%s'", tmp_root);
 	}
 
+#ifndef G_OS_WIN32
+	g_setenv ("ORBIT_SOCKETDIR", safe_dir, TRUE);
+#endif
 	g_free (safe_dir);
 	g_free (dirname);
 }
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]