- Timestamp:
- Jul 11, 2009, 2:19:07 PM (15 years ago)
- Location:
- trunk/src
- Files:
-
- 4 edited
-
sh_entropy.c (modified) (4 diffs)
-
sh_extern.c (modified) (13 diffs)
-
sh_port2proc.c (modified) (3 diffs)
-
sh_portcheck.c (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/sh_entropy.c
r227 r235 567 567 if (source->pid == (pid_t) 0) 568 568 { 569 int val_return; 569 570 570 571 /* child - make read side of the pipe stdout 571 572 */ 572 if (retry_aud_dup2(FIL__, __LINE__, 573 pipedes[STDOUT_FILENO], STDOUT_FILENO) < 0) 574 aud__exit(FIL__, __LINE__, EXIT_FAILURE); 573 do { 574 val_return = dup2 (pipedes[STDOUT_FILENO], STDOUT_FILENO); 575 } while (val_return < 0 && errno == EINTR); 576 577 if (val_return < 0) 578 _exit(EXIT_FAILURE); 575 579 576 580 /* close the pipe descriptors … … 602 606 603 607 if (NULL != tempres) { 604 i = aud_setgid(FIL__, __LINE__,tempres->pw_gid);608 i = setgid(tempres->pw_gid); 605 609 if (i == 0) 606 610 i = sh_unix_initgroups(DEFAULT_IDENT ,tempres->pw_gid); 607 611 if (i == 0) 608 i = aud_setuid(FIL__, __LINE__,tempres->pw_uid);612 i = setuid(tempres->pw_uid); 609 613 /* make sure we cannot get root again 610 614 */ 611 if ((tempres->pw_uid != 0) && (aud_setuid(FIL__, __LINE__, 0) >= 0)) 615 if ((tempres->pw_uid != 0) && 616 (setuid(0) >= 0)) 612 617 i = -1; 613 618 } else { … … 622 627 */ 623 628 if (i == -1) { 624 aud__exit(FIL__, __LINE__,EXIT_FAILURE);629 _exit(EXIT_FAILURE); 625 630 } 626 631 … … 629 634 630 635 /* exec the program */ 631 retry_aud_execve (FIL__, __LINE__, _("/bin/sh"), arg, envp); 636 do { 637 val_return = execve (_("/bin/sh"), arg, envp); 638 } while (val_return < 0 && errno == EINTR); 632 639 } 633 640 634 641 /* failed 635 642 */ 636 aud__exit(FIL__, __LINE__,EXIT_FAILURE);643 _exit(EXIT_FAILURE); 637 644 } 638 645 -
trunk/src/sh_extern.c
r227 r235 185 185 * -- check whether the checksum is correct; with linux emulate fdexec 186 186 */ 187 #if !defined(__linux__) && !defined(SL_DEBUG)187 #if ( !defined(__linux__) || ( defined(__linux__) && defined(HAVE_PTHREAD)) ) && !defined(SL_DEBUG) 188 188 if (task->checksum[0] != '\0') 189 189 { … … 256 256 if (S_TRUE == task->fork_twice) 257 257 { 258 task->pid = aud_fork(FIL__, __LINE__);258 task->pid = fork(); 259 259 260 260 if (task->pid == (pid_t) - 1) 261 261 { 262 aud__exit (FIL__, __LINE__,EXIT_FAILURE);262 _exit (EXIT_FAILURE); 263 263 } 264 264 } … … 266 266 if (task->pid == (pid_t) 0) 267 267 { 268 int val_return; 269 268 270 PDBGC_OPEN; 269 271 PDBGC(1); … … 274 276 if (task->rw == 'w') 275 277 { 276 if (retry_aud_dup2(FIL__, __LINE__, 277 pipedes[STDIN_FILENO], STDIN_FILENO) < 0) 278 aud__exit(FIL__, __LINE__,EXIT_FAILURE); 278 do { 279 val_return = dup2 (pipedes[STDIN_FILENO], STDIN_FILENO); 280 } while (val_return < 0 && errno == EINTR); 281 282 if (val_return < 0) 283 _exit(EXIT_FAILURE); 279 284 } 280 285 else 281 286 { 282 if (retry_aud_dup2(FIL__, __LINE__, 283 pipedes[STDOUT_FILENO], STDOUT_FILENO) < 0) 284 aud__exit(FIL__, __LINE__,EXIT_FAILURE); 287 do { 288 val_return = dup2 (pipedes[STDOUT_FILENO], STDOUT_FILENO); 289 } while (val_return < 0 && errno == EINTR); 290 291 if (val_return < 0) 292 _exit(EXIT_FAILURE); 285 293 } 286 294 PDBGC(2); … … 308 316 memset(skey, 0, sizeof(sh_key_t)); 309 317 310 (void) aud_setgid(FIL__, __LINE__,(gid_t) task->run_user_gid);311 (void) aud_setuid(FIL__, __LINE__,(uid_t) task->run_user_uid);318 (void) setgid((gid_t) task->run_user_gid); 319 (void) setuid((uid_t) task->run_user_uid); 312 320 /* make sure we cannot get root again 313 321 */ 314 if ( aud_setuid(FIL__, __LINE__,0) >= 0)315 aud__exit(FIL__, __LINE__,EXIT_FAILURE);322 if (setuid(0) >= 0) 323 _exit(EXIT_FAILURE); 316 324 } 317 325 … … 332 340 { 333 341 PDBGC_S("r"); 334 (void) retry_aud_dup2 (FIL__, __LINE__, 335 STDOUT_FILENO, STDERR_FILENO); 342 do { 343 val_return = dup2 (STDOUT_FILENO, STDERR_FILENO); 344 } while (val_return < 0 && errno == EINTR); 345 336 346 (void) fcntl (STDIN_FILENO, F_SETFD, FD_CLOEXEC); 337 347 /* … … 347 357 * -- emulate an fdexec with checksum testing 348 358 */ 359 360 #if !defined(HAVE_PTHREAD) 349 361 if (task->checksum[0] != '\0') 362 #endif 350 363 { 351 364 PDBGC_S("fexecve"); 352 365 if (task->com_fd != (-1)) 353 366 { 354 pfd = retry_aud_dup(FIL__, __LINE__, task->com_fd); 367 do { 368 val_return = dup (task->com_fd); 369 } while (val_return < 0 && errno == EINTR); 370 pfd = val_return; 355 371 if (pfd < 0) 356 372 { 357 PDBGC_S("fexecve: dup 2failed");358 aud__exit(FIL__, __LINE__,EXIT_FAILURE);373 PDBGC_S("fexecve: dup failed"); 374 _exit(EXIT_FAILURE); 359 375 } 360 376 } 377 #if !defined(HAVE_PTHREAD) 361 378 else 362 379 { … … 372 389 { 373 390 PDBGC_S("fexecve: checksum mismatch"); 374 aud__exit(FIL__, __LINE__,EXIT_FAILURE);391 _exit(EXIT_FAILURE); 375 392 } 376 393 pfd = get_the_fd(fd); 377 394 } 395 #endif 378 396 379 397 PDBGC(5); … … 384 402 PDBGC_CLOSE; 385 403 fcntl (pfd, F_SETFD, FD_CLOEXEC); 386 retry_aud_execve (FIL__, __LINE__, 387 pname, 388 (task->argc == 0) ? NULL : task->argv, 389 (task->envc == 0) ? NULL : task->envv 390 ); 404 do { 405 val_return = execve (pname, 406 (task->argc == 0) ? NULL : task->argv, 407 (task->envc == 0) ? NULL : task->envv 408 ); 409 } while (val_return < 0 && errno == EINTR); 391 410 392 411 errnum = errno; … … 398 417 /* failed 399 418 */ 400 aud__exit(FIL__, __LINE__,EXIT_FAILURE);419 _exit(EXIT_FAILURE); 401 420 } 402 421 PDBGC_S("fexecve: not working"); … … 419 438 PDBGC(5); 420 439 PDBGC_CLOSE; 421 (void) retry_aud_execve (FIL__, __LINE__, 422 task->command, 423 (task->argc == 0) ? argp : task->argv, 424 (task->envc == 0) ? envp : task->envv 425 ); 440 do { 441 val_return = execve (task->command, 442 (task->argc == 0) ? argp : task->argv, 443 (task->envc == 0) ? envp : task->envv 444 ); 445 } while (val_return < 0 && errno == EINTR); 426 446 } 427 447 errnum = errno; … … 433 453 /* failed 434 454 */ 435 aud__exit(FIL__, __LINE__,EXIT_FAILURE);455 _exit(EXIT_FAILURE); 436 456 } 437 457 /* … … 440 460 if (S_TRUE == task->fork_twice) 441 461 { 442 aud__exit (FIL__, __LINE__,0);462 _exit (0); 443 463 } 444 464 } -
trunk/src/sh_port2proc.c
r206 r235 304 304 return 0; 305 305 } 306 307 void sh_port2proc_finish() 308 { 309 /* Delete old socket list 310 */ 311 del_sock_all(); 312 return; 313 } 314 306 315 307 316 #include <sys/socket.h> … … 866 875 } 867 876 877 void sh_port2proc_finish() 878 { 879 return; 880 } 881 868 882 #else /* !defined(__linux__) && !defined(__FreeBSD__) */ 869 883 … … 886 900 } 887 901 902 void sh_port2proc_finish() 903 { 904 return; 905 } 888 906 #endif 889 907 -
trunk/src/sh_portcheck.c
r218 r235 140 140 unsigned long * pid, char * user, size_t userlen); 141 141 extern int sh_port2proc_prepare(); 142 extern void sh_port2proc_finish(); 142 143 143 144 #endif … … 1101 1102 blacklist_udp = sh_portchk_kill_blacklist (blacklist_udp); 1102 1103 blacklist_tcp = sh_portchk_kill_blacklist (blacklist_tcp); 1104 sh_port2proc_finish(); 1105 1103 1106 SH_MUTEX_UNLOCK(mutex_port_check); 1104 1107 return 0;
Note:
See TracChangeset
for help on using the changeset viewer.
