If there is a leftover socket when the server starts, delete it
(otherwise the bind() call will fail and the server will not start).
This commit is contained in:
parent
4418a47c44
commit
d956f94ac9
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=145988
2 changed files with 109 additions and 8 deletions
|
@ -7,6 +7,7 @@
|
|||
|
||||
PORTNAME= gamin
|
||||
PORTVERSION= 0.1.5
|
||||
PORTREVISION?= 1
|
||||
CATEGORIES?= devel
|
||||
MASTER_SITES= http://www.gnome.org/~veillard/gamin/sources/
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
--- server/gam_channel.c.orig Sun Jul 17 16:48:54 2005
|
||||
+++ server/gam_channel.c Sun Jul 17 16:51:45 2005
|
||||
@@ -29,10 +29,10 @@ gam_client_conn_send_cred(int fd)
|
||||
--- server/gam_channel.c.orig Tue Aug 9 18:17:39 2005
|
||||
+++ server/gam_channel.c Fri Oct 21 07:55:31 2005
|
||||
@@ -30,10 +30,10 @@
|
||||
{
|
||||
char data[2] = { 0, 0 };
|
||||
int written;
|
||||
|
@ -14,7 +14,7 @@
|
|||
} cmsg;
|
||||
struct iovec iov;
|
||||
struct msghdr msg;
|
||||
@@ -44,16 +44,16 @@ gam_client_conn_send_cred(int fd)
|
||||
@@ -45,16 +45,16 @@
|
||||
msg.msg_iov = &iov;
|
||||
msg.msg_iovlen = 1;
|
||||
|
||||
|
@ -35,7 +35,7 @@
|
|||
written = sendmsg(fd, &msg, 0);
|
||||
#else
|
||||
written = write(fd, &data[0], 1);
|
||||
@@ -92,15 +92,16 @@ gam_client_conn_check_cred(GIOChannel *
|
||||
@@ -95,15 +95,16 @@
|
||||
gid_t c_gid;
|
||||
|
||||
#ifdef HAVE_CMSGCRED
|
||||
|
@ -55,7 +55,7 @@
|
|||
/* Set the socket to receive credentials on the next message */
|
||||
{
|
||||
int on = 1;
|
||||
@@ -121,8 +122,8 @@ gam_client_conn_check_cred(GIOChannel *
|
||||
@@ -124,8 +125,8 @@
|
||||
|
||||
#ifdef HAVE_CMSGCRED
|
||||
memset(&cmsg, 0, sizeof(cmsg));
|
||||
|
@ -66,7 +66,7 @@
|
|||
#endif
|
||||
|
||||
retry:
|
||||
@@ -139,7 +140,8 @@ gam_client_conn_check_cred(GIOChannel *
|
||||
@@ -142,7 +143,8 @@
|
||||
goto failed;
|
||||
}
|
||||
#ifdef HAVE_CMSGCRED
|
||||
|
@ -76,7 +76,7 @@
|
|||
GAM_DEBUG(DEBUG_INFO,
|
||||
"Message from recvmsg() was not SCM_CREDS\n");
|
||||
goto failed;
|
||||
@@ -165,9 +167,10 @@ gam_client_conn_check_cred(GIOChannel *
|
||||
@@ -168,9 +170,10 @@
|
||||
goto failed;
|
||||
}
|
||||
#elif defined(HAVE_CMSGCRED)
|
||||
|
@ -90,3 +90,103 @@
|
|||
#else /* !SO_PEERCRED && !HAVE_CMSGCRED */
|
||||
GAM_DEBUG(DEBUG_INFO,
|
||||
"Socket credentials not supported on this OS\n");
|
||||
@@ -513,66 +516,6 @@
|
||||
g_free(dir);
|
||||
return(FALSE);
|
||||
}
|
||||
-
|
||||
-/**
|
||||
- * gam_check_secure_path:
|
||||
- * @path: path to the (possibly abstract) socket
|
||||
- *
|
||||
- * Tries to create or ensure that the socket used for communicating with
|
||||
- * the clients are in a safe directory to avoid possible attacks.
|
||||
- *
|
||||
- * Returns the socket file descriptor or -1 in case of error.
|
||||
- */
|
||||
-static gboolean
|
||||
-gam_check_secure_path(const char *path)
|
||||
-{
|
||||
- struct stat st;
|
||||
- int ret;
|
||||
-
|
||||
- if (!gam_check_secure_dir())
|
||||
- return(FALSE);
|
||||
- /*
|
||||
- * Check the existing socket if any
|
||||
- */
|
||||
- ret = stat(path, &st);
|
||||
- if (ret < 0)
|
||||
- return(TRUE);
|
||||
-
|
||||
- if (st.st_uid != getuid()) {
|
||||
- gam_error(DEBUG_INFO,
|
||||
- "Socket %s has different owner\n",
|
||||
- path);
|
||||
- goto cleanup;
|
||||
- }
|
||||
-#ifdef S_ISSOCK
|
||||
- if (!S_ISSOCK (st.st_mode)) {
|
||||
- gam_error(DEBUG_INFO, "Socket path %s is not a socket\n",
|
||||
- path);
|
||||
- goto cleanup;
|
||||
- }
|
||||
-#endif
|
||||
- if (st.st_mode & (S_IRWXG|S_IRWXO)) {
|
||||
- gam_error(DEBUG_INFO,
|
||||
- "Socket %s has wrong permissions\n",
|
||||
- path);
|
||||
- goto cleanup;
|
||||
- }
|
||||
- /*
|
||||
- * Looks good though binding may fail due to an existing server
|
||||
- */
|
||||
- return(TRUE);
|
||||
-
|
||||
-cleanup:
|
||||
- /*
|
||||
- * the existing file at the socket location seems strange, try to remove it
|
||||
- */
|
||||
- ret = unlink(path);
|
||||
- if (ret < 0) {
|
||||
- gam_error(DEBUG_INFO, "Failed to remove %s\n", path);
|
||||
- return(FALSE);
|
||||
- }
|
||||
- return(TRUE);
|
||||
-}
|
||||
#endif /* ! HAVE_ABSTRACT_SOCKETS */
|
||||
|
||||
/************************************************************************
|
||||
@@ -620,6 +563,7 @@
|
||||
{
|
||||
int fd;
|
||||
struct sockaddr_un addr;
|
||||
+ struct stat st;
|
||||
|
||||
fd = socket(PF_UNIX, SOCK_STREAM, 0);
|
||||
if (fd < 0) {
|
||||
@@ -635,13 +579,18 @@
|
||||
addr.sun_path[0] = '\0';
|
||||
strncpy(&addr.sun_path[1], path, (sizeof(addr) - 4) - 2);
|
||||
#else
|
||||
- /*
|
||||
- * if the socket is exposed at the filesystem level we need to take
|
||||
- * some extra protection checks. Also make sure the socket is created
|
||||
- * with restricted mode
|
||||
- */
|
||||
- if (!gam_check_secure_path(path)) {
|
||||
+ if (! gam_check_secure_dir()) {
|
||||
+ close(fd);
|
||||
+ return (-1);
|
||||
+ }
|
||||
+
|
||||
+ if (stat(path, &st) == 0) {
|
||||
+ /* bind() will fail if the socket already exists */
|
||||
+ if (unlink(path) < 0) {
|
||||
+ GAM_DEBUG(DEBUG_INFO, "Failed to remove %s\n", path);
|
||||
+ close(fd);
|
||||
return (-1);
|
||||
+ }
|
||||
}
|
||||
strncpy(&addr.sun_path[0], path, (sizeof(addr) - 4) - 1);
|
||||
umask(0077);
|
||||
|
|
Loading…
Reference in a new issue