Summary of this long ChangeLog:
* Splitted `libgtop_sysdeps.la' into `libgtop_sysdeps.la' and
`libgtop_sysdeps_suid.la'.
Everything that needs to be suid/sgid is in `libgtop_sysdeps_suid.la'
and the rest in `libgtop_sysdeps.la'.
The functions from `libgtop_sysdeps_suid.la' have the `_p' prefix and
the ones from `libgtop_sysdeps.la' the `_s' prefix.
The suid library uses `glibtop_open_p' and `glibtop_close_p', the
normal one `glibtop_init_s' (found in lib/init.c), `glibtop_open_s'
and `glibtop_close_s'.
* Added `libgtop_suid_common.la' containing stuff from sysdeps/common
that is required from the suid server (currently everything from
error.c and xmalloc.c).
This means, we can add some more stuff to `libgtop_common.la' without
the risk that it may be dangerous in the suid server.
* The ``library order'' is much clearer now:
-> `libgtop.la' (from lib/) contains user-level stuff;
all functions except `glibtop_init_r' have the `_l'
suffix.
-> `libgtop_common.la' (from sysdeps/common/) contains stuff
that is common among the sysdeps directories.
use anything from `libgtop_sysdeps.la' and
`libgtop_sysdeps_suid.la'.
-> `libgtop_sysdeps.la' (from sysdeps/<sysdeps_dir>/) contains
everything from the sysdeps directory that doesn't need to
be suid/sgid.
-> `libgtop_suid_common.la' (from sysdeps/common/) is used from
the suid server instead of `libgtop_common.la'.
-> `libgtop_sysdeps_suid.la' (from sysdeps/<sysdeps_dir>/) contains
everything from the sysdeps directory that needs to be in the
suid server.
* To summarize: the server is linked only with functions that need
to be suid and everything else is linked only with functions that
do not need to be suid.
Martin
1998-07-22 Martin Baulig <martin@home-of-linux.org>
* lib/init.c (glibtop_init_s): Added this init function of
the sysdeps directory `libgtop_sysdeps.la'.
* lib/open.c (glibtop_open_l): Unconditionally calling
`glibtop_init_s' after server initialization.
* lib/lib.awk: Removed references to functions from
`libgtop_sysdeps_suid.la' to avoid undefined symbols.
* sysdeps/stub/open.c (glibtop_open_s): Renamed this
function from `glibtop_open_r'.
* sysdeps/stub/close.c (glibtop_close_s): Renamed this
function from `glibtop_close_l'.
* sysdeps/kernel/open.c (glibtop_open_s): Renamed this
function from `glibtop_open_r'.
* sysdeps/kernel/close.c (glibtop_close_s): Renamed this
function from `glibtop_close_l'.
* sysdeps/linux/open.c (glibtop_open_s): Renamed this
function from `glibtop_open_r'.
* sysdeps/linux/close.c (glibtop_close_s): Renamed this
function from `glibtop_close_l'.
* sysdeps/osf1/Makefile.am (lib_LTLIBRARIES): Added
`libgtop_sysdeps_suid.la' for the suid server.
* sysdeps/osf1/open_suid.c (glibtop_open_p): New file.
Contains all stuff that was formerly in `open.c'.
* sysdeps/osf1/open.c: Moved everything from here into
the new file `open_suid.c'.
* sysdeps/osf1/open.c (glibtop_open_s): New function.
* sysdeps/osf1/close_suid.c (glibtop_close_p): New file.
* sysdeps/osf1/close.c (glibtop_close_s): New function.
* sysdeps/osf1/*.c: Using the new init, open and close
functions.
* sysdeps/sun4/Makefile.am (lib_LTLIBRARIES): Added
`libgtop_sysdeps_suid.la' for the suid server.
* sysdeps/sun4/nosuid.c (glibtop_open_s, glibtop_close_s): New file
* sysdeps/sun4/*.c: All functions now have the `_p' suffix.
* sysdeps/common/Makefile.am (lib_LTLIBRARIES): Added
`libgtop_suid_common.la' which only contains stuff that is
needed in the suid parts.
* sysdeps/common/xmalloc.c: Using `glibtop_error_io_r' instead
of `glibtop_error_r'.
* sysdeps/{kernel, linux, osf1, sun4, stub}/init.c: Removed.
`glibtop_init_s' has been moved into `lib/init.c' since it's the
same in all the sysdeps directories.
* src/server/main.c: It is now an error to request a feature that
does not need the suid server.
* src/proxy: Removed.
This commit is contained in:
Martin Baulig
committed by
Martin Baulig
Martin Baulig
parent
7efcda3082
commit
5e97af535f
@@ -49,7 +49,7 @@
|
||||
#endif
|
||||
|
||||
extern void handle_parent_connection __P ((int));
|
||||
extern void handle_child_connection __P ((int));
|
||||
extern void handle_slave_connection __P ((int, int));
|
||||
extern void handle_ipc_connection __P ((int));
|
||||
|
||||
#if !defined(UNIX_DOMAIN_SOCKETS) && !defined(INTERNET_DOMAIN_SOCKETS)
|
||||
@@ -216,7 +216,7 @@ static int
|
||||
setup_table (void)
|
||||
{
|
||||
char hostname [HOSTNAMSZ];
|
||||
u_int host_addr;
|
||||
long host_addr;
|
||||
int i, hosts = 0;
|
||||
|
||||
/* Make sure every entry is null */
|
||||
@@ -225,7 +225,7 @@ setup_table (void)
|
||||
|
||||
gethostname (hostname, HOSTNAMSZ);
|
||||
|
||||
if (((long) host_addr = glibtop_internet_addr (hostname)) == -1)
|
||||
if ((host_addr = glibtop_internet_addr (hostname)) == -1)
|
||||
glibtop_error ("Can't resolve '%s'", hostname);
|
||||
|
||||
#ifdef AUTH_MAGIC_COOKIE
|
||||
@@ -326,13 +326,15 @@ handle_internet_request (int ls)
|
||||
glibtop_error_io ("accept");
|
||||
|
||||
#ifdef DEBUG
|
||||
fprintf (stderr, "Connection was made from %s.\n", inet_ntoa (peer.sin_addr));
|
||||
fprintf (stderr, "Connection was made from %s.\n",
|
||||
inet_ntoa (peer.sin_addr));
|
||||
#endif
|
||||
|
||||
/* Check that access is allowed - if not return crud to the client */
|
||||
if (!permitted (peer.sin_addr.s_addr, s)) {
|
||||
close (s);
|
||||
glibtop_warn ("Refused connection from %s.", inet_ntoa (peer.sin_addr));
|
||||
glibtop_warn ("Refused connection from %s.",
|
||||
inet_ntoa (peer.sin_addr));
|
||||
return;
|
||||
} /* if */
|
||||
|
||||
@@ -453,6 +455,7 @@ handle_unix_request (int ls)
|
||||
fprintf (stderr, "Accepted connection on socket %d.\n", s);
|
||||
#endif
|
||||
|
||||
#ifdef GLIBTOP_DAEMON_SLAVE
|
||||
pid = fork ();
|
||||
|
||||
if (pid == -1)
|
||||
@@ -461,7 +464,8 @@ handle_unix_request (int ls)
|
||||
if (pid)
|
||||
return;
|
||||
|
||||
handle_child_connection (s);
|
||||
handle_slave_connection (s, s);
|
||||
#endif
|
||||
|
||||
close (s);
|
||||
|
||||
@@ -502,7 +506,11 @@ main (int argc, char *argv [])
|
||||
|
||||
signal (SIGCHLD, handle_signal);
|
||||
|
||||
#ifdef GLIBTOP_DAEMON_SLAVE
|
||||
pid = fork ();
|
||||
#else
|
||||
pid = getpid ();
|
||||
#endif
|
||||
|
||||
if (pid == -1)
|
||||
glibtop_error_io ("fork failed");
|
||||
@@ -542,7 +550,11 @@ main (int argc, char *argv [])
|
||||
} else {
|
||||
/* We are the parent. */
|
||||
|
||||
#ifdef GLIBTOP_DAEMON_SLAVE
|
||||
const unsigned method = GLIBTOP_METHOD_UNIX;
|
||||
#else
|
||||
const unsigned method = GLIBTOP_METHOD_PIPE;
|
||||
#endif
|
||||
|
||||
const unsigned long features = GLIBTOP_SYSDEPS_ALL;
|
||||
|
||||
@@ -657,8 +669,11 @@ main (int argc, char *argv [])
|
||||
handle_internet_request (ils);
|
||||
#endif
|
||||
|
||||
if (FD_ISSET (fileno (stdin), &rmask))
|
||||
handle_child_connection (fileno (stdin));
|
||||
#ifdef GLIBTOP_DAEMON_SLAVE
|
||||
if ((pid == 0) && FD_ISSET (fileno (stdin), &rmask))
|
||||
handle_slave_connection (fileno (stdin),
|
||||
fileno (stdout));
|
||||
#endif
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
||||
Reference in New Issue
Block a user