[SCM] UID Wrapper Repository - branch master updated
Andreas Schneider
asn at samba.org
Tue Dec 17 05:40:39 MST 2013
The branch, master has been updated
via 8f8e057 uwrap: Remove obsolete uwrap_libc_fn().
via 0a2f692 uwrap: Load libc_syscall correctly.
via 9655c33 uwrap: Add libc_getgroups().
via 40b3089 uwrap: Add libc_getgroups().
via 496597f uwrap: Add libc_getegid().
via 5e7437d uwrap: Add libc_setregid().
via 0a08fb9 uwrap: Add libc_setregid().
via 75d4358 uwrap: Add libc_setgeid().
via cd7caf4 uwarp: Add libc_getgid().
via 189235a uwrap: Add libc_setgid().
via 27b8eac uwrap: Add libc_geteuid().
via 863fa03 uwrap: Add libc_setresuid().
via acc5f58 uwrap: Add libc_setreuid().
via e26dcbd uwrap: Add libc_seteuid().
via 1693c1e uwrap: Add libc_getuid().
via 1a2f908 uwrap: Add libc_setuid().
via bc56160 uwrap: Add uwrap_load_lib_function().
via ac320d3 uwrap: Add uwrap_load_lib_handle().
from 644c98e tests: Add a test for getgroups().
http://gitweb.samba.org/?p=uid_wrapper.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8f8e057dfe0c3bd47e9b77d9ec0f659d9cb5fb39
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:39:42 2013 +0100
uwrap: Remove obsolete uwrap_libc_fn().
commit 0a2f692d22b1e95aad34f2c540a361d03ae82b9b
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:38:30 2013 +0100
uwrap: Load libc_syscall correctly.
commit 9655c33988a82cea5215a0bb51becf53b2536e63
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:36:15 2013 +0100
uwrap: Add libc_getgroups().
commit 40b30893e36cd2b30c02163665a1b95825038f0a
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:35:21 2013 +0100
uwrap: Add libc_getgroups().
commit 496597f7bde16d350f0d3f1c7835b84b88c95b84
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:33:57 2013 +0100
uwrap: Add libc_getegid().
commit 5e7437ddc154ca2b2091a7eb4aa140caabc60c61
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:31:28 2013 +0100
uwrap: Add libc_setregid().
commit 0a08fb98edc881fae7565c10c825d2c3597c3c99
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:28:37 2013 +0100
uwrap: Add libc_setregid().
commit 75d435884d29b0e0d873438c8e6acddbd6bcb2d2
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:27:12 2013 +0100
uwrap: Add libc_setgeid().
commit cd7caf4088c448422ec3fdac282c63eb8bf13c56
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:26:04 2013 +0100
uwarp: Add libc_getgid().
commit 189235a8556971c39c9cf4770fbfa16ba1493da8
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:24:59 2013 +0100
uwrap: Add libc_setgid().
commit 27b8eac9bc3e0a7e62dc5ded95850e31f720d671
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:20:02 2013 +0100
uwrap: Add libc_geteuid().
commit 863fa03a7d065b279f6cd13388b00625c5a34c88
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:10:08 2013 +0100
uwrap: Add libc_setresuid().
commit acc5f58a663f7058b8d286804fa9331b0716c54d
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:08:16 2013 +0100
uwrap: Add libc_setreuid().
commit e26dcbd3cb18d754865ba866b0fd8df16169a4fe
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:06:49 2013 +0100
uwrap: Add libc_seteuid().
commit 1693c1e67943d57d6f551b06a0514ed8ded054ab
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:05:34 2013 +0100
uwrap: Add libc_getuid().
commit 1a2f908cb8229dbd606917ad026925d3dbfe3ab7
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 13:03:40 2013 +0100
uwrap: Add libc_setuid().
commit bc56160b5659a7345524402258ae3a674fcc84a5
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 12:59:49 2013 +0100
uwrap: Add uwrap_load_lib_function().
commit ac320d3eedc88584e9bafab0111616fd5228ae84
Author: Andreas Schneider <asn at samba.org>
Date: Tue Dec 17 12:57:29 2013 +0100
uwrap: Add uwrap_load_lib_handle().
-----------------------------------------------------------------------
Summary of changes:
src/uid_wrapper.c | 301 +++++++++++++++++++++++++++++++++++++----------------
1 files changed, 212 insertions(+), 89 deletions(-)
Changeset truncated at 500 lines:
diff --git a/src/uid_wrapper.c b/src/uid_wrapper.c
index 2ea1cdf..2f3d3ad 100644
--- a/src/uid_wrapper.c
+++ b/src/uid_wrapper.c
@@ -92,7 +92,7 @@ struct uwrap_libc_fns {
#ifdef HAVE_SETREUID
int (*_libc_setreuid)(uid_t ruid, uid_t euid);
#endif
-#ifdef HAVE_SETREUID
+#ifdef HAVE_SETRESUID
int (*_libc_setresuid)(uid_t ruid, uid_t euid, uid_t suid);
#endif
uid_t (*_libc_geteuid)(void);
@@ -105,7 +105,7 @@ struct uwrap_libc_fns {
#ifdef HAVE_SETREGID
int (*_libc_setregid)(uid_t rgid, uid_t egid);
#endif
-#ifdef HAVE_SETREGID
+#ifdef HAVE_SETRESGID
int (*_libc_setresgid)(uid_t rgid, uid_t egid, uid_t sgid);
#endif
gid_t (*_libc_getegid)(void);
@@ -161,85 +161,233 @@ static UWRAP_THREAD struct uwrap_thread *uwrap_tls_id;
/* The mutex or accessing the id */
static pthread_mutex_t uwrap_id_mutex = PTHREAD_MUTEX_INITIALIZER;
-static void *uwrap_libc_fn(struct uwrap *u, const char *fn_name)
+/*********************************************************
+ * UWRAP LIBC LOADER FUNCTIONS
+ *********************************************************/
+
+enum uwrap_lib {
+ UWRAP_LIBC,
+ UWRAP_LIBNSL,
+ UWRAP_LIBSOCKET,
+};
+
+static void *uwrap_load_lib_handle(enum uwrap_lib lib)
{
- void *func;
+ int flags = RTLD_LAZY;
+ void *handle = NULL;
+ int i;
#ifdef HAVE_APPLE
- func = dlsym(RTLD_NEXT, fn_name);
-#else
- if (u->libc.handle == NULL) {
- return NULL;
- }
+ return RTLD_NEXT;
+#endif
- func = dlsym(u->libc.handle, fn_name);
+#ifdef RTLD_DEEPBIND
+ flags |= RTLD_DEEPBIND;
#endif
- if (func == NULL) {
- printf("Failed to find %s in %s: %s\n",
- fn_name, LIBC_NAME, dlerror());
+
+ switch (lib) {
+ case UWRAP_LIBNSL:
+ /* FALL TROUGH */
+ case UWRAP_LIBSOCKET:
+ /* FALL TROUGH */
+ case UWRAP_LIBC:
+ if (handle == NULL) {
+ for (handle = NULL, i = 10; handle == NULL && i >= 0; i--) {
+ char soname[256] = {0};
+
+ snprintf(soname, sizeof(soname), "libc.so.%d", i);
+ handle = dlopen(soname, flags);
+ }
+
+ uwrap.libc.handle = handle;
+ } else {
+ handle = uwrap.libc.handle;
+ }
+ break;
+ }
+
+ if (handle == NULL) {
+ fprintf(stderr,
+ "Failed to dlopen library: %s\n",
+ dlerror());
exit(-1);
}
- return func;
+ return handle;
}
-static void uwrap_libc_init(struct uwrap *u)
+static void *_uwrap_load_lib_function(enum uwrap_lib lib, const char *fn_name)
{
- unsigned int i = 0;
-#ifndef HAVE_APPLE
- int flags = RTLD_LAZY;
-
-#ifdef RTLD_DEEPBIND
- flags |= RTLD_DEEPBIND;
-#endif
+ void *handle;
+ void *func;
- for (u->libc.handle = NULL, i = 10; u->libc.handle == NULL; i--) {
- char soname[256] = {0};
+ handle = uwrap_load_lib_handle(lib);
- snprintf(soname, sizeof(soname), "%s.%u", LIBC_NAME, i);
- u->libc.handle = dlopen(soname, flags);
+ func = dlsym(handle, fn_name);
+ if (func == NULL) {
+ fprintf(stderr,
+ "Failed to find %s: %s\n",
+ fn_name, dlerror());
+ exit(-1);
}
- if (u->libc.handle == NULL) {
- printf("Failed to dlopen %s.%u: %s\n", LIBC_NAME, i, dlerror());
- exit(-1);
+ return func;
+}
+
+#define uwrap_load_lib_function(lib, fn_name) \
+ if (uwrap.libc.fns._libc_##fn_name == NULL) { \
+ *(void **) (&uwrap.libc.fns._libc_##fn_name) = \
+ _uwrap_load_lib_function(lib, #fn_name); \
}
-#endif
- *(void **) (&u->libc.fns._libc_setuid) = uwrap_libc_fn(u, "setuid");
- *(void **) (&u->libc.fns._libc_getuid) = uwrap_libc_fn(u, "getuid");
+/*
+ * IMPORTANT
+ *
+ * Functions expeciall from libc need to be loaded individually, you can't load
+ * all at once or gdb will segfault at startup. The same applies to valgrind and
+ * has probably something todo with with the linker.
+ * So we need load each function at the point it is called the first time.
+ */
+static int libc_setuid(uid_t uid)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, setuid);
+
+ return uwrap.libc.fns._libc_setuid(uid);
+}
+
+static uid_t libc_getuid(void)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, getuid);
+
+ return uwrap.libc.fns._libc_getuid();
+}
#ifdef HAVE_SETEUID
- *(void **) (&u->libc.fns._libc_seteuid) = uwrap_libc_fn(u, "seteuid");
+static int libc_seteuid(uid_t euid)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, seteuid);
+
+ return uwrap.libc.fns._libc_seteuid(euid);
+}
#endif
+
#ifdef HAVE_SETREUID
- *(void **) (&u->libc.fns._libc_setreuid) = uwrap_libc_fn(u, "setreuid");
+static int libc_setreuid(uid_t ruid, uid_t euid)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, setreuid);
+
+ return uwrap.libc.fns._libc_setreuid(ruid, euid);
+}
#endif
+
#ifdef HAVE_SETRESUID
- *(void **) (&u->libc.fns._libc_setresuid) = uwrap_libc_fn(u, "setresuid");
+int libc_setresuid(uid_t ruid, uid_t euid, uid_t suid);
+{
+ uwrap_load_lib_function(UWRAP_LIBC, setresuid);
+
+ return uwrap.libc.fns._libc_setresuid(ruid, euid, suid);
+}
#endif
- *(void **) (&u->libc.fns._libc_geteuid) = uwrap_libc_fn(u, "geteuid");
- *(void **) (&u->libc.fns._libc_setgid) = uwrap_libc_fn(u, "setgid");
- *(void **) (&u->libc.fns._libc_getgid) = uwrap_libc_fn(u, "getgid");
+static uid_t libc_geteuid(void)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, geteuid);
+
+ return uwrap.libc.fns._libc_geteuid();
+}
+
+static int libc_setgid(gid_t gid)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, setgid);
+
+ return uwrap.libc.fns._libc_setgid(gid);
+}
+
+static gid_t libc_getgid(void)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, getgid);
+
+ return uwrap.libc.fns._libc_getgid();
+}
+
#ifdef HAVE_SETEGID
- *(void **) (&u->libc.fns._libc_setegid) = uwrap_libc_fn(u, "setegid");
+static int libc_setegid(gid_t egid)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, setegid);
+
+ return uwrap.libc.fns._libc_setegid(egid);
+}
#endif
+
#ifdef HAVE_SETREGID
- *(void **) (&u->libc.fns._libc_setregid) = uwrap_libc_fn(u, "setregid");
+static int libc_setregid(gid_t rgid, gid_t egid)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, setregid);
+
+ return uwrap.libc.fns._libc_setregid(rgid, egid);
+}
#endif
+
#ifdef HAVE_SETRESGID
- *(void **) (&u->libc.fns._libc_setresgid) = uwrap_libc_fn(u, "setresgid");
+static int libc_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, setresgid);
+
+ return uwrap.libc.fns._libc_setresgid(rgid, egid, sgid);
+}
#endif
- *(void **) (&u->libc.fns._libc_getegid) = uwrap_libc_fn(u, "getegid");
- *(void **) (&u->libc.fns._libc_getgroups) = uwrap_libc_fn(u, "getgroups");
- *(void **) (&u->libc.fns._libc_setgroups) = uwrap_libc_fn(u, "setgroups");
- *(void **) (&u->libc.fns._libc_getuid) = uwrap_libc_fn(u, "getuid");
- *(void **) (&u->libc.fns._libc_getgid) = uwrap_libc_fn(u, "getgid");
+
+static gid_t libc_getegid(void)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, getegid);
+
+ return uwrap.libc.fns._libc_getegid();
+}
+
+static int libc_getgroups(int size, gid_t list[])
+{
+ uwrap_load_lib_function(UWRAP_LIBC, getgroups);
+
+ return uwrap.libc.fns._libc_getgroups(size, list);
+}
+
+static int libc_setgroups(size_t size, const gid_t *list)
+{
+ uwrap_load_lib_function(UWRAP_LIBC, setgroups);
+
+ return uwrap.libc.fns._libc_setgroups(size, list);
+}
+
#ifdef HAVE_SYSCALL
- *(void **) (&u->libc.fns._libc_syscall) = uwrap_libc_fn(u, "syscall");
-#endif
+static long int libc_vsyscall(long int sysno, va_list va)
+{
+ long int args[8];
+ long int rc;
+ int i;
+
+ uwrap_load_lib_function(UWRAP_LIBC, syscall);
+
+ for (i = 0; i < 8; i++) {
+ args[i] = va_arg(va, long int);
+ }
+
+ rc = uwrap.libc.fns._libc_syscall(sysno,
+ args[0],
+ args[1],
+ args[2],
+ args[3],
+ args[4],
+ args[5],
+ args[6],
+ args[7]);
+
+ return rc;
}
+#endif
+
+/*********************************************************
+ * UWRAP ID HANDLING
+ *********************************************************/
static struct uwrap_thread *find_uwrap_id(pthread_t tid)
{
@@ -354,8 +502,6 @@ static void uwrap_init(void)
pthread_mutex_lock(&uwrap_id_mutex);
- uwrap_libc_init(&uwrap);
-
uwrap.initialised = true;
uwrap.enabled = false;
@@ -368,8 +514,8 @@ static void uwrap_init(void)
uwrap.myuid = 0;
uwrap.mygid = 0;
} else {
- uwrap.myuid = uwrap.libc.fns._libc_geteuid();
- uwrap.mygid = uwrap.libc.fns._libc_getegid();
+ uwrap.myuid = libc_geteuid();
+ uwrap.mygid = libc_getegid();
}
rc = uwrap_new_id(tid, 1);
@@ -454,7 +600,7 @@ static int uwrap_setresuid(uid_t ruid, uid_t euid, uid_t suid)
int setuid(uid_t uid)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_setuid(uid);
+ return libc_setuid(uid);
}
return uwrap_setresuid(uid, -1, -1);
@@ -469,7 +615,7 @@ int seteuid(uid_t euid)
}
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_seteuid(euid);
+ return libc_seteuid(euid);
}
return uwrap_setresuid(-1, euid, -1);
@@ -485,7 +631,7 @@ int setreuid(uid_t ruid, uid_t euid)
}
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_setreuid(ruid, euid);
+ return libc_setreuid(ruid, euid);
}
return uwrap_setresuid(ruid, euid, -1);
@@ -496,7 +642,7 @@ int setreuid(uid_t ruid, uid_t euid)
int setresuid(uid_t ruid, uid_t euid, uid_t suid)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_setresuid(ruid, euid, suid);
+ return libc_setresuid(ruid, euid, suid);
}
return uwrap_setresuid(ruid, euid, suid);
@@ -521,7 +667,7 @@ static uid_t uwrap_getuid(void)
uid_t getuid(void)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_getuid();
+ return libc_getuid();
}
return uwrap_getuid();
@@ -551,7 +697,7 @@ static uid_t uwrap_geteuid(void)
uid_t geteuid(void)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_geteuid();
+ return libc_geteuid();
}
return uwrap_geteuid();
@@ -621,7 +767,7 @@ static int uwrap_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
int setgid(gid_t gid)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_setgid(gid);
+ return libc_setgid(gid);
}
return uwrap_setresgid(gid, -1, -1);
@@ -631,7 +777,7 @@ int setgid(gid_t gid)
int setegid(gid_t egid)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_setegid(egid);
+ return libc_setegid(egid);
}
return uwrap_setresgid(-1, egid, -1);
@@ -642,7 +788,7 @@ int setegid(gid_t egid)
int setregid(gid_t rgid, gid_t egid)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_setregid(rgid, egid);
+ return libc_setregid(rgid, egid);
}
return uwrap_setresgid(rgid, egid, -1);
@@ -653,7 +799,7 @@ int setregid(gid_t rgid, gid_t egid)
int setresgid(gid_t rgid, gid_t egid, gid_t sgid)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_setregid(rgid, egid, sgid);
+ return libc_setresgid(rgid, egid, sgid);
}
return uwrap_setresgid(rgid, egid, sgid);
@@ -678,7 +824,7 @@ static gid_t uwrap_getgid(void)
gid_t getgid(void)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_getgid();
+ return libc_getgid();
}
return uwrap_getgid();
@@ -702,7 +848,7 @@ static uid_t uwrap_getegid(void)
uid_t getegid(void)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_getegid();
+ return libc_getegid();
}
return uwrap_getegid();
@@ -771,7 +917,7 @@ int setgroups(size_t size, const gid_t *list)
#endif
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_setgroups(size, list);
+ return libc_setgroups(size, list);
}
return uwrap_setgroups(size, list);
@@ -806,35 +952,12 @@ out:
int getgroups(int size, gid_t *list)
{
if (!uwrap_enabled()) {
- return uwrap.libc.fns._libc_getgroups(size, list);
+ return libc_getgroups(size, list);
}
return uwrap_getgroups(size, list);
}
-static long int libc_vsyscall(long int sysno, va_list va)
-{
- long int args[8];
- long int rc;
- int i;
-
- for (i = 0; i < 8; i++) {
- args[i] = va_arg(va, long int);
- }
-
- rc = uwrap.libc.fns._libc_syscall(sysno,
- args[0],
- args[1],
- args[2],
- args[3],
- args[4],
- args[5],
- args[6],
- args[7]);
-
- return rc;
-}
-
#if (defined(HAVE_SYS_SYSCALL_H) || defined(HAVE_SYSCALL_H)) \
&& (defined(SYS_setreuid) || defined(SYS_setreuid32))
static long int uwrap_syscall (long int sysno, va_list vp)
--
UID Wrapper Repository
More information about the samba-cvs
mailing list