Skip to content

Commit acf38cd

Browse files
author
git-core
committed
Move socket_path to the su context
Choose the value of the socket field in intents depending on the allow arg, because the socket_path argument is removed from send_intent. Use enum type for allow.
1 parent fcd02a7 commit acf38cd

File tree

4 files changed

+40
-29
lines changed

4 files changed

+40
-29
lines changed

activity.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,13 +25,14 @@
2525
#include "su.h"
2626

2727
int send_intent(const struct su_context *ctx,
28-
const char *socket_path, int allow, const char *action)
28+
allow_t allow, const char *action)
2929
{
3030
int rc;
3131

3232
pid_t pid = fork();
3333
/* Child */
3434
if (!pid) {
35+
const char *socket_path = (allow == INTERACTIVE) ? ctx->sock_path : "";
3536
char command[ARG_MAX];
3637

3738
snprintf(command, sizeof(command),

db.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -49,10 +49,10 @@ int database_check(const struct su_context *ctx)
4949
}
5050

5151
if (allow == '1') {
52-
return DB_ALLOW;
52+
return ALLOW;
5353
} else if (allow == '0') {
54-
return DB_DENY;
54+
return DENY;
5555
} else {
56-
return DB_INTERACTIVE;
56+
return INTERACTIVE;
5757
}
5858
}

su.c

Lines changed: 27 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -37,9 +37,6 @@
3737
#include "su.h"
3838
#include "utils.h"
3939

40-
/* Still lazt, will fix this */
41-
static char socket_path[PATH_MAX];
42-
4340
static int from_init(struct su_initiator *from)
4441
{
4542
char path[PATH_MAX], exe[PATH_MAX];
@@ -143,19 +140,30 @@ void set_identity(unsigned int uid)
143140
}
144141
}
145142

146-
static void socket_cleanup(void)
143+
static void socket_cleanup(struct su_context *ctx)
147144
{
148-
unlink(socket_path);
145+
if (ctx && ctx->sock_path[0]) {
146+
if (unlink(ctx->sock_path))
147+
PLOGE("unlink (%s)", ctx->sock_path);
148+
ctx->sock_path[0] = 0;
149+
}
149150
}
150151

152+
/*
153+
* For use in signal handlers/atexit-function
154+
* NOTE: su_ctx points to main's local variable.
155+
* It's OK due to the program uses exit(3), not return from main()
156+
*/
157+
static struct su_context *su_ctx = NULL;
158+
151159
static void cleanup(void)
152160
{
153-
socket_cleanup();
161+
socket_cleanup(su_ctx);
154162
}
155163

156164
static void cleanup_signal(int sig)
157165
{
158-
socket_cleanup();
166+
socket_cleanup(su_ctx);
159167
exit(128 + sig);
160168
}
161169

@@ -304,7 +312,7 @@ static __attribute__ ((noreturn)) void deny(const struct su_context *ctx)
304312
{
305313
char *cmd = get_command(&ctx->to);
306314

307-
send_intent(ctx, "", 0, ACTION_RESULT);
315+
send_intent(ctx, DENY, ACTION_RESULT);
308316
LOGW("request rejected (%u->%u %s)", ctx->from.uid, ctx->to.uid, cmd);
309317
fprintf(stderr, "%s\n", strerror(EACCES));
310318
exit(EXIT_FAILURE);
@@ -316,7 +324,7 @@ static __attribute__ ((noreturn)) void allow(const struct su_context *ctx)
316324
int argc, err;
317325

318326
umask(ctx->umask);
319-
send_intent(ctx, "", 1, ACTION_RESULT);
327+
send_intent(ctx, ALLOW, ACTION_RESULT);
320328

321329
arg0 = strrchr (ctx->to.shell, '/');
322330
arg0 = (arg0) ? arg0 + 1 : ctx->to.shell;
@@ -435,9 +443,9 @@ int main(int argc, char *argv[])
435443
},
436444
};
437445
struct stat st;
438-
int socket_serv_fd, fd;
446+
int c, socket_serv_fd, fd;
439447
char buf[64], *result;
440-
int c, dballow;
448+
allow_t dballow;
441449
struct option long_opts[] = {
442450
{ "command", required_argument, NULL, 'c' },
443451
{ "help", no_argument, NULL, 'h' },
@@ -557,17 +565,18 @@ int main(int argc, char *argv[])
557565

558566
dballow = database_check(&ctx);
559567
switch (dballow) {
560-
case DB_DENY: deny(&ctx);
561-
case DB_ALLOW: allow(&ctx);
562-
case DB_INTERACTIVE: break;
563-
default: deny(&ctx);
568+
case INTERACTIVE: break;
569+
case ALLOW: allow(&ctx); /* never returns */
570+
case DENY:
571+
default: deny(&ctx); /* never returns too */
564572
}
565573

566-
socket_serv_fd = socket_create_temp(socket_path, sizeof(socket_path));
574+
socket_serv_fd = socket_create_temp(ctx.sock_path, sizeof(ctx.sock_path));
567575
if (socket_serv_fd < 0) {
568576
deny(&ctx);
569577
}
570578

579+
su_ctx = &ctx;
571580
signal(SIGHUP, cleanup_signal);
572581
signal(SIGPIPE, cleanup_signal);
573582
signal(SIGTERM, cleanup_signal);
@@ -576,7 +585,7 @@ int main(int argc, char *argv[])
576585
signal(SIGABRT, cleanup_signal);
577586
atexit(cleanup);
578587

579-
if (send_intent(&ctx, socket_path, -1, ACTION_REQUEST) < 0) {
588+
if (send_intent(&ctx, INTERACTIVE, ACTION_REQUEST) < 0) {
580589
deny(&ctx);
581590
}
582591

@@ -593,7 +602,7 @@ int main(int argc, char *argv[])
593602

594603
close(fd);
595604
close(socket_serv_fd);
596-
socket_cleanup();
605+
socket_cleanup(&ctx);
597606

598607
result = buf;
599608

su.h

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -70,18 +70,19 @@ struct su_context {
7070
struct su_initiator from;
7171
struct su_request to;
7272
mode_t umask;
73+
char sock_path[PATH_MAX];
7374
};
7475

75-
enum {
76-
DB_INTERACTIVE,
77-
DB_DENY,
78-
DB_ALLOW
79-
};
76+
typedef enum {
77+
INTERACTIVE = -1,
78+
DENY = 0,
79+
ALLOW = 1,
80+
} allow_t;
8081

81-
extern int database_check(const struct su_context *ctx);
82+
extern allow_t database_check(const struct su_context *ctx);
8283
extern void set_identity(unsigned int uid);
8384
extern int send_intent(const struct su_context *ctx,
84-
const char *socket_path, int allow, const char *action);
85+
allow_t allow, const char *action);
8586

8687
static inline char *get_command(const struct su_request *to)
8788
{

0 commit comments

Comments
 (0)