Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/external/bsd/blacklist blacklist: Allow blacklist_sa to work...



details:   https://anonhg.NetBSD.org/src/rev/5553199fda93
branches:  trunk
changeset: 1008095:5553199fda93
user:      roy <roy%NetBSD.org@localhost>
date:      Wed Mar 11 02:12:08 2020 +0000

description:
blacklist: Allow blacklist_sa to work with an invalid fd

fd -1 is invalid, so don't query it for protocol, port or address.

fd is supposed to represent how the client is connected, but if we are
parsing route(4) messages or log files then there is no client connection
to interogate.

diffstat:

 external/bsd/blacklist/bin/blacklistd.c |  16 +++++++++-------
 external/bsd/blacklist/bin/conf.c       |  13 +++++++++++--
 external/bsd/blacklist/lib/bl.c         |  32 +++++++++++++++++---------------
 3 files changed, 37 insertions(+), 24 deletions(-)

diffs (151 lines):

diff -r 25af6856fc19 -r 5553199fda93 external/bsd/blacklist/bin/blacklistd.c
--- a/external/bsd/blacklist/bin/blacklistd.c   Tue Mar 10 22:38:41 2020 +0000
+++ b/external/bsd/blacklist/bin/blacklistd.c   Wed Mar 11 02:12:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: blacklistd.c,v 1.40 2020/03/10 13:36:07 roy Exp $      */
+/*     $NetBSD: blacklistd.c,v 1.41 2020/03/11 02:12:08 roy Exp $      */
 
 /*-
  * Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -32,7 +32,7 @@
 #include "config.h"
 #endif
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: blacklistd.c,v 1.40 2020/03/10 13:36:07 roy Exp $");
+__RCSID("$NetBSD: blacklistd.c,v 1.41 2020/03/11 02:12:08 roy Exp $");
 
 #include <sys/types.h>
 #include <sys/socket.h>
@@ -119,12 +119,14 @@
        *rsl = sizeof(*rss);
        memset(rss, 0, *rsl);
 
-       if (getpeername(bi->bi_fd, (void *)rss, rsl) != -1)
-               return 0;
+       if (bi->bi_fd != -1) {
+               if (getpeername(bi->bi_fd, (void *)rss, rsl) != -1)
+                       return 0;
 
-       if (errno != ENOTCONN) {
-               (*lfun)(LOG_ERR, "getpeername failed (%m)");
-               return -1;
+               if (errno != ENOTCONN) {
+                       (*lfun)(LOG_ERR, "getpeername failed (%m)");
+                       return -1;
+               }
        }
 
        if (bi->bi_slen == 0) {
diff -r 25af6856fc19 -r 5553199fda93 external/bsd/blacklist/bin/conf.c
--- a/external/bsd/blacklist/bin/conf.c Tue Mar 10 22:38:41 2020 +0000
+++ b/external/bsd/blacklist/bin/conf.c Wed Mar 11 02:12:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: conf.c,v 1.26 2020/03/10 13:36:07 roy Exp $    */
+/*     $NetBSD: conf.c,v 1.27 2020/03/11 02:12:08 roy Exp $    */
 
 /*-
  * Copyright (c) 2015 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
 #endif
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: conf.c,v 1.26 2020/03/10 13:36:07 roy Exp $");
+__RCSID("$NetBSD: conf.c,v 1.27 2020/03/11 02:12:08 roy Exp $");
 
 #include <stdio.h>
 #ifdef HAVE_LIBUTIL_H
@@ -1009,6 +1009,14 @@
        char buf[BUFSIZ];
 
        memset(cr, 0, sizeof(*cr));
+
+       if (fd == -1) {
+               cr->c_proto = FSTAR;
+               cr->c_port = FSTAR;
+               memcpy(&lss, rss, sizeof(lss));
+               goto done_fd;
+       }
+
        slen = sizeof(lss);
        memset(&lss, 0, slen);
        if (getsockname(fd, (void *)&lss, &slen) == -1) {
@@ -1051,6 +1059,7 @@
                return NULL;
        }
 
+done_fd:
        cr->c_ss = lss;
        cr->c_lmask = FSTAR;
        cr->c_uid = (int)uid;
diff -r 25af6856fc19 -r 5553199fda93 external/bsd/blacklist/lib/bl.c
--- a/external/bsd/blacklist/lib/bl.c   Tue Mar 10 22:38:41 2020 +0000
+++ b/external/bsd/blacklist/lib/bl.c   Wed Mar 11 02:12:08 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bl.c,v 1.29 2020/03/10 13:36:08 roy Exp $      */
+/*     $NetBSD: bl.c,v 1.30 2020/03/11 02:12:08 roy Exp $      */
 
 /*-
  * Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -33,7 +33,7 @@
 #endif
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: bl.c,v 1.29 2020/03/10 13:36:08 roy Exp $");
+__RCSID("$NetBSD: bl.c,v 1.30 2020/03/11 02:12:08 roy Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -384,7 +384,6 @@
        if (bl_getsock(b, &ub.bl.bl_ss, sa, slen, ctx) == -1)
                return -1;
 
-
        ub.bl.bl_salen = slen;
        memcpy(ub.bl.bl_data, ctx, ctxlen);
 
@@ -394,15 +393,17 @@
        msg.msg_iovlen = 1;
        msg.msg_flags = 0;
 
-       msg.msg_control = ua.ctrl;
-       msg.msg_controllen = sizeof(ua.ctrl);
+       if (pfd != -1) {
+               msg.msg_control = ua.ctrl;
+               msg.msg_controllen = sizeof(ua.ctrl);
 
-       cmsg = CMSG_FIRSTHDR(&msg);
-       cmsg->cmsg_len = CMSG_LEN(sizeof(int));
-       cmsg->cmsg_level = SOL_SOCKET;
-       cmsg->cmsg_type = SCM_RIGHTS;
+               cmsg = CMSG_FIRSTHDR(&msg);
+               cmsg->cmsg_len = CMSG_LEN(sizeof(int));
+               cmsg->cmsg_level = SOL_SOCKET;
+               cmsg->cmsg_type = SCM_RIGHTS;
 
-       memcpy(CMSG_DATA(cmsg), &pfd, sizeof(pfd));
+               memcpy(CMSG_DATA(cmsg), &pfd, sizeof(pfd));
+       }
 
        tried = 0;
 again:
@@ -494,14 +495,15 @@
 
        }
 
-       if (got != (GOT_CRED|GOT_FD)) {
-               bl_log(b->b_fun, LOG_ERR, "message missing %s %s",
+       if (!(got & GOT_FD))
+               bi->bi_fd = -1;
+
 #if GOT_CRED != 0
-                   (got & GOT_CRED) == 0 ? "cred" :
-#endif
-                   "", (got & GOT_FD) == 0 ? "fd" : "");
+       if (!(got & GOT_CRED)) {
+               bl_log(b->b_fun, LOG_ERR, "message missing cred");
                return NULL;
        }
+#endif
 
        if ((size_t)rlen <= sizeof(ub.bl)) {
                bl_log(b->b_fun, LOG_ERR, "message too short %zd", rlen);



Home | Main Index | Thread Index | Old Index