[ipfire-3.x.git] / dhcp / patches / dhcp-4.2.5-paranoia.patch

diff -up dhcp-4.2.5/client/dhclient.c.paranoia dhcp-4.2.5/client/dhclient.c
--- dhcp-4.2.5/client/dhclient.c.paranoia	2013-03-26 13:14:50.574542083 +0100
+++ dhcp-4.2.5/client/dhclient.c	2013-03-26 13:14:50.584541964 +0100
@@ -1698,11 +1698,6 @@ int write_host (host)
 	return 0;
 }
 
-void db_startup (testp)
-	int testp;
-{
-}
-
 void bootp (packet)
 	struct packet *packet;
 {
diff -up dhcp-4.2.5/includes/dhcpd.h.paranoia dhcp-4.2.5/includes/dhcpd.h
--- dhcp-4.2.5/includes/dhcpd.h.paranoia	2013-03-26 13:14:50.576542059 +0100
+++ dhcp-4.2.5/includes/dhcpd.h	2013-03-26 13:14:50.585541952 +0100
@@ -2798,7 +2798,11 @@ void commit_leases_timeout (void *);
 void commit_leases_readerdry(void *);
 int commit_leases (void);
 int commit_leases_timed (void);
+#if defined (PARANOIA)
+void db_startup (int, uid_t, gid_t);
+#else
 void db_startup (int);
+#endif /* PARANOIA */
 int new_lease_file (void);
 int group_writer (struct group_object *);
 int write_ia(const struct ia_xx *);
diff -up dhcp-4.2.5/server/confpars.c.paranoia dhcp-4.2.5/server/confpars.c
--- dhcp-4.2.5/server/confpars.c.paranoia	2013-03-26 13:14:50.522542705 +0100
+++ dhcp-4.2.5/server/confpars.c	2013-03-26 13:14:50.587541928 +0100
@@ -224,7 +224,11 @@ void trace_conf_input (trace_type_t *tty
 	}
 
 	if (!leaseconf_initialized && ttype == trace_readleases_type) {
+#if defined (PARANOIA)
+		db_startup (0, 0, 0);
+#else
 		db_startup (0);
+#endif /* PARANOIA */
 		leaseconf_initialized = 1;
 		postdb_startup ();
 	}
diff -up dhcp-4.2.5/server/db.c.paranoia dhcp-4.2.5/server/db.c
--- dhcp-4.2.5/server/db.c.paranoia	2013-03-26 13:14:50.522542705 +0100
+++ dhcp-4.2.5/server/db.c	2013-03-26 13:14:50.588541916 +0100
@@ -47,6 +47,10 @@ static int counting = 0;
 static int count = 0;
 TIME write_time;
 int lease_file_is_corrupt = 0;
+#if defined (PARANOIA)
+uid_t global_set_uid = 0;
+gid_t global_set_gid = 0;
+#endif /* PARANOIA */
 
 /* Write a single binding scope value in parsable format.
  */
@@ -1026,8 +1030,11 @@ int commit_leases_timed()
 	return (1);
 }
 
-void db_startup (testp)
-	int testp;
+#if defined (PARANOIA)
+void db_startup (int testp, uid_t set_uid, gid_t set_gid)
+#else
+void db_startup (int testp)
+#endif /* PARANOIA */
 {
 	isc_result_t status;
 
@@ -1046,6 +1053,11 @@ void db_startup (testp)
 	}
 #endif
 
+#if defined (PARANOIA)
+	global_set_uid = set_uid;
+	global_set_gid = set_gid;
+#endif /* PARANOIA */
+
 #if defined (TRACING)
 	/* If we're playing back, there is no lease file, so we can't
 	   append it, so we create one immediately (maybe this isn't
@@ -1108,6 +1120,17 @@ int new_lease_file ()
 		log_error ("Can't create new lease file: %m");
 		return 0;
 	}
+
+#if defined (PARANOIA)
+	if (global_set_uid && !geteuid() &&
+	    global_set_gid && !getegid())
+		if (fchown(db_fd, global_set_uid, global_set_gid)) {
+			log_fatal ("Can't chown new lease file: %m");
+			close(db_fd);
+			goto fdfail;
+	}
+#endif /* PARANOIA */
+
 	if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
 		log_error("Can't fdopen new lease file: %m");
 		close(db_fd);
diff -up dhcp-4.2.5/server/dhcpd.8.paranoia dhcp-4.2.5/server/dhcpd.8
--- dhcp-4.2.5/server/dhcpd.8.paranoia	2013-01-03 01:02:25.000000000 +0100
+++ dhcp-4.2.5/server/dhcpd.8	2013-03-26 13:28:16.576604471 +0100
@@ -82,6 +82,18 @@ dhcpd - Dynamic Host Configuration Proto
 .I trace-output-file
 ]
 [
+.B -user
+.I user
+]
+[
+.B -group
+.I group
+]
+[
+.B -chroot
+.I dir
+]
+[
 .B -play
 .I trace-playback-file
 ]
@@ -269,6 +281,15 @@ lease file.
 .TP
 .BI --version
 Print version number and exit.
+.TP
+.BI \-user \ user
+Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports.
+.TP
+.BI \-group \ group
+Setgid to group after completing privileged operations, such as creating sockets that listen on privileged ports.
+.TP
+.BI \-chroot \ dir
+Chroot to directory after processing the command line arguments, but before reading the configuration file.
 .PP
 .I Modifying default file locations:
 The following options can be used to modify the locations 
diff -up dhcp-4.2.5/server/dhcpd.c.paranoia dhcp-4.2.5/server/dhcpd.c
--- dhcp-4.2.5/server/dhcpd.c.paranoia	2013-03-26 13:14:50.523542693 +0100
+++ dhcp-4.2.5/server/dhcpd.c	2013-03-26 13:14:50.589541904 +0100
@@ -702,7 +702,11 @@ main(int argc, char **argv) {
 	group_write_hook = group_writer;
 
 	/* Start up the database... */
+#if defined (PARANOIA)
+	db_startup (lftest, set_uid, set_gid);
+#else
 	db_startup (lftest);
+#endif /* PARANOIA */
 
 	if (lftest)
 		exit (0);
@@ -773,22 +777,6 @@ main(int argc, char **argv) {
 			exit (0);
 	}
  
-#if defined (PARANOIA)
-	/* change uid to the specified one */
-
-	if (set_gid) {
-		if (setgroups (0, (void *)0))
-			log_fatal ("setgroups: %m");
-		if (setgid (set_gid))
-			log_fatal ("setgid(%d): %m", (int) set_gid);
-	}	
-
-	if (set_uid) {
-		if (setuid (set_uid))
-			log_fatal ("setuid(%d): %m", (int) set_uid);
-	}
-#endif /* PARANOIA */
-
 	/*
 	 * Deal with pid files.  If the user told us
 	 * not to write a file we don't read one either
@@ -825,6 +813,22 @@ main(int argc, char **argv) {
 		}
 	}
 
+#if defined (PARANOIA)
+	/* change uid to the specified one */
+
+	if (set_gid) {
+		if (setgroups (0, (void *)0))
+			log_fatal ("setgroups: %m");
+		if (setgid (set_gid))
+			log_fatal ("setgid(%d): %m", (int) set_gid);
+	}	
+
+	if (set_uid) {
+		if (setuid (set_uid))
+			log_fatal ("setuid(%d): %m", (int) set_uid);
+	}
+#endif /* PARANOIA */
+
 	/* If we were requested to log to stdout on the command line,
 	   keep doing so; otherwise, stop. */
 	if (log_perror == -1)
Commit	Line	Data
177b938a MT	1	diff -up dhcp-4.2.5/client/dhclient.c.paranoia dhcp-4.2.5/client/dhclient.c
	2	--- dhcp-4.2.5/client/dhclient.c.paranoia 2013-03-26 13:14:50.574542083 +0100
	3	+++ dhcp-4.2.5/client/dhclient.c 2013-03-26 13:14:50.584541964 +0100
	4	@@ -1698,11 +1698,6 @@ int write_host (host)
	5	return 0;
	6	}
	7
	8	-void db_startup (testp)
	9	- int testp;
	10	-{
	11	-}
	12	-
	13	void bootp (packet)
	14	struct packet *packet;
	15	{
	16	diff -up dhcp-4.2.5/includes/dhcpd.h.paranoia dhcp-4.2.5/includes/dhcpd.h
	17	--- dhcp-4.2.5/includes/dhcpd.h.paranoia 2013-03-26 13:14:50.576542059 +0100
	18	+++ dhcp-4.2.5/includes/dhcpd.h 2013-03-26 13:14:50.585541952 +0100
	19	@@ -2798,7 +2798,11 @@ void commit_leases_timeout (void *);
	20	void commit_leases_readerdry(void *);
	21	int commit_leases (void);
	22	int commit_leases_timed (void);
	23	+#if defined (PARANOIA)
	24	+void db_startup (int, uid_t, gid_t);
	25	+#else
	26	void db_startup (int);
	27	+#endif /* PARANOIA */
	28	int new_lease_file (void);
	29	int group_writer (struct group_object *);
	30	int write_ia(const struct ia_xx *);
	31	diff -up dhcp-4.2.5/server/confpars.c.paranoia dhcp-4.2.5/server/confpars.c
	32	--- dhcp-4.2.5/server/confpars.c.paranoia 2013-03-26 13:14:50.522542705 +0100
	33	+++ dhcp-4.2.5/server/confpars.c 2013-03-26 13:14:50.587541928 +0100
	34	@@ -224,7 +224,11 @@ void trace_conf_input (trace_type_t *tty
	35	}
	36
	37	if (!leaseconf_initialized && ttype == trace_readleases_type) {
	38	+#if defined (PARANOIA)
	39	+ db_startup (0, 0, 0);
	40	+#else
	41	db_startup (0);
	42	+#endif /* PARANOIA */
	43	leaseconf_initialized = 1;
	44	postdb_startup ();
	45	}
	46	diff -up dhcp-4.2.5/server/db.c.paranoia dhcp-4.2.5/server/db.c
	47	--- dhcp-4.2.5/server/db.c.paranoia 2013-03-26 13:14:50.522542705 +0100
	48	+++ dhcp-4.2.5/server/db.c 2013-03-26 13:14:50.588541916 +0100
	49	@@ -47,6 +47,10 @@ static int counting = 0;
	50	static int count = 0;
	51	TIME write_time;
	52	int lease_file_is_corrupt = 0;
	53	+#if defined (PARANOIA)
	54	+uid_t global_set_uid = 0;
	55	+gid_t global_set_gid = 0;
	56	+#endif /* PARANOIA */
	57
	58	/* Write a single binding scope value in parsable format.
	59	*/
	60	@@ -1026,8 +1030,11 @@ int commit_leases_timed()
	61	return (1);
	62	}
	63
	64	-void db_startup (testp)
65	- int testp;
66	+#if defined (PARANOIA)
67	+void db_startup (int testp, uid_t set_uid, gid_t set_gid)
68	+#else
69	+void db_startup (int testp)
70	+#endif /* PARANOIA */
71	{
72	isc_result_t status;
73
74	@@ -1046,6 +1053,11 @@ void db_startup (testp)
75	}
76	#endif
77
78	+#if defined (PARANOIA)
79	+ global_set_uid = set_uid;
80	+ global_set_gid = set_gid;
81	+#endif /* PARANOIA */
82	+
83	#if defined (TRACING)
84	/* If we're playing back, there is no lease file, so we can't
85	append it, so we create one immediately (maybe this isn't
86	@@ -1108,6 +1120,17 @@ int new_lease_file ()
87	log_error ("Can't create new lease file: %m");
88	return 0;
89	}
90	+
91	+#if defined (PARANOIA)
92	+ if (global_set_uid && !geteuid() &&
93	+ global_set_gid && !getegid())
94	+ if (fchown(db_fd, global_set_uid, global_set_gid)) {
95	+ log_fatal ("Can't chown new lease file: %m");
96	+ close(db_fd);
97	+ goto fdfail;
98	+ }
99	+#endif /* PARANOIA */
100	+
101	if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
102	log_error("Can't fdopen new lease file: %m");
103	close(db_fd);
104	diff -up dhcp-4.2.5/server/dhcpd.8.paranoia dhcp-4.2.5/server/dhcpd.8
105	--- dhcp-4.2.5/server/dhcpd.8.paranoia 2013-01-03 01:02:25.000000000 +0100
106	+++ dhcp-4.2.5/server/dhcpd.8 2013-03-26 13:28:16.576604471 +0100
107	@@ -82,6 +82,18 @@ dhcpd - Dynamic Host Configuration Proto
108	.I trace-output-file
109	]
110	[
111	+.B -user
112	+.I user
113	+]
114	+[
115	+.B -group
116	+.I group
117	+]
118	+[
119	+.B -chroot
120	+.I dir
121	+]
122	+[
123	.B -play
124	.I trace-playback-file
125	]
126	@@ -269,6 +281,15 @@ lease file.
127	.TP
128	.BI --version
129	Print version number and exit.
130	+.TP
131	+.BI \-user \ user
132	+Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports.
133	+.TP
134	+.BI \-group \ group
135	+Setgid to group after completing privileged operations, such as creating sockets that listen on privileged ports.
136	+.TP
137	+.BI \-chroot \ dir
138	+Chroot to directory after processing the command line arguments, but before reading the configuration file.
139	.PP
140	.I Modifying default file locations:
141	The following options can be used to modify the locations
142	diff -up dhcp-4.2.5/server/dhcpd.c.paranoia dhcp-4.2.5/server/dhcpd.c
143	--- dhcp-4.2.5/server/dhcpd.c.paranoia 2013-03-26 13:14:50.523542693 +0100
144	+++ dhcp-4.2.5/server/dhcpd.c 2013-03-26 13:14:50.589541904 +0100
145	@@ -702,7 +702,11 @@ main(int argc, char **argv) {
146	group_write_hook = group_writer;
147
148	/* Start up the database... */
149	+#if defined (PARANOIA)
150	+ db_startup (lftest, set_uid, set_gid);
151	+#else
152	db_startup (lftest);
153	+#endif /* PARANOIA */
154
155	if (lftest)
156	exit (0);
157	@@ -773,22 +777,6 @@ main(int argc, char **argv) {
158	exit (0);
159	}
160
161	-#if defined (PARANOIA)
162	- /* change uid to the specified one */
163	-
164	- if (set_gid) {
165	- if (setgroups (0, (void *)0))
166	- log_fatal ("setgroups: %m");
167	- if (setgid (set_gid))
168	- log_fatal ("setgid(%d): %m", (int) set_gid);
169	- }
170	-
171	- if (set_uid) {
172	- if (setuid (set_uid))
173	- log_fatal ("setuid(%d): %m", (int) set_uid);
174	- }
175	-#endif /* PARANOIA */
176	-
177	/*
178	* Deal with pid files. If the user told us
179	* not to write a file we don't read one either
180	@@ -825,6 +813,22 @@ main(int argc, char **argv) {
181	}
182	}
183
184	+#if defined (PARANOIA)
185	+ /* change uid to the specified one */
186	+
187	+ if (set_gid) {
188	+ if (setgroups (0, (void *)0))
189	+ log_fatal ("setgroups: %m");
190	+ if (setgid (set_gid))
191	+ log_fatal ("setgid(%d): %m", (int) set_gid);
192	+ }
193	+
194	+ if (set_uid) {
195	+ if (setuid (set_uid))
196	+ log_fatal ("setuid(%d): %m", (int) set_uid);
197	+ }
198	+#endif /* PARANOIA */
199	+
200	/* If we were requested to log to stdout on the command line,
201	keep doing so; otherwise, stop. */
202	if (log_perror == -1)