(void) one; // avoids 'unused var' warning on systems that have none of the defines checked below
#ifdef IP_FREEBIND
if (setsockopt(sock, IPPROTO_IP, IP_FREEBIND, &one, sizeof(one)) < 0)
- theL()<<Logger::Warning<<"Warning: IP_FREEBIND setsockopt failed: "<<strerror(errno)<<endl;
+ g_log<<Logger::Warning<<"Warning: IP_FREEBIND setsockopt failed: "<<strerror(errno)<<endl;
#endif
#ifdef IP_BINDANY
if (af == AF_INET)
if (setsockopt(sock, IPPROTO_IP, IP_BINDANY, &one, sizeof(one)) < 0)
- theL()<<Logger::Warning<<"Warning: IP_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
+ g_log<<Logger::Warning<<"Warning: IP_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
#endif
#ifdef IPV6_BINDANY
if (af == AF_INET6)
if (setsockopt(sock, IPPROTO_IPV6, IPV6_BINDANY, &one, sizeof(one)) < 0)
- theL()<<Logger::Warning<<"Warning: IPV6_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
+ g_log<<Logger::Warning<<"Warning: IPV6_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
#endif
#ifdef SO_BINDANY
if (setsockopt(sock, SOL_SOCKET, SO_BINDANY, &one, sizeof(one)) < 0)
- theL()<<Logger::Warning<<"Warning: SO_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
+ g_log<<Logger::Warning<<"Warning: SO_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
#endif
}
// Drops the program's group privileges.
-void Utility::dropGroupPrivs( int uid, int gid )
+void Utility::dropGroupPrivs( uid_t uid, gid_t gid )
{
- if(gid) {
+ if(gid && gid != getegid()) {
if(setgid(gid)<0) {
- theL()<<Logger::Critical<<"Unable to set effective group id to "<<gid<<": "<<stringerror()<<endl;
+ g_log<<Logger::Critical<<"Unable to set effective group id to "<<gid<<": "<<stringerror()<<endl;
exit(1);
}
else
- theL()<<Logger::Info<<"Set effective group id to "<<gid<<endl;
+ g_log<<Logger::Info<<"Set effective group id to "<<gid<<endl;
struct passwd *pw=getpwuid(uid);
if(!pw) {
- theL()<<Logger::Warning<<"Unable to determine user name for uid "<<uid<<endl;
+ g_log<<Logger::Warning<<"Unable to determine user name for uid "<<uid<<endl;
if (setgroups(0, NULL)<0) {
- theL()<<Logger::Critical<<"Unable to drop supplementary gids: "<<stringerror()<<endl;
+ g_log<<Logger::Critical<<"Unable to drop supplementary gids: "<<stringerror()<<endl;
exit(1);
}
} else {
if (initgroups(pw->pw_name, gid)<0) {
- theL()<<Logger::Critical<<"Unable to set supplementary groups: "<<stringerror()<<endl;
+ g_log<<Logger::Critical<<"Unable to set supplementary groups: "<<stringerror()<<endl;
exit(1);
}
}
// Drops the program's user privileges.
-void Utility::dropUserPrivs( int uid )
+void Utility::dropUserPrivs( uid_t uid )
{
- if(uid) {
+ if(uid && uid != geteuid()) {
if(setuid(uid)<0) {
- theL()<<Logger::Critical<<"Unable to set effective user id to "<<uid<<": "<<stringerror()<<endl;
+ g_log<<Logger::Critical<<"Unable to set effective user id to "<<uid<<": "<<stringerror()<<endl;
exit(1);
}
else
- theL()<<Logger::Info<<"Set effective user id to "<<uid<<endl;
+ g_log<<Logger::Info<<"Set effective user id to "<<uid<<endl;
}
}
// Retrieves a gid using a groupname.
-int Utility::makeGidNumeric(const string &group)
+gid_t Utility::makeGidNumeric(const string &group)
{
- int newgid;
+ gid_t newgid;
if(!(newgid=atoi(group.c_str()))) {
errno=0;
struct group *gr=getgrnam(group.c_str());
if(!gr) {
- theL()<<Logger::Critical<<"Unable to look up gid of group '"<<group<<"': "<< (errno ? strerror(errno) : "not found") <<endl;
+ g_log<<Logger::Critical<<"Unable to look up gid of group '"<<group<<"': "<< (errno ? strerror(errno) : "not found") <<endl;
exit(1);
}
newgid=gr->gr_gid;
// Retrieves an uid using a username.
-int Utility::makeUidNumeric(const string &username)
+uid_t Utility::makeUidNumeric(const string &username)
{
- int newuid;
+ uid_t newuid;
if(!(newuid=atoi(username.c_str()))) {
struct passwd *pw=getpwnam(username.c_str());
if(!pw) {
- theL()<<Logger::Critical<<"Unable to look up uid of user '"<<username<<"': "<< (errno ? strerror(errno) : "not found") <<endl;
+ g_log<<Logger::Critical<<"Unable to look up uid of user '"<<username<<"': "<< (errno ? strerror(errno) : "not found") <<endl;
exit(1);
}
newuid=pw->pw_uid;
return newuid;
}
-
-// Returns a random number.
-long int Utility::random( void )
-{
- return rand();
-}
-
// Sets the random seed.
-void Utility::srandom( unsigned int seed )
+void Utility::srandom(void)
{
- ::srandom(seed);
+ struct timeval tv;
+ gettimeofday(&tv, 0);
+ ::srandom(tv.tv_sec ^ tv.tv_usec ^ getpid());
}
-
// Writes a vector.
int Utility::writev(int socket, const iovec *vector, size_t count )
{