/*
- PowerDNS Versatile Database Driven Nameserver
- Copyright (C) 2002 - 2011 PowerDNS.COM BV
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License version 2 as
- published by the Free Software Foundation
-
- Additionally, the license of this program contains a special
- exception which allows to distribute the program in binary form when
- it is linked against OpenSSL.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-*/
-
+ * This file is part of PowerDNS or dnsdist.
+ * Copyright -- PowerDNS.COM B.V. and its contributors
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ *
+ * In addition, for the avoidance of any doubt, permission is granted to
+ * link this program with OpenSSL and to (re)distribute the binaries
+ * produced as the result of such linking.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
(void) one; // avoids 'unused var' warning on systems that have none of the defines checked below
#ifdef IP_FREEBIND
if (setsockopt(sock, IPPROTO_IP, IP_FREEBIND, &one, sizeof(one)) < 0)
- theL()<<Logger::Warning<<"Warning: IP_FREEBIND setsockopt failed: "<<strerror(errno)<<endl;
+ g_log<<Logger::Warning<<"Warning: IP_FREEBIND setsockopt failed: "<<strerror(errno)<<endl;
#endif
#ifdef IP_BINDANY
if (af == AF_INET)
if (setsockopt(sock, IPPROTO_IP, IP_BINDANY, &one, sizeof(one)) < 0)
- theL()<<Logger::Warning<<"Warning: IP_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
+ g_log<<Logger::Warning<<"Warning: IP_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
#endif
#ifdef IPV6_BINDANY
if (af == AF_INET6)
if (setsockopt(sock, IPPROTO_IPV6, IPV6_BINDANY, &one, sizeof(one)) < 0)
- theL()<<Logger::Warning<<"Warning: IPV6_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
+ g_log<<Logger::Warning<<"Warning: IPV6_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
#endif
#ifdef SO_BINDANY
if (setsockopt(sock, SOL_SOCKET, SO_BINDANY, &one, sizeof(one)) < 0)
- theL()<<Logger::Warning<<"Warning: SO_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
+ g_log<<Logger::Warning<<"Warning: SO_BINDANY setsockopt failed: "<<strerror(errno)<<endl;
#endif
}
// Drops the program's group privileges.
-void Utility::dropGroupPrivs( int uid, int gid )
+void Utility::dropGroupPrivs( uid_t uid, gid_t gid )
{
- if(gid) {
+ if(gid && gid != getegid()) {
if(setgid(gid)<0) {
- theL()<<Logger::Critical<<"Unable to set effective group id to "<<gid<<": "<<stringerror()<<endl;
+ g_log<<Logger::Critical<<"Unable to set effective group id to "<<gid<<": "<<stringerror()<<endl;
exit(1);
}
else
- theL()<<Logger::Info<<"Set effective group id to "<<gid<<endl;
+ g_log<<Logger::Info<<"Set effective group id to "<<gid<<endl;
struct passwd *pw=getpwuid(uid);
if(!pw) {
- theL()<<Logger::Warning<<"Unable to determine user name for uid "<<uid<<endl;
+ g_log<<Logger::Warning<<"Unable to determine user name for uid "<<uid<<endl;
if (setgroups(0, NULL)<0) {
- theL()<<Logger::Critical<<"Unable to drop supplementary gids: "<<stringerror()<<endl;
+ g_log<<Logger::Critical<<"Unable to drop supplementary gids: "<<stringerror()<<endl;
exit(1);
}
} else {
if (initgroups(pw->pw_name, gid)<0) {
- theL()<<Logger::Critical<<"Unable to set supplementary groups: "<<stringerror()<<endl;
+ g_log<<Logger::Critical<<"Unable to set supplementary groups: "<<stringerror()<<endl;
exit(1);
}
}
// Drops the program's user privileges.
-void Utility::dropUserPrivs( int uid )
+void Utility::dropUserPrivs( uid_t uid )
{
- if(uid) {
+ if(uid && uid != geteuid()) {
if(setuid(uid)<0) {
- theL()<<Logger::Critical<<"Unable to set effective user id to "<<uid<<": "<<stringerror()<<endl;
+ g_log<<Logger::Critical<<"Unable to set effective user id to "<<uid<<": "<<stringerror()<<endl;
exit(1);
}
else
- theL()<<Logger::Info<<"Set effective user id to "<<uid<<endl;
+ g_log<<Logger::Info<<"Set effective user id to "<<uid<<endl;
}
}
// Retrieves a gid using a groupname.
-int Utility::makeGidNumeric(const string &group)
+gid_t Utility::makeGidNumeric(const string &group)
{
- int newgid;
+ gid_t newgid;
if(!(newgid=atoi(group.c_str()))) {
errno=0;
struct group *gr=getgrnam(group.c_str());
if(!gr) {
- theL()<<Logger::Critical<<"Unable to look up gid of group '"<<group<<"': "<< (errno ? strerror(errno) : "not found") <<endl;
+ g_log<<Logger::Critical<<"Unable to look up gid of group '"<<group<<"': "<< (errno ? strerror(errno) : "not found") <<endl;
exit(1);
}
newgid=gr->gr_gid;
// Retrieves an uid using a username.
-int Utility::makeUidNumeric(const string &username)
+uid_t Utility::makeUidNumeric(const string &username)
{
- int newuid;
+ uid_t newuid;
if(!(newuid=atoi(username.c_str()))) {
struct passwd *pw=getpwnam(username.c_str());
if(!pw) {
- theL()<<Logger::Critical<<"Unable to look up uid of user '"<<username<<"': "<< (errno ? strerror(errno) : "not found") <<endl;
+ g_log<<Logger::Critical<<"Unable to look up uid of user '"<<username<<"': "<< (errno ? strerror(errno) : "not found") <<endl;
exit(1);
}
newuid=pw->pw_uid;
return newuid;
}
-
-// Returns a random number.
-long int Utility::random( void )
-{
- return rand();
-}
-
// Sets the random seed.
-void Utility::srandom( unsigned int seed )
+void Utility::srandom(void)
{
- ::srandom(seed);
+ struct timeval tv;
+ gettimeofday(&tv, 0);
+ ::srandom(tv.tv_sec ^ tv.tv_usec ^ getpid());
}
-
// Writes a vector.
int Utility::writev(int socket, const iovec *vector, size_t count )
{
projects / thirdparty / pdns.git / blobdiff