build: move wrappers into platform module

+ Some fixups within the platform.c functions. - need to check environment set on Windows. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <davids@redhat.com>
author: Alon Bar-Lev <alon.barlev@gmail.com> 2012-02-29 22:12:19 +0200
committer: David Sommerseth <davids@redhat.com> 2012-03-24 00:14:14 +0100
commit: 14a131ac1cfc95e5ba2518ff887d04c034aecc53 (patch)
tree: 20274d65fceef494e14f3ac0c5be0171d631dfb8 /src/openvpn/misc.c
parent: 72c7b12cb65cee69ea129cc520b26dcc64977a17 (diff)
download: openvpn-14a131ac1cfc95e5ba2518ff887d04c034aecc53.tar.gz
openvpn-14a131ac1cfc95e5ba2518ff887d04c034aecc53.tar.xz
openvpn-14a131ac1cfc95e5ba2518ff887d04c034aecc53.zip
1 files changed, 11 insertions, 284 deletions
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index 2571194..2ded9bf 100644
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -56,122 +56,6 @@ int script_security = SSEC_BUILT_IN; /* GLOBAL */
 /* contains SM_x value defined in misc.h */
 int script_method = SM_EXECVE; /* GLOBAL */
 
-/* Redefine the top level directory of the filesystem
-   to restrict access to files for security */
-void
-do_chroot (const char *path)
-{
-  if (path)
-    {
-#ifdef HAVE_CHROOT
-      const char *top = "/";
-      if (chroot (path))
-	msg (M_ERR, "chroot to '%s' failed", path);
-      if (openvpn_chdir (top))
-	msg (M_ERR, "cd to '%s' failed", top);
-      msg (M_INFO, "chroot to '%s' and cd to '%s' succeeded", path, top);
-#else
-      msg (M_FATAL, "Sorry but I can't chroot to '%s' because this operating system doesn't appear to support the chroot() system call", path);
-#endif
-    }
-}
-
-/* Get/Set UID of process */
-
-bool
-get_user (const char *username, struct user_state *state)
-{
-  bool ret = false;
-  CLEAR (*state);
-  if (username)
-    {
-#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
-      state->pw = getpwnam (username);
-      if (!state->pw)
-	msg (M_ERR, "failed to find UID for user %s", username);
-      state->username = username;
-      ret = true;
-#else
-      msg (M_FATAL, "cannot get UID for user %s -- platform lacks getpwname() or setuid() system calls", username);
-#endif
-    }
-  return ret;
-}
-
-void
-set_user (const struct user_state *state)
-{
-#if defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)
-  if (state->username && state->pw)
-    {
-      if (setuid (state->pw->pw_uid))
-	msg (M_ERR, "setuid('%s') failed", state->username);
-      msg (M_INFO, "UID set to %s", state->username);
-    }
-#endif
-}
-
-/* Get/Set GID of process */
-
-bool
-get_group (const char *groupname, struct group_state *state)
-{
-  bool ret = false;
-  CLEAR (*state);
-  if (groupname)
-    {
-#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
-      state->gr = getgrnam (groupname);
-      if (!state->gr)
-	msg (M_ERR, "failed to find GID for group %s", groupname);
-      state->groupname = groupname;
-      ret = true;
-#else
-      msg (M_FATAL, "cannot get GID for group %s -- platform lacks getgrnam() or setgid() system calls", groupname);
-#endif
-    }
-  return ret;
-}
-
-void
-set_group (const struct group_state *state)
-{
-#if defined(HAVE_GETGRNAM) && defined(HAVE_SETGID)
-  if (state->groupname && state->gr)
-    {
-      if (setgid (state->gr->gr_gid))
-	msg (M_ERR, "setgid('%s') failed", state->groupname);
-      msg (M_INFO, "GID set to %s", state->groupname);
-#ifdef HAVE_SETGROUPS
-      {
-        gid_t gr_list[1];
-	gr_list[0] = state->gr->gr_gid;
-	if (setgroups (1, gr_list))
-	  msg (M_ERR, "setgroups('%s') failed", state->groupname);
-      }
-#endif
-    }
-#endif
-}
-
-/* Change process priority */
-void
-set_nice (int niceval)
-{
-  if (niceval)
-    {
-#ifdef HAVE_NICE
-      errno = 0;
-      if (nice (niceval) < 0 && errno != 0)
-	msg (M_WARN | M_ERRNO, "WARNING: nice %d failed: %s", niceval, strerror(errno));
-      else
-	msg (M_INFO, "nice %d succeeded", niceval);
-#else
-      msg (M_WARN, "WARNING: nice %d failed (function not implemented)", niceval);
-#endif
-    }
-}
-
 /*
  * Pass tunnel endpoint and MTU parms to a user-supplied script.
  * Used to execute the up/down script/plugins.
@@ -253,7 +137,7 @@ get_pid_file (const char* filename, struct pid_state *state)
   CLEAR (*state);
   if (filename)
     {
-      state->fp = openvpn_fopen (filename, "w");
+      state->fp = platform_fopen (filename, "w");
       if (!state->fp)
 	msg (M_ERR, "Open error on pid file %s", filename);
       state->filename = filename;
@@ -266,42 +150,13 @@ write_pid (const struct pid_state *state)
 {
   if (state->filename && state->fp)
     {
-      unsigned int pid = openvpn_getpid (); 
+      unsigned int pid = platform_getpid (); 
       fprintf(state->fp, "%u\n", pid);
       if (fclose (state->fp))
 	msg (M_ERR, "Close error on pid file %s", state->filename);
     }
 }
 
-/* Get current PID */
-unsigned int
-openvpn_getpid ()
-{
-#ifdef WIN32
-  return (unsigned int) GetCurrentProcessId ();
-#else
-#ifdef HAVE_GETPID
-  return (unsigned int) getpid ();
-#else
-  return 0;
-#endif
-#endif
-}
-
-/* Disable paging */
-void
-do_mlockall(bool print_msg)
-{
-#ifdef HAVE_MLOCKALL
-  if (mlockall (MCL_CURRENT | MCL_FUTURE))
-    msg (M_WARN | M_ERRNO, "WARNING: mlockall call failed");
-  else if (print_msg)
-    msg (M_INFO, "mlockall call succeeded");
-#else
-  msg (M_WARN, "WARNING: mlockall call failed (function not implemented)");
-#endif
-}
-
 /*
  * Set standard file descriptors to /dev/null
  */
@@ -325,27 +180,6 @@ set_std_files_to_null (bool stdin_only)
 }
 
 /*
- * Wrapper for chdir library function
- */
-int
-openvpn_chdir (const char* dir)
-{
-#ifdef HAVE_CHDIR
-#ifdef WIN32
-  int res;
-  struct gc_arena gc = gc_new ();
-  res = _wchdir (wide_string (dir, &gc));
-  gc_free (&gc);
-  return res;
-#else
-  return chdir (dir);
-#endif
-#else
-  return -1;
-#endif
-}
-
-/*
  *  dup inetd/xinetd socket descriptor and save
  */
 
@@ -391,32 +225,6 @@ warn_if_group_others_accessible (const char* filename)
 }
 
 /*
- * convert system() return into a success/failure value
- */
-bool
-system_ok (int stat)
-{
-#ifdef WIN32
-  return stat == 0;
-#else
-  return stat != -1 && WIFEXITED (stat) && WEXITSTATUS (stat) == 0;
-#endif
-}
-
-/*
- * did system() call execute the given command?
- */
-bool
-system_executed (int stat)
-{
-#ifdef WIN32
-  return stat != -1;
-#else
-  return stat != -1 && WEXITSTATUS (stat) != 127;
-#endif
-}
-
-/*
  * Print an error message based on the status code returned by system().
  */
 const char *
@@ -456,7 +264,7 @@ openvpn_execve_check (const struct argv *a, const struct env_set *es, const unsi
   const int stat = openvpn_execve (a, es, flags);
   int ret = false;
 
-  if (system_ok (stat))
+  if (platform_system_ok (stat))
     ret = true;
   else
     {
@@ -554,7 +362,6 @@ openvpn_system (const char *command, const struct env_set *es, unsigned int flag
 {
 #ifdef HAVE_SYSTEM
   int ret;
-  struct gc_arena gc;
 
   perf_push (PERF_SCRIPT);
 
@@ -573,13 +380,7 @@ openvpn_system (const char *command, const struct env_set *es, unsigned int flag
   /*
    * execute the command
    */
-#ifdef WIN32
-  gc = gc_new ();
-  ret = _wsystem (wide_string (command, &gc));
-  gc_free (&gc);
-#else
-  ret = system (command);
-#endif
+  ret = platform_system(command);
 
   /* debugging */
   dmsg (D_SCRIPT, "SYSTEM return=%u", ret);
@@ -599,19 +400,6 @@ openvpn_system (const char *command, const struct env_set *es, unsigned int flag
 #endif
 }
 
-int
-openvpn_access (const char *path, int mode)
-{
-#ifdef WIN32
-  struct gc_arena gc = gc_new ();
-  int ret = _waccess (wide_string (path, &gc), mode);
-  gc_free (&gc);
-  return ret;
-#else
-  return access (path, mode);
-#endif
-}
-
 /*
  * Run execve() inside a fork(), duping stdout.  Designed to replicate the semantics of popen() but
  * in a safer way that doesn't require the invocation of a shell or the risks
@@ -981,7 +769,7 @@ env_set_remove_from_environment (const struct env_set *es)
 
 static struct env_item *global_env = NULL; /* GLOBAL */
 
-static void
+void
 manage_env (char *str)
 {
   remove_env_item (str, true, &global_env);
@@ -1078,27 +866,11 @@ setenv_str_ex (struct env_set *es,
     }
   else
     {
-#if defined(WIN32)
+      char *str = construct_name_value (name_tmp, val_tmp, NULL);
+      if (platform_putenv(str))
       {
-        if (!SetEnvironmentVariableW (wide_string (name_tmp, &gc),
-                                      wide_string (val_tmp, &gc)))
-	  msg (M_WARN | M_ERRNO, "SetEnvironmentVariable failed, name='%s', value='%s'",
-	       name_tmp,
-	       val_tmp ? val_tmp : "NULL");
+        msg (M_WARN | M_ERRNO, "putenv('%s') failed", str);
       }
-#elif defined(HAVE_PUTENV)
-      {
-	char *str = construct_name_value (name_tmp, val_tmp, NULL);
-	int status;
-
-	status = putenv (str);
-	/*msg (M_INFO, "PUTENV '%s'", str);*/
-	if (!status)
-	  manage_env (str);
-	if (status)
-	  msg (M_WARN | M_ERRNO, "putenv('%s') failed", str);
-      }
-#endif
     }
 
   gc_free (&gc);
@@ -1162,35 +934,6 @@ count_netmask_bits(const char *dotted_quad)
   return ((int)result);
 }
 
-/*
- * Go to sleep for n milliseconds.
- */
-void
-sleep_milliseconds (unsigned int n)
-{
-#ifdef WIN32
-  Sleep (n);
-#else
-  struct timeval tv;
-  tv.tv_sec = n / 1000;
-  tv.tv_usec = (n % 1000) * 1000;
-  select (0, NULL, NULL, NULL, &tv);
-#endif
-}
-
-/*
- * Go to sleep indefinitely.
- */
-void
-sleep_until_signal (void)
-{
-#ifdef WIN32
-  ASSERT (0);
-#else
-  select (0, NULL, NULL, NULL, NULL);
-#endif
-}
-
 /* return true if filename can be opened for read */
 bool
 test_file (const char *filename)
@@ -1198,7 +941,7 @@ test_file (const char *filename)
   bool ret = false;
   if (filename)
     {
-      FILE *fp = openvpn_fopen (filename, "r");
+      FILE *fp = platform_fopen (filename, "r");
       if (fp)
 	{
 	  fclose (fp);
@@ -1246,7 +989,7 @@ create_temp_file (const char *directory, const char *prefix, struct gc_arena *gc
 
       /* Atomically create the file.  Errors out if the file already
          exists.  */
-      fd = openvpn_open (retfname, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR | S_IWUSR);
+      fd = platform_open (retfname, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR | S_IWUSR);
       if (fd != -1)
         {
           close (fd);
@@ -1342,22 +1085,6 @@ gen_path (const char *directory, const char *filename, struct gc_arena *gc)
     return NULL;
 }
 
-/* delete a file, return true if succeeded */
-bool
-delete_file (const char *filename)
-{
-#if defined(WIN32)
-  struct gc_arena gc = gc_new ();
-  BOOL ret = DeleteFileW (wide_string (filename, &gc));
-  gc_free (&gc);
-  return (ret != 0);
-#elif defined(HAVE_UNLINK)
-  return (unlink (filename) == 0);
-#else
-  return false;
-#endif
-}
-
 bool
 absolute_pathname (const char *pathname)
 {
@@ -1524,7 +1251,7 @@ get_user_pass_cr (struct user_pass *up,
 
 	  warn_if_group_others_accessible (auth_file);
 
-	  fp = openvpn_fopen (auth_file, "r");
+	  fp = platform_fopen (auth_file, "r");
 	  if (!fp)
 	    msg (M_ERR, "Error opening '%s' auth file: %s", prefix, auth_file);
author	Alon Bar-Lev <alon.barlev@gmail.com>	2012-02-29 22:12:19 +0200
committer	David Sommerseth <davids@redhat.com>	2012-03-24 00:14:14 +0100
commit	14a131ac1cfc95e5ba2518ff887d04c034aecc53 (patch)
tree	20274d65fceef494e14f3ac0c5be0171d631dfb8 /src/openvpn/misc.c
parent	72c7b12cb65cee69ea129cc520b26dcc64977a17 (diff)
download	openvpn-14a131ac1cfc95e5ba2518ff887d04c034aecc53.tar.gz openvpn-14a131ac1cfc95e5ba2518ff887d04c034aecc53.tar.xz openvpn-14a131ac1cfc95e5ba2518ff887d04c034aecc53.zip