diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2011-07-28 15:32:30 -0400 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-06-22 15:37:42 -0400 |
| commit | ecf0386b2672103f1ef8bafea37e464c86ae538c (patch) | |
| tree | 9780ec40cddc11a94e62bd6b1a49f3cc96e5c571 | |
| parent | dd60af1ca6f5887f12ff50532e2fde5f16c9d55b (diff) | |
| download | sssd-ecf0386b2672103f1ef8bafea37e464c86ae538c.tar.gz sssd-ecf0386b2672103f1ef8bafea37e464c86ae538c.tar.xz sssd-ecf0386b2672103f1ef8bafea37e464c86ae538c.zip | |
Converge accept_fd_handler and accept_priv_fd_handler
These two functions were almost identical. Better to maintain them
as a single function.
Conflicts:
src/responder/common/responder_common.c
| -rw-r--r-- | src/responder/common/responder_common.c | 143 |
1 files changed, 47 insertions, 96 deletions
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index bc6f02ae1..7ec2ffcff 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -260,127 +260,63 @@ static void idle_handler(struct tevent_context *ev, struct timeval current_time, void *data); -/* TODO: this is a copy of accept_fd_handler, maybe both can be put into on - * handler. */ -static void accept_priv_fd_handler(struct tevent_context *ev, - struct tevent_fd *fde, - uint16_t flags, void *ptr) +static void accept_fd_handler(struct tevent_context *ev, + struct tevent_fd *fde, + uint16_t flags, void *ptr) { /* accept and attach new event handler */ - struct resp_ctx *rctx = talloc_get_type(ptr, struct resp_ctx); + struct accept_fd_ctx *accept_ctx = + talloc_get_type(ptr, struct accept_fd_ctx); + struct resp_ctx *rctx = accept_ctx->rctx; struct cli_ctx *cctx; socklen_t len; struct stat stat_buf; int ret; - - ret = stat(rctx->priv_sock_name, &stat_buf); - if (ret == -1) { - DEBUG(1, ("stat on privileged pipe failed: [%d][%s].\n", errno, - strerror(errno))); - return; - } - - if ( ! (stat_buf.st_uid == 0 && stat_buf.st_gid == 0 && - (stat_buf.st_mode&(S_IFSOCK|S_IRUSR|S_IWUSR)) == stat_buf.st_mode)) { - DEBUG(1, ("privileged pipe has an illegal status.\n")); -/* TODO: what is the best response to this condition? Terminate? */ - return; - } - - - cctx = talloc_zero(rctx, struct cli_ctx); - if (!cctx) { - struct sockaddr_un addr; - int fd; - DEBUG(0, ("Out of memory trying to setup client context on privileged pipe!\n")); - /* accept and close to signal the client we have a problem */ - memset(&addr, 0, sizeof(addr)); - len = sizeof(addr); - fd = accept(rctx->priv_lfd, (struct sockaddr *)&addr, &len); - if (fd == -1) { + int fd = accept_ctx->is_private ? rctx->priv_lfd : rctx->lfd; + int client_fd; + + if (accept_ctx->is_private) { + ret = stat(rctx->priv_sock_name, &stat_buf); + if (ret == -1) { + DEBUG(1, ("stat on privileged pipe failed: [%d][%s].\n", errno, + strerror(errno))); return; } - close(fd); - return; - } - - len = sizeof(cctx->addr); - cctx->cfd = accept(rctx->priv_lfd, (struct sockaddr *)&cctx->addr, &len); - if (cctx->cfd == -1) { - DEBUG(1, ("Accept failed [%s]\n", strerror(errno))); - talloc_free(cctx); - return; - } - - cctx->priv = 1; - - ret = get_client_cred(cctx); - if (ret != EOK) { - DEBUG(2, ("get_client_cred failed, " - "client cred may not be available.\n")); - } - - cctx->cfde = tevent_add_fd(ev, cctx, cctx->cfd, - TEVENT_FD_READ, client_fd_handler, cctx); - if (!cctx->cfde) { - close(cctx->cfd); - talloc_free(cctx); - DEBUG(2, ("Failed to queue client handler on privileged pipe\n")); - } - - cctx->ev = ev; - cctx->rctx = rctx; - - talloc_set_destructor(cctx, client_destructor); - - DEBUG(4, ("Client connected to privileged pipe!\n")); - /* Set up the idle timer */ - ret = reset_idle_timer(cctx); - if (ret != EOK) { - DEBUG(1, - ("Could not create idle timer for client. " - "This connection may not auto-terminate\n")); - /* Non-fatal, continue */ + if ( ! (stat_buf.st_uid == 0 && stat_buf.st_gid == 0 && + (stat_buf.st_mode&(S_IFSOCK|S_IRUSR|S_IWUSR)) == stat_buf.st_mode)) { + DEBUG(1, ("privileged pipe has an illegal status.\n")); + /* TODO: what is the best response to this condition? Terminate? */ + return; + } } - return; -} - -static void accept_fd_handler(struct tevent_context *ev, - struct tevent_fd *fde, - uint16_t flags, void *ptr) -{ - /* accept and attach new event handler */ - struct resp_ctx *rctx = talloc_get_type(ptr, struct resp_ctx); - struct cli_ctx *cctx; - socklen_t len; - int ret; - cctx = talloc_zero(rctx, struct cli_ctx); if (!cctx) { struct sockaddr_un addr; - int fd; - DEBUG(0, ("Out of memory trying to setup client context!\n")); + DEBUG(0, ("Out of memory trying to setup client context%s!\n", + accept_ctx->is_private ? " on privileged pipe": "")); /* accept and close to signal the client we have a problem */ memset(&addr, 0, sizeof(addr)); len = sizeof(addr); - fd = accept(rctx->lfd, (struct sockaddr *)&addr, &len); - if (fd == -1) { + client_fd = accept(fd, (struct sockaddr *)&addr, &len); + if (client_fd == -1) { return; } - close(fd); + close(client_fd); return; } len = sizeof(cctx->addr); - cctx->cfd = accept(rctx->lfd, (struct sockaddr *)&cctx->addr, &len); + cctx->cfd = accept(fd, (struct sockaddr *)&cctx->addr, &len); if (cctx->cfd == -1) { DEBUG(1, ("Accept failed [%s]\n", strerror(errno))); talloc_free(cctx); return; } + cctx->priv = accept_ctx->is_private; + ret = get_client_cred(cctx); if (ret != EOK) { DEBUG(2, ("get_client_cred failed, " @@ -392,7 +328,8 @@ static void accept_fd_handler(struct tevent_context *ev, if (!cctx->cfde) { close(cctx->cfd); talloc_free(cctx); - DEBUG(2, ("Failed to queue client handler\n")); + DEBUG(2, ("Failed to queue client handler%\n", + accept_ctx->is_private ? " on privileged pipe" : "")); } cctx->ev = ev; @@ -400,7 +337,8 @@ static void accept_fd_handler(struct tevent_context *ev, talloc_set_destructor(cctx, client_destructor); - DEBUG(4, ("Client connected!\n")); + DEBUG(4, ("Client connected%s!\n", + accept_ctx->is_private ? " to privileged pipe" : "")); /* Set up the idle timer */ ret = reset_idle_timer(cctx); @@ -530,6 +468,7 @@ static int set_unix_socket(struct resp_ctx *rctx) { struct sockaddr_un addr; errno_t ret; + struct accept_fd_ctx *accept_ctx; /* for future use */ #if 0 @@ -604,8 +543,14 @@ static int set_unix_socket(struct resp_ctx *rctx) goto failed; } + accept_ctx = talloc_zero(rctx, struct accept_fd_ctx); + if(!accept_ctx) goto failed; + accept_ctx->rctx = rctx; + accept_ctx->is_private = false; + rctx->lfde = tevent_add_fd(rctx->ev, rctx, rctx->lfd, - TEVENT_FD_READ, accept_fd_handler, rctx); + TEVENT_FD_READ, accept_fd_handler, + accept_ctx); if (!rctx->lfde) { DEBUG(0, ("Failed to queue handler on pipe\n")); goto failed; @@ -648,8 +593,14 @@ static int set_unix_socket(struct resp_ctx *rctx) goto failed; } + accept_ctx = talloc_zero(rctx, struct accept_fd_ctx); + if(!accept_ctx) goto failed; + accept_ctx->rctx = rctx; + accept_ctx->is_private = true; + rctx->priv_lfde = tevent_add_fd(rctx->ev, rctx, rctx->priv_lfd, - TEVENT_FD_READ, accept_priv_fd_handler, rctx); + TEVENT_FD_READ, accept_fd_handler, + accept_ctx); if (!rctx->priv_lfde) { DEBUG(0, ("Failed to queue handler on privileged pipe\n")); goto failed; |