diff options
author | Simo Sorce <simo@redhat.com> | 2013-11-20 11:58:22 -0500 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2013-11-20 12:03:29 -0500 |
commit | 30ce3354ed3300721ddf8de069b0647b55e718e6 (patch) | |
tree | aecdfbc9cec2f04f10fc2a96c129595bc1b8f68b /proxy/src | |
parent | 9824bec3a9fc14a527a4febd60a730f6deee0918 (diff) | |
download | gss-proxy-getenv.tar.gz gss-proxy-getenv.tar.xz gss-proxy-getenv.zip |
Use secure_getenv in client and mechglue modulegetenv
proxymehc.so may be used in setuid binaries so follow best security
practices and use secure_getenv() if available.
Fallback to poorman emulation when secure_getenv() is not available.
Resolves: https://fedorahosted.org/gss-proxy/ticket/110
Diffstat (limited to 'proxy/src')
-rw-r--r-- | proxy/src/client/gpm_common.c | 2 | ||||
-rw-r--r-- | proxy/src/gp_common.h | 1 | ||||
-rw-r--r-- | proxy/src/gp_util.c | 20 | ||||
-rw-r--r-- | proxy/src/mechglue/gss_plugin.c | 4 |
4 files changed, 24 insertions, 3 deletions
diff --git a/proxy/src/client/gpm_common.c b/proxy/src/client/gpm_common.c index df1f5a1..74296da 100644 --- a/proxy/src/client/gpm_common.c +++ b/proxy/src/client/gpm_common.c @@ -68,7 +68,7 @@ static int get_pipe_name(struct gpm_ctx *gpmctx, char *name) const char *socket; int ret; - socket = getenv("GSSPROXY_SOCKET"); + socket = gp_getenv("GSSPROXY_SOCKET"); if (!socket) { socket = GP_SOCKET_NAME; } diff --git a/proxy/src/gp_common.h b/proxy/src/gp_common.h index 9e4ae81..b5c525f 100644 --- a/proxy/src/gp_common.h +++ b/proxy/src/gp_common.h @@ -67,6 +67,7 @@ bool gp_same(const char *a, const char *b); bool gp_boolean_is_true(const char *s); +char *gp_getenv(const char *name); #include "rpcgen/gss_proxy.h" diff --git a/proxy/src/gp_util.c b/proxy/src/gp_util.c index 8400da1..a6c870f 100644 --- a/proxy/src/gp_util.c +++ b/proxy/src/gp_util.c @@ -23,8 +23,10 @@ DEALINGS IN THE SOFTWARE. */ +#include "config.h" #include <stdbool.h> #include <string.h> +#include <stdlib.h> bool gp_same(const char *a, const char *b) { @@ -46,3 +48,21 @@ bool gp_boolean_is_true(const char *s) return false; } + +char *gp_getenv(const char *name) +{ +#if HAVE_SECURE_GETENV + return secure_getenv(name); +#elif HAVE___SECURE_GETENV + return __secure_getenv(name); +#else +#include <unistd.h> +#include <sys/types.h> +#warning secure_getenv not available, falling back to poorman emulation + if ((getuid() == geteuid()) && + (getgid() == getegid())) { + return getenv(name); + } + return NULL; +#endif +} diff --git a/proxy/src/mechglue/gss_plugin.c b/proxy/src/mechglue/gss_plugin.c index 0e62990..9a06d10 100644 --- a/proxy/src/mechglue/gss_plugin.c +++ b/proxy/src/mechglue/gss_plugin.c @@ -64,7 +64,7 @@ enum gpp_behavior gpp_get_behavior(void) char *envval; if (behavior == GPP_UNINITIALIZED) { - envval = getenv("GSSPROXY_BEHAVIOR"); + envval = gp_getenv("GSSPROXY_BEHAVIOR"); if (envval) { if (strcmp(envval, "LOCAL_ONLY") == 0) { behavior = GPP_LOCAL_ONLY; @@ -102,7 +102,7 @@ gss_OID_set gss_mech_interposer(gss_OID mech_type) /* avoid looping in the gssproxy daemon by avoiding to interpose * any mechanism */ - envval = getenv("GSS_USE_PROXY"); + envval = gp_getenv("GSS_USE_PROXY"); if (!envval) { return NULL; } |