summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMukund Sivaraman <muks@banu.com>2008-07-14 17:40:20 +0530
committerMukund Sivaraman <muks@banu.com>2008-07-14 17:40:20 +0530
commitaa95c34004a96a4c64155dd51d191d3c81e854bb (patch)
treeac2b47e8480a9082d8facf9c2904a84562d52d62
parent2fe213d7770adbbda72415aa19f3669139942a08 (diff)
downloadtinyproxy-aa95c34004a96a4c64155dd51d191d3c81e854bb.tar.gz
tinyproxy-aa95c34004a96a4c64155dd51d191d3c81e854bb.zip
Allow numeric uid/gids in User and Group directives
This change allows numeric uid/gids to be specified in the User and Group directives in tinyproxy.conf. Formerly, only username and group names were accepted. This fixes bug #15, which was created after looking at a case on the OpenWrt wiki. X-Banu-Bugzilla-Ids: 15
-rw-r--r--src/conffile.c2
-rw-r--r--src/tinyproxy.c71
-rw-r--r--src/tinyproxy.h2
3 files changed, 52 insertions, 23 deletions
diff --git a/src/conffile.c b/src/conffile.c
index 2ae1d90..78f5da3 100644
--- a/src/conffile.c
+++ b/src/conffile.c
@@ -557,7 +557,7 @@ HANDLE_FUNC(handle_connectport)
static
HANDLE_FUNC(handle_user)
{
- return set_string_arg(&conf->username, line, &match[2]);
+ return set_string_arg(&conf->user, line, &match[2]);
}
static
diff --git a/src/tinyproxy.c b/src/tinyproxy.c
index d185d51..88bc9d3 100644
--- a/src/tinyproxy.c
+++ b/src/tinyproxy.c
@@ -149,6 +149,24 @@ Options:\n\
#endif /* REVERSE_SUPPORT */
}
+static int
+get_id (char *str)
+{
+ char *tstr;
+
+ if (str == NULL)
+ return -1;
+
+ tstr = str;
+ while (*tstr != 0) {
+ if (!isdigit(*tstr))
+ return -1;
+ tstr++;
+ }
+
+ return atoi(str);
+}
+
int
main(int argc, char **argv)
{
@@ -268,7 +286,7 @@ main(int argc, char **argv)
DEFAULT_STATHOST);
config.stathost = DEFAULT_STATHOST;
}
- if (!config.username) {
+ if (!config.user) {
log_message(LOG_WARNING,
"You SHOULD set a UserName in the configuration file. Using current user instead.");
}
@@ -328,38 +346,49 @@ main(int argc, char **argv)
*/
if (geteuid() == 0) {
if (config.group && strlen(config.group) > 0) {
- thisgroup = getgrnam(config.group);
- if (!thisgroup) {
+ int gid = get_id(config.group);
+ if (gid < 0) {
+ thisgroup = getgrnam(config.group);
+ if (!thisgroup) {
+ fprintf(stderr,
+ "%s: Unable to find "
+ "group \"%s\".\n",
+ argv[0], config.group);
+ exit(EX_NOUSER);
+ }
+ gid = thisgroup->gr_gid;
+ }
+ if (setgid(gid) < 0) {
fprintf(stderr,
- "%s: Unable to find group \"%s\".\n",
- argv[0], config.group);
- exit(EX_NOUSER);
- }
- if (setgid(thisgroup->gr_gid) < 0) {
- fprintf(stderr,
- "%s: Unable to change to group \"%s\".\n",
+ "%s: Unable to change to "
+ "group \"%s\".\n",
argv[0], config.group);
exit(EX_CANTCREAT);
}
log_message(LOG_INFO, "Now running as group \"%s\".",
config.group);
}
- if (config.username && strlen(config.username) > 0) {
- thisuser = getpwnam(config.username);
- if (!thisuser) {
- fprintf(stderr,
- "%s: Unable to find user \"%s\".",
- argv[0], config.username);
- exit(EX_NOUSER);
- }
- if (setuid(thisuser->pw_uid) < 0) {
+ if (config.user && strlen(config.user) > 0) {
+ int uid = get_id(config.user);
+ if (uid < 0) {
+ thisuser = getpwnam(config.user);
+ if (!thisuser) {
+ fprintf(stderr,
+ "%s: Unable to find "
+ "user \"%s\".",
+ argv[0], config.user);
+ exit(EX_NOUSER);
+ }
+ uid = thisuser->pw_uid;
+ }
+ if (setuid(uid) < 0) {
fprintf(stderr,
"%s: Unable to change to user \"%s\".",
- argv[0], config.username);
+ argv[0], config.user);
exit(EX_CANTCREAT);
}
log_message(LOG_INFO, "Now running as user \"%s\".",
- config.username);
+ config.user);
}
} else {
log_message(LOG_WARNING,
diff --git a/src/tinyproxy.h b/src/tinyproxy.h
index a418a02..88ed541 100644
--- a/src/tinyproxy.h
+++ b/src/tinyproxy.h
@@ -51,7 +51,7 @@ struct config_s {
int port;
char *stathost;
unsigned int quit; /* boolean */
- char *username;
+ char *user;
char *group;
char *ipAddr;
#ifdef FILTER_ENABLE