From 2a0220f19b262f122bc8dc7b68e6f4c0a5a16cae Mon Sep 17 00:00:00 2001 From: Marcus Brinkmann Date: Thu, 11 Jan 2001 22:28:29 +0000 Subject: hurd/ 2001-01-07 Marcus Brinkmann * ioctl_types.h: Include , define types sockaddr_t and ifname_t for iioctl.defs. * iioctl.defs: New file for network interface ioctls. * pfinet.defs: Remove old RPCs, fix subsystem number, add RPC for SIOCGIFCONF. pfinet/ 2001-01-07 Marcus Brinkmann * pfinet-ops.c: New file to implement hurd/pfinet.defs. * iioctl-ops.c: New file to implement iioctl.defs. * linux-src/net/core/dev.c: If _HURD_, don't define netdev_chain as static. * glue-include/linux/if.h: New file, to avoid conflict between (imported by iioctl.defs) and linux version of it. * main.c (pfinet_demuxer): Prototype pfinet_server and iioctl_server, use them. * pfinet.h: New global variables pfinetctl, pfinet_owner and pfinet_group. * main.c (main): New variable ST. Request pfinetctl from trivfs_startup. Use it to determine the owner and group of the underlying node. * io-ops.c (S_io_reauthenticate): New index variable j. Set newuser->isroot also for owners of the underlying file and group owners. (S_io_restrict_auth): Likewise. * socket-ops.c: Include and . (S_socket_create): New variable isroot. If master->isroot is not set, use fshelp_isowner to check ownership and if to set it. Pass isroot to make_sock_user instead master->isroot. * linux-src/net/ipv4/devinet.c (configure_device): Accept new parameter BROADCAST, set ifa_broadcast if this is not INADDR_NONE. (inquire_device): Accept new parameter broadcast, set it. * main.c: Add new paramter to prototype of configure_device. (main): Add new parameter to call to configure_device. * options.c: Add new parameters to prototypes of configure_device and inquire_device. (trivfs_append_args): Define new variable BROAD, use its address as the new parameter for inquire_device. * linux-src/net/core/dev.c (dev_ifconf): Don't declare static if _HURD_. * linux-src/net/ipv4/devinet.c (inet_gifconf): If _HURD_, set sin_len member. * Makefile (MIGSRCS): Add pfinetServer.c and iioctlServer.c. (SRCS): Add pfinet-ops.c, iioctl-ops.c. --- pfinet/io-ops.c | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) (limited to 'pfinet/io-ops.c') diff --git a/pfinet/io-ops.c b/pfinet/io-ops.c index ebb1c172..bd4f590c 100644 --- a/pfinet/io-ops.c +++ b/pfinet/io-ops.c @@ -320,7 +320,7 @@ S_io_reauthenticate (struct sock_user *user, uid_t *gen_uids, *gen_gids, *aux_uids, *aux_gids; u_int genuidlen, gengidlen, auxuidlen, auxgidlen; error_t err; - int i; + int i, j; auth_t auth; mach_port_t newright; @@ -357,9 +357,16 @@ S_io_reauthenticate (struct sock_user *user, if (err) newuser->isroot = 0; else + /* Check permission as fshelp_isowner would do. */ for (i = 0; i < genuidlen; i++) - if (gen_uids[i] == 0) - newuser->isroot = 1; + { + if (gen_uids[i] == 0 || gen_uids[i] == pfinet_owner) + newuser->isroot = 1; + if (gen_uids[i] == pfinet_group) + for (j = 0; j < gengidlen; j++) + if (gen_gids[j] == pfinet_group) + newuser->isroot = 1; + } mach_port_move_member (mach_task_self (), newuser->pi.port_right, pfinet_bucket->portset); @@ -390,7 +397,7 @@ S_io_restrict_auth (struct sock_user *user, u_int gidslen) { struct sock_user *newuser; - int i = 0; + int i, j; int isroot; if (!user) @@ -400,9 +407,16 @@ S_io_restrict_auth (struct sock_user *user, isroot = 0; if (user->isroot) - for (i = 0; i < uidslen && !isroot; i++) - if (uids[i] == 0) - isroot = 1; + /* Check permission as fshelp_isowner would do. */ + for (i = 0; i < uidslen; i++) + { + if (uids[i] == 0 || uids[i] == pfinet_owner) + isroot = 1; + if (uids[i] == pfinet_group) + for (j = 0; j < gidslen; j++) + if (gids[j] == pfinet_group) + isroot = 1; + } newuser = make_sock_user (user->sock, isroot, 0, 0); *newobject = ports_get_right (newuser); -- cgit v1.2.3