"SetUID demystified" - Hao Chen, David Wagner and Drew Dean
Proceedings of USENIX Security Symposium 2002
- (djm) Don't use xmalloc() or pull in toplevel headers in fake-* code
+ - (djm) Merge all the openbsd/fake-* into fake-rfc2553.[ch]
20030604
- (djm) Bug #573 - Remove unneeded Krb headers and compat goop. Patch from
OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o vis.o
-COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o xmmap.o
+COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o xmmap.o
PORTS=port-irix.o port-aix.o
+++ /dev/null
-/*
- * fake library for ssh
- *
- * This file is included in getaddrinfo.c and getnameinfo.c.
- * See getaddrinfo.c and getnameinfo.c.
- */
-
-#ifndef _FAKE_GAI_ERRNOS_H
-#define _FAKE_GAI_ERRNOS_H
-
-/* $Id$ */
-
-/* for old netdb.h */
-#ifndef EAI_NODATA
-# define EAI_NODATA 1
-# define EAI_MEMORY 2
-#endif
-
-#endif /* !_FAKE_GAI_ERRNOS_H */
+++ /dev/null
-/* $Id$ */
-
-#ifndef _FAKE_GETADDRINFO_H
-#define _FAKE_GETADDRINFO_H
-
-#include "config.h"
-
-#include "fake-gai-errnos.h"
-
-#ifndef AI_PASSIVE
-# define AI_PASSIVE (1)
-# define AI_CANONNAME (1<<1)
-# define AI_NUMERICHOST (1<<2)
-#endif
-
-#ifndef HAVE_STRUCT_ADDRINFO
-struct addrinfo {
- int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
- int ai_family; /* PF_xxx */
- int ai_socktype; /* SOCK_xxx */
- int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
- size_t ai_addrlen; /* length of ai_addr */
- char *ai_canonname; /* canonical name for hostname */
- struct sockaddr *ai_addr; /* binary address */
- struct addrinfo *ai_next; /* next structure in linked list */
-};
-#endif /* !HAVE_STRUCT_ADDRINFO */
-
-#ifndef HAVE_GETADDRINFO
-int getaddrinfo(const char *, const char *,
- const struct addrinfo *, struct addrinfo **);
-#endif /* !HAVE_GETADDRINFO */
-
-#ifndef HAVE_GAI_STRERROR
-char *gai_strerror(int);
-#endif /* !HAVE_GAI_STRERROR */
-
-#ifndef HAVE_FREEADDRINFO
-void freeaddrinfo(struct addrinfo *);
-#endif /* !HAVE_FREEADDRINFO */
-
-#endif /* _FAKE_GETADDRINFO_H */
+++ /dev/null
-/*
- * fake library for ssh
- *
- * This file includes getnameinfo().
- * These funtions are defined in rfc2133.
- *
- * But these functions are not implemented correctly. The minimum subset
- * is implemented for ssh use only. For exapmle, this routine assumes
- * that ai_family is AF_INET. Don't use it for another purpose.
- */
-
-#include "includes.h"
-#include "ssh.h"
-
-RCSID("$Id$");
-
-#ifndef HAVE_GETNAMEINFO
-int getnameinfo(const struct sockaddr *sa, size_t salen, char *host,
- size_t hostlen, char *serv, size_t servlen, int flags)
-{
- struct sockaddr_in *sin = (struct sockaddr_in *)sa;
- struct hostent *hp;
- char tmpserv[16];
-
- if (serv != NULL) {
- snprintf(tmpserv, sizeof(tmpserv), "%d", ntohs(sin->sin_port));
- if (strlcpy(serv, tmpserv, servlen) >= servlen)
- return (EAI_MEMORY);
- }
-
- if (host != NULL) {
- if (flags & NI_NUMERICHOST) {
- if (strlcpy(host, inet_ntoa(sin->sin_addr),
- hostlen) >= hostlen)
- return (EAI_MEMORY);
- else
- return (0);
- } else {
- hp = gethostbyaddr((char *)&sin->sin_addr,
- sizeof(struct in_addr), AF_INET);
- if (hp == NULL)
- return (EAI_NODATA);
-
- if (strlcpy(host, hp->h_name, hostlen) >= hostlen)
- return (EAI_MEMORY);
- else
- return (0);
- }
- }
- return (0);
-}
-#endif /* !HAVE_GETNAMEINFO */
+++ /dev/null
-/* $Id$ */
-
-#ifndef _FAKE_GETNAMEINFO_H
-#define _FAKE_GETNAMEINFO_H
-
-#include "config.h"
-
-#ifndef HAVE_GETNAMEINFO
-int getnameinfo(const struct sockaddr *, size_t, char *, size_t,
- char *, size_t, int);
-#endif /* !HAVE_GETNAMEINFO */
-
-#ifndef NI_NUMERICHOST
-# define NI_NUMERICHOST (1)
-# define NI_NAMEREQD (1<<1)
-# define NI_NUMERICSERV (1<<2)
-#endif
-
-#ifndef NI_MAXSERV
-# define NI_MAXSERV 32
-#endif /* !NI_MAXSERV */
-#ifndef NI_MAXHOST
-# define NI_MAXHOST 1025
-#endif /* !NI_MAXHOST */
-
-#endif /* _FAKE_GETNAMEINFO_H */
/*
- * fake library for ssh
- *
- * This file includes getaddrinfo(), freeaddrinfo() and gai_strerror().
- * These funtions are defined in rfc2133.
+ * Pseudo-implementation of RFC2553 name / address resolution functions
*
* But these functions are not implemented correctly. The minimum subset
* is implemented for ssh use only. For exapmle, this routine assumes
* that ai_family is AF_INET. Don't use it for another purpose.
*/
-#include "includes.h"
-
RCSID("$Id$");
+#ifndef HAVE_GETNAMEINFO
+int getnameinfo(const struct sockaddr *sa, size_t salen, char *host,
+ size_t hostlen, char *serv, size_t servlen, int flags)
+{
+ struct sockaddr_in *sin = (struct sockaddr_in *)sa;
+ struct hostent *hp;
+ char tmpserv[16];
+
+ if (serv != NULL) {
+ snprintf(tmpserv, sizeof(tmpserv), "%d", ntohs(sin->sin_port));
+ if (strlcpy(serv, tmpserv, servlen) >= servlen)
+ return (EAI_MEMORY);
+ }
+
+ if (host != NULL) {
+ if (flags & NI_NUMERICHOST) {
+ if (strlcpy(host, inet_ntoa(sin->sin_addr),
+ hostlen) >= hostlen)
+ return (EAI_MEMORY);
+ else
+ return (0);
+ } else {
+ hp = gethostbyaddr((char *)&sin->sin_addr,
+ sizeof(struct in_addr), AF_INET);
+ if (hp == NULL)
+ return (EAI_NODATA);
+
+ if (strlcpy(host, hp->h_name, hostlen) >= hostlen)
+ return (EAI_MEMORY);
+ else
+ return (0);
+ }
+ }
+ return (0);
+}
+#endif /* !HAVE_GETNAMEINFO */
+
#ifndef HAVE_GAI_STRERROR
char *
gai_strerror(int err)
--- /dev/null
+/*
+ * Pseudo-implementation of RFC2553 name / address resolution functions
+ *
+ * But these functions are not implemented correctly. The minimum subset
+ * is implemented for ssh use only. For exapmle, this routine assumes
+ * that ai_family is AF_INET. Don't use it for another purpose.
+ */
+
+/* $Id$ */
+
+#ifndef _FAKE_RFC2553_H
+#define _FAKE_RFC2553_H
+
+#include "includes.h"
+#include "sys/types.h"
+
+/*
+ * First, socket and INET6 related definitions
+ */
+#ifndef HAVE_STRUCT_SOCKADDR_STORAGE
+# define _SS_MAXSIZE 128 /* Implementation specific max size */
+# define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr))
+struct sockaddr_storage {
+ struct sockaddr ss_sa;
+ char __ss_pad2[_SS_PADSIZE];
+};
+# define ss_family ss_sa.sa_family
+#endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */
+
+#ifndef IN6_IS_ADDR_LOOPBACK
+# define IN6_IS_ADDR_LOOPBACK(a) \
+ (((u_int32_t *)(a))[0] == 0 && ((u_int32_t *)(a))[1] == 0 && \
+ ((u_int32_t *)(a))[2] == 0 && ((u_int32_t *)(a))[3] == htonl(1))
+#endif /* !IN6_IS_ADDR_LOOPBACK */
+
+#ifndef HAVE_STRUCT_IN6_ADDR
+struct in6_addr {
+ u_int8_t s6_addr[16];
+};
+#endif /* !HAVE_STRUCT_IN6_ADDR */
+
+#ifndef HAVE_STRUCT_SOCKADDR_IN6
+struct sockaddr_in6 {
+ unsigned short sin6_family;
+ u_int16_t sin6_port;
+ u_int32_t sin6_flowinfo;
+ struct in6_addr sin6_addr;
+};
+#endif /* !HAVE_STRUCT_SOCKADDR_IN6 */
+
+#ifndef AF_INET6
+/* Define it to something that should never appear */
+#define AF_INET6 AF_MAX
+#endif
+
+/*
+ * Next, RFC2553 name / address resolution API
+ */
+
+#ifndef NI_NUMERICHOST
+# define NI_NUMERICHOST (1)
+# define NI_NAMEREQD (1<<1)
+# define NI_NUMERICSERV (1<<2)
+#endif
+#ifndef AI_PASSIVE
+# define AI_PASSIVE (1)
+# define AI_CANONNAME (1<<1)
+# define AI_NUMERICHOST (1<<2)
+#endif
+
+#ifndef NI_MAXSERV
+# define NI_MAXSERV 32
+#endif /* !NI_MAXSERV */
+#ifndef NI_MAXHOST
+# define NI_MAXHOST 1025
+#endif /* !NI_MAXHOST */
+
+#ifndef EAI_NODATA
+# define EAI_NODATA 1
+# define EAI_MEMORY 2
+#endif
+
+#ifndef HAVE_STRUCT_ADDRINFO
+struct addrinfo {
+ int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
+ int ai_family; /* PF_xxx */
+ int ai_socktype; /* SOCK_xxx */
+ int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
+ size_t ai_addrlen; /* length of ai_addr */
+ char *ai_canonname; /* canonical name for hostname */
+ struct sockaddr *ai_addr; /* binary address */
+ struct addrinfo *ai_next; /* next structure in linked list */
+};
+#endif /* !HAVE_STRUCT_ADDRINFO */
+
+#ifndef HAVE_GETADDRINFO
+int getaddrinfo(const char *, const char *,
+ const struct addrinfo *, struct addrinfo **);
+#endif /* !HAVE_GETADDRINFO */
+
+#ifndef HAVE_GAI_STRERROR
+char *gai_strerror(int);
+#endif /* !HAVE_GAI_STRERROR */
+
+#ifndef HAVE_FREEADDRINFO
+void freeaddrinfo(struct addrinfo *);
+#endif /* !HAVE_FREEADDRINFO */
+
+#ifndef HAVE_GETNAMEINFO
+int getnameinfo(const struct sockaddr *, size_t, char *, size_t,
+ char *, size_t, int);
+#endif /* !HAVE_GETNAMEINFO */
+
+#endif /* !_FAKE_RFC2553_H */
+
+++ /dev/null
-/* $Id$ */
-
-#ifndef _FAKE_SOCKET_H
-#define _FAKE_SOCKET_H
-
-#include "includes.h"
-#include "sys/types.h"
-
-#ifndef HAVE_STRUCT_SOCKADDR_STORAGE
-
-# define _SS_MAXSIZE 128 /* Implementation specific max size */
-# define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr))
-
-struct sockaddr_storage {
- struct sockaddr ss_sa;
- char __ss_pad2[_SS_PADSIZE];
-};
-# define ss_family ss_sa.sa_family
-#endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */
-
-#ifndef IN6_IS_ADDR_LOOPBACK
-# define IN6_IS_ADDR_LOOPBACK(a) \
- (((u_int32_t *)(a))[0] == 0 && ((u_int32_t *)(a))[1] == 0 && \
- ((u_int32_t *)(a))[2] == 0 && ((u_int32_t *)(a))[3] == htonl(1))
-#endif /* !IN6_IS_ADDR_LOOPBACK */
-
-#ifndef HAVE_STRUCT_IN6_ADDR
-struct in6_addr {
- u_int8_t s6_addr[16];
-};
-#endif /* !HAVE_STRUCT_IN6_ADDR */
-
-#ifndef HAVE_STRUCT_SOCKADDR_IN6
-struct sockaddr_in6 {
- unsigned short sin6_family;
- u_int16_t sin6_port;
- u_int32_t sin6_flowinfo;
- struct in6_addr sin6_addr;
-};
-#endif /* !HAVE_STRUCT_SOCKADDR_IN6 */
-
-#ifndef AF_INET6
-/* Define it to something that should never appear */
-#define AF_INET6 AF_MAX
-#endif
-
-#endif /* !_FAKE_SOCKET_H */
-
#include <sys/param.h>
#include <sys/types.h>
#include <sys/socket.h>
-#include "openbsd-compat/fake-socket.h"
#include <netinet/in.h>
#include <arpa/inet.h>
#ifndef HAVE_CYGWIN
#include "bsd-waitpid.h"
/* rfc2553 socket API replacements */
-#include "fake-getaddrinfo.h"
-#include "fake-getnameinfo.h"
-#include "fake-socket.h"
+#include "fake-rfc2553.h"
/* Routines for a single OS platform */
#include "bsd-cray.h"
#include <stdarg.h> /* For va_list */
#include <syslog.h> /* For LOG_AUTH and friends */
#include <sys/socket.h> /* For struct sockaddr_storage */
-#include "openbsd-compat/fake-socket.h" /* For struct sockaddr_storage */
#ifdef HAVE_SYS_SELECT_H
# include <sys/select.h>
#endif