Commit 63971a83 authored by David Hankins's avatar David Hankins
Browse files

- Ari Edelkind's PARANOIA patch has been included and may be compiled in

  via two ./configure parameters, --enable-paranoia and
  --enable-early-chroot.  [ISC-Bugs #17611]
parent 87202683
......@@ -48,6 +48,12 @@ work on other platforms. Please report any problems and suggested fixes to
<dhcp-users@isc.org>.
Changes since 4.1.0a1
- Ari Edelkind's PARANOIA patch has been included and may be compiled in
via two ./configure parameters, --enable-paranoia and
--enable-early-chroot.
Changes since 4.0.0 (new features)
- Added DHCPv6 rapid commit support.
......
......@@ -39,6 +39,29 @@ if test "$enable_dhcpv6" != "no"; then
[Define to 1 to include DHCPv6 support.])
fi
# PARANOIA is off by default (until we can test it with all features)
AC_ARG_ENABLE(paranoia,
AC_HELP_STRING([--enable-paranoia],
[enable support for chroot/setuid (default is no)]))
AC_ARG_ENABLE(early_chroot,
AC_HELP_STRING([--eanble-early-chroot],
[enable chrooting prior to configuration (default is no)]))
# If someone enables early chroot, but does not enable paranoia, do so for
# them.
if test "$enable_paranoia" != "yes" && \
test "$enable_early_chroot" = "yes" ; then
enable_paranoia="yes"
fi
if test "$enable_paranoia" = "yes" ; then
AC_DEFINE([PARANOIA], [1],
[Define to any value to include Ari's PARANOIA patch.])
fi
if test "$enable_early_chroot" = "yes" ; then
AC_DEFINE([EARLY_CHROOT], [1],
[Define to any value to chroot() prior to loading config.])
fi
###
### Path fun. Older versions of DHCP were installed in /usr/sbin, so we
### need to look there and potentially overwrite by default (but not if
......
......@@ -47,6 +47,16 @@ static char url [] = "For info, please visit http://www.isc.org/sw/dhcp/";
#include <sys/time.h>
#include <signal.h>
#if defined (PARANOIA)
# include <sys/types.h>
# include <unistd.h>
# include <pwd.h>
/* get around the ISC declaration of group */
# define group real_group
# include <grp.h>
# undef group
#endif /* PARANOIA */
static void usage(void);
struct iaddr server_identifier;
......@@ -196,6 +206,22 @@ static void omapi_listener_start (void *foo)
omapi_object_dereference (&listener, MDL);
}
#if defined (PARANOIA)
/* to be used in one of two possible scenarios */
static void setup_chroot (char *chroot_dir) {
if (geteuid())
log_fatal ("you must be root to use chroot");
if (chroot(chroot_dir)) {
log_fatal ("chroot(\"%s\"): %m", chroot_dir);
}
if (chdir ("/")) {
/* probably permission denied */
log_fatal ("chdir(\"/\"): %m");
}
}
#endif /* PARANOIA */
#ifndef UNIT_TEST
int
main(int argc, char **argv) {
......@@ -228,6 +254,15 @@ main(int argc, char **argv) {
char *traceoutfile = (char *)0;
#endif
#if defined (PARANOIA)
char *set_user = 0;
char *set_group = 0;
char *set_chroot = 0;
uid_t set_uid = 0;
gid_t set_gid = 0;
#endif /* PARANOIA */
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
......@@ -287,6 +322,20 @@ main(int argc, char **argv) {
if (++i == argc)
usage ();
server = argv [i];
#if defined (PARANOIA)
} else if (!strcmp (argv [i], "-user")) {
if (++i == argc)
usage ();
set_user = argv [i];
} else if (!strcmp (argv [i], "-group")) {
if (++i == argc)
usage ();
set_group = argv [i];
} else if (!strcmp (argv [i], "-chroot")) {
if (++i == argc)
usage ();
set_chroot = argv [i];
#endif /* PARANOIA */
} else if (!strcmp (argv [i], "-cf")) {
if (++i == argc)
usage ();
......@@ -440,6 +489,44 @@ main(int argc, char **argv) {
trace_seed_stop, MDL);
#endif
#if defined (PARANOIA)
/* get user and group info if those options were given */
if (set_user) {
struct passwd *tmp_pwd;
if (geteuid())
log_fatal ("you must be root to set user");
if (!(tmp_pwd = getpwnam(set_user)))
log_fatal ("no such user: %s", set_user);
set_uid = tmp_pwd->pw_uid;
/* use the user's group as the default gid */
if (!set_group)
set_gid = tmp_pwd->pw_gid;
}
if (set_group) {
/* get around the ISC declaration of group */
#define group real_group
struct group *tmp_grp;
if (geteuid())
log_fatal ("you must be root to set group");
if (!(tmp_grp = getgrnam(set_group)))
log_fatal ("no such group: %s", set_group);
set_gid = tmp_grp->gr_gid;
#undef group
}
# if defined (EARLY_CHROOT)
if (set_chroot) setup_chroot (set_chroot);
# endif /* EARLY_CHROOT */
#endif /* PARANOIA */
/* Default to the DHCP/BOOTP port. */
if (!local_port)
{
......@@ -583,6 +670,10 @@ main(int argc, char **argv) {
log_fatal ("Configuration file errors encountered -- exiting");
postconf_initialization (quiet);
#if defined (PARANOIA) && !defined (EARLY_CHROOT)
if (set_chroot) setup_chroot (set_chroot);
#endif /* PARANOIA && !EARLY_CHROOT */
/* test option should cause an early exit */
if (cftest && !lftest)
......@@ -661,6 +752,22 @@ main(int argc, char **argv) {
else if (pid)
exit (0);
}
#if defined (PARANOIA)
/* change uid to the specified one */
if (set_gid) {
if (setgroups (0, (void *)0))
log_fatal ("setgroups: %m");
if (setgid (set_gid))
log_fatal ("setgid(%d): %m", (int) set_gid);
}
if (set_uid) {
if (setuid (set_uid))
log_fatal ("setuid(%d): %m", (int) set_uid);
}
#endif /* PARANOIA */
/* Read previous pid file. */
if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) {
......@@ -1056,6 +1163,10 @@ usage(void) {
#else /* !DHCPv6 */
" [-cf config-file] [-lf lease-file]\n"
#endif /* DHCPv6 */
#if defined (PARANOIA)
/* meld into the following string */
" [-user user] [-group group] [-chroot dir]\n"
#endif /* PARANOIA */
#if defined (TRACING)
" [-tf trace-output-file]\n"
" [-play trace-input-file]\n"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment