From 9f18e7db9a38bb4a07f8f9a4a919e4f730da7ec1 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sat, 16 Mar 2013 23:02:50 +0100 Subject: [PATCH] consider chroot environment when creating socket file. --- src/main-misc.c | 10 +++++++++- src/ocserv-args.c | 8 ++++---- src/ocserv-args.h | 6 +++--- 3 files changed, 16 insertions(+), 8 deletions(-) diff --git a/src/main-misc.c b/src/main-misc.c index e7851c8a..5b03f44d 100644 --- a/src/main-misc.c +++ b/src/main-misc.c @@ -382,16 +382,24 @@ void run_sec_mod(main_server_st * s) { int e; pid_t pid; +char file[_POSIX_PATH_MAX]; +const char *p; /* make socket name */ snprintf(s->socket_file, sizeof(s->socket_file), "%s.%u", s->config->socket_file_prefix, (unsigned)getpid()); + p = s->socket_file; + if (s->config->chroot_dir != NULL) { + snprintf(file, sizeof(file), "%s/%s.%u", + s->config->chroot_dir, s->config->socket_file_prefix, (unsigned)getpid()); + p = file; + } pid = fork(); if (pid == 0) { /* child */ prctl(PR_SET_PDEATHSIG, SIGTERM); setproctitle(PACKAGE_NAME"-secmod"); - sec_mod_server(s->config, s->socket_file); + sec_mod_server(s->config, p); exit(0); } else if (pid > 0) { /* parent */ s->sec_mod_pid = pid; diff --git a/src/ocserv-args.c b/src/ocserv-args.c index 69859046..4531bab5 100644 --- a/src/ocserv-args.c +++ b/src/ocserv-args.c @@ -2,7 +2,7 @@ * * DO NOT EDIT THIS FILE (ocserv-args.c) * - * It has been AutoGen-ed March 15, 2013 at 04:54:18 PM by AutoGen 5.16 + * It has been AutoGen-ed March 16, 2013 at 10:55:13 PM by AutoGen 5.16 * From the definitions ocserv-args.def * and the template file options * @@ -66,7 +66,7 @@ extern FILE * option_usage_fp; * ocserv option static const strings */ static char const ocserv_opt_strs[1840] = -/* 0 */ "ocserv 0.0.3\n" +/* 0 */ "ocserv 0.1.0\n" "Copyright (C) 2013 Nikos Mavrogiannopoulos, all rights reserved.\n" "This is free software. It is licensed for use, modification and\n" "redistribution under the terms of the\n" @@ -99,7 +99,7 @@ static char const ocserv_opt_strs[1840] = /* 1129 */ "Output version information and exit\0" /* 1165 */ "version\0" /* 1173 */ "OCSERV\0" -/* 1180 */ "ocserv - OpenConnect server - Ver. 0.0.3\n" +/* 1180 */ "ocserv - OpenConnect server - Ver. 0.1.0\n" "USAGE: %s [ - [] | --[{=| }] ]...\n\0" /* 1279 */ "openconnect-devel@lists.infradead.org\0" /* 1317 */ "\n\n\0" @@ -111,7 +111,7 @@ static char const ocserv_opt_strs[1840] = "authentication. Authenticated users are assigned an unprivileged worker\n" "process and obtain a networking (tun) device and IP from a configurable\n" "pool of addresses.\n\0" -/* 1752 */ "ocserv 0.0.3\0" +/* 1752 */ "ocserv 0.1.0\0" /* 1765 */ "Usage: ocserv [options] -c [config]\n" "ocserv --help for usage instructions.\n"; diff --git a/src/ocserv-args.h b/src/ocserv-args.h index 16e58da2..cd31b465 100644 --- a/src/ocserv-args.h +++ b/src/ocserv-args.h @@ -2,7 +2,7 @@ * * DO NOT EDIT THIS FILE (ocserv-args.h) * - * It has been AutoGen-ed March 15, 2013 at 04:54:18 PM by AutoGen 5.16 + * It has been AutoGen-ed March 16, 2013 at 10:55:13 PM by AutoGen 5.16 * From the definitions ocserv-args.def * and the template file options * @@ -76,8 +76,8 @@ typedef enum { } teOptIndex; #define OPTION_CT 7 -#define OCSERV_VERSION "0.0.3" -#define OCSERV_FULL_VERSION "ocserv 0.0.3" +#define OCSERV_VERSION "0.1.0" +#define OCSERV_FULL_VERSION "ocserv 0.1.0" /* * Interface defines for all options. Replace "n" with the UPPER_CASED