Commit Diff
Diff:
7a4f1209a526393cc0f04af2af2601a0577f6b34
75a86b038a5638824ea7b987db33522255e870dd
Commit:
75a86b038a5638824ea7b987db33522255e870dd
Tree:
73e349f1f230f4a70db43cc003b99c16c30962cf
Author:
pjp <pjp@delphinusdns.org>
Committer:
pjp <pjp@delphinusdns.org>
Date:
Tue Jul 11 15:57:16 2017 UTC
Message:
* pledge for OpenBSD activated at ./configure time with --needpledge this in effect turns off TTL code on an OpenBSD host because pledge is still not able to pledge IPPROTO_IP setsockopt code. * remove some BerkeleyDB relics in the master loop
blob - 2b4a5196c4af6b0482b1947b64228b93e24bb3f6
blob + d1b66849634961787f1dfe3daac5e9db7ccec240
--- axfr.c
+++ axfr.c
@@ -105,7 +105,7 @@ RB_PROTOTYPE_STATIC(domaintree, node, entry, domaincmp
RB_GENERATE_STATIC(domaintree, node, entry, domaincmp)
-static const char rcsid[] = "$Id: axfr.c,v 1.9 2017/06/26 20:28:50 pjp Exp $";
+static const char rcsid[] = "$Id: axfr.c,v 1.10 2017/07/11 15:57:16 pjp Exp $";
/*
* INIT_AXFR - initialize the axfr singly linked list
@@ -324,6 +324,16 @@ axfrloop(int *afd, int sockcount, char **ident, ddDB *
pid_t pid;
char address[INET6_ADDRSTRLEN];
+
+#if __OpenBSD__
+#ifdef NEEDPLEDGE
+ if (pledge("stdio inet", NULL) < 0)
+ {
+ perror("pledge");
+ exit(1);
+ }
+#endif
+#endif
signal(SIGCHLD, reap);
blob - a802b3c7bdcbf04d05af6fbfa55ffe8d7c22aebe
blob + e08d3e1a183eb3475f664e569c2cd8610573b89a
--- configure
+++ configure
@@ -4,18 +4,23 @@
VERSION="1.1.0-current"
DD_VERSION="delphinusdnsd-$VERSION"
DD_VERSION_LEN=`echo -n $DD_VERSION | wc -c`
+NP=0
echo "/* ddd-config.h - autogenerated by configure */" > ddd-config.h
until [ -z $1 ]
do
case $1 in
+ --needpledge)
+ echo "#define NEEDPLEDGE 1" >> ddd-config.h
+ NP=1
+ ;;
--user=*)
user=`echo $1 | sed -e 's/--user=//g'`
echo "#define DEFAULT_PRIVILEGE \"$user\"" >> ddd-config.h
;;
*)
- echo "usage: configure [--user=USERNAME]"
+ echo "usage: configure [--needpledge] [--user=USERNAME]"
exit
;;
esac
@@ -28,6 +33,9 @@ echo "#define DD_VERSION_LEN $DD_VERSION_LEN" >> ddd-c
openbsd() {
echo configuring for OpenBSD
+ if [ NP -lt 1 ]; then
+ echo "to pledge this program use --needpledge option in ./configure"
+ fi
cp Makefile.openbsd Makefile
cp delphinusdnsd/Makefile.openbsd delphinusdnsd/Makefile
cp dd-convert/Makefile.openbsd dd-convert/Makefile
blob - 181ee1f19b88a19d03fd868cb45807a715ce52cb
blob + 7ac83fbee71f2c27fd5788c1dc95403276291138
--- delphinusdnsd.c
+++ delphinusdnsd.c
@@ -167,7 +167,7 @@ static struct tcps {
} *tn1, *tnp, *tntmp;
-static const char rcsid[] = "$Id: delphinusdnsd.c,v 1.13 2017/06/28 09:40:54 pjp Exp $";
+static const char rcsid[] = "$Id: delphinusdnsd.c,v 1.14 2017/07/11 15:57:16 pjp Exp $";
/*
* MAIN - set up arguments, set up database, set up sockets, call mainloop
@@ -206,15 +206,6 @@ main(int argc, char *argv[])
static ddDB *db;
-#if notyet
-/* currently we get stopped on a setsockopt */
-#if __OpenBSD__
- if (pledge("stdio inet rpath wpath cpath getpw proc exec id", NULL) < 0) {
- perror("pledge");
- exit(1);
- }
-#endif
-#endif
if (geteuid() != 0) {
fprintf(stderr, "must be started as root\n"); /* .. dolt */
@@ -414,10 +405,16 @@ main(int argc, char *argv[])
if (setsockopt(udp[i], IPPROTO_IP, IP_TTL,
&on, sizeof(on)) < 0) {
#else
+#ifndef NEEDPLEDGE
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
&on, sizeof(on)) < 0) {
+#else
+ {
#endif
+#endif
+#ifndef NEEDPLEDGE
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
+#endif
}
} else if (res->ai_family == AF_INET6) {
/* RFC 3542 page 30 */
@@ -577,10 +574,16 @@ main(int argc, char *argv[])
if (setsockopt(udp[i], IPPROTO_IP, IP_TTL,
&on, sizeof(on)) < 0) {
#else
+#ifndef NEEDPLEDGE
if (setsockopt(udp[i], IPPROTO_IP, IP_RECVTTL,
&on, sizeof(on)) < 0) {
+#else
+ {
#endif
+#endif
+#ifndef NEEDPLEDGE
dolog(LOG_INFO, "setsockopt: %s\n", strerror(errno));
+#endif
}
} else if (pifap->ifa_addr->sa_family == AF_INET6) {
/* RFC 3542 page 30 */
@@ -730,6 +733,15 @@ main(int argc, char *argv[])
exit(1);
}
+#if __OpenBSD__
+#ifdef NEEDPLEDGE
+ if (pledge("stdio inet rpath wpath cpath getpw proc id", NULL) < 0) {
+ perror("pledge");
+ exit(1);
+ }
+#endif
+#endif
+
/*
* add signals
*/
@@ -1475,7 +1487,9 @@ mainloop(struct cfg *cfg)
u_int32_t received_ttl;
#if defined __FreeBSD__ || defined __OpenBSD__
+#ifndef NEEDPLEDGE
u_char *ttlptr;
+#endif
#else
int *ttlptr;
#endif
@@ -1513,7 +1527,9 @@ mainloop(struct cfg *cfg)
struct timeval tv = { 10, 0};
struct msghdr msgh;
+#ifndef NEEDPLEDGE
struct cmsghdr *cmsg;
+#endif
struct iovec iov;
int flag;
@@ -2298,6 +2314,7 @@ axfrentry:
received_ttl = 0;
+#ifndef NEEDPLEDGE
for (cmsg = CMSG_FIRSTHDR(&msgh);
cmsg != NULL;
cmsg = CMSG_NXTHDR(&msgh,cmsg)) {
@@ -2342,6 +2359,7 @@ axfrentry:
received_ttl = (u_int)*ttlptr;
}
}
+#endif /* NEEDPLEDGE */
if (from->sa_family == AF_INET6) {
is_ipv6 = 1;
@@ -3044,6 +3062,15 @@ setup_master(ddDB *db, char **av)
char buf[512];
pid_t pid;
int fd;
+
+#if __OpenBSD__
+#ifdef NEEDPLEDGE
+ if (pledge("stdio wpath cpath exec proc", NULL) < 0) {
+ perror("pledge");
+ exit(1);
+ }
+#endif
+#endif
#if !defined __APPLE__
setproctitle("delphinusdnsd master");
@@ -3080,16 +3107,6 @@ setup_master(ddDB *db, char **av)
dolog(LOG_INFO, "shutting down on signal %d\n", msig);
unlink(PIDFILE);
- /* clean up our database */
- pid = getpid();
- snprintf(buf, sizeof(buf), "%s/%lu/__db.001", MYDB_PATH,
- (long)getpid());
- unlink(buf);
- snprintf(buf, sizeof(buf), "%s/%lu", MYDB_PATH,
- (long)getpid());
-
- rmdir(buf);
-
pid = getpgrp();
killpg(pid, msig);
@@ -3107,16 +3124,6 @@ setup_master(ddDB *db, char **av)
}
unlink(PIDFILE);
-
- /* clean up our database */
- pid = getpid();
- snprintf(buf, sizeof(buf), "%s/%lu/__db.001", MYDB_PATH,
- (long)getpid());
- unlink(buf);
- snprintf(buf, sizeof(buf), "%s/%lu", MYDB_PATH,
- (long)getpid());
-
- rmdir(buf);
dolog(LOG_INFO, "restarting on SIGHUP\n");
repomaster@centroid.eu