From 4daae4a9009b1340e4887d42974a0b0a50ae6c43 Mon Sep 17 00:00:00 2001 From: Sunil Nimmagadda Date: Thu, 12 Nov 2020 18:02:47 +0530 Subject: [PATCH] opendoas: Fallback for setresuid(2). This approach borrows from openssh-portable. The bsd-setres_id.c is adapted with openssh-portable specific bits (log.h inclusion and error() function) removed. Closes: #40 [via git-merge-pr] --- configure | 4 +- libopenbsd/bsd-setres_id.c | 79 ++++++++++++++++++++++++++++++++++++++ libopenbsd/openbsd.h | 7 ++++ 3 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 libopenbsd/bsd-setres_id.c diff --git a/configure b/configure index bd1b94f..679fe68 100755 --- a/configure +++ b/configure @@ -340,7 +340,9 @@ int main(void) { setresuid(0, 0, 0); return 0; }' -check_func "setresuid" "$src" || die "system has no setresuid(2): not supported" +check_func "setresuid" "$src" || { + printf 'OPENBSD += bsd-setres_id.o\n' >>$CONFIG_MK +} # # Check for closefrom(). diff --git a/libopenbsd/bsd-setres_id.c b/libopenbsd/bsd-setres_id.c new file mode 100644 index 0000000..f36d3eb --- /dev/null +++ b/libopenbsd/bsd-setres_id.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 2012 Darren Tucker (dtucker at zip com au). + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "includes.h" + +#include + +#include +#include +#include +#include + +#if !defined(HAVE_SETRESGID) || defined(BROKEN_SETRESGID) +int +setresgid(gid_t rgid, gid_t egid, gid_t sgid) +{ + int ret = 0; + + if (rgid != sgid) { + errno = ENOSYS; + return -1; + } +#if defined(HAVE_SETREGID) && !defined(BROKEN_SETREGID) + if (setregid(rgid, egid) < 0) { + ret = -1; + } +#else + if (setegid(egid) < 0) { + ret = -1; + } + if (setgid(rgid) < 0) { + ret = -1; + } +#endif + return ret; +} +#endif + +#if !defined(HAVE_SETRESUID) || defined(BROKEN_SETRESUID) +int +setresuid(uid_t ruid, uid_t euid, uid_t suid) +{ + int ret = 0; + + if (ruid != suid) { + errno = ENOSYS; + return -1; + } +#if defined(HAVE_SETREUID) && !defined(BROKEN_SETREUID) + if (setreuid(ruid, euid) < 0) { + ret = -1; + } +#else + +# ifndef SETEUID_BREAKS_SETUID + if (seteuid(euid) < 0) { + ret = -1; + } +# endif + if (setuid(ruid) < 0) { + ret = -1; + } +#endif + return ret; +} +#endif diff --git a/libopenbsd/openbsd.h b/libopenbsd/openbsd.h index da420de..d3bdc0b 100644 --- a/libopenbsd/openbsd.h +++ b/libopenbsd/openbsd.h @@ -64,4 +64,11 @@ const char * getprogname(void); void setprogname(const char *progname); #endif /* !HAVE_SETPROGNAME */ +#ifndef HAVE_SETRESGID +int setresgid(gid_t, gid_t, gid_t); +#endif +#ifndef HAVE_SETRESUID +int setresuid(uid_t, uid_t, uid_t); +#endif + #endif /* _LIB_OPENBSD_H_ */ -- 2.39.2