From afba5b8efdf1bac2c02ca787840a2be053c800f7 Mon Sep 17 00:00:00 2001
From: Rob Landley <rob@landley.net>
Date: Mon, 23 Dec 2013 06:49:38 -0600
Subject: Fix some issues raised (albeit indirectly) by Isaac Dunham.

POLL_IN defined as a constant by some libc.
Factor out login.c's change_identity() to xwrap.c as xsetuser().
Replace xsetuid() with xsetuser()
Put a space between argument globals and non-argument globals.
TT starts zeroed, don't need to re-zero entries in it.
STDIN_FILENO has been 0 since 1969, even DOS copied that. Just say 0.
Added an xchroot() using xchdir() to lib/xwrap.c.
Remove endgrent() call until somebody can explain why it was there.
---
 toys/lsb/su.c        |  2 +-
 toys/other/login.c   | 12 ++----------
 toys/pending/tftpd.c | 24 +++++++++---------------
 3 files changed, 12 insertions(+), 26 deletions(-)

(limited to 'toys')

diff --git a/toys/lsb/su.c b/toys/lsb/su.c
index 52d20244..04b0dc1d 100644
--- a/toys/lsb/su.c
+++ b/toys/lsb/su.c
@@ -60,7 +60,7 @@ void su_main()
   if (!passhash || strcmp(passhash, shp->sp_pwdp)) goto deny;
 
   up = xgetpwnam(name);
-  xsetuid(up->pw_uid);
+  xsetuser(up);
 
   argv = argu = xmalloc(sizeof(char *)*(toys.optc + 4));
   *(argv++) = TT.s ? TT.s : up->pw_shell;
diff --git a/toys/other/login.c b/toys/other/login.c
index 54190d0f..100c665a 100644
--- a/toys/other/login.c
+++ b/toys/other/login.c
@@ -14,6 +14,7 @@ config LOGIN
     usage: login [-p] [-h host] [[-f] username]
 
     Establish a new session with the system.
+
     -p	Preserve environment
     -h	The name of the remote host for this login
     -f	Do not perform authentication
@@ -109,15 +110,6 @@ void handle_motd(void)
   fflush(stdout);
 }
 
-int change_identity(const struct passwd *pwd)
-{
-  if (initgroups(pwd->pw_name,pwd->pw_gid)) return 1;
-  if (setgid(pwd->pw_uid)) return 1;
-  if (setuid(pwd->pw_uid)) return 1;
-
-  return 0;
-}
-
 void spawn_shell(const char *shell)
 {
   const char * exec_name = strrchr(shell,'/');
@@ -214,7 +206,7 @@ query_pass:
 
   if (pwd->pw_uid) handle_nologin();
 
-  if (change_identity(pwd)) error_exit("Failed to change identity");
+  xsetuser(pwd);
 
   setup_environment(pwd, !(toys.optflags & FLAG_p));
 
diff --git a/toys/pending/tftpd.c b/toys/pending/tftpd.c
index ea8d3eac..41a1cc72 100644
--- a/toys/pending/tftpd.c
+++ b/toys/pending/tftpd.c
@@ -20,11 +20,13 @@ config TFTPD
     -u	Access files as USER
     -l	Log to syslog (inetd mode requires this)
 */
+
 #define FOR_tftpd
 #include "toys.h"
 
 GLOBALS(
   char *user;
+
   long sfd;
   struct passwd *pw;
 )
@@ -97,10 +99,7 @@ static void do_action(struct sockaddr *srcaddr, struct sockaddr *dstaddr,
 
   pollfds[0].fd = TT.sfd;
   // initialize groups, setgid and setuid
-  if (TT.pw) {
-    if (change_identity(TT.pw)) perror_exit("Failed to change identity");
-    endgrent();
-  }
+  if (TT.pw) xsetuser(TT.pw);
 
   if (opcode == TFTPD_OP_RRQ) fd = open(file, O_RDONLY, 0666);
   else fd = open(file, ((toys.optflags & FLAG_c) ?
@@ -163,11 +162,11 @@ RETRY_SEND:
     // if "block size < 512", send ACK and exit.
     if ((pktopcode == TFTPD_OP_ACK) && done) break;
 
-POLL_IN:
+POLL_INPUT:
     pollfds[0].events = POLLIN;
     pollfds[0].fd = TT.sfd;
     poll_ret = poll(pollfds, 1, timeout);
-    if (poll_ret < 0 && (errno == EINTR || errno == ENOMEM)) goto POLL_IN;
+    if (poll_ret < 0 && (errno == EINTR || errno == ENOMEM)) goto POLL_INPUT;
     if (!poll_ret) {
       if (!--retry_count) {
         error_msg("timeout");
@@ -181,7 +180,7 @@ POLL_IN:
         send_errpkt(dstaddr, socklen, "read-error");
         break;
       }
-      if (len < 4) goto POLL_IN;
+      if (len < 4) goto POLL_INPUT;
     } else {
       perror_msg("poll");
       break;
@@ -224,7 +223,7 @@ POLL_IN:
       }
       continue;
     }
-    goto POLL_IN;
+    goto POLL_INPUT;
   } // end of loop
 
 CLEAN_APP:
@@ -242,19 +241,14 @@ void tftpd_main(void)
   socklen_t socklen = sizeof(struct sockaddr_storage);
   char *buf = toybuf;
 
-  TT.pw = NULL;
   memset(&srcaddr, 0, sizeof(srcaddr));
-  if (getsockname(STDIN_FILENO, (struct sockaddr*)&srcaddr, &socklen)) {
+  if (getsockname(0, (struct sockaddr *)&srcaddr, &socklen)) {
     toys.exithelp = 1;
     error_exit(NULL);
   }
 
   if (TT.user) TT.pw = xgetpwnam(TT.user);
-  if (*toys.optargs) {
-    if (chroot(*toys.optargs))
-      perror_exit("can't change root directory to '%s'", *toys.optargs);
-    if (chdir("/")) perror_exit("can't change directory to '/'");
-  }
+  if (*toys.optargs) xchroot(*toys.optargs);
 
   recvmsg_len = recvfrom(STDIN_FILENO, toybuf, TFTPD_BLKSIZE, 0,
       (struct sockaddr*)&dstaddr, &socklen);
-- 
cgit v1.2.3