monitor_fdpass.c revision 124208
198675Sdes/* 298675Sdes * Copyright 2001 Niels Provos <provos@citi.umich.edu> 398675Sdes * All rights reserved. 498675Sdes * 598675Sdes * Redistribution and use in source and binary forms, with or without 698675Sdes * modification, are permitted provided that the following conditions 798675Sdes * are met: 898675Sdes * 1. Redistributions of source code must retain the above copyright 998675Sdes * notice, this list of conditions and the following disclaimer. 1098675Sdes * 2. Redistributions in binary form must reproduce the above copyright 1198675Sdes * notice, this list of conditions and the following disclaimer in the 1298675Sdes * documentation and/or other materials provided with the distribution. 1398675Sdes * 1498675Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 1598675Sdes * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 1698675Sdes * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 1798675Sdes * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 1898675Sdes * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 1998675Sdes * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 2098675Sdes * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 2198675Sdes * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 2298675Sdes * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 2398675Sdes * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 2498675Sdes */ 2598675Sdes 2698675Sdes#include "includes.h" 27106121SdesRCSID("$OpenBSD: monitor_fdpass.c,v 1.4 2002/06/26 14:50:04 deraadt Exp $"); 2898675Sdes 2998675Sdes#include <sys/uio.h> 3098675Sdes 3198675Sdes#include "log.h" 3298675Sdes#include "monitor_fdpass.h" 3398675Sdes 3498675Sdesvoid 3598675Sdesmm_send_fd(int socket, int fd) 3698675Sdes{ 3798937Sdes#if defined(HAVE_SENDMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) 3898675Sdes struct msghdr msg; 3998675Sdes struct iovec vec; 4098675Sdes char ch = '\0'; 41106121Sdes ssize_t n; 4298937Sdes#ifndef HAVE_ACCRIGHTS_IN_MSGHDR 4398937Sdes char tmp[CMSG_SPACE(sizeof(int))]; 4498937Sdes struct cmsghdr *cmsg; 4598937Sdes#endif 4698675Sdes 4798675Sdes memset(&msg, 0, sizeof(msg)); 4898937Sdes#ifdef HAVE_ACCRIGHTS_IN_MSGHDR 4998937Sdes msg.msg_accrights = (caddr_t)&fd; 5098937Sdes msg.msg_accrightslen = sizeof(fd); 5198937Sdes#else 5298675Sdes msg.msg_control = (caddr_t)tmp; 5398675Sdes msg.msg_controllen = CMSG_LEN(sizeof(int)); 5498675Sdes cmsg = CMSG_FIRSTHDR(&msg); 5598675Sdes cmsg->cmsg_len = CMSG_LEN(sizeof(int)); 5698675Sdes cmsg->cmsg_level = SOL_SOCKET; 5798675Sdes cmsg->cmsg_type = SCM_RIGHTS; 5898675Sdes *(int *)CMSG_DATA(cmsg) = fd; 5998937Sdes#endif 6098675Sdes 6198675Sdes vec.iov_base = &ch; 6298675Sdes vec.iov_len = 1; 6398675Sdes msg.msg_iov = &vec; 6498675Sdes msg.msg_iovlen = 1; 6598675Sdes 6698675Sdes if ((n = sendmsg(socket, &msg, 0)) == -1) 6798675Sdes fatal("%s: sendmsg(%d): %s", __func__, fd, 6898675Sdes strerror(errno)); 6998675Sdes if (n != 1) 70106121Sdes fatal("%s: sendmsg: expected sent 1 got %ld", 71106121Sdes __func__, (long)n); 7298937Sdes#else 7398937Sdes fatal("%s: UsePrivilegeSeparation=yes not supported", 7498937Sdes __func__); 7598937Sdes#endif 7698675Sdes} 7798675Sdes 7898675Sdesint 7998675Sdesmm_receive_fd(int socket) 8098675Sdes{ 8198937Sdes#if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR)) 8298675Sdes struct msghdr msg; 8398675Sdes struct iovec vec; 84106121Sdes ssize_t n; 8598675Sdes char ch; 86106121Sdes int fd; 8798937Sdes#ifndef HAVE_ACCRIGHTS_IN_MSGHDR 8898937Sdes char tmp[CMSG_SPACE(sizeof(int))]; 8998937Sdes struct cmsghdr *cmsg; 9098937Sdes#endif 9198675Sdes 9298675Sdes memset(&msg, 0, sizeof(msg)); 9398675Sdes vec.iov_base = &ch; 9498675Sdes vec.iov_len = 1; 9598675Sdes msg.msg_iov = &vec; 9698675Sdes msg.msg_iovlen = 1; 9798937Sdes#ifdef HAVE_ACCRIGHTS_IN_MSGHDR 9898937Sdes msg.msg_accrights = (caddr_t)&fd; 9998937Sdes msg.msg_accrightslen = sizeof(fd); 10098937Sdes#else 10198675Sdes msg.msg_control = tmp; 10298675Sdes msg.msg_controllen = sizeof(tmp); 10398937Sdes#endif 10498675Sdes 10598675Sdes if ((n = recvmsg(socket, &msg, 0)) == -1) 10698675Sdes fatal("%s: recvmsg: %s", __func__, strerror(errno)); 10798675Sdes if (n != 1) 108106121Sdes fatal("%s: recvmsg: expected received 1 got %ld", 109106121Sdes __func__, (long)n); 11098675Sdes 11198937Sdes#ifdef HAVE_ACCRIGHTS_IN_MSGHDR 11298937Sdes if (msg.msg_accrightslen != sizeof(fd)) 11398937Sdes fatal("%s: no fd", __func__); 11498937Sdes#else 11598675Sdes cmsg = CMSG_FIRSTHDR(&msg); 116124208Sdes#ifndef BROKEN_CMSG_TYPE 11798675Sdes if (cmsg->cmsg_type != SCM_RIGHTS) 11898675Sdes fatal("%s: expected type %d got %d", __func__, 11998675Sdes SCM_RIGHTS, cmsg->cmsg_type); 120124208Sdes#endif 12198675Sdes fd = (*(int *)CMSG_DATA(cmsg)); 12298937Sdes#endif 12398675Sdes return fd; 12498937Sdes#else 12598937Sdes fatal("%s: UsePrivilegeSeparation=yes not supported", 12698937Sdes __func__); 12798937Sdes#endif 12898675Sdes} 129