"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/supernode.c" between
n2n-3.0.tar.gz and n2n-3.1.1.tar.gz

About: n2n is a layer-two peer-to-peer virtual private network (VPN) which allows bypassing intermediate firewalls.
Pre-release.

supernode.c  (n2n-3.0):supernode.c  (n2n-3.1.1)
/** /**
* (C) 2007-21 - ntop.org and contributors * (C) 2007-22 - ntop.org and contributors
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or * the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This program is distributed in the hope that it will be useful, * This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of * but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details. * GNU General Public License for more details.
skipping to change at line 291 skipping to change at line 291
sss->groupid = atoi(_optarg); sss->groupid = atoi(_optarg);
break; break;
#endif #endif
case 'F': { /* federation name */ case 'F': { /* federation name */
snprintf(sss->federation->community, N2N_COMMUNITY_SIZE - 1 ,"*%s", _optarg); snprintf(sss->federation->community, N2N_COMMUNITY_SIZE - 1 ,"*%s", _optarg);
sss->federation->community[N2N_COMMUNITY_SIZE - 1] = '\0'; sss->federation->community[N2N_COMMUNITY_SIZE - 1] = '\0';
break; break;
} }
#ifdef SN_MANUAL_MAC #ifdef SN_MANUAL_MAC
case 'm': {/* MAC address */ case 'm': {/* MAC address */
str2mac(sss->mac_addr,_optarg); str2mac(sss->mac_addr, _optarg);
// clear multicast bit
sss->mac_addr[0] &= ~0x01;
// set locally-assigned bit
sss->mac_addr[0] |= 0x02;
break; break;
} }
#endif #endif
case 'M': /* override spoofing protection */ case 'M': /* override spoofing protection */
sss->override_spoofing_protection = 1; sss->override_spoofing_protection = 1;
break; break;
case 'V': /* version text */ case 'V': /* version text */
strncpy(sss->version, _optarg, sizeof(n2n_version_t)); strncpy(sss->version, _optarg, sizeof(n2n_version_t));
sss->version[sizeof(n2n_version_t) - 1] = '\0'; sss->version[sizeof(n2n_version_t) - 1] = '\0';
skipping to change at line 632 skipping to change at line 638
traceEvent(TRACE_ERROR, "failed to open management socket, %s", strerror (errno)); traceEvent(TRACE_ERROR, "failed to open management socket, %s", strerror (errno));
exit(-2); exit(-2);
} else { } else {
traceEvent(TRACE_NORMAL, "supernode is listening on UDP %u (management)" , sss_node.mport); traceEvent(TRACE_NORMAL, "supernode is listening on UDP %u (management)" , sss_node.mport);
} }
HASH_ITER(hh, sss_node.federation->edges, scan, tmp) HASH_ITER(hh, sss_node.federation->edges, scan, tmp)
scan->socket_fd = sss_node.sock; scan->socket_fd = sss_node.sock;
#ifndef WIN32 #ifndef WIN32
/*
* If no uid/gid is specified on the commandline, use the uid/gid of the
* first found out of user "n2n" or "nobody"
*/
if(((pw = getpwnam ("n2n")) != NULL) || ((pw = getpwnam ("nobody")) != NULL) ) { if(((pw = getpwnam ("n2n")) != NULL) || ((pw = getpwnam ("nobody")) != NULL) ) {
/*
* If the uid/gid is not set from the CLI, set it from getpwnam
* otherwise reset it to zero
* (TODO: this looks wrong)
*/
sss_node.userid = sss_node.userid == 0 ? pw->pw_uid : 0; sss_node.userid = sss_node.userid == 0 ? pw->pw_uid : 0;
sss_node.groupid = sss_node.groupid == 0 ? pw->pw_gid : 0; sss_node.groupid = sss_node.groupid == 0 ? pw->pw_gid : 0;
} }
/*
* If we have a non-zero requested uid/gid, attempt to switch to use
* those
*/
if((sss_node.userid != 0) || (sss_node.groupid != 0)) { if((sss_node.userid != 0) || (sss_node.groupid != 0)) {
traceEvent(TRACE_NORMAL, "dropping privileges to uid=%d, gid=%d", traceEvent(TRACE_NORMAL, "dropping privileges to uid=%d, gid=%d",
(signed int)sss_node.userid, (signed int)sss_node.groupi d); (signed int)sss_node.userid, (signed int)sss_node.groupi d);
/* Finished with the need for root privileges. Drop to unprivileged user . */ /* Finished with the need for root privileges. Drop to unprivileged user . */
if((setgid(sss_node.groupid) != 0) if((setgid(sss_node.groupid) != 0)
|| (setuid(sss_node.userid) != 0)) { || (setuid(sss_node.userid) != 0)) {
traceEvent(TRACE_ERROR, "unable to drop privileges [%u/%s]", errno, strerror(errno)); traceEvent(TRACE_ERROR, "unable to drop privileges [%u/%s]", errno, strerror(errno));
exit(1);
} }
} }
if((getuid() == 0) || (getgid() == 0)) { if((getuid() == 0) || (getgid() == 0)) {
traceEvent(TRACE_WARNING, "running as root is discouraged, check out the -u/-g options"); traceEvent(TRACE_WARNING, "running as root is discouraged, check out the -u/-g options");
} }
#endif #endif
sn_init(&sss_node); sn_init(&sss_node);
 End of changes. 6 change blocks. 
3 lines changed or deleted 22 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)