summaryrefslogtreecommitdiffstats
path: root/util
diff options
context:
space:
mode:
Diffstat (limited to 'util')
-rw-r--r--util/config_file.c16
-rw-r--r--util/config_file.h4
-rw-r--r--util/configlexer.lex1
-rw-r--r--util/configparser.y13
-rw-r--r--util/net_help.c4
5 files changed, 35 insertions, 3 deletions
diff --git a/util/config_file.c b/util/config_file.c
index 35bc645..bb39cf9 100644
--- a/util/config_file.c
+++ b/util/config_file.c
@@ -60,6 +60,9 @@
#ifdef HAVE_GLOB_H
# include <glob.h>
#endif
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
/** global config during parsing */
struct config_parser_state* cfg_parser = 0;
@@ -131,6 +134,8 @@ config_create(void)
goto error_exit;
init_outgoing_availports(cfg->outgoing_avail_ports, 65536);
if(!(cfg->username = strdup(UB_USERNAME))) goto error_exit;
+ cfg->uid = (uid_t)-1;
+ cfg->gid = (gid_t)-1;
#ifdef HAVE_CHROOT
if(!(cfg->chrootdir = strdup(CHROOT_DIR))) goto error_exit;
#endif
@@ -799,6 +804,17 @@ config_read(struct config_file* cfg, const char* filename, const char* chroot)
errno=EINVAL;
return 0;
}
+
+#ifdef HAVE_GETPWNAM
+ /* translate username into uid and gid */
+ if(cfg->username && cfg->username[0]) {
+ struct passwd *pwd;
+ if((pwd = getpwnam(cfg->username)) == NULL)
+ log_err("user '%s' does not exist.", cfg->username);
+ cfg->uid = pwd->pw_uid;
+ cfg->gid = pwd->pw_gid;
+ }
+#endif
return 1;
}
diff --git a/util/config_file.h b/util/config_file.h
index 49ffbdd..fd35d78 100644
--- a/util/config_file.h
+++ b/util/config_file.h
@@ -192,6 +192,8 @@ struct config_file {
char* chrootdir;
/** username to change to, if not "". */
char* username;
+ uid_t uid;
+ gid_t gid;
/** working directory */
char* directory;
/** filename to log to. */
@@ -282,6 +284,8 @@ struct config_file {
struct config_strlist* control_ifs;
/** port number for the control port */
int control_port;
+ /** use certificates for remote control */
+ int remote_control_use_cert;
/** private key file for server */
char* server_key_file;
/** certificate file for server */
diff --git a/util/configlexer.lex b/util/configlexer.lex
index 7ee7b9b..eea1b85 100644
--- a/util/configlexer.lex
+++ b/util/configlexer.lex
@@ -315,6 +315,7 @@ remote-control{COLON} { YDVAR(0, VAR_REMOTE_CONTROL) }
control-enable{COLON} { YDVAR(1, VAR_CONTROL_ENABLE) }
control-interface{COLON} { YDVAR(1, VAR_CONTROL_INTERFACE) }
control-port{COLON} { YDVAR(1, VAR_CONTROL_PORT) }
+control-use-cert{COLON} { YDVAR(1, VAR_CONTROL_USE_CERT) }
server-key-file{COLON} { YDVAR(1, VAR_SERVER_KEY_FILE) }
server-cert-file{COLON} { YDVAR(1, VAR_SERVER_CERT_FILE) }
control-key-file{COLON} { YDVAR(1, VAR_CONTROL_KEY_FILE) }
diff --git a/util/configparser.y b/util/configparser.y
index 7a92d9e..cbb5e16 100644
--- a/util/configparser.y
+++ b/util/configparser.y
@@ -95,6 +95,7 @@ extern struct config_parser_state* cfg_parser;
%token VAR_PRIVATE_DOMAIN VAR_REMOTE_CONTROL VAR_CONTROL_ENABLE
%token VAR_CONTROL_INTERFACE VAR_CONTROL_PORT VAR_SERVER_KEY_FILE
%token VAR_SERVER_CERT_FILE VAR_CONTROL_KEY_FILE VAR_CONTROL_CERT_FILE
+%token VAR_CONTROL_USE_CERT
%token VAR_EXTENDED_STATISTICS VAR_LOCAL_DATA_PTR VAR_JOSTLE_TIMEOUT
%token VAR_STUB_PRIME VAR_UNWANTED_REPLY_THRESHOLD VAR_LOG_TIME_ASCII
%token VAR_DOMAIN_INSECURE VAR_PYTHON VAR_PYTHON_SCRIPT VAR_VAL_SIG_SKEW_MIN
@@ -1270,7 +1271,7 @@ contents_rc: contents_rc content_rc
| ;
content_rc: rc_control_enable | rc_control_interface | rc_control_port |
rc_server_key_file | rc_server_cert_file | rc_control_key_file |
- rc_control_cert_file
+ rc_control_cert_file | rc_control_use_cert
;
rc_control_enable: VAR_CONTROL_ENABLE STRING_ARG
{
@@ -1298,6 +1299,16 @@ rc_control_interface: VAR_CONTROL_INTERFACE STRING_ARG
yyerror("out of memory");
}
;
+rc_control_use_cert: VAR_CONTROL_USE_CERT STRING_ARG
+ {
+ OUTYY(("P(control_use_cert:%s)\n", $2));
+ if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0)
+ yyerror("expected yes or no.");
+ else cfg_parser->cfg->remote_control_use_cert =
+ (strcmp($2, "yes")==0);
+ free($2);
+ }
+ ;
rc_server_key_file: VAR_SERVER_KEY_FILE STRING_ARG
{
OUTYY(("P(rc_server_key_file:%s)\n", $2));
diff --git a/util/net_help.c b/util/net_help.c
index 8c2bac7..335ee74 100644
--- a/util/net_help.c
+++ b/util/net_help.c
@@ -156,7 +156,7 @@ log_addr(enum verbosity_value v, const char* str,
case AF_INET6: family="ip6";
sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
break;
- case AF_UNIX: family="unix"; break;
+ case AF_LOCAL: family="local"; break;
default: break;
}
if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
@@ -313,7 +313,7 @@ void log_name_addr(enum verbosity_value v, const char* str, uint8_t* zone,
case AF_INET6: family="";
sinaddr = &((struct sockaddr_in6*)addr)->sin6_addr;
break;
- case AF_UNIX: family="unix_family "; break;
+ case AF_LOCAL: family="local "; break;
default: break;
}
if(inet_ntop(af, sinaddr, dest, (socklen_t)sizeof(dest)) == 0) {
OpenPOWER on IntegriCloud