# error "You don't have the standard C99 header files installed"
#endif /* STDC_HEADERS */
+#if HAVE_UNISTD_H
+# include <unistd.h>
+#endif
+
#if HAVE_MATH_H
# include <math.h>
#endif
# include <signal.h>
#endif
+#if HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
#include "oping.h"
+#ifndef _POSIX_SAVED_IDS
+# define _POSIX_SAVED_IDS 0
+#endif
+
typedef struct ping_context
{
char host[NI_MAXHOST];
static double opt_interval = 1.0;
static int opt_addrfamily = PING_DEF_AF;
static char *opt_srcaddr = NULL;
+static char *opt_device = NULL;
static char *opt_filename = NULL;
static int opt_count = -1;
static int opt_send_ttl = 64;
free (context);
}
-static void usage_exit (const char *name)
+static void usage_exit (const char *name, int status)
{
int name_length;
" -i interval interval with which to send ICMP packets\n"
" -t ttl time to live for each ICMP packet\n"
" -I srcaddr source address\n"
+ " -D device outgoing interface name\n"
" -f filename filename to read hosts from\n"
"\noping "PACKAGE_VERSION", http://verplant.org/liboping/\n"
"by Florian octo Forster <octo@verplant.org>\n"
"for contributions see `AUTHORS'\n",
name);
- exit (1);
+ exit (status);
}
static int read_options (int argc, char **argv)
while (1)
{
- optchar = getopt (argc, argv, "46c:hi:I:t:f:");
+ optchar = getopt (argc, argv, "46c:hi:I:t:f:D:");
if (optchar == -1)
break;
}
break;
+ case 'D':
+ opt_device = optarg;
+ break;
+
case 't':
{
int new_send_ttl;
}
case 'h':
+ usage_exit (argv[0], 0);
+ break;
default:
- usage_exit (argv[0]);
+ usage_exit (argv[0], 1);
}
}
int optind;
int i;
+ int status;
+#if _POSIX_SAVED_IDS
+ uid_t saved_set_uid;
+
+ /* Save the old effective user id */
+ saved_set_uid = geteuid ();
+ /* Set the effective user ID to the real user ID without changing the
+ * saved set-user ID */
+ status = seteuid (getuid ());
+ if (status != 0)
+ {
+ fprintf (stderr, "Temporarily dropping privileges "
+ "failed: %s\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+#endif
optind = read_options (argc, argv);
- if ((optind >= argc) && (opt_filename == NULL)) {
- usage_exit (argv[0]);
+#if !_POSIX_SAVED_IDS
+ /* Cannot temporarily drop privileges -> reject every file but "-". */
+ if ((opt_filename != NULL)
+ && (strcmp ("-", opt_filename) != 0)
+ && (getuid () != geteuid ()))
+ {
+ fprintf (stderr, "Your real and effective user IDs don't "
+ "match. Reading from a file (option '-f')\n"
+ "is therefore too risky. You can still read "
+ "from STDIN using '-f -' if you like.\n"
+ "Sorry.\n");
+ exit (EXIT_FAILURE);
}
+#endif
- if (geteuid () != 0)
- {
- fprintf (stderr, "Need superuser privileges to open a RAW socket. Sorry.\n");
- return (1);
+ if ((optind >= argc) && (opt_filename == NULL)) {
+ usage_exit (argv[0], 1);
}
if ((ping = ping_construct ()) == NULL)
}
}
+ if (opt_device != NULL)
+ {
+ if (ping_setopt (ping, PING_OPT_DEVICE, (void *) opt_device) != 0)
+ {
+ fprintf (stderr, "Setting device failed: %s\n",
+ ping_get_error (ping));
+ }
+ }
+
if (opt_filename != NULL)
{
FILE *infile;
return (1);
}
+#if _POSIX_SAVED_IDS
+ /* Regain privileges */
+ status = seteuid (saved_set_uid);
+ if (status != 0)
+ {
+ fprintf (stderr, "Temporarily re-gaining privileges "
+ "failed: %s\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+#endif
+
while (fgets(line, sizeof(line), infile))
{
/* Strip whitespace */
}
}
+#if _POSIX_SAVED_IDS
+ /* Drop privileges */
+ status = seteuid (getuid ());
+ if (status != 0)
+ {
+ fprintf (stderr, "Temporarily dropping privileges "
+ "failed: %s\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+#endif
+
fclose(infile);
}
+#if _POSIX_SAVED_IDS
+ /* Regain privileges */
+ status = seteuid (saved_set_uid);
+ if (status != 0)
+ {
+ fprintf (stderr, "Temporarily re-gaining privileges "
+ "failed: %s\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+#endif
+
for (i = optind; i < argc; i++)
{
if (ping_host_add (ping, argv[i]) < 0)
}
}
- /* Drop root privileges if we're setuid-root. */
- setuid (getuid ());
+ /* Permanently drop root privileges if we're setuid-root. */
+ status = setuid (getuid ());
+ if (status != 0)
+ {
+ fprintf (stderr, "Dropping privileges failed: %s\n",
+ strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
+#if _POSIX_SAVED_IDS
+ saved_set_uid = (uid_t) -1;
+#endif
i = 0;
for (iter = ping_iterator_get (ping);
projects / liboping.git / blobdiff