Browse Source

add __progname emulation, prevent setproctitle from overwriting it

Make a copy of __progname on start to avoid setproctitle clobbering it
later. Check if the OS supports __progname and emulate if unavailable.
- from OpenSSH.
Thanks to Paul B. Henson for reporting the setproctitle emulation issue
and Jonas 'Sortie' Termansen for suggesting __progname emulation.
OPENBSD_5_7
Brent Cook 10 years ago
parent
commit
198294a383
16 changed files with 89 additions and 24 deletions
  1. +2
    -0
      Makefile.am
  2. +46
    -0
      compat/progname.c
  3. +11
    -0
      configure.ac
  4. +1
    -1
      patches/0001-be-more-verbose-when-logging-privsep-errors.patch
  5. +1
    -1
      patches/0002-do-not-allow-privsep-user-to-be-a-privileged-user.patch
  6. +1
    -1
      patches/0003-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch
  7. +1
    -1
      patches/0004-EAI_NODATA-does-not-exist-everywhere.patch
  8. +1
    -1
      patches/0005-Use-LOG_NTP-syslog-facility-if-it-is-available.patch
  9. +1
    -1
      patches/0006-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch
  10. +1
    -1
      patches/0007-check-if-rdomain-support-is-available.patch
  11. +1
    -1
      patches/0008-update-ntpd.conf-to-indicate-OS-dependent-options.patch
  12. +1
    -1
      patches/0009-allow-overriding-default-user-and-file-locations.patch
  13. +2
    -2
      patches/0010-add-p-option-to-create-a-pid-file.patch
  14. +12
    -6
      patches/0011-initialize-setproctitle-where-needed.patch
  15. +1
    -1
      patches/0012-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch
  16. +6
    -6
      patches/0013-log-context-of-all-fatal-allocations.patch

+ 2
- 0
Makefile.am View File

@ -174,6 +174,8 @@ if !HAVE_MD5
libcompat_la_SOURCES += compat/md5.c
endif
libcompat_la_SOURCES += compat/progname.c
if !HAVE_REALLOCARRAY
libcompat_la_SOURCES += compat/reallocarray.c
endif


+ 46
- 0
compat/progname.c View File

@ -0,0 +1,46 @@
/*
* Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <string.h>
#ifndef HAVE___PROGNAME
char *__progname;
#endif
/*
* NB. duplicate __progname in case it is an alias for argv[0]
* Otherwise it may get clobbered by setproctitle()
*/
char *get_progname(char *argv0)
{
#ifdef HAVE___PROGNAME
extern char *__progname;
return strdup(__progname);
#else
char *p;
if (argv0 == NULL)
return ("unknown"); /* XXX */
p = strrchr(argv0, '/');
if (p == NULL)
p = argv0;
else
p++;
return (strdup(p));
#endif
}

+ 11
- 0
configure.ac View File

@ -153,6 +153,17 @@ AM_CONDITIONAL([HAVE_ARC4RANDOM_UNIFORM],
-a "x$HOST_OS" != xnetbsd \
-a "x$ac_cv_func_arc4random_uniform" = xyes])
AC_CACHE_CHECK([if libc defines __progname], ac_cv_libc_defines___progname, [
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],
[[ extern char *__progname; printf("%s", __progname); ]])],
[ ac_cv_libc_defines___progname="yes" ],
[ ac_cv_libc_defines___progname="no"
])
])
if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
AC_DEFINE([HAVE___PROGNAME], [1], [Define if libc defines __progname])
fi
AC_CACHE_CHECK([whether va_copy exists], ac_cv_have_va_copy, [
AC_LINK_IFELSE([AC_LANG_PROGRAM([[
#include <stdarg.h>


+ 1
- 1
patches/0001-be-more-verbose-when-logging-privsep-errors.patch View File

@ -1,4 +1,4 @@
From 3358e0e85bf40351bc4a8357a878c844c4190ef2 Mon Sep 17 00:00:00 2001
From c214bf6eca6de29239d00b4a9ce6528f82b25bec Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 13:06:38 -0600
Subject: [PATCH 01/13] be more verbose when logging privsep errors


+ 1
- 1
patches/0002-do-not-allow-privsep-user-to-be-a-privileged-user.patch View File

@ -1,4 +1,4 @@
From fb62935494233b756bfbe48b3652c07c378ef55e Mon Sep 17 00:00:00 2001
From 38bb78974653ef6e791f986cab561c3194f84297 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 13:26:29 -0600
Subject: [PATCH 02/13] do not allow privsep user to be a privileged user


+ 1
- 1
patches/0003-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch View File

@ -1,4 +1,4 @@
From 1f533ce93b5826f3c3e3b16b237571c9c62dc1eb Mon Sep 17 00:00:00 2001
From be2634a7df434a90896a8678da308734943f69bb Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:10:22 -0600
Subject: [PATCH 03/13] Handle IPv6 DNS records on IPv4 networks more liberally


+ 1
- 1
patches/0004-EAI_NODATA-does-not-exist-everywhere.patch View File

@ -1,4 +1,4 @@
From aff999eff42db8c1022fc4c95cd4f2bc689e0708 Mon Sep 17 00:00:00 2001
From 266265a2ac85afe947b787e0c991168fa0c4adc0 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:04:08 -0600
Subject: [PATCH 04/13] EAI_NODATA does not exist everywhere


+ 1
- 1
patches/0005-Use-LOG_NTP-syslog-facility-if-it-is-available.patch View File

@ -1,4 +1,4 @@
From 0a55dd5a69636bcb8047e84e63f41cac6d8ac4ae Mon Sep 17 00:00:00 2001
From 125039fad99de2ad2ac0c0738c692dae14c48bfb Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 21:16:54 -0600
Subject: [PATCH 05/13] Use LOG_NTP syslog facility if it is available


+ 1
- 1
patches/0006-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch View File

@ -1,4 +1,4 @@
From a4991f440faa3e9b073c522b62438a32b7fb6ef3 Mon Sep 17 00:00:00 2001
From c7bfa2373a06fbed91ca35cac664b1b92cf6a8d0 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:02:50 -0600
Subject: [PATCH 06/13] conditionally fill in sin_len/sin6_len if they exist


+ 1
- 1
patches/0007-check-if-rdomain-support-is-available.patch View File

@ -1,4 +1,4 @@
From 682b4ff97c28a1def8192c4eeb9ea8c6b92e3b6c Mon Sep 17 00:00:00 2001
From c8bac970282975fd81542dcf5173e5ffdad545c3 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:05:46 -0600
Subject: [PATCH 07/13] check if rdomain support is available.


+ 1
- 1
patches/0008-update-ntpd.conf-to-indicate-OS-dependent-options.patch View File

@ -1,4 +1,4 @@
From 41b570b1794534abe338dfc6dc0d0ff002c211c0 Mon Sep 17 00:00:00 2001
From 9a2a22b3714bdb398f9b03a64d91aecbdd9b5fc0 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:20:03 -0600
Subject: [PATCH 08/13] update ntpd.conf to indicate OS-dependent options


+ 1
- 1
patches/0009-allow-overriding-default-user-and-file-locations.patch View File

@ -1,4 +1,4 @@
From e432380f8540be3021efa57c723e00c50073f953 Mon Sep 17 00:00:00 2001
From 2e60189298e177d811c4574bf07b4721361d306b Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 07:18:11 -0600
Subject: [PATCH 09/13] allow overriding default user and file locations


+ 2
- 2
patches/0010-add-p-option-to-create-a-pid-file.patch View File

@ -1,4 +1,4 @@
From 1f659267b350fadc3b430a9723c69c780d2eea6f Mon Sep 17 00:00:00 2001
From ff82cc8278eafc04ee00f1e847c7424d857b2907 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Wed, 31 Dec 2014 08:26:41 -0600
Subject: [PATCH 10/13] add -p option to create a pid file
@ -35,7 +35,7 @@ index 18b12e8..9eb1fee 100644
Do not set the time immediately at startup.
This is the default.
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index ee1ecb5..f89532f 100644
index e2c189c..f5f0dbb 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -83,6 +83,18 @@ sighdlr(int sig)


+ 12
- 6
patches/0011-initialize-setproctitle-where-needed.patch View File

@ -1,17 +1,19 @@
From 198aa5cd7cf86d9c10dbdf24291e1f8afbb12410 Mon Sep 17 00:00:00 2001
From 026e34d46265334276120711dc80f42ea20c3b82 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 06:18:31 -0600
Subject: [PATCH 11/13] initialize setproctitle where needed
We need to save a copy of argv and __progname to avoid setproctitle
clobbering them.
---
src/usr.sbin/ntpd/ntpd.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
src/usr.sbin/ntpd/ntpd.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index f89532f..ea8cf70 100644
index f5f0dbb..26463f6 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -111,6 +111,11 @@ usage(void)
@@ -111,6 +111,13 @@ usage(void)
#define POLL_MAX 8
#define PFD_PIPE 0
@ -19,14 +21,18 @@ index f89532f..ea8cf70 100644
+#ifndef HAVE_SETPROCTITLE
+static char **saved_argv;
+#endif
+
+char *get_progname(char *argv0);
+
int
main(int argc, char *argv[])
{
@@ -134,6 +139,17 @@ main(int argc, char *argv[])
@@ -134,6 +141,19 @@ main(int argc, char *argv[])
log_init(1); /* log to stderr until daemonized */
+ __progname = get_progname(argv[0]);
+
+#ifndef HAVE_SETPROCTITLE
+ int i;
+ /* Prepare for later setproctitle emulation */


+ 1
- 1
patches/0012-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch View File

@ -1,4 +1,4 @@
From 1da8b11e25548aa48f055b7c8c1c97310af73fdb Mon Sep 17 00:00:00 2001
From 0763f9baeb5f915dce6da779cc57a6e374f92cf7 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 21:17:35 -0600
Subject: [PATCH 12/13] document SIGUSR1 fallback if SIGINFO is not


+ 6
- 6
patches/0013-log-context-of-all-fatal-allocations.patch View File

@ -1,4 +1,4 @@
From c33a7dbd5827d8cf3e81193ea128d9b29a596c4c Mon Sep 17 00:00:00 2001
From a53fb3d0ccb42e59b0ce2e3fa6f141da106a7294 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 19 Jan 2015 04:37:59 -0600
Subject: [PATCH 13/13] log context of all fatal allocations
@ -87,7 +87,7 @@ index c8f095e..7db98f6 100644
p += sizeof(h->ss);
dlen -= sizeof(h->ss);
diff --git a/src/usr.sbin/ntpd/ntp_dns.c b/src/usr.sbin/ntpd/ntp_dns.c
index 7d0236f..6abe3a4 100644
index 14e6b76..b77d486 100644
--- a/src/usr.sbin/ntpd/ntp_dns.c
+++ b/src/usr.sbin/ntpd/ntp_dns.c
@@ -87,7 +87,7 @@ ntp_dns(int pipe_ntp[2], struct ntpd_conf *nconf, struct passwd *pw)
@ -100,10 +100,10 @@ index 7d0236f..6abe3a4 100644
while (quit_dns == 0) {
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index ea8cf70..65503d9 100644
index 26463f6..b65deb7 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -235,7 +235,7 @@ main(int argc, char *argv[])
@@ -239,7 +239,7 @@ main(int argc, char *argv[])
close(pipe_chld[1]);
if ((ibuf = malloc(sizeof(struct imsgbuf))) == NULL)
@ -112,7 +112,7 @@ index ea8cf70..65503d9 100644
imsg_init(ibuf, pipe_chld[0]);
while (quit == 0) {
@@ -619,7 +619,7 @@ ctl_main(int argc, char *argv[])
@@ -623,7 +623,7 @@ ctl_main(int argc, char *argv[])
break;
}
}
@ -121,7 +121,7 @@ index ea8cf70..65503d9 100644
usage();
/* NOTREACHED */
@@ -635,7 +635,7 @@ ctl_main(int argc, char *argv[])
@@ -639,7 +639,7 @@ ctl_main(int argc, char *argv[])
err(1, "connect: %s", sockname);
if ((ibuf_ctl = malloc(sizeof(struct imsgbuf))) == NULL)


Loading…
Cancel
Save