X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/94593d1b0c15761b829f98a804b2ef42a4a84b0a..388e0319a0faf48193658c82228133bd1ea24eb6:/server/admin.c

diff --git a/server/admin.c b/server/admin.c
index c4433e45..ccd49b73 100644
--- a/server/admin.c
+++ b/server/admin.c
@@ -40,6 +40,7 @@ const trace_opt tr_opts[] = {
   { 'x',	T_KEYEXCH,	"key exchange" },
   { 'm',	T_KEYMGMT,	"key management" },
   { 'l',	T_CHAL,		"challenge management" },
+  { 'v',	T_PRIVSEP,	"privilege separation" },
   { 'p',	T_PACKET,	"packet contents" },
   { 'c',	T_CRYPTO,	"crypto details" },
   { 'A',	T_ALL,		"all of the above" },
@@ -238,16 +239,34 @@ static void a_flush(int fd, unsigned mode, void *v)
  *
  * Returns:	---
  *
- * Use:		Main message token formatting driver.
+ * Use:		Main message token formatting driver.  The arguments are
+ *		interleaved formatting tokens and their parameters, finally
+ *		terminated by an entry @A_END@.
+ *
+ *		Tokens recognized:
+ *
+ *		  * "*..." ... -- pretokenized @dstr_putf@-like string
+ *
+ *		  * "?ADDR" SOCKADDR -- a socket address, to be converted
+ *
+ *		  * "?B64" BUFFER SIZE -- binary data to be base64-encoded
+ *
+ *		  * "?TOKENS" VECTOR -- null-terminated vector of tokens
+ *
+ *		  * "?PEER" PEER -- peer's name
+ *
+ *		  * "?ERRNO" ERRNO -- system error code
+ *
+ *		  * "[!]..." ... -- @dstr_putf@-like string as single token
  */
 
-static void a_vformat(dstr *d, const char *fmt, va_list ap)
+void a_vformat(dstr *d, const char *fmt, va_list ap)
 {
   dstr dd = DSTR_INIT;
 
   while (fmt) {
     if (*fmt == '*') {
-      dstr_putc(d, ' ');
+      if (d->len) dstr_putc(d, ' ');
       dstr_vputf(d, fmt + 1, &ap);
     } else if (*fmt == '?') {
       if (strcmp(fmt, "?ADDR") == 0) {
@@ -503,6 +522,7 @@ void a_quit(void)
   close(sock.fd);
   unlink(sockname);
   FOREACH_PEER(p, { p_destroy(p); });
+  ps_quit();
   exit(0);
 }
 
@@ -2153,13 +2173,15 @@ void a_daemon(void) { flags |= F_DAEMON; }
 /* --- @a_init@ --- *
  *
  * Arguments:	@const char *name@ = socket name to create
+ *		@uid_t u@ = user to own the socket
+ *		@gid_t g@ = group to own the socket
  *
  * Returns:	---
  *
  * Use:		Creates the admin listening socket.
  */
 
-void a_init(const char *name)
+void a_init(const char *name, uid_t u, gid_t g)
 {
   int fd;
   int n = 5;
@@ -2215,6 +2237,11 @@ again:
     goto again;
   }
   chmod(sun.sun_path, 0600);
+  if (chown(sun.sun_path, u, g)) {
+    T( trace(T_ADMIN,
+	     "admin: failed to give away socket: %s",
+	     strerror(errno)); )
+  }
   fdflags(fd, O_NONBLOCK, O_NONBLOCK, FD_CLOEXEC, FD_CLOEXEC);
   if (listen(fd, 5))
     die(EXIT_FAILURE, "couldn't listen on socket: %s", strerror(errno));