static void print_sockpat(const struct addrops *ao, const struct sockpat *sp)
{ print_addrpat(ao, &sp->addr); putchar(' '); print_portpat(&sp->port); }
+static void print_userpat(const struct userpat *up)
+{
+ if (up->lo == up->hi) printf("%d", up->lo);
+ else printf("%u-%u", up->lo, up->hi);
+}
+
static const char *const acttab[] = {
#define DEFACT(tag, name) name,
ACTIONS(DEFACT)
{
print_sockpat(p->ao, &p->sp[L]); putchar(' ');
print_sockpat(p->ao, &p->sp[R]); putchar(' ');
+ print_userpat(&p->up); putchar(' ');
print_action(&p->act); putchar('\n');
}
match_portpat(&sp->port, s->port));
}
+/* Return true if the uid matches the pattern. */
+static int match_userpat(const struct userpat *up, uid_t u)
+ { unsigned uu = u; return (up->lo <= uu && uu <= up->hi); }
+
/* Return true if the query matches the patterns in the policy rule. */
int match_policy(const struct policy *p, const struct query *q)
{
return ((!p->ao || p->ao == q->ao) &&
match_sockpat(q->ao, &p->sp[L], &q->s[L]) &&
- match_sockpat(q->ao, &p->sp[R], &q->s[R]));
+ match_sockpat(q->ao, &p->sp[R], &q->s[R]) &&
+ match_userpat(&p->up, q->u.uid));
}
/*----- Parsing -----------------------------------------------------------*/
m = 0;
for (;;) {
if ((t = parse_actname(fp, &a)) != 0) break;
+ if (a == A_USER) return (T_ERROR);
m |= (1 << a);
}
if (t != T_EOL && t != T_EOF) return (t);
return (T_OK);
}
+/* Parse a user pattern, writing it to UP. */
+static int parse_userpat(FILE *fp, struct userpat *up)
+{
+ struct passwd *pw;
+ char buf[32];
+ int t;
+ char *delim;
+
+ if ((t = scan(fp, buf, sizeof(buf))) != 0) return (t);
+ if (!strcmp(buf, "*")) { up->lo = 0; up->hi = UINT_MAX; }
+ else if ((pw = getpwnam(buf)) != 0) up->lo = up->hi = pw->pw_uid;
+ else {
+ if ((delim = strchr(buf, '-')) != 0) *delim++ = 0;
+ up->lo = strtoul(buf, 0, 0);
+ if (!delim) up->hi = up->lo;
+ else if (!*delim) up->hi = UINT_MAX;
+ else up->hi = strtoul(delim, 0, 0);
+ }
+ return (0);
+}
+
/* Parse a policy rule line, writing it to P. */
static int parse_policy(FILE *fp, struct policy *p)
{
if ((t = parse_sockpat(fp, &p->ao, &p->sp[L])) != 0) goto fail;
if ((t = parse_sockpat(fp, &p->ao, &p->sp[R])) != 0) goto err;
+ if ((t = parse_userpat(fp, &p->up)) != 0) goto err;
if ((t = parse_action(fp, &p->act)) != 0) goto err;
return (0);
/* Open a policy file by NAME. The description WHAT and query Q are used for
* formatting error messages for the log.
+ *
+ * This function is somewhat careful only to read from actual regular files,
+ * though (if the filesystem object identified by NAME is a symlink, say) it
+ * might open a device node or other exotic thing without reading it. This
+ * is likely harmless, since we're running as an unprivileged user anyway.
*/
int open_policy_file(struct policy_file *pf, const char *name,
- const char *what, const struct query *q)
+ const char *what, const struct query *q, unsigned f)
{
+ struct stat st;
+
if ((pf->fp = fopen(name, "r")) == 0) {
- logmsg(q, LOG_ERR, "failed to open %s `%s': %s",
+ if (errno != ENOENT || !(f & OPF_NOENTOK)) {
+ logmsg(q, LOG_ERR, "failed to open %s `%s': %s",
+ what, name, strerror(errno));
+ }
+ goto err_0;
+ }
+
+ if (fstat(fileno(pf->fp), &st)) {
+ logmsg(q, LOG_ERR, "failed to read information about %s `%s': %s",
what, name, strerror(errno));
- return (-1);
+ goto err_1;
+ }
+ if (!S_ISREG(st.st_mode)) {
+ logmsg(q, LOG_ERR, "object `%s', used as %s, is not a regular file",
+ name, what);
+ goto err_1;
}
pf->name = name;
pf->lno = 0;
init_policy(&pf->p);
return (0);
+
+err_1:
+ fclose(pf->fp);
+err_0:
+ return (-1);
}
/* Read a policy rule from the file, storing it in PF->p. Return one of the
t = parse_policy(pf->fp, &pf->p);
switch (t) {
case T_OK:
+ case T_EOL:
nextline(pf->fp);
- return (0);
+ return (t);
case T_ERROR:
logmsg(pf->q, LOG_ERR, "%s:%d: parse error in %s",
pf->name, pf->lno, pf->what);
pf->err = 1;
- break;
+ return (t);
case T_EOF:
if (ferror(pf->fp)) {
logmsg(pf->q, LOG_ERR, "failed to read %s `%s': %s",
pf->what, pf->name, strerror(errno));
}
- return (-1);
- case T_EOL:
- nextline(pf->fp);
- break;
+ return (t);
default:
abort();
}
{
struct policy_file pf;
policy_v v = DA_INIT;
+ int t = 0;
- if (open_policy_file(&pf, file, "policy file", 0))
+ if (open_policy_file(&pf, file, "policy file", 0, 0))
return (-1);
- while (!read_policy_file(&pf)) {
- DA_PUSH(&v, pf.p);
- init_policy(&pf.p);
+ while ((t = read_policy_file(&pf)) < T_EOF) {
+ if (t == T_OK) {
+ DA_PUSH(&v, pf.p);
+ init_policy(&pf.p);
+ }
}
close_policy_file(&pf);
if (!pf.err) {
~mdw / yaid / blobdiff