upstream/oracle/userland-gate: comparison components/proftpd/mod_solaris

equal deleted inserted replaced

-:3c5579720afc
+:4a08c47c8ec3
 /*
 * ProFTPD - FTP server daemon
 * Copyright (c) 1997, 1998 Public Flood Software
 * Copyright (c) 2003-2010 The ProFTPD Project team
-* Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
+* Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 /* The POST_CMD handler for "PASS" is only called after PASS has
 * successfully completed, which means authentication is successful,
 * so we can "tweak" our root access down to almost nothing.
 */
 MODRET solaris_priv_post_pass(cmd_rec *cmd) {
-int res = 0;
+int res = -1;
-priv_set_t *p, *i;
+priv_set_t *p = NULL;
+priv_set_t *i = NULL;
 if (!use_privs)
 return PR_DECLINED(cmd);
 pr_signals_block();
 * We also remove the basic Solaris privileges we know we will
 * never need.
 */
 i = priv_allocset();
+if (i == NULL)
+goto out;
 priv_basicset(i);
 priv_delset(i, PRIV_PROC_EXEC);
 priv_delset(i, PRIV_PROC_FORK);
 priv_delset(i, PRIV_PROC_INFO);
 priv_delset(i, PRIV_PROC_SESSION);
 setppriv(PRIV_SET, PRIV_INHERITABLE, i);
 p = priv_allocset();
+if (p == NULL)
+goto out;
 priv_basicset(p);
 priv_addset(p, PRIV_NET_PRIVADDR);
 priv_addset(p, PRIV_PROC_AUDIT);
 res = setppriv(PRIV_SET, PRIV_EFFECTIVE, p);
 if (setreuid(session.uid, session.uid) == -1) {
 pr_log_pri(PR_LOG_ERR, MOD_SOLARIS_PRIV_VERSION ": setreuid: %s",
 	strerror(errno));
+priv_freeset(i);
+priv_freeset(p);
 pr_signals_unblock();
 end_login(1);
 }
+out:
+if (i != NULL)
+priv_freeset(i);
+if (p != NULL)
+priv_freeset(p);
 pr_signals_unblock();
 if (res != -1) {
 /* That's it!  Disable all further id switching */
 session.disable_id_switching = TRUE;
 } else {
 pr_log_pri(PR_LOG_NOTICE, MOD_SOLARIS_PRIV_VERSION ": attempt to configure "
 "privileges failed, reverting to normal operation");
 }
+return PR_DECLINED(cmd);
+}
+static void log_err_permitted(const char* fn) {
+pr_log_pri(PR_LOG_ERR, MOD_SOLARIS_PRIV_VERSION ": %s(%s): %s",
+fn, "permitted", strerror(errno));
+}
+static void log_err_effective(const char* fn) {
+pr_log_pri(PR_LOG_ERR, MOD_SOLARIS_PRIV_VERSION ": %s(%s): %s",
+fn, "effective", strerror(errno));
+}
+MODRET solaris_priv_post_fail(cmd_rec *cmd) {
+priv_set_t* permitted_set = NULL;
+priv_set_t* effective_set = NULL;
+if ((permitted_set = priv_allocset()) == NULL) {
+log_err_permitted("priv_allocset");
+goto out;
+}
+if ((effective_set = priv_allocset()) == NULL) {
+log_err_effective("priv_allocset");
+goto out;
+}
+if (getppriv(PRIV_PERMITTED, permitted_set) != 0) {
+log_err_permitted("getppriv");
+goto out;
+}
+if (getppriv(PRIV_EFFECTIVE, effective_set) != 0) {
+log_err_effective("getppriv");
+goto out;
+}
+if (priv_addset(permitted_set, PRIV_PROC_AUDIT) != 0) {
+log_err_permitted("priv_addset");
+goto out;
+}
+if (priv_addset(effective_set, PRIV_PROC_AUDIT) != 0) {
+log_err_effective("priv_addset");
+goto out;
+}
+if (setppriv(PRIV_SET, PRIV_PERMITTED, permitted_set) != 0) {
+log_err_permitted("setppriv");
+goto out;
+}
+if (setppriv(PRIV_SET, PRIV_EFFECTIVE, effective_set) != 0) {
+log_err_effective("setppriv");
+goto out;
+}
+out:
+if (permitted_set != NULL)
+priv_freeset(permitted_set);
+if (effective_set != NULL)
+priv_freeset(effective_set);
 return PR_DECLINED(cmd);
 }
 /* Initialization routines
 { NULL, NULL, NULL }
 };
 static cmdtable solaris_priv_cmdtab[] = {
 { POST_CMD, C_PASS, G_NONE, solaris_priv_post_pass, FALSE, FALSE },
+{ POST_CMD_ERR, C_PASS, G_NONE, solaris_priv_post_fail, FALSE, FALSE },
 { 0, NULL }
 };
 module solaris_priv_module = {
 NULL, NULL,

branch	s11-update
changeset 2711	4a08c47c8ec3
parent 881	b3186e256788
child 2205	af632779536e
child 3676	36119782570e