diff options
| author | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2017-04-16 20:12:06 +0100 |
|---|---|---|
| committer | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2017-04-16 20:12:06 +0100 |
| commit | f2add8c1b19c46ff78655278643c3c2851db7566 (patch) | |
| tree | ca3b049f02e056d780ae9d267cbe37cd9f55de9d | |
| parent | eccfa510eebbda0703971e3f708c293cfd6471a5 (diff) | |
| download | userv-utils-f2add8c1b19c46ff78655278643c3c2851db7566.tar.gz | |
ipif: Permit specifying interface name, if * is allowed
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
| -rw-r--r-- | ipif/service.c | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/ipif/service.c b/ipif/service.c index 5190151..eacfc63 100644 --- a/ipif/service.c +++ b/ipif/service.c @@ -30,7 +30,7 @@ * * The remaining arguments are supplied by the (untrusted) caller: * - * <local-addr>,<peer-addr>,<mtu>[,[<proto>]] + * <local-addr>,<peer-addr>,<mtu>[,[<proto>][,[<ifnamepat>]]] * * As for slattach. The only supported protocol is slip. * Alternatively, set to `debug' to print debugging info and @@ -82,6 +82,9 @@ * service program directly (not via userv), without needing to set up * permissions in /etc/userv/ipif-networks. * + * Only `*' permits interface name patterns other than the default + * value of `userv%d'. + * * #... * * Comment. Blank lines are also ignored. @@ -148,11 +151,13 @@ static const unsigned long gidmaxval= (unsigned long)((gid_t)-2); static const char *const protos_ok[]= { "slip", 0 }; static const int signals[]= { SIGHUP, SIGINT, SIGTERM, 0 }; +static const char default_ifnamepat[]= "userv%d"; static const char *configstr, *proto; static unsigned long localaddr, peeraddr, mtu; static int localpming, peerpming; -static int localallow, peerallow, allallow; +static int localallow, peerallow, ifnameallow, allallow; +static char *ifnamepat; static int nexroutes; static struct exroute { unsigned long prefix, mask; @@ -476,6 +481,7 @@ static void pconfig(const char *configstr, int truncated) { case '*': permit_begin(); permit_range(0UL,0UL,1,0); + ifnameallow= 1; return; case '#': @@ -575,7 +581,7 @@ static void parseargs(int argc, const char *const *argv) { mtu= eat_number(&carg,"mtu", 576,65536, ",",0); localallow= peerallow= 0; - char *protostr = eat_optionalstr(&carg,"protocol","slip"); + char *protostr= eat_optionalstr(&carg,"protocol","slip"); if (!strcmp(protostr,"debug")) { proto= 0; } else { @@ -584,6 +590,8 @@ static void parseargs(int argc, const char *const *argv) { cprotop++); if (!proto) fatal("invalid protocol"); } + + ifnamepat= eat_optionalstr(&carg,"ifname pattern",default_ifnamepat); addrnet_mustdiffer("local-addr",localaddr,~0UL, "peer-addr",peeraddr,~0UL); @@ -629,6 +637,14 @@ static void checkpermit(void) { sprintf(erwhatbuf, "route#%d", i); checkallow(exroutes[i].allow, erwhatbuf, exroutes[i].prefixtxt, exroutes[i].masktxt); } + if (!strcmp(ifnamepat,default_ifnamepat)) + ifnameallow= 1; + if (!ifnameallow) { + fprintf(stderr, + "userv-ipif service: access denied for interface name %s\n", + ifnamepat); + allallow= 0; + } if (!allallow) fatal("access denied"); } @@ -691,14 +707,13 @@ static int task(const char *desc) { } static void createif(void) { - static const char ifnamepat[]= "userv%d"; struct ifreq ifr; int r; memset(&ifr,0,sizeof(ifr)); ifr.ifr_flags= IFF_TUN | IFF_NO_PI; - assert(sizeof(ifr.ifr_name) >= sizeof(ifnamepat)); + assert(sizeof(ifr.ifr_name) >= strlen(ifnamepat)+1); strcpy(ifr.ifr_name, ifnamepat); tunfd= open("/dev/net/tun", O_RDWR); |