? privsep.c ? privsep.h ? racoon.core Index: Makefile.am =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/Makefile.am,v retrieving revision 1.17 diff -U4 -r1.17 Makefile.am --- Makefile.am 13 Dec 2004 10:45:14 -0000 1.17 +++ Makefile.am 26 Dec 2004 12:16:07 -0000 @@ -18,9 +18,9 @@ racoon_SOURCES = \ main.c session.c isakmp.c handler.c \ isakmp_ident.c isakmp_agg.c isakmp_base.c \ isakmp_quick.c isakmp_inf.c isakmp_newg.c \ - gssapi.c dnssec.c getcertsbyname.c \ + gssapi.c dnssec.c getcertsbyname.c privsep.c \ pfkey.c admin.c evt.c ipsec_doi.c oakley.c grabmyaddr.c vendorid.c \ policy.c localconf.c remoteconf.c crypto_openssl.c algorithm.c \ proposal.c sainfo.c strnames.c \ vmbuf.c plog.c logger.c schedule.c str2val.c misc.c sockmisc.c \ @@ -60,9 +60,9 @@ debug.h ipsec_doi.h logger.h safefile.h \ debugrm.h isakmp.h misc.h sainfo.h \ dhgroup.h isakmp_agg.h netdb_dnssec.h schedule.h \ isakmp_cfg.h isakmp_xauth.h isakmp_unity.h isakmp_frag.h \ - throttle.h \ + throttle.h privsep.h \ cfparse_proto.h cftoken_proto.h genlist.h rsalist.h \ missing/crypto/sha2/sha2.h missing/crypto/rijndael/rijndael_local.h \ missing/crypto/rijndael/rijndael-api-fst.h \ missing/crypto/rijndael/rijndael-alg-fst.h \ Index: isakmp.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/isakmp.c,v retrieving revision 1.32 diff -U4 -r1.32 isakmp.c --- isakmp.c 20 Dec 2004 16:18:27 -0000 1.32 +++ isakmp.c 26 Dec 2004 12:16:07 -0000 @@ -69,8 +69,9 @@ #include "remoteconf.h" #include "localconf.h" #include "grabmyaddr.h" +#include "privsep.h" #include "isakmp_var.h" #include "isakmp.h" #include "oakley.h" #include "evt.h" @@ -1415,9 +1416,9 @@ initph2tree(); initctdtree(); init_recvdpkt(); - if (isakmp_open() < 0) + if (privsep_isakmp_open() < 0) goto err; return(0); @@ -2858,9 +2859,9 @@ argv[2] = NULL; switch (fork()) { case 0: - execve(argv[0], argv, environ); + privsep_execve(argv[0], argv, environ); plog(LLV_ERROR, LOCATION, NULL, "execve(\"%s\") failed: %s\n", argv[0], strerror(errno)); return; break; Index: isakmp_xauth.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/isakmp_xauth.c,v retrieving revision 1.14 diff -U4 -r1.14 isakmp_xauth.c --- isakmp_xauth.c 30 Nov 2004 00:46:09 -0000 1.14 +++ isakmp_xauth.c 26 Dec 2004 12:16:07 -0000 @@ -69,8 +69,9 @@ #include "crypto_openssl.h" #include "isakmp_var.h" #include "isakmp.h" +#include "privsep.h" #include "evt.h" #include "handler.h" #include "throttle.h" #include "remoteconf.h" @@ -418,9 +419,9 @@ "Cannot init librradius\n"); return -1; } - if (rad_config(radius_state, NULL) != 0) { + if (privsep_rad_config(radius_state, NULL) != 0) { plog(LLV_ERROR, LOCATION, NULL, "Cannot open librarius config file: %s\n", rad_strerror(radius_state)); rad_close(radius_state); @@ -508,9 +509,9 @@ { struct passwd *pw; char *cryptpwd; - if ((pw = getpwnam(usr)) == NULL) + if ((pw = privsep_getpwnam(usr)) == NULL) return -1; /* No root login. Ever. */ if (pw->pw_uid == 0) Index: localconf.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/localconf.c,v retrieving revision 1.5 diff -U4 -r1.5 localconf.c --- localconf.c 14 Nov 2004 16:37:16 -0000 1.5 +++ localconf.c 26 Dec 2004 12:16:08 -0000 @@ -48,8 +48,9 @@ #include "debug.h" #include "localconf.h" #include "algorithm.h" +#include "privsep.h" #include "isakmp_var.h" #include "isakmp.h" #include "ipsec_doi.h" #include "grabmyaddr.h" @@ -176,9 +177,9 @@ size_t keylen; char *k = NULL; if (safefile(lcconf->pathinfo[LC_PATHTYPE_PSK], 1) == 0) - fp = fopen(lcconf->pathinfo[LC_PATHTYPE_PSK], "r"); + fp = privsep_fopen(lcconf->pathinfo[LC_PATHTYPE_PSK], "r"); else fp = NULL; if (fp == NULL) { plog(LLV_ERROR, LOCATION, NULL, Index: oakley.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/oakley.c,v retrieving revision 1.15 diff -U4 -r1.15 oakley.c --- oakley.c 17 Dec 2004 08:59:25 -0000 1.15 +++ oakley.c 26 Dec 2004 12:16:08 -0000 @@ -65,8 +65,9 @@ #include "isakmp_xauth.h" #include "isakmp_cfg.h" #endif #include "oakley.h" +#include "privsep.h" #include "localconf.h" #include "remoteconf.h" #include "policy.h" #include "handler.h" @@ -1712,9 +1713,9 @@ /* make private file name */ getpathname(path, sizeof(path), LC_PATHTYPE_CERT, iph1->rmconf->myprivfile); - privkey = eay_get_pkcs1privkey(path); + privkey = privsep_eay_get_pkcs1privkey(path); if (privkey == NULL) { plog(LLV_ERROR, LOCATION, NULL, "failed to get private key.\n"); goto end; Index: pfkey.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/pfkey.c,v retrieving revision 1.27 diff -U4 -r1.27 pfkey.c --- pfkey.c 21 Dec 2004 10:47:03 -0000 1.27 +++ pfkey.c 26 Dec 2004 12:16:08 -0000 @@ -82,8 +82,9 @@ #include "remoteconf.h" #include "isakmp_var.h" #include "isakmp.h" #include "isakmp_inf.h" +#include "privsep.h" #include "ipsec_doi.h" #include "oakley.h" #include "pfkey.h" #include "handler.h" @@ -284,9 +285,9 @@ struct sadb_msg *msg = NULL; size_t bl, ml; int len; - if ((s = pfkey_open()) < 0) { + if ((s = privsep_pfkey_open()) < 0) { plog(LLV_ERROR, LOCATION, NULL, "libipsec failed pfkey open: %s\n", ipsec_strerror()); return NULL; @@ -386,9 +387,9 @@ pfkey_init() { int i, reg_fail; - if ((lcconf->sock_pfkey = pfkey_open()) < 0) { + if ((lcconf->sock_pfkey = privsep_pfkey_open()) < 0) { plog(LLV_ERROR, LOCATION, NULL, "libipsec failed pfkey open (%s)\n", ipsec_strerror()); return -1; } Index: session.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/session.c,v retrieving revision 1.10 diff -U4 -r1.10 session.c --- session.c 26 Dec 2004 10:36:13 -0000 1.10 +++ session.c 26 Dec 2004 12:16:08 -0000 @@ -128,9 +128,10 @@ #ifdef ENABLE_NATT natt_keepalive_init (); #endif - + + seteuid(32767); sigreq = 0; while (1) { if (dying) rfds = maskdying; --- /dev/null 2004-12-26 12:52:55.000000000 +0100 +++ privsep.c 2004-12-26 12:51:50.000000000 +0100 @@ -0,0 +1,107 @@ +#include "config.h" + +#include +#include + +#include "vmbuf.h" +#include "var.h" +#include "libpfkey.h" + +#include "crypto_openssl.h" +#include "isakmp_var.h" +#include "privsep.h" + +vchar_t * +privsep_eay_get_pkcs1privkey(path) + char *path; +{ + vchar_t *privkey; + + seteuid(0); + privkey = eay_get_pkcs1privkey(path); + seteuid(32767); + + return privkey; +} + +struct passwd * +privsep_getpwnam(login) + const char *login; +{ + struct passwd *pw; + + seteuid(0); + pw = getpwnam(login); + seteuid(32767); + + return pw; +} + +int +privsep_pfkey_open(void) +{ + int s; + + seteuid(0); + s = pfkey_open(); + seteuid(32767); + + return s; +} + +int +privsep_execve(path, argv, envp) + const char *path; + char *const argv[]; + char *const envp[]; +{ + int res; + + seteuid(0); + res = privsep_execve(path, argv, envp); + seteuid(32767); + + return res; +} + +int +privsep_isakmp_open(void) +{ + int res; + + seteuid(0); + res = isakmp_open(); + seteuid(32767); + + return res; +} + +FILE * +privsep_fopen(path, mode) + const char *path; + const char *mode; +{ + FILE *f; + + seteuid(0); + f = fopen(path, mode); + seteuid(32767); + + return f; +} + +#ifdef HAVE_LIBRADIUS +int +privsep_rad_config(h, file) + struct rad_handle *h; + const char *file; +{ + int res; + + seteuid(0); + res = rad_config(h, file); + seteuid(32767); + + return res; +} +#endif --- /dev/null 2004-12-26 12:52:55.000000000 +0100 +++ privsep.h 2004-12-26 12:52:44.000000000 +0100 @@ -0,0 +1,15 @@ +#ifndef _PRIVSEP_H +#define _PRIVSEP_H + +vchar_t *privsep_eay_get_pkcs1privkey __P((char *)); +struct passwd *privsep_getpwnam __P((const char *)); +int privsep_pfkey_open __P((void)); +int privsep_execve __P((const char *, char * const *, char * const *)); +int privsep_isakmp_open __P((void)); +FILE *privsep_fopen __P((const char *, const char *)); + +#ifdef HAVE_LIBRADIUS +int privsep_rad_config __P((struct rad_handle *, const char *)); +#endif + +#endif /* _PRIVSEP_H */