summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorremi <remi@cvs.openbsd.org>2018-11-04 07:52:56 +0000
committerremi <remi@cvs.openbsd.org>2018-11-04 07:52:56 +0000
commitde24a130308eec10d03bb92478730476392c3e86 (patch)
treed71f0c6eacc2cad8a5b0f931df6cc5af6c847f53 /usr.sbin
parent5cd3b20151372f5c506cb505c11c3eeb4aabbf18 (diff)
Pledge ripe and rde.
Use unveil to remove file system access for the parent proc. Also remove control_cleanup as discussed on tech@. It allows to fully remove fs access (ripd does not support reload). It's not an issue for ripd and ripctrl if an unused socket file is lying around. reads OK for claudio@ and mestre@
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/ripd/control.c10
-rw-r--r--usr.sbin/ripd/control.h3
-rw-r--r--usr.sbin/ripd/rde.c5
-rw-r--r--usr.sbin/ripd/ripd.c8
-rw-r--r--usr.sbin/ripd/ripe.c5
5 files changed, 16 insertions, 15 deletions
diff --git a/usr.sbin/ripd/control.c b/usr.sbin/ripd/control.c
index a36e65c40e1..c36818bad2e 100644
--- a/usr.sbin/ripd/control.c
+++ b/usr.sbin/ripd/control.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: control.c,v 1.25 2017/01/17 22:10:56 krw Exp $ */
+/* $OpenBSD: control.c,v 1.26 2018/11/04 07:52:55 remi Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -100,14 +100,6 @@ control_listen(void)
return (0);
}
-void
-control_cleanup(char *path)
-{
- event_del(&control_state.ev);
- event_del(&control_state.evt);
- unlink(path);
-}
-
/* ARGSUSED */
void
control_accept(int listenfd, short event, void *bula)
diff --git a/usr.sbin/ripd/control.h b/usr.sbin/ripd/control.h
index 98df4ee5645..5b443693bad 100644
--- a/usr.sbin/ripd/control.h
+++ b/usr.sbin/ripd/control.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: control.h,v 1.5 2016/08/02 16:05:32 jca Exp $ */
+/* $OpenBSD: control.h,v 1.6 2018/11/04 07:52:55 remi Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -39,6 +39,5 @@ int control_listen(void);
void control_accept(int, short, void *);
void control_dispatch_imsg(int, short, void *);
int control_imsg_relay(struct imsg *);
-void control_cleanup(char *);
#endif /* _CONTROL_H_ */
diff --git a/usr.sbin/ripd/rde.c b/usr.sbin/ripd/rde.c
index 61085344060..73e15bfa130 100644
--- a/usr.sbin/ripd/rde.c
+++ b/usr.sbin/ripd/rde.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rde.c,v 1.21 2016/09/03 10:28:08 renato Exp $ */
+/* $OpenBSD: rde.c,v 1.22 2018/11/04 07:52:55 remi Exp $ */
/*
* Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -109,6 +109,9 @@ rde(struct ripd_conf *xconf, int pipe_parent2rde[2], int pipe_ripe2rde[2],
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
fatal("can't drop privileges");
+ if (pledge("stdio", NULL) == -1)
+ fatal("pledge");
+
event_init();
/* setup signal handler */
diff --git a/usr.sbin/ripd/ripd.c b/usr.sbin/ripd/ripd.c
index 1450973d9bd..4287fcf4f8c 100644
--- a/usr.sbin/ripd/ripd.c
+++ b/usr.sbin/ripd/ripd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ripd.c,v 1.30 2016/09/03 10:28:08 renato Exp $ */
+/* $OpenBSD: ripd.c,v 1.31 2018/11/04 07:52:55 remi Exp $ */
/*
* Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -211,6 +211,11 @@ main(int argc, char *argv[])
rde_pid = rde(conf, pipe_parent2rde, pipe_ripe2rde, pipe_parent2ripe);
ripe_pid = ripe(conf, pipe_parent2ripe, pipe_ripe2rde, pipe_parent2rde);
+ if (unveil("/", "") == -1)
+ fatal("unveil");
+ if (unveil(NULL, NULL) == -1)
+ fatal("unveil");
+
event_init();
/* setup signal handler */
@@ -276,7 +281,6 @@ ripd_shutdown(void)
if_del(i);
}
- control_cleanup(conf->csock);
kr_shutdown();
log_debug("waiting for children to terminate");
diff --git a/usr.sbin/ripd/ripe.c b/usr.sbin/ripd/ripe.c
index 2a10c003387..d83901e245f 100644
--- a/usr.sbin/ripd/ripe.c
+++ b/usr.sbin/ripd/ripe.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ripe.c,v 1.22 2016/09/03 10:28:08 renato Exp $ */
+/* $OpenBSD: ripe.c,v 1.23 2018/11/04 07:52:55 remi Exp $ */
/*
* Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
@@ -196,6 +196,9 @@ ripe(struct ripd_conf *xconf, int pipe_parent2ripe[2], int pipe_ripe2rde[2],
iface->name);
}
+ if (pledge("stdio inet mcast", NULL) == -1)
+ fatal("pledge");
+
evtimer_set(&oeconf->report_timer, report_timer, oeconf);
start_report_timer();