Displaying 20 results from an estimated 152 matches for "sun_path".
2019 May 28
1
[libnbd PATCH] connect: Better handling of long socket names
...ncation. Linux does
not require a trailing NUL byte in sockaddr_un, so we can allow names
one byte longer.
Not entirely fixed: although the proposed NBD URI document mentions
that URIs can start with a leading (encoded) NUL byte to access the
Linux abstract socket namespace, our use of strlen(sun.sun_path) would
truncate the trailing bytes - but to support abstract sockets in
general, we'd need to add h->unixlen alongside the existing
h->unixsocket.
---
generator/states-connect.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/generator/states-connect....
2018 Apr 05
1
[nbdkit PATCH] nbd: Fix gcc warning and off-by-one in socket name length
gcc 8 gripes (when using './configure --enable-gcc-warnings'):
nbd.c: In function 'nbd_open':
nbd.c:470:3: error: 'strncpy' specified bound 108 equals destination size [-Werror=stringop-truncation] strncpy (sock.sun_path, sockname, sizeof (sock.sun_path));
The warning is a false positive, given that we currently reject
names >= sizeof(sock.sun_path), and thus we are only ever copying
in a name that will include a trailing NUL. However, note that
Linux permits a socket name to use the full width of sun_path (fo...
2007 Oct 18
0
[PATCH] Use a control socket directory to restrict access
...%s"),
@@ -213,52 +214,88 @@ static int control_compare(const struct event *a, const struct event *b) {
bool init_control() {
int result;
struct sockaddr_un addr;
+ char *lastslash;
+ const char *controlsocketbasename = controlsocketname;
- if(strlen(controlsocketname) >= sizeof addr.sun_path) {
+ control_socket = socket(PF_UNIX, SOCK_STREAM, 0);
+
+ if(control_socket < 0) {
+ logger(LOG_ERR, _("Creating UNIX socket failed: %s"), strerror(errno));
+ goto bail;
+ }
+
+ /*
+ * This is rather elaborate for security:
+ * - On Solaris, we need to restrict traversal into a so...
2015 Feb 24
4
Call for testing: OpenSSH 6.8
On Mon, 23 Feb 2015, Kevin Brott wrote:
>
> Yup - that cleared that hurdle ... now it dies here on AIX:
>
> xlc_r -O2 -qarch=ppc -qalloca -I/usr/include -I/opt/freeware/include
> -I. -I. -O2 -qarch=ppc -qalloca -I/usr/include -I/opt/freeware/include
> -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"
>
1999 Nov 19
0
EGD socket problem ...
...ct() is tested:
char egd_message[2] = { 0x02, 0x00 };
struct sockaddr_un addr;
int addr_len;
memset(&addr, '\0', sizeof(addr));
addr.sun_family = AF_UNIX;
/* FIXME: compile time check? */
if (sizeof(RANDOM_POOL) > sizeof(addr.sun_path))
fatal("Random pool path is too long");
strncpy(addr.sun_path, RANDOM_POOL, sizeof(addr.sun_path - 1));
addr.sun_path[sizeof(addr.sun_path - 1)] = '\0';
addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(RANDOM_POOL);
ran...
2007 Oct 18
0
[PATCH] Use credentials and permissions on control socket where available
..._("Cannot send greeting for new control connection: %s"),
@@ -213,6 +214,7 @@ static int control_compare(const struct event *a, const struct event *b) {
bool init_control() {
int result;
struct sockaddr_un addr;
+ mode_t old_umask;
if(strlen(controlsocketname) >= sizeof addr.sun_path) {
logger(LOG_ERR, _("Control socket filename too long!"));
@@ -230,7 +232,11 @@ bool init_control() {
return false;
}
- //unlink(controlsocketname);
+ /*
+ * Restrict access to the control socket.
+ * I believe this works everywhere but Solaris.
+ */
+ old_umask = umask(0077...
2013 Jul 19
2
[Bug 10037] New: do_mknod fails to create socket file
...not transferred (see previous errors) (code 23) at
main.c(1052) [sender=3.0.9]
After lots of debugging I found out, that do_mknod() wants to create a socket
file. The given variable pathname contains a 127 characters path (with many
directories).
Now consider this line in do_mknod:
strlcpy(saddr.sun_path, pathname, sizeof saddr.sun_path);
It copies pathname into sun_path without any length checking. The function
strlcpy truncates in my case the path because sun_path is limited to 108
characters on at least Solaris/Illumos. Maybe this is a problem on Linux as
well (see also:
http://www.kernelsource...
2015 Nov 04
2
Retrieving datas sent by host within the Guest
...y using such type of thing in the Guest :
#define NAME "/dev/virtio-ports/agent"
sock = socket(AF_UNIX, SOCK_STREAM, 0);
12 if (sock < 0) {
13 perror("opening stream socket");
14 exit(1);
15 }
16 server.sun_family = AF_UNIX;
17 strcpy(server.sun_path, NAME);
18 if (bind(sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un))) {
19 perror("binding stream socket");
20 exit(1);
21 }
I got ""binding stream socket Address already in use" when trying to bind the socket .
But If I use...
2015 Apr 13
3
[Compile Issue] netcat.c on HP NonStop
Greetings,
I am porting the openssh-portable 6.8 release to the HP NonStop (NSE)
platform. Prior versions were no real problem, with minor tweeks. However,
with the inclusion of regress/netcat.c, which depends on arpa/telnet.h, we
have an issue. Unfortunately, the platform does not have this file, nor
anything like it - telnet is done rather differently. We do have a version
of netcat (0.7.1
2001 May 03
1
[PATCH]: Workaround a security leak on Windows
...it rlim;
#endif
+#ifdef HAVE_CYGWIN
+ int prev_mask;
+#endif
pid_t pid;
char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
extern int optind;
@@ -805,10 +808,19 @@ main(int ac, char **av)
memset(&sunaddr, 0, sizeof(sunaddr));
sunaddr.sun_family = AF_UNIX;
strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path));
+#ifdef HAVE_CYGWIN
+ prev_mask = umask(0177);
+#endif
if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) {
perror("bind");
+#ifdef HAVE_CYGWIN
+ umask(prev_mask);
+#endif
cleanup_exit(1);
}
+#ifdef HAVE_CYGWIN
+...
2002 Jun 24
0
Rsync 2.5.5: FreeBSD mknod can't create FIFO's
...eturn 0;
CHECK_RO
+
+#if HAVE_MKFIFO
+ if (S_ISFIFO(mode)) {
+ return mkfifo(pathname, mode);
+ }
+#endif
+
+#if HAVE_SYS_UN_H
+ if (S_ISSOCK(mode)) {
+ int sock;
+ struct sockaddr_un saddr;
+ int len = strlen(pathname) + 1; /* include null */
+
+ saddr.sun_family = AF_UNIX;
+ strncpy(saddr.sun_path, pathname, sizeof(saddr.sun_path));
+ saddr.sun_len = len > sizeof(saddr.sun_path) ? sizeof(saddr.sun_path) : len;
+
+ if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
+ return -1;
+ }
+ unlink(pathname);
+ if ((bind(sock, (struct sockaddr*)&saddr, sizeof(saddr))) < 0) {
+...
2001 Feb 13
4
issue with EGD in openssh
...;f:p:b:k:h:g:V:u:diqQ46")) != EOF) {
switch (opt) {
--- entropy.c.DIST Mon Oct 16 03:13:43 2000
+++ entropy.c Mon Feb 12 11:00:53 2001
@@ -69,6 +69,7 @@
char msg[2];
struct sockaddr_un addr;
int addr_len;
+ int i, rval;
/* Sanity checks */
if (sizeof(EGD_SOCKET) > sizeof(addr.sun_path))
@@ -81,13 +82,25 @@
strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path));
addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET);
+reopen:
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd == -1) {
error("Couldn't create AF_UNIX socket: %s", strerror(er...
2017 Feb 17
0
getent passwd user no output, addc + dm
...) = 3
> access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
> directory)
> open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
> open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
> connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -
> 1
> ENOENT (No such file or directory)
> connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -
> 1
> ENOENT (No such file or directory)
> open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
>...
2015 Jun 21
3
dovecot auth using 100% CPU
...5, EPOLL_CTL_DEL, 19, 7fff77616870) = 0
0.000027 close(19) = 0
0.000029 socket(PF_LOCAL, SOCK_STREAM, 0) = 19
0.000027 fcntl(19, F_GETFL) = 0x2 (flags O_RDWR)
0.000028 fcntl(19, F_SETFL, O_RDWR|O_NONBLOCK) = 0
0.000029 connect(19, {sa_family=AF_LOCAL, sun_path="auth-worker"}, 110) = 0
0.000033 fstat(19, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
0.000033 lseek(19, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek)
0.000026 getsockname(19, {sa_family=AF_LOCAL, NULL}, [2]) = 0
0.000030 epoll_ctl(15, EPOLL_CTL_ADD, 19, {EPOLLIN|EPOLL...
2003 Oct 27
0
rsyncing fifos and sockets on FreeBSD
...c
70a71,98
>
> #if HAVE_MKFIFO
> if (S_ISFIFO(mode))
> return mkfifo(pathname, mode);
> #endif
> #if (HAVE_SYS_UN_H && HAVE_SYS_SOCKET_H)
> if (S_ISSOCK(mode)) {
> int sock;
> struct sockaddr_un saddr;
>
> if (strlen(pathname) + 1 > sizeof(saddr.sun_path)) {
> errno = ENAMETOOLONG; return -1;
> }
>
> saddr.sun_family = AF_UNIX;
> strncpy(saddr.sun_path, pathname, sizeof(saddr.sun_path));
>
> if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) {
> return -1;
> }
> unlink(pathname);
> if ((bind(soc...
2000 Jun 20
2
Critical EGD handling in 2.1.1p1
Hi,
when running OpenSSH with EGD as entropy source, the sshd server connects
to the EGD socket and leaves it open to re-seed on the fly.
Unfortunately the connection is not checked when re-seeding, so that
a failure or restart of EGD will lead to a "fatal()" abort of the sshd
server process.
Since a dying server process can not be accepted, I would recommend to
not have sshd call it
2006 Jan 17
0
asterisk.ctl limitations
...t(nnetfd, SOL_SOCKET, SO_RCVBUF, &o_rcvbuf, sizeof o_rcvbuf);
rr = setsockopt(nnetfd, SOL_SOCKET, SO_SNDBUF, &o_sndbuf, sizeof o_sndbuf);
#endif
-
- /* fill in all the right sockaddr crud */
+
+ if (unixsock_name) {
+ unixsock->sun_family = AF_LOCAL;
+ strncpy(unixsock->sun_path, unixsock_name, sizeof(unixsock->sun_path)-1);
+ //strncpy(unixsock->sun_path, unixsock_name, 108-1);
+ //unixsock->sun_path[sizeof(unixsock->sun_path)-1] = '\0';
+ } else {
+ /* fill in all the right sockaddr crud */
lclend->sin_family = AF_INET;
-/* fill in...
2016 Jan 29
7
[PATCH 1/6] launch: unix: check for length of sockets
Error out early if the path to the socket will not fit into
sockaddr_un::sun_path, as we will not be able to connect to it.
---
src/launch-unix.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/launch-unix.c b/src/launch-unix.c
index 740c554..973e14b 100644
--- a/src/launch-unix.c
+++ b/src/launch-unix.c
@@ -47,6 +47,12 @@ launch_unix (guestfs_h *g, void *datav, c...
2005 Feb 26
1
[Fwd: [Xen-changelog] Move xcs to unix domain sockets.]
Just forwarding this changelog from yesterday. xcs now uses Unix domain
sockets in unstable. This was a hot thread a couple months back with strong
opinions on both sides and no clear resolution on the list, so I thought
some people might like to know the developers'' resolution. This should be
good news for those seeking tighter dom0''s, particularly those who
2017 Feb 17
7
getent passwd user no output, addc + dm
...quot;, O_RDONLY|O_CLOEXEC) = 3
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1
ENOENT (No such file or directory)
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1
ENOENT (No such file or directory)
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_...