If there is a leftover socket when the server starts, delete it

(otherwise the bind() call will fail and the server will not start).
author: jylefort <jylefort@FreeBSD.org> 2005-10-21 14:04:27 +0800
committer: jylefort <jylefort@FreeBSD.org> 2005-10-21 14:04:27 +0800
commit: c5bc05a87328d3feef0714813963809296b21c80 (patch)
tree: d02a0e9377d30e7e9d05ac4b45de7a76651a3714 /devel
parent: ca3b9e8836ac5874502dba26904ee873f4983d9b (diff)
download: freebsd-ports-gnome-c5bc05a87328d3feef0714813963809296b21c80.tar.gz
freebsd-ports-gnome-c5bc05a87328d3feef0714813963809296b21c80.tar.zst
freebsd-ports-gnome-c5bc05a87328d3feef0714813963809296b21c80.zip
2 files changed, 109 insertions, 8 deletions
diff --git a/devel/gamin/Makefile b/devel/gamin/Makefile
index 4a4af93dc120..88fcb8a71fdb 100644
--- a/devel/gamin/Makefile
+++ b/devel/gamin/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	gamin
 PORTVERSION=	0.1.5
+PORTREVISION?=	1
 CATEGORIES?=	devel
 MASTER_SITES=	http://www.gnome.org/~veillard/gamin/sources/
 
diff --git a/devel/gamin/files/patch-server_gam_channel.c b/devel/gamin/files/patch-server_gam_channel.c
index 3c4905953aa8..8482e3408578 100644
--- a/devel/gamin/files/patch-server_gam_channel.c
+++ b/devel/gamin/files/patch-server_gam_channel.c
@@ -1,6 +1,6 @@
---- server/gam_channel.c.orig	Sun Jul 17 16:48:54 2005
-+++ server/gam_channel.c	Sun Jul 17 16:51:45 2005
-@@ -29,10 +29,10 @@ gam_client_conn_send_cred(int fd)
+--- server/gam_channel.c.orig	Tue Aug  9 18:17:39 2005
++++ server/gam_channel.c	Fri Oct 21 07:55:31 2005
+@@ -30,10 +30,10 @@
  {
      char data[2] = { 0, 0 };
      int written;
@@ -14,7 +14,7 @@
      } cmsg;
      struct iovec iov;
      struct msghdr msg;
-@@ -44,16 +44,16 @@ gam_client_conn_send_cred(int fd)
+@@ -45,16 +45,16 @@
      msg.msg_iov = &iov;
      msg.msg_iovlen = 1;
  
@@ -35,7 +35,7 @@
      written = sendmsg(fd, &msg, 0);
  #else
      written = write(fd, &data[0], 1);
-@@ -92,15 +92,16 @@ gam_client_conn_check_cred(GIOChannel * 
+@@ -95,15 +95,16 @@
      gid_t c_gid;
  
  #ifdef HAVE_CMSGCRED
@@ -55,7 +55,7 @@
      /* Set the socket to receive credentials on the next message */
      {
          int on = 1;
-@@ -121,8 +122,8 @@ gam_client_conn_check_cred(GIOChannel * 
+@@ -124,8 +125,8 @@
  
  #ifdef HAVE_CMSGCRED
      memset(&cmsg, 0, sizeof(cmsg));
@@ -66,7 +66,7 @@
  #endif
  
    retry:
-@@ -139,7 +140,8 @@ gam_client_conn_check_cred(GIOChannel * 
+@@ -142,7 +143,8 @@
          goto failed;
      }
  #ifdef HAVE_CMSGCRED
@@ -76,7 +76,7 @@
          GAM_DEBUG(DEBUG_INFO,
                    "Message from recvmsg() was not SCM_CREDS\n");
          goto failed;
-@@ -165,9 +167,10 @@ gam_client_conn_check_cred(GIOChannel * 
+@@ -168,9 +170,10 @@
              goto failed;
          }
  #elif defined(HAVE_CMSGCRED)
@@ -90,3 +90,103 @@
  #else /* !SO_PEERCRED && !HAVE_CMSGCRED */
          GAM_DEBUG(DEBUG_INFO,
                    "Socket credentials not supported on this OS\n");
+@@ -513,66 +516,6 @@
+     g_free(dir);
+     return(FALSE);
+ }
+-
+-/**
+- * gam_check_secure_path:
+- * @path: path to the (possibly abstract) socket
+- *
+- * Tries to create or ensure that the socket used for communicating with
+- * the clients are in a safe directory to avoid possible attacks.
+- *
+- * Returns the socket file descriptor or -1 in case of error.
+- */
+-static gboolean
+-gam_check_secure_path(const char *path)
+-{
+-    struct stat st;
+-    int ret;
+-
+-    if (!gam_check_secure_dir())
+-        return(FALSE);
+-    /*
+-     * Check the existing socket if any
+-     */
+-    ret = stat(path, &st);
+-    if (ret < 0)
+-	return(TRUE);
+-    
+-    if (st.st_uid != getuid()) {
+-	gam_error(DEBUG_INFO,
+-		  "Socket %s has different owner\n",
+-		  path);
+-	goto cleanup;
+-    }
+-#ifdef S_ISSOCK
+-    if (!S_ISSOCK (st.st_mode)) {
+-	gam_error(DEBUG_INFO, "Socket path %s is not a socket\n",
+-		  path);
+-	goto cleanup;
+-    }
+-#endif
+-    if (st.st_mode & (S_IRWXG|S_IRWXO)) {
+-	gam_error(DEBUG_INFO,
+-		  "Socket %s has wrong permissions\n",
+-		  path);
+-	goto cleanup;
+-    }
+-    /*
+-     * Looks good though binding may fail due to an existing server
+-     */
+-    return(TRUE);
+-
+-cleanup:
+-    /*
+-     * the existing file at the socket location seems strange, try to remove it
+-     */
+-    ret = unlink(path);
+-    if (ret < 0) {
+-	gam_error(DEBUG_INFO, "Failed to remove %s\n", path);
+-	return(FALSE);
+-    }
+-    return(TRUE);
+-}
+ #endif /* ! HAVE_ABSTRACT_SOCKETS */
+ 
+ /************************************************************************
+@@ -620,6 +563,7 @@
+ {
+     int fd;
+     struct sockaddr_un addr;
++    struct stat st;
+ 
+     fd = socket(PF_UNIX, SOCK_STREAM, 0);
+     if (fd < 0) {
+@@ -635,13 +579,18 @@
+     addr.sun_path[0] = '\0';
+     strncpy(&addr.sun_path[1], path, (sizeof(addr) - 4) - 2);
+ #else
+-    /*
+-     * if the socket is exposed at the filesystem level we need to take
+-     * some extra protection checks. Also make sure the socket is created
+-     * with restricted mode
+-     */
+-    if (!gam_check_secure_path(path)) {
++    if (! gam_check_secure_dir()) {
++      close(fd);
++      return (-1);
++    }
++
++    if (stat(path, &st) == 0) {
++      /* bind() will fail if the socket already exists */
++      if (unlink(path) < 0) {
++	GAM_DEBUG(DEBUG_INFO, "Failed to remove %s\n", path);
++	close(fd);
+ 	return (-1);
++      }
+     }
+     strncpy(&addr.sun_path[0], path, (sizeof(addr) - 4) - 1);
+     umask(0077);
author	jylefort <jylefort@FreeBSD.org>	2005-10-21 14:04:27 +0800
committer	jylefort <jylefort@FreeBSD.org>	2005-10-21 14:04:27 +0800
commit	c5bc05a87328d3feef0714813963809296b21c80 (patch)
tree	d02a0e9377d30e7e9d05ac4b45de7a76651a3714 /devel
parent	ca3b9e8836ac5874502dba26904ee873f4983d9b (diff)
download	freebsd-ports-gnome-c5bc05a87328d3feef0714813963809296b21c80.tar.gz freebsd-ports-gnome-c5bc05a87328d3feef0714813963809296b21c80.tar.zst freebsd-ports-gnome-c5bc05a87328d3feef0714813963809296b21c80.zip