[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-174-g92cab
|
From: |
Mats Erik Andersson |
|
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-174-g92cabdc |
|
Date: |
Tue, 18 Sep 2012 19:57:47 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via 92cabdc297bae52dc8c7d63647d8fce8dfba30b4 (commit)
from ae05f1f506836b7e8b4dc769232937eb0b2cdcfe (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=92cabdc297bae52dc8c7d63647d8fce8dfba30b4
commit 92cabdc297bae52dc8c7d63647d8fce8dfba30b4
Author: Mats Erik Andersson <address@hidden>
Date: Mon Sep 17 23:30:57 2012 +0200
talk, talkd: User interface and security.
diff --git a/ChangeLog b/ChangeLog
index 0230592..31c3092 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,28 @@
+2012-09-17 Mats Erik Andersson <address@hidden>
+
+ talk: Delay start of curses interface until
+ the other party has established a connection.
+
+ * talk/init_disp.c (init_display): Remove assignment
+ of `current_state'.
+ * talk/io.h (p_error): Execute curses function calls
+ only if `curses_initialized' is true. Otherwise call
+ perror().
+ (message): Likewise, placing a call to printf() for
+ non-empty message strings only.
+ * talk/talk.c (main): Delay call to init_display() until
+ after end_msgs(). New messages set in `current_state'.
+
+ talkd: Enforce access rights on `~/.talkrc'.
+
+ * talkd/acl.c (read_acl): Site-wide file uses `system > 0'.
+ New code block for the parameter case `system < 0', pushing
+ a single, deny-all rule.
+ (open_users_acl): New variables LEVEL, RC and ST. Check
+ properties of ACL file using stat(). Enforce a deny rule
+ if they are too permissive.
+ * doc/inetutils.texi <talkd invocation>: Updated.
+
2012-09-15 Mats Erik Andersson <address@hidden>
Mark unused parameters as such.
diff --git a/doc/inetutils.texi b/doc/inetutils.texi
index 56eb184..942178a 100644
--- a/doc/inetutils.texi
+++ b/doc/inetutils.texi
@@ -3762,7 +3762,11 @@ length, or as an explicit address mask.
The actual evaluation is run separately for the site-wide ACL,
and the requested local user ACL contained in the private file
address@hidden of this user.
address@hidden of this user. This latter file must be a regular
+file and must be owned by the very same user, have his primary
+group ownership, and not be group or world writeable. Should
+any of these prerequisites be violated, the user's ACL is replaced
+by a single deny-all rule.
All rules in each set are evaluated, in the sense that whenever
an expression @code{net-exp} matches the incoming IPv4 address,
diff --git a/talk/init_disp.c b/talk/init_disp.c
index dc58226..a878222 100644
--- a/talk/init_disp.c
+++ b/talk/init_disp.c
@@ -128,8 +128,6 @@ init_display (void)
line_win = newwin (1, COLS, my_win.x_nlines, 0);
box (line_win, '-', '-');
wrefresh (line_win);
- /* let them know we are working on it */
- current_state = "No connection yet";
return 0;
}
diff --git a/talk/io.c b/talk/io.c
index e720573..7502de0 100644
--- a/talk/io.c
+++ b/talk/io.c
@@ -141,33 +141,46 @@ talk (void)
/*
* p_error prints the system error message on the standard location
- * on the screen and then exits. (i.e. a curses version of perror)
+ * on the screen and then exits, i.e., a curses version of perror.
*/
int
p_error (char *string)
{
- wmove (my_win.x_win, current_line % my_win.x_nlines, 0);
- wprintw (my_win.x_win, "[%s : %s (%d)]\n", string, strerror (errno), errno);
- wrefresh (my_win.x_win);
- move (LINES - 1, 0);
- refresh ();
+ if (curses_initialized)
+ {
+ wmove (my_win.x_win, current_line % my_win.x_nlines, 0);
+ wprintw (my_win.x_win, "[%s : %s (%d)]\n",
+ string, strerror (errno), errno);
+ wrefresh (my_win.x_win);
+ move (LINES - 1, 0);
+ refresh ();
+ }
+ else
+ perror (string);
+
quit ();
return 0;
}
/*
- * Display string in the standard location
+ * Display string in the standard location.
*/
int
message (char *string)
{
- wmove (my_win.x_win, current_line % my_win.x_nlines, 0);
- wprintw (my_win.x_win, "[%s]", string);
- wclrtoeol (my_win.x_win);
- current_line++;
- wmove (my_win.x_win, current_line % my_win.x_nlines, 0);
- wrefresh (my_win.x_win);
+ if (curses_initialized)
+ {
+ wmove (my_win.x_win, current_line % my_win.x_nlines, 0);
+ wprintw (my_win.x_win, "[%s]", string);
+ wclrtoeol (my_win.x_win);
+ current_line++;
+ wmove (my_win.x_win, current_line % my_win.x_nlines, 0);
+ wrefresh (my_win.x_win);
+ }
+ else
+ if (string && string[0])
+ printf ("[%s]\n", string);
return 0;
}
diff --git a/talk/talk.c b/talk/talk.c
index ff7311e..cd6379b 100644
--- a/talk/talk.c
+++ b/talk/talk.c
@@ -79,7 +79,7 @@ const char *program_authors[] =
NULL
};
-const char doc[] = "talk to another user";
+const char doc[] = "Talk to another user.";
const char args_doc[] = "person [ttyname]";
static struct argp argp = { NULL, NULL, args_doc, doc, NULL, NULL, NULL};
@@ -102,19 +102,28 @@ main (int argc, char *argv[])
}
if (!isatty (0))
{
- printf ("Standard input must be a tty, not a pipe or a file\n");
+ printf ("Standard input must be a tty, not a pipe, nor a file.\n");
exit (-1);
}
get_names (argc, argv);
- init_display ();
+
+ /* Let them know we are working on connections. */
+ current_state = "No connection yet.";
+
open_ctl ();
open_sockt ();
+ current_state = "Service connection established.";
+
start_msgs ();
if (!check_local ())
invite_remote ();
end_msgs ();
+
+ /* Our party is responding. Upgrade user interface. */
+ init_display ();
set_edit_chars ();
+
talk ();
}
@@ -129,5 +138,5 @@ static const char usage_str[] =
void
usage (void)
{
- printf ("%s\n" "Send bug reports to <%s>\n", usage_str, PACKAGE_BUGREPORT);
+ printf ("%s\n" "Send bug reports to <%s>.\n", usage_str, PACKAGE_BUGREPORT);
}
diff --git a/talkd/acl.c b/talkd/acl.c
index e3c7ac3..493541e 100644
--- a/talkd/acl.c
+++ b/talkd/acl.c
@@ -136,13 +136,13 @@ read_acl (char *config_file, int system)
char buf[128];
char *ptr;
- if (!config_file)
+ if (!config_file || !config_file[0])
return;
fp = fopen (config_file, "r");
if (!fp)
{
- if (system)
+ if (system > 0)
{
/* A missing, yet specified, site-wide ACL is a serious error.
* Abort execution whenever this happens.
@@ -153,6 +153,53 @@ read_acl (char *config_file, int system)
return; /* User setting may fail to exist. Just ignore. */
}
+ if (system < 0)
+ {
+ /* Alarmed state, violating file access policy.
+ * Insert a single, general denial equivalent to
+ * a rule reading `deny .* any'.
+ */
+ const char any_user[] = "^.*$";
+ char any_host[] = "any";
+ acl_t *acl;
+ regex_t re;
+ netdef_t *cur;
+
+ fclose (fp);
+ acl = malloc (sizeof *acl);
+
+ if (!acl)
+ {
+ syslog (LOG_ERR, "Out of memory");
+ exit (EXIT_FAILURE);
+ }
+ if (regcomp (&re, any_user, 0) != 0)
+ {
+ syslog (LOG_ERR, "Bad regexp '%s'.", any_user);
+ exit (EXIT_FAILURE);
+ }
+ cur = netdef_parse (any_host);
+ if (!cur)
+ {
+ syslog (LOG_ERR, "Cannot parse netdef '%s'.", any_host);
+ exit (EXIT_FAILURE);
+ }
+
+ acl->next = NULL;
+ acl->action = ACL_DENY;
+ acl->system = 0;
+ acl->re = re;
+ acl->netlist = cur;
+
+ if (!acl_tail)
+ acl_head = acl;
+ else
+ acl_tail->next = acl;
+ acl_tail = acl;
+
+ return;
+ }
+
line = 0;
while ((ptr = fgets (buf, sizeof buf, fp)))
{
@@ -244,8 +291,11 @@ read_acl (char *config_file, int system)
static acl_t *
open_users_acl (char *name)
{
+ int level = 0; /* Private file, not mandatory. */
+ int rc;
char *filename;
struct passwd *pw;
+ struct stat st;
acl_t *mark;
pw = getpwnam (name);
@@ -263,8 +313,27 @@ open_users_acl (char *name)
sprintf (filename, "%s/%s", pw->pw_dir, USER_ACL_NAME);
+ /* The location must be a file, and must be owned by the
+ * indicated user and his corresponding group. No write
+ * access by group or world. Record a syslog warning,
+ * should either of these not be true.
+ */
+ rc = stat (filename, &st);
+ if (rc < 0)
+ return NULL;
+ if (!S_ISREG(st.st_mode)
+ || st.st_uid != pw->pw_uid
+ || st.st_gid != pw->pw_gid
+ || st.st_mode & S_IWGRP
+ || st.st_mode & S_IWOTH)
+ {
+ if (logging || debug)
+ syslog (LOG_WARNING, "Discarding '%s': insecure access.", filename);
+ level = -1; /* Enforce a deny rule. */
+ }
+
mark = acl_tail;
- read_acl (filename, 0); /* Private file, not mandatory. */
+ read_acl (filename, level);
free (filename);
return mark;
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 25 +++++++++++++++++
doc/inetutils.texi | 6 +++-
talk/init_disp.c | 2 -
talk/io.c | 39 ++++++++++++++++++---------
talk/talk.c | 17 +++++++++---
talkd/acl.c | 75 +++++++++++++++++++++++++++++++++++++++++++++++++--
6 files changed, 141 insertions(+), 23 deletions(-)
hooks/post-receive
--
GNU Inetutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_1-174-g92cabdc,
Mats Erik Andersson <=