If there is a leftover socket when the server starts, delete it

(otherwise the bind() call will fail and the server will not start).
svn path=/head/; revision=145988
2024-12-01 01:17:02 +00:00 · 2005-10-21 06:04:27 +00:00 · 2005-10-21 06:04:27 +00:00 · d956f94ac9 · 2021-03-31 03:12:20 +00:00
commit d956f94ac9
parent 4418a47c44
2 changed files with 109 additions and 8 deletions
--- a/devel/gamin/Makefile
+++ b/devel/gamin/Makefile
@ -7,6 +7,7 @@

 PORTNAME=	gamin
 PORTVERSION=	0.1.5
+PORTREVISION?=	1
 CATEGORIES?=	devel
 MASTER_SITES=	http://www.gnome.org/~veillard/gamin/sources/

--- a/devel/gamin/files/patch-server_gam_channel.c
+++ b/devel/gamin/files/patch-server_gam_channel.c
@ -1,6 +1,6 @@
--- server/gam_channel.c.orig	Sun Jul 17 16:48:54 2005
-+++ server/gam_channel.c	Sun Jul 17 16:51:45 2005
-@@ -29,10 +29,10 @@ gam_client_conn_send_cred(int fd)
+--- server/gam_channel.c.orig	Tue Aug  9 18:17:39 2005
+++ server/gam_channel.c	Fri Oct 21 07:55:31 2005
+@@ -30,10 +30,10 @@
 {
     char data[2] = { 0, 0 };
     int written;
@ -14,7 +14,7 @@
     } cmsg;
     struct iovec iov;
     struct msghdr msg;
-@@ -44,16 +44,16 @@ gam_client_conn_send_cred(int fd)
+@@ -45,16 +45,16 @@
     msg.msg_iov = &iov;
     msg.msg_iovlen = 1;
 
@ -35,7 +35,7 @@
     written = sendmsg(fd, &msg, 0);
 #else
     written = write(fd, &data[0], 1);
-@@ -92,15 +92,16 @@ gam_client_conn_check_cred(GIOChannel * 
+@@ -95,15 +95,16 @@
     gid_t c_gid;
 
 #ifdef HAVE_CMSGCRED
@ -55,7 +55,7 @@
     /* Set the socket to receive credentials on the next message */
     {
         int on = 1;
-@@ -121,8 +122,8 @@ gam_client_conn_check_cred(GIOChannel * 
+@@ -124,8 +125,8 @@
 
 #ifdef HAVE_CMSGCRED
     memset(&cmsg, 0, sizeof(cmsg));
@ -66,7 +66,7 @@
 #endif
 
   retry:
-@@ -139,7 +140,8 @@ gam_client_conn_check_cred(GIOChannel * 
+@@ -142,7 +143,8 @@
         goto failed;
     }
 #ifdef HAVE_CMSGCRED
@ -76,7 +76,7 @@
         GAM_DEBUG(DEBUG_INFO,
                   "Message from recvmsg() was not SCM_CREDS\n");
         goto failed;
-@@ -165,9 +167,10 @@ gam_client_conn_check_cred(GIOChannel * 
+@@ -168,9 +170,10 @@
             goto failed;
         }
 #elif defined(HAVE_CMSGCRED)
@ -90,3 +90,103 @@
 #else /* !SO_PEERCRED && !HAVE_CMSGCRED */
         GAM_DEBUG(DEBUG_INFO,
                   "Socket credentials not supported on this OS\n");
+@@ -513,66 +516,6 @@
+     g_free(dir);
+     return(FALSE);
+ }
+-
+-/**
+- * gam_check_secure_path:
+- * @path: path to the (possibly abstract) socket
+- *
+- * Tries to create or ensure that the socket used for communicating with
+- * the clients are in a safe directory to avoid possible attacks.
+- *
+- * Returns the socket file descriptor or -1 in case of error.
+- */
+-static gboolean
+-gam_check_secure_path(const char *path)
+-{
+-    struct stat st;
+-    int ret;
+-
+-    if (!gam_check_secure_dir())
+-        return(FALSE);
+-    /*
+-     * Check the existing socket if any
+-     */
+-    ret = stat(path, &st);
+-    if (ret < 0)
+-	return(TRUE);
+-    
+-    if (st.st_uid != getuid()) {
+-	gam_error(DEBUG_INFO,
+-		  "Socket %s has different owner\n",
+-		  path);
+-	goto cleanup;
+-    }
+-#ifdef S_ISSOCK
+-    if (!S_ISSOCK (st.st_mode)) {
+-	gam_error(DEBUG_INFO, "Socket path %s is not a socket\n",
+-		  path);
+-	goto cleanup;
+-    }
+-#endif
+-    if (st.st_mode & (S_IRWXG|S_IRWXO)) {
+-	gam_error(DEBUG_INFO,
+-		  "Socket %s has wrong permissions\n",
+-		  path);
+-	goto cleanup;
+-    }
+-    /*
+-     * Looks good though binding may fail due to an existing server
+-     */
+-    return(TRUE);
+-
+-cleanup:
+-    /*
+-     * the existing file at the socket location seems strange, try to remove it
+-     */
+-    ret = unlink(path);
+-    if (ret < 0) {
+-	gam_error(DEBUG_INFO, "Failed to remove %s\n", path);
+-	return(FALSE);
+-    }
+-    return(TRUE);
+-}
+ #endif /* ! HAVE_ABSTRACT_SOCKETS */
+ 
+ /************************************************************************
+@@ -620,6 +563,7 @@
+ {
+     int fd;
+     struct sockaddr_un addr;
+    struct stat st;
+ 
+     fd = socket(PF_UNIX, SOCK_STREAM, 0);
+     if (fd < 0) {
+@@ -635,13 +579,18 @@
+     addr.sun_path[0] = '\0';
+     strncpy(&addr.sun_path[1], path, (sizeof(addr) - 4) - 2);
+ #else
+-    /*
+-     * if the socket is exposed at the filesystem level we need to take
+-     * some extra protection checks. Also make sure the socket is created
+-     * with restricted mode
+-     */
+-    if (!gam_check_secure_path(path)) {
+    if (! gam_check_secure_dir()) {
+      close(fd);
+      return (-1);
+    }
+
+    if (stat(path, &st) == 0) {
+      /* bind() will fail if the socket already exists */
+      if (unlink(path) < 0) {
+	GAM_DEBUG(DEBUG_INFO, "Failed to remove %s\n", path);
+	close(fd);
+ 	return (-1);
+      }
+     }
+     strncpy(&addr.sun_path[0], path, (sizeof(addr) - 4) - 1);
+     umask(0077);