From owner-cvs-all  Sun Nov 26 13:40:25 2000
Delivered-To: cvs-all@freebsd.org
Received: from green.dyndns.org (localhost [127.0.0.1])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4F77C37B479; Sun, 26 Nov 2000 13:40:13 -0800 (PST)
Received: from localhost (oprj3h@localhost [127.0.0.1])
	by green.dyndns.org (8.11.0/8.11.0) with ESMTP id eAQLe2576200;
	Sun, 26 Nov 2000 16:40:03 -0500 (EST)
	(envelope-from green@FreeBSD.org)
Message-Id: <200011262140.eAQLe2576200@green.dyndns.org>
X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4
To: Alfred Perlstein <bright@wintelcom.net>
Cc: "Brian F. Feldman" <green@FreeBSD.org>, obrien@FreeBSD.org,
	cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/usr.sbin/inetd builtins.c 
In-Reply-To: Message from Alfred Perlstein <bright@wintelcom.net> 
   of "Sat, 25 Nov 2000 19:01:46 PST." <20001125190146.Q8051@fw.wintelcom.net> 
From: "Brian F. Feldman" <green@FreeBSD.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sun, 26 Nov 2000 16:39:59 -0500
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Alfred Perlstein <bright@wintelcom.net> wrote:
> Because your "fix" was a gross hack on top of the gross hack already
> in place.

Here, you can review this, then:

--- builtins.c.orig	Sat Nov 25 09:09:34 2000
+++ builtins.c	Sun Nov 26 15:56:15 2000
@@ -453,7 +453,8 @@
 	 */
 	gettimeofday(&to, NULL);
 	to.tv_sec += tv.tv_sec;
-	if ((to.tv_usec += tv.tv_usec) >= 1000000) {
+	to.tv_usec += tv.tv_usec;
+	if (to.tv_usec >= 1000000) {
 		to.tv_usec -= 1000000;
 		to.tv_sec++;
 	}
@@ -517,7 +518,7 @@
 	 * so right here we are only setting the ports.
 	 */
 	if (ss[0].ss_family != ss[1].ss_family)
-		iderror(lport, fport, s, errno);
+		iderror(lport, fport, s, EINVAL);
 	size = sizeof(uc);
 	switch (ss[0].ss_family) {
 	case AF_INET:
@@ -527,7 +528,7 @@
 		sin[1].sin_port = htons(fport);
 		if (sysctlbyname("net.inet.tcp.getcred", &uc, &size, sin,
 				 sizeof(sin)) == -1)
-			getcredfail = 1;
+			getcredfail = errno;
 		break;
 #ifdef INET6
 	case AF_INET6:
@@ -537,23 +538,24 @@
 		sin6[1].sin6_port = htons(fport);
 		if (sysctlbyname("net.inet6.tcp6.getcred", &uc, &size, sin6,
 				 sizeof(sin6)) == -1)
-			getcredfail = 1;
+			getcredfail = errno;
 		break;
 #endif
 	default: /* should not reach here */
-		getcredfail = 1;
+		getcredfail = EAFNOSUPPORT;
 		break;
 	}
 	if (getcredfail != 0) {
 		if (fallback == NULL)		/* Use a default, if asked to */
-			iderror(lport, fport, s, errno);
+			iderror(lport, fport, s, getcredfail);
 		usedfallback = 1;
 	} else {
 		/* Look up the pw to get the username */
+		errno = 0;
 		pw = getpwuid(uc.cr_uid);
 	}
 	if (pw == NULL && !usedfallback)		/* No such user... */
-		iderror(lport, fport, s, errno);
+		iderror(lport, fport, s, errno != 0 ? errno : ENOENT);
 	/*
 	 * If enabled, we check for a file named ".noident" in the user's
 	 * home directory. If found, we return HIDDEN-USER.
@@ -587,23 +589,23 @@
 			iderror(lport, fport, s, errno);
 		seteuid(pw->pw_uid);
 		/*
-		 * If we were to lstat() here, it would do no good, since it
-		 * would introduce a race condition and could be defeated.
+		 * We can't stat() here since that would be a race
+		 * condition.
 		 * Therefore, we open the file we have permissions to open
 		 * and if it's not a regular file, we close it and end up
 		 * returning the user's real username.
 		 */
 		fakeid_fd = open(p, O_RDONLY | O_NONBLOCK);
 		free(p);
-		if ((fakeid = fdopen(fakeid_fd, "r")) != NULL &&
-		    fstat(fileno(fakeid), &sb) != -1 && S_ISREG(sb.st_mode)) {
+		if (fakeid_fd != -1 && fstat(fakeid_fd, &sb) != -1 &&
+		    S_ISREG(sb.st_mode) &&
+		    (fakeid = fdopen(fakeid_fd, "r")) != NULL) {
 			buf[sizeof(buf) - 1] = '\0';
 			if (fgets(buf, sizeof(buf), fakeid) == NULL) {
 				cp = pw->pw_name;
 				fclose(fakeid);
 				goto printit;
 			}
-			fclose(fakeid);
 			/*
 			 * Usually, the file will have the desired identity
 			 * in the form "identity\n", so we use strcspn() to
@@ -626,14 +628,18 @@
 			 */
 			
 			if (!*cp || getpwnam(cp)) {
+				errno = 0;
 				pw = getpwuid(uc.cr_uid);
 				if (pw == NULL)
-					iderror(lport, fport, s, errno);
+					iderror(lport, fport, s,
+					    errno != 0 ? errno : ENOENT);
 				cp = pw->pw_name;
 			}
 		} else
 			cp = pw->pw_name;
-		if (fakeid_fd != -1)
+		if (fakeid != NULL)
+			fclose(fakeid);
+		else if (fakeid_fd != -1)
 			close(fakeid_fd);
 	} else if (!usedfallback)
 		cp = pw->pw_name;



--
 Brian Fundakowski Feldman           \  FreeBSD: The Power to Serve!  /
 green@FreeBSD.org                    `------------------------------'




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message