warp-vpn

point to point VPN implementation
git clone git://git.2f30.org/warp-vpn
Log | Files | Refs | README

commit 9b6122cb92ce56964f328b533d5f748a428c5a7d
parent bb2f2eb11fbe038e029c374e18023abd0916ba13
Author: sin <sin@2f30.org>
Date:   Thu, 21 Apr 2016 12:43:05 +0100

Allow dropping privileges to specified user

Diffstat:
Mstun.8 | 8+++++++-
Mstun.c | 12++++++++----
Mstun.h | 2+-
Mutil.c | 6+++---
4 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/stun.8 b/stun.8 @@ -1,4 +1,4 @@ -.Dd April 14, 2016 +.Dd April 21, 2016 .Dt STUN 8 .Os .Sh NAME @@ -13,6 +13,7 @@ .Op Fl p Ar port .Op Fl t Ar devtype .Op Fl c Ar cipher +.Op Fl u Ar user .Ar interface .Nm stun .Op Fl 46 @@ -21,6 +22,7 @@ .Op Fl p Ar port .Op Fl t Ar devtype .Op Fl c Ar cipher +.Op Fl u Ar user .Ar interface .Sh DESCRIPTION .Nm @@ -63,6 +65,10 @@ Select the given If the argument is ? then .Nm will list the available ciphers. The default cipher is chacha20-poly1305. +.It Fl u Ar user +Drop privileges to the specified +.Ar user . +The default user is nobody. .El .Sh BUGS This program is an experiment and may not be secure. Use at your diff --git a/stun.c b/stun.c @@ -65,8 +65,8 @@ int sflag; void usage(void) { - fprintf(stderr, "usage: stun [-46] [-d] -s [-b address] [-p port] [-t devtype] [-c cipher] interface\n"); - fprintf(stderr, " stun [-46] [-d] -h host [-p port] [-t devtype] [-c cipher] interface\n"); + fprintf(stderr, "usage: stun [-46] [-d] -s [-b address] [-p port] [-t devtype] [-c cipher] [-u user] interface\n"); + fprintf(stderr, " stun [-46] [-d] -h host [-p port] [-t devtype] [-c cipher] [-u user] interface\n"); exit(1); } @@ -75,6 +75,7 @@ main(int argc, char *argv[]) { struct rlimit rlim; char *arg, *pw; + char *user = NOPRIVUSER; int devfd, listenfd, netfd; ARGBEGIN { @@ -115,6 +116,9 @@ main(int argc, char *argv[]) return 0; } break; + case 'u': + user = EARGF(usage()); + break; default: usage(); } ARGEND @@ -150,7 +154,7 @@ main(int argc, char *argv[]) if (sflag) { /* invoked as server */ listenfd = serverinit(bindaddr, port); - revokeprivs(); + revokeprivs(user); #if defined(__OpenBSD__) #include <sys/param.h> #if OpenBSD >= 201605 @@ -171,7 +175,7 @@ main(int argc, char *argv[]) } } else { /* invoked as client */ - revokeprivs(); + revokeprivs(user); #if defined(__OpenBSD__) #include <sys/param.h> #if OpenBSD >= 201605 diff --git a/stun.h b/stun.h @@ -78,7 +78,7 @@ void pack16(unsigned char *, uint16_t); uint16_t unpack16(unsigned char *); void pack64(unsigned char *, uint64_t); uint64_t unpack64(unsigned char *); -void revokeprivs(void); +void revokeprivs(char *); int setnonblock(int, int); char *saddr_ntop(struct sockaddr *, socklen_t); char *peer_ntop(int); diff --git a/util.c b/util.c @@ -53,12 +53,12 @@ unpack64(unsigned char *buf) } void -revokeprivs(void) +revokeprivs(char *user) { struct passwd *pw; - if (!(pw = getpwnam(NOPRIVUSER))) - logerr("no %s user", NOPRIVUSER); + if (!(pw = getpwnam(user))) + logerr("no %s user", user); if (setgroups(1, &pw->pw_gid) < 0 || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0 || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0)