1 /*****************************************************************************
3 *****************************************************************************
4 * Copyright © 2005-2008 Rémi Denis-Courmont
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
19 *****************************************************************************/
24 #define _XPG4_2 /* ancilliary data on Solaris */
26 #include <stdlib.h> /* exit() */
30 #include <sys/types.h>
34 #include <sys/socket.h>
36 #include <sys/resource.h> /* getrlimit() */
41 #include <netinet/in.h>
43 #if defined (AF_INET6) && !defined (IPV6_V6ONLY)
44 # warning Uho, your IPv6 support is broken and has been disabled. Fix your C library.
48 # define AF_LOCAL AF_UNIX
50 #if !defined(MSG_NOSIGNAL) && defined(SO_NOSIGPIPE)
51 # define MSG_NOSIGNAL 0
53 /* Required yet non-standard cmsg functions */
55 # define CMSG_ALIGN(len) (((len) + sizeof(intptr_t)-1) & ~(sizeof(intptr_t)-1))
58 # define CMSG_SPACE(len) (CMSG_ALIGN(sizeof(struct cmsghdr)) + CMSG_ALIGN(len))
61 # define CMSG_LEN(len) (CMSG_ALIGN(sizeof(struct cmsghdr)) + (len))
64 static inline int is_allowed_port (uint16_t port
)
67 return (port
== 80) || (port
== 443) || (port
== 554);
71 static inline int send_err (int fd
, int err
)
73 return send(fd
, &err
, sizeof (err
), MSG_NOSIGNAL
) == sizeof (err
) ? 0 : -1;
77 * Send a file descriptor to another process
79 static int send_fd (int p
, int fd
)
84 char buf
[CMSG_SPACE (sizeof (fd
))];
91 hdr
.msg_control
= buf
;
92 hdr
.msg_controllen
= sizeof (buf
);
95 iov
.iov_len
= sizeof (val
);
97 cmsg
= CMSG_FIRSTHDR (&hdr
);
98 cmsg
->cmsg_level
= SOL_SOCKET
;
99 cmsg
->cmsg_type
= SCM_RIGHTS
;
100 cmsg
->cmsg_len
= CMSG_LEN (sizeof (fd
));
101 memcpy (CMSG_DATA (cmsg
), &fd
, sizeof (fd
));
102 hdr
.msg_controllen
= cmsg
->cmsg_len
;
104 return sendmsg(p
, &hdr
, MSG_NOSIGNAL
) == sizeof (val
) ? 0 : -1;
109 * Background process run as root to open privileged TCP ports.
111 static void rootprocess (int fd
)
116 struct sockaddr_storage ss
;
117 struct sockaddr_in sin
;
119 struct sockaddr_in6 sin6
;
123 while (recv (fd
, &addr
.ss
, sizeof (addr
.ss
), 0) == sizeof (addr
.ss
))
129 switch (addr
.sa
.sa_family
)
132 if (!is_allowed_port (addr
.sin
.sin_port
))
134 if (send_err (fd
, EACCES
))
138 len
= sizeof (struct sockaddr_in
);
144 if (!is_allowed_port (addr
.sin6
.sin6_port
))
146 if (send_err (fd
, EACCES
))
150 len
= sizeof (struct sockaddr_in6
);
156 if (send_err (fd
, EAFNOSUPPORT
))
161 sock
= socket (family
, SOCK_STREAM
, IPPROTO_TCP
);
166 setsockopt (sock
, SOL_SOCKET
, SO_REUSEADDR
, &val
, sizeof (val
));
168 if (addr
.sa
.sa_family
== AF_INET6
)
169 setsockopt (sock
, IPPROTO_IPV6
, IPV6_V6ONLY
, &val
, sizeof (val
));
171 if (bind (sock
, &addr
.sa
, len
) == 0)
179 send_err (fd
, errno
);
184 * - use libcap if available,
188 int main (int argc
, char *argv
[])
190 /* Support for dynamically opening RTSP, HTTP and HTTP/SSL ports */
193 if (socketpair (AF_LOCAL
, SOCK_STREAM
, 0, pair
))
196 goto error
; /* we want 0, 1 and 2 open */
199 setsockopt(pair
[1], SOL_SOCKET
, SO_NOSIGPIPE
, &(int){ 1 }, sizeof (int));
210 int null
= open ("/dev/null", O_RDWR
);
220 rootprocess (pair
[1]);
229 snprintf (buf
, sizeof (buf
), "%d", pair
[0]);
230 setenv ("VLC_ROOTWRAP_SOCK", buf
, 1);
232 /* Support for real-time priorities */
235 rlim
.rlim_max
= rlim
.rlim_cur
= sched_get_priority_min (SCHED_RR
) + 24;
236 setrlimit (RLIMIT_RTPRIO
, &rlim
);
239 uid_t uid
= getuid ();
242 const char *sudo
= getenv ("SUDO_UID");
248 fprintf (stderr
, "Cannot determine unprivileged user for VLC!\n");
253 if (!setuid (0)) /* sanity check: we cannot get root back */
256 /* Yeah, the user can execute just about anything from here.
257 * But we've dropped privileges, so it does not matter. */
258 if (strlen (argv
[0]) < sizeof ("-wrapper"))
260 argv
[0][strlen (argv
[0]) - strlen ("-wrapper")] = '\0';
263 if (execvp (argv
[0], argv
))