1 /*****************************************************************************
3 *****************************************************************************
4 * Copyright © 2005-2008 Rémi Denis-Courmont
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
19 *****************************************************************************/
25 #include <stdlib.h> /* exit() */
29 #include <sys/types.h>
33 #include <sys/socket.h>
35 #include <sys/resource.h> /* getrlimit() */
38 #include <netinet/in.h>
40 #if defined (AF_INET6) && !defined (IPV6_V6ONLY)
41 # warning Uho, your IPv6 support is broken and has been disabled. Fix your C library.
46 # define AF_LOCAL AF_UNIX
49 static inline int is_allowed_port (uint16_t port
)
52 return (port
== 80) || (port
== 443) || (port
== 554);
56 static inline int send_err (int fd
, int err
)
58 return send (fd
, &err
, sizeof (err
), 0) == sizeof (err
) ? 0 : -1;
62 * Send a file descriptor to another process
64 static int send_fd (int p
, int fd
)
69 char buf
[CMSG_SPACE (sizeof (fd
))];
76 hdr
.msg_control
= buf
;
77 hdr
.msg_controllen
= sizeof (buf
);
80 iov
.iov_len
= sizeof (val
);
82 cmsg
= CMSG_FIRSTHDR (&hdr
);
83 cmsg
->cmsg_level
= SOL_SOCKET
;
84 cmsg
->cmsg_type
= SCM_RIGHTS
;
85 cmsg
->cmsg_len
= CMSG_LEN (sizeof (fd
));
86 memcpy (CMSG_DATA (cmsg
), &fd
, sizeof (fd
));
87 hdr
.msg_controllen
= cmsg
->cmsg_len
;
89 return sendmsg (p
, &hdr
, 0) == sizeof (val
) ? 0 : -1;
94 * Background process run as root to open privileged TCP ports.
96 static void rootprocess (int fd
)
98 struct sockaddr_storage ss
;
100 while (recv (fd
, &ss
, sizeof (ss
), 0) == sizeof (ss
))
105 switch (ss
.ss_family
)
108 if (!is_allowed_port (((struct sockaddr_in
*)&ss
)->sin_port
))
110 if (send_err (fd
, EACCES
))
114 len
= sizeof (struct sockaddr_in
);
119 if (!is_allowed_port (((struct sockaddr_in6
*)&ss
)->sin6_port
))
121 if (send_err (fd
, EACCES
))
125 len
= sizeof (struct sockaddr_in6
);
130 if (send_err (fd
, EAFNOSUPPORT
))
135 sock
= socket (ss
.ss_family
, SOCK_STREAM
, IPPROTO_TCP
);
140 setsockopt (sock
, SOL_SOCKET
, SO_REUSEADDR
, &val
, sizeof (val
));
142 if (ss
.ss_family
== AF_INET6
)
143 setsockopt (sock
, IPPROTO_IPV6
, IPV6_V6ONLY
, &val
, sizeof (val
));
145 if (bind (sock
, (struct sockaddr
*)&ss
, len
) == 0)
152 send_err (fd
, errno
);
157 * - use libcap if available,
161 int main (int argc
, char *argv
[])
163 /* Support for dynamically opening RTSP, HTTP and HTTP/SSL ports */
166 if (socketpair (AF_LOCAL
, SOCK_STREAM
, 0, pair
))
169 goto error
; /* we want 0, 1 and 2 open */
179 int null
= open ("/dev/null", O_RDWR
);
189 rootprocess (pair
[1]);
198 snprintf (buf
, sizeof (buf
), "%d", pair
[0]);
199 setenv ("VLC_ROOTWRAP_SOCK", buf
, 1);
201 /* Support for real-time priorities */
204 rlim
.rlim_max
= rlim
.rlim_cur
= sched_get_priority_min (SCHED_RR
) + 24;
205 setrlimit (RLIMIT_RTPRIO
, &rlim
);
208 uid_t uid
= getuid ();
211 const char *sudo
= getenv ("SUDO_UID");
217 fprintf (stderr
, "Cannot determine unprivileged user for VLC!\n");
222 if (!setuid (0)) /* sanity check: we cannot get root back */
225 /* Yeah, the user can execute just about anything from here.
226 * But we've dropped privileges, so it does not matter. */
227 if (strlen (argv
[0]) < sizeof ("-wrapper"))
229 argv
[0][strlen (argv
[0]) - strlen ("-wrapper")] = '\0';
232 if (execvp (argv
[0], argv
))