diff --git a/src/oping.c b/src/oping.c
index 4f75f22be5e92d195b99c343bdf42ef460447ef8..d27f187963dc511395c54bad8566f6f2c9d12562 100644 (file)
--- a/src/oping.c
+++ b/src/oping.c
# error "You don't have the standard C99 header files installed"
#endif /* STDC_HEADERS */
+#if HAVE_UNISTD_H
+# include <unistd.h>
+#endif
+
#if HAVE_MATH_H
# include <math.h>
#endif
# include <signal.h>
#endif
+#if HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
#include "oping.h"
+#ifndef _POSIX_SAVED_IDS
+# define _POSIX_SAVED_IDS 0
+#endif
+
typedef struct ping_context
{
char host[NI_MAXHOST];
static double opt_interval = 1.0;
static int opt_addrfamily = PING_DEF_AF;
static char *opt_srcaddr = NULL;
+static char *opt_device = NULL;
static char *opt_filename = NULL;
static int opt_count = -1;
static int opt_send_ttl = 64;
free (context);
}
-static void usage_exit (const char *name)
+static void usage_exit (const char *name, int status)
{
int name_length;
name_length = (int) strlen (name);
- fprintf (stderr, "Usage: %s [-46] [-c count] [-i interval]\n"
- "%*s[-t ttl] [-I srcaddr]\n"
- "%*s-f filename | host [host [host ...]]\n",
- name,
- 8 + name_length, "",
- 8 + name_length, "");
- exit (1);
+ fprintf (stderr, "Usage: %s [OPTIONS] "
+ "-f filename | host [host [host ...]]\n"
+
+ "\nAvailable options:\n"
+ " -4|-6 force the use of IPv4 or IPv6\n"
+ " -c count number of ICMP packets to send\n"
+ " -i interval interval with which to send ICMP packets\n"
+ " -t ttl time to live for each ICMP packet\n"
+ " -I srcaddr source address\n"
+ " -D device outgoing interface name\n"
+ " -f filename filename to read hosts from\n"
+
+ "\noping "PACKAGE_VERSION", http://verplant.org/liboping/\n"
+ "by Florian octo Forster <octo@verplant.org>\n"
+ "for contributions see `AUTHORS'\n",
+ name);
+ exit (status);
}
static int read_options (int argc, char **argv)
while (1)
{
- optchar = getopt (argc, argv, "46c:hi:I:t:f:");
+ optchar = getopt (argc, argv, "46c:hi:I:t:f:D:");
if (optchar == -1)
break;
new_count = atoi (optarg);
if (new_count > 0)
opt_count = new_count;
+ else
+ fprintf(stderr, "Ignoring invalid count: %s\n",
+ optarg);
}
break;
double new_interval;
new_interval = atof (optarg);
if (new_interval < 0.001)
- fprintf (stderr, "Ignoring invalid interval %g.\n",
- new_interval);
+ fprintf (stderr, "Ignoring invalid interval: %s\n",
+ optarg);
else
opt_interval = new_interval;
}
}
break;
+ case 'D':
+ opt_device = optarg;
+ break;
+
case 't':
{
int new_send_ttl;
if ((new_send_ttl > 0) && (new_send_ttl < 256))
opt_send_ttl = new_send_ttl;
else
- fprintf (stderr, "Invalid TTL argument: %s\n",
+ fprintf (stderr, "Ignoring invalid TTL argument: %s\n",
optarg);
break;
}
case 'h':
+ usage_exit (argv[0], 0);
+ break;
default:
- usage_exit (argv[0]);
+ usage_exit (argv[0], 1);
}
}
int optind;
int i;
+ int status;
+#if _POSIX_SAVED_IDS
+ uid_t saved_set_uid;
+
+ /* Save the old effective user id */
+ saved_set_uid = geteuid ();
+ /* Set the effective user ID to the real user ID without changing the
+ * saved set-user ID */
+ status = seteuid (getuid ());
+ if (status != 0)
+ {
+ fprintf (stderr, "Temporarily dropping privileges "
+ "failed: %s\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+#endif
optind = read_options (argc, argv);
- if (optind >= argc && !opt_filename) {
- usage_exit (argv[0]);
+#if !_POSIX_SAVED_IDS
+ /* Cannot temporarily drop privileges -> reject every file but "-". */
+ if ((opt_filename != NULL)
+ && (strcmp ("-", opt_filename) != 0)
+ && (getuid () != geteuid ()))
+ {
+ fprintf (stderr, "Your real and effective user IDs don't "
+ "match. Reading from a file (option '-f')\n"
+ "is therefore too risky. You can still read "
+ "from STDIN using '-f -' if you like.\n"
+ "Sorry.\n");
+ exit (EXIT_FAILURE);
}
+#endif
- if (geteuid () != 0)
- {
- fprintf (stderr, "Need superuser privileges to open a RAW socket. Sorry.\n");
- return (1);
+ if ((optind >= argc) && (opt_filename == NULL)) {
+ usage_exit (argv[0], 1);
}
if ((ping = ping_construct ()) == NULL)
}
}
+ if (opt_device != NULL)
+ {
+ if (ping_setopt (ping, PING_OPT_DEVICE, (void *) opt_device) != 0)
+ {
+ fprintf (stderr, "Setting device failed: %s\n",
+ ping_get_error (ping));
+ }
+ }
+
if (opt_filename != NULL)
{
FILE *infile;
else
infile = fopen(opt_filename, "r");
- if (!infile)
+ if (infile == NULL)
{
- fprintf (stderr, "Couldn't open file for hostnames: %s\n", strerror(errno));
+ fprintf (stderr, "Opening %s failed: %s\n",
+ (strcmp (opt_filename, "-") == 0)
+ ? "STDIN" : opt_filename,
+ strerror(errno));
return (1);
}
+#if _POSIX_SAVED_IDS
+ /* Regain privileges */
+ status = seteuid (saved_set_uid);
+ if (status != 0)
+ {
+ fprintf (stderr, "Temporarily re-gaining privileges "
+ "failed: %s\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+#endif
+
while (fgets(line, sizeof(line), infile))
{
+ /* Strip whitespace */
if (sscanf(line, "%s", host) != 1)
continue;
- if ((!*host) || (host[0] == '#'))
+ if ((host[0] == 0) || (host[0] == '#'))
continue;
if (ping_host_add(ping, host) < 0)
}
}
+#if _POSIX_SAVED_IDS
+ /* Drop privileges */
+ status = seteuid (getuid ());
+ if (status != 0)
+ {
+ fprintf (stderr, "Temporarily dropping privileges "
+ "failed: %s\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+#endif
+
fclose(infile);
}
+#if _POSIX_SAVED_IDS
+ /* Regain privileges */
+ status = seteuid (saved_set_uid);
+ if (status != 0)
+ {
+ fprintf (stderr, "Temporarily re-gaining privileges "
+ "failed: %s\n", strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+#endif
+
for (i = optind; i < argc; i++)
{
if (ping_host_add (ping, argv[i]) < 0)
}
}
- /* Drop root privileges if we're setuid-root. */
- setuid (getuid ());
+ /* Permanently drop root privileges if we're setuid-root. */
+ status = setuid (getuid ());
+ if (status != 0)
+ {
+ fprintf (stderr, "Dropping privileges failed: %s\n",
+ strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
+#if _POSIX_SAVED_IDS
+ saved_set_uid = (uid_t) -1;
+#endif
i = 0;
for (iter = ping_iterator_get (ping);