1
/*****************************************************************************
3
*****************************************************************************
4
* Copyright © 2005-2008 Rémi Denis-Courmont
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or
9
* (at your option) any later version.
11
* This program is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
* GNU General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
19
*****************************************************************************/
25
#include <stdlib.h> /* exit() */
29
#include <sys/types.h>
33
#include <sys/socket.h>
35
#include <sys/resource.h> /* getrlimit() */
38
#include <netinet/in.h>
40
#if defined (AF_INET6) && !defined (IPV6_V6ONLY)
41
# warning Uho, your IPv6 support is broken and has been disabled. Fix your C library.
46
# define AF_LOCAL AF_UNIX
49
static inline int is_allowed_port (uint16_t port)
52
return (port == 80) || (port == 443) || (port == 554);
56
static inline int send_err (int fd, int err)
58
return send (fd, &err, sizeof (err), 0) == sizeof (err) ? 0 : -1;
62
* Send a file descriptor to another process
64
static int send_fd (int p, int fd)
69
char buf[CMSG_SPACE (sizeof (fd))];
76
hdr.msg_control = buf;
77
hdr.msg_controllen = sizeof (buf);
80
iov.iov_len = sizeof (val);
82
cmsg = CMSG_FIRSTHDR (&hdr);
83
cmsg->cmsg_level = SOL_SOCKET;
84
cmsg->cmsg_type = SCM_RIGHTS;
85
cmsg->cmsg_len = CMSG_LEN (sizeof (fd));
86
memcpy (CMSG_DATA (cmsg), &fd, sizeof (fd));
87
hdr.msg_controllen = cmsg->cmsg_len;
89
return sendmsg (p, &hdr, 0) == sizeof (val) ? 0 : -1;
94
* Background process run as root to open privileged TCP ports.
96
static void rootprocess (int fd)
98
struct sockaddr_storage ss;
100
while (recv (fd, &ss, sizeof (ss), 0) == sizeof (ss))
105
switch (ss.ss_family)
108
if (!is_allowed_port (((struct sockaddr_in *)&ss)->sin_port))
110
if (send_err (fd, EACCES))
114
len = sizeof (struct sockaddr_in);
119
if (!is_allowed_port (((struct sockaddr_in6 *)&ss)->sin6_port))
121
if (send_err (fd, EACCES))
125
len = sizeof (struct sockaddr_in6);
130
if (send_err (fd, EAFNOSUPPORT))
135
sock = socket (ss.ss_family, SOCK_STREAM, IPPROTO_TCP);
140
setsockopt (sock, SOL_SOCKET, SO_REUSEADDR, &val, sizeof (val));
142
if (ss.ss_family == AF_INET6)
143
setsockopt (sock, IPPROTO_IPV6, IPV6_V6ONLY, &val, sizeof (val));
145
if (bind (sock, (struct sockaddr *)&ss, len) == 0)
152
send_err (fd, errno);
157
* - use libcap if available,
161
int main (int argc, char *argv[])
163
/* Support for dynamically opening RTSP, HTTP and HTTP/SSL ports */
166
if (socketpair (AF_LOCAL, SOCK_STREAM, 0, pair))
169
goto error; /* we want 0, 1 and 2 open */
179
int null = open ("/dev/null", O_RDWR);
189
rootprocess (pair[1]);
198
snprintf (buf, sizeof (buf), "%d", pair[0]);
199
setenv ("VLC_ROOTWRAP_SOCK", buf, 1);
201
/* Support for real-time priorities */
204
rlim.rlim_max = rlim.rlim_cur = sched_get_priority_min (SCHED_RR) + 24;
205
setrlimit (RLIMIT_RTPRIO, &rlim);
208
uid_t uid = getuid ();
211
const char *sudo = getenv ("SUDO_UID");
217
fprintf (stderr, "Cannot determine unprivileged user for VLC!\n");
222
if (!setuid (0)) /* sanity check: we cannot get root back */
225
/* Yeah, the user can execute just about anything from here.
226
* But we've dropped privileges, so it does not matter. */
227
if (strlen (argv[0]) < sizeof ("-wrapper"))
229
argv[0][strlen (argv[0]) - strlen ("-wrapper")] = '\0';
232
if (execvp (argv[0], argv))