From 08ac826f46af55b0cd27b8ba1dad5b3051f29a2a Mon Sep 17 00:00:00 2001
From: deuce <>
Date: Sat, 7 Jul 2007 20:36:09 +0000
Subject: [PATCH] Only call do_seteuid() if the port is reserved. Also, when
sending mail, the bind() call doesn't specify a port, so there is no need to
ask for root.
---
src/sbbs3/ftpsrvr.c | 12 ++++++++----
src/sbbs3/mailsrvr.c | 30 ++++++++++++++++++++----------
src/sbbs3/main.cpp | 36 ++++++++++++++++++++++++------------
src/sbbs3/services.c | 12 ++++++++----
src/sbbs3/websrvr.c | 12 ++++++++----
5 files changed, 68 insertions(+), 34 deletions(-)
diff --git a/src/sbbs3/ftpsrvr.c b/src/sbbs3/ftpsrvr.c
index 46dd311dae..1e3ba13f6f 100644
--- a/src/sbbs3/ftpsrvr.c
+++ b/src/sbbs3/ftpsrvr.c
@@ -4788,12 +4788,16 @@ void DLLCALL ftp_server(void* arg)
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(startup->port);
- if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ if(startup->port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
result=retry_bind(server_socket, (struct sockaddr *) &server_addr,sizeof(server_addr)
,startup->bind_retry_count,startup->bind_retry_delay,"FTP Server",lprintf);
- if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ if(startup->port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(TRUE);
+ }
if(result!=0) {
lprintf(LOG_ERR,"%04d %s", server_socket, BIND_FAILURE_HELP);
cleanup(1,__LINE__);
diff --git a/src/sbbs3/mailsrvr.c b/src/sbbs3/mailsrvr.c
index 9d57faa1d5..8670c5c769 100644
--- a/src/sbbs3/mailsrvr.c
+++ b/src/sbbs3/mailsrvr.c
@@ -3748,11 +3748,13 @@ static void sendmail_thread(void* arg)
addr.sin_addr.s_addr = htonl(startup->interface_addr);
addr.sin_family = AF_INET;
+ /* Not needed. Port is zero
if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ startup->seteuid(FALSE); */
i=bind(sock,(struct sockaddr *)&addr, sizeof(addr));
+ /* Not needed. Port is zero
if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ startup->seteuid(TRUE); */
if(i!=0) {
remove_msg_intransit(&smb,&msg);
lprintf(LOG_ERR,"%04d !SEND ERROR %d (%d) binding socket", sock, i, ERROR_VALUE);
@@ -4279,12 +4281,16 @@ void DLLCALL mail_server(void* arg)
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(startup->smtp_port);
- if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ if(startup->smtp_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
result = retry_bind(server_socket,(struct sockaddr *)&server_addr,sizeof(server_addr)
,startup->bind_retry_count,startup->bind_retry_delay,"SMTP Server",lprintf);
- if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ if(startup->smtp_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(TRUE);
+ }
if(result != 0) {
lprintf(LOG_ERR,"%04d %s",server_socket, BIND_FAILURE_HELP);
cleanup(1);
@@ -4326,12 +4332,16 @@ void DLLCALL mail_server(void* arg)
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(startup->pop3_port);
- if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ if(startup->pop3_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
result = retry_bind(pop3_socket,(struct sockaddr *)&server_addr,sizeof(server_addr)
,startup->bind_retry_count,startup->bind_retry_delay,"POP3 Server",lprintf);
- if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ if(startup->pop3_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
if(result != 0) {
lprintf(LOG_ERR,"%04d %s",pop3_socket,BIND_FAILURE_HELP);
cleanup(1);
diff --git a/src/sbbs3/main.cpp b/src/sbbs3/main.cpp
index ec511180d9..3b9a8b0711 100644
--- a/src/sbbs3/main.cpp
+++ b/src/sbbs3/main.cpp
@@ -4307,12 +4307,16 @@ void DLLCALL bbs_thread(void* arg)
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(startup->telnet_port);
- if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ if(startup->telnet_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
result = retry_bind(telnet_socket,(struct sockaddr *)&server_addr,sizeof(server_addr)
,startup->bind_retry_count,startup->bind_retry_delay,"Telnet Server",lprintf);
- if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ if(startup->telnet_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(TRUE);
+ }
if(result != 0) {
lprintf(LOG_NOTICE,"%s",BIND_FAILURE_HELP);
cleanup(1);
@@ -4351,12 +4355,16 @@ void DLLCALL bbs_thread(void* arg)
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(startup->rlogin_port);
- if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ if(startup->rlogin_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
result = retry_bind(rlogin_socket,(struct sockaddr *)&server_addr,sizeof(server_addr)
,startup->bind_retry_count,startup->bind_retry_delay,"RLogin Server",lprintf);
- if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ if(startup->rlogin_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(TRUE);
+ }
if(result != 0) {
lprintf(LOG_NOTICE,"%s",BIND_FAILURE_HELP);
cleanup(1);
@@ -4439,12 +4447,16 @@ void DLLCALL bbs_thread(void* arg)
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(startup->ssh_port);
- if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ if(startup->ssh_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
result = retry_bind(ssh_socket,(struct sockaddr *)&server_addr,sizeof(server_addr)
,startup->bind_retry_count,startup->bind_retry_delay,"SSH Server",lprintf);
- if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ if(startup->ssh_port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(TRUE);
+ }
if(result != 0) {
lprintf(LOG_NOTICE,"%s",BIND_FAILURE_HELP);
cleanup(1);
diff --git a/src/sbbs3/services.c b/src/sbbs3/services.c
index a018e58317..9313720905 100644
--- a/src/sbbs3/services.c
+++ b/src/sbbs3/services.c
@@ -1772,12 +1772,16 @@ void DLLCALL services_thread(void* arg)
addr.sin_family = AF_INET;
addr.sin_port = htons(service[i].port);
- if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ if(service[i].port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
result=retry_bind(socket, (struct sockaddr *) &addr, sizeof(addr)
,startup->bind_retry_count, startup->bind_retry_delay, service[i].protocol, lprintf);
- if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ if(service[i].port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(TRUE);
+ }
if(result!=0) {
lprintf(LOG_ERR,"%04d %s",socket,BIND_FAILURE_HELP);
close_socket(socket);
diff --git a/src/sbbs3/websrvr.c b/src/sbbs3/websrvr.c
index f202c2bb57..532616d0be 100644
--- a/src/sbbs3/websrvr.c
+++ b/src/sbbs3/websrvr.c
@@ -4940,12 +4940,16 @@ void DLLCALL web_server(void* arg)
server_addr.sin_family = AF_INET;
server_addr.sin_port = htons(startup->port);
- if(startup->seteuid!=NULL)
- startup->seteuid(FALSE);
+ if(startup->port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(FALSE);
+ }
result = retry_bind(server_socket,(struct sockaddr *)&server_addr,sizeof(server_addr)
,startup->bind_retry_count,startup->bind_retry_delay,"Web Server",lprintf);
- if(startup->seteuid!=NULL)
- startup->seteuid(TRUE);
+ if(startup->port < IPPORT_RESERVED) {
+ if(startup->seteuid!=NULL)
+ startup->seteuid(TRUE);
+ }
if(result != 0) {
lprintf(LOG_NOTICE,"%s",BIND_FAILURE_HELP);
cleanup(1);
--
GitLab