Date: Wed, 19 Oct 2016 21:07:17 +0000 (UTC) From: Ed Maste <emaste@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r307658 - head/sbin/md5 Message-ID: <201610192107.u9JL7HOx043013@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: emaste Date: Wed Oct 19 21:07:17 2016 New Revision: 307658 URL: https://svnweb.freebsd.org/changeset/base/307658 Log: md5: enter capability on last fd or when acting as a filter Reviewed by: allanjude, cem MFC after: 2 months Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D8271 Modified: head/sbin/md5/md5.c Modified: head/sbin/md5/md5.c ============================================================================== --- head/sbin/md5/md5.c Wed Oct 19 21:01:24 2016 (r307657) +++ head/sbin/md5/md5.c Wed Oct 19 21:07:17 2016 (r307658) @@ -21,8 +21,10 @@ __FBSDID("$FreeBSD$"); #include <sys/types.h> +#include <sys/capsicum.h> #include <sys/time.h> #include <sys/resource.h> +#include <capsicum_helpers.h> #include <err.h> #include <md5.h> #include <ripemd.h> @@ -74,7 +76,7 @@ typedef struct Algorithm_t { DIGEST_Update *Update; DIGEST_End *End; char *(*Data)(const void *, unsigned int, char *); - char *(*File)(const char *, char *); + char *(*Fd)(int, char *); } Algorithm_t; static void MD5_Update(MD5_CTX *, const unsigned char *, size_t); @@ -106,34 +108,34 @@ typedef union { static const struct Algorithm_t Algorithm[] = { { "md5", "MD5", &MD5TestOutput, (DIGEST_Init*)&MD5Init, (DIGEST_Update*)&MD5_Update, (DIGEST_End*)&MD5End, - &MD5Data, &MD5File }, + &MD5Data, &MD5Fd }, { "sha1", "SHA1", &SHA1_TestOutput, (DIGEST_Init*)&SHA1_Init, (DIGEST_Update*)&SHA1_Update, (DIGEST_End*)&SHA1_End, - &SHA1_Data, &SHA1_File }, + &SHA1_Data, &SHA1_Fd }, { "sha256", "SHA256", &SHA256_TestOutput, (DIGEST_Init*)&SHA256_Init, (DIGEST_Update*)&SHA256_Update, (DIGEST_End*)&SHA256_End, - &SHA256_Data, &SHA256_File }, + &SHA256_Data, &SHA256_Fd }, { "sha384", "SHA384", &SHA384_TestOutput, (DIGEST_Init*)&SHA384_Init, (DIGEST_Update*)&SHA384_Update, (DIGEST_End*)&SHA384_End, - &SHA384_Data, &SHA384_File }, + &SHA384_Data, &SHA384_Fd }, { "sha512", "SHA512", &SHA512_TestOutput, (DIGEST_Init*)&SHA512_Init, (DIGEST_Update*)&SHA512_Update, (DIGEST_End*)&SHA512_End, - &SHA512_Data, &SHA512_File }, + &SHA512_Data, &SHA512_Fd }, { "sha512t256", "SHA512t256", &SHA512t256_TestOutput, (DIGEST_Init*)&SHA512_256_Init, (DIGEST_Update*)&SHA512_256_Update, (DIGEST_End*)&SHA512_256_End, - &SHA512_256_Data, &SHA512_256_File }, + &SHA512_256_Data, &SHA512_256_Fd }, { "rmd160", "RMD160", &RIPEMD160_TestOutput, (DIGEST_Init*)&RIPEMD160_Init, (DIGEST_Update*)&RIPEMD160_Update, - (DIGEST_End*)&RIPEMD160_End, &RIPEMD160_Data, &RIPEMD160_File }, + (DIGEST_End*)&RIPEMD160_End, &RIPEMD160_Data, &RIPEMD160_Fd }, { "skein256", "Skein256", &SKEIN256_TestOutput, (DIGEST_Init*)&SKEIN256_Init, (DIGEST_Update*)&SKEIN256_Update, - (DIGEST_End*)&SKEIN256_End, &SKEIN256_Data, &SKEIN256_File }, + (DIGEST_End*)&SKEIN256_End, &SKEIN256_Data, &SKEIN256_Fd }, { "skein512", "Skein512", &SKEIN512_TestOutput, (DIGEST_Init*)&SKEIN512_Init, (DIGEST_Update*)&SKEIN512_Update, - (DIGEST_End*)&SKEIN512_End, &SKEIN512_Data, &SKEIN512_File }, + (DIGEST_End*)&SKEIN512_End, &SKEIN512_Data, &SKEIN512_Fd }, { "skein1024", "Skein1024", &SKEIN1024_TestOutput, (DIGEST_Init*)&SKEIN1024_Init, (DIGEST_Update*)&SKEIN1024_Update, - (DIGEST_End*)&SKEIN1024_End, &SKEIN1024_Data, &SKEIN1024_File } + (DIGEST_End*)&SKEIN1024_End, &SKEIN1024_Data, &SKEIN1024_Fd } }; static void @@ -154,7 +156,8 @@ Arguments (may be any combination): int main(int argc, char *argv[]) { - int ch; + cap_rights_t rights; + int ch, fd; char *p; char buf[HEX_DIGEST_LENGTH]; int failed; @@ -206,10 +209,30 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; + if (caph_limit_stdout() < 0 || caph_limit_stderr() < 0) + err(1, "unable to limit rights for stdio"); + if (*argv) { do { - p = Algorithm[digest].File(*argv, buf); - if (!p) { + if ((fd = open(*argv, O_RDONLY)) < 0) { + warn("%s", *argv); + failed++; + continue; + } + /* + * XXX Enter capability mode on the last argv file. + * When a casper file service or other approach is + * available, switch to that and enter capability mode + * earlier. + */ + if (*(argv + 1) == NULL) { + cap_rights_init(&rights, CAP_READ); + if ((cap_rights_limit(fd, &rights) < 0 && + errno != ENOSYS) || + (cap_enter() < 0 && errno != ENOSYS)) + err(1, "capsicum"); + } + if ((p = Algorithm[digest].Fd(fd, buf)) == NULL) { warn("%s", *argv); failed++; } else { @@ -229,8 +252,12 @@ main(int argc, char *argv[]) printf("\n"); } } while (*++argv); - } else if (!sflag && (optind == 1 || qflag || rflag)) + } else if (!sflag && (optind == 1 || qflag || rflag)) { + if (caph_limit_stdin() < 0 || + (cap_enter() < 0 && errno != ENOSYS)) + err(1, "capsicum"); MDFilter(&Algorithm[digest], 0); + } if (failed != 0) return (1);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201610192107.u9JL7HOx043013>