mirror of
https://github.com/yarrick/iodine.git
synced 2024-11-27 12:05:15 +00:00
chroot
This commit is contained in:
parent
ccae5695c0
commit
b7dc8a3779
28
iodine.c
28
iodine.c
@ -105,14 +105,16 @@ extern char *__progname;
|
|||||||
|
|
||||||
static void
|
static void
|
||||||
usage() {
|
usage() {
|
||||||
printf("Usage: %s [-v] [-h] [-f] [-u user] nameserver topdomain\n", __progname);
|
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] "
|
||||||
|
"nameserver topdomain\n", __progname);
|
||||||
exit(2);
|
exit(2);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
help() {
|
help() {
|
||||||
printf("iodine IP over DNS tunneling client\n");
|
printf("iodine IP over DNS tunneling client\n");
|
||||||
printf("Usage: %s [-v] [-h] [-f] [-u user] nameserver topdomain\n", __progname);
|
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] "
|
||||||
|
"nameserver topdomain\n", __progname);
|
||||||
printf(" -f is to keep running in foreground\n");
|
printf(" -f is to keep running in foreground\n");
|
||||||
printf(" -u name to drop privileges and run as user 'name'\n");
|
printf(" -u name to drop privileges and run as user 'name'\n");
|
||||||
exit(0);
|
exit(0);
|
||||||
@ -129,17 +131,18 @@ version() {
|
|||||||
int
|
int
|
||||||
main(int argc, char **argv)
|
main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
|
int choice;
|
||||||
int tun_fd;
|
int tun_fd;
|
||||||
int dns_fd;
|
int dns_fd;
|
||||||
int choice;
|
char *newroot;
|
||||||
char *username;
|
char *username;
|
||||||
struct passwd *pw;
|
|
||||||
int foreground;
|
int foreground;
|
||||||
|
struct passwd *pw;
|
||||||
|
|
||||||
username = NULL;
|
username = NULL;
|
||||||
foreground = 0;
|
foreground = 0;
|
||||||
|
|
||||||
while ((choice = getopt(argc, argv, "vfhu:")) != -1) {
|
while ((choice = getopt(argc, argv, "vfhu:t:")) != -1) {
|
||||||
switch(choice) {
|
switch(choice) {
|
||||||
case 'v':
|
case 'v':
|
||||||
version();
|
version();
|
||||||
@ -153,9 +156,12 @@ main(int argc, char **argv)
|
|||||||
case 'u':
|
case 'u':
|
||||||
username = optarg;
|
username = optarg;
|
||||||
break;
|
break;
|
||||||
|
case 't':
|
||||||
|
newroot = optarg;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
usage();
|
usage();
|
||||||
break;
|
/* NOTREACHED */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -167,9 +173,8 @@ main(int argc, char **argv)
|
|||||||
argc -= optind;
|
argc -= optind;
|
||||||
argv += optind;
|
argv += optind;
|
||||||
|
|
||||||
if (argc != 2) {
|
if (argc != 2)
|
||||||
usage();
|
usage();
|
||||||
}
|
|
||||||
|
|
||||||
if(username) {
|
if(username) {
|
||||||
pw = getpwnam(username);
|
pw = getpwnam(username);
|
||||||
@ -183,6 +188,13 @@ main(int argc, char **argv)
|
|||||||
dns_fd = open_dns(argv[0], argv[1]);
|
dns_fd = open_dns(argv[0], argv[1]);
|
||||||
|
|
||||||
signal(SIGINT, sigint);
|
signal(SIGINT, sigint);
|
||||||
|
|
||||||
|
if (newroot) {
|
||||||
|
if (chroot(newroot) != 0 || chdir("/") != 0)
|
||||||
|
err(1, "%s", newroot);
|
||||||
|
seteuid(geteuid());
|
||||||
|
setuid(getuid());
|
||||||
|
}
|
||||||
|
|
||||||
if (!foreground) {
|
if (!foreground) {
|
||||||
daemon(0, 0);
|
daemon(0, 0);
|
||||||
|
27
iodined.c
27
iodined.c
@ -108,14 +108,15 @@ extern char *__progname;
|
|||||||
|
|
||||||
static void
|
static void
|
||||||
usage() {
|
usage() {
|
||||||
printf("Usage: %s [-v] [-h] [-f] [-u user] topdomain\n", __progname);
|
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] topdomain\n", __progname);
|
||||||
exit(2);
|
exit(2);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
help() {
|
help() {
|
||||||
printf("iodine IP over DNS tunneling server\n");
|
printf("iodine IP over DNS tunneling server\n");
|
||||||
printf("Usage: %s [-v] [-h] [-f] [-u user] topdomain\n", __progname);
|
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] "
|
||||||
|
"topdomain\n", __progname);
|
||||||
printf(" -f to keep running in foreground\n");
|
printf(" -f to keep running in foreground\n");
|
||||||
printf(" -u name to drop privileges and run as user 'name'\n");
|
printf(" -u name to drop privileges and run as user 'name'\n");
|
||||||
exit(0);
|
exit(0);
|
||||||
@ -132,17 +133,18 @@ version() {
|
|||||||
int
|
int
|
||||||
main(int argc, char **argv)
|
main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
|
int choice;
|
||||||
int tun_fd;
|
int tun_fd;
|
||||||
int dnsd_fd;
|
int dnsd_fd;
|
||||||
int choice;
|
char *newroot;
|
||||||
char *username;
|
char *username;
|
||||||
struct passwd *pw;
|
|
||||||
int foreground;
|
int foreground;
|
||||||
|
struct passwd *pw;
|
||||||
|
|
||||||
username = NULL;
|
username = NULL;
|
||||||
foreground = 0;
|
foreground = 0;
|
||||||
|
|
||||||
while ((choice = getopt(argc, argv, "vfhu:")) != -1) {
|
while ((choice = getopt(argc, argv, "vfhu:t:")) != -1) {
|
||||||
switch(choice) {
|
switch(choice) {
|
||||||
case 'v':
|
case 'v':
|
||||||
version();
|
version();
|
||||||
@ -156,9 +158,12 @@ main(int argc, char **argv)
|
|||||||
case 'u':
|
case 'u':
|
||||||
username = optarg;
|
username = optarg;
|
||||||
break;
|
break;
|
||||||
|
case 't':
|
||||||
|
newroot = optarg;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
usage();
|
usage();
|
||||||
break;
|
/* NOTREACHED */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -170,9 +175,8 @@ main(int argc, char **argv)
|
|||||||
usage();
|
usage();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (argc != 1) {
|
if (argc != 1)
|
||||||
usage();
|
usage();
|
||||||
}
|
|
||||||
|
|
||||||
if (username) {
|
if (username) {
|
||||||
pw = getpwnam(username);
|
pw = getpwnam(username);
|
||||||
@ -185,6 +189,13 @@ main(int argc, char **argv)
|
|||||||
tun_fd = open_tun();
|
tun_fd = open_tun();
|
||||||
dnsd_fd = open_dnsd(argv[0]);
|
dnsd_fd = open_dnsd(argv[0]);
|
||||||
|
|
||||||
|
if (newroot) {
|
||||||
|
if (chroot(newroot) != 0 || chdir("/") != 0)
|
||||||
|
err(1, "%s", newroot);
|
||||||
|
seteuid(geteuid());
|
||||||
|
setuid(getuid());
|
||||||
|
}
|
||||||
|
|
||||||
if (!foreground) {
|
if (!foreground) {
|
||||||
daemon(0, 0);
|
daemon(0, 0);
|
||||||
umask(0);
|
umask(0);
|
||||||
|
Loading…
Reference in New Issue
Block a user