*
* @APPLE_APACHE_LICENSE_HEADER_END@
*/
+#include "config.h"
+#if HAVE_SECURITY
#include <Security/Authorization.h>
#include <Security/AuthorizationTags.h>
#include <Security/AuthSession.h>
+#endif
#include <sys/types.h>
#include <sys/select.h>
#include <sys/event.h>
#include "launch.h"
-#if __GNUC__ >= 4
+#if __GNUC__ >= 4 && HAVE_SECURITY
OSStatus SessionCreate(SessionCreationFlags flags, SessionAttributeBits attributes) __attribute__((weak));
#endif
static void find_fds(launch_data_t o, const char *key __attribute__((unused)), void *context __attribute__((unused)))
{
- struct kevent kev;
- size_t i;
+ struct kevent kev;
+ size_t i;
int fd;
- switch (launch_data_get_type(o)) {
- case LAUNCH_DATA_FD:
+ switch (launch_data_get_type(o)) {
+ case LAUNCH_DATA_FD:
fd = launch_data_get_fd(o);
if (-1 == fd)
break;
EV_SET(&kev, fd, EVFILT_READ, EV_ADD, 0, 0, NULL);
if (kevent(kq, &kev, 1, NULL, 0, NULL) == -1)
syslog(LOG_DEBUG, "kevent(%d): %m", fd);
- break;
- case LAUNCH_DATA_ARRAY:
- for (i = 0; i < launch_data_array_get_count(o); i++)
- find_fds(launch_data_array_get_index(o, i), NULL, NULL);
- break;
- case LAUNCH_DATA_DICTIONARY:
- launch_data_dict_iterate(o, find_fds, NULL);
- break;
- default:
- break;
- }
+ break;
+ case LAUNCH_DATA_ARRAY:
+ for (i = 0; i < launch_data_array_get_count(o); i++)
+ find_fds(launch_data_array_get_index(o, i), NULL, NULL);
+ break;
+ case LAUNCH_DATA_DICTIONARY:
+ launch_data_dict_iterate(o, find_fds, NULL);
+ break;
+ default:
+ break;
+ }
}
int main(int argc __attribute__((unused)), char *argv[])
{
struct timespec timeout = { 10, 0 };
struct sockaddr_storage ss;
- socklen_t slen = sizeof(ss);
+ socklen_t slen = (socklen_t)sizeof ss;
struct kevent kev;
int r, ec = EXIT_FAILURE;
launch_data_t tmp, resp, msg = launch_data_alloc(LAUNCH_DATA_STRING);
tmp = launch_data_dict_lookup(resp, LAUNCH_JOBKEY_TIMEOUT);
if (tmp)
- timeout.tv_sec = launch_data_get_integer(tmp);
+ timeout.tv_sec = (int)launch_data_get_integer(tmp);
tmp = launch_data_dict_lookup(resp, LAUNCH_JOBKEY_PROGRAM);
if (tmp)
}
if (w) {
- dup2(kev.ident, STDIN_FILENO);
+ dup2((int)kev.ident, STDIN_FILENO);
if (dupstdout)
- dup2(kev.ident, STDOUT_FILENO);
+ dup2((int)kev.ident, STDOUT_FILENO);
if (dupstderr)
- dup2(kev.ident, STDERR_FILENO);
+ dup2((int)kev.ident, STDERR_FILENO);
execv(prog, argv + 1);
syslog(LOG_ERR, "execv(): %m");
exit(EXIT_FAILURE);
}
- if ((r = accept(kev.ident, (struct sockaddr *)&ss, &slen)) == -1) {
+ if ((r = accept((int)kev.ident, (struct sockaddr *)&ss, &slen)) == -1) {
if (errno == EWOULDBLOCK)
continue;
- syslog(LOG_DEBUG, "accept(): %m");
+ syslog(LOG_WARNING, "accept(): %m");
goto out;
} else {
- char fromhost[NI_MAXHOST];
- char fromport[NI_MAXSERV];
- int gni_r;
-
- gni_r = getnameinfo((struct sockaddr *)&ss, slen,
- fromhost, sizeof(fromhost),
- fromport, sizeof(fromport),
- NI_NUMERICHOST | NI_NUMERICSERV);
-
- if (gni_r) {
- syslog(LOG_WARNING, "%s: getnameinfo(): %s", prog, gai_strerror(gni_r));
+ if (ss.ss_family == AF_INET || ss.ss_family == AF_INET6) {
+ char fromhost[NI_MAXHOST];
+ char fromport[NI_MAXSERV];
+ int gni_r;
+
+ gni_r = getnameinfo((struct sockaddr *)&ss, slen,
+ fromhost, (socklen_t) sizeof fromhost,
+ fromport, (socklen_t) sizeof fromport,
+ NI_NUMERICHOST | NI_NUMERICSERV);
+
+ if (gni_r) {
+ syslog(LOG_WARNING, "%s: getnameinfo(): %s", prog, gai_strerror(gni_r));
+ } else {
+ syslog(LOG_INFO, "%s: Connection from: %s on port: %s", prog, fromhost, fromport);
+ }
} else {
- syslog(LOG_INFO, "%s: Connection from: %s on port: %s", prog, fromhost, fromport);
+ syslog(LOG_WARNING, "%s: getnameinfo() only supports IPv4/IPv6. Connection from address family: %u", prog, ss.ss_family);
}
switch (fork()) {
case -1:
syslog(LOG_WARNING, "fork(): %m");
+ if( errno != ENOMEM ) {
+ continue;
+ }
goto out;
case 0:
break;
continue;
}
+ setpgid(0, 0);
+
+#if HAVE_SECURITY
if ((tmp = launch_data_dict_lookup(resp, LAUNCH_JOBKEY_SESSIONCREATE)) && launch_data_get_bool(tmp)) {
if (SessionCreate) {
OSStatus scr = SessionCreate(0, 0);
syslog(LOG_NOTICE, "%s: SessionCreate == NULL!", prog);
}
}
+#endif
fcntl(r, F_SETFL, 0);
+ fcntl(r, F_SETFD, 1);
dup2(r, STDIN_FILENO);
if (dupstdout)
dup2(r, STDOUT_FILENO);
projects / apple / launchd.git / blobdiff