1 /*
2 * libwebsockets - small server side websockets and web server implementation
3 *
4 * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to
8 * deal in the Software without restriction, including without limitation the
9 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10 * sell copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
22 * IN THE SOFTWARE.
23 */
24
25 #if !defined(_GNU_SOURCE)
26 #define _GNU_SOURCE
27 #endif
28 #include "private-lib-core.h"
29
30 #include <pwd.h>
31 #include <grp.h>
32
33 #if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
34 static void
_lws_plat_apply_caps(unsigned int mode,const cap_value_t * cv,int count)35 _lws_plat_apply_caps(unsigned int mode, const cap_value_t *cv, int count)
36 {
37 cap_t caps;
38
39 if (!count)
40 return;
41
42 caps = cap_get_proc();
43
44 cap_set_flag(caps, (cap_flag_t)mode, count, cv, CAP_SET);
45 cap_set_proc(caps);
46 prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0);
47 cap_free(caps);
48 }
49 #endif
50
51 int
lws_plat_user_colon_group_to_ids(const char * u_colon_g,uid_t * puid,gid_t * pgid)52 lws_plat_user_colon_group_to_ids(const char *u_colon_g, uid_t *puid, gid_t *pgid)
53 {
54 char *colon = strchr(u_colon_g, ':'), u[33];
55 struct group *g;
56 struct passwd *p;
57 size_t ulen;
58
59 if (!colon)
60 return 1;
61
62 ulen = (size_t)(unsigned int)lws_ptr_diff(colon, u_colon_g);
63 if (ulen < 2 || ulen > sizeof(u) - 1)
64 return 1;
65
66 memcpy(u, u_colon_g, ulen);
67 u[ulen] = '\0';
68
69 colon++;
70
71 #if defined(LWS_HAVE_GETGRNAM_R)
72 {
73 struct group gr;
74 char strs[1024];
75
76 if (getgrnam_r(colon, &gr, strs, sizeof(strs), &g) || !g) {
77 #else
78 {
79 g = getgrnam(colon);
80 if (!g) {
81 #endif
82 lwsl_err("%s: unknown group '%s'\n", __func__, colon);
83
84 return 1;
85 }
86 *pgid = g->gr_gid;
87 }
88
89 #if defined(LWS_HAVE_GETPWNAM_R)
90 {
91 struct passwd pr;
92 char strs[1024];
93
94 if (getpwnam_r(u, &pr, strs, sizeof(strs), &p) || !p) {
95 #else
96 {
97 p = getpwnam(u);
98 if (!p) {
99 #endif
100 lwsl_err("%s: unknown user '%s'\n", __func__, u);
101
102 return 1;
103 }
104 *puid = p->pw_uid;
105 }
106
107 return 0;
108 }
109
110 int
111 lws_plat_drop_app_privileges(struct lws_context *context, int actually_drop)
112 {
113 struct passwd *p;
114 struct group *g;
115
116 /* if he gave us the groupname, align gid to match it */
117
118 if (context->groupname) {
119 #if defined(LWS_HAVE_GETGRNAM_R)
120 struct group gr;
121 char strs[1024];
122
123 if (!getgrnam_r(context->groupname, &gr, strs, sizeof(strs), &g) && g) {
124 #else
125 g = getgrnam(context->groupname);
126 if (g) {
127 #endif
128 lwsl_cx_info(context, "group %s -> gid %u",
129 context->groupname, g->gr_gid);
130 context->gid = g->gr_gid;
131 } else {
132 lwsl_cx_err(context, "unknown groupname '%s'",
133 context->groupname);
134
135 return 1;
136 }
137 }
138
139 /* if he gave us the username, align uid to match it */
140
141 if (context->username) {
142 #if defined(LWS_HAVE_GETPWNAM_R)
143 struct passwd pr;
144 char strs[1024];
145
146 if (!getpwnam_r(context->username, &pr, strs, sizeof(strs), &p) && p) {
147 #else
148 p = getpwnam(context->username);
149 if (p) {
150 #endif
151 context->uid = p->pw_uid;
152
153 lwsl_cx_info(context, "username %s -> uid %u",
154 context->username, (unsigned int)p->pw_uid);
155 } else {
156 lwsl_cx_err(context, "unknown username %s",
157 context->username);
158
159 return 1;
160 }
161 }
162
163 if (!actually_drop)
164 return 0;
165
166 /* if he gave us the gid or we have it from the groupname, set it */
167
168 if (context->gid && context->gid != (gid_t)-1l) {
169 #if defined(LWS_HAVE_GETGRGID_R)
170 struct group gr;
171 char strs[1024];
172
173 if (getgrgid_r(context->gid, &gr, strs, sizeof(strs), &g) || !g) {
174 #else
175 g = getgrgid(context->gid);
176 if (!g) {
177 #endif
178 lwsl_cx_err(context, "cannot find name for gid %d",
179 context->gid);
180
181 return 1;
182 }
183
184 if (setgid(context->gid)) {
185 lwsl_cx_err(context, "setgid: %s failed",
186 strerror(LWS_ERRNO));
187
188 return 1;
189 }
190
191 lwsl_cx_notice(context, "effective group '%s'", g->gr_name);
192 } else
193 lwsl_cx_info(context, "not changing group");
194
195
196 /* if he gave us the uid or we have it from the username, set it */
197
198 if (context->uid && context->uid != (uid_t)-1l) {
199 #if defined(LWS_HAVE_GETPWUID_R)
200 struct passwd pr;
201 char strs[1024];
202
203 if (getpwuid_r(context->uid, &pr, strs, sizeof(strs), &p) || !p) {
204 #else
205 p = getpwuid(context->uid);
206 if (!p) {
207 #endif
208 lwsl_cx_err(context, "getpwuid: unable to find uid %d",
209 context->uid);
210 return 1;
211 }
212
213 #if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
214 _lws_plat_apply_caps(CAP_PERMITTED, context->caps,
215 context->count_caps);
216 #endif
217
218 if (initgroups(p->pw_name,
219 #if defined(__APPLE__)
220 (int)
221 #endif
222 context->gid))
223 return 1;
224
225 if (setuid(context->uid)) {
226 lwsl_cx_err(context, "setuid: %s failed",
227 strerror(LWS_ERRNO));
228
229 return 1;
230 } else
231 lwsl_cx_notice(context, "effective user '%s'",
232 p->pw_name);
233
234 #if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
235 _lws_plat_apply_caps(CAP_EFFECTIVE, context->caps,
236 context->count_caps);
237
238 if (context->count_caps) {
239 int n;
240 for (n = 0; n < context->count_caps; n++)
241 lwsl_cx_notice(context, " RETAINING CAP %d",
242 (int)context->caps[n]);
243 }
244 #endif
245 } else
246 lwsl_cx_info(context, "not changing user");
247
248 return 0;
249 }
250