socsvn commit: r257100 - soc2013/dpl/head/contrib/xz/src/xz

dpl at FreeBSD.org dpl at FreeBSD.org
Sat Sep 7 20:44:42 UTC 2013 

Author: dpl
Date: Sat Sep  7 20:44:42 2013
New Revision: 257100
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=257100

Log:
  Updated xz to cope with the new Capsicum interface.
  

Modified:
  soc2013/dpl/head/contrib/xz/src/xz/file_io.c
  soc2013/dpl/head/contrib/xz/src/xz/file_io.h
  soc2013/dpl/head/contrib/xz/src/xz/main.c

Modified: soc2013/dpl/head/contrib/xz/src/xz/file_io.c
==============================================================================
--- soc2013/dpl/head/contrib/xz/src/xz/file_io.c	Sat Sep  7 19:43:39 2013	(r257099)
+++ soc2013/dpl/head/contrib/xz/src/xz/file_io.c	Sat Sep  7 20:44:42 2013	(r257100)
@@ -1013,42 +1013,27 @@
 		if( opt_mode != MODE_TEST )
 			io_open_dest(pairs[i]);
 #if defined(CAPSICUM)
-		limitfd(pairs[i]);
+		limitpair(pairs[i]);
 #endif
 	}
 	return pairs;
 }
 
 #if defined(CAPSICUM)
+void limitfd(int, unsigned long long);
+
 extern void
-limitfd(file_pair *pair)
+limitpair(file_pair *pair)
 {
-	cap_rights_t rights;
+	if(pair->dir_fd != -1 )
+		limitfd(pair->dir_fd, CAP_FSTATAT|CAP_UNLINKAT|CAP_LOOKUP);
 
-	if(pair->dir_fd != -1 ){
-		rights = CAP_FSTATAT|CAP_UNLINKAT|CAP_LOOKUP;
-		if (cap_rights_limit(pair->dir_fd, rights) < 0 && errno != ENOSYS){
-			message_error("%s: %s", pair->dest_name, strerror(errno));
-			exit(E_ERROR);
-		}
-	}
+	if(pair->src_fd != -1 )
+		limitfd(pair->src_fd, CAP_READ|CAP_SEEK);
 
-	if(pair->src_fd != -1 ){
-		rights = CAP_READ|CAP_SEEK;
-		if (cap_rights_limit(pair->src_fd, rights) < 0 && errno != ENOSYS){
-			message_error("%s: %s", pair->src_name, strerror(errno));
-			exit(E_ERROR);
-		}
-	}
+	if(pair->dest_fd != -1 )
+		limitfd(pair->dest_fd, CAP_WRITE|CAP_FSTAT|CAP_FCHOWN|CAP_FCHMOD|CAP_FUTIMES);
 
-	if(pair->dest_fd != -1 ){
-		rights = CAP_WRITE|CAP_FSTAT|CAP_FCHOWN 
-				|CAP_FCHMOD|CAP_FUTIMES;
-		if (cap_rights_limit(pair->dest_fd, rights) < 0 && errno != ENOSYS){
-			message_error("%s: %s", pair->dest_name, strerror(errno));
-			exit(E_ERROR);
-		}
-	}
 	return;
 }
 
@@ -1057,36 +1042,35 @@
 {
 	cap_rights_t rights;
 
-	if( cap_rights_get(STDIN_FILENO, &rights) < 0 && errno != ENOSYS) {
-		message_error("%d: %s", STDIN_FILENO, strerror(errno));
-		exit(E_ERROR);
-	} else if (rights == 0) {
-		if (cap_rights_limit(STDIN_FILENO, CAP_WRITE) < 0 && errno != ENOSYS){
-			message_error("%d: %s", STDIN_FILENO, strerror(errno));
-			exit(E_ERROR);
-		}
-	}
+	cap_rights_init(&rights);
+	limitfd( STDIN_FILENO, CAP_READ);
+	limitfd( STDOUT_FILENO, CAP_WRITE);
+	limitfd( STDERR_FILENO, CAP_WRITE);
 
-	if( cap_rights_get(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS) {
-		message_error("%d: %s", STDOUT_FILENO, strerror(errno));
+	if (cap_enter() < 0 && errno != ENOSYS) {
+		message_error("cap_enter: %s", strerror(errno));
 		exit(E_ERROR);
-	} else if (rights == 0) {
-		if (cap_rights_limit(STDOUT_FILENO, CAP_WRITE) < 0 && errno != ENOSYS){
-			message_error("%d: %s", STDOUT_FILENO, strerror(errno));
-			exit(E_ERROR);
-		}
 	}
 
-	if (cap_rights_limit(STDERR_FILENO, CAP_WRITE) < 0 && errno != ENOSYS){
-		message_error("%d: %s", STDERR_FILENO, strerror(errno));
-		exit(E_ERROR);
-	}
+	return;
+}
 
-	if (cap_enter() < 0 && errno != ENOSYS){
-		message_error("cap_enter: %s", strerror(errno));
+void
+limitfd(int fd, unsigned long long cap)
+{
+	cap_rights_t rights;
+
+	cap_rights_init(&rights);
+	cap_rights_set(&rights, cap);
+
+	if( cap_rights_get(fd, &rights) < 0 && errno != ENOSYS) {
+		message_error("%d: %s", fd, strerror(errno));
 		exit(E_ERROR);
+	} else {
+		if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS){
+			message_error("%d: %s", STDIN_FILENO, strerror(errno));
+			exit(E_ERROR);
+		}
 	}
-
-	return;
 }
-#endif
+#endif  /* CAPSICUM */

Modified: soc2013/dpl/head/contrib/xz/src/xz/file_io.h
==============================================================================
--- soc2013/dpl/head/contrib/xz/src/xz/file_io.h	Sat Sep  7 19:43:39 2013	(r257099)
+++ soc2013/dpl/head/contrib/xz/src/xz/file_io.h	Sat Sep  7 20:44:42 2013	(r257100)
@@ -106,7 +106,7 @@
 /// \brief      Limits fd using FreeBSD's Capsicum framework.
 ///
 /// \param      fd    File descriptor to limit.
-extern void limitfd(file_pair *pair);
+extern void limitpair(file_pair *pair);
 
 /// \brief      Enters Capability mode, and limit basic fds.
 extern void capsicum_enter(void);

Modified: soc2013/dpl/head/contrib/xz/src/xz/main.c
==============================================================================
--- soc2013/dpl/head/contrib/xz/src/xz/main.c	Sat Sep  7 19:43:39 2013	(r257099)
+++ soc2013/dpl/head/contrib/xz/src/xz/main.c	Sat Sep  7 20:44:42 2013	(r257100)
@@ -144,6 +144,7 @@
 	int forkpid, i, nfiles=0;
 	//Filenames will be here, and get passed to io_open_files().
 	// If we get past of 8 elements, realloc 8 more. 
+	// XXX check
 	char **files = malloc( 8*sizeof(char*) );
 
 #if defined(_WIN32) && !defined(__CYGWIN__)

More information about the svn-soc-all mailing list