Under Linux, a process may not be run under root, yet it may have a permission
to do what a superuser may do given specific capabilities are granted.
This commit makes iodine not depend on EUID being 0 in order to run
properly. Instead, in presence of libcap-ng, the following capabilities
are being checked:
* `CAP_NET_BIND_SERVICES` for server to bind to a port, lower than
`/proc/sys/net/ipv4/ip_unprivileged_port_start`
* `CAP_NET_ADMIN` to operate on a TUN device
* `CAP_SETUID` and `CAP_SETGID` in case server is configured to change
the user it runs on behalf of
This change is handy if iodine is being run under a non-root user, provided
`AmbientCapabilities=` and `CapabilityBoundingSet=` of systemd are employed
in the first place.
Fixes: https://github.com/yarrick/iodine/issues/80
Signed-off-by: Oleksandr Natalenko <oleksandr@redhat.com>
It's a preparatory commit to reflect upcoming changes in how
capabilities are checked under Linux in presence of libcap-ng.
No functional change.
Signed-off-by: Oleksandr Natalenko <oleksandr@redhat.com>
Getting warning compiling for Android:
./util.c:35:6: warning: variable 'rv' is used uninitialized whenever 'if' condition is false [-Wsometimes-uninitialized]
if (sscanf(buf, "%15s", addr) == 1)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./util.c:79:9: note: uninitialized use occurs here
return rv;
^~
Found by clang:
client.c:1276:26: warning: the value of the size argument in 'strncat' is too large, might lead to a buffer overflow [-Wstrncat-size]
strncat(buf, topdomain, sizeof(buf) - strlen(buf));
^~~~~~~~~~~~~~~~~~~~~~~~~
The destination field in struct query was changed from in_addr_t to
struct sockaddr_storage, wihtout updating the functions sending it
in src/dns.c.
Only add extra A answer for NS queries if destination refers to an
IPv4 address, and fail if trying to encode a reply to an A query
if destination is not IPv4.
This means NS requests received over IPv6 will not contain an address
and A requests will be ignored, unless the -n option is used, or the
www subdomain is requested which sets a fixed address (127.0.0.1).
src/osflags hard codes the build architecture pkg-config. After making it
substitutable and substituting it from the build environment, iodine cross
builds successfully.
Original patch from Helmut Grohne <helmut@subdivi.de> in
https://bugs.debian.org/921822, adjusted to Git HEAD.
