diff options
author | Chia-chi Yeh <chiachi@android.com> | 2011-07-19 18:29:16 -0700 |
---|---|---|
committer | Chia-chi Yeh <chiachi@android.com> | 2011-07-19 18:39:34 -0700 |
commit | a9a07aca7cd1e611f2d73582f20623cd62b917ba (patch) | |
tree | 8d307c80b45a1ed28de65bdfff18cd31bde6969d | |
parent | d30604685e6cc1fa878806ae590dcd1fc9d43f91 (diff) | |
download | ipsec-tools-a9a07aca7cd1e611f2d73582f20623cd62b917ba.tar.gz |
ipsec-tools: slightly improve the security.
If racoon is running as a service, do not trust
the script passed from the control socket.
Change-Id: I8e0115848cd4fa865d68452c9ecab20f6eac0921
-rw-r--r-- | main.c | 5 | ||||
-rw-r--r-- | setup.c | 6 |
2 files changed, 7 insertions, 4 deletions
@@ -92,12 +92,12 @@ static int android_get_control_and_arguments(int *argc, char ***argv) return control; } -void android_setenv(char **envp) +const char *android_hook(char **envp) { struct ifreq ifr = {.ifr_flags = IFF_TUN}; int tun = open("/dev/tun", 0); - /* Android does not support INTERNAL_WINS4_LIST, so we just replace it. */ + /* Android does not support INTERNAL_WINS4_LIST, so we just use it. */ while (*envp && strncmp(*envp, "INTERNAL_WINS4_LIST=", 20)) { ++envp; } @@ -110,6 +110,7 @@ void android_setenv(char **envp) exit(1); } sprintf(*envp, "INTERFACE=%s", ifr.ifr_name); + return "/etc/ppp/ip-up-vpn"; } #endif @@ -554,7 +554,7 @@ static char *get_env(char * const *envp, char *key) } static int skip_script = 0; -extern void android_setenv(char **envp); +extern const char *android_hook(char **envp); int privsep_script_exec(char *script, int name, char * const *envp) { @@ -572,7 +572,9 @@ int privsep_script_exec(char *script, int name, char * const *envp) if (addr4 && local && remote) { #ifdef ANDROID_CHANGES - android_setenv((char **)envp); + if (pname) { + script = (char *)android_hook((char **)envp); + } #endif spdadd(addr4, NULL, IPPROTO_IP, local, remote); } else { |