From: Art Cancro Date: Sun, 13 Jul 2003 04:58:35 +0000 (+0000) Subject: * Allow connect on unix domain sockets to Citadels in other directories X-Git-Tag: v7.86~5822 X-Git-Url: https://code.citadel.org/?a=commitdiff_plain;h=26485d3a8d0d8274a878a85c89f1675c23347fac;p=citadel.git * Allow connect on unix domain sockets to Citadels in other directories * sendcommand now uses unix domain sockets instead of the network * Do not allow IPGM command to run on the network -- unix domain sockets only --- diff --git a/citadel/ChangeLog b/citadel/ChangeLog index 41cdfc957..f46dbf7a2 100644 --- a/citadel/ChangeLog +++ b/citadel/ChangeLog @@ -1,4 +1,9 @@ $Log$ + Revision 607.20 2003/07/13 04:58:35 ajc + * Allow connect on unix domain sockets to Citadels in other directories + * sendcommand now uses unix domain sockets instead of the network + * Do not allow IPGM command to run on the network -- unix domain sockets only + Revision 607.19 2003/07/11 22:33:02 ajc * Ignore comments in public_clients file @@ -4848,4 +4853,3 @@ Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant Fri Jul 10 1998 Art Cancro * Initial CVS import - diff --git a/citadel/citadel_ipc.c b/citadel/citadel_ipc.c index f69d4be05..ebc6e1936 100644 --- a/citadel/citadel_ipc.c +++ b/citadel/citadel_ipc.c @@ -1,13 +1,5 @@ /* $Id$ */ -#define UDS "_UDS_" -#ifdef __CYGWIN__ -#define DEFAULT_HOST "localhost" -#else -#define DEFAULT_HOST UDS -#endif -#define DEFAULT_PORT "citadel" - #include "sysdep.h" #if TIME_WITH_SYS_TIME # include @@ -2854,7 +2846,14 @@ CtdlIPC* CtdlIPC_new(int argc, char **argv, char *hostbuf, char *portbuf) /* If we're using a unix domain socket we can do a bunch of stuff */ if (!strcmp(cithost, UDS)) { - snprintf(sockpath, sizeof sockpath, BBSDIR "/citadel.socket"); + if (!strcasecmp(citport, DEFAULT_PORT)) { + snprintf(sockpath, sizeof sockpath, "%s%s", + BBSDIR, "/citadel.socket"); + } + else { + snprintf(sockpath, sizeof sockpath, "%s%s", + citport, "/citadel.socket"); + } ipc->sock = uds_connectsock(&(ipc->isLocal), sockpath); if (ipc->sock == -1) { ifree(ipc); diff --git a/citadel/citadel_ipc.h b/citadel/citadel_ipc.h index df0f90e98..bbda4ff87 100644 --- a/citadel/citadel_ipc.h +++ b/citadel/citadel_ipc.h @@ -1,5 +1,13 @@ /* $Id$ */ +#define UDS "_UDS_" +#ifdef __CYGWIN__ +#define DEFAULT_HOST "localhost" +#else +#define DEFAULT_HOST UDS +#endif +#define DEFAULT_PORT "citadel" + #include "sysdep.h" #ifdef HAVE_PTHREAD_H #include diff --git a/citadel/citserver.c b/citadel/citserver.c index 876c2d5c8..04c37ef63 100644 --- a/citadel/citserver.c +++ b/citadel/citserver.c @@ -761,6 +761,15 @@ void cmd_ipgm(char *argbuf) { int secret; + /* For security reasons, we do NOT allow this command to run + * over the network. Local sockets only. + */ + if (!CC->is_local_socket) { + sleep(5); + cprintf("%d Authentication failed.\n",ERROR); + return; + } + secret = extract_int(argbuf, 0); if (secret == config.c_ipgm_secret) { CC->internal_pgm = 1; diff --git a/citadel/sendcommand.c b/citadel/sendcommand.c index 599655dd7..8bbed185d 100644 --- a/citadel/sendcommand.c +++ b/citadel/sendcommand.c @@ -110,8 +110,8 @@ void np_attach_to_server(void) {"sendcommand", NULL}; int r; - strcpy(hostbuf, "localhost"); - strcpy(portbuf, "citadel"); + strcpy(hostbuf, UDS); /* Only run on a unix domain socket */ + strcpy(portbuf, "."); /* IPGM will refuse to run on the network */ fprintf(stderr, "Attaching to server...\n"); ipc = CtdlIPC_new(1, args, hostbuf, portbuf); CtdlIPC_getline(ipc, buf);