- fix some "issues" with server daemon:

1) drop root id as soon as possible;
2) add a non-daemon mode

Submitted by:	Anders Nor Berle <debolaz@debolaz.com>

3 files changed, 201 insertions, 0 deletions

diff --git a/net/silc-server/files/patch-silcd:server.c b/net/silc-server/files/patch-silcd:server.c
new file mode 100644
index 000000000000..2a94c3781b40
--- /dev/null
+++ b/net/silc-server/files/patch-silcd:server.c
@@ -0,0 +1,121 @@
+--- silcd/server.c.orig	Wed Nov  7 20:15:20 2001
++++ silcd/server.c	Sat Nov 10 12:50:39 2001
+@@ -356,19 +356,42 @@ int silc_server_init(SilcServer server)
+   return FALSE;
+ }
+ 
+-/* Fork server to background and set gid+uid to non-root.
+-   Silcd will not run as root, so trying to set either user or group to
+-   root will cause silcd to exit. */
++/* Fork server to background and set gid+uid to non-root */
+ 
+ void silc_server_daemonise(SilcServer server)
+ {
++  int i;
++
++  i = fork ();
++
++  if (i) {
++    if (i > 0) {
++      if (geteuid())
++        SILC_LOG_DEBUG(("Server started as user"));
++      else
++        SILC_LOG_DEBUG(("Server started as root. Dropping privileges."));
++
++      SILC_LOG_DEBUG(("Forking SILC server to background"));
++      exit(0);
++    } else {
++      SILC_LOG_DEBUG(("fork() failed, cannot proceed"));
++      exit(1);
++    }
++  }
++  setsid();
++}
++
++/* Drop root privligies. If this cannot be done, die. */
++
++void silc_server_drop(SilcServer server)
++{
+   /* Are we executing silcd as root or a regular user? */
+-  if (geteuid()==0) {
+-    
++  if (!geteuid()) {
++
+     struct passwd *pw;
+     struct group *gr;
+     char *user, *group;
+-    
++
+     if (!server->config->identity || !server->config->identity->user || 
+ 	!server->config->identity->group) {
+       fprintf(stderr, "Error:"
+@@ -378,11 +401,11 @@ void silc_server_daemonise(SilcServer se
+        "\tthe server as non-root user.\n");
+       exit(1);
+     }
+-    
++
+     /* Get the values given for user and group in configuration file */
+     user=server->config->identity->user;
+     group=server->config->identity->group;
+-    
++
+     /* Check whether the user/group information is text */ 
+     if (atoi(user)!=0 || atoi(group)!=0) {
+       SILC_LOG_DEBUG(("Invalid user and/or group information"));
+@@ -391,14 +414,14 @@ void silc_server_daemonise(SilcServer se
+       fprintf(stderr, "Please assign them as names, not numbers\n");
+       exit(1);
+     }
+-    
++
+     /* Catch the nasty incident of string "0" returning 0 from atoi */
+     if (strcmp("0", user)==0 || strcmp("0", group)==0) {
+       SILC_LOG_DEBUG(("User and/or group configured to 0. Unacceptable"));
+       fprintf(stderr, "User and/or group configured to 0. Exiting\n");
+       exit(1);
+     }
+-    
++
+     pw=getpwnam(user);
+     gr=getgrnam(group);
+ 
+@@ -411,7 +434,7 @@ void silc_server_daemonise(SilcServer se
+       fprintf(stderr, "No such group %s found\n", group);
+       exit(1);
+     }
+-    
++
+     /* Check whether user and/or group is set to root. If yes, exit
+        immediately. Otherwise, setgid and setuid server to user.group */
+     if (gr->gr_gid==0 || pw->pw_uid==0) {
+@@ -422,14 +445,6 @@ void silc_server_daemonise(SilcServer se
+        "\tthe server as non-root user.\n");
+       exit(1);
+     } else {
+-      /* Fork server to background, making it a daemon */
+-      if (fork()) {
+-        SILC_LOG_DEBUG(("Server started as root. Dropping privileges."));
+-        SILC_LOG_DEBUG(("Forking SILC server to background"));
+-        exit(0);
+-      } 
+-      setsid();
+-      
+       SILC_LOG_DEBUG(("Changing to group %s", group));
+       if(setgid(gr->gr_gid)==0) {
+         SILC_LOG_DEBUG(("Setgid to %s", group));
+@@ -449,14 +464,6 @@ void silc_server_daemonise(SilcServer se
+         exit(1);
+       }
+     }
+-  } else {
+-    /* Fork server to background, making it a daemon */
+-    if (fork()) {
+-      SILC_LOG_DEBUG(("Server started as user")); 
+-      SILC_LOG_DEBUG(("Forking SILC server to background"));
+-      exit(0);
+-    }
+-    setsid();
+   }
+ }
+ 
diff --git a/net/silc-server/files/patch-silcd:server.h b/net/silc-server/files/patch-silcd:server.h
new file mode 100644
index 000000000000..575f9a4633f6
--- /dev/null
+++ b/net/silc-server/files/patch-silcd:server.h
@@ -0,0 +1,10 @@
+--- silcd/server.h.orig	Mon Oct 22 23:41:38 2001
++++ silcd/server.h	Sat Nov 10 12:02:26 2001
+@@ -121,6 +121,7 @@ int silc_server_alloc(SilcServer *new_se
+ void silc_server_free(SilcServer server);
+ int silc_server_init(SilcServer server);
+ void silc_server_daemonise(SilcServer server);
++void silc_server_drop(SilcServer server);
+ void silc_server_run(SilcServer server);
+ void silc_server_stop(SilcServer server);
+ void silc_server_start_key_exchange(SilcServer server,
diff --git a/net/silc-server/files/patch-silcd:silcd.c b/net/silc-server/files/patch-silcd:silcd.c
new file mode 100644
index 000000000000..793aa99bf8cb
--- /dev/null
+++ b/net/silc-server/files/patch-silcd:silcd.c
@@ -0,0 +1,70 @@
+--- silcd/silcd.c.orig	Wed Nov  7 18:33:19 2001
++++ silcd/silcd.c	Sat Nov 10 22:35:36 2001
+@@ -43,6 +43,7 @@ static struct option long_opts[] = 
+   { "config-file", 1, NULL, 'f' },
+   { "debug", 1, NULL, 'd' },
+   { "help", 0, NULL, 'h' },
++  { "no-daemon", 0, NULL, 'n' },
+   { "version", 0, NULL,'V' },
+ 
+   /* Key management options */
+@@ -70,8 +71,9 @@ Usage: silcd [options]\n\
+ \n\
+   Generic Options:\n\
+   -f  --config-file=FILE        Alternate configuration file\n\
+-  -d  --debug=string            Enable debugging (no daemon)\n\
++  -d  --debug=string            Enable debugging (Implies --no-daemon)\n\
+   -h  --help                    Display this message\n\
++  -n  --no-daemon		Dont fork\n\
+   -V  --version                 Display version\n\
+ \n\
+   Key Management Options:\n\
+@@ -99,6 +101,7 @@ int main(int argc, char **argv)
+ {
+   int ret;
+   int opt, option_index;
++  int daemon = TRUE;
+   char *config_file = NULL;
+   SilcServer silcd;
+   struct sigaction sa;
+@@ -108,7 +111,7 @@ int main(int argc, char **argv)
+ 
+   /* Parse command line arguments */
+   if (argc > 1) {
+-    while ((opt = getopt_long(argc, argv, "cf:d:hVC:",
++    while ((opt = getopt_long(argc, argv, "cf:d:hnVC:",
+ 			      long_opts, &option_index)) != EOF) {
+       switch(opt) 
+ 	{
+@@ -130,6 +133,9 @@ int main(int argc, char **argv)
+ 	case 'f':
+ 	  config_file = strdup(optarg);
+ 	  break;
++	case 'n':
++	  daemon = FALSE;
++	  break;
+ 
+ 	  /*
+ 	   * Key management options
+@@ -195,9 +201,8 @@ int main(int argc, char **argv)
+   sigemptyset(&sa.sa_mask);
+   sigaction(SIGPIPE, &sa, NULL);
+ 
+-  if (silc_debug == FALSE)
+-    /* Before running the server, fork to background and set
+-       both user and group no non-root */    
++  if ((silc_debug == FALSE) && daemon)
++    /* Before running the server, fork to background. */    
+     silc_server_daemonise(silcd);
+ 
+   /* Set /var/run/silcd.pid */
+@@ -206,6 +211,9 @@ int main(int argc, char **argv)
+   snprintf(pid, sizeof(pid) - 1, "%d\n", getpid());
+   silc_file_writefile(SILC_SERVER_PID_FILE, pid, strlen(pid));
+   
++  /* Drop root. */
++  silc_server_drop(silcd);
++
+   /* Run the server. When this returns the server has been stopped
+      and we will exit. */
+   silc_server_run(silcd);