POTD skeleton #103.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

4 files changed, 83 insertions, 3 deletions

diff --git a/configure.ac b/configure.ac
index 26f491d..1f28194 100644
--- a/configure.ac
+++ b/configure.ac
@@ -111,7 +111,7 @@ AC_CHECK_HEADERS([stdio.h ctype.h assert.h sched.h signal.h time.h errno.h pwd.h
       [ AC_MSG_ERROR([required std header not available]) ])
 
 dnl Check for system specific header files
-AC_CHECK_HEADERS([pty.h linux/capability.h sys/wait.h], [],
+AC_CHECK_HEADERS([pty.h linux/capability.h sys/wait.h sys/ioctl.h net/if.h netinet/in.h], [],
       [ AC_MSG_ERROR([required system specific header not available]) ])
 AC_CHECK_HEADERS([libutil.h pthread.h syslog.h sys/prctl.h linux/limits.h \
                   sys/uio.h poll.h sys/epoll.h sys/sysmacros.h sys/mount.h util.h])
diff --git a/src/jail.c b/src/jail.c
index 9ed75f8..e94d069 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -340,6 +340,7 @@ static int jail_childfn(prisoner_process *ctx)
         case 0:
             if (mount_proc(path_proc))
                 exit(EXIT_FAILURE);
+            socket_set_ifaddr(&ctx->client_psock, "lo", "127.0.0.1", "255.0.0.0");
 /*
             if (update_setgroups_self(0))
                 exit(EXIT_FAILURE);
diff --git a/src/socket.c b/src/socket.c
index 6713d10..06abc93 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -4,6 +4,9 @@
 #include <fcntl.h>
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <net/if.h>
+#include <netinet/in.h>
 #include <arpa/inet.h>
 #include <assert.h>
 
@@ -116,9 +119,8 @@ int socket_accept_in(const psocket *psock, psocket *client_psock)
     int fd;
 
     assert(psock && client_psock);
-    client_psock->fd = -1;
 
-    client_psock->addr_len = psock->addr_len;
+    *client_psock = *psock;
     fd = accept(psock->fd, &client_psock->addr,
                 &client_psock->addr_len);
     if (fd < 0)
@@ -246,3 +248,73 @@ void socket_clone(const psocket *src, psocket *dst)
     memcpy(dst, src, sizeof(*dst));
     dst->fd = -1;
 }
+
+ssize_t socket_get_ifnames(const psocket *test_sock, char name[][IFNAMSIZ],
+                           size_t siz, int loopback_only)
+{
+    struct ifreq ifr;
+    struct ifreq *it, *end;
+    struct ifconf ifc;
+    char buf[1024];
+    int sock;
+    size_t rc = 0;
+
+    assert(test_sock);
+    sock = socket(test_sock->family, test_sock->socktype,
+                  test_sock->protocol);
+    if (sock <= 0)
+        return -1;
+
+    ifc.ifc_len = sizeof buf;
+    ifc.ifc_buf = buf;
+    if (ioctl(sock, SIOCGIFCONF, &ifc) == -1)
+        return -1;
+    it = ifc.ifc_req;
+    end = it + (ifc.ifc_len / sizeof(struct ifreq));
+
+    for (; it != end; ++it) {
+        strncpy(ifr.ifr_name, it->ifr_name, IFNAMSIZ);
+
+        if (ioctl(sock, SIOCGIFFLAGS, &ifr) == 0) {
+            if (loopback_only && !(ifr.ifr_flags & IFF_LOOPBACK))
+                continue;
+            if (ioctl(sock, SIOCGIFHWADDR, &ifr) == 0) {
+                strncpy(name[rc++], it->ifr_name, IFNAMSIZ);
+                if (siz == rc)
+                    break;
+            }
+        }
+    }
+
+    close(sock);
+
+    return rc;
+}
+
+int socket_set_ifaddr(const psocket *test_sock,
+                      const char *ifname, const char *addr, const char *mask)
+{
+    struct ifreq ifr;
+    int sock;
+
+    assert(test_sock);
+    sock = socket(test_sock->family, test_sock->socktype,
+                  test_sock->protocol);
+    strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+
+    ifr.ifr_addr.sa_family = AF_INET;
+    inet_pton(AF_INET, addr, ifr.ifr_addr.sa_data + 2);
+    ioctl(sock, SIOCSIFADDR, &ifr);
+
+    inet_pton(AF_INET, mask, ifr.ifr_addr.sa_data + 2);
+    ioctl(sock, SIOCSIFNETMASK, &ifr);
+
+    ioctl(sock, SIOCGIFFLAGS, &ifr);
+    strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+    ifr.ifr_flags |= (IFF_UP | IFF_RUNNING);
+
+    ioctl(sock, SIOCSIFFLAGS, &ifr);
+    close(sock);
+
+    return 0;
+}
diff --git a/src/socket.h b/src/socket.h
index 2698ee2..faa7fa3 100644
--- a/src/socket.h
+++ b/src/socket.h
@@ -2,6 +2,7 @@
 #define POTD_SOCKET_H 1
 
 #include <netdb.h>
+#include <net/if.h>
 
 #define POTD_BACKLOG 1
 
@@ -41,4 +42,10 @@ int socket_close(psocket *psock);
 
 void socket_clone(const psocket *src, psocket *dst);
 
+ssize_t socket_get_ifnames(const psocket *test_sock, char name[][IFNAMSIZ],
+                           size_t siz, int loopback_only);
+
+int socket_set_ifaddr(const psocket *test_sock,
+                      const char *ifname, const char *addr, const char *mask);
+
 #endif