diff --git a/client/http_resolve_host.c b/client/http_resolve_host.c index 6db56270..20e25fca 100644 --- a/client/http_resolve_host.c +++ b/client/http_resolve_host.c @@ -328,8 +328,8 @@ resolve_ip_https(fko_cli_options_t *options) struct url url; /* for validation only */ char wget_ssl_cmd[MAX_URL_PATH_LEN] = {0}; /* for verbose logging only */ -#if HAVE_EXECVPE - char *wget_argv[MAX_CMDLINE_ARGS]; /* for execvpe() */ +#if HAVE_EXECVP + char *wget_argv[MAX_CMDLINE_ARGS]; /* for execvp() */ int wget_argc=0; int pipe_fd[2]; pid_t pid=0; @@ -339,7 +339,7 @@ resolve_ip_https(fko_cli_options_t *options) FILE *wget; #endif -#if HAVE_EXECVPE +#if HAVE_EXECVP memset(wget_argv, 0x0, sizeof(wget_argv)); #endif memset(&url, 0x0, sizeof(url)); @@ -410,7 +410,7 @@ resolve_ip_https(fko_cli_options_t *options) return(1); #endif -#if HAVE_EXECVPE +#if HAVE_EXECVP if(strtoargv(wget_ssl_cmd, wget_argv, &wget_argc) != 1) { log_msg(LOG_VERBOSITY_ERROR, "Error converting wget cmd str to argv"); @@ -434,14 +434,14 @@ resolve_ip_https(fko_cli_options_t *options) close(pipe_fd[0]); dup2(pipe_fd[1], STDOUT_FILENO); dup2(pipe_fd[1], STDERR_FILENO); - es = execvpe(wget_argv[0], wget_argv, (char * const *)NULL); /* don't use env */ + es = execvp(wget_argv[0], wget_argv); if(es == -1) log_msg(LOG_VERBOSITY_ERROR, - "[*] resolve_ip_https(): execvpe() failed: %s", + "[*] resolve_ip_https(): execvp() failed: %s", strerror(errno)); - /* We only make it here if there was a problem with execvpe(), + /* We only make it here if there was a problem with execvp(), * so exit() here either way */ exit(es); diff --git a/configure.ac b/configure.ac index 873f8b3a..05bde5c2 100644 --- a/configure.ac +++ b/configure.ac @@ -389,17 +389,17 @@ AC_FUNC_STAT AC_CHECK_FUNCS([bzero gettimeofday memmove memset socket strchr strcspn strdup strncasecmp strndup strrchr strspn strnlen stat lstat chmod chown strlcat strlcpy]) -dnl Decide whether or not to check for the execvpe() function +dnl Decide whether or not to check for the execvp() function dnl -use_execvpe=yes -AC_ARG_ENABLE([execvpe], - [AS_HELP_STRING([--disable-execvpe], - [Do not check for the execvpe() function for command execution @<:@default is on@:>@])], - [use_execvpe=$enableval], +use_execvp=yes +AC_ARG_ENABLE([execvp], + [AS_HELP_STRING([--disable-execvp], + [Do not check for the execvp() function for command execution @<:@default is on@:>@])], + [use_execvp=$enableval], []) -if test "x$use_execvpe" = "xyes"; then - AC_CHECK_FUNCS([execvpe]) +if test "x$use_execvp" = "xyes"; then + AC_CHECK_FUNCS([execvp]) fi AC_SEARCH_LIBS([socket], [socket]) diff --git a/server/extcmd.c b/server/extcmd.c index 3c4051a8..7fe5055d 100644 --- a/server/extcmd.c +++ b/server/extcmd.c @@ -128,10 +128,10 @@ _run_extcmd(uid_t uid, gid_t gid, const char *cmd, char *so_buf, int line_ctr = 0, found_str = 0, do_break = 0; int es = 0; - char *argv_new[MAX_CMDLINE_ARGS]; /* for validation and/or execvpe() */ + char *argv_new[MAX_CMDLINE_ARGS]; /* for validation and/or execvp() */ int argc_new=0; -#if HAVE_EXECVPE +#if HAVE_EXECVP int pipe_fd[2]; #endif @@ -143,7 +143,7 @@ _run_extcmd(uid_t uid, gid_t gid, const char *cmd, char *so_buf, *pid_status = 0; - /* Even without execvpe() we examine the command for basic validity + /* Even without execvp() we examine the command for basic validity * in term of number of args */ memset(argv_new, 0x0, sizeof(argv_new)); @@ -155,16 +155,16 @@ _run_extcmd(uid_t uid, gid_t gid, const char *cmd, char *so_buf, return EXTCMD_ARGV_ERROR; } -#if !HAVE_EXECVPE - /* if we are not using execvpe() then free up argv_new unconditionally +#if !HAVE_EXECVP + /* if we are not using execvp() then free up argv_new unconditionally * since was used only for validation */ free_argv(argv_new, &argc_new); #endif -#if HAVE_EXECVPE +#if HAVE_EXECVP if(opts->verbose > 1) - log_msg(LOG_INFO, "run_extcmd() (with execvpe()): running CMD: %s", cmd); + log_msg(LOG_INFO, "run_extcmd() (with execvp()): running CMD: %s", cmd); if(so_buf != NULL || substr_search != NULL) { @@ -204,12 +204,12 @@ _run_extcmd(uid_t uid, gid_t gid, const char *cmd, char *so_buf, /* don't use env */ - es = execvpe(argv_new[0], argv_new, (char * const *)NULL); + es = execvp(argv_new[0], argv_new); if(es == -1) - log_msg(LOG_ERR, "run_extcmd(): execvpe() failed: %s", strerror(errno)); + log_msg(LOG_ERR, "run_extcmd(): execvp() failed: %s", strerror(errno)); - /* We only make it here if there was a problem with execvpe(), + /* We only make it here if there was a problem with execvp(), * so exit() here either way to not leave another fwknopd process * running after fork(). */ @@ -265,7 +265,7 @@ _run_extcmd(uid_t uid, gid_t gid, const char *cmd, char *so_buf, #else if(opts->verbose > 1) - log_msg(LOG_INFO, "run_extcmd() (without execvpe()): running CMD: %s", cmd); + log_msg(LOG_INFO, "run_extcmd() (without execvp()): running CMD: %s", cmd); if(so_buf == NULL && substr_search == NULL) { @@ -586,10 +586,10 @@ int _run_extcmd_write(const char *cmd, const char *cmd_write, int *pid_status, const fko_srv_options_t * const opts) { int retval = EXTCMD_SUCCESS_ALL_OUTPUT; - char *argv_new[MAX_CMDLINE_ARGS]; /* for validation and/or execvpe() */ + char *argv_new[MAX_CMDLINE_ARGS]; /* for validation and/or execvp() */ int argc_new=0; -#if HAVE_EXECVPE +#if HAVE_EXECVP int pipe_fd[2]; pid_t pid=0; #else @@ -602,7 +602,7 @@ int _run_extcmd_write(const char *cmd, const char *cmd_write, int *pid_status, *pid_status = 0; - /* Even without execvpe() we examine the command for basic validity + /* Even without execvp() we examine the command for basic validity * in term of number of args */ memset(argv_new, 0x0, sizeof(argv_new)); @@ -614,16 +614,16 @@ int _run_extcmd_write(const char *cmd, const char *cmd_write, int *pid_status, return EXTCMD_ARGV_ERROR; } -#if !HAVE_EXECVPE - /* if we are not using execvpe() then free up argv_new unconditionally +#if !HAVE_EXECVP + /* if we are not using execvp() then free up argv_new unconditionally * since was used only for validation */ free_argv(argv_new, &argc_new); #endif -#if HAVE_EXECVPE +#if HAVE_EXECVP if(opts->verbose > 1) - log_msg(LOG_INFO, "run_extcmd_write() (with execvpe()): running CMD: %s | %s", + log_msg(LOG_INFO, "run_extcmd_write() (with execvp()): running CMD: %s | %s", cmd_write, cmd); if(pipe(pipe_fd) < 0) @@ -644,7 +644,7 @@ int _run_extcmd_write(const char *cmd, const char *cmd_write, int *pid_status, /* don't use env */ - execvpe(argv_new[0], argv_new, (char * const *)NULL); + execvp(argv_new[0], argv_new); } else if(pid == -1) { @@ -664,7 +664,7 @@ int _run_extcmd_write(const char *cmd, const char *cmd_write, int *pid_status, #else if(opts->verbose > 1) - log_msg(LOG_INFO, "run_extcmd_write() (without execvpe()): running CMD: %s | %s", + log_msg(LOG_INFO, "run_extcmd_write() (without execvp()): running CMD: %s | %s", cmd_write, cmd); if ((fd = popen(cmd, "w")) == NULL) diff --git a/server/fw_util_firewalld.h b/server/fw_util_firewalld.h index de2cdcec..a4f4a915 100644 --- a/server/fw_util_firewalld.h +++ b/server/fw_util_firewalld.h @@ -35,8 +35,8 @@ #define FIREWD_CMD_FAIL_STR "COMMAND_FAILED" /* returned by firewall-cmd */ #define FIREWD_CMD_PREFIX "--direct --passthrough ipv4" -#if HAVE_EXECVPE - #define SH_REDIR "" /* the shell is not used when execvpe() is available */ +#if HAVE_EXECVP + #define SH_REDIR "" /* the shell is not used when execvp() is available */ #else #define SH_REDIR " 2>&1" #endif diff --git a/server/fw_util_iptables.h b/server/fw_util_iptables.h index 2c8c574c..9869f6e7 100644 --- a/server/fw_util_iptables.h +++ b/server/fw_util_iptables.h @@ -32,8 +32,8 @@ #define SNAT_TARGET_BUFSIZE 64 -#if HAVE_EXECVPE - #define SH_REDIR "" /* the shell is not used when execvpe() is available */ +#if HAVE_EXECVP + #define SH_REDIR "" /* the shell is not used when execvp() is available */ #else #define SH_REDIR " 2>&1" #endif diff --git a/server/fw_util_pf.h b/server/fw_util_pf.h index f7d64e08..45a273f8 100644 --- a/server/fw_util_pf.h +++ b/server/fw_util_pf.h @@ -33,8 +33,8 @@ #define MAX_PF_ANCHOR_SEARCH_LEN (MAX_PF_ANCHOR_LEN+11) /* room for 'anchor "' string */ #define MAX_PF_NEW_RULE_LEN 140 -#if HAVE_EXECVPE - #define SH_REDIR "" /* the shell is not used when execvpe() is available */ +#if HAVE_EXECVP + #define SH_REDIR "" /* the shell is not used when execvp() is available */ #else #define SH_REDIR " 2>&1" #endif @@ -43,7 +43,7 @@ */ #define PF_ADD_RULE_ARGS "pass in quick proto %u from %s to %s port %u keep state label " EXPIRE_COMMENT_PREFIX "%u" #define PF_WRITE_ANCHOR_RULES_ARGS "-a %s -f -" -#if HAVE_EXECVPE +#if HAVE_EXECVP #define PF_LIST_ANCHOR_RULES_ARGS "-a %s -s rules" #else #define PF_LIST_ANCHOR_RULES_ARGS "-a %s -s rules 2> /dev/null" diff --git a/test/test-fwknop.pl b/test/test-fwknop.pl index 5f8587c8..3461a48e 100755 --- a/test/test-fwknop.pl +++ b/test/test-fwknop.pl @@ -2103,14 +2103,14 @@ sub configure_args_restore_orig() { return $rv; } -sub configure_args_disable_execvpe() { +sub configure_args_disable_execvp() { my $rv = 1; my $curr_pwd = cwd() or die $!; chdir '..' or die $!; - unless (&config_recompile('./extras/apparmor/configure_args.sh --disable-execvpe')) { + unless (&config_recompile('./extras/apparmor/configure_args.sh --disable-execvp')) { &write_test_file("[-] configure/recompile failure.\n", "test/$curr_test_file"); chdir $curr_pwd or die $!; diff --git a/test/tests/configure_args.pl b/test/tests/configure_args.pl index 280377fb..2d0a5b5f 100644 --- a/test/tests/configure_args.pl +++ b/test/tests/configure_args.pl @@ -46,12 +46,12 @@ 'fw_rule_created' => $REQUIRE_NO_NEW_RULE, }, - ### disable execvpe() usage + ### disable execvp() usage { 'category' => 'configure args', 'subcategory' => 'compile', - 'detail' => '--disable-execvpe check', - 'function' => \&configure_args_disable_execvpe, + 'detail' => '--disable-execvp check', + 'function' => \&configure_args_disable_execvp, }, { 'category' => 'configure args', @@ -64,7 +64,7 @@ 'fw_rule_created' => $NEW_RULE_REQUIRED, 'fw_rule_removed' => $NEW_RULE_REMOVED, 'key_file' => $cf{'rc_hmac_b64_key'}, - 'server_positive_output_matches' => [qr/without execvpe/], + 'server_positive_output_matches' => [qr/without execvp/], }, { 'category' => 'configure args', @@ -77,7 +77,7 @@ 'fw_rule_created' => $NEW_RULE_REQUIRED, 'fw_rule_removed' => $NEW_RULE_REMOVED, 'key_file' => $cf{'rc_hmac_b64_key'}, - 'server_positive_output_matches' => [qr/without execvpe/], + 'server_positive_output_matches' => [qr/without execvp/], 'client_cycles_per_server_instance' => 3, }, @@ -92,7 +92,7 @@ 'fwknopd_cmdline' => "$fwknopdCmd -c $cf{'def'} -a $cf{'hmac_cmd_access'} " . "-d $default_digest_file -p $default_pid_file $intf_str", 'fw_rule_created' => $REQUIRE_NO_NEW_RULE, - 'server_positive_output_matches' => [qr/without execvpe/], + 'server_positive_output_matches' => [qr/without execvp/], }, ### restore original ./configure args to be prepared to run