Look for support for fileno() in the system

This should help fwknop remain as portable as before. The fallback code still suffers from the TOCTOU condition though.
2018-08-27 20:01:13 +02:00 · 2018-08-27 20:01:13 +02:00 · 40664566e6
commit 40664566e6
parent 2def3bb0e8
4 changed files with 20 additions and 0 deletions
--- a/client/fwknop.c
+++ b/client/fwknop.c
@ -899,7 +899,11 @@ show_last_command(const char * const args_save_file)
        return 0;
    }

+#if HAVE_FILENO
    if(verify_file_perms_ownership(args_save_file, fileno(args_file_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(args_save_file, -1) != 1)
+#endif
    {
        fclose(args_file_ptr);
        return 0;
@ -937,7 +941,11 @@ run_last_args(fko_cli_options_t *options, const char * const args_save_file)
                args_save_file);
        return 0;
    }
+#if HAVE_FILENO
    if(verify_file_perms_ownership(args_save_file, fileno(args_file_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(args_save_file, -1) != 1)
+#endif
    {
        fclose(args_file_ptr);
        return 0;
--- a/server/access.c
+++ b/server/access.c
@ -1508,7 +1508,11 @@ parse_access_file(fko_srv_options_t *opts, char *access_filename, int *depth)
        return EXIT_FAILURE;
    }

+#if HAVE_FILENO
    if(verify_file_perms_ownership(access_filename, fileno(file_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(access_filename, -1) != 1)
+#endif
    {
        fclose(file_ptr);
        return EXIT_FAILURE;
--- a/server/config_init.c
+++ b/server/config_init.c
@ -303,7 +303,11 @@ parse_config_file(fko_srv_options_t *opts, const char *config_file)
        clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
    }

+#if HAVE_FILENO
    if(verify_file_perms_ownership(config_file, fileno(cfile_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(config_file, -1) != 1)
+#endif
    {
        fclose(cfile_ptr);
        clean_exit(opts, NO_FW_CLEANUP, EXIT_FAILURE);
--- a/server/replay_cache.c
+++ b/server/replay_cache.c
@ -274,7 +274,11 @@ replay_file_cache_init(fko_srv_options_t *opts)
        return(-1);
    }

+#if HAVE_FILENO
    if(verify_file_perms_ownership(opts->config[CONF_DIGEST_FILE], fileno(digest_file_ptr)) != 1)
+#else
+    if(verify_file_perms_ownership(opts->config[CONF_DIGEST_FILE], -1) != 1)
+#endif
    {
        fclose(digest_file_ptr);
        return(-1);