From: Christian Fuchs Date: Fri, 19 Apr 2013 14:50:35 +0000 (+0000) Subject: added privilege testing parameters for helper-vpn, exit and nat-client. X-Git-Tag: initial-import-from-subversion-38251~9198 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=2660d770616a348aabb9480dcbafa4841ae84aa0;p=oweals%2Fgnunet.git added privilege testing parameters for helper-vpn, exit and nat-client. todo: nat-server --- diff --git a/src/exit/gnunet-daemon-exit.c b/src/exit/gnunet-daemon-exit.c index 20f240b0d..72522e121 100644 --- a/src/exit/gnunet-daemon-exit.c +++ b/src/exit/gnunet-daemon-exit.c @@ -3344,7 +3344,7 @@ run (void *cls, char *const *args GNUNET_UNUSED, { binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit"); if (GNUNET_YES != - GNUNET_OS_check_helper_binary (binary, GNUNET_YES, NULL)) // FIXME: CF: add test-parameters + GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d gnunet-vpn - - - 169.1.3.3.7 255.255.255.0")) //no nat, ipv4 only { GNUNET_free (binary); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, diff --git a/src/nat/nat.c b/src/nat/nat.c index e1ec88028..84ca2efa2 100644 --- a/src/nat/nat.c +++ b/src/nat/nat.c @@ -1183,7 +1183,7 @@ GNUNET_NAT_register (const struct GNUNET_CONFIGURATION_Handle *cfg, int is_tcp, binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-nat-client"); if ((GNUNET_YES == h->enable_nat_client) && (GNUNET_YES != - GNUNET_OS_check_helper_binary (binary, GNUNET_YES, NULL))) // FIXME: CF: add test-parameters + GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d 127.0.0.1 127.0.0.2 42"))) // none of these parameters are actually used in privilege testing mode { h->enable_nat_client = GNUNET_NO; LOG (GNUNET_ERROR_TYPE_WARNING, diff --git a/src/nat/nat_auto.c b/src/nat/nat_auto.c index edb2bb841..0c5bec118 100644 --- a/src/nat/nat_auto.c +++ b/src/nat/nat_auto.c @@ -461,7 +461,7 @@ test_icmp_client (struct GNUNET_NAT_AutoHandle *ah) (GNUNET_YES != GNUNET_CONFIGURATION_get_value_yesno (ah->cfg, "nat", "BEHIND_NAT")) && (GNUNET_YES == - GNUNET_OS_check_helper_binary (binary, GNUNET_YES, NULL))); // FIXME: CF: add test-parameters + GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d 127.0.0.1 127.0.0.2 42"))); // none of these parameters are actually used in privilege testing mode GNUNET_free_non_null (tmp); GNUNET_free (binary); GNUNET_log (GNUNET_ERROR_TYPE_INFO, diff --git a/src/pt/test_gnunet_vpn.c b/src/pt/test_gnunet_vpn.c index 52899d190..c8c7317fc 100644 --- a/src/pt/test_gnunet_vpn.c +++ b/src/pt/test_gnunet_vpn.c @@ -410,12 +410,12 @@ main (int argc, char *const *argv) return 0; } #endif - vpn_binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn.exe"); - exit_binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit.exe"); + vpn_binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn"); + exit_binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit"); fprintf (stderr,"%s\n", vpn_binary); fprintf (stderr,"%s\n", exit_binary); - if ((GNUNET_YES != (ret = GNUNET_OS_check_helper_binary (vpn_binary, GNUNET_YES, NULL))) || // FIXME: CF: add test-parameters - (GNUNET_YES != (ret = GNUNET_OS_check_helper_binary (exit_binary, GNUNET_YES, NULL)))) // FIXME: CF: add test-parameters + if ((GNUNET_YES != (ret = GNUNET_OS_check_helper_binary (vpn_binary, GNUNET_YES, "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0"))) || //ipv4 only please! + (GNUNET_YES != (ret = GNUNET_OS_check_helper_binary (exit_binary, GNUNET_YES, "-d gnunet-vpn - - - 169.1.3.3.7 255.255.255.0")))) //no nat, ipv4 only { GNUNET_free (vpn_binary); GNUNET_free (exit_binary); diff --git a/src/vpn/gnunet-service-vpn.c b/src/vpn/gnunet-service-vpn.c index a7a1ca213..61bd977bc 100644 --- a/src/vpn/gnunet-service-vpn.c +++ b/src/vpn/gnunet-service-vpn.c @@ -3062,7 +3062,7 @@ run (void *cls, binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn"); if (GNUNET_YES != - GNUNET_OS_check_helper_binary (binary, GNUNET_YES, NULL)) // FIXME: CF: add test-parameters + GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) //ipv4 only please! { fprintf (stderr, "`%s' is not SUID, refusing to run.\n",