isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Avoid symbol name clash to fix --enable-static-sudoers linking.

Browse Source
This commit is contained in:
Todd C. Miller
2021-09-15 11:19:03 -06:00
parent d7cdf1e47c
commit db750232c5
5 changed files with 64 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
include/intercept.pb-c.h
View File

@@ -16,7 +16,7 @@ PROTOBUF_C__BEGIN_DECLS
typedef struct _InterceptRequest InterceptRequest; typedef struct _InterceptRequest InterceptRequest;
typedef struct _ClientHello ClientHello; typedef struct _InterceptHello InterceptHello;
typedef struct _HelloResponse HelloResponse; typedef struct _HelloResponse HelloResponse;
typedef struct _PolicyCheckRequest PolicyCheckRequest; typedef struct _PolicyCheckRequest PolicyCheckRequest;
typedef struct _PolicyAcceptMessage PolicyAcceptMessage; typedef struct _PolicyAcceptMessage PolicyAcceptMessage;
@@ -47,7 +47,7 @@ struct _InterceptRequest
InterceptRequest__TypeCase type_case; InterceptRequest__TypeCase type_case;
union { union {
PolicyCheckRequest *policy_check_req; PolicyCheckRequest *policy_check_req;
ClientHello *hello; InterceptHello *hello;
} u; } u;
}; };
#define INTERCEPT_REQUEST__INIT \ #define INTERCEPT_REQUEST__INIT \
@@ -59,18 +59,18 @@ struct _InterceptRequest
* Hello message from sudo_intercept.so to main sudo process. * Hello message from sudo_intercept.so to main sudo process.
* Sudo sends back the token and localhost port number. * Sudo sends back the token and localhost port number.
*/ */
struct _ClientHello struct _InterceptHello
{ {
ProtobufCMessage base; ProtobufCMessage base;
int32_t pid; int32_t pid;
}; };
#define CLIENT_HELLO__INIT \ #define INTERCEPT_HELLO__INIT \
{ PROTOBUF_C_MESSAGE_INIT (&client_hello__descriptor) \ { PROTOBUF_C_MESSAGE_INIT (&intercept_hello__descriptor) \
, 0 } , 0 }
/* /*
* Sudo response to a ClientHello from sudo_intercept.so. * Sudo response to an InterceptHello from sudo_intercept.so.
* The client uses the port number and token to connect back to sudo. * The client uses the port number and token to connect back to sudo.
*/ */
struct _HelloResponse struct _HelloResponse
@@ -187,24 +187,24 @@ InterceptRequest *
void intercept_request__free_unpacked void intercept_request__free_unpacked
(InterceptRequest *message, (InterceptRequest *message,
ProtobufCAllocator *allocator); ProtobufCAllocator *allocator);
/* ClientHello methods */ /* InterceptHello methods */
void client_hello__init void intercept_hello__init
(ClientHello *message); (InterceptHello *message);
size_t client_hello__get_packed_size size_t intercept_hello__get_packed_size
(const ClientHello *message); (const InterceptHello *message);
size_t client_hello__pack size_t intercept_hello__pack
(const ClientHello *message, (const InterceptHello *message,
uint8_t *out); uint8_t *out);
size_t client_hello__pack_to_buffer size_t intercept_hello__pack_to_buffer
(const ClientHello *message, (const InterceptHello *message,
ProtobufCBuffer *buffer); ProtobufCBuffer *buffer);
ClientHello * InterceptHello *
client_hello__unpack intercept_hello__unpack
(ProtobufCAllocator *allocator, (ProtobufCAllocator *allocator,
size_t len, size_t len,
const uint8_t *data); const uint8_t *data);
void client_hello__free_unpacked void intercept_hello__free_unpacked
(ClientHello *message, (InterceptHello *message,
ProtobufCAllocator *allocator); ProtobufCAllocator *allocator);
/* HelloResponse methods */ /* HelloResponse methods */
void hello_response__init void hello_response__init
@@ -325,8 +325,8 @@ void intercept_response__free_unpacked
typedef void (*InterceptRequest_Closure) typedef void (*InterceptRequest_Closure)
(const InterceptRequest *message, (const InterceptRequest *message,
void *closure_data); void *closure_data);
typedef void (*ClientHello_Closure) typedef void (*InterceptHello_Closure)
(const ClientHello *message, (const InterceptHello *message,
void *closure_data); void *closure_data);
typedef void (*HelloResponse_Closure) typedef void (*HelloResponse_Closure)
(const HelloResponse *message, (const HelloResponse *message,
@@ -353,7 +353,7 @@ typedef void (*InterceptResponse_Closure)
/* --- descriptors --- */ /* --- descriptors --- */
extern const ProtobufCMessageDescriptor intercept_request__descriptor; extern const ProtobufCMessageDescriptor intercept_request__descriptor;
extern const ProtobufCMessageDescriptor client_hello__descriptor; extern const ProtobufCMessageDescriptor intercept_hello__descriptor;
extern const ProtobufCMessageDescriptor hello_response__descriptor; extern const ProtobufCMessageDescriptor hello_response__descriptor;
extern const ProtobufCMessageDescriptor policy_check_request__descriptor; extern const ProtobufCMessageDescriptor policy_check_request__descriptor;
extern const ProtobufCMessageDescriptor policy_accept_message__descriptor; extern const ProtobufCMessageDescriptor policy_accept_message__descriptor;

6
src/exec_intercept.c
View File

@@ -100,7 +100,7 @@ intercept_setup(int fd, struct sudo_event_base *evbase,
goto bad; goto bad;
} }
/* If we've already seen a ClientHello, expect a policy check first. */ /* If we've already seen an InterceptHello, expect a policy check first. */
closure->state = sudo_token_isset(intercept_token) ? closure->state = sudo_token_isset(intercept_token) ?
RECV_SECRET : RECV_HELLO_INITIAL; RECV_SECRET : RECV_HELLO_INITIAL;
closure->details = details; closure->details = details;
@@ -636,7 +636,7 @@ unpack:
default: default:
/* Only accept hello on a socket with an accepted command. */ /* Only accept hello on a socket with an accepted command. */
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"got ClientHello without an accepted command"); "got InterceptHello without an accepted command");
goto done; goto done;
} }
break; break;
@@ -850,7 +850,7 @@ intercept_write(int fd, struct intercept_closure *closure)
closure->state = RECV_CONNECTION; closure->state = RECV_CONNECTION;
break; break;
case POLICY_ACCEPT: case POLICY_ACCEPT:
/* Re-use event to read ClientHello from sudo_intercept.so ctor. */ /* Re-use event to read InterceptHello from sudo_intercept.so ctor. */
if (sudo_ev_set(&closure->ev, fd, SUDO_EV_READ|SUDO_EV_PERSIST, intercept_cb, closure) == -1) { if (sudo_ev_set(&closure->ev, fd, SUDO_EV_READ|SUDO_EV_PERSIST, intercept_cb, closure) == -1) {
/* This cannot (currently) fail. */ /* This cannot (currently) fail. */
sudo_warn("%s", U_("unable to add event to queue")); sudo_warn("%s", U_("unable to add event to queue"));

66
src/intercept.pb-c.c
View File

@@ -52,49 +52,49 @@ void intercept_request__free_unpacked
assert(message->base.descriptor == &intercept_request__descriptor); assert(message->base.descriptor == &intercept_request__descriptor);
protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator);
} }
void client_hello__init void intercept_hello__init
(ClientHello *message) (InterceptHello *message)
{ {
static const ClientHello init_value = CLIENT_HELLO__INIT; static const InterceptHello init_value = INTERCEPT_HELLO__INIT;
*message = init_value; *message = init_value;
} }
size_t client_hello__get_packed_size size_t intercept_hello__get_packed_size
(const ClientHello *message) (const InterceptHello *message)
{ {
assert(message->base.descriptor == &client_hello__descriptor); assert(message->base.descriptor == &intercept_hello__descriptor);
return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message));
} }
size_t client_hello__pack size_t intercept_hello__pack
(const ClientHello *message, (const InterceptHello *message,
uint8_t *out) uint8_t *out)
{ {
assert(message->base.descriptor == &client_hello__descriptor); assert(message->base.descriptor == &intercept_hello__descriptor);
return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); return protobuf_c_message_pack ((const ProtobufCMessage*)message, out);
} }
size_t client_hello__pack_to_buffer size_t intercept_hello__pack_to_buffer
(const ClientHello *message, (const InterceptHello *message,
ProtobufCBuffer *buffer) ProtobufCBuffer *buffer)
{ {
assert(message->base.descriptor == &client_hello__descriptor); assert(message->base.descriptor == &intercept_hello__descriptor);
return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer);
} }
ClientHello * InterceptHello *
client_hello__unpack intercept_hello__unpack
(ProtobufCAllocator *allocator, (ProtobufCAllocator *allocator,
size_t len, size_t len,
const uint8_t *data) const uint8_t *data)
{ {
return (ClientHello *) return (InterceptHello *)
protobuf_c_message_unpack (&client_hello__descriptor, protobuf_c_message_unpack (&intercept_hello__descriptor,
allocator, len, data); allocator, len, data);
} }
void client_hello__free_unpacked void intercept_hello__free_unpacked
(ClientHello *message, (InterceptHello *message,
ProtobufCAllocator *allocator) ProtobufCAllocator *allocator)
{ {
if(!message) if(!message)
return; return;
assert(message->base.descriptor == &client_hello__descriptor); assert(message->base.descriptor == &intercept_hello__descriptor);
protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator);
} }
void hello_response__init void hello_response__init
@@ -388,7 +388,7 @@ static const ProtobufCFieldDescriptor intercept_request__field_descriptors[2] =
PROTOBUF_C_TYPE_MESSAGE, PROTOBUF_C_TYPE_MESSAGE,
offsetof(InterceptRequest, type_case), offsetof(InterceptRequest, type_case),
offsetof(InterceptRequest, u.hello), offsetof(InterceptRequest, u.hello),
&client_hello__descriptor, &intercept_hello__descriptor,
NULL, NULL,
0 | PROTOBUF_C_FIELD_FLAG_ONEOF, /* flags */ 0 | PROTOBUF_C_FIELD_FLAG_ONEOF, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */ 0,NULL,NULL /* reserved1,reserved2, etc */
@@ -418,7 +418,7 @@ const ProtobufCMessageDescriptor intercept_request__descriptor =
(ProtobufCMessageInit) intercept_request__init, (ProtobufCMessageInit) intercept_request__init,
NULL,NULL,NULL /* reserved[123] */ NULL,NULL,NULL /* reserved[123] */
}; };
static const ProtobufCFieldDescriptor client_hello__field_descriptors[1] = static const ProtobufCFieldDescriptor intercept_hello__field_descriptors[1] =
{ {
{ {
"pid", "pid",
@@ -426,34 +426,34 @@ static const ProtobufCFieldDescriptor client_hello__field_descriptors[1] =
PROTOBUF_C_LABEL_NONE, PROTOBUF_C_LABEL_NONE,
PROTOBUF_C_TYPE_INT32, PROTOBUF_C_TYPE_INT32,
0, /* quantifier_offset */ 0, /* quantifier_offset */
offsetof(ClientHello, pid), offsetof(InterceptHello, pid),
NULL, NULL,
NULL, NULL,
0, /* flags */ 0, /* flags */
0,NULL,NULL /* reserved1,reserved2, etc */ 0,NULL,NULL /* reserved1,reserved2, etc */
}, },
}; };
static const unsigned client_hello__field_indices_by_name[] = { static const unsigned intercept_hello__field_indices_by_name[] = {
0, /* field[0] = pid */ 0, /* field[0] = pid */
}; };
static const ProtobufCIntRange client_hello__number_ranges[1 + 1] = static const ProtobufCIntRange intercept_hello__number_ranges[1 + 1] =
{ {
{ 1, 0 }, { 1, 0 },
{ 0, 1 } { 0, 1 }
}; };
const ProtobufCMessageDescriptor client_hello__descriptor = const ProtobufCMessageDescriptor intercept_hello__descriptor =
{ {
PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC, PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC,
"ClientHello", "InterceptHello",
"ClientHello", "InterceptHello",
"ClientHello", "InterceptHello",
"", "",
sizeof(ClientHello), sizeof(InterceptHello),
1, 1,
client_hello__field_descriptors, intercept_hello__field_descriptors,
client_hello__field_indices_by_name, intercept_hello__field_indices_by_name,
1, client_hello__number_ranges, 1, intercept_hello__number_ranges,
(ProtobufCMessageInit) client_hello__init, (ProtobufCMessageInit) intercept_hello__init,
NULL,NULL,NULL /* reserved[123] */ NULL,NULL,NULL /* reserved[123] */
}; };
static const ProtobufCFieldDescriptor hello_response__field_descriptors[3] = static const ProtobufCFieldDescriptor hello_response__field_descriptors[3] =

6
src/intercept.proto
View File

@@ -7,7 +7,7 @@ syntax = "proto3";
message InterceptRequest { message InterceptRequest {
oneof type { oneof type {
PolicyCheckRequest policy_check_req = 1; PolicyCheckRequest policy_check_req = 1;
ClientHello hello = 2; InterceptHello hello = 2;
} }
} }
@@ -15,12 +15,12 @@ message InterceptRequest {
* Hello message from sudo_intercept.so to main sudo process. * Hello message from sudo_intercept.so to main sudo process.
* Sudo sends back the token and localhost port number. * Sudo sends back the token and localhost port number.
*/ */
message ClientHello { message InterceptHello {
int32 pid = 1; int32 pid = 1;
} }
/* /*
* Sudo response to a ClientHello from sudo_intercept.so. * Sudo response to an InterceptHello from sudo_intercept.so.
* The client uses the port number and token to connect back to sudo. * The client uses the port number and token to connect back to sudo.
*/ */
message HelloResponse { message HelloResponse {

6
src/sudo_intercept_common.c
View File

@@ -87,7 +87,7 @@ static bool
send_client_hello(int sock) send_client_hello(int sock)
{ {
InterceptRequest msg = INTERCEPT_REQUEST__INIT; InterceptRequest msg = INTERCEPT_REQUEST__INIT;
ClientHello hello = CLIENT_HELLO__INIT; InterceptHello hello = INTERCEPT_HELLO__INIT;
uint8_t *buf = NULL; uint8_t *buf = NULL;
uint32_t msg_len; uint32_t msg_len;
size_t len; size_t len;
@@ -124,7 +124,7 @@ done:
} }
/* /*
* Receive HelloResponse from sudo over fd. * Receive InterceptResponse from sudo over fd.
*/ */
InterceptResponse * InterceptResponse *
recv_intercept_response(int fd) recv_intercept_response(int fd)
@@ -240,7 +240,7 @@ sudo_interposer_init(void)
} }
/* /*
* Send ClientHello message to over the fd. * Send InterceptHello message to over the fd.
*/ */
if (!send_client_hello(fd)) if (!send_client_hello(fd))
goto done; goto done;