diff -urN httptunnel-3.0.5.orig/hts.c httptunnel-3.0.5/hts.c --- httptunnel-3.0.5.orig/hts.c 2000-08-31 13:43:40.000000000 +0200 +++ httptunnel-3.0.5/hts.c 2004-04-03 18:21:35.000000000 +0200 @@ -13,6 +13,7 @@ #include #include #include +#include #include "common.h" @@ -28,6 +29,8 @@ int strict_content_length; int keep_alive; int max_connection_age; + uid_t user; + gid_t group; } Arguments; int debug_level = 0; @@ -61,6 +64,7 @@ " -S, --strict-content-length always write Content-Length bytes in requests\n" " -V, --version output version information and exit\n" " -p, --pid-file LOCATION write a PID file to LOCATION\n" +" -u, --user run as this user\n" "\n" "Report bugs to %s.\n", me, DEFAULT_HOST_PORT, DEFAULT_KEEP_ALIVE, @@ -84,6 +88,8 @@ arg->strict_content_length = FALSE; arg->keep_alive = DEFAULT_KEEP_ALIVE; arg->max_connection_age = DEFAULT_CONNECTION_MAX_TIME; + arg->user = getuid(); + arg->group = getgid(); for (;;) { @@ -103,10 +109,11 @@ { "forward-port", required_argument, 0, 'F' }, { "content-length", required_argument, 0, 'c' }, { "max-connection-age", required_argument, 0, 'M' }, + { "user", required_argument, 0, 'u' }, { 0, 0, 0, 0 } }; - static const char *short_options = "c:d:F:hk:M:p:SV" + static const char *short_options = "c:d:F:hk:M:p:Su:V" #ifdef DEBUG_MODE "D:l:" #endif @@ -191,6 +198,27 @@ case '?': break; + case 'u': + if (getuid () != 0) + { + fprintf(stderr, "%s: only root are allowed to set uid!\n" + "%s: try '%s --help' for help.\n", + arg->me, arg->me, arg->me); + exit (1); + } + + struct passwd* pw = getpwnam(optarg); + if (pw == NULL) + { + fprintf(stderr, "%s: the user %s was not found.\n", + arg->me, optarg); + exit (1); + } + + arg->user = pw->pw_uid; + arg->group = pw->pw_gid; + break; + default: printf ("?? getopt returned character code 0%o ??\n", c); } @@ -260,6 +288,7 @@ log_notice ("hts (%s) %s started with arguments:", PACKAGE, VERSION); log_notice (" me = %s", arg.me); + log_notice (" uid = %d", arg.user); log_notice (" device = %s", arg.device ? arg.device : "(null)"); log_notice (" port = %d", arg.port); log_notice (" forward_port = %d", arg.forward_port); @@ -270,7 +299,7 @@ log_notice (" pid_filename = %s", arg.pid_filename ? arg.pid_filename : "(null)"); - tunnel = tunnel_new_server (arg.port, arg.content_length); + tunnel = tunnel_new_server (arg.port, arg.content_length, arg.user, arg.group); if (tunnel == NULL) { log_error ("couldn't create tunnel", argv[0]); diff -urN httptunnel-3.0.5.orig/tunnel.c httptunnel-3.0.5/tunnel.c --- httptunnel-3.0.5.orig/tunnel.c 2000-09-14 14:27:27.000000000 +0200 +++ httptunnel-3.0.5/tunnel.c 2004-04-03 17:48:44.000000000 +0200 @@ -1237,7 +1237,7 @@ } Tunnel * -tunnel_new_server (int port, size_t content_length) +tunnel_new_server (int port, size_t content_length, uid_t user, gid_t group) { Tunnel *tunnel; @@ -1274,6 +1274,10 @@ return NULL; } + /* change user */ + setuid (user); + setgid (group); + return tunnel; } diff -urN httptunnel-3.0.5.orig/tunnel.h httptunnel-3.0.5/tunnel.h --- httptunnel-3.0.5.orig/tunnel.h 2000-08-31 13:43:40.000000000 +0200 +++ httptunnel-3.0.5/tunnel.h 2004-04-03 17:49:24.000000000 +0200 @@ -15,7 +15,9 @@ Create a new HTTP tunnel client. Tunnel *tunnel_new_server (int port, - size_t content_length); + size_t content_length, + uid_t user, + gid_t group); Create a new HTTP tunnel server. If LENGTH is 0, the Content-Length of the HTTP GET response will be determined automatically in some way. @@ -67,7 +69,7 @@ extern Tunnel *tunnel_new_client (const char *host, int host_port, const char *proxy, int proxy_port, size_t content_length); -extern Tunnel *tunnel_new_server (int port, size_t content_length); +extern Tunnel *tunnel_new_server (int port, size_t content_length, uid_t user, gid_t group); extern int tunnel_connect (Tunnel *tunnel); extern int tunnel_accept (Tunnel *tunnel); extern int tunnel_pollin_fd (Tunnel *tunnel);