mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-01-23 17:52:26 -05:00
e76e533a69
Now that we can fchmod() on a pre-bind() socket, use that to lock down the RPC sockets we publish in all CEventLoop-driven programs.
124 lines
3 KiB
C++
124 lines
3 KiB
C++
#include <LibCore/CLocalServer.h>
|
|
#include <LibCore/CLocalSocket.h>
|
|
#include <LibCore/CNotifier.h>
|
|
#include <stdio.h>
|
|
#include <sys/socket.h>
|
|
#include <sys/stat.h>
|
|
#include <unistd.h>
|
|
#ifndef SOCK_NONBLOCK
|
|
#include <sys/ioctl.h>
|
|
#endif
|
|
|
|
CLocalServer::CLocalServer(CObject* parent)
|
|
: CObject(parent)
|
|
{
|
|
}
|
|
|
|
CLocalServer::~CLocalServer()
|
|
{
|
|
}
|
|
|
|
bool CLocalServer::take_over_from_system_server()
|
|
{
|
|
if (m_listening)
|
|
return false;
|
|
|
|
constexpr auto socket_takeover = "SOCKET_TAKEOVER";
|
|
|
|
if (getenv(socket_takeover)) {
|
|
dbg() << "Taking the socket over from SystemServer";
|
|
|
|
// Sanity check: it has to be a socket.
|
|
struct stat stat;
|
|
int rc = fstat(3, &stat);
|
|
if (rc == 0 && S_ISSOCK(stat.st_mode)) {
|
|
// The SystemServer has passed us the socket as fd 3,
|
|
// so use that instead of creating our own.
|
|
m_fd = 3;
|
|
// It had to be !CLOEXEC for obvious reasons, but we
|
|
// don't need it to be !CLOEXEC anymore, so set the
|
|
// CLOEXEC flag now.
|
|
fcntl(m_fd, F_SETFD, FD_CLOEXEC);
|
|
// We wouldn't want our children to think we're passing
|
|
// them a socket either, so unset the env variable.
|
|
unsetenv(socket_takeover);
|
|
|
|
m_listening = true;
|
|
setup_notifier();
|
|
return true;
|
|
} else {
|
|
if (rc != 0)
|
|
perror("fstat");
|
|
dbg() << "It's not a socket, what the heck??";
|
|
}
|
|
}
|
|
|
|
dbg() << "Failed to take the socket over from SystemServer";
|
|
|
|
return false;
|
|
}
|
|
|
|
void CLocalServer::setup_notifier()
|
|
{
|
|
m_notifier = CNotifier::construct(m_fd, CNotifier::Event::Read, this);
|
|
m_notifier->on_ready_to_read = [this] {
|
|
if (on_ready_to_accept)
|
|
on_ready_to_accept();
|
|
};
|
|
}
|
|
|
|
bool CLocalServer::listen(const String& address)
|
|
{
|
|
if (m_listening)
|
|
return false;
|
|
|
|
int rc;
|
|
|
|
#ifdef SOCK_NONBLOCK
|
|
m_fd = socket(AF_LOCAL, SOCK_STREAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0);
|
|
#else
|
|
m_fd = socket(AF_LOCAL, SOCK_STREAM, 0);
|
|
int option = 1;
|
|
ioctl(m_fd, FIONBIO, &option);
|
|
fcntl(m_fd, F_SETFD, FD_CLOEXEC);
|
|
#endif
|
|
ASSERT(m_fd >= 0);
|
|
|
|
rc = fchmod(m_fd, 0600);
|
|
if (rc < 0) {
|
|
perror("fchmod");
|
|
ASSERT_NOT_REACHED();
|
|
}
|
|
|
|
auto socket_address = CSocketAddress::local(address);
|
|
auto un = socket_address.to_sockaddr_un();
|
|
rc = ::bind(m_fd, (const sockaddr*)&un, sizeof(un));
|
|
if (rc < 0) {
|
|
perror("bind");
|
|
ASSERT_NOT_REACHED();
|
|
}
|
|
|
|
rc = ::listen(m_fd, 5);
|
|
if (rc < 0) {
|
|
perror("listen");
|
|
ASSERT_NOT_REACHED();
|
|
}
|
|
|
|
m_listening = true;
|
|
setup_notifier();
|
|
return true;
|
|
}
|
|
|
|
RefPtr<CLocalSocket> CLocalServer::accept()
|
|
{
|
|
ASSERT(m_listening);
|
|
sockaddr_un un;
|
|
socklen_t un_size = sizeof(un);
|
|
int accepted_fd = ::accept(m_fd, (sockaddr*)&un, &un_size);
|
|
if (accepted_fd < 0) {
|
|
perror("accept");
|
|
return nullptr;
|
|
}
|
|
|
|
return CLocalSocket::construct(accepted_fd);
|
|
}
|