diff options
author | Baptiste Daroussin <bapt@FreeBSD.org> | 2017-02-20 00:14:31 +0000 |
---|---|---|
committer | Baptiste Daroussin <bapt@FreeBSD.org> | 2017-02-20 00:14:31 +0000 |
commit | d8713bf36156f6c6179cc989fc370a7f9a0ca062 (patch) | |
tree | 64424ef80289d108c33eefd3b304034377707e16 /lib/libfetch | |
parent | d893c36a3568d5bf28a900078d6ce42922be6e58 (diff) | |
download | src-test-d8713bf36156f6c6179cc989fc370a7f9a0ca062.tar.gz src-test-d8713bf36156f6c6179cc989fc370a7f9a0ca062.zip |
Add a file descriptor in struct url for netrc
When using libfetch in an application that drops privileges when fetching
like pkg(8) then user complain because the application does not read anymore
${HOME}/.netrc. Now a caller can prepare a fd to the said file and manually
assign it to the structure.
It is also a first step to allow to capsicumize libfetch applications
Reviewed by: allanjude, des
Approved by: des
Differential Revision: https://reviews.freebsd.org/D9678
Notes
Notes:
svn path=/head/; revision=313974
Diffstat (limited to 'lib/libfetch')
-rw-r--r-- | lib/libfetch/common.c | 30 | ||||
-rw-r--r-- | lib/libfetch/fetch.c | 1 | ||||
-rw-r--r-- | lib/libfetch/fetch.h | 1 |
3 files changed, 23 insertions, 9 deletions
diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c index 41453143a11e1..8ec7d018aa3d2 100644 --- a/lib/libfetch/common.c +++ b/lib/libfetch/common.c @@ -1339,16 +1339,11 @@ fetch_read_word(FILE *f) return (word); } -/* - * Get authentication data for a URL from .netrc - */ -int -fetch_netrc_auth(struct url *url) +static int +fetch_netrc_open(void) { + const char *p; char fn[PATH_MAX]; - const char *word; - char *p; - FILE *f; if ((p = getenv("NETRC")) != NULL) { if (snprintf(fn, sizeof(fn), "%s", p) >= (int)sizeof(fn)) { @@ -1368,8 +1363,25 @@ fetch_netrc_auth(struct url *url) return (-1); } - if ((f = fopen(fn, "r")) == NULL) + return (open(fn, O_RDONLY)); +} + +/* + * Get authentication data for a URL from .netrc + */ +int +fetch_netrc_auth(struct url *url) +{ + const char *word; + FILE *f; + + if (url->netrcfd == -2) + url->netrcfd = fetch_netrc_open(); + if (url->netrcfd < 0) + return (-1); + if ((f = fdopen(url->netrcfd, "r")) == NULL) return (-1); + rewind(f); while ((word = fetch_read_word(f)) != NULL) { if (strcmp(word, "default") == 0) { DEBUG(fetch_info("Using default .netrc settings")); diff --git a/lib/libfetch/fetch.c b/lib/libfetch/fetch.c index 8d92bbcb7808e..6b3148ebe27f0 100644 --- a/lib/libfetch/fetch.c +++ b/lib/libfetch/fetch.c @@ -284,6 +284,7 @@ fetchMakeURL(const char *scheme, const char *host, int port, const char *doc, seturl(pwd); #undef seturl u->port = port; + u->netrcfd = -2; return (u); } diff --git a/lib/libfetch/fetch.h b/lib/libfetch/fetch.h index d56a1036a4629..319fca92b8472 100644 --- a/lib/libfetch/fetch.h +++ b/lib/libfetch/fetch.h @@ -47,6 +47,7 @@ struct url { off_t offset; size_t length; time_t ims_time; + int netrcfd; }; struct url_stat { |