From 6d2eaf548d092826017d96443b54d656f05676cf Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sat, 1 Oct 2016 16:25:36 -0400
Subject: moved libx11 to libconnect

---
 src/firejail/fs_trace.c     |  2 +-
 src/libconnect/Makefile.in  | 25 +++++++++++++++++
 src/libconnect/libconnect.c | 66 +++++++++++++++++++++++++++++++++++++++++++++
 src/libx11/Makefile.in      | 25 -----------------
 src/libx11/libx11.c         | 66 ---------------------------------------------
 5 files changed, 92 insertions(+), 92 deletions(-)
 create mode 100644 src/libconnect/Makefile.in
 create mode 100644 src/libconnect/libconnect.c
 delete mode 100644 src/libx11/Makefile.in
 delete mode 100644 src/libx11/libx11.c

(limited to 'src')

diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c
index 861b8a9a7..78fc8a647 100644
--- a/src/firejail/fs_trace.c
+++ b/src/firejail/fs_trace.c
@@ -64,7 +64,7 @@ void fs_trace(void) {
 	}	
 
 	if (mask_x11_abstract_socket)
-		fprintf(fp, "%s/firejail/libx11.so\n", LIBDIR);
+		fprintf(fp, "%s/firejail/libconnect.so\n", LIBDIR);
 
 	SET_PERMS_STREAM(fp, 0, 0, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH);
 	fclose(fp);
diff --git a/src/libconnect/Makefile.in b/src/libconnect/Makefile.in
new file mode 100644
index 000000000..5b7a8d0f1
--- /dev/null
+++ b/src/libconnect/Makefile.in
@@ -0,0 +1,25 @@
+PREFIX=@prefix@
+VERSION=@PACKAGE_VERSION@
+NAME=@PACKAGE_NAME@
+HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
+
+H_FILE_LIST       = $(sort $(wildcard *.[h]))
+C_FILE_LIST       = $(sort $(wildcard *.c))
+OBJS = $(C_FILE_LIST:.c=.o)
+BINOBJS =  $(foreach file, $(OBJS), $file)
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIC -Wformat -Wformat-security
+LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now 
+
+all: libconnect.so
+
+%.o : %.c $(H_FILE_LIST)
+	$(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
+
+libconnect.so: $(OBJS)
+	$(CC) $(LDFLAGS) -shared -fPIC -z relro -o $@ $(OBJS) -ldl
+
+
+clean:; rm -f $(OBJS) libconnect.so
+
+distclean: clean
+	rm -fr Makefile
diff --git a/src/libconnect/libconnect.c b/src/libconnect/libconnect.c
new file mode 100644
index 000000000..18c4d81f5
--- /dev/null
+++ b/src/libconnect/libconnect.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2014-2016 Firejail Authors
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/un.h>
+#include <sys/stat.h>
+#include <dirent.h>
+#include <errno.h>
+
+//#define DEBUG
+
+//static int check_sockaddr(int sockfd, const char *call, const struct sockaddr *addr, int rv) {
+static int check_sockaddr(const struct sockaddr *addr) {
+	if (addr->sa_family == AF_UNIX) {
+		struct sockaddr_un *a = (struct sockaddr_un *) addr;
+		if (a->sun_path[0] == '\0' && strstr(a->sun_path + 1, "X11-unix")) {
+//			printf("@%s\n", a->sun_path + 1);
+			errno = ENOENT;
+			return -1;
+		}
+	}
+	
+	return 0;
+}
+
+//
+// syscalls
+//
+
+// connect
+typedef int (*orig_connect_t)(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
+static orig_connect_t orig_connect = NULL;
+int connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen) {
+	if (!orig_connect)
+		orig_connect = (orig_connect_t)dlsym(RTLD_NEXT, "connect");
+			
+	if (check_sockaddr(addr) == -1)
+		return -1;
+		
+ 	return orig_connect(sockfd, addr, addrlen);
+}
diff --git a/src/libx11/Makefile.in b/src/libx11/Makefile.in
deleted file mode 100644
index 2dfef8076..000000000
--- a/src/libx11/Makefile.in
+++ /dev/null
@@ -1,25 +0,0 @@
-PREFIX=@prefix@
-VERSION=@PACKAGE_VERSION@
-NAME=@PACKAGE_NAME@
-HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
-
-H_FILE_LIST       = $(sort $(wildcard *.[h]))
-C_FILE_LIST       = $(sort $(wildcard *.c))
-OBJS = $(C_FILE_LIST:.c=.o)
-BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIC -Wformat -Wformat-security
-LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now 
-
-all: libx11.so
-
-%.o : %.c $(H_FILE_LIST)
-	$(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
-
-libx11.so: $(OBJS)
-	$(CC) $(LDFLAGS) -shared -fPIC -z relro -o $@ $(OBJS) -ldl
-
-
-clean:; rm -f $(OBJS) libx11.so
-
-distclean: clean
-	rm -fr Makefile
diff --git a/src/libx11/libx11.c b/src/libx11/libx11.c
deleted file mode 100644
index 208fb65ed..000000000
--- a/src/libx11/libx11.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright (C) 2014-2016 Firejail Authors
- *
- * This file is part of firejail project
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-*/
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <dlfcn.h>
-#include <sys/types.h>
-#include <unistd.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <sys/un.h>
-#include <sys/stat.h>
-#include <dirent.h>
-#include <errno.h>
-
-//#define DEBUG
-
-//static int check_sockaddr(int sockfd, const char *call, const struct sockaddr *addr, int rv) {
-static int check_sockaddr(const struct sockaddr *addr) {
-	if (addr->sa_family == AF_UNIX) {
-		struct sockaddr_un *a = (struct sockaddr_un *) addr;
-		if (a->sun_path[0] == '\0') {
-//			printf("@%s\n", a->sun_path + 1);
-			errno = ENOENT;
-			return -1;
-		}
-	}
-	
-	return 0;
-}
-
-//
-// syscalls
-//
-
-// connect
-typedef int (*orig_connect_t)(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
-static orig_connect_t orig_connect = NULL;
-int connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen) {
-	if (!orig_connect)
-		orig_connect = (orig_connect_t)dlsym(RTLD_NEXT, "connect");
-			
-	if (check_sockaddr(addr) == -1)
-		return -1;
-		
- 	return orig_connect(sockfd, addr, addrlen);
-}
-- 
cgit v1.2.3-70-g09d2