[sr-dev] git:master:e5dc1506: mi_fifo: if fifo_name does not start with /, create it in run_dir
Daniel-Constantin Mierla
miconda at gmail.com
Tue Apr 28 15:37:11 CEST 2015
Module: kamailio
Branch: master
Commit: e5dc15061be9d3866a8972af9732a3a7a753cc40
URL: https://github.com/kamailio/kamailio/commit/e5dc15061be9d3866a8972af9732a3a7a753cc40
Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2015-04-28T15:15:32+02:00
mi_fifo: if fifo_name does not start with /, create it in run_dir
- better security, /tmp exposes insecure operations, as reported by
Debian project a while ago
- run_dir is by default /var/run/kamailio
- defualt value for fifo_name is now 'kamailio_fifo'
- full default path for fifo is /var/run/kamailio/kamailio_fifo
---
Modified: modules/mi_fifo/mi_fifo.c
---
Diff: https://github.com/kamailio/kamailio/commit/e5dc15061be9d3866a8972af9732a3a7a753cc40.diff
Patch: https://github.com/kamailio/kamailio/commit/e5dc15061be9d3866a8972af9732a3a7a753cc40.patch
---
diff --git a/modules/mi_fifo/mi_fifo.c b/modules/mi_fifo/mi_fifo.c
index 710eec1..b0046ef 100644
--- a/modules/mi_fifo/mi_fifo.c
+++ b/modules/mi_fifo/mi_fifo.c
@@ -60,7 +60,7 @@ static void fifo_process(int rank);
static int mi_destroy(void);
/* FIFO server vars */
-static char *mi_fifo = 0; /*!< FIFO name */
+static char *mi_fifo = NAME "_fifo"; /*!< FIFO name */
static char *mi_fifo_reply_dir = DEFAULT_MI_REPLY_DIR; /*!< dir where reply fifos are allowed */
static char *mi_reply_indent = DEFAULT_MI_REPLY_IDENT;
static int mi_fifo_uid = -1; /*!< Fifo default UID */
@@ -114,12 +114,35 @@ static int mi_mod_init(void)
{
int n;
struct stat filestat;
+ int len;
+ int sep;
+ char *p;
/* checking the mi_fifo module param */
if (mi_fifo==NULL || *mi_fifo == 0) {
LM_ERR("No MI fifo configured\n");
return -1;
}
+ if(*mi_fifo != '/') {
+ if(runtime_dir!=NULL && *runtime_dir!=0) {
+ len = strlen(runtime_dir);
+ sep = 0;
+ if(runtime_dir[len-1]!='/') {
+ sep = 1;
+ }
+ len += sep + strlen(mi_fifo);
+ p = pkg_malloc(len + 1);
+ if(p==NULL) {
+ LM_ERR("no more pkg\n");
+ return -1;
+ }
+ strcpy(p, runtime_dir);
+ if(sep) strcat(p, "/");
+ strcat(p, mi_fifo);
+ mi_fifo = p;
+ LM_DBG("fifo path is [%s]\n", mi_fifo);
+ }
+ }
LM_DBG("testing mi_fifo existance ...\n");
n=stat(mi_fifo, &filestat);
More information about the sr-dev
mailing list