Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge remote-tracking branch 'origin/maint-0.2.6'

Nick Mathewson 9 years ago
parent
5dce1829bf 97330ced0c
commit
b66f4cfc9d
4 changed files with 19 additions and 1 deletions
Split View Show Diff Stats
  1. 3 0
      changes/bug16030
  2. 5 0
      changes/bug16212
  3. 10 0
      src/common/sandbox.c
  4. 1 1
      src/test/test_channel.c

+ 3 - 0
changes/bug16030
View File 

@@ -0,0 +1,3 @@
 
+  o Minor bugfixes (tests):
 
+    - Fix a crash in the unit tests on MSVC2013.  Fixes bug 16030; bugfix on
 
+      0.2.6.2-alpha.  Patch from "NewEraCracker".

+ 5 - 0
changes/bug16212
View File 

@@ -0,0 +1,5 @@
 
+  o Minor bugfixes (sandbox, systemd):
 
+    - Allow systemd connections to work with the Linux seccomp2 sandbox
 
+      code.  Fixes bug 16212; bugfix on 0.2.6.2-alpha.
 
+      Patch by Peter Palfrader.
 
+

+ 10 - 0
src/common/sandbox.c
View File 

@@ -170,6 +170,7 @@ static int filter_nopar_gen[] = {
 
     SCMP_SYS(read),
 
     SCMP_SYS(rt_sigreturn),
 
     SCMP_SYS(sched_getaffinity),
 
+    SCMP_SYS(sendmsg),
 
     SCMP_SYS(set_robust_list),
 
 #ifdef __NR_sigreturn
 
     SCMP_SYS(sigreturn),
 
@@ -547,6 +548,15 @@ sb_socket(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 
       SCMP_CMP(0, SCMP_CMP_EQ, PF_UNIX),
 
       SCMP_CMP_MASKED(1, SOCK_CLOEXEC|SOCK_NONBLOCK, SOCK_STREAM),
 
       SCMP_CMP(2, SCMP_CMP_EQ, 0));
 
+  if (rc)
 
+    return rc;
 
+
 
+  rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket),
 
+      SCMP_CMP(0, SCMP_CMP_EQ, PF_UNIX),
 
+      SCMP_CMP_MASKED(1, SOCK_CLOEXEC|SOCK_NONBLOCK, SOCK_DGRAM),
 
+      SCMP_CMP(2, SCMP_CMP_EQ, 0));
 
+  if (rc)
 
+    return rc;
 
 
   rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket),
 
       SCMP_CMP(0, SCMP_CMP_EQ, PF_NETLINK),

+ 1 - 1
src/test/test_channel.c
View File 

@@ -420,6 +420,7 @@ new_fake_channel(void)
 
 
   chan->close = chan_test_close;
 
   chan->get_overhead_estimate = chan_test_get_overhead_estimate;
 
+  chan->get_remote_descr = chan_test_get_remote_descr;
 
   chan->num_bytes_queued = chan_test_num_bytes_queued;
 
   chan->num_cells_writeable = chan_test_num_cells_writeable;
 
   chan->write_cell = chan_test_write_cell;
 
@@ -615,7 +616,6 @@ test_channel_dumpstats(void *arg)
 
   /* Test channel_dump_statistics */
 
   ch->describe_transport = chan_test_describe_transport;
 
   ch->dumpstats = chan_test_dumpstats;
 
-  ch->get_remote_descr = chan_test_get_remote_descr;
 
   ch->is_canonical = chan_test_is_canonical;
 
   old_count = test_dumpstats_calls;
 
   channel_dump_statistics(ch, LOG_DEBUG);