diff options
Diffstat (limited to 'plugins-root')
-rw-r--r-- | plugins-root/check_icmp.c | 71 |
1 files changed, 45 insertions, 26 deletions
diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c index 4c17d239..cab69fda 100644 --- a/plugins-root/check_icmp.c +++ b/plugins-root/check_icmp.c | |||
@@ -419,7 +419,7 @@ main(int argc, char **argv) | |||
419 | * that before pointer magic (esp. on network data) */ | 419 | * that before pointer magic (esp. on network data) */ |
420 | icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; | 420 | icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; |
421 | 421 | ||
422 | address_family = AF_INET; | 422 | address_family = -1; |
423 | int icmp_proto = IPPROTO_ICMP; | 423 | int icmp_proto = IPPROTO_ICMP; |
424 | 424 | ||
425 | /* get calling name the old-fashioned way for portability instead | 425 | /* get calling name the old-fashioned way for portability instead |
@@ -526,12 +526,10 @@ main(int argc, char **argv) | |||
526 | break; | 526 | break; |
527 | case '4': | 527 | case '4': |
528 | address_family = AF_INET; | 528 | address_family = AF_INET; |
529 | icmp_proto = IPPROTO_ICMP; | ||
530 | break; | 529 | break; |
531 | case '6': | 530 | case '6': |
532 | #ifdef USE_IPV6 | 531 | #ifdef USE_IPV6 |
533 | address_family = AF_INET6; | 532 | address_family = AF_INET6; |
534 | icmp_proto = IPPROTO_ICMPV6; | ||
535 | #else | 533 | #else |
536 | usage (_("IPv6 support not available\n")); | 534 | usage (_("IPv6 support not available\n")); |
537 | #endif | 535 | #endif |
@@ -540,29 +538,6 @@ main(int argc, char **argv) | |||
540 | } | 538 | } |
541 | } | 539 | } |
542 | 540 | ||
543 | if((icmp_sock = socket(address_family, SOCK_RAW, icmp_proto)) != -1) | ||
544 | sockets |= HAVE_ICMP; | ||
545 | else icmp_sockerrno = errno; | ||
546 | |||
547 | /* if((udp_sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) != -1) */ | ||
548 | /* sockets |= HAVE_UDP; */ | ||
549 | /* else udp_sockerrno = errno; */ | ||
550 | |||
551 | /* if((tcp_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1) */ | ||
552 | /* sockets |= HAVE_TCP; */ | ||
553 | /* else tcp_sockerrno = errno; */ | ||
554 | |||
555 | /* now drop privileges (no effect if not setsuid or geteuid() == 0) */ | ||
556 | if (setuid(getuid()) == -1) { | ||
557 | printf("ERROR: Failed to drop privileges\n"); | ||
558 | return 1; | ||
559 | } | ||
560 | |||
561 | #ifdef SO_TIMESTAMP | ||
562 | if(setsockopt(icmp_sock, SOL_SOCKET, SO_TIMESTAMP, &on, sizeof(on))) | ||
563 | if(debug) printf("Warning: no SO_TIMESTAMP support\n"); | ||
564 | #endif // SO_TIMESTAMP | ||
565 | |||
566 | /* POSIXLY_CORRECT might break things, so unset it (the portable way) */ | 541 | /* POSIXLY_CORRECT might break things, so unset it (the portable way) */ |
567 | environ = NULL; | 542 | environ = NULL; |
568 | 543 | ||
@@ -593,6 +568,37 @@ main(int argc, char **argv) | |||
593 | exit(3); | 568 | exit(3); |
594 | } | 569 | } |
595 | 570 | ||
571 | // add_target might change address_family | ||
572 | switch ( address_family ){ | ||
573 | case AF_INET: icmp_proto = IPPROTO_ICMP; | ||
574 | break; | ||
575 | case AF_INET6: icmp_proto = IPPROTO_ICMPV6; | ||
576 | break; | ||
577 | default: crash("Address family not supported"); | ||
578 | } | ||
579 | if((icmp_sock = socket(address_family, SOCK_RAW, icmp_proto)) != -1) | ||
580 | sockets |= HAVE_ICMP; | ||
581 | else icmp_sockerrno = errno; | ||
582 | |||
583 | /* if((udp_sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) != -1) */ | ||
584 | /* sockets |= HAVE_UDP; */ | ||
585 | /* else udp_sockerrno = errno; */ | ||
586 | |||
587 | /* if((tcp_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1) */ | ||
588 | /* sockets |= HAVE_TCP; */ | ||
589 | /* else tcp_sockerrno = errno; */ | ||
590 | |||
591 | #ifdef SO_TIMESTAMP | ||
592 | if(setsockopt(icmp_sock, SOL_SOCKET, SO_TIMESTAMP, &on, sizeof(on))) | ||
593 | if(debug) printf("Warning: no SO_TIMESTAMP support\n"); | ||
594 | #endif // SO_TIMESTAMP | ||
595 | |||
596 | /* now drop privileges (no effect if not setsuid or geteuid() == 0) */ | ||
597 | if (setuid(getuid()) == -1) { | ||
598 | printf("ERROR: Failed to drop privileges\n"); | ||
599 | return 1; | ||
600 | } | ||
601 | |||
596 | if(!sockets) { | 602 | if(!sockets) { |
597 | if(icmp_sock == -1) { | 603 | if(icmp_sock == -1) { |
598 | errno = icmp_sockerrno; | 604 | errno = icmp_sockerrno; |
@@ -1319,6 +1325,19 @@ add_target(char *arg) | |||
1319 | struct sockaddr_in6 *sin6; | 1325 | struct sockaddr_in6 *sin6; |
1320 | 1326 | ||
1321 | switch (address_family) { | 1327 | switch (address_family) { |
1328 | case -1: | ||
1329 | // -4 and -6 are not specified on cmdline | ||
1330 | address_family = AF_INET; | ||
1331 | sin = (struct sockaddr_in *)&ip; | ||
1332 | result = inet_pton(address_family, arg, &sin->sin_addr); | ||
1333 | #ifdef USE_IPV6 | ||
1334 | if( result != 1 ){ | ||
1335 | address_family = AF_INET6; | ||
1336 | sin6 = (struct sockaddr_in6 *)&ip; | ||
1337 | result = inet_pton(address_family, arg, &sin6->sin6_addr); | ||
1338 | } | ||
1339 | #endif | ||
1340 | break; | ||
1322 | case AF_INET: | 1341 | case AF_INET: |
1323 | sin = (struct sockaddr_in *)&ip; | 1342 | sin = (struct sockaddr_in *)&ip; |
1324 | result = inet_pton(address_family, arg, &sin->sin_addr); | 1343 | result = inet_pton(address_family, arg, &sin->sin_addr); |