Merge remote-tracking branch 'origin/maint-0.2.6'

This commit is contained in:
Nick Mathewson 2015-05-28 14:06:01 -04:00
commit b66f4cfc9d
4 changed files with 19 additions and 1 deletions

3
changes/bug16030 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (tests):
- Fix a crash in the unit tests on MSVC2013. Fixes bug 16030; bugfix on
0.2.6.2-alpha. Patch from "NewEraCracker".

5
changes/bug16212 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (sandbox, systemd):
- Allow systemd connections to work with the Linux seccomp2 sandbox
code. Fixes bug 16212; bugfix on 0.2.6.2-alpha.
Patch by Peter Palfrader.

View File

@ -170,6 +170,7 @@ static int filter_nopar_gen[] = {
SCMP_SYS(read), SCMP_SYS(read),
SCMP_SYS(rt_sigreturn), SCMP_SYS(rt_sigreturn),
SCMP_SYS(sched_getaffinity), SCMP_SYS(sched_getaffinity),
SCMP_SYS(sendmsg),
SCMP_SYS(set_robust_list), SCMP_SYS(set_robust_list),
#ifdef __NR_sigreturn #ifdef __NR_sigreturn
SCMP_SYS(sigreturn), SCMP_SYS(sigreturn),
@ -547,6 +548,15 @@ sb_socket(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
SCMP_CMP(0, SCMP_CMP_EQ, PF_UNIX), SCMP_CMP(0, SCMP_CMP_EQ, PF_UNIX),
SCMP_CMP_MASKED(1, SOCK_CLOEXEC|SOCK_NONBLOCK, SOCK_STREAM), SCMP_CMP_MASKED(1, SOCK_CLOEXEC|SOCK_NONBLOCK, SOCK_STREAM),
SCMP_CMP(2, SCMP_CMP_EQ, 0)); SCMP_CMP(2, SCMP_CMP_EQ, 0));
if (rc)
return rc;
rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket),
SCMP_CMP(0, SCMP_CMP_EQ, PF_UNIX),
SCMP_CMP_MASKED(1, SOCK_CLOEXEC|SOCK_NONBLOCK, SOCK_DGRAM),
SCMP_CMP(2, SCMP_CMP_EQ, 0));
if (rc)
return rc;
rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket),
SCMP_CMP(0, SCMP_CMP_EQ, PF_NETLINK), SCMP_CMP(0, SCMP_CMP_EQ, PF_NETLINK),

View File

@ -420,6 +420,7 @@ new_fake_channel(void)
chan->close = chan_test_close; chan->close = chan_test_close;
chan->get_overhead_estimate = chan_test_get_overhead_estimate; chan->get_overhead_estimate = chan_test_get_overhead_estimate;
chan->get_remote_descr = chan_test_get_remote_descr;
chan->num_bytes_queued = chan_test_num_bytes_queued; chan->num_bytes_queued = chan_test_num_bytes_queued;
chan->num_cells_writeable = chan_test_num_cells_writeable; chan->num_cells_writeable = chan_test_num_cells_writeable;
chan->write_cell = chan_test_write_cell; chan->write_cell = chan_test_write_cell;
@ -615,7 +616,6 @@ test_channel_dumpstats(void *arg)
/* Test channel_dump_statistics */ /* Test channel_dump_statistics */
ch->describe_transport = chan_test_describe_transport; ch->describe_transport = chan_test_describe_transport;
ch->dumpstats = chan_test_dumpstats; ch->dumpstats = chan_test_dumpstats;
ch->get_remote_descr = chan_test_get_remote_descr;
ch->is_canonical = chan_test_is_canonical; ch->is_canonical = chan_test_is_canonical;
old_count = test_dumpstats_calls; old_count = test_dumpstats_calls;
channel_dump_statistics(ch, LOG_DEBUG); channel_dump_statistics(ch, LOG_DEBUG);