nfqws, tpws : loop through 0..63 caps (for future). do not fail on error

2025-05-24 22:32:58 +03:00 · 2019-05-20 16:59:48 +03:00
parent 12f530b287
commit 9b91c3430c
26 changed files with 13 additions and 6 deletions
--- a/binaries/aarch64/mdig
+++ b/binaries/aarch64/mdig
--- a/binaries/aarch64/nfqws
+++ b/binaries/aarch64/nfqws
--- a/binaries/aarch64/tpws
+++ b/binaries/aarch64/tpws
--- a/binaries/armhf/mdig
+++ b/binaries/armhf/mdig
--- a/binaries/armhf/nfqws
+++ b/binaries/armhf/nfqws
--- a/binaries/armhf/tpws
+++ b/binaries/armhf/tpws
--- a/binaries/mips32r1-lsb/mdig
+++ b/binaries/mips32r1-lsb/mdig
--- a/binaries/mips32r1-lsb/nfqws
+++ b/binaries/mips32r1-lsb/nfqws
--- a/binaries/mips32r1-lsb/tpws
+++ b/binaries/mips32r1-lsb/tpws
--- a/binaries/mips32r1-msb/mdig
+++ b/binaries/mips32r1-msb/mdig
--- a/binaries/mips32r1-msb/nfqws
+++ b/binaries/mips32r1-msb/nfqws
--- a/binaries/mips32r1-msb/tpws
+++ b/binaries/mips32r1-msb/tpws
--- a/binaries/mips64r2-msb/mdig
+++ b/binaries/mips64r2-msb/mdig
--- a/binaries/mips64r2-msb/nfqws
+++ b/binaries/mips64r2-msb/nfqws
--- a/binaries/mips64r2-msb/tpws
+++ b/binaries/mips64r2-msb/tpws
--- a/binaries/ppc/mdig
+++ b/binaries/ppc/mdig
--- a/binaries/ppc/nfqws
+++ b/binaries/ppc/nfqws
--- a/binaries/ppc/tpws
+++ b/binaries/ppc/tpws
--- a/binaries/x86/mdig
+++ b/binaries/x86/mdig
--- a/binaries/x86/nfqws
+++ b/binaries/x86/nfqws
--- a/binaries/x86/tpws
+++ b/binaries/x86/tpws
--- a/binaries/x86_64/mdig
+++ b/binaries/x86_64/mdig
--- a/binaries/x86_64/nfqws
+++ b/binaries/x86_64/nfqws
--- a/binaries/x86_64/tpws
+++ b/binaries/x86_64/tpws
--- a/nfq/nfqws.c
+++ b/nfq/nfqws.c
@@ -15,6 +15,7 @@
 #include <pwd.h>
 #include <sys/capability.h>
 #include <sys/prctl.h>
+#include <errno.h>

 bool proto_check_ipv4(unsigned char *data,int len)
 {
@@ -394,12 +395,15 @@ bool dropcaps()

 	if (setpcap(cap_values, capct))
 	{
-		for(int cap=0;cap<=CAP_LAST_CAP;cap++)
+		for(int cap=0;cap<=63;cap++)
 		{
 			if (cap_drop_bound(cap))
 			{
-				perror("cap_drop_bound");
-				return false;
+				if (errno!=EINVAL)
+				{
+					fprintf(stderr,"could not drop cap %d\n",cap);
+					perror("cap_drop_bound");
+				}
 			}
 		}
 	}
--- a/tpws/tpws.c
+++ b/tpws/tpws.c
@@ -824,12 +824,15 @@ bool dropcaps()

 	if (setpcap(cap_values, capct))
 	{
-		for(int cap=0;cap<=CAP_LAST_CAP;cap++)
+		for(int cap=0;cap<=63;cap++)
 		{
 			if (cap_drop_bound(cap))
 			{
-				perror("cap_drop_bound");
-				return false;
+				if (errno!=EINVAL)
+				{
+					fprintf(stderr,"could not drop cap %d\n",cap);
+					perror("cap_drop_bound");
+				}
 			}
 		}
 	}