drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-04-19 05:22:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

nfqws, tpws : read cap_last_cap to avoid errors on some systems

Browse Source
This commit is contained in:
bolvan 2019-05-20 20:38:17 +03:00
parent 7504f697ce
commit b8696afdb7
18 changed files with 32 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
binaries/aarch64/nfqws
View File

Binary file not shown.

BIN
binaries/aarch64/tpws
View File

Binary file not shown.

BIN
binaries/armhf/nfqws
View File

Binary file not shown.

BIN
binaries/armhf/tpws
View File

Binary file not shown.

BIN
binaries/mips32r1-lsb/nfqws
View File

Binary file not shown.

BIN
binaries/mips32r1-lsb/tpws
View File

Binary file not shown.

BIN
binaries/mips32r1-msb/nfqws
View File

Binary file not shown.

BIN
binaries/mips32r1-msb/tpws
View File

Binary file not shown.

BIN
binaries/mips64r2-msb/nfqws
View File

Binary file not shown.

BIN
binaries/mips64r2-msb/tpws
View File

Binary file not shown.

BIN
binaries/ppc/nfqws
View File

Binary file not shown.

BIN
binaries/ppc/tpws
View File

Binary file not shown.

BIN
binaries/x86/nfqws
View File

Binary file not shown.

BIN
binaries/x86/tpws
View File

Binary file not shown.

BIN
binaries/x86_64/nfqws
View File

Binary file not shown.

BIN
binaries/x86_64/tpws
View File

Binary file not shown.

22
nfq/nfqws.c
View File

@ -387,23 +387,33 @@ bool setpcap(cap_value_t *caps,int ncaps)
cap_free(capabilities);
return true;
}
int getmaxcap()
{
int maxcap = CAP_LAST_CAP;
FILE *F = fopen("/proc/sys/kernel/cap_last_cap","r");
if (F)
{
fscanf(F,"%d",&maxcap);
fclose(F);
}
return maxcap;
}
bool dropcaps()
{
// must have CAP_SETPCAP at the end. its required to clear bounding set
cap_value_t cap_values[] = {CAP_NET_ADMIN,CAP_SETPCAP};
int capct=sizeof(cap_values)/sizeof(*cap_values);
int maxcap = getmaxcap();
if (setpcap(cap_values, capct))
{
for(int cap=0;cap<=63;cap++)
for(int cap=0;cap<=maxcap;cap++)
{
if (cap_drop_bound(cap))
{
if (errno!=EINVAL)
{
fprintf(stderr,"could not drop cap %d\n",cap);
perror("cap_drop_bound");
}
fprintf(stderr,"could not drop cap %d\n",cap);
perror("cap_drop_bound");
}
}
}

22
tpws/tpws.c
View File

@ -816,23 +816,33 @@ bool setpcap(cap_value_t *caps,int ncaps)
cap_free(capabilities);
return true;
}
int getmaxcap()
{
int maxcap = CAP_LAST_CAP;
FILE *F = fopen("/proc/sys/kernel/cap_last_cap","r");
if (F)
{
fscanf(F,"%d",&maxcap);
fclose(F);
}
return maxcap;
}
bool dropcaps()
{
// must have CAP_SETPCAP at the end. its required to clear bounding set
cap_value_t cap_values[] = {CAP_SETPCAP};
int capct=sizeof(cap_values)/sizeof(*cap_values);
int maxcap = getmaxcap();
if (setpcap(cap_values, capct))
{
for(int cap=0;cap<=63;cap++)
for(int cap=0;cap<=maxcap;cap++)
{
if (cap_drop_bound(cap))
{
if (errno!=EINVAL)
{
fprintf(stderr,"could not drop cap %d\n",cap);
perror("cap_drop_bound");
}
fprintf(stderr,"could not drop cap %d\n",cap);
perror("cap_drop_bound");
}
}
}