Implemented native Uidset to open a priviliged port
authorJanis Streib <janis@dogcraft.de>
Fri, 20 Jun 2014 13:50:05 +0000 (15:50 +0200)
committerFelix Dörre <felix@dogcraft.de>
Sat, 21 Jun 2014 14:27:11 +0000 (16:27 +0200)
natives/.gitignore [new file with mode: 0644]
natives/Makefile [new file with mode: 0644]
natives/org_cacert_gigi_natives_SetUID.c [new file with mode: 0644]
src/org/cacert/gigi/Launcher.java
src/org/cacert/gigi/natives/SetUID.java [new file with mode: 0644]

diff --git a/natives/.gitignore b/natives/.gitignore
new file mode 100644 (file)
index 0000000..0b5c1b3
--- /dev/null
@@ -0,0 +1,2 @@
+/libsetuid.so
+*.h
diff --git a/natives/Makefile b/natives/Makefile
new file mode 100644 (file)
index 0000000..ea6f14f
--- /dev/null
@@ -0,0 +1,12 @@
+SYSTEM= `uname | awk '{print tolower($0)}'`
+
+
+all: libsetuid.so
+
+libsetuid.so:
+       javah -classpath ../bin/ -jni org.cacert.gigi.natives.SetUID    
+       gcc -o libsetuid.so -shared -I$(JAVA_HOME)/include -I$(JAVA_HOME)/include/$(SYSTEM) org_cacert_gigi_natives_SetUID.c
+
+clean:
+       rm -f *.so
+       rm -f *.h
diff --git a/natives/org_cacert_gigi_natives_SetUID.c b/natives/org_cacert_gigi_natives_SetUID.c
new file mode 100644 (file)
index 0000000..7b2068c
--- /dev/null
@@ -0,0 +1,40 @@
+#include <jni.h>  
+#include <sys/types.h>
+#include <unistd.h> 
+  
+#ifndef _Included_org_cacert_natives_SetUID  
+#define _Included_org_cacert_natives_SetUID  
+#ifdef __cplusplus  
+extern "C" {  
+#endif  
+  
+jobject getStatus(JNIEnv *env, int successCode, const char * message) {  
+  
+   jstring message_str = (*env)->NewStringUTF(env, message);
+   jboolean success = successCode;  
+   jclass cls = (*env)->FindClass(env, "Lorg/cacert/gigi/natives/SetUID$Status;");  
+   jmethodID constructor = (*env)->GetMethodID(env, cls, "<init>", "(ZLjava/lang/String;)V");  
+   return (*env)->NewObject(env, cls, constructor, success, message_str);  
+}  
+  
+JNIEXPORT jobject JNICALL Java_org_cacert_gigi_natives_SetUID_setUid  
+  (JNIEnv *env, jobject obj, jint uid, jint gid) {  
+if(setgid((int)gid)) {  
+         char str[15];
+       sprintf(str, "%d", gid);
+         return (jobject)getStatus(env, 0, str);  
+      } 
+  
+      if(setuid((int)uid)) {
+       char str[15];
+       sprintf(str, "%d", uid);
+         return (jobject)getStatus(env, 0, str);  
+      }  
+  
+      return (jobject)getStatus(env, 1, "Successfully set uid/gid.");  
+}  
+  
+#ifdef __cplusplus  
+}  
+#endif  
+#endif  
index a64a8fa00f494873a22ddff47fdf290aec2fed6d..bbfd9aea7fecf85d0b9e55b1366ccd5e4af81244 100644 (file)
@@ -12,6 +12,7 @@ import java.util.Collection;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 
+import org.cacert.gigi.natives.SetUID;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.HttpConfiguration;
 import org.eclipse.jetty.server.HttpConnectionFactory;
@@ -26,7 +27,6 @@ import org.eclipse.jetty.util.ssl.SslContextFactory;
 public class Launcher {
        public static void main(String[] args) throws Exception {
                Server s = new Server();
-
                // === SSL HTTP Configuration ===
                HttpConfiguration https_config = new HttpConfiguration();
                // for client-cert auth
@@ -42,6 +42,8 @@ public class Launcher {
                s.setHandler(sh);
                sh.addServlet(new ServletHolder(new TestServlet()), "/");
                s.start();
+               SetUID uid = new SetUID();
+               System.out.println(uid.setUid(-2, -2).getMessage());
        }
 
        private static SslContextFactory generateSSLContextFactory()
diff --git a/src/org/cacert/gigi/natives/SetUID.java b/src/org/cacert/gigi/natives/SetUID.java
new file mode 100644 (file)
index 0000000..25c97a5
--- /dev/null
@@ -0,0 +1,36 @@
+package org.cacert.gigi.natives;
+
+import java.io.File;
+
+/**
+ * Native to use privileged ports on unixoide hosts.
+ * 
+ * @author janis
+ * 
+ */
+public class SetUID {
+       static {
+               System.load(new File("natives/libsetuid.so").getAbsolutePath());
+       }
+
+       public native Status setUid(int uid, int gid);
+
+       public static class Status {
+
+               private boolean success;
+               private String message;
+
+               public Status(boolean success, String message) {
+                       this.success = success;
+                       this.message = message;
+               }
+
+               public boolean getSuccess() {
+                       return success;
+               }
+
+               public String getMessage() {
+                       return message;
+               }
+       }
+}