From ce2e587000376fffa4c88db087da4d15708eb9b2 Mon Sep 17 00:00:00 2001
From: Janis Streib <janis@dogcraft.de>
Date: Fri, 20 Jun 2014 15:50:05 +0200
Subject: [PATCH] Implemented native Uidset to open a priviliged port

---
 natives/.gitignore                       |  2 ++
 natives/Makefile                         | 12 +++++++
 natives/org_cacert_gigi_natives_SetUID.c | 40 ++++++++++++++++++++++++
 src/org/cacert/gigi/Launcher.java        |  4 ++-
 src/org/cacert/gigi/natives/SetUID.java  | 36 +++++++++++++++++++++
 5 files changed, 93 insertions(+), 1 deletion(-)
 create mode 100644 natives/.gitignore
 create mode 100644 natives/Makefile
 create mode 100644 natives/org_cacert_gigi_natives_SetUID.c
 create mode 100644 src/org/cacert/gigi/natives/SetUID.java

diff --git a/natives/.gitignore b/natives/.gitignore
new file mode 100644
index 00000000..0b5c1b32
--- /dev/null
+++ b/natives/.gitignore
@@ -0,0 +1,2 @@
+/libsetuid.so
+*.h
diff --git a/natives/Makefile b/natives/Makefile
new file mode 100644
index 00000000..ea6f14f1
--- /dev/null
+++ b/natives/Makefile
@@ -0,0 +1,12 @@
+SYSTEM= `uname | awk '{print tolower($0)}'`
+
+
+all: libsetuid.so
+
+libsetuid.so:
+	javah -classpath ../bin/ -jni org.cacert.gigi.natives.SetUID	
+	gcc -o libsetuid.so -shared -I$(JAVA_HOME)/include -I$(JAVA_HOME)/include/$(SYSTEM) org_cacert_gigi_natives_SetUID.c
+
+clean:
+	rm -f *.so
+	rm -f *.h
diff --git a/natives/org_cacert_gigi_natives_SetUID.c b/natives/org_cacert_gigi_natives_SetUID.c
new file mode 100644
index 00000000..7b2068ce
--- /dev/null
+++ b/natives/org_cacert_gigi_natives_SetUID.c
@@ -0,0 +1,40 @@
+#include <jni.h>  
+#include <sys/types.h>
+#include <unistd.h> 
+  
+#ifndef _Included_org_cacert_natives_SetUID  
+#define _Included_org_cacert_natives_SetUID  
+#ifdef __cplusplus  
+extern "C" {  
+#endif  
+  
+jobject getStatus(JNIEnv *env, int successCode, const char * message) {  
+  
+   jstring message_str = (*env)->NewStringUTF(env, message);
+   jboolean success = successCode;  
+   jclass cls = (*env)->FindClass(env, "Lorg/cacert/gigi/natives/SetUID$Status;");  
+   jmethodID constructor = (*env)->GetMethodID(env, cls, "<init>", "(ZLjava/lang/String;)V");  
+   return (*env)->NewObject(env, cls, constructor, success, message_str);  
+}  
+  
+JNIEXPORT jobject JNICALL Java_org_cacert_gigi_natives_SetUID_setUid  
+  (JNIEnv *env, jobject obj, jint uid, jint gid) {  
+if(setgid((int)gid)) {  
+         char str[15];
+	sprintf(str, "%d", gid);
+         return (jobject)getStatus(env, 0, str);  
+      } 
+  
+      if(setuid((int)uid)) {
+	char str[15];
+	sprintf(str, "%d", uid);
+         return (jobject)getStatus(env, 0, str);  
+      }  
+  
+      return (jobject)getStatus(env, 1, "Successfully set uid/gid.");  
+}  
+  
+#ifdef __cplusplus  
+}  
+#endif  
+#endif  
diff --git a/src/org/cacert/gigi/Launcher.java b/src/org/cacert/gigi/Launcher.java
index a64a8fa0..bbfd9aea 100644
--- a/src/org/cacert/gigi/Launcher.java
+++ b/src/org/cacert/gigi/Launcher.java
@@ -12,6 +12,7 @@ import java.util.Collection;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 
+import org.cacert.gigi.natives.SetUID;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.HttpConfiguration;
 import org.eclipse.jetty.server.HttpConnectionFactory;
@@ -26,7 +27,6 @@ import org.eclipse.jetty.util.ssl.SslContextFactory;
 public class Launcher {
 	public static void main(String[] args) throws Exception {
 		Server s = new Server();
-
 		// === SSL HTTP Configuration ===
 		HttpConfiguration https_config = new HttpConfiguration();
 		// for client-cert auth
@@ -42,6 +42,8 @@ public class Launcher {
 		s.setHandler(sh);
 		sh.addServlet(new ServletHolder(new TestServlet()), "/");
 		s.start();
+		SetUID uid = new SetUID();
+		System.out.println(uid.setUid(-2, -2).getMessage());
 	}
 
 	private static SslContextFactory generateSSLContextFactory()
diff --git a/src/org/cacert/gigi/natives/SetUID.java b/src/org/cacert/gigi/natives/SetUID.java
new file mode 100644
index 00000000..25c97a59
--- /dev/null
+++ b/src/org/cacert/gigi/natives/SetUID.java
@@ -0,0 +1,36 @@
+package org.cacert.gigi.natives;
+
+import java.io.File;
+
+/**
+ * Native to use privileged ports on unixoide hosts.
+ * 
+ * @author janis
+ * 
+ */
+public class SetUID {
+	static {
+		System.load(new File("natives/libsetuid.so").getAbsolutePath());
+	}
+
+	public native Status setUid(int uid, int gid);
+
+	public static class Status {
+
+		private boolean success;
+		private String message;
+
+		public Status(boolean success, String message) {
+			this.success = success;
+			this.message = message;
+		}
+
+		public boolean getSuccess() {
+			return success;
+		}
+
+		public String getMessage() {
+			return message;
+		}
+	}
+}
-- 
2.39.2