ocserv: Problem dropping privileges on FreeBSD(?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2014-08-16 at 14:30 +0200, Kalle Carlbark wrote:
> Hi all,
> 
> I would like to begin to thank you guys for making openconnect happen!
> 
> I've been successfully compiling and running ocserv on FreeBSD 
> 10.0-RELEASE amd64 with one slight problem. Clients cannot connect 
> because sec-mod thinks the connecting worker peer is uid 0, hence:
> 
> ocserv-0.8.2 run with the following flags:
> 
> $ ocserv -d 9999 -f -c /usr/local/etc/ocserv/ocserv.conf
> 
>  From the log:
> ocserv[93036]: worker: x.x.x.x:30875 sending message 'auth cookie 
> request' to main
> ocserv[93025]: main: x.x.x.x:30875 main received message 'auth cookie 
> request' of 114 bytes
> ocserv[93025]: main: x.x.x.x:30875 new cookie for 'kc' (93036)
> ocserv[93025]: main: x.x.x.x:30875 sending msg sm: session open to sec-mod
> ocserv[93026]: sec-mod: received request from a processes with uid 0
> ocserv[93026]: sec-mod: received unauthorized request from a process 
> with uid 0
> ocserv[93026]: sec-mod: rejected unauthorized connection

Thanks for reporting that. It seems that the uid check wasn't updated in
the bsd part of the code. I've committed a fix in master.

regards,
Nikos





[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux