Index: contrib/tcpdump/addrtoname.c =================================================================== --- contrib/tcpdump/addrtoname.c +++ contrib/tcpdump/addrtoname.c @@ -26,10 +26,10 @@ #include "config.h" #endif -#ifdef HAVE_CASPER +#ifdef WITH_CASPER #include #include -#endif /* HAVE_CASPER */ +#endif /* WITH_CASPER */ #include @@ -202,7 +202,7 @@ static uint32_t f_netmask; static uint32_t f_localnet; -#ifdef HAVE_CASPER +#ifdef WITH_CASPER extern cap_channel_t *capdns; #endif @@ -250,7 +250,7 @@ */ if (!ndo->ndo_nflag && (addr & f_netmask) == f_localnet) { -#ifdef HAVE_CASPER +#ifdef WITH_CASPER if (capdns != NULL) { hp = cap_gethostbyaddr(capdns, (char *)&addr, 4, AF_INET); @@ -311,7 +311,7 @@ * Do not print names if -n was given. */ if (!ndo->ndo_nflag) { -#ifdef HAVE_CASPER +#ifdef WITH_CASPER if (capdns != NULL) { hp = cap_gethostbyaddr(capdns, (char *)&addr, sizeof(addr), AF_INET6); Index: contrib/tcpdump/tcpdump.c =================================================================== --- contrib/tcpdump/tcpdump.c +++ contrib/tcpdump/tcpdump.c @@ -82,10 +82,10 @@ #include #include #include -#ifdef HAVE_CASPER +#ifdef WITH_CASPER #include #include -#endif /* HAVE_CASPER */ +#endif /* WITH_CASPER */ #endif /* HAVE_CAPSICUM */ #include #include @@ -176,7 +176,7 @@ char *program_name; -#ifdef HAVE_CASPER +#ifdef WITH_CASPER cap_channel_t *capdns; #endif @@ -730,7 +730,7 @@ return ret; } -#ifdef HAVE_CASPER +#ifdef WITH_CASPER static cap_channel_t * capdns_setup(void) { @@ -757,7 +757,7 @@ return (capdnsloc); } -#endif /* HAVE_CASPER */ +#endif /* WITH_CASPER */ #ifdef HAVE_PCAP_SET_TSTAMP_PRECISION static int @@ -1839,10 +1839,10 @@ exit_tcpdump(0); } -#ifdef HAVE_CASPER +#ifdef WITH_CASPER if (!ndo->ndo_nflag) capdns = capdns_setup(); -#endif /* HAVE_CASPER */ +#endif /* WITH_CASPER */ init_print(ndo, localnet, netmask, timezone_offset); @@ -2066,11 +2066,11 @@ #ifdef HAVE_CAPSICUM cansandbox = (VFileName == NULL && zflag == NULL); -#ifdef HAVE_CASPER +#ifdef WITH_CASPER cansandbox = (cansandbox && (ndo->ndo_nflag || capdns != NULL)); #else cansandbox = (cansandbox && ndo->ndo_nflag); -#endif /* HAVE_CASPER */ +#endif /* WITH_CASPER */ if (cansandbox && cap_enter() < 0 && errno != ENOSYS) error("unable to enter the capability mode"); #endif /* HAVE_CAPSICUM */ Index: contrib/traceroute/traceroute.c =================================================================== --- contrib/traceroute/traceroute.c +++ contrib/traceroute/traceroute.c @@ -227,7 +227,7 @@ #include -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER #include #include #endif @@ -369,7 +369,7 @@ extern int opterr; extern char *optarg; -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER static cap_channel_t *capdns; #endif @@ -521,7 +521,7 @@ int requestPort = -1; int sump = 0; int sockerrno; -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER const char *types[] = { "NAME", "ADDR" }; int families[1]; cap_channel_t *casper; @@ -556,7 +556,7 @@ exit(1); } -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER casper = cap_init(); if (casper == NULL) errx(1, "unable to create casper process"); @@ -568,7 +568,7 @@ families[0] = AF_INET; if (cap_dns_family_limit(capdns, families, 1) < 0) errx(1, "unable to limit access to system.dns service"); -#endif /* HAVE_LIBCASPER */ +#endif /* WITH_CASPER */ #ifdef IPCTL_DEFTTL { @@ -584,7 +584,7 @@ max_ttl = 30; #endif -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER cap_close(casper); #endif @@ -1006,7 +1006,7 @@ exit(1); } -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER cansandbox = true; #else if (nflag) @@ -1851,7 +1851,7 @@ else { cp = strchr(domain, '.'); if (cp == NULL) { -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (capdns != NULL) hp = cap_gethostbyname(capdns, domain); else @@ -1870,7 +1870,7 @@ } } if (!nflag && in.s_addr != INADDR_ANY) { -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (capdns != NULL) hp = cap_gethostbyaddr(capdns, (char *)&in, sizeof(in), AF_INET); @@ -1922,7 +1922,7 @@ return (hi); } -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (capdns != NULL) hp = cap_gethostbyname(capdns, hostname); else Index: lib/Makefile =================================================================== --- lib/Makefile +++ lib/Makefile @@ -35,6 +35,7 @@ libcalendar \ libcam \ libcapsicum \ + libcasper \ libcompat \ libcrypt \ libdevctl \ @@ -128,7 +129,6 @@ SUBDIR.${MK_BLACKLIST}+=libblacklist SUBDIR.${MK_BLUETOOTH}+=libbluetooth libsdp SUBDIR.${MK_BSNMP}+= libbsnmp -SUBDIR.${MK_CASPER}+= libcasper .if !defined(COMPAT_32BIT) && !defined(COMPAT_SOFTFP) SUBDIR.${MK_CLANG}+= clang Index: lib/libcasper/Makefile.inc =================================================================== --- lib/libcasper/Makefile.inc +++ lib/libcasper/Makefile.inc @@ -1,3 +1,9 @@ # $FreeBSD$ +.include + +.if ${MK_CASPER} != "no" +CFLAGS+=-DWITH_CASPER +.endif + .include "../Makefile.inc" Index: lib/libcasper/libcasper/Makefile =================================================================== --- lib/libcasper/libcasper/Makefile +++ lib/libcasper/libcasper/Makefile @@ -1,16 +1,21 @@ # $FreeBSD$ +.include + PACKAGE=${LIB} -LIB= casper SHLIB_MAJOR= 0 SHLIBDIR?= /lib +.if ${MK_CASPER} != "no" +LIB= casper + SRCS= libcasper.c SRCS+= libcasper_impl.c SRCS+= libcasper_service.c SRCS+= service.c SRCS+= zygote.c +.endif INCS= libcasper.h INCS+= libcasper_service.h Index: lib/libcasper/libcasper/libcasper.h =================================================================== --- lib/libcasper/libcasper/libcasper.h +++ lib/libcasper/libcasper/libcasper.h @@ -1,6 +1,6 @@ /*- * Copyright (c) 2012-2013 The FreeBSD Foundation - * Copyright (c) 2015 Mariusz Zaborski + * Copyright (c) 2015-2017 Mariusz Zaborski * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from @@ -34,6 +34,10 @@ #define _LIBCASPER_H_ #include +#include + +#include +#include #ifndef _NVLIST_T_DECLARED #define _NVLIST_T_DECLARED @@ -44,72 +48,191 @@ #ifndef _CAP_CHANNEL_T_DECLARED #define _CAP_CHANNEL_T_DECLARED +#ifdef WITH_CASPER struct cap_channel; typedef struct cap_channel cap_channel_t; -#endif +#else +struct cap_channel { + int cch_fd; +}; +typedef struct cap_channel cap_channel_t; +#endif /* ! WITH_CASPER */ +#endif /* ! _CAP_CHANNEL_T_DECLARED */ /* * The functions opens unrestricted communication channel to Casper. */ +#ifdef WITH_CASPER cap_channel_t *cap_init(void); +#else +static inline cap_channel_t * +cap_init(void) +{ + cap_channel_t *chan; + + chan = malloc(sizeof(*chan)); + if (chan != NULL) { + chan->cch_fd = -1; + } + return (chan); +} +#endif /* * The functions to communicate with service. */ +#ifdef WITH_CASPER cap_channel_t *cap_service_open(const cap_channel_t *chan, const char *name); int cap_service_limit(const cap_channel_t *chan, const char * const *names, size_t nnames); +#else +#define cap_service_open(chan, name) (cap_init()) +#define cap_service_limit(chan, names, nnames) (0) +#endif /* * The function creates cap_channel_t based on the given socket. */ +#ifdef WITH_CASPER cap_channel_t *cap_wrap(int sock); +#else +static inline cap_channel_t * +cap_wrap(int sock) +{ + cap_channel_t *chan; + + chan = cap_init(); + if (chan != NULL) { + chan->cch_fd = sock; + } + return (chan); +} +#endif /* * The function returns communication socket and frees cap_channel_t. */ +#ifdef WITH_CASPER int cap_unwrap(cap_channel_t *chan); +#else +#define cap_unwrap(chan) (chan->cch_fd) +#endif /* * The function clones the given capability. */ +#ifdef WITH_CASPER cap_channel_t *cap_clone(const cap_channel_t *chan); +#else +static inline cap_channel_t * +cap_clone(const cap_channel_t *chan) +{ + cap_channel_t *newchan; + + newchan = cap_init(); + if (newchan == NULL) { + return (NULL); + } + + if (chan->cch_fd == -1) { + newchan->cch_fd = -1; + } else { + newchan->cch_fd = dup(chan->cch_fd); + if (newchan->cch_fd < 0) { + free(newchan); + newchan = NULL; + } + } + + return (newchan); +} +#endif /* * The function closes the given capability. */ +#ifdef WITH_CASPER void cap_close(cap_channel_t *chan); +#else +static inline void +cap_close(cap_channel_t *chan) +{ + + if (chan->cch_fd >= 0) { + close(chan->cch_fd); + } + free(chan); +} +#endif /* * The function returns socket descriptor associated with the given * cap_channel_t for use with select(2)/kqueue(2)/etc. */ +#ifdef WITH_CASPER int cap_sock(const cap_channel_t *chan); +#else +#define cap_sock(chan) (chan->cch_fd) +#endif /* * The function limits the given capability. * It always destroys 'limits' on return. */ +#ifdef WITH_CASPER int cap_limit_set(const cap_channel_t *chan, nvlist_t *limits); +#else +#define cap_limit_set(chan, limits) (0) +#endif /* * The function returns current limits of the given capability. */ +#ifdef WITH_CASPER int cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp); +#else +static inline int +cap_limit_get(const cap_channel_t *chan __unused, nvlist_t **limitsp) +{ + + *limitsp = nvlist_create(0); + return (0); +} +#endif /* * Function sends nvlist over the given capability. */ +#ifdef WITH_CASPER int cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl); +#else +#define cap_send_nvlist(chan, nvl) (0) +#endif + /* * Function receives nvlist over the given capability. */ +#ifdef WITH_CASPER nvlist_t *cap_recv_nvlist(const cap_channel_t *chan, int flags); +#else +#define cap_recv_nvlist(chan, flags) (0) +#endif + /* * Function sends the given nvlist, destroys it and receives new nvlist in * response over the given capability. */ +#ifdef WITH_CASPER nvlist_t *cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags); +#else +static inline nvlist_t * +cap_xfer_nvlist(const cap_channel_t *chan __unused, nvlist_t *nvl, int flags) +{ + + nvlist_destroy(nvl); + return (nvlist_create(flags)); +} +#endif #endif /* !_LIBCASPER_H_ */ Index: lib/libcasper/services/Makefile =================================================================== --- lib/libcasper/services/Makefile +++ lib/libcasper/services/Makefile @@ -1,5 +1,7 @@ # $FreeBSD$ +.include + SUBDIR= cap_dns SUBDIR+= cap_grp SUBDIR+= cap_pwd Index: lib/libcasper/services/cap_dns/Makefile =================================================================== --- lib/libcasper/services/cap_dns/Makefile +++ lib/libcasper/services/cap_dns/Makefile @@ -5,12 +5,15 @@ .include PACKAGE=libcasper -LIB= cap_dns SHLIB_MAJOR= 0 INCSDIR?= ${INCLUDEDIR}/casper +.if ${MK_CASPER} != "no" +LIB= cap_dns + SRCS= cap_dns.c +.endif INCS= cap_dns.h Index: lib/libcasper/services/cap_dns/Makefile.inc =================================================================== --- /dev/null +++ lib/libcasper/services/cap_dns/Makefile.inc @@ -0,0 +1,3 @@ +# $FreeBSD$ + +.include "../Makefile.inc" Index: lib/libcasper/services/cap_dns/cap_dns.h =================================================================== --- lib/libcasper/services/cap_dns/cap_dns.h +++ lib/libcasper/services/cap_dns/cap_dns.h @@ -37,6 +37,7 @@ struct addrinfo; struct hostent; +#ifdef WITH_CASPER struct hostent *cap_gethostbyname(cap_channel_t *chan, const char *name); struct hostent *cap_gethostbyname2(cap_channel_t *chan, const char *name, int type); @@ -53,5 +54,18 @@ size_t ntypes); int cap_dns_family_limit(cap_channel_t *chan, const int *families, size_t nfamilies); +#else +#define cap_gethostbyname(chan, name) gethostbyname(name) +#define cap_gethostbyname2(chan, name, type) gethostbyname2(name, type) +#define cap_gethostbyaddr(chan, addr, len, type) gethostbyaddr(addr, len, type) + +#define cap_getaddrinfo(chan, hostname, servname, hints, res) \ + getaddrinfo(hostname, servname, hints, res) +#define cap_getnameinfo(chan, sa, salen, host, hostlen, serv, servlen, flags) \ + getnameinfo(sa, salen, host, hostlen, serv, servlen, flags) + +#define cap_dns_type_limit(chan, types, ntypes) (0) +#define cap_dns_family_limit(chan, families, nfamilies) (0) +#endif #endif /* !_CAP_DNS_H_ */ Index: lib/libcasper/services/cap_dns/tests/Makefile =================================================================== --- lib/libcasper/services/cap_dns/tests/Makefile +++ lib/libcasper/services/cap_dns/tests/Makefile @@ -1,9 +1,13 @@ # $FreeBSD$ +.include + TAP_TESTS_C= dns_test +.if ${MK_CASPER} != "no" LIBADD+= casper LIBADD+= cap_dns +.endif LIBADD+= nv WARNS?= 3 Index: lib/libcasper/services/cap_dns/tests/dns_test.c =================================================================== --- lib/libcasper/services/cap_dns/tests/dns_test.c +++ lib/libcasper/services/cap_dns/tests/dns_test.c @@ -31,6 +31,7 @@ __FBSDID("$FreeBSD$"); #include +#include #include #include Index: lib/libcasper/services/cap_grp/Makefile =================================================================== --- lib/libcasper/services/cap_grp/Makefile +++ lib/libcasper/services/cap_grp/Makefile @@ -5,12 +5,15 @@ .include PACKAGE=libcasper -LIB= cap_grp SHLIB_MAJOR= 0 INCSDIR?= ${INCLUDEDIR}/casper +.if ${MK_CASPER} != "no" +LIB= cap_grp + SRCS= cap_grp.c +.endif INCS= cap_grp.h Index: lib/libcasper/services/cap_grp/Makefile.inc =================================================================== --- /dev/null +++ lib/libcasper/services/cap_grp/Makefile.inc @@ -0,0 +1,3 @@ +# $FreeBSD$ + +.include "../Makefile.inc" Index: lib/libcasper/services/cap_grp/cap_grp.h =================================================================== --- lib/libcasper/services/cap_grp/cap_grp.h +++ lib/libcasper/services/cap_grp/cap_grp.h @@ -32,6 +32,7 @@ #ifndef _CAP_GRP_H_ #define _CAP_GRP_H_ +#ifdef WITH_CASPER struct group *cap_getgrent(cap_channel_t *chan); struct group *cap_getgrnam(cap_channel_t *chan, const char *name); struct group *cap_getgrgid(cap_channel_t *chan, gid_t gid); @@ -53,5 +54,32 @@ size_t nfields); int cap_grp_limit_groups(cap_channel_t *chan, const char * const *names, size_t nnames, gid_t *gids, size_t ngids); +#else +#define cap_getgrent(chan) getgrent() +#define cap_getgrnam(chan, name) getgrnam(name) +#define cap_getgrgid(chan, gid) getgrgid(gid) + +#define cap_setgroupent(chan, stayopen) etgroupent(stayopen) +#define endgrent(chan) endgrent() +inline int +cap_setgrent(cap_channel_t *chan __unused) +{ + + setgrent(); + return(0); +} + +#define cap_getgrent_r(chan, grp, buffer, bufsize, result) \ + getgrent_r(grp, buffer, bufsize, result) +#define cap_getgrnam_r(chan, name, grp, buffer, bufsize, result) \ + getgrnam_r(name, grp, buffer, bufsize, result) +#define cap_getgrgid_r(chan, gid, grp, buffer, bufsize, result) \ + getgrgid_r(gid, grp, buffer, bufsize, result) + +#define cap_grp_limit_cmds(chan, cmds, ncmds) (0) +#define cap_grp_limit_fields(chan, fields, nfields) (0) +#define cap_grp_limit_groups(chan, names, nnames, gids, ngids) (0) + +#endif #endif /* !_CAP_GRP_H_ */ Index: lib/libcasper/services/cap_grp/tests/Makefile =================================================================== --- lib/libcasper/services/cap_grp/tests/Makefile +++ lib/libcasper/services/cap_grp/tests/Makefile @@ -1,9 +1,13 @@ # $FreeBSD$ +.include + TAP_TESTS_C= grp_test +.if ${MK_CASPER} != "no" LIBADD+= casper LIBADD+= cap_grp +.endif LIBADD+= nv WARNS?= 3 Index: lib/libcasper/services/cap_grp/tests/grp_test.c =================================================================== --- lib/libcasper/services/cap_grp/tests/grp_test.c +++ lib/libcasper/services/cap_grp/tests/grp_test.c @@ -31,6 +31,7 @@ __FBSDID("$FreeBSD$"); #include +#include #include #include Index: lib/libcasper/services/cap_pwd/Makefile =================================================================== --- lib/libcasper/services/cap_pwd/Makefile +++ lib/libcasper/services/cap_pwd/Makefile @@ -5,12 +5,15 @@ .include PACKAGE=libcasper -LIB= cap_pwd SHLIB_MAJOR= 0 INCSDIR?= ${INCLUDEDIR}/casper +.if ${MK_CASPER} != "no" +LIB= cap_pwd + SRCS= cap_pwd.c +.endif INCS= cap_pwd.h Index: lib/libcasper/services/cap_pwd/Makefile.inc =================================================================== --- /dev/null +++ lib/libcasper/services/cap_pwd/Makefile.inc @@ -0,0 +1,3 @@ +# $FreeBSD$ + +.include "../Makefile.inc" Index: lib/libcasper/services/cap_pwd/cap_pwd.h =================================================================== --- lib/libcasper/services/cap_pwd/cap_pwd.h +++ lib/libcasper/services/cap_pwd/cap_pwd.h @@ -32,6 +32,7 @@ #ifndef _CAP_PWD_H_ #define _CAP_PWD_H_ +#ifdef WITH_CASPER struct passwd *cap_getpwent(cap_channel_t *chan); struct passwd *cap_getpwnam(cap_channel_t *chan, const char *login); struct passwd *cap_getpwuid(cap_channel_t *chan, uid_t uid); @@ -53,5 +54,25 @@ size_t nfields); int cap_pwd_limit_users(cap_channel_t *chan, const char * const *names, size_t nnames, uid_t *uids, size_t nuids); +#else +#define cap_getpwent(chan) getpwent() +#define cap_getpwnam(chan, login) getpwnam(login) +#define cap_getpwuid(chan, uid) getpwuid(uid) + +#define cap_getpwent_r(chan, pwd, buffer, bufsize, result) \ + getpwent_r(pwd, buffer, bufsize, result) +#define cap_getpwnam_r(chan, name, pwd, buffer, bufsize, result) \ + getpwnam_r(name, pwd, buffer, bufsize, result) +#define cap_getpwuid_r(chan, uid, pwd, buffer, bufsize, result) \ + getpwuid_r(uid, pwd, buffer, bufsize, result) + +#define cap_setpassent(chan, stayopen) setpassent(stayopen) +#define cap_setpwent(chan) setpwent() +#define cap_endpwent(chan) endpwent() + +#define cap_pwd_limit_cmds(chan, cmds, ncmds) (0) +#define cap_pwd_limit_fields(chan, fields, nfields) (0) +#define cap_pwd_limit_users(chan, names, nnames, uids, nuids) (0) +#endif #endif /* !_CAP_PWD_H_ */ Index: lib/libcasper/services/cap_pwd/tests/Makefile =================================================================== --- lib/libcasper/services/cap_pwd/tests/Makefile +++ lib/libcasper/services/cap_pwd/tests/Makefile @@ -1,9 +1,13 @@ # $FreeBSD$ +.include + TAP_TESTS_C= pwd_test +.if ${MK_CASPER} != "no" LIBADD+= casper LIBADD+= cap_pwd +.endif LIBADD+= nv WARNS?= 3 Index: lib/libcasper/services/cap_pwd/tests/pwd_test.c =================================================================== --- lib/libcasper/services/cap_pwd/tests/pwd_test.c +++ lib/libcasper/services/cap_pwd/tests/pwd_test.c @@ -31,6 +31,7 @@ __FBSDID("$FreeBSD$"); #include +#include #include #include Index: lib/libcasper/services/cap_random/Makefile =================================================================== --- lib/libcasper/services/cap_random/Makefile +++ lib/libcasper/services/cap_random/Makefile @@ -1,13 +1,18 @@ # $FreeBSD$ +.include + PACKAGE=libcasper -LIB= cap_random SHLIB_MAJOR= 0 SHLIBDIR?= /lib/casper INCSDIR?= ${INCLUDEDIR}/casper +.if ${MK_CASPER} != "no" +LIB= cap_random + SRCS= cap_random.c +.endif INCS= cap_random.h Index: lib/libcasper/services/cap_random/Makefile.inc =================================================================== --- /dev/null +++ lib/libcasper/services/cap_random/Makefile.inc @@ -0,0 +1,3 @@ +# $FreeBSD$ + +.include "../Makefile.inc" Index: lib/libcasper/services/cap_random/cap_random.h =================================================================== --- lib/libcasper/services/cap_random/cap_random.h +++ lib/libcasper/services/cap_random/cap_random.h @@ -32,6 +32,16 @@ #ifndef _CAP_RANDOM_H_ #define _CAP_RANDOM_H_ +#ifdef WITH_CASPER int cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes); +#else +inline int +cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes) +{ + + arc4random_buf(buf, nbytes); + return(0); +} +#endif #endif /* !_CAP_RANDOM_H_ */ Index: lib/libcasper/services/cap_sysctl/Makefile =================================================================== --- lib/libcasper/services/cap_sysctl/Makefile +++ lib/libcasper/services/cap_sysctl/Makefile @@ -5,12 +5,15 @@ .include PACKAGE=libcasper -LIB= cap_sysctl SHLIB_MAJOR= 0 INCSDIR?= ${INCLUDEDIR}/casper +.if ${MK_CASPER} != "no" +LIB= cap_sysctl + SRCS= cap_sysctl.c +.endif INCS= cap_sysctl.h Index: lib/libcasper/services/cap_sysctl/Makefile.inc =================================================================== --- /dev/null +++ lib/libcasper/services/cap_sysctl/Makefile.inc @@ -0,0 +1,3 @@ +# $FreeBSD$ + +.include "../Makefile.inc" Index: lib/libcasper/services/cap_sysctl/cap_sysctl.h =================================================================== --- lib/libcasper/services/cap_sysctl/cap_sysctl.h +++ lib/libcasper/services/cap_sysctl/cap_sysctl.h @@ -37,7 +37,12 @@ #define CAP_SYSCTL_RDWR (CAP_SYSCTL_READ | CAP_SYSCTL_WRITE) #define CAP_SYSCTL_RECURSIVE 0x04 +#ifdef WITH_CASPER int cap_sysctlbyname(cap_channel_t *chan, const char *name, void *oldp, size_t *oldlenp, const void *newp, size_t newlen); +#else +#define cap_sysctlbyname(chan, name, oldp, oldlenp, newp, newlen) \ + sysctlbyname(name, oldp, oldlenp, newp, newlen) +#endif #endif /* !_CAP_SYSCTL_H_ */ Index: lib/libcasper/services/cap_sysctl/tests/Makefile =================================================================== --- lib/libcasper/services/cap_sysctl/tests/Makefile +++ lib/libcasper/services/cap_sysctl/tests/Makefile @@ -1,9 +1,13 @@ # $FreeBSD$ +.include + TAP_TESTS_C= sysctl_test +.if ${MK_CASPER} != "no" LIBADD+= casper LIBADD+= cap_sysctl +.endif LIBADD+= nv WARNS?= 3 Index: sbin/ping/Makefile =================================================================== --- sbin/ping/Makefile +++ sbin/ping/Makefile @@ -14,7 +14,7 @@ .if ${MK_CASPER} != "no" && !defined(RESCUE) LIBADD+= casper LIBADD+= cap_dns -CFLAGS+=-DHAVE_LIBCASPER +CFLAGS+=-DWITH_CASPER .endif .if !defined(RELEASE_CRUNCH) Index: sbin/ping/ping.c =================================================================== --- sbin/ping/ping.c +++ sbin/ping/ping.c @@ -76,7 +76,7 @@ #include #include -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER #include #include #endif @@ -204,13 +204,13 @@ static volatile sig_atomic_t finish_up; static volatile sig_atomic_t siginfo_p; -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER static cap_channel_t *capdns; #endif static void fill(char *, char *); static u_short in_cksum(u_short *, int); -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER static cap_channel_t *capdns_setup(void); #endif static void check_status(void); @@ -563,7 +563,7 @@ if (options & F_PINGFILLED) { fill((char *)datap, payload); } -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER capdns = capdns_setup(); #endif if (source) { @@ -572,7 +572,7 @@ if (inet_aton(source, &sock_in.sin_addr) != 0) { shostname = source; } else { -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (capdns != NULL) hp = cap_gethostbyname2(capdns, source, AF_INET); @@ -606,7 +606,7 @@ if (inet_aton(target, &to->sin_addr) != 0) { hostname = target; } else { -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (capdns != NULL) hp = cap_gethostbyname2(capdns, target, AF_INET); else @@ -624,7 +624,7 @@ hostname = hnamebuf; } -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER /* From now on we will use only reverse DNS lookups. */ if (capdns != NULL) { const char *types[1]; @@ -722,7 +722,7 @@ if (options & F_NUMERIC) cansandbox = true; -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER else if (capdns != NULL) cansandbox = true; #endif @@ -1707,7 +1707,7 @@ if (options & F_NUMERIC) return inet_ntoa(ina); -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (capdns != NULL) hp = cap_gethostbyaddr(capdns, (char *)&ina, 4, AF_INET); else @@ -1791,7 +1791,7 @@ } } -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER static cap_channel_t * capdns_setup(void) { @@ -1817,7 +1817,7 @@ return (capdnsloc); } -#endif /* HAVE_LIBCASPER */ +#endif /* WITH_CASPER */ #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) #define SECOPT " [-P policy]" Index: usr.bin/kdump/Makefile =================================================================== --- usr.bin/kdump/Makefile +++ usr.bin/kdump/Makefile @@ -14,7 +14,7 @@ LIBADD+= casper LIBADD+= cap_grp LIBADD+= cap_pwd -CFLAGS+=-DHAVE_LIBCASPER +CFLAGS+=-DWITH_CASPER .endif #NO_WERROR?= YES Index: usr.bin/kdump/kdump.c =================================================================== --- usr.bin/kdump/kdump.c +++ usr.bin/kdump/kdump.c @@ -56,7 +56,7 @@ #include #include #include -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER #include #endif #include @@ -80,7 +80,7 @@ #include #include "ktrace.h" -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER #include #include @@ -164,7 +164,7 @@ static TAILQ_HEAD(trace_procs, proc_info) trace_procs; -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER static cap_channel_t *cappwd, *capgrp; #endif @@ -193,7 +193,7 @@ (void)localtime(<ime); } -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER static int cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) { @@ -235,7 +235,7 @@ *capgrpp = capgrploc; return (0); } -#endif /* HAVE_LIBCASPER */ +#endif /* WITH_CASPER */ static void print_integer_arg(const char *(*decoder)(int), int value) @@ -443,7 +443,7 @@ strerror_init(); localtime_init(); -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (resolv != 0) { if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { cappwd = NULL; @@ -1829,7 +1829,7 @@ if (resolv == 0) { pwd = NULL; } else { -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (cappwd != NULL) pwd = cap_getpwuid(cappwd, statp->st_uid); else @@ -1843,7 +1843,7 @@ if (resolv == 0) { grp = NULL; } else { -#ifdef HAVE_LIBCASPER +#ifdef WITH_CASPER if (capgrp != NULL) grp = cap_getgrgid(capgrp, statp->st_gid); else Index: usr.sbin/tcpdump/tcpdump/Makefile =================================================================== --- usr.sbin/tcpdump/tcpdump/Makefile +++ usr.sbin/tcpdump/tcpdump/Makefile @@ -190,7 +190,7 @@ .if ${MK_CASPER} != "no" LIBADD+= casper LIBADD+= cap_dns -CFLAGS+=-DHAVE_CASPER +CFLAGS+=-DWITH_CASPER .endif .if ${MK_OPENSSL} != "no" LIBADD+= crypto Index: usr.sbin/tcpdump/tcpdump/config.h =================================================================== --- usr.sbin/tcpdump/tcpdump/config.h +++ usr.sbin/tcpdump/tcpdump/config.h @@ -18,7 +18,7 @@ /* Casper library support available */ /* See Makefile */ -/* #undef HAVE_CASPER */ +/* #undef WITH_CASPER */ /* Define to 1 if you have the `cap_enter' function. */ #define HAVE_CAP_ENTER 1 Index: usr.sbin/traceroute/Makefile =================================================================== --- usr.sbin/traceroute/Makefile +++ usr.sbin/traceroute/Makefile @@ -33,7 +33,7 @@ .if ${MK_CASPER} != "no" LIBADD+= casper LIBADD+= cap_dns -CFLAGS+=-DHAVE_LIBCASPER +CFLAGS+=-DWITH_CASPER .endif CFLAGS+= -I${TRACEROUTE_DISTDIR}