~mdw / secnet / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 83e03ca) | patch
polypath: Provide privsep mode
authorIan Jackson <ijackson@chiark.greenend.org.uk>
Wed, 1 Oct 2014 17:19:20 +0000 (18:19 +0100)
committerIan Jackson <ijackson@chiark.greenend.org.uk>
Tue, 21 Oct 2014 00:07:12 +0000 (01:07 +0100)
commit93cdea57befc5f3ba37a087f827bf02f5768a4a5
tree55c518e1faa0ad517875042767ae0879281abefatree | snapshot (tar.gz zip)
parent83e03cacb4b2380e610b3e86a11b95a295776037commit | diff
polypath: Provide privsep mode

If secnet is going to drop privileges, it won't be able to call
setsockopt(,,SO_BINDTODEVICE,) to set up the new polypath sockets.

Provide an arrangement where this is done by a child forked before we
drop privilege.

Add some comments to the existing just-broken-down interface change
handling code, saying whether and how they are used in the non-privsep
and privsep cases.

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
README diff | blob | blame | history
polypath.c diff | blob | blame | history
Secnet virtual private network: clone of http://www.chiark.greenend.org.uk/ucgi/~ian/git/secnet.git/