From 1e3db11a39e6337ecc49dae7673954ca5cfa533c Mon Sep 17 00:00:00 2001
From: krw <krw@openbsd.org>
Date: Mon, 10 Apr 2017 21:47:44 +0000
Subject: [PATCH] Rework -L logic to use the idiom used in handling the leases
 file. i.e. open FILE during program set up and use the FILE created for the
 rest of the program lifetime after dropping privilege and pledge()'ing. No
 need for passing messages to the priv process.

Tweak lease file handling a bit in passing.

Monitoring the -L file with external programs like sysutils/entr
still works.

Looks good to sthen@.
---
 sbin/dhclient/dhclient.c | 92 ++++++++++++++--------------------------
 sbin/dhclient/privsep.c  |  6 +--
 sbin/dhclient/privsep.h  |  4 +-
 3 files changed, 33 insertions(+), 69 deletions(-)

diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c
index 6daa095855a..a2189c2f66d 100644
--- a/sbin/dhclient/dhclient.c
+++ b/sbin/dhclient/dhclient.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: dhclient.c,v 1.411 2017/04/09 20:44:13 krw Exp $	*/
+/*	$OpenBSD: dhclient.c,v 1.412 2017/04/10 21:47:44 krw Exp $	*/
 
 /*
  * Copyright 2004 Henning Brauer <henning@openbsd.org>
@@ -129,7 +129,6 @@ char		*resolv_conf_contents(struct interface_info *ifi,
 		     struct option_data *, struct option_data *,
 		     struct option_data *);
 void		 write_resolv_conf(u_int8_t *, size_t);
-void		 write_option_db(u_int8_t *, size_t);
 
 struct client_lease *apply_defaults(struct client_lease *);
 struct client_lease *clone_lease(struct client_lease *);
@@ -177,6 +176,7 @@ void	take_charge(struct interface_info *);
 #define	ADVANCE(x, n) (x += ROUNDUP((n)->sa_len))
 
 static FILE *leaseFile;
+static FILE *optionDB;
 
 void
 sighdlr(int sig)
@@ -410,8 +410,10 @@ routehandler(struct interface_info *ifi)
 				}
 			} else {
 				/* Let monitoring programs see link loss. */
-				if (strlen(path_option_db))
-					write_option_db("", 0);
+				if (optionDB) {
+					rewind(optionDB);
+					ftruncate(fileno(optionDB), 0);
+				}
 				/* No need to wait for anything but link. */
 				cancel_timeout();
 			}
@@ -639,15 +641,6 @@ main(int argc, char *argv[])
 		close(tailfd);
 	}
 
-	if ((fd = open(path_dhclient_db,
-	    O_RDONLY|O_EXLOCK|O_CREAT|O_NOFOLLOW, 0640)) == -1)
-		fatal("can't open and lock %s", path_dhclient_db);
-	read_client_leases(ifi);
-	if ((leaseFile = fopen(path_dhclient_db, "w")) == NULL)
-		fatal("can't open %s", path_dhclient_db);
-	rewrite_client_leases(ifi);
-	close(fd);
-
 	/*
 	 * Do the initial status check and possible force up before creating
 	 * the routing socket. If we bounce the interface down and up while
@@ -674,6 +667,20 @@ main(int argc, char *argv[])
 
 	take_charge(ifi);
 
+	if ((fd = open(path_dhclient_db,
+	    O_RDONLY|O_EXLOCK|O_CREAT|O_NOFOLLOW, 0640)) == -1)
+		fatal("can't open and lock %s", path_dhclient_db);
+	read_client_leases(ifi);
+	if ((leaseFile = fopen(path_dhclient_db, "w")) == NULL)
+		fatal("can't open %s", path_dhclient_db);
+	rewrite_client_leases(ifi);
+	close(fd);
+
+	if (strlen(path_option_db) != 0) {
+		if ((optionDB = fopen(path_option_db, "w")) == NULL)
+			fatal("can't open %s", path_option_db);
+	}
+
 	/* Register the interface. */
 	if_register_receive(ifi);
 	if_register_send(ifi);
@@ -1899,7 +1906,6 @@ rewrite_client_leases(struct interface_info *ifi)
 	if (!leaseFile)	/* XXX */
 		fatalx("lease file not open");
 
-	fflush(leaseFile);
 	rewind(leaseFile);
 
 	/*
@@ -1933,32 +1939,28 @@ void
 rewrite_option_db(struct interface_info *ifi, struct client_lease *offered,
     struct client_lease *effective)
 {
-	u_int8_t db[8192];
 	char *leasestr;
-	size_t n;
 
-	if (strlen(path_option_db) == 0)
+	if (!optionDB)
 		return;
 
-	memset(db, 0, sizeof(db));
+	rewind(optionDB);
 
 	leasestr = lease_as_string(ifi, "offered", offered);
-	if (leasestr) {
-		n = strlcat(db, leasestr, sizeof(db));
-		if (n >= sizeof(db))
-			log_warnx("cannot fit offered lease into option db");
-	} else
+	if (leasestr)
+		fprintf(optionDB, "%s", leasestr);
+	else
 		log_warnx("cannot make offered lease into string");
 
 	leasestr = lease_as_string(ifi, "effective", effective);
-	if (leasestr) {
-		n = strlcat(db, leasestr, sizeof(db));
-		if (n >= sizeof(db))
-			log_warnx("cannot fit effective lease into option db");
-	} else
+	if (leasestr)
+		fprintf(optionDB, "%s", leasestr);
+	else
 		log_warnx("cannot make effective lease into string");
 
-	write_option_db(db, strlen(db));
+	fflush(optionDB);
+	ftruncate(fileno(optionDB), ftello(optionDB));
+	fsync(fileno(optionDB));
 }
 
 void
@@ -2545,38 +2547,6 @@ apply_ignore_list(char *ignore_list)
 	memcpy(config->ignored_options, list, sizeof(config->ignored_options));
 }
 
-void
-write_option_db(u_int8_t *contents, size_t sz)
-{
-	int rslt;
-
-	rslt = imsg_compose(unpriv_ibuf, IMSG_WRITE_OPTION_DB,
-	    0, 0, -1, contents, sz);
-	if (rslt == -1)
-		log_warn("write_option_db: imsg_compose");
-
-	flush_unpriv_ibuf("write_option_db");
-}
-
-void
-priv_write_option_db(struct imsg *imsg)
-{
-	u_int8_t *contents;
-	size_t sz;
-
-	if (imsg->hdr.len < IMSG_HEADER_SIZE) {
-		log_warnx("short IMSG_WRITE_OPTION_DB");
-		return;
-	}
-
-	contents = imsg->data;
-	sz = imsg->hdr.len - IMSG_HEADER_SIZE;
-
-	priv_write_file(path_option_db,
-	    O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW,
-	    S_IRUSR | S_IWUSR | S_IRGRP, contents, sz);
-}
-
 void
 priv_write_file(char *path, int flags, mode_t mode,
     u_int8_t *contents, size_t sz)
diff --git a/sbin/dhclient/privsep.c b/sbin/dhclient/privsep.c
index 5dc495fc28e..64898a8e9e4 100644
--- a/sbin/dhclient/privsep.c
+++ b/sbin/dhclient/privsep.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: privsep.c,v 1.45 2017/03/08 19:43:42 krw Exp $ */
+/*	$OpenBSD: privsep.c,v 1.46 2017/04/10 21:47:44 krw Exp $ */
 
 /*
  * Copyright (c) 2004 Henning Brauer <henning@openbsd.org>
@@ -103,10 +103,6 @@ dispatch_imsg(struct interface_info *ifi, struct imsgbuf *ibuf)
 			}
 			break;
 
-		case IMSG_WRITE_OPTION_DB:
-			priv_write_option_db(&imsg);
-			break;
-
 		default:
 			log_warnx("received unknown message, code %u",
 			    imsg.hdr.type);
diff --git a/sbin/dhclient/privsep.h b/sbin/dhclient/privsep.h
index 5baf40bc33a..ab2acff54e2 100644
--- a/sbin/dhclient/privsep.h
+++ b/sbin/dhclient/privsep.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: privsep.h,v 1.33 2017/03/08 20:11:00 krw Exp $ */
+/*	$OpenBSD: privsep.h,v 1.34 2017/04/10 21:47:44 krw Exp $ */
 
 /*
  * Copyright (c) 2004 Henning Brauer <henning@openbsd.org>
@@ -19,7 +19,6 @@
 enum imsg_code {
 	IMSG_NONE,
 	IMSG_HUP,
-	IMSG_WRITE_OPTION_DB,
 	IMSG_DELETE_ADDRESS,
 	IMSG_ADD_ADDRESS,
 	IMSG_FLUSH_ROUTES,
@@ -59,7 +58,6 @@ struct imsg_set_interface_mtu {
 };
 
 void	dispatch_imsg(struct interface_info *, struct imsgbuf *);
-void	priv_write_option_db(struct imsg *);
 void	priv_write_file(char *, int, mode_t, u_int8_t *, size_t);
 void	priv_cleanup(struct interface_info *, struct imsg_hup *);
 void	priv_delete_address(struct interface_info *,
-- 
2.20.1