On Mon, Oct 07, 2019 at 11:16:22AM +0100, Stuart Henderson wrote:
> On 2019/10/07 09:53, Theo Buehler wrote:
> > $ doas /usr/sbin/unbound-anchor -v
> > /var/unbound/db/root.key has content
> > [1570433629] libunbound[28321:0] fatal error: could not open autotrust file
> > for writing, /var/unbound/db/root.key.28321-0-1966ee948e00: No such file or
> > directory
> >
> > The problem is the following change that came with the update to 1.9.3:
> >
> > - Add hex print of trust anchor pointer to trust anchor file temp
> > name to make it unique, for libunbound created multiple contexts.
> >
> > See
> > https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/unbound/validator/autotrust.c.diff?r1=1.10&r2=1.11
> >
> > Thus, the unveil code in smallapp/unbound-anchor.c needs some
> > adjustment.
> >
> > if (asprintf(&root_anchor_tempfile, "%s.%d-0", root_anchor_file,
> > getpid()) == -1) {
> > if(verb) printf("out of memory\n");
> > exit(0);
> > }
> >
> > if (unveil(root_anchor_file, "rwc") == -1)
> > err(1, "unveil");
> > if (unveil(root_anchor_tempfile, "rwc") == -1)
> > err(1, "unveil");
> >
> > The problem is that tp used for tempfile generation is not yet known at
> > that point. Not sure how best to deal with this.
>
> Just unveil the directory?
yes, however dirname(3) has this:
CAVEATS
Other vendor implementations of dirname() may modify the contents of the
string passed to dirname(); this should be taken into account when
writing code which calls this function if portability is desired.
I think we want a strdup here.
>
> Index: smallapp/unbound-anchor.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/unbound/smallapp/unbound-anchor.c,v
> retrieving revision 1.12
> diff -u -p -r1.12 unbound-anchor.c
> --- smallapp/unbound-anchor.c 10 Jan 2019 12:13:44 -0000 1.12
> +++ smallapp/unbound-anchor.c 7 Oct 2019 10:14:56 -0000
> @@ -116,6 +116,7 @@
> */
>
> #include <err.h>
> +#include <libgen.h>
> #include <unistd.h>
>
> #include "config.h"
> @@ -2284,7 +2285,7 @@ int main(int argc, char* argv[])
> const char* res_conf = NULL;
> const char* root_hints = NULL;
> const char* debugconf = NULL;
> - char* root_anchor_tempfile;
> + char* root_anchor_temppath;
> int dolist=0, ip4only=0, ip6only=0, force=0, port = HTTPS_PORT;
> int res_conf_fallback = 0;
> /* parse the options */
> @@ -2370,15 +2371,12 @@ int main(int argc, char* argv[])
>
> if(dolist) do_list_builtin();
>
> - if (asprintf(&root_anchor_tempfile, "%s.%d-0", root_anchor_file,
> - getpid()) == -1) {
> + if (asprintf(&root_anchor_temppath, "%s",
> + dirname(root_anchor_file)) == -1) {
> if(verb) printf("out of memory\n");
> exit(0);
> }
> -
> - if (unveil(root_anchor_file, "rwc") == -1)
> - err(1, "unveil");
> - if (unveil(root_anchor_tempfile, "rwc") == -1)
> + if (unveil(root_anchor_temppath, "rwc") == -1)
> err(1, "unveil");
> if (unveil(root_cert_file, "r") == -1)
> err(1, "unveil");
>
--
I'm not entirely sure you are real.
