Merged revisions 44053 via svnmerge from
[asterisk/asterisk.git] / main / asterisk.c
index 2010c72..ae8a56b 100644 (file)
@@ -80,13 +80,12 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 #include <sys/stat.h>
 #ifdef linux
 #include <sys/prctl.h>
-#endif
+#ifdef HAVE_CAP
+#include <sys/capability.h>
+#endif /* HAVE_CAP */
+#endif /* linux */
 #include <regex.h>
 
-#ifdef linux
-#include <sys/prctl.h>
-#endif
-
 #if  defined(__FreeBSD__) || defined( __NetBSD__ ) || defined(SOLARIS)
 #include <netdb.h>
 #if defined(SOLARIS)
@@ -438,52 +437,6 @@ int64_t ast_mark(int i, int startstop)
        return prof_data->e[i].mark;
 }
 
-static int handle_show_profile_deprecated(int fd, int argc, char *argv[])
-{
-       int i, min, max;
-       char *search = NULL;
-
-       if (prof_data == NULL)
-               return 0;
-
-       min = 0;
-       max = prof_data->entries;
-       if  (argc >= 3) { /* specific entries */
-               if (isdigit(argv[2][0])) {
-                       min = atoi(argv[2]);
-                       if (argc == 4 && strcmp(argv[3], "-"))
-                               max = atoi(argv[3]);
-               } else
-                       search = argv[2];
-       }
-       if (max > prof_data->entries)
-               max = prof_data->entries;
-       if (!strcmp(argv[0], "clear")) {
-               for (i= min; i < max; i++) {
-                       if (!search || strstr(prof_data->e[i].name, search)) {
-                               prof_data->e[i].value = 0;
-                               prof_data->e[i].events = 0;
-                       }
-               }
-               return 0;
-       }
-       ast_cli(fd, "profile values (%d, allocated %d)\n-------------------\n",
-               prof_data->entries, prof_data->max_size);
-       ast_cli(fd, "%6s   %8s  %10s %12s %12s  %s\n", "ID", "Scale", "Events",
-                       "Value", "Average", "Name");
-       for (i = min; i < max; i++) {
-               struct profile_entry *e = &prof_data->e[i];
-               if (!search || strstr(prof_data->e[i].name, search))
-                   ast_cli(fd, "%6d: [%8ld] %10ld %12lld %12lld  %s\n",
-                       i,
-                       (long)e->scale,
-                       (long)e->events, (long long)e->value,
-                       (long long)(e->events ? e->value / e->events : e->value),
-                       e->name);
-       }
-       return 0;
-}
-
 static int handle_show_profile(int fd, int argc, char *argv[])
 {
        int i, min, max;
@@ -1517,23 +1470,6 @@ static int show_license(int fd, int argc, char *argv[])
 
 #define ASTERISK_PROMPT2 "%s*CLI> "
 
-#if !defined(LOW_MEMORY)
-static struct ast_cli_entry cli_show_version_files_deprecated = {
-       { "show", "version", "files", NULL },
-       handle_show_version_files, NULL,
-       NULL, complete_show_version_files };
-
-static struct ast_cli_entry cli_show_profile_deprecated = {
-       { "show", "profile", NULL },
-       handle_show_profile_deprecated, NULL,
-       NULL };
-
-static struct ast_cli_entry cli_clear_profile_deprecated = {
-       { "clear", "profile", NULL },
-       handle_show_profile_deprecated, NULL,
-       NULL };
-#endif /* ! LOW_MEMORY */
-
 static struct ast_cli_entry cli_asterisk[] = {
        { { "abort", "halt", NULL },
        handle_abort_halt, "Cancel a running halt",
@@ -1581,7 +1517,7 @@ static struct ast_cli_entry cli_asterisk[] = {
 #if !defined(LOW_MEMORY)
        { { "file", "list", "version", NULL },
        handle_show_version_files, "List versions of files used to build Asterisk",
-       show_version_files_help, complete_show_version_files, &cli_show_version_files_deprecated },
+       show_version_files_help, complete_show_version_files },
 
        { { "show", "threads", NULL },
        handle_show_threads, "Show running threads",
@@ -1589,11 +1525,11 @@ static struct ast_cli_entry cli_asterisk[] = {
 
        { { "profile", "list", NULL },
        handle_show_profile, "Display profiling info",
-       NULL, NULL, &cli_show_profile_deprecated },
+       NULL },
 
        { { "profile", "clear", NULL },
        handle_show_profile, "Clear profiling info",
-       NULL, NULL, &cli_clear_profile_deprecated },
+       NULL },
 #endif /* ! LOW_MEMORY */
 };
 
@@ -2138,9 +2074,9 @@ static void ast_remotecontrol(char * data)
                pid = atoi(cpid);
        else
                pid = -1;
-       snprintf(tmp, sizeof(tmp), "core verbose %d", option_verbose);
+       snprintf(tmp, sizeof(tmp), "core verbose atleast %d", option_verbose);
        fdprint(ast_consock, tmp);
-       snprintf(tmp, sizeof(tmp), "core debug %d", option_debug);
+       snprintf(tmp, sizeof(tmp), "core debug atleast %d", option_debug);
        fdprint(ast_consock, tmp);
        if (ast_opt_mute) {
                snprintf(tmp, sizeof(tmp), "log and verbose output currently muted ('logger unmute' to unmute)");
@@ -2584,12 +2520,22 @@ int main(int argc, char *argv[])
        }
 
        if (!is_child_of_nonroot && runuser) {
+#ifdef HAVE_CAP
+               cap_t cap;
+               int has_cap = 1;
+#endif /* HAVE_CAP */
                struct passwd *pw;
                pw = getpwnam(runuser);
                if (!pw) {
                        ast_log(LOG_WARNING, "No such user '%s'!\n", runuser);
                        exit(1);
                }
+#ifdef HAVE_CAP
+               if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
+                       ast_log(LOG_WARNING, "Unable to keep capabilities.\n");
+                       has_cap  = 0;
+               }
+#endif /* HAVE_CAP */
                if (!rungroup) {
                        if (setgid(pw->pw_gid)) {
                                ast_log(LOG_WARNING, "Unable to setgid to %d!\n", (int)pw->pw_gid);
@@ -2607,6 +2553,18 @@ int main(int argc, char *argv[])
                setenv("ASTERISK_ALREADY_NONROOT", "yes", 1);
                if (option_verbose)
                        ast_verbose("Running as user '%s'\n", runuser);
+#ifdef HAVE_CAP
+               if (has_cap) {
+                       cap = cap_from_text("cap_net_admin=ep");
+                       if (cap_set_proc(cap)) {
+                               ast_log(LOG_WARNING, "Unable to install capabilities.\n");
+                               break;
+                       }
+                       if (cap_free(cap)) {
+                               ast_log(LOG_WARNING, "Unable to drop capabilities.\n");
+                       }
+               }
+#endif /* HAVE_CAP */
        }
 
 #endif /* __CYGWIN__ */
@@ -2816,19 +2774,17 @@ int main(int argc, char *argv[])
                                        buf[strlen(buf)-1] = '\0';
 
                                consolehandler((char *)buf);
-                       } else {
-                               if (write(STDOUT_FILENO, "\nUse EXIT or QUIT to exit the asterisk console\n",
-                                         strlen("\nUse EXIT or QUIT to exit the asterisk console\n")) < 0) {
-                                       /* Whoa, stdout disappeared from under us... Make /dev/null's */
-                                       int fd;
-                                       fd = open("/dev/null", O_RDWR);
-                                       if (fd > -1) {
-                                               dup2(fd, STDOUT_FILENO);
-                                               dup2(fd, STDIN_FILENO);
-                                       } else
-                                               ast_log(LOG_WARNING, "Failed to open /dev/null to recover from dead console. Bad things will happen!\n");
-                                       break;
-                               }
+                       } else if (ast_opt_remote && (write(STDOUT_FILENO, "\nUse EXIT or QUIT to exit the asterisk console\n",
+                                  strlen("\nUse EXIT or QUIT to exit the asterisk console\n")) < 0)) {
+                               /* Whoa, stdout disappeared from under us... Make /dev/null's */
+                               int fd;
+                               fd = open("/dev/null", O_RDWR);
+                               if (fd > -1) {
+                                       dup2(fd, STDOUT_FILENO);
+                                       dup2(fd, STDIN_FILENO);
+                               } else
+                                       ast_log(LOG_WARNING, "Failed to open /dev/null to recover from dead console. Bad things will happen!\n");
+                               break;
                        }
                }