kore

An easy to use, scalable and secure web application framework for writing web APIs in C.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git

commit c6c253305a9975a7ebcbe0dbf0531b5e758a389a
parent 0314521658f1e55cd2cdef8261d4ec525c886d1b
Author: Joris Vink <joris@coders.se>
Date:   Thu, 26 Sep 2019 07:52:31 +0000

swap sockets to use send/recv and update seccomp.

Diffstat:
src/keymgr.c | 5+++--
src/net.c | 6+++---
src/seccomp.c | 2++
src/tasks.c | 2+-
4 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/keymgr.c b/src/keymgr.c @@ -60,6 +60,7 @@ static struct sock_filter filter_keymgr[] = { /* Required to deal with private keys and certs. */ KORE_SYSCALL_ALLOW(open), KORE_SYSCALL_ALLOW(read), + KORE_SYSCALL_ALLOW(write), KORE_SYSCALL_ALLOW(close), KORE_SYSCALL_ALLOW(fstat), KORE_SYSCALL_ALLOW(futex), @@ -67,8 +68,8 @@ static struct sock_filter filter_keymgr[] = { /* Net related. */ KORE_SYSCALL_ALLOW(poll), - KORE_SYSCALL_ALLOW(read), - KORE_SYSCALL_ALLOW(write), + KORE_SYSCALL_ALLOW(sendto), + KORE_SYSCALL_ALLOW(recvfrom), KORE_SYSCALL_ALLOW(epoll_wait), /* Process things. */ diff --git a/src/net.c b/src/net.c @@ -424,7 +424,7 @@ net_write(struct connection *c, size_t len, size_t *written) { ssize_t r; - r = write(c->fd, (c->snb->buf + c->snb->s_off), len); + r = send(c->fd, (c->snb->buf + c->snb->s_off), len, 0); if (r == -1) { switch (errno) { case EINTR: @@ -449,8 +449,8 @@ net_read(struct connection *c, size_t *bytes) { ssize_t r; - r = read(c->fd, (c->rnb->buf + c->rnb->s_off), - (c->rnb->b_len - c->rnb->s_off)); + r = recv(c->fd, (c->rnb->buf + c->rnb->s_off), + (c->rnb->b_len - c->rnb->s_off), 0); if (r == -1) { switch (errno) { case EINTR: diff --git a/src/seccomp.c b/src/seccomp.c @@ -76,8 +76,10 @@ static struct sock_filter filter_kore[] = { /* Net related. */ KORE_SYSCALL_ALLOW(poll), + KORE_SYSCALL_ALLOW(sendto), KORE_SYSCALL_ALLOW(accept), KORE_SYSCALL_ALLOW(sendfile), + KORE_SYSCALL_ALLOW(recvfrom), KORE_SYSCALL_ALLOW(epoll_ctl), KORE_SYSCALL_ALLOW(setsockopt), KORE_SYSCALL_ALLOW(epoll_wait), diff --git a/src/tasks.c b/src/tasks.c @@ -279,7 +279,7 @@ task_channel_write(int fd, void *data, u_int32_t len) d = data; offset = 0; while (offset != len) { - r = write(fd, d + offset, len - offset); + r = send(fd, d + offset, len - offset, 0); if (r == -1 && errno == EINTR) continue; if (r == -1)