trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jpe...@apache.org
Subject [2/7] git commit: TS-3103: hide ElevateAccess implementation details
Date Thu, 02 Oct 2014 23:52:09 GMT
TS-3103: hide ElevateAccess implementation details


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/c2058086
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/c2058086
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/c2058086

Branch: refs/heads/master
Commit: c20580866485cd6f61387b20c81361fa8709d89d
Parents: 549108e
Author: James Peach <jpeach@apache.org>
Authored: Fri Sep 26 16:12:54 2014 -0700
Committer: James Peach <jpeach@apache.org>
Committed: Thu Oct 2 15:52:38 2014 -0700

----------------------------------------------------------------------
 lib/ts/ink_cap.cc | 47 ++++++++++++++++++++++++++++++++++++++++++++---
 lib/ts/ink_cap.h  | 44 ++++----------------------------------------
 2 files changed, 48 insertions(+), 43 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c2058086/lib/ts/ink_cap.cc
----------------------------------------------------------------------
diff --git a/lib/ts/ink_cap.cc b/lib/ts/ink_cap.cc
index 26bb910..90c9c15 100644
--- a/lib/ts/ink_cap.cc
+++ b/lib/ts/ink_cap.cc
@@ -130,7 +130,7 @@ EnableCoreFile(bool flag) {
     current enable this feature so it's not actually called. Still,
     best to program defensively and have it available.
  */
-bool
+static bool
 elevateFileAccess(bool state)
 {
   Debug("proxy_priv", "[elevateFileAccess] state : %d\n", state);
@@ -152,7 +152,7 @@ elevateFileAccess(bool state)
 //
 //    - Returns true on success
 //      and false on failure
-bool
+static bool
 removeRootPriv(uid_t euid)
 {
   if (seteuid(euid) < 0) {
@@ -168,7 +168,7 @@ removeRootPriv(uid_t euid)
 //
 //    - Returns true on success
 //      and false on failure
-bool
+static bool
 restoreRootPriv(uid_t *old_euid)
 {
   if (old_euid)
@@ -183,3 +183,44 @@ restoreRootPriv(uid_t *old_euid)
   return true;
 }
 #endif
+
+ElevateAccess::ElevateAccess(const bool state)
+  : elevated(false), saved_uid(0)
+{
+  if (state == true) {
+    elevate();
+  }
+}
+
+ElevateAccess::~ElevateAccess()
+{
+  if (elevated == true) {
+    demote();
+  }
+}
+
+void
+ElevateAccess::elevate()
+{
+#if TS_USE_POSIX_CAP
+  ink_release_assert(elevateFileAccess(true));
+#else
+  // Since we are setting a process-wide credential, we have to block any other thread
+  // attempting to elevate until this one demotes.
+  ink_mutex_acquire(&lock);
+  restoreRootPriv(&saved_uid);
+#endif
+  elevated = true;
+}
+
+void
+ElevateAccess::demote()
+{
+#if TS_USE_POSIX_CAP
+  ink_release_assert(elevateFileAccess(false));
+#else
+  removeRootPriv(saved_uid);
+  ink_mutex_release(&lock);
+#endif
+  elevated = false;
+}

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/c2058086/lib/ts/ink_cap.h
----------------------------------------------------------------------
diff --git a/lib/ts/ink_cap.h b/lib/ts/ink_cap.h
index 49c1219..e162030 100644
--- a/lib/ts/ink_cap.h
+++ b/lib/ts/ink_cap.h
@@ -46,49 +46,13 @@ extern int EnableCoreFile(
 
 
 
-#if TS_USE_POSIX_CAP
-bool elevateFileAccess(bool);
-#else
-bool restoreRootPriv(uid_t *old_euid = NULL);
-bool removeRootPriv(uid_t euid);
-#endif
-
-
 class ElevateAccess {
 public:
-  ElevateAccess(const bool state): elevated(false), saved_uid(0) {
-    if (state == true) {
-      elevate();
-    }
-  }
-
-  void elevate() {
-#if TS_USE_POSIX_CAP
-    elevateFileAccess(true);
-#else
-    // Since we are setting a process-wide credential, we have to block any other thread
-    // attempting to elevate until this one demotes.
-    restoreRootPriv(&saved_uid);
-    ink_mutex_acquire(&lock);
-#endif
-    elevated = true;
-  }
-
-  void demote() {
-#if TS_USE_POSIX_CAP
-    elevateFileAccess(false);
-#else
-    removeRootPriv(saved_uid);
-    ink_mutex_release(&lock);
-#endif
-    elevated = false;
-  }
+  ElevateAccess(const bool state);
+  ~ElevateAccess();
 
-  ~ElevateAccess() {
-    if (elevated == true) {
-      demote();
-    }
-  }
+  void elevate();
+  void demote();
 
 private:
   bool elevated;


Mime
View raw message