"CSD code with root privileges\n"
"\t Use command line option \"--csd-user\"\n");
}
-
+ if (vpninfo->uid_csd_given == 2) {
+ /* The NM tool really needs not to get spurious output
+ on stdout, which the CSD trojan spews. */
+ dup2(2, 1);
+ }
csd_argv[i++] = fname;
csd_argv[i++] = "-ticket";
if (asprintf(&csd_argv[i++], "\"%s\"", vpninfo->csd_ticket) == -1)
char *xmlconfig;
char *hostname;
char *group;
+ char *csd;
char *pem_passphrase_fsid;
gcl = gconf_client_get_default();
vpninfo->cafile = get_gconf_setting(gcl, config_path, NM_OPENCONNECT_KEY_CACERT);
+ csd = get_gconf_setting(gcl, config_path, "enable_csd_trojan");
+ if (csd && !strcmp(csd, "yes")) {
+ /* We're not running as root; we can't setuid(). */
+ vpninfo->uid_csd = getuid();
+ vpninfo->uid_csd_given = 2;
+ }
+ g_free(csd);
proxy = get_gconf_setting(gcl, config_path, "proxy");
if (proxy && proxy[0] && set_http_proxy(vpninfo, proxy))