From 8448d43531bd8002204521c75c6a49c8a0082574 Mon Sep 17 00:00:00 2001
From: Boris Nagaev <bnagaev@gmail.com>
Date: Tue, 10 Nov 2015 02:38:46 +0300
Subject: disable networking with LD_PRELOAD when build
see #969
---
Makefile | 11 ++++++++---
tools/nonetwork.c | 36 ++++++++++++++++++++++++++++++++++++
2 files changed, 44 insertions(+), 3 deletions(-)
create mode 100644 tools/nonetwork.c
diff --git a/Makefile b/Makefile
index 10757ee..73dabb8 100644
--- a/Makefile
+++ b/Makefile
@@ -144,7 +144,7 @@ define MXE_GET_GITHUB_TAGS
endef
# use a minimal whitelist of safe environment variables
-ENV_WHITELIST := PATH LANG MAKE% MXE% %PROXY %proxy LD_LIBRARY_PATH ACLOCAL_PATH
+ENV_WHITELIST := PATH LANG MAKE% MXE% %PROXY %proxy LD_LIBRARY_PATH LD_PRELOAD ACLOCAL_PATH
unexport $(filter-out $(ENV_WHITELIST),$(shell env | cut -d '=' -f1))
# disable wine with readonly directory (created by mxe-conf)
@@ -406,6 +406,10 @@ download-only-$(1):
endef
$(foreach PKG,$(PKGS),$(eval $(call PKG_RULE,$(PKG))))
+$(PREFIX)/lib/nonetwork.so: $(TOP_DIR)/tools/nonetwork.c
+ mkdir -p $(dir $@)
+ $(BUILD_CC) -shared -fPIC -o $@ $<
+
define PKG_TARGET_RULE
.PHONY: $(1)
$(1): $(PREFIX)/$(3)/installed/$(1)
@@ -416,7 +420,8 @@ $(PREFIX)/$(3)/installed/$(1): $(TOP_DIR)/src/$(1).mk \
$(and $($(3)_DEPS),$(addprefix $(PREFIX)/$($(3)_DEPS)/installed/,$(filter-out $(MXE_CONF_PKGS),$($($(3)_DEPS)_PKGS)))) \
| $(if $(DONT_CHECK_REQUIREMENTS),,check-requirements) \
$(if $(value $(call LOOKUP_PKG_RULE,$(1),URL,$(3))),download-only-$(1)) \
- $(addprefix $(PREFIX)/$(3)/installed/,$(if $(call set_is_not_member,$(1),$(MXE_CONF_PKGS)),$(MXE_CONF_PKGS)))
+ $(addprefix $(PREFIX)/$(3)/installed/,$(if $(call set_is_not_member,$(1),$(MXE_CONF_PKGS)),$(MXE_CONF_PKGS))) \
+ $(PREFIX)/lib/nonetwork.so
@[ -d '$(LOG_DIR)/$(TIMESTAMP)' ] || mkdir -p '$(LOG_DIR)/$(TIMESTAMP)'
$(if $(value $(call LOOKUP_PKG_RULE,$(1),BUILD,$(3))),
@$(PRINTF_FMT) '[build]' '$(1)' '$(3)',
@@ -425,7 +430,7 @@ $(PREFIX)/$(3)/installed/$(1): $(TOP_DIR)/src/$(1).mk \
@$(PRINTF_FMT) '[message]' '$(1)' '$(3) $($(call LOOKUP_PKG_RULE,$(1),MESSAGE,$(3)))')
@touch '$(LOG_DIR)/$(TIMESTAMP)/$(1)_$(3)'
@ln -sf '$(TIMESTAMP)/$(1)_$(3)' '$(LOG_DIR)/$(1)_$(3)'
- @if ! (time $(MAKE) -f '$(MAKEFILE)' 'build-only-$(1)_$(3)') &> '$(LOG_DIR)/$(TIMESTAMP)/$(1)_$(3)'; then \
+ @if ! (time LD_PRELOAD="$(PREFIX)/lib/nonetwork.so" $(MAKE) -f '$(MAKEFILE)' 'build-only-$(1)_$(3)') &> '$(LOG_DIR)/$(TIMESTAMP)/$(1)_$(3)'; then \
echo; \
echo 'Failed to build package $(1) for target $(3)!'; \
echo '------------------------------------------------------------'; \
diff --git a/tools/nonetwork.c b/tools/nonetwork.c
new file mode 100644
index 0000000..d203fb2
--- /dev/null
+++ b/tools/nonetwork.c
@@ -0,0 +1,36 @@
+// nonetwork, break standard network functions using LD_PRELOAD
+// Source: https://github.com/starius/nonetwork
+// Copyright (C) 2015 Boris Nagaev
+// License: MIT
+
+#include <errno.h>
+
+int connect(int sock, const void *addr, unsigned int len) {
+ errno = 13; // EACCES, Permission denied
+ return -1;
+}
+
+void *gethostbyname(const char *name) {
+ return 0;
+}
+
+int getaddrinfo(const char *node, const char *service,
+ const void *hints,
+ void **res) {
+ return -4; // EAI_FAIL
+}
+
+void freeaddrinfo(void *res) {
+}
+
+int getnameinfo(const void * sa,
+ unsigned int salen, char * host,
+ unsigned int hostlen, char * serv,
+ unsigned int servlen, int flags) {
+ return -4; // EAI_FAIL
+}
+
+struct hostent *gethostbyaddr(const void *addr, unsigned int len,
+ int type) {
+ return 0;
+}
--
cgit v0.12