From da63099262e71310b7c8b6af3ba85214b430ef72 Mon Sep 17 00:00:00 2001 From: Arthur de Jong Date: Sat, 26 Jan 2008 10:49:18 +0000 Subject: move code to get information from socket peer to the compat directory because it is very platform specific git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-ldapd@565 ef36b2f9-881f-0410-afb5-c4e39611909c --- compat/Makefile.am | 25 ++++++++++++++ compat/getpeercred.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++ compat/getpeercred.h | 35 ++++++++++++++++++++ 3 files changed, 153 insertions(+) create mode 100644 compat/Makefile.am create mode 100644 compat/getpeercred.c create mode 100644 compat/getpeercred.h (limited to 'compat') diff --git a/compat/Makefile.am b/compat/Makefile.am new file mode 100644 index 0000000..480d207 --- /dev/null +++ b/compat/Makefile.am @@ -0,0 +1,25 @@ +# Makefile.am - use automake to generate Makefile.in +# +# Copyright (C) 2008 Arthur de Jong +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA + +noinst_LIBRARIES = libcompat.a + +AM_CPPFLAGS=-I$(top_srcdir) +AM_CFLAGS = -fPIC + +libcompat_a_SOURCES = getpeercred.c getpeercred.h diff --git a/compat/getpeercred.c b/compat/getpeercred.c new file mode 100644 index 0000000..101a492 --- /dev/null +++ b/compat/getpeercred.c @@ -0,0 +1,93 @@ +/* + getpeercred.h - function for determining information about the + other end of a unix socket + This file is part of the nss-ldapd library. + + Copyright (C) 2008 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#include "config.h" + +#include +#include +#include +#include +#ifdef HAVE_SYS_UCRED_H +#include +#endif /* HAVE SYS_UCRED_H */ +#include + +#include "getpeercred.h" + +int getpeercred(int sock,uid_t *uid,gid_t *gid,pid_t *pid) +{ +#if defined(SO_PEERCRED) + socklen_t l; + struct ucred cred; + /* initialize client information (in case getsockopt() breaks) */ + cred.pid=(pid_t)0; + cred.uid=(uid_t)-1; + cred.gid=(gid_t)-1; + /* look up process information from peer */ + l=(socklen_t)sizeof(struct ucred); + if (getsockopt(sock,SOL_SOCKET,SO_PEERCRED,&cred,&l) < 0) + return -1; /* errno already set */ + /* return the data */ + if (uid!=NULL) *uid=cred.uid; + if (gid!=NULL) *gid=cred.gid; + if (pid!=NULL) *pid=cred.pid; + return 0; +#elif defined(LOCAL_PEERCRED) + socklen_t l; + struct xucred cred; + /* initialize client information (in case getsockopt() breaks) */ + cred.pid=(pid_t)0; + cred.uid=(uid_t)-1; + cred.gid=(gid_t)-1; + /* look up process information from peer */ + l=(socklen_t)sizeof(struct xucred); + if (getsockopt(sock,SOL_SOCKET,LOCAL_PEERCRED,&cred,&l) < 0) + return -1; /* errno already set */ + if (cred.cr_version!=XUCRED_VERSION) + { + errno=EINVAL; + return -1; + } + /* return the data */ + if (uid!=NULL) *uid=cred.uid; + if (gid!=NULL) *gid=cred.gid; + if (pid!=NULL) *pid=cred.pid; + return 0; +#elif defined(HAVE_GETPEEREID) + uid_t tuid; + gid_t tgid; + if (uid==NULL) uid=&tuid; + if (gid==NULL) gid=&tguid; + if (getpeereid(sock,uid,gid)) + return -1; + /* return the data */ + if (uid!=NULL) *uid=cred.uid; + if (gid!=NULL) *gid=cred.gid; + if (pid!=NULL) *pid=-1; /* we return a -1 pid because we have no usable pid */ + return 0; +#else + /* nothing found that is supported */ + errno=ENOSYS; + return -1; +#endif +} diff --git a/compat/getpeercred.h b/compat/getpeercred.h new file mode 100644 index 0000000..8a103e1 --- /dev/null +++ b/compat/getpeercred.h @@ -0,0 +1,35 @@ +/* + getpeercred.h - function for determining information about the + other end of a unix socket + This file is part of the nss-ldapd library. + + Copyright (C) 2008 Arthur de Jong + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA +*/ + +#ifndef _COMPAT_GETPEERCRED_H +#define _COMPAT_GETPEERCRED_H 1 + +/* This function tries to determine the user id, group id and process + id of the other end of the specified socket. + Any of the uid, gid and pid paramaters may be NULL to not update + that information. + On success, zero is returned. On error, -1 is returned, and errno + is set appropriately. */ +int getpeercred(int sock,uid_t *uid,gid_t *gid,pid_t *pid); + +#endif /* not _COMPAT_GETPEERCRED_H */ -- cgit v1.2.3