1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
$NetBSD: patch-aa,v 1.2 2006/08/28 08:30:12 jmmv Exp $
http://bugzilla.gnome.org/show_bug.cgi?id=353105
--- gnome-keyring-daemon-io.c.orig 2005-05-04 09:17:18.000000000 +0200
+++ gnome-keyring-daemon-io.c
@@ -91,6 +91,24 @@ static void gnome_keyring_client_state_m
static gboolean
+set_local_creds (int fd, gboolean on)
+{
+ gboolean retval = TRUE;
+
+#if defined(LOCAL_CREDS) && !defined(HAVE_CMSGCRED)
+ int val = on ? 1 : 0;
+ if (setsockopt (fd, 0, LOCAL_CREDS, &val, sizeof (val)) < 0)
+ {
+ g_warning ("Unable to set LOCAL_CREDS socket option on fd %d\n", fd);
+ retval = FALSE;
+ }
+#endif
+
+ return retval;
+}
+
+
+static gboolean
read_unix_socket_credentials (int fd,
pid_t *pid,
uid_t *uid)
@@ -102,22 +120,14 @@ read_unix_socket_credentials (int fd,
#ifdef HAVE_CMSGCRED
char cmsgmem[CMSG_SPACE (sizeof (struct cmsgcred))];
struct cmsghdr *cmsg = (struct cmsghdr *) cmsgmem;
+#elif defined(LOCAL_CREDS)
+ char cmsgmem[CMSG_SPACE (sizeof (struct sockcred))];
+ struct cmsghdr *cmsg = (struct cmsghdr *) cmsgmem;
#endif
*pid = 0;
*uid = 0;
-#if defined(LOCAL_CREDS) && defined(HAVE_CMSGCRED)
- /* Set the socket to receive credentials on the next message */
- {
- int on = 1;
- if (setsockopt (fd, 0, LOCAL_CREDS, &on, sizeof (on)) < 0) {
- g_warning ("Unable to set LOCAL_CREDS socket option\n");
- return FALSE;
- }
- }
-#endif
-
iov.iov_base = &buf;
iov.iov_len = 1;
@@ -125,7 +135,7 @@ read_unix_socket_credentials (int fd,
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
-#ifdef HAVE_CMSGCRED
+#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
memset (cmsgmem, 0, sizeof (cmsgmem));
msg.msg_control = cmsgmem;
msg.msg_controllen = sizeof (cmsgmem);
@@ -146,7 +156,7 @@ read_unix_socket_credentials (int fd,
return FALSE;
}
-#ifdef HAVE_CMSGCRED
+#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
if (cmsg->cmsg_len < sizeof (cmsgmem) || cmsg->cmsg_type != SCM_CREDS) {
g_warning ("Message from recvmsg() was not SCM_CREDS\n");
return FALSE;
@@ -174,6 +184,14 @@ read_unix_socket_credentials (int fd,
*pid = cred->cmcred_pid;
*uid = cred->cmcred_euid;
+#elif defined(LOCAL_CREDS)
+ struct sockcred *cred;
+
+ cred = (struct sockcred *) CMSG_DATA (cmsg);
+
+ *pid = -1;
+ *uid = cred->sc_euid;
+ set_local_creds(fd, FALSE);
#else /* !SO_PEERCRED && !HAVE_CMSGCRED */
g_warning ("Socket credentials not supported on this OS\n");
return FALSE;
@@ -625,6 +643,12 @@ create_master_socket (const char **path)
return FALSE;
}
+ if (!set_local_creds (sock, TRUE)) {
+ close (sock);
+ cleanup_socket_dir ();
+ return FALSE;
+ }
+
g_free (tmp_tmp_dir);
channel = g_io_channel_unix_new (sock);
g_io_add_watch (channel, G_IO_IN | G_IO_HUP, new_client, NULL);
|