1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
$NetBSD: patch-ab,v 1.19 2012/08/01 17:52:22 drochner Exp $
--- dbus/dbus-sysdeps-unix.c.orig 2012-07-03 18:02:45.000000000 +0000
+++ dbus/dbus-sysdeps-unix.c
@@ -22,6 +22,8 @@
*
*/
+#define _NETBSD_SOURCE
+
#include <config.h>
#include "dbus-internals.h"
@@ -72,6 +74,10 @@
#include <ucred.h>
#endif
+#ifdef __NetBSD__
+#include <sys/un.h>
+#endif
+
#ifdef HAVE_ADT
#include <bsm/adt.h>
#endif
@@ -122,6 +128,32 @@
#endif /* Solaris */
+#ifdef LOCAL_PEEREID
+static dbus_bool_t
+dbus_nb_getpeereid(int fd, pid_t *pid, uid_t *uid, gid_t *gid)
+{
+ struct unpcbid cred;
+ socklen_t len = sizeof(cred);
+
+ _dbus_verbose ("dbus_nb_getpeereid: enter, fd=%d\n");
+ if (getsockopt (fd, 0, LOCAL_PEEREID, &cred, &len) < 0)
+ {
+ _dbus_verbose ("dbus_nb_getpeereid: getsockopt LOCAL_PEEREID failed: %s\n", strerror(errno));
+ return FALSE;
+ }
+ if (pid)
+ *pid = cred.unp_pid;
+ if (uid)
+ *uid = cred.unp_euid;
+ if (gid)
+ *gid = cred.unp_egid;
+
+ _dbus_verbose ("dbus_nb_getpeereid: returning TRUE, pid=%d uid=%d gid=%d\n",
+ cred.unp_pid, cred.unp_euid, cred.unp_egid);
+ return TRUE;
+}
+#endif
+
static dbus_bool_t
_dbus_open_socket (int *fd_p,
int domain,
@@ -969,7 +1001,7 @@ _dbus_set_local_creds (int fd, dbus_bool
{
dbus_bool_t retval = TRUE;
-#if defined(HAVE_CMSGCRED)
+#if defined(HAVE_CMSGCRED) || defined(LOCAL_PEEREID)
/* NOOP just to make sure only one codepath is used
* and to prefer CMSGCRED
*/
@@ -1674,6 +1706,11 @@ _dbus_read_credentials_socket (int
char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
} cmsg;
+#elif defined(LOCAL_PEEREID)
+ pid_t sockpid;
+ uid_t sockuid;
+ gid_t sockgid;
+
#elif defined(LOCAL_CREDS)
struct {
struct cmsghdr hdr;
@@ -1709,10 +1746,15 @@ _dbus_read_credentials_socket (int
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
-#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+#if (defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)) && !defined(LOCAL_PEEREID)
_DBUS_ZERO(cmsg);
+#ifdef HAVE_CMSGCRED
msg.msg_control = (caddr_t) &cmsg;
msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
+#else /* defined(LOCAL_CREDS) */
+ msg.msg_control = &cmsg;
+ msg.msg_controllen = sizeof (cmsg);
+#endif
#endif
again:
@@ -1749,9 +1791,13 @@ _dbus_read_credentials_socket (int
return FALSE;
}
-#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+#if (defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)) && !defined(LOCAL_PEEREID)
+#ifdef HAVE_CMSGCRED
if (cmsg.hdr.cmsg_len < CMSG_LEN (sizeof (struct cmsgcred))
|| cmsg.hdr.cmsg_type != SCM_CREDS)
+#else /* defined(LOCAL_CREDS) */
+ if (cmsg.hdr.cmsg_len < sizeof (cmsg) || cmsg.hdr.cmsg_type != SCM_CREDS)
+#endif
{
dbus_set_error (error, DBUS_ERROR_FAILED,
"Message from recvmsg() was not SCM_CREDS");
@@ -1787,6 +1833,16 @@ _dbus_read_credentials_socket (int
cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr);
pid_read = cred->cmcred_pid;
uid_read = cred->cmcred_euid;
+#elif defined(LOCAL_PEEREID)
+ if (dbus_nb_getpeereid(client_fd, &sockpid, &sockuid, &sockgid) == TRUE)
+ {
+ pid_read = sockpid;
+ uid_read = sockuid;
+ }
+ else
+ {
+ _dbus_verbose ("Failed to dbus_nb_getpeereid() credentials: %s\n", _dbus_strerror (errno));
+ }
#elif defined(LOCAL_CREDS)
pid_read = DBUS_PID_UNSET;
uid_read = cmsg.cred.sc_uid;
@@ -1848,7 +1904,7 @@ _dbus_read_credentials_socket (int
}
if (ucred != NULL)
ucred_free (ucred);
-#else /* !SO_PEERCRED && !HAVE_CMSGCRED && !HAVE_GETPEEREID && !HAVE_GETPEERUCRED */
+#else /* !SO_PEERCRED && !HAVE_CMSGCRED && !HAVE_GETPEEREID && !HAVE_GETPEERUCRED && !LOCAL_PEEREID */
_dbus_verbose ("Socket credentials not supported on this OS\n");
#endif
}
|