mirror of
https://github.com/systemd/systemd.git
synced 2025-01-11 09:18:07 +03:00
bus: be more careful when determining credential data
As it turns out SCM_CREDENTIALS is not always supported on socketpair(), so let's also try SO_PEERCRED then.
This commit is contained in:
parent
2b4ac8896b
commit
ea8f194f4b
@ -513,19 +513,26 @@ static int bus_socket_read_auth(sd_bus *b) {
|
||||
cmsg->cmsg_type == SCM_CREDENTIALS &&
|
||||
cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
|
||||
|
||||
/* Ignore bogus data, which we might
|
||||
* get on socketpair() sockets */
|
||||
if (((struct ucred*) CMSG_DATA(cmsg))->pid != 0) {
|
||||
memcpy(&b->ucred, CMSG_DATA(cmsg), sizeof(struct ucred));
|
||||
b->ucred_valid = true;
|
||||
}
|
||||
|
||||
} else if (cmsg->cmsg_level == SOL_SOCKET &&
|
||||
cmsg->cmsg_type == SCM_SECURITY) {
|
||||
|
||||
size_t l;
|
||||
|
||||
l = cmsg->cmsg_len - CMSG_LEN(0);
|
||||
if (l > 0) {
|
||||
memcpy(&b->label, CMSG_DATA(cmsg), l);
|
||||
b->label[l] = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
r = bus_socket_auth_verify(b);
|
||||
if (r != 0)
|
||||
@ -536,6 +543,7 @@ static int bus_socket_read_auth(sd_bus *b) {
|
||||
|
||||
static int bus_socket_setup(sd_bus *b) {
|
||||
int enable;
|
||||
socklen_t l;
|
||||
|
||||
assert(b);
|
||||
|
||||
@ -549,6 +557,11 @@ static int bus_socket_setup(sd_bus *b) {
|
||||
fd_inc_rcvbuf(b->input_fd, 1024*1024);
|
||||
fd_inc_sndbuf(b->output_fd, 1024*1024);
|
||||
|
||||
/* Get the peer for socketpair() sockets */
|
||||
l = sizeof(b->ucred);
|
||||
if (getsockopt(b->input_fd, SOL_SOCKET, SO_PEERCRED, &b->ucred, &l) >= 0 && l >= sizeof(b->ucred))
|
||||
b->ucred_valid = b->ucred.pid > 0;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -940,19 +953,25 @@ int bus_socket_read_message(sd_bus *bus, sd_bus_message **m) {
|
||||
cmsg->cmsg_type == SCM_CREDENTIALS &&
|
||||
cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
|
||||
|
||||
/* Ignore bogus data, which we might
|
||||
* get on socketpair() sockets */
|
||||
if (((struct ucred*) CMSG_DATA(cmsg))->pid != 0) {
|
||||
memcpy(&bus->ucred, CMSG_DATA(cmsg), sizeof(struct ucred));
|
||||
bus->ucred_valid = true;
|
||||
}
|
||||
|
||||
} else if (cmsg->cmsg_level == SOL_SOCKET &&
|
||||
cmsg->cmsg_type == SCM_SECURITY) {
|
||||
|
||||
size_t l;
|
||||
l = cmsg->cmsg_len - CMSG_LEN(0);
|
||||
if (l > 0) {
|
||||
memcpy(&bus->label, CMSG_DATA(cmsg), l);
|
||||
bus->label[l] = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
r = bus_socket_read_message_need(bus, &need);
|
||||
if (r < 0)
|
||||
|
Loading…
Reference in New Issue
Block a user