1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00

libreplace: Add getpeereid implementation.

This commit is contained in:
Jelmer Vernooij 2012-03-24 16:00:36 +01:00
parent 76bb68fd2b
commit 71d41a015a
11 changed files with 77 additions and 67 deletions

View File

@ -473,6 +473,30 @@ fi
LIBS=$old_LIBS
CPPFLAGS="$libreplace_SAVE_CPPFLAGS"
AC_CACHE_CHECK([for SO_PEERCRED],libreplace_cv_HAVE_PEERCRED,[
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>],
[struct ucred cred;
socklen_t cred_len;
int ret = getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len);
],
libreplace_cv_HAVE_PEERCRED=yes,libreplace_cv_HAVE_PEERCRED=no,libreplace_cv_HAVE_PEERCRED=cross)])
if test x"$libreplace_cv_HAVE_PEERCRED" = x"yes"; then
AC_DEFINE(HAVE_PEERCRED,1,[Whether we can use SO_PEERCRED to get socket credentials])
fi
AC_CACHE_CHECK([for getpeereid],libreplace_cv_HAVE_GETPEEREID,[
AC_TRY_LINK([#include <sys/types.h>
#include <unistd.h>],
[uid_t uid; gid_t gid; int ret;
ret = getpeereid(0, &uid, &gid);
],
libreplace_cv_HAVE_GETPEEREID=yes,libreplace_cv_HAVE_GETPEEREID=no)])
if test x"$libreplace_cv_HAVE_GETPEEREID" = xyes; then
AC_DEFINE(HAVE_GETPEEREID,1,
[Whether we have getpeereid to get socket credentials])
fi
LIBREPLACEOBJ="${LIBREPLACEOBJ} ${LIBREPLACE_NETWORK_OBJS}"
echo "LIBREPLACE_NETWORK_CHECKS: END"

View File

@ -860,3 +860,31 @@ void *rep_memalign( size_t align, size_t size )
#endif
}
#endif
#ifndef HAVE_GETPEEREID
int rep_getpeereid(int s, uid_t *uid, gid_t *gid)
{
#if defined(HAVE_PEERCRED)
struct ucred cred;
socklen_t cred_len = sizeof(struct ucred);
int ret;
ret = getsockopt(s, SOL_SOCKET, SO_PEERCRED, (void *)&cred, &cred_len);
if (ret != 0) {
return -1;
}
if (cred_len != sizeof(struct ucred)) {
errno = EINVAL;
return -1;
}
*uid = cred.uid;
*gid = cred.gid;
return 0;
#else
errno = ENOSYS;
return -1;
#endif
}
#endif

View File

@ -112,6 +112,10 @@
#include <bsd/string.h>
#endif
#ifdef HAVE_BSD_UNISTD_H
#include <bsd/unistd.h>
#endif
#ifdef HAVE_STRING_H
#include <string.h>
#endif
@ -826,4 +830,9 @@ char *rep_getpass(const char *prompt);
#endif
#endif
#ifndef HAVE_GETPEEREID
#define getpeereid rep_getpeereid
int rep_getpeereid(int s, uid_t *uid, gid_t *gid);
#endif
#endif /* _LIBREPLACE_REPLACE_H */

View File

@ -174,6 +174,16 @@ def configure(conf):
if not conf.CHECK_FUNCS('strlcpy strlcat'):
conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
checklibc=True)
if not conf.CHECK_FUNCS('getpeereid'):
conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
conf.CHECK_CODE('''
struct ucred cred;
socklen_t cred_len;
int ret = getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len);''',
'HAVE_PEERCRED',
msg="Checking whether we can use SO_PEERCRED to get socket credentials",
headers='sys/types.h sys/socket.h')
#Some OS (ie. freebsd) return EINVAL if the convertion could not be done, it's not what we expect
#Let's detect those cases

View File

@ -123,8 +123,6 @@ _PUBLIC_ pid_t sys_fork(void);
**/
_PUBLIC_ pid_t sys_getpid(void);
_PUBLIC_ int sys_getpeereid( int s, uid_t *uid);
struct sockaddr;
_PUBLIC_ int sys_getnameinfo(const struct sockaddr *psa,

View File

@ -71,35 +71,6 @@ _PUBLIC_ pid_t sys_getpid(void)
}
_PUBLIC_ int sys_getpeereid( int s, uid_t *uid)
{
#if defined(HAVE_PEERCRED)
struct ucred cred;
socklen_t cred_len = sizeof(struct ucred);
int ret;
ret = getsockopt(s, SOL_SOCKET, SO_PEERCRED, (void *)&cred, &cred_len);
if (ret != 0) {
return -1;
}
if (cred_len != sizeof(struct ucred)) {
errno = EINVAL;
return -1;
}
*uid = cred.uid;
return 0;
#else
#if defined(HAVE_GETPEEREID)
gid_t gid;
return getpeereid(s, uid, &gid);
#endif
errno = ENOSYS;
return -1;
#endif
}
_PUBLIC_ int sys_getnameinfo(const struct sockaddr *psa,
int salen,
char *host,

View File

@ -6577,31 +6577,6 @@ AC_CHECK_MEMBERS([struct secmethod_table.method_attrlist], , ,
AC_CHECK_MEMBERS([struct secmethod_table.method_version], , ,
[#include <usersec.h>])
AC_CACHE_CHECK([for SO_PEERCRED],samba_cv_HAVE_PEERCRED,[
AC_TRY_COMPILE([#include <sys/types.h>
#include <sys/socket.h>],
[struct ucred cred;
socklen_t cred_len;
int ret = getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len);
],
samba_cv_HAVE_PEERCRED=yes,samba_cv_HAVE_PEERCRED=no,samba_cv_HAVE_PEERCRED=cross)])
if test x"$samba_cv_HAVE_PEERCRED" = x"yes"; then
AC_DEFINE(HAVE_PEERCRED,1,[Whether we can use SO_PEERCRED to get socket credentials])
fi
AC_CACHE_CHECK([for getpeereid],samba_cv_HAVE_GETPEEREID,[
AC_TRY_LINK([#include <sys/types.h>
#include <unistd.h>],
[uid_t uid; gid_t gid; int ret;
ret = getpeereid(0, &uid, &gid);
],
samba_cv_HAVE_GETPEEREID=yes,samba_cv_HAVE_GETPEEREID=no)])
if test x"$samba_cv_HAVE_GETPEEREID" = xyes; then
AC_DEFINE(HAVE_GETPEEREID,1,
[Whether we have getpeereid to get socket credentials])
fi
#################################################
# Check to see if we should use the included popt

View File

@ -1008,6 +1008,7 @@ void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
NTSTATUS status;
int sys_errno;
uid_t uid;
gid_t gid;
int rc;
DEBUG(10, ("dcerpc_ncacn_accept\n"));
@ -1068,7 +1069,7 @@ void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
break;
case NCALRPC:
rc = sys_getpeereid(s, &uid);
rc = getpeereid(s, &uid, &gid);
if (rc < 0) {
DEBUG(2, ("Failed to get ncalrpc connecting "
"uid - %s!\n", strerror(errno)));

View File

@ -157,10 +157,11 @@ static bool check_client_uid(struct winbindd_cli_state *state, uid_t uid)
{
int ret;
uid_t ret_uid;
gid_t ret_gid;
ret_uid = (uid_t)-1;
ret = sys_getpeereid(state->sock, &ret_uid);
ret = getpeereid(state->sock, &ret_uid, &ret_gid);
if (ret != 0) {
DEBUG(1, ("check_client_uid: Could not get socket peer uid: %s; "
"denying access\n", strerror(errno)));

View File

@ -37,6 +37,7 @@ struct tevent_req *winbindd_pam_logoff_send(TALLOC_CTX *mem_ctx,
struct winbindd_domain *domain;
fstring name_domain, user;
uid_t caller_uid;
gid_t caller_gid;
int res;
req = tevent_req_create(mem_ctx, &state,
@ -71,7 +72,7 @@ struct tevent_req *winbindd_pam_logoff_send(TALLOC_CTX *mem_ctx,
caller_uid = (uid_t)-1;
res = sys_getpeereid(cli->sock, &caller_uid);
res = getpeereid(cli->sock, &caller_uid, &caller_gid);
if (res != 0) {
DEBUG(1,("winbindd_pam_logoff: failed to check peerid: %s\n",
strerror(errno)));

View File

@ -356,14 +356,6 @@ return acl_get_perm_np(permset_d, perm);
headers='unistd.h fcntl.h')
conf.CHECK_DECLS('readahead', headers='fcntl.h', always=True)
conf.CHECK_CODE('''
struct ucred cred;
socklen_t cred_len;
int ret = getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len);''',
'HAVE_PEERCRED',
msg="Checking whether we can use SO_PEERCRED to get socket credentials",
headers='sys/types.h sys/socket.h')
conf.CHECK_CODE('''
#if defined(HAVE_LONGLONG) && (defined(HAVE_OFF64_T) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8)))
#include <sys/types.h>