File: getpeercred.c

package info (click to toggle)
nss-pam-ldapd 0.9.10-2
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 4,768 kB
  • sloc: ansic: 16,287; sh: 6,589; python: 3,368; xml: 1,925; makefile: 294; exp: 146
file content (120 lines) | stat: -rw-r--r-- 3,294 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
/*
   getpeercred.c - function for determining information about the
                   other end of a unix socket
   This file is part of the nss-pam-ldapd library.

   Copyright (C) 2008, 2009, 2011, 2012 Arthur de Jong

   This library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   This library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with this library; if not, write to the Free Software
   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
   02110-1301 USA
*/

#include "config.h"

#include <stdlib.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/un.h>
#ifdef HAVE_SYS_UCRED_H
#include <sys/ucred.h>
#endif /* HAVE SYS_UCRED_H */
#include <errno.h>
#ifdef HAVE_UCRED_H
#include <ucred.h>
#endif /* HAVE_UCRED_H */

#include "getpeercred.h"

/* Note: most of this code is untested, except for the first
         implementation (it may even fail to compile) */

int getpeercred(int sock, uid_t *uid, gid_t *gid, pid_t *pid)
{
#if defined(SO_PEERCRED)
  socklen_t l;
  struct ucred cred;
  /* initialize client information (in case getsockopt() breaks) */
  cred.pid = (pid_t)0;
  cred.uid = (uid_t)-1;
  cred.gid = (gid_t)-1;
  /* look up process information from peer */
  l = (socklen_t)sizeof(struct ucred);
  if (getsockopt(sock, SOL_SOCKET, SO_PEERCRED, &cred, &l) < 0)
    return -1; /* errno already set */
  /* return the data */
  if (uid != NULL)
    *uid = cred.uid;
  if (gid != NULL)
    *gid = cred.gid;
  if (pid != NULL)
    *pid = cred.pid;
  return 0;
#elif defined(LOCAL_PEERCRED)
  socklen_t l;
  struct xucred cred;
  /* look up process information from peer */
  l = (socklen_t)sizeof(struct xucred);
  if (getsockopt(sock, 0, LOCAL_PEERCRED, &cred, &l) < 0)
    return -1; /* errno already set */
  if (cred.cr_version != XUCRED_VERSION)
  {
    errno = EINVAL;
    return -1;
  }
  /* return the data */
  if (uid != NULL)
    *uid = cred.cr_uid;
  if (gid != NULL)
    *gid = cred.cr_gid;
  if (pid != NULL)
    *pid = (pid_t)-1;
  return 0;
#elif defined(HAVE_GETPEERUCRED)
  ucred_t *cred = NULL;
  if (getpeerucred(sock, &cred))
    return -1;
  /* save the data */
  if (uid != NULL)
    *uid = ucred_geteuid(cred);
  if (gid != NULL)
    *gid = ucred_getegid(cred);
  if (pid != NULL)
    *pid = ucred_getpid(cred);
  /* free cred and return */
  ucred_free(cred);
  return 0;
#elif defined(HAVE_GETPEEREID)
  uid_t tuid;
  gid_t tgid;
  if (uid == NULL)
    uid = &tuid;
  if (gid == NULL)
    gid = &tguid;
  if (getpeereid(sock, uid, gid))
    return -1;
  /* return the data */
  if (uid != NULL)
    *uid = cred.uid;
  if (gid != NULL)
    *gid = cred.gid;
  if (pid != NULL)
    *pid = -1; /* we return a -1 pid because we have no usable pid */
  return 0;
#else
  /* nothing found that is supported */
  errno = ENOSYS;
  return -1;
#endif
}