dovecot-2.2: Extends struct net_unix_cred with pid field and mod...
dovecot at dovecot.org
dovecot at dovecot.org
Sat May 19 22:40:19 EEST 2012
details: http://hg.dovecot.org/dovecot-2.2/rev/80688ab1ea3d
changeset: 14233:80688ab1ea3d
user: Timo Sirainen <tss at iki.fi>
date: Sat May 19 22:40:08 2012 +0300
description:
Extends struct net_unix_cred with pid field and modifies net_getunixcred() to fill it in if possible.
Depends: none
diffstat:
configure.in | 4 ++-
src/lib/network.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++--------
src/lib/network.h | 4 ++-
3 files changed, 58 insertions(+), 11 deletions(-)
diffs (137 lines):
diff -r 875eeb3052a9 -r 80688ab1ea3d configure.in
--- a/configure.in Sat May 19 22:28:19 2012 +0300
+++ b/configure.in Sat May 19 22:40:08 2012 +0300
@@ -292,7 +292,7 @@
sys/quota.h sys/fs/ufs_quota.h ufs/ufs/quota.h jfs/quota.h sys/fs/quota_common.h \
mntent.h sys/mnttab.h sys/event.h sys/time.h sys/mkdev.h linux/dqblk_xfs.h \
xfs/xqm.h execinfo.h ucontext.h malloc_np.h sys/utsname.h sys/vmount.h \
- sys/utsname.h glob.h linux/falloc.h ucred.h)
+ sys/utsname.h glob.h linux/falloc.h ucred.h sys/ucred.h)
dnl * clang check
have_clang=no
@@ -408,6 +408,8 @@
walkcontext dirfd clearenv malloc_usable_size glob fallocate \
posix_fadvise getpeereid getpeerucred)
+AC_CHECK_TYPES([struct sockpeercred])
+
AC_CHECK_LIB(rt, clock_gettime, [
AC_DEFINE(HAVE_CLOCK_GETTIME,, Define if you have the clock_gettime function)
LIBS="$LIBS -lrt"
diff -r 875eeb3052a9 -r 80688ab1ea3d src/lib/network.c
--- a/src/lib/network.c Sat May 19 22:28:19 2012 +0300
+++ b/src/lib/network.c Sat May 19 22:40:08 2012 +0300
@@ -13,8 +13,10 @@
#include <ctype.h>
#include <sys/un.h>
#include <netinet/tcp.h>
-#ifdef HAVE_UCRED_H
+#if defined(HAVE_UCRED_H)
# include <ucred.h> /* for getpeerucred() */
+#elif defined(HAVE_SYS_UCRED_H)
+# include <sys/ucred.h> /* for FreeBSD struct xucred */
#endif
union sockaddr_union {
@@ -694,16 +696,14 @@
int net_getunixcred(int fd, struct net_unix_cred *cred_r)
{
-#if defined(HAVE_GETPEEREID)
- /* OSX 10.4+, FreeBSD 4.6+, OpenBSD 3.0+, NetBSD 5.0+ */
- if (getpeereid(fd, &cred_r->uid, &cred_r->gid) < 0) {
- i_error("getpeereid() failed: %m");
- return -1;
- }
- return 0;
-#elif defined(SO_PEERCRED)
+#if defined(SO_PEERCRED)
+# if defined(HAVE_STRUCT_SOCKPEERCRED)
+ /* OpenBSD (may also provide getpeereid, but we also want pid) */
+ struct sockpeercred ucred;
+# else
/* Linux */
struct ucred ucred;
+# endif
socklen_t len = sizeof(ucred);
if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &len) < 0) {
@@ -712,6 +712,48 @@
}
cred_r->uid = ucred.uid;
cred_r->gid = ucred.gid;
+ cred_r->pid = ucred.pid;
+ return 0;
+#elif defined(LOCAL_PEEREID)
+ /* NetBSD (may also provide getpeereid, but we also want pid) */
+ struct unpcbid ucred;
+ socklen_t len = sizeof(ucred);
+
+ if (getsockopt(s, 0, LOCAL_PEEREID, &ucred, &len) < 0) {
+ i_error("getsockopt(LOCAL_PEEREID) failed: %m");
+ return -1;
+ }
+
+ cred_r->uid = ucred.unp_euid;
+ cred_r->gid = ucred.unp_egid;
+ cred_r->pid = ucred.unp_pid;
+ return 0;
+#elif defined(HAVE_GETPEEREID)
+ /* OSX 10.4+, FreeBSD 4.6+, OpenBSD 3.0+, NetBSD 5.0+ */
+ if (getpeereid(fd, &cred_r->uid, &cred_r->gid) < 0) {
+ i_error("getpeereid() failed: %m");
+ return -1;
+ }
+ cred_r->pid = (pid_t)-1;
+ return 0;
+#elif defined(LOCAL_PEERCRED)
+ /* Older FreeBSD */
+ struct xucred ucred;
+ socklen_t len = sizeof(ucred);
+
+ if (getsockopt(fd, 0, LOCAL_PEERCRED, &ucred, &len) < 0) {
+ i_error("getsockopt(LOCAL_PEERCRED) failed: %m");
+ return -1;
+ }
+
+ if (ucred.cr_version != XUCRED_VERSION) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ cred_r->uid = ucred.cr_uid;
+ cred_r->gid = ucred.cr_gid;
+ cred_r->pid = (pid_t)-1;
return 0;
#elif defined(HAVE_GETPEERUCRED)
/* Solaris */
@@ -723,6 +765,7 @@
}
cred_r->uid = ucred_geteuid(ucred);
cred_r->gid = ucred_getrgid(ucred);
+ cred_r->pid = ucred_getpid(ucred);
ucred_free(ucred);
if (cred_r->uid == (uid_t)-1 ||
diff -r 875eeb3052a9 -r 80688ab1ea3d src/lib/network.h
--- a/src/lib/network.h Sat May 19 22:28:19 2012 +0300
+++ b/src/lib/network.h Sat May 19 22:40:08 2012 +0300
@@ -34,6 +34,7 @@
struct net_unix_cred {
uid_t uid;
gid_t gid;
+ pid_t pid;
};
/* maxmimum string length of IP address */
@@ -115,7 +116,8 @@
int net_getpeername(int fd, struct ip_addr *addr, unsigned int *port);
/* Get UNIX socket name. */
int net_getunixname(int fd, const char **name_r);
-/* Get UNIX socket peer process's credentials. */
+/* Get UNIX socket peer process's credentials. The pid may be (pid_t)-1 if
+ unavailable. */
int net_getunixcred(int fd, struct net_unix_cred *cred_r);
/* Returns ip_addr as string, or NULL if ip is invalid. */
More information about the dovecot-cvs
mailing list