libreplace: Add getpeereid implementation.

author Jelmer Vernooij <jelmer@samba.org>

Sat, 24 Mar 2012 15:00:36 +0000 (16:00 +0100)

committer Jelmer Vernooij <jelmer@samba.org>

Sat, 24 Mar 2012 15:00:36 +0000 (16:00 +0100)
author Jelmer Vernooij <jelmer@samba.org>
Sat, 24 Mar 2012 15:00:36 +0000 (16:00 +0100)
committer Jelmer Vernooij <jelmer@samba.org>
Sat, 24 Mar 2012 15:00:36 +0000 (16:00 +0100)
diff --git a/lib/replace/libreplace_network.m4 b/lib/replace/libreplace_network.m4

index eadcc6bfc11a153415e99cdd2ee149d5bfca5f29..bb2a84324eb47f783942cd0dd482bb9731483932 100644 (file)
--- a/lib/replace/libreplace_network.m4
+++ b/lib/replace/libreplace_network.m4
@@ -473,6 +473,30 @@ fi
  LIBS=$old_LIBS
  CPPFLAGS="$libreplace_SAVE_CPPFLAGS"
  
+AC_CACHE_CHECK([for SO_PEERCRED],libreplace_cv_HAVE_PEERCRED,[
+AC_TRY_COMPILE([#include <sys/types.h>
+#include <sys/socket.h>],
+[struct ucred cred;
+ socklen_t cred_len;
+ int ret = getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len);
+],
+libreplace_cv_HAVE_PEERCRED=yes,libreplace_cv_HAVE_PEERCRED=no,libreplace_cv_HAVE_PEERCRED=cross)])
+if test x"$libreplace_cv_HAVE_PEERCRED" = x"yes"; then
+    AC_DEFINE(HAVE_PEERCRED,1,[Whether we can use SO_PEERCRED to get socket credentials])
+fi
+
+AC_CACHE_CHECK([for getpeereid],libreplace_cv_HAVE_GETPEEREID,[
+AC_TRY_LINK([#include <sys/types.h>
+#include <unistd.h>],
+[uid_t uid; gid_t gid; int ret;
+ ret = getpeereid(0, &uid, &gid);
+],
+libreplace_cv_HAVE_GETPEEREID=yes,libreplace_cv_HAVE_GETPEEREID=no)])
+if test x"$libreplace_cv_HAVE_GETPEEREID" = xyes; then
+   AC_DEFINE(HAVE_GETPEEREID,1,
+            [Whether we have getpeereid to get socket credentials])
+fi
+
  LIBREPLACEOBJ="${LIBREPLACEOBJ} ${LIBREPLACE_NETWORK_OBJS}"
  
  echo "LIBREPLACE_NETWORK_CHECKS: END"
diff --git a/lib/replace/replace.c b/lib/replace/replace.c

index f1454cbcd645145a5cc9a8f0f47ad0abdc608ae3..d7f9cc175860e6c8cae3bc2a02696c69887bc7aa 100644 (file)
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -860,3 +860,31 @@ void *rep_memalign( size_t align, size_t size )
  #endif
  }
  #endif
+
+#ifndef HAVE_GETPEEREID
+int rep_getpeereid(int s, uid_t *uid, gid_t *gid)
+{
+#if defined(HAVE_PEERCRED)
+       struct ucred cred;
+       socklen_t cred_len = sizeof(struct ucred);
+       int ret;
+
+       ret = getsockopt(s, SOL_SOCKET, SO_PEERCRED, (void *)&cred, &cred_len);
+       if (ret != 0) {
+               return -1;
+       }
+
+       if (cred_len != sizeof(struct ucred)) {
+               errno = EINVAL;
+               return -1;
+       }
+
+       *uid = cred.uid;
+       *gid = cred.gid;
+       return 0;
+#else
+       errno = ENOSYS;
+       return -1;
+#endif
+}
+#endif
diff --git a/lib/replace/replace.h b/lib/replace/replace.h

index 3f289d7f47bcd3a1519182fc1e48dec66a82618a..f2b1952376c0c6a323935c353ce69594f7594f90 100644 (file)
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -112,6 +112,10 @@
  #include <bsd/string.h>
  #endif
  
+#ifdef HAVE_BSD_UNISTD_H
+#include <bsd/unistd.h>
+#endif
+
  #ifdef HAVE_STRING_H
  #include <string.h>
  #endif
@@ -826,4 +830,9 @@ char *rep_getpass(const char *prompt);
  #endif
  #endif
  
+#ifndef HAVE_GETPEEREID
+#define getpeereid rep_getpeereid
+int rep_getpeereid(int s, uid_t *uid, gid_t *gid);
+#endif
+
  #endif /* _LIBREPLACE_REPLACE_H */
diff --git a/lib/replace/wscript b/lib/replace/wscript

index e1dc1e6a30891fc367991ffd2f46d766f7e05f74..025dda460db2d9ebd1fe3570b92a11afa806e7c6 100644 (file)
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -174,6 +174,16 @@ def configure(conf):
      if not conf.CHECK_FUNCS('strlcpy strlcat'):
          conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
                  checklibc=True)
+    if not conf.CHECK_FUNCS('getpeereid'):
+        conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
+
+    conf.CHECK_CODE('''
+                struct ucred cred;
+                socklen_t cred_len;
+                int ret = getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len);''',
+                'HAVE_PEERCRED',
+                msg="Checking whether we can use SO_PEERCRED to get socket credentials",
+                headers='sys/types.h sys/socket.h')
  
      #Some OS (ie. freebsd) return EINVAL if the convertion could not be done, it's not what we expect
      #Let's detect those cases
diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h

index 0c3fd1aeaf1d78cd05f886f718cc9af787ea77e2..f9892311025ea3a8c592b6bce32977cdb12d38d4 100644 (file)
--- a/lib/util/samba_util.h
+++ b/lib/util/samba_util.h
@@ -123,8 +123,6 @@ _PUBLIC_ pid_t sys_fork(void);
   **/
  _PUBLIC_ pid_t sys_getpid(void);
  
-_PUBLIC_ int sys_getpeereid( int s, uid_t *uid);
-
  struct sockaddr;
  
  _PUBLIC_ int sys_getnameinfo(const struct sockaddr *psa,
diff --git a/lib/util/system.c b/lib/util/system.c

index a7141bf9b0127481d63b5bdd91728e27c5e5eab0..f34fabd29295657ed84e3e69ccd22636e47a1183 100644 (file)
--- a/lib/util/system.c
+++ b/lib/util/system.c
@@ -71,35 +71,6 @@ _PUBLIC_ pid_t sys_getpid(void)
  }
  
  
-_PUBLIC_ int sys_getpeereid( int s, uid_t *uid)
-{
-#if defined(HAVE_PEERCRED)
-       struct ucred cred;
-       socklen_t cred_len = sizeof(struct ucred);
-       int ret;
-
-       ret = getsockopt(s, SOL_SOCKET, SO_PEERCRED, (void *)&cred, &cred_len);
-       if (ret != 0) {
-               return -1;
-       }
-
-       if (cred_len != sizeof(struct ucred)) {
-               errno = EINVAL;
-               return -1;
-       }
-
-       *uid = cred.uid;
-       return 0;
-#else
-#if defined(HAVE_GETPEEREID)
-       gid_t gid;
-       return getpeereid(s, uid, &gid);
-#endif
-       errno = ENOSYS;
-       return -1;
-#endif
-}
-
  _PUBLIC_ int sys_getnameinfo(const struct sockaddr *psa,
                              int salen,
                              char *host,
diff --git a/source3/configure.in b/source3/configure.in

index ffa2b808a320803f251e267df692bb83ebdaddb1..11bd744dc9db9b936b229899a858a5f97047d7fc 100644 (file)
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -6577,31 +6577,6 @@ AC_CHECK_MEMBERS([struct secmethod_table.method_attrlist], , ,
  AC_CHECK_MEMBERS([struct secmethod_table.method_version], , ,
         [#include <usersec.h>])
  
-AC_CACHE_CHECK([for SO_PEERCRED],samba_cv_HAVE_PEERCRED,[
-AC_TRY_COMPILE([#include <sys/types.h>
-#include <sys/socket.h>],
-[struct ucred cred;
- socklen_t cred_len;
- int ret = getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len);
-],
-samba_cv_HAVE_PEERCRED=yes,samba_cv_HAVE_PEERCRED=no,samba_cv_HAVE_PEERCRED=cross)])
-if test x"$samba_cv_HAVE_PEERCRED" = x"yes"; then
-    AC_DEFINE(HAVE_PEERCRED,1,[Whether we can use SO_PEERCRED to get socket credentials])
-fi
-
-AC_CACHE_CHECK([for getpeereid],samba_cv_HAVE_GETPEEREID,[
-AC_TRY_LINK([#include <sys/types.h>
-#include <unistd.h>],
-[uid_t uid; gid_t gid; int ret;
- ret = getpeereid(0, &uid, &gid);
-],
-samba_cv_HAVE_GETPEEREID=yes,samba_cv_HAVE_GETPEEREID=no)])
-if test x"$samba_cv_HAVE_GETPEEREID" = xyes; then
-   AC_DEFINE(HAVE_GETPEEREID,1,
-            [Whether we have getpeereid to get socket credentials])
-fi
-
-
  #################################################
  # Check to see if we should use the included popt
  
diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c

index 89885b9230ef82912a9234ff8f6bf02524b6b3ce..675d0d5e937eae361eac91396109bc5c89c7e135 100644 (file)
--- a/source3/rpc_server/rpc_server.c
+++ b/source3/rpc_server/rpc_server.c
@@ -1008,6 +1008,7 @@ void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
         NTSTATUS status;
         int sys_errno;
         uid_t uid;
+       gid_t gid;
         int rc;
  
         DEBUG(10, ("dcerpc_ncacn_accept\n"));
@@ -1068,7 +1069,7 @@ void dcerpc_ncacn_accept(struct tevent_context *ev_ctx,
  
                         break;
                 case NCALRPC:
-                       rc = sys_getpeereid(s, &uid);
+                       rc = getpeereid(s, &uid, &gid);
                         if (rc < 0) {
                                 DEBUG(2, ("Failed to get ncalrpc connecting "
                                           "uid - %s!\n", strerror(errno)));
diff --git a/source3/winbindd/winbindd_ccache_access.c b/source3/winbindd/winbindd_ccache_access.c

index 411b2b4c3ad5cd8c11ab8a3b258f63e051b352e0..5557b959f05afbf54c34e2c74ad06a3d614851e6 100644 (file)
--- a/source3/winbindd/winbindd_ccache_access.c
+++ b/source3/winbindd/winbindd_ccache_access.c
@@ -157,10 +157,11 @@ static bool check_client_uid(struct winbindd_cli_state *state, uid_t uid)
  {
         int ret;
         uid_t ret_uid;
+       gid_t ret_gid;
  
         ret_uid = (uid_t)-1;
  
-       ret = sys_getpeereid(state->sock, &ret_uid);
+       ret = getpeereid(state->sock, &ret_uid, &ret_gid);
         if (ret != 0) {
                 DEBUG(1, ("check_client_uid: Could not get socket peer uid: %s; "
                         "denying access\n", strerror(errno)));
diff --git a/source3/winbindd/winbindd_pam_logoff.c b/source3/winbindd/winbindd_pam_logoff.c

index c32a63e1463bfd0b0138d9532b0c37e796c94711..b3c60adf8574efa95361cd6a7ed20738a0ed57c3 100644 (file)
--- a/source3/winbindd/winbindd_pam_logoff.c
+++ b/source3/winbindd/winbindd_pam_logoff.c
@@ -37,6 +37,7 @@ struct tevent_req *winbindd_pam_logoff_send(TALLOC_CTX *mem_ctx,
         struct winbindd_domain *domain;
         fstring name_domain, user;
         uid_t caller_uid;
+       gid_t caller_gid;
         int res;
  
         req = tevent_req_create(mem_ctx, &state,
@@ -71,7 +72,7 @@ struct tevent_req *winbindd_pam_logoff_send(TALLOC_CTX *mem_ctx,
  
         caller_uid = (uid_t)-1;
  
-       res = sys_getpeereid(cli->sock, &caller_uid);
+       res = getpeereid(cli->sock, &caller_uid, &caller_gid);
         if (res != 0) {
                 DEBUG(1,("winbindd_pam_logoff: failed to check peerid: %s\n",
                         strerror(errno)));
diff --git a/source3/wscript b/source3/wscript

index 476fb109b5676405559b473b94143d7b65b4bc2e..5b480f0ee7f1153bd289346a8b6fd02cc81d0742 100644 (file)
--- a/source3/wscript
+++ b/source3/wscript
@@ -356,14 +356,6 @@ return acl_get_perm_np(permset_d, perm);
                  headers='unistd.h fcntl.h')
      conf.CHECK_DECLS('readahead', headers='fcntl.h', always=True)
  
-    conf.CHECK_CODE('''
-                struct ucred cred;
-                socklen_t cred_len;
-                int ret = getsockopt(0, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len);''',
-                'HAVE_PEERCRED',
-                msg="Checking whether we can use SO_PEERCRED to get socket credentials",
-                headers='sys/types.h sys/socket.h')
-
      conf.CHECK_CODE('''
                  #if defined(HAVE_LONGLONG) && (defined(HAVE_OFF64_T) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8)))
                  #include <sys/types.h>
author	Jelmer Vernooij <jelmer@samba.org>
	Sat, 24 Mar 2012 15:00:36 +0000 (16:00 +0100)
committer	Jelmer Vernooij <jelmer@samba.org>
	Sat, 24 Mar 2012 15:00:36 +0000 (16:00 +0100)
lib/replace/libreplace_network.m4		patch \| blob \| blame \| history
lib/replace/replace.c		patch \| blob \| blame \| history
lib/replace/replace.h		patch \| blob \| blame \| history
lib/replace/wscript		patch \| blob \| blame \| history
lib/util/samba_util.h		patch \| blob \| blame \| history
lib/util/system.c		patch \| blob \| blame \| history
source3/configure.in		patch \| blob \| blame \| history
source3/rpc_server/rpc_server.c		patch \| blob \| blame \| history
source3/winbindd/winbindd_ccache_access.c		patch \| blob \| blame \| history
source3/winbindd/winbindd_pam_logoff.c		patch \| blob \| blame \| history
source3/wscript		patch \| blob \| blame \| history