diff options
author | Chris Wilson <chris+github@qwirx.com> | 2014-12-06 15:03:40 +0000 |
---|---|---|
committer | Chris Wilson <chris+github@qwirx.com> | 2014-12-06 15:03:40 +0000 |
commit | f3a1ce8af043dbdc9240df76f69424c20446e2a5 (patch) | |
tree | 095f57ccb104e7536febcedd7f62676d397c5c98 | |
parent | 9ce77cc16d4a8aeb72ec0dc925966e11c85a985e (diff) |
Add support for getsockopt(SO_PEERCRED) on OpenBSD 5.2.
OpenBSD requires different headers to be included, including a bug which
makes it essential to include sys/param.h before sys/ucred.h, and gives the
fields of struct ucred different names than Linux does.
This fixes compilation on OpenBSD and allows the user connecting to a UNIX
socket to be checked, increasing security of the command socket on this
platform.
-rw-r--r-- | infrastructure/m4/boxbackup_tests.m4 | 19 | ||||
-rw-r--r-- | lib/server/SocketStream.cpp | 13 |
2 files changed, 32 insertions, 0 deletions
diff --git a/infrastructure/m4/boxbackup_tests.m4 b/infrastructure/m4/boxbackup_tests.m4 index 8bc13883..ccb46646 100644 --- a/infrastructure/m4/boxbackup_tests.m4 +++ b/infrastructure/m4/boxbackup_tests.m4 @@ -138,6 +138,11 @@ AC_CHECK_HEADERS([syslog.h time.h cxxabi.h]) AC_CHECK_HEADERS([netinet/in.h netinet/tcp.h]) AC_CHECK_HEADERS([sys/file.h sys/param.h sys/poll.h sys/socket.h sys/time.h]) AC_CHECK_HEADERS([sys/types.h sys/uio.h sys/un.h sys/wait.h sys/xattr.h]) +AC_CHECK_HEADERS([sys/ucred.h],,, [ + #ifdef HAVE_SYS_PARAM_H + # include <sys/param.h> + #endif + ]) AC_CHECK_HEADERS([bsd/unistd.h]) AC_CHECK_HEADERS([sys/socket.h], [have_sys_socket_h=yes]) AC_CHECK_HEADERS([winsock2.h], [have_winsock2_h=yes]) @@ -217,6 +222,20 @@ fi # Solaris provides getpeerucred() instead of getpeereid() or SO_PEERCRED AC_CHECK_HEADERS([ucred.h]) AC_CHECK_FUNCS([getpeerucred]) +AC_CHECK_MEMBERS([struct ucred.uid, struct ucred.cr_uid],,, + [[ + #ifdef HAVE_UCRED_H + # include <ucred.h> + #endif + + #ifdef HAVE_SYS_PARAM_H + # include <sys/param.h> + #endif + + #ifdef HAVE_SYS_UCRED_H + # include <sys/ucred.h> + #endif + ]]) AC_CHECK_DECLS([optreset],,, [[#include <getopt.h>]]) AC_CHECK_DECLS([dirfd],,, diff --git a/lib/server/SocketStream.cpp b/lib/server/SocketStream.cpp index ab0a54ae..22ca1551 100644 --- a/lib/server/SocketStream.cpp +++ b/lib/server/SocketStream.cpp @@ -29,6 +29,14 @@ #include <bsd/unistd.h> #endif +#ifdef HAVE_SYS_PARAM_H + #include <sys/param.h> +#endif + +#ifdef HAVE_SYS_UCRED_H + #include <sys/ucred.h> +#endif + #include "autogen_ConnectionException.h" #include "autogen_ServerException.h" #include "SocketStream.h" @@ -511,8 +519,13 @@ bool SocketStream::GetPeerCredentials(uid_t &rUidOut, gid_t &rGidOut) if(::getsockopt(mSocketHandle, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) == 0) { +#ifdef HAVE_STRUCT_CRED_UID rUidOut = cred.uid; rGidOut = cred.gid; +#else // HAVE_STRUCT_CRED_CR_UID + rUidOut = cred.cr_uid; + rGidOut = cred.cr_gid; +#endif return true; } |