From f3a1ce8af043dbdc9240df76f69424c20446e2a5 Mon Sep 17 00:00:00 2001
From: Chris Wilson <chris+github@qwirx.com>
Date: Sat, 6 Dec 2014 15:03:40 +0000
Subject: Add support for getsockopt(SO_PEERCRED) on OpenBSD 5.2.

OpenBSD requires different headers to be included, including a bug which
makes it essential to include sys/param.h before sys/ucred.h, and gives the
fields of struct ucred different names than Linux does.

This fixes compilation on OpenBSD and allows the user connecting to a UNIX
socket to be checked, increasing security of the command socket on this
platform.
---
 lib/server/SocketStream.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'lib/server')

diff --git a/lib/server/SocketStream.cpp b/lib/server/SocketStream.cpp
index ab0a54ae..22ca1551 100644
--- a/lib/server/SocketStream.cpp
+++ b/lib/server/SocketStream.cpp
@@ -29,6 +29,14 @@
 	#include <bsd/unistd.h>
 #endif
 
+#ifdef HAVE_SYS_PARAM_H
+	#include <sys/param.h>
+#endif
+
+#ifdef HAVE_SYS_UCRED_H
+	#include <sys/ucred.h>
+#endif
+
 #include "autogen_ConnectionException.h"
 #include "autogen_ServerException.h"
 #include "SocketStream.h"
@@ -511,8 +519,13 @@ bool SocketStream::GetPeerCredentials(uid_t &rUidOut, gid_t &rGidOut)
 	if(::getsockopt(mSocketHandle, SOL_SOCKET, SO_PEERCRED, &cred,
 		&credLen) == 0)
 	{
+#ifdef HAVE_STRUCT_CRED_UID
 		rUidOut = cred.uid;
 		rGidOut = cred.gid;
+#else // HAVE_STRUCT_CRED_CR_UID
+		rUidOut = cred.cr_uid;
+		rGidOut = cred.cr_gid;
+#endif
 		return true;
 	}
 
-- 
cgit v1.2.3