upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-20 22:59:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added check for sendmsg(). Added hack to use BSD sendmsg()/recvmsg() to

Browse source 
propagate peer creds if no explicit PEERCRED facility exists. Works
on Solaris 8.
This commit is contained in:
Howard Chu 2002-12-04 16:03:02 +00:00
parent eb41333e4c
commit d7c0a19aab
3 changed files with 53 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
configure.in
View file

@ -2475,6 +2475,7 @@ AC_CHECK_FUNCS( \
wait4 \ wait4 \
write \ write \
send \ send \
sendmsg \
sendto \ sendto \
) )

27
libraries/libldap/os-local.c
View file

@ -131,6 +131,10 @@ ldap_pvt_is_socket_ready(LDAP *ld, int s)
} }
#undef TRACE #undef TRACE
#if !defined(HAVE_GETPEEREID) && !defined(SO_PEERCRED) && !defined(LOCAL_PEERCRED) && defined(HAVE_SENDMSG)
#define DO_SENDMSG
#endif
static int static int
ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sa, int async) ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sa, int async)
{ {
@ -155,6 +159,25 @@ ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sa, int async)
if ( ldap_pvt_ndelay_off(ld, s) == -1 ) { if ( ldap_pvt_ndelay_off(ld, s) == -1 ) {
return ( -1 ); return ( -1 );
} }
#ifdef DO_SENDMSG
/* Send a dummy message with access rights. Remote side will
* obtain our uid/gid by fstat'ing this descriptor.
*/
sendcred: {
int fds[2];
struct iovec iov = {(char *)fds, sizeof(int)};
struct msghdr msg = {0};
if (pipe(fds) == 0) {
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_accrights = (char *)fds;
msg.msg_accrightslen = sizeof(int);
sendmsg( s, &msg, 0 );
close(fds[0]);
close(fds[1]);
}
}
#endif
return ( 0 ); return ( 0 );
} }
@ -181,7 +204,11 @@ ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sa, int async)
return ( -1 ); return ( -1 );
if ( ldap_pvt_ndelay_off(ld, s) == -1 ) if ( ldap_pvt_ndelay_off(ld, s) == -1 )
return ( -1 ); return ( -1 );
#ifdef DO_SENDMSG
goto sendcred;
#else
return ( 0 ); return ( 0 );
#endif
} }
oslocal_debug(ld, "ldap_connect_timeout: timed out\n",0,0,0); oslocal_debug(ld, "ldap_connect_timeout: timed out\n",0,0,0);
ldap_pvt_set_errno( ETIMEDOUT ); ldap_pvt_set_errno( ETIMEDOUT );

25
libraries/liblutil/getpeereid.c
View file

@ -18,6 +18,11 @@
#include <sys/ucred.h> #include <sys/ucred.h>
#endif #endif
#if !defined(SO_PEERCRED) && !defined(LOCAL_PEERCRED) && defined(HAVE_SENDMSG)
#define DO_SENDMSG
#include <sys/stat.h>
#endif
int getpeereid( int s, uid_t *euid, gid_t *egid ) int getpeereid( int s, uid_t *euid, gid_t *egid )
{ {
#ifdef LDAP_PF_LOCAL #ifdef LDAP_PF_LOCAL
@ -46,6 +51,26 @@ int getpeereid( int s, uid_t *euid, gid_t *egid )
*egid = peercred.cr_gid; *egid = peercred.cr_gid;
return 0; return 0;
} }
#elif defined( DO_SENDMSG )
int dummy, fd[2];
struct iovec iov = {(char *)&dummy, sizeof(dummy)};
struct msghdr msg = {0};
struct stat st;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_accrights = (char *)fd;
msg.msg_accrightslen = sizeof(fd);
if( recvmsg( s, &msg, 0) >= 0 && msg.msg_accrightslen == sizeof(int) )
{
dummy = fstat( fd, &st );
close(fd[0]);
if( dummy == 0 )
{
*euid = st.st_uid;
*egid = st.st_gid;
return 0;
}
}
#endif #endif
#endif #endif