Support SO_PEERCRED SASL EXTERNAL authorization.

2025-12-23 16:19:35 -05:00 · 2002-12-04 04:14:44 +00:00 · 2002-12-04 04:14:44 +00:00 · daf7d0c0eb
commit daf7d0c0eb
parent a6edb2ae36
1 changed files with 13 additions and 0 deletions
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@ -1555,6 +1555,19 @@ slapd_daemon_task(
 			case AF_LOCAL:
 				sprintf( peername, "PATH=%s", from.sa_un_addr.sun_path );
 				ssf = LDAP_PVT_SASL_LOCAL_SSF;
+#   ifdef SO_PEERCRED
+				{
+					struct ucred peercred;
+					size_t peercred_len = sizeof(peercred);
+
+					if (getsockopt( s, SOL_SOCKET, SO_PEERCRED,
+					    (void *)&peercred, &peercred_len ) == 0 &&
+					    peercred_len == sizeof(peercred) ) {
+						authid = ch_malloc(sizeof("uidNumber=+gidNumber=+,cn=peercred,cn=external,cn=auth") + 32);
+						sprintf(authid, "uidNumber=%d+gidNumber=%d,cn=peercred,cn=external,cn=auth", peercred.uid, peercred.gid);
+					}
+				}
+#   endif /* SO_PEERCRED */
 				dnsname = "local";
 				break;
 #endif /* LDAP_PF_LOCAL */