upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-03-23 19:23:10 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys
History
Bill Paul 0b788fa1da Add support to sendmsg()/recvmsg() for passing credentials between 
processes using AF_LOCAL sockets. This hack is going to be used with
Secure RPC to duplicate a feature of STREAMS which has no real counterpart
in sockets (with STREAMS/TLI, you can apparently use t_getinfo() to learn
UID of a local process on the other side of a transport endpoint).

What happens is this: the client sets up a sendmsg() call with ancillary
data using the SCM_CREDS socket-level control message type. It does not
need to fill in the structure. When the kernel notices the data,
unp_internalize() fills in the cmesgcred structure with the sending
process' credentials (UID, EUID, GID, and ancillary groups). This data
is later delivered to the receiving process. The receiver can then
perform the follwing tests:

- Did the client send ancillary data?
	o Yes, proceed.
	o No, refuse to authenticate the client.

- The the client send data of type SCM_CREDS?
	o Yes, proceed.
	o No, refuse to authenticate the client.

- Is the cmsgcred structure the right size?
	o Yes, proceed.
	o No, signal a possible error.

The receiver can now inspect the credential information and use it to
authenticate the client.
1997-03-21 16:12:32 +00:00
..
alpha Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
amd64 Quoted CMD640. It's still missing from options.i386. 1997-03-13 19:03:58 +00:00
compat/linux Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
compile Stop cvs up -P from removing empty compile directories. 1994-08-25 16:20:16 +00:00
conf Typo police. 1997-03-20 16:33:15 +00:00
ddb Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
dev Added support for newer cards that have the DP83840A PHY chip. 1997-03-21 08:00:13 +00:00
fs Restore the lost MNT_LOCAL flag twiddle. Lite2 has a different mechanism 1997-03-18 19:50:12 +00:00
geom Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
gnu Update a number of routines to reflect the actual name 1997-03-09 06:10:36 +00:00
i386 Typo police. 1997-03-20 16:33:15 +00:00
isa Made set_controller_command_byte() less verbose. It used to print a 1997-03-07 10:22:55 +00:00
isofs/cd9660 Use the common nchstats struct instead of a private one for ncs_2passes 1997-03-08 16:09:38 +00:00
kern Add support to sendmsg()/recvmsg() for passing credentials between 1997-03-21 16:12:32 +00:00
libkern Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
miscfs Fixed missing initialisation of vp->v_type for types Pfile and Pmem 1997-03-08 16:06:34 +00:00
modules Revert $FreeBSD$ back to $Id$ 1997-02-22 12:49:29 +00:00
msdosfs Restore the lost MNT_LOCAL flag twiddle. Lite2 has a different mechanism 1997-03-18 19:50:12 +00:00
net Fix from Matt for the problem described in PR # kern/2990: ``DEC FDDI 1997-03-15 19:58:43 +00:00
netatalk make the netatalk output routine matcy the prtotype used in the 1997-03-05 09:17:38 +00:00
netinet Improved performance of hash algorithm while (hopefully) not reducing 1997-03-03 09:23:37 +00:00
netipx Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
netkey This is the `netkey' kernel key-management service (the PF_KEY analogue 1996-06-14 17:22:18 +00:00
netns Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
nfs YAMInTheWrongDirectionF22 (part of rev.1.28.2.3: set B_CLUSTEROK for 1997-03-09 10:21:26 +00:00
nfsclient YAMInTheWrongDirectionF22 (part of rev.1.28.2.3: set B_CLUSTEROK for 1997-03-09 10:21:26 +00:00
nfsserver Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
pc98 Synchronize with sys/i386/conf/files.i386 revision 1.156. 1997-03-19 16:14:25 +00:00
pccard Argh, this time get the parentheses right. This hasn't been a good day for me. 1997-02-21 05:46:57 +00:00
pci Added support for newer cards that have the DP83840A PHY chip. 1997-03-21 08:00:13 +00:00
powerpc/include Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
rpc Revert $FreeBSD$ to $Id$ 1997-02-23 09:21:14 +00:00
scsi Add a quirk entry for the HP6020i, after John has just confirmed that 1997-03-10 20:51:17 +00:00
sys Add support to sendmsg()/recvmsg() for passing credentials between 1997-03-21 16:12:32 +00:00
tools Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00
ufs MAXDIRSIZE is (or would be) used in fsck. It's a sanity check. 1997-03-18 19:52:17 +00:00
vm When removing IN_RECURSE support during the Lite/2 merge, read/write 1997-03-08 04:33:47 +00:00
Makefile Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not 1997-02-22 09:48:43 +00:00