mirror of
https://gitlab.freedesktop.org/libbsd/libbsd.git
synced 2025-01-24 10:59:29 +01:00
Add getpeereid function
This commit is contained in:
parent
acb7c42d7c
commit
5b19adfa82
2
Makefile
2
Makefile
@ -26,6 +26,7 @@ LIB_SRCS := \
|
||||
err.c \
|
||||
fgetln.c \
|
||||
flopen.c \
|
||||
getpeereid.c \
|
||||
heapsort.c \
|
||||
humanize_number.c \
|
||||
dehumanize_number.c \
|
||||
@ -84,6 +85,7 @@ LIB_MANS := \
|
||||
strlcat.3 \
|
||||
fgetln.3 \
|
||||
flopen.3 \
|
||||
getpeereid.3 \
|
||||
readpassphrase.3 \
|
||||
reallocf.3 \
|
||||
humanize_number.3 \
|
||||
|
@ -39,6 +39,8 @@ mode_t getmode(const void *set, mode_t mode);
|
||||
void *setmode(const char *mode_str);
|
||||
|
||||
void setproctitle(const char *fmt, ...);
|
||||
|
||||
int getpeereid(int s, uid_t *euid, gid_t *egid);
|
||||
__END_DECLS
|
||||
|
||||
#endif
|
||||
|
138
src/getpeereid.3
Normal file
138
src/getpeereid.3
Normal file
@ -0,0 +1,138 @@
|
||||
.\"
|
||||
.\" Copyright (c) 2001 Dima Dorfman.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that the following conditions
|
||||
.\" are met:
|
||||
.\" 1. Redistributions of source code must retain the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer.
|
||||
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer in the
|
||||
.\" documentation and/or other materials provided with the distribution.
|
||||
.\"
|
||||
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd July 15, 2001
|
||||
.Dt GETPEEREID 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm getpeereid
|
||||
.Nd get the effective credentials of a UNIX-domain peer
|
||||
.Sh LIBRARY
|
||||
.ds str-Lb-libbsd Utility functions from BSD systems (libbsd, \-lbsd)
|
||||
.Lb libbsd
|
||||
.Sh SYNOPSIS
|
||||
.In sys/types.h
|
||||
.In unistd.h
|
||||
.Ft int
|
||||
.Fn getpeereid "int s" "uid_t *euid" "gid_t *egid"
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Fn getpeereid
|
||||
function returns the effective user and group IDs of the
|
||||
peer connected to a
|
||||
.Ux Ns -domain
|
||||
socket.
|
||||
The argument
|
||||
.Fa s
|
||||
must be a
|
||||
.Ux Ns -domain
|
||||
socket
|
||||
.Pq Xr unix 4
|
||||
of type
|
||||
.Dv SOCK_STREAM
|
||||
on which either
|
||||
.Xr connect 2
|
||||
or
|
||||
.Xr listen 2
|
||||
have been called.
|
||||
The effective used ID is placed in
|
||||
.Fa euid ,
|
||||
and the effective group ID in
|
||||
.Fa egid .
|
||||
.Pp
|
||||
The credentials returned to the
|
||||
.Xr listen 2
|
||||
caller are those of its peer at the time it called
|
||||
.Xr connect 2 ;
|
||||
the credentials returned to the
|
||||
.Xr connect 2
|
||||
caller are those of its peer at the time it called
|
||||
.Xr listen 2 .
|
||||
This mechanism is reliable; there is no way for either side to influence
|
||||
the credentials returned to its peer except by calling the appropriate
|
||||
system call (i.e., either
|
||||
.Xr connect 2
|
||||
or
|
||||
.Xr listen 2 )
|
||||
under different effective credentials.
|
||||
.Pp
|
||||
One common use of this routine is for a
|
||||
.Ux Ns -domain
|
||||
server
|
||||
to verify the credentials of its client.
|
||||
Likewise, the client can verify the credentials of the server.
|
||||
.Sh IMPLEMENTATION NOTES
|
||||
On
|
||||
.Fx ,
|
||||
.Fn getpeereid
|
||||
is implemented in terms of the
|
||||
.Dv LOCAL_PEERCRED
|
||||
.Xr unix 4
|
||||
socket option.
|
||||
.Sh RETURN VALUES
|
||||
.Rv -std getpeereid
|
||||
.Sh ERRORS
|
||||
The
|
||||
.Fn getpeereid
|
||||
function
|
||||
fails if:
|
||||
.Bl -tag -width Er
|
||||
.It Bq Er EBADF
|
||||
The argument
|
||||
.Fa s
|
||||
is not a valid descriptor.
|
||||
.It Bq Er ENOTSOCK
|
||||
The argument
|
||||
.Fa s
|
||||
is a file, not a socket.
|
||||
.It Bq Er ENOTCONN
|
||||
The argument
|
||||
.Fa s
|
||||
does not refer to a socket on which
|
||||
.Xr connect 2
|
||||
or
|
||||
.Xr listen 2
|
||||
have been called.
|
||||
.It Bq Er EINVAL
|
||||
The argument
|
||||
.Fa s
|
||||
does not refer to a socket of type
|
||||
.Dv SOCK_STREAM ,
|
||||
or the kernel returned invalid data.
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr connect 2 ,
|
||||
.Xr getpeername 2 ,
|
||||
.Xr getsockname 2 ,
|
||||
.Xr getsockopt 2 ,
|
||||
.Xr listen 2 ,
|
||||
.Xr unix 4
|
||||
.Sh HISTORY
|
||||
The
|
||||
.Fn getpeereid
|
||||
function appeared in
|
||||
.Fx 4.6 .
|
132
src/getpeereid.c
Normal file
132
src/getpeereid.c
Normal file
@ -0,0 +1,132 @@
|
||||
/*
|
||||
* Copyright © 2010 Guillem Jover
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote products
|
||||
* derived from this software without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
|
||||
* THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
||||
* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
||||
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
||||
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/un.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#if defined(SO_PEERCRED)
|
||||
/* Linux and OpenBSD */
|
||||
int
|
||||
getpeereid(int s, uid_t *euid, gid_t *egid)
|
||||
{
|
||||
/* XXX: This should be autodetected at build time instead. */
|
||||
#if defined(__linux__)
|
||||
struct ucred cred;
|
||||
#elif defined(__OpenBSD__)
|
||||
struct sockpeercred cred;
|
||||
#endif
|
||||
socklen_t credlen = sizeof(cred);
|
||||
int ret;
|
||||
|
||||
ret = getsockopt(s, SOL_SOCKET, SO_PEERCRED, &cred, &credlen);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
*euid = cred.uid;
|
||||
*egid = cred.gid;
|
||||
|
||||
return 0;
|
||||
}
|
||||
#elif defined(LOCAL_PEERCRED)
|
||||
/* FreeBSD */
|
||||
#include <sys/ucred.h>
|
||||
|
||||
int
|
||||
getpeereid(int s, uid_t *euid, gid_t *egid)
|
||||
{
|
||||
struct xucred cred;
|
||||
socklen_t credlen = sizeof(cred);
|
||||
int ret;
|
||||
|
||||
ret = getsockopt(s, 0, LOCAL_PEERCRED, &cred, &credlen);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
if (cred.cr_version != XUCRED_VERSION)
|
||||
return EINVAL;
|
||||
|
||||
*euid = cred.cr_uid;
|
||||
*egid = cred.cr_gid;
|
||||
|
||||
return 0;
|
||||
}
|
||||
#elif defined(LOCAL_PEEREID)
|
||||
/* NetBSD */
|
||||
int
|
||||
getpeereid(int s, uid_t *euid, gid_t *egid)
|
||||
{
|
||||
struct unpcbid cred;
|
||||
socklen_t credlen = sizeof(cred);
|
||||
int ret;
|
||||
|
||||
ret = getsockopt(s, 0, LOCAL_PEEREID, &cred, &credlen);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
*euid = cred.unp_euid;
|
||||
*egid = cred.unp_egid;
|
||||
|
||||
return 0;
|
||||
}
|
||||
#elif defined(__sun)
|
||||
/* Solaris */
|
||||
int
|
||||
getpeereid(int s, uid_t *euid, gid_t *egid)
|
||||
{
|
||||
ucred_t cred_inst;
|
||||
ucred_t *cred = &cred_inst;
|
||||
int ret;
|
||||
|
||||
ret = getpeerucred(s, &cred);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
*euid = ucred_geteuid(cred);
|
||||
if (*euid < 0)
|
||||
return -1;
|
||||
*egid = ucred_getegid(cred);
|
||||
if (*egid < 0)
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
#else
|
||||
#warning "This platform needs an implementation of getpeereid()"
|
||||
int
|
||||
getpeereid(int s, uid_t *euid, gid_t *egid)
|
||||
{
|
||||
*euid = geteuid();
|
||||
*egid = getegid();
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
Loading…
x
Reference in New Issue
Block a user