[PATCH] Socket identity support for FreeBSD.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This adds an implementation of virNetSocketGetUNIXIdentity()
using LOCAL_PEERCRED socket option and xucred struct, defined
in <sys/ucred.h> on systems that have it.
---
 configure.ac           |  3 ++-
 src/rpc/virnetsocket.c | 30 +++++++++++++++++++++++++++++-
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index bf32f95..1cb9e91 100644
--- a/configure.ac
+++ b/configure.ac
@@ -187,7 +187,8 @@ LIBS=$old_libs
 dnl Availability of various common headers (non-fatal if missing).
 AC_CHECK_HEADERS([pwd.h paths.h regex.h sys/un.h \
   sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h \
-  sys/un.h sys/syscall.h netinet/tcp.h ifaddrs.h libtasn1.h])
+  sys/un.h sys/syscall.h netinet/tcp.h ifaddrs.h libtasn1.h \
+  sys/ucred.h])
 dnl Check whether endian provides handy macros.
 AC_CHECK_DECLS([htole64], [], [], [[#include <endian.h>]])
 
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index a1b64d7..70c621f 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -35,6 +35,10 @@
 # include <netinet/tcp.h>
 #endif
 
+#ifdef HAVE_SYS_UCRED_H
+# include <sys/ucred.h>
+#endif
+
 #include "c-ctype.h"
 #include "virnetsocket.h"
 #include "util.h"
@@ -1091,7 +1095,7 @@ int virNetSocketGetPort(virNetSocketPtr sock)
 }
 
 
-#ifdef SO_PEERCRED
+#if defined(SO_PEERCRED)
 int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
                                 uid_t *uid,
                                 gid_t *gid,
@@ -1115,6 +1119,30 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
     virMutexUnlock(&sock->lock);
     return 0;
 }
+#elif defined(LOCAL_PEERCRED)
+int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
+                                uid_t *uid,
+                                gid_t *gid,
+                                pid_t *pid)
+{
+    struct xucred cr;
+    socklen_t cr_len = sizeof(cr);
+    virMutexLock(&sock->lock);
+
+    if (getsockopt(sock->fd, SOL_SOCKET, LOCAL_PEERCRED, &cr, &cr_len) < 0) {
+        virReportSystemError(errno, "%s",
+                             _("Failed to get client socket identity"));
+        virMutexUnlock(&sock->lock);
+        return -1;
+    }
+
+    *pid = -1;
+    *uid = cr.cr_uid;
+    *gid = cr.cr_gid;
+
+    virMutexUnlock(&sock->lock);
+    return 0;
+}
 #else
 int virNetSocketGetUNIXIdentity(virNetSocketPtr sock ATTRIBUTE_UNUSED,
                                 uid_t *uid ATTRIBUTE_UNUSED,
-- 
1.8.0

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]