Re: [PATCH] Socket identity support for FreeBSD.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/14/2012 11:06 AM, Roman Bogorodskiy wrote:
> This adds an implementation of virNetSocketGetUNIXIdentity()
> using LOCAL_PEERCRED socket option and xucred struct, defined
> in <sys/ucred.h> on systems that have it.
> ---
>  configure.ac           |  3 ++-
>  src/rpc/virnetsocket.c | 30 +++++++++++++++++++++++++++++-
>  2 files changed, 31 insertions(+), 2 deletions(-)

Purely additive, and since <sys/ucred.h> does not exist on Linux, it
looks low enough risk to take prior to the release.

ACK and pushed.

> 
> diff --git a/configure.ac b/configure.ac
> index bf32f95..1cb9e91 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -187,7 +187,8 @@ LIBS=$old_libs
>  dnl Availability of various common headers (non-fatal if missing).
>  AC_CHECK_HEADERS([pwd.h paths.h regex.h sys/un.h \
>    sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h \
> -  sys/un.h sys/syscall.h netinet/tcp.h ifaddrs.h libtasn1.h])
> +  sys/un.h sys/syscall.h netinet/tcp.h ifaddrs.h libtasn1.h \
> +  sys/ucred.h])
>  dnl Check whether endian provides handy macros.
>  AC_CHECK_DECLS([htole64], [], [], [[#include <endian.h>]])
>  
> diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
> index a1b64d7..70c621f 100644
> --- a/src/rpc/virnetsocket.c
> +++ b/src/rpc/virnetsocket.c
> @@ -35,6 +35,10 @@
>  # include <netinet/tcp.h>
>  #endif
>  
> +#ifdef HAVE_SYS_UCRED_H
> +# include <sys/ucred.h>
> +#endif
> +
>  #include "c-ctype.h"
>  #include "virnetsocket.h"
>  #include "util.h"
> @@ -1091,7 +1095,7 @@ int virNetSocketGetPort(virNetSocketPtr sock)
>  }
>  
>  
> -#ifdef SO_PEERCRED
> +#if defined(SO_PEERCRED)

This hunk is not necessary...

>  int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
>                                  uid_t *uid,
>                                  gid_t *gid,
> @@ -1115,6 +1119,30 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
>      virMutexUnlock(&sock->lock);
>      return 0;
>  }
> +#elif defined(LOCAL_PEERCRED)

...but I see why you did it for consistency, so I didn't change it.

> +int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
> +                                uid_t *uid,
> +                                gid_t *gid,
> +                                pid_t *pid)
> +{
> +    struct xucred cr;
> +    socklen_t cr_len = sizeof(cr);
> +    virMutexLock(&sock->lock);
> +
> +    if (getsockopt(sock->fd, SOL_SOCKET, LOCAL_PEERCRED, &cr, &cr_len) < 0) {
> +        virReportSystemError(errno, "%s",
> +                             _("Failed to get client socket identity"));
> +        virMutexUnlock(&sock->lock);
> +        return -1;
> +    }
> +
> +    *pid = -1;
> +    *uid = cr.cr_uid;
> +    *gid = cr.cr_gid;
> +
> +    virMutexUnlock(&sock->lock);
> +    return 0;
> +}
>  #else
>  int virNetSocketGetUNIXIdentity(virNetSocketPtr sock ATTRIBUTE_UNUSED,
>                                  uid_t *uid ATTRIBUTE_UNUSED,
> 

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]