}
#undef TRACE
-#if !defined(HAVE_GETPEEREID) && !defined(SO_PEERCRED) && !defined(LOCAL_PEERCRED) && defined(HAVE_SENDMSG)
-#define DO_SENDMSG
-#endif
-
static int
ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sa, int async)
{
if ( ldap_pvt_ndelay_off(ld, s) == -1 ) {
return ( -1 );
}
-#ifdef DO_SENDMSG
- /* Send a dummy message with access rights. Remote side will
- * obtain our uid/gid by fstat'ing this descriptor.
- */
-sendcred: {
- int fds[2];
- struct iovec iov = {(char *)fds, sizeof(int)};
- struct msghdr msg = {0};
- if (pipe(fds) == 0) {
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
- msg.msg_accrights = (char *)fds;
- msg.msg_accrightslen = sizeof(int);
- sendmsg( s, &msg, 0 );
- close(fds[0]);
- close(fds[1]);
- }
- }
-#endif
return ( 0 );
}
#include <sys/ucred.h>
#endif
-#if !defined(SO_PEERCRED) && !defined(LOCAL_PEERCRED) && defined(HAVE_SENDMSG)
-#define DO_SENDMSG
-#include <sys/stat.h>
-#endif
-
int getpeereid( int s, uid_t *euid, gid_t *egid )
{
#ifdef LDAP_PF_LOCAL
*egid = peercred.cr_gid;
return 0;
}
-#elif defined( DO_SENDMSG )
- int dummy, fd[2];
- struct iovec iov = {(char *)&dummy, sizeof(dummy)};
- struct msghdr msg = {0};
- struct stat st;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
- msg.msg_accrights = (char *)fd;
- msg.msg_accrightslen = sizeof(fd);
- if( recvmsg( s, &msg, 0) >= 0 && msg.msg_accrightslen == sizeof(int) )
- {
- /* We must receive a valid descriptor, it must be a pipe,
- * and it must only be accessible by its owner.
- */
- dummy = fstat( fd[0], &st );
- close(fd[0]);
- if( dummy == 0 && S_ISFIFO(st.st_mode) &&
- ((st.st_mode & (S_IRWXG|S_IRWXO)) == 0))
- {
- *euid = st.st_uid;
- *egid = st.st_gid;
- return 0;
- }
- }
-#endif
#endif
return -1;
projects / openldap / commitdiff