#ifdef LDAP_PF_LOCAL_SENDMSG
/* Send a dummy message with access rights. Remote side will
- * obtain our uid/gid by fstat'ing this descriptor.
+ * obtain our uid/gid by fstat'ing this descriptor. The
+ * descriptor permissions must match exactly, and we also
+ * send the socket name, which must also match.
*/
sendcred:
{
- fchmod( s, S_ISUID|S_IRWXU );
-
- /* Abandon, noop, has no reply */
- struct iovec iov;
- struct msghdr msg = {0};
+ int fds[2];
+ socklen_t salen = sizeof(*sa);
+ if (pipe(fds) == 0) {
+ /* Abandon, noop, has no reply */
+ struct iovec iov;
+ struct msghdr msg = {0};
# ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
# ifndef CMSG_SPACE
# define CMSG_SPACE(len) (_CMSG_ALIGN( sizeof(struct cmsghdr)) + _CMSG_ALIGN(len) )
# ifndef CMSG_LEN
# define CMSG_LEN(len) (_CMSG_ALIGN( sizeof(struct cmsghdr)) + (len) )
# endif
- union {
- struct cmsghdr cm;
- unsigned char control[CMSG_SPACE(sizeof(int))];
- } control_un;
- struct cmsghdr *cmsg;
+ union {
+ struct cmsghdr cm;
+ unsigned char control[CMSG_SPACE(sizeof(int))];
+ } control_un;
+ struct cmsghdr *cmsg;
# endif /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
- iov.iov_base = (char *) abandonPDU;
- iov.iov_len = sizeof abandonPDU;
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ iov.iov_base = (char *) abandonPDU;
+ iov.iov_len = sizeof abandonPDU;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
# ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
- msg.msg_control = control_un.control;
- msg.msg_controllen = sizeof( control_un.control );
- msg.msg_flags = 0;
+ msg.msg_control = control_un.control;
+ msg.msg_controllen = sizeof( control_un.control );
+ msg.msg_flags = 0;
- cmsg = CMSG_FIRSTHDR( &msg );
- cmsg->cmsg_len = CMSG_LEN( sizeof(int) );
- cmsg->cmsg_level = SOL_SOCKET;
- cmsg->cmsg_type = SCM_RIGHTS;
+ cmsg = CMSG_FIRSTHDR( &msg );
+ cmsg->cmsg_len = CMSG_LEN( sizeof(int) );
+ cmsg->cmsg_level = SOL_SOCKET;
+ cmsg->cmsg_type = SCM_RIGHTS;
- *((int *)CMSG_DATA(cmsg)) = s;
+ *((int *)CMSG_DATA(cmsg)) = fds[0];
# else
- msg.msg_accrights = (char *)&s;
- msg.msg_accrightslen = sizeof(int);
+ msg.msg_accrights = (char *)fds;
+ msg.msg_accrightslen = sizeof(int);
# endif /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
- sendmsg( s, &msg, 0 );
- }
+ getpeername( s, sa, &salen );
+ fchmod( fds[0], S_ISUID|S_IRWXU );
+ write( fds[1], sa, salen );
+ sendmsg( s, &msg, 0 );
+ close(fds[0]);
+ close(fds[1]);
+ }
+ }
#endif
- return 0;
-}
+ return 0;
+ }
if ( errno != EINPROGRESS && errno != EWOULDBLOCK ) return -1;
rlen = sizeof(rname);
llen = sizeof(lname);
+ memset( &lname, 0, sizeof( lname ));
getsockname(s, (struct sockaddr *)&lname, &llen);
- msg.msg_name = NULL;
- msg.msg_namelen = 0;
-
iov.iov_base = peerbv->bv_val;
iov.iov_len = peerbv->bv_len;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
+ peerbv->bv_len = 0;
+
# ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
msg.msg_control = &control_st;
msg.msg_controllen = sizeof( struct cmsghdr ) + sizeof( int ); /* no padding! */
* called with MSG_PEEK (is this a bug?). Hence we need
* to receive the Abandon PDU.
*/
- peerbv->bv_len = recvmsg( s, &msg, MSG_WAITALL );
- if( peerbv->bv_len >= 0 &&
+ err = recvmsg( s, &msg, MSG_WAITALL );
+ if( err >= 0 &&
# ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
cmsg->cmsg_len == CMSG_LEN( sizeof(int) ) &&
cmsg->cmsg_level == SOL_SOCKET &&
msg.msg_accrightslen == sizeof(int)
# endif /* HAVE_STRUCT_MSGHDR_MSG_CONTROL*/
) {
- int mode = S_IFSOCK|S_ISUID|S_IRWXU;
+ int mode = S_IFIFO|S_ISUID|S_IRWXU;
- /* We must receive a valid descriptor, it must be a socket,
- * it must only be accessible by its owner, and it must be
- * connected to our socket.
+ /* We must receive a valid descriptor, it must be a pipe,
+ * it must only be accessible by its owner, and it must
+ * have the name of our socket written on it.
*/
+ peerbv->bv_len = err;
# ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
fd = (*(int *)CMSG_DATA( cmsg ));
# endif
err = fstat( fd, &st );
if ( err == 0 )
- err = getpeername(fd, (struct sockaddr *)&rname, &rlen);
+ rlen = read(fd, &rname, rlen);
close(fd);
if( err == 0 && st.st_mode == mode &&
llen == rlen && !memcmp(&lname, &rname, llen))
*egid = st.st_gid;
return 0;
}
- } else if ( peerbv->bv_len < 0 ) {
- peerbv->bv_len = 0;
}
#elif defined(SOCKCREDSIZE)
struct msghdr msg;