From: Luke Howard <lukeh@openldap.org>
Date: Wed, 4 Dec 2002 04:14:44 +0000 (+0000)
Subject: Support SO_PEERCRED SASL EXTERNAL authorization.
X-Git-Tag: NO_SLAP_OP_BLOCKS~732
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=daf7d0c0ebc1bbb5b46b60e9969e296ed1c864da;p=openldap

Support SO_PEERCRED SASL EXTERNAL authorization.
---

diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 6d1ca980bb..ab93192350 100644
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -1555,6 +1555,19 @@ slapd_daemon_task(
 			case AF_LOCAL:
 				sprintf( peername, "PATH=%s", from.sa_un_addr.sun_path );
 				ssf = LDAP_PVT_SASL_LOCAL_SSF;
+#   ifdef SO_PEERCRED
+				{
+					struct ucred peercred;
+					size_t peercred_len = sizeof(peercred);
+
+					if (getsockopt( s, SOL_SOCKET, SO_PEERCRED,
+					    (void *)&peercred, &peercred_len ) == 0 &&
+					    peercred_len == sizeof(peercred) ) {
+						authid = ch_malloc(sizeof("uidNumber=+gidNumber=+,cn=peercred,cn=external,cn=auth") + 32);
+						sprintf(authid, "uidNumber=%d+gidNumber=%d,cn=peercred,cn=external,cn=auth", peercred.uid, peercred.gid);
+					}
+				}
+#   endif /* SO_PEERCRED */
 				dnsname = "local";
 				break;
 #endif /* LDAP_PF_LOCAL */