X-Git-Url: http://git.dolda2000.com/gitweb/?a=blobdiff_plain;f=daemon%2Fnet.c;h=5471e45d50eca75570af6a21197078b175f3f96c;hb=75a50bc29991e6cfc5f3031b3ae71bad0ffca376;hp=78df0becab99e62587bd0f85b0eed155c972d7b4;hpb=987518f8933f88fae1987c600890dd75464a54d2;p=doldaconnect.git

diff --git a/daemon/net.c b/daemon/net.c
index 78df0be..5471e45 100644
--- a/daemon/net.c
+++ b/daemon/net.c
@@ -183,7 +183,8 @@ static struct socket *newsock(int type)
     new->close = 0;
     new->remote = NULL;
     new->remotelen = 0;
-    memset(&new->ucred, 0, sizeof(new->ucred));
+    new->ucred.uid = -1;
+    new->ucred.gid = -1;
     switch(type)
     {
     case SOCK_STREAM:
@@ -350,19 +351,21 @@ void *sockgetinbuf(struct socket *sk, size_t *size)
 static void recvcmsg(struct socket *sk, struct msghdr *msg)
 {
     struct cmsghdr *cmsg;
-    struct ucred *cred;
     
     for(cmsg = CMSG_FIRSTHDR(msg); cmsg != NULL; cmsg = CMSG_NXTHDR(msg, cmsg))
     {
+#if UNIX_AUTH_STYLE == 1
 	if((cmsg->cmsg_level == SOL_SOCKET) && (cmsg->cmsg_type == SCM_CREDENTIALS))
 	{
-	    if(sk->ucred.pid == 0)
+	    struct ucred *cred;
+	    if(sk->ucred.uid == -1)
 	    {
 		cred = (struct ucred *)CMSG_DATA(cmsg);
-		memcpy(&sk->ucred, cred, sizeof(*cred));
-		flog(LOG_INFO, "received Unix creds: pid %i, uid %i, gid %i", cred->pid, cred->uid, cred->gid);
+		sk->ucred.uid = cred->uid;
+		sk->ucred.gid = cred->gid;
 	    }
 	}
+#endif
     }
 }
 
@@ -820,8 +823,17 @@ static void acceptunix(struct socket *sk)
     int buf;
     
     buf = 1;
+#if UNIX_AUTH_STYLE == 1
     if(setsockopt(sk->fd, SOL_SOCKET, SO_PASSCRED, &buf, sizeof(buf)) < 0)
 	flog(LOG_WARNING, "could not enable SO_PASSCRED on Unix socket %i: %s", sk->fd, strerror(errno));
+#elif UNIX_AUTH_STYLE == 2
+    if(getpeereid(sk->fd, &sk->ucred.uid, &sk->ucred.gid) < 0)
+    {
+	flog(LOG_WARNING, "could not get peer creds on Unix socket %i: %s", sk->fd, strerror(errno));
+	sk->ucred.uid = -1;
+	sk->ucred.gid = -1;
+    }
+#endif
 }
 
 int pollsocks(int timeout)