diff --git a/src/frontend/sock.c b/src/frontend/sock.c
index 860fb8ee62a5063ce021b9006ea1a90266ce3418..2def8da868f9e94df057681e99d2508abced36c6 100644 (file)
--- a/src/frontend/sock.c
+++ b/src/frontend/sock.c
#include <sys/types.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/select.h>
#include <sys/socket.h>
+#include <sys/param.h>
#include <sys/un.h>
#include <sys/un.h>
-#include <libgen.h>
+#ifdef HAVE_UCRED_H
+# include <ucred.h>
+#endif
+#ifdef HAVE_SYS_UCRED_H
+# include <sys/ucred.h>
+#endif
+
+#include <pwd.h>
+#include <libgen.h>
#include <pthread.h>
/*
#include <pthread.h>
/*
int sock_fd;
int (*accept)(sdb_conn_t *);
int sock_fd;
int (*accept)(sdb_conn_t *);
+ int (*peer)(sdb_conn_t *);
} listener_t;
typedef struct {
} listener_t;
typedef struct {
* connection management functions
*/
* connection management functions
*/
+static int
+unixsock_peer(sdb_conn_t *conn)
+{
+ uid_t uid;
+
+ struct passwd pw_entry;
+ struct passwd *result = NULL;
+ char buf[1024];
+
+#ifdef SO_PEERCRED
+ struct ucred cred;
+ socklen_t len = sizeof(cred);
+
+ if (getsockopt(conn->fd, SOL_SOCKET, SO_PEERCRED, &cred, &len)
+ || (len != sizeof(cred))) {
+ char errbuf[1024];
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to determine peer for "
+ "connection conn#%i: %s", conn->fd,
+ sdb_strerror(errno, errbuf, sizeof(errbuf)));
+ return -1;
+ }
+ uid = cred.uid;
+#else /* SO_PEERCRED */
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to determine peer for "
+ "connection conn#%i: operation not supported", conn->fd);
+ return -1;
+#endif
+
+ memset(&pw_entry, 0, sizeof(pw_entry));
+ if (getpwuid_r(uid, &pw_entry, buf, sizeof(buf), &result) || (! result)
+ || (! (conn->username = strdup(result->pw_name)))) {
+ char errbuf[1024];
+ sdb_log(SDB_LOG_ERR, "frontend: Failed to determine peer for "
+ "connection conn#%i: %s", conn->fd,
+ sdb_strerror(errno, errbuf, sizeof(errbuf)));
+ return -1;
+ }
+ return 0;
+} /* unixsock_peer */
+
static int
open_unixsock(listener_t *listener)
{
static int
open_unixsock(listener_t *listener)
{
listener->address, sdb_strerror(errno, buf, sizeof(buf)));
return -1;
}
listener->address, sdb_strerror(errno, buf, sizeof(buf)));
return -1;
}
+
+ listener->peer = unixsock_peer;
return 0;
} /* open_unixsock */
return 0;
} /* open_unixsock */
sdb_object_deref(obj);
return -1;
}
sdb_object_deref(obj);
return -1;
}
+ if (listener->peer && listener->peer(CONN(obj))) {
+ /* peer() is expected to log an error */
+ sdb_object_deref(obj);
+ return -1;
+ }
status = sdb_llist_append(sock->open_connections, obj);
if (status)
status = sdb_llist_append(sock->open_connections, obj);
if (status)