move peercred stuff into sysdeps. add solaris support.

author: William Jon McCann <mccann@jhu.edu> 2007-08-16 23:09:44 -0400
committer: William Jon McCann <mccann@jhu.edu> 2007-08-16 23:09:44 -0400
commit: 577099aea3ed75c1298d7a4cfa32784a1800bb09 (patch)
tree: 527dc4dd144379290c4cd54807b4855d57710e10
parent: fcb0f32632f74950c361a0a23128ebca05efdca0 (diff)
6 files changed, 107 insertions, 52 deletions
diff --git a/configure.ac b/configure.ac
index fa4be49..d52a56d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -40,6 +40,8 @@ X11_REQUIRED_VERSION=1.0.0
 AC_CHECK_HEADERS(unistd.h)
 AC_CHECK_HEADERS(paths.h)
 
+AC_CHECK_FUNCS(getpeerucred getpeereid)
+
 AC_TYPE_UID_T
 
 PKG_CHECK_MODULES(CONSOLE_KIT,
diff --git a/src/Makefile.am b/src/Makefile.am
index 948b247..244e39e 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -29,6 +29,7 @@ noinst_LTLIBRARIES =            \
 
 libck_la_SOURCES =		\
 	ck-sysdeps.h		\
+	ck-sysdeps-unix.c	\
 	$(NULL)
 
 if CK_COMPILE_LINUX
diff --git a/src/ck-sysdeps-unix.c b/src/ck-sysdeps-unix.c
new file mode 100644
index 0000000..6520105
--- /dev/null
+++ b/src/ck-sysdeps-unix.c
@@ -0,0 +1,84 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2006 William Jon McCann <mccann@jhu.edu>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ *
+ */
+
+#include "config.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef HAVE_GETPEERUCRED
+#include <ucred.h>
+#endif
+
+#include "ck-sysdeps.h"
+
+gboolean
+ck_get_socket_peer_credentials   (int      socket_fd,
+                                  pid_t   *pid,
+                                  uid_t   *uid,
+                                  GError **error)
+{
+        gboolean ret;
+        uid_t    uid_read;
+        pid_t    pid_read;
+
+        uid_read = 0;
+        pid_read = 0;
+        ret = FALSE;
+
+#ifdef SO_PEERCRED
+        struct ucred cr;
+        socklen_t cr_len;
+
+        cr_len = sizeof (cr);
+
+        if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 && cr_len == sizeof (cr)) {
+                pid_read = cr.pid;
+                uid_read = cr.uid;
+                ret = TRUE;
+        } else {
+                g_warning ("Failed to getsockopt() credentials, returned len %d/%d: %s\n",
+                           cr_len,
+                           (int) sizeof (cr),
+                           g_strerror (errno));
+        }
+#elif defined(HAVE_GETPEERUCRED)
+        ucred_t * ucred = NULL;
+        if (getpeerucred (client_fd, &ucred) == 0) {
+                pid_read = ucred_getpid (ucred);
+                uid_read = ucred_geteuid (ucred);
+                ret = TRUE;
+        } else {
+                g_warning ("Failed to getpeerucred() credentials: %s\n",
+                           g_strerror (errno));
+        }
+        if (ucred != NULL) {
+                ucred_free (ucred);
+        }
+#else /* !SO_PEERCRED && !HAVE_GETPEERUCRED */
+        g_warning ("Socket credentials not supported on this OS\n");
+#endif
+
+        return ret;
+}
diff --git a/src/ck-sysdeps.h b/src/ck-sysdeps.h
index 7a5f768..ce3fae9 100644
--- a/src/ck-sysdeps.h
+++ b/src/ck-sysdeps.h
@@ -44,6 +44,13 @@ GHashTable  *ck_unix_pid_get_env_hash         (pid_t           pid);
 pid_t        ck_unix_pid_get_ppid             (pid_t           pid);
 uid_t        ck_unix_pid_get_uid              (pid_t           pid);
 
+
+gboolean     ck_get_socket_peer_credentials   (int             socket_fd,
+                                               pid_t          *pid,
+                                               uid_t          *uid,
+                                               GError        **error);
+
+
 G_END_DECLS
 
 #endif /* __CK_SYSDEPS_H */
diff --git a/tools/ck-get-x11-display-device.c b/tools/ck-get-x11-display-device.c
index 92a7936..723d239 100644
--- a/tools/ck-get-x11-display-device.c
+++ b/tools/ck-get-x11-display-device.c
@@ -58,31 +58,6 @@ get_tty_for_pid (int pid)
         return device;
 }
 
-static int
-get_peer_pid (int fd)
-{
-        int pid = -1;
-#ifdef SO_PEERCRED
-        struct ucred cr;
-        socklen_t cr_len;
-
-        cr_len = sizeof (cr);
-
-        if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 && cr_len == sizeof (cr)) {
-                /* paranoia check for peer running as root */
-                if (cr.uid == 0) {
-                        pid = cr.pid;
-                }
-        } else {
-                g_warning ("Failed to getsockopt() credentials, returned len %d/%d: %s\n",
-                           cr_len,
-                           (int) sizeof (cr),
-                           g_strerror (errno));
-        }
-#endif
-        return pid;
-}
-
 static Display *
 display_init (const char *display_name)
 {
@@ -134,12 +109,13 @@ main (int    argc,
         fd = ConnectionNumber (xdisplay);
 
         if (fd > 0) {
-                int pid;
-                char *device;
+                int      pid;
+                char    *device;
+                gboolean res;
 
                 ret = 0;
-                pid = get_peer_pid (fd);
-                if (pid != -1) {
+                res = ck_get_socket_peer_credentials (fd, &pid, NULL, NULL);
+                if (res) {
                         device = get_tty_for_pid (pid);
                         if (device != NULL) {
                                 printf ("%s\n", device);
diff --git a/tools/ck-get-x11-server-pid.c b/tools/ck-get-x11-server-pid.c
index cd48cd1..eedb9af 100644
--- a/tools/ck-get-x11-server-pid.c
+++ b/tools/ck-get-x11-server-pid.c
@@ -32,28 +32,7 @@
 #include <X11/Xlib.h>
 #include <glib.h>
 
-static void
-print_peer_pid (int fd)
-{
-#ifdef SO_PEERCRED
-        struct ucred cr;
-        socklen_t cr_len;
-
-        cr_len = sizeof (cr);
-
-        if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 && cr_len == sizeof (cr)) {
-                /* paranoia check for peer running as root */
-                if (cr.uid == 0) {
-                        printf ("%u\n", cr.pid);
-                }
-        } else {
-                g_warning ("Failed to getsockopt() credentials, returned len %d/%d: %s\n",
-                           cr_len,
-                           (int) sizeof (cr),
-                           g_strerror (errno));
-        }
-#endif
-}
+#include "ck-sysdeps.h"
 
 static Display *
 display_init (int *argc, char ***argv)
@@ -92,8 +71,14 @@ main (int    argc,
         fd = ConnectionNumber (xdisplay);
 
         if (fd > 0) {
+                int      pid;
+                gboolean res;
+
                 ret = 0;
-                print_peer_pid (fd);
+                res = ck_get_socket_peer_credentials (fd, &pid, NULL, NULL);
+                if (res) {
+                        printf ("%u\n", pid);
+                }
         }
 
 	return ret;
author	William Jon McCann <mccann@jhu.edu>	2007-08-16 23:09:44 -0400
committer	William Jon McCann <mccann@jhu.edu>	2007-08-16 23:09:44 -0400
commit	577099aea3ed75c1298d7a4cfa32784a1800bb09 (patch)
tree	527dc4dd144379290c4cd54807b4855d57710e10
parent	fcb0f32632f74950c361a0a23128ebca05efdca0 (diff)