luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-01-23 12:41:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add glib credentials support to OpenBSD.

Browse Source 
https://bugzilla.gnome.org/show_bug.cgi?id=650885
This commit is contained in:
Antoine Jacoutot 2011-05-27 15:51:08 +02:00 committed by Dan Winship
parent 2ee470a71f
commit 77f4f5aa02
5 changed files with 123 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
gio/gcredentials.c
View File

@ -27,6 +27,11 @@
#include <sys/socket.h> #include <sys/socket.h>
#include <string.h> #include <string.h>
#endif #endif
#ifdef __OpenBSD__
#include <sys/types.h>
#include <sys/socket.h>
#include <string.h>
#endif
#include <stdlib.h> #include <stdlib.h>
#include <gobject/gvaluecollector.h> #include <gobject/gvaluecollector.h>
@ -63,6 +68,9 @@
* *
* On FreeBSD, the native credential type is a <type>struct cmsgcred</type>. * On FreeBSD, the native credential type is a <type>struct cmsgcred</type>.
* This corresponds to %G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED. * This corresponds to %G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED.
*
* On OpenBSD, the native credential type is a <type>struct sockpeercred</type>.
* This corresponds to %G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED.
*/ */
/** /**
@ -82,6 +90,8 @@ struct _GCredentials
struct ucred native; struct ucred native;
#elif defined(__FreeBSD__) #elif defined(__FreeBSD__)
struct cmsgcred native; struct cmsgcred native;
#elif defined(__OpenBSD__)
struct sockpeercred native;
#else #else
#ifdef __GNUC__ #ifdef __GNUC__
#warning Please add GCredentials support for your OS #warning Please add GCredentials support for your OS
@ -135,6 +145,10 @@ g_credentials_init (GCredentials *credentials)
credentials->native.cmcred_pid = getpid (); credentials->native.cmcred_pid = getpid ();
credentials->native.cmcred_euid = geteuid (); credentials->native.cmcred_euid = geteuid ();
credentials->native.cmcred_gid = getegid (); credentials->native.cmcred_gid = getegid ();
#elif defined(__OpenBSD__)
credentials->native.pid = getpid ();
credentials->native.uid = geteuid ();
credentials->native.gid = getegid ();
#endif #endif
} }
@ -196,6 +210,16 @@ g_credentials_to_string (GCredentials *credentials)
g_string_append_printf (ret, "uid=%" G_GINT64_FORMAT ",", (gint64) credentials->native.cmcred_euid); g_string_append_printf (ret, "uid=%" G_GINT64_FORMAT ",", (gint64) credentials->native.cmcred_euid);
if (credentials->native.cmcred_gid != -1) if (credentials->native.cmcred_gid != -1)
g_string_append_printf (ret, "gid=%" G_GINT64_FORMAT ",", (gint64) credentials->native.cmcred_gid); g_string_append_printf (ret, "gid=%" G_GINT64_FORMAT ",", (gint64) credentials->native.cmcred_gid);
#elif defined(__OpenBSD__)
g_string_append (ret, "openbsd-sockpeercred:");
if (credentials->native.pid != -1)
g_string_append_printf (ret, "pid=%" G_GINT64_FORMAT ",", (gint64) credentials->native.pid);
if (credentials->native.uid != -1)
g_string_append_printf (ret, "uid=%" G_GINT64_FORMAT ",", (gint64) credentials->native.uid);
if (credentials->native.gid != -1)
g_string_append_printf (ret, "gid=%" G_GINT64_FORMAT ",", (gint64) credentials->native.gid);
if (ret->str[ret->len - 1] == ',')
ret->str[ret->len - 1] = '\0';
#else #else
g_string_append (ret, "unknown"); g_string_append (ret, "unknown");
#endif #endif
@ -239,6 +263,9 @@ g_credentials_is_same_user (GCredentials *credentials,
#elif defined(__FreeBSD__) #elif defined(__FreeBSD__)
if (credentials->native.cmcred_euid == other_credentials->native.cmcred_euid) if (credentials->native.cmcred_euid == other_credentials->native.cmcred_euid)
ret = TRUE; ret = TRUE;
#elif defined(__OpenBSD__)
if (credentials->native.uid == other_credentials->native.uid)
ret = TRUE;
#else #else
g_set_error_literal (error, g_set_error_literal (error,
G_IO_ERROR, G_IO_ERROR,
@ -300,6 +327,17 @@ g_credentials_get_native (GCredentials *credentials,
{ {
ret = &credentials->native; ret = &credentials->native;
} }
#elif defined(__OpenBSD__)
if (native_type != G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED)
{
g_warning ("g_credentials_get_native: Trying to get credentials of type %d but only "
"G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED is supported.",
native_type);
}
else
{
ret = &credentials->native;
}
#else #else
g_warning ("g_credentials_get_native: Trying to get credentials but GLib has no support " g_warning ("g_credentials_get_native: Trying to get credentials but GLib has no support "
"for the native credentials type. Please add support."); "for the native credentials type. Please add support.");
@ -350,6 +388,17 @@ g_credentials_set_native (GCredentials *credentials,
{ {
memcpy (&credentials->native, native, sizeof (struct cmsgcred)); memcpy (&credentials->native, native, sizeof (struct cmsgcred));
} }
#elif defined(__OpenBSD__)
if (native_type != G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED)
{
g_warning ("g_credentials_set_native: Trying to set credentials of type %d "
"but only G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED is supported.",
native_type);
}
else
{
memcpy (&credentials->native, native, sizeof (struct sockpeercred));
}
#else #else
g_warning ("g_credentials_set_native: Trying to set credentials but GLib has no support " g_warning ("g_credentials_set_native: Trying to set credentials but GLib has no support "
"for the native credentials type. Please add support."); "for the native credentials type. Please add support.");
@ -388,6 +437,8 @@ g_credentials_get_unix_user (GCredentials *credentials,
ret = credentials->native.uid; ret = credentials->native.uid;
#elif defined(__FreeBSD__) #elif defined(__FreeBSD__)
ret = credentials->native.cmcred_euid; ret = credentials->native.cmcred_euid;
#elif defined(__OpenBSD__)
ret = credentials->native.uid;
#else #else
ret = -1; ret = -1;
g_set_error_literal (error, g_set_error_literal (error,
@ -434,6 +485,9 @@ g_credentials_set_unix_user (GCredentials *credentials,
#elif defined(__FreeBSD__) #elif defined(__FreeBSD__)
credentials->native.cmcred_euid = uid; credentials->native.cmcred_euid = uid;
ret = TRUE; ret = TRUE;
#elif defined(__OpenBSD__)
credentials->native.uid = uid;
ret = TRUE;
#else #else
g_set_error_literal (error, g_set_error_literal (error,
G_IO_ERROR, G_IO_ERROR,

6
gio/gdbusauth.c
View File

@ -612,7 +612,7 @@ _g_dbus_auth_run_client (GDBusAuth *auth,
g_data_input_stream_set_newline_type (dis, G_DATA_STREAM_NEWLINE_TYPE_CR_LF); g_data_input_stream_set_newline_type (dis, G_DATA_STREAM_NEWLINE_TYPE_CR_LF);
#ifdef G_OS_UNIX #ifdef G_OS_UNIX
if (G_IS_UNIX_CONNECTION (auth->priv->stream) && g_unix_credentials_message_is_supported ()) if (G_IS_UNIX_CONNECTION (auth->priv->stream))
{ {
credentials = g_credentials_new (); credentials = g_credentials_new ();
if (!g_unix_connection_send_credentials (G_UNIX_CONNECTION (auth->priv->stream), if (!g_unix_connection_send_credentials (G_UNIX_CONNECTION (auth->priv->stream),
@ -989,13 +989,13 @@ _g_dbus_auth_run_server (GDBusAuth *auth,
/* first read the NUL-byte (TODO: read credentials if using a unix domain socket) */ /* first read the NUL-byte (TODO: read credentials if using a unix domain socket) */
#ifdef G_OS_UNIX #ifdef G_OS_UNIX
if (G_IS_UNIX_CONNECTION (auth->priv->stream) && g_unix_credentials_message_is_supported ()) if (G_IS_UNIX_CONNECTION (auth->priv->stream))
{ {
local_error = NULL; local_error = NULL;
credentials = g_unix_connection_receive_credentials (G_UNIX_CONNECTION (auth->priv->stream), credentials = g_unix_connection_receive_credentials (G_UNIX_CONNECTION (auth->priv->stream),
cancellable, cancellable,
&local_error); &local_error);
if (credentials == NULL) if (credentials == NULL && !g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED))
{ {
g_propagate_error (error, local_error); g_propagate_error (error, local_error);
goto out; goto out;

4
gio/gioenums.h
View File

@ -1214,6 +1214,7 @@ typedef enum
* @G_CREDENTIALS_TYPE_INVALID: Indicates an invalid native credential type. * @G_CREDENTIALS_TYPE_INVALID: Indicates an invalid native credential type.
* @G_CREDENTIALS_TYPE_LINUX_UCRED: The native credentials type is a <type>struct ucred</type>. * @G_CREDENTIALS_TYPE_LINUX_UCRED: The native credentials type is a <type>struct ucred</type>.
* @G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED: The native credentials type is a <type>struct cmsgcred</type>. * @G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED: The native credentials type is a <type>struct cmsgcred</type>.
* @G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED: The native credentials type is a <type>struct sockpeercred</type>. Added in 2.30.
* *
* Enumeration describing different kinds of native credential types. * Enumeration describing different kinds of native credential types.
* *
@ -1223,7 +1224,8 @@ typedef enum
{ {
G_CREDENTIALS_TYPE_INVALID, G_CREDENTIALS_TYPE_INVALID,
G_CREDENTIALS_TYPE_LINUX_UCRED, G_CREDENTIALS_TYPE_LINUX_UCRED,
G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED,
G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED
} GCredentialsType; } GCredentialsType;
/** /**

13
gio/gsocket.c
View File

@ -3531,11 +3531,16 @@ g_socket_get_credentials (GSocket *socket,
ret = NULL; ret = NULL;
#ifdef __linux__ #if defined(__linux__) || defined(__OpenBSD__)
{ {
struct ucred native_creds;
socklen_t optlen; socklen_t optlen;
#if defined(__linux__)
struct ucred native_creds;
optlen = sizeof (struct ucred); optlen = sizeof (struct ucred);
#elif defined(__OpenBSD__)
struct sockpeercred native_creds;
optlen = sizeof (struct sockpeercred);
#endif
if (getsockopt (socket->priv->fd, if (getsockopt (socket->priv->fd,
SOL_SOCKET, SOL_SOCKET,
SO_PEERCRED, SO_PEERCRED,
@ -3553,7 +3558,11 @@ g_socket_get_credentials (GSocket *socket,
{ {
ret = g_credentials_new (); ret = g_credentials_new ();
g_credentials_set_native (ret, g_credentials_set_native (ret,
#if defined(__linux__)
G_CREDENTIALS_TYPE_LINUX_UCRED, G_CREDENTIALS_TYPE_LINUX_UCRED,
#elif defined(__OpenBSD__)
G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED,
#endif
&native_creds); &native_creds);
} }
} }

72
gio/gunixconnection.c
View File

@ -334,6 +334,7 @@ g_unix_connection_send_credentials (GUnixConnection *connection,
gboolean ret; gboolean ret;
GOutputVector vector; GOutputVector vector;
guchar nul_byte[1] = {'\0'}; guchar nul_byte[1] = {'\0'};
gint num_messages;
g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE); g_return_val_if_fail (G_IS_UNIX_CONNECTION (connection), FALSE);
g_return_val_if_fail (error == NULL || *error == NULL, FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
@ -344,14 +345,25 @@ g_unix_connection_send_credentials (GUnixConnection *connection,
vector.buffer = &nul_byte; vector.buffer = &nul_byte;
vector.size = 1; vector.size = 1;
scm = g_unix_credentials_message_new_with_credentials (credentials);
if (g_unix_credentials_message_is_supported ())
{
scm = g_unix_credentials_message_new_with_credentials (credentials);
num_messages = 1;
}
else
{
scm = NULL;
num_messages = 0;
}
g_object_get (connection, "socket", &socket, NULL); g_object_get (connection, "socket", &socket, NULL);
if (g_socket_send_message (socket, if (g_socket_send_message (socket,
NULL, /* address */ NULL, /* address */
&vector, &vector,
1, 1,
&scm, &scm,
1, num_messages,
G_SOCKET_MSG_NONE, G_SOCKET_MSG_NONE,
cancellable, cancellable,
error) != 1) error) != 1)
@ -364,7 +376,8 @@ g_unix_connection_send_credentials (GUnixConnection *connection,
out: out:
g_object_unref (socket); g_object_unref (socket);
g_object_unref (scm); if (scm != NULL)
g_object_unref (scm);
g_object_unref (credentials); g_object_unref (credentials);
return ret; return ret;
} }
@ -498,28 +511,47 @@ g_unix_connection_receive_credentials (GUnixConnection *connection,
goto out; goto out;
} }
if (nscm != 1) if (g_unix_credentials_message_is_supported ())
{ {
g_set_error (error, if (nscm != 1)
G_IO_ERROR, {
G_IO_ERROR_FAILED, g_set_error (error,
_("Expecting 1 control message, got %d"), G_IO_ERROR,
nscm); G_IO_ERROR_FAILED,
goto out; _("Expecting 1 control message, got %d"),
} nscm);
goto out;
}
if (!G_IS_UNIX_CREDENTIALS_MESSAGE (scms[0])) if (!G_IS_UNIX_CREDENTIALS_MESSAGE (scms[0]))
{
g_set_error_literal (error,
G_IO_ERROR,
G_IO_ERROR_FAILED,
_("Unexpected type of ancillary data"));
goto out;
}
ret = g_unix_credentials_message_get_credentials (G_UNIX_CREDENTIALS_MESSAGE (scms[0]));
g_object_ref (ret);
}
else
{ {
g_set_error_literal (error, if (nscm != 0)
G_IO_ERROR, {
G_IO_ERROR_FAILED, g_set_error (error,
_("Unexpected type of ancillary data")); G_IO_ERROR,
goto out; G_IO_ERROR_FAILED,
_("Not expecting control message, but got %d"),
nscm);
goto out;
}
else
{
ret = g_socket_get_credentials (socket, error);
}
} }
ret = g_unix_credentials_message_get_credentials (G_UNIX_CREDENTIALS_MESSAGE (scms[0]));
g_object_ref (ret);
out: out:
#ifdef __linux__ #ifdef __linux__