File indexing completed on 2024-05-05 03:54:29 

0001 /* vi: ts=8 sts=4 sw=4
0002  *
0003     This file is part of the KDE project, module kdesu.
0004     SPDX-FileCopyrightText: 1999, 2000 Geert Jansen <g.t.jansen@stud.tue.nl>
0005 
0006     secure.cpp: Peer credentials for a UNIX socket.
0007 */
0008 
0009 #include "secure.h"
0010 
0011 #include <config-kdesud.h>
0012 #include <ksud_debug.h>
0013 
0014 #include <cerrno>
0015 #include <fcntl.h>
0016 #include <stdio.h>
0017 #include <string.h>
0018 #include <unistd.h>
0019 
0020 #include <sys/stat.h>
0021 
0022 // FIXME: This is just here to make it compile (since ksock* was removed from kdelibs).
0023 // It would be better to fix it more globally. (Caleb Tennis)
0024 typedef unsigned ksocklen_t;
0025 
0026 /**
0027  * Under Linux, Socket_security is supported.
0028  */
0029 
0030 #if HAVE_GETPEEREID
0031 
0032 SocketSecurity::SocketSecurity(int sockfd)
0033     : pid(-1)
0034     , gid(-1)
0035     , uid(-1)
0036 {
0037     uid_t euid;
0038     gid_t egid;
0039     if (getpeereid(sockfd, &euid, &egid) == 0) {
0040         uid = euid;
0041         gid = egid;
0042         pid = -1;
0043     }
0044 }
0045 
0046 #elif HAVE_GETPEERUCRED
0047 
0048 #include <ucred.h>
0049 
0050 SocketSecurity::SocketSecurity(int sockfd)
0051     : pid(-1)
0052     , gid(-1)
0053     , uid(-1)
0054 {
0055     ucred_t *ucred = 0;
0056 
0057     if (getpeerucred(sockfd, &ucred) == 0) {
0058         uid = ucred_geteuid(ucred);
0059         gid = ucred_getrgid(ucred);
0060         pid = -1;
0061         ucred_free(ucred);
0062     }
0063 }
0064 
0065 #elif defined(SO_PEERCRED)
0066 
0067 SocketSecurity::SocketSecurity(int sockfd)
0068     : pid(-1)
0069     , gid(-1)
0070     , uid(-1)
0071 {
0072     ucred cred;
0073     ksocklen_t len = sizeof(struct ucred);
0074     if (getsockopt(sockfd, SOL_SOCKET, SO_PEERCRED, &cred, &len) < 0) {
0075         qCCritical(KSUD_LOG) << "getsockopt(SO_PEERCRED) " << strerror(errno);
0076         return;
0077     }
0078     pid = cred.pid;
0079     gid = cred.gid;
0080     uid = cred.uid;
0081 }
0082 
0083 #else
0084 #ifdef __GNUC__
0085 #warning SocketSecurity support for your platform not implemented/available!
0086 #endif
0087 /**
0088  * The default version does nothing.
0089  */
0090 
0091 SocketSecurity::SocketSecurity(int sockfd)
0092     : pid(-1)
0093     , gid(-1)
0094     , uid(-1)
0095 {
0096     static bool warned_him = false;
0097 
0098     if (!warned_him) {
0099         qCWarning(KSUD_LOG) << "Using void socket security. Please add support for your";
0100         qCWarning(KSUD_LOG) << "platform to src/kdesud/secure.cpp";
0101         warned_him = true;
0102     }
0103 
0104     // This passes the test made in handler.cpp
0105     uid = getuid();
0106 }
0107 
0108 #endif