diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2020-02-19 17:00:23 +0000 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2020-02-19 17:07:55 +0000 |
| commit | 5399df8075b16fdc8a8fe4249972c2786fe6fcab (patch) | |
| tree | 40505f83e5065d81c472f16924724a00991820f7 | |
| parent | f254e59264330fee415229fe8af2fa974d1d3a10 (diff) | |
Unix socket creds sockopt for BSD-ish platforms
| -rw-r--r-- | src/src/daemon.c | 24 | ||||
| -rw-r--r-- | src/src/expand.c | 6 |
2 files changed, 20 insertions, 10 deletions
diff --git a/src/src/daemon.c b/src/src/daemon.c index 265ee2bb6..bb9b32f4e 100644 --- a/src/src/daemon.c +++ b/src/src/daemon.c @@ -1006,7 +1006,15 @@ if (bind(fd, (const struct sockaddr *)&sun, len) < 0) goto bad; where = US"SO_PASSCRED"; -if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) +if (setsockopt(fd, SOL_SOCKET, +#ifdef SO_PASSCRED /* Linux */ + SO_PASSCRED, +#elif defined(LOCAL_CREDS) /* BSD-ish */ + LOCAL_CREDS, +#else +# error no SO_PASSCRED +#endif + &on, sizeof(on)) < 0) goto bad; /* debug_printf("%s: fd %d\n", __FUNCTION__, fd); */ @@ -1051,7 +1059,7 @@ DEBUG(D_queue_run) debug_printf("%s from addr%s '%s'\n", __FUNCTION__, /* Refuse to handle the item unless the peer has good credentials */ #ifdef SCM_CREDENTIALS # define EXIM_SCM_CR_TYPE SCM_CREDENTIALS -#elif defined(SCM_CREDS) +#elif defined(LOCAL_CREDS) && defined(SCM_CREDS) # define EXIM_SCM_CR_TYPE SCM_CREDS #else # error no SCM creds knowlege @@ -1062,19 +1070,19 @@ for (struct cmsghdr * cp = CMSG_FIRSTHDR(&msg); cp = CMSG_NXTHDR(&msg, cp)) if (cp->cmsg_level == SOL_SOCKET && cp->cmsg_type == EXIM_SCM_CR_TYPE) { -#ifdef SCM_CREDENTIALS +#ifdef SCM_CREDENTIALS /* Linux */ struct ucred * cr = (struct ucred *) CMSG_DATA(cp); if (cr->uid && cr->uid != exim_uid) { DEBUG(D_queue_run) debug_printf("%s: sender creds pid %d uid %d gid %d\n", __FUNCTION__, (int)cr->pid, (int)cr->uid, (int)cr->gid); return FALSE; -#elif defined(SCM_CREDS) - struct cmsgcred * cr = (struct cmsgcred *) CMSG_DATA(cp); - if (cr->cmcred_uid && cr->cmcred_uid != exim_uid) +#elif defined(LOCAL_CREDS) /* BSD-ish */ + struct sockcred * cr = (struct sockcred *) CMSG_DATA(cp); + if (cr->sc_uid && cr->sc_uid != exim_uid) { - DEBUG(D_queue_run) debug_printf("%s: sender creds pid %d uid %d gid %d\n", - __FUNCTION__, (int)cr->cmcred_pid, (int)cr->cmcred_uid, (int)cr->cmcred_gid); + DEBUG(D_queue_run) debug_printf("%s: sender creds pid ??? uid %d gid %d\n", + __FUNCTION__, (int)cr->sc_uid, (int)cr->sc_gid); return FALSE; #endif } diff --git a/src/src/expand.c b/src/src/expand.c index cd4522afb..427effedf 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -1773,7 +1773,8 @@ len = offsetof(struct sockaddr_un, sun_path) spool_directory, getpid()); #endif -if (bind(fd, &sun, len) < 0) { where = US"bind"; goto bad; } +if (bind(fd, (const struct sockaddr *)&sun, len) < 0) + { where = US"bind"; goto bad; } #ifdef notdef debug_printf("local%s '%s'\n", *sun.sun_path ? "" : " abstract", @@ -1784,7 +1785,8 @@ sun.sun_path[0] = 0; /* Abstract local socket addr - Linux-specific? */ len = offsetof(struct sockaddr_un, sun_path) + 1 + snprintf(sun.sun_path+1, sizeof(sun.sun_path)-1, "%s", NOTIFIER_SOCKET_NAME); -if (connect(fd, &sun, len) < 0) { where = US"connect"; goto bad; } +if (connect(fd, (const struct sockaddr *)&sun, len) < 0) + { where = US"connect"; goto bad; } buf[0] = NOTIFY_QUEUE_SIZE_REQ; if (send(fd, buf, 1, 0) < 0) { where = US"send"; goto bad; } |