gnome-keyring r1040 - in trunk: . common daemon library pam pkcs11
- From: nnielsen svn gnome org
- To: svn-commits-list gnome org
- Subject: gnome-keyring r1040 - in trunk: . common daemon library pam pkcs11
- Date: Thu, 7 Feb 2008 19:34:55 +0000 (GMT)
Author: nnielsen
Date: Thu Feb 7 19:34:55 2008
New Revision: 1040
URL: http://svn.gnome.org/viewvc/gnome-keyring?rev=1040&view=rev
Log:
* common/Makefile.am:
* common/gkr-daemon-util.h:
* common/gkr-unix-credentials.c: (added)
* common/gkr-unix-credentials.h: (added)
* daemon/gkr-daemon-io.c:
* library/gnome-keyring.c:
* pam/gkr-pam-client.c:
* pam/gkr-pkcs11-daemon-session.c:
* pam/gkr-pkcs11-daemon.c:
* pam/gkr-pkcs11-module.c: Add checking that PKCS#11 socket
connections come from the appropriate uid.
Added:
trunk/common/gkr-unix-credentials.c
trunk/common/gkr-unix-credentials.h
Modified:
trunk/ChangeLog
trunk/common/Makefile.am
trunk/daemon/gkr-daemon-io.c
trunk/library/gnome-keyring.c
trunk/pam/gkr-pam-client.c
trunk/pkcs11/gkr-pkcs11-daemon-session.c
trunk/pkcs11/gkr-pkcs11-daemon.c
trunk/pkcs11/gkr-pkcs11-module.c
Modified: trunk/common/Makefile.am
==============================================================================
--- trunk/common/Makefile.am (original)
+++ trunk/common/Makefile.am Thu Feb 7 19:34:55 2008
@@ -30,6 +30,7 @@
gkr-location-watch.c gkr-location-watch.h \
gkr-secure-memory.c gkr-secure-memory.h \
gkr-unique.c gkr-unique.h \
+ gkr-unix-credentials.c gkr-unix-credentials.h \
gkr-unix-signal.c gkr-unix-signal.h \
gkr-wakeup.c gkr-wakeup.h
@@ -41,11 +42,9 @@
# COMMON STUFF COMPILED INTO LOADABLE MODULES
libgkr_module_common_la_SOURCES = \
- gkr-buffer.c \
- gkr-buffer.h \
- gkr-secure-memory.c \
- gkr-secure-memory.h
-
+ gkr-buffer.c gkr-buffer.h \
+ gkr-secure-memory.c gkr-secure-memory.h \
+ gkr-unix-credentials.c gkr-unix-credentials.h
if WITH_TESTS
TESTS_DIR = tests
Added: trunk/common/gkr-unix-credentials.c
==============================================================================
--- (empty file)
+++ trunk/common/gkr-unix-credentials.c Thu Feb 7 19:34:55 2008
@@ -0,0 +1,196 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* gkr-unix-credentials.c - write and read unix credentials on socket
+
+ Copyright (C) 2003 Red Hat, Inc
+
+ Gnome keyring is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ Gnome keyring is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+ Author: Alexander Larsson <alexl redhat com>
+ Author: Stef Walter <stef memberwebs com>
+*/
+
+#include "config.h"
+
+#include "gkr-unix-credentials.h"
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/uio.h>
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+
+#if defined(HAVE_GETPEERUCRED)
+#include <ucred.h>
+#endif
+
+int
+gkr_unix_credentials_read (int sock, pid_t *pid, uid_t *uid)
+{
+ struct msghdr msg;
+ struct iovec iov;
+ char buf;
+ int ret;
+
+#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+ /* Prefer CMSGCRED over LOCAL_CREDS because the former provides the
+ * remote PID. */
+#if defined(HAVE_CMSGCRED)
+ struct cmsgcred *cred;
+ const size_t cmsglen = CMSG_LEN (sizeof (struct cmsgcred));
+ const size_t cmsgspace = CMSG_SPACE (sizeof (struct cmsgcred));
+#else /* defined(LOCAL_CREDS) */
+ struct sockcred *cred;
+ const size_t cmsglen = CMSG_LEN (sizeof (struct sockcred));
+ const size_t cmsgspace = CMSG_SPACE (sizeof (struct sockcred));
+#endif
+ union {
+ struct cmsghdr hdr;
+ char cred[cmsgspace];
+ } cmsg;
+#endif
+
+ *pid = 0;
+ *uid = 0;
+
+ /* If LOCAL_CREDS are used in this platform, they have already been
+ * initialized by init_connection prior to sending of the credentials
+ * byte we receive below. */
+
+ iov.iov_base = &buf;
+ iov.iov_len = 1;
+
+ memset (&msg, 0, sizeof (msg));
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+
+#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+ memset (&cmsg, 0, sizeof (cmsg));
+ msg.msg_control = (caddr_t) &cmsg;
+ msg.msg_controllen = cmsgspace;
+#endif
+
+ again:
+ ret = recvmsg (sock, &msg, 0);
+
+ if (ret < 0) {
+ if (errno == EINTR)
+ goto again;
+ return -1;
+ }
+
+ if (buf != '\0') {
+ fprintf (stderr, "credentials byte was not nul\n");
+ return -1;
+ }
+
+#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+ if (cmsg.hdr.cmsg_len < cmsglen || cmsg.hdr.cmsg_type != SCM_CREDS) {
+ fprintf (stderr, "message from recvmsg() was not SCM_CREDS\n");
+ return -1;
+ }
+#endif
+
+ {
+#ifdef SO_PEERCRED
+ struct ucred cr;
+ socklen_t cr_len = sizeof (cr);
+
+ if (getsockopt (sock, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 &&
+ cr_len == sizeof (cr)) {
+ *pid = cr.pid;
+ *uid = cr.uid;
+ } else {
+ fprintf (stderr, "failed to getsockopt() credentials, returned len %d/%d\n",
+ cr_len, (int) sizeof (cr));
+ return -1;
+ }
+#elif defined(HAVE_CMSGCRED)
+ cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr);
+ *pid = cred->cmcred_pid;
+ *uid = cred->cmcred_euid;
+#elif defined(LOCAL_CREDS)
+ cred = (struct sockcred *) CMSG_DATA (&cmsg.hdr);
+ *pid = 0;
+ *uid = cred->sc_euid;
+ set_local_creds(fd, FALSE);
+#elif defined(HAVE_GETPEERUCRED)
+ ucred_t *uc = NULL;
+
+ if (getpeerucred (fd, &uc) == 0) {
+ *pid = ucred_getpid (uc);
+ *uid = ucred_geteuid (uc);
+ ucred_free (uc);
+ } else {
+ fprintf (stderr, "getpeerucred() failed: %s\n", strerror (errno));
+ return -1;
+ }
+#else /* !SO_PEERCRED && !HAVE_CMSGCRED */
+ fprintf (stderr, "socket credentials not supported on this OS\n");
+ return -1;
+#endif
+ }
+
+ return 0;
+}
+
+int
+gkr_unix_credentials_write (int socket)
+{
+ char buf;
+ int bytes_written;
+#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
+ union {
+ struct cmsghdr hdr;
+ char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
+ } cmsg;
+ struct iovec iov;
+ struct msghdr msg;
+#endif
+
+ buf = 0;
+
+#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
+ iov.iov_base = &buf;
+ iov.iov_len = 1;
+
+ memset (&msg, 0, sizeof (msg));
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+
+ msg.msg_control = (caddr_t) &cmsg;
+ msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
+ memset (&cmsg, 0, sizeof (cmsg));
+ cmsg.hdr.cmsg_len = CMSG_LEN (sizeof (struct cmsgcred));
+ cmsg.hdr.cmsg_level = SOL_SOCKET;
+ cmsg.hdr.cmsg_type = SCM_CREDS;
+#endif
+
+again:
+
+#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
+ bytes_written = sendmsg (socket, &msg, 0);
+#else
+ bytes_written = write (socket, &buf, 1);
+#endif
+
+ if (bytes_written < 0 && errno == EINTR)
+ goto again;
+
+ if (bytes_written <= 0)
+ return -1;
+
+ return 0;
+}
Added: trunk/common/gkr-unix-credentials.h
==============================================================================
--- (empty file)
+++ trunk/common/gkr-unix-credentials.h Thu Feb 7 19:34:55 2008
@@ -0,0 +1,32 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* gkr-unix-credentials.h - write and read unix credentials on socket
+
+ Copyright (C) 2008 Stefan Walter
+
+ Gnome keyring is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ Gnome keyring is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+ Author: Stef Walter <stef memberwebs com>
+*/
+
+#ifndef GKRUNIXCREDENTIALS_H_
+#define GKRUNIXCREDENTIALS_H_
+
+#include <unistd.h>
+
+int gkr_unix_credentials_read (int sock, pid_t *pid, uid_t *uid);
+
+int gkr_unix_credentials_write (int sock);
+
+#endif /*GKRUNIXCREDENTIALS_H_*/
Modified: trunk/daemon/gkr-daemon-io.c
==============================================================================
--- trunk/daemon/gkr-daemon-io.c (original)
+++ trunk/daemon/gkr-daemon-io.c Thu Feb 7 19:34:55 2008
@@ -31,10 +31,6 @@
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
-#include <sys/uio.h>
-#if defined(HAVE_GETPEERUCRED)
-#include <ucred.h>
-#endif
#include "gkr-daemon.h"
@@ -43,6 +39,7 @@
#include "common/gkr-cleanup.h"
#include "common/gkr-daemon-util.h"
#include "common/gkr-secure-memory.h"
+#include "common/gkr-unix-credentials.h"
#include "keyrings/gkr-keyrings.h"
@@ -137,125 +134,6 @@
}
static gboolean
-read_unix_socket_credentials (int fd,
- pid_t *pid,
- uid_t *uid)
-{
- struct msghdr msg;
- struct iovec iov;
- char buf;
- int ret;
-
-#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
- /* Prefer CMSGCRED over LOCAL_CREDS because the former provides the
- * remote PID. */
-#if defined(HAVE_CMSGCRED)
- struct cmsgcred *cred;
- const size_t cmsglen = CMSG_LEN (sizeof (struct cmsgcred));
- const size_t cmsgspace = CMSG_SPACE (sizeof (struct cmsgcred));
-#else /* defined(LOCAL_CREDS) */
- struct sockcred *cred;
- const size_t cmsglen = CMSG_LEN (sizeof (struct sockcred));
- const size_t cmsgspace = CMSG_SPACE (sizeof (struct sockcred));
-#endif
- union {
- struct cmsghdr hdr;
- char cred[cmsgspace];
- } cmsg;
-#endif
-
- *pid = 0;
- *uid = 0;
-
- /* If LOCAL_CREDS are used in this platform, they have already been
- * initialized by init_connection prior to sending of the credentials
- * byte we receive below. */
-
- iov.iov_base = &buf;
- iov.iov_len = 1;
-
- memset (&msg, 0, sizeof (msg));
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
-
-#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
- memset (&cmsg, 0, sizeof (cmsg));
- msg.msg_control = (caddr_t) &cmsg;
- msg.msg_controllen = cmsgspace;
-#endif
-
- again:
- gkr_async_begin_concurrent ();
-
- ret = recvmsg (fd, &msg, 0);
-
- gkr_async_end_concurrent ();
-
- if (ret < 0) {
- if (errno == EINTR) {
- goto again;
- }
-
- g_warning ("Failed to read credentials byte");
- return FALSE;
- }
-
- if (buf != '\0') {
- g_warning ("Credentials byte was not nul");
- return FALSE;
- }
-
-#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
- if (cmsg.hdr.cmsg_len < cmsglen || cmsg.hdr.cmsg_type != SCM_CREDS) {
- g_warning ("Message from recvmsg() was not SCM_CREDS\n");
- return FALSE;
- }
-#endif
-
- {
-#ifdef SO_PEERCRED
- struct ucred cr;
- socklen_t cr_len = sizeof (cr);
-
- if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len) == 0 &&
- cr_len == sizeof (cr)) {
- *pid = cr.pid;
- *uid = cr.uid;
- } else {
- g_warning ("Failed to getsockopt() credentials, returned len %d/%d\n",
- cr_len, (int) sizeof (cr));
- return FALSE;
- }
-#elif defined(HAVE_CMSGCRED)
- cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr);
- *pid = cred->cmcred_pid;
- *uid = cred->cmcred_euid;
-#elif defined(LOCAL_CREDS)
- cred = (struct sockcred *) CMSG_DATA (&cmsg.hdr);
- *pid = 0;
- *uid = cred->sc_euid;
- set_local_creds(fd, FALSE);
-#elif defined(HAVE_GETPEERUCRED)
- ucred_t *uc = NULL;
-
- if (getpeerucred (fd, &uc) == 0) {
- *pid = ucred_getpid (uc);
- *uid = ucred_geteuid (uc);
- ucred_free (uc);
- } else {
- g_warning ("getpeerucred() failed: %s", strerror (errno));
- return FALSE;
- }
-#else /* !SO_PEERCRED && !HAVE_CMSGCRED */
- g_warning ("Socket credentials not supported on this OS\n");
- return FALSE;
-#endif
- }
-
- return TRUE;
-}
-
-static gboolean
yield_and_read_all (int fd, guchar *buf, int len)
{
int all = len;
@@ -350,6 +228,20 @@
return TRUE;
}
+static gboolean
+yield_and_read_credentials (int sock, pid_t *pid, uid_t *uid)
+{
+ gboolean ret;
+
+ gkr_async_begin_concurrent ();
+
+ ret = gkr_unix_credentials_read (sock, pid, uid) >= 0;
+
+ gkr_async_end_concurrent ();
+
+ return ret;
+}
+
static void
close_fd (gpointer data)
{
@@ -375,7 +267,7 @@
/* 1. First we read and verify the client's user credentials */
debug_print (("GNOME_CLIENT_STATE_CREDENTIALS %p\n", client));
- if (!read_unix_socket_credentials (client->sock, &pid, &uid))
+ if (!yield_and_read_credentials (client->sock, &pid, &uid))
return NULL;
if (getuid() != uid) {
g_warning ("uid mismatch: %u, should be %u\n", (guint)uid, (guint)getuid());
Modified: trunk/library/gnome-keyring.c
==============================================================================
--- trunk/library/gnome-keyring.c (original)
+++ trunk/library/gnome-keyring.c Thu Feb 7 19:34:55 2008
@@ -31,6 +31,7 @@
#include "gnome-keyring-proto.h"
#include "common/gkr-buffer.h"
+#include "common/gkr-unix-credentials.h"
#include <time.h>
#include <unistd.h>
@@ -362,109 +363,24 @@
static GnomeKeyringResult
write_credentials_byte_sync (int socket)
{
- char buf;
- int bytes_written;
-#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
- union {
- struct cmsghdr hdr;
- char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
- } cmsg;
- struct iovec iov;
- struct msghdr msg;
-#endif
-
- buf = 0;
-#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
- iov.iov_base = &buf;
- iov.iov_len = 1;
-
- memset (&msg, 0, sizeof (msg));
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
-
- msg.msg_control = (caddr_t) &cmsg;
- msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
- memset (&cmsg, 0, sizeof (cmsg));
- cmsg.hdr.cmsg_len = CMSG_LEN (sizeof (struct cmsgcred));
- cmsg.hdr.cmsg_level = SOL_SOCKET;
- cmsg.hdr.cmsg_type = SCM_CREDS;
-#endif
-
- again:
-
-#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
- bytes_written = sendmsg (socket, &msg, 0);
-#else
- bytes_written = write (socket, &buf, 1);
-#endif
-
- if (bytes_written < 0 && errno == EINTR)
- goto again;
-
- if (bytes_written <= 0) {
- return GNOME_KEYRING_RESULT_IO_ERROR;
- } else {
- return GNOME_KEYRING_RESULT_OK;
- }
+ if (gkr_unix_credentials_write (socket) < 0)
+ return GNOME_KEYRING_RESULT_IO_ERROR;
+ return GNOME_KEYRING_RESULT_OK;
}
-
static void
write_credentials_byte (GnomeKeyringOperation *op)
{
- char buf;
- int bytes_written;
-#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
- union {
- struct cmsghdr hdr;
- char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
- } cmsg;
- struct iovec iov;
- struct msghdr msg;
-#endif
-
- buf = 0;
-#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
- iov.iov_base = &buf;
- iov.iov_len = 1;
-
- memset (&msg, 0, sizeof (msg));
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
-
- msg.msg_control = (caddr_t) &cmsg;
- msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
- memset (&cmsg, 0, sizeof (cmsg));
- cmsg.hdr.cmsg_len = CMSG_LEN (sizeof (struct cmsgcred));
- cmsg.hdr.cmsg_level = SOL_SOCKET;
- cmsg.hdr.cmsg_type = SCM_CREDS;
-#endif
-
- again:
-
-#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
- bytes_written = sendmsg (op->socket, &msg, 0);
-#else
- bytes_written = write (op->socket, &buf, 1);
-#endif
-
- if (bytes_written < 0 && errno == EINTR)
- goto again;
-
- if (bytes_written <= 0) {
- if (errno == EAGAIN) {
- return;
- }
- schedule_op_failed (op, GNOME_KEYRING_RESULT_IO_ERROR);
- return;
- } else {
- op->state = STATE_WRITING_PACKET;
- return;
- }
+ if (gkr_unix_credentials_write (op->socket) < 0) {
+ if (errno == EAGAIN)
+ return;
+ schedule_op_failed (op, GNOME_KEYRING_RESULT_IO_ERROR);
+ return;
+ }
+
+ op->state = STATE_WRITING_PACKET;
}
-
-
static gboolean
operation_io (GIOChannel *io_channel,
GIOCondition cond,
Modified: trunk/pam/gkr-pam-client.c
==============================================================================
--- trunk/pam/gkr-pam-client.c (original)
+++ trunk/pam/gkr-pam-client.c Thu Feb 7 19:34:55 2008
@@ -26,6 +26,7 @@
#include "gkr-pam.h"
#include "common/gkr-buffer.h"
+#include "common/gkr-unix-credentials.h"
#include <sys/types.h>
#include <sys/socket.h>
@@ -126,54 +127,16 @@
static int
write_credentials_byte (int sock)
{
-#if defined(HAVE_CMSGCRED) && (!defined(LOCAL_CREDS) || defined(__FreeBSD__))
- union {
- struct cmsghdr hdr;
- char cred[CMSG_SPACE (sizeof (struct cmsgcred))];
- } cmsg;
- struct iovec iov;
- struct msghdr msg;
-#endif
-
- int bytes_written;
- char buf = 0;
-
- /*
- * All this fuss is for certain OS's, as a byte needs to have
- * gone through the socket before they know who is on the
- * other side. :(
- */
-
-#if !defined(HAVE_GETPEEREID) && defined(HAVE_CMSGCRED)
- iov.iov_base = &buf;
- iov.iov_len = 1;
-
- memset (&msg, 0, sizeof (msg));
- msg.msg_iov = &iov;
- msg.msg_iovlen = 1;
-
- msg.msg_control = (caddr_t) &cmsg;
- msg.msg_controllen = CMSG_SPACE (sizeof (struct cmsgcred));
- memset (&cmsg, 0, sizeof (cmsg));
- cmsg.hdr.cmsg_len = CMSG_LEN (sizeof (struct cmsgcred));
- cmsg.hdr.cmsg_level = SOL_SOCKET;
- cmsg.hdr.cmsg_type = SCM_CREDS;
-#endif
-
-again:
-
-#if !defined(HAVE_GETPEEREID) && defined(HAVE_CMSGCRED)
- bytes_written = sendmsg (sock, &msg, 0);
-#else
- bytes_written = write (sock, &buf, 1);
-#endif
-
- if (bytes_written < 0) {
- if (errno == EINTR || errno == EAGAIN)
- goto again;
- syslog (GKR_LOG_ERR, "couldn't send credentials to daemon: %s",
- strerror (errno));
- return -1;
+ for (;;) {
+ if (gkr_unix_credentials_write (sock) < 0) {
+ if (errno == EINTR || errno == EAGAIN)
+ continue;
+ syslog (GKR_LOG_ERR, "couldn't send credentials to daemon: %s",
+ strerror (errno));
+ return -1;
+ }
+
+ break;
}
return 0;
Modified: trunk/pkcs11/gkr-pkcs11-daemon-session.c
==============================================================================
--- trunk/pkcs11/gkr-pkcs11-daemon-session.c (original)
+++ trunk/pkcs11/gkr-pkcs11-daemon-session.c Thu Feb 7 19:34:55 2008
@@ -32,6 +32,7 @@
#include "common/gkr-async.h"
#include "common/gkr-buffer.h"
+#include "common/gkr-unix-credentials.h"
#include "keyrings/gkr-keyring-login.h"
@@ -1592,6 +1593,20 @@
return TRUE;
}
+static gboolean
+session_read_credentials (int sock, pid_t *pid, uid_t *uid)
+{
+ gboolean ret;
+
+ gkr_async_begin_concurrent ();
+
+ ret = gkr_unix_credentials_read (sock, pid, uid) >= 0;
+
+ gkr_async_end_concurrent ();
+
+ return ret;
+}
+
gpointer
gkr_pkcs11_daemon_session_thread (gpointer user_data)
{
@@ -1601,11 +1616,21 @@
CK_RV ret;
uint32_t len;
int sock;
+ uid_t uid;
+ pid_t pid;
/* The argument to the worker thread is the socket */
sock = GPOINTER_TO_INT (user_data);
g_assert (sock >= 0);
+ /* Make sure the credentials are appropriate */
+ if (!session_read_credentials (sock, &pid, &uid))
+ return NULL;
+ if (getuid() != uid) {
+ g_warning ("uid mismatch: %u, should be %u\n", (guint)uid, (guint)getuid());
+ return NULL;
+ }
+
/* Setup our buffers */
/* TODO: Do these need to be secure buffers? */
req = gkr_pkcs11_message_new ((GkrBufferAllocator)g_realloc);
Modified: trunk/pkcs11/gkr-pkcs11-daemon.c
==============================================================================
--- trunk/pkcs11/gkr-pkcs11-daemon.c (original)
+++ trunk/pkcs11/gkr-pkcs11-daemon.c Thu Feb 7 19:34:55 2008
@@ -208,8 +208,6 @@
return FALSE;
}
- /* TODO: Socket credentials */
-
pkcs11_socket_channel = g_io_channel_unix_new (sock);
g_io_add_watch (pkcs11_socket_channel, G_IO_IN | G_IO_HUP,
handle_new_connection, NULL);
Modified: trunk/pkcs11/gkr-pkcs11-module.c
==============================================================================
--- trunk/pkcs11/gkr-pkcs11-module.c (original)
+++ trunk/pkcs11/gkr-pkcs11-module.c Thu Feb 7 19:34:55 2008
@@ -30,6 +30,7 @@
#include "common/gkr-buffer.h"
#include "common/gkr-secure-memory.h"
+#include "common/gkr-unix-credentials.h"
#include <sys/types.h>
#include <sys/socket.h>
@@ -125,7 +126,7 @@
va_end (va);
}
-#ifdef _xDEBUG
+#ifdef _DEBUG
static void
gkr_pkcs11_debug (const char* msg, ...)
@@ -327,10 +328,17 @@
return CKR_DEVICE_ERROR;
}
+ if (gkr_unix_credentials_write (sock) < 0) {
+ close (sock);
+ WARN (("S%d: couldn't send socket credentials: %s",
+ cs->id, strerror (errno)));
+ return CKR_DEVICE_ERROR;
+ }
+
cs->socket = sock;
cs->call_state = CALL_READY;
-
DBG (("S%d: connected", cs->id));
+
return CKR_OK;
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]