Re: Bug#558406: gnome-keyring-daemon doesn't work on GNU/kFreeBSD
reopen 558406
thanks
Hi,
Sorry to reopen the bug, but the first patch was not the good one and
it doesn't fix the bug at all.
Attached is a patch which definitely fix this bug.
I'm also CC-ing the debian-bsd@ list. Even if the patch fix the bug,
i'm not really statisfied. I suspect a deeper problem on how socket
credentials should work on kFreeBSD.
from egg/egg-unix-credentials.c
--8<----- line 100 ---------
#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
if (cmsg.hdr.cmsg_len < CMSG_LEN (sizeof *cred) ||
cmsg.hdr.cmsg_type != SCM_CREDS) {
fprintf (stderr, "message from recvmsg() was not\n");
return -1;
}
#endif
=> always return -1
------------------------>8--
If the previous test is disabled then if fails on:
--8<----- line 122 ---------
#elif defined(HAVE_CMSGCRED)
cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr);
*pid = cred->cmcred_pid;
*uid = cred->cmcred_euid;
#elif defined(LOCAL_CREDS)
=> uid is always 0, it should be the user id (eg. >= 1000)
------------------------>8--
The fact that the source code builds fine and
HAVE_CMSGCRED/LOCAL_CREDS are defined makes me feel that something is
weird.
I will be glad to get debian-bsd@ folks opinions on it.
Regards,
--
Emmanuel Bouthenot
mail: kolter@{openics,debian}.org gpg: 1024D/0x414EC36E
xmpp: kolter@im.openics.org irc: kolter@{freenode,oftc}
--- gnome-keyring-2.28.1-orig/egg/egg-unix-credentials.c 2009-10-18 01:27:22.000000000 +0200
+++ gnome-keyring-2.28.1/egg/egg-unix-credentials.c 2009-12-07 01:13:17.000000000 +0100
@@ -37,6 +37,10 @@
#include <ucred.h>
#endif
+#if defined(__FreeBSD_kernel__)
+#include <sys/ucred.h>
+#endif
+
int
egg_unix_credentials_read (int sock, pid_t *pid, uid_t *uid)
{
@@ -45,7 +49,7 @@
char buf;
int ret;
-#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+#if (defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)) && !defined(__FreeBSD_kernel__)
/* Prefer CMSGCRED over LOCAL_CREDS because the former provides the
* remote PID. */
#if defined(HAVE_CMSGCRED)
@@ -73,7 +77,7 @@
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
-#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+#if (defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)) && !defined(__FreeBSD_kernel__)
memset (&cmsg, 0, sizeof (cmsg));
msg.msg_control = (caddr_t) &cmsg;
msg.msg_controllen = CMSG_SPACE(sizeof *cred);
@@ -97,7 +101,7 @@
return -1;
}
-#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)
+#if (defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)) && !defined(__FreeBSD_kernel__)
if (cmsg.hdr.cmsg_len < CMSG_LEN (sizeof *cred) ||
cmsg.hdr.cmsg_type != SCM_CREDS) {
fprintf (stderr, "message from recvmsg() was not SCM_CREDS\n");
@@ -119,6 +123,18 @@
cr_len, (int) sizeof (cr));
return -1;
}
+#elif defined(LOCAL_PEERCRED) /* GNU/kFreeBSD */
+ struct xucred cr;
+ socklen_t cr_len = sizeof(cr);
+ *pid = 0;
+
+ if (getsockopt (sock, 0, LOCAL_PEERCRED, &cr, &cr_len) == 0) {
+ *uid = cr.cr_uid;
+ } else {
+ fprintf (stderr, "failed to getsockopt() credentials, returned len %d/%d\n",
+ cr_len, (int) sizeof (cr));
+ return -1;
+ }
#elif defined(HAVE_CMSGCRED)
cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr);
*pid = cred->cmcred_pid;
Reply to: