X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=common-src%2Fbsd-security.c;h=2d4304e64212f9909e13316c8697e2f2da33fcfb;hb=377e15b597bafb8e7c2a100f11a0166f7220fe1c;hp=ad2929219e93031d2b060aa15cae0391edfadacb;hpb=42ff24f2a525d5965e1841b2ebe3ee0f4b918ac6;p=debian%2Famanda

diff --git a/common-src/bsd-security.c b/common-src/bsd-security.c
index ad29292..2d4304e 100644
--- a/common-src/bsd-security.c
+++ b/common-src/bsd-security.c
@@ -178,10 +178,8 @@ bsd_connect(
 	 * Only init the IPv6 socket once
 	 */
 	if (res_addr->ai_addr->sa_family == AF_INET6 && not_init6 == 1) {
-	    uid_t euid;
 	    dgram_zero(&netfd6.dgram);
 
-	    euid = geteuid();
 	    set_root_privs(1);
 	    result_bind = dgram_bind(&netfd6.dgram,
 				     res_addr->ai_addr->sa_family, &port);
@@ -220,10 +218,8 @@ bsd_connect(
 	 * Only init the IPv4 socket once
 	 */
 	if (res_addr->ai_addr->sa_family == AF_INET && not_init4 == 1) {
-	    uid_t euid;
 	    dgram_zero(&netfd4.dgram);
 
-	    euid = geteuid();
 	    set_root_privs(1);
 	    result_bind = dgram_bind(&netfd4.dgram,
 				     res_addr->ai_addr->sa_family, &port);
@@ -317,6 +313,7 @@ bsd_accept(
     void	(*fn)(security_handle_t *, pkt_t *),
     void       *datap)
 {
+    struct stat sbuf;
 
     assert(in >= 0 && out >= 0);
     assert(fn != NULL);
@@ -343,7 +340,13 @@ bsd_accept(
     netfd4.prefix_packet = &bsd_prefix_packet;
     netfd4.driver = &bsd_security_driver;
 
-    udp_addref(&netfd4, &udp_netfd_read_callback);
+    /* check if in is a socket */
+    fstat(in, &sbuf);
+    if (S_ISSOCK(sbuf.st_mode)) {
+	udp_addref(&netfd4, &udp_netfd_read_callback);
+    } else {
+	g_warning("input file descriptor is not a socket; cannot use BSD auth");
+    }
 }
 
 /*