X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=common-src%2Fbsd-security.c;h=2d4304e64212f9909e13316c8697e2f2da33fcfb;hb=377e15b597bafb8e7c2a100f11a0166f7220fe1c;hp=be023602e9fe1a39ab494dcb4e3b9aef3823c1f0;hpb=d5853102f67d85d8e169f9dbe973ad573306c215;p=debian%2Famanda

diff --git a/common-src/bsd-security.c b/common-src/bsd-security.c
index be02360..2d4304e 100644
--- a/common-src/bsd-security.c
+++ b/common-src/bsd-security.c
@@ -73,6 +73,7 @@ const security_driver_t bsd_security_driver = {
     "BSD",
     bsd_connect,
     bsd_accept,
+    sec_get_authenticated_peer_name_hostname,
     bsd_close,
     udpbsd_sendpkt,
     udp_recvpkt,
@@ -138,7 +139,7 @@ bsd_connect(
     (void)conf_fn;	/* Quiet unused parameter warning */
     (void)datap;        /* Quiet unused parameter warning */
 
-    bh = alloc(SIZEOF(*bh));
+    bh = g_new0(struct sec_handle, 1);
     bh->proto_handle=NULL;
     security_handleinit(&bh->sech, &bsd_security_driver);
 
@@ -177,10 +178,8 @@ bsd_connect(
 	 * Only init the IPv6 socket once
 	 */
 	if (res_addr->ai_addr->sa_family == AF_INET6 && not_init6 == 1) {
-	    uid_t euid;
 	    dgram_zero(&netfd6.dgram);
 
-	    euid = geteuid();
 	    set_root_privs(1);
 	    result_bind = dgram_bind(&netfd6.dgram,
 				     res_addr->ai_addr->sa_family, &port);
@@ -219,10 +218,8 @@ bsd_connect(
 	 * Only init the IPv4 socket once
 	 */
 	if (res_addr->ai_addr->sa_family == AF_INET && not_init4 == 1) {
-	    uid_t euid;
 	    dgram_zero(&netfd4.dgram);
 
-	    euid = geteuid();
 	    set_root_privs(1);
 	    result_bind = dgram_bind(&netfd4.dgram,
 				     res_addr->ai_addr->sa_family, &port);
@@ -316,6 +313,7 @@ bsd_accept(
     void	(*fn)(security_handle_t *, pkt_t *),
     void       *datap)
 {
+    struct stat sbuf;
 
     assert(in >= 0 && out >= 0);
     assert(fn != NULL);
@@ -342,7 +340,13 @@ bsd_accept(
     netfd4.prefix_packet = &bsd_prefix_packet;
     netfd4.driver = &bsd_security_driver;
 
-    udp_addref(&netfd4, &udp_netfd_read_callback);
+    /* check if in is a socket */
+    fstat(in, &sbuf);
+    if (S_ISSOCK(sbuf.st_mode)) {
+	udp_addref(&netfd4, &udp_netfd_read_callback);
+    } else {
+	g_warning("input file descriptor is not a socket; cannot use BSD auth");
+    }
 }
 
 /*
@@ -398,7 +402,7 @@ bsd_stream_server(
 
     assert(bh != NULL);
 
-    bs = alloc(SIZEOF(*bs));
+    bs = g_new0(struct sec_stream, 1);
     security_streaminit(&bs->secstr, &bsd_security_driver);
     bs->socket = stream_server(SU_GET_FAMILY(&bh->udp->peer), &bs->port,
 			       (size_t)STREAM_BUFSIZE, (size_t)STREAM_BUFSIZE,
@@ -453,7 +457,7 @@ bsd_stream_client(
 
     assert(bh != NULL);
 
-    bs = alloc(SIZEOF(*bs));
+    bs = g_new0(struct sec_stream, 1);
     security_streaminit(&bs->secstr, &bsd_security_driver);
     bs->fd = stream_client(bh->hostname, (in_port_t)id,
 	STREAM_BUFSIZE, STREAM_BUFSIZE, &bs->port, 0);