diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2014-10-11 18:28:04 +0000 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2014-10-11 18:28:04 +0000 |
| commit | 697b9afe00c21df9fc74c748ea35113b4b37c4b4 (patch) | |
| tree | fd3a5755a6880643d192ebb7043dd501dedd1505 /winsup/cygwin/fhandler_socket.cc | |
| parent | a85ab1d48243778e745b8f04b3eb67b8c13a64ad (diff) | |
| download | cygnal-697b9afe00c21df9fc74c748ea35113b4b37c4b4.tar.gz cygnal-697b9afe00c21df9fc74c748ea35113b4b37c4b4.tar.bz2 cygnal-697b9afe00c21df9fc74c748ea35113b4b37c4b4.zip | |
Add setsockopt(sd, SOL_SOCKET, SO_PEERCRED, NULL, 0) to disable
initial handshake on AF_LOCAL sockets.
* fhandler.h (class fhandler_socket): Add no_getpeereid status flag.
(fhandler_socket::af_local_set_no_getpeereid): New prototype.
* fhandler_socket.cc (fhandler_socket::af_local_connect): Skip handshake
if no_getpeereid is set. Add debug output.
(fhandler_socket::af_local_accept): Likewise.
(fhandler_socket::af_local_set_no_getpeereid): New function.
(fhandler_socket::af_local_copy): Copy no_getpeereid.
(fhandler_socket::getpeereid): Fail if no_getpeereid is set.
* net.cc (cygwin_setsockopt): Add SO_PEERCRED for AF_LOCAL/SOCK_STREAM
sockets. Add comment to explain why we need it.
* include/cygwin/version.h (CYGWIN_VERSION_API_MINOR): Bump.
Diffstat (limited to 'winsup/cygwin/fhandler_socket.cc')
| -rw-r--r-- | winsup/cygwin/fhandler_socket.cc | 35 |
1 files changed, 33 insertions, 2 deletions
diff --git a/winsup/cygwin/fhandler_socket.cc b/winsup/cygwin/fhandler_socket.cc index e2750ea72..ff150448e 100644 --- a/winsup/cygwin/fhandler_socket.cc +++ b/winsup/cygwin/fhandler_socket.cc @@ -401,7 +401,10 @@ fhandler_socket::af_local_connect () if (get_addr_family () != AF_LOCAL || get_socket_type () != SOCK_STREAM) return 0; - debug_printf ("af_local_connect called"); + debug_printf ("af_local_connect called, no_getpeereid=%d", no_getpeereid ()); + if (no_getpeereid ()) + return 0; + connect_state (connect_credxchg); af_local_setblocking (orig_async_io, orig_is_nonblocking); if (!af_local_send_secret () || !af_local_recv_secret () @@ -421,7 +424,10 @@ fhandler_socket::af_local_accept () { bool orig_async_io, orig_is_nonblocking; - debug_printf ("af_local_accept called"); + debug_printf ("af_local_accept called, no_getpeereid=%d", no_getpeereid ()); + if (no_getpeereid ()) + return 0; + connect_state (connect_credxchg); af_local_setblocking (orig_async_io, orig_is_nonblocking); if (!af_local_recv_secret () || !af_local_send_secret () @@ -437,6 +443,25 @@ fhandler_socket::af_local_accept () return 0; } +int +fhandler_socket::af_local_set_no_getpeereid () +{ + if (get_addr_family () != AF_LOCAL || get_socket_type () != SOCK_STREAM) + { + set_errno (EINVAL); + return -1; + } + if (connect_state () != unconnected) + { + set_errno (EALREADY); + return -1; + } + + debug_printf ("no_getpeereid set"); + no_getpeereid (true); + return 0; +} + void fhandler_socket::af_local_set_cred () { @@ -461,6 +486,7 @@ fhandler_socket::af_local_copy (fhandler_socket *sock) sock->sec_peer_pid = sec_peer_pid; sock->sec_peer_uid = sec_peer_uid; sock->sec_peer_gid = sec_peer_gid; + sock->no_getpeereid (no_getpeereid ()); } void @@ -2303,6 +2329,11 @@ fhandler_socket::getpeereid (pid_t *pid, uid_t *euid, gid_t *egid) set_errno (EINVAL); return -1; } + if (no_getpeereid ()) + { + set_errno (ENOTSUP); + return -1; + } if (connect_state () != connected) { set_errno (ENOTCONN); |