[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Unix socket auth(EXTERNAL) not working in netbsd



On Sun, Sep 14, 2008 at 09:41:51PM -0700, Howard Chu wrote:
> Pretty sure none of what you quoted below is supported (yet). As far as I 
> knew, the *BSDs all provided a native getpeereid() function so nothing else 
> was needed. At least, FreeBSD and OpenBSD do. If NetBSD doesn't, then I 
> suggest you submit an ITS to get one of the below APIs supported.

According to changelogs, LOCAL_CREDS has been implemented ten years ago 
on NetBSD. I have nothing about getpeerid(), though.

One thing that might explain the mess, from <sys/un.h>:
/* 
 * Socket options for UNIX IPC domain.
 */
#if defined(_NETBSD_SOURCE)
#define LOCAL_CREDS     0x0001          /* pass credentials to receiver */
#define LOCAL_CONNWAIT  0x0002          /* connects block until accepted */
#endif

I don't know the background, but I assume that this is not standard, and
that one wanted to avoid namespace pollution. Unfortunately, that breaks
in OpenLDAP, servers/slapd/daemon.c:

#ifdef LOCAL_CREDS  
                {
                        int one = 1;
                        setsockopt( s, 0, LOCAL_CREDS, &one, sizeof( one ) );
                }
#endif /* LOCAL_CREDS */

Adding a #define _NETBSD_SOURCE may help, but it can also open a can of 
worms.





-- 
Emmanuel Dreyfus
manu@netbsd.org