-/* $Id$ */
-
/***
This file is part of avahi.
-
+
avahi is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as
published by the Free Software Foundation; either version 2.1 of the
License, or (at your option) any later version.
-
+
avahi is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
Public License for more details.
-
+
You should have received a copy of the GNU Lesser General Public
License along with avahi; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
int avahi_netlink_work(AvahiNetlink *nl, int block) {
ssize_t bytes;
+ struct msghdr smsg;
+ struct cmsghdr *cmsg;
+ struct ucred *cred;
+ struct iovec iov;
struct nlmsghdr *p;
-
+ char cred_msg[CMSG_SPACE(sizeof(struct ucred))];
+
assert(nl);
-
- if ((bytes = recv(nl->fd, nl->buffer, nl->buffer_length, block ? 0 : MSG_DONTWAIT)) < 0) {
-
+
+ iov.iov_base = nl->buffer;
+ iov.iov_len = nl->buffer_length;
+
+ smsg.msg_name = NULL;
+ smsg.msg_namelen = 0;
+ smsg.msg_iov = &iov;
+ smsg.msg_iovlen = 1;
+ smsg.msg_control = cred_msg;
+ smsg.msg_controllen = sizeof(cred_msg);
+ smsg.msg_flags = (block ? 0 : MSG_DONTWAIT);
+
+ if ((bytes = recvmsg(nl->fd, &smsg, 0)) < 0) {
if (errno == EAGAIN || errno == EINTR)
return 0;
-
- avahi_log_error(__FILE__": recv() failed: %s", strerror(errno));
+
+ avahi_log_error(__FILE__": recvmsg() failed: %s", strerror(errno));
return -1;
}
+ cmsg = CMSG_FIRSTHDR(&smsg);
+
+ if (!cmsg || cmsg->cmsg_type != SCM_CREDENTIALS) {
+ avahi_log_warn("No sender credentials received, ignoring data.");
+ return -1;
+ }
+
+ cred = (struct ucred*) CMSG_DATA(cmsg);
+
+ if (cred->uid != 0)
+ return -1;
+
p = (struct nlmsghdr *) nl->buffer;
-
+
assert(nl->callback);
-
+
for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) {
if (!NLMSG_OK(p, (size_t) bytes)) {
avahi_log_warn(__FILE__": packet truncated");
return -1;
}
-
+
nl->callback(nl, p, nl->userdata);
}
-
+
return 0;
}
AvahiNetlink *avahi_netlink_new(const AvahiPoll *poll_api, uint32_t groups, void (*cb) (AvahiNetlink *nl, struct nlmsghdr *n, void* userdata), void* userdata) {
int fd = -1;
+ const int on = 1;
struct sockaddr_nl addr;
AvahiNetlink *nl = NULL;
avahi_log_error(__FILE__": socket(PF_NETLINK): %s", strerror(errno));
return NULL;
}
-
+
memset(&addr, 0, sizeof(addr));
addr.nl_family = AF_NETLINK;
addr.nl_groups = groups;
goto fail;
}
+ if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) {
+ avahi_log_error(__FILE__": SO_PASSCRED: %s", strerror(errno));
+ goto fail;
+ }
+
if (!(nl = avahi_new(AvahiNetlink, 1))) {
avahi_log_error(__FILE__": avahi_new() failed.");
goto fail;
avahi_log_error(__FILE__": Failed to create watch.");
goto fail;
}
-
+
return nl;
fail:
if (nl->fd >= 0)
close(nl->fd);
-
+
avahi_free(nl->buffer);
avahi_free(nl);
}
int avahi_netlink_send(AvahiNetlink *nl, struct nlmsghdr *m, unsigned *ret_seq) {
assert(nl);
assert(m);
-
+
m->nlmsg_seq = nl->seq++;
m->nlmsg_flags |= NLM_F_ACK;