From: Lennart Poettering Date: Sun, 4 Feb 2007 15:01:41 +0000 (+0000) Subject: Use SCM_CREDENTIALS for authentication of netlink data from kernel X-Git-Url: https://git.meshlink.io/?a=commitdiff_plain;h=d53beee9e511af84fb39cd2aa6c1c1cc3cfd06d2;p=catta Use SCM_CREDENTIALS for authentication of netlink data from kernel git-svn-id: file:///home/lennart/svn/public/avahi/trunk@1381 941a03a8-eaeb-0310-b9a0-b1bbd8fe43fe --- diff --git a/avahi-autoipd/iface-linux.c b/avahi-autoipd/iface-linux.c index 2ad8a61..55e1da6 100644 --- a/avahi-autoipd/iface-linux.c +++ b/avahi-autoipd/iface-linux.c @@ -66,6 +66,7 @@ AVAHI_LLIST_HEAD(Address, addresses) = NULL; int iface_init(int i) { struct sockaddr_nl addr; + int on = 1; if ((fd = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE)) < 0) { daemon_log(LOG_ERR, "socket(PF_NETLINK): %s", strerror(errno)); @@ -81,6 +82,11 @@ int iface_init(int i) { daemon_log(LOG_ERR, "bind(): %s", strerror(errno)); goto fail; } + + if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)) < 0) { + daemon_log(LOG_ERR, "SO_PASSCRED: %s", strerror(errno)); + goto fail; + } ifindex = i; @@ -179,13 +185,41 @@ static int process_response(int wait_for_done, unsigned seq) { size_t bytes; ssize_t r; char replybuf[2048]; + char cred_msg[CMSG_SPACE(sizeof(struct ucred))]; + struct msghdr msghdr; + struct cmsghdr *cmsghdr; + struct ucred *ucred; + struct iovec iov; struct nlmsghdr *p = (struct nlmsghdr *) replybuf; + + memset(&iov, 0, sizeof(iov)); + iov.iov_base = replybuf; + iov.iov_len = sizeof(replybuf); + + memset(&msghdr, 0, sizeof(msghdr)); + msghdr.msg_name = (void*) NULL; + msghdr.msg_namelen = 0; + msghdr.msg_iov = &iov; + msghdr.msg_iovlen = 1; + msghdr.msg_control = cred_msg; + msghdr.msg_controllen = sizeof(cred_msg); + msghdr.msg_flags = 0; + + if ((r = recvmsg(fd, &msghdr, 0)) < 0) { + daemon_log(LOG_ERR, "recvmsg() failed: %s", strerror(errno)); + return -1; + } - if ((r = recv(fd, replybuf, sizeof(replybuf), 0)) < 0) { - daemon_log(LOG_ERR, "recv() failed: %s", strerror(errno)); + if (!(cmsghdr = CMSG_FIRSTHDR(&msghdr)) || cmsghdr->cmsg_type != SCM_CREDENTIALS) { + daemon_log(LOG_WARNING, "No sender credentials received, ignoring data."); return -1; } + ucred = (struct ucred*) CMSG_DATA(cmsghdr); + + if (ucred->uid != 0) + return -1; + bytes = (size_t) r; for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) {