3 files changed, 158 insertions, 3 deletions
diff --git a/src/lib/libc/net/Makefile.inc b/src/lib/libc/net/Makefile.inc
index 66f181d473..530bc3f3f0 100644
--- a/src/lib/libc/net/Makefile.inc
+++ b/src/lib/libc/net/Makefile.inc
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile.inc,v 1.47 2010/02/03 20:49:00 miod Exp $
+#       $OpenBSD: Makefile.inc,v 1.48 2010/07/01 19:15:30 deraadt Exp $
 # net sources
 .PATH: ${LIBCSRCDIR}/arch/${MACHINE_CPU}/net ${LIBCSRCDIR}/net
@@ -7,7 +7,7 @@ CFLAGS+=-DRESOLVSORT
 SRCS+=  base64.c freeaddrinfo.c gai_strerror.c getaddrinfo.c gethostnamadr.c \
        getifaddrs.c getnameinfo.c getnetbyaddr.c getnetbyname.c getnetent.c \
-        getnetnamadr.c getproto.c getprotoent.c getprotoname.c \
+        getnetnamadr.c getpeereid.c getproto.c getprotoent.c getprotoname.c \
        getservbyname.c getservbyport.c getservent.c getrrsetbyname.c \
        herror.c if_indextoname.c if_nameindex.c if_nametoindex.c inet_addr.c \
        inet_lnaof.c inet_makeaddr.c inet_neta.c inet_netof.c inet_network.c \
@@ -28,7 +28,7 @@ SRCS+=	ip6opt.c rthdr.c vars6.c
 .include "${LIBCSRCDIR}/arch/${MACHINE_CPU}/net/Makefile.inc"
 MAN+=   byteorder.3 ethers.3 gai_strerror.3 getaddrinfo.3 gethostbyname.3 \
-        getifaddrs.3 getnameinfo.3 getnetent.3 getprotoent.3 \
+        getifaddrs.3 getnameinfo.3 getnetent.3 getpeereid.3 getprotoent.3 \
        getrrsetbyname.3 getservent.3 if_indextoname.3 inet.3 \
        inet_net.3 inet6_option_space.3 inet6_rthdr_space.3 \
        inet6_opt_init.3 inet6_rth_space.3 \
diff --git a/src/lib/libc/net/getpeereid.3 b/src/lib/libc/net/getpeereid.3
new file mode 100644
index 0000000000..c1671a7516
--- /dev/null
+++ b/src/lib/libc/net/getpeereid.3
@@ -0,0 +1,119 @@
+.\"     $OpenBSD: getpeereid.3,v 1.1 2010/07/01 19:15:30 deraadt Exp $
+.\"
+.\" Copyright (c) 1983, 1991, 1993
+.\"     The Regents of the University of California.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.Dd $Mdocdate: July 1 2010 $
+.Dt GETPEEREID 3
+.Os
+.Sh NAME
+.Nm getpeereid
+.Nd get effective user and group identification of locally-connected peer
+.Sh SYNOPSIS
+.Fd #include <sys/types.h>
+.Fd #include <sys/socket.h>
+.Ft int
+.Fn getpeereid "int s" "uid_t *euid" "gid_t *egid"
+.Sh DESCRIPTION
+.Fn getpeereid
+returns the effective user ID and group ID of the peer connected to
+a
+.Ux Ns -domain
+socket (see
+.Xr unix 4 ) .
+The argument
+.Fa s
+must be of type
+.Dv SOCK_STREAM .
+.Pp
+One common use is for
+.Ux Ns -domain
+servers to determine the credentials of clients that have connected to it.
+.Pp
+.Fn getpeereid
+takes three parameters:
+.Bl -bullet
+.It
+.Fa s
+contains the file descriptor of the socket whose peer credentials
+should be looked up.
+.It
+.Fa euid
+points to a
+.Li uid_t
+variable into which the effective user ID for the connected peer will
+be stored.
+.It
+.Fa egid
+points to a
+.Li gid_t
+variable into which the effective group ID for the connected peer will
+be stored.
+.El
+.Sh RETURN VALUES
+If the call succeeds, a 0 is returned and
+.Fa euid
+and
+.Fa egid
+are set to the effective user ID and group ID of the connected peer.
+Otherwise,
+.Va errno
+is set and a value of \-1 is returned.
+.Sh ERRORS
+On failure,
+.Va errno
+is set to one of the following:
+.Bl -tag -width Er
+.It Bq Er EBADF
+The argument
+.Fa s
+is not a valid descriptor.
+.It Bq Er ENOTSOCK
+The argument
+.Fa s
+is a file, not a socket.
+.It Bq Er EOPNOTSUPP
+The socket is not in the
+.Ux Ns -domain .
+.It Bq Er ENOTCONN
+The socket is not connected.
+.It Bq Er ENOBUFS
+Insufficient resources were available in the system
+to perform the operation.
+.El
+.Sh SEE ALSO
+.Xr accept 2 ,
+.Xr bind 2 ,
+.Xr getpeername 2 ,
+.Xr getsockname 2 ,
+.Xr getsockopt 2 ,
+.Xr socket 2 ,
+.Xr unix 4
+.Sh HISTORY
+The
+.Fn getpeereid
+function call appeared in
+.Ox 3.0 .
diff --git a/src/lib/libc/net/getpeereid.c b/src/lib/libc/net/getpeereid.c
new file mode 100644
index 0000000000..208e541f17
--- /dev/null
+++ b/src/lib/libc/net/getpeereid.c
@@ -0,0 +1,36 @@
+/*      $OpenBSD: getpeereid.c,v 1.1 2010/07/01 19:15:30 deraadt Exp $  */
+/*
+ * Copyright (c) 2010 Theo de Raadt <deraadt@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include <sys/types.h>
+#include <sys/socket.h>
+int
+getpeereid(int s, uid_t *euid, gid_t *egid)
+{
+        struct sockpeercred creds;
+        socklen_t credslen = sizeof(creds);
+        int error;
+        error = getsockopt(s, SOL_SOCKET, SO_PEERCRED,
+            &creds, &credslen);
+        if (error)
+                return (error);
+        *euid = creds.uid;
+        *egid = creds.gid;
+        return (0);
+}

diff --git a/src/lib/libc/net/Makefile.inc b/src/lib/libc/net/Makefile.inc index 66f181d473..530bc3f3f0 100644 --- a/src/lib/libc/net/Makefile.inc +++ b/src/lib/libc/net/Makefile.inc
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile.inc,v 1.47 2010/02/03 20:49:00 miod Exp $	1	# $OpenBSD: Makefile.inc,v 1.48 2010/07/01 19:15:30 deraadt Exp $
2		2
3	# net sources	3	# net sources
4	.PATH: ${LIBCSRCDIR}/arch/${MACHINE_CPU}/net ${LIBCSRCDIR}/net	4	.PATH: ${LIBCSRCDIR}/arch/${MACHINE_CPU}/net ${LIBCSRCDIR}/net
@@ -7,7 +7,7 @@ CFLAGS+=-DRESOLVSORT
7		7
8	SRCS+= base64.c freeaddrinfo.c gai_strerror.c getaddrinfo.c gethostnamadr.c \	8	SRCS+= base64.c freeaddrinfo.c gai_strerror.c getaddrinfo.c gethostnamadr.c \
9	getifaddrs.c getnameinfo.c getnetbyaddr.c getnetbyname.c getnetent.c \	9	getifaddrs.c getnameinfo.c getnetbyaddr.c getnetbyname.c getnetent.c \
10	getnetnamadr.c getproto.c getprotoent.c getprotoname.c \	10	getnetnamadr.c getpeereid.c getproto.c getprotoent.c getprotoname.c \
11	getservbyname.c getservbyport.c getservent.c getrrsetbyname.c \	11	getservbyname.c getservbyport.c getservent.c getrrsetbyname.c \
12	herror.c if_indextoname.c if_nameindex.c if_nametoindex.c inet_addr.c \	12	herror.c if_indextoname.c if_nameindex.c if_nametoindex.c inet_addr.c \
13	inet_lnaof.c inet_makeaddr.c inet_neta.c inet_netof.c inet_network.c \	13	inet_lnaof.c inet_makeaddr.c inet_neta.c inet_netof.c inet_network.c \
@@ -28,7 +28,7 @@ SRCS+= ip6opt.c rthdr.c vars6.c
28	.include "${LIBCSRCDIR}/arch/${MACHINE_CPU}/net/Makefile.inc"	28	.include "${LIBCSRCDIR}/arch/${MACHINE_CPU}/net/Makefile.inc"
29		29
30	MAN+= byteorder.3 ethers.3 gai_strerror.3 getaddrinfo.3 gethostbyname.3 \	30	MAN+= byteorder.3 ethers.3 gai_strerror.3 getaddrinfo.3 gethostbyname.3 \
31	getifaddrs.3 getnameinfo.3 getnetent.3 getprotoent.3 \	31	getifaddrs.3 getnameinfo.3 getnetent.3 getpeereid.3 getprotoent.3 \
32	getrrsetbyname.3 getservent.3 if_indextoname.3 inet.3 \	32	getrrsetbyname.3 getservent.3 if_indextoname.3 inet.3 \
33	inet_net.3 inet6_option_space.3 inet6_rthdr_space.3 \	33	inet_net.3 inet6_option_space.3 inet6_rthdr_space.3 \
34	inet6_opt_init.3 inet6_rth_space.3 \	34	inet6_opt_init.3 inet6_rth_space.3 \


diff --git a/src/lib/libc/net/getpeereid.3 b/src/lib/libc/net/getpeereid.3 new file mode 100644 index 0000000000..c1671a7516 --- /dev/null +++ b/src/lib/libc/net/getpeereid.3
@@ -0,0 +1,119 @@
		1	.\" $OpenBSD: getpeereid.3,v 1.1 2010/07/01 19:15:30 deraadt Exp $
		2	.\"
		3	.\" Copyright (c) 1983, 1991, 1993
		4	.\" The Regents of the University of California. All rights reserved.
		5	.\"
		6	.\" Redistribution and use in source and binary forms, with or without
		7	.\" modification, are permitted provided that the following conditions
		8	.\" are met:
		9	.\" 1. Redistributions of source code must retain the above copyright
		10	.\" notice, this list of conditions and the following disclaimer.
		11	.\" 2. Redistributions in binary form must reproduce the above copyright
		12	.\" notice, this list of conditions and the following disclaimer in the
		13	.\" documentation and/or other materials provided with the distribution.
		14	.\" 3. Neither the name of the University nor the names of its contributors
		15	.\" may be used to endorse or promote products derived from this software
		16	.\" without specific prior written permission.
		17	.\"
		18	.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
		19	.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
		20	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
		21	.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
		22	.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
		23	.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
		24	.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
		25	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
		26	.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
		27	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
		28	.\" SUCH DAMAGE.
		29	.Dd $Mdocdate: July 1 2010 $
		30	.Dt GETPEEREID 3
		31	.Os
		32	.Sh NAME
		33	.Nm getpeereid
		34	.Nd get effective user and group identification of locally-connected peer
		35	.Sh SYNOPSIS
		36	.Fd #include <sys/types.h>
		37	.Fd #include <sys/socket.h>
		38	.Ft int
		39	.Fn getpeereid "int s" "uid_t euid" "gid_t egid"
		40	.Sh DESCRIPTION
		41	.Fn getpeereid
		42	returns the effective user ID and group ID of the peer connected to
		43	a
		44	.Ux Ns -domain
		45	socket (see
		46	.Xr unix 4 ) .
		47	The argument
		48	.Fa s
		49	must be of type
		50	.Dv SOCK_STREAM .
		51	.Pp
		52	One common use is for
		53	.Ux Ns -domain
		54	servers to determine the credentials of clients that have connected to it.
		55	.Pp
		56	.Fn getpeereid
		57	takes three parameters:
		58	.Bl -bullet
		59	.It
		60	.Fa s
		61	contains the file descriptor of the socket whose peer credentials
		62	should be looked up.
		63	.It
		64	.Fa euid
		65	points to a
		66	.Li uid_t
		67	variable into which the effective user ID for the connected peer will
		68	be stored.
		69	.It
		70	.Fa egid
		71	points to a
		72	.Li gid_t
		73	variable into which the effective group ID for the connected peer will
		74	be stored.
		75	.El
		76	.Sh RETURN VALUES
		77	If the call succeeds, a 0 is returned and
		78	.Fa euid
		79	and
		80	.Fa egid
		81	are set to the effective user ID and group ID of the connected peer.
		82	Otherwise,
		83	.Va errno
		84	is set and a value of \-1 is returned.
		85	.Sh ERRORS
		86	On failure,
		87	.Va errno
		88	is set to one of the following:
		89	.Bl -tag -width Er
		90	.It Bq Er EBADF
		91	The argument
		92	.Fa s
		93	is not a valid descriptor.
		94	.It Bq Er ENOTSOCK
		95	The argument
		96	.Fa s
		97	is a file, not a socket.
		98	.It Bq Er EOPNOTSUPP
		99	The socket is not in the
		100	.Ux Ns -domain .
		101	.It Bq Er ENOTCONN
		102	The socket is not connected.
		103	.It Bq Er ENOBUFS
		104	Insufficient resources were available in the system
		105	to perform the operation.
		106	.El
		107	.Sh SEE ALSO
		108	.Xr accept 2 ,
		109	.Xr bind 2 ,
		110	.Xr getpeername 2 ,
		111	.Xr getsockname 2 ,
		112	.Xr getsockopt 2 ,
		113	.Xr socket 2 ,
		114	.Xr unix 4
		115	.Sh HISTORY
		116	The
		117	.Fn getpeereid
		118	function call appeared in
		119	.Ox 3.0 .


diff --git a/src/lib/libc/net/getpeereid.c b/src/lib/libc/net/getpeereid.c new file mode 100644 index 0000000000..208e541f17 --- /dev/null +++ b/src/lib/libc/net/getpeereid.c
@@ -0,0 +1,36 @@
		1	/* $OpenBSD: getpeereid.c,v 1.1 2010/07/01 19:15:30 deraadt Exp $ */
		2
		3	/*
		4	* Copyright (c) 2010 Theo de Raadt <deraadt@openbsd.org>
		5	*
		6	* Permission to use, copy, modify, and distribute this software for any
		7	* purpose with or without fee is hereby granted, provided that the above
		8	* copyright notice and this permission notice appear in all copies.
		9	*
		10	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		11	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		12	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		13	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		14	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		15	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		16	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		17	*/
		18
		19	#include <sys/types.h>
		20	#include <sys/socket.h>
		21
		22	int
		23	getpeereid(int s, uid_t euid, gid_t egid)
		24	{
		25	struct sockpeercred creds;
		26	socklen_t credslen = sizeof(creds);
		27	int error;
		28
		29	error = getsockopt(s, SOL_SOCKET, SO_PEERCRED,
		30	&creds, &credslen);
		31	if (error)
		32	return (error);
		33	*euid = creds.uid;
		34	*egid = creds.gid;
		35	return (0);
		36	}