From b179d7e13dbf37510aaac7c33b6fa9cc4ac756aa Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Thu, 1 Jul 2010 19:15:30 +0000
Subject: getpeereid() can now be a library routine using getsockopt() with
 SOL_SOCKET and SO_PEERCRED, only issue being that it cannot return EFAULT for
 a page fault.  The kernel code will soon be put into compat, and then in 10
 years or so tedu will delete it. ok guenther millert

---
 src/lib/libc/net/Makefile.inc |   6 +--
 src/lib/libc/net/getpeereid.3 | 119 ++++++++++++++++++++++++++++++++++++++++++
 src/lib/libc/net/getpeereid.c |  36 +++++++++++++
 3 files changed, 158 insertions(+), 3 deletions(-)
 create mode 100644 src/lib/libc/net/getpeereid.3
 create mode 100644 src/lib/libc/net/getpeereid.c

diff --git a/src/lib/libc/net/Makefile.inc b/src/lib/libc/net/Makefile.inc
index 66f181d473..530bc3f3f0 100644
--- a/src/lib/libc/net/Makefile.inc
+++ b/src/lib/libc/net/Makefile.inc
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile.inc,v 1.47 2010/02/03 20:49:00 miod Exp $
+#	$OpenBSD: Makefile.inc,v 1.48 2010/07/01 19:15:30 deraadt Exp $
 
 # net sources
 .PATH: ${LIBCSRCDIR}/arch/${MACHINE_CPU}/net ${LIBCSRCDIR}/net
@@ -7,7 +7,7 @@ CFLAGS+=-DRESOLVSORT
 
 SRCS+=	base64.c freeaddrinfo.c gai_strerror.c getaddrinfo.c gethostnamadr.c \
 	getifaddrs.c getnameinfo.c getnetbyaddr.c getnetbyname.c getnetent.c \
-	getnetnamadr.c getproto.c getprotoent.c getprotoname.c \
+	getnetnamadr.c getpeereid.c getproto.c getprotoent.c getprotoname.c \
 	getservbyname.c getservbyport.c getservent.c getrrsetbyname.c \
 	herror.c if_indextoname.c if_nameindex.c if_nametoindex.c inet_addr.c \
 	inet_lnaof.c inet_makeaddr.c inet_neta.c inet_netof.c inet_network.c \
@@ -28,7 +28,7 @@ SRCS+=	ip6opt.c rthdr.c vars6.c
 .include "${LIBCSRCDIR}/arch/${MACHINE_CPU}/net/Makefile.inc"
 
 MAN+=	byteorder.3 ethers.3 gai_strerror.3 getaddrinfo.3 gethostbyname.3 \
-	getifaddrs.3 getnameinfo.3 getnetent.3 getprotoent.3 \
+	getifaddrs.3 getnameinfo.3 getnetent.3 getpeereid.3 getprotoent.3 \
 	getrrsetbyname.3 getservent.3 if_indextoname.3 inet.3 \
 	inet_net.3 inet6_option_space.3 inet6_rthdr_space.3 \
 	inet6_opt_init.3 inet6_rth_space.3 \
diff --git a/src/lib/libc/net/getpeereid.3 b/src/lib/libc/net/getpeereid.3
new file mode 100644
index 0000000000..c1671a7516
--- /dev/null
+++ b/src/lib/libc/net/getpeereid.3
@@ -0,0 +1,119 @@
+.\"	$OpenBSD: getpeereid.3,v 1.1 2010/07/01 19:15:30 deraadt Exp $
+.\"
+.\" Copyright (c) 1983, 1991, 1993
+.\"	The Regents of the University of California.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.Dd $Mdocdate: July 1 2010 $
+.Dt GETPEEREID 3
+.Os
+.Sh NAME
+.Nm getpeereid
+.Nd get effective user and group identification of locally-connected peer
+.Sh SYNOPSIS
+.Fd #include <sys/types.h>
+.Fd #include <sys/socket.h>
+.Ft int
+.Fn getpeereid "int s" "uid_t *euid" "gid_t *egid"
+.Sh DESCRIPTION
+.Fn getpeereid
+returns the effective user ID and group ID of the peer connected to
+a
+.Ux Ns -domain
+socket (see
+.Xr unix 4 ) .
+The argument
+.Fa s
+must be of type
+.Dv SOCK_STREAM .
+.Pp
+One common use is for
+.Ux Ns -domain
+servers to determine the credentials of clients that have connected to it.
+.Pp
+.Fn getpeereid
+takes three parameters:
+.Bl -bullet
+.It
+.Fa s
+contains the file descriptor of the socket whose peer credentials
+should be looked up.
+.It
+.Fa euid
+points to a
+.Li uid_t
+variable into which the effective user ID for the connected peer will
+be stored.
+.It
+.Fa egid
+points to a
+.Li gid_t
+variable into which the effective group ID for the connected peer will
+be stored.
+.El
+.Sh RETURN VALUES
+If the call succeeds, a 0 is returned and
+.Fa euid
+and
+.Fa egid
+are set to the effective user ID and group ID of the connected peer.
+Otherwise,
+.Va errno
+is set and a value of \-1 is returned.
+.Sh ERRORS
+On failure,
+.Va errno
+is set to one of the following:
+.Bl -tag -width Er
+.It Bq Er EBADF
+The argument
+.Fa s
+is not a valid descriptor.
+.It Bq Er ENOTSOCK
+The argument
+.Fa s
+is a file, not a socket.
+.It Bq Er EOPNOTSUPP
+The socket is not in the
+.Ux Ns -domain .
+.It Bq Er ENOTCONN
+The socket is not connected.
+.It Bq Er ENOBUFS
+Insufficient resources were available in the system
+to perform the operation.
+.El
+.Sh SEE ALSO
+.Xr accept 2 ,
+.Xr bind 2 ,
+.Xr getpeername 2 ,
+.Xr getsockname 2 ,
+.Xr getsockopt 2 ,
+.Xr socket 2 ,
+.Xr unix 4
+.Sh HISTORY
+The
+.Fn getpeereid
+function call appeared in
+.Ox 3.0 .
diff --git a/src/lib/libc/net/getpeereid.c b/src/lib/libc/net/getpeereid.c
new file mode 100644
index 0000000000..208e541f17
--- /dev/null
+++ b/src/lib/libc/net/getpeereid.c
@@ -0,0 +1,36 @@
+/*	$OpenBSD: getpeereid.c,v 1.1 2010/07/01 19:15:30 deraadt Exp $	*/
+
+/*
+ * Copyright (c) 2010 Theo de Raadt <deraadt@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+
+int
+getpeereid(int s, uid_t *euid, gid_t *egid)
+{
+	struct sockpeercred creds;
+	socklen_t credslen = sizeof(creds);
+	int error;
+
+	error = getsockopt(s, SOL_SOCKET, SO_PEERCRED,
+	    &creds, &credslen);
+	if (error)
+		return (error);
+	*euid = creds.uid;
+	*egid = creds.gid;
+	return (0);
+}
-- 
cgit v1.2.3-55-g6feb