reopen 558406 thanks Hi,
Sorry to reopen the bug, but the first patch was not the good one and it doesn't fix the bug at all. Attached is a patch which definitely fix this bug. I'm also CC-ing the debian-bsd@ list. Even if the patch fix the bug, i'm not really statisfied. I suspect a deeper problem on how socket credentials should work on kFreeBSD. from egg/egg-unix-credentials.c --8<----- line 100 --------- #if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS) if (cmsg.hdr.cmsg_len < CMSG_LEN (sizeof *cred) || cmsg.hdr.cmsg_type != SCM_CREDS) { fprintf (stderr, "message from recvmsg() was not\n"); return -1; } #endif => always return -1 ------------------------>8-- If the previous test is disabled then if fails on: --8<----- line 122 --------- #elif defined(HAVE_CMSGCRED) cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr); *pid = cred->cmcred_pid; *uid = cred->cmcred_euid; #elif defined(LOCAL_CREDS) => uid is always 0, it should be the user id (eg. >= 1000) ------------------------>8-- The fact that the source code builds fine and HAVE_CMSGCRED/LOCAL_CREDS are defined makes me feel that something is weird. I will be glad to get debian-bsd@ folks opinions on it. Regards, -- Emmanuel Bouthenot mail: kol...@{openics,debian}.org gpg: 1024D/0x414EC36E xmpp: kol...@im.openics.org irc: kol...@{freenode,oftc}
--- gnome-keyring-2.28.1-orig/egg/egg-unix-credentials.c 2009-10-18 01:27:22.000000000 +0200 +++ gnome-keyring-2.28.1/egg/egg-unix-credentials.c 2009-12-07 01:13:17.000000000 +0100 @@ -37,6 +37,10 @@ #include <ucred.h> #endif +#if defined(__FreeBSD_kernel__) +#include <sys/ucred.h> +#endif + int egg_unix_credentials_read (int sock, pid_t *pid, uid_t *uid) { @@ -45,7 +49,7 @@ char buf; int ret; -#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS) +#if (defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)) && !defined(__FreeBSD_kernel__) /* Prefer CMSGCRED over LOCAL_CREDS because the former provides the * remote PID. */ #if defined(HAVE_CMSGCRED) @@ -73,7 +77,7 @@ msg.msg_iov = &iov; msg.msg_iovlen = 1; -#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS) +#if (defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)) && !defined(__FreeBSD_kernel__) memset (&cmsg, 0, sizeof (cmsg)); msg.msg_control = (caddr_t) &cmsg; msg.msg_controllen = CMSG_SPACE(sizeof *cred); @@ -97,7 +101,7 @@ return -1; } -#if defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS) +#if (defined(HAVE_CMSGCRED) || defined(LOCAL_CREDS)) && !defined(__FreeBSD_kernel__) if (cmsg.hdr.cmsg_len < CMSG_LEN (sizeof *cred) || cmsg.hdr.cmsg_type != SCM_CREDS) { fprintf (stderr, "message from recvmsg() was not SCM_CREDS\n"); @@ -119,6 +123,18 @@ cr_len, (int) sizeof (cr)); return -1; } +#elif defined(LOCAL_PEERCRED) /* GNU/kFreeBSD */ + struct xucred cr; + socklen_t cr_len = sizeof(cr); + *pid = 0; + + if (getsockopt (sock, 0, LOCAL_PEERCRED, &cr, &cr_len) == 0) { + *uid = cr.cr_uid; + } else { + fprintf (stderr, "failed to getsockopt() credentials, returned len %d/%d\n", + cr_len, (int) sizeof (cr)); + return -1; + } #elif defined(HAVE_CMSGCRED) cred = (struct cmsgcred *) CMSG_DATA (&cmsg.hdr); *pid = cred->cmcred_pid;