diff options
| author | Bruce Momjian <bruce@momjian.us> | 2002-12-03 21:50:44 +0000 |
|---|---|---|
| committer | Bruce Momjian <bruce@momjian.us> | 2002-12-03 21:50:44 +0000 |
| commit | f988edb4e1b86ece3a376e774a1d52da72714fb0 (patch) | |
| tree | b88bd52e2ee33f907afff923a22c2a8a0ff9fda8 | |
| parent | 31504cc83b82616bb12a23905ce33a0adf7d80b7 (diff) | |
| download | postgresql-f988edb4e1b86ece3a376e774a1d52da72714fb0.tar.gz postgresql-f988edb4e1b86ece3a376e774a1d52da72714fb0.zip | |
Add OpenBSD local indent credentials, from William Ahern.
| -rwxr-xr-x | configure | 3 | ||||
| -rw-r--r-- | configure.in | 4 | ||||
| -rw-r--r-- | doc/src/sgml/client-auth.sgml | 5 | ||||
| -rw-r--r-- | src/backend/libpq/hba.c | 31 |
4 files changed, 36 insertions, 7 deletions
diff --git a/configure b/configure index 80b22f91f4c..bb0a28bb081 100755 --- a/configure +++ b/configure @@ -9819,7 +9819,8 @@ test $ac_cv_func_memcmp_working = no && LIBOBJS="$LIBOBJS memcmp.$ac_objext" -for ac_func in cbrt fcvt getopt_long memmove pstat setproctitle setsid sigprocmask sysconf waitpid dlopen fdatasync + +for ac_func in cbrt fcvt getopt_long getpeereid memmove pstat setproctitle setsid sigprocmask sysconf waitpid dlopen fdatasync do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 diff --git a/configure.in b/configure.in index c6ba894b0f9..68123ae74cc 100644 --- a/configure.in +++ b/configure.in @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -dnl $Header: /cvsroot/pgsql/configure.in,v 1.218 2002/11/04 21:36:13 tgl Exp $ +dnl $Header: /cvsroot/pgsql/configure.in,v 1.219 2002/12/03 21:50:43 momjian Exp $ dnl dnl Developers, please strive to achieve this order: dnl @@ -782,7 +782,7 @@ PGAC_FUNC_GETTIMEOFDAY_1ARG # SunOS doesn't handle negative byte comparisons properly with +/- return AC_FUNC_MEMCMP -AC_CHECK_FUNCS([cbrt fcvt getopt_long memmove pstat setproctitle setsid sigprocmask sysconf waitpid dlopen fdatasync]) +AC_CHECK_FUNCS([cbrt fcvt getopt_long getpeereid memmove pstat setproctitle setsid sigprocmask sysconf waitpid dlopen fdatasync]) AC_CHECK_DECLS(fdatasync, [], [], [#include <unistd.h>]) diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml index 4eeb5f5dff3..c4d4af12513 100644 --- a/doc/src/sgml/client-auth.sgml +++ b/doc/src/sgml/client-auth.sgml @@ -1,5 +1,5 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.41 2002/11/15 03:11:15 momjian Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.42 2002/12/03 21:50:44 momjian Exp $ --> <chapter id="client-authentication"> @@ -318,7 +318,8 @@ hostssl <replaceable>database</replaceable> <replaceable>user</replaceable> < support Unix-domain socket credentials (currently <systemitem class=osname>Linux</>, <systemitem class=osname>FreeBSD</>, <systemitem class=osname>NetBSD</>, - and <systemitem class=osname>BSD/OS</>). + <systemitem class=osname>OpenBSD</>, and + <systemitem class=osname>BSD/OS</>). </para> <para> diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c index cda4bc93aeb..396347945e3 100644 --- a/src/backend/libpq/hba.c +++ b/src/backend/libpq/hba.c @@ -10,7 +10,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/libpq/hba.c,v 1.87 2002/09/04 20:31:19 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/libpq/hba.c,v 1.88 2002/12/03 21:50:44 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -1216,7 +1216,34 @@ ident_inet(const struct in_addr remote_ip_addr, static bool ident_unix(int sock, char *ident_user) { -#if defined(SO_PEERCRED) +#if defined(HAVE_GETPEEREID) + /* OpenBSD style: */ + uid_t uid; + gid_t gid; + struct passwd *pass; + + errno = 0; + if (getpeereid(sock,&uid,&gid) != 0) + { + /* We didn't get a valid credentials struct. */ + elog(LOG, "ident_unix: error receiving credentials: %m"); + return false; + } + + pass = getpwuid(uid); + + if (pass == NULL) + { + elog(LOG, "ident_unix: unknown local user with uid %d", + (int) uid); + return false; + } + + StrNCpy(ident_user, pass->pw_name, IDENT_USERNAME_MAX + 1); + + return true; + +#elsif defined(SO_PEERCRED) /* Linux style: use getsockopt(SO_PEERCRED) */ struct ucred peercred; ACCEPT_TYPE_ARG3 so_len = sizeof(peercred); |