aboutsummaryrefslogtreecommitdiff
path: root/src/backend/libpq/auth.c
diff options
context:
space:
mode:
authorPeter Eisentraut <peter_e@gmx.net>2008-11-18 13:10:20 +0000
committerPeter Eisentraut <peter_e@gmx.net>2008-11-18 13:10:20 +0000
commitf426fbf746c37da76dd5aae2ecf6593d64678f4a (patch)
tree4cc0fb86ca2ca06b830ed82621704a603574b6b1 /src/backend/libpq/auth.c
parent29ad832dba35445a3f904cd934c581f94f75fcd5 (diff)
downloadpostgresql-f426fbf746c37da76dd5aae2ecf6593d64678f4a.tar.gz
postgresql-f426fbf746c37da76dd5aae2ecf6593d64678f4a.zip
Ident authentication over Unix-domain sockets on Solaris, using
getpeerucred() function. Author: Garick Hamlin <ghamlin@isc.upenn.edu>
Diffstat (limited to 'src/backend/libpq/auth.c')
-rw-r--r--src/backend/libpq/auth.c42
1 files changed, 41 insertions, 1 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index e89b040b67e..bccb0a516f2 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.170 2008/10/28 12:10:43 mha Exp $
+ * $PostgreSQL: pgsql/src/backend/libpq/auth.c,v 1.171 2008/11/18 13:10:20 petere Exp $
*
*-------------------------------------------------------------------------
*/
@@ -21,6 +21,9 @@
#include <sys/uio.h>
#include <sys/ucred.h>
#endif
+#ifdef HAVE_UCRED_H
+# include <ucred.h>
+#endif
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
@@ -1612,6 +1615,43 @@ ident_unix(int sock, char *ident_user)
strlcpy(ident_user, pass->pw_name, IDENT_USERNAME_MAX + 1);
return true;
+#elif defined(HAVE_GETPEERUCRED)
+ /* Solaris > 10 */
+ uid_t uid;
+ struct passwd *pass;
+ ucred_t *ucred;
+
+ ucred = NULL; /* must be initialized to NULL */
+ if (getpeerucred(sock, &ucred) == -1)
+ {
+ ereport(LOG,
+ (errcode_for_socket_access(),
+ errmsg("could not get peer credentials: %m")));
+ return false;
+ }
+
+ if ((uid = ucred_geteuid(ucred)) == -1)
+ {
+ ereport(LOG,
+ (errcode_for_socket_access(),
+ errmsg("could not get effective UID from peer credentials: %m")));
+ return false;
+ }
+
+ ucred_free(ucred);
+
+ pass = getpwuid(uid);
+ if (pass == NULL)
+ {
+ ereport(LOG,
+ (errmsg("local user with ID %d does not exist",
+ (int) uid)));
+ return false;
+ }
+
+ strlcpy(ident_user, pass->pw_name, IDENT_USERNAME_MAX + 1);
+
+ return true;
#elif defined(HAVE_STRUCT_CMSGCRED) || defined(HAVE_STRUCT_FCRED) || (defined(HAVE_STRUCT_SOCKCRED) && defined(LOCAL_CREDS))
struct msghdr msg;
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 13:45:40 +0000