Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement IsClientAuthorized() for FreeBSD and stop failing open #209

Closed
wants to merge 2 commits into from
Closed

Implement IsClientAuthorized() for FreeBSD and stop failing open #209

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ad94750
auth.c: fail the build if we don't have an IsClientAuthorized()
kevans91 Sep 5, 2024
fa4225c
auth.c: implement polkit support for FreeBSD
kevans91 Sep 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 23 additions & 4 deletions src/auth.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,17 +51,32 @@

#include <errno.h>

#if defined(HAVE_POLKIT) && defined(SO_PEERCRED)
#if defined(HAVE_POLKIT) && (defined(SO_PEERCRED) || defined(LOCAL_PEERCRED))

#include <polkit/polkit.h>
#include <stdbool.h>

#ifdef __FreeBSD__
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't know much about socket authentication, but what about macOS? Is the struct xucred only used on FreeBSD? A quick Google search implies that it's also used on Mac. Would you mind explaining what ucred vs xucred is about?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

xucred is the ABI-stable userland export version (subset) of ucred -- if you have the former then the latter is considered kernel-only and it will populate an xucred for things in userland that want it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

macOS also seems to have LOCAL_PEERCRED, but I don't know what the polkit-on-macOS situation is like so I haven't bothered trying to expand it in that direction. Likely it also wants the xucred version of this.


#include <sys/ucred.h>
typedef struct xucred platform_cred;
#define CRED_PID(uc) (uc).cr_pid
#define CRED_UID(uc) (uc).cr_uid

#else

typedef struct ucred platform_cred;
#define CRED_PID(uc) (uc).pid
#define CRED_UID(uc) (uc).uid

#endif

extern bool disable_polkit;

/* Returns non zero when the client is authorized */
unsigned IsClientAuthorized(int socket, const char* action, const char* reader)
{
struct ucred cr;
platform_cred cr;
socklen_t cr_len;
int ret;
PolkitSubject *subject;
Expand All @@ -77,7 +92,11 @@ unsigned IsClientAuthorized(int socket, const char* action, const char* reader)
snprintf(action_name, sizeof(action_name), "org.debian.pcsc-lite.%s", action);

cr_len = sizeof(cr);
#ifdef LOCAL_PEERCRED
ret = getsockopt(socket, SOL_LOCAL, LOCAL_PEERCRED, &cr, &cr_len);
#else
ret = getsockopt(socket, SOL_SOCKET, SO_PEERCRED, &cr, &cr_len);
#endif
if (ret == -1)
{
#ifndef NO_LOG
Expand All @@ -97,7 +116,7 @@ unsigned IsClientAuthorized(int socket, const char* action, const char* reader)
return 0;
}

subject = polkit_unix_process_new_for_owner(cr.pid, 0, cr.uid);
subject = polkit_unix_process_new_for_owner(CRED_PID(cr), 0, CRED_UID(cr));
if (subject == NULL)
{
Log1(PCSC_LOG_CRITICAL, "polkit_unix_process_new_for_owner failed");
Expand Down Expand Up @@ -144,7 +163,7 @@ unsigned IsClientAuthorized(int socket, const char* action, const char* reader)
{
Log4(PCSC_LOG_CRITICAL,
"Process %u (user: %u) is NOT authorized for action: %s",
(unsigned)cr.pid, (unsigned)cr.uid, action);
(unsigned)CRED_PID(cr), (unsigned)CRED_UID(cr), action);
}

if (result)
Expand Down