Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets

> Bruce Momjian writes:
>
> > OK, here is an even better version. It handles the lack of alignment in
> > the the structure passing. This works on BSD/OS and should work on
> > FreeBSD too.
>
> Since this patch overwrites the previous SO_PEERCRED patch I assume you
> want it to work on Linux, too. On Linux SCM_CREDS is called

Actually, I made the test for CRED's before PEER because I thought
CRED's was more portable, and because there is a test where I ask for a
dummy send so I can get the creds and if I did PEER first, I would have
to do an #ifdef PEER then #ifdef SCM which seemed kind of weird. I did
document that I was defining CRED first. I can easily prefer PEER if
people think that is better.

> SCM_CREDENTIALS. There's no sys/ucred.h (use sys/socket.h instead), and

Interesting. Should we remove PEER and go with some kind of CRED's on
all platforms? Remember, PEER hasn't been released yet in our code. It
came from Debian and was only used there in a beta release.

> there's no fc_uid, though I don't know what that does. The invocation
> changes to StrNCpy look suspicious; see the comment at StrNCpy in c.h. In
> one place you include errno.h twice.

I see:

char ident_user[IDENT_USERNAME_MAX + 1];

with StrNCpy as:

StrNCpy(ident_user, pw->pw_name, IDENT_USERNAME_MAX+1);

Am I missing something?

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026