Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets

> <<On Thu, 16 Aug 2001 00:34:14 -0400 (EDT), Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> said:
>
> > OK, here is a cleaned up version of the patch that will apply to current
> > CVS. I worked it into the SO_PEERCRED code. I made some changes so it
> > compiles on BSD/OS. I am getting "Invalid Argument" from libpq's
> > sending of the credentials on BSD/OS.
>
> There are some funky alignment macros that you probably need to use on
> BSD/OS. Also, as written this will break on NetBSD and OpenBSD for
> reasons I have already noted (the structure is named something
> different there), and those systems will also require the alignment
> macros. (Basically, putting the two structures in another larger
> structure is a shortcut in my implementation which only works because
> the compiler puts the right amount of padding in; on those other
> systems, more padding is required.)

I got some more information this morning. First, BSD/OS doesn't like to
have the credentials record attached to the message. I was getting
"Invalid argument" when I did that. It just wants the packet. Second,
BSD/OS has a LOCAL_CREDS call to pass the credentials. I am working on
another patch but will get back to this shortly.

"To get credentials sent (once on a stream socket, every time on
a datagram socket) you just want to do a setsockopt() to set
the LOCAL_CREDS option:

int on = 1;
error = setsockopt(s, 0, LOCAL_CREDS, &on, sizeof on);

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026