| 1 | /* GIO - GLib Input, Output and Streaming Library |
|---|
| 2 | * |
|---|
| 3 | * Copyright 2013 Red Hat, Inc. |
|---|
| 4 | * |
|---|
| 5 | * This library is free software; you can redistribute it and/or |
|---|
| 6 | * modify it under the terms of the GNU Lesser General Public |
|---|
| 7 | * License as published by the Free Software Foundation; either |
|---|
| 8 | * version 2.1 of the License, or (at your option) any later version. |
|---|
| 9 | * |
|---|
| 10 | * This library is distributed in the hope that it will be useful, |
|---|
| 11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
|---|
| 12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|---|
| 13 | * Lesser General Public License for more details. |
|---|
| 14 | * |
|---|
| 15 | * You should have received a copy of the GNU Lesser General |
|---|
| 16 | * Public License along with this library; if not, see <http://www.gnu.org/licenses/>. |
|---|
| 17 | */ |
|---|
| 18 | |
|---|
| 19 | #ifndef __G_CREDENTIALS_PRIVATE_H__ |
|---|
| 20 | #define __G_CREDENTIALS_PRIVATE_H__ |
|---|
| 21 | |
|---|
| 22 | #include "gio/gcredentials.h" |
|---|
| 23 | #include "gio/gnetworking.h" |
|---|
| 24 | |
|---|
| 25 | /* |
|---|
| 26 | * G_CREDENTIALS_SUPPORTED: |
|---|
| 27 | * |
|---|
| 28 | * Defined to 1 if GCredentials works. |
|---|
| 29 | */ |
|---|
| 30 | #undef G_CREDENTIALS_SUPPORTED |
|---|
| 31 | |
|---|
| 32 | /* |
|---|
| 33 | * G_CREDENTIALS_USE_LINUX_UCRED, etc.: |
|---|
| 34 | * |
|---|
| 35 | * Defined to 1 if GCredentials uses Linux `struct ucred`, etc. |
|---|
| 36 | */ |
|---|
| 37 | #undef G_CREDENTIALS_USE_LINUX_UCRED |
|---|
| 38 | #undef G_CREDENTIALS_USE_FREEBSD_CMSGCRED |
|---|
| 39 | #undef G_CREDENTIALS_USE_NETBSD_UNPCBID |
|---|
| 40 | #undef G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED |
|---|
| 41 | #undef G_CREDENTIALS_USE_SOLARIS_UCRED |
|---|
| 42 | #undef G_CREDENTIALS_USE_APPLE_XUCRED |
|---|
| 43 | |
|---|
| 44 | /* |
|---|
| 45 | * G_CREDENTIALS_NATIVE_TYPE: |
|---|
| 46 | * |
|---|
| 47 | * Defined to one of G_CREDENTIALS_TYPE_LINUX_UCRED, etc. |
|---|
| 48 | */ |
|---|
| 49 | #undef G_CREDENTIALS_NATIVE_TYPE |
|---|
| 50 | |
|---|
| 51 | /* |
|---|
| 52 | * G_CREDENTIALS_NATIVE_SIZE: |
|---|
| 53 | * |
|---|
| 54 | * Defined to the size of the %G_CREDENTIALS_NATIVE_TYPE |
|---|
| 55 | */ |
|---|
| 56 | #undef G_CREDENTIALS_NATIVE_SIZE |
|---|
| 57 | |
|---|
| 58 | /* |
|---|
| 59 | * G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED: |
|---|
| 60 | * |
|---|
| 61 | * Defined to 1 if we have a message-passing API in which credentials |
|---|
| 62 | * are attached to a particular message, such as `SCM_CREDENTIALS` on Linux |
|---|
| 63 | * or `SCM_CREDS` on FreeBSD. |
|---|
| 64 | */ |
|---|
| 65 | #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED |
|---|
| 66 | |
|---|
| 67 | /* |
|---|
| 68 | * G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED: |
|---|
| 69 | * |
|---|
| 70 | * Defined to 1 if we have a `getsockopt()`-style API in which one end of |
|---|
| 71 | * a socket connection can directly query the credentials of the process |
|---|
| 72 | * that initiated the other end, such as `getsockopt SO_PEERCRED` on Linux |
|---|
| 73 | * or `getpeereid()` on multiple operating systems. |
|---|
| 74 | */ |
|---|
| 75 | #undef G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED |
|---|
| 76 | |
|---|
| 77 | /* |
|---|
| 78 | * G_CREDENTIALS_SPOOFING_SUPPORTED: |
|---|
| 79 | * |
|---|
| 80 | * Defined to 1 if privileged processes can spoof their credentials when |
|---|
| 81 | * using the message-passing API. |
|---|
| 82 | */ |
|---|
| 83 | #undef G_CREDENTIALS_SPOOFING_SUPPORTED |
|---|
| 84 | |
|---|
| 85 | /* |
|---|
| 86 | * G_CREDENTIALS_PREFER_MESSAGE_PASSING: |
|---|
| 87 | * |
|---|
| 88 | * Defined to 1 if the data structure transferred by the message-passing |
|---|
| 89 | * API is strictly more informative than the one transferred by the |
|---|
| 90 | * `getsockopt()`-style API, and hence should be preferred, even for |
|---|
| 91 | * protocols like D-Bus that are defined in terms of the credentials of |
|---|
| 92 | * the (process that opened the) socket, as opposed to the credentials |
|---|
| 93 | * of an individual message. |
|---|
| 94 | */ |
|---|
| 95 | #undef G_CREDENTIALS_PREFER_MESSAGE_PASSING |
|---|
| 96 | |
|---|
| 97 | /* |
|---|
| 98 | * G_CREDENTIALS_HAS_PID: |
|---|
| 99 | * |
|---|
| 100 | * Defined to 1 if the %G_CREDENTIALS_NATIVE_TYPE contains the process ID. |
|---|
| 101 | */ |
|---|
| 102 | #undef G_CREDENTIALS_HAS_PID |
|---|
| 103 | |
|---|
| 104 | #ifdef __linux__ |
|---|
| 105 | #define G_CREDENTIALS_SUPPORTED 1 |
|---|
| 106 | #define G_CREDENTIALS_USE_LINUX_UCRED 1 |
|---|
| 107 | #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_LINUX_UCRED |
|---|
| 108 | #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct ucred)) |
|---|
| 109 | #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1 |
|---|
| 110 | #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1 |
|---|
| 111 | #define G_CREDENTIALS_SPOOFING_SUPPORTED 1 |
|---|
| 112 | #define G_CREDENTIALS_HAS_PID 1 |
|---|
| 113 | |
|---|
| 114 | #elif defined(__FreeBSD__) || \ |
|---|
| 115 | defined(__FreeBSD_kernel__) /* Debian GNU/kFreeBSD */ || \ |
|---|
| 116 | defined(__GNU__) /* GNU Hurd */ || \ |
|---|
| 117 | defined(__DragonFly__) /* DragonFly BSD */ |
|---|
| 118 | #define G_CREDENTIALS_SUPPORTED 1 |
|---|
| 119 | #define G_CREDENTIALS_USE_FREEBSD_CMSGCRED 1 |
|---|
| 120 | #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED |
|---|
| 121 | #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct cmsgcred)) |
|---|
| 122 | #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1 |
|---|
| 123 | #define G_CREDENTIALS_SPOOFING_SUPPORTED 1 |
|---|
| 124 | /* GLib doesn't implement it yet, but FreeBSD's getsockopt()-style API |
|---|
| 125 | * is getpeereid(), which is not as informative as struct cmsgcred - |
|---|
| 126 | * it does not tell us the PID. As a result, libdbus prefers to use |
|---|
| 127 | * SCM_CREDS, and if we implement getpeereid() in future, we should |
|---|
| 128 | * do the same. */ |
|---|
| 129 | #define G_CREDENTIALS_PREFER_MESSAGE_PASSING 1 |
|---|
| 130 | #define G_CREDENTIALS_HAS_PID 1 |
|---|
| 131 | |
|---|
| 132 | #elif defined(__NetBSD__) |
|---|
| 133 | #define G_CREDENTIALS_SUPPORTED 1 |
|---|
| 134 | #define G_CREDENTIALS_USE_NETBSD_UNPCBID 1 |
|---|
| 135 | #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_NETBSD_UNPCBID |
|---|
| 136 | #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct unpcbid)) |
|---|
| 137 | /* #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED */ |
|---|
| 138 | #define G_CREDENTIALS_SPOOFING_SUPPORTED 1 |
|---|
| 139 | #define G_CREDENTIALS_HAS_PID 1 |
|---|
| 140 | |
|---|
| 141 | #elif defined(__OpenBSD__) |
|---|
| 142 | #define G_CREDENTIALS_SUPPORTED 1 |
|---|
| 143 | #define G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED 1 |
|---|
| 144 | #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED |
|---|
| 145 | #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct sockpeercred)) |
|---|
| 146 | #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1 |
|---|
| 147 | #define G_CREDENTIALS_SPOOFING_SUPPORTED 1 |
|---|
| 148 | #define G_CREDENTIALS_HAS_PID 1 |
|---|
| 149 | |
|---|
| 150 | #elif defined(__sun__) || defined(__illumos__) || defined (__OpenSolaris_kernel__) |
|---|
| 151 | #include <ucred.h> |
|---|
| 152 | #define G_CREDENTIALS_SUPPORTED 1 |
|---|
| 153 | #define G_CREDENTIALS_USE_SOLARIS_UCRED 1 |
|---|
| 154 | #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_SOLARIS_UCRED |
|---|
| 155 | #define G_CREDENTIALS_NATIVE_SIZE (ucred_size ()) |
|---|
| 156 | #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1 |
|---|
| 157 | #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1 |
|---|
| 158 | #define G_CREDENTIALS_HAS_PID 1 |
|---|
| 159 | |
|---|
| 160 | #elif defined(__APPLE__) |
|---|
| 161 | #include <sys/ucred.h> |
|---|
| 162 | #define G_CREDENTIALS_SUPPORTED 1 |
|---|
| 163 | #define G_CREDENTIALS_USE_APPLE_XUCRED 1 |
|---|
| 164 | #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_APPLE_XUCRED |
|---|
| 165 | #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct xucred)) |
|---|
| 166 | #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED |
|---|
| 167 | #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1 |
|---|
| 168 | #define G_CREDENTIALS_SPOOFING_SUPPORTED 1 |
|---|
| 169 | #define G_CREDENTIALS_HAS_PID 0 |
|---|
| 170 | |
|---|
| 171 | #endif |
|---|
| 172 | |
|---|
| 173 | #endif /* __G_CREDENTIALS_PRIVATE_H__ */ |
|---|
| 174 | |
|---|
