summaryrefslogtreecommitdiff
path: root/open_issues/pflocal_socket_credentials_for_local_sockets.mdwn
blob: d252eb54d89a0c5d9432950ce8fdf5b0b08beafd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
[[!meta copyright="Copyright © 2011, 2013 Free Software Foundation, Inc."]]

[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
id="license" text="Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version 1.2 or
any later version published by the Free Software Foundation; with no Invariant
Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
is included in the section entitled [[GNU Free Documentation
License|/fdl]]."]]"""]]

[[!tag open_issue_hurd]]


# IRC, freenode, #hurd, 2011-03-28

    <pinotree> basically, i'm trying to implement socket credentials for local
      sockets, and i guessed doing it in pflocal would be the appropriate place
    <pinotree> what i thought was filling the cmsg data for MSG_CRED at
      S_socket_recv() call
    <pinotree> in case i missed it, would there be a way to "identify" the
      other side of the port associated to the sock_user of that call?
    <pochu> pinotree: that's needed by dbus right? cool! (and I don't know)
    <pinotree> (yes, and gamin)
    <youpi> pinotree: you have them already, they're just not stored
    <youpi> see S_io_reauthenticate
    <youpi> Throw away the ids we went through all that trouble to get...
    <youpi> (comment)
    * pinotree looks
    <pinotree> hm, and who calls that rpc?
    <youpi> everybody
    <youpi> since that's how ext2fs knows the permission to apply, for instance
    <pinotree> ah, i was referring to the reauthenticate of pflocal, not
      auth_server_authenticate()
    <youpi> that's what I'm saying
    <youpi> see __hurd_file_name_lookup_retry, which is the very internal part
      of open()
    <youpi> it calls io_reauthenticate()
    <youpi> to authenticate itself to the underlying translator of the opened
      node
    <pinotree> youpi: so, hm, could be an option make the result of pflocal's
      S_io_reauthenticate cached in the sock_user struct?
    <youpi> yes
    <pinotree> nice thanks, i will try that change first


# IRC, OFTC, #debian-hurd, 2013-02-20

    <pinotree> youpi: while debugging #700530, it seems that xorg does not have
      working socket credentials on kfreebsd (and hurd too)
    <pinotree> julien provided sune with
      http://people.debian.org/~jcristau/kbsd-peercred.diff to test, but of
      course that won't work for us (even if we would have working socket
      credentials with cmsg)
    <pinotree> (that patch is not tested yet)
    <pinotree> at least, we're aware there's another place in need for working
      socket credentials now
    <youpi> k
    <pinotree> youpi: (the patch above has been confirmed to work, with
      s/SOL_SOCKET/0/ )
    <youpi> 0 ?!
    <pinotree> yeah


---

See also [[pflocal_reauth]] and [[sendmsg_scm_creds]].