Merge pull request #11026 from NixOS/backport-11022-to-2.20-maintenance

[Backport 2.20-maintenance] Use proper struct sockpeercred for SO_PEERCRED for OpenBSD

doc/manual/rl-next/harden-user-sandboxing.md

@@ -2,7 +2,6 @@
 synopsis: Harden the user sandboxing
 significance: significant
 issues:
-prs: <only provided once merged>
 ---
 
 The build directory has been hardened against interference with the outside world by nesting it inside another directory owned by (and only readable by) the daemon user.

src/nix/daemon.cc

@@ -202,7 +202,11 @@ static PeerInfo getPeerInfo(int remote)
 
 #if defined(SO_PEERCRED)
 
-    ucred cred;
+# if defined(__OpenBSD__)
+   struct sockpeercred cred;
+# else
+   ucred cred;
+# endif
     socklen_t credLen = sizeof(cred);
     if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) == -1)
         throw SysError("getting peer credentials");
@@ -210,9 +214,9 @@ static PeerInfo getPeerInfo(int remote)
 
 #elif defined(LOCAL_PEERCRED)
 
-#if !defined(SOL_LOCAL)
+# if !defined(SOL_LOCAL)
-#define SOL_LOCAL 0
+# define SOL_LOCAL 0
-#endif
+# endif
 
     xucred cred;
     socklen_t credLen = sizeof(cred);