mirror of
https://github.com/NixOS/nix
synced 2024-09-19 10:50:24 -04:00
Merge pull request #11026 from NixOS/backport-11022-to-2.20-maintenance
[Backport 2.20-maintenance] Use proper struct sockpeercred for SO_PEERCRED for OpenBSD
This commit is contained in:
commit
1e896c1738
|
@ -2,7 +2,6 @@
|
||||||
synopsis: Harden the user sandboxing
|
synopsis: Harden the user sandboxing
|
||||||
significance: significant
|
significance: significant
|
||||||
issues:
|
issues:
|
||||||
prs: <only provided once merged>
|
|
||||||
---
|
---
|
||||||
|
|
||||||
The build directory has been hardened against interference with the outside world by nesting it inside another directory owned by (and only readable by) the daemon user.
|
The build directory has been hardened against interference with the outside world by nesting it inside another directory owned by (and only readable by) the daemon user.
|
||||||
|
|
|
@ -202,7 +202,11 @@ static PeerInfo getPeerInfo(int remote)
|
||||||
|
|
||||||
#if defined(SO_PEERCRED)
|
#if defined(SO_PEERCRED)
|
||||||
|
|
||||||
ucred cred;
|
# if defined(__OpenBSD__)
|
||||||
|
struct sockpeercred cred;
|
||||||
|
# else
|
||||||
|
ucred cred;
|
||||||
|
# endif
|
||||||
socklen_t credLen = sizeof(cred);
|
socklen_t credLen = sizeof(cred);
|
||||||
if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) == -1)
|
if (getsockopt(remote, SOL_SOCKET, SO_PEERCRED, &cred, &credLen) == -1)
|
||||||
throw SysError("getting peer credentials");
|
throw SysError("getting peer credentials");
|
||||||
|
@ -210,9 +214,9 @@ static PeerInfo getPeerInfo(int remote)
|
||||||
|
|
||||||
#elif defined(LOCAL_PEERCRED)
|
#elif defined(LOCAL_PEERCRED)
|
||||||
|
|
||||||
#if !defined(SOL_LOCAL)
|
# if !defined(SOL_LOCAL)
|
||||||
#define SOL_LOCAL 0
|
# define SOL_LOCAL 0
|
||||||
#endif
|
# endif
|
||||||
|
|
||||||
xucred cred;
|
xucred cred;
|
||||||
socklen_t credLen = sizeof(cred);
|
socklen_t credLen = sizeof(cred);
|
||||||
|
|
Loading…
Reference in a new issue