Reviewed by: the cast of thousands

This is the change to struct sockets that gets rid of so_uid and replaces
it with a much more useful struct pcred *so_cred. This is here to be able
to do socket-level credential checks (i.e. IPFW uid/gid support, to be added
to HEAD soon). Along with this comes an update to pidentd which greatly
simplifies the code necessary to get a uid from a socket. Soon to come:
a sysctl() interface to finding individual sockets' credentials.

1 files changed, 11 insertions, 4 deletions

diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
index 8e911b6..3bda374 100644
--- a/sys/kern/uipc_socket.c
+++ b/sys/kern/uipc_socket.c
@@ -31,18 +31,19 @@
  * SUCH DAMAGE.
  *
  *	@(#)uipc_socket.c	8.3 (Berkeley) 4/15/94
- *	$Id: uipc_socket.c,v 1.58 1999/05/21 15:54:40 ache Exp $
+ *	$Id: uipc_socket.c,v 1.59 1999/06/04 02:27:02 peter Exp $
  */
 
 #include <sys/param.h>
 #include <sys/systm.h>
-#include <sys/proc.h>
 #include <sys/fcntl.h>
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/domain.h>
 #include <sys/kernel.h>
+#include <sys/malloc.h>
 #include <sys/poll.h>
+#include <sys/proc.h>
 #include <sys/protosw.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
@@ -124,8 +125,10 @@ socreate(dom, aso, type, proto, p)
 	TAILQ_INIT(&so->so_incomp);
 	TAILQ_INIT(&so->so_comp);
 	so->so_type = type;
-	if (p != 0)
-		so->so_uid = p->p_ucred->cr_uid;
+	if (p) {
+		so->so_cred = p->p_cred;
+		so->so_cred->p_refcnt++;
+	} else so->so_cred = NULL;
 	so->so_proto = prp;
 	error = (*prp->pr_usrreqs->pru_attach)(so, proto, p);
 	if (error) {
@@ -156,6 +159,10 @@ sodealloc(so)
 	struct socket *so;
 {
 	so->so_gencnt = ++so_gencnt;
+	if (so->so_cred && --so->so_cred->p_refcnt == 0) {
+		crfree(so->so_cred->pc_ucred);
+		FREE(so->so_cred, M_SUBPROC);
+	}
 	zfreei(so->so_zone, so);
 }