Hopefully fix some of the bugs in passing credentials over UNIX domain sockets.

Make struct cmessage visible from socket.h (about 4 places were
defining it for themselves which wasn't good)

Make __rpc_get_local_uid() useable and give it prototype that's
visible.

Fix some issues with printing out usernames from rpcbind and keyserv.

6 files changed, 15 insertions, 92 deletions

diff --git a/usr.sbin/keyserv/Makefile b/usr.sbin/keyserv/Makefile
index ea8d9f4..169a9d5 100644
--- a/usr.sbin/keyserv/Makefile
+++ b/usr.sbin/keyserv/Makefile
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PROG=	keyserv
-SRCS=	keyserv.c setkey.c keyserv_uid.c crypt_svc.c crypt_server.c crypt.h
+SRCS=	keyserv.c setkey.c crypt_svc.c crypt_server.c crypt.h
 
 CFLAGS+= -DKEYSERV_RANDOM -DBROKEN_DES -I.
 .if $(OBJFORMAT) == elf
diff --git a/usr.sbin/keyserv/keyserv.c b/usr.sbin/keyserv/keyserv.c
index 9a156d5..6486c0f 100644
--- a/usr.sbin/keyserv/keyserv.c
+++ b/usr.sbin/keyserv/keyserv.c
@@ -741,7 +741,7 @@ root_auth(trans, rqstp)
 		return (0);
 	}
 
-	if (__rpc_get_local_uid(&uid, trans) < 0) {
+	if (__rpc_get_local_uid(trans, &uid) < 0) {
 		if (debugging)
 			fprintf(stderr, "__rpc_get_local_uid failed\n");
 		return (0);
diff --git a/usr.sbin/keyserv/keyserv.h b/usr.sbin/keyserv/keyserv.h
index 6e2402d..0cc6a36 100644
--- a/usr.sbin/keyserv/keyserv.h
+++ b/usr.sbin/keyserv/keyserv.h
@@ -1,4 +1,6 @@
-
+/*
+ * $FreeBSD$
+ */
 extern void setmodulus __P((char *modx));
 
 extern keystatus pk_setkey __P(( uid_t, keybuf ));;
@@ -9,7 +11,6 @@ extern keystatus pk_netget __P(( uid_t, key_netstarg * ));
 extern keystatus pk_get_conv_key __P(( uid_t, keybuf, cryptkeyres * ));
 extern void pk_nodefaultkeys __P(( void ));
 
-extern int __rpc_get_local_uid __P(( uid_t * , SVCXPRT * ));
 extern void crypt_prog_1 __P(( struct svc_req *, register SVCXPRT * ));
 extern void load_des __P(( int, char * ));
 
diff --git a/usr.sbin/keyserv/keyserv_uid.c b/usr.sbin/keyserv/keyserv_uid.c
deleted file mode 100644
index 8a46fd1..0000000
--- a/usr.sbin/keyserv/keyserv_uid.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright (c) 1996
- *	Bill Paul <wpaul@ctr.columbia.edu>.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *	This product includes software developed by Bill Paul.
- * 4. Neither the name of the author nor the names of any co-contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL Bill Paul OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <signal.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <rpc/key_prot.h>
-#include <rpc/des.h>
-#include <sys/socket.h>
-#include <sys/param.h>
-
-#include "keyserv.h"
-
-#ifndef lint
-static const char rcsid[] =
-  "$FreeBSD$";
-#endif
-
-/*
- * XXX should be declared somewhere
- */
-struct cmessage {
-	struct cmsghdr cmsg;
-	struct cmsgcred cmcred;
-};
-
-int
-__rpc_get_local_uid(uid, transp)
-	uid_t *uid;
-	SVCXPRT *transp;
-{
-	struct cmessage *cm;
-
-	if (transp->xp_verf.oa_length < sizeof(struct cmessage) ||
-		transp->xp_verf.oa_base == NULL ||
-		transp->xp_verf.oa_flavor != AUTH_UNIX)
-		return(-1);
-
-	cm = (struct cmessage *)transp->xp_verf.oa_base;
-	if (cm->cmsg.cmsg_type != SCM_CREDS)
-		return(-1);
-
-	*uid = cm->cmcred.cmcred_euid;
-	return(0);
-}
diff --git a/usr.sbin/rpcbind/pmap_svc.c b/usr.sbin/rpcbind/pmap_svc.c
index b2cedd9..26467d1 100644
--- a/usr.sbin/rpcbind/pmap_svc.c
+++ b/usr.sbin/rpcbind/pmap_svc.c
@@ -173,7 +173,7 @@ pmapproc_change(struct svc_req *rqstp, SVCXPRT *xprt, unsigned long op)
 	RPCB rpcbreg;
 	long ans;
 	struct sockaddr_in *who;
-	struct cmsgcred *cmcred;
+	uid_t uid;
 	char uidbuf[32];
 
 #ifdef RPCBIND_DEBUG
@@ -194,19 +194,18 @@ pmapproc_change(struct svc_req *rqstp, SVCXPRT *xprt, unsigned long op)
 	}
 
 	who = svc_getcaller(xprt);
-	cmcred = __svc_getcallercreds(xprt);
 
 	/*
 	 * Can't use getpwnam here. We might end up calling ourselves
 	 * and looping.
 	 */
-	if (cmcred == NULL)
+	if (__rpc_get_local_uid(xprt, &uid) < 0)
 		rpcbreg.r_owner = "unknown";
-	else if (cmcred->cmcred_uid == 0)
+	else if (uid == 0)
 		rpcbreg.r_owner = "superuser";
 	else {
 		/* r_owner will be strdup-ed later */
-		snprintf(uidbuf, sizeof uidbuf, "%d", cmcred->cmcred_uid);
+		snprintf(uidbuf, sizeof uidbuf, "%d", uid);
 		rpcbreg.r_owner = uidbuf;
 	}
 
diff --git a/usr.sbin/rpcbind/rpcb_svc_com.c b/usr.sbin/rpcbind/rpcb_svc_com.c
index e0c7487..55264c0 100644
--- a/usr.sbin/rpcbind/rpcb_svc_com.c
+++ b/usr.sbin/rpcbind/rpcb_svc_com.c
@@ -1348,15 +1348,14 @@ find_service(rpcprog_t prog, rpcvers_t vers, char *netid)
 static char *
 getowner(SVCXPRT *transp, char *owner, size_t ownersize)
 {
-	struct cmsgcred *cmcred;
-
-	cmcred = __svc_getcallercreds(transp);
-	if (cmcred == NULL)
-		strlcpy(owner, "unknown", ownersize);
-	else if (cmcred->cmcred_uid == 0)
+	uid_t uid;
+ 
+	if (__rpc_get_local_uid(transp, &uid) < 0)
+                strlcpy(owner, "unknown", ownersize);
+	else if (uid == 0)
 		strlcpy(owner, "superuser", ownersize);
 	else
-		snprintf(owner, ownersize, "%d", cmcred->cmcred_uid);
+		snprintf(owner, ownersize, "%d", uid);  
 
 	return owner;
 }