Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets

> <<On Thu, 16 Aug 2001 00:34:14 -0400 (EDT), Bruce Momjian <pgman@candle.pha.pa.us> said:
>
> > OK, here is a cleaned up version of the patch that will apply to current
> > CVS.  I worked it into the SO_PEERCRED code.  I made some changes so it
> > compiles on BSD/OS.  I am getting "Invalid Argument" from libpq's
> > sending of the credentials on BSD/OS.
>
> There are some funky alignment macros that you probably need to use on
> BSD/OS.  Also, as written this will break on NetBSD and OpenBSD for
> reasons I have already noted (the structure is named something
> different there), and those systems will also require the alignment
> macros.  (Basically, putting the two structures in another larger
> structure is a shortcut in my implementation which only works because
> the compiler puts the right amount of padding in; on those other
> systems, more padding is required.)

I got some more information this morning.  First, BSD/OS doesn't like to
have the credentials record attached to the message.  I was getting
"Invalid argument" when I did that.  It just wants the packet.  Second,
BSD/OS has a LOCAL_CREDS call to pass the credentials.  I am working on
another patch but will get back to this shortly.

        "To get credentials sent (once on a stream socket, every time on
         a datagram socket) you just want to do a setsockopt() to set
         the LOCAL_CREDS option:

         int on = 1;
         error = setsockopt(s, 0, LOCAL_CREDS, &on, sizeof on);

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026