1 /* GIO - GLib Input, Output and Streaming Library
2  *
3  * Copyright 2013 Red Hat, Inc.
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Lesser General Public
7  * License as published by the Free Software Foundation; either
8  * version 2.1 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13  * Lesser General Public License for more details.
14  *
15  * You should have received a copy of the GNU Lesser General
16  * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
17  */
18 
19 #ifndef __G_CREDENTIALS_PRIVATE_H__
20 #define __G_CREDENTIALS_PRIVATE_H__
21 
22 #include "gio/gcredentials.h"
23 #include "gio/gnetworking.h"
24 
25 /*
26  * G_CREDENTIALS_SUPPORTED:
27  *
28  * Defined to 1 if GCredentials works.
29  */
30 #undef G_CREDENTIALS_SUPPORTED
31 
32 /*
33  * G_CREDENTIALS_USE_LINUX_UCRED, etc.:
34  *
35  * Defined to 1 if GCredentials uses Linux `struct ucred`, etc.
36  */
37 #undef G_CREDENTIALS_USE_LINUX_UCRED
38 #undef G_CREDENTIALS_USE_FREEBSD_CMSGCRED
39 #undef G_CREDENTIALS_USE_NETBSD_UNPCBID
40 #undef G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED
41 #undef G_CREDENTIALS_USE_SOLARIS_UCRED
42 #undef G_CREDENTIALS_USE_APPLE_XUCRED
43 
44 /*
45  * G_CREDENTIALS_NATIVE_TYPE:
46  *
47  * Defined to one of G_CREDENTIALS_TYPE_LINUX_UCRED, etc.
48  */
49 #undef G_CREDENTIALS_NATIVE_TYPE
50 
51 /*
52  * G_CREDENTIALS_NATIVE_SIZE:
53  *
54  * Defined to the size of the %G_CREDENTIALS_NATIVE_TYPE
55  */
56 #undef G_CREDENTIALS_NATIVE_SIZE
57 
58 /*
59  * G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED:
60  *
61  * Defined to 1 if we have a message-passing API in which credentials
62  * are attached to a particular message, such as `SCM_CREDENTIALS` on Linux
63  * or `SCM_CREDS` on FreeBSD.
64  */
65 #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED
66 
67 /*
68  * G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED:
69  *
70  * Defined to 1 if we have a `getsockopt()`-style API in which one end of
71  * a socket connection can directly query the credentials of the process
72  * that initiated the other end, such as `getsockopt SO_PEERCRED` on Linux
73  * or `getpeereid()` on multiple operating systems.
74  */
75 #undef G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED
76 
77 /*
78  * G_CREDENTIALS_SPOOFING_SUPPORTED:
79  *
80  * Defined to 1 if privileged processes can spoof their credentials when
81  * using the message-passing API.
82  */
83 #undef G_CREDENTIALS_SPOOFING_SUPPORTED
84 
85 /*
86  * G_CREDENTIALS_PREFER_MESSAGE_PASSING:
87  *
88  * Defined to 1 if the data structure transferred by the message-passing
89  * API is strictly more informative than the one transferred by the
90  * `getsockopt()`-style API, and hence should be preferred, even for
91  * protocols like D-Bus that are defined in terms of the credentials of
92  * the (process that opened the) socket, as opposed to the credentials
93  * of an individual message.
94  */
95 #undef G_CREDENTIALS_PREFER_MESSAGE_PASSING
96 
97 /*
98  * G_CREDENTIALS_HAS_PID:
99  *
100  * Defined to 1 if the %G_CREDENTIALS_NATIVE_TYPE contains the process ID.
101  */
102 #undef G_CREDENTIALS_HAS_PID
103 
104 #ifdef __linux__
105 #define G_CREDENTIALS_SUPPORTED 1
106 #define G_CREDENTIALS_USE_LINUX_UCRED 1
107 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_LINUX_UCRED
108 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct ucred))
109 #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1
110 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
111 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
112 #define G_CREDENTIALS_HAS_PID 1
113 
114 #elif defined(__FreeBSD__)                                  || \
115       defined(__FreeBSD_kernel__) /* Debian GNU/kFreeBSD */ || \
116       defined(__GNU__)            /* GNU Hurd */            || \
117       defined(__DragonFly__)      /* DragonFly BSD */
118 #define G_CREDENTIALS_SUPPORTED 1
119 #define G_CREDENTIALS_USE_FREEBSD_CMSGCRED 1
120 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_FREEBSD_CMSGCRED
121 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct cmsgcred))
122 #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1
123 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
124 /* GLib doesn't implement it yet, but FreeBSD's getsockopt()-style API
125  * is getpeereid(), which is not as informative as struct cmsgcred -
126  * it does not tell us the PID. As a result, libdbus prefers to use
127  * SCM_CREDS, and if we implement getpeereid() in future, we should
128  * do the same. */
129 #define G_CREDENTIALS_PREFER_MESSAGE_PASSING 1
130 #define G_CREDENTIALS_HAS_PID 1
131 
132 #elif defined(__NetBSD__)
133 #define G_CREDENTIALS_SUPPORTED 1
134 #define G_CREDENTIALS_USE_NETBSD_UNPCBID 1
135 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_NETBSD_UNPCBID
136 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct unpcbid))
137 /* #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED */
138 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
139 #define G_CREDENTIALS_HAS_PID 1
140 
141 #elif defined(__OpenBSD__)
142 #define G_CREDENTIALS_SUPPORTED 1
143 #define G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED 1
144 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_OPENBSD_SOCKPEERCRED
145 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct sockpeercred))
146 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
147 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
148 #define G_CREDENTIALS_HAS_PID 1
149 
150 #elif defined(__sun__) || defined(__illumos__) || defined (__OpenSolaris_kernel__)
151 #include <ucred.h>
152 #define G_CREDENTIALS_SUPPORTED 1
153 #define G_CREDENTIALS_USE_SOLARIS_UCRED 1
154 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_SOLARIS_UCRED
155 #define G_CREDENTIALS_NATIVE_SIZE (ucred_size ())
156 #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1
157 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
158 #define G_CREDENTIALS_HAS_PID 1
159 
160 #elif defined(__APPLE__)
161 #include <sys/ucred.h>
162 #define G_CREDENTIALS_SUPPORTED 1
163 #define G_CREDENTIALS_USE_APPLE_XUCRED 1
164 #define G_CREDENTIALS_NATIVE_TYPE G_CREDENTIALS_TYPE_APPLE_XUCRED
165 #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct xucred))
166 #undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED
167 #define G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED 1
168 #define G_CREDENTIALS_SPOOFING_SUPPORTED 1
169 #define G_CREDENTIALS_HAS_PID 0
170 
171 #endif
172 
173 #endif /* __G_CREDENTIALS_PRIVATE_H__ */
174