1 /* $NetBSD: server.c,v 1.3 2007/03/18 10:00:42 plunky Exp $ */
2
3 /*-
4 * Copyright (c) 2006 Itronix Inc.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of Itronix Inc. may not be used to endorse
16 * or promote products derived from this software without specific
17 * prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY ITRONIX INC. ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ITRONIX INC. BE LIABLE FOR ANY
23 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
24 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
26 * ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31 /*
32 * server.c
33 *
34 * Copyright (c) 2004 Maksim Yevmenkin <m_evmenkin@yahoo.com>
35 * All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 *
46 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56 * SUCH DAMAGE.
57 *
58 * $Id: server.c,v 1.1.1.1 2007/11/20 11:56:11 griffin Exp $
59 * $FreeBSD: src/usr.sbin/bluetooth/sdpd/server.c,v 1.2 2005/12/06 17:56:36 emax Exp $
60 */
61
62 #include <sys/param.h>
63 #include <sys/select.h>
64 #include <sys/stat.h>
65 #include <sys/queue.h>
66 #include <sys/ucred.h>
67 #include <sys/un.h>
68 #include <sys/uio.h>
69 #include <netinet/in.h>
70 #include <arpa/inet.h>
71 #include <assert.h>
72 #include <bluetooth.h>
73 #include <errno.h>
74 #include <grp.h>
75 #include <pwd.h>
76 #include <sdp.h>
77 #include <stdio.h>
78 #include <stdlib.h>
79 #include <string.h>
80 #include <unistd.h>
81 #include "log.h"
82 #include "profile.h"
83 #include "provider.h"
84 #include "server.h"
85
86 static void server_accept_client (server_p srv, int32_t fd);
87 static int32_t server_process_request (server_p srv, int32_t fd);
88 static int32_t server_send_error_response (server_p srv, int32_t fd,
89 uint16_t error);
90 static void server_close_fd (server_p srv, int32_t fd);
91 #if 0 /* XXX */
92 static int server_auth_check (server_p srv, struct sockcred *cred);
93 static int server_auth_check (server_p srv, struct cmsgcred *cred);
94 #endif
95
96 /*
97 * Initialize server
98 */
99
100 int32_t
server_init(server_p srv,char const * control,char const * sgroup)101 server_init(server_p srv, char const *control, char const *sgroup)
102 {
103 struct sockaddr_un un;
104 struct sockaddr_bt l2;
105 socklen_t size;
106 int32_t unsock, l2sock;
107 uint16_t imtu;
108 int opt;
109
110 assert(srv != NULL);
111 assert(control != NULL);
112
113 memset(srv, 0, sizeof(struct server));
114 srv->sgroup = sgroup;
115
116 /* Open control socket */
117 if (unlink(control) < 0 && errno != ENOENT) {
118 log_crit("Could not unlink(%s). %s (%d)",
119 control, strerror(errno), errno);
120 return (-1);
121 }
122
123 unsock = socket(PF_LOCAL, SOCK_STREAM, 0);
124 if (unsock < 0) {
125 log_crit("Could not create control socket. %s (%d)",
126 strerror(errno), errno);
127 return (-1);
128 }
129
130 opt = 1;
131 #if 0
132 if (setsockopt(unsock, 0, LOCAL_CREDS, &opt, sizeof(opt)) < 0)
133 log_crit("Warning: No credential checks on control socket");
134 #endif
135 memset(&un, 0, sizeof(un));
136 un.sun_len = sizeof(un);
137 un.sun_family = AF_LOCAL;
138 strlcpy(un.sun_path, control, sizeof(un.sun_path));
139
140 if (bind(unsock, (struct sockaddr *) &un, sizeof(un)) < 0) {
141 log_crit("Could not bind control socket. %s (%d)",
142 strerror(errno), errno);
143 close(unsock);
144 return (-1);
145 }
146
147 if (chmod(control, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH) < 0) {
148 log_crit("Could not change permissions on control socket. " \
149 "%s (%d)", strerror(errno), errno);
150 close(unsock);
151 return (-1);
152 }
153
154 if (listen(unsock, 10) < 0) {
155 log_crit("Could not listen on control socket. %s (%d)",
156 strerror(errno), errno);
157 close(unsock);
158 return (-1);
159 }
160
161 /* Open L2CAP socket */
162 l2sock = socket(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP);
163 if (l2sock < 0) {
164 log_crit("Could not create L2CAP socket. %s (%d)",
165 strerror(errno), errno);
166 close(unsock);
167 return (-1);
168 }
169
170 size = sizeof(imtu);
171 if (getsockopt(l2sock, BTPROTO_L2CAP, SO_L2CAP_IMTU, &imtu, &size) < 0) {
172 log_crit("Could not get L2CAP IMTU. %s (%d)",
173 strerror(errno), errno);
174 close(unsock);
175 close(l2sock);
176 return (-1);
177 }
178
179 memset(&l2, 0, sizeof(l2));
180 l2.bt_len = sizeof(l2);
181 l2.bt_family = AF_BLUETOOTH;
182 l2.bt_psm = L2CAP_PSM_SDP;
183 bdaddr_copy(&l2.bt_bdaddr, BDADDR_ANY);
184
185 if (bind(l2sock, (struct sockaddr *) &l2, sizeof(l2)) < 0) {
186 log_crit("Could not bind L2CAP socket. %s (%d)",
187 strerror(errno), errno);
188 close(unsock);
189 close(l2sock);
190 return (-1);
191 }
192
193 if (listen(l2sock, 10) < 0) {
194 log_crit("Could not listen on L2CAP socket. %s (%d)",
195 strerror(errno), errno);
196 close(unsock);
197 close(l2sock);
198 return (-1);
199 }
200
201 /* Allocate incoming buffer */
202 srv->imtu = (imtu > SDP_LOCAL_MTU)? imtu : SDP_LOCAL_MTU;
203 srv->req = (uint8_t *) calloc(srv->imtu, sizeof(srv->req[0]));
204 if (srv->req == NULL) {
205 log_crit("Could not allocate request buffer");
206 close(unsock);
207 close(l2sock);
208 return (-1);
209 }
210
211 /* Allocate memory for descriptor index */
212 srv->fdidx = (fd_idx_p) calloc(FD_SETSIZE, sizeof(srv->fdidx[0]));
213 if (srv->fdidx == NULL) {
214 log_crit("Could not allocate fd index");
215 free(srv->req);
216 close(unsock);
217 close(l2sock);
218 return (-1);
219 }
220
221 /* Register Service Discovery profile (attach it to control socket) */
222 if (provider_register_sd(unsock) < 0) {
223 log_crit("Could not register Service Discovery profile");
224 free(srv->fdidx);
225 free(srv->req);
226 close(unsock);
227 close(l2sock);
228 return (-1);
229 }
230
231 /*
232 * If we got here then everything is fine. Add both control sockets
233 * to the index.
234 */
235
236 FD_ZERO(&srv->fdset);
237 srv->maxfd = (unsock > l2sock)? unsock : l2sock;
238
239 FD_SET(unsock, &srv->fdset);
240 srv->fdidx[unsock].valid = 1;
241 srv->fdidx[unsock].server = 1;
242 srv->fdidx[unsock].control = 1;
243 srv->fdidx[unsock].priv = 0;
244 srv->fdidx[unsock].rsp_cs = 0;
245 srv->fdidx[unsock].rsp_size = 0;
246 srv->fdidx[unsock].rsp_limit = 0;
247 srv->fdidx[unsock].omtu = SDP_LOCAL_MTU;
248 srv->fdidx[unsock].rsp = NULL;
249
250 FD_SET(l2sock, &srv->fdset);
251 srv->fdidx[l2sock].valid = 1;
252 srv->fdidx[l2sock].server = 1;
253 srv->fdidx[l2sock].control = 0;
254 srv->fdidx[l2sock].priv = 0;
255 srv->fdidx[l2sock].rsp_cs = 0;
256 srv->fdidx[l2sock].rsp_size = 0;
257 srv->fdidx[l2sock].rsp_limit = 0;
258 srv->fdidx[l2sock].omtu = 0; /* unknown */
259 srv->fdidx[l2sock].rsp = NULL;
260
261 return (0);
262 }
263
264 /*
265 * Shutdown server
266 */
267
268 void
server_shutdown(server_p srv)269 server_shutdown(server_p srv)
270 {
271 int fd;
272
273 assert(srv != NULL);
274
275 for (fd = 0; fd < srv->maxfd + 1; fd ++)
276 if (srv->fdidx[fd].valid)
277 server_close_fd(srv, fd);
278
279 free(srv->req);
280 free(srv->fdidx);
281
282 memset(srv, 0, sizeof(*srv));
283 }
284
285 /*
286 * Do one server iteration
287 */
288
289 int32_t
server_do(server_p srv)290 server_do(server_p srv)
291 {
292 fd_set fdset;
293 int32_t n, fd;
294
295 assert(srv != NULL);
296
297 /* Copy cached version of the fd set and call select */
298 memcpy(&fdset, &srv->fdset, sizeof(fdset));
299 n = select(srv->maxfd + 1, &fdset, NULL, NULL, NULL);
300 if (n < 0) {
301 if (errno == EINTR)
302 return (0);
303
304 log_err("Could not select(%d, %p). %s (%d)",
305 srv->maxfd + 1, &fdset, strerror(errno), errno);
306
307 return (-1);
308 }
309
310 /* Process descriptors */
311 for (fd = 0; fd < srv->maxfd + 1 && n > 0; fd ++) {
312 if (!FD_ISSET(fd, &fdset))
313 continue;
314
315 assert(srv->fdidx[fd].valid);
316 n --;
317
318 if (srv->fdidx[fd].server)
319 server_accept_client(srv, fd);
320 else if (server_process_request(srv, fd) != 0)
321 server_close_fd(srv, fd);
322 }
323
324 return (0);
325
326 }
327
328 /*
329 * Accept new client connection and register it with index
330 */
331
332 static void
server_accept_client(server_p srv,int32_t fd)333 server_accept_client(server_p srv, int32_t fd)
334 {
335 uint8_t *rsp = NULL;
336 socklen_t size;
337 int32_t cfd;
338 uint16_t omtu;
339
340 do {
341 cfd = accept(fd, NULL, NULL);
342 } while (cfd < 0 && errno == EINTR);
343
344 if (cfd < 0) {
345 log_err("Could not accept connection on %s socket. %s (%d)",
346 srv->fdidx[fd].control? "control" : "L2CAP",
347 strerror(errno), errno);
348 return;
349 }
350
351 assert(!FD_ISSET(cfd, &srv->fdset));
352 assert(!srv->fdidx[cfd].valid);
353
354 if (!srv->fdidx[fd].control) {
355 /* Get local BD_ADDR */
356 size = sizeof(srv->req_sa);
357 if (getsockname(cfd,(struct sockaddr*)&srv->req_sa, &size) < 0) {
358 log_err("Could not get local BD_ADDR. %s (%d)",
359 strerror(errno), errno);
360 close(cfd);
361 return;
362 }
363
364 /* Get outgoing MTU */
365 size = sizeof(omtu);
366 if (getsockopt(cfd, BTPROTO_L2CAP, SO_L2CAP_OMTU, &omtu, &size) < 0) {
367 log_err("Could not get L2CAP OMTU. %s (%d)",
368 strerror(errno), errno);
369 close(cfd);
370 return;
371 }
372
373 /*
374 * The maximum size of the L2CAP packet is 65536 bytes.
375 * The minimum L2CAP MTU is 43 bytes. That means we need
376 * 65536 / 43 = ~1524 chunks to transfer maximum packet
377 * size with minimum MTU. The "rsp_cs" field in fd_idx_t
378 * is 11 bit wide that gives us upto 2048 chunks.
379 */
380
381 if (omtu < L2CAP_MTU_MINIMUM) {
382 log_err("L2CAP OMTU is too small (%d bytes)", omtu);
383 close(cfd);
384 return;
385 }
386 } else {
387 bdaddr_copy(&srv->req_sa.bt_bdaddr, BDADDR_ANY);
388 omtu = srv->fdidx[fd].omtu;
389 }
390
391 /*
392 * Allocate buffer. This is an overkill, but we can not know how
393 * big our reply is going to be.
394 */
395
396 rsp = (uint8_t *) calloc(L2CAP_MTU_MAXIMUM, sizeof(rsp[0]));
397 if (rsp == NULL) {
398 log_crit("Could not allocate response buffer");
399 close(cfd);
400 return;
401 }
402
403 /* Add client descriptor to the index */
404 FD_SET(cfd, &srv->fdset);
405 if (srv->maxfd < cfd)
406 srv->maxfd = cfd;
407 srv->fdidx[cfd].valid = 1;
408 srv->fdidx[cfd].server = 0;
409 srv->fdidx[cfd].control = srv->fdidx[fd].control;
410 srv->fdidx[cfd].priv = 0;
411 srv->fdidx[cfd].rsp_cs = 0;
412 srv->fdidx[cfd].rsp_size = 0;
413 srv->fdidx[cfd].rsp_limit = 0;
414 srv->fdidx[cfd].omtu = omtu;
415 srv->fdidx[cfd].rsp = rsp;
416 }
417
418 /*
419 * Process request from the client
420 */
421
422 static int32_t
server_process_request(server_p srv,int32_t fd)423 server_process_request(server_p srv, int32_t fd)
424 {
425 uint8_t ctl[128];
426 sdp_pdu_p pdu = (sdp_pdu_p) srv->req;
427 struct msghdr msg;
428 struct iovec iov;
429 int32_t len, error;
430 #if 0 /* XXX */
431 struct cmsghdr *cmsg;
432 #endif
433
434 assert(srv->imtu > 0);
435 assert(srv->req != NULL);
436 assert(FD_ISSET(fd, &srv->fdset));
437 assert(srv->fdidx[fd].valid);
438 assert(!srv->fdidx[fd].server);
439 assert(srv->fdidx[fd].rsp != NULL);
440 assert(srv->fdidx[fd].omtu >= L2CAP_MTU_MINIMUM);
441
442 iov.iov_base = srv->req;
443 iov.iov_len = srv->imtu;
444
445 msg.msg_name = NULL;
446 msg.msg_namelen = 0;
447 msg.msg_iov = &iov;
448 msg.msg_iovlen = 1;
449 msg.msg_control = ctl;
450 msg.msg_controllen = sizeof(ctl);
451 msg.msg_flags = 0;
452
453 do {
454 len = recvmsg(fd, &msg, 0);
455 } while (len < 0 && errno == EINTR);
456
457 if (len < 0) {
458 log_err("Could not receive SDP request from %s socket. %s (%d)",
459 srv->fdidx[fd].control? "control" : "L2CAP",
460 strerror(errno), errno);
461 return (-1);
462 }
463 if (len == 0) {
464 log_info("Client on %s socket has disconnected",
465 srv->fdidx[fd].control? "control" : "L2CAP");
466 return (-1);
467 }
468
469 #if 0 /* XXX */
470 if ((cmsg = CMSG_FIRSTHDR(&msg)) != NULL
471 && cmsg->cmsg_level == SOL_SOCKET
472 && cmsg->cmsg_type == SCM_CREDS
473 #if 0
474 && cmsg->cmsg_len >= CMSG_LEN(SOCKCREDSIZE(0))
475 #endif
476 )
477 srv->fdidx[fd].priv =
478 server_auth_check(srv, (struct cmsgcred *)CMSG_DATA(cmsg));
479 #if 0
480 server_auth_check(srv, (struct sockcred *)CMSG_DATA(cmsg));
481 #endif
482 #else
483 srv->fdidx[fd].priv = 1;
484 #endif
485
486 if (len >= sizeof(*pdu)
487 && (sizeof(*pdu) + (pdu->len = ntohs(pdu->len))) == len) {
488 switch (pdu->pid) {
489 case SDP_PDU_SERVICE_SEARCH_REQUEST:
490 error = server_prepare_service_search_response(srv, fd);
491 break;
492
493 case SDP_PDU_SERVICE_ATTRIBUTE_REQUEST:
494 error = server_prepare_service_attribute_response(srv, fd);
495 break;
496
497 case SDP_PDU_SERVICE_SEARCH_ATTRIBUTE_REQUEST:
498 error = server_prepare_service_search_attribute_response(srv, fd);
499 break;
500
501 case SDP_PDU_SERVICE_REGISTER_REQUEST:
502 error = server_prepare_service_register_response(srv, fd);
503 break;
504
505 case SDP_PDU_SERVICE_UNREGISTER_REQUEST:
506 error = server_prepare_service_unregister_response(srv, fd);
507 break;
508
509 case SDP_PDU_SERVICE_CHANGE_REQUEST:
510 error = server_prepare_service_change_response(srv, fd);
511 break;
512
513 default:
514 error = SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
515 break;
516 }
517 } else
518 error = SDP_ERROR_CODE_INVALID_PDU_SIZE;
519
520 if (error == 0) {
521 switch (pdu->pid) {
522 case SDP_PDU_SERVICE_SEARCH_REQUEST:
523 error = server_send_service_search_response(srv, fd);
524 break;
525
526 case SDP_PDU_SERVICE_ATTRIBUTE_REQUEST:
527 error = server_send_service_attribute_response(srv, fd);
528 break;
529
530 case SDP_PDU_SERVICE_SEARCH_ATTRIBUTE_REQUEST:
531 error = server_send_service_search_attribute_response(srv, fd);
532 break;
533
534 case SDP_PDU_SERVICE_REGISTER_REQUEST:
535 error = server_send_service_register_response(srv, fd);
536 break;
537
538 case SDP_PDU_SERVICE_UNREGISTER_REQUEST:
539 error = server_send_service_unregister_response(srv, fd);
540 break;
541
542 case SDP_PDU_SERVICE_CHANGE_REQUEST:
543 error = server_send_service_change_response(srv, fd);
544 break;
545
546 default:
547 error = SDP_ERROR_CODE_INVALID_REQUEST_SYNTAX;
548 break;
549 }
550
551 if (error != 0)
552 log_err("Could not send SDP response to %s socket, " \
553 "pdu->pid=%d, pdu->tid=%d, error=%d",
554 srv->fdidx[fd].control? "control" : "L2CAP",
555 pdu->pid, ntohs(pdu->tid), error);
556 } else {
557 log_err("Could not process SDP request from %s socket, " \
558 "pdu->pid=%d, pdu->tid=%d, pdu->len=%d, len=%d, " \
559 "error=%d",
560 srv->fdidx[fd].control? "control" : "L2CAP",
561 pdu->pid, ntohs(pdu->tid), pdu->len, len, error);
562
563 error = server_send_error_response(srv, fd, error);
564 if (error != 0)
565 log_err("Could not send SDP error response to %s " \
566 "socket, pdu->pid=%d, pdu->tid=%d, error=%d",
567 srv->fdidx[fd].control? "control" : "L2CAP",
568 pdu->pid, ntohs(pdu->tid), error);
569 }
570
571 /* On error forget response (if any) */
572 if (error != 0) {
573 srv->fdidx[fd].rsp_cs = 0;
574 srv->fdidx[fd].rsp_size = 0;
575 srv->fdidx[fd].rsp_limit = 0;
576 }
577
578 return (error);
579 }
580
581 /*
582 * Send SDP_Error_Response PDU
583 */
584
585 static int32_t
server_send_error_response(server_p srv,int32_t fd,uint16_t error)586 server_send_error_response(server_p srv, int32_t fd, uint16_t error)
587 {
588 int32_t size;
589
590 struct {
591 sdp_pdu_t pdu;
592 uint16_t error;
593 } __attribute__ ((packed)) rsp;
594
595 /* Prepare and send SDP error response */
596 rsp.pdu.pid = SDP_PDU_ERROR_RESPONSE;
597 rsp.pdu.tid = ((sdp_pdu_p)(srv->req))->tid;
598 rsp.pdu.len = htons(sizeof(rsp.error));
599 rsp.error = htons(error);
600
601 do {
602 size = write(fd, &rsp, sizeof(rsp));
603 } while (size < 0 && errno == EINTR);
604
605 return ((size < 0)? errno : 0);
606 }
607
608 /*
609 * Close descriptor and remove it from index
610 */
611
612 static void
server_close_fd(server_p srv,int32_t fd)613 server_close_fd(server_p srv, int32_t fd)
614 {
615 provider_p provider = NULL, provider_next = NULL;
616
617 assert(FD_ISSET(fd, &srv->fdset));
618 assert(srv->fdidx[fd].valid);
619
620 close(fd);
621
622 FD_CLR(fd, &srv->fdset);
623 if (fd == srv->maxfd)
624 srv->maxfd --;
625
626 if (srv->fdidx[fd].rsp != NULL)
627 free(srv->fdidx[fd].rsp);
628
629 memset(&srv->fdidx[fd], 0, sizeof(srv->fdidx[fd]));
630
631 for (provider = provider_get_first();
632 provider != NULL;
633 provider = provider_next) {
634 provider_next = provider_get_next(provider);
635
636 if (provider->fd == fd)
637 provider_unregister(provider);
638 }
639 }
640
641 #if 0 /* XXX */
642 static int
643 /*server_auth_check(server_p srv, struct sockcred *cred)*/
644 server_auth_check(server_p srv, struct cmsgcred *cred)
645 {
646 struct group *grp;
647 int n;
648
649 if (cred == NULL)
650 return 0;
651
652 if (cred->cmcred_uid == 0 || cred->cmcred_euid == 0)
653 return 1;
654
655 if (srv->sgroup == NULL)
656 return 0;
657
658 grp = getgrnam(srv->sgroup);
659 if (grp == NULL) {
660 log_err("No gid for group '%s'", srv->sgroup);
661 srv->sgroup = NULL;
662 return 0;
663 }
664
665
666 if (cred->cmcred_gid == grp->gr_gid)
667 return 1;
668
669 for (n = 0 ; n < cred->cmcred_ngroups ; n++) {
670 if (cred->cmcred_groups[n] == grp->gr_gid)
671 return 1;
672 }
673
674 return 0;
675 }
676 #endif
677