1 --- src/tcs/rpc/tcstp/rpc_ps.c.orig	2011-03-23 11:01:54.707428173 -0700

     2 +++ src/tcs/rpc/tcstp/rpc_ps.c	2011-03-23 11:27:00.753845441 -0700

     3 @@ -26,6 +26,29 @@

     4  #include "tcs_utils.h"

     5  #include "rpc_tcstp_tcs.h"

     6  

     7 +#ifdef SOLARIS

     8 +#include <ucred.h>

     9 +#include <errno.h>

    10 +

    11 +static TSS_RESULT

    12 +verify_peer(struct tcsd_thread_data *data)

    13 +{

    14 +	ucred_t *uc = NULL;

    15 +	if (getpeerucred(data->sock, &uc)) {

    16 +		LogError("Failed to get peer credential (%s)",

    17 +		    strerror(errno));

    18 +		return TCSERR(TSS_E_TSP_AUTHFAIL);

    19 +	}

    20 +	if (ucred_geteuid(uc) != 0) {

    21 +		LogError("Unauthorized attempt to modify a system key",

    22 +		    strerror(errno));

    23 +		ucred_free(uc);

    24 +		return TCSERR(TSS_E_TSP_AUTHFAIL);

    25 +	}

    26 +	ucred_free(uc);

    27 +	return (TSS_SUCCESS);

    28 +}

    29 +#endif

    30  

    31  TSS_RESULT

    32  tcs_wrap_RegisterKey(struct tcsd_thread_data *data)

    33 @@ -38,6 +61,10 @@

    34  	UINT32 cVendorData;

    35  	BYTE *gbVendorData;

    36  	TSS_RESULT result;

    37 +#ifdef SOLARIS

    38 +	if ( (result = verify_peer(data)) != TSS_SUCCESS)

    39 +		return (result);

    40 +#endif

    41  

    42  	if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))

    43  		return TCSERR(TSS_E_INTERNAL_ERROR);

    44 @@ -99,6 +126,10 @@

    45  	TCS_CONTEXT_HANDLE hContext;

    46  	TSS_UUID uuid;

    47  	TSS_RESULT result;

    48 +#ifdef SOLARIS

    49 +	if ( (result = verify_peer(data)) != TSS_SUCCESS)

    50 +		return (result);

    51 +#endif

    52  

    53  	if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))

    54  		return TCSERR(TSS_E_INTERNAL_ERROR);